Thanh Do

icon company BabyPhD/AceBear, NYU MS Cybersec icon location Japan icon location I'm a coder, Windows internal enthusiast & ex-CTF player. I also have an unhealthy tendency of reinventing all them wheels.

Results 4 comments of Thanh Do

Execute loader binary as root but VM didn't freeze

You can check if KVM-PT is loaded through the output of `dmesg` as in [vmx-pt.c](https://github.com/RUB-SysSec/kAFL/blob/1ece095a7a835887477393b2bba88247b1536d4f/KVM-PT/arch/x86/kvm/vmx_pt.c#L850)

kAFL doesn't handle kernel panic event

Hi @mxmssh, about the problem hooking kernel panics, I believe that it is caused by the Meltdown KPTI patch. I've tried to disable KPTI on Linux and it worked for...

kAFL doesn't handle kernel panic event

Or maybe it could be the bitness? I successfully retriggered CVE-2016-8650 with kAFL on original Ubuntu 16.04 x64 as guest, with `kernel.panic_on_oops` set to 1, and CVE-2017-6008 on unpatched Win7...

kAFL doesn't handle kernel panic event

Yes, I ported KVM-PT patches to Linux 4.13 and Ubuntu 17.10 on the host, and used the QEMU version provided with kAFL. KPTI is enabled on the host. I’ve run...