Firstly, a folder is created in the temp directory, and the properties of the folder are opened using SHObjectProperties. To retrieve the handle of the window independently of the system language, EnumWindows is used with a callback function that checks for the distinct folder name in every open window. Through the properties page, the change …
Continue reading “IconJector – Exploiting Windows Explorer With DLL Injection Through Icon Changes”