Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to Sandbox RDP #1839

Closed
Trooper27 opened this issue May 6, 2022 · 5 comments
Closed

Unable to Sandbox RDP #1839

Trooper27 opened this issue May 6, 2022 · 5 comments
Labels
RDP Remote Desktop compatibility issues Status: Fixed in Next Build Fixed in the next Sandboxie version Win 11 Windows 11 issues win32k Win32k subsystem

Comments

@Trooper27
Copy link

What happened?

When I try to force mstsc.exe to be sandboxed or even just run it sandboxed normally, I am unable to do so. I receive the below error.

image

Followed by this.

image

Download link

Not relevant

To Reproduce

Open SbieCtrl.exe
Right click on Sandbox DefaultBox
Right click and go to Sandbox Settings
Expand Program Start
Click on Forced Programs
Click on Add Program
Enter in mstsc.exe
Click OK
Click Apply and then Ok
Close SbieCtrl.exe

Launch Remote Desktop Connection.
Connection is shown as being sandboxed
Enter in computer name
Username and then password.

Then the above mentioned and shown errors occur.
I am unable to use RDP

I am running Windows 11 x64 Enterprise

Expected behavior

To use RDP in a Sandboxed Session

What is your Windows edition and version?

Windows 11 Enterprise x64

In which Windows account you have this problem?

User account with UAC protection set to Always notify.

Please mention any installed security software

ESET ENDPOINT Security

What version of Sandboxie are you running?

1.0.20 64bit

Is it a regression?

Unsure

List of affected browsers

No response

In which sandbox type you have this problem?

In a Standard isolation sandbox (yellow sandbox icon).

Where is the program located?

The program is installed only outside the sandbox.

Can you reproduce this problem on an empty sandbox?

Not relevant to my request.

Did you previously enable some security policy settings outside Sandboxie?

No

Crash dump

No response

Trace log

No response

Sandboxie.ini configuration

#
# Sandboxie-Plus configuration file
#

[GlobalSettings]
Template=NOD32
Template=WindowsRasMan
Template=SynapticsTouchPad
Template=WindowsLive
Template=SnagIt
Template=OfficeLicensing
Template=OfficeClickToRun
FileRootPath=\??\%SystemDrive%\Sandbox\%USER%\%SANDBOX%
SeparateUserFolders=y
KeyRootPath=\REGISTRY\USER\Sandbox_%USER%_%SANDBOX%
IpcRootPath=\Sandbox\%USER%\%SANDBOX%\Session_%SESSION%
NetworkEnableWFP=n
EnableObjectFiltering=y
EnableWin32kHooks=y
EditAdminOnly=n
ForceDisableAdminOnly=n
ForgetPassword=n

[UserSettings_33180454]
SbieCtrl_AutoStartAgent=SandMan.exe
SbieCtrl_UserName=x.x
SbieCtrl_NextUpdateCheck=1652371970
SbieCtrl_WindowCoords=4454,512,2475,1265
SbieCtrl_ActiveView=40021
SbieCtrl_ProcessViewColumnWidths=250,70,300
SbieCtrl_AutoApplySettings=n
SbieCtrl_HideWindowNotify=n
SbieCtrl_SettingChangeNotify=n
SbieCtrl_EnableAutoStart=y

[DefaultBox]
Enabled=y
AutoRecover=y
BlockNetworkFiles=y
RecoverFolder=%{374DE290-123F-4565-9164-39C4925E467B}%
RecoverFolder=%Personal%
RecoverFolder=%Desktop%
BorderColor=#00FFFF,ttl
Template=OpenBluetooth
Template=SkipHook
Template=FileCopy
Template=qWave
Template=BlockPorts
Template=LingerPrograms
Template=AutoRecoverIgnore
ConfigLevel=9
ForceProcess=mstsc.exe
@Trooper27 Trooper27 added the Confirmation Pending Further confirmation is requested label May 6, 2022
@isaak654 isaak654 added the Win 11 Windows 11 issues label May 6, 2022
@DavidXanatos DavidXanatos added Issue: Reproduced Issue reproduced without uncertainties and removed Confirmation Pending Further confirmation is requested labels May 7, 2022
@DavidXanatos
Copy link
Member

DavidXanatos commented May 7, 2022
edited
Loading

This issue is only present on windows 11 but it seams all its versions.
On a first glance there is no quick fix for it, other than setting the box to compartment mode and opening com access such that the unsandboxed CredentialUIBroker.exe can be accessed and used.
The strange thing is that it seams to fail loading som XAML resources, so its not a very specific issue and may in future affect more system components, not sure how to fix that at the moment properly.

EDIT: if this issue does not shows to affect more components a workaround could be to add a custom implementation of CredUIPromptForWindowsCredentialsW to sandboxie with an own old school win32 dialog asking for the login data.

@DavidXanatos DavidXanatos added the UWP Related to Windows modern apps label May 7, 2022
@Trooper27
Copy link
Author

Hi David,

Thanks for writing back. I guess I am stuck until this issue is sorted in the future. Who knows, maybe something good will happen when 22H2 drops later this year.

@DavidXanatos DavidXanatos added the Status: Work in Progress Still in progress label May 28, 2022
@DavidXanatos
Copy link
Member

This is so wired, it seams the issue got resolved with a windows update in my test vm the issue is no longer reproducable, or it was one of the 1.1.2 fixes
please re test the issue with the latest pre release build

@DavidXanatos DavidXanatos added More Info Needed More information is needed to move forward Fixed ??? Not sure if it was fixed or not Status: Fixed in Next Build Fixed in the next Sandboxie version win32k Win32k subsystem and removed More Info Needed More information is needed to move forward UWP Related to Windows modern apps Fixed ??? Not sure if it was fixed or not labels Jun 16, 2022
@DavidXanatos
Copy link
Member

After some more investigation i found the change, it seams win32k hooks were the culprit, with build 1.1.3 these will be only enabled for selected processes, hence the issue is resolved

@Trooper27
Copy link
Author

Hi David,

Thanks for the follow up. I just installed version 1.1.2 and RDP seems to be working fine for me now with Windows 11. Thanks!

@isaak654 isaak654 added RDP Remote Desktop compatibility issues and removed Status: Work in Progress Still in progress Issue: Reproduced Issue reproduced without uncertainties labels Nov 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
RDP Remote Desktop compatibility issues Status: Fixed in Next Build Fixed in the next Sandboxie version Win 11 Windows 11 issues win32k Win32k subsystem
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DavidXanatos @isaak654 @Trooper27