Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Getting admin rights failed while running "wemeet" installer with "emulate admin right" preset. #1052

Closed
NYGKNYGK opened this issue Jul 29, 2021 · 6 comments
Closed

Getting admin rights failed while running "wemeet" installer with "emulate admin right" preset. #1052

NYGKNYGK opened this issue Jul 29, 2021 · 6 comments
Labels
Status: Fixed in Next Build Fixed in the next Sandboxie version

Comments

@NYGKNYGK
Copy link

Describe the bug
Well, first i have to thank you for developing such an excellent software. It helped me isolating a bunch of evil-installer from installing unwantted so-called "safety tools, user experience tools, ..." trash software everywhere in my C drive.

So here is the problem, when I try to run "wemeet installer" in an sandbox with "emulate admin right" preset, it says "elevating failed, error code 1722". Just like this:
image

To Reproduce
Steps to reproduce the behavior:

  1. I'm using win10 21h1 with an online microsoft account. The sandboxie-plus version is 0.8.9

  2. You can download the installer from this link: https://voovmeeting.com/download-center.html?from=1002

  3. Try to run it in a "emulate admin right" sandbox.

  4. It will show a window like this:
    image

  5. Neihter choices will work. If I choose current user, it will indicates that I need admin right:
    image
    If I choose the second one, it will show this:
    image
    which indicates that the elevation failed.

If I choose other preset such as "ask for UAC elevation", it will work. But i'm afraid this little bitch will bypass the sandbox limit and install some trash "safety tools" in my host machine. Other installers from this company can do it in "ask for UAC elevation" sandbox. So could u fix it?
@DavidXanatos
Copy link
Member

I'll take a look whats failing there.

But i'm afraid this little bitch will bypass the sandbox limit and install some trash "safety tools" in my host machine. Other installers from this company can do it in "ask for UAC elevation" sandbox. So could u fix it?

That should not be possible, can you point me to an installer that can do that, i need to find out how it does it and plug that whole if its true.

@NYGKNYGK
Copy link
Author

@DavidXanatos

That's my bad. I've mistaken the left-behind trash after I uninstalled them from host machine for sandbox leaks. I've tested them 3 times. The "ask for UAC elevation" sandbox works just fine. I'm truly sry.

@DavidXanatos
Copy link
Member

DavidXanatos commented Jul 29, 2021
edited
Loading

Ok that is good, so i only need to investigate the failure of fake admin,
also it should not try to elevate but think it already is elevated, so the issue is with some yet unhandles checking method for administrative privileges

@DavidXanatos DavidXanatos added ToDo To be done under investigation Status: Fixed in Next Build Fixed in the next Sandboxie version and removed ToDo To be done under investigation labels Jul 29, 2021
@StoneMoe
Copy link

StoneMoe commented Aug 3, 2021
edited
Loading

Ran into this issue with another software installer with SBIE Plus v0.8.2, which has a UAC.dll file.
and here is its imports

Click to expand 
Address	Ordinal	Name	Library
0000000010001000		GetUserNameW	ADVAPI32
0000000010001004		OpenServiceW	ADVAPI32
0000000010001008		QueryServiceStatus	ADVAPI32
000000001000100C		CloseServiceHandle	ADVAPI32
0000000010001010		OpenProcessToken	ADVAPI32
0000000010001014		GetTokenInformation	ADVAPI32
0000000010001018		EqualSid	ADVAPI32
000000001000101C		LookupPrivilegeValueW	ADVAPI32
0000000010001020		AdjustTokenPrivileges	ADVAPI32
0000000010001024		OpenSCManagerW	ADVAPI32
000000001000102C		FormatMessageW	KERNEL32
0000000010001030		LocalFree	KERNEL32
0000000010001034		CloseHandle	KERNEL32
0000000010001038		GetModuleHandleW	KERNEL32
000000001000103C		SetLastError	KERNEL32
0000000010001040		GetVersionExW	KERNEL32
0000000010001044		GetProcAddress	KERNEL32
0000000010001048		lstrcmpiW	KERNEL32
000000001000104C		GetCurrentThreadId	KERNEL32
0000000010001050		GetCommandLineW	KERNEL32
0000000010001054		GetCurrentProcessId	KERNEL32
0000000010001058		WaitForSingleObject	KERNEL32
000000001000105C		UnmapViewOfFile	KERNEL32
0000000010001060		SetEvent	KERNEL32
0000000010001064		DuplicateHandle	KERNEL32
0000000010001068		GetLastError	KERNEL32
000000001000106C		CreateEventW	KERNEL32
0000000010001070		CreateFileMappingW	KERNEL32
0000000010001074		MapViewOfFile	KERNEL32
0000000010001078		CreateThread	KERNEL32
000000001000107C		GetExitCodeThread	KERNEL32
0000000010001080		OpenProcess	KERNEL32
0000000010001084		Sleep	KERNEL32
0000000010001088		GetExitCodeProcess	KERNEL32
000000001000108C		GetCurrentProcess	KERNEL32
0000000010001090		IsDebuggerPresent	KERNEL32
0000000010001094		SetUnhandledExceptionFilter	KERNEL32
0000000010001098		UnhandledExceptionFilter	KERNEL32
000000001000109C		TerminateProcess	KERNEL32
00000000100010A0		CreateProcessW	KERNEL32
00000000100010A4		lstrlenW	KERNEL32
00000000100010A8		GetPrivateProfileIntW	KERNEL32
00000000100010AC		lstrcatW	KERNEL32
00000000100010B0		GetModuleFileNameW	KERNEL32
00000000100010B4		GetPrivateProfileStringW	KERNEL32
00000000100010B8		LoadLibraryA	KERNEL32
00000000100010BC		IsProcessorFeaturePresent	KERNEL32
00000000100010C0		OutputDebugStringW	KERNEL32
00000000100010C4		GlobalFree	KERNEL32
00000000100010C8		SetCurrentDirectoryW	KERNEL32
00000000100010CC		GlobalAlloc	KERNEL32
00000000100010D4		ShellExecuteExW	SHELL32
00000000100010DC		IsWindowVisible	USER32
00000000100010E0		SetForegroundWindow	USER32
00000000100010E4		CallNextHookEx	USER32
00000000100010E8		SetWindowsHookExW	USER32
00000000100010EC		PeekMessageW	USER32
00000000100010F0		IsDialogMessageW	USER32
00000000100010F4		TranslateMessage	USER32
00000000100010F8		DispatchMessageW	USER32
00000000100010FC		MsgWaitForMultipleObjects	USER32
0000000010001100		PostMessageW	USER32
0000000010001104		SetWindowPos	USER32
0000000010001108		DefWindowProcW	USER32
000000001000110C		CreateWindowExW	USER32
0000000010001110		GetWindowThreadProcessId	USER32
0000000010001114		CallWindowProcW	USER32
0000000010001118		GetWindowRect	USER32
000000001000111C		GetClassNameW	USER32
0000000010001120		LoadIconW	USER32
0000000010001124		FindWindowExW	USER32
0000000010001128		GetClientRect	USER32
000000001000112C		FindWindowA	USER32
0000000010001130		CharNextW	USER32
0000000010001134		DialogBoxParamW	USER32
0000000010001138		EndDialog	USER32
000000001000113C		MessageBoxW	USER32
0000000010001140		DestroyWindow	USER32
0000000010001144		ShowWindow	USER32
0000000010001148		EnableWindow	USER32
000000001000114C		LoadStringW	USER32
0000000010001150		wvsprintfW	USER32
0000000010001154		MessageBoxA	USER32
0000000010001158		wsprintfW	USER32
000000001000115C		CreateDialogParamW	USER32
0000000010001160		UnhookWindowsHookEx	USER32
0000000010001164		SendMessageW	USER32
0000000010001168		GetDlgItem	USER32
000000001000116C		SetWindowLongW	USER32
0000000010001170		GetWindowLongW	USER32
0000000010001174		LoadImageW	USER32
000000001000117C		CoInitialize	ole32

wish this can help.

@DavidXanatos
Copy link
Member

have you tried Release v0.9.1 / 5.51.1
that pre release should fix this issue

@StoneMoe
Copy link

StoneMoe commented Aug 4, 2021

have you tried Release v0.9.1 / 5.51.1
that pre release should fix this issue

Yes!
updated to v0.8.9 not resolve this issue
but it works on v0.9.1 (pre)
with "NeteaseMusic" installer

thanks alot :D

@StoneMoe StoneMoe mentioned this issue Sep 12, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Fixed in Next Build Fixed in the next Sandboxie version
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DavidXanatos @StoneMoe @NYGKNYGK