How to customize the default Windows Sandbox (files, folders, registry, wallpaper) without using WSB file
In this post I will show you how to customize the default Windows Sandbox environment by adding folders or files, modifying registry, wallpaper without using WSB file.
Context
- You want to use Windows Sandbox
- You want to add by default folders or files in Sandbox
- You want to set the default wallpaper
- You want to set some registry keys
What we will see:
- Add your own content in Sandbox explorer
- Add powershell modules by default
- Modify default registry
- Change the PowerShell executionpolicy
- Change the wallpaper
Opening defaut Windows Sandbox
For that proceed as below:
1. Open Windows Services
2. Stop the service Container Manager Service
3. You can do it with PowerShell: stop-service CmService
4. Go to C:\ProgramData\Microsoft\Windows\Containers\BaseImages\GUID
5. Double-click on BaseLayer.vhdx
6. This will mount the VHDX, as below:
Adding your content
In the below examples we will add modules MSAL.PS.
For this proceed as below:
1. Go to your host computer
2. Go to C:\Program Files\WindowsPowerShell\Modules
3. Copy folder MSAL.PS to E:\Files\Program Files\WindowsPowerShell\Modules
4. Close the Explorer
5. Do a right-click on the mounted drive
6. Click on Eject
7. Start again service Container Manager Service
8. You can do it with PowerShell: start-service CmService
9. Open Windows Sandbox
10. Open a PowerShell prompt
11. Type set-executionpolicy remotesigned
12. Now type Get-MsalToken
13. As you can see it asks for the client ID
14. In the next example I will add my own Azure app
Changing default registry
We will proceed as below:
1. Mount the vhdx as mentioned previously
2. Open regedit
3. Go to HKLM
4. Click on File
5. Click on Load hive
6. Browse E:\Files\Users\WDAGUtilityAccount\ntuser.dat
7. Type a name like test
8. Change what you want
9. Click on File
10. Click on Unload hive
Changing wallpaper
We will proceed as below:
1. Mount the vhdx as mentioned previously
2. Open regedit
3. Go to HKLM
4. Click on File
5. Click on Load hive
6. Type a name like test
7. Browse E:\Files\Users\WDAGUtilityAccount\ntuser.dat
8. Go to HKEY_LOCAL_MACHINE\test\Control Panel\Desktop
9. Select WallPaper
10. Change to the existing one: C:\Windows\Web\Wallpaper\Theme1\img1.jpg
11. Click on File
12. Click on Unload hive
13. You can of course add your one
14. See below result:
Setting PowerShell executionpolicy
We will proceed as below:
1. Mount the vhdx as mentioned previously
2. Open regedit
3. Go to HKLM
4. Click on File
5. Click on Load hive
6. Type a name like test
7. Browse to the ntuser.dat
8. Go to HKEY_LOCAL_MACHINE\test\SOFTWARE\Microsoft
9. Create a key PowerShell > 1 > ShellIds > Microsoft.PowerShell
10. Create a string ExecutionPolicy
11. Add value RemoteSigned
12. Create a string Path
13. Add value C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
14. Click on File
15. Click on Unload hive
16. See below result:
What's next ?
I will continue to add other examples in another post, like:
- Set default applications
- Set language
- Set taskbar
- Others
2 commentaires
Hello, I'm discovering what u've done about WSB : absolutely brilliant, thx a lot !
In the latest windows (version 22H2),
There's no BaseLayer.vhdx
in here
C:\ProgramData\Microsoft\Windows\Containers\BaseImages\GUID
Could you show us how to do this on latest windows?
Enregistrer un commentaire