Scrut1ny
commented
4 months ago - The generic reverse turning tests are on you, they're stupid anyway.
- Theres already been a solution for fixing the RDTSC check, but for the Force VM exit though you must patch the host kernal, and it'll have to be on Linux because Windows is proprietary.
# RDTSC (Read Time-Stamp Counter) $VBoxManager setextradata $VM "VBoxInternal/TM/TSCMode" "RealTSCOffset" $VBoxManager setextradata $VM "VBoxInternal/CPUM/SSE4.1" "1" $VBoxManager setextradata $VM "VBoxInternal/CPUM/SSE4.2" "1" - The check up time
GetTickCount()is also kinda stupid, all you have to do is leave the hypervisor runnning for 12+ minutes - The vbox detections do need to get updated, they're very easy fixes though.
SCSI Identifier Spoof
function Get-UpperRandomString {
$Identifier = -join (1..20 | ForEach {[char]((65..90) + (48..57) | Get-Random)})
return $Identifier
}
# Physical Drives (SATA/NVMe)
foreach ($PortNumber in 0..9) {
foreach ($BusNumber in 0..9) {
foreach ($LogicalUnitIdNumber in 0..9) {
$registryPath = "HKLM:\HARDWARE\DEVICEMAP\Scsi\Scsi Port $PortNumber\Scsi Bus $BusNumber\Target Id 0\Logical Unit Id $LogicalUnitIdNumber"
if (Test-Path -Path $registryPath) {
$NewString = Get-UpperRandomString
Set-ItemProperty -Path "$registryPath" -Name 'Identifier' -Type String -Value "NVMe Samsung SSD 980 FXO7" -Force
Set-ItemProperty -Path "$registryPath" -Name 'SerialNumber' -Type String -Value "$NewString" -Force
}
}
}
}MAC Address Spoof
$VBoxManager modifyvm $VM --nic1 "bridged" --mac-address1 "428D5C257A8B"
Pafish got upgraded since and this fails many more tests than in the README.