[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Genetic method to detect the presence of anyvirtual machine
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] Genetic method to detect the presence of anyvirtual machine
- From: "Dave \"No, not that one\" Korn" <davek_throwaway@xxxxxxxxxxx>
- Date: Thu, 19 Oct 2006 20:29:02 +0100
Bipin Gautam wrote:
> Microsoft Virtual Machine & VMWARE information disclosure
> Vulnerability
>
> Note: Though not limited to these two products, this trick can be used
> as an genetic method to detect the presence of any virtual machine
Gene*R*ic. The word you're looking for is "generic". Genetic means to do
with DNA and stuff. Generic means universal, widespread, non-branded.
> (Query Output inside Microsoft Virtual Machine)
> Motherboard:
> Company Brnad Name: Vmware, Inc VMware
>
> Video Chipset & Video Memory information
>
> System Manufacturer : VMware, Inc
> Product Name: VMware Virtual Platform
> ( Output inside VMWARE )
> Company Brnad Name: Microsoft Corporation Virtual Machine
> Motherboard Modal: Microsoft Corporation Virtual Machine
I think you got the two sets of query outputs mixed up as well.
> Quering just few of the above mentioned information from inside the
> virtual machine can IMMIDIATELY PROVE the presense of virtual machine,
> not the actual system.
True. Is it possible to change them, short of binary patching the vm
executable?
cheers,
DaveK
--
Can't think of a witty .sigline today....
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/