How to safely open and run files by sending them to the Windows sandbox

Pixabay

The solutions of sandboxing they provide a safe and isolated environment in which to run potentially dangerous applications or processes. The virtual container thus created allows you to open ed run files safely ensuring that their behavior does not negatively impact the rest of the system.

Checking if a file is infected before opening it may not be enough. Some software, in fact, apply important changes on the system operation and they have a heavy impact on the configuration.

Windows Sandbox is one security solution integrated into the latest versions of the Microsoft operating system which provides a separate operating system instance from the rest of the system. In the mentioned article, we see how to install it and how to set it according to your specific needs.

Safely open and run files by transferring them to the Windows sandbox

The problem, with Windows Sandbox, is that Microsoft doesn’t currently offer a quick and easy way to open a file in the container isolated from the rest of the system. RunInSandbox is a PowerShell script that solves just that problem.

Developed by Damien Van Robaeys, one of the greatest connoisseurs of the “secrets” of sandbox di Windows, RunInSandbox adds new entries in the context menu. After making use of the script PowerShellin the File Explorer interface, you can right-click a file to open or run it in an isolated environment.

RunInSandbox in turn allows you to run PowerShell scripts as a normal user or with SYSTEM privileges within the sandbox. Not only. Lets start file VBS, CMD, MSI, MSIX, EXE, PPKG, Intunewin and REG in the same isolated environment.

The new entries added in the context menu of Windows allow, always with the pressure of the right button, to open URLs or html pages, PDF files, extract the contents of Zip and ISO files, share a folder. All this always using a specially created sandbox.

Resorting to RunInSandbox it is also possible run multiple applications and scripts using the same Windows Sandbox.

How to install and use RunInSandbox (run inside the Windows sandbox)

To use RunInSandbox First of all, you need to verify that you have activated the Windows Sandbox feature. To do this, you can press Windows+R, type optionalfeatures, then make sure the box Sandbox di Windows is ticked.

Execute files directly in the sandbox

At this point, you can download and extract RunInSandbox to a temporary folder (for example C:\TEMP) and then run the file Add_Structure.ps1 with administrator rights.

To be sure of doing so, you can open a PowerShell window (key combination Windows+X) choosing Windows PowerShell (amministratore) or Terminal (Admin) depending on whether you’re using Windows 10 or Windows 11. Navigating to the folder you extracted to RunInSandboxyou can then run the script:

cd "C:\TEMP\Run-in-Sandbox-master"

.\Add_Structure.ps1

The script creates the new entries in the Windows context menu and adds a folder Run_in_Sandbox in the folder ProgramData.

Script PowerShell RunInSandbox

Run a program in the sandbox

to start therunning a program directly in the Windows sandbox, just right-click on it from any window File Explorer then choose the item Run EXE in Sandbox.

Upload executable file to the Windows sandbox

In the case of executable files, it is even possible to add any command-line options. To simply start the indicated executable without specifying any additional options, just press the “X” at the top right.

Sandbox: launch executable with options

In Windows 10 and 11, there can only be one sandbox open. When you close the Windows sandbox window, all its contents are automatically deleted and are considered lost.

In case you want later remove items from the context menujust follow the steps shown so far typing though .\Remove_Structure.ps1 in the PowerShell window.

By removing the changes applied by the script then changing the contents of the file Run-in-Sandbox-master\Sources\Run_in_Sandbox\Sandbox_Config.xml, you can customize the behavior of the Windows sandbox. The XML file allows you to act on the options relating to the behavior of the virtual GPU, preferences relating to networking, access in “read-only” mode, the location of the WSB files (configuration files typically saved in the system folder %temp%).

LEAVE A REPLY

Please enter your comment!
Please enter your name here