VirtualBox 3D exploits & PoCs
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
CVE-2018-3055+3085
archpkg readme Sep 3, 2018
lib print function Sep 4, 2018
.gitignore
LICENSE Create LICENSE Sep 7, 2018
README.md

README.md

VirtualBox 3D PoCs & exploits

Author: @_niklasb

Overview article.

License

Exploits

See the subdirectories other than lib.

Debug build

For Arch Linux, you can use the provided PKGBUILD in archpkg to get a debug version of 5.2.18, with the 3D security fixes from July 2018 reverted.

Library

lib/hgcm.py and lib/chromium.py provide high-level access to the HGCM interface and to the VBoxSharedCrOpenGL service, via VBoxGuest IOCTLs. chromium.py can be used to very easily experiment with Chromium from Python inside the guest. I used it to build a very simple, completely dumb fuzzer that found multiple trivial crashes in minutes.