Research

Alisa
May 13, 2021
Virtualization, Vulnerability Analysis, Howto

From Binary Patch to Proof-of-concept: a VMware ESXi vmxnet3 Case Study

How to recover a complex vulnerability details from a binary security patch and create a proof of concept. A case study of VMware ESXi vmxnet3 Uninitialized Variable (CVE-2018-6981).


Read more
Alisa
April 23, 2021
Virtualization, Proof-of-concept, Not-a-bug

Don't Share Your $HOME with Untrusted Guests

A story of a trivial *no-bug, by-design* guest-to-host VM escape on latest Parallels Desktop for Mac with bonus persistence, as enabled by the software vendor's product design decisions and certain properties of the Unix interactive shells.


Read more
Alisa
February 15, 2021
Deep Technical, Vulnerability Analysis, Virtualization

Microsoft Hyper-V Virtual Network Switch Out of Bounds Read

Deep technical analysis of a security bug in Microsoft Hyper-V root partition kernel component, discovered by me.


Read more
1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 • 0 • 1 •