I want my Win32 application to detect if it is running under Virtual PC or VMware, and found a how-to guide on it here:
http://www.codeproject.com/Articles/9823/Detect-if-your-program-is-running-inside-a-Virtual
(http://www.codeproject.com/Articles/9823/Detect-if-your-program-is-running-inside-a-Virtual)
They provide example code in C++ (with inline asm) but I don't know how to convert the exception handlers into asm. Can someone show me how it's done?
How to detect Virtual PC
// IsInsideVPC's exception filter
DWORD __forceinline IsInsideVPC_exceptionFilter(LPEXCEPTION_POINTERS ep)
{
PCONTEXT ctx = ep->ContextRecord;
ctx->Ebx = -1; // Not running VPC
ctx->Eip += 4; // skip past the "call VPC" opcodes
return EXCEPTION_CONTINUE_EXECUTION;
// we can safely resume execution since we skipped faulty instruction
}
// High level language friendly version of IsInsideVPC()
bool IsInsideVPC()
{
bool rc = false;
__try
{
_asm push ebx
_asm mov ebx, 0 // It will stay ZERO if VPC is running
_asm mov eax, 1 // VPC function number
// call VPC
_asm __emit 0Fh
_asm __emit 3Fh
_asm __emit 07h
_asm __emit 0Bh
_asm test ebx, ebx
_asm setz [rc]
_asm pop ebx
}
// The except block shouldn't get triggered if VPC is running!!
__except(IsInsideVPC_exceptionFilter(GetExceptionInformation()))
{
}
return rc;
}
How to detect VMWare
bool IsInsideVMWare()
{
bool rc = true;
__try
{
__asm
{
push edx
push ecx
push ebx
mov eax, 'VMXh'
mov ebx, 0 // any value but not the MAGIC VALUE
mov ecx, 10 // get VMWare version
mov edx, 'VX' // port number
in eax, dx // read port
// on return EAX returns the VERSION
cmp ebx, 'VMXh' // is it a reply from VMWare?
setz [rc] // set return value
pop ebx
pop ecx
pop edx
}
}
__except(EXCEPTION_EXECUTE_HANDLER)
{
rc = false;
}
return rc;
}
Mike
you need to set up an exception handler (SEH) for that. Look here: http://www.masmforum.com/board/index.php?topic=12908.0
I have not been able to get any VmWare working yet, so I can't test this.
Could someone test this for me and let me know which o.s. you used as well ?
Vielen Dank,
Andy
; Detect if under VmWare
;
; Det_VmWare.asm by Prof4
;
include \masm32\include\masm32rt.inc
.data
WaterMark db "SiegeWorks 2013 ð__ð" ; Alt 240 char
%Date db " &@Date " ; Compile date
%time db " &@Time"
%version db " Masm Version &@Version"
.data?
.code
assume fs:nothing
start:
; Setting a new Structured Exception Handling
xor eax, eax ; zero out eax register
push offset SEH_handler ; put the stack pointer to the new handler
push dword ptr fs: [eax] ; put the stack pointer to the old handler
mov fs: [eax], esp ; register new SEH-handler
mov eax, 564D5868h ; VMware hypervisor magic value
mov ecx, 10 ; command for obtaining VMWare version information
mov dx, 5658h ; VMWARE_HYPERVISOR_PORT
in eax, dx ; Read from port
SEH_handler:
mov esi, [esp +0ch]; context pointer register
assume esi: PTR CONTEXT
mov [esi]. regEip, offset continue
continue:
invoke ExitProcess,0
end start
Quote from: Magnum on February 21, 2013, 09:27:58 AM
I have not been able to get any VmWare working yet, so I can't test this.
Could someone test this for me and let me know which o.s. you used as well ?
Vielen Dank,
Andy
; Detect if under VmWare
;
; Det_VmWare.asm by Prof4
;
include \masm32\include\masm32rt.inc
.data
WaterMark db "SiegeWorks 2013 ð__ð" ; Alt 240 char
%Date db " &@Date " ; Compile date
%time db " &@Time"
%version db " Masm Version &@Version"
.data?
.code
assume fs:nothing
start:
; Setting a new Structured Exception Handling
xor eax, eax ; zero out eax register
push offset SEH_handler ; put the stack pointer to the new handler
push dword ptr fs: [eax] ; put the stack pointer to the old handler
mov fs: [eax], esp ; register new SEH-handler
mov eax, 564D5868h ; VMware hypervisor magic value
mov ecx, 10 ; command for obtaining VMWare version information
mov dx, 5658h ; VMWARE_HYPERVISOR_PORT
in eax, dx ; Read from port
SEH_handler:
mov esi, [esp +0ch]; context pointer register
assume esi: PTR CONTEXT
mov [esi]. regEip, offset continue
continue:
invoke ExitProcess,0
end start
Hello,
Code is working on WMWare 8 + Windows XP SP3