zoukankan      html  css  js  c++  java
  • 通过取得MAC地址判断是否在VM中

    自己随手写的,自测试通过:

    bool AntiVMware::AD_VM_CheckMacAddr()
    {
    	const long MAX_COMMAND_SIZE = 10000;  
    	TCHAR szFetCmd[] = _T("ipconfig /all");// 获取MAC的命令行
    
    	SECURITY_ATTRIBUTES sa = {sizeof(SECURITY_ATTRIBUTES), NULL, TRUE};
    
    	HANDLE hReadPipe, hWritePipe; //创建管道
    	BOOL bRet = CreatePipe(&hReadPipe, &hWritePipe, &sa, 0);
    	if (!bRet)
    	{
    		return false;
    	}
    
    	//返回进程信息
    	PROCESS_INFORMATION pi;     // 返回进程信息
    
    	//控制命令行窗口信息
    	STARTUPINFO si = {sizeof(STARTUPINFO)};
    	GetStartupInfo(&si);
    	
    	si.hStdError = hWritePipe;
    	si.hStdOutput = hWritePipe;
    	si.wShowWindow = SW_HIDE;   //隐藏命令行窗口
    	si.dwFlags = STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES;
    	//创建获取命令行进程
    	bRet = CreateProcess(NULL, szFetCmd, NULL, NULL, TRUE, 0, NULL, NULL, &si, &pi);
    	char szBuffer[MAX_COMMAND_SIZE+1] = {0};
    	CString strBuffer;
    	if (bRet)
    	{
    		WaitForSingleObject(pi.hProcess, 100);//这里不要设为INFINITE,不然有些机器会卡死!
    		unsigned long count;
    		bRet = ReadFile(hReadPipe, szBuffer, MAX_COMMAND_SIZE, &count, 0);
    		if (!bRet)
    		{
    			//关闭所有句柄
    			CloseHandle(hWritePipe);
    			CloseHandle(hReadPipe);
    			CloseHandle(pi.hProcess);
    			CloseHandle(pi.hThread);
    
    			return false;
    		}
    		else
    		{
    			//char szSearch1[] = "00-05-69";
    			//char szSearch2[] = "00-0C-29";
    			//char szSearch3[] = "00-50-56";
    			//如果unicode环境内先转换成unicode
                CString strBuffer;
    #ifdef UNICODE
    			int len = MultiByteToWideChar(CP_ACP, 0, szBuffer,-1, NULL, 0);
    			wchar_t *pBuf = new wchar_t[len+1];
    			::ZeroMemory(pBuf, len+1);
    			MultiByteToWideChar(CP_ACP, 0, szBuffer, -1, pBuf, len);
    			strBuffer = pBuf;
    			delete[] pBuf;
    			pBuf = NULL;
    #else
    			strBuffer = szBuffer;
    #endif
    			// 一行行取出来,取得第一行包括"物理地址"或"Physical Address"的内容
    			// 因为如果有vmware,它的"物理地址"或"Physical Address"同样在字符串中
    			// 不过在主机后面
    
    			int nStar = 0;
    			int nEnd = 0;
    			bool bFind = false; //找到mac地址那一行
    			CString strChild;
    			nEnd = strBuffer.Find(_T("\r\n"), nStar);
    			while (nEnd != -1)
    			{
    				if (nEnd != nStar)
    				{
    					strChild = strBuffer.Mid(nStar, nEnd-nStar);
    					if (-1 != strChild.Find(_T("物理地址"))||
    						-1 != strChild.Find(_T("Physical Address")))
    					{
    						bFind = true;
    						break;
    					}
    				}
    
    				nStar = nEnd + 2;
    				nEnd = strBuffer.Find(_T("\r\n"), nStar);
    			}
    
    			if (nStar != strBuffer.GetLength() &&
    				!bFind)//在未找到时,取最后的一行
    			{
    				strChild = strBuffer.Right(strBuffer.GetLength() - nStar);
    			}
    
    			//这里判断strChild是否为VMWare的Mac地址
    			if (!strChild.IsEmpty())
    			{
    				if (-1 != strChild.Find(_T("00-05-69"))||
    					-1 != strChild.Find(_T("00-0C-29"))||
    					-1 != strChild.Find(_T("00-50-56"))
    					)
    				{
    					//关闭所有句柄
    					CloseHandle(hWritePipe);
    					CloseHandle(hReadPipe);
    					CloseHandle(pi.hProcess);
    					CloseHandle(pi.hThread);
    
    					return true;
    				}
    			}
    		}
    	}
    
    
    	//关闭所有句柄
    	CloseHandle(hWritePipe);
    	CloseHandle(hReadPipe);
    	CloseHandle(pi.hProcess);
    	CloseHandle(pi.hThread);
    
    	return false;
    }


     

    bool AntiVMware::AD_VM_OtherCheckMacAddr()
    {
    	PIP_ADAPTER_INFO pAdapterInfo = NULL;
    	TCHAR szMac[32] = {0};
    
    	DWORD AdapterInfoSize = 0;
    	DWORD dwErr = GetAdaptersInfo(NULL, &AdapterInfoSize);
    
    	if (0 != dwErr &&
    		ERROR_BUFFER_OVERFLOW != dwErr)
    	{
    		return false;
    	}
    
    	// 分配网卡信息内存
    	pAdapterInfo = (PIP_ADAPTER_INFO)GlobalAlloc(GPTR, AdapterInfoSize);
    	if (NULL == pAdapterInfo)
    	{
    		return false;
    	}
    
    	if (ERROR_SUCCESS != GetAdaptersInfo(pAdapterInfo, &AdapterInfoSize))
    	{
    		GlobalFree(pAdapterInfo);
    
    		return false;
    	}
    
    	if ((0 == pAdapterInfo->Address[0])&&
    		(0x05 == pAdapterInfo->Address[1])&&
    		(0x69 == pAdapterInfo->Address[2]))
    	{
    		GlobalFree(pAdapterInfo);
    
    		return true;
    	}
    
    	if ((0 == pAdapterInfo->Address[0])&&
    		(0x0C == pAdapterInfo->Address[1])&&
    		(0x29 == pAdapterInfo->Address[2]))
    	{
    		GlobalFree(pAdapterInfo);
    
    		return true;
    	}
    
    	if ((0 == pAdapterInfo->Address[0])&&
    		(0x50 == pAdapterInfo->Address[1])&&
    		(0x56 == pAdapterInfo->Address[2]))
    	{
    		GlobalFree(pAdapterInfo);
    
    		return true;
    	}
    
        GlobalFree(pAdapterInfo);
    	return false;
    }


  • 相关阅读:
    bootstrap:按钮,下拉菜单
    js:indexOf()方法
    js:object.offsetHeight属性
    css y轴溢出滚动条,x轴溢出显示
    datatables使用方式
    ajax同步与异步的坑
    IntelliJ IDEA 快捷键说明大全(中英对照、带图示详解) (转载)
    无法解析此远程名称: 'www.***.com' 解决办法 请求因 HTTP 状态 417 失败 (转载)
    Windows下安装MongoDB3.6.5 (转载)
    解决内部存储空间紧张,不加载桌面壁纸,桌面壁纸显示
  • 原文地址:https://www.cnblogs.com/hgy413/p/3693448.html
Copyright © 2011-2022 走看看