tag:blogger.com,1999:blog-8135211063584500909.post5567142730049049739..comments2023-10-02T15:18:02.659+05:30Comments on Lab of a Penetration Tester: (Quick Post) Check if your payload is running inside a VM using PowerShellNikhil SamratAshok Mittalhttp://www.blogger.com/profile/02092541175521734123noreply@blogger.comBlogger6125tag:blogger.com,1999:blog-8135211063584500909.post-91233125177781492572014-09-08T21:45:50.972+05:302014-09-08T21:45:50.972+05:30Navigation on a touch screen is very tedious, it ...Navigation on a touch screen is very tedious, it keeps taking me to next/prev page when I scroll or zoom, plz fix as I am quite enjoying your research good sir. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-19470643613258499052013-03-17T19:11:29.847+05:302013-03-17T19:11:29.847+05:30Hi Successfully detected a windows 2012 server run...Hi Successfully detected a windows 2012 server running on vkvm/Qemu.<br />It also detect as a HyperV machine, perhaps cause Windows 2012 host hyperv...Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-54697207101505100972013-01-15T22:41:32.556+05:302013-01-15T22:41:32.556+05:30That would be possible in this case. This script d...That would be possible in this case. This script depends entirely on Registry keys and names of processes to detect VM.Nikhil SamratAshok Mittalhttps://www.blogger.com/profile/02092541175521734123noreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-8845224834795383442013-01-15T16:15:43.947+05:302013-01-15T16:15:43.947+05:30That's cute. Makes me wonder if a non-VM machi...That's cute. Makes me wonder if a non-VM machine, with suitable reg keys or drivers loaded, could fool malware into thinking it's in a sandbox and aborting.Jonnoreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-54604249564748744562013-01-14T08:35:34.127+05:302013-01-14T08:35:34.127+05:30Thanks Thomas, I have updated the post.Thanks Thomas, I have updated the post.Nikhil SamratAshok Mittalhttps://www.blogger.com/profile/02092541175521734123noreply@blogger.comtag:blogger.com,1999:blog-8135211063584500909.post-82847875736889623402013-01-14T05:58:54.786+05:302013-01-14T05:58:54.786+05:30This correctly identifies a Hyper-V VM running und...This correctly identifies a Hyper-V VM running under Windows 8.Thomas Leehttps://www.blogger.com/profile/05591926562143348089noreply@blogger.com