Uncategorized

VBoxHardenedLoader

[…]What we will target:
– DMI Information;
– IDE/AHCI devices (harddisks, cd-rom’s);
– ACPI OEM Information;
– Ethernet Adapter MAC address;
– PXE Boot data;
– ACPI DSDT (Differentiated System Description Table);
– ACPI SSDT (Secondary System Descriptor Table);
– VGA Video BIOS data;
– BIOS data;
– VM splashscreen (optional, just for nice looking).
[…]

https://github.com/hfiref0x/VBoxHardenedLoader

http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478

It requires Visual Studio and only targets Microsoft Windows. No Linux, FreeBSD, Mac OS X support. 😦

Somewhat related, there are also these 2 projects:

https://firmwaresecurity.com/2016/02/07/uefi-virtualbox-tutorial/

https://firmwaresecurity.com/2015/12/24/virtualbox-hardened-loader/

Standard
Uncategorized

UEFI VirtualBox tutorial

There’s another new Github project related to UEFI, this one is a turorial using UEFI undre VirtualBox. Most use of virtualized UEFI occurs under QEMU, but VirtualBox also supports UEFI’s OVMF (Open Virtual Machine Firmware) format, so it is nice to see more documentation on using UEFI with VirtualBox, not only QEMU.

Tutorial on making UEFI with CMake and VirtualBox

UEFI Bare Bone Exercise

by Emanuele Ruffaldi using CMake,mxe and VirtualBox/Qemu

Related instructiosn from OSDEV: http://wiki.osdev.org/UEFI_Bare_Bones Other related project (Make+QEmu): – https://github.com/tqh/efi-examplehttp://www.rodsbooks.com/efi-programming/hello.html

Requirements:
 *  GCC Cross Compiler x86_64-w64-mingw32. MXE is fine
 * MTools
 * GNU-efi

[…]

 

https://github.com/eruffaldi/uefiboot

Standard
Uncategorized

VirtualBox 5.0.14 released

5.0.14 is a maintenance release. The prior release, 5.0.12,  had a fix to their EFI support.

More information:
https://blogs.oracle.com/virtualization/entry/oracle_vm_virtualbox_5_013
https://www.virtualbox.org/
https://www.virtualbox.org/wiki/Changelog

Standard
Uncategorized

VirtualBox hardened loader

http://www.kernelmode.info/forum/viewtopic.php?f=11&p=27460#p27460
https://github.com/hfiref0x/VBoxHardenedLoader
http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478

“VirtualBox Hardened VM detection mitigation loader: VBoxAntiVMDetectHardened is a complex of methods implemented to reduce VM detection possibilities of the common malware.”

Interesting, there are UEFI patches for this, as well!

Standard
Uncategorized

VirtualBox 5.02 released

A few days ago Oracle released a new version of VirtualBox. It is a maintenance release, no huge new features I noticed, but lots of bugfixes, many related to hardware security issues, though no CVEs that I noticed.

https://blogs.oracle.com/virtualization/entry/oracle_vm_virtualbox_5_08

https://www.virtualbox.org/wiki/Changelog

 

Standard
Uncategorized

VirtualBox 5.0 released

Oracle relased version 5.0 of VirtualBox yesterday. I don’t see any firmware features listed in the press, and I’ve not had a chance to do a code review of the new code yet. It has improved CPU and USB 3.0 support, at minimum.

QEMU is the main platform for running UEFI’s virtual firmware: OVMF. But Xen, KVM, and VirtualBox also support OVMF, to some degree. VirtualBox can also be recompiled with EFI-specific build directives to enable additional UEFI diagnostics.

https://www.oracle.com/corporate/pressrelease/oracle-vm-virtualbox-5-070915.html

https://blogs.oracle.com/virtualization/entry/oracle_vm_virtualbox_5_07

(In somewhat related news, back in March, Oracle’s Linux distro got Secure Boot support.)

https://blogs.oracle.com/wim/entry/secure_boot_support_with_oracle

 

Standard