0

I need to check if a program has been run with a sandbox, adding to that program a code to check this statement. I've already tried to check Windows's username with the name of the username who run the program but they were always the same. Do you have any suggestion? I'm stuck. I've tried to implement something but I don't know how the GetExitCodeProcess function works, here is my code:

#include <intrin.h>
#include <iostream>
#include <windows.h>
#pragma comment(lib, "Kernel32.lib")
bool IsActive(){
    LPDWORD active;
    GetExitCodeProcess(/*I don't know what to put here */,active);
    if (active!=0){
        return true;
    }
    return false;
}
int main() {
    if (IsActive()) {
        std::cout << "The player is using sandboxie";
        return 0;
    }
    std::cout << "The player isn't using sandboxie.";
    return 0;
}
Shark44
  • 593
  • 1
  • 4
  • 11
  • A [Windows Sandbox](https://techcommunity.microsoft.com/t5/Windows-Kernel-Internals/Windows-Sandbox/ba-p/301849) is just a simplified Virtual Machine, so this post may help: https://stackoverflow.com/a/11145280/501196 You will still need to figure out how to peform WMI queries from C++, but that's a different question. – yms Sep 08 '19 at 11:29
  • @yms I've posted a code, have a look at it – Shark44 Sep 08 '19 at 12:57
  • I need to check if program A is running under a sandbox by editing this program A, just program A – Shark44 Sep 08 '19 at 13:42
  • I need to create a bool function to check if the program has been run under sandbox, but all in the same program – Shark44 Sep 08 '19 at 13:44
  • Then using GetExitCodeProcess makes little sense... that function is meant to be used for querying information about an external process, not the same process that invokes the function. We are back to my first suggestion, use WMI. – yms Sep 08 '19 at 14:14
  • Can you explain me how to use it? I've never heard of it – Shark44 Sep 08 '19 at 14:18

0 Answers0