VirtualMachineDetect is a tool aimed at detecting the presence of an underlying virtual machine. It can detect VMware, VirtualBox and VirtualPC. This tool is useful in understanding the methods using which programs can detect whether they are running on a Virtual Machine (VM) or not.
The tool can be downloaded from http://securityresearch.in/index.php/downloads.
A category of malware called as Split Personality Malware, detects the environment it is running on and behaves benignly/does not run, if it is on a VM. This tool VirtualMachineDetect is the result of the study of various methods used by this category of malware to detect VM.
More details can be got from http://securityresearch.in/index.php/pr ... nvironment
and
http://securityresearch.in/index.php/an ... eta-is-out
Hope this comes to use to you too.
VirtualMachineDetect
-
- n00b
- Posts:1
- Joined:Thu Feb 16, 2012 1:55 am [phpBB Debug] PHP Warning: in file [ROOT]/vendor/twig/twig/lib/Twig/Extension/Core.php on line 1275: count(): Parameter must be an array or an object that implements Countable
- Cool_Fire
- Not a sandwich
- Posts:1913
- Joined:Fri May 09, 2003 1:20 pm
- Location:41 6d 73 74 65 72 64 61 6d
- Contact:
Re: VirtualMachineDetect
Will you be adding support for Xen and KVM/Qemu?
Also, not to rain on your parade, but you could easily do this by just listing hardware and looking for virtual machine branded hardware.
Also, not to rain on your parade, but you could easily do this by just listing hardware and looking for virtual machine branded hardware.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.
Hackerthreads chat, where the party is going 24/7.