Skip to content
/ BypassSbieProcIsolate Public

The purpose of this project is to investigate some ways that process isolation can be bypassed in sandboxie. Then limit the number of own processes in the sandbox

8 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

LYingSiMon/BypassSbieProcIsolate

BranchesTags

Repository files navigation

BypassSbieProcIsolate

The purpose of this project is to investigate some ways that process isolation can be bypassed in sandboxie. Then limit the number of own processes in the sandbox.This is a long-term project and I will continue to update it.

True purpose

sandboxie has some inadequacies in process isolation. This project was designed to detect sandboxie's process isolation weaknesses and try to fix them.

method for detecting the number of own processes

  • process enum (Or other features of the process, such as window features)
    • CreateToolhelp32Snapshot
    • EnumProcesses
    • WTSEnumerateProcess
    • ZwQuerySystemInformation
    • DirectSystemCalls
    • OpenProcess
    • Performance Data
    • Performance Data Helper
  • inter process Communication inside (such as Shared memory, socket ...)
  • inter process Communication outside (such as file, regedit ...)
  • upload hwid (or other unique identification) to server, then Check how many of the same hwid exist simultaneously
  • Resource exclusives can also be used if only one process is allowed to open

warning

Since this is test code, there are some coding specification issues. And I'm not going to fix them 🙄

todo

modify sandboxie code to Plug these holes.

About

The purpose of this project is to investigate some ways that process isolation can be bypassed in sandboxie. Then limit the number of own processes in the sandbox

Resources

Readme
Activity

Stars

8 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages