[GUIDE] How to bypass WinRT / Metro sandbox using simple trick
Hi, I've created simple proof-of-concept project, how to bypass WinRT sandbox limitations in Metro apps using local service.
Sample + guide is here:
Edit: updated sample for Visual Studio 2012 RTM and Windows 8 RTM, it still works.
Let me know, what you think about real usability and impact on the Windows 8 Metro app model
By design Metro application cannot access underlying PC directly, only using WinRT API and available capabilities. But when you create back-end service for accessing the PC and all data there, it's basically no longer running in sandbox.
The only "problem" is that user must manually install this back-end service, but that won't be a problem using some "social engineering":
User downloads "PC browser" Metro app, user can browse all pictures, music and videos, using WinRT API, but the app also shows message at the bottom:
"Download our PC browser powerpack and browse your entire PC, for FREE"
User is redirected to web page, from where user can download classic desktop installer containing "PC browser" back-end service for accessing files on users entire PC. Once this desktop service is installed, the Metro app can detect it and use it for browsing the entire PC. User is happy, but the WinRT sandbox is compromised.
Of course this won't work on Windows 8 ARM tablets. Using this workaround it could be even possible to build Metro apps for classic desktop apps like antiviruses, torrent/P2P clients, etc.