{"id":3689,"date":"2016-06-10T19:06:02","date_gmt":"2016-06-10T19:06:02","guid":{"rendered":"http:\/\/www.hexacorn.com\/blog\/?p=3689"},"modified":"2016-06-10T19:08:04","modified_gmt":"2016-06-10T19:08:04","slug":"enter-sandbox-part-11-breaking-the-sandbox-literally","status":"publish","type":"post","link":"https:\/\/www.hexacorn.com\/blog\/2016\/06\/10\/enter-sandbox-part-11-breaking-the-sandbox-literally\/","title":{"rendered":"Enter Sandbox – part 11: Breaking the sandbox, literally :)"},"content":{"rendered":"

My homemade VMs run on VMWare. I use it for a number of years now and is my preference as it’s very fast (especially on SSD), configuration is very flexible, the management of snapshots is very user-friendly and in general – I am really happy with it.<\/p>\n

I use VMWare to run some of automated malware analysis too and with nearly 1 million files processed there are occasions when it breaks.<\/p>\n

I would be really curious to know what is the failure ratio for the commercial sandboxes, but I would imagine this must be happening quite a bit, given the volume of samples they process. I guess it’s probably one of the best stress tests for VMs – the code ran in a malware sandbox does a lot of funny stuff and is written by gazillions of clever programmers. There is a huge variety of code, data, errors, undocumented tricks, etc. – I bet some researchers already do it, but I would imagine this could be a good way to automate fuzzing of the VM software in order to find VM escapes.<\/p>\n

In any case, since this post falls under ‘Enter sandbox’ series, it’s actually just a quickie dedicated to the dialog boxes that every once in a while kill my batch processing \ud83d\ude42<\/p>\n

\"1\"<\/p>\n

\"2\"<\/p>\n

\"3\"<\/p>\n

\"4\"<\/p>\n

\"5\"<\/p>\n

\"6\"<\/p>\n

\"7\"<\/p>\n

\"8\"<\/p>\n

 <\/p>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

My homemade VMs run on VMWare. I use it for a number of years now and is my preference as it’s very fast (especially on SSD), configuration is very flexible, the management of snapshots is very user-friendly and in general … Continue reading →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[41,18],"tags":[],"_links":{"self":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/3689"}],"collection":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/comments?post=3689"}],"version-history":[{"count":3,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/3689\/revisions"}],"predecessor-version":[{"id":3700,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/posts\/3689\/revisions\/3700"}],"wp:attachment":[{"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/media?parent=3689"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/categories?post=3689"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hexacorn.com\/blog\/wp-json\/wp\/v2\/tags?post=3689"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}