[Full-disclosure] Generically Determining the Prescence of Virtual Machines
- From: valsmith <valsmith@xxxxxxxxxxxxxx>
- Date: Thu, 16 Mar 2006 18:08:22 -0700
At OffensiveComputing we were looking at ways to detect virtual machines and
had found and discarded many unsophisticated methods such as looking for
VMWare Tools running as a service or VMWare related registy keys, etc. Then
we discovered Joanna Rutkowska's very interesting "Redpill" method. This was
an eye opening work for us. After spending a little time playing with it we
realized it wasn't fool proof on multiprocessor systems and so we decided to
research the problems and possible ways to improve on the method. We
discovered and implemented an improved method which is presented in the this
paper.
http://www.offensivecomputing.net
V.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] HTTP AUTH BASIC monowall.
- Next by Date: Re: [Full-disclosure] Filtering Latest Spam Run (radio.toad.com)
- Previous by thread: [Full-disclosure] [SECURITY] [DSA 1008-1] New kpdf packages fix arbitrary code execution
- Next by thread: [Full-disclosure] [SECURITY] [DSA 1004-1] New vlc packages fix arbitrary code execution
- Index(es):
