Desktop virtualization solutions like Oracle VirtualBox are extremely useful for software development, kernel debugging and security research. Theyare also often used to isolate potentially malicious or vulnerable code, and thus present interesting targets for exploitation. In VirtualBox, beside the obvious guest-to-host interfaces, there are multiple interesting privilege boundaries to explore, such as the guest additions kernel module and an anti-code injection mechanism for the host hypervisor processes. This talk summarizes the VirtualBox architecture and exposes several new design and memory corruption issues in different components, leading to privilege escalations on the guest, the host, as well as from guest to host. I will demonstrate and discuss the exploitation of a privilege escalation chain for macOS hosts, as well as a full VM breakout to SYSTEM on Windows 10.Back to Open CFP
We are pleased to announce the Call For Papers for INFILTRATE 2018 is now open. If you would like to present and have an offense-focused-fresh-content presentation, please submit an abstract, Bio and headshot to email@example.com. This information will be included on our Open CFP site, here, where the public can vote on which presentations they are most interested in seeing at INFILTRATE. Call for papers will close on December 14th, 2017. Shortly after this date, the winning speakers will be notified.
Some of the benefits of speaking at INFILTRATE are: