Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix VM::ALL, add missing techniques to flag_to_string and replace COUTs with debug(...) #130

Merged
merged 4 commits into from
Aug 21, 2024
Merged

Fix VM::ALL, add missing techniques to flag_to_string and replace COUTs with debug(...) #130

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
f1ed9a0
fix: now VM::ALL also includes RDTSC and RDTSC_VMEXIT
D00Movenok Aug 21, 2024
97f5af7
add missed techniques to flag_to_string
D00Movenok Aug 21, 2024
8d9872c
replace COUTs with debug(...)
D00Movenok Aug 21, 2024
4e8b69e
add D00Movenok to the contributors
D00Movenok Aug 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,7 @@ And if you found this project useful, a star would be appreciated :)
- [iMonket](https://github.com/PrimeMonket)
- Eric Parker's discord community
- [ShellCode33](https://github.com/ShellCode33)
- [Georgii Gennadev (D00Movenok)](https://github.com/D00Movenok)

<br>

Expand Down
105 changes: 41 additions & 64 deletions src/vmaware.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
* - Marek Knápek (https://github.com/MarekKnapek)
* - Vladyslav Miachkov (https://github.com/fameowner99)
* - Alan Tse (https://github.com/alandtse)
* - Georgii Gennadev (https://github.com/D00Movenok)
* - Repository: https://github.com/kernelwernel/VMAware
* - Docs: https://github.com/kernelwernel/VMAware/docs/documentation.md
* - Full credits: https://github.com/kernelwernel/VMAware#credits-and-contributors-%EF%B8%8F
Expand Down Expand Up @@ -1355,6 +1356,19 @@ struct VM {
case KGT_SIGNATURE: return "VM::KGT_SIGNATURE";
case VMWARE_DMI: return "VM::VMWARE_DMI";
case EVENT_LOGS: return "VM::EVENT_LOGS";
case QEMU_VIRTUAL_DMI: return "QEMU_VIRTUAL_DMI";
case QEMU_USB: return "QEMU_USB";
case HYPERVISOR_DIR: return "HYPERVISOR_DIR";
case UML_CPU: return "UML_CPU";
case KMSG: return "KMSG";
case VM_PROCS: return "VM_PROCS";
case VBOX_MODULE: return "VBOX_MODULE";
case SYSINFO_PROC: return "SYSINFO_PROC";
case DEVICE_TREE: return "DEVICE_TREE";
case DMI_SCAN: return "DMI_SCAN";
case SMBIOS_VM_BIT: return "SMBIOS_VM_BIT";
case PODMAN_FILE: return "PODMAN_FILE";
case WSL_PROC: return "WSL_PROC";
default: return "Unknown flag";
}
}
Expand Down Expand Up @@ -4386,18 +4400,18 @@ struct VM {
std::unique_ptr<util::sys_info> info = util::make_unique<util::sys_info>();

#ifdef __VMAWARE_DEBUG__
std::cout << std::left << ::std::setw(14) << "Manufacturer: " << info->get_manufacturer() << '\n'
<< std::left << ::std::setw(14) << "Product Name: " << info->get_productname() << '\n'
<< std::left << ::std::setw(14) << "Serial No: " << info->get_serialnumber() << '\n'
<< std::left << ::std::setw(14) << "UUID: " << info->get_uuid() << '\n'
<< std::left << ::std::setw(14) << "Version: " << info->get_version() << std::endl;
debug("Manufacturer: ", info->get_manufacturer());
debug("Product Name: ", info->get_productname());
debug("Serial No: ", info->get_serialnumber());
debug("UUID: ", info->get_uuid());
debug("Version: ", info->get_version());

if (!info->get_family().empty()) {
std::cout << std::left << ::std::setw(14) << "Product family: " << info->get_family() << std::endl;
debug("Product family: ", info->get_family());
}

if (!info->get_sku().empty()) {
std::cout << std::left << ::std::setw(14) << "SKU/Configuration: " << info->get_sku() << std::endl;
debug("SKU/Configuration: ", info->get_sku());
}
#endif

Expand Down Expand Up @@ -9036,62 +9050,13 @@ struct VM {

const std::vector<u8> content = util::read_file_binary(file);

#if (__VMAWARE_DEBUG__)
debug("SMBIOS_VM_BIT: ");
const u8 limit = 3;
u8 increment = 1;

for (const auto c : content) {
const char character = static_cast<char>(c);

bool is_null_char = false;

if ((character < 32) || (character == 127) || (character == 0)) {
if (character < 0) {
is_null_char = false;
} else {
is_null_char = true;
}
}

std::cout << '\'' << character << (is_null_char ? " " : "") << "\' = " << (int)character;

u8 spacing = 0;

if (character >= 0) {
if (character < 10) {
spacing = 5;
} else if (character < 100) {
spacing = 4;
} else {
spacing = 3;
}
} else {
if (character > -10) {
spacing = 4;
} else if (character > -100) {
spacing = 3;
} else {
spacing = 2;
}
}

if (increment % limit == 0) {
std::cout << "\n";
} else {
for (u8 x = 0; x < spacing; x++) {
std::cout << ' ';
}
}

increment++;
}
#endif

if (content.size() < 20 || content.at(1) < 20) {
debug("SMBIOS_VM_BIT: ", "only read ", content.size(), " bytes, expected 20");
return false;
}

debug("SMBIOS_VM_BIT: ", "content.at(19)=", static_cast<int>(content.at(19)));

return (content.at(19) & (1 << 4));
#endif
} catch (...) {
Expand Down Expand Up @@ -10105,11 +10070,13 @@ VM::flagset VM::DEFAULT = []() -> flagset {
// set all bits to 1
tmp.set();

// disable all the non-default flags
tmp.flip(NO_MEMO);
// disable all non-default techniques
tmp.flip(CURSOR);
tmp.flip(RDTSC);
tmp.flip(RDTSC_VMEXIT);

// disable all the non-technique flags
tmp.flip(NO_MEMO);
tmp.flip(HIGH_THRESHOLD);
tmp.flip(ENABLE_HYPERV_HOST_REPLACEMENT);
tmp.flip(SPOOFABLE);
Expand All @@ -10119,10 +10086,20 @@ VM::flagset VM::DEFAULT = []() -> flagset {
}();


// flag to enable every technique, basically VM::DEFAULT but with VM::CURSOR technique
// flag to enable every technique
VM::flagset VM::ALL = []() -> flagset {
flagset tmp = DEFAULT;
tmp.set(CURSOR);
flagset tmp;

// set all bits to 1
tmp.set();

// disable all the non-technique flags
tmp.flip(NO_MEMO);
tmp.flip(HIGH_THRESHOLD);
tmp.flip(ENABLE_HYPERV_HOST_REPLACEMENT);
tmp.flip(SPOOFABLE);
tmp.flip(MULTIPLE);

return tmp;
}();

Expand Down
105 changes: 41 additions & 64 deletions src/vmaware_MIT.hpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
* - Marek Knápek (https://github.com/MarekKnapek)
* - Vladyslav Miachkov (https://github.com/fameowner99)
* - Alan Tse (https://github.com/alandtse)
* - Georgii Gennadev (https://github.com/D00Movenok)
* - Repository: https://github.com/kernelwernel/VMAware
* - Docs: https://github.com/kernelwernel/VMAware/docs/documentation.md
* - Full credits: https://github.com/kernelwernel/VMAware#credits-and-contributors-%EF%B8%8F
Expand Down Expand Up @@ -1365,6 +1366,19 @@ struct VM {
case KGT_SIGNATURE: return "VM::KGT_SIGNATURE";
case VMWARE_DMI: return "VM::VMWARE_DMI";
case EVENT_LOGS: return "VM::EVENT_LOGS";
case QEMU_VIRTUAL_DMI: return "QEMU_VIRTUAL_DMI";
case QEMU_USB: return "QEMU_USB";
case HYPERVISOR_DIR: return "HYPERVISOR_DIR";
case UML_CPU: return "UML_CPU";
case KMSG: return "KMSG";
case VM_PROCS: return "VM_PROCS";
case VBOX_MODULE: return "VBOX_MODULE";
case SYSINFO_PROC: return "SYSINFO_PROC";
case DEVICE_TREE: return "DEVICE_TREE";
case DMI_SCAN: return "DMI_SCAN";
case SMBIOS_VM_BIT: return "SMBIOS_VM_BIT";
case PODMAN_FILE: return "PODMAN_FILE";
case WSL_PROC: return "WSL_PROC";
default: return "Unknown flag";
}
}
Expand Down Expand Up @@ -3916,18 +3930,18 @@ struct VM {
std::unique_ptr<util::sys_info> info = util::make_unique<util::sys_info>();

#ifdef __VMAWARE_DEBUG__
std::cout << std::left << ::std::setw(14) << "Manufacturer: " << info->get_manufacturer() << '\n'
<< std::left << ::std::setw(14) << "Product Name: " << info->get_productname() << '\n'
<< std::left << ::std::setw(14) << "Serial No: " << info->get_serialnumber() << '\n'
<< std::left << ::std::setw(14) << "UUID: " << info->get_uuid() << '\n'
<< std::left << ::std::setw(14) << "Version: " << info->get_version() << std::endl;
debug("Manufacturer: ", info->get_manufacturer());
debug("Product Name: ", info->get_productname());
debug("Serial No: ", info->get_serialnumber());
debug("UUID: ", info->get_uuid());
debug("Version: ", info->get_version());

if (!info->get_family().empty()) {
std::cout << std::left << ::std::setw(14) << "Product family: " << info->get_family() << std::endl;
debug("Product family: ", info->get_family());
}

if (!info->get_sku().empty()) {
std::cout << std::left << ::std::setw(14) << "SKU/Configuration: " << info->get_sku() << std::endl;
debug("SKU/Configuration: ", info->get_sku());
}
#endif

Expand Down Expand Up @@ -8566,62 +8580,13 @@ struct VM {

const std::vector<u8> content = util::read_file_binary(file);

#if (__VMAWARE_DEBUG__)
debug("SMBIOS_VM_BIT: ");
const u8 limit = 3;
u8 increment = 1;

for (const auto c : content) {
const char character = static_cast<char>(c);

bool is_null_char = false;

if ((character < 32) || (character == 127) || (character == 0)) {
if (character < 0) {
is_null_char = false;
} else {
is_null_char = true;
}
}

std::cout << '\'' << character << (is_null_char ? " " : "") << "\' = " << (int)character;

u8 spacing = 0;

if (character >= 0) {
if (character < 10) {
spacing = 5;
} else if (character < 100) {
spacing = 4;
} else {
spacing = 3;
}
} else {
if (character > -10) {
spacing = 4;
} else if (character > -100) {
spacing = 3;
} else {
spacing = 2;
}
}

if (increment % limit == 0) {
std::cout << "\n";
} else {
for (u8 x = 0; x < spacing; x++) {
std::cout << ' ';
}
}

increment++;
}
#endif

if (content.size() < 20 || content.at(1) < 20) {
debug("SMBIOS_VM_BIT: ", "only read ", content.size(), " bytes, expected 20");
return false;
}

debug("SMBIOS_VM_BIT: ", "content.at(19)=", static_cast<int>(content.at(19)));

return (content.at(19) & (1 << 4));
#endif
} catch (...) {
Expand Down Expand Up @@ -9635,11 +9600,13 @@ VM::flagset VM::DEFAULT = []() -> flagset {
// set all bits to 1
tmp.set();

// disable all the non-default flags
tmp.flip(NO_MEMO);
// disable all non-default techniques
tmp.flip(CURSOR);
tmp.flip(RDTSC);
tmp.flip(RDTSC_VMEXIT);

// disable all the non-technique flags
tmp.flip(NO_MEMO);
tmp.flip(HIGH_THRESHOLD);
tmp.flip(ENABLE_HYPERV_HOST_REPLACEMENT);
tmp.flip(SPOOFABLE);
Expand All @@ -9649,10 +9616,20 @@ VM::flagset VM::DEFAULT = []() -> flagset {
}();


// flag to enable every technique, basically VM::DEFAULT but with VM::CURSOR technique
// flag to enable every technique
VM::flagset VM::ALL = []() -> flagset {
flagset tmp = DEFAULT;
tmp.set(CURSOR);
flagset tmp;

// set all bits to 1
tmp.set();

// disable all the non-technique flags
tmp.flip(NO_MEMO);
tmp.flip(HIGH_THRESHOLD);
tmp.flip(ENABLE_HYPERV_HOST_REPLACEMENT);
tmp.flip(SPOOFABLE);
tmp.flip(MULTIPLE);

return tmp;
}();

Expand Down
Loading