mirror of
https://github.com/a0rtega/pafish
synced 2024-11-24 23:29:39 +03:00
re #46 add IsNativeVhdBoot detection
This commit is contained in:
parent
896f26f3be
commit
9ab9e0fb3b
@ -12,6 +12,11 @@
|
||||
#include "gensandbox.h"
|
||||
#include "utils.h"
|
||||
|
||||
/**
|
||||
* Prototype for IsNativeVhdBoot, which is only available in >= Windows 8
|
||||
*/
|
||||
typedef BOOL (WINAPI * IsNativeVhdBoot) (BOOL *);
|
||||
|
||||
int gensandbox_mouse_act() {
|
||||
POINT position1, position2;
|
||||
GetCursorPos(&position1);
|
||||
@ -164,3 +169,13 @@ int gensandbox_uptime() {
|
||||
return GetTickCount() < 0xAFE74 ? TRUE : FALSE;
|
||||
}
|
||||
|
||||
int gensandbox_IsNativeVhdBoot() {
|
||||
BOOL isnative = FALSE;
|
||||
IsNativeVhdBoot fnnative = (IsNativeVhdBoot) GetProcAddress(
|
||||
GetModuleHandleA("kernel32"), "IsNativeVhdBoot");
|
||||
/* IsNativeVhdBoot always returns 1 on query success */
|
||||
if (fnnative)
|
||||
fnnative(&isnative);
|
||||
return (isnative) ? TRUE : FALSE;
|
||||
}
|
||||
|
||||
|
@ -24,4 +24,6 @@ int gensandbox_less_than_onegb();
|
||||
|
||||
int gensandbox_uptime();
|
||||
|
||||
int gensandbox_IsNativeVhdBoot();
|
||||
|
||||
#endif
|
||||
|
@ -146,6 +146,10 @@ int main(void)
|
||||
&gensandbox_uptime,
|
||||
"Sandbox traced by checking operating system uptime using GetTickCount()",
|
||||
"hi_sandbox_uptime");
|
||||
exec_check("Checking if operating system IsNativeVhdBoot()",
|
||||
&gensandbox_IsNativeVhdBoot,
|
||||
"Sandbox traced by checking IsNativeVhdBoot()",
|
||||
"hi_sandbox_IsNativeVhdBoot");
|
||||
|
||||
/* Hooks detection tricks */
|
||||
print_check_group("Hooks detection");
|
||||
|
Loading…
Reference in New Issue
Block a user