diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..378eac2
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+build
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..711a38f
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "common"]
+	path = common
+	url = https://github.com/MTK-bypass/exploit_common
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..d64f462
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,2 @@
+PAYLOAD_CPU = mt6765
+include common/common.mk
diff --git a/common b/common
new file mode 160000
index 0000000..f055e3e
--- /dev/null
+++ b/common
@@ -0,0 +1 @@
+Subproject commit f055e3ec01ad0e8804220b0053d8d22b2c113784
diff --git a/device.c b/device.c
new file mode 100644
index 0000000..e9296e6
--- /dev/null
+++ b/device.c
@@ -0,0 +1,15 @@
+#include "common/device.h"
+
+void (*send_usb_response)(int, int, int) = (void*)0x2D2B;
+
+int (*usbdl_put_dword)() = (void*)0xBCD3;
+int (*usbdl_put_data)() = (void*)0xBDA3;
+int (*usbdl_get_data)() = (void*)0xBD15;
+
+volatile uint32_t *uart_reg0 = (volatile uint32_t*)0x11002014;
+volatile uint32_t *uart_reg1 = (volatile uint32_t*)0x11002000;
+
+volatile char *sla_passed = (volatile char *)0x102860;
+volatile uint32_t *skip_auth_1 = (volatile uint32_t *)0x102A8C;
+volatile uint32_t *skip_auth_2 = (volatile uint32_t *)0x102A94;
+
diff --git a/mt6765_config.json5 b/mt6765_config.json5
new file mode 100644
index 0000000..56b74fe
--- /dev/null
+++ b/mt6765_config.json5
@@ -0,0 +1,6 @@
+{
+    "hw_code": 0x766,
+    "watchdog_address": 0x10007000,
+    "var_0": 0x2C,
+    "var_1": 0x25
+}