Timekiller: Escape From QEMU/KVM - Exploiting Asynchronous Clock Vulnerabilities
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore a groundbreaking technique for guest-to-host escape exploitation in QEMU/KVM hypervisors through this 53-minute conference talk from Hack In The Box Security Conference. Discover the "Timekiller" attack approach, which leverages asynchronous clock mechanisms to turn a heap overflow write vulnerability into a powerful exploit. Learn how to transform a malloc-use-free primitive into a malloc primitive and achieve arbitrary address write capabilities. Witness the first public virtual machine escape exploit in the virtio-crypto device, demonstrating how Timekiller can be combined with virtio-crypto device structures to exploit most heap overflow write vulnerabilities in QEMU. Gain insights from a team of skilled researchers who have made significant contributions to system security and virtualization security, including reporting vulnerabilities in KVM, QEMU, and VirtualBox.
Syllabus
#HITB2023HKT D1T2 - Timekiller: Escape From QEMU/KVM - Y. Jia, X. Lei, Yiming Tao, G. Pan & C. Wu
Taught by
Hack In The Box Security Conference
Related Courses
CNIT 127: Exploit DevelopmentCNIT - City College of San Francisco via Independent Reverse Engineering and Exploit Development
Udemy Penetration Testing: Advanced Kali Linux
LinkedIn Learning Linux x86 Assembly and Shellcoding
Udemy Python : Sıfırdan İleri Seviyeye - Etik Hacker Örnekleriyle
Udemy