commit
6cd28ce9a8
|
@ -36,17 +36,17 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|||
- Use "ProcessNumberLimit"(Number) to set process number limit.
|
||||
- Add ability to modified sandboxed process logic speed (reduced fixed latency, modified single-player speed, etc.) (thanks Yeyixiao)
|
||||
- Use "UseChangeSpeed=y" to open this feature,use "AddTickSpeed"/"AddSleepSpeed"/"AddTimerSpeed"/"LowTickSpeed"/"LowSleepSpeed"/"LowTimerSpeed"(Number) to set.
|
||||
- When set "AddSleepSpeed=0",all Sleep funcation call will be skip.
|
||||
- When set to "AddSleepSpeed=0", all sleep function calls will be skipped.
|
||||
- Added /fcp /force_children commandline option to start.exe it allows to start a program unsandboxed but have all its children sandboxed
|
||||
|
||||
- added ability to fore sandboxed processes to use a pre defined socks 5 proxy
|
||||
- added ability to intercept DNS queries such that thay can be log and/or redirected
|
||||
- added ability to intercept DNS queries so that they can be logged and/or redirected
|
||||
- added support for SOCKS5 proxy authentication based on RFC1928 (thanks Deezzir)
|
||||
- added Test Dialog UI for SOCKS5 proxy (thanks Deezzir)
|
||||
- added ability to automatically removes template references that begin with “Template_Temp_” in the sandbox.
|
||||
|
||||
### Changed
|
||||
- validated compatybility with windows build 26217 and updated dyn data
|
||||
- validated compatibility with windows build 26217 and updated dyn data
|
||||
|
||||
### Fixed
|
||||
- fixed an issue with an early batch of Large Supporter certificates
|
||||
|
|
|
@ -58,7 +58,7 @@ struct _PATTERN {
|
|||
// a value denoting the match level for the process
|
||||
ULONG level;
|
||||
|
||||
// optional auxyliary data to be associated with this pattern
|
||||
// optional auxiliary data to be associated with this pattern
|
||||
PVOID aux;
|
||||
|
||||
// array of pointers to constant parts. the actual number of
|
||||
|
|
|
@ -71,13 +71,13 @@ const WCHAR *Pattern_Source(PATTERN *pat);
|
|||
ULONG Pattern_Level(PATTERN *pat);
|
||||
|
||||
//
|
||||
// Pattern_Aux: returns the associated auxyliary data.
|
||||
// Pattern_Aux: returns the associated auxiliary data.
|
||||
//
|
||||
|
||||
PVOID* Pattern_Aux(PATTERN *pat);
|
||||
|
||||
//
|
||||
// Pattern_Wildcards: returns count of wildcards in the pattern, not counting the tailing * when rpresent
|
||||
// Pattern_Wildcards: returns count of wildcards in the pattern, not counting the trailing * when present
|
||||
//
|
||||
|
||||
USHORT Pattern_Wildcards(PATTERN *pat);
|
||||
|
|
|
@ -322,7 +322,7 @@ _FX int WSA_WSALookupServiceNextW(
|
|||
|
||||
//
|
||||
// This is a bit a simplified implementation, it assumes that all results are always of the same time
|
||||
// else it may truncate it early, also it cant return more results the have been found.
|
||||
// else it may truncate it early, also it can't return more results the have been found.
|
||||
//
|
||||
|
||||
if (lpqsResults->dwNumberOfCsAddrs > 0) {
|
||||
|
@ -332,7 +332,7 @@ _FX int WSA_WSALookupServiceNextW(
|
|||
for (DWORD i = 0; i < lpqsResults->dwNumberOfCsAddrs; i++) {
|
||||
|
||||
USHORT af = lpqsResults->lpcsaBuffer[i].RemoteAddr.lpSockaddr->sa_family;
|
||||
for (; entry && entry->Type != af; entry = (IP_ENTRY*)List_Next(entry)); // skip to an antry of teh right type
|
||||
for (; entry && entry->Type != af; entry = (IP_ENTRY*)List_Next(entry)); // skip to an entry of the right type
|
||||
if (!entry) { // no more entries clear remaining results
|
||||
lpqsResults->dwNumberOfCsAddrs = i;
|
||||
break;
|
||||
|
@ -356,7 +356,7 @@ _FX int WSA_WSALookupServiceNextW(
|
|||
|
||||
for (PCHAR* Addr = (PCHAR*)(((UINT_PTR)hp->h_addr_list + (UINT_PTR)hp)); *Addr; Addr++) {
|
||||
|
||||
for (; entry && entry->Type != hp->h_addrtype; entry = (IP_ENTRY*)List_Next(entry)); // skip to an antry of teh right type
|
||||
for (; entry && entry->Type != hp->h_addrtype; entry = (IP_ENTRY*)List_Next(entry)); // skip to an entry of the right type
|
||||
if (!entry) { // no more entries clear remaining results
|
||||
*Addr = 0;
|
||||
continue;
|
||||
|
|
|
@ -1414,9 +1414,9 @@ _FX BOOLEAN WSA_Init(HMODULE module)
|
|||
|
||||
//
|
||||
// Note: for our proxy implementation we need to have the sockets in blocking mode
|
||||
// unfortinately windows does not provide a way to query the blockign flag
|
||||
// unfortunately windows does not provide a way to query the blocking flag
|
||||
// not even when asking the driver directly :(
|
||||
// Hence we need to monitor the below calls and maintain and cache the blockign state
|
||||
// Hence we need to monitor the below calls and maintain and cache the blocking state
|
||||
//
|
||||
|
||||
//int InputBuffer[] = { 2,0,0,0 };
|
||||
|
|
|
@ -290,7 +290,7 @@ _FX BOX *Process_GetForcedStartBox(
|
|||
// exempt sandboxie components from this as start.exe can be used to
|
||||
// open selected processes in other boxes or set Dfp when desired.
|
||||
//
|
||||
// we also must excempt conhost.exe for console applications
|
||||
// we also must exempt conhost.exe for console applications
|
||||
//
|
||||
|
||||
if (!box && !image_sbie && _wcsicmp(ImageName, L"conhost.exe") != 0) {
|
||||
|
|
|
@ -2194,7 +2194,7 @@ _FX void* Token_CreateToken(void* TokenObject, PROCESS* proc)
|
|||
SECURITY_QUALITY_OF_SERVICE SecurityQos;
|
||||
|
||||
//
|
||||
// Gether informations from the original token
|
||||
// Gather information from the original token
|
||||
//
|
||||
|
||||
if ( !NT_SUCCESS(SeQueryInformationToken(TokenObject, TokenStatistics, &LocalStatistics))
|
||||
|
|
|
@ -2410,13 +2410,13 @@ MSG_HEADER *SbieIniServer::RunSbieCtrl(MSG_HEADER *msg, HANDLE idProcess, bool i
|
|||
MSG_HEADER *SbieIniServer::RC4Crypt(MSG_HEADER *msg, HANDLE idProcess, bool isSandboxed)
|
||||
{
|
||||
//
|
||||
// The purpose of this function is to provide a simple machien bound obfuscation
|
||||
// The purpose of this function is to provide a simple machine bound obfuscation
|
||||
// for example to store passwords which are required in plain text.
|
||||
// To this end we use a Random 64 bit key which is generated once and stored in the registry
|
||||
// as well as the rc4 algorythm for the encryption, applying the same transformation twice
|
||||
// as well as the rc4 algorithm for the encryption, applying the same transformation twice
|
||||
// yealds the original plaintext, hence only one function is sufficient.
|
||||
//
|
||||
// Please note that neider the mechanism nor the use rc4 algorythm can be considdered
|
||||
// Please note that neither the mechanism nor the use of the rc4 algorithm can be considered
|
||||
// cryptographically secure by any means.
|
||||
// This mechanism is only good for simple obfuscation of non critical data.
|
||||
//
|
||||
|
|
Loading…
Reference in New Issue