Author Topic: AutoSandbox Test Tool  (Read 152731 times)

0 Members and 1 Guest are viewing this topic.

hayc59

  • Guest
Re: AutoSandbox Test Tool
« Reply #30 on: April 20, 2011, 06:17:54 PM »
Gotta love OA's gigantic yet annoying and informative pop ups.
I dont get them very often but
if its early in the morning
it will scare the shit outta of U...hehehe

Offline danny96

  • Malware Fighter
  • Advanced Poster
  • **
  • Posts: 668
  • No-malware!
Re: AutoSandbox Test Tool
« Reply #31 on: April 20, 2011, 06:21:01 PM »
Are the registry keys also gone when program opened in sandbox?
Real-time protection and Firewall: COMODO Internet Security 12.0.0.6810 -- Additional Protection: Web Of Trust, Ublock, NoScript, Malwarebytes Premium, Avast! Online Security, Hitman Pro -- OS: Windows 10

Dieselman

  • Guest
Re: AutoSandbox Test Tool
« Reply #32 on: April 20, 2011, 06:21:39 PM »
Just too much for me. Like Comodo. This test is also good for anyone running Sandboxie or BufferZone.

Dieselman

  • Guest
Re: AutoSandbox Test Tool
« Reply #33 on: April 20, 2011, 06:22:41 PM »
Are the registry keys also gone when program opened in sandbox?

Look for yourself. If it was opened up and run inside then sandbox it will actually not be there when you close it out.

rambo1940

  • Guest
Re: AutoSandbox Test Tool
« Reply #34 on: April 20, 2011, 06:24:07 PM »
All i get is a notice which says "modify the system"
Please can i have some guidance
thank you

Dieselman

  • Guest
Re: AutoSandbox Test Tool
« Reply #35 on: April 20, 2011, 06:26:30 PM »
Your suppose to click it..................Download the program. Run it. Open it inside Avast's sandbox. Now you will see a red box around "modify". Now click modify. Here let me click my Staples Easy Button.

Offline igor

  • Avast team
  • Serious Graphoman
  • *
  • Posts: 11849
    • AVAST Software
Re: AutoSandbox Test Tool
« Reply #36 on: April 20, 2011, 06:31:29 PM »
Well, the main purpose of this tool (internally) wasn't really to test the sandbox functionality - but rather the autosandbox part, i.e. that avast! offers you to sandbox it on execution. The rest is... kind of a side effect (i.e. please don't consider it a comprehensive sandbox testing tool :)).

Dieselman

  • Guest
Re: AutoSandbox Test Tool
« Reply #37 on: April 20, 2011, 06:33:32 PM »
Well, the main purpose of this tool (internally) wasn't really to test the sandbox functionality - but rather the autosandbox part, i.e. that avast! offers you to sandbox it on execution. The rest is... kind of a side effect (i.e. please don't consider it a comprehensive sandbox testing tool :)).

Exactly. Its more like a drop my rights then a full fledged virtualzation program.

rambo1940

  • Guest
Re: AutoSandbox Test Tool
« Reply #38 on: April 20, 2011, 06:37:53 PM »
All i get is a notice which says "modify the system"
Please can i have some guidance
thank you

Can you please expand.
I have downloaded the tool and tried to run it.
That's when i get the "modify" notice

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: AutoSandbox Test Tool
« Reply #39 on: April 20, 2011, 07:00:19 PM »
Vlk, i'm writing a tutorial on how to use this tool for our distributor, but i'd prefer if there is any way to make it a two steep test where test tool itself checks the presence of these hardcoded values. Would that be possible?
So that program checks if the values were in fact written to a physical HDD. If yes, show warning that AutoSandbox is not working properly and if it doesn't find them, show a green checkmark that everything seems to be in order.
Just a thought. It's still a very useful tool for diagnostics.
Visit my webpage Angry Sheep Blog

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: AutoSandbox Test Tool
« Reply #40 on: April 20, 2011, 07:12:54 PM »
Well, the main purpose of this tool (internally) wasn't really to test the sandbox functionality - but rather the autosandbox part, i.e. that avast! offers you to sandbox it on execution. The rest is... kind of a side effect (i.e. please don't consider it a comprehensive sandbox testing tool :)).

Exactly. Its more like a drop my rights then a full fledged virtualzation program.

Can you please explain what you mean? Avast sandbox is definitely not a drop my rights -like thing.
If at first you don't succeed, then skydiving's not for you.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11658
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re: AutoSandbox Test Tool
« Reply #41 on: April 20, 2011, 07:13:51 PM »
Vlk, i'm writing a tutorial on how to use this tool for our distributor, but i'd prefer if there is any way to make it a two steep test where test tool itself checks the presence of these hardcoded values. Would that be possible?
So that program checks if the values were in fact written to a physical HDD. If yes, show warning that AutoSandbox is not working properly and if it doesn't find them, show a green checkmark that everything seems to be in order.
Just a thought. It's still a very useful tool for diagnostics.

Not quite possible from inside autosandboxme.ext as the program sees the changes there. You'd need to have a second process (not sandboxed) that would check if the changes were made to the real system.
If at first you don't succeed, then skydiving's not for you.

Offline RejZoR

  • Polymorphic Sheep
  • Serious Graphoman
  • *****
  • Posts: 9406
  • We are supersheep, resistance is futile!
    • RejZoR's Flock of Sheep
Re: AutoSandbox Test Tool
« Reply #42 on: April 20, 2011, 07:20:53 PM »
I was thinking of something like this. You have a test tool that then spawns another EXE which actually triggers AutoSandbox. As far as i understand the sandbox anbd its chain of sandboxing, in this case the main tool would not be sandboxed but the newly spawned EXE would be. Then the main test tool would check for the presence of that file and registry value. If found, Sandbox is not working. If not found, sandbox is working fine.
It's just that you'd have to figure out how to make timings and stuff like that to properly connect spawning and checking part so they would be properly correct and not try to check before it would actually spawn the new file/reg value. In theory you should only check the physical locations and if test data is not found there, it's fine.
Visit my webpage Angry Sheep Blog

rambo1940

  • Guest
Re: AutoSandbox Test Tool
« Reply #43 on: April 20, 2011, 07:21:53 PM »
All i get is a notice which says "modify the system"
Please can i have some guidance
thank you

Can you please expand.
I have downloaded the tool and tried to run it.
That's when i get the "modify" notice

Can somebody please tell me how you open the file in autosandbox.
Thank you

Dieselman

  • Guest
Re: AutoSandbox Test Tool
« Reply #44 on: April 20, 2011, 07:44:46 PM »
Already gave you instructions. When you see "modify" just click it. It's that easy.


Vlk ......I said like a drop my rights. Full virtualzation cannot be obtained in a 64 but OS unless you can by pass patch guard.
« Last Edit: April 20, 2011, 07:46:27 PM by Dieselman »