search

nsmfoo / antivmdetection

Script to create templates to use with VirtualBox to make vm detection harder
MIT License
714 stars 123 forks source link

Problems when running on Linux #23

Closed Weythran closed 6 years ago

Weythran commented 6 years ago

On Linux, the script is giving an error: dmi_info['DmiBIOSReleaseDate'] = v['data']['Release Date'] NameError: name 'v' is not defined.

Plus, I noticed that under Linux the script is also checking for Windows dependencies...

nsmfoo commented 6 years ago

Hi,

Sorry for my late reply.

It's a bit confusing but the script builds a template that is aimed at running inside a Windows host and in order to be self containing it also includes the Windows binaries from the start, so you don't need to manually copy the needed files at a later stage. I hope it makes sense?

Regarding the issue you are having, the script is unable to find the Release Date from the BIOS value. Just to be able to help you out better, how does your setup look like? Are you running the script on bare metal or in a VM. The "best" method is run it on bare metal Linux, this can be done by booting a computer with a Linux live CD, run the script and collect the template. Then you can use the template in your regular setup.

Please get back to me and I'm sure I can figure out a way to help you =)

Weythran commented 6 years ago

Hello, I'm running it on bare metal, a regular Debian setup. I've tried running it from a live CD, and some dependency packages were not available for install: cd-drive, lspci, python-dmidecode, smartctl. Could you try running this on a Linux and tell me if you encounter the same problems, or if I'm doing something wrong. Thanks.

nsmfoo commented 6 years ago

Hi,

Bare metal is good. So the reason you are getting this error, is because as noted above, that the script is unable to retrive the correct information. As the BIOS information differ between vendor it might just be something silly. If you can send me the output of:

sudo dmidecode -t0

It would help me pin down the problem.

Just to respond regarding live-cd runs, you can in most case install missing software even when using a live-cd.

Weythran commented 6 years ago

Hello, I meant that some dependency packages themselves don't seem to exist in repositories. smartctl - unable to locate package, lspci - no installation candidate, etc.

nsmfoo commented 6 years ago

Hi,

They are not listed as general dependencies as it's not that common that people run the template on a server, which seems like you do?

Anyway: lscpi can be found in the Ubuntu package pciutils and smartctl in smartmontools if I remember correctly

Weythran commented 6 years ago

I've tried it on Ubuntu 16.04 and managed to get all the dependencies together, and now running the script is giving me this error:

[*] Creating VirtualBox modifications .. Traceback (most recent call last): File "antivmdetect.py", line 247, in if 'SG_IO' in disk_dmi['FirmwareRevision']: KeyError: 'FirmwareRevision'

\ \ The output of sudo dmidecode -t0 is: # dmidecode 3.0 Getting SMBIOS data from sysfs. SMBIOS 2.4 present.

Handle 0x0000, DMI type 0, 24 bytes BIOS Information Vendor: Dell Inc. Version: A03 Release Date: 09/01/2008 Address: 0xF0000 Runtime Size: 64 kB ROM Size: 1728 kB Characteristics: ISA is supported PCI is supported PC Card (PCMCIA) is supported PNP is supported BIOS is upgradeable BIOS shadowing is allowed Boot from CD is supported Selectable boot is supported 3.5"/720 kB floppy services are supported (int 13h) Print screen service is supported (int 5h) 8042 keyboard services are supported (int 9h) Serial services are supported (int 14h) Printer services are supported (int 17h) CGA/mono video services are supported (int 10h) ACPI is supported USB legacy is supported AGP is supported Smart battery is supported BIOS boot specification is supported Function key-initiated network boot is supported Targeted content distribution is supported BIOS Revision: 0.3 Firmware Revision: 0.3

I'm not running this on a server, but on a my simple laptop. :)

nsmfoo commented 6 years ago

I guess that the value "'FirmwareRevision" is not populated.

Do you get any output when you run: hdparm -i /dev/sda | grep -o 'FwRev=[A-Za-z0-9_+\/ .\"-]*' | awk -F= '{print $2}' ?

Weythran commented 6 years ago

The output is; /dev/sda: No such file or directory

nsmfoo commented 6 years ago

Ok, so if you run: "sudo fdisk -l" and send me the output we can try to figure out what you are using instead. Btw which Linux dist are you using?

Weythran commented 6 years ago

I am using Ubuntu 16.04LTS in live CD mode. The fdisk command gives this output:

Disk /dev/ram0: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram1: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram2: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram3: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram4: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram5: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram6: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram7: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram8: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram9: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram10: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram11: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram12: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram13: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram14: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/ram15: 64 MiB, 67108864 bytes, 131072 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 4096 bytes I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disk /dev/loop0: 1.3 GiB, 1433468928 bytes, 2799744 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/mmcblk0: 3.7 GiB, 3965190144 bytes, 7744512 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x00000000

Device Boot Start End Sectors Size Id Type /dev/mmcblk0p1 * 128 7744511 7744384 3.7G 7 HPFS/NTFS/exFAT

nsmfoo commented 6 years ago

Are you booting on a flashmemory? If /dev/mmcblk0 is your boot device, try to replace /dev/sda with /dev/mmcblk .

Weythran commented 6 years ago

I'm running from a live DVD inside a DVD-RW drive. Still, running a command hdparm -i /dev/mmcblk | grep -o 'FwRev=[A-Za-z0-9_+/ ."-]*' | awk -F= '{print $2}' produces the result: HDIO_DRIVE_CMD(identify) failed: Invalid argument HDIO_GET_IDENTITY failed: Invalid argument

Weythran commented 6 years ago

Have you been able to find a solution?

nsmfoo commented 6 years ago

Hi sorry for my lack of response, I will try to catch up during next week

Weythran commented 6 years ago

Any luck?

nsmfoo commented 6 years ago

As you are not able to use hdparm on SD cards (apparently) , do you have better luck if you try the following command?

udevadm info -a /dev/mmcblk

If so, could you share the raw string for:

ATTRS{model} ATTRS{rev} ATTRS{vendor}

nsmfoo commented 6 years ago

Did you any chance to look into it?

nsmfoo commented 6 years ago

I will close this issue, but feel free to re-open it

Weythran commented 6 years ago

Hello, the udevadm info -a /dev/mmcblk command results in: Unknown device, absolute path in /dev/ or /sys expected.

oaustin commented 5 years ago

Hello, I have exactly the same issue... I'm using metal ubuntu 18.04 LTS. The output of the following: hdparm -i /dev/sda | grep -o 'FwRev=[A-Za-z0-9_+/ ."-]*' | awk -F= '{print $2}' produces /dev/sda: No such file or directory

oaustin commented 5 years ago

below is fdisk -l output

Disk /dev/loop0: 2.3 MiB, 2355200 bytes, 4600 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop1: 42.1 MiB, 44183552 bytes, 86296 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop2: 87.9 MiB, 92164096 bytes, 180008 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop3: 13 MiB, 13619200 bytes, 26600 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop4: 87.9 MiB, 92119040 bytes, 179920 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop5: 2.3 MiB, 2433024 bytes, 4752 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop6: 14.5 MiB, 15208448 bytes, 29704 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop7: 3.7 MiB, 3887104 bytes, 7592 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/nvme0n1: 238.5 GiB, 256060514304 bytes, 500118192 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: dos Disk identifier: 0x69d7a225

Device Boot Start End Sectors Size Id Type /dev/nvme0n1p1 * 2048 500117503 500115456 238.5G 83 Linux

Disk /dev/loop8: 86.9 MiB, 91099136 bytes, 177928 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop9: 14.5 MiB, 15196160 bytes, 29680 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop10: 140.9 MiB, 147722240 bytes, 288520 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop11: 14.5 MiB, 15204352 bytes, 29696 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop12: 34.7 MiB, 36323328 bytes, 70944 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop13: 13 MiB, 13619200 bytes, 26600 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes

Disk /dev/loop14: 3.7 MiB, 3878912 bytes, 7576 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes