3dpwn

by niklasb

niklasb / 3dpwn

VirtualBox 3D exploits & PoCs

131 Stars 37 Forks Last release: Not found BSD 3-Clause "New" or "Revised" License 30 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

VirtualBox 3D PoCs & exploits

Author: @_niklasb

Overview article.

License

Exploits

See the subdirectories other than

lib
.

Debug build

For Arch Linux, you can use the provided PKGBUILD in

archpkg
to get a debug version of 5.2.18, with the 3D security fixes from July 2018 reverted.

Library

lib/hgcm.py
and
lib/chromium.py
provide high-level access to the HGCM interface and to the
VBoxSharedCrOpenGL
service, via
VBoxGuest
IOCTLs.
chromium.py
can be used to very easily experiment with Chromium from Python inside the guest. I used it to build a very simple, completely dumb fuzzer that found multiple trivial crashes in minutes.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.