Professional Documents
Culture Documents
–
A first Security Inspection
1
ERNW GmbH
Founded in 2001
Based in Heidelberg, Germany (+ small office in Lisbon, Portugal)
Network Consulting with a dedicated focus on IT-Security
Current force level: 15 Experts
Key fields of activity:
Audit/Penetration-Testing
Risk-Evaluation & -Management, Security Management
Security Research
Hyper-V, overview
Overall assessment
Hyper-V:
Requires hardware support (Intel-VT /AMD-VT)
Requires 64-bit hardware
Supports/requires hardware-based DEP
Requires Windows Server 2008 (64-bit)
Guest systems: 32- /64-bit
Some support for VSS (for fast copying and moving VMs)
Hyper-V:
Hyper-V
System Hardware
© ERNW GmbH . Breslauer Str. 28 . D-69124 Heidelberg . www.ernw.de 11
VMWP (Virtual Machine Worker Process)
Hypervisor Mgmt
Host
Hypervisor Mgmt
Host
Hypervisor Mgmt
Host
Tools:
Ollie Whitehouse’s GSAudit for GS flag
ERNW vistacheck for ASLR, DEP, SEH
23
Fuzzing
Interfaces to fuzz:
Crashme
Old school unix tool for executing random opcodes
Also runs on Windows ;-)
No results
IOfuzz
Tavis Ormandy`s tool to fuzz virtual machines
Results see next slides …
For listening.