Cool exploit with @0x999.net:
He found that \x7F breaks Chrome's "Copy as cURL (cmd)" command parsing in Windows Console Host. In combination with a ", it allowed you to add any arguments to curl.
With -o writing files is easy, but we need the username for the startup path... (1/2)
