Build in Release mode try it (click on the button and observe it break out of the sandbox and pop up a dialog on your desktop), then run the Windows App Cert kit on it (don't click anything while running), and observe that it passes the automated tests.
I have developed an exploit which can break out of the sandboxed Windows 8 app environment, and pass the automated stage of the store validation procedure (Windows App Cert kit on my local computer). Please see the disclaimer in the mainpage file.
This exploit sample runs as a Windows 8 app and pops up a dialog box in desktop mode.
This goes to show, the Windows 8 sandbox is NOT A VM and users should not blindly trust Windows 8 apps. Note that you should not actually use this in store apps. If you were to get caught using this, your app would certainly be removed from the store and you would most likely be permanently banned from uploading any more Windows 8 apps to the store. This is intended as a proof-of-concept, nothing more.
Related
Dear Team
I am developing an application for Windows RT device. I have a requirement to programmatically lock
the device screen. I tried to log off with a solution posted in this link
to open the "cmd" prompt, but the cmd prompt executes within the sandbox of winrt and hence "shutdown /l" failed to execute due to
access denied(5).It is mentioned in the forum to give "ALL APPLICATION PACKAGES" => FULL CONTROL. But in vain. Therefore I need solution either to lock the screen or open cmd prompt with required access.
with thanks
Sathia
Is this for a Win32 application that is compiled for ARM, or for a Windows Store application?
Windows Store applications don't have access to those APIs, which means anything that you run, runs in the same sandbox, and also doesn't have access (as you've noticed).
The only way to work around I think is to provide a separate lock screen inside your application. But it of course depends a bit on how you want to use it. If the goal is just to lock access to info in the app, that will work fine, but if you really need to lock the entire device, then I don't know...
solice13 said:
Is this for a Win32 application that is compiled for ARM, or for a Windows Store application?
Windows Store applications don't have access to those APIs, which means anything that you run, runs in the same sandbox, and also doesn't have access (as you've noticed).
The only way to work around I think is to provide a separate lock screen inside your application. But it of course depends a bit on how you want to use it. If the goal is just to lock access to info in the app, that will work fine, but if you really need to lock the entire device, then I don't know...
Click to expand...
Click to collapse
Hi thanks for your reply. Yes I need to lock the entire device using code(c#).Please share knowledge.
Hi,
I started experimenting with this idea. I have WP8 files extracted from a firmware file. I copied these files to my surface RT. I was able to run some WP8 applications out of the box. however, applications that require UIXmobile.dll (WP GUI) failed to run. Now both WP8 and W8 share the NT core. so some libraries would just work. now the main WP8 library UIXmobile.dll doesn't work out of the box. as it uses a different function to create the gui for its applications.
I was thinking of something similar to what has been done by "mamaich", to implement a library that will replace the WP8 call wtith the standard W8 call (for example: use createProcess instead of createApplication) and pass the common calls to the already implemented APIs.
sadly , It's a very difficult task for me to do. I'll be spending time on it but i can't promise of any fast results.
I'd like to thank the authors of these threads for their wonderful work:
1. Running x86 apps on WinRT devices (by mamaich)
http://forum.xda-developers.com/showthread.php?t=2095934
2. RT Jailbreak Tool (By netham45 )
http://forum.xda-developers.com/showthread.php?t=2092158
3. Desktop apps ported to Windows RT (by GoodDayToDie)
http://forum.xda-developers.com/showthread.php?t=2092348
4. (FFU) ImgMount Tool v.1.0.15 (by AnDim)
http://forum.xda-developers.com/showthread.php?t=2066903
Which apps worked without tinkering?
Oh, very cool idea. It would probably only work for actual WP8 apps at first (not WP7.x apps, as those would require either a Silverlight or XNA runtime), but the idea has merit for sure. It was speculated for a long time that running WP8 apps on Win8/Windows RT would be possible, as both are written against the WinRT API, but that never happened. If we can make it happen ourselves, though... that would be awesome.
Of course, ideally we'd want to be able to access the store, since there aren't a lot of WP8 app packages floating around where we could use them. That's probably a very tricky problem in and of itself, although you could try extracting the store EXE and seeing what is required to make it work...
I think windows phone(os) is just a min gui shell for windows rt.so its possible to run the shell in windows rt.and maybe a windows phone can run windows rt.
windowsrtc said:
I think windows phone(os) is just a min gui shell for windows rt.
Click to expand...
Click to collapse
Not exactly. It's the same shell (well, the next rev) that was running on top of wince for WP7.
Is it an alternate shell (like Explorer), or a totally separate graphics subsystem?
Boomchaos said:
Which apps worked without tinkering?
Click to expand...
Click to collapse
there is a program called telwp.exe that was able to reach a certain point. I attached a screen shot of 3 different apps. 2 apps showed something before crashing (telwp, nokia_security). and the third app crashed with an error message. other wp apps usually crash silently leaving an error message about a faulty CoreUi.dll in the evenlog .
Pictures can be found in my album. I will work on this post more later, just wanted to get something up before I went to bed.
[See Picture 1]
I purchased a 128G Surface Pro and Touch Cover a few days ago. I backed up the recovery partition, and made a clone with Acronis so I can always put it back to how it was the day I pulled it out of the box. I did the firmware update, then wiped out Windows 8 and replaced it with Server 2012. This is my experience with it...
[See Picture 2]
It took a few tries to get the Surface to boot off a USB stick, but after formatting it to FAT32 and copying the Server 2012 files from the ISO, the install started right up. The install was fairly quick! I didn't time it, but it didn't seem like it took more than 20 minutes (could have just been that "new toy" excitement).
If you have a ".edu" address, you can get Server 2012 and other products (depending on your school) for free from Microsoft by creating an account at DreamSpark
Since Server 2012 is based on Windows 8, this provides me with a lot more functionality, while not losing much in terms of the features from Windows 8. I installed Windows Deployment Services (WDS) so that I can install different versions of Windows over the network without burning ISOs or carrying CD binders. This does eat up some space, but I think it is well worth it.
[See Picture 3]
I then installed Hyper-V so that I can create virtual machines to test the deployments. I created a basic machine with no hard drive and set it to boot off the network.
[See Picture 4]
Sure enough, it booted from WDS. I have a bootable version of Acronis so that I can clone a customer's computer before I wipe it out. This Acronis image lets me save to a network share, which I created on a external USB drive plugged into the Surface. For the Windows Setup option, I just picked the 32-Bit boot.wim from the Windows 7 DVD (I know the screenshots show Win 8, I went back and changed it). You can use a boot.wim from any Windows disk, I just like the 7 start animation better.
[See Picture 5]
A boot.wim from a 32-Bit disk will show list both 32-Bit and 64-Bit options, whereas the boot.wim from a 64-Bit would only show 64-Bit options. You can see both listed under the "Architecture" column.
[See Picture 6]
I then created a share on the Surface for common programs that I usually install after a computer is reloaded. I only selected the top and bottom two because the middle three are empty placeholders at the moment.
[See Picture 7]
So with all of the images I added to WDS, and the Hyper-V virtual machines, I still have 75gigs of free space!
[See Picture 8]
I didn't look to see how much free space I had before I started, but according to this website, out of the box it has 83gigs free. For all the features Server 2012 provides over Windows 8 and what I have loaded on it... I am perfectly happy with only using 8 more gigs.
There were a couple issues that I ran into... Anyone who works on servers or uses a computer that is connected to one knows that you have to do the three fingered salute (Ctrl + Alt + Delete) to login. Well, what if I don't always have my Type Cover handy? You can click on the "Ease of Access" button and bring up the tiny Windows On-Screen Keyboard (not the large Surface keyboard that takes half the screen), or you can disable that "security feature" (read: annoyance) in Group Policies.
[See Picture 11]
Another thing I noticed is that when I pressed the power button, nothing happened. Well, I wanted it to sleep or at least turn off the screen. So looking at the Power Properties, the only options are "Do Nothing" and "Shutdown". Well, thankfully Group Policies saved me again...
[See Picture 13]
The only issues I have remaining is that the orientation sensor isn't working, which isn't a big deal for me, but I am still going to try and fix it. Same thing with the light sensor that automatically controls the brightness.
Some notes...
I really liked the quick boot time, and wanted to try and avoid installing Active Directory. I did all the above while keeping the server on a workgroup and not making it a Domain controller. It still goes from off to Lock Screen in under a minute.
I set the Hyper-V and WDS services to Manual and just turn them on when I need them. This reduces processor and ram usage.
I still wanted to be able to use this as a tablet for class, so I installed the "Desktop Experience" feature and created an account for me so I'm not always running on Administrator. This provides extra security by prompting for the Administrator password if someone attempts to change settings or install a program. This also lets me install applications from the Store (running Store under Admin gives a error message).
You'll see Internet Information Services (IIS) installed in the screenshots. I have not done anything with this yet, but I might make another post about what I'm doing with it later ^__^
Future
Future 2
Future 3
Last one
For what it's worth, you can get Hyper-V on Win8 (Pro or Enterprise); you don't need Server anymore. Still, there are a lot of other things that server grants, although most of them aren't much use on a personal machine.
Plzzz. Guide me to the process of installing win8 xap files of games and app to my surface pro.
Thanks
Heres a guide:
You can't.
XAP files are windows phone 7 and windows phone 8 apps. The surface pro is not a windows phone. It cannot run windows phone apps.
But there is all features like microsoft store and all the games and app.
I think the format would be xap only weather it be win phone or win pc tab. Please do further research
thanks for your help.
Why should I do the research? Why cant you?
Windows phone 8 and windows 8 ARE NOT THE SAME THING. Windows 8 apps do not work on windows phone 8 and vice versa.
Windows 8 apps use the WinRT runtime, windows phone 8 apps use a different runtime entirely and CANNOT run on windows 8 without emulation. You want to emulate windows phone 8? Install visual studio 2012 and the windows phone SDK and start compiling your apps from the basic source code, which requires that the source code be available because the emulator cant sideload .XAP's either, and its slower.
Windows 8 apps are in .APPX format.
Windows phone 8 apps are in .XAP format.
Do your own research next time. .XAP cannot be installed on Windows 8. Its like saying an iOS app runs on OSX or vice versa.
thanks boss... sorry if that research line hearts you but this time things are all clear thanks again for detail description.
Inspired by this post:
http://forum.xda-developers.com/showthread.php?t=1885399&page=22
I wanted to play a bit to join my XPS10 to my home domain. But
Check that the process is working on RT - a provided .NET program obviously would not work, so you should do the same manually
Click to expand...
Click to collapse
Well... it's for .net 4.0, AFAIR we have only 4.5, yep (?) And I was to lazy to read sourcecode.
So I loaded project into Visual Studio, changed target to 4.5 Any CPU. After that:
1. Took ownership of c:\windows\system32\sppsvc.exe and removed all rights (so noone, even system can execute it)
2. Created a copy of runJailbreak.bat and removed all exit commands in it (as a workaround for closing cmd - that will be needed later)
3. Added in registry:
HKEY_LOCAL_MACHINE\SYSTEM\Setup
SetupType=1
CmdLine="cmd.exe"
4. Reboot
After reboot I got cmd window on bootscreen background. Somehow, mouse cursor disappeared even with USB mouse.
5. Started jailbreak by running modified .bat
6. Started attached ProductPolicyEditor, enabled WorkstationService-DomainJoinEnabled policy, wrote changes to registry
7. Closed PPE, cmd, system self restarted in normal mode
8. Connected to domain as usual.
Proof - screenshots attached
After this RT went to not activated state. But when already connected to domain, I reverted changes I done (changed policy to 0, restored sppsvc rights), activated it again - everything works, computer is still in domain, only change is that in system properties I can only leave it, not change to another one.
This method may be used to exploit more hidden RT features.
kitor said:
Inspired by this post:
http://forum.xda-developers.com/showthread.php?t=1885399&page=22
I wanted to play a bit to join my XPS10 to my home domain. But
Well... it's for .net 4.0, AFAIR we have only 4.5, yep (?) And I was to lazy to read sourcecode.
So I loaded project into Visual Studio, changed target to 4.5 Any CPU. After that:
1. Took ownership of c:\windows\system32\sppsvc.exe and removed all rights (so noone, even system can execute it)
2. Created a copy of runJailbreak.bat and removed all exit commands in it (as a workaround for closing cmd - that will be needed later)
3. Added in registry:
HKEY_LOCAL_MACHINE\SYSTEM\Setup
SetupType=1
CmdLine="cmd.exe"
4. Reboot
After reboot I got cmd window on bootscreen background. Somehow, mouse cursor disappeared even with USB mouse.
5. Started jailbreak by running modified .bat
6. Started attached ProductPolicyEditor, enabled WorkstationService-DomainJoinEnabled policy, wrote changes to registry
7. Closed PPE, cmd, system self restarted in normal mode
8. Connected to domain as usual.
Proof - screenshots attached
After this RT went to not activated state. But when already connected to domain, I reverted changes I done (changed policy to 0, restored sppsvc rights), activated it again - everything works, computer is still in domain, only change is that in system properties I can only leave it, not change to another one.
This method may be used to exploit more hidden RT features.
Click to expand...
Click to collapse
Confirmed working on Surface RT :good:
Wonder what happens if you then upgrade the device to win rt 8.1...
I did this on my Surface RT running 8.1 the other day, Nil issues..
jordanmills said:
Wonder what happens if you then upgrade the device to win rt 8.1...
Click to expand...
Click to collapse
I wonder whether this technique could also be used to allow incoming Remote Desktop sessions in Windows RT...
Melissa
Myriachan said:
I wonder whether this technique could also be used to allow incoming Remote Desktop sessions in Windows RT...
Melissa
Click to expand...
Click to collapse
I spent quite a while trying to get that back when this first came out for 8.0, never had any luck with RDP. The Windows Help remote assistant works alright, though.
Work very fine in windows 10 home single language
You can also get "full BitLocker" from "limited Device Encryption" by changing:
SecureStartupFeature-Enabled-Premium
from 0 to 1
Then you can for example add USB-startup-key to encrypted OS volume by:
manage-bde -protector -add C: -StartupKey
...after changing back to "non-Premium" created start-up key protector will stay (survive),
so instead of nonsence TPM (which unlocks drive everytime unless you rip storage outside TPM chip), you can have fully encrypted and protected tablet.
BTW: @Myriachan: On jailbroken RT, how to get rid of inability to auto-start programs, when OS starts?
Can be system service made, which will only launch EXEs (in TXT list, minimised, maximised, normal) or is there other solution (TaskScheduler method doesn't work in W81RT)?