diff --git a/CHANGELOG.md b/CHANGELOG.md
index a860cb88..c5e6fd70 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,13 +13,18 @@ This project adheres to [Semantic Versioning](http://semver.org/).
## [1.14.5 / 5.69.5] - 2024-07-?
### Added
-- added HwID display
-- added Language Spoof "UseSpoofLocale=y" and "FalseLCID=1033" [#4024](https://github.com/sandboxie-plus/Sandboxie/pull/4024) (thanks Yeyixiao)
+- added hwid display
+- added Language Spoof "CustomLCID=1033" [#4024](https://github.com/sandboxie-plus/Sandboxie/pull/4024) (thanks Yeyixiao)
+- added option to always run the sandman UI as admin [#4090](https://github.com/sandboxie-plus/Sandboxie/issues/4090)
### Fixed
- fixed two supporter certificate popping up every time a Sandboxes' settings are opened [#4074](https://github.com/sandboxie-plus/Sandboxie/issues/4074)
- fixed issue with HwID-bound serial keys failing when no HwID could be obtained
- fixed issue with "UseChangeSpeed=y"
+- fixed broken "HideFirmwareInfo=y" implementation.
+ - changed reg path to key "HKCU\\System\\SbieCustom", value: "SMBiosTable"
+ - added UI options
+- fixed schannel error SEC_E_SECPKG_NOT_FOUND in encrypted sandboxes [#4081](https://github.com/sandboxie-plus/Sandboxie/issues/4081)
### Changed
- the certificate format can now take an explicit validity days specification, needed for gapless certificate renewal
diff --git a/Sandboxie/core/dll/sysinfo.c b/Sandboxie/core/dll/sysinfo.c
index dfd13db8..4ea3e1da 100644
--- a/Sandboxie/core/dll/sysinfo.c
+++ b/Sandboxie/core/dll/sysinfo.c
@@ -216,34 +216,59 @@ _FX NTSTATUS SysInfo_NtQuerySystemInformation(
PSYSTEM_FIRMWARE_TABLE_INFORMATION firmwareTableInfo = (PSYSTEM_FIRMWARE_TABLE_INFORMATION)Buffer;
- if (firmwareTableInfo->ProviderSignature == FIRMWARE_TABLE_PROVIDER_SMBIOS && firmwareTableInfo->Action == SystemFirmwareTable_Get)
- {
- typedef LSTATUS(*ROK)(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult);
- typedef LSTATUS(*RQVEW)(HKEY hKey, LPCWSTR lpValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData);
- typedef LSTATUS(*RCK)(HKEY hKey);
- ROK RegOpenKeyExW = (ROK)GetProcAddress(GetModuleHandle(DllName_advapi32), "RegOpenKeyExW");
- RQVEW RegQueryValueExW = (RQVEW)GetProcAddress(GetModuleHandle(DllName_advapi32), "RegQueryValueExW");
- RCK RegCloseKey = (RCK)GetProcAddress(GetModuleHandle(DllName_advapi32), "RegCloseKey");
+ if (firmwareTableInfo->ProviderSignature == FIRMWARE_TABLE_PROVIDER_SMBIOS && firmwareTableInfo->Action == SystemFirmwareTable_Get) {
+
+ typedef LSTATUS(*RegOpenKeyExW_t)(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult);
+ typedef LSTATUS(*RegQueryValueExW_t)(HKEY hKey, LPCWSTR lpValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData);
+ typedef LSTATUS(*RegCloseKey_t)(HKEY hKey);
+
+ HMODULE advapi32 = LoadLibraryW(DllName_advapi32);
+ if (!advapi32) return STATUS_UNSUCCESSFUL;
+
+ RegOpenKeyExW_t RegOpenKeyExW = (RegOpenKeyExW_t)GetProcAddress(advapi32, "RegOpenKeyExW");
+ RegQueryValueExW_t RegQueryValueExW = (RegQueryValueExW_t)GetProcAddress(advapi32, "RegQueryValueExW");
+ RegCloseKey_t RegCloseKey = (RegCloseKey_t)GetProcAddress(advapi32, "RegCloseKey");
+
+ if (!RegOpenKeyExW || !RegQueryValueExW || !RegCloseKey) {
+ FreeLibrary(advapi32);
+ return STATUS_UNSUCCESSFUL;
+ }
HKEY hKey = NULL;
- PVOID lpData = NULL;
- DWORD dwLen = 0;
- DWORD type;
+ DWORD dwLen = 0x10000;
+ PVOID lpData = Dll_AllocTemp(dwLen);
+ if (!lpData) {
+ FreeLibrary(advapi32);
+ return STATUS_UNSUCCESSFUL;
+ }
+ DWORD type = 0;
// if not set we return no information, 0 length
- if (RegOpenKeyExW && RegOpenKeyExW(HKEY_CURRENT_USER, L"System\\SbieCustom\\", 0, KEY_READ, &hKey)) {
- RegQueryValueExW(hKey, L"SMBiosTable", 0, &type, lpData, &dwLen);
+ if (RegOpenKeyExW(HKEY_CURRENT_USER, L"System\\SbieCustom", 0, KEY_READ, &hKey) == ERROR_SUCCESS) {
+ if (RegQueryValueExW(hKey, L"SMBiosTable", NULL, &type, (LPBYTE)lpData, &dwLen) != ERROR_SUCCESS) {
+ dwLen = 0;
+ }
RegCloseKey(hKey);
}
*ReturnLength = dwLen;
if (dwLen > 0) {
- if (dwLen > BufferLength)
- return STATUS_BUFFER_TOO_SMALL;
- memcpy(Buffer, lpData, dwLen);
+ if (dwLen + sizeof(SYSTEM_FIRMWARE_TABLE_INFORMATION) > BufferLength) {
+ status = STATUS_BUFFER_TOO_SMALL;
+ goto cleanup;
+ }
+
+ firmwareTableInfo->TableBufferLength = dwLen;
+ memcpy(firmwareTableInfo->TableBuffer, lpData, dwLen);
}
- return STATUS_SUCCESS;
+ status = STATUS_SUCCESS;
+
+ cleanup:
+ Dll_Free(lpData);
+ FreeLibrary(advapi32);
+
+ return status;
}
}
diff --git a/Sandboxie/core/drv/file_flt.c b/Sandboxie/core/drv/file_flt.c
index 80f6f752..bbfa54fe 100644
--- a/Sandboxie/core/drv/file_flt.c
+++ b/Sandboxie/core/drv/file_flt.c
@@ -514,7 +514,7 @@ check:
// csrss.exe needs access to binaries of starting up processes.
//
- if (Util_IsCsrssProcess(PsGetCurrentProcessId()))
+ if (Util_IsSystemProcess(PsGetCurrentProcessId(), "csrss.exe"))
break;
status = STATUS_ACCESS_DENIED;
diff --git a/Sandboxie/core/drv/thread.c b/Sandboxie/core/drv/thread.c
index 795f849e..3baebce5 100644
--- a/Sandboxie/core/drv/thread.c
+++ b/Sandboxie/core/drv/thread.c
@@ -1138,7 +1138,8 @@ _FX ACCESS_MASK Thread_CheckObject_CommonEx(
if (protect_process /*&& MyIsProcessRunningAsSystemAccount(cur_pid)*/) {
if ((_wcsicmp(nptr, SBIESVC_EXE) == 0)
- || Util_IsCsrssProcess(cur_pid)
+ || Util_IsSystemProcess(cur_pid, "csrss.exe")
+ || Util_IsSystemProcess(cur_pid, "lsass.exe")
|| Util_IsProtectedProcess(cur_pid)
|| (_wcsicmp(nptr, L"conhost.exe") == 0)
|| (_wcsicmp(nptr, L"taskmgr.exe") == 0) || (_wcsicmp(nptr, L"sandman.exe") == 0))
diff --git a/Sandboxie/core/drv/util.c b/Sandboxie/core/drv/util.c
index aa66d147..4df32af7 100644
--- a/Sandboxie/core/drv/util.c
+++ b/Sandboxie/core/drv/util.c
@@ -566,12 +566,12 @@ retry:
//---------------------------------------------------------------------------
-// Util_IsCsrssProcess
+// Util_IsSystemProcess
//---------------------------------------------------------------------------
NTKERNELAPI PCHAR NTAPI PsGetProcessImageFileName(_In_ PEPROCESS Process);
-_FX BOOLEAN Util_IsCsrssProcess(HANDLE pid)
+_FX BOOLEAN Util_IsSystemProcess(HANDLE pid, const char* name)
{
PEPROCESS ProcessObject;
NTSTATUS status;
@@ -586,7 +586,7 @@ _FX BOOLEAN Util_IsCsrssProcess(HANDLE pid)
ImageFileName = PsGetProcessImageFileName(ProcessObject);
- ret = (_stricmp(ImageFileName, "csrss.exe") == 0);
+ ret = (_stricmp(ImageFileName, name) == 0);
ObDereferenceObject(ProcessObject);
}
diff --git a/Sandboxie/core/drv/util.h b/Sandboxie/core/drv/util.h
index 364bef42..d769334a 100644
--- a/Sandboxie/core/drv/util.h
+++ b/Sandboxie/core/drv/util.h
@@ -121,7 +121,7 @@ NTSTATUS MyValidateCertificate(void);
HANDLE Util_GetProcessPidByName(const WCHAR* name);
-BOOLEAN Util_IsCsrssProcess(HANDLE pid);
+BOOLEAN Util_IsSystemProcess(HANDLE pid, const char* name);
BOOLEAN Util_IsProtectedProcess(HANDLE pid);
diff --git a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
index 2660a9a9..e7962ff9 100644
--- a/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/OptionsWindow.ui
@@ -4687,16 +4687,6 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
Privacy
- -
-
-
- -
-
-
- Show Templates
-
-
-
-
@@ -4707,50 +4697,13 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
- -
-
+
-
+
- Add Process
+ Hide host processes from processes running in the sandbox.
-
-
- -
-
-
-
- true
- true
-
-
-
- Process Hiding
-
-
-
- -
-
-
- Use a custom Locale/LangID
-
-
-
- -
-
-
- Qt::Vertical
-
-
-
- 20
- 40
-
-
-
-
- -
-
-
- Don't allow sandboxed processes to see processes running outside any boxes
+
+ true
@@ -4767,40 +4720,20 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
- -
-
+
-
+
+
+ Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior.
+
- Remove
+ Prevent sandboxed processes from accessing system deatils through WMI (see tooltip for more Info)
- -
-
+
-
+
- Hide host processes from processes running in the sandbox.
-
-
- true
-
-
-
- -
-
-
- Don't allow sandboxed processes to see processes running in other boxes
-
-
-
- -
-
-
-
- true
- true
-
-
-
- Data Protection
+ Don't allow sandboxed processes to see processes running outside any boxes
@@ -4821,13 +4754,90 @@ This is done to prevent rogue processes inside the sandbox from creating a renam
- -
-
-
- Some programs read system deatils through WMI(A Windows built-in database) instead of normal ways. For example,"tasklist.exe" could get full processes list even if "HideOtherBoxes" is opened through accessing WMI. Enable this option to stop these heavior.
+
-
+
+
+
+ true
+ true
+
- Prevent sandboxed processes from accessing system deatils through WMI (see tooltip for more Info)
+ Process Hiding
+
+
+
+ -
+
+
+ Add Process
+
+
+
+ -
+
+
+ Use a custom Locale/LangID
+
+
+
+ -
+
+
+ Remove
+
+
+
+ -
+
+
+
+ true
+ true
+
+
+
+ Data Protection
+
+
+
+ -
+
+
+ -
+
+
+ Show Templates
+
+
+
+ -
+
+
+ Qt::Vertical
+
+
+
+ 20
+ 40
+
+
+
+
+ -
+
+
+ Don't allow sandboxed processes to see processes running in other boxes
+
+
+
+ -
+
+
+ Dump the current Firmare Tables to HKCU\System\SbieCustom
+
+
+ Dump FW Tables
diff --git a/SandboxiePlus/SandMan/Forms/SettingsWindow.ui b/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
index 073b00c6..d83142cb 100644
--- a/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
+++ b/SandboxiePlus/SandMan/Forms/SettingsWindow.ui
@@ -2196,7 +2196,41 @@ Unlike the preview channel, it does not include untested, potentially breaking,
Sandboxie.ini Presets
- -
+
-
+
+
+ Only Administrator user accounts can use Pause Forcing Programs command
+
+
+
+ -
+
+
+ Qt::Horizontal
+
+
+
+ 40
+ 20
+
+
+
+
+ -
+
+
+ Watch Sandboxie.ini for changes
+
+
+
+ -
+
+
+ Only Administrator user accounts can make changes
+
+
+
+ -
Qt::Vertical
@@ -2209,46 +2243,10 @@ Unlike the preview channel, it does not include untested, potentially breaking,
- -
-
-
- Clear password when main window becomes hidden
-
-
-
- -
-
-
- Only Administrator user accounts can use Pause Forcing Programs command
-
-
-
- -
-
-
- Watch Sandboxie.ini for changes
-
-
-
- -
-
-
- Change Password
-
-
-
- -
-
-
- Only Administrator user accounts can make changes
-
-
-
- -
+
-
- 75
true
true
@@ -2258,25 +2256,33 @@ Unlike the preview channel, it does not include untested, potentially breaking,
- -
+
-
+
+
+ Clear password when main window becomes hidden
+
+
+
+ -
Password must be entered in order to make changes
- -
-
-
- Qt::Horizontal
+
-
+
+
+ Change Password
-
-
- 40
- 20
-
+
+
+ -
+
+
+ Always run SandMan UI as Admin
-
+
diff --git a/SandboxiePlus/SandMan/Helpers/WinAdmin.cpp b/SandboxiePlus/SandMan/Helpers/WinAdmin.cpp
index 52535ac9..54ca5a88 100644
--- a/SandboxiePlus/SandMan/Helpers/WinAdmin.cpp
+++ b/SandboxiePlus/SandMan/Helpers/WinAdmin.cpp
@@ -164,4 +164,336 @@ bool AutorunEnable (bool is_enable)
}
return false;
-}
\ No newline at end of file
+}
+
+//////////////////////////////////////////////////////////////////////////////////
+// Skip UAC
+
+#define SKIP_UAC_TASK_NAME APP_NAME L"_SkipUac"
+
+#include
+#include
+
+struct MBSTR
+{
+ MBSTR (LPCWSTR asString = nullptr)
+ {
+ ms_bstr = asString ? SysAllocString (asString) : nullptr;
+ }
+
+ ~MBSTR ()
+ {
+ Free ();
+ }
+
+ operator BSTR() const
+ {
+ return ms_bstr;
+ }
+
+ MBSTR& operator=(LPCWSTR asString)
+ {
+ if (asString != ms_bstr)
+ {
+ Free ();
+ ms_bstr = asString ? ::SysAllocString (asString) : NULL;
+ }
+
+ return *this;
+ }
+
+ void Free ()
+ {
+ if (ms_bstr)
+ {
+ SysFreeString (ms_bstr);
+ ms_bstr = nullptr;
+ }
+ }
+protected:
+ BSTR ms_bstr;
+};
+
+bool SkipUacEnable (bool is_enable)
+{
+ bool result = false;
+ bool action_result = false;
+
+ ITaskService* service = nullptr;
+ ITaskFolder* folder = nullptr;
+ ITaskDefinition* task = nullptr;
+ IRegistrationInfo* reginfo = nullptr;
+ IPrincipal* principal = nullptr;
+ ITaskSettings* settings = nullptr;
+ IActionCollection* action_collection = nullptr;
+ IAction* action = nullptr;
+ IExecAction* exec_action = nullptr;
+ IRegisteredTask* registered_task = nullptr;
+
+ wchar_t szPath[MAX_PATH];
+ if (!GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
+ return false;
+ std::wstring::size_type pos = std::wstring(szPath).find_last_of( L"\\/" );
+ std::wstring dir = std::wstring(szPath).substr(0, pos);
+
+ MBSTR root (L"\\");
+ MBSTR name (SKIP_UAC_TASK_NAME);
+ MBSTR author (APP_NAME);
+ MBSTR path (szPath);
+ MBSTR directory (dir.c_str());
+ MBSTR args (L"$(Arg0)");
+ MBSTR timelimit (L"PT0S");
+
+ VARIANT vtEmpty = {VT_EMPTY};
+
+ if (SUCCEEDED (CoInitializeEx (nullptr, COINIT_APARTMENTTHREADED)))
+ {
+ //if (SUCCEEDED (CoInitializeSecurity (nullptr, -1, nullptr, nullptr, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, 0, nullptr)))
+ {
+ if (SUCCEEDED (CoCreateInstance (CLSID_TaskScheduler, nullptr, CLSCTX_INPROC_SERVER, IID_ITaskService, (LPVOID*)&service)))
+ {
+ if (SUCCEEDED (service->Connect (vtEmpty, vtEmpty, vtEmpty, vtEmpty)))
+ {
+ if (SUCCEEDED (service->GetFolder (root, &folder)))
+ {
+ // create task
+ if (is_enable)
+ {
+ if (SUCCEEDED (service->NewTask (0, &task)))
+ {
+ if (SUCCEEDED (task->get_RegistrationInfo (®info)))
+ {
+ reginfo->put_Author (author);
+ reginfo->Release ();
+ }
+
+ if (SUCCEEDED (task->get_Principal (&principal)))
+ {
+ principal->put_RunLevel (TASK_RUNLEVEL_HIGHEST);
+ principal->Release ();
+ }
+
+ if (SUCCEEDED (task->get_Settings (&settings)))
+ {
+ settings->put_AllowHardTerminate (VARIANT_BOOL (FALSE));
+ settings->put_StartWhenAvailable (VARIANT_BOOL (FALSE));
+ settings->put_DisallowStartIfOnBatteries (VARIANT_BOOL (FALSE));
+ settings->put_StopIfGoingOnBatteries (VARIANT_BOOL (FALSE));
+ settings->put_MultipleInstances (TASK_INSTANCES_PARALLEL);
+ settings->put_ExecutionTimeLimit (timelimit);
+
+ settings->Release ();
+ }
+
+ if (SUCCEEDED (task->get_Actions (&action_collection)))
+ {
+ if (SUCCEEDED (action_collection->Create (TASK_ACTION_EXEC, &action)))
+ {
+ if (SUCCEEDED (action->QueryInterface (IID_IExecAction, (LPVOID*)&exec_action)))
+ {
+ if (
+ SUCCEEDED (exec_action->put_Path (path)) &&
+ SUCCEEDED (exec_action->put_WorkingDirectory (directory)) &&
+ SUCCEEDED (exec_action->put_Arguments (args))
+ )
+ {
+ action_result = true;
+ }
+
+ exec_action->Release ();
+ }
+
+ action->Release ();
+ }
+
+ action_collection->Release ();
+ }
+
+ if (action_result)
+ {
+ if (SUCCEEDED (folder->RegisterTaskDefinition (
+ name,
+ task,
+ TASK_CREATE_OR_UPDATE,
+ vtEmpty,
+ vtEmpty,
+ TASK_LOGON_INTERACTIVE_TOKEN,
+ vtEmpty,
+ ®istered_task)
+ ))
+ {
+ {
+ //ConfigSet (L"SkipUacIsEnabled", true);
+ result = true;
+
+ registered_task->Release ();
+ }
+ }
+
+ task->Release ();
+ }
+ }
+ }
+ else
+ {
+ // remove task
+ result = SUCCEEDED (folder->DeleteTask (name, 0));
+
+ //ConfigSet (L"SkipUacIsEnabled", false);
+ }
+
+ folder->Release ();
+ }
+ }
+
+ service->Release ();
+ }
+ }
+
+ CoUninitialize ();
+ }
+
+ return result;
+}
+
+bool SkipUacRun (bool test_only)
+{
+ bool result = false;
+
+ ITaskService* service = nullptr;
+ ITaskFolder* folder = nullptr;
+ IRegisteredTask* registered_task = nullptr;
+
+ ITaskDefinition* task = nullptr;
+ IActionCollection* action_collection = nullptr;
+ IAction* action = nullptr;
+ IExecAction* exec_action = nullptr;
+
+ IRunningTask* running_task = nullptr;
+
+ wchar_t szPath[MAX_PATH];
+ if (!GetModuleFileName(NULL, szPath, ARRAYSIZE(szPath)))
+ return false;
+
+ MBSTR root (L"\\");
+ MBSTR name (SKIP_UAC_TASK_NAME);
+
+ VARIANT vtEmpty = {VT_EMPTY};
+
+ if (SUCCEEDED (CoInitializeEx (nullptr, COINIT_APARTMENTTHREADED)))
+ {
+ //if (SUCCEEDED (CoInitializeSecurity (nullptr, -1, nullptr, nullptr, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, nullptr, 0, nullptr)))
+ {
+ if (SUCCEEDED (CoCreateInstance (CLSID_TaskScheduler, nullptr, CLSCTX_INPROC_SERVER, IID_ITaskService, (LPVOID*)&service)))
+ {
+ if (SUCCEEDED (service->Connect (vtEmpty, vtEmpty, vtEmpty, vtEmpty)))
+ {
+ if (SUCCEEDED (service->GetFolder (root, &folder)))
+ {
+ if (SUCCEEDED (folder->GetTask (name, ®istered_task)))
+ {
+ if (SUCCEEDED (registered_task->get_Definition (&task)))
+ {
+ if (SUCCEEDED (task->get_Actions (&action_collection)))
+ {
+ if (SUCCEEDED (action_collection->get_Item (1, &action)))
+ {
+ if (SUCCEEDED (action->QueryInterface (IID_IExecAction, (LPVOID*)&exec_action)))
+ {
+ BSTR path = nullptr;
+
+ exec_action->get_Path (&path);
+
+ PathUnquoteSpaces (path);
+
+ // check path is to current module
+ if (_wcsicmp (path, szPath) == 0)
+ {
+ if (test_only)
+ {
+ result = true;
+ }
+ else
+ {
+ std::wstring args;
+
+ // get arguments
+ {
+ INT numargs = 0;
+ LPWSTR* arga = CommandLineToArgvW(GetCommandLine(), &numargs);
+
+ for (INT i = 1; i < numargs; i++) {
+ if (i > 1)
+ args.append(L" ");
+ args.append(arga[i]);
+ }
+
+ LocalFree(arga);
+ }
+
+ variant_t params = args.c_str();
+
+ if (SUCCEEDED(registered_task->RunEx(params, TASK_RUN_NO_FLAGS, 0, nullptr, &running_task)))
+ {
+ UINT8 count = 3; // try count
+
+ do
+ {
+ QThread::msleep(250);
+
+ TASK_STATE state = TASK_STATE_UNKNOWN;
+
+ running_task->Refresh();
+ running_task->get_State(&state);
+
+ if (
+ state == TASK_STATE_RUNNING ||
+ state == TASK_STATE_READY ||
+ state == TASK_STATE_DISABLED
+ )
+ {
+ if (
+ state == TASK_STATE_RUNNING ||
+ state == TASK_STATE_READY
+ )
+ {
+ result = true;
+ }
+
+ break;
+ }
+ } while (count--);
+
+ running_task->Release();
+ }
+ }
+ }
+
+ exec_action->Release ();
+ }
+
+ action->Release ();
+ }
+
+ action_collection->Release ();
+ }
+
+ task->Release ();
+ }
+
+ registered_task->Release ();
+ }
+
+ folder->Release ();
+ }
+ }
+
+ service->Release ();
+ }
+ }
+
+ CoUninitialize ();
+ }
+
+ return result;
+}
diff --git a/SandboxiePlus/SandMan/Helpers/WinAdmin.h b/SandboxiePlus/SandMan/Helpers/WinAdmin.h
index 6c6a8215..211c1f6b 100644
--- a/SandboxiePlus/SandMan/Helpers/WinAdmin.h
+++ b/SandboxiePlus/SandMan/Helpers/WinAdmin.h
@@ -10,3 +10,6 @@ bool IsAdminUser(bool OnlyFull = false);
bool IsAutorunEnabled();
bool AutorunEnable(bool is_enable);
+
+bool SkipUacRun(bool test_only = false);
+bool SkipUacEnable(bool is_enable);
\ No newline at end of file
diff --git a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
index 639e0975..7dfc8513 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
+++ b/SandboxiePlus/SandMan/Windows/OptionsAdvanced.cpp
@@ -100,6 +100,7 @@ void COptionsWindow::CreateAdvanced()
connect(ui.chkHideFirmware, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.cmbLangID, SIGNAL(currentIndexChanged(int)), this, SLOT(OnAdvancedChanged()));
+ connect(ui.btnDumpFW, SIGNAL(clicked(bool)), this, SLOT(OnDumpFW()));
connect(ui.chkHideOtherBoxes, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
connect(ui.chkHideNonSystemProcesses, SIGNAL(clicked(bool)), this, SLOT(OnAdvancedChanged()));
@@ -266,7 +267,7 @@ void COptionsWindow::LoadAdvanced()
ShowTriggersTmpl();
//
- ui.chkHideFirmware->setChecked(m_pBox->GetBool("HideFirmwareInfo", true));
+ ui.chkHideFirmware->setChecked(m_pBox->GetBool("HideFirmwareInfo", false));
ui.cmbLangID->setCurrentIndex(ui.cmbLangID->findData(m_pBox->GetNum("CustomLCID", 0)));
@@ -1341,6 +1342,67 @@ void COptionsWindow::SaveDebug()
}
}
+#define WIN32_NO_STATUS
+typedef long NTSTATUS;
+
+#include "..\..\Sandboxie\common\win32_ntddk.h"
+
+typedef struct _SYSTEM_FIRMWARE_TABLE_INFORMATION {
+ ULONG ProviderSignature;
+ ULONG Action;
+ ULONG TableID;
+ ULONG TableBufferLength;
+ UCHAR TableBuffer[ANYSIZE_ARRAY];
+} SYSTEM_FIRMWARE_TABLE_INFORMATION, *PSYSTEM_FIRMWARE_TABLE_INFORMATION;
+
+#define FIRMWARE_TABLE_PROVIDER_ACPI 'ACPI'
+#define FIRMWARE_TABLE_PROVIDER_SMBIOS 'RSMB'
+
+typedef enum _SYSTEM_FIRMWARE_TABLE_ACTION {
+ SystemFirmwareTable_Enumerate,
+ SystemFirmwareTable_Get
+} SYSTEM_FIRMWARE_TABLE_ACTION;
+
+void COptionsWindow::OnDumpFW()
+{
+ ULONG returnLength = 0;
+ NTSTATUS status;
+ SYSTEM_FIRMWARE_TABLE_INFORMATION* firmwareTableInfo;
+ ULONG firmwareTableSize = sizeof(SYSTEM_FIRMWARE_TABLE_INFORMATION) + 0x10000; // Initial size
+
+retry:
+ firmwareTableInfo = (SYSTEM_FIRMWARE_TABLE_INFORMATION*)malloc(firmwareTableSize);
+ firmwareTableInfo->ProviderSignature = FIRMWARE_TABLE_PROVIDER_SMBIOS;
+ firmwareTableInfo->Action = SystemFirmwareTable_Get;
+ firmwareTableInfo->TableID = 0;
+ firmwareTableInfo->TableBufferLength = firmwareTableSize - sizeof(SYSTEM_FIRMWARE_TABLE_INFORMATION);
+
+ status = NtQuerySystemInformation(SystemFirmwareTableInformation, firmwareTableInfo, firmwareTableSize, &returnLength);
+
+ if (status == 0xC0000023L/*STATUS_BUFFER_TOO_SMALL*/) {
+ free(firmwareTableInfo);
+ firmwareTableSize += 0x10000;
+ goto retry;
+ }
+
+ if (!NT_SUCCESS(status))
+ CSandMan::ShowMessageBox(this, QMessageBox::Critical, tr("Failed to retrieve firmware table information."));
+ else if(firmwareTableInfo->TableBufferLength)
+ {
+ HKEY hKey;
+ DWORD disposition;
+ if(RegCreateKeyExW(HKEY_CURRENT_USER, L"System\\SbieCustom", 0, 0, 0, KEY_WRITE, NULL, &hKey, &disposition) == ERROR_SUCCESS)
+ {
+ if(RegSetValueExW(hKey, L"SMBiosTable", 0, REG_BINARY, firmwareTableInfo->TableBuffer, firmwareTableInfo->TableBufferLength) == ERROR_SUCCESS)
+ CSandMan::ShowMessageBox(this, QMessageBox::Information, tr("Firmware table saved successfully to host registry: HKEY_CURRENT_USER\\System\\SbieCustom
you can copy it to the sandboxed registry to have a different value for each box."));
+
+ RegCloseKey(hKey);
+ }
+ }
+
+ free(firmwareTableInfo);
+}
+
void COptionsWindow::InitLangID()
{
// Note: list by ChatGPT
diff --git a/SandboxiePlus/SandMan/Windows/OptionsWindow.h b/SandboxiePlus/SandMan/Windows/OptionsWindow.h
index 153b09cc..a8fbddd6 100644
--- a/SandboxiePlus/SandMan/Windows/OptionsWindow.h
+++ b/SandboxiePlus/SandMan/Windows/OptionsWindow.h
@@ -211,6 +211,8 @@ private slots:
void OnAddTerminateCmd();
void OnDelAuto();
+ void OnDumpFW();
+
void OnAddProcess();
void OnDelProcess();
void OnShowHiddenProcTmpl() { ShowHiddenProcTmpl(true); }
diff --git a/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp b/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
index 7559f36e..2f2f41df 100644
--- a/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
+++ b/SandboxiePlus/SandMan/Windows/SettingsWindow.cpp
@@ -433,6 +433,10 @@ CSettingsWindow::CSettingsWindow(QWidget* parent)
connect(ui.chkWatchConfig, SIGNAL(stateChanged(int)), this, SLOT(OnOptChanged())); // not sbie ini
+ connect(ui.chkSkipUAC, SIGNAL(stateChanged(int)), this, SLOT(OnSkipUAC()));
+ ui.chkSkipUAC->setEnabled(IsElevated());
+ m_SkipUACChanged = false;
+
connect(ui.chkAdminOnly, SIGNAL(stateChanged(int)), this, SLOT(OnProtectionChange()));
connect(ui.chkPassRequired, SIGNAL(stateChanged(int)), this, SLOT(OnProtectionChange()));
connect(ui.btnSetPassword, SIGNAL(clicked(bool)), this, SLOT(OnSetPassword()));
@@ -953,6 +957,7 @@ void CSettingsWindow::LoadSettings()
ui.chkMonitorSize->setChecked(theConf->GetBool("Options/WatchBoxSize", false));
ui.chkWatchConfig->setChecked(theConf->GetBool("Options/WatchIni", true));
+ ui.chkSkipUAC->setChecked(SkipUacRun(true));
ui.chkScanMenu->setChecked(theConf->GetBool("Options/ScanStartMenu", true));
ui.cmbIntegrateMenu->setCurrentIndex(theConf->GetInt("Options/IntegrateStartMenu", 0));
@@ -1657,6 +1662,8 @@ void CSettingsWindow::SaveSettings()
theConf->SetValue("Options/WatchBoxSize", ui.chkMonitorSize->isChecked());
theConf->SetValue("Options/WatchIni", ui.chkWatchConfig->isChecked());
+ if (m_SkipUACChanged)
+ SkipUacEnable(ui.chkSkipUAC->isChecked());
theConf->SetValue("Options/ScanStartMenu", ui.chkScanMenu->isChecked());
int OldIntegrateStartMenu = theConf->GetInt("Options/IntegrateStartMenu", 0);
diff --git a/SandboxiePlus/SandMan/Windows/SettingsWindow.h b/SandboxiePlus/SandMan/Windows/SettingsWindow.h
index ab11cfa6..058970d7 100644
--- a/SandboxiePlus/SandMan/Windows/SettingsWindow.h
+++ b/SandboxiePlus/SandMan/Windows/SettingsWindow.h
@@ -88,6 +88,8 @@ private slots:
void OnOptChanged();
+ void OnSkipUAC() { m_SkipUACChanged = true; OnOptChanged(); }
+
void OnChangeGUI() { m_bRebuildUI = true; OnOptChanged(); }
void OnFeaturesChanged() { m_FeaturesChanged = true; OnGeneralChanged(); }
void OnGeneralChanged() { m_GeneralChanged = true; OnOptChanged(); }
@@ -176,6 +178,7 @@ protected:
bool m_VolumeChanged;
bool m_CompatChanged;
bool m_RunChanged;
+ bool m_SkipUACChanged;
bool m_ProtectionChanged;
bool m_GeneralChanged;
bool m_FeaturesChanged;