SECCON2017 QUALS PWN VM_NO_FUN Write-up

Introduction

In this challenge, it gives a simplified model of virtual machine, that emulates the operations on CPU and an mapped IO. Beginning from this challenge, I plan to give a series of write-ups on virtual machine escape. This post is completely based on [1].
Continue reading “SECCON2017 QUALS PWN VM_NO_FUN Write-up”

Advertisements

Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript

Introduction

This paper was published in DIMVA 2016. In this paper, the author proposed a software-induced rowhammer attack. To demonstrate the effectiveness of their attack, the author presented a rowhammer attack using JavaScript on Firefox 39.0. In this post, I will first give background of Rowhammer attack and then how this paper deploy the attack from JavaScript.
Continue reading “Rowhammer.js: A Remote Software-Induced Fault Attack in JavaScript”