mirror of
https://github.com/a0rtega/pafish
synced 2024-11-21 22:01:56 +03:00
Added two more registry keys: FADT and RSDT in Hardware/ACPI
This commit is contained in:
parent
e15a37eb96
commit
79bf3e7430
@ -206,6 +206,25 @@ int main(int argc, char *argv[])
|
||||
print_not_traced();
|
||||
}
|
||||
|
||||
printf("[*] Reg key (HKLM\\HARDWARE\\ACPI\\FADT\\VBOX__ ... ");
|
||||
if (vbox_reg_key7() == 0) {
|
||||
write_log("VirtualBox traced using Reg key HKLM\\HARDWARE\\ACPI\\FADT\\VBOX__");
|
||||
print_traced();
|
||||
write_trace("hi_virtualbox");
|
||||
}
|
||||
else {
|
||||
print_not_traced();
|
||||
}
|
||||
|
||||
printf("[*] Reg key (HKLM\\HARDWARE\\ACPI\\RSDT\\VBOX__ ... ");
|
||||
if (vbox_reg_key8() == 0) {
|
||||
write_log("VirtualBox traced using Reg key HKLM\\HARDWARE\\ACPI\\RSDT\\VBOX__");
|
||||
print_traced();
|
||||
write_trace("hi_virtualbox");
|
||||
}
|
||||
else {
|
||||
print_not_traced();
|
||||
}
|
||||
|
||||
if (vbox_sysfile1() == 0) {
|
||||
}
|
||||
|
@ -242,6 +242,45 @@ int vbox_reg_key6() {
|
||||
return res;
|
||||
}
|
||||
|
||||
/**
|
||||
* FADT ACPI Regkey detection
|
||||
**/
|
||||
int vbox_reg_key7() {
|
||||
HKEY regkey;
|
||||
LONG retu;
|
||||
char value[1024];
|
||||
int i;
|
||||
DWORD size;
|
||||
|
||||
size = sizeof(value);
|
||||
retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "HARDWARE\\ACPI\\FADT\\VBOX__", 0, KEY_READ, ®key);
|
||||
if (retu == ERROR_SUCCESS) {
|
||||
return 0;
|
||||
}
|
||||
else {
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* RSDT ACPI Regkey detection
|
||||
**/
|
||||
int vbox_reg_key8() {
|
||||
HKEY regkey;
|
||||
LONG retu;
|
||||
char value[1024];
|
||||
int i;
|
||||
DWORD size;
|
||||
|
||||
size = sizeof(value);
|
||||
retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "HARDWARE\\ACPI\\RSDT\\VBOX__", 0, KEY_READ, ®key);
|
||||
if (retu == ERROR_SUCCESS) {
|
||||
return 0;
|
||||
}
|
||||
else {
|
||||
return 1;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* VirtualBox Driver files in windows/system32
|
||||
|
@ -14,6 +14,10 @@ int vbox_reg_key5();
|
||||
|
||||
int vbox_reg_key6();
|
||||
|
||||
int vbox_reg_key7();
|
||||
|
||||
int vbox_reg_key8();
|
||||
|
||||
int vbox_sysfile1();
|
||||
|
||||
int vbox_sysfile2();
|
||||
|
Loading…
Reference in New Issue
Block a user