A Dive into Hyper-V Architecture and Vulnerabilities
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the architecture and vulnerabilities of Hyper-V virtualization technology in this 47-minute Black Hat conference talk. Delve into the complexities of virtualization stacks as a foundation for platform and cloud security. Examine the potential risks associated with guest-to-host exploits. Learn about Hyper-V components, guest partitions, least privilege principles, and the componentized attack surface. Investigate the Hypervisor's kernel and user modes, VM Bus, attack surfaces, VM Bus pipes, and IO entry points. Analyze VM Switch, VPCI, and VMBus communication. Gain insights into the intercepted IO process and reflect on the implications for virtualization security.
Syllabus
Introduction
HyperV Architecture
Physical Memory Terminology
HyperV Components
Guest Partitions
Least Privilege
Componentized Attack Surface
Hypervisor
Kernel Mode
User Mode
VM Bus
Attack Surface
VM Bus Pipes
IO Entry Points
Joe Slides
VM Switch
VPCI
VMBus
Communication
intercepted IO
Closing thoughts
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube