Merge pull request #6 from diegoara96/master

Virtualized MAC and PCI vendor detection
This commit is contained in:
Damian Büchel 2020-05-07 16:28:50 +02:00 committed by GitHub
commit bf7fdf3f5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 84 additions and 1 deletions

View file

@ -42,5 +42,15 @@ namespace SafeExamBrowser.SystemComponents.Contracts
/// Provides detailed version information about the currently running operating system.
/// </summary>
string OperatingSystemInfo { get; }
/// <summary>
/// The MAC address of the network adapter
/// </summary>
string MacAddress { get; }
/// <summary>
/// Provides the DeviceID information of the user's Plug and Play devices
/// </summary>
string[] PlugAndPlayDeviceIds { get; }
}
}

View file

@ -7,6 +7,7 @@
*/
using System;
using System.Collections.Generic;
using System.Linq;
using System.Management;
using System.Windows.Forms;
@ -23,6 +24,8 @@ namespace SafeExamBrowser.SystemComponents
public string Model { get; private set; }
public string Name { get; private set; }
public OperatingSystem OperatingSystem { get; private set; }
public string MacAddress { get; private set; }
public string[] PlugAndPlayDeviceIds { get; private set; }
public string OperatingSystemInfo
{
@ -34,6 +37,8 @@ namespace SafeExamBrowser.SystemComponents
InitializeBattery();
InitializeMachineInfo();
InitializeOperatingSystem();
InitializeMacAddress();
InitializePnPDevices();
}
private void InitializeBattery()
@ -128,5 +133,56 @@ namespace SafeExamBrowser.SystemComponents
{
return Environment.Is64BitOperatingSystem ? "x64" : "x86";
}
private void InitializeMacAddress()
{
using (var searcher = new ManagementObjectSearcher("Select MACAddress from Win32_NetworkAdapterConfiguration WHERE DNSDomain IS NOT NULL"))
using (var results = searcher.Get())
{
if (results != null && results.Count > 0)
{
using (var networkAdapter = results.Cast<ManagementObject>().First())
{
foreach (var property in networkAdapter.Properties)
{
if (property.Name.Equals("MACAddress"))
{
MacAddress = Convert.ToString(property.Value).Replace(":", "").ToUpper();
}
}
}
}
else
{
MacAddress = "000000000000";
}
}
}
private void InitializePnPDevices()
{
var deviceList = new List<string>();
using (var searcher = new ManagementObjectSearcher("root\\CIMV2", "SELECT DeviceID FROM Win32_PnPEntity"))
using (var results = searcher.Get())
{
foreach (ManagementObject queryObj in results)
{
using (queryObj)
{
foreach (var property in queryObj.Properties)
{
if (property.Name.Equals("DeviceID"))
{
deviceList.Add(Convert.ToString(property.Value).ToLower());
}
}
}
}
PlugAndPlayDeviceIds = deviceList.ToArray();
}
}
}
}

View file

@ -8,11 +8,15 @@
using SafeExamBrowser.Logging.Contracts;
using SafeExamBrowser.SystemComponents.Contracts;
using System.Globalization;
using System.Linq;
namespace SafeExamBrowser.SystemComponents
{
public class VirtualMachineDetector : IVirtualMachineDetector
{
private static readonly string[] PCI_VENDOR_BLACKLIST = { "vbox", "80ee", "qemu", "1af4", "1b36" }; //Virtualbox: VBOX, 80EE RedHat: QUEMU, 1AF4, 1B36
private ILogger logger;
private ISystemInfo systemInfo;
@ -27,6 +31,8 @@ namespace SafeExamBrowser.SystemComponents
var isVirtualMachine = false;
var manufacturer = systemInfo.Manufacturer.ToLower();
var model = systemInfo.Model.ToLower();
var macAddress = systemInfo.MacAddress;
var plugAndPlayDeviceIds = systemInfo.PlugAndPlayDeviceIds;
isVirtualMachine |= manufacturer.Contains("microsoft corporation") && !model.Contains("surface");
isVirtualMachine |= manufacturer.Contains("vmware");
@ -34,6 +40,17 @@ namespace SafeExamBrowser.SystemComponents
isVirtualMachine |= model.Contains("virtualbox");
isVirtualMachine |= manufacturer.Contains("qemu");
if (macAddress != null && macAddress.Count() > 2)
{
isVirtualMachine |= ((byte.Parse(macAddress[1].ToString(), NumberStyles.HexNumber) & 2) == 2 || macAddress.StartsWith("080027"));
}
foreach (var device in plugAndPlayDeviceIds)
{
isVirtualMachine |= PCI_VENDOR_BLACKLIST.Any(device.ToLower().Contains);
}
logger.Debug($"Computer '{systemInfo.Name}' appears to {(isVirtualMachine ? "" : "not ")}be a virtual machine.");
return isVirtualMachine;