mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

This commit is contained in:
DavidXanatos 2021-03-30 19:02:06 +02:00
parent 811c1a586d
commit 0b6b1da68e
7 changed files with 40 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -48,6 +48,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
-- to enable runas functionality, add "OpenIpcPath=\RPC Control\SECLOGON" to your Sandboxie.ini
-- please take note that doing so may open other yet unknown issues
- fixed a driver compatibility issue with Windows 10 32 bit Insider Preview Build 21337
- fixed issues with driver signature for windows 7

169
Sandboxie/core/svc/DriverAssistStart.cpp
View File

@ -49,23 +49,10 @@ ULONG DriverAssist::StartDriverAsync(void *arg)
// get windows version
//
OSVERSIONINFOW osvi;
OSVERSIONINFO osvi;
memzero(&osvi, sizeof(osvi));
osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOW);
NTSTATUS(WINAPI *RtlGetVersion)(LPOSVERSIONINFOW);
*(FARPROC*)&RtlGetVersion = GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlGetVersion");
if (RtlGetVersion == NULL || !NT_SUCCESS(RtlGetVersion(&osvi)))
GetVersionExW(&osvi);
//
// get own path
//
WCHAR svcPath[MAX_PATH] = { 0 };
GetModuleFileName(NULL, svcPath, MAX_PATH);
WCHAR* pathPtr = wcsrchr(svcPath, L'\\');
if (pathPtr++)
*pathPtr = L'\0';
osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
GetVersionEx(&osvi);
//
// start the driver, but only if it isn't already active
@ -89,132 +76,46 @@ ULONG DriverAssist::StartDriverAsync(void *arg)
L"\\Registry\\Machine\\System\\CurrentControlSet"
L"\\Services\\" SBIEDRV);
//while (!IsDebuggerPresent())
// Sleep(100);
rc = NtLoadDriver(&uni);
if (rc == 0 || rc == STATUS_IMAGE_ALREADY_LOADED) {
ok = true;
goto driver_started;
}
m_instance->LogMessage_Single(MSG_2201, L"Starting Driver...");
if (rc != STATUS_PRIVILEGE_NOT_HELD || rc == STATUS_ACCESS_DENIED) {
LogEvent(MSG_9234, 0x9153, rc);
goto driver_started;
}
bool PrivilegeSet = false;
bool CopyDriver = false;
bool DriverUnPacked = false;
for (; ; ) //for (int i = 0; i < 10; i++)
{
m_instance->LogMessage_Single(MSG_2201, L"Attempting to Load Driver...");
//
// we have to enable a privilege to load the driver
//
rc = NtLoadDriver(&uni);
if (rc == 0 || rc == STATUS_IMAGE_ALREADY_LOADED) {
ok = true;
break;
}
WCHAR priv_space[64];
TOKEN_PRIVILEGES *privs = (TOKEN_PRIVILEGES *)priv_space;
HANDLE hToken;
if (rc == STATUS_PRIVILEGE_NOT_HELD && !PrivilegeSet)
{
m_instance->LogMessage_Single(MSG_2201, L"Acquiring necessary privileges...");
BOOL b = LookupPrivilegeValue(
L"", SE_LOAD_DRIVER_NAME, &privs->Privileges[0].Luid);
if (b) {
//
// we have to enable a privilege to load the driver
//
privs->Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
privs->PrivilegeCount = 1;
WCHAR priv_space[64];
TOKEN_PRIVILEGES *privs = (TOKEN_PRIVILEGES *)priv_space;
HANDLE hToken;
b = OpenProcessToken(
GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken);
if (b) {
BOOL b = LookupPrivilegeValue(
L"", SE_LOAD_DRIVER_NAME, &privs->Privileges[0].Luid);
if (b) {
b = AdjustTokenPrivileges(hToken, FALSE, privs, 0, NULL, NULL);
CloseHandle(hToken);
}
}
privs->Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
privs->PrivilegeCount = 1;
b = OpenProcessToken(
GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken);
if (b) {
b = AdjustTokenPrivileges(hToken, FALSE, privs, 0, NULL, NULL);
CloseHandle(hToken);
}
}
PrivilegeSet = true;
continue;
}
/*if (rc == STATUS_OBJECT_NAME_NOT_FOUND && DriverUnPacked)
{
m_instance->LogMessage_Single(MSG_2201, L"The provisionally driver got deleted...");
//
// The provisionally signed driver got deleted, try to restore it
//
DriverUnPacked = false;
rc == STATUS_INVALID_IMAGE_HASH;
}*/
if (rc == STATUS_OBJECT_NAME_NOT_FOUND && !CopyDriver)
{
m_instance->LogMessage_Single(MSG_2201, L"Preparing the windows 10 signed driver...");
//
// there is no driver file we have to prepare one
//
WCHAR srcPath[MAX_PATH];
wcscpy(srcPath, svcPath);
wcscat(srcPath, SBIEDRV_SYS L".w10");
WCHAR destPath[MAX_PATH];
wcscpy(destPath, svcPath);
wcscat(destPath, SBIEDRV_SYS);
CopyFile(srcPath, destPath, FALSE);
CopyDriver = true;
continue;
}
if (rc == STATUS_INVALID_IMAGE_HASH && !DriverUnPacked)
{
m_instance->LogMessage_Single(MSG_2201, L"Preparing the provisionally signed driver...");
//
// the driver signature was not accepted, try the provisionally signed driver
//
WCHAR cmd[512];
wcscpy(cmd, L"\"");
wcscat(cmd, svcPath);
wcscat(cmd, L"KmdUtil.exe");
wcscat(cmd, L"\" rc4 \"");
wcscat(cmd, svcPath);
wcscat(cmd, SBIEDRV_SYS L".rc4");
wcscat(cmd, L"\"");
STARTUPINFO si;
ZeroMemory(&si, sizeof(STARTUPINFO));
si.cb = sizeof(STARTUPINFO);
si.dwFlags = STARTF_FORCEOFFFEEDBACK;
PROCESS_INFORMATION pi;
if (CreateProcess(NULL, cmd, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi)) {
WaitForSingleObject(pi.hProcess, 10 * 1000);
CloseHandle(pi.hThread);
CloseHandle(pi.hProcess);
}
DriverUnPacked = true;
continue;
}
//
// we tryed all we could, log an error and break
//
LogEvent(MSG_9234, 0x9153, rc);
break;
}
rc = NtLoadDriver(&uni);
if (rc == 0 || rc == STATUS_IMAGE_ALREADY_LOADED)
ok = true;
else
LogEvent(MSG_9234, 0x9153, rc);
//
// the driver has been started (or was started already), check

57
Sandboxie/install/kmdutil/kmdutil.c
View File

@ -26,7 +26,6 @@
#include <stdlib.h>
#include "common/defines.h"
#include "common/my_version.h"
#include "rc4.h"
extern void Kmd_ScanDll(BOOLEAN silent);
@ -42,8 +41,7 @@ typedef enum _COMMAND {
CMD_START,
CMD_STOP,
CMD_SCANDLL,
CMD_SCANDLL_SILENT,
CMD_RC4
CMD_SCANDLL_SILENT
} COMMAND;
typedef enum _OPTIONS {
@ -220,11 +218,7 @@ BOOL Parse_Command_Line(
*Command = CMD_STOP;
num_args_needed = 1;
} else if (_wcsicmp(args[1], L"rc4") == 0) {
*Command = CMD_RC4;
num_args_needed = 1;
} else {
} else {
*Command = CMD_ERROR;
MessageBox(NULL, L"Invalid command", L"KmdUtil",
MB_ICONEXCLAMATION | MB_OK);
@ -243,11 +237,6 @@ BOOL Parse_Command_Line(
if (num_args_needed >= 2)
*Driver_Path = args[3];
if (*Command == CMD_RC4) {
*Driver_Path = *Driver_Name;
*Driver_Name = NULL;
}
*Options = OPT_NONE;
next_arg = num_args_needed + 2;
while (next_arg < num_args_given) {
@ -726,48 +715,6 @@ int __stdcall WinMain(
&Options))
return EXIT_FAILURE;
if (Command == CMD_RC4)
{
int path_len = wcslen(Driver_Path);
BOOLEAN has_rc4 = path_len > 8 && wcscmp(Driver_Path + path_len - 8, L".sys.rc4") == 0;
PWSTR Driver_Path_tmp = Driver_Path; // strip \??\ if present
if (Driver_Path_tmp[0] == L'\\' && Driver_Path_tmp[1] == L'?' && Driver_Path_tmp[2] == L'?' && Driver_Path_tmp[3] == L'\\')
Driver_Path_tmp += 4;
FILE* inFile = _wfopen(Driver_Path_tmp, L"rb");
if (inFile)
{
if (has_rc4)
Driver_Path_tmp[path_len - 4] = L'\0'; // strip .rc4
else
wcscat(Driver_Path_tmp, L".rc4"); // add .rc4
FILE* outFile = _wfopen(Driver_Path_tmp, L"wb");
if (outFile)
{
fseek(inFile, 0, SEEK_END);
DWORD fileSize = ftell(inFile);
fseek(inFile, 0, SEEK_SET);
void* buffer = HeapAlloc(GetProcessHeap(), HEAP_GENERATE_EXCEPTIONS, fileSize);
fread(buffer, 1, fileSize, inFile);
char key[] = "default_key";
rc4_sbox_t sbox;
rc4_init(&sbox, key, strlen(key));
rc4_transform(&sbox, buffer, fileSize);
if(fwrite(buffer, 1, fileSize, outFile) == fileSize)
ok = TRUE;
fclose(outFile);
}
fclose(inFile);
}
goto exit;
}
ScMgr = OpenSCManager(
NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CREATE_SERVICE);

66
Sandboxie/install/kmdutil/rc4.cpp
View File

@ -1,66 +0,0 @@
/*
* Copyright 2020 DavidXanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#include "rc4.h"
void
rc4_swap(unsigned char &a, unsigned char &b)
{
unsigned char c = a;
a = b;
b = c;
}
void
rc4_init(rc4_sbox_t *rc4_sbox, const unsigned char *key_ptr, unsigned int key_len)
{
rc4_sbox->x = 0;
rc4_sbox->y = 0;
// Initialisation of the permutation
unsigned int i;
for(i = 0; i < 256; i++)
rc4_sbox->state[i] = (char)i;
// Mixing permutation
unsigned int j = 0;
unsigned int k;
for(i = 0; i < 256; i++)
{
k = i % key_len;
j = (key_ptr[k] + rc4_sbox->state[i] + j) & 0xff;
rc4_swap(rc4_sbox->state[i], rc4_sbox->state[j]);
}
}
void
rc4_transform(rc4_sbox_t *rc4_sbox, unsigned char *buffer_ptr, unsigned int buffer_len)
{
unsigned int i;
for(i = 0; i < buffer_len; i ++)
{
// The pseudo-random generation algorithm
rc4_sbox->x = (rc4_sbox->x + 1) & 0xff;
rc4_sbox->y = (rc4_sbox->y + rc4_sbox->state[rc4_sbox->x]) & 0xff;
rc4_swap(rc4_sbox->state[rc4_sbox->x], rc4_sbox->state[rc4_sbox->y]);
unsigned char keyChar = rc4_sbox->state[(rc4_sbox->state[rc4_sbox->x] + rc4_sbox->state[rc4_sbox->y]) & 0xff];
if(buffer_ptr) // NULL when seeking
buffer_ptr[i] ^= keyChar;
}
}

41
Sandboxie/install/kmdutil/rc4.h
View File

@ -1,41 +0,0 @@
/*
* Copyright 2020 DavidXanatos, xanasoft.com
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
#ifndef rc4_INCLUDED
# define rc4_INCLUDED
typedef struct rc4_sbox_s
{
unsigned char state[256];
unsigned int x;
unsigned int y;
} rc4_sbox_t;
#ifdef __cplusplus
extern "C"
{
#endif
void rc4_init(rc4_sbox_t *rc4_sbox, const unsigned char *key_ptr, unsigned int key_len);
void rc4_transform(rc4_sbox_t *rc4_sbox, unsigned char *buffer_ptr, unsigned int buffer_len);
#ifdef __cplusplus
} /* end extern "C" */
#endif
#endif /* rc4_INCLUDED */

2
SandboxiePlus/SandMan/SandMan.cpp
View File

@ -1703,7 +1703,7 @@ void CSandMan::OnUpdateCheck()
// 'sha256'
// 'signature'
QString FullMessage = UpdateMsg.isEmpty() ? tr("<p>There is a new version of Sandboxie-Plus available.<br /><font color='red'>New version:</font> <b>%1</b></p>").arg(Version) : UpdateMsg;
QString FullMessage = UpdateMsg.isEmpty() ? tr("<p>There is a new version of Sandboxie-Plus available.<br /><font color='red'>New version:</font> <b>%1</b></p>").arg(VersionStr) : UpdateMsg;
if (!DownloadUrl.isEmpty())
FullMessage += tr("<p>Do you want to download the latest version?</p>");
else if (!UpdateUrl.isEmpty())

2
SandboxiePlus/SandMan/main.cpp
View File

@ -4,7 +4,7 @@
#include "../QSbieAPI/SbieAPI.h"
#include "../QtSingleApp/src/qtsingleapplication.h"
#include "../QSbieAPI/SbieUtils.h"
#include "../MiscHelpers/Common/qRC4.h"
//#include "../MiscHelpers/Common/qRC4.h"
#include "../MiscHelpers/Common/Common.h"
#include <windows.h>