YoVDO

The Great Escape of ESXi

Offered By: media.ccc.de via YouTube

Tags

Conference Talks Courses Cybersecurity Courses System Administration Courses Security Vulnerabilities Courses VMware ESXi Courses Arbitrary Code Execution Courses

Course Description

Overview

Explore the intricacies of breaking out of a sandboxed virtual machine in this 40-minute conference talk from the 36th Chaos Communication Congress. Delve into the world of VMware ESXi, a bare-metal hypervisor crucial for enterprise-level cloud infrastructure. Discover the challenges of escaping virtual machines in ESXi due to its robust sandbox mechanism, customized filesystem, and kernel. Learn about the fundamentals of the ESXi hypervisor, including its unique bootloader, kernel, filesystem, and virtual devices. Examine attack surfaces in current implementations and uncover security vulnerabilities related to virtual machine escape. Analyze the bugs leveraged in the escape chain, specifically CVE-2018-6981 and CVE-2018-6982, and explore reliable techniques for heap manipulation and arbitrary code execution in the host context. Gain insights into ESXi's sandbox design and the methods used to circumvent it. Witness a full chain escape demonstration on ESXi 6.7, showcasing the first public VMware ESXi escape.

Syllabus

Introduction
Presentation
Overview
Vulnerability
Combining Vulnerability
VMware Tools
Questions


Taught by

media.ccc.de

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube