如何隐藏虚拟机不被软件检测(软件是怎么检测出虚拟机的)

Look in the registry.
There will be characteristic values ​​of the virtual machine in the registry. The anti-virtualization mechanism of some programs is to search these characteristic fields in the registry to judge.
VMware can search for a lot of configurations added to vmx to prevent detection, but it is ineffective for some programs. This is because VMware’s graphics card driver names are fixed values ​​​​of VMware. After changing this, it can avoid the detection of many programs. (such as MapleStory).
Here is the method I use.
```
VMware:

Addthisattheendofthevmxfile:monitor_ct_backdoor="true"

GotoHKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control/Class/{ 4D36E968-E325-11CE-BFC1-08002BE10318}/0000->Deletethecontentof`DriverDesc`

VirtualBox:

Openregedit

ChangefolderVBOX__toNOBOX__

< p>GotoHKEY_LOCAL_MACHINE/HARDWARE/DESCRIPTION/System->ChangeSystemBiosVersiontoNOBOX-1

The method to prevent the app from recognizing that it is an emulator is as follows:

Decompile the app and transfer the source code Come out, find the code that detects the simulator, and make logical changes so that the information returned by the APP to the server is a real mobile phone, so that the detection can be bypassed. However, this requires professionals to operate, and ordinary people cannot operate it.

Most of the current APPs will detect the simulator to avoid cheating, because the simulator has different chip architecture from the mobile phone, including Bluetooth, temperature sensor, cloud phone, etc., as long as the APP code is obtained If any piece of information is different from the mobile phone, the APP will automatically exit or freeze.

Different APPs have different processing methods. Some crash, no network, abnormal environment, etc., and some directly prompt you to log in in the simulator. In short, the purpose is the same, that is, to prohibit you from simulating. However, no matter how awesome the APP is, it is written in code, so the only way at present is to decompile the APP.

Reasons for installing the emulator on your computer:

Installing the emulator is to simulate other hardware platform environments on the local hardware platform. As for why this is done, two typical reasons can be thought of.

The first is to run specific software without hardware. Take the GBA emulator for example. If you don't buy a GBA game console but want to play GBA games, you can run a GBA emulator on your PC and play.

Another situation is to facilitate software development and debugging. For example, in Android software development, mobile phones are obviously not suitable for software development environments, so an Android emulator is installed on a PC for development and debugging.

Theoretically, it cannot be detected, but it can only be said that it cannot be detected entirely based on memory. If it is based on statistical data, it may be detected. For example, by counting the position deviation of each click and the accuracy of the interval between each click, you can determine whether you are operated by a human or a computer. . That's about it. Because the emulator runs like a virtual machine, programs in the emulator cannot read the memory running in the computer system under normal permissions. If you want the simulator to run the game and the computer to crash, just add a random value that limits the upper and lower limits of the click position offset. The click interval is also a random value that limits the upper and lower limits. In theory, it is impossible to find it. I have never actually made a mobile game, but I have written about client games and tried running them on a virtual machine. The principle of server-side detection is that mobile games and client games are at most one level. In fact, because the client of client games has more free system resources, local detection should be It’s more comprehensive than the mobile game, and I have no problem throwing the virtual machine into the virtual machine and using the buttons across the virtual machine. Therefore, the mobile game should be even more problem-free. You can add up to two random amounts.

2. Install Xposedinstaller and Xprivacy in the simulator. 3. After installing Xposedinstaller and Xposedinstaller software
1. Open the Xposedinstaller software in the simulator. 2. After opening, click on the frame. 3. A warning dialog box pops up. Click OK. 4. After opening the interface, click Install/Update. 5. A super user request pops up and select Permanent Memory. Hold the selection, and then allow, as shown in the figure
6 After the writing is completed, click Cancel, do not restart, 7 After the setting is completed, click the return button under the simulator 8 Return to the Xposedinstaller interface, click the module, 9 After opening the Ultimate Privacy Manager interface, check the box on the right, as shown in the figure. 10 Then click the return button under the simulator. 11 After returning to the interface, click the frame. 12 After opening the frame interface, click the restart button. (If If there is no response, just close the simulator and open it again),
Step 3. Set up the Xprivacy software 1. Open the second software Xprivacy just installed in the simulator. 2. After entering the interface, click OK and find the simulator. Peace Elite installed in, 3 open the interface, find the phone list, click the button, 4 check all the items under the phone, 5 return, find the identification code list, click the button, 6 open and check all items of the identification code, 7 Go back, find the communication, click the button, 8 check all communication items, (except queryIntentActivities item), (except queryIntentActivities item), (except queryIntentActivities item), say important things three times, END
Step 4, clear simulation Device cache data 1 Right-click on the Peace Elite program and select Details
2 Clear cache data, 3 Restart the simulator, open Peace Elite, successfully avoid simulator detection, and now it is matched with the mobile phone,