Breaking Theoretical Limits: The Gap Between Virtual NICs and Physical Network Cards
this presentation, we will first focus on the module from HyperV guest environment, detail its architecture and the mechanism of IP packet transmission. Then we will demonstrate how to send legal IP packets that break length limitations to HyperV from the guest environment. Furtherly, we will dive into the network modules of HyperV, and provide a comprehensive comparison of the IP packet process routines between virtual NICs and real network cards. Then we will share some vulnerabilities existing in IP packet process routines by breaking the theoretical limits outlined by RFC. By utilizing these vulnerabilities as case studies, we aim to illustrate our efforts to overcome the restrictions imposed by physical network cards, and hope it serves as a new direction for code review or fuzzing when targeting virtual NICs. By: AnHang, A Ben, Qian Chen, Ruiqi Chen, Luo Quan Full Abstract and Presentation Materials: