search

zhaodice / qemu-anti-detection

A patch to hide qemu itself, bypass mhyprot,EAC,nProtect / VMProtect,VProtect, Themida, Enigma Protector,Safegine Shielden
746 stars 113 forks source link

TODO: ACPI bypass #29

Open zhaodice opened 11 months ago

zhaodice commented 11 months ago

https://github.com/huoji120/ACPI_SANDBOX_DETECT

    检测ACPI表内容,如果小于8那么可能是虚拟机
    检测ACPI是否有windows的WEATH,如果有则说明在windows的虚拟机中
    检测ACPI表中是否没有HPET,如果没有,则说明可能在linux下的沙箱中