Merge pull request #606 from kernelwernel/dev

Finishing touches for 2.6.0 release

Author: NotRequiem

CONTRIBUTING.md

@@ -24,9 +24,10 @@ The general rules are:
 - Keep indentations at a minimum
 - Don't create huge one-liners, try to break down statements line by line
 - Write as few lines as possible for what you're trying to achieve
-- Document your code and intentions very clearly, but don't overdo them for very obvious code.
-- Avoid `std::function`, `std::shared_ptr`, `std::bind`, `std::list`, or very obscure C++ features.
+- Document your code and intentions very clearly, but don't overdo them for very obvious code
+- Avoid `std::function`, `std::shared_ptr`, `std::bind`, `std::list`, or very obscure C++ features
 - Indent size should be 4 spaces
+- Use "We" instead of the first person when commenting
 
 There are other formatting rules, which will be covered with a demonstration:
 

README.md

@@ -303,6 +303,7 @@ And if you found this project useful, a star would be appreciated :)
 - [luukjp](https://github.com/luukjp)
 - [Randark](https://github.com/Randark-JMT)
 - [Scrut1ny](https://github.com/Scrut1ny)
+- [Lorenzo Rizzotti (Dreaming-Codes)](https://github.com/Dreaming-Codes)
 
 <br>
 

src/cli.cpp

@@ -48,7 +48,7 @@
 #include "vmaware.hpp"
 
 constexpr const char* ver = "2.6.0";
-constexpr const char* date = "January 2025";
+constexpr const char* date = "January 2026";
 
 std::string bold = "\033[1m";
 std::string underline = "\033[4m";

src/vmaware.hpp

@@ -4,7 +4,7 @@
  * ██║   ██║██╔████╔██║███████║██║ █╗ ██║███████║██████╔╝█████╗
  * ╚██╗ ██╔╝██║╚██╔╝██║██╔══██║██║███╗██║██╔══██║██╔══██╗██╔══╝
  *  ╚████╔╝ ██║ ╚═╝ ██║██║  ██║╚███╔███╔╝██║  ██║██║  ██║███████╗
- *   ╚═══╝  ╚═╝     ╚═╝╚═╝  ╚═╝ ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝ Experimental post-2.5.0 (January 2026)
+ *   ╚═══╝  ╚═╝     ╚═╝╚═╝  ╚═╝ ╚══╝╚══╝ ╚═╝  ╚═╝╚═╝  ╚═╝╚══════╝ 2.6.0 (January 2026)
  *
  *  C++ VM detection library
  *
@@ -23,6 +23,7 @@
  *      - Teselka (https://github.com/Teselka)
  *      - Kyun-J (https://github.com/Kyun-J)
  *      - luukjp (https://github.com/luukjp)
+ *      - Lorenzo Rizzotti (https://github.com/Dreaming-Codes) 
  *  - Repository: https://github.com/kernelwernel/VMAware
  *  - Docs: https://github.com/kernelwernel/VMAware/docs/documentation.md
  *  - Full credits: https://github.com/kernelwernel/VMAware#credits-and-contributors-%EF%B8%8F
@@ -6166,9 +6167,9 @@ struct VM {
     /**
      * @brief Check for default Azure hostname format (Azure uses Hyper-V as their base VM brand)
      * @category Windows, Linux
-     * @implements VM::HYPERV_HOSTNAME
+     * @implements VM::AZURE
      */
-    [[nodiscard]] static bool hyperv_hostname() {
+    [[nodiscard]] static bool azure() {
         std::string hostname;
 
     #if (WINDOWS)
@@ -10171,31 +10172,6 @@ struct VM {
                 else if (var_name_view == L"KEKDefault") (void)read_variable_to_buffer(std::wstring(var_name_view), current_var->VendorGuid, kek_default_buf, kek_default_len);
                 else if (var_name_view == L"KEK") (void)read_variable_to_buffer(std::wstring(var_name_view), current_var->VendorGuid, kek_buf, kek_len);
 
-                if (var_name_view == L"Boot0000") { // should be Windows Boot Manager
-                    BYTE* boot_buf = nullptr; SIZE_T boot_len = 0;
-                    if (read_variable_to_buffer(var_name_view, current_var->VendorGuid, boot_buf, boot_len)) {
-                        bool anomaly = (boot_len < 6);
-                        if (!anomaly) {
-                            unsigned short fpl_len = 0;
-                            memcpy(&fpl_len, boot_buf + 4, sizeof(fpl_len));
-                            // we could also check if loadOptionsLength is 136
-                            if (fpl_len != 116) anomaly = true;
-                        }
-
-                        if (boot_buf) {
-                            PVOID b_ptr = boot_buf; SIZE_T z_sz = 0;
-                            nt_free_memory(current_process_handle, &b_ptr, &z_sz, 0x8000);
-                        }
-
-                        if (anomaly) {
-                            debug("NVRAM: Environment was loaded using a virtual boot loader"); // "virtual" here -> non genuine
-                            detection_result = true;
-                            should_break_loop = true;
-                            break;
-                        }
-                    }
-                }
-
                 if (current_var->NextEntryOffset == 0) break;
                 const SIZE_T next_entry_off = static_cast<SIZE_T>(current_var->NextEntryOffset);
                 const size_t next_var_offset = current_offset + next_entry_off;
@@ -12718,7 +12694,7 @@ std::array<VM::core::technique, VM::enum_size + 1> VM::core::technique_table = [
             {VM::FIRMWARE, {100, VM::firmware}},
             {VM::PCI_DEVICES, {95, VM::pci_devices}},
             {VM::SIDT, {50, VM::sidt}},
-            {VM::AZURE, {30, VM::hyperv_hostname}},
+            {VM::AZURE, {30, VM::azure}},
         #endif
 
         #if (LINUX)