Whole-known-network
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@shriramk" class="u-url mention">@<span>shriramk</span></a></span> congratulations, so glad you're back on the road!</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@shriramk" class="u-url mention">@<span>shriramk</span></a></span> ugh, do NOT get me started on narrow definitions of "research" and the privileging of research over everything else, ESPECIALLY ACTUAL UTILITY</p>
<p>this binary extensively uses the "RtlNtStatusToDosErrorNoTeb" import</p><p>none of these words are in the bible</p>
<p>Recovery milestone: first day biking to work in just over a year. (Means my ankle is comfortable enough unclipping quickly, so I can ride in traffic if needed.)</p>
<p><span class="h-card" translate="no"><a href="https://ioc.exchange/@azonenberg" class="u-url mention">@<span>azonenberg</span></a></span> <span class="h-card" translate="no"><a href="https://digipres.club/@misty" class="u-url mention">@<span>misty</span></a></span> so far i haven't found any place where it would do a string comparison with "setup" or "install", which is intriguing</p>
<p><span class="h-card" translate="no"><a href="https://types.pl/@bhaktishh" class="u-url mention">@<span>bhaktishh</span></a></span> also the jobs are limited if you don’t want to destroy the world using either nukes or financial instruments</p>
<p><span class="h-card" translate="no"><a href="https://digipres.club/@misty" class="u-url mention">@<span>misty</span></a></span> so, I'm currently looking at appinfo.dll (the service it uses for elevation), consent.exe (the thing that shows the consen prompt) and the library that gets compiled into other applications that invokes the elevation</p><p>the code there is horrifyingly convoluted and i may not be qualified enough to figure out exactly where it's doing that. i'll spend another hour or two on it then do something else with my life</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> Oh nice find, thank you! I’d looked for the group policy they documented but it didn’t seem to be there on my system(??)</p>
<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> <span class="h-card" translate="no"><a href="https://digipres.club/@misty" class="u-url mention">@<span>misty</span></a></span> I know most programs with "setup" or "install" in the name get the same treatment too. But i dont think I've ever seen a complete list of the filters it uses so will be interesting to see what you find.</p>
