[framework] Metasploit Exploitation of VM Hosts
Rhys Kidd
rhyskidd at gmail.com
Wed Jul 25 02:20:16 CDT 2007
Alot of the issues reported turn on the emulator not handling or
unexpectedly handling particular x86 opcodes in an unprivileged process on a
guest OS, so I could see metasm being used to craft malicious binaries.
Delivering them would be another matter. Perhaps you could also write a
meterpreter module that fingerprinted the virtualisation engine being used,
and then exploits it.
- Rhys
As an aside, Tavis accidently identifies *Virtual Machine X* in a
few comments, although I think we all had a pretty good feel for which
vendor's product it was.
*SEGR 6 & 7, Reading or writing to the 6th or 7th segment*
*registers causes parallels to abort immediately.*
**
*msg: db "if you can see this message, this is not parallells", 0xa*
**
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20070725/e083ac0c/attachment.htm
More information about the framework
mailing list