When writing contents of the files, WinRAR performs path normalization that removes appended spaces, because Windows doesn’t allow files with trailing spaces. Finally, WinRAR calls ShellExecuteExW, passing the non-normalized path with a trailing space “%TEMP%{random_directory}poc.png_” to run the user-selected file. Internally, ShellExecute attempts to identify file extensions by calling “shell32!PathFindExtension” which fails because extensions with […]