Exploiting Hypervisors

March 17, 2014 (at 9:30 a.m.)

In the age of omnipresent virtualization, the security posture of the hypervisor is crucial to ensure the security posture of virtualized landscapes. Even though hypervisors are designed and implemented with security in mind, they may offer a broad attack surface to malicious users. Hence the thorough assessment of hypervisors is still essential for security sensitive environments. In this workshop, we will discuss three popular hypervisors: Vmware ESXi, Microsoft’s Hyper-V and the open-source Xen hypervisor. Participants will learn about the architecture, implementation and security pitfalls of these plattforms and will analyze and exploit three recent vulnerabilities in these hypervisors. The goal is to foster a better understanding of the security implications of hypervisors and appropriate mitigation strategies.

Agenda:

Introduction

VMDK Has Left the Building

MS13-092

Xen Sysret

BYOH:

If you can’t/don’t want to use your private/corporate computer, we offer pre-configured notebooks with all required tools installed for 80€/day. If you are interested in renting a notebook, please contact us after your registration at registration@troopers.de.

Prerequisites:

Matthias Luft

Matthias Luft is a security researcher and heads the German security research company ERNW Research. He is interested in a broad range of topics (such as DLP, virtualization, and network security) while keeping up with the daily consulting and assessment work.

Felix Wilhelm

Felix is a security researcher working for ERNW GmbH. His main interests are application security, reverse engineering and virtualization security. Felix has disclosed critical vulnerabilities in popular software such as Hyper-V, Xen, Typo3 or IBM GPFS and has presented his work at international conferences like PHDays, Hack in the Box, Infiltrate and Troopers.