Offensive Conference day two

7 minute read

Updated Analysis of PatchGuard on Windows RS4: Is the Mouse Finally Caught? by Luc Reginato

Kernel patch protection (no one calls it this way). His diagram is over-simplfied. There are able to use static analysis. This talk is very in-depth and out of my domain of experience.

PatchGuard consist of three components. It seems that there is only a 4% to occure. But it’s hard for me to make sense of this.

iOS Dual Booting Demystified by Max Bazaliy

Dual boot in iOS. Using newer and older version of iOs or special flags. Apple has PKI that validates everything on the way. Has two ways for boot. Very complicated. Trustcache is a new thing in iOS 12. kernelcache holds the kernel and extensions. ramcache is not encrypted anymore. Trustchache aka Firmware.

Each commend is represented by a structure in iBoot. The menu is hidden by default. There are different attack vectors to attack the bootloader. kernel -> bootload for example.

Issues with the bootloader with Apples feature for KPP. Better way is to attack the bootloader from a bootloader. Modify the bootloader on the assembler level, allows to disable feature of the iOS kernel. You can’t disable KASLR, but use with zero slide.

Manual interaction takes a bit. Next level is using the XNU kernel with source. Apple seems to be very interesting to keep kernel features in place. There are feature within the MMU, that lock the kernel down. To prevent writing access to the kernel region. Some of the feature need to be patch out during the boot process. There goes a lot of work in there. Once it’s done you have a unprotected kernel where you can write things to.

macOS: How to Gain Root with CVE-2018-4193 in < 10s by Eloi Benoist-Vanderbeken

A bug in the server for displaying stuff. Found by in-process fuzzing. Goal: To have a reliable exploit. There are quite some limitation to the bug. Including some null pointer that needs to be present here. Going to abuse some different infrastructure `mach port. We can overwrite a NULL pointer with a pointer.

Problem: Find a good QWORD that can be overwritten. Absuing the CFdictionary because it will free the Null pointer. Took a deep looker into the CoreFoundation interals. This finds a memory sample that fits to the buggy array from the CVE. Problem here is that we only can specify a negative index. However, they can abuses the Heap things in a smart way and make allocation before the heap that can be reference in a negative way.

But it’s quite difficult to trigger this with the default malloc of apple. Spamming the heap does not work when done by a different CPU. ASLR in Mac is weak. Still this is a impressiv exploit. The defeat of the ASLR is quite heavy. Took 18 days to get it going.

Reverse Engineering of Error-Correcting Codes

Missed the intro ;( .ECC is hardware in the CPU. ECC needs to be fixed fast. ECC is undocumented. Using cold-boot for RE. Flip a bit and see what ECC does. They used a shorttage to create faulty bits. But this did not scale that well. Problem here: BIOS is setting the memory to find it’s perfect parameter and does reset the memory.

By passing by using coreboot, the reseting code part was submitted to the coreboot project by AMD. ECCplout -> get the same hardware as your vicitem. Extract the ECC algor. than using RowHammer. They focused only on the ECC part.

Attack Surface of a Connected Vehicle by Minrui Yan

note: The speakers were not a native speakers and it was diffcult to understand everyting correctly.

Attacking a car. The internal IVI based on Andorid, does also have a lot of vulnerabilities. To start research, you can get parts from ebay. Buy an old cars and start to extract the old items out of it.

Consider all parts like flash. T-Box: it has also a debug port. There are using eSIM. There is a token to control the car. That might all remote control of a car. Based on the service service architecture. Services are not exposed to the internet. We might are able to use the T-Box. It’s difficult to find the source of the attack.

You cann connect to the embeded devices thanks to linux default devices. Begin on the T-Box it’s possible to scan the ISV network. Might be hidden access for the ISVs? It’s possible to conect to the systems with re-wirring the cables. Also there is a USB connection that uses a HSB and can use adb to it. Tesla uses for example SD cards. Some of that cards are locked. But you can MitM with a logic anlayser and sniff out the password from the SD controller and the SD card.

Check the names from the ICs. For Tesla, they took of the emmc and put it onto a programmer to extract the firmware. It’s possible based on the data from the firmware to get the linux kernel that was used. An alternative is to use the an SPI programmer. (What’s the point about enumerating dumping firmware?)

  • control the car via the APN network. All services are running in the local network You could access over the APN network.
  • control the car via the TSP. There are stroing secret key in the service. Was able to control via the API the car? Because it’s authenticated via SMS?
  • control the car via the IVI. Connecting via the serial debug port to the Android system. Sending via writing data to the char devicds
  • Another way with IVI. Connecting into the CAN bus. it’s than possible to open the doors, start the enging or trigger the braking. It’s possible to change the postion of the wheel.

Personal note: Accessing the can bus seems senseful, CAN does not provide any authentiation.

Bypass Windows Exploit Guard ASR

Tool for adding protection for Windows. For most unknown.

He writes VBscript to bypass the ASR. Uses the task scheduler to bypass stuff. He creates a new task and stop it. New generated task have not the office process as parent. It’s based on a rules set in the kernel, that can be by-passed with ease.

FuzzIL: Guided Fuzzing for JavaScript Engines by Samuel Groß

Finding flaws in JavaScript code that causing error at the engines. Classic fuzzing won’t work, because it would test the parser. Requirement one to always have validate JS code. You might generate validate code based on the grammatical rules. But this won’t really work and does not invoke issues with the JIT. Needs to be semantic correct too.

Mutation based approach. last requirements to have sensible mutation of the JavaScript that make sense. There are different levels of mutation

  • Source code
  • Syntax Tree (AST)
  • Byte code

His approach is to mutate the byte code (low level). He generates them via his fuzzer FuzzIL. After generating the byte code you can ‘Lifting’ them to JS. First thing it does is the input mutator. Next is the operations mutator, change global functions. another is insertion mutation. Last one is the splice mutator. It just copies one part and another to it, based on randomness.

Another problem is minimization. Adding guided by adding a feedback mechanic in a similar fashion like afl does. He has some things on his todo, for example adding custom JS code sample to mute from.

Ideas for improvements

  • Starting at 08:00 ?
  • Name tags: Help people that does not know each others to engage in conversations
  • Improve the locations welcoming… it was quite harsh getting into the into hotel
  • Maybe better organisation of the chairs and numbers (rows lines)
  • Numbers for the tables out-side
  • Better transition of talks
  • Areas to drop stuff like bottles or dishes
  • Provide the slides before the presentation begins
  • Better positioning for the beamer screen. For the people in the back the bottom is often cut off…
  • The coffee was medium…
  • Places for talks with more ‘privacy’, we had to abuse some unused conference rooms…but that’s not always the soluton

Offensive Conference day one

7 minute read

I’ve attend the Offensive Conference 2019 in Berlin. A in-depth technical security conference. What does in-depth imply? Exploit and technical talks with working exploits.

You’re getting some stuff at entering

On the following page I keep track of some notes:


I attend the first half of the presentations. One pattern I saw across was the heavy usage of fuzzer.

Keynote: Alex Ionescu

First talk was from a Alex Ionescu about reversing without reversing. Tl;DR look at all possible sets of information that are there. Funny because he could reference source from Windows and used into ReactOS. It was inspiriting and frighten at the same time.

Modern Source Fuzzing by Ned Williamson

Talking about the usage different approache to fuzz. He use of a Stream based Fuzzer approach. It’s a parser before the API call that will be consumed He think fuzzing like a water flow. He extend his concept with the idea of a Protobuf-based Fuzzing. I leak understanding of the Fuzzing nature in deep. However, this seems like a nice solution with a different approach to the classic fuzzing.

With his strategy he found a bug in the AppCache from Google Chrome. It was used for a exploit chain that lead to a RCE. New project is to moving the xnu kernel into a libary. libxnu will be fuzzed with his way. Issue with binaries because it’s hard time to patch.

IPC You Outside the Sandbox: One bug to Rule the Chrome Broker by Niklas Baumstark

This presentation is related to the previous one. It presents a exploit on the bug found before. Attacking the IPC in Chrome allows to exploit without ALsR. Defining the Cache of the image can be exploited. Each cache has a reversion. The important is that there is a pointer to the newest object. Creating a free-after-use bug with released cached. Allowing by exploiting the de-counter.

It is not possible to high-jack the vtable. Solution: Create a fake object. Heap going upwards: Spray the Heap (with 200 MB) Creating blobs that are pushed on the Heap. They need a information leak and get any address from the heap. There are using a ‘canonical cookie’ to get there. Another idea was to corrupt the size of std::vec. Because of time constrain they had to throw away many ideas.

In the end they wrote the exploit in javaScript to load C++ Code into memory by abusing reflective DLL injection. These code will be executed within a separated threats using web threats. Impressive exploit.

3D Accelerated Exploitation by Jason Matthyser

Exploitation of the 3D extension implemented for VirtualBox using chrome (not the browser). chrom is abstracion layer to translate Opcode to calls for the GPU. This is done by allowing the client to made special ops calls to the OS. He uses a Fuzzer. Key is that the uses the OpCodes for the virtualisation. It will take the opscode the right handler. There are some issues with debugging the VM. So he created a standard interface for VirtualBox.

The vulnerabilities, we can define buffer with arbitrary size and can read from. (ouch…) The vulnerabilities was boring for him, so instead of pushing shell code, he was redirecting stuff to execute instead.

Bugs so Nice they Patched them Twice! A (Continuing)? Story About Failed Patches by Jasiel Spelman, Brian Gorenc, Abdul-Aziz Hariri

The focus of this talk was to look at adobe software with JS API and how adobe does fix reported vulnerabilities. Most of the time, exploits were bypasses the fixes of a bug. For example they fixed a bug that was a buffer overflow. The overflow was located in a if-else statement. Adobe was fixinig only the if case, but left the same overflow in the else cause unpatched.

Another example, you can use JavaScript to change aspects of the PDF. This feature has a 300 page documentation. People search for undocumented functions (there are a lot of them) that are intended only for professional services of Adobe. Most of the feature triggering free-after-use bugs like CVE-2016-0931 -> fixing by Adobe. They went through all the bugs with it and fixing them. The attacker changed by using a different function to trigger bugs….works fine..

Have a classic heap overflow in the function. The fix after some months was to have a check for the value that was used in the exploit. Another sample of this is the xml parser. Note when you want to filter, you want to filter only a several nodes.

Bug: Defining a Marco that will work on debug with dynamic cast but a static cast in production… allows type confusion… Their fix is to replace all to a dynamic cast with null pointer fix. Can be crashed with a comment

Fast searching in pdf: Laxtek -> was not audited. Creating a index file, it can be corrupted and causing issues. It has not been fixed properly.

Attacking Hardware Root of Trust from UEFI Firmware by Alex Matrosov

Possible to bypass bootguard. TPM is broken -> Can be MitM. Bootguard is no part of UEFI Lenovo has a .SMI over WMI function to disable BootGuard. Was found during a Windows update. Question: Could that affect a linux system?

There is a UEFI module that provide access to the SMM from lenovo. With the WMI you don’t need a kernel module to make SMI calls. Most vendors try to reduce the SMI calls to minimal attack surface. Question: using the legecy mode would help (older laptops)? Q: Affected laptops? List will be provided. Q: Possible to reset the state with a re-flash of the UEFI? Yes it will be. But only when then entry chip is begin re-flashed. Q: Could we use this to install coreboot on any Lenovo device.? Sure with no TB you can place what ever you want on it.

Stores value in the nvram .Embedded Controller is not a security boundary. EC has DMA access and can attack other components. There is a separate flow for update an EC, in theory it. But in reality, they don’t have one. EC vendor has an issue with their update process. A not name vendor does not check the hash for updates correctly. Site note: IBG is not used by intel itself. It seems to be even possible to enable CPU debugging from OS! (WTF!). You need to flip a single bit to disable the BG feature. After three reboots it did work. Alex statement is that BG is a Marketing feature. He wonders why lenovo does not consider RE in their Threat Model.

Coverage-Guided USB Fuzzing with Syzkaller by Andrey Konovalov

I’ve skipped some talks. But this one seemed to be a good one about skycaller. The classic syscall fuzzing is called Trinity. It’s a basic fuzzer with calling random() on a syscalls. Linux kernel devs do not care about CVEs, they rather care for fixing bug.

For the skycaller is a language to describe syscalls. Andrey is not a kernel expert. Skycaller works like any other fuzzer. It try to do handle all these manual work. For example create ways to reproduce found crashes. Skycaller is quite small with 2k LoC. There have quite a lot of todos, for example ToDo for the project: Replacing different corpuses

Showing a demo for

USB provides an ID to the client, depending on id the will access the driver. USB can be seen with Wirehark. Skycaller will fuzz some of the usb stuff

The diagramm can be read better from bottom to the top.

  • FaceDaner
  • Using a Hypervisor to inject USB - vUSBf

The kernel implements usb in a background threat. Using something like the Tun/tap infrastructure with USB to inject USB messages. (It’s not essay to do this with the kernel) They implement this with Gadget and the usb dummy function. Gadget is limited, instead a own kernel module was programmed. He found 80 bugs, half of them fixed the other was ignored.

The gadget does not support every option of an USB device. For improvement he uses a dwc2 driver, that is used for creating driver using the Rpi Zero. The same bug for the smsusb was not working. The module was missing. A issues when testing the fuzzing on a real device, it might have not been connected correctly. Question: Why only half of the bug where fixed? A: Bugs might be lost on the ML. Maintainer not anymore active one the problem

Book:"Click Here to Kill Everybody"

1 minute read

Bruce Schneier has published another Book with the title: “Click Here to Kill Everybody”. He made a video talk on Google about this:

Bruce Schneier at Google Talk.

have fun!

Android Multi User

2 minute read

Just on a quick note: Android have a ‘multiple’ User features. The idea is simple and like in Windows. Different Users can share the same device. However, this feature is broken. The initial creation of a new User renders the phone useless till a reboot. Followed by a odd reboot cycle of several times. It took some time till switching was working and does each time have a slow down.

You can not just ‘simply’ share files or apps. [0] It is possible to share files by using a special folder /sdcard/Android/obb to make it accessible to others. The Unix permission system underneath is completely not usable or of any sense here. There are not groups whatsoever and the new User might able to install Apps on his own, but only when these are not presented by the other user. Sharing App data seems to be not possible, at least not without any App[1]. It might be possible to have user share the same Google Play Account[2]. It does not tell how apps can be shared. Besides, there seems to be quite a lack on documentation to this regards. In the end the App might need to support this[3]. It feels like that even Windows 95 had got this better..

so far akendo