Getting Physical with USB Type-C: Windows 10 RAM Forensics and UEFI Attacks

Video in TIB AV-Portal: Getting Physical with USB Type-C: Windows 10 RAM Forensics and UEFI Attacks

Formal Metadata

Title
Getting Physical with USB Type-C: Windows 10 RAM Forensics and UEFI Attacks
Title of Series
Part Number
14
Number of Parts
20
Author
License
CC Attribution 4.0 International:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2017
Language
English
Production Place
Brüssel

Content Metadata

Subject Area
Type theory Word Arm Computer animation Virtual machine Right angle Quicksort Window
Code Confidence interval Data recovery Virtual machine Motion capture Plastikkarte Process capability index Computer programming Type theory Kernel (computing) Computer animation Semiconductor memory Operator (mathematics) Password Computer hardware Bus (computing) Firmware Window God
Laptop Point (geometry) Greatest element Hoax Code Multiplication sign Virtual machine 1 (number) Device driver Mereology Power (physics) Neuroinformatik Medical imaging Mathematics Semiconductor memory Bus (computing) Software framework Endliche Modelltheorie Data structure Information security Social class Arm Block (periodic table) Gender Plastikkarte Physicalism Cartesian coordinate system Type theory Word Computer animation Window Computer forensics Spacetime
Point (geometry) Android (robot) Presentation of a group Virtual machine Set (mathematics) Device driver Process capability index Menu (computing) Trigonometric functions Neuroinformatik Exclusive or Computer configuration Bridging (networking) Computer hardware Core dump Cuboid Information security Proxy server Booting Traffic reporting Address space Physical system Default (computer science) Arm Interface (computing) Expression Planning Bit Sequence Type theory Process (computing) Computer animation Configuration space Right angle Game theory Window Speichermodell Computer worm
Laptop Polar coordinate system Game controller Backup Service (economics) System administrator Multiplication sign ACID Numbering scheme Device driver Set (mathematics) Mereology Theory Computer programming Software bug Power (physics) Subset Latent heat Lattice (group) Semiconductor memory Computer configuration Energy level Boundary value problem Firmware Information security Stability theory Standard deviation Electric generator Key (cryptography) Bit Limit (category theory) Connected space Type theory Voting Exterior algebra Computer animation Motherboard Order (biology) Window Reverse engineering Asynchronous Transfer Mode
Laptop Game controller Divisor Virtual machine Bell and Howell Device driver Similarity (geometry) Set (mathematics) Mereology Theory Number Power (physics) Different (Kate Ryan album) Computer configuration Authorization Energy level Cuboid Information security Booting Default (computer science) Block (periodic table) Uniqueness quantification Type theory Exterior algebra Computer animation Routing Window Asynchronous Transfer Mode
Code State of matter Multiplication sign Set (mathematics) Computer programming Semiconductor memory Different (Kate Ryan album) Programmable read-only memory Bus (computing) Cuboid Symmetric-key algorithm Office suite Information security Physical system Injektivität Email Arm Software developer PCI Express Physicalism Bit Maxima and minima Connected space Arithmetic mean Uniformer Raum Website Configuration space Right angle Asynchronous Transfer Mode Point (geometry) Implementation Game controller Divisor Virtual machine Device driver Process capability index 2 (number) Power (physics) Revision control Bridging (networking) Natural number Touch typing Authorization Booting Proxy server Firmware Tunis Address space Metropolitan area network Form (programming) Default (computer science) Shift operator Cellular automaton Uniqueness quantification Expression Projective plane Plastikkarte Subject indexing Word Computer animation Personal digital assistant Window
Point (geometry) Trail Slide rule Game controller Hoax Supremum Virtual machine Device driver Process capability index Heat transfer Dimensional analysis Computer programming Product (business) Prime ideal Mathematics Different (Kate Ryan album) Semiconductor memory Single-precision floating-point format Electronic visual display Software framework Firmware Metropolitan area network Standard deviation Arm Conservation of energy Software developer PCI Express Bit 3 (number) Maxima and minima Type theory Computer animation Configuration space Right angle Routing
Web page Game controller Computer file Interior (topology) State of matter Code Real number Multiplication sign Flash memory Set (mathematics) Device driver Process capability index Parameter (computer programming) Public key certificate Rule of inference Revision control Sign (mathematics) Root Authorization Bus (computing) Modem Installation art Default (computer science) Structural load Data storage device Plastikkarte Line (geometry) Computer animation Website Object (grammar) Writing Local ring Window Asynchronous Transfer Mode
Default (computer science) Slide rule Android (robot) Code Interface (computing) Flash memory Sheaf (mathematics) Device driver Planning Physicalism Bit Line (geometry) Proper map Programmer (hardware) Word Computer animation Semiconductor memory Drill commands Endliche Modelltheorie Asynchronous Transfer Mode
Randomization Presentation of a group Group action Range (statistics) Mereology Subset Lattice (group) Semiconductor memory Different (Kate Ryan album) Core dump Flag Office suite Resource allocation Information security Partition (number theory) Stability theory Physical system Seitentabelle Physicalism Virtualization Maxima and minima Bit Perturbation theory Type theory Data management Befehlsprozessor Buffer solution Pattern language Summierbarkeit Freeware Spacetime Web page Game controller Virtual machine Online help Rule of inference Root Peripheral Data structure Booting Address space Default (computer science) Debugger Memory management Variance Basis <Mathematik> Word Kernel (computing) Computer animation Personal digital assistant Blog Object (grammar) Table (information) Window Abstraction
Slide rule Code Multiplication sign Number Power (physics) Fluid statics Virtual memory Semiconductor memory String (computer science) Core dump Diagram Integer Resource allocation Error message Information security Binary multiplier Address space Uniqueness quantification Debugger Mathematical analysis Physicalism Bit Type theory Invariant (mathematics) Kernel (computing) Computer animation Blog Website Right angle Object (grammar) Window Spacetime
Web page Server (computing) Computer file State of matter Code Real number Virtual machine Coprocessor Spherical cap Semiconductor memory Computer hardware File system Data structure Booting Resource allocation Identity management Email Mapping Maxima and minima Bit Symbol table Cache (computing) Process (computing) Befehlsprozessor Computer animation Personal digital assistant Musical ensemble Table (information) Sinc function Window Asynchronous Transfer Mode
Web page Point (geometry) Game controller Beta function Code View (database) Execution unit Virtual machine Primitive (album) Insertion loss Coma Berenices Stack (abstract data type) Virtual memory Lattice (group) Semiconductor memory Computer hardware Data structure Office suite Resource allocation Address space Physical system Enterprise architecture Key (cryptography) Block (periodic table) Memory management Physicalism Bit Directory service Pointer (computer programming) Kernel (computing) Computer animation Personal digital assistant Right angle Reading (process)
Web page Mapping Multiplication sign View (database) Interface (computing) Range (statistics) Virtual machine Physicalism Virtualization Bit Directory service Usability Goodness of fit Virtual memory Kernel (computing) Computer animation Semiconductor memory Single-precision floating-point format Ideal (ethics) Interpreter (computing) Data structure Address space Window Physical system
Laptop Web page Service (economics) Run time (program lifecycle phase) Multiplication sign Range (statistics) Virtual machine Set (mathematics) Operating system Software framework Resource allocation Address space Physical system Stability theory Physicalism Bit Variable (mathematics) Electronic signature Befehlsprozessor Computer animation Integrated development environment Right angle Summierbarkeit Table (information) Window
Point (geometry) Email Functional (mathematics) Service (economics) Run time (program lifecycle phase) Mapping Electronic signature Number Medical imaging Type theory Mathematics Virtual memory Pointer (computer programming) Computer animation Personal digital assistant Semiconductor memory Touch typing Right angle Table (information) Resource allocation Firmware Window Address space Stability theory
Web page Point (geometry) Functional (mathematics) Email Run time (program lifecycle phase) Computer file Device driver Physicalism Virtualization Directory service Mathematics Kernel (computing) Virtual memory Pointer (computer programming) Computer animation Lattice (group) Right angle Table (information) Firmware Address space Spacetime
Point (geometry) Functional (mathematics) Demo (music) System administrator Volume (thermodynamics) Process capability index Open set Variable (mathematics) System call Power (physics) Mechanism design Computer animation Integrated development environment Semiconductor memory Ideal (ethics) output Figurate number Window Physical system
Group action Run time (program lifecycle phase) Computer animation Cuboid Pattern language Table (information) Connected space
Functional (mathematics) Run time (program lifecycle phase) Arm Information Multiplication sign 1 (number) Letterpress printing Physicalism Price index Entire function Pointer (computer programming) Computer animation Semiconductor memory Table (information) Address space
Laptop Service (economics) Observational study Multiplication sign Medical imaging Crash (computing) Computer configuration Semiconductor memory Firmware Resource allocation Information security Proxy server Vulnerability (computing) Physical system Default (computer science) Arm Software developer Surface Bit Maxima and minima Exploit (computer security) Message passing Computer animation Ring (mathematics) Integrated development environment Personal digital assistant Right angle Window
Laptop Functional (mathematics) Presentation of a group Service (economics) Run time (program lifecycle phase) Multiplication sign Virtual machine Maxima and minima Revision control Subject indexing Pointer (computer programming) Process (computing) Computer animation Lattice (group) Password Universe (mathematics) Self-organization Window
Default (computer science) Dependent and independent variables Implementation Divisor Plastikkarte Process capability index Electronic signature Word Coefficient of determination Kernel (computing) Computer animation Different (Kate Ryan album) Bridging (networking) Computer configuration Energy level Quicksort Information security Communications protocol Asynchronous Transfer Mode
I have that non-member movement hand or move a hollowing out
while 2017 right
welcome everyone I'm sorry for the surprising TBA as I wasn't sure what I talked about but I figured out last nite so the today stocks me
about on USB type C and what that means for word DMA attacks against Windows specifically arm and also some unifying realizations that they come across so that arm especially in the light of type c becoming much more prevalent in all sorts of new machines out there
and so this will be about myself and I live in green in Windows by the sea kernel code and I've been doing this for about 17 years now which seems like a really long time and so I like to look at windows and operations in general and mostly double on softer side but every once in a while I like remind myself that is harder to and confidence and stuff around SMC firmware and and today I'll be talking about of type C and and thunderbolt the so basically the what's happening these days is this the starting to be cheap not at the GA-based affordable USB 2 PCA you of devices for example like the 1 I got right here which is in a few hundred dollars which is still expensive but it's way cheaper than other kinds of devices that give you access to the PCI bus which are actually I thousands of dollars or you need to know by and build your PGA in do your own programming of it 2nd that's happening is type C is bringing thunderbolt 3 through Windows devices and now this matter devices so this is leading to an explosion of fundable 3 kW vices and 3 is basically PCI Express over cables so we're starting get new as BBC expressed becoming a commodity were cited C. PC over B type C become a commodity and so combines together we can never cheaply have access to all of the the PCI Express bus of another machine over the USB the bus from another which is exactly what I'll be showing today so this is the
cost for example 9 thousand 199 dollars you can still buy this they something called capture God and you got 9 thousand 199 dollars on by 1 of these cards and you can do memory acquisition and lost password recovery and on other machines but with modern hardware today you can rebuild pretty much exactly
that for about 3 and 50 dollars and that's it's really easy like I am because otherwise you could is actually rather chips that you need and cost you probably have 50 dollars instead but if you just wanna buy no ready-made cards plug them in together and that's the end of the year 50 dollars and dense not cheap yeah but it's still a lot better than 9 thousand 199 dollars sold article about
previous research around the space because obviously there's been a lot of work done around external attacks around thunderbolts swords 1 going out the existing body of work around that I'll talk a little about type and specifically summable 3 or Type C can how that looks like and the security as a lot of whatever specific very special chip call the USB 33 which is going powers alt-ac OMP the are really talk about something called the user model framework for you and the other which is a really nice windows building framework for writing PCI and use the drivers in about 2 hours a code so if you can induce see can probably ITC expressed revenue when now and I'll talk specifically about some very interesting Windows physical memory forensic details on some structures that are in physical memory that often misunderstood we get to the bottom of where the structures live why they're there an interesting data we can get from that and finally I will talk about how to actually mountain attacks using everything is learned visibly target words windows leveraging some most of that unifies them it possible for us then I'll wrap up with some concluding thoughts on this so course on a point on a sprawling many of you know that external coordinate accident around for a while 1 of the main popularize ones was a firewire against Apple computers we could plug in a fake iPod for something up at the Linux machine a pretend that it was a laptop an iPod and because fire were essentially give you the main axis and bus-mastering was a really nice way to external attack on Mac laptops and if you the Windows laptops that had so far worked well this was also doable through expressed part because when expressed got him out is essentially a PCI Express bus inside of your laptop so this and other attacks against other types of supports and that at some point or a prevalence of course today no 1 has expressed got on the laptop anymore noone probably has fire on the left of any anymore to those initial attacks actually led to some changes done to bio as vendors on 1 thing that happened is maybe lesser stopped allowing bus-mastering and or DMA until the user log n for the applied of blocks on gender classes devices or simply when machines locked little of certain operations happen at the end of the day that 0 for compatibility reasons the Austin device classes that still end up having bus-mastering and of course you can own and control the arm the device 18 a vendor ID you can still pretend you 1 of those devices that still gets bus-mastering so if the image but it was kind of the 1st time that was vendor started locking
things down no assignable specifically which you know became very popular thanks Apple arms there of course there'd of some attacks again again against this so to the D. mysterious Jobs's and of course from the Hudson with the famous thunder strike attack on a lot of these 1st of all recall uh relied on option wrong so the idea was a you plug PC Express hardware over thunderbolt and then the option run execute an and execute malicious payload against machine and at worst suitably really well against Apple computers because Apple you 5 essentially based off if I 1 . 12 with lots and lots of improvements but it doesn't have secure boot enabled so without secure boot option runs just execute ominous cosine or thing like that you know very recently apples actually on closed off a lot of those attacks now option Ramsdell executed all and more was press a special sequence so again thanks to travel and so there are map a lot done a lot of their and the interfaces as well on top of that we now have IOM menu of the that's enabled by default on Macs as well which prevents against the e-mail access even if you can do it around I was based on me so have the 1st bypass the security around now again these attacks really useful but because they relied on thunderbolt a fumble to their limited mostly to Mac hardware there's very little Windows machines out there that had the sets of ports and that you could that you could influence we what changed is of presentation than 4 years ago by Joe Fitzpatrick and of the spattered discovered this USB 3 3 device essentially gives you a USB 3 to me PCI Express interface got 1 right here very tiny little device BCI expressed me PCI for someone and USB 3 on the other hand you have a very small package that gives you a specially bridge between the commands you want some across users B and that you wanna see across PC expressed or vise versa right and this really is a game changer for 2 types of of attacks talk about because this used to be you know giant boxes in FPGA XOR very expensive hardware this is basically 150 dollars on and it's probably could probably get it for cheaper than that if you want to make you own echoing what but now it has 1 problem which is a can only do 32 bit DMA so 1 of the big problems around the taxes were how to attack a monitoring system which of course has physical addresses above just before you might range the initial usage of this device also is only about 3 megabytes a 2nd Joe was using the PCI in NPC out PCA out points which essentially just do arm configuration register access and if you make better 2nd can take a while to mount an attack the and also unfortunately this type of hardware design light have an option wrong lets you modify lots and lots of registers but you cannot provide an option with this you can do the attacks but not directly have US things to cook both
frisk then a few years later modernize the attack by adding DMA support to this other piece of hardware is actually has a certain a 4 DMA endpoints and by enabling MA endpoints over USB you cannot do attacks or dumps at 150 megabytes a 2nd or was the 3 which is a hell of a lot faster than 3 megabytes he also basically the bypass the need to have the official toolchain from the company makes a chip set which is under NDA which only work systems and so the original wrote Linux driver the metal of flashing hardware and then after that I can use from Windows as well they also figured out a really simple way to talk to the user decide which simply the formatting pretend it's Android phone were a Google for a Google Glass and to be more specific and it's a simple and driver on the Windows side or any side you can talk to use report for this made it a lot more is bowling is a git hub with plans based on this device for Linux for on and for Windows typically leveraging on assignable to or going through various kinds of arms interconnects in the middle so there's already by
a huge body of work here so you know what it what I do when I hear talk about Wolpert's 1st of all I a small bugs in the actual firmware that almost lot of had been flashing on this so that the data sheets and realized some of the retches off on so this ship has a low stability issues if you touch some wrong parts around work you don't memory to quickly there's lots of things that are in make basically die out so I figured out how to do this make you work a little more reliably especially if use USB 2 which is a bit slower will get about 50 megabytes a 2nd on it's a lot more reliable and is that of relying on the Linux PCI driver to actually flashier problem and I created a U driver and still talk about each day's schemes Achilles abusing Windows now without requiring to Buddha Linux petition at 1st and most importantly part of the stock figured out a universal implant clique their works always with memory under 40 bytes but you don't have to be the hard for specific OS techniques to get access to something that get you at the lectures to the implant using if I runtime services we can actually something pretty universal and see that you unifies always under 4 specifically on windows were also urging the how heat so far by the how he even kind of how it's how's relevant to this end also modernize attack to work across use B type C because again the original text of a thunderbolt so a few limited Windows laptops and mostly MACs with type this opens it up to basically everything so again appointed knowledge and all the work
that went in before the it so always talk about kind types inflammable 3 so basically type C is a specification for connector and a cable is basically reversible USB connector it to support up to 100 watts of power delivery of 20 voltage is huge and the key thing about this cable is a key program support alternate modes and there's so far 3 standards for all noses DisplayPort altered node a thunderbolt Elton mode in age the mild and vote but in theory you could write Ethernet over this cables well you could drive is the anything that can be signalled accordingly orders cable and so thunderbolt 3 since about genes thousand 15 you can our out fundable 3 signals over type C up a little bit slower than the fall flammable 340 gigabits or type see today it's still only 10 whether generation 2 coming out which along which ladder then sky leaked chip sets which herb known be almost simple chip sets of 4 kb Lake came out this year on scary subsets now have native thunderbolt 3 controllers in the actual chip so most brand new Windows laptops even Laplace when lattice about a year ago and this is a use Dale from a year and a half ago now come in the midrange option usually with the fundable 3 or USB type C connector Apple backup prose of course not come with 4 of them the end new motherboards as well that are coming out now I have a thunderbolt for desktops as well so really seeing emergence to use the C from Apple and also from from their PC manufacturers now thunderbolt 3 specifically is a highly highly proprietary standard even to use it on Windows the special Intel drivers that year PC manufacture sponsorship a Windows does not have a built-in fumble 3 driver and from what I've heard from my friends of even have access to the specs so they can even write a driver it's highly initiated by Intel the then you bias actually also the support enables fundable 3 controller specifically the label some security levels and the way it works on PCs if you plug in a thunderbolt 3 devised the driver is actually and notify you on new fundable device has been attached and yet she has been administrator pressed OK then you get a dialog that asks you what would you like to enable this honorable 3 bytes and you can say just this time nope or always allow so you have to acid administrator manually authorized the connection with some 3 vise which in theory sounds pretty secure was a question is you know is that admin dialog security boundary you know there's a dryer heaven and document Rockville have looked at it I will know but you know its history would suggest all the way for non-admin due to click that button anyway and but as I what I'm looking at today are not near dissecting the security of bedrock but by the fall to get a little a little pop up there now that actually pens though on
how you frog under bias so this Dell laptop and has a few options for example it has an option to set the security level and by the fall secured level set user authorization this is what makes windows have little pop up through the affable driver if I said to no security then that pop up 1 matter as soon as that plug in the device the controller will will activated and secure connects means that the device not only gives you part of lecture has a unique ID and in theory if you plug in any other fundable 3 device of the same type but the difference you'll number it'll still these to recognize that so I either authorize this thing here or I might offer lies any kind of fundam tenable 3 blocks of by similar factors so the level I authorized this 1 authorizes all other ones like at the the secure connected only authorizes this 1 and the secure levels DisplayPort only which basically turns out she expressed signaling it only allows DisplayPort as an alternate mode and of course there's supposed to be no data over DisplayPort up a lot of course what's interesting is that the laptop has by default always allowed Bell box and I haven't looked at this either we have firmware but I'm willing to bet that always allowed del . if you have the vendor ID of Bell and the Vice idea of dark you probably get through and bypass this and this is set by default the you also some other options which are not on by default but the very interesting 1 is stable fundable at boot and 1 is enable thunderbolt NPC expressed the
thunderbolt trade routes so this basically gives you access to the 2nd power on the machine you have fundable 3 access and this was while the mission is wouldn't up you'll have thunderbolt three-axis a highly configurable and by default I'm always allowed all boxes on the end user authorization is I've also manually labeled boot options under several more fun with the
lights but so here's an interesting facts about the cell if you enable fundable 3 freeboot or add boots you basic give up the Security because if i does not have a little pop up to ask you do you want to allow the lights so regardless of the security let you set as soon as he enable fundable that boots history because so the plug it in the if I mode or have philosophy 5 firmware regardless of secure was settings so already I could you know inject something machine at boot but even after boot windows is not reset the bus or rather the Intel secure governors and we set so as long as they don't unplug in reply the thunderbolt 3 vise it was plugged in that good it'll silently remain active regardless of the driver and what it sets so basically bypasses completely 0 point obviously be tread on in legacy motor and no security this also complete bypasses the authorization and while people or so that have fundable devices definable to devices in many cases there likely going to need to enable legacy note factors searching on Google last nite going over a few forms I saw a lot of uniform posts from people saying I can get this to work what should I do and people suggesting notice that legacy motor and a security not the thing is very interesting about this and I can show to you because I can do project so this trust me on this arm is when I plug in this PCI Express to flammable 3 on device which is designed to let you use an external the acquired when I plug it in what thunderbolts prosecutor offices is you're plugging in a PCI Express box and I authorize it was it authorized the box regardless of what I put in the PCI Express slot its authorized so finally have you gotten here were some of the PCI Express device and you come in and which of authorizing you come in a swap it out and put a different card inside I don't because even in the strongest Secure ID unique ID mode it still doesn't recognize that about you got a different PC Express device plugged in the bridge which is since completely broken tuning authorizing the bridge not actually device that's going to be on the bridge the and of course with the default allowed del . by default on and I'm pretty sure if you just put the right of it and indeed in there maybe there's a symmetric key who knows I'm pretty sure you can bypass that as well so there's a lot of nice security toggles but in practice they're they're not really strongly implemented today the so let's talk about the 3 380 itself the 3 380 basically is a 15 dollar check now with that word so the more expensive and it gives you PCX preservation to USB 3 . has 40 a channels so you can do in and out depending on my program them and has to PCI channels as well so you can asset MIO touch BCI configuration resistors and so on and so forth and has specifically channels for configuring the device as well she can access almost any PC I had a a register almost you and use be register manatees is you can kind of influence your own was beat I saw in implement own PC restaurants on top of that it even has on the chip on the controller and 80 51 microcontroller and a few atomic controller can be connected to the problem any connection of code that executes and the 1851 has full access to all the registers arm as well and there's a company Taiwan or China nature they have both websites called B plus and B plus lecture sell you some development it's they'll sell you the pp th 3 380 which is an actual PCI Express cards down as a kilobyte E-Prime bill so he was B 3 3 EVB which is what I showed you earlier which is a small mean PCI Express version which has only 26 by the prime and of Express card version but no 1 has been able to actually get that to work with with some of the torques and talk about now unfortunately a few months ago PLX actually makes the chip on and got bought by broadcom and now you know NDA taxes datasheets you you to do anything and so thankfully you know i've got all the I got all the sub before the accident happened in other ways have to sign up for the Broadcom account and and worry about that again those if you browser chip can only to 32 bit DMA so you're stuck with ATIS below 40 bytes and also if you you DNA to an incorrect address basically a memory hole reserve region of RAM more and MMI 0 devices you lock up in some cases yeah shift power it off with a few seconds powered back on some of just we plug and unplug the vise dies if you may on about memory the was both of of the big issues is modern operate systems have memory above 40 bytes a lot times most the time and you don't know ahead of time where the physical address space of the emission looks like I'm obviously has some well-known addresses like as a member and they should never touch but you might have some specific memory will on Isabel and then all the lights locks up on which makes attacking and reliability of a lot harder and is gonna where interesting mean can I find ways to make solar
better so of the box by this 3 380 device on it's in a kind of a inert states the PCI Express injuries is active but the USB side is not so you have to flash it with your own custom 0 prime and yearly from has basically of 2 2 of the 6 bytes and minimum of configuration registers and you go through the prom configure how devices than act so you can configure the CID the device ID a user control rats that you want so at minimum needle header and then you can specify the size of firmware and in this case we're setting up from the use the control register to this value which if you look at a datasheet basically enables USB site so if we set these I these bytes in this you at the problem this old man the use the controller that's kind of the very basic steps the with a firmer works is you essentially it's all big-endian and you take the register that you want to modify and divided by 4 into index of you wanna modify register c divided by 4 Xerox 23 and then specify if it's a USB control register or if it's a PCI Express resistor in this case is was the and data comes after that so this is how I was settings value in the years the control register
that other things you'd like to do is give this thing a more interesting PCI Express vendor and device for example brought the reader this is actually give the device bus-master access even during logon even before lot about Serena configure PC arresters 0 to give is that PCI vendor ID and I device ID then we're frog under the points 1 endpoint . 4 out for right skills were like get a 1 more speed on reads rights and 3 different humane endpoints for reads each of these points into 16 megabytes a 2nd so you can do the math a give us a pretty on pretty fast transfer speed especially can multithreading and things as well the to never idea man points actively that fake PCI ID the last thing that we need to do is for example said about Google Glass you BID this make the was beside look like a Google Glass will make easier press I look like a brought them as the car driver it is essentially a standard on COE prime of for example the use on in his attacks in the blue glass just so we can then drop an Android um ADB driver without having to write a custom signed driver for that but will see there's not you don't necessarily need to go down that route no other dimension is the PP 380 that PCI 1 another 1 using actually has an equal by the product so because the 1851 ship that's there which is only not running has full access to you as being PCI this entire track them after doing through to separate machines I could have implemented all of this in the 51 he problem in a single plant device that displays and I use the seaport right so doesn't have the will of those unwieldy they can be a simple types the device that you know the right they said or even this'll chip you plug it in full E prime on it and you mount attack directly this given amount attack and the reads from the switching the other but because of the some chip is very easily just directly and this is very surprising right as before this ever a ship he had to have your own FPGA would do its narrative for example which is put MIT sonnets on this is makes it much much much easier you on top of that you have some nice diagnostic LED is that the bus but on this euphoria ladies 3 orange and 1 blue and this can be very useful during development actually a blink bilities and he was going on and specific if using III 51 you can use the LED is kind of signaling to know OK and connected OK the DMA work OK tax at this stage and is a really nice neat little package the bits is everything you could need and thought almost like they thought about whether their target market is going to be so people
given without the firmware arm and you can see a use Suel pour control on 1 side and again see nothing on the other so the 1st thing we program that's silly from the program this helium from we need an actual driver to attach to the PCI Express device memory mapped the bars and then access the rest a supremum the VC port so for this you need a driver now writing PCX press drivers sounds like a really hard thing to do but it turns out the max of needed really really easy was something we call you and the other which is the user-mode driver framework and I'm gonna teach you how to write a driver moral basically show you in a few slides just how easy
sets so we need a driver to map the MMI arranged on the PC Express device and we need to flashier now real kernel-mode driver is hard to write Lisa movies of death and also has to be site especially those versions of Windows 10 has to be signed by Microsoft submitted to the WIC acidification of page and you know tough luck getting a no DMA attack drivers serially prompt larger Simon max now the nice thing is that you and the In specifically winners 8 and later now has full access to the PCI Express bus and with the right settings you i a file you can actually as memory-mapping she express them in user mode and natively access it as well as nearly accessing edges as well and you have the of drivers a deal else that running user mode and so you don't have all the strict signing checks In fact the only signing checked is at installation if it's signed by something in your local trust authority so for example would move there when he published the Windows driver is is Bayes rule dollar that has his certificate installs the interior and trusted roots installs the driver and then to the certificate once this is all there's no load time checks whatsoever so technically you and the use modems don't have to be signed when the load of the user to be signed when they were installed and they just have to be signed by something year local certificate store unlike real kernel drivers assured much more coded than that so basically you and the other driver on just he's an iron FIO we configure these 2 settings allow direct harder access and register using using when mapping anybody in the PCI device idea that you want control and the first one year is when the device comes up in its default state base with before we program at and this is after we parameters abroad come is the card so this can act as a driver both for the original on flash the guys also after or custom Flash once you had the iron file done basically like 3 lines of
code to create your driver objects 10 lines of code to then create the device which will react whatever the device is plugged in and
the 1 devices is plugged in that's when you have 15 lines of code to basically
enumerate the resources find the brown see that's a kilobytes which is the default size of the the MI arrange basically map it and that's mapped in user mode and we can flashes and were pretty much done except if you wanna be good programmers we also they
need to clean out when the harder is
released so 4 slides of about 40 lines of code and
without a PC Express driver and doesn't decide and we can flash the firm on
this thing the once we've done this then basically will come up as an android Abdul Google glacier ice and is getting the Google drivers which already signed anyway the user models as well I will now give us a win USB interface now now long-term my plan is that you write a proper non Google Glass relying USB driver for this using you other but because all has already done all the work this BCI reach tool and why reinvent the wheel so to make to keep pistol working with some the stuff I'm gonna show I just kept it as the world lasts a linear works natively with with his skill aren't PCA which is really really nice it all bunch of things here basically extended for some of things are going to be talking about in this section so now I've got a who glass on 1 side of another PC Express device on the other the so now what are the fun things we can do with this is that I have you may access the bottom 32 bits of memory well 1st all talk but how he the value that's something I 1st talked about it since can about 5 years ago I'm using as far as the CPI physical attacks and ever since then people have found more and more interesting ways of using the healthy but a lot of misunderstanding exact about how the hell he works where it is our logical say that static when in fact it is inferred on a drill down and can have the final word on what what the hell he is and
what it means for you so the how heap is basically how referred to a special region of address space that the kernel the boot-loader and the Windows hot abstraction how treat allocator pre reserve even before boot and the virtual address space of this has always been FFC 0 0 0 0 and so fff fff fff for total 4 megabytes so everyone kind of knows not to touch this region that's what the how can allocate things because the how allocate things for the Mary manager comes up so we e-dictionary Madden never tries to use of a flatter sets that a megabyte after the beginning of the how space is would keep itself starts so the how keeping the allocation of a help make are 1 megabyte after the beginning of the address range which is F F D 0 0 0 0 0 0 when a 64 bit this simply extended so becomes that of of of of of of of of of of of of the 0 0 0 0 0 0 on any Windows machine you're going to have something there except in craters update so Windows 10 are coming up this staple Redstone to they have now randomizes region so no longer is at that address and it is the final Kermode addresses that had resisted randomization for many many years now this is in the randomized as well as the ruler busy decided to put it and tells everything else after that were in a city with physical accesses the same ways around now in a lot of places that how he in physical memory is set to begin a 0 x 100 thousand especially Oliver's windows for example even on um and on a blog on core security at publishing abusive a stables through the presentation but those assumption 0 the how he that 0 is 0 some thousand and it's a zeros 1 thousand when is it going 1 matter because yes usually there is some memory there but actually in some cases the researchers was really looking at how he they thought they were so we'll talk about what exactly is there and they don't have to the how he doesn't have to be a that's what you see where where it's really going to be is a static the the physical allocation is static but it can be predicted if you understand where comes from same the border words lattices even before Redstone to people have assumed that within that how how he range so reallocations always somewhere that's actually not the truth the reality if I was in the region that we call the how he there's actually a an actual heap in there and as actual other allocation that I made as well so the how he this kind of a very misuse workers is the HAL address then what bicycle the how heap inside address space and as the heat inside a Hal Hebe address space but other non heaps of as well so I was going to stand like people get confused about about all this so worth policy how allocations come to be in this in this heap so 1st we have house over to Al-Qaeda the virtual here is very simple it starts at a base address which up until very recently was fff the 0 0 0 0 and it grabs the next available virtual address so there's no randomization or ordering here just the next the velvet lattice the physical allocator wooden decides which physical pages in the math behind a virtual page is all the more complicated 1st of all checks for special flag called discard low memory which you can actually enabled the city and so show you the and on K. Pick systems so office and have an 8 bit which is most systems today this is set is a set by default so this Scoville memories automatically turn on if you have a pick system like a really old you know x 86 with a single CPU that it is not as a whole so this is this is able to so they do not discard low memory the use memory also have hydrazine labeled and you're not putting on the root partition they'll also be visible so we're gonna use low memory then it's gonna check what is the maximum physical pager willing to accept misallocation lunar reality memory through how you specify what's the maximum if the maximum is below 1 megabyte and you have less than 1 megabyte were the pages and discard low memory is disabled we're gonna pick 0 x 1 thousand as the 1st abbess Minister allocating at 4 kilobytes of page 1 page 2 page 3 if only discardable memory is turned on and there is no requirement for your physical address to be below 1 megabyte then we're gonna start a 1 megabyte and at 1 megabyte of an find free pages or temporary from page anything his Marcus firmer temporary or free starting at 1 megabyte sobeys there's 2 possibilities either we allocate saying it amended or we allocate starting at 4 kilobytes based on the pattern the she have and based on what the requester actually so here's an example of the machine at boot up we can see here that the how has started using page 103 because it started at 100 but are you have something in 100 from the bootloader Iady has something 1 1 you have something in 1 of 2 so they start allocating and 1 of 3 the example on on these machines the how the business started physical page the Xerox 100 if any any tag that assume that would would break automatically because actually do have 3 allocations here unlike other machine only after the start of 100 so it'll start somewhere near 100 and there you're guaranteed that pages will be contiguous and so you get the beginning but you might have to do some scanning it's not a Sudanese rests on or it could have actually been starting at once if I had a big machine a enabled ifi able discard and so that's regular bit of
variance know what actually lives in this how he well any allocations they're done very early and boots by their how before the kernels actually initializing a manager so there's an actual heat that is used to uh out by how and then allocate memory there's the CPI so they're acpi tables are cached it uses the how he I'm also something called allocate early pages whatever dryer once early pages it is there how he the page tables for how he itself come from and how he and to give a kernel debugger blood then the sum allocation that skin and the coming from the how he does well plus a DMA buffers and to be allocated there so there's a whole bunch of stuff that uses the how he so the structure house actually look like in virtual address space is also gonna be will be different the for example if you have kernel debugging enabled then the very 1st thing that gets allocated in the how he is going to be a kernel debugger structure a little structure how users to identify the physical device using foreground debugging the if you don't have a currently blogger attached then the 1st allegation was going to get made is actually be a timer objects entertainer object lives in the internal heat so the basis of the internal heat is going to end up being a little bit different because the but devices come from internal heat and the 1st thing that we allocate is a kernel debugging device the internal he begins here if on the other hand you don't have currently bagging then something else is that you can use that address and see what it is and then the 1st internal heap allocation actions to start a page later so the actual internal the part of the how he doesn't by the fall actually started at the beginning of the how he that starts appease later a a debugger blood in to imagine while AI researchers parliament doing their work they have a debugger attached and so the thing that is at the beginning of internal heat when in fact in most cases they be that other types of this is pretty terminus that's as 1 of those 2 depending on what the you curly butter plugged-in were not then within that internal on Commissioner curly burger at device might be registered on then at object gets registered then use controller gets registered and ejected you have fairly bugging than a secondary copy of that about device can register so alternately if you move watch the allocation that I made their which always then this in order and they're all the same size you can pretty much predict what is going to look
like come and so you know this is a diagram there make more sense on the next slide and was that
publish it but basically this is the entire space of the internal heat and the how and why you can understand you know you you able to understand what you know the allocations what every single thing of whatever 1 of these things that's for every machine while you're booting out there how he was
going have the same allegations elites for Windows 10 right obviously Mexican add more code more places can change but it is hyperdeterminants that once you know where to
actually start to example this is mostly
for reference on that earlier picture these are all the allocations were able to see with the fixed size and the fixed the types is that 1 of the interesting things I noticed while doing the analysis is actually a body in the in the code in the how armed that allocates the space that needs it i it takes a unique code string very has the number of bytes and things as the number of characters in multiplies by 2 again so you know there's a little bit of a waste and how deep as well but it can all be understood once you see with the static allocations Russia going to be so what have we learn here so 1st so we learned that if the kernel debuggers attached then FS DE 0 0 0 they be the internal says the house and the 1st the the internal Bayes error the power and the 1st time the object is to be at Xerox and fades plus invariable sites the because the 1st allocation is actually be the debugger object then the time around if you don't have currently body and there's something else is going to be enough the 0 0 0 you can wait for it and how he watches the at of the 0 1 0 0 0 and the 1st object there will be a time objects now nice by the time object it's got some callbacks it's essentially have an arbitrary right will ability either in a virtual memory or in physical memory you can patch 1 the time Roger that's which is the beauty terministic addresses either in a b over here or there plus some offset if you pat etiological back to get instant code execution and this is actually been leveraged in on the of the core security blog they attack this object but again amid some assumptions about where going to be which don't always hold true after these initial allocations every other allocation can be somewhere else so there's a whole number of all the things that may come at the place in the interplay and it that's how many CBI
tables you have and so on and so forth the so the physical memory said that either starts of a megabyte or starts said um 4 kilobytes but individual allegations can themselves specify a maximum addressed so example acpi cache memory and the main memory always must be below 16 megabytes of says that's a cap and then another occasion called the little stub always wants to be below a megabyte which means that ended the file system where the hell he starts allocating at 0 x 100 at 1 megabyte because the low style is the only thing that requested being below 1 megabyte the only page have below made is low stub and the low style will always be the x 1 thousand no 1 Earth is a low the of is 1 of the most undocumented structures that I've seen in my entire reverse injuring history known and talk about the server is a tiny little piece of 16 bit code that still lives in even a 64 bit Windows and it's using 2 cases where you booting of the processes at boots because as some of you probably know when he would appear fancy caveolae processor what is it would up as a 16 bit processor thinking there's always 640 K of memory so we need to have some memory and 640 K real mode to bring it up and protected mode and then bring it up in long mode battle most of 2nd most of those is an abbreviation to sleep during a machine to S 1 year OK but S 2 and S 3 sleep states they wipe the CPU's states so what is the resumes from sleep what is the think it is a 16 bit processor with only 640 K of memory solos initializes the processor brings it back and protected no razorback along mode and brings about where need to be so the low style has been a Windows since and T 1 never seen anyone and even even talk about the status exists and because of the allocation policies and modern hardware it's always going to be the x 1 thousand which has some interesting opportunities because that low stop isn't just 16 bit code it's a little GTT is well a little ITT the on identity map and perhaps most interestingly a structure called processes state which is documented in the symbol files and in the header files and that process state structure
contains Sierra 3 the
instruction pointer the stack pointer N and so basically you can leak at a fixed virtual address on any us fixed physical address on almost any machine in the world at at a 0 x 1 thousand the address of the kernel beta at 3 PM or 4 or 0 3 which a were since you have this physical memory acquisition becomes really easy and on almost any modern machine is going to be a you know 0 x 1 thousand plus whatever the office of the structure you can also get the answer of the kernel enterprise beginning at the end of the kernel stack indigenous of the motor block which is another key move structure plus what's really nice is the lowest of actually has a selfmap pointer which gives you the virtual address to the low so you know where it is in RAM is pretty much fixed and it also tells you where it a virtual memory and you know it's in the how he somewhere at some offset off heap so even and creators of the way a randomized the how he well you know exactly where it's going to be if you can access the x 1000 with an arbitrary read primitive India or with the DNN attack so basically now that we have a low stub we can get the address of the how he'd been virtual memory and even if you have a system with a loss of is not a 0 x 1 thousand is be is a x 2 thousand and 3 thousand in the case where we discard low memories that enable right is the housing habits of allocation of your 1000 2000 will something be some after that this other and 1 thousand or summer near 1 thousand if you have an XT 6 pick system and you can just scanner and them so now we have a serious restructuring of the page directory and we can now this an interesting attacks with work lattices was on top of that which is no topic of this talk that searches a CPI sleep to a really nice persistence point with you put your own code in new and the low stubborn machine just as tourists we sleep when it comes back it take direct control the CPU before anything else units run on it so at the little out of scope for now that's an interesting research related OK that's a little stub
but also so there's another allocation that happens in the house at the of the 0 0 0 0 if you don't have the curly about enabled if you have the curly but enabled them is actually be are some thousands this all allocation is done super earlier do as early as possible x of the of the it's a view of the butter and it's a structure called the acpi by a small flame note which is a piece of code has been around since N T 1 based on the old 16 bit aboral look up in detect . com which used to run on old systems detector hardware and a created this acpi bias multi-node what's that
structure well it's the physical address of the CPI cables and then an array of ACP IT h 20 entries and the 20 entries was the old way in the 19 eighties the by doing in from 15 you could get a physical map of all the physical pages and the current views which was the holes which host ROS memory which should not be touched cetera even today on a brand new 64 bit system with you if I and with no bias nothing like that Windows and Linux still to raise the 820 entries by either getting them from the bias or emulating the bias the if phi maps so the fights occasion has as a whole new way of creating a romance what every always does is it takes that and rebuild the twine that because that's what I was guys have been doing for you know 20 years that so they wanna get back to so basically that structure contains in virtual memory at a fixed address essentially every single physical page and range I should say and if it's usable off reserve so now combining these 2 things we have a fixed address in RAM where we can get the page directory of the kernel plus the virtual address space of the how he and we have an almost guaranteed Addison virtual memory which is going to be a 50 0 0 0 worth of the 1 0 1 0 0 0 which has a complete physical memory mapped the and remember the 2 problems we have those with the USB 3 380 was we need that that's something below 40 bytes reliably and we need to know the physical memory mappers because we're touching about page we rational whole device was offline now I know it's about page and not so now I can attack the system but what do we do now well we get that the CPI sleep interface with good time the CPI ideals but those or the complicated tax and they're gonna rely on the machine going to sleep or their ion on the CPI interpreter I would like to thank the West self the OS is likely to be somewhere above the 40 wide range so we're going to do is rare that you find
is that of attacking you know us now the vise
something but basically called runtime services and what's interesting about if 5 that it still has support 32 bit systems especially because your CPU's the woods up 16 bit motormen Johnson very the protected nodes especially because you can still stall 32 bit Windows on any laptop in the world 32 bit Windows wouldn't know how to react a 64 bit physical addresses and so the if i is guaranteed to have all this allocations below the 40 about arranged on any machine in the world so they can tacky and I we don't need to worry about where the OS is we can guarantee the presence of the pages below the 4 D right range now attacking if I
sum Southwark something can do at boot but such is something you do after Buddha's as well because the if I has a set of run-time services and runtime services provide the operating systems of access to time access to be able to reset the system access to new environment variables and access to updating framework at a 10 or Mac OS and Linux and Windows they all use if I runtime services so we can patch those we can then have a implies B called regardless of what the US sets so we have to find where those runtime services are there is Ravana table call the RuntimeService stable this is allocated in the if I pull in the if I pull has a nice little signature that we can look for 1 for free allegations 1 for actual
allocations and 1 for the tail of the allocation so in between the hit is 0 and the p-tau there's maybe an allocation and then the runtime services table itself has a signature which is run search so by just scan all mineral 40 bytes and I jump already at a solution or invalid because the red the memory map in the CPI buys multi-node I can find runtime services stable at image about the right thing because if I add up the header size the
tail size and cross correlated with the runtime table size it Akimiski mission
about the right thing and if few sizes see the picture that now the 1 difficulty is that Windows case better runtime service table and virtualizes they came maps in virtual memory all the functions and changes the address the plus if you have devised got turned on it will some cases around in detail 1 as well so when this kind of change all those pointers Mills than elsewhere passes them to the how in the hell can select only a few of those banners and then stories and another table with me that if you do find a table the pointers in their 90 valid anymore because the move somewhere else and number 2 even if you find a table and Patchett winners doesn't actually is a runtime services table it uses its own copy of the table which is moved elsewhere so this kind of sad it had depressing at 1st however for some interesting reason when Windows patches the if I go out when it moves the fire runtime functions elsewhere it actually a thing accidentally or bizarrely patches the runtime table with the address of the new functions so even though would nothing is gonna use those that run timetabling warmer winters still takes care of updating the runtime table with where it put the functions then makes its own table so forget actually still find original firmware table 11 passed by the OS with the pointers and on top of that there are 2 point is that it doesn't touch which will have the physical address left in so graphically it can explain so that better here is essentially the if I run table and here is the pull header with a size of B 0 and the type of 6 which means runtime memory then at the bottom I've got the pool tailed with the size of the 0 and so in between about the if I runtime services and there's a signature here
that says Ron sir because he always wonder that that that that that that that that that of a this is where the kernel remap the addresses so I have the virtual addresses and in the middle is to find you the still have completely different pointers which are the physical address so they actually leak the physical address of at least 2 of functions plus if you have virtual memory acts of the page rectory you can get a virtual functions as well now what this is even easier is that all the runtime functions in the firmware they actually even at the files so all those functions are actually pointers to functions in the same PE files so if you have the physical lattice of 1 of the functions you can just look up and so you find it the header or in the header and then you know where the actual if I runtime drivers you can get as base address in you can do this some simple
math to figure out well OK if this address physical is you know close to this address virtual and got it the header I can figure out this and I can get the physical address of all the pages or because we've got the ML for we can also just use of worth lattices directly rights as we do have the kernel space directory we can look up those addresses but the point is that you don't have to because of the use of physical pointers leaking making it the virtual pointers on as well some of it is that we can patch not the table but 1 of the functions that's pointed to by the table with their own implant coat and the only thing that's left is
getting the call getting the implant to run the and this is unfortunately kind of an open problem because Windows does not have a simple mechanism that's a non have been you can use to basically um get any affine function to run the BCD which uses the A 5 killer gasses by admins the firm environment variables even to read a firm environment viable we have to be an admin windows so there's no command ideal define it to force the phi function to run but periodically you're going to get things like the memory diagnostic our when this sender volume snapshot system restore they will end up calling get viable at some point and if you've get variable you'll eventually get is ecution on but you do have to kind of wait around for the system to be able to do that so if someone figures out a way to trigger this in a
wide I'd welcome the um the input so let me actually do a quick little demo going to plug in the of of the PCI devices here should probably turn off the power 1st and then these BCI reach
to try to get the runtime table hoping that it works tested this way instead Ch OK so that's 1 end of that have but this year hoping we're that'll be you sound we split this year it would who has powered up this melodies is a good and allow the connection of the box k here with Ozal and you try to find my hadn't men from them I should have opened up there is the so now try 1
command which is to search action to dump the i you reuse the canonical patterns are
lazy but this should find a memory
so it's called patch of the patch what is command does is it looks at the CPI buys multi-node which again is maybe be hard-coded arm in physical memory or we can Stanford and now I know exactly all the physical addresses on this laughter that I can access some of them are reserved for better not touch them the ones that are not reserved I conducted then I can search for the runtime table using that information so when the search the search will take a little time and then obviously but the LED is a kind of blinking here indicators axes going on and this again be searching for the arm that runs
table and if we find it demagogues and it'll print out the function pointers and the data such that In this has a scan the entire arm address space physical address space if you don't know whether I think it was new we know below 4 gigs somewhere the lecture should
pass in the flat that was in a crash so all all do it 1 more time on what actually
scanning I'm just a kind of conclusion fast here so 1st of all you have to run Windows then of hybrid enabled 2 things can happen is a the firmware services are going to be in the kill 1 they're going to be in the out protected region of the hypervisor memory as if you try to do the in attack against the if I memory you will be able to would devise got turned on you actually OK but here's the interesting thing the only run the firmware the salon earlier slide the only 1 the firm or indeed kill 1 in the protected environment if it's actually not that w x or x so if you form a developer like on surface did the right thing and the former is not writable and executable they actually don't protected because they assume it's OK it's not writable everything's fine they only protected it's actually rival and executable they projected in the hypervisor to make sure the rings your explicandum packets so ironically what trying to protect the former ring 0 exploits they d protected on most systems against the MAX what's so if you have like vulnerable if I for ordering 0 exploits will be protected if you have a firm more that's not vulnerable cases right w x or x they won't protected Lu with the iron mean you and then you get a patch of the image kind of weird the 2nd thing is that the memory M that I use less than 1 megabyte memory option if you use BCD edits and said 1st megabyte policy to use all of this should make it a little bit harder for attackers find a low style is now you can be the court case New Guinea the corner case where allegations don't start a megabyte but they started 4 kilobytes so low studies maybe someone the middle of all the other allocations going by default the 1st megabyte policies to ignore the 1st megabyte that's where the only thing that ends up there is a little stuck and of course if you have a laptop with thunderbolt you know don't use in Windows always enable don't disable fundable security and I would recommend not enabling things like always trust del . arm and definitely don't enable fundable that booth because that bypasses in all of the security that Windows and gives you
there we go so this finished found if I
runtime services and use all the virtual lattices where the other functions are on the bell and again notice these 2 pointers here which early physical lattices tonight and allow me to figure out everything else it's you can match the city nothing calls them that's why there's still old but if you can I use as the patch and everything else this now gives you a
universal attack against Windows machines even against Linux lump both actually read a lot of work on earlier desolate she's as what so wrap up and Joe also obviously there once you kind of figured out the use 3 380 they did the initial for Fred they did all presentation on this so they have these are huge kudos for Help the you'll be able to do that this version of the attack that focuses on on Windows with 3 the 1st there and travel for all of will work pleaded on before that but also a friend of my from max after she allowed me to plug the device into remarks of corpora laptop for the 1st time to try out how things were working and then index them by Mike user corpora credentials user corpora password cool it works I am also really wanna think the recon organizers for doing an amazing job with the 1st recon Brussels I think it's amazing on on a monitor been here for the 1st for the 1st 1 so I'm big shout out to tera from recon work so hard to bring this year so with that I'm open up to any questions
alone guessing Silurian hungry but the
think again for your time and think again for for regard for hosting promising and some of them are what we go in the back so you made an assertion at the beginning that even if you run vulnerable answer the most secure mode where it's using unique idea on the device knowing challenge response that it's actually only authorizing the British rather than the devices saying like you've got a dark you're slipping in different PCI cards and if you sort of a different PCA kernel still actually have authorized the dog not the card I don't think that's true I think the I mean the thing is I don't think there's any devices out that actually use the random idea of the unique ID and the challenge response protocol so I don't think you could actually tested but basically it should be the actual PCI device itself not like bridges and between witches sending the challenges and doing the responses so you say that the design is actually save gasses with implementation of the harder it is incorrect at home saying that it's not the mode that like Dell users by default there was just 1 of those optional modes for the thunderbolt security level sure things by that factor going bias and I enable that mode which is an option I've tried it out and it is the lessons so I didn't have any of device is not actually a thing that so you can turn on the mode but basically yeah and right inspected the Delphinidae and they're turning on a motor not actually but do not actually enforcing the policy that requires the unique at which it which inhabit is broken it should have a warning saying you know this is not supported or something like that to that just on the the the can feel secure with foreign words which wouldn't actually check the signature of our problems the for anyone of any other questions but on when editing their lunch they much
Feedback