Transcription of Attacking hypervisors through hardware emulation
{{id}} {{{paragraph}}}
Attacking hypervisors through hardware emulationPresenting: Oleksandr Bazhaniuk ( @ABazhaniuk), Mikhail Gorobets ( @mikhailgorobets)Andrew Furtak, Yuriy Bulygin ( @c7zero ) Advanced Threat ResearchAgenda Intro to virtualization technology Threat model and attack vectors to hypervisor Hypervisor issues in hardware emulation Hypervisor detection and fingerprinting Hypervisor fuzzing by CHIPSEC framework ConclusionsIntro to virtualization technology HardwareVMX/VT-x overviewWithout VirtualizationWith VirtualizationAppOSAppAppOSAppAppOSAppVM M / HypervisorHardwareHypervisor can grant VM direct hardware access OS manages hardware resources Hypervisor manages hardware resources Hypervisor provide isolation level for guest Virtual Machine (VM) Hypervisor architecture overview Xen VmWareESX Hyper-V VirtualBox KVM ParallelsHardwareAppGuest OSAppAppGuest OSAppVMM / HypervisorHardwareAppGuest OSAppAppGuest OSAppHost OSHypervisorType 1 Type 2 Hypervisor architecture Hypervisor Code flow:VMXoninitVMCS vmlaunchwhile(1){exit_code= read_exit_code(VMCS) switch(exit_code){ //VM exit handler// within VMM context}vmresume}VMXoffVMXONVMLAUNCHVMEX ITVMRESUMEHost modeGuestmodeVM-exit eventVM-exit default handlerBasic Hypervisor virtualization componentsoCPU virtualization: CPUID MSR IO/PCIeoMemory virtualization: EPT VT-doDevice Virtualization: Disk NetworkoHypercallinterface Hy
Windows Defender Application Guard ... Edge • Application Guard creates a new VM with Windows. • In isolated VM stored entirely separate copy of the kernel and the minimum Windows Platform Services required to run Microsoft Edge. ... Attacking hypervisors through hardware emulation ...
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}
Metasploit Lab: Attacking Windows XP, Windows, Kernel, Observing Linux Behavior, Attacking, A Guide to Kernel, One Software Bypass of Windows 8, Window s, Internals, Attacking the Windows, Over ASLR: Attacking Branch Predictors to Bypass, Attacking Hypervisors via Firmware and Hardware, KQguard: Binary-Centric Defense against Kernel