Click here to Skip to main content
Rate this: bad
good
Please Sign up or sign in to vote.
See more: VB.NET
Hi, i want to create a program to run and isolate a process in sandbox ( portable ) without write any files to the system or registry, like JauntePE
So any help will be appreciated.
thanks
Posted 8-Jul-12 1:04am
Comments
Wes Aday at 8-Jul-12 7:33am
   
You want to write a virtual machine?
Leecherman at 8-Jul-12 23:39pm
   
No not a virtual machine, i want to do a portable launcher for any executable like this:
 
Run "firefox.exe" or any executable in isolated mode without saving any files to system folder or registry.
 
is this possible?
Wes Aday at 9-Jul-12 6:55am
   
"Run "firefox.exe" or any executable in isolated mode" ... yes of course it's possible. It's called a virtual machine.
Leecherman at 9-Jul-12 11:18am
   
OK, but how?
IMO virtual machine is like VMWare that runs MS windows etc.
Sandeep Mewara at 8-Jul-12 8:19am
   
This is not a well framed question! We cannot work out what you are trying to do/ask from the post. Please elaborate and be specific.
Use the "Improve question" link to edit your question and provide better information.
Leecherman at 8-Jul-12 23:40pm
   
I want to do a portable launcher for any executable files like this :
 
Run "firefox.exe" or any executable in isolated mode without saving any files to system folder or registry.
 
So is this possible?
Leecherman at 11-Jul-12 13:50pm
   
Thanks pillbug99 for your answers, i gave you 5/5 cause it's very helpful :)
 
So now I don't know if it will works if converted to VB.NET or not!
 
BTW does also NSIS launcher have the same things that JauntePE and ThinApp does?
pillbug99 at 13-Jul-12 12:14pm
   
AFAIK, launchers based on script-based installers like NSIS don't do anything beyond temporarily "installing" your app data so the app runs with your settings, and then undoing those changes once the app finishes. But it's definitely possible to go beyond that via plugins and fancier scripts.
Leecherman at 13-Jul-12 13:11pm
   
thanks for your reply, ok do you know any plugins or scripts which do that?
pillbug99 at 14-Jul-12 9:16am
   
No scripts or script plugins, sorry. And nothing in VB, although if you really want to work on something like this I'd suggest learning how to port C/C++ to VB, or in Delphi, which uses Pascal (or something similar), which is closer to VB in syntax. If you go to madshi.net, he makes a written in Delphi library that does both dll injection and api hooking, and I think he still might give it away to worthy non-commericial projects. He also has some pretty easy to understand writeups on how it all works, better than what you would get out of MS Detours for example. MS Detours also used to have premade exes, one of which was an "inject a dll into a process" tool, so that could be used in a script.
 
There's also a freely available COM based api hooking library at http://www.nektra.com/products/deviare-api-hook-windows/ that you could use from a VB app. The last time I looked at them they didn't have any dll injection though, but that's actually the easy part to do and there are plenty of examples available on the net, although probably all in C/C++.
 
And as Mr. Kreskowiak indicated, this is not a beginners project by any means. Although it's easy to conceptualize, it's pretty darn difficult to implement correctly in a generic manner. But it's also easy and not much code to get a simple solution going. As the saying goes, "the hard part is in the details."
 
Leecherman at 14-Jul-12 13:54pm
   
OK thanks a lot again, your replies are very helpful to me.
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 1

Apps like JauntePE use 2 things to form the basis of their portablization of an app - dll injection and api hooking. If you can find/write VB code to handle these 2 things, then yes, it's possible to do what you want.
 
BTW guys, apps like JauntePE are not virtual machines. All they do is redirect an app's OS api calls into their own code within the injected dll, which then either completely handles the entire process, like JauntePE does for registry api use, or makes a simple change to the call's parameters, like JauntePE does for file system api use, or some combo of the two. Thinstall (aka ThinApp), for example, does the same thing but handles the calls completely because they have their own file system embedded within their portable packages. They also have their own loader so they can get around other areas that apps like JauntePE have trouble with.
 
I forgot to add that there is a C# based api hooking article on CodeProject at EasyHook - The reinvention of Windows API hooking[^]. Its current home is on CodePlex at http://www.codeplex.com/easyhook[^]. According to the writeup, it does what Mr. Kreskowiak suggests is needed, e.g., "EasyHook provides a way to hook unmanaged code from a managed environment." I can't find any mention of VB.NET though.
  Permalink  
v3
Rate this: bad
good
Please Sign up or sign in to vote.

Solution 2

Based on what pullbug said, no it's not possible to do in VB.NET, C#, or any other language targeting the .NET Framework.
 
Why? Because the .NET CLR does not support the exports required to make code injection into unmanaged code work.
 
You'll have to write the code that does this heavy lifting in C/C++.
 
I would also HIGHLY recommend getting the latest Windows Internals[^] book, which is now a 2 volume set, to support writing this. What you are venturing into is NOT for the beginner. You either know how the Windows Kernel works or you're going to fail at this project.
  Permalink  

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 310
1 Sergey Alexandrovich Kryukov 212
2 PhilLenoir 164
3 Richard MacCutchan 160
4 Sharmanuj 146
0 Sergey Alexandrovich Kryukov 6,077
1 OriginalGriff 5,115
2 CPallini 2,473
3 Richard MacCutchan 1,597
4 Abhinav S 1,505


Advertise | Privacy | Mobile
Web04 | 2.8.140814.1 | Last Updated 11 Jul 2012
Copyright © CodeProject, 1999-2014
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100