Rafal Wojtczuk and Joanna Rutkowska - Black Hat

01.07.2015 Views
The final outcome...

Page 1: Attacking Intel ® Trusted Executio

Page 4 and 5: Intel ® Trusted Execution Technolo

Page 6 and 7: TPM 1.2 Passive I/O device (master-

Page 8 and 9: PCR “extend” operation PCRN+1 =

Page 10 and 11: TPM seal/unseal example # echo 'Sec

Page 12 and 13: Both seal/unseal and quote operatio

Page 14 and 15: BIOS ROM BIOS FLASH BOOT LOADER OS

Page 16 and 17: Example #1: Disk Encryption Disk en

Page 18 and 19: So, a malware can sniff it…

Page 20 and 21: Example #2: User’s Picture Test :

Page 22 and 23: Problems with SRTM

Page 24 and 25: Dynamic Root of Trust Measurement (

Page 26 and 27: A VMM we want to load (Currently un

Page 28 and 29: TXT bottom line TXT late launch can

Page 30 and 31: GRUB (1 st stage) GRUB (2 nd stage)

Page 32: First we start “trusted” Xen (b

Page 36 and 37: Thanks to tboot only when the trust

Page 38: Tboot Demo #1: sealing to a trusted

Page 42 and 43: SENTER is not obligatory!!! TXT and

Page 44 and 45: Why would a user or an attacker be

Page 46 and 47: AMD Presidio AMD’s technology sim

Page 48 and 49: SRTM/DRTM (launch-time protection)

Page 50 and 51: TXT: exciting new technology with g

Page 52 and 53: Q: What is more privileged than a k

Page 54 and 55: Introducing “Ring -2” SMM can a

Page 56 and 57: SMM vs. TXT?

Page 58 and 59: Q: Does TXT measure currently used

Page 60 and 61: Q:So, how does the SENTER deal with

Page 62 and 63: TXT attack sketch (using tboot+Xen

Page 64 and 65: Address of the shellcode (in the gu

Page 69 and 70: Wait! But how to infect the SMM han

Page 71: Let’s take a look at the live dem

Page 74 and 75: So how we can get into SMM memory (

Page 76 and 77: 2006: Loic Duflot (not an attack ag

Page 78 and 79: So, how did we get around this vici

Page 83 and 84: Meet Atmel 26DF321 SPI-flash

Page 85 and 86: Looks promising, but...

Page 87 and 88: So, we used a different approach…

Page 89 and 90: Memory Remapping on Q35 chipset TOU

Page 91: #define TSEG_BASE 0x7e500000 u64 ta

Page 96 and 97: Intel patched the bug in August 200

Page 98 and 99: VU#127284

Page 100 and 101: We have provided Intel with the det

Page 102 and 103: We suspect it might affect all rece

Page 104 and 105: Intel contacted CERT CC informing t

Page 106 and 107: We plan to discuss the details of t

Page 108 and 109: More on the TXT Design Problem

Page 110 and 111: SMM Transfer Monitor (STM) Communic

Page 112 and 113: Intel Who should write an STM? OEMs

Page 114 and 115: Intel told us they do have STM spec

Page 116 and 117: Intel might be right claiming that

Page 118 and 119: We cannot make our mind on this unt

Page 120 and 121: Summary

Page 122: http://invisiblethingslab.com

intel

senter

bios

tboot

disk

hypervisor

currently

hash

kernel

resets

rafal

wojtczuk

rutkowska

digitalpiglet.org

Rafal Wojtczuk and Joanna Rutkowska - Black Hat

Rafal Wojtczuk and Joanna Rutkowska - Black Hat ... View more Rafal Wojtczuk and Joanna Rutkowska - Black Hat

Delete template?

Save as template ?

Rafal Wojtczuk and Joanna Rutkowska - Black Hat Rafal Wojtczuk and Joanna Rutkowska - Black Hat