top | item 42096819

(no title)

I suspect this is where Windows backwards compatibility bites them a bit. I've got a very old tool [1] that uses WriteProcessMemory and CreateRemoteThread to create a thread in the command process that launched it to remotely change the directory in that process.

It works to this day, despite looking exactly like what malware would do. My tool is nothing in the grand scheme, but I suspect I'm not the only one doing these sort of shenanigans, and no doubt some big important app is doing it and can't be bothered to fix itself, so MS is stuck supporting it.

[1] https://github.com/seligman/ccd

discuss

No comments yet.