Sandboxie Plus (Sbie fork)

Discussion in 'sandboxing & virtualization' started by DavidXanatos, Apr 9, 2020.

  1. Survivor

    Survivor Registered Member

    Joined:
    Jul 11, 2020
    Posts:
    55
    Location:
    Land of Oz
    Mate, I give up. I used for some time the Plus version only. So I uninstalled and installed 1a, total crash no game possible. However as you said, this would be the same as the experimental one before. So I was going to try the SB normal experimental, not working anymore. The one before, no. OK, then the plus versions, same. Tried 2 previous standard and plus and none gives the same behaviour. Error, but I can play, they just plain crash. So now not even the previous ones work the same. There are just too much unknown parameter, which make no sense anymore. Not sure if you have any idea, but nothing makes sense with those errors. With Win 7, there were never such akward issues with SBIE. This is not related to what you did, I put the blame pure and simple on MS F***** Win 10.
    I will try some more things, but for now, I am just like WTH. You would at least expect that the results from before would still be the same, but noooo. I will post back, if I find something, which makes sense. Just wanted to let you know as soon as possible. :confused:

    UPDATE!!: Noita is fixed! With the latest official SBIE+ version. I tried new box, deleted save files on unsandboxed in sandboxes, ... Nothing worked. Then I tried the default box, with the outside sandbox moved folder. Worked. Exactly one time. So, of course I suspected some save, again killed all, still crash. The breakthrough was in the game itself, all kind of settings, tried, nothing. Then I saw a fun little one, which we all love, connection to the dev server. Oho, didn't expect this, once in a while I didn't look for such thing. Switched it off. BAM flawless. This function crashs the program in the sanbox, with and without internet blocked. Must a be a ball of interesting stuff it does.

    Anything you would like to investigate on this function?

    The weird thing is the random, works, doesn't work with new SBIE+, then not at all anymore in any version. In the end it is something like this. I wonder what the sneakers do there.

    Addendum: After some cooldown, it could be harmless, as there is a daily run in the game which needs a seed for the level, which comes from their server. Still not sure what it does, that it creates such memory errors in SBIE(+)
     
    Last edited: Nov 18, 2020
  2. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,585
    Location:
    .
    @DavidXanatos
    Please add Edge Template to WebBrowser/Web Browser like Chrome -
    png_8122.png png_8123.png
    Thanks
     
  3. henryg1

    henryg1 Registered Member

    Joined:
    Jun 14, 2020
    Posts:
    72
    Location:
    uk
    FYI 5.44.1 x64 working fine on my system, but as usual I have to uninstall, reboot, and reinstall for it to work - not a big deal but never used to need this. And it still doesn't realise I have SB installed in a non-standard location when I come to uninstall.
     
  4. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    707
    Location:
    usa
    I've updated David's Sandboxie to Version 5.44.1 without any glitches, without any restart, without any re-install on my Windows 10 - 20H2 - computers.
    Just wanted to express my Big Thanks to David!
     
  5. algol1

    algol1 Registered Member

    Joined:
    Aug 10, 2020
    Posts:
    33
    Location:
    Vienna, Austria
    @DavidXanatos Many thanks for the effort and the considerable improvements offered by the new version. Here are my 2cts.

    Installation of the classic version: same bug with non-ProgramFiles-location. First installation-run failes after reboot, no service and driver started, tray-icon with exclamation-mark on top. When now installed for a 2nd time, no reboot required and successful installation.

    After some tests (opera error message still comes up) I uninstalled (I had to correct the wrongfully offered path again) and tried out the new Plus-version. 2 runs necessary as well. After the first: no icon, no sandbox. After 2nd run Opera will start there without any complaints and also the sluggish behavior of Roboform-extension for filling in login-data is gone.

    Terminating the processes right from the icon now works quickly and with success. However for using the Plus for production-version there is still a steep hill to climb.

    Could you give us some raw estimate until when the "quick-recovery" & "immediate recovery"-functionality can be expected to be implemented? For security reasons I want the sandbox to be terminated as soon as the relevant browsers have all closed. However it is an absolute deal-breaker that the Plus-version will not offer any reminder as to transfer all the downloads from user-specified folders into their "real world"-counterparts in time and then pause to letting the user decide before the sandbox will actually terminate. Even better - in the classic version I made use of the "immediate recovery"-feature where at the success of every download a pop-up would offer me a chance to decide whether to transfer the file out of the sandbox right away and keep it - or let it die at the end of that browser-session together with the whole sandbox shutting down.

    In the Plus-version I now feel a little bit like Sisyphos - I either will have to remember the downloads before closing the browser - or I'll have to do them all over again.:gack:
     
  6. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    646
    Location:
    Viena
    @algol1 So you are using it with the auto delete option enabled, I see that than auto recovery may indeed be quite important.
    I only delete the box content by hand, so I have all time in the world to look with explorer in it and extract whatever I may need.

    I'm currently working on a interactive prompt mechanism that would allow users to
    1. bypass the file migration size limit as to allow in real time to copy a to large file into the sandbox
    2. allow to bypass the internet blockade for any given process
    3. may be also to bypass process start restrictions

    This works by showing a PopUp notification by SandMan.exe and prompting the user to decide, in cases 2 and 3 the UI must also tell the driver that a particular restriction has to be lifted for the process that initiated the request.

    Since I need a PopUp mechanism for that anyways I could look into adding the recovery stuff at that occasion.
    So I may add it to the next build but if it shows to be to much work I will postpone it for much later.
     
  7. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,585
    Location:
    .
    Hi @DavidXanatos
    I'm still curious (#346) how to allow Microsoft Defender SmartScreen to work from my Edge sandbox -?
    Outside my Edge sandbox - Edge Microsoft Defender SmartScreen works -
    Inside my Edge sandbox - Edge Microsoft Defender SmartScreen does not work -
    https://demo.smartscreen.msft.net/
     
  8. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    15,275
    Location:
    UK
    Using 5.44.1 I was watching a TV program on BBC iplayer when Defender popup up with a PUP (potentially unwanted program)
    I asked it to remove it. Then Defender said I needed to reboot to complete the removal.
    Upon restart Sbie was broken (red exclamation mark on sbie taskbar icon etc) and Defender then told me that the PUP was in the sbie driver.
    I had to go back into Defender threats history, change it to allow the PUP, restart, reinstall 5.44.1. over the top in order to get sbie working.
    So if your av flags this pup, it may not be a good idea to remove it.
    Screenshot 2020-11-20 113529.jpg
     
  9. algol1

    algol1 Registered Member

    Joined:
    Aug 10, 2020
    Posts:
    33
    Location:
    Vienna, Austria
    Yes, and since many interestingly-looking non-mainstream-web-sites (for instance for "free" downloads) tend to just lure the user inside with empty promises and then turn out only to leave suspicious stuff behind instead, I would very much like to keep it that way.;)
    Really sounds great to hear that. Perhaps not all the recovery-stuff would be needed in a first step. Just let the user decide in SandMan which specific folders to monitor. And if one of them turns out not to be empty when shutting down the sandbox - then simply pause shutting down and offer via that pop-up to "redeem" the files in there to their real-world-folder-counterparts. An option to save to a different folder with browsing-the-disk-capability is not that important in a first step.

    Thanks again for all the effort and rest assured that any step towards recovery-functionality would be highly appreciated.
     
    Last edited: Nov 20, 2020 at 7:47 AM
  10. kingking

    kingking Registered Member

    Joined:
    Saturday
    Posts:
    1
    Location:
    Germany
    When I open some websites in sandboxed Chrome, Chrome crashed.

    E.g. www.tradingview.com

    I have Chrome 87 and Sondboxie 5.44.1
     
  11. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    15,275
    Location:
    UK
  12. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    707
    Location:
    usa
    During the installation of v.5.44.1, my BitDefender found 6 "infected files", but Sandboxie is working.
    Go figure...

    DaSa1.JPG DaSa2.JPG DaSa3.JPG DaSa4.JPG DaSa5.JPG DaSa6.JPG
     
  13. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    707
    Location:
    usa


    I'm currently using Maiar (Chrome based) and DaSa v.5.44.1, and don't have any issues viewing/browsing that tradingview site.
     
  14. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    15,275
    Location:
    UK
    That may be because the latest version of Maiar browser uses Chromium version 81.0.4044.138 (which is way behind what it should be to be up to date)
     
  15. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    707
    Location:
    usa
    Maybe.

    P.S. Don't get me wrong, but I truly don't understand that knowledgeable people from wilderssecurity using Chromium or Edge.
    It's so funny.
    I turn my VPN and start Edge with another VPN extension - the "Double Fortress", but Edge proudly shows me the temperature in my REAL CITY!!!
     
  16. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    707
    Location:
    usa
    Just a side question for you as Global Moderator.
    I have used Vivaldi to post my previous comment, and then, I cleaned my history and closed the Sandboxed Vivaldi.
    Now, I've opened Firefox and came to wilderssecurity, and, WOW, it showed that I was still "on-line", logged ino_O
    Go figure...
     
  17. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    3,465
    This (and other forums) have a timeout around 15 minutes after leaving, cookies or not. This is NOT browser depending.
     
  18. 100

    100 Registered Member

    Joined:
    Saturday
    Posts:
    2
    Location:
    -
    I get the following errors on a virtualized Windows 10H2 x64 when watching Youtube videos with Vivaldi x64 (Sandboxie x64 classic 5.44.1 and 5.43.7). On Windows 7 x64 this error doesn't occur with the same Sandboxie configuration.

    Code:
    SBIE2303 Kein Hook möglich für CoGetObject (33, 1655)
    SBIE2303 Kein Hook möglich für RegisterDragDrop (33, 1655)
    SBIE2318 DLL Initialisierung fehlgeschlagen für 'ole32.dll'
    SBIE2303 Kein Hook möglich für CM_Add_Driver_PackageW (33, 1655)
    SBIE2318 DLL Initialisierung fehlgeschlagen für 'cfgmgr32.dll'
    SBIE2303 Kein Hook möglich für SetCurrentProcessExplicitAppUserModelID (33, 1655)
    Edit: The same with the Brave x64 and Edge Browser. It seems that it affects all Chromium based browsers. Firefox x64 is not affected.
     
    Last edited: Nov 21, 2020 at 4:16 PM
  19. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,585
    Location:
    .
    "Could not hook" and "DLL initialization failed" #166
    https://github.com/sandboxie-plus/Sandboxie/issues/166#issue-728893401
     
  20. david banner

    david banner Registered Member

    Joined:
    Nov 24, 2007
    Posts:
    657
    How does this work I unzipped but do not see any exe?
     
  21. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    3,585
    Location:
    .
    # Sandboxie

    Sandboxie is sandbox-based isolation software for 32- and 64-bit Windows NT-based operating systems. It was developed by Sophos (which acquired it from Invincea, which acquired it earlier from the original author Ronen Tzur). It creates a sandbox-like isolated operating environment in which applications can be run or installed without permanently modifying the local or mapped drive. An isolated virtual environment allows controlled testing of untrusted programs and web surfing.

    # Sandboxie-Plus
    Adds new functionality like box snapshots, and better logging/tracing and provides a new Qt based UI to utilize that functionality.

    ## Sandboxie-Classic Documentation

    The archived documentation of sandboxie can be found at: https://xanasoft.com/sandboxie/


    ## History

    Sandboxie was initially released in 2004 as a tool for sandboxing Internet Explorer. Over time, the program was expanded to support other browsers and arbitrary Win32 applications.

    In December 2013, Invincea announced the acquisition of Sandboxie.

    In February 2017, Sophos announced the acquisition of Invincea. Invincea posted an assurance in Sandboxie's website that for the time being Sandboxie's development and support would continue as normal.

    In September 2019, Sophos switched to a new license.

    In 2020 Sophos has released Sandboxie as Open Source under the GPLv3 licence to the community for further developement and maintanance.

    ## Support

    If you like the tool please consider supporting it on Patreon: https://www.patreon.com/DavidXanatos or directly through paypal with the donation link on my home page: https://xanasoft.com/


    SANDBOXIE BUILD INSTRUCTIONS

    Please note: there is another ReadMe.txt in the \install\ folder that explains how to create the Sandboxie installers.

    1) Sandboxie builds under MS Visual Studio 2015.
    2) Install the MS Windows Device Driver Kit (DDK) 7.1.0.
    https://www.microsoft.com/en-us/download/details.aspx?id=11800
    In the DDK setup, all you need to check is "Build Environments"
    3) The VS Solution File, Sandbox.sln, is in the source code root. Open this SLN in Visual Studio.

    Source Projects (in aplhabetical order)

    Note: the core of Sandboxie are the driver, SbieDrv, the service, SbieSvc, and the injection DLL, SbieDll. Study these projects first.

    Common (\apps\common). This builds common.lib which is used by the Control and Start projects. It contains some common GUI objects.

    KmdUtil (\install\kmdutil). Builds KmdUtil.exe which is used during the installtion process. E.g. to start/stop the Sbie driver (SbieDrv.sys).

    LowLevel (\core\low). Creates LowLevel.dll which is used in code injection. LowLevel.dll is embeded into SbieSvc.exe as a resource (see core\svc\lowlevel.rc for more information).

    Parse (\msgs). Creates the Sbie messages files.

    SandboxBITS (apps\com\BITS). Creates SandboxieBITS.exe (Background Intelligent Transfer Service)

    SandboxCrypto (apps\com\Crypto) Creates SandboxieCrypto.exe

    SandboxieInstall (\install\release). Creates the combined x64/x86 installer SandboxieInstall.exe by combining the x64 & x86 installer binaries into a RC file.
    NOTE: SandboxieInstall is not built during the normal SLN build. It must be built manually after the x64 & x86 installers are completed.

    SandboxRpcSs (\apps\com\RpcSs) Creates SandboxieRpcSs.exe. Sbie's wrapper for the Remote Procedure Call Sub-System).

    SandboxWUAU (\apps\com\WUAU) Creates SandboxieWUAU.exe. Sbie's wrapper for the Windows Automatic Update Service (WUAUSERV).

    SbieControl (\apps\control). Builds SbieCtrl.exe. This is the Sandboxie Control app that displays real-time sandboxed application activity.

    SbieIni (\apps\ini). Creates SbieIni.exe. A utility for querying and updating the sandboxie.ini configuration file.

    SboxDcomLaunch (\apps\com\DcomLaunch). Creates SandboxieDcomLaunch.exe.

    SboxDll (\core\dll). Creates the Sbie injection DLL. This DLL injects into every process running in the sandbox.

    SboxDrv (\core\drv). Creates the Sbie kernel-mode driver.

    SboxHostDll (\SboxHostDll). Builds the Sbie host injection DLL. This DLL is injected into host processes that must be redirected into the sandbox.
    Currently, the only app this is used for is MS Office. SboxHostDll.dll is injected into OfficeClickToRun.exe.

    SboxMsg (\msgs). Creates SboxMsg.dll which contains the Sbie user messages in various languages.

    SboxSvc (\core\svc). Creates the Sbie service.

    Start (\apps\start). Creates start.exe which is used to start processes in the sandbox.
    png_8137.png
    https://github.com/sandboxie-plus/Sandboxie/releases/tag/v0.4.3
     
    Last edited: Nov 21, 2020 at 8:19 PM
  22. 100

    100 Registered Member

    Joined:
    Saturday
    Posts:
    2
    Location:
    -
  23. david banner

    david banner Registered Member

    Joined:
    Nov 24, 2007
    Posts:
    657
  24. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    646
    Location:
    Viena
    Well its eider all or nothing the browsing is the most trivial part, I'm on it and as it looks it should be done for the next build.
    Plus a couple of other great features.
     
  25. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    646
    Location:
    Viena
    new recovery dialog:
    upload_2020-11-23_22-40-48.png
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.