Sandboxie. Process isolation with kernel hooks.

1. Introduction:

Sandboxie is a sandbox that performs a process isolation. Its main features:

-Access control to kernel resources by direct hooks on kernel objects.

-Some ssdt and shadow ssdt hooks to control window messages.

-Some kernel registered callbacks to be notified of process creating, images loaded, …

In this article I will speak about sandoxie design and I will perform a analysis from a security point of view.

Read more

It was added Dni-e project

The project “Análisis de la estructura interna del DNIE (Spanish)” has been published. Visit the projects section to get it. In this article the internal structure of the spanish electronic dni card is analyzed in dept (This document is writted in spanish).

First publication in 48bits blog:

http://blog.48bits.com/2010/03/16/analisis-de-la-estructura-interna-del-dni-e/

References:

http://www.meneame.net/story/analisis-estructura-interna-dni-e

http://espana.barrapunto.com/es/10/03/20/2251222.shtml

Idefense awards

Honorable Mention prize were awarded to our advisory: “Adobe flash player plugin 9.0.124 bad pointer vulnerability“, in the Idefense’s First Annual Vulnerability Contributor Program (VCP) Challenge.

Return top