Vmware workstation 12.5.5 virtual machine escape Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2017-08-08 | Type : local | Platform : windows
This exploit / vulnerability Vmware workstation 12.5.5 virtual machine escape is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# VMware Escape Exploit

VMware Escape Exploit before VMware WorkStation 12.5.5

Host Target: Win10 x64

Compiler: VS2013

Test on VMware 12.5.2 build-4638234

# Known issues

* Failing to heap manipulation causes host process crash.
* Not quite elaborate because I'm not good at doing heap "fengshui" on winows LFH.

# FAQ

* Q: Error in reboot vmware after crashing process.
* A: Just remove ***.lck** folder in your vm directory or wait a while and have a coffee :).Here is a simple [script](https://raw.githubusercontent.com/unamer/vmware_escape/master/cve-2017-4901/cleanvm.bat) I used to clean up.


![](https://github.com/unamer/vmware_escape/raw/master/cve-2017-4901/exp.gif)


EDB Note ~ Download: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/47714.zip

Vmware workstation 12.5.5 virtual machine escape


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Vmware workstation 12.5.5 virtual machine escape Vulnerability / Exploit