Hi there,
I hope this is the right place to ask. I'm currently trying to target VirtualBox with a security tool I am testing that does its job via an injected dll. When I target VirtualBox and its various exe's/dll's I am able to get the security tooling to work properly with the base application and the pop ups windows attached to it. However, the virtual machine itself opens up and for some reason doesn't get injected by the dll. 3 exe's open up for the virtual machine all "VirtualBoxVM.exe" 1 of these exe's gets the injected dll but the other 2 don't. Anyone know how I could solve this issue?
Thanks in advance everyone -
Trying to target VirtualBox with security software
-
- Site Moderator
- Posts: 39156
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Trying to target VirtualBox with security software
Moved to "Using VirtualBox" forum - for now.
VirtualBox VMs are hardened and will toss out DLLs unless they are signed by a trusted source.
VirtualBox VMs are hardened and will toss out DLLs unless they are signed by a trusted source.
Re: Trying to target VirtualBox with security software
I saw some stuff on this but if this was the blocker to the DLL would it not be blocked by that first layer of the VM process aswell?mpack wrote:Moved to "Using VirtualBox" forum - for now.
VirtualBox VMs are hardened and will toss out DLLs unless they are signed by a trusted source.
And thank you for moving it to the right place, my apologies for getting that wrong
-
- Site Moderator
- Posts: 20965
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: Trying to target VirtualBox with security software
I suspect that:
On the other hand, the Virtualbox source code is available for perusal.
On the third hand, the Extension Pack channel is available, if you wanted to add features to Virtualbox.
is about all you'll get on this public forum. The Virtualbox devs play the hardening cards extremely close to the chest, even among themselves. It's extremely unlikely that you'll get a "Follow these XYZ steps to get your DLL injected into the VM." Then the bad guys will see it and do it too.mpack wrote:VirtualBox VMs are hardened and will toss out DLLs unless they are signed by a trusted source.
On the other hand, the Virtualbox source code is available for perusal.
On the third hand, the Extension Pack channel is available, if you wanted to add features to Virtualbox.
Re: Trying to target VirtualBox with security software
Gotcha, I'll do some poking around and see if I can find anything by myself - I do appreciate the replies though, thanksscottgus1 wrote:I suspect that:is about all you'll get on this public forum. The Virtualbox devs play the hardening cards extremely close to the chest, even among themselves. It's extremely unlikely that you'll get a "Follow these XYZ steps to get your DLL injected into the VM." Then the bad guys will see it and do it too.mpack wrote:VirtualBox VMs are hardened and will toss out DLLs unless they are signed by a trusted source.
On the other hand, the Virtualbox source code is available for perusal.
On the third hand, the Extension Pack channel is available, if you wanted to add features to Virtualbox.