While evaluating the Parallels worker process running on the host, we are most interested in identifying the parts of the code to which we can directly control input. By spawning a few VMs and looking at the system process list, we can infer prl_vm_app is the binary that runs for each guest. To pursue this route, a binary to reverse would be helpful. My focus shifted to the host-side implementation of these tools, presuming it was likely that the guest directly controlled input to that part of the code. As part of the Pwn2Own meta-game, I opted to ignore these issues fearing a possible collision (it seemed at least two other teams ended up finding these same issues!)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |