diff options
Diffstat (limited to 'LaTeX/InstructionSet')
-rw-r--r-- | LaTeX/InstructionSet/InstructionSet.tex | 233 |
1 files changed, 233 insertions, 0 deletions
diff --git a/LaTeX/InstructionSet/InstructionSet.tex b/LaTeX/InstructionSet/InstructionSet.tex new file mode 100644 index 0000000..f940360 --- /dev/null +++ b/LaTeX/InstructionSet/InstructionSet.tex @@ -0,0 +1,233 @@ +\documentclass{article} +\usepackage[style=mla,backend=biber]{biblatex} + +%for Copyleft Symbol +\usepackage{graphicx} + +%for URL embedding +\usepackage{hyperref} +\hypersetup{ + colorlinks=true, + urlcolor=blue, + pdfborderstyle={/S/U/W 1}, + citecolor=black +} + + +% +%Margin - 1 inch on all sides +% +\usepackage[letterpaper]{geometry} +\geometry{top=1.0in, bottom=1.0in, left=1.0in, right=1.0in} + +% +%Doublespacing +% +\usepackage{setspace} +\doublespacing + +% +%Babel package for multiple language typesetting +% +%\usepackage[T1]{fontenc} +%\usepackage[latin1]{inputenc} + +% +%Setting the font +% +\usepackage{times} + +% +%Rotating tables (e.g. sideways when too long) +% +\usepackage{rotating} + +% +%For multiple rows in tables +% +\usepackage{multirow} + +% +%Line numbering in verse environment +% +\usepackage{lineno} + +% +%Le Code Embed +% +\usepackage{listings} + + +% +%Fancy-header package to modify header/page numbering (insert last name) +% +\usepackage{fancyhdr} +\pagestyle{fancy} +\lhead{} +\chead{} +\rhead{Anonymous \thepage} +\lfoot{} +\cfoot{} +\rfoot{} +\renewcommand{\headrulewidth}{0pt} +\renewcommand{\footrulewidth}{0pt} +%To make sure we actually have header 0.5in away from top edge +%12pt is one-sixth of an inch. Subtract this from 0.5in to get headsep value +\setlength\headsep{0.333in} + +%Bibliography File +\addbibresource{Biblio.bib} + +\newcommand{\secheader}[1]{\textbf{#1}} + +\usepackage{pifont,mdframed} + +\newenvironment{warning} + {\par\begin{mdframed}[linewidth=2pt,linecolor=red]% + \begin{list}{}{\leftmargin=1cm + \labelwidth=\leftmargin}} + {\end{list}\end{mdframed}\par} + + +\begin{document} +\begin{flushleft} + +%%%%First page name, class, etc +msglm\\ +Professor Anonymous \\ +Technical Writing \\ +\today\\ + +%%%%Title +\begin{center} + Installation and Usage of Obscured Linux Kernel Virtual Machines (OLKVM) running Microsoft's Windows +\end{center} + +%%%%Changes paragraph indentation to 0.5in +\setlength{\parindent}{0.5in} + +%%%%Begin body of paper here +The follow is a set of instructions on how to create an obscured or harder to detect Linux Virtual Machine that run's Microsoft's Windows Operating System. + \newline +\secheader{Prerequisites} + \newline + The following skills, software, and objects are needed as to be able to created an OLKVM: + \begin{itemize} + \item An understanding that this instruction set implies NO WARRANTY or other such protections as applicable by the law and is liable for NOTHING that you as an individual do with this information. + \item A CPU and BIOS/UEFI that is capable of running Virtual Machines. + \item A Kernel-based Virtual Machine (KVM) compatible Operating System (Such as, but not limited to, Devuan GNU/Linux, Debian GNU/Linux, Gentoo, Arch Linux, Ubuntu). + \item A general understanding of computer jargon and a basic understanding of the GNU/Linux Operating system. + \item A general understanding of how to install Windows 7. + \item Root access OR the ability to run virtual machines granted to your user account. + \item An internet connection (only required if software is not prepared beforehand and a means of offline transfer is created). + \item An installed copy of \href{https://virt-manager.org/}{virt-manager}. + \begin{warning} + WARNING: It should be noted that your copy of Windows 7 MUST be a legal copy. Beware of pirated copies of Windows 7 (\href{https://the-eye.eu/public/MSDN/Windows\%207/}{example here}) as they are AGAINST THE LAW. Usage of illegal copies is at your own risk. + \end{warning} + \item A copy of Windows 7 (prefer Enterprise). + \end{itemize} + \secheader{Configuring The Virtual Machine} + \begin{enumerate} +\item Open up virt-manager and click 'Edit' and then 'Preferences'. From this menu, enable XML editing. After the XML editing icon has a blue check mark, click close once you're done. +\item Create a virtual machine by clicking the Monitor with a play button and a shiny star. +\item From here, click local install media then click forward. +\item This menu should ask for an ISO file, find the Windows 7 ISO you downloaded with the browse button and then select that. +\item Next, you'll be at a screen that asks for how much CPU and Memory should be used, leaving the software as default should be fine, however, if you wish, you may add more CPUs or RAM if you wish to speed up or allow the system to handle more memory. +\item After you'll be asked to make a disk image for the VM, make one around 65GB or greater. If you don't have that much space, then make one with 20 GB of space instead. Less space hurts your ability to not be detected so it is advisable to have a 65GB or greater VM. +\item Name the virtual machine whatever you wish to name it (so long as that name does not have spaces) and click finish. +\item From here, go through a normal Windows 7 install until you make it to the start screen. + \end{enumerate} + \secheader{Obfuscating the Operating System} + \begin{enumerate} + \item Once here, open REGEDIT by clicking the Super key and R at the same time and typing in 'REGEDIT' (without the quotes). + \begin{warning} + NOTE: This registry is NOT a file path, but rather the path to the location of something in the registry. Click the folders in REGEDIT, do not use your file manager for this. + \end{warning} +\item Navigate to 'HKEY\_LOCAL\_MACHINE/System/ControlSet001' in the registry +\item Once this is achieved, right click the registry folder called "Enum" and click Permissions. +\item Click add and type your user name in the box provided. +\item Click ok, then click 'Advanced'. A menu should pop up, from this menu click owner. Click on your user and then click the checkbox that says "Replace owner on subcontainers and objects". From here, click Apply, then OK, then click OK on the original permissions menu where you added yourself. +\item You should now be able to edit the registry. Open the Enum folder and locate the 'IDE' folder. +\item Open every folder in IDE and click on (BUT NOT OPEN) the folder inside all the folders in IDE. Each folder should have something with a nonsensical name like '5\&2e0148db\&01.0.0' and have a list of editable registries on the right. + \begin{warning} + NOTE: While yes you CAN name this whatever you want and yes it would work in most cases, it is not always the best to truly name something whatever you want. The name of other types of hardware is usually a good alternative. + \end{warning} +\item Find the registry named "FriendlyName" and name it whatever you want, but make sure it doesn't have QEMU in it once you edit. +\item Repeat the steps 7 and 8 for other folders in the IDE folder +\item For further reassurance, you may right click on the 'Enum' folder, click find, and type in QEMU and then change every element of FriendlyName that pops up with the word "QEMU", "Virtual Machine", or "Hypervisor" inside of it. +\item Once you are satisfied, shutdown Windows 7 and click the button next to the highlighted screen icon of the upper right of your virtual machine's window. + \end{enumerate} + \secheader{Obfuscating the Hardware} +\begin{enumerate} +\item Once here, you may see entries like "CPUs", "Memory", and "Mouse". If you see this, you figured your way to where you need to be. +\item Select "CPUs" and then click XML (that XML button should be next to the word "Details"). +\item This should bring up an already filled text prompt of code. From here, you will be inserting and deleting lines in this text prompt. +\item Find all text from $\langle$os$\rangle$ to $\langle$/os$\rangle$ (including $\langle$os$\rangle$ and $\langle$/os$\rangle$), delete it, and paste in the following: +\begin{lstlisting} +<sysinfo type="smbios"> + <bios> + <entry name="vendor">Fake BIOS Vendor</entry> + <entry name="version">Fake BIOS Version</entry> + </bios> + <system> + <entry name="manufacturer">Fake Manufacturer</entry> + <entry name="product">Fake Product</entry> + </system> + </sysinfo> + <os> + <type arch="x86_64" machine="pc-q35-6.1">hvm</type> + <boot dev="hd"/> + <smbios mode="sysinfo"/> + </os> +\end{lstlisting} + +\item Find all text from $\langle$features$\rangle$ to $\langle$/features$\rangle$ (inclusive), delete it, and replace it with the following: +\begin{lstlisting} + <features> + <acpi/> + <apic/> + <hyperv> + <relaxed state="on"/> + <vapic state="on"/> + <spinlocks state="on" retries="8191"/> + <vendor_id state="on" value="132271374ch"/> + </hyperv> + <kvm> + <hidden state="on"/> + </kvm> + <ioapic driver="kvm"/> + </features> +\end{lstlisting} + +\item Find all text from $\langle$cpu$\rangle$ to $\langle$/cpu$\rangle$ (or if this doesn't exist, delete $\langle$cpu '...' /$\rangle$ (the ... is not literal, it means anything in-between) and replace it with the following: +\begin{lstlisting} + <cpu mode="host-passthrough" check="none" migratable="on"> + <feature policy="disable" name="hypervisor"/> + </cpu> +\end{lstlisting} + +\item Once completed, click apply and then click the monitor icon in the top left that should be next to the highlighted icon indicating you are in the editing mode. This should bring you to a screen that says something along the lines of "Guest is not running". +\item Click the start button at the top to power on your computer and try out the browser, you should be able to use it without problem. If problems still exist, download this file, unzip it, and run the batch script in it as admin, restart, then try. If problems still persist, then do your own research or contact me about the issue to see if its universal. +\end{enumerate} +\secheader{Final Check} +\begin{enumerate} + \item Download and compile \href{https://github.com/a0rtega/pafish}{pafish}. + \item Run the software via terminal + \item If the output is mostly 'OK' (only one or two 'traced!'), then the Obfuscating was successful +\end{enumerate} + + +%%%%Works cited +\printbibliography + +\end{flushleft} + +\scriptsize{ + \begin{center} + \vspace*{\fill} + Copyright \copyright \the\year{} msglm - + This work is licensed under the \href{https://creativecommons.org/licenses/by-sa/4.0/}{CC-BY-SA 4.0} with a willingness to sell exceptions. + \end{center} +} +\end{document} + |