Containers and VMs
Introduction
Nowadays, it is pretty common that applications are being executed inside virtualised environments like containers or Virtual Machines (VMs). In this section, you will learn some techniques to know which type of environment you are in.
Container
There are several ways to detect that you are inside a docker container.
Hostname
If the machine's hostname seems pretty random, it could be a sign that you are inside a docker container.
.dockerenv
The existence of the .dockerenv file in the / path.
Processes
Enumerating the process in a normal environment the first process will always be "init".
However, on a container, there is no init process instead the first process is executing the sh command as you can see below.
An alternative would be executing the following command.
Tools
Virtual Machines
Windows
For Windows systems the quickest way to detect if you are inside a virtual machine is through the windows model, obtaining "VMware Virtual Platform" or "VirtualBox".
Another alternative will be to list the installed programs on the Windows system, looking for Vbox or Vmware tools.
Linux
On Linux, you can check if you are inside a VM by printing the kernel ring buffer.
As on Windows, you can look for the binaries VBoxClient and vmware-toolbox-cmd.
Last updated