mirrors/Sandboxie
mirrors
/
Sandboxie
mirror of https://github.com/sandboxie-plus/Sandboxie.git
1
0
Fork 0
Code Releases Activity

Merge branch 'master' into patch-1

This commit is contained in:
DavidXanatos 2024-07-21 17:30:19 +02:00 committed by GitHub
parent 31a17be960 70e6c6d492
commit dcb7fb64dc
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
14 changed files with 618 additions and 162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
CHANGELOG.md
View File

@ -13,13 +13,18 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.14.5 / 5.69.5] - 2024-07-?
### Added
- added HwID display
- added Language Spoof "UseSpoofLocale=y" and "FalseLCID=1033" [#4024](https://github.com/sandboxie-plus/Sandboxie/pull/4024) (thanks Yeyixiao)
- added hwid display
- added Language Spoof "CustomLCID=1033" [#4024](https://github.com/sandboxie-plus/Sandboxie/pull/4024) (thanks Yeyixiao)
- added option to always run the sandman UI as admin [#4090](https://github.com/sandboxie-plus/Sandboxie/issues/4090)
### Fixed
- fixed two supporter certificate popping up every time a Sandboxes' settings are opened [#4074](https://github.com/sandboxie-plus/Sandboxie/issues/4074)
- fixed issue with HwID-bound serial keys failing when no HwID could be obtained
- fixed issue with "UseChangeSpeed=y"
- fixed broken "HideFirmwareInfo=y" implementation.
- changed reg path to key "HKCU\\System\\SbieCustom", value: "SMBiosTable"
- added UI options
- fixed schannel error SEC_E_SECPKG_NOT_FOUND in encrypted sandboxes [#4081](https://github.com/sandboxie-plus/Sandboxie/issues/4081)
### Changed
- the certificate format can now take an explicit validity days specification, needed for gapless certificate renewal

59
Sandboxie/core/dll/sysinfo.c
View File

@ -216,34 +216,59 @@ _FX NTSTATUS SysInfo_NtQuerySystemInformation(
PSYSTEM_FIRMWARE_TABLE_INFORMATION firmwareTableInfo = (PSYSTEM_FIRMWARE_TABLE_INFORMATION)Buffer;
if (firmwareTableInfo->ProviderSignature == FIRMWARE_TABLE_PROVIDER_SMBIOS && firmwareTableInfo->Action == SystemFirmwareTable_Get)
{
typedef LSTATUS(*ROK)(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult);
typedef LSTATUS(*RQVEW)(HKEY hKey, LPCWSTR lpValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData);
typedef LSTATUS(*RCK)(HKEY hKey);
ROK RegOpenKeyExW = (ROK)GetProcAddress(GetModuleHandle(DllName_advapi32), "RegOpenKeyExW");
RQVEW RegQueryValueExW = (RQVEW)GetProcAddress(GetModuleHandle(DllName_advapi32), "RegQueryValueExW");
RCK RegCloseKey = (RCK)GetProcAddress(GetModuleHandle(DllName_advapi32), "RegCloseKey");
if (firmwareTableInfo->ProviderSignature == FIRMWARE_TABLE_PROVIDER_SMBIOS && firmwareTableInfo->Action == SystemFirmwareTable_Get) {
typedef LSTATUS(*RegOpenKeyExW_t)(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult);
typedef LSTATUS(*RegQueryValueExW_t)(HKEY hKey, LPCWSTR lpValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData);
typedef LSTATUS(*RegCloseKey_t)(HKEY hKey);
HMODULE advapi32 = LoadLibraryW(DllName_advapi32);
if (!advapi32) return STATUS_UNSUCCESSFUL;
RegOpenKeyExW_t RegOpenKeyExW = (RegOpenKeyExW_t)GetProcAddress(advapi32, "RegOpenKeyExW");
RegQueryValueExW_t RegQueryValueExW = (RegQueryValueExW_t)GetProcAddress(advapi32, "RegQueryValueExW");
RegCloseKey_t RegCloseKey = (RegCloseKey_t)GetProcAddress(advapi32, "RegCloseKey");
if (!RegOpenKeyExW || !RegQueryValueExW || !RegCloseKey) {
FreeLibrary(advapi32);
return STATUS_UNSUCCESSFUL;
}
HKEY hKey = NULL;
PVOID lpData = NULL;
DWORD dwLen = 0;
DWORD type;
DWORD dwLen = 0x10000;
PVOID lpData = Dll_AllocTemp(dwLen);
if (!lpData) {
FreeLibrary(advapi32);
return STATUS_UNSUCCESSFUL;
}
DWORD type = 0;
// if not set we return no information, 0 length
if (RegOpenKeyExW && RegOpenKeyExW(HKEY_CURRENT_USER, L"System\\SbieCustom\\", 0, KEY_READ, &hKey)) {
RegQueryValueExW(hKey, L"SMBiosTable", 0, &type, lpData, &dwLen);
if (RegOpenKeyExW(HKEY_CURRENT_USER, L"System\\SbieCustom", 0, KEY_READ, &hKey) == ERROR_SUCCESS) {
if (RegQueryValueExW(hKey, L"SMBiosTable", NULL, &type, (LPBYTE)lpData, &dwLen) != ERROR_SUCCESS) {
dwLen = 0;
}
RegCloseKey(hKey);
}
*ReturnLength = dwLen;
if (dwLen > 0) {
if (dwLen > BufferLength)
return STATUS_BUFFER_TOO_SMALL;
memcpy(Buffer, lpData, dwLen);
if (dwLen + sizeof(SYSTEM_FIRMWARE_TABLE_INFORMATION) > BufferLength) {
status = STATUS_BUFFER_TOO_SMALL;
goto cleanup;
}
firmwareTableInfo->TableBufferLength = dwLen;
memcpy(firmwareTableInfo->TableBuffer, lpData, dwLen);
}
return STATUS_SUCCESS;
status = STATUS_SUCCESS;
cleanup:
Dll_Free(lpData);
FreeLibrary(advapi32);
return status;
}
}

2
Sandboxie/core/drv/file_flt.c
View File

@ -514,7 +514,7 @@ check:
// csrss.exe needs access to binaries of starting up processes.
//
if (Util_IsCsrssProcess(PsGetCurrentProcessId()))
if (Util_IsSystemProcess(PsGetCurrentProcessId(), "csrss.exe"))
break;
status = STATUS_ACCESS_DENIED;

3
Sandboxie/core/drv/thread.c
View File

@ -1138,7 +1138,8 @@ _FX ACCESS_MASK Thread_CheckObject_CommonEx(
if (protect_process /*&& MyIsProcessRunningAsSystemAccount(cur_pid)*/) {
if ((_wcsicmp(nptr, SBIESVC_EXE) == 0)
|| Util_IsCsrssProcess(cur_pid)
|| Util_IsSystemProcess(cur_pid, "csrss.exe")
|| Util_IsSystemProcess(cur_pid, "lsass.exe")
|| Util_IsProtectedProcess(cur_pid)
|| (_wcsicmp(nptr, L"conhost.exe") == 0)
|| (_wcsicmp(nptr, L"taskmgr.exe") == 0) || (_wcsicmp(nptr, L"sandman.exe") == 0))

6
Sandboxie/core/drv/util.c
View File

@ -566,12 +566,12 @@ retry:
//---------------------------------------------------------------------------
// Util_IsCsrssProcess
// Util_IsSystemProcess
//---------------------------------------------------------------------------
NTKERNELAPI PCHAR NTAPI PsGetProcessImageFileName(_In_ PEPROCESS Process);
_FX BOOLEAN Util_IsCsrssProcess(HANDLE pid)
_FX BOOLEAN Util_IsSystemProcess(HANDLE pid, const char* name)
{
PEPROCESS ProcessObject;
NTSTATUS status;
@ -586,7 +586,7 @@ _FX BOOLEAN Util_IsCsrssProcess(HANDLE pid)
ImageFileName = PsGetProcessImageFileName(ProcessObject);
ret = (_stricmp(ImageFileName, "csrss.exe") == 0);
ret = (_stricmp(ImageFileName, name) == 0);
ObDereferenceObject(ProcessObject);
}

2
Sandboxie/core/drv/util.h
View File

@ -121,7 +121,7 @@ NTSTATUS MyValidateCertificate(void);
HANDLE Util_GetProcessPidByName(const WCHAR* name);
BOOLEAN Util_IsCsrssProcess(HANDLE pid);
BOOLEAN Util_IsSystemProcess(HANDLE pid, const char* name);
BOOLEAN Util_IsProtectedProcess(HANDLE pid);

182
SandboxiePlus/SandMan/Forms/OptionsWindow.ui
View File

@ -4687,16 +4687,6 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
<string>Privacy</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_29">
<item row="2" column="2">
<widget class="QComboBox" name="cmbLangID"/>
</item>
<item row="10" column="4">
<widget class="QCheckBox" name="chkShowHiddenProcTmpl">
<property name="text">
<string>Show Templates</string>
</property>
</widget>
</item>
<item row="1" column="1" colspan="3">
<widget class="QCheckBox" name="chkHideFirmware">
<property name="toolTip">
@ -4707,50 +4697,13 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
</property>
</widget>
</item>
<item row="8" column="4">
<widget class="QPushButton" name="btnAddProcess">
<item row="7" column="0" colspan="4">
<widget class="QLabel" name="label_24">
<property name="text">
<string>Add Process</string>
<string>Hide host processes from processes running in the sandbox.</string>
</property>
</widget>
</item>
<item row="3" column="0">
<widget class="QLabel" name="lblProcessHiding">
<property name="font">
<font>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="text">
<string>Process Hiding</string>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QLabel" name="label_72">
<property name="text">
<string>Use a custom Locale/LangID</string>
</property>
</widget>
</item>
<item row="9" column="4">
<spacer name="verticalSpacer_16">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="5" column="1" colspan="3">
<widget class="QCheckBox" name="chkHideHostProcesses">
<property name="text">
<string>Don't allow sandboxed processes to see processes running outside any boxes</string>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
@ -4767,40 +4720,20 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
</property>
</spacer>
</item>
<item row="11" column="4">
<widget class="QPushButton" name="btnDelProcess">
<item row="12" column="0" colspan="5">
<widget class="QCheckBox" name="chkBlockWMI">
<property name="toolTip">
<string>Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,&quot;tasklist.exe&quot; could get full processes list even if &quot;HideOtherBoxes&quot; is opened through accessing WMI. Enable this option to stop these heavior.</string>
</property>
<property name="text">
<string>Remove</string>
<string>Prevent sandboxed processes from accessing system deatils through WMI (see tooltip for more Info)</string>
</property>
</widget>
</item>
<item row="7" column="0" colspan="4">
<widget class="QLabel" name="label_24">
<item row="5" column="1" colspan="3">
<widget class="QCheckBox" name="chkHideNonSystemProcesses">
<property name="text">
<string>Hide host processes from processes running in the sandbox.</string>
</property>
<property name="wordWrap">
<bool>true</bool>
</property>
</widget>
</item>
<item row="4" column="1" colspan="3">
<widget class="QCheckBox" name="chkHideOtherBoxes">
<property name="text">
<string>Don't allow sandboxed processes to see processes running in other boxes</string>
</property>
</widget>
</item>
<item row="0" column="0">
<widget class="QLabel" name="lblPrivacyProtection">
<property name="font">
<font>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="text">
<string>Data Protection</string>
<string>Don't allow sandboxed processes to see processes running outside any boxes</string>
</property>
</widget>
</item>
@ -4821,13 +4754,90 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
</column>
</widget>
</item>
<item row="12" column="0" colspan="5">
<widget class="QCheckBox" name="chkBlockWMI">
<property name="toolTip">
<string>Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,&quot;tasklist.exe&quot; could get full processes list even if &quot;HideOtherBoxes&quot; is opened through accessing WMI. Enable this option to stop these heavior.</string>
<item row="3" column="0">
<widget class="QLabel" name="lblProcessHiding">
<property name="font">
<font>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="text">
<string>Prevent sandboxed processes from accessing system deatils through WMI (see tooltip for more Info)</string>
<string>Process Hiding</string>
</property>
</widget>
</item>
<item row="8" column="4">
<widget class="QPushButton" name="btnAddProcess">
<property name="text">
<string>Add Process</string>
</property>
</widget>
</item>
<item row="2" column="1">
<widget class="QLabel" name="label_72">
<property name="text">
<string>Use a custom Locale/LangID</string>
</property>
</widget>
</item>
<item row="11" column="4">
<widget class="QPushButton" name="btnDelProcess">
<property name="text">
<string>Remove</string>
</property>
</widget>
</item>
<item row="0" column="0">
<widget class="QLabel" name="lblPrivacyProtection">
<property name="font">
<font>
<bold>true</bold>
<kerning>true</kerning>
</font>
</property>
<property name="text">
<string>Data Protection</string>
</property>
</widget>
</item>
<item row="2" column="2">
<widget class="QComboBox" name="cmbLangID"/>
</item>
<item row="10" column="4">
<widget class="QCheckBox" name="chkShowHiddenProcTmpl">
<property name="text">
<string>Show Templates</string>
</property>
</widget>
</item>
<item row="9" column="4">
<spacer name="verticalSpacer_16">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="4" column="1" colspan="3">
<widget class="QCheckBox" name="chkHideOtherBoxes">
<property name="text">
<string>Don't allow sandboxed processes to see processes running in other boxes</string>
</property>
</widget>
</item>
<item row="1" column="4">
<widget class="QToolButton" name="btnDumpFW">
<property name="toolTip">
<string>Dump the current Firmare Tables to HKCU\System\SbieCustom</string>
</property>
<property name="text">
<string>Dump FW Tables</string>
</property>
</widget>
</item>

104
SandboxiePlus/SandMan/Forms/SettingsWindow.ui
View File

@ -2196,7 +2196,41 @@ Unlike the preview channel, it does not include untested, potentially breaking,
<string>Sandboxie.ini Presets</string>
</attribute>
<layout class="QGridLayout" name="gridLayout_19">
<item row="7" column="0">
<item row="6" column="2" colspan="2">
<widget class="QCheckBox" name="chkAdminOnlyFP">
<property name="text">
<string>Only Administrator user accounts can use Pause Forcing Programs command</string>
</property>
</widget>
</item>
<item row="8" column="2">
<spacer name="horizontalSpacer_24">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</property>
</spacer>
</item>
<item row="0" column="2">
<widget class="QCheckBox" name="chkWatchConfig">
<property name="text">
<string>Watch Sandboxie.ini for changes</string>
</property>
</widget>
</item>
<item row="3" column="2">
<widget class="QCheckBox" name="chkAdminOnly">
<property name="text">
<string>Only Administrator user accounts can make changes</string>
</property>
</widget>
</item>
<item row="8" column="0">
<spacer name="verticalSpacer_7">
<property name="orientation">
<enum>Qt::Vertical</enum>
@ -2209,46 +2243,10 @@ Unlike the preview channel, it does not include untested, potentially breaking,
</property>
</spacer>
</item>
<item row="6" column="2">
<widget class="QCheckBox" name="chkClearPass">
<property name="text">
<string>Clear password when main window becomes hidden</string>
</property>
</widget>
</item>
<item row="5" column="2" colspan="2">
<widget class="QCheckBox" name="chkAdminOnlyFP">
<property name="text">
<string>Only Administrator user accounts can use Pause Forcing Programs command</string>
</property>
</widget>
</item>
<item row="0" column="2">
<widget class="QCheckBox" name="chkWatchConfig">
<property name="text">
<string>Watch Sandboxie.ini for changes</string>
</property>
</widget>
</item>
<item row="3" column="3" rowspan="2">
<widget class="QPushButton" name="btnSetPassword">
<property name="text">
<string>Change Password</string>
</property>
</widget>
</item>
<item row="2" column="2">
<widget class="QCheckBox" name="chkAdminOnly">
<property name="text">
<string>Only Administrator user accounts can make changes</string>
</property>
</widget>
</item>
<item row="1" column="0" colspan="2">
<item row="2" column="0" colspan="2">
<widget class="QLabel" name="lblProtection">
<property name="font">
<font>
<weight>75</weight>
<bold>true</bold>
<kerning>true</kerning>
</font>
@ -2258,25 +2256,33 @@ Unlike the preview channel, it does not include untested, potentially breaking,
</property>
</widget>
</item>
<item row="3" column="2">
<item row="7" column="2">
<widget class="QCheckBox" name="chkClearPass">
<property name="text">
<string>Clear password when main window becomes hidden</string>
</property>
</widget>
</item>
<item row="4" column="2">
<widget class="QCheckBox" name="chkPassRequired">
<property name="text">
<string>Password must be entered in order to make changes</string>
</property>
</widget>
</item>
<item row="7" column="2">
<spacer name="horizontalSpacer_24">
<property name="orientation">
<enum>Qt::Horizontal</enum>
<item row="4" column="3" rowspan="2">
<widget class="QPushButton" name="btnSetPassword">
<property name="text">
<string>Change Password</string>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>40</width>
<height>20</height>
</size>
</widget>
</item>
<item row="1" column="2">
<widget class="QCheckBox" name="chkSkipUAC">
<property name="text">
<string>Always run SandMan UI as Admin</string>
</property>
</spacer>
</widget>
</item>
</layout>
</widget>

334
SandboxiePlus/SandMan/Helpers/WinAdmin.cpp
View File

@ -164,4 +164,336 @@ bool AutorunEnable (bool is_enable)
}
return false;
}
}
//////////////////////////////////////////////////////////////////////////////////
// Skip UAC
#define SKIP_UAC_TASK_NAME APP_NAME L"_SkipUac"
#include <comdef.h>
#include <taskschd.h>
struct MBSTR
{
MBSTR (LPCWSTR asString = nullptr)
{
ms_bstr = asString ? SysAllocString (asString) : nullptr;
}
~MBSTR ()
{
Free ();
}
operator BSTR() const
{
return ms_bstr;
}
MBSTR& operator=(LPCWSTR asString)
{
if (asString != ms_bstr)
{
Free ();
ms_bstr = asString ? ::SysAllocString (asString) : NULL;
}
return *this;
}
void Free ()
{
if (ms_bstr)
{
SysFreeString (ms_bstr);
ms_bstr = nullptr;
}
}
protected:
BSTR ms_bstr;
};
bool SkipUacEnable (bool is_enable)
{
bool result = false;
bool action_result = false;
ITaskService* service = nullptr;
ITaskFolder* folder = nullptr;
ITaskDefinition* task = nullptr;
IRegistrationInfo* reginfo = nullptr;
IPrincipal* principal = nullptr;
ITaskSettings* settings = nullptr;
IActionCollection* action_collection = nullptr;
IAction* action = nullptr;
IExecAction* exec_action = nullptr;
IRegisteredTask* registered_task = nullptr;
wchar_t szPath[MAX_PATH];
if (!GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
return false;
std::wstring::size_type pos = std::wstring(szPath).find_last_of( L"\\/" );
std::wstring dir = std::wstring(szPath).substr(0, pos);
MBSTR root (L"\\");
MBSTR name (SKIP_UAC_TASK_NAME);
MBSTR author (APP_NAME);
MBSTR path (szPath);
MBSTR directory (dir.c_str());
MBSTR args (L"$(Arg0)");
MBSTR timelimit (L"PT0S");
VARIANT vtEmpty = {VT_EMPTY};
if (SUCCEEDED (CoInitializeEx (nullptr, COINIT_APARTMENTTHREADED)))
{
//if (SUCCEEDED (CoInitializeSecurity (nullptr, -1, nullptr, nullptr, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, 0, nullptr)))
{
if (SUCCEEDED (CoCreateInstance (CLSID_TaskScheduler, nullptr, CLSCTX_INPROC_SERVER, IID_ITaskService, (LPVOID*)&service)))
{
if (SUCCEEDED (service->Connect (vtEmpty, vtEmpty, vtEmpty, vtEmpty)))
{
if (SUCCEEDED (service->GetFolder (root, &folder)))
{
// create task
if (is_enable)
{
if (SUCCEEDED (service->NewTask (0, &task)))
{
if (SUCCEEDED (task->get_RegistrationInfo (&reginfo)))
{
reginfo->put_Author (author);
reginfo->Release ();
}
if (SUCCEEDED (task->get_Principal (&principal)))
{
principal->put_RunLevel (TASK_RUNLEVEL_HIGHEST);
principal->Release ();
}
if (SUCCEEDED (task->get_Settings (&settings)))
{
settings->put_AllowHardTerminate (VARIANT_BOOL (FALSE));
settings->put_StartWhenAvailable (VARIANT_BOOL (FALSE));
settings->put_DisallowStartIfOnBatteries (VARIANT_BOOL (FALSE));
settings->put_StopIfGoingOnBatteries (VARIANT_BOOL (FALSE));
settings->put_MultipleInstances (TASK_INSTANCES_PARALLEL);
settings->put_ExecutionTimeLimit (timelimit);
settings->Release ();
}
if (SUCCEEDED (task->get_Actions (&action_collection)))
{
if (SUCCEEDED (action_collection->Create (TASK_ACTION_EXEC, &action)))
{
if (SUCCEEDED (action->QueryInterface (IID_IExecAction, (LPVOID*)&exec_action)))
{
if (
SUCCEEDED (exec_action->put_Path (path)) &&
SUCCEEDED (exec_action->put_WorkingDirectory (directory)) &&
SUCCEEDED (exec_action->put_Arguments (args))
)
{
action_result = true;
}
exec_action->Release ();
}
action->Release ();
}
action_collection->Release ();
}
if (action_result)
{
if (SUCCEEDED (folder->RegisterTaskDefinition (
name,
task,
TASK_CREATE_OR_UPDATE,
vtEmpty,
vtEmpty,
TASK_LOGON_INTERACTIVE_TOKEN,
vtEmpty,
&registered_task)
))
{
{
//ConfigSet (L"SkipUacIsEnabled", true);
result = true;
registered_task->Release ();
}
}
task->Release ();
}
}
}
else
{
// remove task
result = SUCCEEDED (folder->DeleteTask (name, 0));
//ConfigSet (L"SkipUacIsEnabled", false);
}
folder->Release ();
}
}
service->Release ();
}
}
CoUninitialize ();
}
return result;
}
bool SkipUacRun (bool test_only)
{
bool result = false;
ITaskService* service = nullptr;
ITaskFolder* folder = nullptr;
IRegisteredTask* registered_task = nullptr;
ITaskDefinition* task = nullptr;
IActionCollection* action_collection = nullptr;
IAction* action = nullptr;
IExecAction* exec_action = nullptr;
IRunningTask* running_task = nullptr;
wchar_t szPath[MAX_PATH];
if (!GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
return false;
MBSTR root (L"\\");
MBSTR name (SKIP_UAC_TASK_NAME);
VARIANT vtEmpty = {VT_EMPTY};
if (SUCCEEDED (CoInitializeEx (nullptr, COINIT_APARTMENTTHREADED)))
{
//if (SUCCEEDED (CoInitializeSecurity (nullptr, -1, nullptr, nullptr, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, 0, nullptr)))
{
if (SUCCEEDED (CoCreateInstance (CLSID_TaskScheduler, nullptr, CLSCTX_INPROC_SERVER, IID_ITaskService, (LPVOID*)&service)))
{
if (SUCCEEDED (service->Connect (vtEmpty, vtEmpty, vtEmpty, vtEmpty)))
{
if (SUCCEEDED (service->GetFolder (root, &folder)))
{
if (SUCCEEDED (folder->GetTask (name, &registered_task)))
{
if (SUCCEEDED (registered_task->get_Definition (&task)))
{
if (SUCCEEDED (task->get_Actions (&action_collection)))
{
if (SUCCEEDED (action_collection->get_Item (1, &action)))
{
if (SUCCEEDED (action->QueryInterface (IID_IExecAction, (LPVOID*)&exec_action)))
{
BSTR path = nullptr;
exec_action->get_Path (&path);
PathUnquoteSpaces (path);
// check path is to current module
if (_wcsicmp (path, szPath) == 0)
{
if (test_only)
{
result = true;
}
else
{
std::wstring args;
// get arguments
{
INT numargs = 0;
LPWSTR* arga = CommandLineToArgvW(GetCommandLine(), &numargs);
for (INT i = 1; i < numargs; i++) {
if (i > 1)
args.append(L" ");
args.append(arga[i]);
}
LocalFree(arga);
}
variant_t params = args.c_str();
if (SUCCEEDED(registered_task->RunEx(params, TASK_RUN_NO_FLAGS, 0, nullptr, &running_task)))
{
UINT8 count = 3; // try count
do
{
QThread::msleep(250);
TASK_STATE state = TASK_STATE_UNKNOWN;
running_task->Refresh();
running_task->get_State(&state);
if (
state == TASK_STATE_RUNNING ||
state == TASK_STATE_READY ||
state == TASK_STATE_DISABLED
)
{
if (
state == TASK_STATE_RUNNING ||
state == TASK_STATE_READY
)
{
result = true;
}
break;
}
} while (count--);
running_task->Release();
}
}
}
exec_action->Release ();
}
action->Release ();
}
action_collection->Release ();
}
task->Release ();
}
registered_task->Release ();
}
folder->Release ();
}
}
service->Release ();
}
}
CoUninitialize ();
}
return result;
}

3
SandboxiePlus/SandMan/Helpers/WinAdmin.h
View File

@ -10,3 +10,6 @@ bool IsAdminUser(bool OnlyFull = false);
bool IsAutorunEnabled();
bool AutorunEnable(bool is_enable);
bool SkipUacRun(bool test_only = false);
bool SkipUacEnable(bool is_enable);

64
SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
View File

@ -100,6 +100,7 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkHideFirmware, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.cmbLangID, SIGNAL(currentIndexChanged(int)), this, SLOT(OnAdvancedChanged()));
connect(ui.btnDumpFW, SIGNAL(clicked(bool)), this, SLOT(OnDumpFW()));
connect(ui.chkHideOtherBoxes, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkHideNonSystemProcesses, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
@ -266,7 +267,7 @@ void COptionsWindow::LoadAdvanced()
ShowTriggersTmpl();
//
ui.chkHideFirmware->setChecked(m_pBox->GetBool("HideFirmwareInfo", true));
ui.chkHideFirmware->setChecked(m_pBox->GetBool("HideFirmwareInfo", false));
ui.cmbLangID->setCurrentIndex(ui.cmbLangID->findData(m_pBox->GetNum("CustomLCID", 0)));
@ -1341,6 +1342,67 @@ void COptionsWindow::SaveDebug()
}
}
#define WIN32_NO_STATUS
typedef long NTSTATUS;
#include "..\..\Sandboxie\common\win32_ntddk.h"
typedef struct _SYSTEM_FIRMWARE_TABLE_INFORMATION {
ULONG ProviderSignature;
ULONG Action;
ULONG TableID;
ULONG TableBufferLength;
UCHAR TableBuffer[ANYSIZE_ARRAY];
} SYSTEM_FIRMWARE_TABLE_INFORMATION, *PSYSTEM_FIRMWARE_TABLE_INFORMATION;
#define FIRMWARE_TABLE_PROVIDER_ACPI 'ACPI'
#define FIRMWARE_TABLE_PROVIDER_SMBIOS 'RSMB'
typedef enum _SYSTEM_FIRMWARE_TABLE_ACTION {
SystemFirmwareTable_Enumerate,
SystemFirmwareTable_Get
} SYSTEM_FIRMWARE_TABLE_ACTION;
void COptionsWindow::OnDumpFW()
{
ULONG returnLength = 0;
NTSTATUS status;
SYSTEM_FIRMWARE_TABLE_INFORMATION* firmwareTableInfo;
ULONG firmwareTableSize = sizeof(SYSTEM_FIRMWARE_TABLE_INFORMATION) + 0x10000; // Initial size
retry:
firmwareTableInfo = (SYSTEM_FIRMWARE_TABLE_INFORMATION*)malloc(firmwareTableSize);
firmwareTableInfo->ProviderSignature = FIRMWARE_TABLE_PROVIDER_SMBIOS;
firmwareTableInfo->Action = SystemFirmwareTable_Get;
firmwareTableInfo->TableID = 0;
firmwareTableInfo->TableBufferLength = firmwareTableSize - sizeof(SYSTEM_FIRMWARE_TABLE_INFORMATION);
status = NtQuerySystemInformation(SystemFirmwareTableInformation, firmwareTableInfo, firmwareTableSize, &returnLength);
if (status == 0xC0000023L/*STATUS_BUFFER_TOO_SMALL*/) {
free(firmwareTableInfo);
firmwareTableSize += 0x10000;
goto retry;
}
if (!NT_SUCCESS(status))
CSandMan::ShowMessageBox(this, QMessageBox::Critical, tr("Failed to retrieve firmware table information."));
else if(firmwareTableInfo->TableBufferLength)
{
HKEY hKey;
DWORD disposition;
if(RegCreateKeyExW(HKEY_CURRENT_USER, L"System\\SbieCustom", 0, 0, 0, KEY_WRITE, NULL, &hKey, &disposition) == ERROR_SUCCESS)
{
if(RegSetValueExW(hKey, L"SMBiosTable", 0, REG_BINARY, firmwareTableInfo->TableBuffer, firmwareTableInfo->TableBufferLength) == ERROR_SUCCESS)
CSandMan::ShowMessageBox(this, QMessageBox::Information, tr("Firmware table saved successfully to host registry: HKEY_CURRENT_USER\\System\\SbieCustom<br />you can copy it to the sandboxed registry to have a different value for each box."));
RegCloseKey(hKey);
}
}
free(firmwareTableInfo);
}
void COptionsWindow::InitLangID()
{
// Note: list by ChatGPT

2
SandboxiePlus/SandMan/Windows/OptionsWindow.h
View File

@ -211,6 +211,8 @@ private slots:
void OnAddTerminateCmd();
void OnDelAuto();
void OnDumpFW();
void OnAddProcess();
void OnDelProcess();
void OnShowHiddenProcTmpl() { ShowHiddenProcTmpl(true); }

7
SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
View File

@ -433,6 +433,10 @@ CSettingsWindow::CSettingsWindow(QWidget* parent)
connect(ui.chkWatchConfig, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged())); // not sbie ini
connect(ui.chkSkipUAC, SIGNAL(stateChanged(int)), this, SLOT(OnSkipUAC()));
ui.chkSkipUAC->setEnabled(IsElevated());
m_SkipUACChanged = false;
connect(ui.chkAdminOnly, SIGNAL(stateChanged(int)), this, SLOT(OnProtectionChange()));
connect(ui.chkPassRequired, SIGNAL(stateChanged(int)), this, SLOT(OnProtectionChange()));
connect(ui.btnSetPassword, SIGNAL(clicked(bool)), this, SLOT(OnSetPassword()));
@ -953,6 +957,7 @@ void CSettingsWindow::LoadSettings()
ui.chkMonitorSize->setChecked(theConf->GetBool("Options/WatchBoxSize", false));
ui.chkWatchConfig->setChecked(theConf->GetBool("Options/WatchIni", true));
ui.chkSkipUAC->setChecked(SkipUacRun(true));
ui.chkScanMenu->setChecked(theConf->GetBool("Options/ScanStartMenu", true));
ui.cmbIntegrateMenu->setCurrentIndex(theConf->GetInt("Options/IntegrateStartMenu", 0));
@ -1657,6 +1662,8 @@ void CSettingsWindow::SaveSettings()
theConf->SetValue("Options/WatchBoxSize", ui.chkMonitorSize->isChecked());
theConf->SetValue("Options/WatchIni", ui.chkWatchConfig->isChecked());
if (m_SkipUACChanged)
SkipUacEnable(ui.chkSkipUAC->isChecked());
theConf->SetValue("Options/ScanStartMenu", ui.chkScanMenu->isChecked());
int OldIntegrateStartMenu = theConf->GetInt("Options/IntegrateStartMenu", 0);

3
SandboxiePlus/SandMan/Windows/SettingsWindow.h
View File

@ -88,6 +88,8 @@ private slots:
void OnOptChanged();
void OnSkipUAC() { m_SkipUACChanged = true; OnOptChanged(); }
void OnChangeGUI() { m_bRebuildUI = true; OnOptChanged(); }
void OnFeaturesChanged() { m_FeaturesChanged = true; OnGeneralChanged(); }
void OnGeneralChanged() { m_GeneralChanged = true; OnOptChanged(); }
@ -176,6 +178,7 @@ protected:
bool m_VolumeChanged;
bool m_CompatChanged;
bool m_RunChanged;
bool m_SkipUACChanged;
bool m_ProtectionChanged;
bool m_GeneralChanged;
bool m_FeaturesChanged;