Spectator

1
Alternative Routes for Data Acquisition and
System Compromise
Peiter Mudge Zatko mudge_at_bbn.com Technical
Director National Intelligence Research and
Applications BBN Technologies
2
Layout

• Part 1
• Apophenia, anchoring, confirmation
• Part 2
• Ideas on Alternative Routes for Data Acquisition
  (and system compromise)

3
Part 1

• The following three examples were taken from

Presented at the Society of Petroleum Engineers
Distinguished Lecturer Series

• To be filed under the headings of
• What was mudge doing going through petroleum
  engineer lectures?
• What made him find correlations between
  information he found there and Digital Forensics?
• What does this have to do with Apophenia?

4
Apophenia (general)
D. Johnson (1981) V-1, V-2 Hitlers vengeance on
London. New York Stein Day, p. 144-45
5
Apophenia (general)
20
4
12
31
D. Johnson (1981) V-1, V-2 Hitlers vengeance on
London. New York Stein Day, p. 144-45
6
Apophenia (general)
10
16.5
19.5
21
D. Johnson (1981) V-1, V-2 Hitlers vengeance on
London. New York Stein Day, p. 144-45
7
Anchoring

• Two one-mile long pieces of railroad track are
  laid end to end and attached to the ground at the
  extremes.

1 mile
1 mile
8
Anchoring

• As the sun rises the track gets hot and the track
  expands by one inch, forcing it to rise above the
  ground.

1 mile 1 inch
1 mile 1 inch
1 mile
1 mile
9
Anchoring

• How high is the track off the ground at peak?

1 mile 1 inch
1 mile 1 inch
1 mile
1 mile
Peak
10
Anchoring

• Give a high and low estimate such that you are
  90 sure the correct answer lies between them.
• Between 1/2 and 1 inch?
• Between 1 and 3 inches?
• More than 3 inches?

1 mile 1 inch
1 mile 1 inch
1 mile
1 mile
Peak
11
Anchoring (solution)

z
x
y
12
Confirmation

• Consider the following series of numbers
• 2 - 4 - 6

13
Confirmation

• Consider the following series of numbers
• 2 - 4 - 6
• The series conforms to some rule. Your job is to
  discover the rule. To do that you will be allowed
  to pose any new sequences of numbers and you will
  be told (truthfully) whether or not your sequence
  conforms to the rule.

14
Confirmation

• Consider the following series of numbers
• 2 - 4 - 6
• The series conforms to some rule. Your job is to
  discover the rule. To do that you will be allowed
  to pose any new sequences of numbers and you will
  be told (truthfully) whether or not your sequence
  conforms to the rule.
• What is the rule?

15
Confirmation (solution)

• Consider the following series of numbers
• 2 - 4 - 6
• The actual rule is any three ascending numbers
• (Wason, 1960)

16
Confirmation (solution)

• The solution requires participants to accumulate
  disconfirming, rather than confirming, evidence.
• Wasons conclusions
• Obtaining the correct solution necessitates a
  willingness to attempt to falsify hypothesis, and
  thus test the intuitive ideas that so often carry
  the feeling of certitude.
• Our tendency is to search for information that
  supports our decision before making the final
  commitment.
• Known as the Confirmation Trap

17
Part 2

• Ideas on Alternative Routes for Data Acquisition
  (and system compromise)

18
What are we dealing with?

• Do you trust the data you are dealing with?

19
What are we dealing with?

• Do you trust the data you are dealing with?
• What parts of the system do you trust? What parts
  do you not trust?

20
What are we dealing with?

• Do you trust the data you are dealing with?
• What parts of the system do you trust? What parts
  do you not trust?
• How many processors in the target system?

21
Example Kernel Trojans

• Kernighans Reflections on Trusting Trust (1983
  ACM Turing Award Lecture)

22
Example Kernel Trojans

• Kernighans Reflections on Trusting Trust (1983
  ACM Turing Award Lecture)
• One solution is not to interact with the CPU

23
Example Kernel Trojans

• Kernighans Reflections on Trusting Trust (1983
  ACM Turing Award Lecture)
• One solution is not to interact with the CPU
• Relevant to VM systems as well

24
Early personal exploration
25
Available Avenues

• Northbridge, Southbridge, and Interfaces of
  Particular Interest

Graphic from Wikipedia
26
Northbridge

• Northbridge
• CPU
• RAM
• AGP
• Cards read directly from system ram and do not
  need to first map the data into the graphics card
  framebuffer (which PCI requires)
• The concern is that these cards are programmable,
  have a fair amount of storage, and are directly
  connected to the Northbridge
• How are reads and writes gated in various
  systems (e.g. VM or MLS)
• There can be only one (AGP 2.0)
• PCIe
• Designed to replace most internal busses (and
  usurp North/Southbridge)
• Already displacing AGP
• Do all connected devices get a copy of the
  packets?
• (yes, the protocol starts to have similarities
  with the IEEE 802 network model)
• Device to Device communication should be possible
  here, which would mean that components would be
  able to circumvent MMU and other host OS
  restrictions
• I dont know enough about PCIe at this point
  (honesty)

27
Southbridge

• Southbridge
• PCI
• Device to device communication is possible
• By asserting that you are the bus arbiter, you
  can talk on the bus without having to register /
  claim address ranges.
• DMA access is possible without interacting with
  the host OS
• Can this be mitigated through Northbridge
  constraints?
• Can have multiple PCI graphics cards that are
  separate - is a multi-monitor system an option?
• SMBus (System Management Bus)
• Two wire bus for communicating with low bandwidth
  devices
• Temperature sensors, accelerometers, battery
  subsystem
• Some of these devices can save state, accept
  control parameters, and return status / vendor
  information
• DMA Controller
• Allows ISA and LPC devices direct memory access
  without needing to go through the CPU
• USB, Firewire
• More later
• LPC Bus (Control Path for SIO which handles the
  following)
• Keyboard, Mouse, IRDA, etc.
• BIOS
• ALL systems are eventually rebooted

28
PCI

• PCI
• Provides full DMA which allows the user device
  (if programmed appropriately) to communicate with
  other peripherals directly and not rely upon the
  OS
• Acceseible not only via PCI internal slots but
  through PCMCIA/CardBus interfaces with system HBA
  (Host Bus Adapters)
• Many systems do not have PCMCIA/Cardbus
• PCI not designed to be Hot Swap-able

29
Firewire and Friends

• Firewire, SCSI-III, VMC
• Allow direct device to device communications
  without needing services from the host OS
• Even with OHCI 1394 memory restrictions being put
  in place by OS bootstrapping, there is a race
  condition at power on that is capable
• Relatively unfettered direct system memory access
  (Yikes)
• Firewire is more common than one might think
• SCSI-III and VMC rare (or extinct as in the
  latter case)

30
EFI and Openboot

• Remember that systems are rebooted at some point
  in their life
• ltBREAKgt (ltL1-Agt on Sun equipment) is an NMI that
  freezes the entire system and allows the user to
  interact with a FORTH interpreter. (Phrack
  Magazine Volume 8, Issue 53 July 8, 1998, Author
  Mudge)
• Complete computer and peripheral access / control
  without relying upon the underlying OS
• Can be used for analysis of OS for kernel
  modifications and monitoring devices
• Apple Hardware utilizes OpenBoot Firmware or EFI
• Unfortunately you need a custom kernel to enable
  dynamic breaks into the forth interpreter on a
  running system

31
Boot Vectors

• Boot Devices
• Become the boot device and power cycle the
  system, thus booting your own operating system
  (this is possible via USB, firewire, floppy, ISA
  hard disks, etc.)
• From this point insert a mini reference OS under
  seLinux and play the kernel-trojan arms race game
• Commonly requires changing system BIOS settings
• PnP Extended BIOS / Bootstrap Entry Vector /
  Remote Program Load
• It appears (from the PnP BIOS Specification) that
  this is possible and used as part of POST
  configuration for systems at boot time. While the
  spec alludes to FireWire and USB it seems this is
  mainly applicable to system bus devices (see next
  three slides)
• This will require a reboot

32
USB

• Physical Protocol
• Host is bus-master, all transfers host-initiated
• Interrupt behavior via periodic polling
• Logical
• Devices either
• Belong to pre-defined device class (HID, Audio,
  etc.)
• Have a vendor-specific behavior, via proprietary
  driver on host side
• Secure Software installation and upgrade
  important here

• Functional Sandbox
• No access to 'ports' or registers as in, e.g.,
  PCI bus
• All device ? host contact mediated by controller
• Predefined classes functionally constrained

33
UDB - Not like I didnt try
While it did not work for DMA its a ripe attack
target due to cruddy existing software drivers
34
Existing Efforts - CoPilot

• Copilot
• DARPA sponsored
• William Arbaugh
• Now a startup Komoku
• Fuzen (Jamie Butler) CTO
• PCI co-processor with DMA

35
Existing Efforts - Tribble

• Originally a L0pht idea (mudge, kingpin, et al)
  for PCMCIA DMA activities now a new effort by
  Joe Grand (Kingpin) and Brian Carrier which seems
  has moved to PCI

36
Existing Efforts - BBN
37
Applicable offense defense

• VMWare, VirtualPC, XEN
• Have they taken into account _all_ of the
  external influences?
• Limbo challenge how low can you go?
• Tremendous offensive capabilities
• Without physical access as components are
  programmable
• E.g. /dev/keyboard - Sun hardware attack
• MLS systems
• Nettop, HAP
• Trusted Computing (aka DRM)
• Intel - Lagrand
• AMD - Pacifica

38
Closing

• Thanks! This talk was intended to be as painless
  as possible

John Tan - L0pht Member who disliked dentists so
much he decided to practice home dentistry and
attempt to remove his own wisdom teeth