search

winapps-org / winapps

The winapps main project, forked from https://github.com/Fmstrat/winapps/
534 stars 24 forks source link

Preventing the VM being detected as a VM #99

Open oskardotglobal opened 1 month ago

oskardotglobal commented 1 month ago

I've started working on incorporating https://github.com/zhaodice/qemu-anti-detection into the windows docker image. However, I can't quite seem to get QEMU to compile inside docker. See https://github.com/oskardotglobal/docker-qemu-anti-detection and https://github.com/oskardotglobal/docker-qemu-anti-detection/actions/runs/9178044026/job/25237029138

LDprg commented 1 month ago

@oskardotglobal I checked your repo, I have the suspicion that the qemu version of qemu-docker and the vm hiding software are different.

oskardotglobal commented 1 month ago

To your original pre-edit question: It's better for image size and build time reasons

oskardotglobal commented 1 month ago

@oskardotglobal I checked your repo, I have the suspicion that the qemu version of qemu-docker and the vm hiding software are different.

That doesn't really matter here, the built version will be preferred over the installed one because of path precedence.

oskardotglobal commented 1 month ago

If you check the log make fails with ERROR: Unrecognized host OS (uname -s reports 'Linux')

oskardotglobal commented 1 month ago

Which doesn't make any sense to me because the image actually runs Debian Trixie

oskardotglobal commented 1 month ago

So the OS should be recognized as Debian

LDprg commented 1 month ago

@oskardotglobal this makes sense. Uname is not working inside docker. I found quite some stuff:

Debian seems to use a very generic uname data for docker.

oskardotglobal commented 1 month ago

Thanks, this helps a lot

oskardotglobal commented 1 month ago

However, the uname name comes from the runner which is actions in this case

LDprg commented 1 month ago

However, the uname name comes from the runner which is actions in this case

Yeah, but you could overwrite it in the docker anyways. And I am not sure if its always the host uname. People reported different stuff, maybe its depenedent on the base image thats being used.

oskardotglobal commented 1 month ago

It couldn't be, because docker reuses the host kernel which is .. yk, the entire point of using docker

oskardotglobal commented 1 month ago

... The error comes from not having installed gcc

LDprg commented 1 month ago

@oskardotglobal sorry for the comment deletion was a small accident on my mobile phone.

oskardotglobal commented 1 month ago

Oh by the way this is done already, I'd just have to add the new base image in the windows image

oskardotglobal commented 1 month ago

Then the only problem would be applying the QEMU XML config

oskardotglobal commented 1 month ago

Seems we can do that with https://libvirt.org/manpages/virsh.html#domxml-to-native