school-cheating/SEBPatch
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 5 Wiki Activity

Restore SEBPatch

Browse Source
This commit is contained in:
Vichingo455
2025-06-01 11:56:28 +02:00
parent 8c656e3137
commit 00707825b4
1009 changed files with 5005 additions and 6502 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
SafeExamBrowser.Monitoring/VirtualMachineDetector.cs
View File

@@ -1,5 +1,5 @@
/*
* Copyright (c) 2024 ETH Zürich, IT Services
* Copyright (c) 2025 ETH Zürich, IT Services
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -54,11 +54,117 @@ namespace SafeExamBrowser.Monitoring
public bool IsVirtualMachine()
{
/*
var isVirtualMachine = false;
logger.Debug($"Computer '{systemInfo.Name}' appears {(isVirtualMachine ? "" : "not ")}to be a virtual machine.");
isVirtualMachine |= HasVirtualDevice();
isVirtualMachine |= HasVirtualMacAddress();
isVirtualMachine |= IsVirtualCpu();
isVirtualMachine |= IsVirtualRegistry();
isVirtualMachine |= IsVirtualSystem(systemInfo.BiosInfo, systemInfo.Manufacturer, systemInfo.Model);
*/
logger.Debug($"Computer '{systemInfo.Name}' appears not to be a virtual machine.");
return isVirtualMachine;
return false;
}
private bool HasVirtualDevice()
{
var hasVirtualDevice = false;
foreach (var device in systemInfo.PlugAndPlayDeviceIds)
{
hasVirtualDevice |= DeviceBlacklist.Any(d => device.ToLower().Contains(d.ToLower())) && DeviceWhitelist.All(d => !device.ToLower().Contains(d.ToLower()));
}
return hasVirtualDevice;
}
private bool HasVirtualMacAddress()
{
var hasVirtualMacAddress = false;
var macAddress = systemInfo.MacAddress;
if (macAddress != null && macAddress.Length > 2)
{
hasVirtualMacAddress |= macAddress.StartsWith(MANIPULATED);
hasVirtualMacAddress |= macAddress.StartsWith(QEMU_MAC_PREFIX);
hasVirtualMacAddress |= macAddress.StartsWith(VIRTUALBOX_MAC_PREFIX);
}
return hasVirtualMacAddress;
}
private bool IsVirtualCpu()
{
var isVirtualCpu = false;
isVirtualCpu |= systemInfo.CpuName.ToLower().Contains(" kvm ");
return isVirtualCpu;
}
private bool IsVirtualRegistry()
{
var isVirtualRegistry = false;
isVirtualRegistry |= HasLocalVirtualMachineDeviceCache();
return isVirtualRegistry;
}
private bool IsVirtualSystem(string biosInfo, string manufacturer, string model)
{
var isVirtualSystem = false;
biosInfo = biosInfo.ToLower();
manufacturer = manufacturer.ToLower();
model = model.ToLower();
isVirtualSystem |= biosInfo.Contains("hyper-v");
isVirtualSystem |= biosInfo.Contains("virtualbox");
isVirtualSystem |= biosInfo.Contains("vmware");
isVirtualSystem |= biosInfo.Contains("ovmf");
isVirtualSystem |= biosInfo.Contains("edk ii unknown");
isVirtualSystem |= manufacturer.Contains("microsoft corporation") && !model.Contains("surface");
isVirtualSystem |= manufacturer.Contains("parallels software");
isVirtualSystem |= manufacturer.Contains("qemu");
isVirtualSystem |= manufacturer.Contains("vmware");
isVirtualSystem |= model.Contains("virtualbox");
isVirtualSystem |= model.Contains("Q35 +");
return isVirtualSystem;
}
private bool HasLocalVirtualMachineDeviceCache()
{
var deviceName = Environment.GetEnvironmentVariable("COMPUTERNAME");
var hasDeviceCache = false;
var hasDeviceCacheKeys = registry.TryGetSubKeys(RegistryValue.UserHive.DeviceCache_Key, out var deviceCacheKeys);
if (deviceName != default && hasDeviceCacheKeys)
{
foreach (var cacheId in deviceCacheKeys)
{
var cacheIdKey = $@"{RegistryValue.UserHive.DeviceCache_Key}\{cacheId}";
var didReadKeys = true;
didReadKeys &= registry.TryRead(cacheIdKey, "DeviceName", out var cacheDeviceName);
if (didReadKeys && deviceName.ToLower() == ((string) cacheDeviceName).ToLower())
{
didReadKeys &= registry.TryRead(cacheIdKey, "DeviceMake", out var cacheDeviceManufacturer);
didReadKeys &= registry.TryRead(cacheIdKey, "DeviceModel", out var cacheDeviceModel);
if (didReadKeys)
{
hasDeviceCache |= IsVirtualSystem("", (string) cacheDeviceManufacturer, (string) cacheDeviceModel);
}
}
}
}
return hasDeviceCache;
}
}
}