{"id":5742,"date":"2018-12-26T00:53:32","date_gmt":"2018-12-26T00:53:32","guid":{"rendered":"http:\/\/www.hexacorn.com\/blog\/?p=5742"},"modified":"2018-12-26T00:53:34","modified_gmt":"2018-12-26T00:53:34","slug":"beyond-good-ol-run-key-part-97","status":"publish","type":"post","link":"https:\/\/www.hexacorn.com\/blog\/2018\/12\/26\/beyond-good-ol-run-key-part-97\/","title":{"rendered":"Beyond good ol\u2019 Run key, Part 97"},"content":{"rendered":"\n

When I explore new persistence mechanisms, I usually try to focus on a native OS functionality. The main reason for such approach is the omnipresence of these mechanisms – they can be used on most versions of the Windows OS no matter what other software is present.<\/p>\n\n\n\n

Every once in a while I do look at other persistence ‘vectors’ tho. Ones that focus on popular applications e.g. Office<\/a>, Total Commander<\/a>, popular<\/a> archivers<\/a>, email<\/a> or torrent<\/a> clients. They are so prevalent that they form a separate ‘cloud’ of apps that can be abused for persistence simply because they are so popular.<\/p>\n\n\n\n

Today’s subject is a software that is very unusual – the burning software. 15 years ago everyone was using it. Today it’s really a bit of a remnant of the good old times. I have not burnt a single CD\/DVD since 2009-2010. I really can’t recall any instance where I would do so within last 8 years. The cloud, the USB 3.0, and capacity of external drives pretty much rendered media burning obsolete.<\/p>\n\n\n\n

Except, according to my quick Twitter quiz<\/a> question many still use it.<\/p>\n\n\n\n

Nero was and still is one of the best media burning applications. While I won’t cover its features in detail I do want to acknowledge its role in shaping the media burning industry – at some stage it was a staple program used by many ‘burners’.<\/p>\n\n\n\n

Its popularity, even today, can be used for not-so-nice-reasons.<\/p>\n\n\n\n

How?<\/p>\n\n\n\n

The simplest way is to drop a fake plug-in inside the following location:<\/p>\n\n\n\n