The video below shows a Proof of Concept of bypassing Application Security in RES Workspace Manager .

Please note that at this time the code is not publicly available so please don’t ask for it.

EDIT 2: I added a video that I received from someone who tried my Excel Sheet with AppSense Application Manager.


EDIT: I wanted to clarify a couple of things regarding this post.

First of all I would like to explain why I wrote this code and why I choose to test it with RES WM.

I had the idea about this approach a long time ago but I never got around to actually do it. The main reason was that I needed to convert Delphi code to VBA and especially converting some Windows headers was a lot of work. Then suddenly I noticed that someone had already converted the headers, so I all I had to do was rewrite the code that used it to VBA.

The choice for RES was made because of two reasons:

  1. If you want to beat something, you want to beat the best and I most certainly consider RES WM to be one of the top products.
  2. At the time I wrote the POC code I had access to an enviroment with RES in it.

I would like to emphasize that RES contacted me very quickly after publishing this blog. I’ve had contact with RES and they showed a very constructive approach with their primary goal being a fix or guidance for their customers. Hats of to RES taking a constructive approach and I will be working together with RES on this issue.

Finally I would like to state that I didn’t expect this post to draw this much attention, if I did I would have probably taken another approach.


 

 

Same demo but now with AppSense: