Jump to content
Win $20.00 USD by being active!

Sandboxie and VMs

Daze

By Daze
in Security & Research

 Share

Recommended Posts

Daze Newbie

Daze

Posted
Posted

Here are the best ways to stay safe online:
1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe.

2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/)

3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpnhttps://partner.octovpn.com/565

Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days)

  • Like 2
Link to comment
Share on other sites
Myztxc Newbie

Myztxc

Posted
Posted
On 8/13/2020 at 2:18 PM, Daze said:

Here are the best ways to stay safe online:
1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe.

2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/)

3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpnhttps://partner.octovpn.com/565

Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days)

lit, thank you

Link to comment
Share on other sites
Athena Newbie

Athena

Posted
Posted
On 8/13/2020 at 10:18 PM, Daze said:

Here are the best ways to stay safe online:
1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe.

2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/)

3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpnhttps://partner.octovpn.com/565

Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days)

Honestly, I recommend not downloading anything you don't trust fully

Link to comment
Share on other sites
Daze Newbie

Daze

Posted
  • Author
Posted
On 8/14/2020 at 2:53 AM, Gwap said:

Lol, there is a lot more to do to be able to be ‘’safe’’ on the web.

It's a method to stay safe. Obviously i'm not saying you can hop on the dark web with this and come out unscathed. Feel free to list some possible ideas so i can add them to the thread

Link to comment
Share on other sites
CanalesOcultos Newbie

CanalesOcultos

Posted
Posted (edited)
On 8/13/2020 at 4:18 PM, Daze said:

Here are the best ways to stay safe online:
1- Use a VM whenever possible, this can avoid malicious sites. You can find free ones on youtube which are completely safe.

2- Download using a VM. If you cannot or would rather not use a VM when surfing, you can always install Sandboxie and run downloads through it in a safe environment (https://www.sandboxie.com/)

3- VPNs. VPNs are always great to use to protect your own network from ddos attacks and encrypt your traffic. I'd highly advise Octovpnhttps://partner.octovpn.com/565

Feel free to suggest and add other ways or ask any questions (Usually responds every 1-3 days)

I have a few issues with this tbh. Sandboxie is super easy to detect, most commercial malware easily detects it's running in this and many have even found ways to beat it. If we take a stroll over here https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18748 sandboxie basically said because you can run a command and completely escape their controls over the sandbox, it was within the realm of expected use. If you wanna have some fun, seriously just scan registry permissions within a sandboxie setup, and watch for when you actually make changes to the host without being noticed. /sigh/ Even if you containerize, which is all sandboxie functionally does (see also comodo's ransomware protection), absolutely everything and run it in a vm, then you're victim to oversimplifying. As such, you'll grow accustom to providing real information over a known bad environment ruining the entire purpose. VPNs can mitm your traffic just as much as "encrypt" them. As well nearly every vpn provider thats ever said they don't keep user logs has been hacked and proved lying (see, hidemyass). It's much more advisable to use ssl everywhere within your container within your vm if you're trying to encrypt. Personally I'd advise AGAINST octovpn because sites like https://wtfismyip.com/ can easily still grab internal ip and often ipv6 of users, websites like ebay can detect real ip based on wasm and local fingerprinting. Another objectively safety idea is limiting scripts running to those you know or trust which there are many extensions for every browser for this but very few browsers natively give you that control to block.

Just for a malware c2, at minimum, I'd run with two vm, one being host only networking, the other having all traffic through tor. The host only network on, would be my c2 with a socks proxy to a port on the other. The other, would then have network traffic through tor and run an ssh proxy for a socks tunnel to MY OWN cloud instance, docker instance, or ovh. Ps, fuck ovh. There I said it. Anyway, this gives me complete control of my own, scalable infrastructure, if someone owns my c2 service they won't likely hit anything in my real network, if they gain root to my vm and then vm escape, well that's a risk I'm willing to take with a dumpster laptop. 

 

That seems a bit dramatic so lets try another scenario, you're just a privacy focused gamer who thinks "omg someone gonna does the bootingz of me" and therefor you get convinced to use a vpn or ovh (or any cloud services for proxy or vpn). Any vpn that someone else controls automatically has you agree to their certificate and their certificate authority, meaning once it's saved on your computer you /won't/ be hassled by most any certificate errors because you already agreed to trust those. Grounds for mitm attacks, any vpn ever. Most of these free vpns you can hop on and use bettercap still to do a mitm attack. most cheap ones don't actually encapsulate all your traffic and ipsec or not only encrypts between you and them, not from them outbound. My suggestion for handling these is you go hitup riseup's vpn service. Donate while you're at it. It's one of the few that doesn't have data leaks (re, wtfismyip.com link I posted earlier doesn't leave data behind, other tools like ebay's fingerprinting can't determine local ips). Once you understand how all this works, you'll see just grabbing a sandbox or just grabbing a vpn isn't inherently safe or in many cases even safer way to browse the internets or play games. Sometimes all you've done is cause more problems for yourself. But keep learning, and don't get settled on one thing like that.

Edited by CanalesOcultos
  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...