mirrors
/
pafish
mirror of https://github.com/a0rtega/pafish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adding device detection

This commit is contained in:
Thorsten Sick 2014-03-20 11:32:49 +01:00
parent 75299a4fc9
commit c4edcc791e
4 changed files with 114 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pafish/Makefile
View File

@ -5,7 +5,7 @@ SRC = $(wildcard *.c)
OBJ = $(SRC:%.c=$(OBJDIR)/%.o) $(OBJDIR)/pafish_private.res
BIN = Output/MingW/pafish.exe
LINKOBJ = $(OBJDIR)/*.o $(OBJDIR)/pafish_private.res
LIBS = -s -lws2_32 -liphlpapi -lmpr
LIBS = -s -lws2_32 -liphlpapi -lmpr -lsetupapi
CXXFLAGS = -fexpensive-optimizations -O1 -static-libgcc
CFLAGS = -fexpensive-optimizations -O1
GPROF = i686-pc-mingw32-gprof

7
pafish/main.c
View File

@ -290,6 +290,13 @@ int main(int argc, char *argv[])
print_not_traced();
}
printf("[*] Looking for VBox devices ");
if (vbox_devices() == 0) {
}
else {
print_not_traced();
}
/* VMware detection tricks */
printf("\n[-] VMware detection\n");
printf("[*] Scsi port->bus->target id->logical unit id-> 0 identifier ... ");

105
pafish/vbox.c
View File

@ -6,15 +6,23 @@
#include <stdio.h>
#include <iphlpapi.h>
#include <tlhelp32.h>
#include <setupapi.h>
#include <devguid.h>
#include <regstr.h>
#include "vbox.h"
typedef char * string;
void ToUpper(unsigned char* Pstr) {
char* P=(char*)Pstr;
unsigned long length=strlen(P);
unsigned long length;
unsigned long i;
if (Pstr == NULL)
return;
length=strlen(P);
for(i=0;i<length;i++) P[i]=toupper(P[i]);
return;
@ -555,3 +563,98 @@ int vbox_processes() {
}
return res;
}
/**
* Helper function to get device propery. Free return buffer after use ! Only for REG_SZ data
*
*
**/
LPTSTR device_property(HDEVINFO hDevInfo, SP_DEVINFO_DATA DevInfoData, DWORD property){
LPTSTR buffer = NULL;
DWORD buffersize = 0;
DWORD DataT;
while (!SetupDiGetDeviceRegistryProperty(
hDevInfo,
&DevInfoData,
property,
&DataT,
(PBYTE) buffer,
buffersize,
&buffersize
)){
if (GetLastError () == ERROR_INSUFFICIENT_BUFFER){
if (buffer) LocalFree(buffer);
buffer = LocalAlloc (LPTR, buffersize * 2);
}
else
{
break;
}
}
return buffer;
}
/**
* VBox devices
*
* http://support.microsoft.com/kb/259695/EN-US
**/
int vbox_devices() {
int res=1;
HDEVINFO hDevInfo;
DWORD i;
SP_DEVINFO_DATA DevInfoData;
hDevInfo = SetupDiGetClassDevs(NULL, 0, 0, DIGCF_PRESENT | DIGCF_ALLCLASSES);
if (hDevInfo == INVALID_HANDLE_VALUE){
return res;
}
DevInfoData.cbSize = sizeof(SP_DEVINFO_DATA);
// Enum devices
for (i=0; SetupDiEnumDeviceInfo(hDevInfo, i, &DevInfoData); i++){
LPTSTR buffer = NULL;
DWORD properties[] = {SPDRP_CLASS, SPDRP_CLASSGUID, SPDRP_DEVICEDESC, SPDRP_ENUMERATOR_NAME, SPDRP_FRIENDLYNAME, SPDRP_LOCATION_INFORMATION, SPDRP_MFG, SPDRP_PHYSICAL_DEVICE_OBJECT_NAME, SPDRP_SERVICE};
int prop;
const int max_prop = 9;
char * message;
for (prop=0; prop < max_prop ; prop ++){
buffer = device_property(hDevInfo, DevInfoData, properties[prop]);
if (buffer != NULL){
ToUpper(buffer);
if ((strstr((char *)buffer, "VBOX")) ||
(strstr((char *)buffer, "VIRTUALBOX"))){
message = (char*)LocalAlloc(LMEM_ZEROINIT,strlen(buffer)+200);
if (message) {
sprintf(message, "VBOX traced by device property %s ", buffer);
write_log(message);
LocalFree(message);
}
res = 0;
}
LocalFree(buffer);
buffer = NULL;
}
}
}
// Cleanup
SetupDiDestroyDeviceInfoList(hDevInfo);
if (res == 0){
print_traced();
write_trace("hi_virtualbox");
}
return res;
}

2
pafish/vbox.h
View File

@ -36,4 +36,6 @@ int vbox_network_share();
int vbox_processes();
int vbox_devices();
#endif