From e1958457fb7d86a8d0abc9fd2b90751debd98c60 Mon Sep 17 00:00:00 2001
From: dpcpointer <heapallocation@proton.me>
Date: Wed, 28 May 2025 19:21:22 -0600
Subject: [PATCH] Create README.md

---
 README.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c18a4eb
--- /dev/null
+++ b/README.md
@@ -0,0 +1,15 @@
+simple method.
+
+__int64 NtCompareSigningLevels()
+{
+  int v0; // eax
+
+  v0 = 0;
+  if ( function_pointer )
+    v0 = ((__int64 (*)(void))function_pointer)();
+  return v0 == 0 ? 0xC0000428 : 0;
+}
+
+this loads a qword into r9 from a var.
+
+we use pdfwkrnl's memcpy vulnerable function to swap this pointer to our kernel function.