BlackHat/DEFCON 2011 talk: Breaking out of KVM

I’ve posted the final slides from my talk this year at DEFCON and Black Hat, on breaking out of the KVM Kernel Virtual Machine on Linux.

Virtunoid: Breaking out of KVM

[Edited 2011-08-11] The code is now available. It should be fairly well-commented, and include links to everything you’ll need to get the exploit up and running in a local test environment, if you’re so inclined.

In addition, as I mentioned, this bug was found by a simple KVM fuzzer I wrote. I’m also going to clean that up and release it, but don’t expect it too soon.

I had a great time meeting lots of interesting people at BlackHat and DEFCON, some that I’d met online and others I hadn’t. If any of you are ever in Boston, drop me a note and we can grab a beer or something.

Leave a comment | Trackback
Aug 8th, 2011
Tags: , , , , ,
  1. b
    Reply | Quote
    Aug 10th, 2011 at 18:21 | #1

    i’m waiting for the code and the fuzzer code! :p

  2. abc
    Reply | Quote
    Sep 1st, 2011 at 06:47 | #2

    ? Loading a customized kernel in KVM which contains the payload? This is a very low threat level

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
RSS for comments on this post