alphadelta / secure-desktop Goto Github PK

Hey, I really loved your project DUMB, I am a C# student and I had some questions, you had disabled the issues page for that project, can you answer my questions here? Thanks!

Programs opened in a new desktop that either execute new processes or had a file dialog which allows users to execute an arbitrary file will open the possibility of abandoned processes which will not be terminated unless the Windows equivalent of a SIGTERM is sent to the processes.

The fix is to create a program that is executed in the new desktop to take a snapshot of the system, walk through every thread and compare the handle of the desktop with the desktop that thread is running in then add the process to a list which will then me iterated through and terminated allowing the dekstop to be safely closed by Windows.

Tryed ProcessHacker and TaskManager

got error 000005

Hello,

great tool .may i know where is SecureDesktop.exe file?

is your program work like sandbox if yes, could you make log of executable file in text file?

May you please provide compiled binary?

I stumbled on your project while looking into the security of the "Secure Desktop" feature of some password managers (notably, KeePass and 1Password), and from briefly reading the project description, it looks like it may work in the same way. So, I apologize if this doesn't apply here.

Apparently just creating a new desktop for a program isn't enough to guard against keyloggers. A trivial attack is to enumerate the desktops and create a new process on each of them, as demonstrated for both KeePass and 1Password.

1Password came up with a workaround, to detect when unexpected processes are running in the same desktop, it may be possible to do something similar here if your application is actually vulnerable.

Sorry for posting here but it appears you have the issue tracker turned off on DUMB. Awesome PoC teaching me a ton about actual program flow (first 2 months of c# programming here). I noticed that the cryptwindow targets only files in the designated folder and I was wondering how you would go about changing that to cascade down any sub directories recursively in a more traditional locker style. Spent a good deal of time to avoid having to ask a dumb DUMB question but here I am. Many thanks in advance.