Saturday, January 20, 2007

Beyond The CPU: Cheating Hardware Based RAM Forensics


We all know that any software-based system compromise detector can always be cheated if malware runs at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same privilege level as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 detector (usually both run in kernel mode). This is what I call Implementation Specific Attacks (ISA). Because of that, mankind has tried to find some better, more reliable ways for analyzing systems, which would not be subject to interference from malware…

And we all know what we’ve come up with as a solution – hardware based devices for obtaining cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 image of volatile memory (RAM), usually in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 form of a PCI card. As far as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PC architecture is concerned, probably cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 first two papers in this area are those about Tribble and CoPilot. As an alternative to expensive dedicated PCI cards, one can also use a FireWire bus, as it has been described by Maximillian Dornseif at el., and later by Adam Boileau.

The point is: once we get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 memory image, we can analyze it for signs of compromises on a trusted machine or we can have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PCI device to do some checks itself (like e.g. CoPilot does).

The whole idea behind hardware based RAM acquisition is that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 process of reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 memory is using Direct Memory Access (DMA) to read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 physical memory. DMA, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 name suggests, does not involve CPU in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 process of accessing memory. So, it seems to be a very reliable way for reading cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 physical memory…

But it is not! At least in some cases...

Next month, at Black Hat DC, I will be demonstrating how to cheat hardware based memory acquisition on AMD based systems. In ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r words, I will be showing that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 image obtained using DMA, can be made different from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 real contents of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 physical memory as seen by cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 CPU. Even though cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attack is AMD-specific, it does not rely on virtualization extensions. Also, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attack does not require system reboot. Nor does it require soldering ;)

I have tested my proof-of-concept code against a FireWire-based method of memory acquisition, using tools from Adam Boileau’s presentation.

I wanted to test it also against some PCI cards, but it turned out, that for an ordinary mortal person like myself, it is virtually impossible to buy a sample of a dedicated PCI card for memory acquisition… E.g. cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Tribble card is still unavailable for sale, according to its author, even though cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 prototype has been build in 2003... BBN, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US company known for doing lots of project for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US government, apparently has a prototype (see page 45) of something similar to Tribble, but is not willing to discuss any details with somebody who is not involved in a project with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 US government... Finally, Komoku Inc., whose main customers, according to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 website, are also US government agencies, also rejected my inquiry for buying a sample of CoPilot, claiming that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 device "is not generally available right now" ;)

Anyway, even though I was able to test cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attack only against FireWire based method, I’m pretty confident that it will work against all ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r devices which use DMA to access cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 physical memory, as cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attack itself is very generic.

See you in DC!

11 comments:

Admin said...

I wish I could stay in DC next month!! Well, cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re is one only thing about this article I disagree with: you're not an ordinary mortal person!!! You're an extraordinary amazing girl! :p Enjoy DC Joanna! Kisses from Spain.

Anonymous said...

It's about damn time. Good luck with your presentation.

- Rossetoecioccolato.

Anonymous said...

Will you also present this at Black Hat Europe?

Didier

aran said...

¡CHAPEAU JOANNA! zorionak

Uli Dinklage said...

Hi Jonna

I got your name reading a VISTA article in tha Australian PC Authority magazine.

I immediately went on your website and I must say I am quite impressed.

One part talks about using a PCI card and DMA to take a memory shot. First I thought
this is an excellent idea, but when I really started thinking about it I found 2 flaws.

1. With DMA you never get an EXACT memory snapshot, because you cannot stop cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 processor
before you take cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 shot.
2. Background DMA slows down ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r processes (because of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 additional memory cycles)
so it is detectable by self timing programs.

I think I have a solution that works better.

1. Instaed of using DMA you install a second memory on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PCI card that runs on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same
address range than cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PC's memory.
2. This memory is configured in a way that you can only WRITE to it from cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PC's address
and data bus. Reading is not required and not recommended, because cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 output drivers
of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 two memories would not like it.
3. To take a snapshot you just disable cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 write.
4. To read cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 data cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 address and data bus is switched to an on board processor that
reads it and transmits it to an external PC via serial port or ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r means.

This type of memory snapshot is always current and more important IT IS TOTALLY
TRANSPARENT to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 PC. It does not slow it down in any way and does not need any
PC software to operate it.

There is anocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r nice advantage.

When you add a third memory to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 adress range and connect a clock to cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 databus
of that memory you get a TIMESTAMP for each memory write.

With this timestamp you can trace cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 scheduling of processes and analyze how spyware
blocks protected processes, for example two processes that wait for input from each
ocá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365r without a timeout.

Regards

Uli Dinklage (uli.dinklage@hotmail.com)

Anonymous said...

...So when are you going to change your name to Trinity? Excellent work!

Ancient said...

I understand your dissappointment at being unable to source cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se cards.

I myself used an off-cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365-shelf PCI-based FPGA demo board. The PCI functions are provided by an IP-Core and you can simply code cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 engine in Verilog or VHDL.

So, No SMT work at all (I know that SMT worries some people) and it romps in much MUCH cheaper (and more flexible) than those proprietary DMA sniffer cards that nobody wants to part with.


Increasingly cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se days cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 FPGA is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hackers closest ally. Armed with an FPGA you can process spliced uplinks on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fly (A PIC microcontroller struggles above 10Mbps and stronger controllers struggle above 100Mbps) - but a cheap FPGA solution can MITM, inject, clone and reroute selected packets on DMT and QAM64 based technologies after dropping in some IP-Cores and a little packet logic.

I respectfully suggest that Joanna takes a look at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 readymade IP-Cores for PCI functionality and demoboards which are fully wired SMT PCI cards with an FPGA programmable logic IC premounted.

Lets face it, with FPGA's making cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir way into HSC environments it is almost mandatory for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hacker to invest some time in learning to code in Verilog/VHDL.

I've implemented DMA before in this fashion although not for this particular application. I'd suggest it is almost certainly cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 best route for cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 hacker to explore such detection systems on a tight budget.


Of course, let cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m have cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365se cards... for such a technology to be useful cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y need to be able to RECOGNISE malware. And that, as we all know, is a much trickier proposition.

I've yet to meet a career hacker that used off-cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365-shelf rootkits anyway. And heuristic analysis at cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 kernel layer is almost impossible against all but cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 simplest and most direct of rootkit approaches.

Anonymous said...

Interesting story. Any new updates?

Anonymous said...

What no one seems to mention is that a CPU cache’s contents are NOT always coherent with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 DRAM copy! This sort of defeats DMA, and even cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 proposed "shadow" RAM of Uli Dinklage.

Some code could even "unroll" whatever it wanted to a section of cache that had been configured to NOT map to physical/logical RAM address and no one would see it!

RightWay Systems.

Anonymous said...

This is great, thank you so much for sharing! You should go global with this, hit up Black Hat Japan if you're not already planning to.

Matt

Anonymous said...

Excellent work!.. it is interesting to read.., i am not in hardware industry but i liked its title.
"Beyond The CPU: Cheating Hardware Based RAM Forensics"

Intresting..