The video below shows a Proof of Concept of bypassing Application Security in RES Workspace Manager .
Please note that at this time the code is not publicly available so please don’t ask for it.
EDIT 2: I added a video that I received from someone who tried my Excel Sheet with AppSense Application Manager.
EDIT: I wanted to clarify a couple of things regarding this post.
First of all I would like to explain why I wrote this code and why I choose to test it with RES WM.
I had the idea about this approach a long time ago but I never got around to actually do it. The main reason was that I needed to convert Delphi code to VBA and especially converting some Windows headers was a lot of work. Then suddenly I noticed that someone had already converted the headers, so I all I had to do was rewrite the code that used it to VBA.
The choice for RES was made because of two reasons:
- If you want to beat something, you want to beat the best and I most certainly consider RES WM to be one of the top products.
- At the time I wrote the POC code I had access to an enviroment with RES in it.
Finally I would like to state that I didn’t expect this post to draw this much attention, if I did I would have probably taken another approach.
Well done, Remko. Given that VBA can by no means be considered convenient for the task you used it for, this is a cool achievement.
[...] example a well-known community member Remko Weijnen (@RemkoWeijnen) did a blog article in January (here) about how to use Excel to bypass security. The great thing about RES Workspace Manager is that [...]