mirrors/pafish
1
0
Fork 0
mirror of https://github.com/a0rtega/pafish synced 2024-11-22 06:11:18 +03:00
Code Issues Packages Projects Releases Wiki Activity

Supporting all drivers now

Browse Source
This commit is contained in:
Thorsten Sick 2014-02-13 16:33:29 +01:00
parent 34ada0bc8f
commit af05de0f78
2 changed files with 32 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
pafish/main.c
View File

@ -188,11 +188,8 @@ int main(int argc, char *argv[])
else {
print_not_traced();
}
printf("[*] Looking for C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys ... ");
if (vbox_sysfile1() == 0) {
write_log("VirtualBox traced using file C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys");
print_traced();
write_trace("hi_virtualbox");
if (vbox_sysfile1() == 0) {
}
else {
print_not_traced();

37
pafish/vbox.c
View File

@ -1,9 +1,11 @@
#include <windows.h>
#include <string.h>
#include <stdio.h>
#include "vbox.h"
typedef char * string;
int vbox_reg_key1() {
HKEY regkey;
LONG retu;
@ -111,11 +113,32 @@ int vbox_reg_key4() {
int vbox_sysfile1() {
DWORD ret;
ret = GetFileAttributes("C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys");
if (ret != INVALID_FILE_ATTRIBUTES) {
return 0;
}
else {
return 1;
const int count = 4;
string strs[count];
int res = 1;
char message[200];
int i=0;
strs[0] = "C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys";
strs[1] = "C:\\WINDOWS\\system32\\drivers\\VBoxGuest.sys";
strs[2] = "C:\\WINDOWS\\system32\\drivers\\VBoxSF.sys";
strs[3] = "C:\\WINDOWS\\system32\\drivers\\VBoxVideo.sys";
for (i=0; i < count; i++){
sprintf(message, "[*] Looking for %s ... ", strs[i]);
printf(message);
ret = GetFileAttributes(strs[i]);
if (ret != INVALID_FILE_ATTRIBUTES) {
sprintf(message, "VirtualBox traced using file %s", strs[i]);
write_log(message);
print_traced();
write_trace("hi_virtualbox");
res = 0;
}
}
return res;
}