mirror of https://github.com/a0rtega/pafish
Merge branch 'serializingme-dev-memorycheck-v1' into dev-chaos
This commit is contained in:
commit
ea6e3cf704
|
@ -1,4 +1,6 @@
|
|||
|
||||
#define _WIN32_WINNT 0x0501 /* _WIN32_WINNT_WINXP */
|
||||
|
||||
#include <windows.h>
|
||||
#include <winioctl.h>
|
||||
#include <string.h>
|
||||
|
@ -149,3 +151,11 @@ int gensandbox_one_cpu_GetSystemInfo() {
|
|||
return siSysInfo.dwNumberOfProcessors < 2 ? TRUE : FALSE;
|
||||
}
|
||||
|
||||
int gensandbox_less_than_onegb() {
|
||||
MEMORYSTATUSEX statex;
|
||||
statex.dwLength = sizeof (statex);
|
||||
|
||||
GlobalMemoryStatusEx(&statex);
|
||||
return (statex.ullAvailPhys/1024) < 1048576 ? TRUE : FALSE;
|
||||
}
|
||||
|
||||
|
|
|
@ -20,4 +20,6 @@ int gensandbox_one_cpu();
|
|||
|
||||
int gensandbox_one_cpu_GetSystemInfo();
|
||||
|
||||
int gensandbox_less_than_onegb();
|
||||
|
||||
#endif
|
||||
|
|
|
@ -191,6 +191,14 @@ int main(void)
|
|||
}
|
||||
else print_not_traced();
|
||||
|
||||
printf("[*] Checking if pysical memory is < 1Gb ... ");
|
||||
if (gensandbox_less_than_onegb() == TRUE) {
|
||||
print_traced();
|
||||
write_log("Sandbox traced by checking if pysical memory is less than 1Gb");
|
||||
write_trace("hi_sandbox_pysicalmemory_less_1Gb");
|
||||
}
|
||||
else print_not_traced();
|
||||
|
||||
/* Hooks detection tricks */
|
||||
printf("\n[-] Hooks detection\n");
|
||||
printf("[*] Checking function DeleteFileW method 1 ... ");
|
||||
|
|
Loading…
Reference in New Issue