Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Analytics, and scalability, and UEFI exploitati...

Analytics, and scalability, and UEFI exploitation! Oh my!

We use UEFI and commodity PC manufacturer "firmware" as a use case for vulnerability discovery and exploit development powered by analytics. BIOS, UEFI, and embedded firmware are recent focus areas for vulnerability analysis and exploit research. There are great offensive-security presentations and research on ring < 0 rootkits, failed implementations of trusted computing concepts, and hardware-assisted exploitation.

This talk complements existing firmware research by applying data-science to UEFI code analysis. This does not attack the UEFI platform or secure boot implementations; it does consider UEFI applications, drivers, and associated environments as attack surface. Analytics of code-usage, features, pervasiveness, update frequency, and vulnerabilities will help determine viability of homogeneous exploit development for seemingly-heterogeneous environments. The talk will review data-science approaches to vulnerability discovery in UEFI code, demonstrate the scalability of UEFI exploitation, and explore the potential for persistence as well as similar fun exercises.

Video demo: https://www.youtube.com/watch?v=6yI-C1aBCiU

Teddy Reed

April 17, 2014
Tweet

More Decks by Teddy Reed

Other Decks in Technology

Transcript

  1. demo= Funmo.begin() firmware = "efi" usb:0.present = "TRUE" usb:0.deviceType =

    "hid" usb:0.port = "0" usb:0.parent = "-1" firmware = "efi" efi64.filename = “/Users/theo/Buffers/ uefi-research/samples/vmware/ efi-trojaned.rom" usb:0.present = "TRUE" usb:0.deviceType = "hid" usb:0.port = "0" usb:0.parent = "-1" Two blank VMs installing standard Windows 7 SP1 or Windows 8 Pro
  2. Objectives Demonstrate evil data science using firmware updates Enable audience,

    researchers, and developers to discover firmware vulnerabilities Release some code and have fun! Introduce firmware & UEFI pentesting 1. 2. 3. 4.
  3. Overview::Init() Obtain all the UEFIs Identify vendor- specific implementations Reverse

    ia32/ x86/am64 UEFI assembly Extract non- signed code portions Inject and modify UEFI code Identify non- signed products Pinpoint potential 1-day vulnerabilities Isolate security related UEFI code changes Inject POST exploit RAT Integrate pentesting frameworks We’ll keep track of what capabilities and tools are released throughout this presentation.
  4. #define Introduction UEFI Unified Extensible Firmware Interface UEFI Forum: 227

    Members (11 are promoters) Windows 8 logo required UEFI Secure Boot Almost every IS/BV, OEM implements UEFI Image © 2005, 2014 Square Enix
  5. #define Introduction Security Pre-EFI Initialization Driver Execution Boot Device Select

    System Load Runtime Services Execute Boot loader “MBR” Select PXE SSD CD-ROM Execute EFI- Application Execute device, bus service drivers Create EFI- services CPU Initialize Board Initialize Measure, Verify OS-aware EFI services OS is running UEFI Unified Extensible Firmware Interface
  6. #define Introduction Security Pre-EFI Initialization Driver Execution Boot Device Select

    System Load Runtime Services Execute Boot loader “MBR” Select PXE SSD CD-ROM Execute EFI- Application Execute device, bus service drivers Create EFI- services CPU Initialize Board Initialize Measure, Verify OS-aware EFI services OS is running EFI Bootkits Secure Boot Attacks Variable Attacks UEFI Unified Extensible Firmware Interface
  7. #define Concepts Security Pre-EFI Initialization Driver Execution Boot Device Select

    Select PXE SSD CD-ROM Execute device, bus service drivers Create EFI- services CPU Initialize Board Initialize Measure, Verify UEFI Unified Extensible Firmware Interface
  8. #define Concepts UEFI Unified Extensible Firmware Interface UEFI defines update

    mechanisms & formats System vendors often choose their own Each vendor distributes updates uniquely similarly to most software vendors
  9. Unifying UEFI Updates “That’s a Triple U, all the way!”

    Simple JSON-representation of UEFI update context information • Release Time • Criticality • Affected Products • Patch Notes • Update Binary(ies) • Dell • Lenovo • Gigabyte • ECS • HP • Intel • MSI • AsRock […] #! FORK ME https://github.com/theopolis/uefi-spider
  10. Unifying UEFI Updates “That’s a Triple U, all the way!”

    Optiplex 9020 A00 2013-06-05 07:12:30 A02 2013-09-23 03:08:01 A01 2013-07-16 07:21:46 ?? ????-??-?? ?:??:?? A03 2013-09-23 08:41:01 A07 2014-01-16 00:00:00 A04 2013-11-25 05:23:27 A05 2013-12-18 00:00:00 https://github.com/theopolis/uefi-spider
  11. Unifying UEFI Updates “That’s a Triple U, all the way!”

    https://github.com/theopolis/uefi-spider Optiplex 9020 A00 2013-06-05 07:12:30 A02 2013-09-23 03:08:01 A01 2013-07-16 07:21:46 ?? ????-??-?? ?:??:?? A03 2013-09-23 08:41:01 A07 2014-01-16 00:00:00 A04 2013-11-25 05:23:27 A05 2013-12-18 00:00:00 What happened to A06, why are A02/03 5 hours apart?
  12. Update Ecosystem Vendor Updates UEFI Size Format Feeling Dell 3214

    384 9.81G HDR/PFS :| Intel 1193 1193 6.36G Capsule :) HP 2359 397 13.40G Flash/Logo :( Lenovo ?? 193ish 2.58G Capsule D:< ASRock 3092 481 4.64G Flash :) Gigabyte 5176 412 6.94G Flash :) MSI 1138 507 3.85G Flash :)
  13. Update Ecosystem Vendor Updates UEFI Size Format Feeling Dell 3214

    384 9.81G HDR/PFS :| Intel 1193 1193 6.36G Capsule :) HP 2359 397 13.40G Flash/Logo :( Lenovo ASRock 3092 481 4.64G Flash :) Gigabyte 5176 412 6.94G Flash :) MSI 1138 265 3.85G Flash :) ECS While scraping: ! Only 1 NullPointerDereference! Only 1 JScript injection vulnerability!
  14. Update Ecosystem Vendor Updates UEFI Size Format Feeling Dell 3214

    384 9.81G HDR/PFS :| Intel 1193 1193 6.36G Capsule :) HP 2359 397 13.40G Flash/Logo :( Lenovo ASRock 3092 481 4.64G Flash :) Gigabyte 5176 412 6.94G Flash :) MSI 1138 265 3.85G Flash :) ECS Also, I would HATE to be Lenovo’s DB designers or on their update data entry team… ! Twice as many exceptions!
  15. Overview::recon() Obtain all the UEFIs Identify vendor- specific implementations Reverse

    ia32/ x86/am64 UEFI assembly Extract non- signed code portions Inject and modify UEFI code Identify non- signed products Pinpoint potential 1-day vulnerabilities Isolate security related UEFI code changes Inject POST exploit RAT Integrate pentesting frameworks
  16. What’s in an update? There are tons of wacky code/data

    embedding examples { { { { Firmware Capsule/ Flash Descriptor Firmware Volumes Firmware FileSystem Tiano/EFI NTFS FAT Padding Raw Firmware File Firmware File Firmware File Encapsulation Firmware File Firmware File Firmware File Depex Exp UEFI PE32 MORE!?!?! MEbx iAMT Trojans PM Configs Microcode
  17. What’s in an update? There are tons of wacky code/data

    embedding examples { { { { Firmware Capsule/ Flash Descriptor Firmware Volumes Firmware FileSystem Tiano/EFI NTFS FAT Padding Raw Firmware File Firmware File Firmware File Encapsulation Firmware File Firmware File Firmware File Depex Exp UEFI PE32 MORE!?!?! MEbx iAMT Trojans PM Configs Microcode
  18. RCEing Updates #! FORK ME There are a few awesome

    Firmware Volume, BIOS/ROM, and Flash filesystem parsers Nikolaj Schlej: https://github.com/NikolajSchlej/UEFITool https://github.com/theopolis/uefi-firmware-parser Python module for manipulating firmware-related structures, including: Dell updates, Intel ME, UEFI FV/FD/FFSs/FFs/FSs and Capsule, etc
  19. RCEing Updates https://github.com/theopolis/uefi-firmware-parser Print Extract Inject Replace Maintain integrity where

    possible, optionally regenerate CRCs, add padding if needed One-stop tool for manipulating deeply embedded commodity firmware-objects For good: and evil:
  20. demo.inspect! theo@ubuntu:/mnt/hgfs/Buffers/uefi-research/samples/vmware$ python /mnt/hgfs/git/uefi-firmware-parser/scripts/fv_injector.py --guid c57ad6b7-0515-40a8-219d-551652854e37 --injection ./evil.efi ./efi64.rom -o

    efi-trojaned.rom [#] Opening firmware as UEFI firmware volume. Parsing FV at index (volume). [#] Firmware objects parsed. [#] Injecting (replacing) FirmwareFile c57ad6b7-0515-40a8-219d-551652854e37. [#] Regenerating firmware children structures (from injection point). [#] Regeneration complete, child objects parsed. [#] Rebuilding complete firmware with injection. ffs size mismatch old=3715000 new=3115389 599611 [#] Rebuild complete, injection successful. Wrote: efi-trojaned.rom [#] Injected firmware written to efi-trojaned.rom. theo@ubuntu:/mnt/hgfs/Buffers/uefi-research/samples/vmware$ python /mnt/hgfs/git/uefi-firmware-parser/scripts/fv_parser.py ./efi64.rom Parsing FV at index (0x0). Firmware Volume: 8c8ce578-8a3d-4f1c-3599-896185c32dd3 attr 0x0007feff, rev 2, size 0x200000 (2097152 bytes) Firmware Volume Blocks: (32, 0x10000) File 0: 1b45cc0a-156a-428a-62af-49864da0e6e6 (EFI_PEI_APRIORI_FILE_NAME_GUID) type 0x02, attr 0x00, state 0x07, size 0x2c (44 bytes), (freeform) Section 0: type 0x19, size 0x14 (20 bytes) (Raw section) File 1: df1ccef6-f301-4a63-6196-fc6030dcc880 type 0x03, attr 0x00, state 0x07, size 0x3a04 (14852 bytes), (security core) Section 0: type 0x10, size 0x39cc (14796 bytes) (PE32 image section) Section 1: type 0x15, size 0x14 (20 bytes) (User interface name section) Name: SecMain Section 2: type 0x14, size 0xc (12 bytes) (Version section section) File 2: ffffffff-ffff-ffff-ffff-ffffffffffff type 0xf0, attr 0x00, state 0x07, size 0x68 (104 bytes), (ffs padding) File 3: 52c05b14-0b98-496c-3bbc-04b50211d680 type 0x04, attr 0x10, state 0x07, size 0x9a98 (39576 bytes), (pei core) Section 0: type 0x19, size 0x1c (28 bytes) (Raw section) Section 1: type 0x10, size 0x9a44 (39492 bytes) (PE32 image section) Section 2: type 0x15, size 0x14 (20 bytes) (User interface name section) Name: PeiCore Section 3: type 0x14, size 0xc (12 bytes) (Version section section) File 4: ffffffff-ffff-ffff-ffff-ffffffffffff type 0xf0, attr 0x00, state 0x07, size 0x68 (104 bytes), (ffs padding) [……]
  21. demo.inspect! theo@ubuntu:/mnt/hgfs/Buffers/uefi-research/samples/vmware$ python /mnt/hgfs/git/uefi-firmware-parser/scripts/fv_injector.py --guid c57ad6b7-0515-40a8-219d-551652854e37 --injection ./evil.efi ./efi64.rom -o

    efi-trojaned.rom [#] Opening firmware as UEFI firmware volume. Parsing FV at index (volume). [#] Firmware objects parsed. [#] Injecting (replacing) FirmwareFile [#] Regenerating firmware children structures (from injection point). [#] Regeneration complete, child objects parsed. [#] Rebuilding complete firmware with injection. ffs size mismatch old=3715000 new=3115389 599611 [#] Rebuild complete, injection successful. Wrote: efi-trojaned.rom [#] Injected firmware written to efi-trojaned.rom. theo@ubuntu:/mnt/hgfs/Buffers/uefi-research/samples/vmware$ python /mnt/hgfs/git/uefi-firmware-parser/scripts/fv_parser.py ./efi64.rom Parsing FV at index (0x0). Firmware Volume: Firmware Volume Blocks: File 0: 1b45cc0a-156a-428a-62af-49864da0e6e6 Section 0: File 1: df1ccef6-f301-4a63-6196-fc6030dcc880 Section 0: Section 1: Name: SecMain Section 2: File 2: ffffffff-ffff-ffff-ffff-ffffffffffff File 3: 52c05b14-0b98-496c-3bbc-04b50211d680 Section 0: Section 1: Section 2: Name: PeiCore Section 3: File 4: ffffffff-ffff-ffff-ffff-ffffffffffff [……] Firmware FileSystem Tiano/EFI Padding Raw apriori file PeiCore SecMain Firmware Volumes { { { Raw UEFI PE32 Name str UEFI PE32 Name Str Raw
  22. demo.inspect! theo@ubuntu:/mnt/hgfs/Buffers/uefi-research/samples/vmware$ python /mnt/hgfs/git/uefi-firmware-parser/scripts/fv_injector.py --guid c57ad6b7-0515-40a8-219d-551652854e37 --injection ./evil.efi ./efi64.rom -o

    efi-trojaned.rom [#] Opening firmware as UEFI firmware volume. Parsing FV at index (volume). [#] Firmware objects parsed. [#] Injecting (replacing) FirmwareFile [#] Regenerating firmware children structures (from injection point). [#] Regeneration complete, child objects parsed. [#] Rebuilding complete firmware with injection. ffs size mismatch old=3715000 new=3115389 599611 [#] Rebuild complete, injection successful. Wrote: efi-trojaned.rom [#] Injected firmware written to efi-trojaned.rom. theo@ubuntu:/mnt/hgfs/Buffers/uefi-research/samples/vmware$ python /mnt/hgfs/git/uefi-firmware-parser/scripts/fv_parser.py ./efi64.rom Parsing FV at index (0x0). Firmware Volume: Firmware Volume Blocks: File 0: 1b45cc0a-156a-428a-62af-49864da0e6e6 Section 0: File 1: df1ccef6-f301-4a63-6196-fc6030dcc880 Section 0: Section 1: Name: SecMain Section 2: File 2: ffffffff-ffff-ffff-ffff-ffffffffffff File 3: 52c05b14-0b98-496c-3bbc-04b50211d680 Section 0: Section 1: Section 2: Name: PeiCore Section 3: File 4: ffffffff-ffff-ffff-ffff-ffffffffffff [……] Inject into an update: !      $  python  fv_injector.py              -­‐-­‐guid  c57ad6b7-­‐0515-­‐40a8-­‐219d-­‐551652854e37              -­‐-­‐injection  ./evil.efi  ./efi64.rom  -­‐o  efi-­‐trojaned.rom
  23. What’s in an update? There are tons of wacky code/data

    embedding examples { { { { Firmware Capsule/ Flash Descriptor Firmware Volumes Firmware FileSystem Tiano/EFI NTFS FAT Padding Raw Firmware File Firmware File Firmware File Encapsulation Firmware File Firmware File Firmware File Depex Exp UEFI PE MORE!?!?! MEbx iAMT Trojans PM Configs Microcode
  24. What’s in an update? UEFI PE32 { [IMAGE_OPTIONAL_HEADER64] Magic: 0x20B

    MajorLinkerVersion: 0x8 MinorLinkerVersion: 0x0 SizeOfCode: 0x800 SizeOfInitializedData: 0xC200 SizeOfUninitializedData: 0x0 AddressOfEntryPoint: 0x1008 BaseOfCode: 0x1000 ImageBase: 0x1000000 SectionAlignment: 0x1000 FileAlignment: 0x200 […] SizeOfImage: 0xF000 SizeOfHeaders: 0x400 CheckSum: 0xFBAF Subsystem: 0xA DllCharacteristics: 0x0 […] LoaderFlags: 0x0 NumberOfRvaAndSizes: 0x10 [IMAGE_SECTION_HEADER] Name: .text Misc: 0x7EC Misc_PhysicalAddress: 0x7EC Misc_VirtualSize: 0x7EC VirtualAddress: 0x1000 SizeOfRawData: 0x800 PointerToRawData: 0x400 [IMAGE_SECTION_HEADER] Name: .data Misc: 0xBF80 Misc_PhysicalAddress: 0xBF80 Misc_VirtualSize: 0xBF80 VirtualAddress: 0x2000 SizeOfRawData: 0xC000 PointerToRawData: 0xC00 [IMAGE_SECTION_HEADER] Name: .reloc Misc: 0xC Misc_PhysicalAddress: 0xC Misc_VirtualSize: 0xC VirtualAddress: 0xE000 SizeOfRawData: 0x200 PointerToRawData: 0xCC00 [IMAGE_FILE_HEADER] Machine: 0x8664 NumberOfSections: 0x3 TimeDateStamp: 0x4B8B66BB [Mon Mar 1 07:03:23 2010 UTC] PointerToSymbolTable: 0x0 NumberOfSymbols: 0x0 SizeOfOptionalHeader: 0xF0 Characteristics: 0x2022 }
  25. demo.inspect!, “lame…” There are plenty of tools that patch U/EFI

    and BIOS updates already, for legitimate purposes https://github.com/NikolajSchlej/PMPatch https://github.com/untermensch/Injector https://github.com/waweber/slicloader https://github.com/NikolajSchlej/UEFITool Hackintosh Pirating Now we have a flexible tool that accomplishes! predefined goals with pervasiveness
  26. Overview::reverse() Obtain all the UEFIs Identify vendor- specific implementations Reverse

    ia32/ x86/am64 UEFI assembly Extract non- signed code portions Inject and modify UEFI code Identify non- signed products Pinpoint potential 1-day vulnerabilities Isolate security related UEFI code changes Inject POST exploit RAT Integrate pentesting frameworks
  27. Protection Domains 3: Userland 0: Kernel -2: SMM -3: ME

    Computer Science defines protection domains as rings where the outer rings imply less privilege Mockingly, researchers and hackers define low-level environments as negative rings as they allow higher privilege Scariness = (ring) × -1
  28. Protection Domains Traditional and practical cyber defense applied here Network

    Applications Middleware Security 3: Userland 0: Kernel -2: SMM -3: ME Scariness = (ring) × -1
  29. #define Subzero 3: Userland 0: Kernel -2: SMM -3: ME

    Scariness = (ring) × -1 “Sub” zero rings are the highest privilege
  30. Subzero Attack Surface typedef struct { EFI_GUID OemGuid; UINT32 HeaderSize;

    // // UINT8 OemHdrData[]; // } EFI_CAPSULE_OEM_HEADER; ! typedef struct { EFI_GUID CapsuleGuid; UINT32 HeaderSize; UINT32 Flags; UINT32 CapsuleImageSize; UINT32 SequenceNumber; EFI_GUID InstanceId; UINT32 OffsetToSplitInformation; UINT32 OffsetToCapsuleBody; UINT32 OffsetToOemDefinedHeader; UINT32 OffsetToAuthorInformation; UINT32 OffsetToRevisionInformation; UINT32 OffsetToShortDescription; UINT32 OffsetToLongDescription; UINT32 OffsetToApplicableDevices; } FRAMEWORK_EFI_CAPSULE_HEADER; OEM provided, unsigned data
  31. Subzero Attack Surface ISV/OEM provided tools, GUIs, “features” Useless UEFI

    “games” FTP file browsing SATA/NTFS browsing Within-UEFI non-TLS updates Image parsing (within GUIs) Memory-sensitive APIs OS/User-controlled NVRAM Other network services: UPnP, DHCP, SMB
  32. Subzero Attack Surface Misunderstood (by implementers) SecureBoot variables PeiSecurityPpi  

    __ImageVerificationLib   ! Samsung UEFI bug SecureBootEnable bit SETUP_MODE bit SPI flash write bits
  33. Update Analysis #! FORK ME https://github.com/theopolis/subzero Consumes the output JSON

    from uefi-spider Web-based UI for browsing, inspecting firmware objects Vulnerability hunting platform powered by statistics Several offline Map/Reduce scripts
  34. Overview::analyze() Obtain all the UEFIs Identify vendor- specific implementations Reverse

    ia32/ x86/am64 UEFI assembly Extract non- signed code portions Inject and modify UEFI code Identify non- signed products Pinpoint potential 1-day vulnerabilities Isolate security related UEFI code changes Inject POST exploit RAT Integrate pentesting frameworks
  35. Subzero Security Patching “1-days from Hell… get it?” 141c142,144 <

    if ( sub_FFC40CE8(0x60u) != -1 || sub_FFC40CE8(0x64u) != -1 ) --- > sub_FFC40D21(0xCF8u, 0x8000F8DC); > sub_FFC40D0F(0xCFCu, 2u); > if ( sub_FFC40D08(0x60u) != -1 || sub_FFC40D08(0x64u) != -1 ) [update, product, and vendor not shown] “Hell… subzero… hahaha!”
  36. Subzero Security Patching “1-days from Hell… get it?” Comparing EIP

    disassembly is tedious Updates are mostly roll-ups and feature/bug fixes Registers and EFI variable locations are unique [update, product, and vendor not shown] 141c142,144 < if ( sub_FFC40CE8(0x60u) != -1 || sub_FFC40CE8(0x64u) != -1 ) --- > sub_FFC40D21(0xCF8u, 0x8000F8DC); > sub_FFC40D0F(0xCFCu, 2u); > if ( sub_FFC40D08(0x60u) != -1 || sub_FFC40D08(0x64u) != -1 )
  37. Subzero Vulnerability Hunting Memory-manipulation UEFI protocol APIs Trusted Computing and

    secure boot GUIDs Implementation-varied Tiano deviations Variances in updated products Lagged reference implementation rollups Small deltas in update times Updates correlated with security announces Patch notes or criticality labels
  38. Subzero Vulnerability Hunting Memory-manipulation! UEFI protocol APIs Trusted Computing and

    secure boot GUIDs Implementation-varied Tiano deviations Variances in updated products Lagged reference implementation rollups Small deltas in ! update times Updates correlated ! with security announces Patch notes or ! criticality labels
  39. Subzero Vulnerability Hunting Memory-manipulation! UEFI protocol APIs From the UEFI

    Pre-EFI Core Interface Specification: CopyMem() AllocatePool() AllocatePages() SetMem() typedef     VOID     (EFIAPI  *EFI_PEI_COPY_MEM)  (              IN  VOID  *Destination,              IN  VOID  *Source,              IN  UINTN  Length     );    
  40. Subzero Vulnerability Hunting Memory-manipulation! UEFI protocol APIs ~/git/edk2$  grep  -­‐rn

     “CopyMem  (“  .  |  wc  -­‐l   3454 Disassembly for PEI API “Services” lookup and usage as pseudo-FLIRT signatures Elasticsearch + Disassembly = CopyMem changes
  41. Subzero Vulnerability Hunting Small deltas in ! update times !

    Dell VNHYR 5s Dell FKWXJ 9s Dell GT9WH 2286s Dell V76CK 10250s Dell 9XPHF 10260s Dell 8CKTP 10688s Dell VHW00 19980s Dell 0MHFX 31003s Dell V49WK 52593s Dell 747D9 57284s MSI 7851v14 86400s HP cp_125425_1 86400s HP cp_102216_1 86400s HP cp_121648_1 86400s MSI 7760v13 172800s MSI 7673v15 172800s MSI 7676vA2 172800s MSI 7681v14 172800s MSI 7846v15 259200s MSI 7673v1D 1 bytes MSI 7673v1E 3 bytes MSI 7759v18 3 bytes MSI 7680v14 465 bytes MSI 7750v31 484 bytes MSI 7676vA2 538 bytes MSI 7751vHA 671 bytes MSI 7788v13 841 bytes MSI 7681vM8 2159 bytes MSI 7681vN6 2159 bytes Dell V89FN 2924 bytes Dell FMGCM 4122 bytes Dell 1RJW0 4122 bytes Dell 6DF38 5870 bytes Dell KCXX0 13787 bytes Dell W8N5N 19927 bytes Dell PKPRV 124304 bytes Dell JX37K 212383 bytes Dell VNHYR 247310 bytes Dell 2GNVV 322353 bytes
  42. Subzero Vulnerability Hunting Patch notes or ! criticality labels Fixes

    - Not Applicable. Enhancements - Updated thermal table. - Updated Intel CPU micro code. - Enhanced BIOS Security. - Supported Graphic card M6100.
  43. Overview::analyze!() Obtain all the UEFIs Identify vendor- specific implementations Reverse

    ia32/ x86/am64 UEFI assembly Extract non- signed code portions Inject and modify UEFI code Identify non- signed products Pinpoint potential 1-day vulnerabilities Isolate security related UEFI code changes Inject POST exploit RAT Integrate pentesting frameworks
  44. rpcnetp_dropper autochk.exe is running as a Windowsnative mode process (post-kernel)

    linked to ntdll.dll Before the Win32 subsystem no signing, no obfuscation
  45. Dropper Chain (UEFI) DXE Computrace Driver (UEFI) DXE dmidbg64 Application

    (UEFI) DXE (unpacked) autochk.exe Patcher (WinNative) weaponized autochk.exe (Win32) Backdoor RAT rpcnetp.exe Network C&C Fun… Full Computrace (UEFI) PEI SMM Computrace Driver
  46. Dropper Chain (UEFI) DXE Computrace Driver (UEFI) DXE dmidbg64 Application

    (UEFI) DXE (unpacked) autochk.exe Patcher (WinNative) weaponized autochk.exe (Win32) Backdoor RAT rpcnetp.exe Network C&C Fun… Full Computrace (UEFI) PEI SMM Computrace Driver
  47. Hijacking Dropper (UEFI) DXE Computrace Driver (UEFI) DXE dmidbg64 Application

    (UEFI) DXE (unpacked) autochk.exe Patcher (WinNative) weaponized autochk.exe (Win32) Backdoor RAT rpcnetp.exe Network C&C Fun… Full Computrace (UEFI) PEI SMM Computrace Driver
  48. Hijacking Dropper (UEFI) DXE Computrace Driver (UEFI) DXE dmidbg64 Application

    (UEFI) DXE (unpacked) autochk.exe Patcher (WinNative) weaponized autochk.exe (Win32) Backdoor RAT rpcnetp.exe Network C&C Fun… Full Computrace (UEFI) PEI SMM Computrace Driver
  49. Subzero Pentesting WMIC/Powershell to profile platform & BIOS version Database

    of all updates, match target system’s Inject selected payload as DXE driver and flash Post Exploitation / Subzero Persistance
  50. Subzero Pentesting Firmware signing and Secure Boot prevent this hijacking

    or any other trivial root kit injection But how many systems are signing by default?
  51. Overview::_winning() Obtain all the UEFIs Identify vendor- specific implementations Reverse

    ia32/ x86/am64 UEFI assembly Extract non- signed code portions Inject and modify UEFI code Identify non- signed products Pinpoint potential 1-day vulnerabilities Isolate security related UEFI code changes Inject POST exploit RAT Integrate pentesting frameworks
  52. demo._details() 17.5 Kb payload binary Installed as a Windows 7/8

    service with various dependencies Todo: inject larger payloads while maintaining UEFI volumes, files, and capsule integrity Todo: verify product adherence to Secure boot UEFI variables and FileSystemSection attributes