(solved) run batch file from keepass trigger with parameter

apani · March 19, 2017, 7:47pm

Hello

I’m brand new to this, so maybe my question is not that exact.

I want to run a batchfile from keepass trigger

If I use only the call
/k “Y:\Keepass_Backup\Trigger_Backup2.bat”
and did a rule for the sandbox
“C:\ProgramData\COMODO\Cis\tempscrpt*.bat”
“C:\Windows\System32\conhost.exe”
everything is fine and works.

But if I call the same batchfile from keepass with parameter, it fails and the batchfile goes into sandbox like C_cmd.exe_381E4B3A5143949E8BD454CA7EDA476B0232A141.bat

so what could I do?
Thank you, Andi

DecimaTech · March 19, 2017, 8:05pm

Hello apani and welcome to the forums. What you want to do is to remove conhost.exe from your sandbox rule. That way it will ignore all .bat files that are created by any application.

apani · March 19, 2017, 8:15pm

Hi futuretech

Thank you.

But is that good?
Can I get problems by “open that door”?

DecimaTech · March 19, 2017, 9:28pm

Technically yes for other bat files. Now thinking about it more it would be better if you created an ignore sandbox rule for the keepass exectuable. That way any script files it creates or executes will not be sandboxed either.

apani · March 20, 2017, 6:28am

Thank you!

I did it like in the screenshots.

Step 1
edit Auto-sandbox settings
Step 2 create rule
enable, save

Is it right? - it seems to work!

DecimaTech · March 20, 2017, 1:55pm

Yes that should be fine. If you want to be more specific you can add keepass executable to the created by processes section of the rule.