Live Breaking News & Updates on Memory Specification
Stay updated with breaking news from Memory specification. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
Posted on Tue 20 August 2019 in Research Introduction Virtual Machine (VM) detection is nothing new. Malware has been doing it for over a decade now. Over time the techniques have advanced as defenders learned new ways of avoiding VM detection. A while back a friend and I were working on a project related to exploit delivery via a web application for redteaming purposes. I wanted a way to fingerprint visitors of the site and hash the fingerprint data so I could look for potential repeat visitors. While investigating fingerprinting I stumbled upon something pretty interesting. I was looking at some code that collected information about WebGL capabilities. I quickly realized that some of the fingerprinting information could be useful for VM detection because vendor names were exposed. In this particular instance the string VMWare was contained within the WebGL information. After some more testing I also discovered that VirtualBox reported the same kind of inf ....