pre-1.1 update

Author: kernelwernel

CMakeLists.txt

@@ -69,7 +69,7 @@ endif()
 
 
 # add executable
-set(CMAKE_RUNTIME_OUTPUT_DIRECTORY "${CMAKE_SOURCE_DIR}/bin")
+set(CMAKE_RUNTIME_OUTPUT_DIRECTORY "${BUILD_DIR}")
 add_executable(${TARGET} "src/cli.cpp")
 set_property(TARGET ${TARGET} PROPERTY CXX_STANDARD 20)
 set_property(TARGET ${TARGET} PROPERTY CXX_STANDARD_REQUIRED ON)
@@ -79,7 +79,7 @@ set_property(TARGET ${TARGET} PROPERTY CXX_STANDARD_REQUIRED ON)
 include(CTest)
 #find_package(Python REQUIRED)
 enable_testing()
-add_test(executable, "${CMAKE_SOURCE_DIR}/bin/${TARGET}")
+add_test(executable, "${BUILD_DIR}/${TARGET}")
 #if(NOT MSVC)
 #add_test(
 #    checks 
@@ -91,7 +91,7 @@ add_test(executable, "${CMAKE_SOURCE_DIR}/bin/${TARGET}")
 # release stuff
 if (NOT MSVC)
     if(CMAKE_BUILD_TYPE MATCHES "Release")
-        install(TARGETS ${TARGET} DESTINATION bin)
+        install(TARGETS ${TARGET} DESTINATION ${CMAKE_SOURCE_DIR})
         install(FILES "src/vmaware.hpp" DESTINATION /usr/include)
     endif()
 elseif(MSVC)

README.md

@@ -21,7 +21,6 @@ The library is:
 - Able to guess the VM brand
 - Able to add your own custom VM detection techniques
 - Memoized, meaning past results are cached and retrieved if ran again for performance benefits 
-- MIT and GPL-3.0 compliant code support
 
 - - -
 
@@ -52,17 +51,17 @@ int main() {
 
 <br>
 
-## Structure
+## Structure ⚙️
 
 <p align="center">
-<img src="assets/vmaware.drawio.svg" align="center" width="500" title="VMAware">
+<img src="assets/vmaware.drawio.svg" align="center" title="VMAware">
 <br>
 </p>
 
 <br>
 
 ## CLI tool 🔧
-This project also provides a tiny, but handy CLI tool utilising the full potential of what the library can do. Also, running the CLI as root would give better results.
+This project also provides a tiny, but handy CLI tool utilising the full potential of what the library can do. Also, running the CLI as root/admin would give better results.
 
 <img src="assets/demo.png" width="500" title="cli">
 

docs/documentation.md

@@ -178,27 +178,44 @@ int main() {
 <br>
 
 ## `VM::add_custom()`
-This function allows you to add your own custom VM detection techniques to the system. The first parameter is the percentage score (0 to 100) of how likely it's a VM if your custom code returns `true`
+This function allows you to add your own custom VM detection techniques to the scoring system. The first parameter is the percentage score (0 to 100) of how likely it's a VM if your custom code returns `true`, and the second parameter should either be a lambda, a function pointer, or a `std::function<bool()>`
+
 ```cpp
-    // Example 1 with std::function
-    std::function<bool()> new_technique = []() -> bool {
-        // add your VM detection code here
-        return true;
-    };
+// Example 1 with function pointers
+
+bool new_technique() {
+    // add your VM detection code here
+    return true; 
+}
 
-    VM::add_custom(1, new_technique);
+VM::add_custom(50, new_technique);
 ```
 
 ```cpp
-    // Example 2 with lambdas
-    VM::add_custom(69, []() -> bool { return true; });
+// Example 2 with lambdas
 
-    auto new_technique = []() -> bool { 
-        // add your VM detection code here
-        return true;
-    }
+VM::add_custom(50, []() -> bool { 
+    // add your VM detection code here
+    return true; 
+});
+
+auto new_technique = []() -> bool { 
+    // add your VM detection code here
+    return true;
+}
+
+VM::add_custom(50, new_technique);
+```
+
+```cpp
+// Example 3 with std::function
+
+std::function<bool()> new_technique = []() -> bool {
+    // add your VM detection code here
+    return true;
+};
 
-    VM::add_custom(69, new_technique);
+VM::add_custom(50, new_technique);
 ```
 
 <br>

papers/emul-detect.pdf

@@ -13,7 +13,7 @@
 #endif
 
 constexpr const char* ver = "1.1";
-constexpr const char* date = "January 2024";
+constexpr const char* date = "March 2024";
 constexpr const char* bold = "\033[1m";
 constexpr const char* ansi_exit = "\x1B[0m";
 constexpr const char* red = "\x1B[38;2;239;75;75m";
@@ -63,6 +63,7 @@ R"(Usage:
 Options:
  -h | --help        prints this help menu
  -v | --version     print version and other stuff
+ -d | --detect      returns the result as a boolean (1 = VM, 0 = baremetal)
  -s | --stdout      returns either 0 or 1 to STDOUT without any text output (0 = VM, 1 = baremetal)
  -b | --brand       returns the VM brand string (consult documentation for full output list)
  -p | --percent     returns the VM percentage between 0 and 100
@@ -230,7 +231,7 @@ int main(int argc, char* argv[]) {
             conclusion_color = green_orange;
             conclusion_message = likely;
         } else if (percent < 100) {
-            conclusion_color = green_orange;
+            conclusion_color = green;
             conclusion_message = very_likely;
         } else if (percent == 100) {
             conclusion_color = green;
@@ -251,7 +252,7 @@ int main(int argc, char* argv[]) {
         const char* arg = args.at(1);
 
         auto cmp = [](const char* a, const char* b) -> bool {
-            return (strcmp(a, b) == 0);
+            return (std::strcmp(a, b) == 0);
         };
 
         if (cmp(arg, "-s") || cmp(arg, "--stdout")) {
@@ -268,6 +269,9 @@ int main(int argc, char* argv[]) {
         } else if (cmp(arg, "-p") || cmp(arg, "--percent")) {
             std::cout << VM::percentage() << "\n";
             return 0;
+        } else if (cmp(arg, "-d") || cmp(arg, "--detect")) {
+            std::cout << VM::detect() << "\n";
+            return 0;
         } else {
             std::cerr << "Unknown argument provided, consult the help menu with --help\n";
             return 1;

src/cli.cpp

@@ -4,7 +4,7 @@
  * ██║   ██║██╔████╔██║███████║██║ █╗ ██║███████║██████╔╝█████╗
  * ╚██╗ ██╔╝██║╚██╔╝██║██╔══██║██║███╗██║██╔══██║██╔══██╗██╔══╝
  *  ╚████╔╝ ██║ ╚═╝ ██║██║  ██║╚███╔███╔╝██║  ██║██║  ██║███████╗
- *   ╚═══╝  ╚═╝     ╚═╝╚═╝  ╚═╝ ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝ 1.1 version
+ *   ╚═══╝  ╚═╝     ╚═╝╚═╝  ╚═╝ ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝ 1.1 (March 2024)
  *
  *  A C++ VM detection library
  *
@@ -2375,7 +2375,7 @@ struct VM {
             _T("C:\\windows\\System32\\VBoxControl.exe"),
             _T("C:\\windows\\System32\\vboxoglerrorspu.dll"),
             _T("C:\\windows\\System32\\vboxoglfeedbackspu.dll"),
-            } };
+        } };
 
         for (const auto file : files) {
             if (util::exists(file)) {
@@ -2634,7 +2634,6 @@ struct VM {
 
    /**
     * @brief Check VBox network provider string
-    * @todo fix WNetGetProviderName linker error
     */
     [[nodiscard]] static bool vbox_network_share() try {
         if (util::disabled(VBOX_NETWORK)) {
@@ -3147,9 +3146,9 @@ struct VM {
 
 
     /**
-        * @brief check VM through alternative RDTSC technique with VMEXIT
-        * @category x86
-        */
+     * @brief check VM through alternative RDTSC technique with VMEXIT
+     * @category x86
+     */
     [[nodiscard]] static bool rdtsc_vmexit() try {
         if (util::disabled(RDTSC_VMEXIT)) {
             return false;
@@ -4221,11 +4220,14 @@ struct VM {
                 }
             }
 
-            if (!custom_table.empty()) {
-                for (const auto& pair : custom_table) {
-                    if (pair.run()) {
-                        points += pair.points;
-                    }
+            if (custom_table.empty()) {
+                return points;
+            }
+
+            // for custom VM techniques
+            for (const auto& pair : custom_table) {
+                if (pair.run()) {
+                    points += pair.points;
                 }
             }