mirrors/pafish
1
0
Fork 0
mirror of https://github.com/a0rtega/pafish synced 2024-11-25 07:40:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

v02 uploaded!

Browse Source
This commit is contained in:
Alberto Ortega 2012-10-28 18:41:38 +01:00
parent 4642a9ddd2
commit d09bc5e6b8
22 changed files with 541 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
CHANGELOG Normal file
View File

@ -0,0 +1,19 @@
v02
- Now pafish writes a log file (pafish.log) to
easily track detections
- Deleted one dummy detection for Sandboxie
- Added two new detections for VirtualBox
- Added one new detection for wine
- Added three new detections for VMware
- Added one new detection for generic sandboxes
- Some coding style improvements
- gcc optimization flag in compilation -O1
v01
- First version

BIN
pafish.exe
View File

Binary file not shown.

35
pafish/Makefile.win
View File

@ -1,22 +1,22 @@
# Project: pafish # Project: pafish
# Compiler: Default GCC compiler # Compiler: Default GCC compiler
# Compiler Type: MingW 3 # Compiler Type: MingW 3
# Makefile created by wxDev-C++ IDE 7.4.2.569 on 01/07/12 12:46 # Makefile created by wxDev-C++ IDE 7.4.2.569 on 28/10/12 18:14
WXLIBNAME = wxmsw29u WXLIBNAME = wxmsw29u
CPP = g++.exe CPP = g++.exe
CC = gcc.exe CC = gcc.exe
WINDRES = "windres.exe" WINDRES = "windres.exe"
OBJ = Objects/MingW/main.o Objects/MingW/common.o Objects/MingW/debuggers.o Objects/MingW/sandboxie.o Objects/MingW/vbox.o Objects/MingW/pafish_private.res OBJ = Objects/MingW/main.o Objects/MingW/common.o Objects/MingW/debuggers.o Objects/MingW/sandboxie.o Objects/MingW/vbox.o Objects/MingW/gensandbox.o Objects/MingW/wine.o Objects/MingW/vmware.o Objects/MingW/pafish_private.res
LINKOBJ = "Objects/MingW/main.o" "Objects/MingW/common.o" "Objects/MingW/debuggers.o" "Objects/MingW/sandboxie.o" "Objects/MingW/vbox.o" Objects/MingW/pafish_private.res LINKOBJ = "Objects/MingW/main.o" "Objects/MingW/common.o" "Objects/MingW/debuggers.o" "Objects/MingW/sandboxie.o" "Objects/MingW/vbox.o" "Objects/MingW/gensandbox.o" "Objects/MingW/wine.o" "Objects/MingW/vmware.o" Objects/MingW/pafish_private.res
LIBS = -L"C:/Archivos de programa/Dev-Cpp/lib/wx/gcc_lib" -L"C:/Archivos de programa/Dev-Cpp/lib" -L"C:/Archivos de programa/Dev-Cpp/MinGW32/lib" LIBS = -L"C:/Program Files (x86)/Dev-Cpp/lib/wx/gcc_lib" -L"C:/Program Files (x86)/Dev-Cpp/lib" -L"C:/Program Files (x86)/Dev-Cpp/MinGW32/lib" -s
INCS = -I"C:/Archivos de programa/Dev-Cpp/MinGW32/include" INCS = -I"C:/Program Files (x86)/Dev-Cpp/MinGW32/include"
CXXINCS = -I"C:/Archivos de programa/Dev-Cpp/MinGW32/include" -I"C:/Archivos de programa/Dev-Cpp/" -I"C:/Archivos de programa/Dev-Cpp/include/common" CXXINCS = -I"C:/Program Files (x86)/Dev-Cpp/MinGW32/include" -I"C:/Program Files (x86)/Dev-Cpp/" -I"C:/Program Files (x86)/Dev-Cpp/include/common"
RCINCS = --include-dir "C:/ARCHIV~1/Dev-Cpp/include/common" RCINCS = --include-dir "C:/PROGRA~2/Dev-Cpp/include/common"
BIN = Output/MingW/pafish.exe BIN = Output/MingW/pafish.exe
DEFINES = DEFINES =
CXXFLAGS = $(CXXINCS) $(DEFINES) CXXFLAGS = $(CXXINCS) $(DEFINES) -fexpensive-optimizations -O1
CFLAGS = $(INCS) $(DEFINES) CFLAGS = $(INCS) $(DEFINES) -fexpensive-optimizations -O1
GPROF = gprof.exe GPROF = gprof.exe
ifeq ($(OS),Windows_NT) ifeq ($(OS),Windows_NT)
RM = del /Q RM = del /Q
@ -40,16 +40,25 @@ Objects/MingW/main.o: $(GLOBALDEPS) main.c
$(CC) -c main.c -o Objects/MingW/main.o $(CFLAGS) $(CC) -c main.c -o Objects/MingW/main.o $(CFLAGS)
Objects/MingW/common.o: $(GLOBALDEPS) common.c Objects/MingW/common.o: $(GLOBALDEPS) common.c
$(CPP) -c common.c -o Objects/MingW/common.o $(CXXFLAGS) $(CC) -c common.c -o Objects/MingW/common.o $(CFLAGS)
Objects/MingW/debuggers.o: $(GLOBALDEPS) debuggers.c Objects/MingW/debuggers.o: $(GLOBALDEPS) debuggers.c
$(CPP) -c debuggers.c -o Objects/MingW/debuggers.o $(CXXFLAGS) $(CC) -c debuggers.c -o Objects/MingW/debuggers.o $(CFLAGS)
Objects/MingW/sandboxie.o: $(GLOBALDEPS) sandboxie.c Objects/MingW/sandboxie.o: $(GLOBALDEPS) sandboxie.c
$(CPP) -c sandboxie.c -o Objects/MingW/sandboxie.o $(CXXFLAGS) $(CC) -c sandboxie.c -o Objects/MingW/sandboxie.o $(CFLAGS)
Objects/MingW/vbox.o: $(GLOBALDEPS) vbox.c Objects/MingW/vbox.o: $(GLOBALDEPS) vbox.c
$(CPP) -c vbox.c -o Objects/MingW/vbox.o $(CXXFLAGS) $(CC) -c vbox.c -o Objects/MingW/vbox.o $(CFLAGS)
Objects/MingW/gensandbox.o: $(GLOBALDEPS) gensandbox.c
$(CC) -c gensandbox.c -o Objects/MingW/gensandbox.o $(CFLAGS)
Objects/MingW/wine.o: $(GLOBALDEPS) wine.c
$(CC) -c wine.c -o Objects/MingW/wine.o $(CFLAGS)
Objects/MingW/vmware.o: $(GLOBALDEPS) vmware.c
$(CC) -c vmware.c -o Objects/MingW/vmware.o $(CFLAGS)
Objects/MingW/pafish_private.res: Objects/MingW/pafish_private.rc Objects/MingW/pafish_private.res: Objects/MingW/pafish_private.rc
$(WINDRES) --input-format=rc -o Objects/MingW/pafish_private.res $(RCINCS) Objects/MingW/PAFISH~1.RC -O coff $(WINDRES) --input-format=rc -o Objects/MingW/pafish_private.res $(RCINCS) Objects/MingW/PAFISH~1.RC -O coff

4
pafish/Objects/MingW/pafish_private.h
View File

@ -7,9 +7,9 @@
#define PAFISH_PRIVATE_H #define PAFISH_PRIVATE_H
/* VERSION DEFINITIONS */ /* VERSION DEFINITIONS */
#define VER_STRING "0.1.1.1" #define VER_STRING "0.2.1.1"
#define VER_MAJOR 0 #define VER_MAJOR 0
#define VER_MINOR 1 #define VER_MINOR 2
#define VER_RELEASE 1 #define VER_RELEASE 1
#define VER_BUILD 1 #define VER_BUILD 1
#define COMPANY_NAME "" #define COMPANY_NAME ""

4
pafish/Objects/MingW/pafish_private.rc
View File

@ -8,8 +8,8 @@ A ICON MOVEABLE PURE LOADONCALL DISCARDABLE "pafish.ico"
// This section contains the executable version information. Go to // This section contains the executable version information. Go to
// Project > Project Options to edit these values. // Project > Project Options to edit these values.
1 VERSIONINFO 1 VERSIONINFO
FILEVERSION 0,1,1,1 FILEVERSION 0,2,1,1
PRODUCTVERSION 0,1,1,1 PRODUCTVERSION 0,2,1,1
FILETYPE VFT_APP FILETYPE VFT_APP
BEGIN BEGIN
BLOCK "StringFileInfo" BLOCK "StringFileInfo"

11
pafish/common.c
View File

@ -4,6 +4,8 @@
#include <string.h> #include <string.h>
#include <windows.h> #include <windows.h>
#include "common.h"
void init_cmd_colors() { void init_cmd_colors() {
HANDLE handler = GetStdHandle(STD_OUTPUT_HANDLE); HANDLE handler = GetStdHandle(STD_OUTPUT_HANDLE);
SetConsoleTextAttribute(handler, FOREGROUND_INTENSITY); SetConsoleTextAttribute(handler, FOREGROUND_INTENSITY);
@ -41,3 +43,12 @@ void print_suspicious() {
printf("suspicious\n"); printf("suspicious\n");
SetConsoleTextAttribute(handler, FOREGROUND_INTENSITY); SetConsoleTextAttribute(handler, FOREGROUND_INTENSITY);
} }
void write_log(char msg[]) {
FILE *log;
char logstr[1024];
snprintf(logstr, sizeof(logstr), "\n[pafish] %s", msg);
log = fopen("pafish.log", "a");
fputs(logstr, log);
fclose(log);
}

5
pafish/common.h
View File

@ -1,5 +1,6 @@
#include "common.c" #ifndef COMM_H
#define COMM_H
void init_cmd_colors(); void init_cmd_colors();
@ -10,3 +11,5 @@ void print_traced();
void print_not_traced(); void print_not_traced();
void print_suspicious(); void print_suspicious();
#endif

16
pafish/debuggers.c
View File

@ -1,6 +1,10 @@
#define _WIN32_WINNT 0x0501 /* _WIN32_WINNT_WINXP */
#include <windows.h> #include <windows.h>
#include "debuggers.h"
int debug_isdebuggerpresent() { int debug_isdebuggerpresent() {
if (IsDebuggerPresent()) { if (IsDebuggerPresent()) {
return 0; return 0;
@ -10,6 +14,18 @@ int debug_isdebuggerpresent() {
} }
} }
/* This function is not used because it doesn't work prety well */
int debug_checkremotedebuggerpresent() {
BOOL isdebug = FALSE;
CheckRemoteDebuggerPresent(GetCurrentProcess(), &isdebug);
if (isdebug) {
return 0;
}
else {
return 1;
}
}
int debug_outputdebugstring() { int debug_outputdebugstring() {
DWORD err = 99; /* Random error */ DWORD err = 99; /* Random error */
SetLastError(err); SetLastError(err);

7
pafish/debuggers.h
View File

@ -1,6 +1,11 @@
#include "debuggers.c" #ifndef DEBUG_H
#define DEBUG_H
int debug_isdebuggerpresent(); int debug_isdebuggerpresent();
int debug_checkremotedebuggerpresent();
int debug_outputdebugstring(); int debug_outputdebugstring();
#endif

19
pafish/gensandbox.c Normal file
View File

@ -0,0 +1,19 @@
#include <windows.h>
#include "gensandbox.h"
int gensandbox_mouse_act() {
POINT position1, position2;
GetCursorPos(&position1);
Sleep(1000); /* Sleep time */
GetCursorPos(&position2);
if ((position1.x == position2.x) && (position1.y == position2.y)) {
/* No mouse activity during the sleep */
return 0;
}
else {
/* Mouse activity during the sleep */
return 1;
}
}

7
pafish/gensandbox.h Normal file
View File

@ -0,0 +1,7 @@
#ifndef GENSAND_H
#define GENSAND_H
int gensandbox_mouse_act();
#endif

134
pafish/main.c
View File

@ -1,12 +1,17 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <windows.h>
#include "common.h" #include "common.h"
#include "debuggers.h" #include "debuggers.h"
#include "sandboxie.h" #include "sandboxie.h"
#include "gensandbox.h"
#include "vbox.h" #include "vbox.h"
#include "wine.h"
#include "vmware.h"
/* /*
Pafish (Paranoid fish) Pafish (Paranoid fish)
@ -26,49 +31,146 @@
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
char icon[] = "Blue fish icon thanks to http://www.fasticon.com/"; char icon[] = "Blue fish icon thanks to http://www.fasticon.com/", winverstr[32], aux[1024];
OSVERSIONINFO winver;
write_log("Start");
init_cmd_colors(); init_cmd_colors();
print_header(); print_header();
winver.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
GetVersionEx(&winver);
snprintf(winverstr, sizeof(winverstr), "%d.%d build %d", winver.dwMajorVersion, winver.dwMinorVersion, winver.dwBuildNumber);
printf("[*] Windows version: %s\n", winverstr);
snprintf(aux, sizeof(aux), "Windows version: %s", winverstr);
write_log(aux);
printf("[*] Running checks ...\n"); printf("[*] Running checks ...\n");
/* Debuggers detection tricks */ /* Debuggers detection tricks */
printf("\n[-] Debuggers detection\n"); printf("\n[-] Debuggers detection\n");
printf("[*] Using IsDebuggerPresent() ... "); printf("[*] Using IsDebuggerPresent() ... ");
if (debug_isdebuggerpresent() == 0) if (debug_isdebuggerpresent() == 0) {
write_log("Debugger traced using IsDebuggerPresent()");
print_traced(); print_traced();
else }
else {
print_not_traced(); print_not_traced();
printf("[*] Using OutputDebugString() ... "); }
if (debug_outputdebugstring() == 0) /* This is only working on MS Windows systems prior to Vista */
if (winver.dwMajorVersion < 6) {
printf("[*] Using OutputDebugString() ... ");
if (debug_outputdebugstring() == 0) {
write_log("Debugger traced using OutputDebugString()");
print_traced();
}
else {
print_not_traced();
}
}
/* Generic sandbox detection tricks */
printf("\n[-] Generic sandbox detection\n");
printf("[*] Using mouse activity ... ");
if (gensandbox_mouse_act() == 0) {
print_traced(); print_traced();
else write_log("Sandbox traced using mouse activity");
}
else {
print_not_traced(); print_not_traced();
}
/* Sandboxie detection tricks */ /* Sandboxie detection tricks */
printf("\n[-] Sandboxie detection\n"); printf("\n[-] Sandboxie detection\n");
printf("[*] Using sbiedll.dll ... "); printf("[*] Using sbiedll.dll ... ");
if (sboxie_detect_sbiedll() == 0) if (sboxie_detect_sbiedll() == 0) {
write_log("Sandboxie traced using sbiedll.dll");
print_traced(); print_traced();
else }
else {
print_not_traced(); print_not_traced();
printf("[*] Looking for default working directory ... "); }
if (sboxie_detect_work_dir() == 0)
print_suspicious(); /* Wine detection tricks */
else printf("\n[-] Wine detection\n");
printf("[*] Using GetProcAddress(wine_get_unix_file_name) from kernel32.dll ... ");
if (wine_detect_get_unix_file_name() == 0) {
write_log("Wine traced using GetProcAddress(wine_get_unix_file_name) from kernel32.dll");
print_traced();
}
else {
print_not_traced(); print_not_traced();
}
/* VirtualBox detection tricks */ /* VirtualBox detection tricks */
printf("\n[-] VirtualBox detection\n"); printf("\n[-] VirtualBox detection\n");
printf("[*] Using RegOpenKey w/ known Guest additions key ... "); printf("[*] Scsi port->bus->target id->logical unit id-> 0 identifier ... ");
if (vbox_gadd_reg_key() == 0) if (vbox_reg_key1() == 0) {
write_log("VirtualBox traced using Reg key HKLM\\HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0 \"Identifier\"");
print_traced(); print_traced();
else }
else {
print_not_traced(); print_not_traced();
}
printf("[*] Reg key (HKLM\\HARDWARE\\Description\\System \"SystemBiosVersion\") ... ");
if (vbox_reg_key2() == 0) {
write_log("VirtualBox traced using Reg key HKLM\\HARDWARE\\Description\\System \"SystemBiosVersion\"");
print_traced();
}
else {
print_not_traced();
}
printf("[*] Reg key (HKLM\\SOFTWARE\\Oracle\\VirtualBox Guest Additions) ... ");
if (vbox_reg_key3() == 0) {
write_log("VirtualBox traced using Reg key HKLM\\SOFTWARE\\Oracle\\VirtualBox Guest Additions");
print_traced();
}
else {
print_not_traced();
}
printf("[*] Looking for C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys ... ");
if (vbox_sysfile1() == 0) {
write_log("VirtualBox traced using file C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys");
print_traced();
}
else {
print_not_traced();
}
/* VMware detection tricks */
printf("\n[-] VMware detection\n");
printf("[*] Scsi port->bus->target id->logical unit id-> 0 identifier ... ");
if (vmware_reg_key1() == 0) {
write_log("VMWare traced using Reg key HKLM\\HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0 \"Identifier\"");
print_traced();
}
else {
print_not_traced();
}
printf("[*] Reg key (HKLM\\SOFTWARE\\VMware, Inc.\\VMware Tools) ... ");
if (vmware_reg_key2() == 0) {
write_log("VMware traced using Reg key HKLM\\SOFTWARE\\VMware, Inc.\\VMware Tools");
print_traced();
}
else {
print_not_traced();
}
printf("[*] Looking for C:\\WINDOWS\\system32\\drivers\\vmmouse.sys ... ");
if (vmware_sysfile1() == 0) {
write_log("VMware traced using file C:\\WINDOWS\\system32\\drivers\\vmmouse.sys");
print_traced();
}
else {
print_not_traced();
}
printf("\n\n"); printf("\n\n");
printf("[-] Finished, feel free to RE me."); printf("[-] Finished, feel free to RE me.");
write_log("End");
fflush(stdin); getchar(); fflush(stdin); getchar();
return 0; return 0;
} }

80
pafish/pafish.dev
View File

@ -1,7 +1,7 @@
[Project] [Project]
FileName=pafish.dev FileName=pafish.dev
Name=pafish Name=pafish
UnitCount=9 UnitCount=15
PchHead=-1 PchHead=-1
PchSource=-1 PchSource=-1
Ver=3 Ver=3
@ -22,7 +22,7 @@ BuildCmd=
[VersionInfo] [VersionInfo]
Major=0 Major=0
Minor=1 Minor=2
Release=1 Release=1
Build=1 Build=1
LanguageID=1033 LanguageID=1033
@ -38,7 +38,7 @@ ProductName=Paranoid Fish
ProductVersion= ProductVersion=
AutoIncBuildNrOnRebuild=0 AutoIncBuildNrOnRebuild=0
AutoIncBuildNrOnCompile=0 AutoIncBuildNrOnCompile=0
UnitCount=9 UnitCount=15
[Profile1] [Profile1]
ProfileName=MingW gcc ProfileName=MingW gcc
@ -52,7 +52,7 @@ Compiler=
CppCompiler= CppCompiler=
Linker= Linker=
PreprocDefines= PreprocDefines=
CompilerSettings=0000000000000000000000 CompilerSettings=0000000001100000000100
Icon=pafish.ico Icon=pafish.ico
ExeOutput=Output\MingW ExeOutput=Output\MingW
ImagesOutput=Images\ ImagesOutput=Images\
@ -108,13 +108,13 @@ BuildCmd=
[Unit3] [Unit3]
FileName=common.c FileName=common.c
CompileCpp=1 CompileCpp=0
Folder=pafish Folder=pafish
Compile=1 Compile=1
Link=1 Link=1
Priority=1000 Priority=1000
OverrideBuildCmd=0 OverrideBuildCmd=0
BuildCmd= BuildCmd=$(CC) -c common.c -o Objects/MingW/common.o $(CFLAGS)
[Unit4] [Unit4]
FileName=common.h FileName=common.h
@ -128,13 +128,13 @@ BuildCmd=
[Unit5] [Unit5]
FileName=debuggers.c FileName=debuggers.c
CompileCpp=1 CompileCpp=0
Folder=pafish Folder=pafish
Compile=1 Compile=1
Link=1 Link=1
Priority=1000 Priority=1000
OverrideBuildCmd=0 OverrideBuildCmd=0
BuildCmd= BuildCmd=$(CC) -c debuggers.c -o Objects/MingW/debuggers.o $(CFLAGS)
[Unit6] [Unit6]
FileName=debuggers.h FileName=debuggers.h
@ -148,13 +148,13 @@ BuildCmd=
[Unit7] [Unit7]
FileName=sandboxie.c FileName=sandboxie.c
CompileCpp=1 CompileCpp=0
Folder=pafish Folder=pafish
Compile=1 Compile=1
Link=1 Link=1
Priority=1000 Priority=1000
OverrideBuildCmd=0 OverrideBuildCmd=0
BuildCmd= BuildCmd=$(CC) -c sandboxie.c -o Objects/MingW/sandboxie.o $(CFLAGS)
[Unit8] [Unit8]
FileName=sandboxie.h FileName=sandboxie.h
@ -168,6 +168,66 @@ BuildCmd=
[Unit9] [Unit9]
FileName=vbox.c FileName=vbox.c
CompileCpp=0
Folder=pafish
Compile=1
Link=1
Priority=1000
OverrideBuildCmd=0
BuildCmd=$(CC) -c vbox.c -o Objects/MingW/vbox.o $(CFLAGS)
[Unit10]
FileName=gensandbox.h
CompileCpp=1
Folder=pafish
Compile=1
Link=1
Priority=1000
OverrideBuildCmd=0
BuildCmd=
[Unit11]
FileName=gensandbox.c
CompileCpp=0
Folder=pafish
Compile=1
Link=1
Priority=1000
OverrideBuildCmd=0
BuildCmd=$(CC) -c gensandbox.c -o Objects/MingW/gensandbox.o $(CFLAGS)
[Unit12]
FileName=wine.c
CompileCpp=0
Folder=pafish
Compile=1
Link=1
Priority=1000
OverrideBuildCmd=0
BuildCmd=$(CC) -c wine.c -o Objects/MingW/wine.o $(CFLAGS)
[Unit13]
FileName=wine.h
CompileCpp=1
Folder=pafish
Compile=1
Link=1
Priority=1000
OverrideBuildCmd=0
BuildCmd=
[Unit14]
FileName=vmware.c
CompileCpp=0
Folder=pafish
Compile=1
Link=1
Priority=1000
OverrideBuildCmd=0
BuildCmd=$(CC) -c vmware.c -o Objects/MingW/vmware.o $(CFLAGS)
[Unit15]
FileName=vmware.h
CompileCpp=1 CompileCpp=1
Folder=pafish Folder=pafish
Compile=1 Compile=1

82
pafish/pafish.layout
View File

@ -4,57 +4,77 @@ Order=0
[Editor_0] [Editor_0]
Open=1 Open=1
Top=1 Top=1
CursorCol=3 CursorCol=5
CursorRow=11 CursorRow=141
TopLine=12 TopLine=1
LeftChar=1 LeftChar=1
[Editor_6] [Editor_6]
CursorCol=2 CursorCol=1
CursorRow=11 CursorRow=14
TopLine=8 TopLine=1
LeftChar=1 LeftChar=1
[Editor_7] [Editor_7]
CursorCol=1 CursorCol=1
CursorRow=7 CursorRow=2
TopLine=1 TopLine=1
LeftChar=1 LeftChar=1
[Editor_8] [Editor_8]
CursorCol=1 CursorCol=18
CursorRow=17 CursorRow=83
TopLine=2 TopLine=1
LeftChar=1 LeftChar=1
[Editor_2] [Editor_2]
CursorCol=62 CursorCol=25
CursorRow=21 CursorRow=9
TopLine=1 TopLine=34
LeftChar=1 LeftChar=1
[Editor_5] [Editor_5]
CursorCol=1 CursorCol=1
CursorRow=7 CursorRow=12
TopLine=1 TopLine=1
LeftChar=1 LeftChar=1
[Editor_4] [Editor_4]
CursorCol=2 CursorCol=67
CursorRow=25 CursorRow=17
TopLine=1 TopLine=1
LeftChar=1 LeftChar=1
[Editor_3] [Editor_3]
CursorCol=1 CursorCol=1
CursorRow=13
TopLine=1
LeftChar=1
[Editor_1]
CursorCol=1
CursorRow=5
TopLine=1
LeftChar=1
[Editor_9]
CursorCol=27
CursorRow=8
TopLine=1
LeftChar=1
[Editor_10]
CursorCol=6
CursorRow=16 CursorRow=16
TopLine=1 TopLine=1
LeftChar=1 LeftChar=1
[Editor_1]
CursorCol=21
CursorRow=11
TopLine=1
LeftChar=1
[Editor_9]
CursorCol=1
CursorRow=2
TopLine=1
LeftChar=1
[Editor_10]
CursorCol=1
CursorRow=20
TopLine=1
LeftChar=1
[Editor_11]
CursorCol=18
CursorRow=4
TopLine=1
LeftChar=1
[Editor_12]
CursorCol=1
CursorRow=8
TopLine=1
LeftChar=1
[Editor_13]
CursorCol=18
CursorRow=56
TopLine=1
LeftChar=1
[Editor_14]
CursorCol=20
CursorRow=9
TopLine=1
LeftChar=1

13
pafish/sandboxie.c
View File

@ -1,6 +1,8 @@
#include <windows.h> #include <windows.h>
#include "sandboxie.h"
int sboxie_detect_sbiedll() { int sboxie_detect_sbiedll() {
if (GetModuleHandle("sbiedll.dll") != NULL) { if (GetModuleHandle("sbiedll.dll") != NULL) {
return 0; return 0;
@ -9,14 +11,3 @@ int sboxie_detect_sbiedll() {
return 1; return 1;
} }
} }
int sboxie_detect_work_dir() {
DWORD ret;
ret = GetFileAttributes("C:\\Sandbox");
if (ret != INVALID_FILE_ATTRIBUTES) {
return 0;
}
else {
return 1;
}
}

5
pafish/sandboxie.h
View File

@ -1,6 +1,7 @@
#include "sandboxie.c" #ifndef SANBOXIE_H
#define SANBOXIE_H
int sboxie_detect_sbiedll(); int sboxie_detect_sbiedll();
int sboxie_detect_work_dir(); #endif

82
pafish/vbox.c
View File

@ -1,12 +1,77 @@
#include <windows.h> #include <windows.h>
#include <string.h>
int vbox_gadd_reg_key() { #include "vbox.h"
HKEY res;
int vbox_reg_key1() {
HKEY regkey;
LONG retu;
char value[1024];
int i;
DWORD size;
size = sizeof(value);
retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", 0, KEY_READ, &regkey);
if (retu == ERROR_SUCCESS) {
retu = RegQueryValueEx(regkey, "Identifier", NULL, NULL, (BYTE*)value, &size);
if (retu == ERROR_SUCCESS) {
for (i = 0; i < strlen(value); i++) { /* Uppercase to case-insensitive */
value[i] = toupper(value[i]);
}
if (strstr(value, "VBOX") != NULL) {
return 0;
}
else {
return 1;
}
}
else {
return 1;
}
}
else {
return 1;
}
}
int vbox_reg_key2() {
HKEY regkey;
LONG retu;
char value[1024];
int i;
DWORD size;
size = sizeof(value);
retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "HARDWARE\\Description\\System", 0, KEY_READ, &regkey);
if (retu == ERROR_SUCCESS) {
retu = RegQueryValueEx(regkey, "SystemBiosVersion", NULL, NULL, (BYTE*)value, &size);
if (retu == ERROR_SUCCESS) {
for (i = 0; i < strlen(value); i++) { /* Uppercase to case-insensitive */
value[i] = toupper(value[i]);
}
if (strstr(value, "VBOX") != NULL) {
return 0;
}
else {
return 1;
}
}
else {
return 1;
}
}
else {
return 1;
}
}
int vbox_reg_key3() {
HKEY regkey;
LONG retu; LONG retu;
/* We just try to detect if VirtualBox Guest Additions are installed looking at /* We just try to detect if VirtualBox Guest Additions are installed looking at
the RegKey */ the RegKey */
retu = RegOpenKey(HKEY_LOCAL_MACHINE, "SOFTWARE\\Oracle\\VirtualBox Guest Additions", &res); retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\Oracle\\VirtualBox Guest Additions", 0, KEY_READ, &regkey);
if (retu == ERROR_SUCCESS) { if (retu == ERROR_SUCCESS) {
return 0; return 0;
} }
@ -14,3 +79,14 @@ int vbox_gadd_reg_key() {
return 1; return 1;
} }
} }
int vbox_sysfile1() {
DWORD ret;
ret = GetFileAttributes("C:\\WINDOWS\\system32\\drivers\\VBoxMouse.sys");
if (ret != INVALID_FILE_ATTRIBUTES) {
return 0;
}
else {
return 1;
}
}

13
pafish/vbox.h
View File

@ -1,4 +1,13 @@
#include "vbox.c" #ifndef VBOX_H
#define VBOX_H
int vbox_gadd_reg_key(); int vbox_reg_key1();
int vbox_reg_key2();
int vbox_reg_key3();
int vbox_sysfile1();
#endif

61
pafish/vmware.c Normal file
View File

@ -0,0 +1,61 @@
#include <windows.h>
#include <string.h>
#include "vmware.h"
int vmware_reg_key1() {
HKEY regkey;
LONG retu;
char value[1024];
int i;
DWORD size;
size = sizeof(value);
retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "HARDWARE\\DEVICEMAP\\Scsi\\Scsi Port 0\\Scsi Bus 0\\Target Id 0\\Logical Unit Id 0", 0, KEY_READ, &regkey);
if (retu == ERROR_SUCCESS) {
retu = RegQueryValueEx(regkey, "Identifier", NULL, NULL, (BYTE*)value, &size);
if (retu == ERROR_SUCCESS) {
for (i = 0; i < strlen(value); i++) { /* Uppercase to case-insensitive */
value[i] = toupper(value[i]);
}
if (strstr(value, "VMWARE") != NULL) {
return 0;
}
else {
return 1;
}
}
else {
return 1;
}
}
else {
return 1;
}
}
int vmware_reg_key2() {
HKEY regkey;
LONG retu;
/* We just try to detect if VMware Tools are installed looking at
the RegKey */
retu = RegOpenKeyEx(HKEY_LOCAL_MACHINE, "SOFTWARE\\VMware, Inc.\\VMware Tools", 0, KEY_READ, &regkey);
if (retu == ERROR_SUCCESS) {
return 0;
}
else {
return 1;
}
}
int vmware_sysfile1() {
DWORD ret;
ret = GetFileAttributes("C:\\WINDOWS\\system32\\drivers\\vmmouse.sys");
if (ret != INVALID_FILE_ATTRIBUTES) {
return 0;
}
else {
return 1;
}
}

11
pafish/vmware.h Normal file
View File

@ -0,0 +1,11 @@
#ifndef VMWARE_H
#define VMWARE_H
int vmware_reg_key1();
int vmware_reg_key2();
int vmware_sysfile1();
#endif

20
pafish/wine.c Normal file
View File

@ -0,0 +1,20 @@
#include <windows.h>
#include "wine.h"
int wine_detect_get_unix_file_name() {
HMODULE k32;
k32 = GetModuleHandle("kernel32.dll");
if (k32 != NULL) {
if (GetProcAddress(k32, "wine_get_unix_file_name") != NULL) {
return 0;
}
else {
return 1;
}
}
else {
return 1;
}
}

7
pafish/wine.h Normal file
View File

@ -0,0 +1,7 @@
#ifndef WINE_H
#define WINE_H
int wine_detect_get_unix_file_name();
#endif