/// <summary> /// Unload Entry, will command the secure application domain to unload the current secure application domain. /// </summary> internal static void Unload() { AllAddonsLoaded = false; if (SandboxDomain.Instance == null) { return; } try { SandboxDomain.UnloadDomain(SandboxDomain.Instance); } catch (Exception e) { Logs.Log("Sandbox: Unloading AppDomain failed"); Logs.Log(e.ToString()); } SandboxDomain.Instance = null; }
/// <summary> /// Creation of a Secure Application Domain. /// </summary> private static void CreateApplicationDomain() { if (SandboxDomain.Instance != null) { return; } try { SandboxDomain.Instance = SandboxDomain.CreateDomain("SandboxDomain"); if (SandboxDomain.Instance == null) { Logs.Log("Sandbox: AppDomain creation failed, please report this error!"); } } catch (Exception e) { Logs.Log("Sandbox: Error during AppDomain creation"); Logs.Log(e.ToString()); } }
internal static SandboxDomain CreateDomain(string domainName) { SandboxDomain domain = null; try { if (string.IsNullOrEmpty(domainName)) { domainName = "Sandbox" + Guid.NewGuid().ToString("N") + "Domain"; } // Initialize app AppDomainSetup var appDomainSetup = new AppDomainSetup { ApplicationName = domainName, ApplicationBase = Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location) + "\\" }; // Initialize all permissions var permissionSet = new PermissionSet(PermissionState.None); permissionSet.AddPermission(new EnvironmentPermission(EnvironmentPermissionAccess.Read, "USERNAME")); permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.AllAccess, Assembly.GetExecutingAssembly().Location)); permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.AllAccess, SandboxConfig.DataDirectory)); permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.PathDiscovery, Path.GetFullPath(Path.Combine(Directory.GetCurrentDirectory(), "..\\..\\..\\..\\..\\..\\")))); permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read, Path.GetFullPath(Path.Combine(Directory.GetCurrentDirectory(), "..\\..\\..\\..\\..\\..\\")))); permissionSet.AddPermission(new ReflectionPermission(PermissionState.Unrestricted)); permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Execution)); permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.Infrastructure)); permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.RemotingConfiguration)); permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.SerializationFormatter)); permissionSet.AddPermission(new SecurityPermission(SecurityPermissionFlag.UnmanagedCode)); permissionSet.AddPermission(new UIPermission(PermissionState.Unrestricted)); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(\\w+)\\.lolnexus\\.com\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(\\w+)\\.riotgames\\.com\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(www\\.)?champion\\.gg\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(www\\.)?elobuddy\\.net\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/edge\\.elobuddy\\.net\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(www\\.)?leaguecraft\\.com\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(www\\.)?lolbuilder\\.net\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(www\\.|raw.)?github(usercontent)?\\.com\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/(www|oce|las|ru|br|lan|tr|euw|na|eune|sk2)\\.op\\.gg\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/ddragon\\.leagueoflegends\\.com\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("http?:\\/\\/strefainformatyka\\.hekko24\\.pl\\/.*"))); permissionSet.AddPermission(new WebPermission(NetworkAccess.Connect, new Regex("https?:\\/\\/strefainformatyka\\.hekko24\\.pl\\/.*"))); // Load extra permissions if existing if (SandboxConfig.Permissions != null) { foreach (IPermission permission in SandboxConfig.Permissions) { // disabled due to security concerns //permissionSet.SetPermission(permission); } } #if DEBUG // TODO: Remove once protected domain works var appDomain = AppDomain.CreateDomain(domainName); #else // Create the AppDomain var appDomain = AppDomain.CreateDomain(domainName, null, appDomainSetup, permissionSet, PublicKeys.AllKeys.Concat(new[] { Assembly.GetExecutingAssembly().Evidence.GetHostEvidence <StrongName>() }).ToArray()); #endif // Create a new Domain instance domain = (SandboxDomain)Activator.CreateInstanceFrom(appDomain, Assembly.GetExecutingAssembly().Location, typeof(SandboxDomain).FullName).Unwrap(); if (domain != null) { domain.DomainHandle = appDomain; domain.Initialize(); } } catch (Exception e) { Logs.Log("Sandbox: An exception occurred creating the AppDomain!"); Logs.Log(e.ToString()); } return(domain); }
internal static void UnloadDomain(SandboxDomain domain) { AppDomain.Unload(domain.DomainHandle); }