Bugs of Yore: A Bug Hunting Journey on VMware's Hypervisor
Unknown
Black Hat USA 2024 · Day 1 · Briefing
This talk, "Bugs of Yore: A Bug Hunting Journey on VMware's Hypervisor," delivered by Zisis from Census at Black Hat USA, chronicles the speaker's initial foray into VMware exploitation, specifically targeting VMware Workstation 12. The core objective was to develop a **guest-to-host escape exploit**, a critical vulnerability that allows an attacker to break out of a virtual machine and execute code on the underlying host operating system. The presentation details the speaker's methodical approach to mapping the complex attack surface of VMware, highlighting the challenges faced in 2017 due to the scarcity of public research on the topic.