waliedassar

VirtualPC CPUID TRICK

Oct 8th, 2012
2,242
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. //http://waleedassar.blogspot.com (@waleedassar)
  2. //A method to detect VirtualPC
  3. #include "stdafx.h"
  4. #include "windows.h"
  5. #include "stdio.h"
  6.  
  7. int __cdecl Handler(EXCEPTION_RECORD* pRec,void* est,unsigned char* pContext,void* disp)
  8. {
  9.     if(pRec->ExceptionCode==EXCEPTION_SINGLE_STEP)
  10.     {
  11.         return ExceptionContinueExecution;
  12.     }
  13.     return ExceptionContinueSearch;
  14. }
  15.  
  16.  
  17. int main(int argc, char* argv[])
  18. {
  19.     unsigned long x=0;
  20.     __asm
  21.     {
  22.         push offset Handler
  23.         push dword ptr fs:[0x0]
  24.                 mov dword ptr fs:[0x0],esp
  25.  
  26.         pushad
  27.         xor eax,eax
  28.         xor ecx,ecx
  29.         xor edx,edx
  30.         xor ebx,ebx
  31.         pushfd
  32.         pop esi
  33.         or esi,0x100 ;Trap flag
  34.         push esi
  35.         popfd
  36.         CPUID
  37.         pushfd
  38.         pop eax
  39.         mov x,eax
  40.                 popad
  41.         pop dword ptr fs:[0x0]
  42.         pop eax
  43.     }
  44.     if(x&0x100)
  45.     {
  46.         MessageBox(0,"Virtual Machine detected","waliedassar",0);
  47.         ExitProcess(3);
  48.     }
  49.     return 0;
  50. }
RAW Paste Data