Expand description
Linux-specific VM detection techniques.
Functions§
- amd_
sev_ msr - bluestacks_
folders - ctype
- Check /proc/cpuinfo for VM hypervisor flag.
- cvendor
- Check /sys/class/dmi/id/* vendor fields.
- dmesg
- Check dmesg output for hypervisor messages.
- dmi_
scan - dmidecode
- Run dmidecode and check output for VM strings.
- dockerenv
- Check for Docker environment files.
- file_
access_ history - hwmon
- VMs typically have no hardware monitoring sensors.
- hypervisor_
dir - kmsg
- Scan /dev/kmsg or /var/log/kern.log for VM-related kernel messages.
- linux_
user_ host - Check /etc/hostname and username for sandbox-typical values.
- mac
- nsjail_
pid - podman_
file - processes
- Check running processes for known VM guest agent names.
- qemu_
fw_ cfg - Check for the QEMU fw_cfg device.
- qemu_
usb - qemu_
virtual_ dmi - smbios_
vm_ bit - Check the SMBIOS Chassis Type for VM values.
- sysinfo_
proc - systemd
- Check systemd virtualization detection result.
- temperature
- VMs usually have no thermal sensors.
- thread_
count - uml_cpu
- vbox_
module - vmware_
dmesg - vmware_
iomem - vmware_
ioports - vmware_
scsi - wsl_
proc