Sandboxie Support

Thanks for the replies, everybody! Curt's really on the ball. You're on the ball, Curt!

I had sort of expected there'd be a gamut of ways to print but not necessarily to file.

Why'd I read this in the middle ofvthe night. Start the day right. Start the day right.

Elsword - Sandboxie 4.13.2 - last working version? Sandboxie 4.13.3 - first broken version! You will know the game has loaded further when you receive this message: SBIE2103 Denied attempt to load system driver 'dump_wmimmc [ElswordBox]' The game may still start? I am presented with a Log-in / Regis...

@Curt: Regarding Chrome setup SBIE error, fixing it shall solve a great many inexplicable error reports ... It is not box_name but FileRootPath where occurs the sporadic problem. box_name of course dictates FileRootPath where %SANDBOX% is specified. e.g. fail FileRootPath=C:\Sandbox\BUCKAROO\0 pass...

Cool, catBot. Your test will be the first true test.

Try a PoC that is if you want to receive ANY relevant output from DebugView (unless you're using the verbose OutputDebug\ dll).

Just don't visit this other thread, else feelings of despair could engulf you.

For clarity, what is a "session"? Here, session, in theory, should mean from Sandbox active until inactive (no processes resident). I guess that's what Curt, the dev, is shooting for. Tests show that session in 4.17.5 seems to mean for only this process [pid] (not for others in the Sandbox). Theref...

Might only be a matter of modifying access rights on a process object? Lazy, don't know. OpenProcess doesn't even fail... silent fail? I was going to trace into the undocumented call, but it's kernelmode (I don't know what else I was expecting). That is as far as I go. I never thought this part to b...

Curt@invincea is on the case as of . . . some minutes ago. :) I am not super knowledgeable but the Chrome Renderer sandbox is more locked down than Sandboxied programs, or should I say was? I don't feel like hooking or devising shellcode to inject into the Chrome Renderer to find out. But can confir...

As far as undoing all Sandboxie's security/restrictions (including "anonymous logon"), privilege is graduated, yes it is. Child processes spawned of possessed target inherit all its attributes. Target can be any typical program running in the foreground or background, e.g. SbieCtrl.exe or TrueCrypt....

3.76 (64-bit) VBOX (5.0.0_BETA3) (Windows 8;WIN8_RTM;ENTERPRISE;EVAL) unbreakable! 4.17.4 (64-bit) VBOX or Host (Windows 8.1 core) Splish Splash, I was takin' a bath ! Write to and launch almost anything unsandboxed from your Sandboxed program or with very minimal shellcode. No setting can block. No...

I don't have a 7/8 (Virtual)Box anymore.
Best guess is it might be affected also.
A resource which slipped by Sandboxie...

Right and yes, rpljhun.

But just this minute I found a Sbie bypass unrelated to this but with info from the blog.
(It's not \Device\ConDrv, but haven't come to that yet, and I probably won't, it's a bore.)

There is a new hole in Sandboxie.

It /* Just test normal create process */ and when that succeeds like it should ... Process launch should NOT actually have been successful; under Sandboxie it doesn't fail like it ought to. I didn't run the PoC outside Sandboxie to be certain how the first test case was supposed to behave. It is ob...

The pre-built PoC binary doesn't bypass Sandboxie because: It /* Just test normal create process */ and when that succeeds like it should, it won't try to InjectExe . Its InjectExe routine doesn't bypass Sbie, it wants to open and write to conhost.exe (cmd.exe companion) process which I never even r...

Will this library work on winXP-SP3 and how to use it? SbieSRP4.dll is for 32-bit Windows, so I don't see why not, catBot, yes. I coded it with XP in mind, statically linking to system dll exports that will work as far back as 2000 (per deceptive MSDN docs, so for the APIs I suspect further back st...

@Curt: Regarding Chrome setup SBIE error, fixing it shall solve a great many inexplicable error reports, because it seems like Sbie has memory/structure byte alignment/padding problems in one or more places and this can foul up many a thing even if only occurring in one place, one struct or section....