Supporting all drivers now

2014-02-13 16:33:29 +01:00 · 2014-02-13 16:33:29 +01:00 · af05de0f78
parent 34ada0bc8f
commit af05de0f78
2 changed files with 32 additions and 12 deletions
--- a/pafish/main.c
+++ b/pafish/main.c
@ -188,11 +188,8 @@ int main(int argc, char *argv[])
    else {
        print_not_traced();
    }
-    printf("[*] Looking for C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys ... ");
-    if (vbox_sysfile1() == 0) {
-        write_log("VirtualBox traced using file C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys");
-        print_traced();
-        write_trace("hi_virtualbox");
+
+    if (vbox_sysfile1() == 0) {        
    }
    else {
        print_not_traced();
--- a/pafish/vbox.c
+++ b/pafish/vbox.c
@ -1,9 +1,11 @@

 #include <windows.h>
 #include <string.h>
-
+#include <stdio.h>
 #include "vbox.h"

+typedef char * string;
+
 int vbox_reg_key1() {
    HKEY regkey;
    LONG retu;
@ -111,11 +113,32 @@ int vbox_reg_key4() {

 int vbox_sysfile1() {
    DWORD ret;
-    ret = GetFileAttributes("C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys");
-    if (ret != INVALID_FILE_ATTRIBUTES) {
-        return 0;
-    }
-    else {
-        return 1;
+    
+    const int count = 4;
+    string strs[count];
+    int res = 1;
+    char message[200];
+    int i=0;
+    
+    strs[0] = "C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys";
+    strs[1] = "C:\\WINDOWS\\system32\\drivers\\VBoxGuest.sys";
+    strs[2] = "C:\\WINDOWS\\system32\\drivers\\VBoxSF.sys";
+    strs[3] = "C:\\WINDOWS\\system32\\drivers\\VBoxVideo.sys";
+
+
+    for (i=0; i < count; i++){
+        sprintf(message, "[*] Looking for %s ... ", strs[i]);
+        printf(message);
+        ret = GetFileAttributes(strs[i]);
+        if (ret != INVALID_FILE_ATTRIBUTES) {
+            sprintf(message, "VirtualBox traced using file %s", strs[i]);
+            write_log(message);
+            print_traced();
+            write_trace("hi_virtualbox");
+            res = 0;
+        }
    }
+    
+    return res;
+    
 }