diff --git a/CHANGELOG.md b/CHANGELOG.md index 9495fda5..71e73c2a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). +## [1.14.7 / 5.69.7] - 2024-0x-xx + +### Added +- added "RandomRegUID"(bool) which could modify Windows Product Id in the registry to a rand value- +- added "HideDiskSerialNumber"(bool) return random value when applications tries to get disk serial number + ## [1.14.6 / 5.69.6] - 2024-07-30 @@ -15,6 +21,7 @@ This project adheres to [Semantic Versioning](http://semver.org/). + ## [1.14.5 / 5.69.5] - 2024-07-23 ### Added diff --git a/Sandboxie/core/dll/custom.c b/Sandboxie/core/dll/custom.c index 84e3694f..3cf7d3bf 100644 --- a/Sandboxie/core/dll/custom.c +++ b/Sandboxie/core/dll/custom.c @@ -24,7 +24,7 @@ #include "dll.h" #include "common/my_version.h" #include - +#include //--------------------------------------------------------------------------- // Functions @@ -49,6 +49,7 @@ static HANDLE OpenExplorerKey( HANDLE ParentKey, const WCHAR *SubkeyName, ULONG *error); static void DeleteShellAssocKeys(ULONG Wow64); static void AutoExec(void); +static BOOLEAN Custom_ProductID(void); //--------------------------------------------------------------------------- @@ -91,6 +92,7 @@ _FX BOOLEAN CustomizeSandbox(void) DisableEdgeBoost(); Custom_EnableBrowseNewProcess(); DeleteShellAssocKeys(0); + Custom_ProductID(); Custom_DisableBHOs(); if (Dll_OsBuild >= 8400) // only on win 8 and later Custom_OpenWith(); @@ -1338,7 +1340,7 @@ _FX void Custom_ComServer(void) // NsiRpc_Init //--------------------------------------------------------------------------- -#include +//#include typedef RPC_STATUS (*P_NsiRpcRegisterChangeNotification)( LPVOID p1, LPVOID p2, LPVOID p3, LPVOID p4, LPVOID p5, LPVOID p6, LPVOID p7); @@ -1534,7 +1536,205 @@ _FX BOOLEAN Custom_OsppcDll(HMODULE module) NtClose(hOfficeKey); return TRUE; } +/*static wchar_t GetCharFromInt(int a) { + switch (a) { + case 0: + return L'0'; + break; + case 1: + return L'1'; + break; + case 2: + return L'2'; + break; + case 3: + return L'3'; + break; + case 4: + return L'4'; + break; + case 5: + return L'5'; + break; + case 6: + return L'6'; + break; + case 7: + return L'7'; + break; + case 8: + return L'8'; + break; + case 9: + return L'9'; + break; + } + return 0; +} +static int GetIntLen(DWORD n) { + int count = 0; + while (n != 0) + { + n = n / 10; + count++; + } + return count; +}*/ +static unsigned long seed = 1; +int my_rand(void) +{ + seed = (seed * 214013L + + 2531011L) >> 16; + return((unsigned)seed & 0x7fff); +} +/*char* my_itoa(int num, char* str, int radix) +{ + char index[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + unsigned unum; + int i = 0, j, k; + + if (radix == 10 && num < 0) + { + unum = (unsigned)-num; + str[i++] = '-'; + } + else unum = (unsigned)num; + + + do + { + str[i++] = index[unum % (unsigned)radix]; + unum /= radix; + + } while (unum); + + str[i] = '\0'; + + + if (str[0] == '-') k = 1; + else k = 0; + + char temp; + for (j = k; j <= (i - 1) / 2; j++) + { + temp = str[j]; + str[j] = str[i - 1 + k - j]; + str[i - 1 + k - j] = temp; + } + + return str; + +}*/ +wchar_t* GuidToString(const GUID guid) +{ + static wchar_t buf[64] = {0}; + Sbie_snwprintf(buf, sizeof(buf), + L"%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X", + guid.Data1, guid.Data2, guid.Data3, + guid.Data4[0], guid.Data4[1], guid.Data4[2], guid.Data4[3], + guid.Data4[4], guid.Data4[5], guid.Data4[6], guid.Data4[7]); + return buf; +} + +_FX BOOLEAN Custom_ProductID(void) { + if (SbieApi_QueryConfBool(NULL, L"RandomRegUID", FALSE)) { + NTSTATUS status; + UNICODE_STRING uni; + OBJECT_ATTRIBUTES objattrs; + HANDLE hKey; + + InitializeObjectAttributes( + &objattrs, &uni, OBJ_CASE_INSENSITIVE, NULL, NULL); + + RtlInitUnicodeString(&uni, + L"\\registry\\Machine\\Software\\" + L"\\Microsoft\\Windows NT\\CurrentVersion"); + + status = Key_OpenIfBoxed(&hKey, KEY_SET_VALUE, &objattrs); + if (NT_SUCCESS(status)) { + + //UNICODE_STRING buf; + //RtlInitUnicodeString(&buf, tmp); + /*if (GetIntLen(dwTick) == 1) { + //DWORD last = dwTick - (dwTick / 10) * 10; + DWORD last = dwTick; + WCHAR chr = GetCharFromInt((int)last); + Sleep(0); + DWORD dwTick2 = GetTickCount(),last2=0; + if (GetIntLen(dwTick) == 1) + last2 = dwTick2; + else + last2 = dwTick2 - (dwTick2 / 10) * 10; + WCHAR chr2= GetCharFromInt((int)last2); + wcscpy_s(tmp, 1, chr2); + wcscat_s(tmp, 1, chr2); + for(int i=0;i<=2;i++) + wcscat_s(tmp, 1, chr); + }*/ + WCHAR tmp[34] = { 0 }; + + RtlInitUnicodeString(&uni, L"ProductId"); + + seed = GetTickCount(); + int chain1 = my_rand() % 10000 + 9999, + chain2 = my_rand() % 10000 + 9999, + chain3 = my_rand() % 10000 + 9999, + chain4 = my_rand() % 10000 + 9999 + ; + Sbie_snwprintf(tmp, 34, L"%05d-%05d-%05d-%05d", chain1, chain2, chain3, chain4); + + + status = NtSetValueKey( + hKey, &uni, 0, REG_SZ, tmp, sizeof(tmp)+1); + NtClose(hKey); + } + RtlInitUnicodeString(&uni, + L"\\registry\\Machine\\Software\\" + L"\\Microsoft\\Cryptography"); + typedef HRESULT(*P_CoCreateGuid)( + GUID* pguid + ); + P_CoCreateGuid CoCreateGuid2 = (P_CoCreateGuid)Ldr_GetProcAddrNew(DllName_ole32, L"CoCreateGuid", "CoCreateGuid"); + status = Key_OpenIfBoxed(&hKey, KEY_SET_VALUE, &objattrs); + if (NT_SUCCESS(status)&&CoCreateGuid2) { + GUID guid; + HRESULT h = CoCreateGuid2(&guid); + WCHAR buf[64] = { 0 }; + if (h == S_OK) { + WCHAR* pChar = GuidToString(guid); + lstrcpy(buf, pChar); + RtlInitUnicodeString(&uni, L"MachineGuid"); + status = NtSetValueKey( + hKey, &uni, 0, REG_SZ, buf, sizeof(buf) + 1); + } + + } + NtClose(hKey); + RtlInitUnicodeString(&uni, + L"\\registry\\Machine\\Software\\" + L"\\Microsoft\\SQMClient"); + + status = Key_OpenIfBoxed(&hKey, KEY_SET_VALUE, &objattrs); + if (NT_SUCCESS(status)&&CoCreateGuid2) { + GUID guid; + HRESULT h = CoCreateGuid2(&guid); + WCHAR buf[64] = L"{"; + if (h == S_OK) { + WCHAR* pChar = GuidToString(guid); + lstrcat(buf, pChar); + lstrcat(buf, L"}"); + RtlInitUnicodeString(&uni, L"MachineId"); + status = NtSetValueKey( + hKey, &uni, 0, REG_SZ, buf, sizeof(buf) + 1); + } + + } + NtClose(hKey); + return TRUE; + } + return TRUE; +} #ifndef _M_ARM64 //--------------------------------------------------------------------------- diff --git a/Sandboxie/core/dll/kernel.c b/Sandboxie/core/dll/kernel.c index 1fb3f58a..870e2c19 100644 --- a/Sandboxie/core/dll/kernel.c +++ b/Sandboxie/core/dll/kernel.c @@ -69,6 +69,17 @@ typedef LCID (*P_GetSystemDefaultLCID)(); typedef LANGID (*P_GetSystemDefaultLangID)(); +typedef BOOL (*P_GetVolumeInformationByHandleW)( + HANDLE hFile, + LPWSTR lpVolumeNameBuffer, + DWORD nVolumeNameSize, + LPDWORD lpVolumeSerialNumber, + LPDWORD lpMaximumComponentLength, + LPDWORD lpFileSystemFlags, + LPWSTR lpFileSystemNameBuffer, + DWORD nFileSystemNameSize +); + //typedef int (*P_GetLocaleInfoEx)(LPCWSTR lpLocaleName, LCTYPE LCType, LPWSTR lpLCData, int cchData); //typedef int (*P_GetLocaleInfoA)(LCID Locale, LCTYPE LCType, LPSTR lpLCData, int cchData); @@ -98,12 +109,13 @@ P_QueryPerformanceCounter __sys_QueryPerformanceCounter = NULL; P_GetUserDefaultUILanguage __sys_GetUserDefaultUILanguage = NULL; P_GetUserDefaultLocaleName __sys_GetUserDefaultLocaleName = NULL; P_GetUserDefaultLCID __sys_GetUserDefaultLCID = NULL; -P_GetUserDefaultLangID __sys_GetUserDefaultLangID = NULL; +P_GetUserDefaultLangID __sys_GetUserDefaultLangID = NULL; P_GetUserDefaultGeoName __sys_GetUserDefaultGeoName = NULL; P_GetSystemDefaultUILanguage __sys_GetSystemDefaultUILanguage = NULL; P_GetSystemDefaultLocaleName __sys_GetSystemDefaultLocaleName = NULL; -P_GetSystemDefaultLCID __sys_GetSystemDefaultLCID = NULL; +P_GetSystemDefaultLCID __sys_GetSystemDefaultLCID = NULL; P_GetSystemDefaultLangID __sys_GetSystemDefaultLangID = NULL; +P_GetVolumeInformationByHandleW __sys_GetVolumeInformationByHandleW = NULL; LCID Kernel_CustomLCID = 0; @@ -148,7 +160,16 @@ static LCID Kernel_GetSystemDefaultLCID(); static LANGID Kernel_GetSystemDefaultLangID(); - +static BOOL Kernel_GetVolumeInformationByHandleW( + HANDLE hFile, + LPWSTR lpVolumeNameBuffer, + DWORD nVolumeNameSize, + LPDWORD lpVolumeSerialNumber, + LPDWORD lpMaximumComponentLength, + LPDWORD lpFileSystemFlags, + LPWSTR lpFileSystemNameBuffer, + DWORD nFileSystemNameSize + ); //--------------------------------------------------------------------------- // Kernel_Init //--------------------------------------------------------------------------- @@ -246,7 +267,13 @@ _FX BOOLEAN Kernel_Init() SBIEDLL_HOOK(Kernel_, GetSystemDefaultLCID); SBIEDLL_HOOK(Kernel_, GetSystemDefaultLangID); } - + if (SbieApi_QueryConfBool(NULL, L"HideDiskSerialNumber", FALSE)) + { + void* GetVolumeInformationByHandleW = GetProcAddress(Dll_KernelBase ? Dll_KernelBase : Dll_Kernel32, "GetVolumeInformationByHandleW"); + if (GetVolumeInformationByHandleW) { + SBIEDLL_HOOK(Kernel_, GetVolumeInformationByHandleW); + } + } return TRUE; } @@ -488,3 +515,35 @@ _FX LANGID Kernel_GetSystemDefaultLangID() { return (LANGID)Kernel_CustomLCID; } + + +static unsigned long Kernel_seed = 1; +int Kernel_rand(void) +{ + Kernel_seed = (Kernel_seed * 214013L + + 2531011L) >> 16; + return((unsigned)Kernel_seed & 0x7fff); +} +//---------------------------------------------------------------------------- +//Kernel_GetVolumeInformationByHandleW +//---------------------------------------------------------------------------- +_FX BOOL Kernel_GetVolumeInformationByHandleW( + HANDLE hFile, + LPWSTR lpVolumeNameBuffer, + DWORD nVolumeNameSize, + LPDWORD lpVolumeSerialNumber, + LPDWORD lpMaximumComponentLength, + LPDWORD lpFileSystemFlags, + LPWSTR lpFileSystemNameBuffer, + DWORD nFileSystemNameSize +) { + DWORD ourSerialNumber = 0; + BOOL rtn = __sys_GetVolumeInformationByHandleW(hFile, lpVolumeNameBuffer, nVolumeNameSize, &ourSerialNumber, lpMaximumComponentLength, lpFileSystemFlags, lpFileSystemNameBuffer, nFileSystemNameSize); + if (lpVolumeSerialNumber == NULL) + return rtn; + else { + Kernel_seed = __sys_GetTickCount(); + *lpVolumeSerialNumber = Kernel_rand()%0x10000; + return rtn; + } +}