Run a process and isolate it in sandbox ( portable ) using VB

Question

1.00/5 (1 vote)

See more:

Hi, i want to create a program to run and isolate a process in sandbox ( portable ) without write any files to the system or registry, like JauntePE
So any help will be appreciated.
thanks

Posted 8-Jul-12 1:04am

Leecherman

Add a Solution

Comments

[no name] 8-Jul-12 7:33am

You want to write a virtual machine?

Leecherman 8-Jul-12 23:39pm

No not a virtual machine, i want to do a portable launcher for any executable like this:

Run "firefox.exe" or any executable in isolated mode without saving any files to system folder or registry.

is this possible?

[no name] 9-Jul-12 6:55am

"Run "firefox.exe" or any executable in isolated mode" ... yes of course it's possible. It's called a virtual machine.

Leecherman 9-Jul-12 11:18am

OK, but how?
IMO virtual machine is like VMWare that runs MS windows etc.

Sandeep Mewara 8-Jul-12 8:19am

This is not a well framed question! We cannot work out what you are trying to do/ask from the post. Please elaborate and be specific.
Use the "Improve question" link to edit your question and provide better information.

Leecherman 8-Jul-12 23:40pm

I want to do a portable launcher for any executable files like this :

Run "firefox.exe" or any executable in isolated mode without saving any files to system folder or registry.

So is this possible?

Leecherman 11-Jul-12 13:50pm

Thanks pillbug99 for your answers, i gave you 5/5 cause it's very helpful :)

So now I don't know if it will works if converted to VB.NET or not!

BTW does also NSIS launcher have the same things that JauntePE and ThinApp does?

pillbug99 13-Jul-12 12:14pm

AFAIK, launchers based on script-based installers like NSIS don't do anything beyond temporarily "installing" your app data so the app runs with your settings, and then undoing those changes once the app finishes. But it's definitely possible to go beyond that via plugins and fancier scripts.

Leecherman 13-Jul-12 13:11pm

thanks for your reply, ok do you know any plugins or scripts which do that?

pillbug99 14-Jul-12 9:16am

No scripts or script plugins, sorry. And nothing in VB, although if you really want to work on something like this I'd suggest learning how to port C/C++ to VB, or in Delphi, which uses Pascal (or something similar), which is closer to VB in syntax. If you go to madshi.net, he makes a written in Delphi library that does both dll injection and api hooking, and I think he still might give it away to worthy non-commericial projects. He also has some pretty easy to understand writeups on how it all works, better than what you would get out of MS Detours for example. MS Detours also used to have premade exes, one of which was an "inject a dll into a process" tool, so that could be used in a script.

There's also a freely available COM based api hooking library at http://www.nektra.com/products/deviare-api-hook-windows/ that you could use from a VB app. The last time I looked at them they didn't have any dll injection though, but that's actually the easy part to do and there are plenty of examples available on the net, although probably all in C/C++.

And as Mr. Kreskowiak indicated, this is not a beginners project by any means. Although it's easy to conceptualize, it's pretty darn difficult to implement correctly in a generic manner. But it's also easy and not much code to get a simple solution going. As the saying goes, "the hard part is in the details."

Leecherman 14-Jul-12 13:54pm

OK thanks a lot again, your replies are very helpful to me.

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

pillbug99 · Answer 1 · 2012-07-10T06:36:00

Apps like JauntePE use 2 things to form the basis of their portablization of an app - dll injection and api hooking. If you can find/write VB code to handle these 2 things, then yes, it's possible to do what you want.

BTW guys, apps like JauntePE are not virtual machines. All they do is redirect an app's OS api calls into their own code within the injected dll, which then either completely handles the entire process, like JauntePE does for registry api use, or makes a simple change to the call's parameters, like JauntePE does for file system api use, or some combo of the two. Thinstall (aka ThinApp), for example, does the same thing but handles the calls completely because they have their own file system embedded within their portable packages. They also have their own loader so they can get around other areas that apps like JauntePE have trouble with.

I forgot to add that there is a C# based api hooking article on CodeProject at EasyHook - The reinvention of Windows API hooking[^]. Its current home is on CodePlex at http://www.codeplex.com/easyhook[^]. According to the writeup, it does what Mr. Kreskowiak suggests is needed, e.g., "EasyHook provides a way to hook unmanaged code from a managed environment." I can't find any mention of VB.NET though.

Dave Kreskowiak · Answer 2 · 2012-07-10T07:49:00

Based on what pullbug said, no it's not possible to do in VB.NET, C#, or any other language targeting the .NET Framework.

Why? Because the .NET CLR does not support the exports required to make code injection into unmanaged code work.

You'll have to write the code that does this heavy lifting in C/C++.

I would also HIGHLY recommend getting the latest Windows Internals[^] book, which is now a 2 volume set, to support writing this. What you are venturing into is NOT for the beginner. You either know how the Windows Kernel works or you're going to fail at this project.

Run a process and isolate it in sandbox ( portable ) using VB

2 solutions

Solution 1

Solution 2

Add your solution here

Preview 0