Old Intel processors: vulnerable to rootkits New Intel processors: shipped with rootkits

this blew me away. dude looks like Cypher from The Matrix, too.

I like the "oh btw I made a c compiler that only compiles to mov instructions". Jesus Christ......

This guy essentially started the whole Intel CPU security fiasco nowadays... Before this day, no one thought the CPU could be this vulnerable.

This Guy is a Frickin God

Of course, change that last 3 to a 4 to root that system. Every presentation this guy gives is amazing!

Lol! Perfect bug for sales. "All old processors are vulnerable and can't be fixed. Quick! Buy our new crap!"

lol the talk was just amazing... the selfie was the cherry on top.

I've worked my way back from more recent talks to here, and every single talk by this guy is awesome, he's just amazing. Half the time I'm just sitting here in disbelief with a stupid grin on my face.

27:35 validate the limit: `8026: test ax,ax; jz invalid_gdt`, validate the base: `802F: test eax,eax; jz invalid_gdt` - Can be mitigated with BIOS flash.

"really this is unpatchable" and i believe him. this guy was talking alien to me

Brilliant find but since it requires Ring 0 access to implement the rootkit you need to work along other exploits to get to that level - or secret services modifying whole shipments prior of delivery.

On a scale of 1 - 10 how genius is this guy? Yes.

This guy is of a special breed... not many left like him.. to get into ring -2 with 4 BYTES of code is God like.

I had sworn the introducer walked away and came back. But then I rewinded it and saw the beard differed

This is probably the 1337est presentation I've watched. If you know of a crazier (or even comparable) hack please please please, let me know.

"We must go deeper." Ringception?

the brother hood of nod selected

i do miss this guy, hope hes done some amazing things while working at intel. rosenbridge was never released, I guess what he stumbled upon was so powerful and so close to getting the concept to work.

This is a Beautiful thing.

Absolutely brilliant presentation. Stunning!

There is an error at 3:25, when he typed the last `whoami` it should have said: # whoami God

If you can't punt the ball - move the field ...

People like this are invaluable

I was grinning like a maniac while watching this. An incredible finding. Bloody brilliant!

I was good until about 0:01 and then it stopped making sense.

OK, trying to get my head around how you go from Ring 3 to Ring -2, _via Ring 0 which you've ALREADY cracked_ (the granting of Root to a Ring 3 process essentially just being a nice side effect and probably possible with the rootkit alone)... is the crucial thing the installation of that Rootkit, as a system driver? Thus making this actually a two-stage vulnerability: the extremely edge-case CPU attack is the second layer, and just as important is the security hole in either the operating system proper, or the user's head, allowing installation of (and thus granting of ring 0 privileges to) unsigned drivers one way or the other?

Great talk. And also very lucky that the SMM code was written in a way that helped sinkhole.

a gestalt vulnerability, interesting amazing talk

ty chris domas - this & the hidden risc core in x85; such awesome research. lol so d0pe!

HIs first attempt reminds me of Commodore 64 code, where you also sometimes make the processor execute code in IO registers... Not for the same purpose of course... just to save some cycles

Great talk. Great speaker

Amazing work. Also somewhat terrifying.

Really good talk!

Outstanding work

How does this not have dozens of times the views???

you are a beautiful creature domas!

I wonder how is the discovery of this type of vulnerability. Such thing could be a much more valuable asset than 'here is another exploit'. How is the process of finding such labyrinth of forgotten backdoors?

Any suggestion for hardware/software tools for hack/reversing?

fantastic talk

If Intel fixed the issue in Sandybridge, doesn't that imply that they were aware of the issue at some point prior to Sandybridge's release? Given the wide-reaching implications of this exploit (a Ring 0 breach elevating to Ring -2 potentially renders the system hardware itself untrustable from that point forwards), shouldn't Intel have immediately disclosed knowledge of this flaw so that security policies could be updated to account for the increased scope of vulnerability?

Wouldn't it help to add a few checks into the SMM interrupt routine? Are the numbers returned within a certain range? Maybe add some changing (as in stack protection) magic numbers where the APIC doesn't have its writable registers?

Since the SMM code can't be highjacked at run-time, how about changing the *actual* SMM code and injecting the rootkit there? 1. If the SMM code resides in ROM (EPROM, FLASH), the game would be over. 2. However the code shown in the presentation is self-modifying so SMM code resides in RAM and it must be writeable by the CPU. Let's explore what happens when the computer starts: The system memory contents in largely unpredictable (zeroes, FFs, garbage, operating system leftovers...) and thus no usable code may run from RAM until the computer loads something in it. Therefore if SMRAM resides in normal RAM (your trusty DIMMs), the system management code must be first copied there from BIOS memory (ROM/firmware) by the BIOS. That means that BIOS code needs to be able to override (disable) the MCH SMM memory protections so that it can copy the SMM code and data into RAM whilst *not* running in SM mode. If any SMI interrupt was triggered before the code is completely copied over, it would probably reset the machine so it's very likely the SMI interrupts need to be disabled by the BIOS until SMM is safe to execute. All the keys to this must lie in the computer firmware (the BIOS): the actual SMM code, the SMM initialization, MCH protection mechanism control, etc. It's quite possible that once MCH SMM memory protections are enabled by the BIOS, the protections can no longer be disabled by anything, i.e. it would be a one way hardware latch. However, this is just a conjecture. It would be worth the effort to disassemble (possibly after decrypting) the BIOS and SMM code and see how it's actually installed in RAM. Secondly, see if it's possible to modify the SMM code in the firmware image before flashing it. It is probably encrypted and digitally signed but the signature checks might be overridden by modifying the BIOS code checking them. Not easy but not impossible either. Since it took me just a while to come up with these ideas, I'm probably not the first to do so and these possible attacks have already been dealt with. 3. What happens if the computer has no DIMMs installed? Does the SMM code still run (perhaps from BIOS ROM)? Does power management, USB keyboard emulation and other SMM features work without DIMMs? If so, then it's very likely SMRAM resides in its own dedicated physical memory integrated into the chipset and not in DIMMs. Anyway, these are just my ideas after watching this jaw-dropping presentation at 2am. :)

This i by far the most insane exploit i've seen so far

Mind boggling. And terrifying.

Does it affect my abacus?

It takes a lot of dedication, intelligent, and craziness to test this out

Heh, unreal mode. 32-bit addressing without memory protection of any kind. Considered using it for my DOS game but it didn't really work.

awe :( I was hoping to get ring -2 access to my pc

How does one even go about making a mov instruction compiler...? Is there some sort of BNF notation on how it interprets stuff?

soon there will be Ring -9999

This really reminds me of arbitrary code execution in console games.

And here we have Kane, before he gets involved with the Nod

3:01 magic

This guy...

isn't ring 0 like the most root ring? negative rings for vm's and positive for normal apps?

For a malicious virus, you could make a fake driver that installs the Ring -2 rootkit. Drivers run in Ring 0 (or ring 1 or ring 2 on really old OSes).

Did you highlight the wrong entry in the GDTs? You have the null entry and then entry 0x8, and then 0x10 as the third entry. You have two between it...

But can you do it in 0x A Presses?

Next level

"design flaw" is a funny way of saying backdoor .-.

Hail Domas!

Beastmode.

pure sorcery.

Wow, that was beautiful. But seriously, Lord of the Rings, i.e. Intel, how many rings do we need? In 10 years there'll be ring -10.

24:40 What is ropping? I don't understand the phrase "APIC-ropping"

Cipher himself.

this is some fascinating shit

Mind = blown

So you can install a rootkit that's quite literally _impossible_ to detect, because the processor architecture has been designed for that code to be impossible to access by anything, no matter what you do. And this isn't supposed to sound scary?

At a time of writing this comment, there were 30 high-positioned intel employees watched this video.

Going beyond the 68k instruction set was a mistake

This video sends actual chills up my spine, to this day

What is ropping?

why do all the speakers at black hat conferences use windows? when clearly a lot of their work in done on linux / in unix environments?

kind of nevermind reading the rest of this. The attack is based on the Intel template EFI code. Just mung that in some way that breaks the SMM exploit but is otherwise harmless. You know, the same way practically all ring0 code is obfuscated. Do that. It seems just mitigate it by just ensuring that the only place ring0 code can be executed by the SMM doesn't contain malicious code. Just make sure that that segment always contains a specific piece of non-malicious data, and if it ever doesn't contain that, reset the system. It would make it close to impossible time-wise to ever _not_ reset the system by trying this exploit. You'd also have to leave most of the SMM code intact if you wanted an invisible backdoor, so just alter other parts of the SMM code to integrity-check the SMM code.

my mind is blown

i miss coding as much as finding stuff like this out. never got right into x86+ but i respect this guys thought processes

I thought it was fixed back in the 90'th, the flaw was well documented in a 3x86-architecture guide book to be check by the basic operarating system (build386 this time). There where even an special interrupt and jump gate for this type of security problem.

Def a wizard, the different hats, this magic it all makes sense now.

My computer just became a doorstop.

I must've missed how he wrote to address 0 from Ring 3? Anyone catch that?

Lets just start all over and make ring 4 and everything goes there

Boss lvl 99 ?!

Wow

He kinda slides by the fact that you must have Ring 0 before you can Take over Ring -2. His first demo shows what you can do AFTER you have compromised the system. Overall scary great talk, but the misdirection in the first 10 minutes was a cheap coin trick.

"Now, attempt to imagine the limitlessness of God's knowledge code"

I saw this guy eating steak with Agent Smith in the Matrix.

By design

I just found out what I want to do with my life.

what a god.

Whaaat the fuuuuck

hah . i can't talk . it's amazing

Around the 21 minute mark - I'd be curious to know if he got any inspiration from the Super Mario World speedrun glitch where they used game state to code an overflow. kzfaq.info/get/bejne/ft52m5R0r7XWhIk.html edit nevermind this was 2 years ago

Cool! This will make my crypto mining malware so much better!

Dome Ass XD

I'm not sure I understand the point of this. You start in Ring 0 which means you already control the system.

0:16 they are siblings?

Holy damn. Actually finding an exploit when there isn't even an exploit.

I've been watching "Hydraulic Press Channel" - crushing things for fun. But this guy can press much harder. I'm imPRESSed! So, moving things is Touring Complete? Kind of obvious, reality is "moving things", and nothing more. I presume that reality is Touring Complete :) And now we have "Reality" compiler, nice...