mirror of https://gitlab.com/octtspacc/OcttKB
45 lines
3.5 KiB
Plaintext
45 lines
3.5 KiB
Plaintext
created: 20230603231547125
|
|
creator: Octt
|
|
modified: 20230603234352061
|
|
modifier: Octt
|
|
tags:
|
|
title: SEB 3.5.0 on Linux (VM Bypass)
|
|
|
|
Having the need of running Safe Exam Browser while I've only got GNU+Linux on my laptop and desktop, I had to look for alternative solutions.
|
|
|
|
* There is no linux-native full SEB application, it's only for Windows and macOS.
|
|
* Running SEB on WinPE is unfeasible as it needs to install many runtime dependencies, it's too slow to do that while booted into the live system, and on my 4 GB laptop the ramdisk is not big enough.
|
|
* SEB by default detects and blocks virtual machines.
|
|
** This option can be changed in the local configuration file, but when starting an exam the configuration loaded from the server takes precedence over the local one.
|
|
** SEB 3.5.0 added an hard-to-break anti-tampering mechanism, where the LMS server verifies if the client is altered and won't let you take exams; patching the few needed modules won't work.
|
|
|
|
Turns out only way to work around the issue is to make a relatively stealth VM.
|
|
|
|
By analyzing the SEB for Windows source code, we can see some important files and methods:
|
|
|
|
* [[VirtualMachineDetector.cs:IsVirtualMachine()|https://github.com/SafeExamBrowser/seb-win-refactoring/blob/11b10e8e4524c1fe65b6c3db7d12e172facf322c/SafeExamBrowser.SystemComponents/VirtualMachineDetector.cs#L49]]: Clearly the main place where VM detection is happening
|
|
|
|
Also, by referring to various strings in the source code and [[issue #268|https://github.com/SafeExamBrowser/seb-win-refactoring/issues/268#issuecomment-994586854]], we can see that in VMs a bug occurs where 0 displays are detected. This must be accounted for after succeeding in concealing the VM from the program. A good start is in this class and method, which checks for displays and throws errors if necessary:
|
|
|
|
* [[DisplayMonitorOperation.cs:CheckDisplayConfiguration()|https://github.com/SafeExamBrowser/seb-win-refactoring/blob/11b10e8e4524c1fe65b6c3db7d12e172facf322c/SafeExamBrowser.Runtime/Operations/DisplayMonitorOperation.cs#L51]]
|
|
|
|
[TODO]
|
|
|
|
!! VM Setup
|
|
|
|
We choose VMWare Workstation 17 (latest version) as it lets a few important options be customized. First I created a VM with close-to-suggested settings (the primary ones don't matter here).
|
|
|
|
Then I modified the network card settings [TODO]
|
|
|
|
After this, I installed Windows 10 (a build from 2019 I have on a burned DVD always at hand). No VMWare tools have been installed.
|
|
|
|
!! Hardening Windows
|
|
|
|
In this case "hardening" is meant as enhancing the privacy of our Windows against third-party apps, which we need to evade VM detection; we don't mean it as making the system more secure or robust for an exam purpose, which is something neutral to us (we as examinees don't care about it, it does neither benefit nor harm us).
|
|
|
|
[TODO] (https://pastebin.com/XEn7BykP)
|
|
|
|
!! No abuse
|
|
|
|
Be careful of only using this information if you actually need to run SEB on Linux or have other issues. Do not abuse the guide to create a VM for doing the exam and then getting out of it mid-session to use the host system normally and cheat. The procedure is not intended for cheating and if we start using it to do that, examiners will push for the holes that allow VM detection to be patched. If we only use it for valid reasons of OS compatibility, likely no one will protest and we will not be forced to use an OS we don't like as host on our computers. If you have to cheat at the written exam then you will fail the oral exam anyways, so study and don't use this method for cheating.
|