Breaking Bad BIOS: Attacking and Defending BIOS in 2015

Video in TIB AV-Portal: Breaking Bad BIOS: Attacking and Defending BIOS in 2015

Formal Metadata

Breaking Bad BIOS: Attacking and Defending BIOS in 2015
Title of Series
Part Number
Number of Parts
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Release Date

Content Metadata

Subject Area
In this presentation we will demonstrate multiple types of recently discovered BIOS vulnerabilities. We will detail how hardware configuration is restored upon resume from sleep and how BIOS can be attacked when waking up from sleep using "S3 resume boot script" vulnerabilities. Similarly, we will discuss the impact of insufficient protection of persistent configuration data in non-volatile storage and more. We'll also describe how to extract contents of SMRAM using above vulnerabilities and advanced methods such as Graphics aperture DMA to further perform analysis of the SMM code that would otherwise be protected. Additionally, we will detail "SMI input pointer" and other new types of vulnerabilities specific to SMI handlers. Finally, we will describe how each class of issues is mitigated as a whole and introduce new modules to CHIPSEC framework to test systems for these types of issues.
Presentation of a group Disk read-and-write head Information security Vulnerability (computing)
Dataflow Implementation Presentation of a group Observational study State of matter Code 1 (number) Branch (computer science) Student's t-test Product (business) Lattice (group) Amenable group Social class Vulnerability (computing) Addition Multiplication Moment (mathematics) Bit Instance (computer science) Variable (mathematics) Hand fan Pointer (computer programming) Computer animation Buffer solution Configuration space Right angle Family Spacetime
Point (geometry) Polar coordinate system Trail Context awareness Implementation Building Run time (program lifecycle phase) Service (economics) Open source Flash memory Number Attribute grammar Latent heat Computer configuration Formal verification Encryption Vulnerability (computing) Condition number Physical system Bit Maxima and minima Variable (mathematics) Computer animation Right angle Booting
Scripting language Code State of matter Projective plane Content (media) Instance (computer science) Variable (mathematics) Product (business) Type theory Estimator Process (computing) Pointer (computer programming) Computer animation output Fiber (mathematics) Vulnerability (computing) Physical system Social class
Scripting language Type theory Presentation of a group Length Natural number Gender Core dump Social class Physical system Vulnerability (computing)
Scripting language Multiplication Bit Cryptography Non-volatile memory Word Goodness of fit Pointer (computer programming) Hacker (term) Data structure Table (information) Fiber (mathematics) Physical system
Scripting language Addition Code State of matter Connectivity (graph theory) Multiplication sign Workstation <Musikinstrument> Device driver Heat transfer Opcode Non-volatile memory Proof theory Latent heat Process (computing) Integrated development environment Different (Kate Ryan album) Oval Configuration space Table (information) Booting Information security Metropolitan area network Row (database) Physical system
Scripting language Slide rule Boss Corporation Presentation of a group Touchscreen Information Code Weight Multiplication sign Range (statistics) Process capability index Mass Opcode Non-volatile memory Frequency Configuration space Right angle Object (grammar) Position operator Address space Writing Reading (process) Physical system
Point (geometry) Logical constant Game controller Context awareness Implementation Serial port Run time (program lifecycle phase) Service (economics) Code Flash memory Sheaf (mathematics) Inverse element Non-volatile memory Product (business) Attribute grammar Latent heat Bridging (networking) Computer hardware Data structure Address space Hydraulic jump Physical system Computer architecture Scripting language Module (mathematics) Information Content (media) Physicalism Funktionalanalysis Variable (mathematics) Cartesian coordinate system Type theory Process (computing) Pointer (computer programming) Computer animation Personal digital assistant Octave Configuration space Website Right angle Table (information) Spacetime Asynchronous Transfer Mode
Scripting language Installation art Group action Vector space Reduction of order Right angle Information security Measurement Proxy server Physical system Non-volatile memory
Suite (music) Game controller Demo (music) Code Flash memory Opcode Non-volatile memory Computer animation Ring (mathematics) Software testing Right angle Vulnerability (computing) Booting Physical system
Demo (music) Task (computing) Wave packet
Scripting language Demo (music) State of matter Physical system Row (database)
Scripting language Dialect Computer animation Code Opcode Non-volatile memory
Scripting language Data management Computer animation Demo (music) Data storage device Multiplication sign Right angle Physical system Power (physics)
Point (geometry) Slide rule Game controller Implementation Link (knot theory) Open source Code Branch (computer science) Regular graph Non-volatile memory Number Wave packet Mechanism design Goodness of fit Cuboid Data structure Metropolitan area network Physical system Vulnerability (computing) Scripting language Module (mathematics) Prisoner's dilemma Variable (mathematics) Data management Word Pointer (computer programming) Computer animation Data storage device Table (information) Speicherschutz
Scripting language Implementation Service (economics) Run time (program lifecycle phase) Key (cryptography) Flash memory Set (mathematics) Device driver Variable (mathematics) Non-volatile memory Mechanism design Integrated development environment Personal digital assistant Data storage device Flag Configuration space Window Booting Physical system Social class
Presentation of a group INTEGRAL Flash memory Set (mathematics) Water vapor Mereology Public key certificate Non-volatile memory Revision control Goodness of fit Root Core dump Data structure Booting Information security Computing platform Address space Physical system Touchscreen Translation memory Interface (computing) Bit Variable (mathematics) Computer animation Data storage device Order (biology) Buffer solution Configuration space Right angle Table (information) Booting
Logical constant Dataflow Implementation Service (economics) Run time (program lifecycle phase) Open source Code View (database) Set (mathematics) Theory Number Attribute grammar Congruence subgroup Goodness of fit Different (Kate Ryan album) Information security Proxy server Address space Computing platform Physical system Vulnerability (computing) Default (computer science) Addition State diagram Content (media) Physicalism Voltmeter Instance (computer science) Variable (mathematics) Buffer solution Configuration space Right angle Resultant
Logical constant Sensitivity analysis Presentation of a group Run time (program lifecycle phase) INTEGRAL Code Set (mathematics) Replication (computing) Mechanism design Computer configuration Different (Kate Ryan album) Physical system Social class Block (periodic table) Variable (mathematics) Flow separation Type theory Data storage device Phase transition Configuration space Right angle Freeware Point (geometry) Implementation Service (economics) Open source Connectivity (graph theory) Data recovery Theory Product (business) Latent heat Goodness of fit Natural number Touch typing Computer hardware Software testing Address space Authentication Default (computer science) Validity (statistics) Weight Content (media) Cartesian coordinate system Limit (category theory) Particle system Word Pointer (computer programming) Computer animation Cube Read-only memory Reguläres Maß Password Communications protocol Booting
Web page Point (geometry) Presentation of a group Context awareness Game controller Poynting vector State of matter Range (statistics) Control flow Branch (computer science) Mass Parameter (computer programming) Non-volatile memory Number Mathematics Bridging (networking) Cuboid Physical system Area Validity (statistics) Funktionalanalysis Pointer (computer programming) Befehlsprozessor Computer animation output Summierbarkeit Speicherschutz
Point (geometry) Web page Game controller Context awareness Vapor barrier Ferry Corsten State of matter Similarity (geometry) Field (computer science) Dimensional analysis Twitter Non-volatile memory Power (physics) Estimator Latent heat Term (mathematics) Authorization Flag Data structure Default (computer science) Time zone Debugger Mathematical analysis Physicalism Bit Basis <Mathematik> Leak Befehlsprozessor Computer animation Personal digital assistant Predicate (grammar) Statement (computer science)
Point (geometry) Default (computer science) Context awareness Digital electronics Execution unit Set (mathematics) Insertion loss Basis <Mathematik> Total S.A. Maxima and minima Parameter (computer programming) Non-volatile memory Uniform resource locator Computer animation Personal digital assistant Computer configuration Auditory masking Core dump Summierbarkeit Table (information) Metropolitan area network Descriptive statistics Physical system
Default (computer science) Slide rule Context awareness Perfect group Computer animation Multiplication sign Chain Expert system Non-volatile memory God
Latent heat Greatest element Email Pointer (computer programming) Buffer solution Operating system Parameter (computer programming) Funktionalanalysis Table (information) Field (computer science) Physical system
Point (geometry) Greatest element Game controller Line (geometry) Mereology Computer Non-volatile memory Type theory Medical imaging Personal digital assistant Buffer solution Quantum Summierbarkeit Figurate number Table (information) Social class
Computer file Stress (mechanics) Parameter (computer programming) System call Non-volatile memory Type theory Computer animation Doubling the cube Buffer solution Configuration space Summierbarkeit Endliche Modelltheorie Window Condition number
Computer animation Closed set Videoconferencing System call Metropolitan area network Social class Vulnerability (computing)
Enterprise architecture Slide rule Computer animation Open source Information Software framework Right angle Software testing Exploit (computer security) Vulnerability (computing) Physical system
Scripting language Slide rule Context awareness Information Multiplication sign Sound effect Translation (relic) Product (business) Word Internet forum Information security Vulnerability (computing) Social class
Computer animation Demoscene
the harm that could be do that at the heart of it but if you do that I'm I I I I I I I have them in the lumen a microphone Jacobs so my name is Yuri this is alex but I wouldn't were from the at Yajima dental security working on the former Over the last couple years but it is the presentation today is breaking that buyers or attacking and defending bias in 2015 1st of all thank thank you for coming over here I know 10 o'clock it's pretty early after coordinates so thank you thank so sound Hugo and the rest of the recon providing us an especially thank you to say brothers and for actual listening us talking yesterday during the party so that's a slow the courage to your you switch the party to up listening to the alright so we're actually talking heads here today are and this is the work of the entire team in a lot of a lot of vulnerabilities were formed by the rest of the guys lot of vulnerable is coordinated by the rest of the guys and next was developed for them so let's start but of
today's agenda as will primarily focus on the major on several not all of them the major classes vulnerabilities in the U 5 from and bias discovered in the recent 2 years so will not talk about everything as we usually like to do but but will talk about everything and they almost at the thing in the past 2 years will also convert are discussed the the overall state of the art from a student in the recent from our 2 years including the have been on the lattice can be detected from some of them can be an in including how those vulnerabilities are being mitigated by the industry and so for those of you who are fans of Soviet sci-fi the or post-Soviet sci-fi must decodes here are you there from were based on um books or nobles from Stravinsky brothers and the the last brother Bharat Barrios he died 3 years ago there were 2 years ago and so I'm a fan them so there is a start we
seem to have a little bit of a problem in this area but With the 37 unique vulnerabilities publicly disclosed in the last 2 years by only a handful of researchers look in that space in 37 as you can imagine those are the ones that were you know at the moment and I wouldn't I wouldn't know how many vulnerabilities are being exploited in the wild actively amenable nobility sir found by nation were some other actors so hard in fact more multiple those vulnerability of those studies and vulnerabilities are classes of issues there not a single 1 there not 1 buffer flow there are a class of multiple and issues with many instances present in the Baltic pole-to-pole from a product the for example this mind pointers as Michael outs on war indiscriminate usage of you phi variables which is a configuration for a you this former of main same issues affecting multiple former products at once for example if you've heard you might have heard about the history was Cretaceous if you buy variables again as issues with this land if there is 1 issue in 1 product there there are likely to be multiple of them were even many of them in the same product in looking at the back of the stage because I once almost all of the stage you're talking so yeah any you know the the basic things like I'm missing right protection but right protections on the bias of former so I In addition there is a reference to a branch for the value of Y former uh indicate to branch of the issues in the UK 2 branches are being discovered and they might have found their way into the final products you might be uh taking him from the reference implementation or they may find their way into the future products as well as on and as we all of us all know how a dating from is not RealTravel thing to do
so these are the issues of desertions primarily a discovered in 2013 2014 of we started looking at the at the vulnerabilities of basically in the context of a by passing on something some secured it acknowledges the building on top of 1 of the new 5 former or or the buyers like full-disk encryption systems with 30 PM or a secure booting of the aware so we found a multiple those and the um that would allow bypassing secure but for example jointly with other researchers from let's say like book or not in others so then then there a number of vulnerabilities were found to associate with their you 5 variables including 1st bypassing secure birds then essentially making system unbelievable or breaking the system through the 5 variables on then the number of vulnerabilities were found in the of India of capsule date for a summit specific systems of a number of vulnerabilities affecting by right protections like for example the US my suppression attack 8 worthy of uh this spear a spare which were found by Ludwik work then are at some point in 2014 but we had with a good look at the preference and open source reference of implementation of together with other researchers and from the number of of all the bears vulnerabilities there including I things like that capsule the vulnerabilities found by like book or the the the issue with you fly variables where I someone can bypass the but services only protections of the year 5 variables and reinstall that uh that that variable with the runtime attributes of a number of issues related to to the variables number of issues related to on to the as my handlers including race conditions and the end of each year as my handler over right we'll talk about those in the uh live later of adding verification and the say which is you know the base for of the scribble tracks and other checks the other signature-based checks and the
2014 2015 you so the the the the the trans continues that's there there are quite a few issues being felled more and more researchers looking at that you can see that the the discover column now has a bit more names and ends up with issues being discovered not only on PCs systems but also on on them have no on max from for example the i if i option ROMs discovered by the travel handsome and actually the based on the area former but it's covered fear and and the recent of recent problem with the flash being unlocked on Mac suffer of free of the system revert resumes from sleep so the
primitive preliminarly could preliminary uh conclusion to that is your system is definitely maybe a formidable to the bias vulnerabilities
so how do we solve the problem 1 way to solve the problem is like this but so we know where this ends me that that is not the best way to solve in this industry where problem that's why we're we will talk about some of the classes of those issues which affect multiple products and typically have multiple instances in each project will focus on 4 types of vulnerabilities 1 of the recently discovered issues associate with of the bias trying to work I when I say bias doesn't necessarily mean the bias and legacy Kermit me many in the existing you 5 is for war you fibers from I didn't so when the bias is receding from sleep state and you put the system to sleep and then resume then there are vulnerable associa associated with that process on the in the 2nd class of vicious is the attacks through you 5 variables which seems to be very prevalent on on a lot of systems attacks while the so-called buy of bad were poisonous some might include pointers which result into a code execution in this memo to in attacks while the as might call outs which also result in Canada Gaussian estimate I did a you know I a I name does all of those vulnerabilities of for those of you who like names as 3 sleep resume with script but buys variable contents as my and the input you can see hashtags or the last 1 is this bold seriously had to be gone long ago so let's
start and many you have sleep problems well if you well many more of you have sleep problems I believe so let's talk about those 3 problems attacking why this 3 resume was great which is sleep resembles scripts all the issues in in that class our it happened during system waking up from sleep
off so there's a there's a see for some the those issues they have a whole type of issues 1st those Freddy Krueger vulnerabilities but were independently discovered by and and researchers other researchers for for all of which you from from and like the core researchers so what are a fallen quarry talked about um of those issues from last December and they have a white paper and a presentation and then the details that the the PUC exploit was detailed develop gender and described at length but by natural exuberance In this and also recently recently page of a lot of lot of just of pronouncing correctly so was a name from related vulnerability in in Mac if I firmly where flesh walk is getting lost upon returning from sleep
the so what is the what are those problems on how long explain a little bit more details about words resemblance cryptos but 1st how to find it have resumed but scripts is can be found on some systems especially vulnerable systems in a unified there will call speckle will there will it points to structure in memory which contains our another pointers pointers pointers to other structures that the year fibers this former typically uses when it resumes from sleep and 1 of those pointers is is the prior to the above script itself so you can see that pointer is is exactly where the this is is 3 resemble script table is in memory I
so that is that is a young of structure are defining the the the all those pointers and in memory including you can see that he's a guy was good table pointer is also agent hacks in that structure the structure somewhere in memory and in in unprotected all in all multiple systems In unprotected memory are so this is
a this is a you can see the the don't bother but scripts containing the UPC codes so what is but script
exactly the of why is it called scripts when if fly firmer normally it's it executes SEC Securities stage proof PI preview financialization stage then followed by dixie stage rubber the execution environment where the bulk of but on cue runs multiple binary peak offered to get ables running during Dix's station political drivers for different devices sometimes you Sir reservist without specific device that a lot of coach and that could initialize a system were continues initialization system after memories available for pre financialization stage so when you put system to sleep you don't really wants to wait all of that time when you wake up from sleep you don't want all this could get get getting scared and so the the the base for firmer solve that problem by introducing this concept of a script where on a normal but each driver former driver when it's when it's a driver means from a drive or not the optimal driver so each firmer driver records fund records the configuration it makes to add to the harbor into a script like table creating multiple opcodes that those this scripts will get executed by former upon uh wake up from sleep state without actually running all of those all those drivers without executing all of those all of that can so only P stage and security of cost is executed on resuming from sleep then just the initial early component of the that's a stage Dixon it is is a man is loaded uh which transfers addition to I S 3 related component which knows how to interpret the script eggs you get all the opcodes from that the script and this would be that this this process restores full configuration as it was done on a normal boot prior to sleep without actually going through all of that code so this is those a
opcodes from the screenshot below uh from the screen shots couple slides ago Our there's a position of the object within the script there's no there's not to Balogh there there in depending on which occluded there's there's a address of the register there's a value that is being written to the to that
register so this is this is how those of codes look like of the 1st 1 you can see it's actually the very 1st the script it's the memory right it's memory right to an address the seed 5 0 so with the value 0 it's actually not a memory right it's in America it's writing to rich mathematical they are the 2nd up coding which is not really the 2nd at code itself 359 opcode in the script is AI you'll read write it's actually writing some valid 21 to register for 30 which is a register summer and a PM based on but it's not just writing sexually reading modifying writing that's why it's a regret of the so and that's why there's a mass by you can see how many of are in the script thousand more than thousand of those on typical system this occurred as position 3 59 so what are the codes are a present in the but script i o por Reuter rewrites memory writer rewrites PCI Configuration Registers right or read write as emboss executed so you can execute a specific instruction on us boss from the script on stall when you can wait and for some amount of time the former weight are the dispatch opcodes those are interesting uh because they get a richer code use walkers for attackers information because they're more articles like stalled because that way for certain registered to a period personality appear in a certain range
I live in more detail so this this is an example of I O port of this subcodes rights to a specific process serial port and a port the port here is the you can see address it's for b 2 so for those of you who are out of work American PC former stuff you know that this portends the APG port that is used to treat yourself or someone so mind on the and of sub is writing Melibea d to this sport sending a now the the the other coders is dispatch of there are 2 types of dispatch of troops in fact so these are some of the from products may have the platform-specific up for from a specific Abkhaz special because so this dispatch oppose basically I'm on and executes the code at the center point you can see the edges it's a physical the uh it's a linear edges but at that site and common thing so so it's a physical address in comma so it executes certain killed our early enough well interpreting the but script no this up code is on BCI configuration right up code it writes to a set configuration space to PCA configuration register of some device and are the specific it could by 69 it is writing value can see valid to a 1 byte to a to a register with an address 1 F 0 0 DC that's the offset DC In device 31 device that 1 is a is a is an LPC bridge in the chips and and this DC offset is called bias control registers buys control register is responsible for some of the Protei right sections of the buys from a inverse by flashing in nonvolatile memory the so writing to some specific valid to that buys control register enables properly all those protections offered by his former ends by flash memory or disables them so this this a valid to a it's a correctly enabling all of the right protections on of the bias from the in the in this by a different valid if it's written that I think is able protections
so what can go wrong with this architecture the 1st the address to the actual but script or via there the structure which has a pointer to the but script is may be stored in a but runtime accessible place in a in a in a place accessible to the awareness and therefore always level more are for example if you consider this a sky global table variable if has attributes nonvolatile RT runtime be uh not that BS but but services only so in that case this variable is accessible from hot to anyone are executed with the OAS privileges in fact even more because the West as provide API to the user mode to talk to the variables to right there was so in fact this is accessible to the user might applications on most of the West so if that to our idea to prescribe table is stored in such a variable than anybody can modify it and point to a different completely bogus but script and wants system solutions from S 3 this is the former will execute them what about this history uh not uh but script or they would script itself may be stored somewhere in a in a memory are accessible to our to the US and the more in US so so that that mole work it just modify that but script table before putting system to sleep and after system will resume wake up from sleep that modified the script will get executed now I remember that there is the actual code interpreting that the script and executing the octaves some implementations I don't want to but even that so what they do is they actually special to memory but the system to sleep and remember that in sleep memory contents of the memories preserved because the Remez himself a fresh so all all of the constants are left in memory and when the system resumes from S 3 are the former finds that module the but script executed and jumps to it and this but script executer already knew the insurance Finding the actual table with the table and inferring the script table so if that module that executable stored in unprotected memory then now you don't need to modify the script you just need to modify the code that is exhibiting the script now assume that both again ended the script table are protected somehow I if you remember those dispatch because such jump to arbitary coder richer function to do some extra initialization of the blood from are those the dispatch of because they have entry for that addresses of the entry points so even if they the script is protected by the dispatch of good points to some code and if that killed at that entry point is stored in an hour less accessible memory then that you can get modified by the by the more and we'll get executed and finally our at certain systems our some systems name just forget on a normal but when the that former executes in that system on a normal that the configure the hardware with let's say in in enable bias protections but are they forget to store save that information in the script and if they do that if they forget to do that then upon resuming from sleep that configuration will not get restore so if on a normal but you have some protection like bias is right protected then you put the system to sleep wake up and the protection is gone and that that happens because former may happen because from a just forgot to put the specific up to restoring the protection
so what's the impact smaller in DOS is able to change the actions that are performed by firmer on its resume before OS resumes at the waking vector so what do but explaining further Our moppet can execute a richer from Ricoh during an earlier resume way before the West more tenders able harder reduction such as bias right protection which are going to be restored by the script more can install persistent bias rickets in this by freshman because the protections are not there yet where can rewrite a richer memory for executive Michigan which I already said perhaps for some reason in the consists of system from the early enough in the PIC age or bypass security measures for experiments for example I am prettier but in fact right for those of you who are far from firmer yes it can also steal your
PGP keys the I so the
nice quote there that you know suits this vulnerability that 93 per cent of these in the year of start at the same the alarm clock rings and then were vulnerable bias boots 4 weeks from sleep I let was built through world demo I'll explain a couple slides on them and then I'll just show that on
on the system so imagine that you have biased protected in by flash memory so were running AR ChIP-seq test that is testing the right protection of the former in it says that hate biases write-protected everything's good you can see that the bias control register has value to aid which approves the mentioned but
then so basically go sleep well who had sleep well but before you go to sleep and exploit exekias this approximately this disco so it finds a good krypton protected in memory then modifies and it finds the opcode that restores buys protection were developed to so that code is restoring buys protection and the state on and changing it to restore buyers right protection to in the state of on a
3 week from sleep the same task that is checking by threat detection are says that it's not completely protected when it says that it's pretty much not protected at all so at some let's do the trick and I will I will I will
actually I I I wanted to record a demo because of because feel much rarer than the actual them but because we had a very intense of training I I actually that I couldn't do that so if you want if you if you if you if you think that we'll do something during the training the other than the training itself you're mistaken you will probably do think so let's so was just do the of it whatever I so so the check the protection from the
system and a new unfortunate that the system is not protected right uh is not protecting the of the bias from loans by flesh I'm using it for demo specifically so actually all all due to service all all enabled the right protection OK so now I were in no 1 from this offer should be able to to write his by flesh which I won't do I don't wanna break the system I project from so now you can see that the right protections are you can see past I have biases record text so refined Ch
now however all find a good script that will get introverted and executed upon resume from S 3 from from sleep state and
and now you can see that we've porous the scripts opcodes here I'll find the codes
that is responsible for restoring by threat detection you can see this is the this is the opcodes it is restoring it that value it is restoring region it is restoring a value that is really not an enabling buys perfection and so the course where different in the so now before going to sleep actually running
tool that will modify that script and memory and will find enough coach I'm having Sofia it found codes in the but script that is responsible for restoring they can see original valid 8 um ch regional Ali H. and modified so in both of them are bad and unjust replacing it with the worse living yeah
so now I'm just closing the same hoping that it will come back again I think it's it's up here should be there soon you can get it so you can see that happened to live a fast than usual yeah you wouldn't but the system that fast that's why I came up from the now the only thing I do right now I will do right now is I will check the bias right protection and you remember that before putting it to see it was on now you can see that's failed bias is not so the only thing I did is I close the let's open-ended back again and buys protection was gone I did that just for demo purposes in fact you don't really need to ask the user to close wouldn't open back it's just uh you you you you just put the system to sleep while always means were just directly writing to power management registers and the chips and awake in an amount of time that he told it away I now with media with me don't that was great against the and find this same up and
you can see that the this opcode in in the in the but scripts has valid 9
instead of age I as before so that I could get executed and this is what you actually this is the value actually see in this is a valid the actually seeing the
bias control register well 9 OK
so protections are completely gone because we've been able to exploit the history but script X
is that this is just basically showing that the the the the good scripts offer to resume from sleep so this has the this valley which is not properly restoring by detection so how do we detect and
mitigate those issues on 1st of all there's a
script and ChIP-seq currently at it's not in the open source it's going to be in in open-source branch of ChIP-seq come from and prison after after recom so of that module you can run it on any system you can test whether the whether the former is properly protecting all of his has mitigations against this history was performed abilities so how do we fix this problem well it's pretty others are pretty common sense in recommendations to whoever develops the bias from or the Python manufacturers I do not give better so that that's good to the script or structure with a pointer to the script in unprotected variables are do not say the but script table itself to the unprotected memory there's a man there is a word word memory that is accessible to the the main devices are there's a mechanism in the reference q implementation predicate to that is called log box art that can help with protecting scripts not save the actual executable that is interpreting the but script in unprotected memory on the end of and sing that again and number 4 denotes a pointer to the but scripting the if I available what must of modify those slides in between training sessions of then of course review the actual dispatch of codes for the entry point to those dysphagic as such that they do not points to the codes they do not jump to encode which is not protected memory so 1 of the ways to protect the stuff in key based on indicate to based firm or new is from i is a so-called what box so on the left you can see a good scripts plus some management structure of pointing that to that with script on other vulnerable system that is red that is outside of protected memory but in fact you can you can use what books is a generic mechanism you can protect a richer data by using emission mechanism you can use read-only variables you can use some encryptor are storage or something like that but this 1 this example specifically shows this summer using a semantic protect the script so remember that as some RAM is not accessible to regular Maura R. minus vulnerabilities in the Islamist of course but up us so basically of this this year 5 this former systems the they made place that good script in the executable that will be true reading the script into protected as my memory and executed upon resume off the around without going out of and into the your so there's a there's a link to the actual open source implementation of this mechanism be unique in
the key to all his 1 example of how how the reference implementation saves the actual with scripts to to the US around and then it sets a flag that says that he upon resume get that in place without copying back year-round without indicating from unprotected memory
of with that let me jump to weigh up of another class of issues issues related to unify variables you 5 variables is the main mechanism to store configuration including non-persistent irrigation for you find this from so what does former actually stores which settings stories are 1st of all it uses those that the variables U 5 variables some of those variables are non volatile they're actually being stored together with a bias with further on this by flash memory on nonvolatile RAM of variables can be booed services only accessible or runtime accessible but services is accessible variables accessible only to the former all were the former drivers before the West typically is somewhere at the end of the but low of this variable stop being accessible to the south or the runtime accessible variable skills are accessible to all the prim much it any code and in the West until then reboot starting from the and until the next of the a typical way in modern you 5 assistance taxes those variables are through the Islamist at runtime and and also the interesting fact is that on most so as as they do expose API to modify those variables but not all but only runtime variable so for example you can see that the set from the environment they're bearable on wind on Windows or the the the a 5 or a sports devices online systems now a
lot from racial stores a lot of settings this is the a dump of of of of of parts of the of part of the those settings in the U 5 variables stored in some system of those take it was used to use was done using ChIP-seq as well so you can see a whole bunch of those variables and setting stored in those variables are 1 example is a acpi global variable that we are saw already of storing pointed to the blitzkrieg table another variable is a blue water it's the it's the variable that you use when you choose the good order where to blue from in the bicep screen that's the variable that actually stores that good order the the secure boot certificates the root certificate platform the others to forgive and certificates white the blacklist TBX those are also variables the sole sword and their roles or the set of variable which will talk a little bit later on so the set a parable is a variable that is storing all the settings you choose ended the by a set of screen or if you fly set of screen when you but the system now I would
we have found where the things we've found store it in the variables in the unprotected variables read user-mode accessible variables to give a configuration with talked about that in 1 of the presentations we give it a consequence last last year of the the added that the addresses 2 structures or buffers in memory i which former when it boots reads from or rights to are the policies for hurricane configuration or protections including lot bits such as the bias right protection policy or a flash or revise interface log the police's disabling were enabling to get a features depending on where you like more were the data which from a really really needs to just boot there is there's data stored in non persistent integration that just is needed to but the system or the secret sometimes even bias who cares about them anymore but and invites facets suffer sometimes stored in clear in those variables this
obviously cannot begin so all right right early from the data but if there is the address stored in the variable if there is not a story in the variable in the former reads it and then rights to that address then anyone use remote can modify that edges to point to the firmer code or data itself and so the former upon early goodwill right to that edges overriding it's an incongruity or bypassed U phi secure but a ways to go but it's a given configuration is critical settings for even the he's stored in those unprotected variables on or by passages able of harbor protections likewise right detection if the policy for that by straight detection storing the variable or just makes system little or break the system if the data is stored in variable that is required for system to build and mall just corrupts so but
there was a theory in practice there were found multiple unique vulnerabilities approximately 50 to different instances of vulnerabilities and different systems and and reference implementation related to unify variables only recently both the open source reference q as well as actual implementation C-fibers implementation suffer from those issues which results into it was secure but bypassed and little platform b because of the configuration the corrupted constants of the variable buffer flows and consuming the verbal constants arbitrio rise because of the Porter story the variable are bypassing good services protection by reinstalling the same variable with the lesser protection attributes with the runtime attributes or weapons and physical protection physical presence using user presence of some of of the most the so 1 example of such a vulnerabilities were discovered by like book or and also Our is related to set up a variable and it has a view number that you can look it up later so who set up anyway set up already we've shown that set up some systems are stored to give the configuration in the set up own and that allowed us to bypass secure wouldn't systems so now use remote mall were can access that's the set of variables and can just so that you know right garbage in or just deleted In addition if there's a default our our content that is being restored by the from the 1 set up is not available on on some systems may store that default also in the unprotected bearable for example a STD volts elites Akamai deleted were corrupted as well as so when this happens the then the system would you may never but again Our because it really needs they're settings and there then corrupted I won't be making this demand this swept
but you know why bother about this just bring into the IT service desk and asked to reinstall your from running laptop like like you would normally do when I might outlook is locally and my when this so in my system doesn't can you resulted from so that's probably the reaction you'll get from the IT service right so you might have just bring this this thing to them to get the same reaction it's not easy to do so how do
we avoid problems associated with the variables again while 1st keep
common secure them it's not a rocket science to secure configuration are there
certain just common sense recommendations how the two-and-a-half firmer has to handle those those variables 1st of all limit the access to the variables separate critical settings from non-critical from other settings store them in different variables in different places with different protections that's easy if you have a set up options that you are you know now you really care about the store them in and not in the set up variable but in set up something private that has you know the right protections to them and the rest of the synapse and settings storing the regular set up accessible to the runtime remove runtime axis whenever not needed so some variables do not really need to be modifiable by the US or even readable by the west if you don't the variables like for example using ChIP-seq you'll see a whole bunch of them almost a hundred of them on your system from the west 99 per cent of those variables are not needed to the west the west doesn't touch it not of the applications touch why they have runtime Agence mission that theory only needed for the former Our make some variables read only if all needs to read them replications he's read them but not my 5 make and read-only there's a terrible lot protocol and indicate to reference implementation that from use Our authenticate variebles there's a whole mechanism defined by the respective you flies back to authenticate variables removed about test content for example policy is to disable hardware lots there really useful during the validation pre-production free phase but really shouldn't be there in production systems use PC the settings for some variables those a kind of settings that can configure your bias during the build not not run time are some variables do require physically present user for example segment in this cube implementation it needs to be only modifiable when user type something more press about I or that from former implementations nature implement some integrity checks as we've seen on some systems off on the critical settings and of course this storing by Spencer it's probably not the nuclear or any other sensitive condoms like Wi-Fi passwords work like that I was is not really good protection in their so the the other class of common sense recommendation is contents of those variables I assume that the constants of the variables are it and is is malicious or other malicious of ability than before consuming by the former on is there in their believe there's an address make sure that it's not pointing to your own code or data on validate data written to the variables are sometimes you but sometimes from knows what the set of data allowed settings that can be written to the variable can be stored in variable so why not validate the actual value written to that variable are through the API the liquid that that that that this value isn't within the defined predefined set of allowed values Our can you but if this variable was cropped if you cannot have a default in a place which is protected I enter recovery if you notice that the variable constants is corrupted I'm in of course if everything fails on our firmer products you to have a catastrophic recover mechanism you press a jumper and something happens magically make for storing all the defaults including configurations so 1 of the way to protect the parables is read-only or variable walk protocol defined by the reference implemented open source in the reference implementation so are the weights were the the weight works is there is a our protocol 3 Block particle loaded during the it's a staging the former of which exposes API this requests to walk that any firm or a component make them army use may invoke to request that a specific variable will be will become read-only at some point so at this point all the variables are rewritable but at some point and that point is and the Dixie and of specific stage where former hands off almost hands off to you but loaders i at that point this these variables that were requested to be read only become read-only and not writable anymore not creatable not deletable I so I'm in good services for those who of you will look to the you fly exhibit services is the point of handing off to the to the actual words so this is where all Wessel spots in the US at that point will be able to our room right to those to those read-only variables I OK so that's that's all for the this class of issues in the you find this firmer in were jumping to move on to another the 3rd class which call quizzes pointers were tagging is my handlers firmly a wire and validated in the pointers
and we're biased toward bias so where is no bias for us is boredom and the bisexual light makes life interesting for us and so with without switching to Alex to continue with the With explaining that the temperatures then the at my name is Alex and I will continue this presentation for that and this type of for the dark and the next 1 and the before start uh 1 describe a little the basics that make sure that they're all on the same page so what this has from its this is protected memory uh where all among called live include in a summit handlers and turning on this or that a a range of are going when the the pointer to the spread ranches live in and some base and the sewage accessible just in the summer and this strange has protection from CPU is branches the protection some are mass mom base and also it has been my protection uh in the memory controller and the fill it'll depends on in uh a summer there is area name of a ship you say state area which in this area using my CPU tools save and restore context of CPU um in registers as some bystanders and there's also and important tool so as to run name without some wonderful Hendler sometimes foreign which live in a somebody's plus a thousand hits M. I will
describe the bark which is related to 1 and a semantic annotation so the basic idea ideas is um and uh that some I have learned again the input from the argument from last so as the argument of some handler through there a general-purpose registers and as you can see here Frohmeyer Erickson during guarantees so that the that the cold from we for some uh there are breaks the bridge they had the point there are in this point in a legitimate way should live in less memory and there are B it's they have the function number and this is how the legitimate where this work so why they need extra this this of memory inside the porous and pointed to them uh in a legitimate way under such as some I somehow want to retain the status of a summary is it fail or not and this memory they put the status of this memory on their system known that the system might this is as of and the what if this point the real the Poynting vector sum sum what happened and this is the whole thing about this box so as some I can learn different doesn't validate the pointer so that doesn't change at the point the point in outside of some I mean you can override Saturn inside the summer the uh how
you how we can exploit its so what users will want to override that in many cases you will not you'd you'd doesn't control that I'll be look at all the other is that don't know the value of each you alright you just can control the answers so you just know all of our you want all right but you don't know what you you alright you can pick up different oceans of what exactly want alright uh for example and their default to handle or quality which I mentioned already that enter point to assignments so if you can this and it can be exploited known it can alright and Donaldson some structures flag and which related to someone and and also can override this CPU say state and the field inside the state and there is someone field which is really important as some base uh so this value is pointing to a some around and the status of the city statement countless some land and they they're at the start of this well you when it's go we're an exact land exit from a cement happen from from there is an instruction so if around this estimate some some base value the nexus and I each can't they will commonly it's built in U S around and will start circuit for malicious got this is will be not in protected trends
by going I will describe that a little bit more laid them but that there but how do you know all various as some basis if think about this a few wrote exploiting easier on through this is the problem really really related and really saying that isolated in in the canal or user specifications are you don't know all the contexts of us among you know the analysts which you can alright but evolved very rare that s as some basely where is exactly this this story and what it can do and you can find you can bound they're all contexts over some of the different ways that you can the finance an ability and uh uh as you really dimension that enables great because of this on our ability to monitor as from a you can use then the 2nd cue you'll need to use the graphic DMI and I will describe a little bit later more details about this also you can dump all spy flesh extract all of a semantic Dixon diverse and reverse-engineer them to find a similar initialization floor and that's all you can find the value of some base the also you can use an analysis so my point of an ideal reaches and make a memory leak from a somewhat as someone on the continent and the last 1 if you'll have heard backup abilities and at the debugger you can do this offline and just all American them if you don't have the power of the user cannot find any way tool down they're all or in part as from you can you exploit can try to guess various has some basis and there is couple occasion each is a more probable it can be a so it can be uh a summary physical barriers so minus a thousand hits or it can be an author mom as Asmara physical based on this although you can try cold now try to override the terms a couple times different terms pages inside the sum and in a specific offset the predicate sh as some base in experimental purpose not that use this value to explore them over an ability so here is a little bit
description of boat dump and that as a mom uh through and the graphic so basically we assume that there are 2 sick is not locked to that DMA can have access to and to the memory and the 2 sec is below a at some on and the in the in the knowledge that specific exploit the user 3 was created to unload the tea set but there is no other options um after the after the 2 circuit is the loss around you can configure it to right the current a patent tables inside a someone and you use graphic aperture to get that system so basically terminologies used graphic DMA to get access to the and after you have already borrowed the underscore offer some basis uh you start thinking about how to exploit this and legitimate layer there how there's some worker solid described a you send this my and you'll argument is not on general-purpose registers and the 1 of them is pointing to the wires of memory and but you assume that you can write a some basis and there will be a different location offer some base in our case it be 0 because you alright the some based 0 but before you would trigger this where neuroblastoma unit to prepare the next uh as a default of some I can learn because next to some I will use already knew as some base value and then use well you need to prepare the all stage minimum stage total execute um as a market and enter point and to all this and In our specific case to be allocated their default handler in under this 8 thousand texts and we allocate our CELP coder which you wanted to cook after the trigger 2nd the sum I so now the truth to give 1st honorable some I beaches override has some basis in the new in new or under a new well you which is 0 and this allowed the next uh some I start to execute it from and 0 8 thousand gets others and uh and here is the latest stock the continuous shall uh you malicious called in the context of a cement so-called had called has a summoned privileges which is more political from 0 and then you can go with everyone in our specific case via disable and arranges the protection of the flip and debates a inside the and and uh no mask emisora and we replace as some basis for default value down at all as a man called can Manzikert correctly for the old next surmise and of heroes and
their mom
yeah the
so we're on the expert 1 time so here the 1st we check that this amount is protected and we cannot operated so there are just as all else then to say there are regional new and a some basic memory that we don't corrupt and this and so on and in some God um then you prepare there then you are a somewhat continuous embrace the the memory of his newer some by default handler and that the 3 us assignment tool chain of that some base and the nexus research is a cue from our and control of memory to sample that that but it up and got his context it in the summer so this more privileged malt and then it is a ball around the regular on a summer protection inches perfection and then we check that now we can read and write the them and therefore with some of the entire someone and if around this exploit again this value this as astronomical and doesn't have protection and you can read and write it directly so let's back to the slides
and understand this then in
all this Bacher is related to alter you 5 basic system reaches as is you that argument of 1st some my pointer so through their own a general-purpose registers that in you indicate to base it on a firmer uh there and they they don't now that From a doesn't use of the general-purpose register for by that every month the 2 this summer they use uh there's this this a special buffer depressed all arguments for perform operations system to a summer that the summer and there's and this in the bottom income by firm and the pointed to this combat fairly belief in a supplier table name you find so and this specific of the particular example which we can see uh that this combo offer is so in sense that common buffer go on set variable get variable and their common buffer contained in the header the land and the start of some function idea also it's but it's it's containing the data reach the them I always want to but I want to this a sentimental some money so they contain they contain dated with the name of that of the uh very you favorable so there so I can learn get this Goldman Buffett and they know that inside this column depends of the sponsor g this argument should be there and so on you fire variable and and they pass all of these are fields uh what the
problem is so this con buffer uh it's really similar to that in the previous class of stock in this class or type related to com buffering there a summer Hendler uh doesn't properly and validate the common buffer so you can monitor lesson com buffer to or this summer and here's example if you
check the like in the bottom the line in the bottom line is quantum and you can see that this nation on this is point and they and if you follow this data you'll figure out that this data is not coming from home and there is no protections and all the checks and annual editions all this they they point into a sum so if you look at the quality control the con lover because a vector control the point in this again table and the memory which is part of the images are in that memory is an In this case you can control the date then you can override this summer so and the of
OK and I will be fast um so another type of bark is realization of the common buffer uh this stress condition Owen double pitch um the basically window between chicken and uh and use of that common buffer feels so you can modify found from for example from that India made this filter after the chip but before that the use of so how we can know
that detect and you get this kind art
and there's ChIP-seq model of each can get the parameters configuration file and this and that and what is the con the call you want to check so in this specific example uh you viewpoints so that there are in use in a sum uh 1 half you want that understood the memory will be in breeds and always registers build random so and here's a detection
but it's it's a video here only all it's have the like them on here but I will continue the no OK now
Frank the the unknown just I of I was and will have 0 and who the way it was thought we had 90 minutes 62 of come on just so much interesting stuff here well on will just so that
you on close up right there's 1 or another class that we thought we talk about it it's called 1 this call or how we call it and then this is really attacking is my and there's wide yeah as a man called vulnerabilities right
so all just scroll through it if
you have a new photographic memory of
you can you should be able to see it but I can tell you that you know mitigating that specific less of a woman but this is like trying to fit an octopus and fear of Dixie of plants so but it is possible
we can do it and so there's a
there's a slide why we're actually investing in an open source framework tool that detects all that some others vulnerabilities there are multiple reasons to do that's a scary researchers need a way to develop these tests exploitability and impact of the issues and also the need to provide that information you know the um and to the Williamson bystanders that now this and you can improve on their products and and will also need to give researchers to be able to capture that research in consumable way right so I will also want to cooperate corporate IT enterprises to uh to be able to actually run it and detect probabilities from the systems that they're about you are deploy on to their employees of In we believe that it's got to be an open source so that everyone can see what it's actually testing in which will sexual test
so conclusions of the you fly-bys from security is an industry-wide concern everyone is effect or maybe effect but but then they're all on you know often multiple issues of the same time and some unfortunate take years to mitigate but researchers keep finding dragons in drive awareness and also on new classes of vulnerabilities like those as my own resources with script the stored is appearing In many Williamson bystanders or starts to be responsive to to the security issues stepping up to improve security of their products in use ChIP-seq as we know our in the in the harbor protections are being slowly adopted so
I that's I was won't let me just read it because I don't remember the remember the Russian word saying but not not not not the translator once and I was told that this road will take to the ocean death and back way since then Creutz roundabout cup forsaken paths stretch of for me to will have to continue their research on other Acknowledgements I don't have time but I do acknowledge all the people on this slide I including researchers and the people who helped us at info in the U phi forum members and that would that
we're leaving the scene this scene thank you