 |
 | Dont know what to do |  |
|
Homi Hesumaki
|
|
Hi guys I'm very new in this. I realized that theres a DLL we can download before this will work, where is the dll to download? =o or am i missing out on something?
|
|||||||||||
|
|||||||||||||
 |
| |
|
wraithdu
|
|
Are you serious? Everything you need is in the first post, and additional documentation is in the download.
|
|||||||||||
|
|||||||||||||
|
| |
|
Homi Hesumaki
|
|
LOL sorry! well i see 3 links on your 1st post that i can download on.
1. x86 VC 2. x64 vc 3. the testing program i thought there is a dll file i can download? =o~ |
|||||||||||
|
|||||||||||||
|
| Password | |
|
MaAtKo
Guest
|
|
Hi guys
i downloaded sbiextra v1.0.0.17, but there is a need of a password. How do I get that one? Thanks in advance. |
|||||||||||
|
|||||||||||||
|
| Re: Password | |
|
Buster
|
|
Look at the file name and make a guess... sbiextra_1.0.0.17_pass=zer0dev.zip |
|||||||||||||
|
|||||||||||||||
|
| |
|
sjd
|
|
I did install the VC runtimes and ran a repair just to be sure it installed correctly. The problem still exists so I'll post in the Problem Report board as you suggested. Thanks. |
|||||||||||||
|
|||||||||||||||
|
| |
|
dontbotherme
|
|
the tasklist command can't be blocked , if the program use pipe to get the result , it can also get the process list , how to prevent it ?
|
|||||||||||
|
|||||||||||||
|
| |
|
Buster
|
|
Itīs not possible to do it from inside. You must run something like HideDriver in real system and hide the processes you want from there. Note: HideDriver only works under 32-bit. |
|||||||||||||
|
|||||||||||||||
|
| Re: Block Process Access | |
|
mede5
Guest
|
|
wraithdu, I don't know if you're still following this thread, but if you do please have a look at this:
As I'm sure you can easily tell the md5 sum does not match the one you listed here... ? |
|||||||||||||||
|
|||||||||||||||||
|
| |
|
HolySimpsons
|
|
Hello there,
at first I wanna thank you very much for your efforts, wraithdu!!! I've got a little question.. When I installed both runtime librarys and added both dlls - will spyware in one sandbox not be able to find emails downloaded (e.g. by thunderbird) in another sandbox? In other words it makes one Sandbox secure from attacks from another, right? It might not have been the purpose, but it should work shouldn't it? I might delete all sensitive data outside sandboxes and transfer it in a save sandbox. After that the malware from another sandbox wouldn't have any chance to steal any of those sensitive data, right? If that works, this is a great advantage for the security issues of sandboxie. |
|||||||||||
|
|||||||||||||
|
| |
|
nevermind
Guest
|
|
I'm not sure why you expect malware in any of your your sandboxes but if you get any in a sandbox which injects sbiextra.dll then it should not be able to access the memory of any other process outside its own sandbox - that includes the host processes. So if you limit file access in that malware-prone sandbox so that it can't access your "sensitive" stuff you should be fine without running them in a separate sandbox - unless you want it that way. Now if only wraithdu could comment on the different md5sum above... |
|||||||||||||
|
|||||||||||||||
|
| MD5 fingerprint mismatch and antivirus scans | |
|
nevermind
Guest
|
|
Hmmmm... what do you think about this? After extracting the password-protected .zip archive: https://www.virustotal.com/file/b68d9059c59d1f3ede5d9aaebb17f18754c669ace3acbf34eda337bf278869f1/analysis/ SHA256: b68d9059c59d1f3ede5d9aaebb17f18754c669ace3acbf34eda337bf278869f1 File name: sbiextra_1.0.0.17.zip Detection ratio: 4 / 43 Analysis date: 2011-09-30 10:09:35 UTC ( 5 months, 1 week ago )
|
|||||||||||||||
|
|||||||||||||||||
|
| Re: MD5 fingerprint mismatch and antivirus scans - UPDATE | |
|
nevermind
Guest
|
|
Looks like the md5sum listed in the 1st post corresponds to the .zip archive within the password-protected .zip archive:
Also, a rescan on VirusTotal generates 2 warnings: https://www.virustotal.com/file/b68d9059c59d1f3ede5d9aaebb17f18754c669ace3acbf34eda337bf278869f1/analysis/1331254566/ Jotti generates one warning: http://virusscan.jotti.org/en/scanresult/2516e12cb0d799e51b26ab4e0d32ff5cf39c713f |
|||||||||||||
|
|||||||||||||||
|
| sbiextra not working - no idea why | |
|
needsomehelpplease
Guest
|
|
I used to inject sbieinj.dll in all my sandboxes on my old win xp sp2 machine and it worked great - thanks wraithdu!
Had to reinstall OS from scratch, I updated to SP3, new Sandboxie, new everything... unfortunately now sbiextra.dll doesn't seem to work and I am running out of ideas why :( Current setup: Win XP SP3 x86 Microsoft Visual C++ 2010 x86 Redistributable 10.0.40219 Sandboxie 3.64 sbiextra v1.0.0.17 with correct InjectDll line for default sandbox in Sandboxie.ini, ShowDebugInfo set to 1 in sbiextra.ini system rebooted DbgView started, Capture Win32, Kernel and Events set to on Calculator started outside any sandbox cmd.exe started inside default sandbox injtest.exe <pid_of_calculator> started from cmd.exe inside default sandbox - it can read process handle, memory, list window names... DbgView window remains empty all the time - absolutely nothing at all Can anybody suggest what may be wrong? :( |
|||||||||||
|
|||||||||||||
|
| Re: sbiextra not working - no idea why | |
|
needsomehelpplease
Guest
|
|
Ok, so 2 weeks have passed... anybody...?
|
|||||||||||
|
|||||||||||||
|
 | Block Process Access | |
|
||
Use the RSS feed to watch this topic for replies |
|
|