Black Hat | Breaking Theoretical Limits: The Gap Between Virtual NICs and Physical Network Cards @BlackHatOfficialYT | Uploaded 6 months ago | Updated 35 minutes ago
...In this presentation, we will first focus on the netvsp.ko module from Hyper-V guest environment, detail its architecture and the mechanism of IP packet transmission. Then we will demonstrate how to send legal IP packets that break length limitations to Hyper-V from the guest environment. Furtherly, we will dive into the network modules of Hyper-V, and provide a comprehensive comparison of the IP packet process routines between virtual NICs and real network cards. Then we will share some vulnerabilities existing in IP packet process routines by breaking the theoretical limits outlined by RFC. By utilizing these vulnerabilities as case studies, we aim to illustrate our efforts to overcome the restrictions imposed by physical network cards, and hope it serves as a new direction for code review or fuzzing when targeting virtual NICs.
By: AnHang , A Ben , Qian Chen , Ruiqi Chen , Luo Quan
Full Abstract and Presentation Materials:
blackhat.com/eu-23/briefings/schedule/#breaking-theoretical-limits-the-gap-between-virtual-nics-and-physical-network-cards-35116
...In this presentation, we will first focus on the netvsp.ko module from Hyper-V guest environment, detail its architecture and the mechanism of IP packet transmission. Then we will demonstrate how to send legal IP packets that break length limitations to Hyper-V from the guest environment. Furtherly, we will dive into the network modules of Hyper-V, and provide a comprehensive comparison of the IP packet process routines between virtual NICs and real network cards. Then we will share some vulnerabilities existing in IP packet process routines by breaking the theoretical limits outlined by RFC. By utilizing these vulnerabilities as case studies, we aim to illustrate our efforts to overcome the restrictions imposed by physical network cards, and hope it serves as a new direction for code review or fuzzing when targeting virtual NICs.
By: AnHang , A Ben , Qian Chen , Ruiqi Chen , Luo Quan
Full Abstract and Presentation Materials:
blackhat.com/eu-23/briefings/schedule/#breaking-theoretical-limits-the-gap-between-virtual-nics-and-physical-network-cards-35116
