Description: <div style="text-align: justify;">This is the video of the talk titled "<span style="font-weight: bold;">Cloudburst: Hacking 3D (and Breaking Out of VMware)</span>" given by Kostya Kortchinsky at Blackhat 2009. You can download the presentation slides from here. <br><br>Virtualization is everywhere, and VMware is a major actor in the domain. A MacOS user running a Windows only application in a Fusion guest. A malware researcher analysing the latest Conficker in a Workstation guest. A big company running a cloud virtualized on some ESX servers. All of them rely on the security offered by the virtualization software, as a breakout would have disastrous consequences.<br><br>Yet VMware products include implement a lot of functionality, and as such have a decent chance to include some bugs. CLOUDBURST is the combination of 3 of those found in the virtualized video device (more specifically the 3D code). Combined, these allow a user in a Guest to execute code on the Host. Since the virtualized device code is the same for all the branches of the products, this impacts Workstation, as well as Fusion or ESX. Immunity, Inc. will present the various vulnerabilities and the techniques used to exploit the bug reliably, even on platforms with ASLR or DEP such as Vista SP1. Once exploited, Immunity will demonstrate how to establish MOSDEF between the Host and Guest.<br><br><br></div><style type="text/css"> body { background: #FFF; } </style>
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.