Test No11 at the link below - WB(wallbrealer.exe) seems to be able to open internet explorer when only FF and Wallbreaker are sandboxed.
At wallbreakers execution SB throws up warnings - "SBIE could not disable Windows Explorer as desktop process: [22 / C0000022]" but IE still launches.
http://www.firewallleaktester.com/leaktest13.htm
IE opens sandboxed but may be a security hole there???
Still playing in a vm.
Wallbreaker
Moderator: Barb@Invincea
Wallbreaker
Hunting the Hunter!
Au' contraire. I would say: IE opens sandboxed so obviously there is NO security hole here.IE opens sandboxed but may be a security hole there???
Wallbreaker is trying to start IE in an indirect way to fool Firewalls and HIPS so they don't "see" that IE has started. Obviously it isn't fooling Sandboxie.
Note please, I disabled my ForceProcess on IEXPLORE so I was sure that IEXPLORE wasn't sandboxed due to this. IE was sandboxed because WB used a sandboxed Windows Explorer to start Internet Explorer.
I wonder if Sandboxie 2.86 handles this test as well.
tzuk
Wallbreaker with Version 2.86
tzuk:
I just ran Wallbreaker sandboxed with Version 2.86.
Test 1 brought up Sandboxie Explorer.
Test 2 brought up a sandboxed Internet Explorer. (I also had disabled my ForceProcess on IEXPLORE.)
Test 3 brought up Sandboxie Explorer.
Test 4 brought up a Wallbreaker box stating that a task has been scheduled at 21:37.
When I exited Wallbreaker, Sandboxie wanted to download VLKGLI.bat to my documents. The only screwy thing was that a box appeared asking me if I was sure you want to move the system file? Since this was not a system file I answered yes and downloaded it to my documents folder. I then ran VLKGLI.bat Sandboxed and it brought up Sandboxie Explorer.
Thus I think we can safely conclude that Sandboxie 2.86 handles the Wallbreaker test as well.
Regards,
Mike
I just ran Wallbreaker sandboxed with Version 2.86.
Test 1 brought up Sandboxie Explorer.
Test 2 brought up a sandboxed Internet Explorer. (I also had disabled my ForceProcess on IEXPLORE.)
Test 3 brought up Sandboxie Explorer.
Test 4 brought up a Wallbreaker box stating that a task has been scheduled at 21:37.
When I exited Wallbreaker, Sandboxie wanted to download VLKGLI.bat to my documents. The only screwy thing was that a box appeared asking me if I was sure you want to move the system file? Since this was not a system file I answered yes and downloaded it to my documents folder. I then ran VLKGLI.bat Sandboxed and it brought up Sandboxie Explorer.
Thus I think we can safely conclude that Sandboxie 2.86 handles the Wallbreaker test as well.
Regards,
Mike
Who is online
Users browsing this forum: No registered users and 1 guest