Skip to content

Instantly share code, notes, and snippets.

/vboxEmulateHost.py

Created June 2, 2016 08:09
Show Gist options
  • Save anonymous/36ef0163dbed28f41304d402b0f1e030 to your computer and use it in GitHub Desktop.
Save anonymous/36ef0163dbed28f41304d402b0f1e030 to your computer and use it in GitHub Desktop.
Download ZIP
VirtualBox - Emulate HOST based on DMI, ACPI tables (DSDT, SSDT and SLIC) and NIC MAC address
Raw
vboxEmulateHost.py
#!/usr/bin/env python
"""
CREDITS GO TO (and most certainly others):
http://blog.michaelboman.org/2014/01/making-virtualbox-nearly-undetectable.html
http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478
"""
import re
import random
import subprocess
import sys
import os
import json
from pprint import pprint
def cloneMAC():
ifconfig_out = runcmd(["/sbin/ifconfig", "enp3s0"])
regex = r"([0-9A-F]{2}[:-]){5}([0-9A-F]{2})"
pat = re.compile(regex, re.I | re.S | re.M)
for line in ifconfig_out:
if pat.search(line):
mac = pat.match(line).group().split(":")
pprint(mac)
mac[0] = int(mac[0], 16)
mac[1] = int(mac[1], 16)
mac[2] = int(mac[2], 16)
mac[3] = random.randint(0x00, 0x7f)
mac[4] = random.randint(0x00, 0xff)
mac[5] = random.randint(0x00, 0xff)
pprint(mac)
return ''.join(map(lambda x: "%02x" % x, mac))
def randomMAC():
# 00:1b:fc = ASUSTek COMPUTER INC.
mac = [0xc8, 0x0a, 0xa9,
random.randint(0x00, 0x7f),
random.randint(0x00, 0xff),
random.randint(0x00, 0xff)]
return ''.join(map(lambda x: "%02x" % x, mac))
def getnewmac(hostname):
regex = r"(%s)\s+([0-9A-Fa-f]+)\s+([0-9\.]+)" % hostname
pat = re.compile(regex, re.I | re.S | re.M)
with open("./etc/macs.txt") as fh:
for line in fh:
if pat.search(line):
(hostname, mac, ip) = pat.match(line).groups()
if mac:
return mac
return randomMAC()
def runcmd(cmd):
try:
print "Executing %s" % ' '.join(cmd)
output = subprocess.check_output(cmd)
print output
return output
except:
print "Failed"
return None
# Gather system information
def getdmi():
dmi = {}
# Anti-VM detection, DMI BIOS information (type 0)
dmitmp = runcmd(["sudo", "dmidecode", "-t0"])
dmi['DmiBIOSVendor'] = re.search("Vendor: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiBIOSVersion'] = "string:" + re.search("Version: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiBIOSReleaseDate'] = re.search("Release Date: ([0-9\\/\\-]+)", dmitmp, re.I | re.S | re.M).group(1)
# Anti-VM detection, DMI BIOS information (type 1)
dmitmp = runcmd(["sudo", "dmidecode", "-t1"])
dmi['DmiSystemVendor'] = re.search("Manufacturer: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiSystemProduct'] = re.search("Product Name: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiSystemVersion'] = "string:" + re.search("Version: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiSystemSerial'] = "string:" + re.search("Serial Number: ([0-9A-Z\\ \\-]+)", dmitmp,
re.I | re.S | re.M).group(1)
dmi['DmiSystemSKU'] = re.search("SKU Number: ([0-9A-Z\\ \\-\\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiSystemFamily'] = re.search("Family: ([0-9A-Z\\ \\-\\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiSystemUuid'] = re.search("UUID: ([0-9A-Z\\-]+)", dmitmp, re.I | re.S | re.M).group(1)
# Anti-VM detection, DMI BIOS information (type 2)
MotherboardTypes = [
"Unknown",
"Other",
"Server Blade",
"Connectivity Switch",
"System Management Module",
"Processor Module",
"I/O Module",
"Memory Module",
"Daughter Board",
"Motherboard",
"Processor+Memory Module",
"Processor+I/O Module",
"Interconnect Board"
]
dmitmp = runcmd(["sudo", "dmidecode", "-t2"])
dmi['DmiBoardVendor'] = re.search("Manufacturer: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiBoardProduct'] = re.search("Product Name: ([A-Z0-9\\ \\.\\-/]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiBoardVersion'] = "string:" + re.search("Version: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiBoardSerial'] = "string:" + re.search("Serial Number: ([0-9A-Z\\ \\-]+)", dmitmp, re.I | re.S | re.M).group(
1)
dmi['DmiBoardAssetTag'] = re.search("Asset Tag: ([0-9A-Z\\ \\-\\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiBoardLocInChass'] = re.search("Location In Chassis: ([0-9A-Z\\ \\-\\.]+)", dmitmp,
re.I | re.S | re.M).group(1)
dmi['DmiBoardBoardType'] = str(
MotherboardTypes.index(re.search("Type: ([0-9A-Z\\ \\-]+)", dmitmp, re.I | re.S | re.M).group(1)) + 1)
# Anti-VM detection, DMI system enclosure or chassis (type 3)
ChassiTypes = [
"Other",
"Unknown",
"Desktop",
"Low Profile Desktop",
"Pizza Box",
"Mini Tower",
"Tower",
"Portable",
"Laptop",
"Notebook",
"Hand Held",
"Docking Station",
"All In One",
"Sub Notebook",
"Space-saving",
"Lunch Box",
"Main Server Chassis",
"Expansion Chassis",
"Sub Chassis",
"Bus Expansion Chassis",
"Peripheral Chassis",
"RAID Chassis",
"Rack Mount Chassis",
"Sealed-case PC",
"Multi-system",
"CompactPCI",
"AdvancedTCA",
"Blade",
"Blade Enclosing"
]
dmitmp = runcmd(["sudo", "dmidecode", "-t3"])
dmi['DmiChassisVendor'] = re.search("Manufacturer: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiChassisType'] = str(
ChassiTypes.index(re.search("Type: ([0-9A-Z\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)) + 1)
dmi['DmiChassisVersion'] = "string:" + re.search("Version: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiChassisSerial'] = "string:" + re.search("Serial Number: ([A-Z0-9\\ \\.]+)", dmitmp,
re.I | re.S | re.M).group(1)
dmi['DmiChassisAssetTag'] = re.search("Asset Tag: ([A-Z0-9\\ \\.\\-]+)", dmitmp, re.I | re.S | re.M).group(1)
# Anti-VM detection, DMI processor informatiion (type 4)
dmitmp = runcmd(["sudo", "dmidecode", "-t4"])
dmi['DmiProcManufacturer'] = re.search("Manufacturer: ([A-Z0-9\\ \\.]+)", dmitmp, re.I | re.S | re.M).group(1)
dmi['DmiProcVersion'] = "string:" + re.search("Version: ([A-Z0-9\\ \\.\\(\\)\\-]+)", dmitmp,
re.I | re.S | re.M).group(1)
for key, value in dmi.iteritems():
if value == None:
del dmi[key]
else:
if isinstance(value, (int, long)):
dmi[key] = str(value)
else:
dmi[key] = value.strip()
return dmi
dmi = None
try:
fh = open('dmi.txt', 'r')
if fh:
dmi = json.load(fh)
fh.close()
except Exception:
dmi = getdmi()
with open('dmi.txt', 'w') as outfile:
json.dump(dmi, outfile, sort_keys=True, indent=4, separators=(',', ': '))
print json.dumps(dmi, sort_keys=True, indent=4, separators=(',', ': '))
# Globals, of sorts
ACPI_BIN = "ACPI.dat"
DSDT_BIN = "dsdt.dat"
SSDT_BIN = "ssdt1.dat"
SLIC_BIN = "slic.dat"
VBoxManage = '/usr/bin/VBoxManage'
# Get all the ACPI tables
if not os.path.exists(ACPI_BIN):
runcmd(['sudo', 'acpidump', '-o', ACPI_BIN])
runcmd(['acpixtract', '-a', ACPI_BIN])
if not os.path.exists(DSDT_BIN):
raise Exception("No %s file!" % DSDT_BIN)
if not os.path.exists(SSDT_BIN):
raise Exception("No %s file!" % SSDT_BIN)
if not os.path.exists(SLIC_BIN):
raise Exception("No %s file!" % SLIC_BIN)
for target in sys.argv[1:]:
# Configure all the virtual BIOS setings
for key, value in dmi.iteritems():
runcmd([VBoxManage, "setextradata", target, "VBoxInternal/Devices/pcbios/0/Config/" + key, value])
# Configure DSDT
runcmd([VBoxManage, "setextradata", target, "VBoxInternal/Devices/acpi/0/Config/DsdtFilePath", DSDT_BIN])
# Configure SSDT
runcmd([VBoxManage, "setextradata", target, "VBoxInternal/Devices/acpi/0/Config/SsdtFilePath", SSDT_BIN])
# Configure SLIC
runcmd([VBoxManage, "setextradata", target, "VBoxInternal/Devices/acpi/0/Config/CustomTable", SLIC_BIN])
# Setting guest MAC
newmac = randomMAC()
runcmd([VBoxManage, "modifyvm", target, "--macaddress1", newmac])
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment