Sandboxie and VirtualBox

At least 10 or 12 years ago I was experimenting with the virtual machine VirtualBox. Inside of VB, I had installed an older version of Windows. Everything was working perfect. Then I had a wild idea, could I open up VB inside of Sandboxie!? I tried it, and it worked. I had essentially sandboxed an entire operating system. When surfing the Internet I now had double protection, VB and Sandboxie (I know, keystroke loggers acquired during the same surfing session are another story). Everything continued to work perfectly but I eventually abandoned it when I purchased a new pc, never bothered to install VB again.

Fast forward to today, I decided to play once again. I installed VB but this time used Linux Mint as the guest OS, actually which guest OS is irrelevant to my question. Everything working perfectly. However this time, Sandboxie will not sandbox VB. I get an error message that reads:
"Failed to acquire the VirtualBox COM object.
Completely failed to instantiate CLSID_VirualBox:
ERROR_SERVICE-DOES-NOT_EXIST 0x80070424,
Component: VirtualBoxClientWrap
Interface: IVirtualBoxClient etc.etc."

I am using Sandboxie Classic 5.55.20, but I have absolutely no preference over Classic or Plus, this just happens to be the version currently on my system.

Any ideas how to get the current Sandboxie to sandbox the entire VB like the old Sandboxie did? This is no big deal, just having fun and mostly curious.
Thanks,
Acadia

 

Perhaps using a "compartment" box in the plus version (1.0.20<=>5.55.20) will work because it is much less restrictive (but also a 'supporter' feature).

 

I'm a huge fan and proponent of your nifty experiments @Acadia. Hope to try again with VB myself. But I must admit that I never tried to sandboxie a whole O/S before. It might be interesting if something like that could actually work with today's updated modern programs

 

Thanks soccerfan, but that did not work, getting same error message. But having fun playing with Plus version.
Acadia

 

I don't get it. Do you mean you was able to run Sandboxie inside a virtualized Windows OS via VirtualBox? Because you do realize that VirtualBox already is in fact a sandbox, so it doesn't make sense to run it under control of Sandboxie, which shouldn't even be possible, so I think you probably explained it incorrectly.

 

It was worth a try! Btw, around 10 years ago, I played around with portable virtualbox on my Win7 machine (https://www.vbox.me/). I installed a licensed copy of WinXP pro SP2, and inside it sbie v3.46. Worked like a charm. When I get home at the end of the month, maybe I will try to run that VB in sbie plus just for kicks

 

I would right-click on the VirtualBox Icon. Then I would click on the menu that appeared, Run Sandboxed. Virtualbox would then start up inside Sandboxie. Then, using VB, I would boot into the older version of Windows. The entire older OS was contained inside of VB, which in turn was contained inside of Sandboxie. A sandbox within a sandbox. This worked beautifully for many months until I purchased a new pc.
Acadia

 

If you get it to work, please post back here. Years ago all I had to do was adjust the size of the sandbox to contain the entire Virualboxed operating system. But I only had to do that once. Good luck.
Acadia

 

VBox need to run a service*, not sure if sandboxie is capable to perform this. but like Rasheed it would say this is a pointless tryout. further Vbox has the ability to backup and reset a box (snapshots)
https://www.pugetsystems.com/labs/support-software/VirtualBox-4---Using-Snapshots-1914/

edit: service, not "server"

 

heh, I even installed Sandboxie on my Operating System that was inside VB, which was inside Sandboxie on my real Operating System. A sandbox inside a sandbox inside a sandbox. But I never used it like that, you can even have too many layers of protection.
Acadia

 

With an old Tzuk-Sandboxie I could sandbox Returnil (OS virtualisation like Shadow Defender/Toolwiz Timefreeze).

 

haha, nice joke, returnil. returnil was abandoned long ago and IMO was integrated into another software. was a decent alternative to sandboxie but not quite successful.

 

Not kidding at all. Sorry but Returnil ran sandboxed (around 2010 or earlier).

 

Will do. And thanks for the tip to first up the box size.
@deugniet a little ot but I still use Returnil on an XP laptop, along with David's first sbie incarnation, v5.40

 

same for me, in this order: sandboxie, shadow defender, virtualbox.

 

Right now I can't test anything. I have Linux Mint installed in the virtual machine and I don't know how to use it, except to surf the net.

But that's ok because I really don't test much anymore. Eventually you have to start trusting the security programs that you've got. I'm just having pure fun right now, playing with Linux and Sandboxie-Plus. Wish I could find a safe, cheap, LEGAL version of Windows to install in VB, then I could really play.

Acadia

 

I think you are completely misunderstanding. It's not possible to run complex software like VirtualBox under control from Sandboxie. It is however possible to install a virtual OS inside VirtualBox and then to run Sandboxie on it. I guess you could call this a sandbox in a sandbox, but not really since a virtual OS always need to be secured anyway, depending on how you use it.

In the past I used a virtual OS to test malware or security tools for example. What's so great about virtual machines is that you can reset multiple virtual machines in no time, at least with the snapshot function from VMware Workstation which I used. But again, VirtualBox needs no protection from Sandboxie or any other tool. It's aim is to let the user safely run virtual machines without affacting the real host machine.

 

Good safe practice of mine too. Not a fail yet in years on end.

 

No, YOU are the one misunderstanding. I ACTUALLY DID THIS!!

Below are some links from the good old days:
post number 41 of
https://www.wilderssecurity.com/thr...our-security-setup.346557/page-2#post-2248459

post number 18 of
https://www.wilderssecurity.com/threads/sandboxie-safe-to-run-active-x-control.234845/#post-1416689

post number 6 of
https://www.wilderssecurity.com/threads/hips-or-behavior-blocker.272562/#post-1677432

But I saved the best for last, this entire thread:
https://www.wilderssecurity.com/threads/virtualbox-linux-vm-inside-sandboxie.357813/#post-2322072

EDIT: Just found this one, post numbers 17 and 20:
https://www.wilderssecurity.com/threads/can-malware-cross-virtual-machines.280686/#post-1739078

 

OK cool, but this doesn't change anything to what I said. It's completely pointless to run certain apps like VirtualBox inside sandboxes controlled by Sandboxie since you don't gain anything, in fact you probably lessen the security provided by VirtualBox since it needs full and unrestricted access to be able to safely virtualize an OS. Weird that nobody has told you this in the other topics.

 

anything older than 2 years is not relevant. virtualbox do not run inside sandboxie, thats a fact, whatever users experienced 10 or more years ago.

concerning the comparison of VB under OS or VB in SB under OS this makes absolutely no difference for the installed OS in VB. the OS is maybe seeing VB only, but not more. it does not know about SB nor about the host OS. in fact for virtualbox the guest additions to share data with host would share data to sandboxie, not the host at first place.

so VB in SB is technically viewed totally futile and has no gain to anything, in fact it could break the host inside because SB will break VB functions which are needed for the boxed OS.

 

Bingo, success. Once again sandboxed an entire operating system, actually two. What is different this time around, I used VMWare's Workstation Pro instead of VirtualBox. Of course, the version of Sandboxie is newer too, I don't know if David would have changed anything. Using this deal that I saw posted somewhere,
https://www.pcworld.com/article/225...nses-for-59-from-pcworlds-software-store.html, I purchased another license for Win11. I had already purchased VMWare's Workstation and was experimenting with Zorin Linux. I created another Virtual Machine for the new Windows. Then I said to myself, let's try sandboxing EVERYTHING again, like I used to. Bingo, everything worked, and smoothly too, did not even have to make any adjustments to Sandboxie.

Again, both operating systems, Linux and Windows11, completely sandboxed, as long as they are inside of Workstation. Then I installed Sandboxie inside of the Windows VM, a sandbox inside a sandbox. Yeah, yeah, I know, "Acadia, you've got to listen to your own advice, and get outside in the fresh air and sunshine more often".
Acadia

 

I must admit, I still don't understand exactly what you mean. I suppose you mean you're running Sandboxie inside a VM? What's so cool and groundbreaking about this? Any app should be able to run correctly in a virtualized OS.

 

No, it's the other way around, I put VMWare inside of Sandboxie, and with VMWare containing a vm with Windows 11, all of Windows 11 automatically gets sandboxed.

I finally had to make an adjustment to Sandboxie, I had to increase the Copy File Size Limit inside the File Mitigation option; guess an entire OS was more than Sandboxie could handle under its default settings.
Acadia.