Did any of the briefings from day one sound interesting to you? Do you want to know what happened the next day? If so, check out my day two Black Hat briefing summary below:
BadUSB – On Accessories that Turn Evil
Topic: Infecting USB microcontrollers to create undetectable evil USB devices
Speaker: Karsten Nohl, Sascha Krißler, Jakob Lell
News of this talk came out before the Black Hat conference, and I had mentioned it in my weekly video. It did not disappoint.
In the briefing, Nohl and Lell described how they analyzed the firmware from an off-the-shelf USB microcontroller, and figured out how to load malicious firmware instead. In case you hadn’t heard, every USB device—whether it’s a storage device or keyboard—has a tiny micro-controller built into it that communicates with your computer, and tells it what the USB device is. In essence, Nohl and Lell figured out how to create a USB micro-controller that lied, and in so doing could do malicious things. For instance, they could create a USB storage device that acted like a keyboard, allowing it to actually launch commands, run code, and even key log.
You might be asking, “Why is this so scary? I already knew USB devices could be malicious.” Well in the past, USB attacks required malicious files on the storage device. The attack would either leverage auto-play issues, or exploit some underlying operation system vulnerability. In either case, security software might find the malicious file and block it. In this case, there are no files on the USB device. By infecting the firmware, that attacker makes it extremely hard for you to detect malicious USB devices.
During the talk, the speakers showed many interesting, and worrisome demos. For instance, a malicious USB key could be programmed to spread to other USB devices plugged into a system (assuming they other device also used the right micro-controller). Nohl and Lell also demonstrated that is is a cross-platform attack. Since all operating systems must communicate with USB devices, they all can succumb to malicious USB firmware. The pair even showed this particular attack infecting an Android device.
In the end, this is a very scary attack. It makes it very difficult for us to trust the USB standard. Furthermore, since this is a firmware infection, it’s a perfect mechanism for persistent attacks. You could reformat the malicious USB device all you want, the infected firmware would still remain. The only good news is that the speakers only did this with a very specific 8051 microcontroller. In order to use the attack with other devices, hackers would have to reverse those devices firmwares and find new flaws.
So what can you do about this? Unfortunately, it’s a hard problem to crack. The USB standard is pretty set in stone, and security software like AV can’t detect this attack. One option is to force signing of USB firmware, but that would require industry-wide change, and would only help new USB devices. The one sure tip Nohl and Lell recommended was to have USB manufacturers disable firmware updates in hardware, so that no one could change the software running on these devices.
Extreme Privilege Escalation on Windows8/UEFI Systems
Topic: Hacking Windows boot security to gain ultimate system privileges
Speaker: Corey Kallenberg, Xeno Kovah, Samuel Cornwell – MITRE
On modern systems, even when an attacker gains administrative or root privileges, he doesn’t have penultimate control. In computing, there are various processor-level security domains, from ring 3 to ring 0. An administrator may have the ultimate privileges in ring 3, but he doesn’t have kernel level ring 0 control. This presentation outlined a technique attackers could use to leverage the Windows secure boot system and gain that penultimate ring 0 control.
Over the years, operating systems like Windows have begun to adhere to more secure boot processes that make it harder for bad guys to infect our computer’s BIOS. A relatively new standard called the Unified Extensible Firmware Interface (UEFI) defines how computer systems should load firmware and the BIOS, and includes security mechanisms like secure boot, signed BIOS, and chipset protections.
Without going into all the details, the speakers at this talk found some vulnerabilities in the Windows UEFI system. UEFI is open source, which meant the researchers could easily audit its code for flaws. To their surprise, they found some, including a few pretty basic integer overflow flaws. That said, exploiting these flaws was no easy feat. UEFI only allows userland processes to communicate with it in a limited fashion. Of course, the researchers eventually found a Windows function (SetFirmwareEnvironmentVariable) that allowed them to manipulated enough inputs to trigger their vulnerabilities. While they still had to get past a few hurdles for their attack to succeed, they did, and were able to take control of the UEFI boot process.
In the end, this means an attacker with administrative privileges could leverage this UEFI flaw to gain full ring 0 control of your computer. This allows the attacker to overwrite your BIOS, even on a secure UEFI system. Attackers could exploit this to brick your system, defeat secure boot, create an undetectable rootkit, subvert your hypervisor, and much more.
The good news is the speakers had informed US-CERT, Intel, and BIOS manufacturers of this issue, and most have fixed it. The bad news is not everyone installs BIOS upgrades often.
Mission MPOSsible
Topic: Hacking mobile point-of-sale (POS) systems
Speaker: Nils and John Butler
This talk focused on vulnerabilities found in many popular mobile POS systems used by consumers and smaller businesses. There are not the enterprise POS systems used by large retailers, rather small cellular devices just meant to take a chip and pin cards, and process the payments online.
The researchers did not share the name of the affected devices (though they hinted strongly at what they were), but they did say that 75% of the solutions for mobile chip and pin processing use this solution. These mPOS devices are small embedded linux machines, running Arm5 processers. The speakers compared them to equipment used in cheap MP3 players.
As embedded linux machines, the devices suffered all the potential security issues you might expect. For instance, they allow both Bluetooth and USB access, which presents attack surface. Via USB, the researchers were able to recover the device’s firmware and analyze it. They also found a vulnerability involving unplugging the USB cable, which allowed them to load malicious firmware.
Nils and Butler also decided to fuzz the EMV library (the chip and pin communication standard) on these devices. During their fuzzing, they discovered a very basic stack buffer overflow—one of the most basic memory corruption issues possible. They then demonstrated how they could exploit this to gain full root control of these devices. Of course, they decided to make their root control fun. Rather than just owning the device, they loaded up a custom made version of the Flappy Bird game, which they called Chippy Pin. Any talk that ends with a mobile POS device playing a video game, is a good presentation in my book.
I hope you found this quick summary of the Black Hat briefings interesting and potentially useful. If anything, it should give you an idea of some of the types of attacks you might see in the future. As usual, I found the Black Hat briefings fascinating, even though I was only able to attend a fraction of the talks. If you ever find yourself in Las Vegas late July or early August, I recommend giving Black Hat and DEF CON a try. — Corey Nachreiner, CISSP (@SecAdept)