/ PowerShell

Transfer Files To and From Sandboxed Guest on Hyper-V

One of the things I missed after switching from VMware to Hyper-V is the ability to copy-paste files from host to guest via the interface.

The workaround for Hyper-V (at this time) is to use either RDP or SMB to transfer files. This is just fine for most configurations but for me this would not work.

I was setting a VM as a sandbox for malware analysis and therefore I would not be able to leverage network based protocols to transfer files.

The only other safe option was to use the Hyper-V SCSI controller on the VM and attach/detach a VHDX (a simple NTFS volume) as needed. This can be done while the VM is running so it makes for an acceptable workaround in my case.

I would mount the VHDX on the host, put whatever malware samples on there, dismount and attach the disk file as a hard drive on the VM's SCSI controller.

I wrote the following PowerShell script to automate this process, since I'd be doing it a lot.

damdaa.ps1:

param (
    [string] $action, # 'DAM' - Detach and Mount | 'DAA' - Dismount and Attach
    [string] $vhd, # Full path to the file transfer VHDX
    [string] $vmname # name of the VM to work with
)

switch ($action) {
    'DAM' {
        Get-VMHardDiskDrive -ControllerType SCSI -vmname $vmname|%{Remove-VMHardDiskDrive -VMName $_.VMName -ControllerType $_.ControllerType -ControllerNumber $_.ControllerNumber -ControllerLocation $_.ControllerLocation}
        Mount-VHD $vhd
    }
    'DAA' {
        Dismount-VHD $vhd
        Add-VMHardDiskDrive -vmname $vmname -path $vhd -ControllerType SCSI
    }
}

It's ugly but it's works.

When you want to copy files from the host to the VM, you will Detach and Mount (action: DAM) the VHDX to the host:

PS C:\Scripts> .\damdaa.ps1 -action DAM -vhd C:\VHD\FileTransfer.vhdx -vmname SKN-SANDBOX2

You should now see your VHDX mounted on the host. Copy whatever you need to this HDD and proceed with a Dismount and Attach (action: DAA):

PS C:\Scripts> .\damdaa.ps1 -action DAA -vhd C:\VHD\FileTransfer.vhdx -vmname SKN-SANDBOX2

The VHDX will dismount from the host and attach itself to the VM's SCSI controller. You should now see another hard disk popup in the sandbox VM containing your files.