238
edits
Changes
basic installer reversing
Respondus LockDown Browser is a piece of proprietary online testing software developed by Respondus, Inc, and used by departments, including the Department
of Engineering Education. Success in running under [[w:Wine (software)|Wine]] varies from version to version, and may involve complex installation procedures, and the software
==Running the Software==
=== Download ===
LockDown Browser's download website shows the download option based on your OS. Since it does not support Linux, it does not let you download it. So, to download this <s>shitty</s> browser, you need to change the OS in your User Agent to Windows.
The file name must include the school's 9-digit ID code (for VT: 776344933). This must be immediately preceded by a '-' hyphen. If there are multiple numeric sequences '''exactly''' 9-digits long and preceded by a hyphen, the first one is interpreted as the ID code.
The following file names would work:
<code>LockDownBrowser-2-1-3-00-776344933.exe</code><br>
<code>LockDown-776344933-March-03-2025.exe</code><br>
<code>LD-03032025-776344933.exe</code><br>
<code>999999999-776344933-999999999.exe</code><br>
<code>LDB-0000000000-776344933-999999999.exe</code><br>
Note: the ID id is '''always''' the first 9 digit number with a hyphen in front. The .exe is optional.
Likewise, the following file name would '''NOT''' work:
<code>LockDownBrowser776344933.exe</code> This does not have a hyphen before the 9-digit code.<br>
<code>LockDown-030320251-776344933.exe</code>This has multiple 9-digit sequences, but the ID code is not first.<br>
<code>776344933.exe</code>The ID code is not preceded by a hyphen<br>
<code>Lockdown.exe</code>The ID code simply isn't in the file name<br>
To pull down VT's executable with the default name, try
<code>
curl -LO $(curl -L "https://download.respondus.com/lockdown/$(curl -L "https://download.respondus.com/lockdown/download.php?ID=776344933" -A "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.3" 2>/dev/null | grep -ioE "download[0-9].php\?id=[0-9]*")" 2>/dev/null| grep -ioE "https.*.exe" | uniq)
</code>
===Wine===
There are multiple tutorials available by a quick web search which claim to get this working in Wine, <s>however, to date, no member ofVTLUUG has succeeded in doing so and existing information indicates it varies by version of the browser.</s>There is a solution for running LockDown browser with Wine, provided by [[User:caleb|caleb]] adapted from [https://www.reddit.com/r/UTEP/comments/1bkslgy/tutorial_running_lockdown_browser_on_linux/ this] Reddit post. This solution requires [https://github.com/Winetricks/winetricks winetricks] ====IMPORTANT NOTE====While we here at VTLUUG promote the use of free software, many people at the university '''DO NOT'''. Follow these steps at your own risk, and '''ALWAYS''', ask your professor before using LockDown Browser in this ''unsupported'' configuration on an actual exam. Additionally, abusing flaws in Wine's compatibility in order to cheat or otherwise obtain an unfair advantage on exams is '''against the honor code'''. If cheating is your primary goal, there are certainly better ways if you do some research. If one person is caught abusing Wine to cheat on an exam, professors will not allow '''anyone''' to use it anymore, requiring '''everyone''' to use the non-free Windows operating system. If you are tempted to cheat on an exam, consider reaching out to your professor or TA and setting up office hours to discuss the exam. Additionally, if this method ever fails to work, ensure you have some kind of backup. Whether that is a Windows live-USB you can boot from on the day of the test, a second partition, or an entirely different device, '''bring it with you'''. Many courses provide test exams, which you can use to verify this still works a few hours in advance of the exam. The Chemistry department has a good one, and it is accessible as long as you have taken the course in a previous semester or are currently taking the course. ====Step 1: Setup====First, install the following packages from your distributions package manager (names may differ): <code>wine winetricks gnutls</code> for Debian, the command is <pre># apt install wine gnutls-bin winetricks</pre>Note that winetricks is only available in the <code>contrib</code> repository on vanilla Debian. Winetricks can be downloaded from their github as a bash script if enabling the contrib repository is not desired. ====Step 2: Winetricks====Using winetricks, we can install all of the (non-free) fonts and msftedit, which is related to rich text edit controls.<ref>https://learn.microsoft.com/en-us/windows/win32/controls/about-rich-edit-controls</ref> <pre>$ winetricks msftedit allfonts</pre> ====Step 3: Install====Now simply run: <pre>$ wine filename</pre> replacing <code>filename</code> with the exact filename of the executable. If an error about the filename missing the 9-digit ID-code appears, ensure the file is [[#Download | properly named]]. After the program is installed, a .desktop file should automatically be created. Launching that file will load the LockDown Browser. Many features work on Gnome, such as detecting when switching desktops using a gesture or attempting to switch to another application. Other desktop environments and window managers have not been tested (yet).
===Virtual Machine (KVM)===
== Analysis ==
The initially downloaded .exe is an InstallShield self-extracting installer. The 9-digit ID is not checked by this installer during the extraction process whatsoever -- it is simply copied from the filename into a temporary file in the extraction working directory (on Wine, <code>c/users/hokietux/AppData/Local/Temp/ldz<some string>/id.txt</code>, though this is dynamically generated using winapi's <code>GetTempPathA</code> then <code>GetTempFileNameA</code>).
Only cursory analysis has been done thus far, as the author of this article doesn't have a native windows box to run Respondus on. It appears that on launch, it first connects to an unencrypted http server running in AWS, presumably to check if the version is current, then it checks if it is in a virtualized environment.
==References==
<references/>
[[Category:Needs restorationSoftware]]
