Build 0.2.1 / 5.41.1

CHANGELOG.md

@@ -3,6 +3,29 @@ All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 
 
+## [0.2.1 / 5.41.1] - 2020-06-18
+
+### Added
+- added different sandbox icons for different types
+-- Red LogAPI/BSA enabled
+-- More to come :D
+- Added progress window for async operations that take time
+- added DPI awareness
+- the driver file is now obfuscated to avoid false positives
+- additional debug options to sandboxie.ini OpenToken=y that combines UnrestrictedToken=y and UnfilteredToken=y
+-- Note: using these options weekens the sandboxing, they are intended for debugging and may be used for better application virtualization later
+
+### Changed
+- SbieDll.dll when processinh InjectDll now looks in the SbieHome folder for the Dll's if the entered path starts with a backslash
+-- i.e. "InjectDll=\LogAPI\i386\logapi32v.dll" or "InjectDll64=\LogAPI\amd64\logapi64v.dll"
+
+### Fixed
+- IniWatcher did not work in portable mode
+- service path fix broke other services, now properly fixed, may be
+- found workaround for the msi installer issue
+
+
+
 ## [0.2 / 5.41.0] - 2020-06-08
 
 ### Added

Sandboxie/apps/start/start.cpp

@@ -925,7 +925,11 @@ int Program_Start(void)
         expanded = MyHeapAlloc(8192 * sizeof(WCHAR));
         ExpandEnvironmentStrings(cmdline, expanded, 8192);
 
-		if (wcsstr(expanded, L" ") && !wcsstr(expanded, L"\""))
+		//
+		// If the comman contains a space but no ", try to fix it
+		//
+
+		if (wcsstr(expanded, L" ") && !wcsstr(expanded, L"\"") && _waccess(expanded, 0) != -1)
 		{
 			wmemmove(expanded + 1, expanded, wcslen(expanded) + 1);
 			expanded[0] = L'\"';

Sandboxie/common/my_version.h

@@ -22,7 +22,7 @@
 
 #define MY_VERSION_BINARY       5,41
 #define MY_VERSION_STRING       "5.41"
-#define MY_VERSION_STRING_EX	"5.41.0"
+#define MY_VERSION_STRING_EX	"5.41.1"
 
 // These #defines are used by either Resource Compiler, or by NSIC installer
 #define SBIE_INSTALLER_PATH		"..\\Bin\\"

Sandboxie/core/dll/debug.h

@@ -37,7 +37,7 @@
 #ifdef  WITH_DEBUG
 
 //#define  BREAK_IMAGE_1      L"java.exe" // L"jp2launcher.exe"
-#define  BREAK_IMAGE_1      L"TestTarget.exe" // L"jp2launcher.exe"
+#define  BREAK_IMAGE_1      L"TestTarget.exe" 
 
 int Debug_Init(void);
 

Sandboxie/core/dll/gui.c

@@ -952,6 +952,11 @@ _FX BOOLEAN Gui_ConnectToWindowStationAndDesktop(HMODULE User32)
 
                 rc = (ULONG_PTR)NtCurrentThread();
 
+				// OpenBox1 BEGIN
+				if (SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
+					rc = 0;
+				else
+				// OpenBox1 END
                 if (__sys_NtSetInformationThread)
                 {
                     rc = __sys_NtSetInformationThread(NtCurrentThread(),

Sandboxie/core/dll/ldr_init.c

@@ -181,6 +181,9 @@ _FX void Ldr_LoadInjectDlls(BOOLEAN bHostInject)
     WCHAR *dllname = Dll_AllocTemp(MAX_PATH * 2 * sizeof(WCHAR));
     ULONG index = 0;
 
+	WCHAR *path = Dll_AllocTemp(1024 * sizeof(WCHAR));
+	SbieApi_GetHomePath(NULL, 0, path, 1020);
+
     if (!__sys_LdrLoadDll)
         __sys_LdrLoadDll = (P_LdrLoadDll)GetProcAddress(Dll_Ntdll, "LdrLoadDll");
 
@@ -196,6 +199,18 @@ _FX void Ldr_LoadInjectDlls(BOOLEAN bHostInject)
             break;
         }
 
+		//
+		// For expidient use we allow to enter the dll name without a path 
+		// starting with \ in that case the DLL is looked for in %SbieHome%
+		//
+
+		if (dllname[0] == L'\\' && wcslen(path) + wcslen(dllname) + 1 < MAX_PATH  * 2)
+		{
+			wmemmove(dllname + wcslen(path), dllname, wcslen(dllname) + 1);
+			wmemcpy(dllname, path, wcslen(path));
+		}
+
+
         //
         // we have to prevent invocation of Ldr_CallDllCallbacks while
         // loading the DLL here, otherwise we will end up our per-dll
@@ -225,6 +240,7 @@ _FX void Ldr_LoadInjectDlls(BOOLEAN bHostInject)
     }
 
     Dll_Free(dllname);
+	Dll_Free(path);
 }
 
 

Sandboxie/core/dll/proc.c

@@ -1106,6 +1106,9 @@ _FX BOOL Proc_CreateProcessInternalW_RS5(
             err = GetLastError();
         }
 
+		// OpenBox1 BEGIN
+		if (!SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
+		// OpenBox1 END
         if (ok) {
 
             //

Sandboxie/core/dll/scm_create.c

@@ -1304,8 +1304,12 @@ _FX BOOL Scm_StartServiceCtrlDispatcherX(
         args[2] = NULL;
     }
 
-    if (_wcsicmp(ServiceName, Scm_MsiServer) == 0)
-        Scm_IsMsiServer = TRUE;
+	if (_wcsicmp(ServiceName, Scm_MsiServer) == 0) {
+		if (Dll_OsBuild >= 17763 && SbieApi_QueryConfBool(NULL, L"AnonymousLogon", TRUE) == TRUE) {
+			SbieApi_Log(2194, L"");
+		}
+		Scm_IsMsiServer = TRUE;
+	}
 
     if (! CreateThread(NULL, 0, Scm_ServiceMainThread, args, 0, &ThreadId))
         Scm_Stopped = TRUE;

Sandboxie/core/drv/conf.c

@@ -1230,7 +1230,7 @@ _FX NTSTATUS Conf_Api_Reload(PROCESS *proc, ULONG64 *parms)
 
         Conf_Data.pool = NULL;
         List_Init(&Conf_Data.sections);
-		Conf_Data.home = TRUE; // = FALSE;
+		Conf_Data.home = FALSE;
 
         ExReleaseResourceLite(Conf_Lock);
         KeLowerIrql(irql);
@@ -1371,7 +1371,7 @@ _FX BOOLEAN Conf_Init(void)
 {
     Conf_Data.pool = NULL;
     List_Init(&Conf_Data.sections);
-    Conf_Data.home = TRUE; // = FALSE;
+    Conf_Data.home = FALSE;
 
     if (! Mem_GetLockResource(&Conf_Lock, TRUE))
         return FALSE;

Sandboxie/core/drv/key_flt.c

@@ -222,7 +222,6 @@ _FX NTSTATUS Key_Callback(void *Context, void *Arg1, void *Arg2)
         }
     }
 
-
     if (status != STATUS_SUCCESS)
         return status;
 

Sandboxie/core/drv/process.c

@@ -1248,8 +1248,8 @@ _FX void Process_NotifyImage(
         if (ok)
             ok = Process_Low_InitConsole(proc);
 
-        if (ok)
-            ok = Token_ReplacePrimary(proc);
+		if (ok)
+			ok = Token_ReplacePrimary(proc);
 
         if (ok)
             ok = Thread_InitProcess(proc);

Sandboxie/core/drv/syscall_open.c

@@ -19,6 +19,7 @@
 // Syscall Management
 //---------------------------------------------------------------------------
 
+#include "conf.h"
 
 //---------------------------------------------------------------------------
 // Functions
@@ -643,6 +644,9 @@ _FX NTSTATUS Syscall_DuplicateHandle_2(
         // thread_token.c has a function for this specific case.
         //
 
+		// OpenBox2 BEGIN
+		if (!(Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnfilteredToken", 0, FALSE)))
+		// OpenBox2 END
         status = Thread_CheckTokenObject(
                     proc, OpenedObject, HandleInfo.GrantedAccess);
     }

Sandboxie/core/drv/thread_token.c

@@ -21,7 +21,7 @@
 
 
 #include "common/my_version.h"
-
+#include "conf.h"
 
 //---------------------------------------------------------------------------
 // Defines
@@ -1243,6 +1243,9 @@ _FX NTSTATUS Thread_SetInformationThread_ImpersonationToken(
                     MyTokenHandle, TOKEN_IMPERSONATE,
                     *SeTokenObjectType, UserMode, &TokenObject, NULL);
 
+		// OpenBox2 BEGIN
+		if (!(Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnfilteredToken", 0, FALSE)))
+		// OpenBox2 END
         if (NT_SUCCESS(status)) {
 
             status = Thread_CheckTokenForImpersonation(

Sandboxie/core/drv/token.c

@@ -433,6 +433,12 @@ _FX void *Token_FilterPrimary(PROCESS *proc, void *ProcessObject)
         return NULL;
     }
 
+	// OpenBox2 BEGIN
+	if (Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnfilteredToken", 0, FALSE)) {
+		return PrimaryToken;
+	}
+	// OpenBox2 END
+
     // DbgPrint("   Process Token %08X - %d <%S>\n", PrimaryToken, proc->pid, proc->image_name);
 
     proc->drop_rights =
@@ -775,6 +781,15 @@ _FX void *Token_Restrict(
     TOKEN_PRIVILEGES *privs;
     TOKEN_USER *user;
     void *NewTokenObject;
+
+	// OpenBox2 BEGIN
+	if (Conf_Get_Boolean(proc->box->name, L"OpenToken", 0, FALSE) || Conf_Get_Boolean(proc->box->name, L"UnrestrictedToken", 0, FALSE)) {
+		SeFilterToken(TokenObject, 0, NULL, NULL, NULL, &NewTokenObject);
+		return NewTokenObject;
+		//ObReferenceObject(TokenObject);
+		//return TokenObject;
+	}
+	// OpenBox2 END
 
     groups = Token_Query(TokenObject, TokenGroups, proc->box->session_id);
     privs = Token_Query(TokenObject, TokenPrivileges, proc->box->session_id);
@@ -1648,6 +1663,11 @@ _FX BOOLEAN Token_ReplacePrimary(PROCESS *proc)
     NTSTATUS status;
     BOOLEAN ok = FALSE;
 
+	// OpenBox1 BEGIN
+	if (Conf_Get_Boolean(proc->box->name, L"OriginalToken", 0, FALSE))
+		return TRUE;
+	// OpenBox1 END
+
     //
     // lookup the process object to get the old primary token
     //

Sandboxie/core/svc/ProcessServer.cpp

@@ -719,6 +719,19 @@ HANDLE ProcessServer::RunSandboxedGetToken(
 
             CloseHandle(ThreadHandle);
 
+			// OpenBox1 BEGIN
+			if (!ok && SbieApi_QueryConfBool(NULL, L"OriginalToken", FALSE))
+			{
+				ThreadHandle = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE,
+					PipeServer::GetCallerProcessId());
+
+				ok = OpenProcessToken(
+					ThreadHandle, TOKEN_RIGHTS, &OldTokenHandle);
+
+				CloseHandle(ThreadHandle);
+			}
+			// OpenBox1 END
+
             if (! ok) {
                 SetLastError(LastError);
                 return NULL;

Sandboxie/install/SandboxieVS.nsi

@@ -35,6 +35,7 @@ SetCompressor /SOLID /FINAL lzma
 
 !define BIN_ROOT_BASE	"${SBIE_INSTALLER_PATH}"
 
+!define SBIEDRV_SYS4    "${SBIEDRV_SYS}.rc4"
 
 !define OUTFILE_BOTH    "${PRODUCT_NAME}Install.exe"
 !define NAME_Win32      "${PRODUCT_FULL_NAME} ${VERSION} (32-bit)"
@@ -428,7 +429,7 @@ InstDir_Check_Suffix:
     Push -12
     Pop  $2
     StrCpy $1 $0 "" $2
-    StrCmp $1 "\${SBIEDRV_SYS}" InstDir_Suffix_Good
+    StrCmp $1 "\${SBIEDRV_SYS4}" InstDir_Suffix_Good
 
     Goto InstDir_ProgramFiles
 
@@ -463,7 +464,7 @@ InstDir_Done:
     StrCmp "$EXEDIR"   "$WINDIR\Installer\"   InstType_Remove
     StrCmp "$EXEDIR\"  "$WINDIR\Installer"    InstType_Remove
 
-    IfFileExists $INSTDIR\${SBIEDRV_SYS}      InstType_Upgrade
+    IfFileExists $INSTDIR\${SBIEDRV_SYS4}      InstType_Upgrade
     IfFileExists $INSTDIR\${SBIESVC_EXE}      InstType_Upgrade
     IfFileExists $INSTDIR\${SBIEDLL_DLL}      InstType_Upgrade
 
@@ -967,7 +968,7 @@ WriteLoop:
 
     File /oname=${SBIEMSG_DLL} "${BIN_ROOT}\SbieMsg.dll"
 
-    File /oname=${SBIEDRV_SYS} "${BIN_ROOT}\SbieDrv.sys"
+    File /oname=${SBIEDRV_SYS4} "${BIN_ROOT}\SbieDrv.sys.rc4"
 
     File /oname=SboxHostDll.dll			   "${BIN_ROOT}\SboxHostDll.dll"
 
@@ -1072,7 +1073,7 @@ Function DeleteProgramFiles
 
     Delete "$INSTDIR\${SBIEMSG_DLL}"
 
-    Delete "$INSTDIR\${SBIEDRV_SYS}"
+    Delete "$INSTDIR\${SBIEDRV_SYS4}"
 
     Delete "$INSTDIR\${SANDBOXIE}WUAU.exe"
     Delete "$INSTDIR\${SANDBOXIE}EventSys.exe"
@@ -1422,7 +1423,7 @@ Driver_Silent:
 ; For Install and Upgrade, install the driver
 ;
 
-    StrCpy $0 'install ${SBIEDRV} "$INSTDIR\${SBIEDRV_SYS}" type=kernel start=demand "msgfile=$INSTDIR\${SBIEMSG_DLL}" altitude=${FILTER_ALTITUDE}'
+    StrCpy $0 'install ${SBIEDRV} "$INSTDIR\${SBIEDRV_SYS4}" type=kernel start=demand "msgfile=$INSTDIR\${SBIEMSG_DLL}" altitude=${FILTER_ALTITUDE}'
     Push $0
     Call KmdUtil
 

Sandboxie/install/kmdutil/kmdutil.c

@@ -25,6 +25,7 @@
 #include <stdlib.h>
 #include "common/defines.h"
 #include "common/my_version.h"
+#include "rc4.h"
 
 extern void Kmd_ScanDll(BOOLEAN silent);
 
@@ -714,6 +715,39 @@ int __stdcall WinMain(
             &Options))
         return EXIT_FAILURE;
 
+	if (Driver_Path)
+	{
+		int path_len = wcslen(Driver_Path);
+		if (path_len > 8 && wcscmp(Driver_Path + path_len - 8, L".sys.rc4") == 0)
+		{
+			FILE* inFile = _wfopen(Driver_Path, L"rb");
+			if (inFile)
+			{
+				Driver_Path[path_len - 4] = L'\0';
+				FILE* outFile = _wfopen(Driver_Path, L"wb");
+				if (outFile)
+				{
+					fseek(inFile, 0, SEEK_END);
+					DWORD fileSize = ftell(inFile);
+					fseek(inFile, 0, SEEK_SET);
+
+					void* buffer = HeapAlloc(GetProcessHeap(), HEAP_GENERATE_EXCEPTIONS, fileSize);
+					fread(buffer, 1, fileSize, inFile);
+
+					char key[] = "default_key";
+					rc4_sbox_t sbox;
+					rc4_init(&sbox, key, strlen(key));
+					rc4_transform(&sbox, buffer, fileSize);
+
+					fwrite(buffer, 1, fileSize, outFile);
+
+					fclose(outFile);
+				}
+				fclose(inFile);
+			}
+		}
+	}
+
     ScMgr = OpenSCManager(
         NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CREATE_SERVICE);
 

Sandboxie/install/kmdutil/kmdutil.vcxproj

@@ -123,6 +123,12 @@
   </ItemDefinitionGroup>
   <ItemGroup>
     <ClCompile Include="KmdUtil.c" />
+    <ClCompile Include="rc4.cpp">
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|Win32'">NotUsing</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|Win32'">NotUsing</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieRelease|x64'">NotUsing</PrecompiledHeader>
+      <PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='SbieDebug|x64'">NotUsing</PrecompiledHeader>
+    </ClCompile>
     <ClCompile Include="sbiedrv.c" />
     <ClCompile Include="scandll.c" />
     <ClCompile Include="stdafx.c">
@@ -133,6 +139,7 @@
     </ClCompile>
   </ItemGroup>
   <ItemGroup>
+    <ClInclude Include="rc4.h" />
     <ClInclude Include="stdafx.h" />
   </ItemGroup>
   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />