Virtualbox is a well-known open source cross-platform virtualization software. With the continuous update of virtualbox, its security has been greatly improved. For example, it now creates virtualbox process hardening to prevent malicious software from using VirtualBox as a vehicle to obtain kernel level access. They’ve also deleted Chromium 3D libraries and VHWA interface that are prone to vulnerabilities.
However, there are still has some interesting attack surfaces, such as USB backends, storage backends, and special self-use interfaces. This talk presents how we found some vulnerabilities in VirtualBox. In particular, we designed a special fuzzer for the virtualbox, which effectively found 10+ vulnerabilities.
We will introduce the design idea and implement skills used in the fuzzer, and disclose the details of some vulnerabilities. We will introduce in detail how to exploit these vulnerabilities, including some new exploit primitives.Finally , We will demonstrate the exploit of box escpae.