Straight outta VMware (Microsoft BlueHat v18, Black Hat Europe 2018)
This post provides a short summary of my conference presentations at Microsoft's BlueHat v18 (Redmond, USA) and at Black Hat Europe 2018 (London, UK) on VMware workstation exploitation,
Black Hat Europe 2018
CENSUS is participating at this year's Black Hat Europe conference with a presentation by researcher Zisis Sialveras on VMWare guest-to-host exploitation entitled Straight Outta VMware: Modern Exploitation of the SVGA Device for Guest-to-Host Escapes.
Microsoft BlueHat v18
CENSUS participated in the Microsoft BlueHat v18 Security Conference with a presentation on a VMware guest-to-host escape methodology. The presentation was delivered by CENSUS researcher Zisis Sialveras and was entitled "Straight Outta VMware: Modern exploitation of the SVGA device for guest-to-host escapes".
Windows 10 RS2/RS3 GDI data-only exploitation tales (OffensiveCon 2018)
Hello, I'm Nikos Sampanis, a security researcher working at CENSUS. On February 16th, 2018 I presented at OffensiveCon a talk with the title "Windows 10 RS2/RS3 GDI data-only exploitation tales". The presentation focused on a mitigation introduced in the Win32k component of Microsoft Windows to prevent the exploitation of memory corruptions in the session heap (due to GDI object abuse).