The powerful Icesword anti-rootkit tool has apparently very little problem breaking out of Sandboxie 2.11 (latest release, 19 October 2005).

Executing Icesword in a "sandboxed" environment leads to worrying results.

This is the picture of Icesword being executed with "File - > Run program" in Sandboxie; notice that, though working, it doesn't show in Sandboxie's process list.

http://img306.imageshack.us/img306/7107/immagine1kh.gif


Now let's do the following: from the sandboxed Icesword, let's terminate Sandboxie itself:

http://img52.imageshack.us/img52/6751/immagine26vo.gif


A few error alerts will show up: not too worring, though, as Icesword will happily continue to work. Sandboxie's Control.exe, on the other hand, is terminated with extreme prejudice. :P

http://img84.imageshack.us/img84/5273/immagine36xf.gif


Now let's save a log of the running processes from Icesword itself. Remember, the program wouldn't be able to access outside its sandbox if it were still under the control of Sandboxie:

http://img173.imageshack.us/img173/5875/immagine42zk.gif


Here's the "tested.log" file on the desktop. Clearly Icesword was able to reach outside the sandbox:

http://img152.imageshack.us/img152/4776/immagine55dh.gif


In other words, Sandboxie fails to stop rootkit-like programs from spreading outside the box. :o

Tested on Windows XP SP2. Note that this test didn't succeed every single time: in one occasion on the same computer, Sandboxie failed to launch Icesword in a sandboxed environment, complaining about failing to install Icesword's kernel module. Note that the Sandboxie kernel module was installed and running in all occasions.

BufferZone is the winner (edit: *against IceSword*) , here 8) ; IceSword can't even run inside the buffer zone!!! :o , it does stop dead rootkit-like programs, and then looks like a safe place...

(IceSword disapears from BufferZone GUI right when you click on IceSword initialization failure box)

;)

I ran test but more in line with using Sandboxie through the internet, I got the same results http://sandboxie.com/phpbb/viewtopic.php?t=110

I don't know what extent the results mean, could be virtual results.....if so I want to know how the test log got on my desktop and stayed there after I cleared the sandbox ???

-{ Quote: "

In other words, Sandboxie fails to stop rootkit-like programs from spreading outside the box. :o

Tested on Windows XP SP2. Note that this test didn't succeed every single time: in one occasion on the same computer, Sandboxie failed to launch Icesword in a sandboxed environment, complaining about failing to install Icesword's kernel module. Note that the Sandboxie kernel module was installed and running in all occasions." }-

If you let something get Kernel level access, it can pretty much do anything it likes. It's probably why NicM's test of bufferzone passed - because the error suggests that the driver was not loaded. (With the disclaimer - I've seen neither Sandboxie or Bufferzone - so I could be wrong)


Mike

-{ Quote: "The powerful Icesword anti-rootkit tool has apparently very little problem breaking out of Sandboxie 2.11 (latest release, 19 October 2005).

Executing Icesword in a "sandboxed" environment leads to worrying results./QUOTE]

Icesword is a powerful program but it isn't malaware or virii.Also you instigated the shutdown of Sandboxie.I can also shutdown ZAP and my resident AV,Attack Shield and Snoopfree with Icesword if I instigate,with no warnings given.

The author has stated that he doesn't know if sandboxie can stop all keyloggers or rootkits as he,being a one man show can only test so much.But Sandboxie will stop most Malaware that Adaware SE,Spybot and the like need signatures to find.

As I was already mentioned, Sandboxie has very low protection level. You should use another sandbox protection (DefenseWall, BufferZone).

I am happy to see someone found what I learned a while back . I read all the great things about Sandboxie . For me , it is useless . It is , INDEED , weak . A shame more p[eople do not see this . But , if you feel protected by that , or any other app , feel free . I only use things that offer strong protection . This is why I tested it and moved on very quickly . It may have a place somewhere but , not as a protective device .
By the way . BZ is excellent . Those guys really care about what people think about their software . that is a nice touch .

Hello, I'm the author of Sandboxie. Thanks for the tip, TNT -- this IceSword is doing interesting things! :o I will look into it.

Sandboxie failed to launch Icesword in a sandboxed environment, complaining about failing to install Icesword's kernel module.

This is not a failure of Sandboxie, it is a failure of IceSword. It means that Icesword has been successfully sandboxed on this occasion. The issue for the programmer is why Icesword sometimes slips out the box. I expect the author will look at the problem and there will be a fix. Jeez haven't you guys ever heard of a 'work in progress' ?. But congratulations, even as we post dozens of people will be uninstalling Sandboxie and installing BufferZone (which is also beta and has troubles of its own).

-{ Quote: "Sandboxie failed to launch Icesword in a sandboxed environment, complaining about failing to install Icesword's kernel module.

This is not a failure of Sandboxie, it is a failure of IceSword. It means that Icesword has been successfully sandboxed on this occasion." }-And I am perfectly aware of that, thanks. In fact, THIS should be the regular behavior, not the one exception that happens once in a while. Even if Icesword happened to fail 100 times and be successful in breaking out one time, it would certainly be a problem in Sandboxie; as it is (it gets executed and successfully breaks out most of the time), it is a BIG problem in Sandboxie.

I am not bashing Sandboxie or anything like that, I am just pointing out what's very clearly a security flaw in it, hoping that it's going to be fixed soon; both for users and for the reputation of this product itself.

Glad your here Tzuk.Seems your good and free prog is ruffling a few feathers in this forum.
Keep up the good work.No reboots and now some are calling it nagware.For a freebie,it definately out does signature based scanners.

-{ Quote: "As I was already mentioned, Sandboxie has very low protection level. You should use another sandbox protection (DefenseWall, BufferZone)." }-
Are you the author of another security program where it needs a reboot everytime?
Have you run Icesword through your program and what,if any results.

Did somebody checked the Icesword on any other HIDP or Virtualziaztion software ...
I will probably add this test to my Review i do on my blog ... currently i will review AntiHook 2.5 and Also BufferZone Home ... so i wil also check it with Icesword ...

-{ Quote: "Did somebody checked the Icesword on any other HIDP or Virtualziaztion software ...
I will probably add this test to my Review i do on my blog ... currently i will review AntiHook 2.5 and Also BufferZone Home ... so i wil also check it with Icesword ..." }-

Thanks,should be interesting.

-{ Quote: " Jeez haven't you guys ever heard of a 'work in progress' ?. But congratulations, even as we post dozens of people will be uninstalling Sandboxie and installing BufferZone (which is also beta and has troubles of its own)." }-

My intention wasn't to bash Sandboxie, of course (sorry if some people did feel it that way), and this issue must just be related with the driver protection level offered by Sandboxie: as said Mike Nash, once an application can reach the kernel level, you can't stop it from doing its tricks. See http://www.wilderssecurity.com/showthread.php?t=104320
, everything is turning round the ability to prevent IceSword's driver install: you block it, IceSword can't run; you don't block it, then IceSword can bypass any protection you could ever use in front of it.

The fact that Sandboxie doesn't prevent it isn't a flaw, just a feature (hopefully all nasties don't have the "power" that IceSword can gain on a system); and tzuk's reply does maybe suggest that something could happen about that :)


The ONLY conclusion to draw from that, for me, is that IceSword, with its rootkit-like behaviour, is a very useful tool for testing purposes.

:)

-{ Quote: "Are you the author of another security program where it needs a reboot everytime?
Have you run Icesword through your program and what,if any results." }-Icesword couldn't install their driver. And failed.

So if IceSword just needs to load a driver, and SandBoxIE can't stop this, couldn't you just use a program along with SandboxIE that could block the loading of drivers like Prevx free for example? That should stop IceSword from loading then.

Or run as a limited user account?

Thanks Franklin, it's nice to be appreciated :)

A little clarification: Sandboxie aims to block kernel-mode code from loading. This can be seen when running some peaceful Sysinternals tools that load drivers, for example. They will not function well within the sandbox. The IceSword must be using another avenue for getting into kernel-mode, but almost certainly that avenue can be blocked just the same.

I thank you all for your interest :)

"I am not bashing Sandboxie or anything like that, I am just pointing out what's very clearly a security flaw in it, hoping that it's going to be fixed soon; both for users and for the reputation of this product itself."

I picked out a quote from your thread but I didn't mean to suggest you were 'bashing' Sandboxie. I think it was Karl Popper who said "if you criticize an argument you make it stronger". Similarly, by discovering this exploit hopefully you have helped to make Sandboxie stronger. So, thanks.

-{ Quote: "I am not bashing Sandboxie or anything like that, I am just pointing out what's very clearly a security flaw in it, hoping that it's going to be fixed soon; both for users and for the reputation of this product itself." }-

SandboxieUser, I just precise this quote wasn't for me :) , as your reply does look like it's dealing with mine (along with TNT's one).

Everyone who has donated time to testing this app deserves thanks from all who use it. For latest developments see http://sandboxie.com/phpbb/viewtopic.php?t=110

Runs very smoothly on my PC.

I am not computer-savvy enough to analyze a test with IceSword, but maybe some of you could download DW and take it for a spin around the block with IceSword and see what happens.

Search this forum for DefenseWall and the link in Ilyas first post will lead to the latest version of the program.

As Untrusted I only run Outlook, IE WMP and the default other untrusted apps - many of them I dont know what they are for - but probably Internet communication related. Other security apps are in trusted.

RegTest failed 100% - could not do anything to change anything when run from untrusted/the box - that test I could understand the result - and my DW performed as exspected.

Best Regards

I have a question about this whole issue, I´ve noticed that if I try to run IceSword sandboxed, I will still get notified by ZA Pro that IceSword is trying to load a driver. But ZA will not notify me when other sandboxed apps want to load a driver. So what´s up with this, can´t SBIE prevent IS from loading the driver or what? ::)

And btw, at the moment I´ve denied IS from installing the driver because i´ve read in another thread that this tool caused a lot of trouble for some people. Too bad becuase it looks like a cool tool, and it´s also not flagged as malware by none of the scanners. But can it perhaps cause conflicts with ZA Pro and PG Free? ???

Has anyone got a working download for this as every time I download this programme I get an error that the file is corrupt!

-{ Quote: "Has anyone got a working download for this as every time I download this programme I get an error that the file is corrupt!" }-

Which "this" are you referring to?

cheers

icesword!

Google is your friend :)

From http://www.techsupportalert.com/best_46_free_utilities.htm

[1] http://www.f-secure.com/blacklight/cure.shtml Windows 2000 and later, 911KB.
[2] http://www.xfocus.net/tools/200509/IceSword_en1.12.rar <= slow Chinese site, 565KB
[3] http://tinyurl.com/ckqsn <= Local mirror for IceSword

cheers

-{ Quote: "Google is your friend :)

From http://www.techsupportalert.com/best_46_free_utilities.htm

[1] http://www.f-secure.com/blacklight/cure.shtml Windows 2000 and later, 911KB.
[2] http://www.xfocus.net/tools/200509/IceSword_en1.12.rar <= slow Chinese site, 565KB
[3] http://tinyurl.com/ckqsn <= Local mirror for IceSword

cheers" }-Just in case somebody is reading this without reading the rest of the thread, I'll repeat what I said here in a later message and in the other: unlike what the subject says, IceSword is actually NOT able to break out of Sandboxie in normal conditions. I mistakenly thought I had found a Sandboxie security flaw at first, but this was not the case: Sandboxie DOES block IceSword from running in kernel level, unless IceSword is executed outside the sandbox before.

If IceSword is executed outside the sandbox, it loads its kernel driver, which is not "unloaded" when the IceSword program is shut down; only because of this reason Sandboxie is unable to stop it later on. If you start IceSword only in the sandbox, it won't run, because Sandboxie will block it from loading its driver. So this is not a flaw in Sandboxie. :)

-{ Quote: "
If IceSword is executed outside the sandbox, it loads its kernel driver, which is not "unloaded" when the IceSword program is shut down; only because of this reason Sandboxie is unable to stop it later on. If you start IceSword only in the sandbox, it won't run, because Sandboxie will block it from loading its driver. So this is not a flaw in Sandboxie. :)" }-

Hm :-\ , I recognize I didn't test it at the time this thread was active, as I didn't want to be polemical, but now that you raised it back...

I've tried the same procedure as yours, loading Icesword out of BufferZone, using it and closing it;
here I sent Icesword into BZ, and I must say my result is still different than yours: though the driver was previously loaded, Icesword is unable to gain access to it, and I get the "Initialization Failed[3]" error message. Icesword is running in Task Manager, but the GUI doesn't load, and you can't kill its process (which is using 80-90% cpu :ouch: in such circumstances). So yes it's loaded somehow in BZ, but in a way you couldn't use it: seems BZ driver protection is complete: it can't stop it neither, but can prevent its access outside the BZ.

Cheers,
nicM

Should apps like Ice Sword unload all drivers or is it proper that they don't?

-{ Quote: "Hm :-\ , I recognize I didn't test it at the time this thread was active, as I didn't want to be polemical, but now that you raised it back...

I've tried the same procedure as yours, loading Icesword out of BufferZone, using it and closing it;
here I sent Icesword into BZ, and I must say my result is still different than yours: though the driver was previously loaded, Icesword is unable to gain access to it, and I get the "Initialization Failed[3]" error message. Icesword is running in Task Manager, but the GUI doesn't load, and you can't kill its process (which is using 80-90% cpu :ouch: in such circumstances). So yes it's loaded somehow in BZ, but in a way you couldn't use it: seems BZ driver protection is complete: it can't stop it neither, but can prevent its access outside the BZ." }-Well, I don't think it really matters whether a malware reaches out of a sandbox or not, if it was already allowed to work in kernel level outside of the sandbox before: it sure would have been able to do any damage it wanted anyway, and the defense mechanism could not be trusted anymore (they could have been modified by the malware itself). The flaw in my analysis of the scenario in the first message is simply that I had not considered that IceSword could have left the kernel modified even when the executable was shut down (which in fact it did: its driver was still loaded).

The purpose of the sandbox is to test the file and contain the possible malware, stopping it from modifying the operating system or files outside the sandbox. If the malware had the 'upper hand' already (working as part of the kernel), and it 'knew' about the sandbox, the sandbox mechanism might be toast already.

I don't consider that Sandboxie scenario a flaw at all: the purpose of Sandboxie is to contain anything executed in the sandbox, not outside of it.

-{ Quote: "Has anyone got a working download for this as every time I download this programme I get an error that the file is corrupt!" }-
This one installed ok for me:

http://www.snapfiles.com/reviews/Sandboxie/sandboxie.html

-{ Quote: "

The purpose of the sandbox is to test the file and contain the possible malware, stopping it from modifying the operating system or files outside the sandbox. If the malware had the 'upper hand' already (working as part of the kernel), and it 'knew' about the sandbox, the sandbox mechanism might be toast already.

I don't consider that Sandboxie scenario a flaw at all: the purpose of Sandboxie is to contain anything executed in the sandbox, not outside of it." }-

Yes, I concur :) , is just a difference of behaviour in communication between the sandboxed zone and the normal one: in all case NOT the way the sandbox protection is mean to be used, for both Sandboxie and BufferZone.

Cheers,
nicM

Btw, it was a false alarm, Sandboxie really works, also on my system, read my post in the SBIE forum. ;)

http://sandboxie.com/phpbb/viewtopic.php?t=110&start=15