safeEngine sandboxie and vmware detection

		Exetools > General > General Discussion
safeEngine sandboxie and vmware detection

07-14-2018, 15:04

DavidXanatos DavidXanatos is offline

Family

Join Date: Jun 2018

Posts: 183

Rept. Given: 3

Rept. Rcvd 47 Times in 33 Posts

Thanks Given: 59

Thanks Rcvd at 363 Times in 120 Posts

Hello,

I don't know of a ready solution, but I may have an idea how it may detect sandboxie.
Since the 64bit version sandboxie, afaik it no longer uses the driver for access redirection but instead the injected DLL, the driver is only used to enforce access restrictions.
So if I would try to detect if my application runs under sandboxie I would try to bypass possible redirection's implemented by dll hooking and compare the results with accessing files the normal way.

Cheers
David X.

The Following User Says Thank You to DavidXanatos For This Useful Post:
wassim_ (07-14-2018)

Tags

safeengine, sandboxie, vmware

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is Off HTML code is Off Forum Rules

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
How to hide VirtualBox, Virtual PC and VMware from Detection	ZeNiX	General Discussion	3	04-08-2010 10:13

All times are GMT +8. The time now is 15:46.