mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

1.1.0

This commit is contained in:
DavidXanatos 2022-05-03 13:10:17 +02:00
parent 28135c638b
commit 6db5f65097
6 changed files with 39 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Sandboxie/core/dll/dll.h
View File

@ -629,8 +629,14 @@ BOOLEAN Handle_Init(void);
BOOLEAN Key_Init(void); BOOLEAN Key_Init(void);
extern BOOLEAN Key_Delete_v2;
BOOLEAN Key_InitDelete_v2();
BOOLEAN File_Init(void); BOOLEAN File_Init(void);
extern BOOLEAN File_Delete_v2;
BOOLEAN File_InitDelete_v2();
BOOLEAN Ipc_Init(void); BOOLEAN Ipc_Init(void);
BOOLEAN Secure_Init(void); BOOLEAN Secure_Init(void);

57
Sandboxie/core/dll/dllmain.c
View File

@ -276,6 +276,21 @@ _FX void Dll_InitInjected(void)
Dll_SidStringLen = wcslen(Dll_SidString); Dll_SidStringLen = wcslen(Dll_SidString);
//
// break for the debugger, as soon as we have Dll_ImageName
//
if (SbieDll_CheckStringInList(Dll_ImageName, NULL, L"WaitForDebugger")) {
//if (SbieDll_GetSettingsForName_bool(NULL, Dll_ImageName, L"WaitForDebugger", FALSE)) {
//if (SbieApi_QueryConfBool(NULL, L"WaitForDebuggerAll", FALSE)) {
while (!IsDebuggerPresent()) {
OutputDebugString(L"Waiting for Debugger\n");
Sleep(500);
} __debugbreak();
}
// //
// query Sandboxie home folder // query Sandboxie home folder
// //
@ -447,6 +462,12 @@ _FX void Dll_InitInjected(void)
if (ok) if (ok)
ok = Gui_InitConsole1(); ok = Gui_InitConsole1();
// we need ipc stuff to be up hance we initialize delete stuff second to last
if (ok && File_Delete_v2)
File_InitDelete_v2();
if (ok && Key_Delete_v2)
Key_InitDelete_v2();
if (ok) // Note: Ldr_Init may cause rpcss to be started early if (ok) // Note: Ldr_Init may cause rpcss to be started early
ok = Ldr_Init(); // last to initialize ok = Ldr_Init(); // last to initialize
@ -464,46 +485,10 @@ _FX void Dll_InitInjected(void)
ExitProcess(-1); ExitProcess(-1);
} }
extern BOOLEAN File_Delete_v2;
extern BOOLEAN File_InitDelete_v2();
if (File_Delete_v2)
File_InitDelete_v2();
extern BOOLEAN Key_Delete_v2;
extern BOOLEAN Key_InitDelete_v2();
if (Key_Delete_v2)
Key_InitDelete_v2();
Dll_InitComplete = TRUE; Dll_InitComplete = TRUE;
if (! Dll_RestrictedToken) if (! Dll_RestrictedToken)
CustomizeSandbox(); CustomizeSandbox();
/*while (! IsDebuggerPresent()) {
OutputDebugString(L"BREAK\n");
Sleep(500);
}
__debugbreak();*/
/*if (_wcsicmp(Dll_ImageName, L"iexplore.exe") == 0) {
WCHAR *cmd = GetCommandLine();
if (wcsstr(cmd, L"SCODEF")) {
while (! IsDebuggerPresent()) {
OutputDebugString(L"BREAK\n");
Sleep(500);
}
__debugbreak();
}
}*/
/*if (_wcsicmp(Dll_ImageName, L"dllhost.exe") == 0) {
while (! IsDebuggerPresent()) {
OutputDebugString(L"BREAK\n");
Sleep(500);
}
__debugbreak();
}*/
} }

1
Sandboxie/core/dll/hook_tramp.c
View File

@ -184,7 +184,6 @@ _FX BOOLEAN Hook_Tramp_CountBytes(
void *SysProc, ULONG *ByteCount, BOOLEAN is64, BOOLEAN probe) void *SysProc, ULONG *ByteCount, BOOLEAN is64, BOOLEAN probe)
{ {
UCHAR *addr = (UCHAR *)SysProc; UCHAR *addr = (UCHAR *)SysProc;
//ULONG needlen = (is64 == 9 ? 13 : (is64 ? 12 : (File_TrusteerLoaded()?6:5)));
ULONG needlen = (is64 ? 12 : 5); ULONG needlen = (is64 ? 12 : 5);
ULONG copylen = 0; ULONG copylen = 0;

48
Sandboxie/core/dll/obj.c
View File

@ -45,12 +45,6 @@ static NTSTATUS Obj_NtQueryVirtualMemory(
SIZE_T Length, SIZE_T Length,
SIZE_T *ResultLength); SIZE_T *ResultLength);
static NTSTATUS Obj_NtQueryInformationProcess(
HANDLE ProcessHandle,
PROCESSINFOCLASS ProcessInformationClass,
PVOID ProcessInformation,
ULONG ProcessInformationLength,
PULONG ReturnLength);
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// Variables // Variables
@ -61,8 +55,6 @@ static P_NtQueryObject __sys_NtQueryObject = NULL;
P_NtQueryVirtualMemory __sys_NtQueryVirtualMemory = NULL; P_NtQueryVirtualMemory __sys_NtQueryVirtualMemory = NULL;
P_NtQueryInformationProcess __sys_NtQueryInformationProcess = NULL;
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
// Obj_Init // Obj_Init
@ -76,7 +68,6 @@ _FX BOOLEAN Obj_Init(void)
#else #else
SBIEDLL_HOOK(Obj_,NtQueryObject); SBIEDLL_HOOK(Obj_,NtQueryObject);
SBIEDLL_HOOK(Obj_,NtQueryVirtualMemory); SBIEDLL_HOOK(Obj_,NtQueryVirtualMemory);
SBIEDLL_HOOK(Obj_,NtQueryInformationProcess);
#endif #endif
return TRUE; return TRUE;
} }
@ -411,42 +402,3 @@ finish:
SetLastError(LastError); SetLastError(LastError);
return status; return status;
} }
//---------------------------------------------------------------------------
// Obj_NtQueryVirtualMemory
//---------------------------------------------------------------------------
_FX NTSTATUS Obj_NtQueryInformationProcess(
HANDLE ProcessHandle,
PROCESSINFOCLASS ProcessInformationClass,
PVOID ProcessInformation,
ULONG ProcessInformationLength,
PULONG ReturnLength)
{
NTSTATUS status;
ULONG outlen;
status = __sys_NtQueryInformationProcess(
ProcessHandle, ProcessInformationClass, ProcessInformation, ProcessInformationLength, &outlen);
if (ProcessInformationClass == ProcessImageFileName && ProcessInformation != NULL)
{
//
// since file paths are always shorter without the sandbox prefix we can keep this simple
//
ULONG tmplen;
PUNICODE_STRING fileName = (PUNICODE_STRING)ProcessInformation;
tmplen = File_NtQueryObjectName(fileName, fileName->MaximumLength);
if (tmplen)
outlen = sizeof(UNICODE_STRING) + tmplen;
}
if (ReturnLength)
*ReturnLength = outlen;
return status;
}

13
Sandboxie/core/dll/proc.c
View File

@ -291,7 +291,7 @@ static P_WinExec __sys_WinExec = NULL;
static P_RunSetupCommandW __sys_RunSetupCommandW = NULL; static P_RunSetupCommandW __sys_RunSetupCommandW = NULL;
static P_NtSetInformationProcess __sys_NtSetInformationProcess = NULL; static P_NtSetInformationProcess __sys_NtSetInformationProcess = NULL;
static P_NtQueryInformationProcess __sys_NtQueryInformationProcess = NULL; P_NtQueryInformationProcess __sys_NtQueryInformationProcess = NULL;
static P_NtCreateProcessEx __sys_NtCreateProcessEx = NULL; static P_NtCreateProcessEx __sys_NtCreateProcessEx = NULL;
@ -2766,6 +2766,17 @@ _FX NTSTATUS Proc_NtQueryInformationProcess(
} }
} }
/*if (ProcessInformationClass == ProcessImageFileName && ProcessInformation != NULL) {
ULONG tmplen;
PUNICODE_STRING fileName = (PUNICODE_STRING)ProcessInformation;
tmplen = File_NtQueryObjectName(fileName, fileName->MaximumLength);
if (tmplen)
outlen = sizeof(UNICODE_STRING) + tmplen;
}*/
return status; return status;
} }

4
Sandboxie/core/svc/main.cpp
View File

@ -82,7 +82,6 @@ const ULONG tzuk = 'xobs';
// WinMain // WinMain
//--------------------------------------------------------------------------- //---------------------------------------------------------------------------
ULONG Dll_Windows = 0;
int WinMain( int WinMain(
HINSTANCE hInstance, HINSTANCE hInstance,
@ -97,9 +96,6 @@ int WinMain(
_Ntdll = GetModuleHandle(L"ntdll.dll"); _Ntdll = GetModuleHandle(L"ntdll.dll");
_Kernel32 = GetModuleHandle(L"kernel32.dll"); _Kernel32 = GetModuleHandle(L"kernel32.dll");
GetSystemInfo(&_SystemInfo); GetSystemInfo(&_SystemInfo);
if (GetProcAddress(_Ntdll, "LdrFastFailInLoaderCallout")) {
Dll_Windows = 10;
}
WCHAR *cmdline = GetCommandLine(); WCHAR *cmdline = GetCommandLine();
if (cmdline) { if (cmdline) {