Beating Respondus LockDown Browser

Posted on 2019-07-27
Tags: projects

It was actually easier than I thought. Now, it wasn’t the easiest, but I will explain what I tried and what worked.

So Respondus LockDown is the browser my school forces us to use to take “secure” online exams. I hate it. I despise it strongly. Everything it stands for, the institutionalized test-taking mentality, the enforcement of unrealistic conditions, the distrust of students most of all, it ticks me off to my core. So I did something about it. I “hacked” their stupid browser that fullscreens itself, disables all other applications, limits the input options, and watches your every move with your webcam.

There were two ways of going about it: the first and most flexible option is to run LockDown in a VM. The other option would be to MITM myself to have an <iframe> of google constantly beside the test. The second has the disadvantage of more easily being caught (screenshots and keylogging, duh), and being more work for me. Also I didn’t want to ever install that piece of malware on my actual computer. So I went with the first option.

I spent many hours researching VM detection techniques and their associated bypasses, accumulating in finding and understanding a github repo that generated scripts to hide the fact that a VM is a VM. The one I used is located here: antivmdetection. I first tested LockDown in a untouched Windows VM, and sure enough it knew. So I ran the scripts, and voila it worked. What the scripts did was change all the VirtualBox device driver names, like the BIOS model, the video card name, the hard drive serial number, etc. to the exact same ones as my host computer. It changes those through VirtualBox settings and through registry editing. There’s also a neat trick with the cpuid instruction that’s explained much better here.

Other approaches that I tried in the VM but couldn’t get to work were using a sandbox (LockDown didn’t like the sandbox management program running) and disassembling and editing the LockDown binary (I was just bad at that tho lol).

IMPORTANT! please note that I did this only as an experiment to see if I could because I was mad, I do not intend to use this to cheat and I will take all my exams in the correct fashion, with LockDown installed on my main computer.