Quote:
Originally Posted by DavidXanatos
Hello,
I don't know of a ready solution, but I may have an idea how it may detect sandboxie.
Since the 64bit version sandboxie, afaik it no longer uses the driver for access redirection but instead the injected DLL, the driver is only used to enforce access restrictions.
So if I would try to detect if my application runs under sandboxie I would try to bypass possible redirection's implemented by dll hooking and compare the results with accessing files the normal way.
Cheers
David X.
|
it's simply refusing to run under sandboxie, it doesn't bypass the sandbox isolation as far as I know.