VMware WorkStation 12.5.5 – Virtual Machine Escape

• Exploit Database
• 13 阅读

• 作者： unamer
  日期： 2017-08-08
• 类别：

  • local
  平台：

  • windows
• 来源：https://www.exploit-db.com/exploits/47714/

• # VMware Escape Exploit
  
  VMware Escape Exploit before VMware WorkStation 12.5.5
  
  Host Target: Win10 x64
  
  Compiler: VS2013 
  
  Test on VMware 12.5.2 build-4638234
  
  # Known issues
  
  * Failing to heap manipulation causes host process crash.
  * Not quite elaborate because I'm not good at doing heap "fengshui" on winows LFH.
  
  # FAQ
  
  * Q: Error in reboot vmware after crashing process.
  * A: Just remove ***.lck** folder in your vm directory or wait a while and have a coffee :).Here is a simple [script](https://raw.githubusercontent.com/unamer/vmware_escape/master/cve-2017-4901/cleanvm.bat) I used to clean up.
  
  
  ![](https://github.com/unamer/vmware_escape/raw/master/cve-2017-4901/exp.gif)
  
  
  EDB Note ~ Download: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47714.zip