Add files via upload
This commit is contained in:
bRootForceOfficial
GitHub
commit
b47f4c04a5
2 changed files with 441 additions and 0 deletions
131
undo.sh
Normal file
131
undo.sh
Normal file
|
|
@ -0,0 +1,131 @@
|
|||
#!/bin/bash
|
||||
# VirtualBox Configuration Undo Script
|
||||
|
||||
set -eo pipefail
|
||||
|
||||
VM="${1:-}"
|
||||
|
||||
# Color output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
CYAN='\033[0;36m'
|
||||
NC='\033[0m'
|
||||
|
||||
log_error() { echo -e "${RED}[ERROR]${NC} $1" >&2; }
|
||||
log_success() { echo -e "${GREEN}[SUCCESS]${NC} $1"; }
|
||||
log_info() { echo -e "${YELLOW}[INFO]${NC} $1"; }
|
||||
log_section() { echo -e "${CYAN}[*]${NC} $1"; }
|
||||
|
||||
# Validate inputs
|
||||
if [ -z "$VM" ]; then
|
||||
echo "Usage: $0 \"VM Name\""
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if VBoxManage exists
|
||||
if ! command -v VBoxManage &> /dev/null; then
|
||||
log_error "VBoxManage not found. Please install VirtualBox."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
VBOXMANAGE="VBoxManage"
|
||||
|
||||
# Check if VM exists
|
||||
if ! "$VBOXMANAGE" showvminfo "$VM" &> /dev/null; then
|
||||
log_error "VM '$VM' not found."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check VM state
|
||||
check_vm_state() {
|
||||
local state
|
||||
state=$("$VBOXMANAGE" showvminfo "$VM" --machinereadable | grep "^VMState=" | cut -d'"' -f2)
|
||||
if [ "$state" != "poweroff" ] && [ "$state" != "aborted" ]; then
|
||||
log_error "VM must be powered off. Current state: $state"
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
generate_random_uuid() {
|
||||
if command -v uuidgen &> /dev/null; then
|
||||
uuidgen
|
||||
else
|
||||
printf '%08x-%04x-%04x-%04x-%012x\n' \
|
||||
$((RANDOM * RANDOM)) $RANDOM $((RANDOM | 0x4000)) \
|
||||
$((RANDOM | 0x8000)) $((RANDOM * RANDOM * RANDOM))
|
||||
fi
|
||||
}
|
||||
|
||||
# Backup current settings
|
||||
backup_settings() {
|
||||
local backup_dir="/tmp/vbox_backups"
|
||||
mkdir -p "$backup_dir"
|
||||
|
||||
local backup_file="$backup_dir/vbox_backup_${VM// /_}_$(date +%Y%m%d_%H%M%S).txt"
|
||||
log_info "Backing up current settings to: $backup_file"
|
||||
|
||||
{
|
||||
echo "=== VM Configuration Backup ==="
|
||||
echo "Timestamp: $(date)"
|
||||
echo "VM Name: $VM"
|
||||
echo ""
|
||||
echo "=== Hardware UUID ==="
|
||||
"$VBOXMANAGE" showvminfo "$VM" --machinereadable | grep "^hardwareuuid="
|
||||
echo ""
|
||||
echo "=== MAC Addresses ==="
|
||||
"$VBOXMANAGE" showvminfo "$VM" --machinereadable | grep "^macaddress"
|
||||
echo ""
|
||||
echo "=== Paravirtualization ==="
|
||||
"$VBOXMANAGE" showvminfo "$VM" --machinereadable | grep "^paravirtprovider="
|
||||
echo ""
|
||||
echo "=== Graphics Controller ==="
|
||||
"$VBOXMANAGE" showvminfo "$VM" --machinereadable | grep "^graphicscontroller="
|
||||
echo ""
|
||||
echo "=== All Extra Data ==="
|
||||
"$VBOXMANAGE" getextradata "$VM" enumerate
|
||||
} > "$backup_file"
|
||||
|
||||
log_success "Backup saved to: $backup_file"
|
||||
}
|
||||
|
||||
undo_identifiers() {
|
||||
log_section "Reverting to VirtualBox Defaults"
|
||||
check_vm_state
|
||||
backup_settings
|
||||
|
||||
log_info "Removing all custom configuration..."
|
||||
|
||||
# Remove all VBoxInternal extradata
|
||||
"$VBOXMANAGE" getextradata "$VM" enumerate 2>/dev/null | grep "^Key: VBoxInternal" | while read -r line; do
|
||||
local key=$(echo "$line" | sed 's/^Key: \(.*\), Value:.*/\1/')
|
||||
if [ -n "$key" ]; then
|
||||
"$VBOXMANAGE" setextradata "$VM" "$key" "" 2>/dev/null || true
|
||||
fi
|
||||
done
|
||||
|
||||
# Reset MAC addresses
|
||||
log_info "Resetting network adapters..."
|
||||
for i in {1..8}; do
|
||||
"$VBOXMANAGE" modifyvm "$VM" --macaddress${i} auto 2>/dev/null || true
|
||||
done
|
||||
|
||||
# Reset UUID
|
||||
log_info "Generating new UUID..."
|
||||
local new_uuid=$(generate_random_uuid)
|
||||
"$VBOXMANAGE" modifyvm "$VM" --hardware-uuid "$new_uuid"
|
||||
|
||||
# Restore paravirtualization
|
||||
"$VBOXMANAGE" modifyvm "$VM" --paravirtprovider default 2>/dev/null || true
|
||||
|
||||
# Restore graphics
|
||||
"$VBOXMANAGE" modifyvm "$VM" --graphicscontroller vboxsvga 2>/dev/null || true
|
||||
|
||||
# Restore CPU settings
|
||||
"$VBOXMANAGE" modifyvm "$VM" --cpu-execution-cap 100 2>/dev/null || true
|
||||
"$VBOXMANAGE" modifyvm "$VM" --hpet on 2>/dev/null || true
|
||||
|
||||
log_success "VM reverted to VirtualBox defaults"
|
||||
}
|
||||
|
||||
undo_identifiers
|
||||
310
vbox_stealth.sh
Normal file
310
vbox_stealth.sh
Normal file
|
|
@ -0,0 +1,310 @@
|
|||
#!/bin/bash
|
||||
#################################################
|
||||
# VirtualBox VM Stealth Configuration - Tested on VBOX 7.2.2
|
||||
# Run BEFORE starting the VM (VM must be powered off)
|
||||
# Usage: ./vbox_stealth.sh "VM_NAME" [dell|hp|lenovo|asus]
|
||||
#################################################
|
||||
|
||||
VM_NAME="$1"
|
||||
PRESET="${2:-dell}"
|
||||
|
||||
echo "================================================================"
|
||||
echo "VirtualBox VM Stealth Configuration - Tested on VBOX v7.2.2"
|
||||
echo "Tested with Windows 10 VM, may work for other stuff too idk"
|
||||
echo "================================================================"
|
||||
echo ""
|
||||
|
||||
# Check arguments
|
||||
if [ -z "$VM_NAME" ]; then
|
||||
echo "Usage: $0 \"VM_NAME\" [dell|hp|lenovo|asus]"
|
||||
echo "Example: $0 \"Windows 10\" dell"
|
||||
echo ""
|
||||
echo "Available VMs:"
|
||||
VBoxManage list vms
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if VBoxManage exists
|
||||
if ! command -v VBoxManage &> /dev/null; then
|
||||
echo "Error: VBoxManage not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Check if VM exists
|
||||
if ! VBoxManage showvminfo "$VM_NAME" &>/dev/null; then
|
||||
echo "Error: VM '$VM_NAME' not found"
|
||||
echo ""
|
||||
echo "Available VMs:"
|
||||
VBoxManage list vms
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "VM: $VM_NAME"
|
||||
echo "Preset: $PRESET"
|
||||
echo ""
|
||||
|
||||
# Generate random serials with more realistic formats
|
||||
SYSTEM_SERIAL=$(cat /dev/urandom | tr -dc 'A-Z0-9' | fold -w 10 | head -n 1)
|
||||
BOARD_SERIAL=$(cat /dev/urandom | tr -dc 'A-Z0-9' | fold -w 8 | head -n 1)
|
||||
CHASSIS_SERIAL=$(cat /dev/urandom | tr -dc 'A-Z0-9' | fold -w 8 | head -n 1)
|
||||
DISK_SERIAL=$(cat /dev/urandom | tr -dc 'A-Z0-9' | fold -w 20 | head -n 1)
|
||||
|
||||
# Preset configurations
|
||||
case "$PRESET" in
|
||||
dell)
|
||||
BIOS_VENDOR="American Megatrends Inc."
|
||||
BIOS_VERSION="2.18.0"
|
||||
BIOS_RELEASE_DATE="12/15/2022"
|
||||
SYSTEM_VENDOR="Dell Inc."
|
||||
SYSTEM_PRODUCT="OptiPlex 7090"
|
||||
BOARD_PRODUCT="0J42H4"
|
||||
DISK_MODEL="Samsung SSD 870 EVO 500GB"
|
||||
;;
|
||||
hp)
|
||||
BIOS_VENDOR="HP"
|
||||
BIOS_VERSION="T83 v02.08"
|
||||
BIOS_RELEASE_DATE="10/28/2022"
|
||||
SYSTEM_VENDOR="HP"
|
||||
SYSTEM_PRODUCT="HP EliteDesk 800 G6"
|
||||
BOARD_PRODUCT="872E"
|
||||
DISK_MODEL="WDC WD5000AAKX-60U6AA0"
|
||||
;;
|
||||
lenovo)
|
||||
BIOS_VENDOR="LENOVO"
|
||||
BIOS_VERSION="M1AKT59A"
|
||||
BIOS_RELEASE_DATE="11/03/2022"
|
||||
SYSTEM_VENDOR="LENOVO"
|
||||
SYSTEM_PRODUCT="ThinkCentre M720q"
|
||||
BOARD_PRODUCT="3106SDK0J40705"
|
||||
DISK_MODEL="Samsung SSD 860 EVO 500GB"
|
||||
;;
|
||||
asus)
|
||||
BIOS_VENDOR="American Megatrends Inc."
|
||||
BIOS_VERSION="1401"
|
||||
BIOS_RELEASE_DATE="09/20/2022"
|
||||
SYSTEM_VENDOR="ASUSTeK COMPUTER INC."
|
||||
SYSTEM_PRODUCT="PRIME B560M-A"
|
||||
BOARD_PRODUCT="PRIME B560M-A"
|
||||
DISK_MODEL="Samsung SSD 980 PRO 500GB"
|
||||
;;
|
||||
*)
|
||||
echo "Unknown preset: $PRESET, using dell"
|
||||
PRESET="dell"
|
||||
BIOS_VENDOR="American Megatrends Inc."
|
||||
BIOS_VERSION="2.18.0"
|
||||
BIOS_RELEASE_DATE="12/15/2022"
|
||||
SYSTEM_VENDOR="Dell Inc."
|
||||
SYSTEM_PRODUCT="OptiPlex 7090"
|
||||
BOARD_PRODUCT="0J42H4"
|
||||
DISK_MODEL="Samsung SSD 870 EVO 500GB"
|
||||
;;
|
||||
esac
|
||||
|
||||
echo "================================================================"
|
||||
echo "DMI/SMBIOS BIOS Information"
|
||||
echo "================================================================"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVendor" "$BIOS_VENDOR"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSVersion" "$BIOS_VERSION"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseDate" "$BIOS_RELEASE_DATE"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseMajor" 5
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSReleaseMinor" 12
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSFirmwareMajor" 5
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBIOSFirmwareMinor" 12
|
||||
echo "✓ BIOS information configured (Date: $BIOS_RELEASE_DATE)"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "DMI/SMBIOS System Information"
|
||||
echo "================================================================"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVendor" "$SYSTEM_VENDOR"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemProduct" "$SYSTEM_PRODUCT"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemVersion" "1.0"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemSerial" "$SYSTEM_SERIAL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemSKU" "0A12"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemFamily" "Desktop"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiSystemUuid" "$(uuidgen 2>/dev/null || cat /proc/sys/kernel/random/uuid 2>/dev/null || echo '00000000-0000-0000-0000-000000000000')"
|
||||
echo "✓ System information configured"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "DMI/SMBIOS Board Information"
|
||||
echo "================================================================"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardVendor" "$SYSTEM_VENDOR"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardProduct" "$BOARD_PRODUCT"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardVersion" "A00"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardSerial" "$BOARD_SERIAL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardAssetTag" "Default"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardLocInChass" "Default"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiBoardBoardType" 10
|
||||
echo "✓ Board information configured"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "DMI/SMBIOS Chassis Information"
|
||||
echo "================================================================"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiChassisVendor" "$SYSTEM_VENDOR"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiChassisVersion" "1.0"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiChassisSerial" "$CHASSIS_SERIAL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiChassisAssetTag" "Default"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/pcbios/0/Config/DmiChassisType" 3
|
||||
echo "✓ Chassis information configured"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "ACPI Configuration"
|
||||
echo "================================================================"
|
||||
# Change ACPI OEM IDs to match real hardware
|
||||
case "$PRESET" in
|
||||
dell)
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/acpi/0/Config/AcpiOemId" "DELL "
|
||||
;;
|
||||
hp)
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/acpi/0/Config/AcpiOemId" "HPQOEM"
|
||||
;;
|
||||
lenovo)
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/acpi/0/Config/AcpiOemId" "LENOVO"
|
||||
;;
|
||||
asus)
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/acpi/0/Config/AcpiOemId" "ALASKA"
|
||||
;;
|
||||
esac
|
||||
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/acpi/0/Config/AcpiCreatorId" "INTL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/acpi/0/Config/AcpiCreatorRev" "0x20210331"
|
||||
|
||||
echo "✓ ACPI tables configured"
|
||||
echo "⚠️ Note: ACPI VBOX__ entries require guest-side registry cleanup"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "Disk Configuration (AHCI/IDE/NVMe)"
|
||||
echo "================================================================"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/ahci/0/Config/Port0/ModelNumber" "$DISK_MODEL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/ahci/0/Config/Port0/SerialNumber" "$DISK_SERIAL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/ahci/0/Config/Port0/FirmwareRevision" "SVT02B6Q"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/piix3ide/0/Config/PrimaryMaster/ModelNumber" "$DISK_MODEL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/piix3ide/0/Config/PrimaryMaster/SerialNumber" "$DISK_SERIAL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/piix3ide/0/Config/PrimaryMaster/FirmwareRevision" "01.01A01"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/nvme/0/Config/ModelNumber" "$DISK_MODEL"
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/nvme/0/Config/SerialNumber" "$DISK_SERIAL"
|
||||
echo "✓ Disk information configured"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "CPU Configuration"
|
||||
echo "================================================================"
|
||||
# Set paravirtualization provider to none to hide hypervisor presence
|
||||
VBoxManage modifyvm "$VM_NAME" --paravirtprovider none
|
||||
|
||||
# Remove CPUID leaves that expose hypervisor
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-set 0x00000001 0x000306a9 0x00020800 0x7fbae3ff 0xbfebfbff
|
||||
|
||||
# Remove hypervisor CPUID leaves completely
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000000
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000001
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000002
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000003
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000004
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000005
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x40000006
|
||||
|
||||
# Remove extended CPUID leaves that might expose virtualization
|
||||
VBoxManage modifyvm "$VM_NAME" --cpuid-remove 0x80000001
|
||||
|
||||
echo "✓ CPUID leaves masked"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "Timing and Performance"
|
||||
echo "================================================================"
|
||||
# Tie TSC to execution to prevent timing-based detection
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/TM/TSCTiedToExecution" 1
|
||||
|
||||
# Enable large pages for more realistic timing
|
||||
VBoxManage modifyvm "$VM_NAME" --largepages on
|
||||
|
||||
# Disable time sync to prevent detection via timing analysis
|
||||
VBoxManage setextradata "$VM_NAME" "VBoxInternal/Devices/VMMDev/0/Config/GetHostTimeDisabled" 1
|
||||
|
||||
echo "✓ Timing optimizations applied"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "Network Configuration"
|
||||
echo "================================================================"
|
||||
# Change MAC address to avoid VirtualBox range (08:00:27:xx:xx:xx)
|
||||
# Generate a realistic Intel MAC address
|
||||
RANDOM_MAC=$(printf '00:1A:2B:%02X:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
|
||||
VBoxManage modifyvm "$VM_NAME" --macaddress1 $(echo $RANDOM_MAC | tr -d ':')
|
||||
echo "✓ MAC address changed to: $RANDOM_MAC"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "Additional Stealth Settings"
|
||||
echo "================================================================"
|
||||
|
||||
# Disable nested HW virtualization (can be used for detection)
|
||||
VBoxManage modifyvm "$VM_NAME" --nested-hw-virt off
|
||||
|
||||
# Set realistic firmware type (most modern systems use EFI)
|
||||
# Note: This may require reinstalling the OS if changing from BIOS to EFI
|
||||
CURRENT_FIRMWARE=$(VBoxManage showvminfo "$VM_NAME" --machinereadable | grep "firmware=" | cut -d'"' -f2)
|
||||
echo "Current firmware: $CURRENT_FIRMWARE"
|
||||
echo "⚠️ Consider using --firmware efi for more realistic modern hardware emulation"
|
||||
echo " (requires OS reinstall if switching from BIOS)"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "Configuration Summary"
|
||||
echo "================================================================"
|
||||
echo "System Vendor: $SYSTEM_VENDOR"
|
||||
echo "System Product: $SYSTEM_PRODUCT"
|
||||
echo "BIOS Vendor: $BIOS_VENDOR"
|
||||
echo "BIOS Version: $BIOS_VERSION"
|
||||
echo "BIOS Date: $BIOS_RELEASE_DATE"
|
||||
echo "System Serial: $SYSTEM_SERIAL"
|
||||
echo "Disk Model: $DISK_MODEL"
|
||||
echo "MAC Address: $RANDOM_MAC"
|
||||
echo "Paravirt Provider: none"
|
||||
echo "TSC Mode: Tied to execution"
|
||||
echo ""
|
||||
|
||||
echo "================================================================"
|
||||
echo "IMPORTANT: Next Steps"
|
||||
echo "================================================================"
|
||||
echo ""
|
||||
echo "1. START THE VM"
|
||||
echo ""
|
||||
echo "2. RUN VBoxCloak.ps1 inside Windows:"
|
||||
echo " PowerShell -ExecutionPolicy Bypass -File VBoxCloak.ps1 -all"
|
||||
echo ""
|
||||
echo "3. DISABLE/REMOVE these features in Windows:"
|
||||
echo " • VirtualBox Guest Additions (uninstall completely)"
|
||||
echo " • Shared folders"
|
||||
echo " • Bidirectional clipboard"
|
||||
echo " • Drag and drop"
|
||||
echo ""
|
||||
echo "4. VERIFY in Device Manager:"
|
||||
echo " • No VirtualBox devices should be visible"
|
||||
echo " • Remove any 'Unknown devices' related to VBox"
|
||||
echo ""
|
||||
echo "5. TEST with detection tools:"
|
||||
echo " • al-khaser"
|
||||
echo " • pafish"
|
||||
echo " • Ensure Guest Additions are fully removed first"
|
||||
echo ""
|
||||
echo "================================================================"
|
||||
echo "Known Limitations (Cannot be Fixed)"
|
||||
echo "================================================================"
|
||||
echo ""
|
||||
echo "The following detections will likely remain:"
|
||||
echo "• WMI class instance checks (Win32_PhysicalMemory, etc.)"
|
||||
echo "• Thermal zone information (MSAcpi_ThermalZoneTemperature)"
|
||||
echo "• Some CIM sensor classes"
|
||||
echo "• Power management capability differences"
|
||||
echo "• Hardware timing variations"
|
||||
echo ""
|
||||
echo "These are inherent to VirtualBox's architecture and would"
|
||||
echo "require kernel-mode drivers or source code modifications."
|
||||
echo ""
|
||||
echo "================================================================"
|
||||
Loading…
Add table
Reference in a new issue