Sandboxie 4.12

[Ponting]

In our analysis of the provided information, the user takes advantage of the default configuration of an existing Microsoft-provided Windows Remote Management service (WS-Management) running on the Windows host. He is using an administrator-privileged client (winrs) running in the sandbox to connect to the host itself over TCP to the management service (winrm) running on the host, thereby creating a sandbox to host communication. (Windows Remote Management service is a Microsoft-provided service that allows for remote access to another host to perform management functions.) As you can imagine, any remote management service can be used to perform both positive and negative actions on the host itself.

This access does not take advantage of a vulnerability (0-day or other) or a defect in Sandboxie in how it isolates the file system, registry, or running processes from the host.

In fact, there are many legitimate use cases for sandboxed processes to communicate with a network service on the same host. Additionally as a point of concern, this type of remote management access can be performed completely outside of Sandboxie whereby one host on a network can connect to the Windows Remote Management service running on a second host on the same network, for example, at a public WiFi hotspot.

We recommend safe configurations of your PC’s operating system and running applications working in conjunction with the isolation protection offered by Sandboxie. Any of these configurations would block the access that was demonstrated:

- Disable default services on your PC that you do not use or which presents a security risk.

A good list for Windows 7 is available here (http://www.blackviper.com/service-c...dows-7-service-pack-1-service-configurations/), and similar configurations apply to other Windows versions.​

- If remote management is needed, configure the service to request a user-provided strong password.

- Install and configure a third-party firewall to block localhost-initiated network communications to local services (on loopback and the active network adapter)

We did implement a control in the just-released Sandboxie 4.13 beta version that specifically blocks running the winrs client in the sandbox altogether, among other edge cases we found in our analysis to provide even more protection. We are continuously evaluating where we can have Sandboxie implement security control over the risk created by default Windows services to better protect our users.

Thank you for bringing this to our attention and safe browsing!

Sandboxie Team

Source: http://malwaretips.com/threads/news-0-day-discovered-in-sandboxie.30956/page-3#post-246590

For more: http://malwaretips.com/threads/news-0-day-discovered-in-sandboxie.30956/

[HandyPAF]

Sandiboxie Power Activator v1.0 Beta (1) (x86 and x64 ) full featured activation

https://anonfiles.com/file/737e2b6aff75c6036cac64f7acdb7dd8

https://www.youtube.com/watch?v=BO8pBnUbf0o

Could someone please provide a TusFiles mirror? Can't seem to download from that link.

[DDOS]

Sandiboxie Power Activator v1.0 Beta (1) (x86 and x64 ) full featured activation

https://anonfiles.com/file/737e2b6aff75c6036cac64f7acdb7dd8

https://www.youtube.com/watch?v=BO8pBnUbf0o

Could someone please provide a TusFiles mirror? Can't seem to download from that link.

https://www.youtube.com/watch?v=VgEhD1ryYM4

https://www.mirrorcreator.com/files/0WNIEMZY/Power_Activator_v1.0b2.rar_links

[HandyPAF]

Thanks for the new link! Finally got Sandboxie working on my machine (8.1 x64)

Is Sandboxie a good way to test if a portable program leaves trace data behind?

[steven36]

Thanks for the new link! Finally got Sandboxie working on my machine (8.1 x64)

Is Sandboxie a good way to test if a portable program leaves trace data behind?

No its not I think most use it to prevent from getting infected and im still not convinced they ever patched the hole in x64 ..Some say the hole really is not patched just the vendors wrote off that as its safe but its not. It dont replace and anti virus that's for sure

To see if they leave stuff behind you need programs like these

https://www.raymond.cc/blog/tracking-registry-and-files-changes-when-installing-software-in-windows/

Also using a search program like everything to find hidden folders is good for files hiding on your system .

[HandyPAF]

I use Sandboxie for the security purpose, I was just curious if it also worked to find trace data left behind by a poorly created launcher.

Thank you for the link btw, it answered my question :)

[locoJoe]

Sandboxie beta v4.13.4 Sept.12, 2014

Combined 32/64 installer:
http://www.sandboxie.com/SandboxieInstall-413-4.exe

Separate:
http://www.sandboxie.com/SandboxieInstall32-413-4.exe
http://www.sandboxie.com/SandboxieInstall64-413-4.exe

Fixes in 4.13.4

1) The auto-update feature only checked the next update time (SbieCtrl_NextUpdateCheck) 1 time when SbieCtrl.exe was started. If SbieCtrl.exe was kept running, it would never check the update time again. This has been fixed.

2) Several large memory leaks (reported by Dr. Larry Pepper et al.) have been fixed. In particular: viewtopic.php?f=11&t=18412

3) ASLR is now enabled for SbieDll.dll 32 bit (64 bit will come later).

4) OpenIpcPath=\BaseNamedObjects\FontCachePort is now in templates.ini as a default. Until now, this was a suggested work-around for some Chrome 37 problems.
NOTE: the default only applies to new installs. For existing installs, you need to go into Sandbox settings->Applications->All Applications, and check the option "Allow direct access to Windows Font Cache"

5) NtQueryInformationProcess was not working correctly for 32 bit apps running in 64 bit Windows. The sandbox path was returned instead of the host path. This is mainly for Buster and BSA.

6) There is a new EULA (license.txt)

The Chrome 37/38 permissions problem with drop rights is still being worked.

[kingviking]

crack 2nd version

Power Activator v1.0b2.rar - 8.6 MB

[Ponting]

crack 2nd version

Power Activator v1.0b2.rar - 8.6 MB

Does it really work? :naughty: or Cosmetic :ganja: ? :P

[kingviking]

crack 2nd version

Power Activator v1.0b2.rar - 8.6 MB

Does it really work? :naughty: or Cosmetic :ganja: ? :P

worked for me :)

[Ponting]

worked for me :)

Does Pro features also work?

[shamu726]

worked for me :)

That isn't proof. Even the previous "crack" did that much.

Does Forced Programs and Forced Folders features work? Can u run programs in more than one sandbox at the same time?

[kingviking]

worked for me :)

That isn't proof. Even the previous "crack" did that much.

Does Forced Programs and Forced Folders features work? Can u run programs in more than one sandbox at the same time?

FORCED programs and forced folders is working for me and even one then one sandbox :smoke: :smoke:

[spinalgr1998]

Yeah, works fine with all the pro features but you can't remove the horrible Test Mode Watermark !

[kingviking]

Yeah, works fine with all the pro features but you can't remove the horrible Test Mode Watermark !

Bear with it :rockon: ..say thanks to coder..

[shamu726]

Is the crack only for 32bit?

[kingviking]

Is the crack only for 32bit?

both 64 and 32

[steven36]

Is the crack only for 32bit?

both 64 and 32

When i tested it on x64 after i rebooted after applying the fix and open it up and try to apply the code it kept giving me and invaild code . Ive never had much luck with any kind of patch on x64 for this.

[kingviking]

Is the crack only for 32bit?

both 64 and 32

When i tested it on x64 after i rebooted after applying the fix and open it up and try to apply the code it kept giving me and invaild code . Ive never had much luck with any kind of patch on x64 for this.

ARE u copying only the code or the full line...just copy only the code not the word syscode...it happened to me also... :rolleyes:

[steven36]

Is the crack only for 32bit?

both 64 and 32

When i tested it on x64 after i rebooted after applying the fix and open it up and try to apply the code it kept giving me and invaild code . Ive never had much luck with any kind of patch on x64 for this.

ARE u copying only the code or the full line...just copy only the code not the word syscode...it happened to me also... :rolleyes:

I copy only the code it dont work for me .I tired to install it 2 times . I got invalid code . I dont know could it be EMET or the fact i run nod and you can only turn it off while logged on?

[OZOZO]

Can someone test this patches for Sandboxie v4.12 ?

Patch_Sandboxie_v4.12_Dev_Point_x86_x64

Site: http://copy.com
Sharecode[?]: /6RZnDDvqsP9J/Patch_Sandboxie_v4.12_Dev_Point_x86_x64.7z

Password: nsane

[demoneye]

Can someone test this patches for Sandboxie v4.12 ?

Patch_Sandboxie_v4.12_Dev_Point_x86_x64

xxxxxxxx

you forgot the pass and plz make the link according to forum rulez. :)

[OZOZO]

Can someone test this patches for Sandboxie v4.12 ?

Patch_Sandboxie_v4.12_Dev_Point_x86_x64

xxxxxxxxx

you forgot the pass and plz make the link according to forum rulez. :)

Sorry my mistake :s Password: nsane

[knowledge-Spammer]

Could you test this SandBoxie Patches
do they work properly or not
and do they activate all the Paid Feautures
like creating unlimited Default Boxes
and the "Forced Program Feautures ?

i do not like patchs at rest my pc with out asking 1st but will test for u

[OZOZO]

Could you test this SandBoxie Patches

do they work properly or not

and do they activate all the Paid Feautures

like creating unlimited Default Boxes

and the "Forced Program Feautures ?

i do not like patchs at rest my pc with out asking 1st but will test for u

MANY THANKS :D