Powershell 3 in WinPE 4 on Hyper-V 3

While the title of this blog post might not be telling and attractive enough, I’ll try to answer very detailed questions below,

  • How to detect that WinPE is running inside a VM hosted on Hyper-V 3
# Detect if we run in a VM            
            
# Method 1: Check that there's a VMBus in the registry            
try {            
    Get-Item HKLM:\SYSTEM\CurrentControlSet\Enum\VMBUS -ErrorAction Stop            
} catch {            
    Write-Warning -Message "Hyper-V VMBus not detected"            
}            
            
# Method 2:  Get the product property from Win32_BaseBoard            
(Get-WmiObject -Class Win32_BaseBoard).Product -eq "Virtual Machine"            
            
# Method 3: Query the boolean property from Win32_ComputerSystem            
(Get-WmiObject -Class Win32_ComputerSystem).HyperVisorPresent            

is VM ?

  • How to detect that the VM hosted on Hyper-V 3 has a network adapter attached
# Detect if there's a network card attached            
            
Function Test-VMNetAdapterAttached {            
    Begin{            
        $HasNetAdapter = $false            
    }            
    Process {            
        if ((Get-WmiObject -Class Win32_ComputerSystem).HyperVisorPresent)            
        {            
            Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Enum\VMBUS | ForEach-Object -Process {            
                Get-ChildItem -Path $_.PSPath | ForEach-Object -Process {            
                    Get-Item -Path $_.PSPath | ForEach-Object -Process {            
                        switch ($_.GetValue("CompatibleIDs"))            
                        {            
                            'VMBUS\{F8615163-DF3E-46C5-913F-F2D2F965ED0E}' { $HasNetAdapter = $true }            
                            default {}            
                        }            
                    }            
                }            
            }            
            Return $HasNetAdapter            
        } else {            
            Write-Warning -Message "Not running in a VM"            
        }            
    }            
    End {}            
}            
            
Test-VMNetAdapterAttached            

VM has netadapter

Note that I chose to use the registry and find a specific pattern from the ‘CompatibleIDs’ value because when wpeinit hasn’t run you don’t have to much data in the registry as you can see
VM compatible ID

  • How to get the hardwareID of the network adapter of a VM hosted on Hyper-V 3, how to know what version of the driver was loaded
# Get the hardware ID of the Adapter, check if a driver has been loaded and get its version            
            
Get-ChildItem HKLM:\SYSTEM\CurrentControlSet\Enum\VMBUS | ForEach-Object -Process {            
            
    Get-ChildItem -Path $_.PSPath | ForEach-Object -Process {            
        Get-Item -Path $_.PSPath | ForEach-Object -Process {            
            if(($_.GetValue("CompatibleIDs"))  -match "F8615163-DF3E-46C5-913F-F2D2F965ED0E")            
            {            
                if ($_.GetValue('Driver'))            
                {            
                    $DriverLoaded = $true            
                    # Read the version from the Class location in the registry            
                    $DriverVersion = (Get-Item ('HKLM:\SYSTEM\CurrentControlSet\Control\Class\' + ($_.GetValue('Driver')))).GetValue('DriverVersion')            
                } else {            
                    $DriverLoaded = $false            
                    $DriverVersion = $null            
                }            
                New-Object -TypeName PSObject -Property @{            
                    DriverLoaded = $DriverLoaded            
                    HardwareID = Split-Path -Leaf $_.PSParentPath            
                    DriverVersion = $DriverVersion            
                }            
            }            
        }            
    }            
}

VM driver loaded and version

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s