Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Grzegorz Tworek Profile picture
Grzegorz Tworek
@0gtweet
My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Sep 16, 2023 4 tweets 2 min read
As no one knew a working example, I had to weaponize GPO Extensions on my own 😎
The practice is a bit harder than just dropping a DLL and new key in Winlogon\GPExtensions. I believe there is a simpler way, but this one works. Unfortunately it requires AD connectivity.
A 🧵⤵ Image 1. Create the DLL exporting PFNPROCESSGROUPPOLICY callback function, as defined at
2. "return 0" is enough for the code.
3. The real code can be put into DllMain(), of course it works.
4. Make a key in Windows NT\CurrentVersion\Winlogon\GPExtensions.learn.microsoft.com/en-us/windows/…