Overview
Explore the security vulnerabilities in VMware Workstation and learn about virtualization escape techniques in this 37-minute Black Hat conference talk. Dive into the world of virtualization attacks, focusing on USB1.1 controller vulnerabilities exploited in recent competitions like Pwn2Own 2019 and TianfuCup 2021 and 2023. Discover how these vulnerabilities can compromise host system safety, potentially leading to disastrous consequences for software developers and network security practitioners. Follow along as Senior Cybersecurity Engineer Victor V from Cyber Kunlun Lab demonstrates a complete exploitation process, including information leakage, arbitrary read and write operations, and bypassing Windows protection mechanisms. Gain valuable insights into the potential risks associated with virtualization technology and the importance of understanding these vulnerabilities to enhance overall system security.
Syllabus
Unveiling the Cracks in Virtualization, Mastering the Host System--VMware Workstation Escape
Taught by
Black Hat