PoC: Copy Data into Remote Process Address Space with Window Messages

This post is the story of an unuseful fuzzer that became an unuseful but funny PoC. These days I have been playing with window messages and I would like to share some notes about the behavior of some messages, such as WM_SETTEXT or WM_COPYDATA, and a tiny PoC to execute code into explorer.exe process by using these messages and SetThreadContext. This is not about a bug or vulnerability, these window messages work as expected. It is only some ideas about using these messages in a tricky way to put our data into the address space of some target processes.