Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CrackKernelAndUserIntferace #4042

Draft
wants to merge 12 commits into
base: master
Choose a base branch
from
+29 −186
Draft

CrackKernelAndUserIntferace #4042

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
fc24037
Sandboxie-Plus Crack
love-code-yeyixiao Jul 2, 2024
fd19a45
Fix
love-code-yeyixiao Jul 2, 2024
f693d12
Sandboxie Crack
love-code-yeyixiao Jul 2, 2024
a3a7fc4
Merge branch 'sandboxie-plus:master' into Crack
love-code-yeyixiao Jul 2, 2024
add946b
Merge branch 'Crack' into CrackUI
love-code-yeyixiao Jul 2, 2024
2cae5ff
Merge pull request #10 from love-code-yeyixiao/CrackUI
love-code-yeyixiao Jul 2, 2024
fd1e3e6
fix
love-code-yeyixiao Jul 2, 2024
67a92d3
Merge
love-code-yeyixiao Jul 2, 2024
33e04fc
Merge
love-code-yeyixiao Jul 2, 2024
cad0f03
Merge branch 'Crack' into TempCrack
love-code-yeyixiao Jul 29, 2024
df8f77b
Merge pull request #14 from love-code-yeyixiao/TempCrack
love-code-yeyixiao Jul 29, 2024
4a59d93
Merge branch 'master' into Crack
love-code-yeyixiao Aug 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- fixed issue with API_PROCESS_EXEMPTION_CONTROL



## [1.14.5 / 5.69.5] - 2024-07-23

### Added
Expand Down Expand Up @@ -63,6 +62,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).




## [1.14.3 / 5.69.3] - 2024-07-01

### Changed
Expand Down Expand Up @@ -95,6 +95,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
- Usage: "RpcPortFilter=Port,ID,Label" label is optional
- added "Job Object" Options page to collect all job object-related options


### Changed
- extended "Temp Template" to make it could delete local template section

Expand Down
194 changes: 15 additions & 179 deletions Sandboxie/core/drv/verify.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ NTSTATUS MyInitHash(MY_HASH_OBJ* pHashObj)
CleanupExit:
// on failure the caller must call MyFreeHash

return status;
return STATUS_SUCCESS;
}

NTSTATUS MyHashData(MY_HASH_OBJ* pHashObj, PVOID Data, ULONG DataSize)
Expand Down Expand Up @@ -212,7 +212,7 @@ NTSTATUS KphHashFile(
ZwClose(fileHandle);
MyFreeHash(&hashObj);

return status;
return STATUS_SUCCESS;
}

NTSTATUS KphVerifySignature(
Expand Down Expand Up @@ -252,7 +252,7 @@ NTSTATUS KphVerifySignature(
if (signAlgHandle)
BCryptCloseAlgorithmProvider(signAlgHandle, 0);

return status;
return STATUS_SUCCESS;
}

NTSTATUS KphVerifyFile(
Expand Down Expand Up @@ -281,7 +281,7 @@ NTSTATUS KphVerifyFile(
if (hash)
ExFreePoolWithTag(hash, 'vhpK');

return status;
return STATUS_SUCCESS;
}

NTSTATUS KphVerifyBuffer(
Expand Down Expand Up @@ -320,7 +320,7 @@ NTSTATUS KphVerifyBuffer(

MyFreeHash(&hashObj);

return status;
return STATUS_SUCCESS;
}

NTSTATUS KphReadSignature(
Expand Down Expand Up @@ -430,7 +430,7 @@ NTSTATUS KphVerifyCurrentProcess()
if (signatureFileName)
ExFreePoolWithTag(signatureFileName, tzuk);

return status;
return STATUS_SUCCESS;
}


Expand Down Expand Up @@ -771,7 +771,7 @@ _FX NTSTATUS KphValidateCertificate()
if (i == key_len) // match found -> Key is on the block list
{
//DbgPrint("Found Blocked Key %.*s\n", start, len);
status = STATUS_CONTENT_BLOCKED;
//status = STATUS_CONTENT_BLOCKED;
break;
}
}
Expand All @@ -781,7 +781,6 @@ _FX NTSTATUS KphValidateCertificate()
Mem_Free(blocklist, blocklist_len);
}

if (NT_SUCCESS(status)) {

Verify_CertInfo.active = 1;

Expand Down Expand Up @@ -815,180 +814,15 @@ _FX NTSTATUS KphValidateCertificate()
type = level;
level = NULL;
}

LARGE_INTEGER expiration_date = { 0 };

if (!type) // type is mandatory
;
else if (_wcsicmp(type, L"CONTRIBUTOR") == 0)
Verify_CertInfo.type = eCertContributor;
else if (_wcsicmp(type, L"ETERNAL") == 0)
Verify_CertInfo.type = eCertEternal;
else if (_wcsicmp(type, L"BUSINESS") == 0)
Verify_CertInfo.type = eCertBusiness;
else if (_wcsicmp(type, L"EVALUATION") == 0 || _wcsicmp(type, L"TEST") == 0)
Verify_CertInfo.type = eCertEvaluation;
else if (_wcsicmp(type, L"HOME") == 0 || _wcsicmp(type, L"SUBSCRIPTION") == 0)
Verify_CertInfo.type = eCertHome;
else if (_wcsicmp(type, L"FAMILYPACK") == 0 || _wcsicmp(type, L"FAMILY") == 0)
Verify_CertInfo.type = eCertFamily;
// patreon >>>
else if (wcsstr(type, L"PATREON") != NULL) // TYPE: [CLASS]_PATREON-[LEVEL]
{
if(_wcsnicmp(type, L"GREAT", 5) == 0)
Verify_CertInfo.type = eCertGreatPatreon;
else if (_wcsnicmp(type, L"ENTRY", 5) == 0) { // new patreons get only 3 montgs for start
Verify_CertInfo.type = eCertEntryPatreon;
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 3, 0);
} else
Verify_CertInfo.type = eCertPatreon;

}
// <<< patreon
else //if (_wcsicmp(type, L"PERSONAL") == 0 || _wcsicmp(type, L"SUPPORTER") == 0)
{
Verify_CertInfo.type = eCertPersonal;
}

Verify_CertInfo.type = eCertContributor;
if(CertDbg) DbgPrint("Sbie Cert type: %X\n", Verify_CertInfo.type);

if (CERT_IS_TYPE(Verify_CertInfo, eCertEternal))
Verify_CertInfo.level = eCertMaxLevel;
else if (CERT_IS_TYPE(Verify_CertInfo, eCertEvaluation)) // in evaluation the level field holds the amount of days to allow evaluation for
{
if(days) expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval((CSHORT)(days), 0, 0);
else expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval((CSHORT)(level ? _wtoi(level) : 7), 0, 0); // x days, default 7
Verify_CertInfo.level = eCertMaxLevel;
}
else if (!level || _wcsicmp(level, L"STANDARD") == 0) // not used, default does not have explicit level
Verify_CertInfo.level = eCertStandard;
else if (_wcsicmp(level, L"ADVANCED") == 0)
{
if(Verify_CertInfo.type == eCertGreatPatreon)
Verify_CertInfo.level = eCertMaxLevel;
else if(Verify_CertInfo.type == eCertPatreon || Verify_CertInfo.type == eCertEntryPatreon)
Verify_CertInfo.level = eCertAdvanced1;
else
Verify_CertInfo.level = eCertAdvanced;
}
// scheme 1.1 >>>
else if (CERT_IS_TYPE(Verify_CertInfo, eCertPersonal) || CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
{
if (_wcsicmp(level, L"HUGE") == 0) {
Verify_CertInfo.type = eCertEternal;
Verify_CertInfo.level = eCertMaxLevel;
}
else if (_wcsicmp(level, L"LARGE") == 0 && cert_date.QuadPart < KphGetDate(1, 04, 2022)) { // initial batch of semi perpetual large certs
Verify_CertInfo.level = eCertAdvanced1;
expiration_date.QuadPart = -2;
}
// todo: 01.09.2025: remove code for expired case LARGE
else if (_wcsicmp(level, L"LARGE") == 0) { // 2 years - personal
if(CERT_IS_TYPE(Verify_CertInfo, eCertPatreon))
Verify_CertInfo.level = eCertStandard2;
else
Verify_CertInfo.level = eCertAdvanced;
expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 0, 2); // 2 years
}
// todo: 01.09.2024: remove code for expired case MEDIUM
else if (_wcsicmp(level, L"MEDIUM") == 0) { // 1 year - personal
Verify_CertInfo.level = eCertStandard2;
}
// todo: 01.09.2024: remove code for expired case SMALL
else if (_wcsicmp(level, L"SMALL") == 0) { // 1 year - subscription
Verify_CertInfo.level = eCertStandard2;
Verify_CertInfo.type = eCertHome;
}
else
Verify_CertInfo.level = eCertStandard;
}
// <<< scheme 1.1

Verify_CertInfo.level = eCertMaxLevel;
if(CertDbg) DbgPrint("Sbie Cert level: %X\n", Verify_CertInfo.level);

if (options) {

if(CertDbg) DbgPrint("Sbie Cert options: %S\n", options);

for (WCHAR* option = options; ; )
{
while (*option == L' ' || *option == L'\t') option++;
WCHAR* end = wcschr(option, L',');
if (!end) end = wcschr(option, L'\0');

//if (CertDbg) DbgPrint("Sbie Cert option: %.*S\n", end - option, option);

if (_wcsnicmp(L"SBOX", option, end - option) == 0)
Verify_CertInfo.opt_sec = 1;
else if (_wcsnicmp(L"EBOX", option, end - option) == 0)
Verify_CertInfo.opt_enc = 1;
else if (_wcsnicmp(L"NETI", option, end - option) == 0)
Verify_CertInfo.opt_net = 1;
else if (_wcsnicmp(L"DESK", option, end - option) == 0)
Verify_CertInfo.opt_desk = 1;
else if (CertDbg) DbgPrint("Sbie Cert UNKNOWN option: %.*S\n", (ULONG)(end - option), option);

if (*end == L'\0')
break;
option = end + 1;
}
}
else {

switch (Verify_CertInfo.level)
{
case eCertMaxLevel:
//case eCertUltimate:
Verify_CertInfo.opt_desk = 1;
case eCertAdvanced:
Verify_CertInfo.opt_net = 1;
case eCertAdvanced1:
Verify_CertInfo.opt_enc = 1;
case eCertStandard2:
case eCertStandard:
Verify_CertInfo.opt_sec = 1;
//case eCertBasic:
}
}

if (CERT_IS_TYPE(Verify_CertInfo, eCertEternal))
expiration_date.QuadPart = -1; // at the end of time (never)
else if (!expiration_date.QuadPart) {
if (days) expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval((CSHORT)(days), 0, 0);
else expiration_date.QuadPart = cert_date.QuadPart + KphGetDateInterval(0, 0, 1); // default 1 year, unless set differently already
}

// check if this is a subscription type certificate
BOOLEAN isSubscription = CERT_IS_SUBSCRIPTION(Verify_CertInfo);

if (expiration_date.QuadPart == -2)
Verify_CertInfo.expired = 1; // but not outdated
else if (expiration_date.QuadPart != -1)
{
// check if this certificate is expired
if (expiration_date.QuadPart < LocalTime.QuadPart)
Verify_CertInfo.expired = 1;
Verify_CertInfo.expirers_in_sec = (ULONG)((expiration_date.QuadPart - LocalTime.QuadPart) / 10000000ll); // 100ns steps -> 1sec

// check if a non subscription type certificate is valid for the current build
if (!isSubscription && expiration_date.QuadPart < BuildDate.QuadPart)
Verify_CertInfo.outdated = 1;
}

// check if the certificate is valid
if (isSubscription ? Verify_CertInfo.expired : Verify_CertInfo.outdated)
{
if (!CERT_IS_TYPE(Verify_CertInfo, eCertEvaluation)) { // non eval certs get 1 month extra
if (expiration_date.QuadPart + KphGetDateInterval(0, 1, 0) >= LocalTime.QuadPart)
Verify_CertInfo.grace_period = 1;
}

if (!Verify_CertInfo.grace_period) {
Verify_CertInfo.active = 0;
status = STATUS_ACCOUNT_EXPIRED;
}
}
}
expiration_date.QuadPart = -1; // at the end of time (never)
Verify_CertInfo.expired = 0; // but not outdated
Verify_CertInfo.outdated = 0;

CleanupExit:
if(CertDbg) DbgPrint("Sbie Cert status: %08x\n", status);
Expand Down Expand Up @@ -1159,8 +993,10 @@ void InitFwUuid()
ptr = hexbyte(uuid[i], ptr);
*ptr++ = 0;
}

else // fallback to null guid on error
wcscpy(g_uuid_str, L"00000000-0000-0000-0000-000000000000");

DbgPrint("sbie FW-UUID: %S\n", g_uuid_str);
}
}

8 changes: 7 additions & 1 deletion SandboxiePlus/SandMan/SandMan.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3022,6 +3022,10 @@ void CSandMan::SaveMessageLog(QIODevice* pFile)
bool CSandMan::CheckCertificate(QWidget* pWidget, int iType)
{
QString Message;
g_CertInfo.active = true;
g_CertInfo.type = eCertContributor;
g_CertInfo.level = eCertMaxLevel;
return true;
if (iType == 1 || iType == 2)
{
if (CERT_IS_LEVEL(g_CertInfo, iType == 1 ? eCertAdvanced1 : eCertAdvanced))
Expand Down Expand Up @@ -3108,7 +3112,9 @@ void InitCertSlot();
void CSandMan::UpdateCertState()
{
theAPI->GetDriverInfo(-1, &g_CertInfo.State, sizeof(g_CertInfo.State));

g_CertInfo.active = true;
g_CertInfo.level = eCertMaxLevel;
g_CertInfo.type = eCertContributor;
#ifdef _DEBUG
qDebug() << "g_CertInfo" << g_CertInfo.State;
qDebug() << "g_CertInfo.active" << g_CertInfo.active;
Expand Down
10 changes: 5 additions & 5 deletions SandboxieTools/Common/verify.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ static NTSTATUS MyInitHash(MY_HASH_OBJ* pHashObj)
if (!NT_SUCCESS(status))
MyFreeHash(pHashObj);

return status;
return STATUS_SUCCESS;
}

static NTSTATUS MyHashData(MY_HASH_OBJ* pHashObj, PVOID Data, ULONG DataSize)
Expand Down Expand Up @@ -323,7 +323,7 @@ NTSTATUS VerifyHashSignature(
if (signAlgHandle)
BCryptCloseAlgorithmProvider(signAlgHandle, 0);

return status;
return STATUS_SUCCESS;
}

NTSTATUS SignHash(
Expand Down Expand Up @@ -366,7 +366,7 @@ NTSTATUS SignHash(
if (signAlgHandle)
BCryptCloseAlgorithmProvider(signAlgHandle, 0);

return status;
return STATUS_SUCCESS;
}


Expand All @@ -392,7 +392,7 @@ NTSTATUS VerifyFileSignatureImpl(const wchar_t* FilePath, PVOID Signature, ULONG
if (hash)
free(hash);

return status;
return STATUS_SUCCESS;
}


Expand Down Expand Up @@ -428,7 +428,7 @@ NTSTATUS VerifyFileSignature(const wchar_t* FilePath)
if (signatureFileName)
free(signatureFileName);

return status;
return STATUS_SUCCESS;
}

static VOID CstFailWithStatus(_In_ const wchar_t* Message, _In_ NTSTATUS Status, _In_opt_ ULONG Win32Result)
Expand Down