Last active
August 4, 2025 01:19
-
-
Save PYfffE/8291964e578f74cf00d83b6fbbfa61f0 to your computer and use it in GitHub Desktop.
Sandbox evasion via time delay, without Sleep function.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <windows.h> | |
| static unsigned long long ticks_for_one_second = 1000000000; | |
| void stubfunc(unsigned long long max_count) { | |
| for (unsigned long long j = 0; j < max_count; j++) { | |
| (void)j; | |
| } | |
| } | |
| void calibrating() { | |
| FILETIME ft1; | |
| ULARGE_INTEGER uli1; | |
| FILETIME ft2; | |
| ULARGE_INTEGER uli2; | |
| // First timestump | |
| GetSystemTimeAsFileTime(&ft1); | |
| memcpy(&uli1, &ft1, sizeof(FILETIME)); | |
| stubfunc(ticks_for_one_second); | |
| // Seconf timestump | |
| GetSystemTimeAsFileTime(&ft2); | |
| memcpy(&uli2, &ft2, sizeof(FILETIME)); | |
| #ifdef _DEBUG | |
| printf("first unix timestamp in milliseconds: %lld\n", (uli1.QuadPart - 116444736000000000ULL) / 10000); | |
| printf("first unix timestamp in milliseconds: %lld\n", (uli2.QuadPart - 116444736000000000ULL) / 10000); | |
| #endif | |
| // Текущая задержка | |
| unsigned long long result = ( (uli2.QuadPart - 116444736000000000ULL) / 10) - ((uli1.QuadPart - 116444736000000000ULL) / 10); | |
| // На случай, если GetSystemTimeAsFileTime возвращает одинаковое значение | |
| if (result == 0) { | |
| ticks_for_one_second = 99999999999999; | |
| return; | |
| } | |
| // Рассчет итераций для задержки в ~1000 мс | |
| unsigned long long calibrated_count = unsigned long long ((double)(ticks_for_one_second) * 1000000.0 / (double)(result)); | |
| #if _DEBUG | |
| printf("first test delay: %llu seconds\n", result); | |
| printf("calibrated delay: %llu\n", calibrated_count); | |
| #endif | |
| ticks_for_one_second = calibrated_count; | |
| } | |
| int main(int argc, char** argv) { | |
| if (argc == 1) { | |
| exit(1); | |
| } | |
| calibrating(); | |
| // Цикл должен раз в указанное количество секунд, независимо от платформы | |
| for (int i = 0; i < 8; i++) { | |
| printf("test%i\n", i); | |
| stubfunc(ticks_for_one_second*atoi(argv[1])); | |
| } | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment