Loading...

RunInSandbox new version: run multiple apps in the same session and reg files in Windows Sandbox directly from a right-click

1 A+ A-


In this post I will show you the new version of my solution RunInSandbox allowing you to test multiple applications in Sandbox in the same session, and test REG file.


What's new ?

In this version you will be now able to:

- Test multiple apps in the same Sandbox session

- Run a reg file in Sandbox


Context

- You want to test a lot of applications

- Applications will be installed in a specific order

- You want to install EXE, MSI, PS1...


PreRequisites

- At least Windows 10 1903

- Windows Sandbox feature enabled


The solution

It will add context menus for: PS1, MSI, EXE, Intunewin, ZIP, RAR file.

You will be able to:

- Run a PS1 directly in Sandbox

- Run a MSI directly in Sandbox

- Run a EXE directly in Sandbox

- Run an Intunewin directly in Sandbox

- Run a REG file directly in Sandbox

- Extract content of a ZIP in Sandbox

- Share a folder in Sandbox

- Run multiple things in the same Sanbdox session


See below overview of context menus:










Test multiple apps 

In order to be able to test multiple apps or files in the same Windows Sandbox session, we will create a file with extension .sdbapp called App_Bundle.sdbapp

This file will work as an XML file.

The next step is to add a new node for each app you want to install. 

The node looks like as below:

As you may noticed, to add a new application you have to add:

- Application name

- Application path (on the host)

- Application silent switch


See below an overview of installation of multiple applications:


Here is an example with some applications: MDT, Notepad++, Photofiltre, a PS1 file:


Run a reg file in Sandbox

1. Do a right-click on a REG file

2. A context menu will be available

3. Click on Test the reg file in Sandbox

4. Windows Sandbox will be opened with the reg execution


How to get it ?

Click on the below GitHub picture


How to implement it ?

1. Download the file from GitHub

2. Extract the archive

3. Run the file Add_Structure.ps1 to add context menus

4. Context menus will be added for ps1, vbs, exe, zip, msi files and folder

5. A folder Run_in_Sandbox will be copied in C:\ProgramData


Be careful

Be sure to copy all content of the ZIP including folder Sources and all its content.

Do not run only the Add_Structure.ps1 file !!!


How to remove it ?

I also added a script that delete all context menus.

For that just run the Remove_Structure.ps1 file


Sandbox configuration

A config file allows you to apply basic configurations to the Windows Sandbox.

This one called Sandbox_Config.xml

It is located in the donwloaded sources in Sources folder.

Then it's located in C:\ProgramData\Run_in_Sandbox.


It allows you to set below options for Windows Sandbox:

- VGpu option

- Networking option

- ReadOnlyAccess option for shared folder

- WSB files location


If the WSB_Location is set to Default, WSB files will be saved in %temp%.

You can type your own location.

It also allows you to choose which context menus you want to enable.

Set them to True or False to add context menu or not.


See below available options:

- ContextMenu_EXE: context menu for EXE file

- ContextMenu_PS1: context menu for PS1 file

- ContextMenu_MSI: context menu for MSI file

- ContextMenu_VBS: context menu for VBS file

- ContextMenu_ZIP: context menu for ZIP file

- ContextMenu_Folder: context menu for folder

- ContextMenu_Intunewin: context menu for Intunewin file


For instance, if you just want to be able to test intunewin just let the node ContextMenu_Intunewin to True and set other one to False.

Windows_Sandbox 8930982275258785517

Enregistrer un commentaire

1 commentaire

Rock God a dit…

Wow !!!! Super!!!!
I have been looking at trying to run multiple concurrent sandboxes... if anyone knows it may be you! Assume you've read AND understand AND dev C++ and "win32" "win api" +++ and windebug... magnifique! I must try!!

Playing in the (Windows) Sandbox - Check Point Research
https://research.checkpoint.com/2021/playing-in-the-windows-sandbox/

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-vhdx/b6332a98-624d-46b8-bd0e-b77b573662f9

RunInSandbox: a quick way to run/extract files in Windows Sandbox with a right-click on a file | Syst & Deploy
https://www.systanddeploy.com/2023/06/runinsandbox-quick-way-to-runextract.html

Windows Sandbox architecture - Windows Security | Microsoft Learn
https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-architecture

WSB VHDs – Multiple Instances | Hacker News
https://news.ycombinator.com/item?id=39142486
⁉️ shoutout to https://news.ycombinator.com/user?id=apatheticonion

Accueil item

Award

Sponsors

Learn KQL in one month

You want to support me ?

Mes articles en français

Books in French


Stats