Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Breaking Virtualization by switching the CPU to Virtual 8086 Mode

File name
File size
5.0 MB

In the last five years, virtualisation software has been massively adopted by companies as a means to reduce costs, achieve instant scalability and possibly better their security through isolation. Recent numbers indicate that 78 per cent of companies have their production servers virtualised, and 20 per cent of them actually only rely on virtualised servers. At the same time security auditing of such software poses unique challenges, in particular when it comes to dynamic testing. In this presentation, I describe a methodology for the security assessment of virtualisation software based on switching the CPU mode to virtual 8086 mode in order to get access to the (possibly virtualised) hardware, that aims at being both generic (applicable to both x86 and x64 architectures) and extremely large in terms of code coverage. I have implemented this technology under the form of a dynamic testing tool which has proved to be very efficient in finding bugs in virtualisation software.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !