Skip to content
/ vmware-exploitation Public
forked from xairy/vmware-exploitation

A bunch of links related to VMware escape exploits

2 stars 207 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kitokyo/vmware-exploitation

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
README.md
README.md
 
 

Repository files navigation

VMware Exploitation

Pull requests are welcome.

Articles

2019: "TAKING CONTROL OF VMWARE THROUGH THE UNIVERSAL HOST CONTROLLER INTERFACE: PART 1" by Abdul-Aziz Hariri [article]

2019: "TAKING CONTROL OF VMWARE THROUGH THE UNIVERSAL HOST CONTROLLER INTERFACE: PART 2" by Abdul-Aziz Hariri [article]

2018, Blackhat Europe: "Straight outta VMware: Modern exploitation of the SVGA device for guest-to-host escape exploits" by Zisis Sialveras [slides][video][paper]

2018: "CVE-2018-6973 Analysis" by Bruno Botelho [article]

2018: "VMWARE EXPLOITATION THROUGH UNINITIALIZED BUFFERS" by Abdul-Aziz Hariri [article]

2018: "AUTOMATING VMWARE RPC REQUEST SNIFFING" by Abdul-Aziz Hariri [article]

2018, OffensiveCon: "L'art de l'évasion" by Brian Gorenc, Abdul-Aziz Hariri and Jasiel Spelman [video]

2018: "A bunch of Red Pills: VMware Escapes" by Marco Grassi, Azureyang, Jackyxty [article]

2018: "Wandering through the Shady Corners of VMware Workstation/Fusion" [article]

2018, INFILTRATE: "Modern VMWARE Exploitation Techniques" by Brian Gorenc, Jasiel Spelman, Abdul Aziz Hariri [video]

2017: "VMWARE’S LAUNCH ESCAPE SYSTEM" by Abdul-Aziz Hariri [article]

2017: "Out of The Truman Show: VM escape in VMware gracefully" by Lei Shi and Mei Wang [slides]

2017: "VMWARE ESCAPOLOGY – HOW TO HOUDINI THE HYPERVISOR" by Joshua Smith [article]

2017: "USE-AFTER-SILENCE: EXPLOITING A QUIETLY PATCHED UAF IN VMWARE" by Abdul-Aziz Hariri [article]

2017: "Analyzing a Patch of a Virtual Machine Escape on VMware" by Yakun Zhang [article]

2017, ZeroNights: "LEVERAGING VMWARE'S RPC INTERFACE FOR FUN AND PROFIT" [slides]

2017: "LEVERAGING VMWARE'S RPC INTERFACE FOR FUN AND PROFIT" [slides]

2017: "The Weak Bug - Exploiting a Heap Overflow in VMware" [article]

2017: "How to exploit cve 2017 4901" [article]

2017: "Escape from VMware Workstation by using "Hearthstone"" [slides]

2017, Black Hat Europe: "THE GREAT ESCAPES OF VMWARE: A RETROSPECTIVE CASE STUDY OF VMWARE GUEST-TO-HOST ESCAPE VULNERABILITIES" by Debasish Mandal and Yakun Zhang [slides]

2016: "Windows Metafiles: An Analysis of the EMF Attack Surface & Recent Vulnerabilities" by Mateusz "j00ru" Jurczyk [slides]

2016: "50 Shades Of Fuzzing" by Peter Hlavaty and Marco Grassi [slides]

2015: "Escaping VMware Workstation through COM1" by Kostya Kortchinsky [article]

2008: "CLOUDBURST: A VMware Guest to Host Escape Story" by Kostya Kortchinsky [slides]

2007: "An Empirical Study into the Security Exposure to Hosts of Hostile Virtualized Environments" by Tavis Ormandy [whitepaper]

Exploits

https://www.exploit-db.com/search?q=vmware

https://github.com/unamer/vmware_escape

CTF tasks

Real World CTF 2018 Finals (Station Escape): writeup

Tools

Misc

https://www.vmware.com/security/advisories.html

https://sites.google.com/site/chitchatvmback/backdoor

https://github.com/vmware/open-vm-tools

https://sourceforge.net/projects/vmware-svga/

About

A bunch of links related to VMware escape exploits

Resources

Readme
Activity

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published