Thanks for the replies, everybody! Curt's really on the ball. You're on the ball, Curt!
I had sort of expected there'd be a gamut of ways to print but not necessarily to file.
Why'd I read this in the middle ofvthe night. Start the day right. Start the day right.
Search found 198 matches
- Thu May 14, 2015 5:49 pm
- Forum: Beta Version 4.17
- Topic: 4.17 Beta Available (Latest Version 4.17.8)
- Replies: 208
- Views: 65832
- Wed May 13, 2015 5:34 pm
- Forum: Problem Reports
- Topic: SBIE1241 Cannot mount registry hive(trying start elsword.exe
- Replies: 17
- Views: 3471
Re: SBIE1241 Cannot mount registry hive(trying start elsword
Elsword - Sandboxie 4.13.2 - last working version? Sandboxie 4.13.3 - first broken version! You will know the game has loaded further when you receive this message: SBIE2103 Denied attempt to load system driver 'dump_wmimmc [ElswordBox]' The game may still start? I am presented with a Log-in / Regis...
- Wed May 13, 2015 7:39 am
- Forum: Beta Version 4.17
- Topic: 4.17 Beta Available (Latest Version 4.17.8)
- Replies: 208
- Views: 65832
Re: 4.17 Beta Available (Latest Version 4.17.5)
@Curt: Regarding Chrome setup SBIE error, fixing it shall solve a great many inexplicable error reports ... It is not box_name but FileRootPath where occurs the sporadic problem. box_name of course dictates FileRootPath where %SANDBOX% is specified. e.g. fail FileRootPath=C:\Sandbox\BUCKAROO\0 pass...
- Tue May 12, 2015 10:26 pm
- Forum: Feature Requests
- Topic: SandBoxIE to harden SRP (software restriction policy)?
- Replies: 36
- Views: 7230
Re: SandBoxIE to harden SRP (software restriction policy)?
Cool, catBot. Your test will be the first true test.
Try a PoC that is if you want to receive ANY relevant output from DebugView (unless you're using the verbose OutputDebug\ dll).
Just don't visit this other thread, else feelings of despair could engulf you.
Try a PoC that is if you want to receive ANY relevant output from DebugView (unless you're using the verbose OutputDebug\ dll).
Just don't visit this other thread, else feelings of despair could engulf you.
- Tue May 12, 2015 9:51 pm
- Forum: Beta Version 4.17
- Topic: 4.17 Beta Available (Latest Version 4.17.8)
- Replies: 208
- Views: 65832
Re: 4.17 Beta Available (Latest Version 4.17.5)
For clarity, what is a "session"? Here, session, in theory, should mean from Sandbox active until inactive (no processes resident). I guess that's what Curt, the dev, is shooting for. Tests show that session in 4.17.5 seems to mean for only this process [pid] (not for others in the Sandbox). Theref...
- Mon May 11, 2015 10:03 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
Might only be a matter of modifying access rights on a process object? Lazy, don't know. OpenProcess doesn't even fail... silent fail? I was going to trace into the undocumented call, but it's kernelmode (I don't know what else I was expecting). That is as far as I go. I never thought this part to b...
- Mon May 11, 2015 12:21 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
Curt@invincea is on the case as of . . . some minutes ago. :) I am not super knowledgeable but the Chrome Renderer sandbox is more locked down than Sandboxied programs, or should I say was? I don't feel like hooking or devising shellcode to inject into the Chrome Renderer to find out. But can confir...
- Sun May 10, 2015 9:19 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
As far as undoing all Sandboxie's security/restrictions (including "anonymous logon"), privilege is graduated, yes it is. Child processes spawned of possessed target inherit all its attributes. Target can be any typical program running in the foreground or background, e.g. SbieCtrl.exe or TrueCrypt....
- Sun May 10, 2015 8:14 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
3.76 (64-bit) VBOX (5.0.0_BETA3) (Windows 8;WIN8_RTM;ENTERPRISE;EVAL) unbreakable! 4.17.4 (64-bit) VBOX or Host (Windows 8.1 core) Splish Splash, I was takin' a bath ! Write to and launch almost anything unsandboxed from your Sandboxed program or with very minimal shellcode. No setting can block. No...
- Sun May 10, 2015 4:16 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
I don't have a 7/8 (Virtual)Box anymore.
Best guess is it might be affected also.
A resource which slipped by Sandboxie...
Best guess is it might be affected also.
A resource which slipped by Sandboxie...
- Sun May 10, 2015 3:53 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
Right and yes, rpljhun.
But just this minute I found a Sbie bypass unrelated to this but with info from the blog.
(It's not \Device\ConDrv, but haven't come to that yet, and I probably won't, it's a bore.)
There is a new hole in Sandboxie.
But just this minute I found a Sbie bypass unrelated to this but with info from the blog.
(It's not \Device\ConDrv, but haven't come to that yet, and I probably won't, it's a bore.)
There is a new hole in Sandboxie.
- Fri May 08, 2015 11:53 am
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
It /* Just test normal create process */ and when that succeeds like it should ... Process launch should NOT actually have been successful; under Sandboxie it doesn't fail like it ought to. I didn't run the PoC outside Sandboxie to be certain how the first test case was supposed to behave. It is ob...
- Thu May 07, 2015 10:23 pm
- Forum: Quick Questions
- Topic: Google discloses (Chrome) sandbox vulnerability
- Replies: 24
- Views: 3465
Re: Google discloses (Chrome) sandbox vulnerability
The pre-built PoC binary doesn't bypass Sandboxie because: It /* Just test normal create process */ and when that succeeds like it should, it won't try to InjectExe . Its InjectExe routine doesn't bypass Sbie, it wants to open and write to conhost.exe (cmd.exe companion) process which I never even r...
- Wed May 06, 2015 6:16 pm
- Forum: Feature Requests
- Topic: SandBoxIE to harden SRP (software restriction policy)?
- Replies: 36
- Views: 7230
Re: SandBoxIE to harden SRP (software restriction policy)?
Will this library work on winXP-SP3 and how to use it? SbieSRP4.dll is for 32-bit Windows, so I don't see why not, catBot, yes. I coded it with XP in mind, statically linking to system dll exports that will work as far back as 2000 (per deceptive MSDN docs, so for the APIs I suspect further back st...
- Mon May 04, 2015 8:41 am
- Forum: Beta Version 4.17
- Topic: 4.17 Beta Available (Latest Version 4.17.8)
- Replies: 208
- Views: 65832
Re: 4.17 Beta Available (Latest Version 4.17.5)
@Curt: Regarding Chrome setup SBIE error, fixing it shall solve a great many inexplicable error reports, because it seems like Sbie has memory/structure byte alignment/padding problems in one or more places and this can foul up many a thing even if only occurring in one place, one struct or section....