Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine

Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine

Black Hat via YouTube Direct link

Looping in Direct Caller

11 of 23

11 of 23

Looping in Direct Caller

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Exploiting the Hyper-V IDE Emulator to Escape the Virtual Machine

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 The story of the vulnerability
  3. 3 The bug
  4. 4 Constraints
  5. 5 Memory Layout
  6. 6 Demo
  7. 7 Windows 10 1709
  8. 8 Ideas
  9. 9 First Attempt
  10. 10 VideoDirtListener
  11. 11 Looping in Direct Caller
  12. 12 RPC Server Call2
  13. 13 MemCopy Gadget
  14. 14 Strategy
  15. 15 Raw payload
  16. 16 Raw payload demo
  17. 17 Second payload
  18. 18 VM Worker
  19. 19 Lessons Learned
  20. 20 Language Safety
  21. 21 Bug Elimination
  22. 22 Virtualization Sandbox
  23. 23 Outro

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.