Software which wants to creat raw socket cannot run

Please post your problem description here

Moderator: Barb@Invincea

Post Reply
sadad
Posts: 4
Joined: Fri Dec 29, 2017 9:08 am

Software which wants to creat raw socket cannot run

Post by sadad » Fri Dec 29, 2017 8:35 pm

Win10 X64 LTSB 1607
Sandboxie 5.22
FFXIV Parsing Plugin(in Advanced Combat Tracker) (http://advancedcombattracker.com/download.php need FFXIV game first https://www.finalfantasyxiv.com/)
F-secure protection

It need too much time for somebody to reproduce the problem(need game and act with plugin).The plugin gives a error message that it cannot create raw socket.So is here anybody knowing how to give full raw socket access?Thanks.

In addtional,the plugin(in the sandboxie) cannot create win10pcap(out of the sandboxie) socket too.

Barb@Invincea
Sandboxie Support
Sandboxie Support
Posts: 2815
Joined: Mon Nov 07, 2016 3:10 pm

Re: Software which wants to creat raw socket cannot run

Post by Barb@Invincea » Wed Jan 03, 2018 11:25 am

Hello sadad,

Can you please provide the exact error messages that you are receiving?

Does the program work outside Sandboxie?
Why do you need to run it Sandboxed?

Please create a new Sandbox with default settings and provide the results of the Resource Access monitor:
Regards,
Barb.-

sadad
Posts: 4
Joined: Fri Dec 29, 2017 9:08 am

Re: Software which wants to creat raw socket cannot run

Post by sadad » Thu Jan 04, 2018 6:29 am

1.Run FFXIV in Sandboxie
2.Open Resource Access monitor
3.Run ACT
then the results of
Resource Access monitor:

Code: Select all

(Drive)     \Device\HarddiskVolume1
(Drive)     \Device\HarddiskVolume2
(Drive)     \Device\HarddiskVolume3
(Drive)     \Device\HarddiskVolume4
(Drive)     \Device\HarddiskVolume8
(Drive)     \Device\HarddiskVolume9
Clsid       -------------------------------
Clsid       {0358B920-0AC7-461F-98F4-58E32CD89148} Wininet Cache task object
Clsid       {25336920-03F9-11CF-8FD0-00AA00686F13} HTML Document
Clsid       {6A91029E-AA49-471B-AEE7-7D332785660D} Microsoft IME (Japanese)
Clsid       {BCDE0395-E52F-467C-8E3D-C4579291692E} MMDeviceEnumerator class
Clsid       unknown
File/Key    -------------------------------
Image       -------------------------------
Ipc         -------------------------------
Ipc         \BaseNamedObjects\__ComCatalogCache__
Ipc         \BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro
Ipc         \BaseNamedObjects\NLS_CodePage_936_3_2_0_0
Ipc         \BaseNamedObjects\windows_shell_global_counters
Ipc         \RPC Control\epmapper
Ipc         \RPC Control\eventlog
Ipc         \RPC Control\LRPC-705beadbffee8f32c7
Ipc         \RPC Control\LRPC-c16f80a0c7cb4aedd8
Ipc         \RPC Control\OLE41971CC765B858DDB7742C94E7EA
Ipc         \RPC Control\OLEC02572B8C5872BD8432AD0318F7E
Ipc         \RPC Control\webcache_{031b98cf-4a69-4c31-ab42-fd9b3c199407}_S-1-5-21-1261023926-1922044493-1145542773-500
Ipc         \RPC Control\webcache_{7329ea82-0845-4e4c-bd18-02b67ac065cc}_S-1-5-21-1261023926-1922044493-1145542773-500
Ipc         \Sessions\1\BaseNamedObjects\__AMD_DX_CACHE__79acbf8a57629c1c8a1842c2fdf7fa34fcd3a1290e41013c
Ipc         \Sessions\1\BaseNamedObjects\__ComCatalogCache__
Ipc         \Sessions\1\BaseNamedObjects\_IMJP_15_KnlDict_DicWriteMutex_M_S-1-5-21-1261023926-1922044493-1145542773-500
Ipc         \Sessions\1\BaseNamedObjects\_IMJP_15_UD_FileMapping_{b4f0aa5b-77d3-486f-b999-53049e87159e}_M_S-1-5-21-1261023926-1922044493-1145542773-500
Ipc         \Sessions\1\BaseNamedObjects\_IMJP_15_UD_Mutex_{24471f0a-93ba-4398-b4c1-54a70707b2c2}_M_S-1-5-21-1261023926-1922044493-1145542773-500
Ipc         \Sessions\1\BaseNamedObjects\AMDSetHookE_1F90
Ipc         \Sessions\1\BaseNamedObjects\C:*ProgramData*Microsoft*Windows*Caches*cversions.2.ro
Ipc         \Sessions\1\BaseNamedObjects\C:*Users***************AppData*Local*Microsoft*Windows*Caches*{AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x00000000000000b6.db
Ipc         \Sessions\1\BaseNamedObjects\C:*Users***************AppData*Local*Microsoft*Windows*Caches*cversions.1.ro
Ipc         \Sessions\1\BaseNamedObjects\Cor_Private_IPCBlock_v4_8080
Ipc         \Sessions\1\BaseNamedObjects\CPFATE_8080_v4.0.30319
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10802
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10810
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10814
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10818
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10824
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10834
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10842
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10852
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10862
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10872
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10882
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:10892
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108a2
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108ac
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108b0
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108b4
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108b8
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108bc
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108c0
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108c4
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108c8
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108cc
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108d0
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:108d4
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:208d8
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:3072a
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:50608
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:5073e
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:606e2
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:706e4
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:80690
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:8071c
Ipc         \Sessions\1\BaseNamedObjects\HWNDInterface:a0656
Ipc         \Sessions\1\BaseNamedObjects\NLog-FileFileArchiveLock-c:/users/administrator/appdata/roaming/anoyetta/act/logs/act.hojoring.2018-01-04.log
Ipc         \Sessions\1\BaseNamedObjects\NLS_CodePage_936_3_2_0_0
Ipc         \Sessions\1\BaseNamedObjects\SatoriKnlDict_MemoryDictionary_IMJP_15__M_S-1-5-21-1261023926-1922044493-1145542773-500
Ipc         \Sessions\1\BaseNamedObjects\SBIE_BOXED_DummyEvent_8080
Ipc         \Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_cryptsvc
Ipc         \Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_DcomLaunch
Ipc         \Sessions\1\BaseNamedObjects\SBIE_BOXED_ServiceInitComplete_RpcSs
Ipc         \Sessions\1\BaseNamedObjects\SboxSession
Ipc         \Sessions\1\BaseNamedObjects\SessionImmersiveColorMutex
Ipc         \Sessions\1\BaseNamedObjects\SessionImmersiveColorPreference
Ipc         \Sessions\1\BaseNamedObjects\UrlZonesSM_*************
Ipc         \Sessions\1\BaseNamedObjects\windows_ie_global_counters
Ipc         \Sessions\1\BaseNamedObjects\windows_shell_global_counters
Ipc         \Sessions\1\BaseNamedObjects\windows_webcache_bloom_section_{34746976-A383-4A88-8DB5-85283690BE87}
Ipc         \Sessions\1\BaseNamedObjects\windows_webcache_bloom_section_{F6368DEC-7203-4EC2-ABD1-E5F7CEFF15D7}
Ipc         \Sessions\1\BaseNamedObjects\ZonesCacheCounterMutex
Ipc         \Sessions\1\BaseNamedObjects\ZonesLockedCacheCounterMutex
Ipc      O  \...\Cor_SxSPublic_IPCBlock
Ipc      O  \BaseNamedObjects\FontCachePort
Ipc      O  \BaseNamedObjects\mmGlobalPnpInfo
Ipc      O  \BaseNamedObjects\msctf.serverDefault1
Ipc      O  \BaseNamedObjects\RasPbFile
Ipc      O  \KernelObjects\LowMemoryCondition
Ipc      O  \KernelObjects\MaximumCommitCondition
Ipc      O  \KnownDlls\advapi32.dll
Ipc      O  \KnownDlls\bcryptPrimitives.dll
Ipc      O  \KnownDlls\cfgmgr32.dll
Ipc      O  \KnownDlls\clbcatq.dll
Ipc      O  \KnownDlls\combase.dll
Ipc      O  \KnownDlls\COMDLG32.dll
Ipc      O  \KnownDlls\CRYPT32.dll
Ipc      O  \KnownDlls\gdi32.dll
Ipc      O  \KnownDlls\gdi32full.dll
Ipc      O  \KnownDlls\IMM32.dll
Ipc      O  \KnownDlls\kernel.appcore.dll
Ipc      O  \KnownDlls\kernel32.dll
Ipc      O  \KnownDlls\KERNELBASE.dll
Ipc      O  \KnownDlls\MSASN1.dll
Ipc      O  \KnownDlls\MSCTF.dll
Ipc      O  \KnownDlls\msvcp_win.dll
Ipc      O  \KnownDlls\MSVCRT.dll
Ipc      O  \KnownDlls\NSI.dll
Ipc      O  \KnownDlls\ole32.dll
Ipc      O  \KnownDlls\OLEAUT32.dll
Ipc      O  \KnownDlls\powrprof.dll
Ipc      O  \KnownDlls\profapi.dll
Ipc      O  \KnownDlls\PSAPI.DLL
Ipc      O  \KnownDlls\rpcrt4.dll
Ipc      O  \KnownDlls\sechost.dll
Ipc      O  \KnownDlls\Setupapi.dll
Ipc      O  \KnownDlls\shcore.dll
Ipc      O  \KnownDlls\SHELL32.dll
Ipc      O  \KnownDlls\SHLWAPI.dll
Ipc      O  \KnownDlls\ucrtbase.dll
Ipc      O  \KnownDlls\user32.dll
Ipc      O  \KnownDlls\win32u.dll
Ipc      O  \KnownDlls\windows.storage.dll
Ipc      O  \KnownDlls\WINTRUST.dll
Ipc      O  \KnownDlls\WS2_32.dll
Ipc      O  \RPC Control\Audiosrv
Ipc      O  \RPC Control\dhcpcsvc
Ipc      O  \RPC Control\dhcpcsvc6
Ipc      O  \RPC Control\DNSResolver
Ipc      O  \RPC Control\LRPC-705beadbffee8f32c7
Ipc      O  \RPC Control\lsapolicylookup
Ipc      O  \RPC Control\LSARPC_ENDPOINT
Ipc      O  \RPC Control\lsasspirpc
Ipc      O  \RPC Control\nlaapi
Ipc      O  \RPC Control\SbieSvcPort
Ipc      O  \RPC Control\umpo
Ipc      O  \Security\LSA_AUTHENTICATION_INITIALIZED
Ipc      O  \Sessions\1\BaseNamedObjects\__DDrawCheckExclMode__
Ipc      O  \Sessions\1\BaseNamedObjects\__DDrawExclMode__
Ipc      O  \Sessions\1\BaseNamedObjects\CicLoadWinStaWinSta0
Ipc      O  \Sessions\1\BaseNamedObjects\CTF.AsmListCache.FMPDefault1
Ipc      O  \Sessions\1\BaseNamedObjects\DBWinMutex
Ipc      O  \Sessions\1\BaseNamedObjects\DirectSound DllMain mutex (0x00001F90)
Ipc      O  \Sessions\1\BaseNamedObjects\DWM_DX_FULLSCREEN_TRANSITION_EVENT
Ipc      O  \Sessions\1\BaseNamedObjects\MSCTF.Asm.MutexDefault1
Ipc      O  \Sessions\1\BaseNamedObjects\MSCTF.CtfMonitorInstMutexDefault1
Ipc      O  \Sessions\1\Windows\ApiPort
Ipc      O  \Sessions\1\Windows\DwmApiPort
Ipc      O  \Sessions\1\Windows\SharedSection
Ipc      O  \Sessions\1\Windows\Theme4014289801
Ipc      O  \Sessions\1\Windows\ThemeSection
Ipc      O  \ThemeApiPort
Ipc      O  \Windows\Theme1102941320
Pipe        -------------------------------
Pipe        ?
Pipe        \Device\CNG
Pipe        \Device\HarddiskVolume1
Pipe        \Device\HarddiskVolume2
Pipe        \Device\HarddiskVolume3
Pipe        \Device\HarddiskVolume4
Pipe        \Device\HarddiskVolume5
Pipe        \Device\HarddiskVolume8
Pipe        \Device\KsecDD
Pipe        \Device\MountPointManager
Pipe        \Device\NamedPipe\chrome.8080.0.151285669
Pipe        \device\namedpipe\chrome.8080.0.151285669
Pipe        \Device\NamedPipe\chrome.8080.2.57031544
Pipe        \device\namedpipe\chrome.8080.2.57031544
Pipe        \device\namedpipe\chrome.8080.4.39452127
Pipe        \Device\NamedPipe\chrome.8080.4.39452127
Pipe        \device\namedpipe\chrome.8080.4.39452127
Pipe        \Device\NamedPipe\chrome.gpu.8080.1.154871241
Pipe        \device\namedpipe\chrome.gpu.8080.1.154871241
Pipe        \Device\NamedPipe\chrome.gpu.8080.3.670428
Pipe        \device\namedpipe\chrome.gpu.8080.3.670428
Pipe        \device\namedpipe\mojo.8080.7264.15352147271104082129
Pipe        \Device\NamedPipe\mojo.8080.7264.15352147271104082129
Pipe        \device\namedpipe\mojo.8080.7264.15352147271104082129
Pipe     O  \Device\Afd
Pipe     O  \Device\HarddiskVolume9
Pipe     O  \Device\NetBT_Tcpip_{89D4CC99-49C1-4F09-BE61-8DDEAB0D94FA}
Pipe     O  \Device\Nsi
WinCls      -------------------------------
WinCls   O  #0
WinCls   O  MS_WebCheckMonitor
WinCls   O  Shell_TrayWnd
WinCls   X  ApplicationManager_DesktopShellWindow
WinCls   X  MS_AutodialMonitor
The ACT's error:
ERROR: 在 System.Net.Sockets.Socket..ctor(AddressFamily addressFamily, SocketType socketType, ProtocolType protocolType)
ERROR: 在 Machina.RawSocket.CreateRawSocket(UInt32 address)
ERROR: 在 Machina.TCPNetworkMonitor.CheckForIPChange()
ERROR: Invalid Line type 在 Machina.TCPNetworkMonitor.Run()|e2a593f05a187550311a7c8fbf8a48d0


Thanks for your helping me.
The program works outside Sandboxie normally.
The ACT must read the memory of FFXIV(the online game) and sniff the data which FFXIV sends to servers to work normally,but the local agent of FFXIV binds its software to the game(It's usually malware or adware making me disgusted,always running without a notification even if you exit the game,downloading and installing every thing that can slow down your os).So the game has to be run in the Sandboxie,ACT too.

Curt@invincea
Sandboxie Lead Developer
Sandboxie Lead Developer
Posts: 1661
Joined: Fri Jan 17, 2014 5:21 pm
Contact:

Re: Software which wants to creat raw socket cannot run

Post by Curt@invincea » Fri Jan 05, 2018 5:27 pm

Sandboxie shouldn't be blocking creation of a raw socket.

You must be in the admin group to create a raw socket. Are you running as admin? Are you using drop admin rights?

sadad
Posts: 4
Joined: Fri Dec 29, 2017 9:08 am

Re: Software which wants to creat raw socket cannot run

Post by sadad » Fri Jan 05, 2018 10:23 pm

I am sure that i am running as admin and I don't drop admin rights(Default Setting).It's weird,so maybe another thing leads to this problem.I'll keep looking for a solution,but so be it now.Thanks you.

sadad
Posts: 4
Joined: Fri Dec 29, 2017 9:08 am

Re: Software which wants to creat raw socket cannot run

Post by sadad » Sat Jan 06, 2018 5:28 am

well , there are FFXIV_ACT_Plugin.dll(not public) and Machina.FFXIV.dll(open source) actually.

I find the source code of Machina.FFXIV.dll and i feel that it must be something wrong with it.

https://github.com/ravahn/machina/tree/ ... hina.FFXIV

I'm no idea about it,but i realize that programs run out of the Sandboxie can access those programs in it.I try ,then it work normally,although i am glad to know what causes my problem. :D

Post Reply

Who is online

Users browsing this forum: No registered users and 16 guests