YoVDO

Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses Virtualization Courses Hyper-V Courses System Security Courses

Course Description

Overview

Examine a powerful vulnerability in Hyper-V's emulated storage component and learn how it was exploited on Windows Server 2012R2 in this 50-minute Black Hat conference talk. Explore the bug's discovery, constraints, and memory layout before witnessing a live demonstration. Delve into various exploitation techniques, including attempts on Windows 10 1709, RPC server calls, and memory copy gadgets. Analyze the raw payload and its demo, followed by insights into the VM Worker process. Conclude with valuable lessons on language safety, bug elimination, and virtualization sandboxing in this comprehensive exploration of Hyper-V security.

Syllabus

Intro
The story of the vulnerability
The bug
Constraints
Memory Layout
Demo
Windows 10 1709
Ideas
First Attempt
VideoDirtListener
Looping in Direct Caller
RPC Server Call2
MemCopy Gadget
Strategy
Raw payload
Raw payload demo
Second payload
VM Worker
Lessons Learned
Language Safety
Bug Elimination
Virtualization Sandbox
Outro


Taught by

Black Hat

Related Courses

Enterprise System Management and Security
University of Colorado System via Coursera Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam PHP: Complete Login and Registration System with PHP & MYSQL
Udemy Learn Ethical Hacking From Scratch 2024
Udemy Serie Windows Server Update Services (WSUS)
Udemy