gucci-on-fleek / lockdown-browser

Run the ”Respondus Lockdown Browser“ in the ”Windows Sandbox“
Other
134 stars 26 forks source link

ALEKS doesn't play well? #51

Closed HazEaSSaSSin closed 9 months ago

HazEaSSaSSin commented 9 months ago

Haven't really had too many issues prior to now. It seems a PreCalc class uses a site called ALEKS to administer its tests and such. ALEKS redirects to download a version of Lockdown called "LockDownBrowserOEMSetup.exe", and after installation, it doesn't even put an icon on the desktop of the WSB.

When I attempt to open it, it just simply says "Settings Restored" and instructs to open from a browser. ALEKS will only detect this OEM version as installed, so I can't use a different lockdown version, and when I attempt to launch directly through that site, it detects the VM settings. Any idea how to get around this, or you think we're just kinda SOL on the OEM version of LDB?

lockdown

gucci-on-fleek commented 9 months ago

Ok, so the good news here is that the installer worked (mostly) as expected. That's good since lots of the other people with the OEM version have had bad luck getting the installer to work.

when I attempt to launch directly through that site, it detects the VM settings.

The regular Lockdown Browser uses an rldb:// URL protocol to open from a link. So either the installer isn't properly modifying the rldb protocol, or this version uses a different protocol. Try running

https://github.com/gucci-on-fleek/lockdown-browser/blob/7248e2999c70bd913345483873cfc8e623bc99a0/runtime_directory/sandbox_run.ps1#L39

inside the Sandbox and see if that fixes anything. If not, you'll need to figure out what the correct protocol to use is. To do that, either copy the “launch in Lockdown Browser” link and see what protocol it uses, or search through the registry at HKCR (HKEY_CLASSES_ROOT) for the full path to wherever the Browser executable was installed. Then, you can modify the above line with the correct protocol.

HazEaSSaSSin commented 9 months ago

Appreciate that! I'll give it a shot tonight and post an update here if it works successfully. Good looks

HazEaSSaSSin commented 9 months ago

I may be slightly out of my element, but it looks to just use an https:// protocol. ldb-link-1

I also looked through the registry, but it seems as though the LDB registered a number of different URL protocols. reg-entry-1 reg-entry-2 reg-entry-3 reg-entry-4 reg-entry-5

All of these entries point to the same .exe and are identical. Is it possible to modify the above PS file to account for all of these?

gucci-on-fleek commented 9 months ago

@HazEaSSaSSin

I may be slightly out of my element, but it looks to just use an https:// protocol. ldb-link-1

Yeah, that URL is just https://, so it must at some point redirect to a rldb:// or ldb:// protocol.

I also looked through the registry, but it seems as though the LDB registered a number of different URL protocols. reg-entry-1 reg-entry-2 reg-entry-3 reg-entry-4 reg-entry-5

All of these entries point to the same .exe and are identical. Is it possible to modify the above PS file to account for all of these?

Sure, try replacing sandbox_run.ps1 with this (completely untested):

# Lockdown Browser in Windows Sandbox
# https://github.com/gucci-on-fleek/lockdown-browser
# SPDX-License-Identifier: MPL-2.0+
# SPDX-FileCopyrightText: 2020-2024 gucci-on-fleek

# DON'T RUN THIS ON YOUR REGULAR SYSTEM! IT WILL CAUSE **IRREVERSIBLE** DAMAGE

$ErrorActionPreference = "Stop"
Set-StrictMode -Version 3

cd $PSScriptRoot

$lockdown_extract_dir = "C:\Windows\Temp\Lockdown"
$lockdown_runtime = "C:\Program Files (x86)\Respondus\LockDown Browser\LockDownBrowser.exe"
$lockdown_installer = (ls Lockdown*)[0]

Get-ChildItem -Path "HKLM:\HARDWARE\DESCRIPTION" | Remove-ItemProperty -Name SystemBiosVersion -ErrorAction Ignore
rm HKLM:\HARDWARE\DESCRIPTION\System\BIOS -ErrorAction Ignore

# We're in a short-lived VM, so we can safely delete any necessary files
$vmcompute_path = "C:\Windows\System32\VmComputeAgent.exe"
takeown /f $vmcompute_path
icacls $vmcompute_path /grant "Everyone:(D)"
rm $vmcompute_path

& $lockdown_installer /x "`"$lockdown_extract_dir`"" # Dumb installer needs a quoted path, even with no spaces. Also, we have to extract the program before we can even run a silent install.
while (!(Test-Path $lockdown_extract_dir\id.txt)) {
    # This is the easiest way to detect if the installer is finished extracting
    sleep 0.2
}
sleep 1
kill -Name *Lockdown*

& "$lockdown_extract_dir\setup.exe" /s "/f1$PSScriptRoot\setup.iss" "/f2$PSScriptRoot\..\setup.log" # If we don't give a log file path, this doesn't work
Wait-Process -Name "setup"

# Support use of the `rldb://` URL protocol
New-PSDrive -PSProvider registry -Root HKEY_CLASSES_ROOT -Name HKCR
Set-ItemProperty -ErrorAction Ignore -Path "HKCR:\rldb\shell\open\command" -Name "(Default)" -Value ('"' + $PSScriptRoot + '\withdll.exe" "/d:' + $PSScriptRoot + '\GetSystemMetrics-Hook.dll" ' + $lockdown_runtime + ' "%1"')
Set-ItemProperty -ErrorAction Ignore -Path "HKCR:\anst\shell\open\command" -Name "(Default)" -Value ('"' + $PSScriptRoot + '\withdll.exe" "/d:' + $PSScriptRoot + '\GetSystemMetrics-Hook.dll" ' + $lockdown_runtime + ' "%1"')
Set-ItemProperty -ErrorAction Ignore -Path "HKCR:\cllb\shell\open\command" -Name "(Default)" -Value ('"' + $PSScriptRoot + '\withdll.exe" "/d:' + $PSScriptRoot + '\GetSystemMetrics-Hook.dll" ' + $lockdown_runtime + ' "%1"')
Set-ItemProperty -ErrorAction Ignore -Path "HKCR:\ielb\shell\open\command" -Name "(Default)" -Value ('"' + $PSScriptRoot + '\withdll.exe" "/d:' + $PSScriptRoot + '\GetSystemMetrics-Hook.dll" ' + $lockdown_runtime + ' "%1"')
Set-ItemProperty -ErrorAction Ignore -Path "HKCR:\ldb\shell\open\command" -Name "(Default)" -Value ('"' + $PSScriptRoot + '\withdll.exe" "/d:' + $PSScriptRoot + '\GetSystemMetrics-Hook.dll" ' + $lockdown_runtime + ' "%1"')
Set-ItemProperty -ErrorAction Ignore -Path "HKCR:\ldb1\shell\open\command" -Name "(Default)" -Value ('"' + $PSScriptRoot + '\withdll.exe" "/d:' + $PSScriptRoot + '\GetSystemMetrics-Hook.dll" ' + $lockdown_runtime + ' "%1"')

./withdll /d:GetSystemMetrics-Hook.dll $lockdown_runtime

If that works, then I'll add those lines into the main file.

HazEaSSaSSin commented 9 months ago

Sorry about that delay, @gucci-on-fleek . You can mark this as closed now. I actually ended up dropping that class cuz I'm too busy lol. I wasn't able to confirm whether or not it worked because I can no longer access the course. Appreciate you checkin, though.