Qinghao Tang has rich experience in cloud computing security and linux kernel security . He was the speaker of Pacsec 2015 , Syscan 2016 and hitb 2016, CanSecWest 2017.
[Abstract]
==========
The public cloud and private cloud have become the infrastructure of high-tech enterprises, and I implement a toolkit to help researchers test the security of the cloud environment. This toolkit includes virtualization system vulnerability attack components and side channel attack components. The toolkit can be used to check co-residence and escape from virtual machine or container .
In this topic, I will share several components and describe the principles that implement them.
- Co-residence check component : memory bus channel module
- Qemu vulnerability attack component: info leak & rip control module for any address read and write vulnerability, rop module
- Xen vulnerability attack component: info leak & rip control module for any address read and write vulnerability, rop module
- Docker vulnerability attack component: switch namespace module
- Vmware workstation vulnerability attack component: heap allocation module, rip control module for heap overflow vulnerability, rop module