[Case Study] BinJumper side-effects #1938

arcanis · 2020-10-07T15:10:39Z

What package is covered by this investigations?

Binjumper, that we use to spawn processes without triggering the abort confirmation prompt.

Describe the goal of the investigation

Our company has some process-monitoring software installed, and while it's not 100% all-encompassing, it frequently blocks "unknown" executables from executing at all. In this case, the .exe files in the temp folder are all getting killed before they can start, so the post-install steps all fail.

markerikson · 2020-10-07T15:14:03Z

@arcanis : was literally just about to open a new issue for this :)

@merceyz: I don't know all the heuristics the corporate security software uses. FWIW, this particular tool is CarbonBlack/Bit9. In this case, the error message that pops up indicates that it sees the original path of node.exe, and that the process is signed. But, something about the fact that there's a binary being executed out of the user temp folder triggers it and it gets blocked.

arcanis added the case study Package compatibility report label Oct 7, 2020

arcanis self-assigned this Oct 7, 2020

arcanis mentioned this issue Oct 7, 2020

[Bug] 'unable to get local issuer certificate' - Config options for 'strict-ssl' and 'cafile' missing from Berry? #798

Closed

merceyz mentioned this issue Oct 7, 2020

fix(core): replace binjumper with cmd script without prompt #1939

Merged

3 tasks

arcanis closed this as completed in #1939 Dec 15, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Case Study] BinJumper side-effects #1938

[Case Study] BinJumper side-effects #1938

arcanis commented Oct 7, 2020

markerikson commented Oct 7, 2020

[Case Study] BinJumper side-effects #1938

[Case Study] BinJumper side-effects #1938

Comments

arcanis commented Oct 7, 2020

markerikson commented Oct 7, 2020