Explore the security vulnerabilities of VirtualBox in this 54-minute conference talk from the Hack In The Box Security Conference. Delve into the attack surfaces of this popular open-source virtualization software, including USB backends, storage backends, and special self-use interfaces. Learn about the custom fuzzer designed to uncover 10+ vulnerabilities in VirtualBox, understanding its design principles and implementation techniques. Gain insights into the details of these vulnerabilities and discover new exploit primitives. Watch as the speaker demonstrates a VirtualBox escape exploit, showcasing practical applications of the research. Presented by Chen Nan, an experienced security researcher from Chaitin Security Research Lab, this talk offers valuable knowledge for those interested in virtualization security, bug hunting, and exploit techniques.
Hack Out of the Box - Discovering 10+ Vulnerabilities in VirtualBox
Hack In The Box Security Conference via YouTube
Overview
Syllabus
#HITB2021AMS D2T2 - Hack Out Of The Box: Discovering 10+ Vulnerabilities In VirtualBox - Chen Nan
Taught by
Hack In The Box Security Conference
Related Courses
-
A QEMU Black Box Escape Via USB Device
-
Automated Black-box Security Testing of Smart Embedded Devices
-
Advanced Exploitation - Xen Hypervisor VM Escape
-
E'rybody Gettin' TIPC - Demystifying Remote Linux Kernel Exploitation
-
Kernel Exploitation with a File System Fuzzer
-
Breakout Script of the Westworld - Tianwen Tang & Wei Xiao
