waliedassar

VirtualPC CPUID TRICK

Oct 8th, 2012
2,459
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. //http://waleedassar.blogspot.com (@waleedassar)
  2. //A method to detect VirtualPC
  3. #include "stdafx.h"
  4. #include "windows.h"
  5. #include "stdio.h"
  6.  
  7. int __cdecl Handler(EXCEPTION_RECORD* pRec,void* est,unsigned char* pContext,void* disp)
  8. {
  9.     if(pRec->ExceptionCode==EXCEPTION_SINGLE_STEP)
  10.     {
  11.         return ExceptionContinueExecution;
  12.     }
  13.     return ExceptionContinueSearch;
  14. }
  15.  
  16.  
  17. int main(int argc, char* argv[])
  18. {
  19.     unsigned long x=0;
  20.     __asm
  21.     {
  22.         push offset Handler
  23.         push dword ptr fs:[0x0]
  24.                 mov dword ptr fs:[0x0],esp
  25.  
  26.         pushad
  27.         xor eax,eax
  28.         xor ecx,ecx
  29.         xor edx,edx
  30.         xor ebx,ebx
  31.         pushfd
  32.         pop esi
  33.         or esi,0x100 ;Trap flag
  34.         push esi
  35.         popfd
  36.         CPUID
  37.         pushfd
  38.         pop eax
  39.         mov x,eax
  40.                 popad
  41.         pop dword ptr fs:[0x0]
  42.         pop eax
  43.     }
  44.     if(x&0x100)
  45.     {
  46.         MessageBox(0,"Virtual Machine detected","waliedassar",0);
  47.         ExitProcess(3);
  48.     }
  49.     return 0;
  50. }
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×