Virtual machines play a crucial role in modern computing. They are often used to isolate multiple customers with instances on the same physical server. Virtual machines are also used by researchers and security practitioners to isolate potentially harmful code for analysis and review. An assumption is made that they are a way of securely containing and isolating potentially malicious code, however we now know this to be incorrect. Over the past year, the Zero Day Initiative (ZDI) program has begun to see submissions targeting VMware Workstation and Fusion that result in guest-to-host escapes. Additionally, at the Pwn2Own 2017 competition, two separate teams managed to exploit a guest operating system, escape the virtual environment, and execute code on the host operating system. This represents the first time such a VMware escape was demonstrated at the contest and earned the contestants the highest cash prizes of the competition. This talk will dive deep into modern exploitation techniques of VMware vulnerabilities. We start by examining the VMware guest-to-host communications, which occur through the Backdoor channel. Next, we take an in-depth look at the available attack surfaces on a virtual machine. These include components such as third-party software, remote procedure calls, and graphics drivers. Finally, we will dive into the exploitation of different types of vulnerabilities on VMware that result in guest-to-host escapes‚ including the two award-winning entries from Pwn2Own that resulted in $205,000 USD of payouts to the contestants.Back to Open CFP
We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to email@example.com. This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.
Some of the benefits of speaking at INFILTRATE are: