diff --git a/pafish/Makefile b/pafish/Makefile index c6d3709..f24568f 100644 --- a/pafish/Makefile +++ b/pafish/Makefile @@ -5,7 +5,7 @@ SRC = $(wildcard *.c) OBJ = $(SRC:%.c=$(OBJDIR)/%.o) $(OBJDIR)/pafish_private.res BIN = Output/MingW/pafish.exe LINKOBJ = $(OBJDIR)/*.o $(OBJDIR)/pafish_private.res -LIBS = -s -lws2_32 -liphlpapi +LIBS = -s -lws2_32 -liphlpapi -lmpr CXXFLAGS = -fexpensive-optimizations -O1 -static-libgcc CFLAGS = -fexpensive-optimizations -O1 GPROF = i686-pc-mingw32-gprof diff --git a/pafish/main.c b/pafish/main.c index 9cb4d60..7ed3727 100644 --- a/pafish/main.c +++ b/pafish/main.c @@ -247,6 +247,12 @@ int main(int argc, char *argv[]) print_not_traced(); } + printf("[*] Looking for VBox network share "); + if (vbox_network_share() == 0) { + } + else { + print_not_traced(); + } /* VMware detection tricks */ printf("\n[-] VMware detection\n"); diff --git a/pafish/vbox.c b/pafish/vbox.c index 215a190..3c53574 100644 --- a/pafish/vbox.c +++ b/pafish/vbox.c @@ -1,6 +1,7 @@ #include #include +#include #include #include #include @@ -414,3 +415,29 @@ int vbox_traywindow() { return res; } + + +/** +* Checking network shared +* http://waleedassar.blogspot.com +**/ +int vbox_network_share() { + int res=1; + + unsigned long pnsize=0x1000; + + char * provider=(char *)LocalAlloc(LMEM_ZEROINIT, pnsize); + int retv = WNetGetProviderName(WNNC_NET_RDR2SAMPLE, provider, &pnsize); + if (retv==NO_ERROR){ + if (lstrcmpi(provider, "VirtualBox Shared Folders") == 0){ + write_log("VirtualBox shared folder detected"); + print_traced(); + write_trace("hi_virtualbox"); + res = 0; + } + } + + return res; +} + + diff --git a/pafish/vbox.h b/pafish/vbox.h index d62599e..7a56d7e 100644 --- a/pafish/vbox.h +++ b/pafish/vbox.h @@ -26,4 +26,6 @@ int vbox_pipe(); int vbox_traywindow(); +int vbox_network_share(); + #endif