Metasploit Exploitation of VM Hosts

[rhyskidd at gmail.com (Rhys Kidd)]

Alot of the issues reported turn on the emulator not handling or
unexpectedly handling particular x86 opcodes in an unprivileged process on a
guest OS, so I could see metasm being used to craft malicious binaries.
Delivering them would be another matter. Perhaps you could also write a
meterpreter module that fingerprinted the virtualisation engine being used,
and then exploits it.

- Rhys

As an aside, Tavis accidently identifies *Virtual Machine X* in a
few comments, although I think we all had a pretty good feel for which
vendor's product it was.

*SEGR 6 & 7, Reading or writing to the 6th or 7th segment*
*registers causes parallels to abort immediately.*
**
*msg: db "if you can see this message, this is not parallells", 0xa*

**
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070725/e083ac0c/attachment.htm>