CENSUS is participating at this year's Black Hat Europe conference with a presentation by researcher Zisis Sialveras on VMWare guest-to-host exploitation entitled Straight Outta VMware: Modern Exploitation of the SVGA Device for Guest-to-Host Escapes.
Zisis will be demonstrating a set of exploitation primitives that can be used to escape from a guest virtualization environment to the host environment. The exploitation methodology is based on the exploitation of bugs in
the SVGA subsystem of the VMware workstation virtualization technology. The host and guest environments used will be running the Microsoft Windows 10 Professional operating system. The presentation will also provide a quick evaluation of the effectiveness of proactive protections present in the VMware software and the Microsoft Windows host environment.
The presentation is scheduled for Thursday December 6th 2018 at 10:00am in Room D. Zisis will remain available to answer questions on virtualization technology exploitation and vulnerability research after the talk, so be sure not to miss this!