Abusing Silent Mitigations

Video in TIB AV-Portal: Abusing Silent Mitigations

Formal Metadata

Abusing Silent Mitigations
Understanding weaknesses within Internet Explorer's Isolated Heap and Memory Protection
Title of Series
Part Number
Number of Parts
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
In the summer of 2014, Microsoft silently introduced two new exploit mitigations into Internet Explorer with the goal of disrupting the threat landscape. These mitigations increase the complexity of successfully exploiting a use-after-free vulnerability. June's patch (MS14-035) introduced a separate heap, called Isolated Heap, which handles most of the DOM and supporting objects. July's patch (MS14-037) introduced a new strategy called MemoryProtection for freeing memory on the heap. This talk covers the evolution of the Isolated Heap and MemoryProtection mitigations, examines how they operate, and studies their weaknesses. It outlines techniques and steps an attacker must take to attack these mitigations to gain code execution on use-after-free vulnerabilities where possible. It describes how an attacker can use MemoryProtection as an oracle to determine the address at which a module will be loaded to bypass ASLR. Finally, additional recommended defenses are laid out to further harden Internet Explorer from these new attack vectors.
Covering space Addition Multiplication sign Memory management Set (mathematics) Exploit (computer security) Flow separation Computer programming Radius Computer animation Internetworking Right angle Speicherschutz Proxy server Family Vulnerability (computing)
Axiom of choice Presentation of a group Greatest element Randomization Code Multiplication sign Source code Insertion loss Function (mathematics) Computer programming Software bug Programmer (hardware) Coefficient of determination Different (Kate Ryan album) Single-precision floating-point format Videoconferencing Endliche Modelltheorie Vulnerability (computing) Sound effect Electronic Government Bit Price index Flow separation Proof theory Type theory Arithmetic mean Process (computing) Order (biology) Website Self-organization Right angle Quicksort Freeware Speicherschutz Resultant Row (database) Purchasing Web page Classical physics Slide rule Game controller Flash memory Surgery Graph coloring Scherbeanspruchung Twitter Latent heat Crash (computing) Internetworking String (computer science) Proxy server Address space Condition number Multiplication Graph (mathematics) Forcing (mathematics) Mathematical analysis Memory management Line (geometry) Evolute Exploit (computer security) Word Uniform resource locator Computer animation Personal digital assistant Logic Blog Object (grammar) Table (information) Freezing Window
Complex (psychology) Presentation of a group Thread (computing) State of matter Code Multiplication sign Mereology Kettenkomplex Formal language Subset Medical imaging Mechanism design Web service Different (Kate Ryan album) Semiconductor memory Entropie <Informationstheorie> Endliche Modelltheorie Determinant Physical system Social class Area Pattern recognition Regulator gene Block (periodic table) Electronic mailing list Determinism Maxima and minima Flow separation Message passing Process (computing) Buffer solution Self-organization Procedural programming Freeware Speicherschutz Resultant Row (database) Point (geometry) Game controller Functional (mathematics) Sweep line algorithm Divisor Electronic data interchange Thresholding (image processing) Coprocessor Event horizon Number Element (mathematics) Internetworking Term (mathematics) Natural number String (computer science) Operator (mathematics) Energy level Speicherbereinigung Address space Condition number Form (programming) Addition Focus (optics) Key (cryptography) Weight Forcing (mathematics) Memory management Line (geometry) Statute Cartesian coordinate system Limit (category theory) System call Frame problem Approximation Pointer (computer programming) Elementary arithmetic Loop (music) Computer animation Personal digital assistant Network topology Object (grammar) Freezing
Code State of matter View (database) Correspondence (mathematics) Multiplication sign Sheaf (mathematics) Design by contract Set (mathematics) Side channel attack Kettenkomplex Semantics (computer science) Computer programming Web service Semiconductor memory Single-precision floating-point format Videoconferencing Square number Oracle Exception handling Scripting language Block (periodic table) Electronic mailing list Stress (mechanics) Bit Proof theory Process (computing) Order (biology) Normal (geometry) Speicherschutz Speicheradresse Point (geometry) Functional (mathematics) Observational study Electronic data interchange Web browser Internetworking Operator (mathematics) Speicherbereinigung Energy level Integer Data structure Proxy server Address space Dependent and independent variables Information Memory management Leak Word Pointer (computer programming) Personal digital assistant Blog Pressure
Divisor State of matter Multiplication sign View (database) Web browser Rule of inference Frequency Mathematics Goodness of fit Causality Semiconductor memory Different (Kate Ryan album) Single-precision floating-point format Videoconferencing Energy level Software testing Integer Address space Oracle Exception handling Module (mathematics) Dialect Demo (music) Block (periodic table) Reflection (mathematics) Electronic mailing list Memory management Bit Cartesian coordinate system Limit (category theory) Arithmetic mean Process (computing) Computer animation Freeware Pressure Speicherschutz Speicheradresse Window
Axiom of choice State observer Code State of matter Multiplication sign Set (mathematics) Side channel attack Array data structure Mathematics Semiconductor memory Entropie <Informationstheorie> Negative number Endliche Modelltheorie Information security Modulo (jargon) Exception handling Physical system Vulnerability (computing) Scripting language Structural load Sound effect Bit Maxima and minima Web application Process (computing) Buffer solution Website Quicksort Freeware Speicherschutz Speicheradresse Web page Mobile app Web browser Thresholding (image processing) Number Internetworking String (computer science) Energy level Selectivity (electronic) Proxy server Sequence diagram Address space Condition number Module (mathematics) Multiplication Information Quantum state Memory management Cartesian coordinate system Exploit (computer security) Kernel (computing) Voting Computer animation Integrated development environment Personal digital assistant Interpreter (computing) Object (grammar) Pressure
Point (geometry) Game controller Randomization Multiplication sign Mereology Dimensional analysis Metadata Element (mathematics) Number Array data structure Goodness of fit Virtual memory Internetworking Scalar field String (computer science) Information security Address space Partition (number theory) Mathematical optimization Condition number Default (computer science) Dialect Quantum state Moment (mathematics) Memory management Bit Virtualization Limit (category theory) Cartesian coordinate system Exploit (computer security) Flow separation Compiler Type theory Uniform resource locator Process (computing) Spring (hydrology) Computer animation Data storage device Buffer solution Video game Object (grammar) Thetafunktion Speicheradresse Window
Slide rule Randomization Code State of matter Multiplication sign 1 (number) Control flow Coprocessor Computer programming Element (mathematics) Goodness of fit Crash (computing) Array data structure Mathematics Semiconductor memory Scalar field Entropie <Informationstheorie> Proxy server Position operator Vulnerability (computing) Exception handling Structural load Memory management Bit Cartesian coordinate system Exploit (computer security) Type theory Proof theory Computer animation Personal digital assistant Configuration space Right angle Pattern language Escape character Pressure Speicherschutz Freezing Window Resultant
Computer animation 6 (number)
the who at the time a a a a home and if get the height the battery this is using Salomon additions understanding Internet Explorer weaknesses in Internet Explorer is isolated keep in memory protection mediations go out resources and that right in so today we're going to go over a comprehensive set of research we did uh in May 2014 a related to the isolated keep in memory protection mitigations they were introduced to make you a half exploitation harder on Internet
Explorer it'll cover several attack techniques against isolated heap uh some surgical tools to use it against memory protection along with the details in a radius or bypass that where I was generated using memory protection there will follow up with some with the recommended by the defense is that we provide Microsoft this research uh was awarded 125 thousand dollars from Microsoft bounty program it still is the highest payouts from the Microsoft family program it also included the 1st payout for their defenses side of the bounty program and we're go over all those details today so quick overview i will work
for HP Zero Day Initiative program it's the world's largest vendor agnostic about bounty program and we focus on purchasing vulnerabilities for researchers from all over the world we focus on getting this those bugs fixed the research on advanced exploitation techniques and Brian gone so high shear run this year Danish Initiative program uh might spend most my time doing root-cause analysis on cases that come in doing the internal inability discovery uh also uh organize the pound hacking competitions around the world the and and because of those those jobs they get to work a lot with page he's legal organization that specialist at a loss and stuff like that and doing condone is a lot of a lot more fun than it used to be and then the irreducible but from a dual atmosphere working for a video I mean working for its we can it for the past 2 years uh I do a lot of course analysis and by discovery I'm I'm Siemens of or on an on Twitter on text kitchen and I'm with CDI with them for a little over a year I do a lot of work with Internet Explorer yes so it should be no surprise to anybody in this room that use after Freeman abilities were very popular choice for attackers were targeting getting on government websites and people who were visiting their sites and and using them in watering hole attacks and but with which you see here on the slide is a bunch of CDs at work being used public we're known about publicly in really something had to be done every single year month it seemed a new attack was coming out it was leveraging the use of free and internet explorer and finally Microsoft did do something in May 2014 to make attacked uh attendees at the free abilities a little bit harder and as a result like it seems that attackers have shifted away from these that freezing Internet Explorer and are now focusing on flash vulnerabilities and what so what exactly happened 1 MS this and 14 0 3 5 the introduced isolated heap which will of dog over the end of the month following that the interviews to memory protection which which was a nice introduction to export to make use of to freeze hot exploitation the side effect that had some really was it made it II to research again we're receiving a lot of 0 um use a free vulnerabilities in into the 0 Danish the program and was pretty much you know you you pick the website and use after free happens relatively easy to analyze relatively easy to exploit and this gave us and made it more fine Jacksonville analyzes cases little more complicated the so this is the 1st time we've ever actuation some of our submission trends into the program in you're kind of over 2012 or 2013 knowing that you know in the teens gonna coming into the program every month and vulnerabilities Internet Explorer and we see a spike in early 2014 is because researchers all around the world uh word developing Don fathers and basically sending the output to us her for purchase as we can have for several months there were doing about 40 cases the high thirties every month analyzing purchasing its meaning to Microsoft can you see in mid 2014 the account of that drops and that's when isolated heap in memory protection came out the final leveled off around 25 um 0 days and chemistry a programmer every month so that keeps us busy i is 1 of our main main sources that talking about the research time I know before we dig into the attacks um you can see all the key dates related to the research and I think so the more important it is we had isolated heap have proof concepts generated basically in under 10 days of post patch the same with this surgical tools arena use against memory protection and in in the cases where can be used were developed in and in under 10 days and we had our 1st working so a bypass for uh against memory protection using memory protection in early September on we were awarded the 125 thousand dollars in November it we have waited too not disclose any the details all worked out payments to charities we donated all the money that your rare 1 from the bounty program 2 3 stem organizations at to encourage research and engineering and then made the public announcement February the 2 enabled Microsoft came to us and said that they would not fix the issue the issues that we discovered it would not be using any of the uh recommended offenses that provided so here we are sitting today every recon releasing all the details and all the Prufer concepts that we with provided so will talk about where to get all those at the end the presentation can someone handed over to a
bill is gonna go over all of the research related ties isolated heap of isolated he was introduced in June 2014 so back then we is that there's a new he created with a created EPI Windows API um so basically the main purpose of the isolated he was and allocating a lot of them objects moving them to an isolated region basically providing some kind of separation of the collocations icons the type of vocations um this was really interesting from contribute because it made make things harder as the classical ways of writing freed objects like using strings that would not apply anymore follow them objects because they have been isolated moved to a separate heat and and the classical string allocations are kept in the in the process and so basically just like any other mitigation Isaac alluded here is not is not perfect and basically it does a good job by isolating them certain allocations but at the same time it allocates all the objects and all of the objects or most of them objects in 1 he um so basically an attacker 10 3 1 of these objects and then all of them already with whatever he wants whenever type who want so they could basically this this makes it clear that visit a by confusion issue here um that thank you can also write that object with with another object of a different size it doesn't have to be of a specific to the same exact size so it can be smaller or bigger so that taxon isolated here are very specific uh make but specific and basically is highly dependent on docid being referenced at crash time um the so most of the tax that I'm going to be discussing in my next slide um will be related to the type confusion issues and and other miscellaneous and so the 1st type of discussing is is the line delegation attacking basically it's it's a nutshell just like you have have a free as object you create a new allocate another the logic of the same at the same exact spot and model the challenge here is that when we're paid off onto the with with actually allocate instead of that object um this guy or this attack and works well when you have when you have a blog that are just a few that actually references a high offset uh so basically you can always choose or find another long object that you can make controls at an offset so that like high offsets taking values are have partial control of I am status at that time working properly we need to put to the evolution of fragmentation here um so the use for that is that we're probably going to be allocating the objects of different sizes so no 1 end up having these locations and different bucket so when I have it on the on the same exact bucket so the simplest way to achieve this is the maybe not so we have to trigger um something condition that you have to to to to free that specific object then I in case when allocating big object we have to trigger and like aid in order to free multiple chunks multiple free chunks um later on we have to call us all the features together in 1 big chunk then we have to space at an object or a place that specific object with whatever object we want but we can do that with a bigger object you can with a small object does matter depends where they say we have and and finally is Skandia like reusing jiggle the use so this is this is my fancy graph here that shows the relative to their object and um upfront never see Don textile without isolated musically in this specific example and the see Table row um few happens on that specific objects and then what we did is we overloaded with a seat on text and um so the reason why we chose a you on text is that in that specific case the bug was referencing any of 30 and this you on exclude contains an interesting value of 50 that we can partially control the the so this is a bug dumped it said before and after basically a clear it so that its Diderot before being freed and and over there and later on we're going to see on text and um highlighted in yellow is the offset that we're targeting so basically sit on text contain at that specific out of 4 uses it as Europe uh uh literally which is which can be strange so basically we partially control that um after so this is this is the crash time so when we have a successful right and then we reference everything we're going to have the across time it's if using forces as a as can so from their an attacker can spread that address and then control of folks kitchen so the 2nd attack the color discussing is aligned allegations decoking basically the line thank technique works well for high offsets about uh I think is we have an exhaustive here the difference is a lot of that can be kind of problematic um because you have a lot of choices that comes to dominate that we can all right away and and have a specific low offset so we can control of partially controlled um so basically the idea is if we if we have it in an object that's located at that say address accident we have to probably for indications of excellence and um and then we can have 1 of the objects that X minus and being aligned against origin object and then we're going to use and we can have enough to of from the middle line so this simple steps are and basically influence and the heat to coalesce us a lot of chunks together and then have like in 1 big feature and later on we have to spray random objects inside that the feature but in a way that we can have 1 of the objects is aligned against original object and later on we're gonna triggered the reviews and have have a different something from them is aligned object so again this is this is my fancy graph here uh basically has to give role um Frontinus at the bottom but an object but I live again there's this by targets that it's a object uh basically what we did is we freed a whole bunch of objects coalesced all the features together in 1 big chunk and then sort is being random objects and then at a specific spot we had the sea bottom aligned against the original row basically done the referencing enough from the you what row so basically if you if by differencing let's say offset um acts from to the role you again have a differencing something different so the same sort of fantasy but the so basically lead to dissimilar as they've been in a way to produce the same exact free and chunk of the same size every time and then we're gonna have to spray with random objects basically and in my specific example we had we were able to stabilize the heat with a specific code it's it's not some genetic code to always um produce free chunk of the same size that was like book specific it right every time um
investors example we had EDI pointing to the middle of the other 3 chunk um and later on going words and efficient is of size and attended was always producing the same 110 uh freedom so as you as you guys can see this is across time and PBX come from comes from EDI basically EDI points to the middle of a big tree chunk size and it and later on we're going to see um like when when we get control of the system that we were able to stabilize a way to give us like the same feature chunk the same size every time then we would actually sprayed with a with a bunch of objects in this specific example we chose applications to target the like to have a misalliance see what object because it has a certain offset it contains a value that I can I can spray um we we can do with a bunch of ways we are to do with the but in some some 1 can argue that they can do with that area and then set and coordinates and you can have have working but the idea is here just to have a miss Aligned object against object this language model uh so this is a crush on uh basically we had an EDI and plus 1 c pointing to 1 2 3 0 0 4 0 0 it plans on that specific value which is an offset of the alliance the button object and as a gets can canisters this value can be straight easily and then we can gain some control so I'm not so just to wrap it up and isolate it does a good job leading certain DOM objects from other publications and it's not perfect still have a lot of confusion issues and so have issues um attacking isolated he um depends on several factors and it's it's it's more about specific we have to avoid for magician you as much as possible and they're depends on on on DOS being difference so i'm gonna give it back to Bryant to discuss memory protection I prefer the the memory protection was introduced in July of 2014 Indians in months after that uh I think that the patch the month after that they made some improvements to memory protection the what we noticed in Xi'an initiatives were analyzing cases and when that July patch came out we started to see that the cases that we had purchased yet uh were turning its null pointer the references which was really interesting to us since we take more into that we found memory protection uh messing with the use of the phrase that we're looking at so we have to figure what what exactly is memory protection a protection is a delayed freeing mechanism inside of Internet Explorer in its purpose is to prevent blocks from being allocated when they're referenced to either on the stack on processor registers keeps these blocks is zeroed out states so that the unusable and adds it to wait list in every so often the reclamation process will occur they will go through that wait list of objects and freedom at the heap manager level so the way they actually implement this isn't instead of calling it a heat free on these objects they would call protected free on these objects instead the so we can indeed understand how the heat have a protected free function works so the 1st thing that it does unprotected free is called is it checks the weight less dense and checks to see if it's full if the wait list is full the it will go ahead and process the reclamation sleep cleaning up the objects that are no longer referenced who after that he will add it to the air that blocks to wait lists and will 0 out and return it to am returned to the user if the way list is not for which is the case almost all the time the it will check the aggregate size of the blocks on the wait list if the aggregate side is size over 100 thousand bytes it will then perform a reclamation sweep and the block to the 0 it out and returned to the caller if for example the the threshold has not been met it whether blocks away it was about performing reclamation sleep to it was 0 the block and returned to the caller so we look at this the most important thing that we need to know about this function is we can ignore the 1st check is an attacker could we have control of what protected free actually the allocations that are going on and in a focus on is the 100 thousand bytes threshold and what are the most important thing to know is that the reclamation step sweep always occurs before the block is and new block is added to the list and that's a real originally around were trying to free uh at them he manager level certain use after free conditions so what what exactly is the recognition process what this that so is that wait list which contains an entry for every block that has been requested to be deallocated in that entry he got the blocks base address you have the block size and you have a flight terms whether some isolated he was a process he it will iterate through those entries on the wait list the and check the check to see if there are any references to that object on the stack it will check to see if there's any references to the object in processor registers and if there is the block is weight listed there it continues to be weightless it's after the reclamation sweep the block will still be there are still be 0 about still be allocated and can be used by the attacker if the references don't exist then we have to do with the article be freed of the heap manager level and and release that so in the cases where use of any use after free were there does there is a reference on the stack on a processor registers the and have a memory protection is highly effective it will keep those blocks allocated to that you can't that is something underneath them and reuse them in a malicious way so the and the but is that subset of use after freeze that part reference anymore but they're still memory protection is still about changing the way that the application she operates and so it it causes them some challenges so what are the challenges that memory protection presented attacker free the subsidies other freeze that are not that are no longer being reference so 1st is that the the deallocation delay this is because there is a that reclamation sweet there waiting for to perform before it actually deallocated next there's several non deterministic nonattainment isn't uh that that exists because of memory protection 1st is the nondeterminism produced by stacked will calling stack junk which could be a non pointers or stale pointers that are left over on skin stack buffers that are not clear the former use images so happened that this stale pointers for values that are on the stack will 2 point into an object that you want to be allocated but because that statute exists the very protection will not free that object there's also complexity terming deallocation time due to the number of objects on the wait list so so the timing could be off along with a complex he manager behavior I to reordering ln of the way which was
unstable stack conditions and you kind of need for certain you that you situations the so what can we do while the 1st elementary attack technique is just the generic memory pressuring loop has been used in use after freeze for a long time to force garbage collection were we'd allocate over 100 thousand bytes worth of objects and then we would Freedom Force reclamations in cleared out but definitely defeats the deallocation delay challenge but it doesn't stop the nondeterminism challenge that exists due to memory protection the when we submitted this paper back in October 2014 there was an unconditional reclamation step when of the over uh the BND Proc was entered the service and the service a message on the work of threads main the and when the in practice actually entered the this unconditional regulations that post last September 2014 uh was rendered non-functional by Microsoft and so the syntactic it no longer works which is basically to delay execution of exploi until that that event happened in unconditional reclamations now use after freeze present timing based in so you need to know that this doesn't always work but because Microsoft basically rendered it nonfunctional uh it really doesn't matter but for record there so what wanna do we wanna be able to remove that non determination uh we want to be able to the lady allocation time so what are we gonna rely on organ rely on the fact that memory protection 1st checks the size of the weightless and before before Prufrock forms a reclamation sleep and only afterward says add that current block to the wait list so when you call protected free on block and address it will deftly not be reclaimed on that call but it will definitely be on the waitlist when the call is complete so leverage that fact to of nature we can organize our calls in a way that will guarantee that we deallocate block a block that we want to uh using these after free Ross rely on the fact that the isolated and that the it is a matter which he the of it is on it down it to be an isolated he or the processing so step 1 we wanna be able to prep the wait list I'm remedy this by finding a method to trigger arbitrary sized buffer allocations so when we find that method will allocate a buffer of 100 thousand bytes will then free that buffer which because the way because the wait list because of protective free in the way it operates it will add that block to the wait list at this point we know the next time we call protected free it will then free of the blocks there can be ready to be reclaimed the Tennessee that's the state of the wait list the point we have a books set of blocks of X on the waitlist that are waiting to be freed if they're not referencing more than as a block um of 100 thousand bytes that guarantees we hit the reclamation step on the next hole of protected free so we're going to trigger another block and the purpose of this the steps is to get the wait list into a known state in approximate size disorder triggered the allocation of a block of size F the wearing a free that block was protected free will be called on that object the recognition step will put the performed because we reach that threshold of 100 thousand bytes it will go through and iterate through the wait-list freeing any block that's no longer referenced by the application the stack the process registers and wh also free block aid which will bring the wait list into a consistent state and it can a good size after all the frame is done it will add block B which will bring that we wish to consistent size and at this point we have a good idea of what the wait-list actually looks like so next we're set up the freeing of block C which is that the object that we want the former use after free attack on in our purpose now with the steps is to cleanly deallocate block C with the minimal amount of additional heap operations so the talk we we free objects see which calls protected free we no longer are over the threshold so it adds that blocks the weightless then we allocate that 100 thousand by block the free that block but because they're not at the lists were not at the threshold yet you added to the wait list we will then allocate another block which will put this over the weightless and trigger the reclamation step on the next call to protected free at this point we call free on on object key will be freeing objects see an object D and reliably we know then exactly when were able to deallocate but objects see we can then use isolated he techniques said some of the bill talked about to perform use after free attack against subject C the dancing what the way this looks at that point but we need a method for arbitrarily allocating objects and arbitrary freeing objects we can't really rely on systolic string assist free string-based string buffers and because they don't use protected free and that's what we need so in this case Easter comes straight in MS HTML and we can use the DA method get elements by class name and in that method it will orbital uh create is uh it's Easter using a string value passed in and then later it will deallocates using protected free that string that's organ use for the arbitrary allocation and deallocation of objects and manipulating the the weightless and memory protection to do this yes yes depriving procedure against the the DOM object will talk about in a 2nd I really the only limitations to this is the fact that there is a limitation on the size of the object the smaller stuff or you can use is Easter is 56 texts but there is no upper limit so we can be guaranteed in hit that threshold of 100 thousand bytes and that check inside of a protected free so what is the code look like this is this is it's pretty simple 1st are going to create an object had uh and other DOM object or in a call the primary procedures basically calling it elements by class name with the string that you're going to use later in keeping a reference to the returned value than any other subsequent call to get elements by class name using a string or reliably allocate a seester a size in deallocate that that same object I'm using protected free as a result we do now take the steps that we laid up previously to reliably deallocate an object that is not a completely uh mitigated by memory protection 1 so will show you a video of OK uh 1 of the pruvot concepts that we provide Microsoft of 1 of the cases that we had submitted to 1 of a researcher cases that we took to controlling the register basically it's using that the elements by casting technique to reliably deallocate that object and then using isolated he techniques of the line allocations that Bill talked about 2 to control the registered the purest the that Diamond handed over to Simon
and he will go over by passing is a lot of and also all the recommended offenses the OK on this section we're going talk about how we were able to abuse memory protection to get a bypass of ASOR so after I got comfortable with these techniques of making precision modifications to the Member Protection state I went back and started thinking some more about something I written a blog post by Ford and answers are back in July of 2014 I'm and 2 paragraphs that blog post on back 2013 Dionne showed how conservative garbage collectors used by script engines can be attacked to leak information about sleep addresses and so does memory protection and provide a new service for a similar attack the at an interesting idea so in a sense of never protection acts like conservative garbage collector freeing the allocated memory only if no references are found on the stack the that this means that it might be susceptible to an attack similar to the garbage collection attack done by the of but the key idea here is that when memory protection examines values on the stack but it doesn't understand anything about the semantics of those values a treats each keyword as if it is potentially a pointer so if we like we can plant a chosen value on the stack and that memory protection will interpret it as a pointer of memory protection will then exhibit different behavior depending on whether or not the integer that we chose corresponds to an address of wait list in memory but here we see a out block of memory that is weightlessness so outlets so we planted integer value on the stack end up then trigger the memory protection reclamation routine so if the integer integer that we planted corresponds to an address anywhere within the block and then memory-prediction will respond in 1 way ends up by keeping the block on the list so but if the integer we planted is not within the list block then memory protection will behave in a different way and it will d allocate the block so it's starting sound like we may have a way to reveal information about the layout of the address space we can repeatedly guess and address planted as an integer on the stack and get never protection to behave in a way that reveals whether or not we have correctly guessed the address of a certain targeted block in memory but in other words we have an oracle or do because at this point is still a very big problem let's take a look at the programmatic contract that exposed by memory protection when that aside from that deal well modification which is not something that gets called during normal program operation and the protection of not ever return you a single piece of data from any of its methods and that's a problem this we can influence memory protection to of you based on whether we guess the correct address or not but but to have an oracle that we need to have the ability to read some kind of a response back and member protections API gives us absolutely nothing FIL out but this means is that we need a side channel so when I was thinking about this the 1st thing that came to mind is that maybe we could use a timing attack but this something else came along that was the summer of 2014 and in some cases starting school study coming into i z EDI that were kind of unusual but we're seeing proof of concept code that would expose bad code pay in the Internet Explorer by subjecting the browser to memory pressure the code do some linking moved doing repeated DNA manipulations also consuming memory then at some point when at space was that nearly exhausted in memory allocations were starting to fail a code path would be triggered that was vulnerable I was striking how a reasonably reliable trigger could be constructed in this way but you know the browser process was under a set of high level of stress that I started think about the idea of operating the browser in a regime of high memory pressure it's relatively unexplored territory what kinds of things can we make happen it struck is interesting but something else I noticed was that when script request operation that requires a heap allocation and deallocation fails due to lack of available memory the script receives an out of memory exception here we have a way for attackers script to detect whether an allocation was a success or failure of what needs to check the exception in here's the crucial insight square can detect whether an allocation succeeds or fails and whether it succeeds or fails as a function of the existing state of the In other words JavaScript kind of memory exceptions are assigned channel that reveals information about the state of the heat and that's exactly the side shall we need in order to get information back from memory protection but here's a high-level view of how we consult the memory protection or but don't be concerned about the exact details on the get that to that but just a bit later for now let's appreciate the high-level structure of order video say we have a block of memory on the Member Protection wait list and that we wanna consult the oracle to determine whether a certain address x is an address that falls within the block but we plan to X on the stack as an integer and we know we do something that triggers the reclamation achieved it in response memory protection modifies the heap in a way that's dependent on weather x points within the targeted block how do we find out held memory protection has responded we attempt 80 heap allocation that is designed to either succeed or fail depending on what memory protection has gone into the heap then by checking for the presence or absence of an out of memory exception we can make a deduction about how memory protection is behaved and then this reveals the answer to whether x was with that the target a block of memory that here's the whole chain of deductions we make presence or absence of an out of memory exception tells us something about the state of the heap the state of the tells us
something about how memory protection behave and help reflection behaved tells us whether x falls within the targeted block that's the high-level view clearly to actualize all this is going to take some pretty careful setup which is the thing going back to something it mentioned earlier once you start thinking about what you can do in a regime of high-memory pressure some really interesting possibilities opened up but before going any further though I'd like to refine what we mean by high memory pressure it's more subtle than just piling on lots of no pressure until there's almost no memory left but 1st of all it's not really available memory we're talking about it some availability of address space In a 32 bit process on the limiting factor that's going cause allocation failures is not memory exhaustion its address space exhaustion and so the next thing to note it is possible for allocations to fail even if there is plenty of address space of it all just depends on how large an allocation you're asking for but also you know it's not the aggregate amount of remaining address space that matters it's whether a large enough contiguous free region can be found so let's refine our idea as follows operating the browser in a regime of limited availability of large contiguous regions of free address space so let's play with this a little bit I suppose we spray the heap with 1 megabyte allocations until all the address space is consumed and then we free 1 of those 1 megabyte blocks what's left is a 1 megabyte hole and that whole is going to be the 1 and only contiguous region of 1 megabytes of free addresses we can actually can be lots of smaller holes also and it doesn't change the fact that that we have exactly 1 whole that's 1 megabyte but if we now we go back and we make 1 more 1 might 1 megabyte at an allocation as we know it will be placed right in that whole but that's not place ConfED I we can actually keep doing this over and over allocating a 1 megabyte block and freeing it by allocating 1 megabyte block inferring and every single time it's could be allocated in exactly the same place so know won't happen if 1 time we try to make that allocation but failed what what would that tell us well what could make that happen slow when they could make that happen if look is it some other allocation went up in and came around up and that Alan occupied at home but but that you know what silicon rule that out because we know there are no other the allocations going on so dumb so what i tell us how we might be able to conclude that what happened was that the last time that we freed the 1 megabyte allocation it never really got free because memory protection was holding on to it think we have a way of telling whether the whole is free or occupied by trying to make a new 1 megabyte allocation and checking to see if an out of memory exception is thrown alright that now we have all the main pieces and placed to make an attack possible so 1st we prepare memory so there's just 1 large contiguous free region 1 megabyte size kb any size we like on we're gonna call that the whole or the region what we're going to try to do is use memory protection as an oracle to determine where that hole is in memory but so did gas and address x and we want to consult the oracle to determine if x falls within the whole 1 way to order those 1st make 1 Malcolm abide allocation so now the whole is occupied and next we're going to free that that allocation meaning that it gets passed to protected free and protected frequency allocation on the wait list for as the Windows heat manager is concerned the memory still allocated automated plants x as an integer on the stack and wall X is there on the stack would do something that triggers memory reclamation I know what happens next depends on whether x falls within this 1 megabyte address region or not if x falls within the address region then when memory protection performs reclamation but will keep this allocation on the wait list and it won't free it on the heap manager level or otherwise if x doesn't fall within the region that Member of memory protection will remove the application that the base allocation from the list and invoke heat free which completely deallocates that book to so what this shows the 2 possible states that we can end up in if x falls within the region and then the whole space occupied out but x does not fall within the region and the whole gets opened up so last up to the tell which of these 2 states we just ended up in and all we need to do is make 1 more 1 megabyte allocation if it succeeds we know that the whole got opened and this means that x wasn't within the region but if we get an out of memory x and then we know that the whole state occupied which tells us that X. falls within the region now we have an answer from the Oracle and I then by repeating this process with different values of X are we can use the oracle to find out exactly where this 1 megabyte pole is memory Feb now to go back to this idea just more time when we operate the browser in a regime of limited availability of contiguous regions of free address space are the new possibilities that or wise can be quite interesting and actually gonna lead us to what we can do next as so for what we have is a way to prepare the address space so there's just 1 large hole of available addresses and but for the of the size of our choosing and then to use the memory protection oracle to determine the exact addresses of that whole so how can we make good use of disability what can an attacker to gain from knowing the address of a hole in the address space we can load a module into it we can start by creating a whole that's exactly the right size for loading a particular module then using the memory protection we leak the address to the whole finally we cause the loading of the marginal gets loaded exactly at the beginning of a whole because that's the only place which going to fret so it actually has a lot by test and it was really efficiently and reliably within a show a demo video here will look like to run them this is a fully patched II
but let them over there chance that yesterday but the when did not check then yes but
yeah narrative they say is that a lot of fun and would start out looking like something was non exploitable turned out in the end to be a reliable hassle or bypass and the key insight that made it possible on is that the JavaScript out of memory exceptions or a side channel that reveals critical information about the state of the heat I don't think it's been recognized before and there are really interesting possibilities that open up when you operate the browser under memory pressure OK so a we've made several recommendations to Microsoft ways that we can improve isolated he and every protection to Horton them against the attacks and discovered on in regard to memory protection of seeing how in various situations the attacker can benefit from the ability to make precision modifications to the state of memory protection and we've even shown that this leads to a breakdown of s a lot time to make memory protection resistance to attempts to normalize and control its state and we make that recommendation recommendation to remove memory protection from 0 Ray and for allocations means of every protection applied only to scalar allocations of our rationale is that 1 almost never finds an exploitable use after free condition in Internet Explorer where the freed object is in a array or a buffer on very rare occasion we have seen UAF cases submitted to as day initiative where the freed object to some sort of string data of in every case on the SIFT turned out to be non exploitable conditions and that since you weigh apps of arrays and offers an internet explorer or rare to nonexistent the benefit of applying memory protection to these allocations is doubtful on the other hand we demonstrate out to be a very significant benefit to an attacker with therefore fulfill that Member protection will be stronger defense if applied to scalar allocations only the our next suggest that pertains to strengthening a AS a lot on taking a look at how we got a lot of fail on what you can notice is that the attacker was able to violate 1 of a hassle as assumptions by preparing the address space in a particular way and you don't I still be made a similar observation when he said thinking about security mitigations like that in a hassle are designed for server-side code doesn't work when you give your attacker an interpreter so I feel like a hassle or needs to be strengthened for the browser because the browser is inherently more hostile environment from here's the particular assumption and therefore makes but when it chooses the load address for a marginal from among the set of possible load addresses that this random choice will exhibit a significant amount of entropy but an attacker can break this assumption by radically narrowing the set of possible load addresses before the module loads up a recommendation is to enhance a s a lot by adding an additional check before loading a marginal the this check is to ensure that there really do exist a multiplicity of addresses at which the requested module could load before actually performing the random selection of a load address 1 if the number of possible load addresses is below a certain threshold the model load should fail since under the votes loadings the model under this circumstance could significantly weaken the security of the entire process ideally mitigation would begin implemented at the kernel level and it could be made as available on an opt in basis for executable such as browsers which are a more hostile environment as we mentioned the it would also be possible to implement this mitigation in user land code at the application level by putting the relevant system calls on it a quick site Sequence diagram showing how the entropy check works the application request the model to be loaded kernel examines how many places in memory available for the model to load decides that the minimum threshold is met and proceeds to choose 1 of the possible addresses a random thing was model and returns success to the caller out while the kernel is responding to the module request it locks changes to the address space to prevent a time of Czech time of use tech on another time the application request model to be loaded kernel examines how many places in memory available for the model to load assigned the kernel detects that there are too few possible will addresses the kernel denies the modulo 2 questions fail at the application and the shows the locking takes place during the 2nd request next recommendation is regard to out-of-memory exceptions are we've shown that JavaScript out-of-memory exceptions or a side channel that reveals information about the state of the heat but although this week bits of information might seem insignificant at 1st I we have shown how it can actually be leveraged to great effect but it should also be mentioned that out of memory exceptions are greatly aided the attacker in setting up conditions of memory pressure that more needed for our ASL Laura bypass attack as well as triggering other vulnerabilities that were dependent on memory pressure we therefore recommend considering eliminating out of memory exceptions and script so when an allocation fails due to memory or addressed space exhaustion instead of passing an exceptional descrip code where it can be handled the conditions should be considered as fatal to the process or at least fatal to script execution within the process this seems unlikely to having significant negative impact upon legitimate web pages and web applications finally we recommend that taking guy select that that
i so heat to the next logical step by creating the additional separate heats ideally 1 could have a separate heap for each scalar type this would bring to great benefits 1st I use if the free condition could never lead to type confusion since every type is confined to its own he secondly since each heap consists entirely of objects of homogenous size of this alignments will not arise actually this last point is made trickier by storage of C + + arrays because that C + + arrays can introduce this alignment because when an array is stored in the individual elements I don't have to keep metadata added to them way that he metadata is added to the individual scalar allocations of M plus the C + + compiler answer metadata of its own onto raised to store the arrays dimensions that actually possible to use C + + arrays to introduce this alignment in the heats up however as we've mentioned that exploitable UAS In upper arrays and buffers are extremely rare in Internet Explorer so we recommend just leaving all array and buffer allocations on the default he are instead and if we do that it's become impossible for an attacker to produce this alignments on the isolated keeps I'm actually this another completely separate reason why it's best to be raisin buffers on the main process he addicted digress a moment to explain why at this something that doesn't get much attention when I so heap is discussed that's about what we could be cold and address re-use attack what's that but consider how ISO heap is supposed to ensure that when a time object is freed then an attacker won't even allocates some other non dom type object in its place such as a spring I so he tries to ensure this other made by making sure that Donna locations and string allocations don't happen on the same he but here's the thing the attacker doesn't care about sheets the attacker only cares about addresses is it possible for the address of the freed object will later on be the address of this reallocation well this would become possible if theta I so he which is the heap on which down object restored sometimes relinquishes control of virtual address space that it no longer needs no the opportunity for those same addresses the later become part of the different he such as process then a spring could be allocated there is this attack actually possible at the currently this attack is not possible his life them the way Windows heap manager works with small allocations is that it puts them inside regions virtual memory called heap segments end up once a particular heat reserves a segment and never relinquishes control of those virtual addresses for as long as that he believes that it's not allow those addresses to become part of any all he on and today the ISO heap is used only for small scalar allocation so it's good but if instead ieee tried to protect Lorge buffer allocate by placing them on the i so he then isolation would be guaranteed on for more allocations the heap manager doesn't use heat segments when the heap manager freed the buffer it would relinquish control over the virtual addresses involved and later on those virtual addresses could become part of the different he of breaking the isolation to it this means for us is it's pointless and using Windows he manages to try to protect offers an raised by placing them on an isolated he on that isolation to be easily broken using an address we use attack on about 1 is best way is to keep a ray and buffer allocations on the default heat and heavy separate isolated heap for every type of scalar applicator allocation and then those up isolated keeps will be completely immune to type confusion and this alignment issues and so by having a separate he for every scalar type is highly beneficial but that the drawback is that may be too wasteful of address space and a 30 right process 32 bit process where address spaces these fears resource other you were faced with the trade off between security and address space usage what we do to make the best of this trade off the wrong Indiana create a limited number of sheets have would make things or it is possible for an attacker using only a limited number of sheets in whatever way we make assignments of pipes to heaps are an attacker who is discovered a UAF on of 1 particular he will try to construct an exploitation of iron type confusion and on this alignment are by making use of the various types of we have assigned to that same he unless we randomize the assignments between keeps and types that we can break the monoculture of keep partitioning and instead we them partitioning at processed stored up time the nice to the attacker the ability to write out a reliable exploit that relies on knowledge of which types are co-located on he and his optimizes the defenders advantage when we make the trade-off between security and the number of people were willing to create on here's how randomized heap partitioning can function at process start-up time the process creates a certain configured number of hits this number should be chosen based on the trade off between security and address space usage then it allocates an
array having 1 element corresponding to each scalar type the application initialization code and populates each element of the array with a heat handle chosen at random from among the available heats then whenever application code performs a heap allocation of a particular scalar type just looks up the appropriate keep handled in the array and uses that he and the same applies to the allocation we expect that randomized keep partitioning will make exploits a lot messier because the types that are needed for pipe confusion and work this alignment are never guaranteed to be on the heat that the attacker needs them to be on exploit reliability will suffer as a result failed exploi two-tenths typically resultin processed pressures up making attacks easier to detect this means that all days in the wild can be discovered and patched more quickly also the attacker gains no knowledge from crashes since a new randomization is done with every processed stored up but in some randomized people partitioning steamers serves to minimize the benefits that the attacker can hope to attain out relative to the cost of discovering UAS and developing in fielding exploits for them so to recap the new defenses we're recommending remove memory protection from arrays and offers strains in a s a lot by making the positive check for entropy in load addressed selection and consider eliminating JavaScript and out of JavaScript out of memory exceptions create 1 keep type in 64 bit processors use randomized keep partitioning in 32 bit processors right so this kind of a little bit conclusion of course we have many years after freeze come into our program we have attacks against isolated heap we have attacks against memory protection and as break so why not put it all together into an export so we did that for the bounty submission so and that most of us have not seen a II exclude before but at the time of so was the latest patched by the and what you're going to see a do is is going to run and break is a lot of the same retry once and then it will did the move the load at rest and then exploit these after freedom of religion the popped out being of 3 changes with 1 of the many uh sandbox escape so we know about in in in IEEE had to do some damage so we are releasing all of the research that we did for the Microsoft bounty program it's actually upon get have right now I just checked and we've released a white paper that we submit that we submitted to Microsoft's uh we have a proof of concept up there for the memory protection isolated heap stuff that we have and that we have put a slower bypasses up that targets a Windows 7 II 11 in the full configuration we also ability Islam bypass that works against Windows 8 1 uh you II 11 into full consideration the true there because they decided not to fix it I'm even though it provided in quite a bit of recommended defenses come so In conclusion of this research a lot of fun and we get to that can of come from another side were usually the ones deciding how much to pay for vulnerabilities and exploits in this case we have put our research up uh to another company to a judge and so the interesting experience we learn a lot going through it I really had a good experience with Microsoft they're dealing with them and in enough so this where we said today is any questions just
at the the so um given technique for avoiding elf h after users in some indeterminate state of browsing the this can be this can you that uh I think there's a generic way to do it but it's only like specific the the so some of the slides Hey uh so those slides red patent-pending are these mitigations so encumbered by patterns and some of them are patent-pending as for Microsoft specifically with the way that the bounty program works the uh and release is rights them to usable the so but that the that it that we have to work at all I my better protection of rare on of my memory pressuring take that does not like to 64 bit processors and whatnot you for your time enjoyed playing with the answers