Anti Avast 5 SandBox Example C++

NiTrOwow · 10-18-2012, 07:57 PM

Well, after a long stupid discussion and noobies that need help. Screw it.

Lets change the game a bit.

snxhk.dll is the dll that gets injected by the process of comodo to be able to sandbox a file that you selected or a suspicious file that comodo sandboxed for you.

In this example code i will test it on Sandboxie because i don't have avast anymore in my vm. Just change the dll and change the code to your needs. Done.

Code:
#include "stdafx.h"

#include "windows.h"

int main()

{

    HMODULE hDll = GetModuleHandle("SbieDll.dll");

    printf ("hDll: 0x%08X\n", hDll);

    if (NULL != hDll) {

    printf("sanboxed\n");

    return 0;

    }

    else {

    printf("no sandbox handle detected!\n");

    return 0;

    }

}

As simple as fucking that.

NiTrOwow · 10-18-2012, 07:57 PM

Well, after a long stupid discussion and noobies that need help. Screw it.

Lets change the game a bit.

snxhk.dll is the dll that gets injected by the process of comodo to be able to sandbox a file that you selected or a suspicious file that comodo sandboxed for you.

In this example code i will test it on Sandboxie because i don't have avast anymore in my vm. Just change the dll and change the code to your needs. Done.

Code:
#include "stdafx.h"

#include "windows.h"

int main()

{

    HMODULE hDll = GetModuleHandle("SbieDll.dll");

    printf ("hDll: 0x%08X\n", hDll);

    if (NULL != hDll) {

    printf("sanboxed\n");

    return 0;

    }

    else {

    printf("no sandbox handle detected!\n");

    return 0;

    }

}

As simple as fucking that.

ultra64 · 12-16-2012, 06:16 PM

help me pleaes

[Image: 1170343848.png]

ultra64 · 12-16-2012, 06:16 PM

help me pleaes

[Image: 1170343848.png]

Frooxius · 12-16-2012, 06:24 PM

ultra64: Looks to me like you're missing a reference to some assembly.

It would help to show the messages in English though this is an English speaking forums, so you're most likely to get help. I don't understand what the messages say for example.

Frooxius · 12-16-2012, 06:24 PM

ultra64: Looks to me like you're missing a reference to some assembly.

It would help to show the messages in English though this is an English speaking forums, so you're most likely to get help. I don't understand what the messages say for example.

Coder-san · 12-20-2012, 01:08 PM

ultra64, Op: That's C# not VB.Net.

Here it is in VB.Net:

Code:
For Each procMod As ProcessModule In Process.GetCurrentProcess().Modules

            If procMod.ModuleName = "snxhk.dll" Then Debug.Print("I'm sandboxed by Avast Sandbox")

        Next

Coder-san · 12-20-2012, 01:08 PM

ultra64, Op: That's C# not VB.Net.

Here it is in VB.Net:

Code:
For Each procMod As ProcessModule In Process.GetCurrentProcess().Modules

            If procMod.ModuleName = "snxhk.dll" Then Debug.Print("I'm sandboxed by Avast Sandbox")

        Next

NiTrOwow · 02-19-2013, 01:42 PM

(12-20-2012, 01:08 PM)Coder-san Wrote: ultra64, Op: That's C# not VB.Net.

Here it is in VB.Net:

Code:
For Each procMod As ProcessModule In Process.GetCurrentProcess().Modules If procMod.ModuleName = "snxhk.dll" Then Debug.Print("I'm sandboxed by Avast Sandbox") Next

Well sorry to bump this up but indeed it was my mistake. It is .NET but not VB. Sorry, changing OP now.

Psycho_Coder · 04-12-2013, 06:20 AM

Can you explain this a bit , I didn't get much in my head , but I know its something cool

Anti Avast 5 SandBox Example C++
Author Message