参考链接
https://blog.csdn.net/Natsuago/article/details/143457235
# run_fake_demo.py
import os
import sys
import subprocess
import time
import ctypes
def is_admin():
try:
return ctypes.windll.shell32.IsUserAnAdmin()
except:
return False
def run_as_admin():
ctypes.windll.shell32.ShellExecuteW(
None, "runas", sys.executable, " ".join(sys.argv), None, 1
)
def setup_fake_network():
fake_mac_no_colon = "AABBCCDDEEFF" # 伪造的 MAC(无冒号)
reg_base = r"HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}"
# 查找 KM-TEST Loopback Adapter 的注册表项
for i in range(0, 20):
key = f"{reg_base}\\{i:04d}"
try:
# 查询 DriverDesc
result = subprocess.run(
f'reg query "{key}" /v DriverDesc',
shell=True, capture_output=True, text=True, timeout=5
)
if result.returncode == 0 and "KM-TEST Loopback" in result.stdout:
print(f"[+] 找到虚拟网卡: {key}")
# 设置 NetworkAddress(MAC)
subprocess.run(
f'reg add "{key}" /v NetworkAddress /t REG_SZ /d {fake_mac_no_colon} /f',
shell=True, capture_output=True
)
# 重启网卡
subprocess.run('netsh interface set interface name="Loopback" admin=disabled', shell=True)
time.sleep(1)
subprocess.run('netsh interface set interface name="Loopback" admin=enabled', shell=True)
return True
except Exception as e:
continue
return False
def disable_real_adapters():
try:
subprocess.run(
'powershell -Command "Get-NetAdapter | Where-Object {$_.InterfaceDescription -notlike \'*Loopback*\'} | Disable-NetAdapter -Confirm:$false"',
shell=True, timeout=10
)
print("[+] 已禁用所有真实网卡")
except Exception as e:
print("[-] 禁用真实网卡失败(可忽略):", e)
def enable_all_adapters():
try:
subprocess.run(
'powershell -Command "Get-NetAdapter | Enable-NetAdapter"',
shell=True, timeout=10
)
print("[+] 已恢复所有网卡")
except:
pass
def main():
if len(sys.argv) != 2:
print("用法: python run_fake_demo.py <你的demo.exe>")
print("示例: python run_fake_demo.py demo.exe")
sys.exit(1)
demo_exe = sys.argv[1]
if not os.path.exists(demo_exe):
print(f"错误: 找不到文件 '{demo_exe}'")
sys.exit(1)
# 自动提权
if not is_admin():
print("[!] 需要管理员权限,正在重新启动...")
run_as_admin()
sys.exit(0)
print("=== 正在设置伪造的硬件环境 ===")
# 确保已安装虚拟网卡
found = setup_fake_network()
if not found:
print("[!] 未找到 'Microsoft KM-TEST Loopback Adapter'")
print("请先手动安装(只需一次):")
print(" 1. 按 Win+R,输入 `hdwwiz` 回车")
print(" 2. 选择「安装硬件时手动选择」")
print(" 3. 选择「网络适配器」")
print(" 4. 厂商选「Microsoft」,型号选「Microsoft KM-TEST Loopback Adapter」")
print(" 5. 安装完成后,重新运行本脚本")
input("\n安装完成后按回车继续...")
found = setup_fake_network()
if not found:
print("[-] 仍然未找到虚拟网卡,退出")
sys.exit(1)
disable_real_adapters()
try:
print(f"\n[+] 启动你的程序: {demo_exe}")
subprocess.run([demo_exe])
finally:
print("\n=== 正在恢复网络设置 ===")
enable_all_adapters()
input("按回车退出...")
if __name__ == "__main__":
main()