So many lolbins…<\/p>\n\n\n\n
There is a class of Dell-written launchers that are very demanding. In order to use any of them to launch a program we need to use a 6-level directory traversal.<\/p>\n\n\n\n
Why?<\/p>\n\n\n\n
Because it relies on GetPrinterDriverDirectory<\/a><\/em> API to retrieve a path where the file it expects to see will be launched from (the path resolves to C:\\Windows\\system32\\spool\\DRIVERS\\W32X86<\/em> on 32-bit Windows). And then, depending on the OS major version (5<\/em> or 6<\/em>), it appends additional subfolder path (2<\/em> or 3<\/em>) to it. <\/p>\n\n\n\n In other words, to run c:\\windows\\system32\\notepad.exe<\/em>, one has to run the following:<\/p>\n\n\n\n <sample> ..\\..\\..\\..\\..\\..\\windows\\system32\\notepad.exe<\/p><\/blockquote>\n\n\n\n Samples: So many lolbins… There is a class of Dell-written launchers that are very demanding. In order to use any of them to launch a program we need to use a 6-level directory traversal. Why? Because it relies on GetPrinterDriverDirectory API … Continue reading
0B7F97EC4792A65D5DFA596F2693E8ADBFBDBA340BF300BDB761B483D6922FF9
E11DFC77E4B9570425FAAAC65B26070448E83EB7B9451AA5A9B0B61F1E8FBCA6<\/p>\n","protected":false},"excerpt":{"rendered":"