mirror of
https://github.com/a0rtega/pafish
synced 2024-11-25 23:59:37 +03:00
Merge pull request #21 from Thorsten-Sick/GetDiskFreeSpace
Added GetDiskFreeSpace based disk space detection with the min size 60 G...
This commit is contained in:
commit
30892b519c
@ -82,3 +82,24 @@ int gensandbox_drive_size() {
|
|||||||
}
|
}
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int gensandbox_drive_size2() {
|
||||||
|
ULARGE_INTEGER bytes_available;
|
||||||
|
ULARGE_INTEGER total_bytes;
|
||||||
|
ULARGE_INTEGER total_number_free_bytes;
|
||||||
|
|
||||||
|
if (GetDiskFreeSpaceExA("C:\\", &bytes_available, &total_bytes, &total_number_free_bytes))
|
||||||
|
{
|
||||||
|
if (bytes_available.QuadPart / 1073741824 <= 60) { /* <= 60 GB */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (total_bytes.QuadPart / 1073741824 <= 60) { /* <= 60 GB */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
if (total_number_free_bytes.QuadPart / 1073741824 <= 60) { /* <= 60 GB */
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
@ -10,4 +10,6 @@ int gensandbox_path();
|
|||||||
|
|
||||||
int gensandbox_drive_size();
|
int gensandbox_drive_size();
|
||||||
|
|
||||||
|
int gensandbox_drive_size2();
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
@ -114,6 +114,16 @@ int main(int argc, char *argv[])
|
|||||||
print_not_traced();
|
print_not_traced();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
printf("[*] Checking if disk size by GetDiskFreeSpace <= 60GB ... ");
|
||||||
|
if (gensandbox_drive_size2() == 0) {
|
||||||
|
print_traced();
|
||||||
|
write_log("Sandbox traced by checking disk size GetDiskFreeSpace <= 60GB");
|
||||||
|
write_trace("hi_sandbox_drive_size_2");
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
print_not_traced();
|
||||||
|
}
|
||||||
|
|
||||||
/* Hooks detection tricks */
|
/* Hooks detection tricks */
|
||||||
printf("\n[-] Hooks detection\n");
|
printf("\n[-] Hooks detection\n");
|
||||||
printf("[*] Checking function DeleteFileW method 1 ... ");
|
printf("[*] Checking function DeleteFileW method 1 ... ");
|
||||||
|
Loading…
Reference in New Issue
Block a user