IIRC that check was/is done in user32.dll in the CreateProcess function, so it's checked in usermode and you can just hook the registry APIs and filter out anything related to group policy in order to bypass it. You could probably just call NtCreateProcess in ntdll.dll and save yourself the trouble, but I'm not sure if that's available to limited users.
netdroid9
@netdroid9
Best posts made by netdroid9
Latest posts made by netdroid9
-
RE: Minor Solitaire WTF
-
RE: Zero based indexing gone too far
Programing languages like C and C++ are designed to abstract the hardware without sacrificing the ability to manipulate said hardware at a low level. Hence why most operating systems are written in C, with only a comparatively small amount of assembly for interrupts, traps and other super-low-level things to jump into. 0-based offsets to pointers are used in these programming languages because the hardware uses 0-based offsets. Arrays also use 0-based offsets because arrays in these languages are generally used as shorthand for pointers. Languages like Java and C# could use 1-based indexing, but this would break convention, make it even harder to interface between these languages and code written in existing languages and make it difficult to represent things like cartesian planes.
-
RE: A couple of Visual Studio WTFs - Warning:Large Images
Hmm... What happens if you hit * to expand the tree on a singleton expression..?