The Great Escape of ESXi
Offered By: media.ccc.de via YouTube
Course Description
Overview
Explore the intricacies of breaking out of a sandboxed virtual machine in this 40-minute conference talk from the 36th Chaos Communication Congress. Delve into the world of VMware ESXi, a bare-metal hypervisor crucial for enterprise-level cloud infrastructure. Discover the challenges of escaping virtual machines in ESXi due to its robust sandbox mechanism, customized filesystem, and kernel. Learn about the fundamentals of the ESXi hypervisor, including its unique bootloader, kernel, filesystem, and virtual devices. Examine attack surfaces in current implementations and uncover security vulnerabilities related to virtual machine escape. Analyze the bugs leveraged in the escape chain, specifically CVE-2018-6981 and CVE-2018-6982, and explore reliable techniques for heap manipulation and arbitrary code execution in the host context. Gain insights into ESXi's sandbox design and the methods used to circumvent it. Witness a full chain escape demonstration on ESXi 6.7, showcasing the first public VMware ESXi escape.
Syllabus
Introduction
Presentation
Overview
Vulnerability
Combining Vulnerability
VMware Tools
Questions
Taught by
media.ccc.de
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube