Virtual Machine

|

A virtual machine is a tightly isolated software container that can run its own operating systems and applications as if it were a physical computer. A virtual machine behaves exactly like a physical computer and contains it own virtual (ie, software-based) CPU, RAM hard disk and network interface card (NIC).An operating system can’t tell the difference between a virtual machine and a physical machine, nor can applications or other computers on a network. Even the virtual machine thinks it is a “real” computer. Nevertheless, a virtual machine is composed entirely of software and contains no hardware components whatsoever. As a result, virtual machines offer a number of distinct advantages over physical hardware.
Implementation
  • Compact. This is the biggest requirement: that the implementation be compact. How compact you need it to be depends entirely on what you want to do with it. But in general, the smaller the footprint, the more you can do with it. In the past, I’ve targeted 64K-128K of payload size, and considered that pretty good. But the smaller the implementor makes it, the more likely it is to be useful in more contexts such as first stage injection. This also extends to the libraries and bytecode that is generated for the virtual machine, as the virtual machine by itself is useless without logic to drive it. This is why I’m targeting a much smaller payload size in my next implementation, of a few kilobytes.
  • Portability. This is another huge design goal that I think many people who operate in this space miss out on. The implementation of the virtual machine should be portable between platforms. Behaviors should be as similar as possible and abstracted out so as not to distract the programmer-user from the task at hand. A task such as opening a socket on a Windows machine should work on a Unix machine as well. When we have multiple implementations of a virtual machine, we run into the risk of different behaviors, defeating the entire purpose of a portable bytecode virtual machine.
  • Dynamic. The virtual machine should be dynamic. We should be able to modify the behavior of the program and language while executing. By being self-modifying, the language and core functionality can start out very small, but be extended upon. Features that are not needed early in the process such as garbage collection can be added. Squeeze a payload in, and watch it expand, much like a ship in the bottle.
  • Secure. Using the virtual machine for injection purposes should never introduce a state of insecurity to the target machine or network! While it is all but impossible to make a virtual machine immune to examination by a local user who controls the machine, the virtual machine should not be easily attackable from the outside or use a cleartext control channel.
  • Elegance. This cannot be understated. While it is easy to write a functional and spartan language for the purpose, it is not going to be pleasant for the programmer. Programmers are happiest when they have a language that does not get in their way. If the language and virtual machine environment does not have this characteristic, then people are not going to use this tool. Elegant design also lends itself well to other desired traits such as dynamism and compactness.
Benefits
Virtual Machines Benefits
In general, VMware virtual machines possess four key characteristics that benefit the user:
  • Compatibility: Virtual machines are compatible with all standard x86 computers
  • Isolation: Virtual machines are isolated from each other as if physically separated
  • Encapsulation: Virtual machines encapsulate a complete computing environment
  • Hardware independence: Virtual machines run independently of underlying hardware
Examples
Language IR Implementation(s)
Java JVM bytecode Interpreter, JIT
C# MSIL JIT (but may be pre -c ompiled)
Prolog WAM code compiled, interpreted
Forth bytecode interpreted
Smalltalk bytecode interpreted
Pascal p - code interpreted
-- compiled
C, C++ -- compiled (usually)
Perl 6 PVM interpreted
Parrot interpreted, JIT
Python -- interpreted
sh, bash, csh original text interpreted

0 comments:

Post a Comment