Sandbox-like JauntePE configuration?

Message

fawkes · #1 Post by **fawkes** » Wed Dec 03, 2008 6:30 pm

Hi everybody, I am a big fan of software such as Sandboxie and have always wanted a portable stealth version of it. Unfortunately because Sandboxie uses a driver it will never be stealth and so I gave up on that idea. Now that I came to know about JauntePE it hit me that I might be able to use JauntePE to make a sandbox-like environment which I can use instead of Sandboxie.

I don't care about speed (well not really, but this is a second priority), I only care about creating a sandbox as secure as JauntePE has the possibility to do since I know JauntePE was not made with this in mind. I thought it would be easy since all I needed to do was to redirect everything to the application folder, but no such luck. I especially was not able to redirect files created, they were all created outside my JPE sandbox. After many unsuccessful attempts I have decided to ask for help from the great people available in the TPFC. Does anyone have a template configuration file that acts as a sandbox? Thanks.

crownixx · #2 Post by **crownixx** » Sun Dec 07, 2008 2:26 am

I assume that you want to redirect "everything" meaning all possible path available in the computer for example saving a text file to D:\myOwnFolder\text.txt will redirect to .\Data\DriveD\myOwnFolder\text.txt

If that is what you want, then sorry to say that I think it is not in JauntePE capability. JPE only redirect file system special folder usage. Read more in the readme.html>The Runtime Ini>Portablizer>File System

m^(2) · #3 Post by **m^(2)** » Sun Dec 07, 2008 2:45 am

crownixx wrote:I assume that you want to redirect "everything" meaning all possible path available in the computer for example saving a text file to D:\myOwnFolder\text.txt will redirect to .\Data\DriveD\myOwnFolder\text.txt

If that is what you want, then sorry to say that I think it is not in JauntePE capability. JPE only redirect file system special folder usage. Read more in the readme.html>The Runtime Ini>Portablizer>File System

Hmm...it's a good point for this discussion.

crownixx · #4 Post by **crownixx** » Sun Dec 07, 2008 3:15 pm

Hmm...it's a good point for this discussion.

Would like to hear your opinion first

m^(2) · #5 Post by **m^(2)** » Sun Dec 07, 2008 3:26 pm

crownixx wrote:
Hmm...it's a good point for this discussion.
Would like to hear your opinion first

I'll reply there then.

fawkes · #6 Post by **fawkes** » Sun Dec 07, 2008 5:54 pm

Great to have some replies to this since this is one of the more important things I am working with. So it seems that a perfect sandbox can not be made with JPE, but what would be the closest to a sandbox made with JPE?

Also I noticed that JPE might have problems with Vista, now I do not have a Vista machine available for me, yet I wish for my "Sandbox" to work in Vista too, so I am hoping someone could help me

fawkes · #7 Post by **fawkes** » Thu Dec 11, 2008 8:06 pm

Ok I am really starting to wonder what might be wrong here, no matter what I do can't make JauntePE redirect filesystem calls, even the special folders. Has anyone else had any success?

crownixx · #8 Post by **crownixx** » Sun Dec 14, 2008 1:18 am

fawkes wrote:So it seems that a perfect sandbox can not be made with JPE, but what would be the closest to a sandbox made with JPE?

The closest to sandbox is to use Normal2.ini runtime setting located at Toolbox\Configs folder. It will try to redirect everything

fawkes wrote:Ok I am really starting to wonder what might be wrong here, no matter what I do can't make JauntePE redirect filesystem calls, even the special folders. Has anyone else had any success?

If you can be a more specific like the application that is tried to portablized, the runtime settings and the log file, mybe i could help

fawkes · #9 Post by **fawkes** » Mon Dec 15, 2008 9:11 am

Thanks that was what I was looking for, a configuration example of what would be the closes thing to a sandbox and now that I know Normal2.ini is already as close as possible to a sandbox I can use it to build upon and make a generic configuration file I can use as a starting point. To be honest I am not trying to make any application portable yet, my goal was to create a generic configuration file I can use as a starting point when making applications portable. I have already managed to get filesystem redirection working (I found my mistake while looking at the Normal2.ini file) and I am almost done with my generic configuration file, though there is one thing I am still confused by and that is the RegTokens. What exactly does this do? And I know this feature has an impact on performance, but as mentioned earlier this is not an issue, I am looking to get as close as possible to a sandbox. So should I turn on RegTokens or not? Thanks.

crownixx · #10 Post by **crownixx** » Tue Dec 16, 2008 9:38 am

To be honest I am not trying to make any application portable yet, my goal was to create a generic configuration file I can use as a starting point when making applications portable

Normal2.ini is the generic configuration created by redllar. You dont have to reinvent the wheel here. Ok mybe you want your own directory structure. So start from Normal2.ini inital settings, then change only this settings. The others let be as is

Code: Select all

[Launch]
Path=
JPERuntime=
JPERuntimeIni=
JPERuntimeReg=
JPERuntimeWFS=

[Registry]
Use=1
Data=

[Filesystem]
Use=1
Data=

one thing I am still confused by and that is the RegTokens. What exactly does this do?

The portable application registry might contain a special special folder after we did the installation for example "C:\Windows\crownixx.dll". Sometime, we might face a pc that install its Windows not in C: drive but D: drive or other so the app need to look at "D:\Windows\crownixx.dll". Using JPETokenizer we will convert the path to "%36%\crownixx.dll". Turn on RegTokens will make the JauntePE able to detokenize %36% to the correct path of special folder wether it is "C:\Windows" or "D:\Windows"

So should I turn on RegTokens or not? Thanks

I cant remember where i read it but redllar told that the latest build have the intelligent to change the special folder path in the portable registry automatically in runtime. So maybe the answer is No. Again redllar already made the generic configuration which is Normal2.ini and it does not have the RegTokens turn on.
Answer is Yes if want to create optimize runtime configuration.

fawkes · #11 Post by **fawkes** » Tue Dec 16, 2008 5:20 pm

Thanks for clearing that up, well then I think I will take your advice and use Normal2.ini. To think it was always that easy

-.- · #12 Post by **-.-** » Thu Apr 02, 2009 3:56 am

not too sure but sandboxie is stealth,portable
http://portablefreeware.com/forums/viewtopic.php?t=4638

fawkes · #13 Post by **fawkes** » Thu Apr 02, 2009 1:19 pm

Thanks, did not know about portable Sandboxie until now. I wonder if it needs admin privileges to work and if it truly is stealth, I guess I will have to try it out, but if you have any experience then please share, I would really appreciate it. Now the reasons I wanted to make a sanbox-like JauntePE configuration are many, but one of them was because I wanted to test how close to ThinApp JauntePE really is, especially considering how it was questioned at one point. Unfortunately I did not have much time to try it out, but I did quickly make a JPELoader just like ThinLoader was made for ThinApp because I thought it would prove that both could be made to capture the same data. As mentioned I never got that far because of time constraints, but in case anyone wants to try something similar here is a link to JPELoader http://wikisend.com/download/602130/JPELoader.7z (the link will only be valid 90 days from now).

Napiophelios · #14 Post by **Napiophelios** » Thu Apr 02, 2009 2:23 pm

fawkes wrote:Thanks, did not know about portable Sandboxie until now. I wonder if it needs admin privileges to work and if it truly is stealth, I guess I will have to try it out, but if you have any experience then please share, I would really appreciate it. Now the reasons I wanted to make a sanbox-like JauntePE configuration are many, but one of them was because I wanted to test how close to ThinApp JauntePE really is, especially considering how it was questioned at one point. Unfortunately I did not have much time to try it out, but I did quickly make a JPELoader just like ThinLoader was made for ThinApp because I thought it would prove that both could be made to capture the same data. As mentioned I never got that far because of time constraints, but in case anyone wants to try something similar here is a link to JPELoader http://wikisend.com/download/602130/JPELoader.7z (the link will only be valid 90 days from now).

I dont think it works..unless I am doing something wrong.
Is it a stand alone app? or am I supposed to use it with jpe launcher?
As a standalone..it doesnt seem work.

fawkes · #15 Post by **fawkes** » Thu Apr 02, 2009 2:58 pm

Sorry my mistake, maybe I was not clear enough about what JPELoader is. In this thread http://www.portablefreeware.com/forums/ ... php?t=2998 the code for ThinLoader was given out and I modified it slightly so that it would work better with JPE, but it is far from a standalone app. My intention was to prove that the same thing can be accomplished with JPE as with ThinApp/Thinstall, but never got around to making a working configuration (I made a couple but they did not work as expected). After that I just didn't have the time and I couldn't find my configuration files, only the JPELoader file and I though better to share at least that then nothing at all.

So to clarify, the only use for JPELoader is to be used by JPE to duplicate the functionality of ThinLoader, nothing else.