Comments (6)
Heh, so now I remember why this issue seemed familiar. Because it was! And the reason that I had such detailed proposed solutions is that I had already implemented it!
lockdown-browser/runtime_directory/sandbox_run.ps1
Lines 20 to 24 in ba6c018
But the reason why that wasn't working was because the previous lines failed:
lockdown-browser/runtime_directory/sandbox_run.ps1
Lines 17 to 18 in ba6c018
Can you try changing those lines to the following:
Get-ChildItem -Path "HKLM:\HARDWARE\DESCRIPTION" | Remove-ItemProperty -Name SystemBiosVersion -ErrorAction Ignore rm HKLM:\HARDWARE\DESCRIPTION\System\BIOS -ErrorAction IgnoreIf that works, then I'll make those changes to the default installation.
I will try again with my modified Windows 11 that I had originally done the testing on, which is just a local account and disabling system requirements. I had reinstalled Windows 11 in the "proper way" to reduce niche issues and ensure it wasn't my Windows installation.
from lockdown-browser.
Hmm, that's a new one. Might be easy for me to patch, might not. Unfortunately, I don't have any Windows 11 computers right now. I'll try and set up a VM, but it might be a while before I get around to it.
You might just be able to hook the EnumProcesses
, function, but I seem to recall that the Browser tries pretty hard to prevent you from hooking that function through some GetProcAddress
trickery. EnumProcesses
is exported by kernel32.dll
(and also psapi.dll
, but I don't think that the Browser uses that one) so it's not like we can easily bypass the whole library.
I see a few options forward here:
- If
EnumProcesses
isn't protected, then we can just hook it like we do withGetSystemMetrics
. My recollections suggests that this is probably not the case. - Killing
vmcomputeagent.exe
kills the VM pretty abruptly if I remember correctly, so any solution that requires killing or relaunching the program is completely out of the question. But we should be able to delete or rename the file while the process is still running, which may trick the Browser. - We could always hook
GetProcAddress
. We'd need it to return a valid function pointer somewhere inkernel32.dll
, but there might be an inert enough function with a close enough function signature that this might work. Returning an error forGetProcAddress
might also work, but I kind of doubt it. - Binary patch the
LockdownBrowser.exe
file. This is a bit of a pain since the Browser is fairly decent at making sure that it hasn't been modified. Not insurmountable, but kind of a pain. - Have a program launch the Browser, suspend the process, patch out the detection code in memory, then resume the process. Again based off of this article, it looks like the Browser only verifies that its executable file is intact, not its memory. This is kind of a pain, but looks like a decent option forward.
- Binary patch
kernel32.dll
. This option is fairly insane, but since we're in an ephemeral VM, it is actually doable. I haven't checked how the Browser enforces the DLL load paths, but we may even be able to just drop a modifedkernel32.dll
in the same folder as the Browser which would actually be relatively straightforward. - The really crazy option is of course to make a custom kernel module/driver. This is complicated by the fact that kernel development is hard, driver signature enforcement, and the fact that the Windows Sandbox doesn't let you load kernel modules. Not a very good option.
If it's just (1) or (2), then there's a chance (but no guarantee) that I'll have time to fix it in the next month or so. If it's any of the other options, then I have no idea when (or if) I'll have enough free time to patch this. You're best bet here is to submit a PR, which I would be completely willing to review and merge.
from lockdown-browser.
After some testing it seems like an "easy" fix. Since in Windows 11 Sandbox the LockDown browser does not automatically install and launch, I need to manually install it. Causing LockDown browser to notice the prohibited processes running due to not running "sandbox_run.ps1" before hand. Somehow we just need to fix the auto install and running of LockDown Browser in Windows 11 Sandbox and the issue will likely be fixed.
from lockdown-browser.
After some testing it seems like an "easy" fix. Since in Windows 11 Sandbox the LockDown browser does not automatically install and launch, I need to manually install it. Causing LockDown browser to notice the prohibited processes running due to not running "sandbox_run.ps1" before hand. Somehow we just need to fix the auto install and running of LockDown Browser in Windows 11 Sandbox and the issue will likely be fixed.
Running the start up command manually shows this error.
from lockdown-browser.
Heh, so now I remember why this issue seemed familiar. Because it was! And the reason that I had such detailed proposed solutions is that I had already implemented it!
lockdown-browser/runtime_directory/sandbox_run.ps1
Lines 20 to 24 in ba6c018
But the reason why that wasn't working was because the previous lines failed:
lockdown-browser/runtime_directory/sandbox_run.ps1
Lines 17 to 18 in ba6c018
Can you try changing those lines to the following:
Get-ChildItem -Path "HKLM:\HARDWARE\DESCRIPTION" | Remove-ItemProperty -Name SystemBiosVersion -ErrorAction Ignore
rm HKLM:\HARDWARE\DESCRIPTION\System\BIOS -ErrorAction Ignore
If that works, then I'll make those changes to the default installation.
from lockdown-browser.
Glad to hear that this solved the issue. I've pushed a fix to master
in 7248e29.
Thanks for a good bug report!
from lockdown-browser.
Related Issues (20)
- ALEKS doesn't play well? HOT 5
- Project Status HOT 1
- Minimizing the Sandbox is detected by the Browser HOT 1
- Update server is not supplying update information, or the connection to Update server is blocked. Please try again later. HOT 3
- Does not work on VM HOT 8
- Issue when I click open from my school site HOT 4
- Can you help me because I don't know where to start and I have a lockdown browser Lab OEM and if you help me and it works, I can pay you. HOT 1
- Does Not Work For Lockdown Browser OEM HOT 1
- Using with versions ≥ `2.1.2.04` may get your account permanently banned. HOT 22
- HELP HELP HELP HOT 2
- "This browser can't be used while Remote Desktop or Terminal Services are active" HOT 3
- Update server is not supplying update information
- Lockdown Browser Account Banned HOT 2
- LockDown Browser May Be Banning Your Institutional Account HOT 1
- Audio from webcam not going through. HOT 1
- Getting a "Processing Your image" at the Face Detection. Doesn't go through. HOT 2
- While running build.ps1 script, completely errors out at line 40. HOT 1
- IMPORTANT: Using new versions of Respondus Lockdown browser does not work HOT 2
- It's still working? HOT 4
- Permission isssue HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lockdown-browser.