Apple: UEFI firmware security overview

In addition to above content, there are slides and videos from the last BlackHat USA on Apple security:

BlackHat-USA-2019: videos online

The videos from BlackHat-US-2019 are on Youtube now:

For example:

Tianocore C codebase: Rust branch forked

There is a branch of the Tianocore UEFI C codebase that is being ported to Rust!!

Interesting! I wonder how this will turn out. There is not a lot of Rust knowledge in the existing Firmware engineer community, but there is a lot of talk about Rust replacing C for low-level systems projects. While one Microsoft security researcher has posted a blog about Rust, I really don’t see Microsoft embracing Rust. They have to retrain their existing C developers to use a new language, and they’d need a language that they could control the direction of. I suspect the Microsoft systems team, if forced to migrate from their C89-era compiler to something modern, would probably use their CheckedC or Project Verona. I would love to be proven wrong. 🙂

Go-Attestation: abstracts remote attestation operations across a variety of platforms and TPMs, enabling remote validation of machine identity and state

Go-Attestation abstracts remote attestation operations across a variety of platforms and TPMs, enabling remote validation of machine identity and state. This project attempts to provide high level primitives for both client and server logic.[…]

Intel INTEL-SA-00289: Plundervolt

Intel releases 9 new security advisories

Today Intel released 9 new security advisories:

Intel® NUC® Firmware Advisory

Unexpected Page Fault in Virtualized Environment Advisory

Intel® SCS Platform Discovery Utility Advisory

Intel® Quartus® Prime Pro Edition Advisory

Control Center-I Advisory

Intel® Processors Voltage Settings Modification Advisory

Intel® Ethernet I218 Adapter Driver for Windows* Advisory

Linux Administrative Tools for Intel® Network Adapters Advisory

Intel® Dynamic Platform and Thermal Framework Advisory

Using an Option ROM to overwrite SMM/SMI handlers in QEMU

This article explores PCI Expansion ROM (or Option ROM) execution within UEFI and walks through a practical scenario of using Option ROM code to modify SMM. In order to accomplish this goal we relax the security within EDK2. Note that this article does not reveal any security weaknesses. We begin with how to create a QEMU/OVMF/iPXE testing environment that boots Fedora with UEFI Secure Boot enabled and measures the pre-OS environment using a software TPM2. We then install an SMI handler by modifying our iPXE EFI Option ROM, which is the same as a DXE driver run during Boot Device Select (BDS). Finally, we again modify our Option ROM code and overwrite and reliably ‘shim’ an existing SMI’s handler with our own.[…]

Bitleaker: decrypts BitLocker-locked partition with the TPM vulnerability (CVE-2018-6622)

BitLeaker is a new tool for extracting the VMK and mounting a BitLocker-locked partition. BitLeaker uses the TPM vulnerability, CVE-2018-6622 for a discrete TPM and related vulnerability for a firmware TPM. They are related to the S3 sleeping state of Advanced Configuration and Power Interface (ACPI) and can reset the TPMs. If you want the detailed information about CVE-2018-6622 and a vulnerability checking tool, please read our USENIX paper, A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping and Black Hat Asia presentation, Finally, I Can Sleep Tonight: Catching Sleep Mode Vulnerabilities of the TPM with Napper.

PCI Express DIY hacking toolkit

This repository contains a set of tools and proof of concepts related to PCI-E bus and DMA attacks. It includes HDL design which implements software controllable PCI-E gen 1.1 endpoint device for Xilinx SP605 Evaluation Kit with Spartan-6 FPGA. In comparison with popular USB3380EVB this design allows to operate with raw Transaction Level Packets (TLP) of PCI-E bus and perform full 64-bit memory read/write operations. To demonstrate applied use cases of the design, there’s a tool for pre-boot DMA attacks on UEFI based machines which allows executing arbitrary UEFI DXE drivers during platform init. Another example shows how to use pre-boot DMA attacks to inject Hyper-V VM exit handler backdoor into the virtualization-based security enabled Windows 10 Enterprise running on UEFI Secure Boot enabled platform. Provided Hyper-V backdoor PoC might be useful for reverse engineering and exploit development purposes, it provides an interface for inspecting of hypervisor state (VMCS, physical/virtual memory, registers, etc.) from guest partition and perform the guest to host VM escape attacks.

SEC Xtractor: HW/FW tools for dumping memory chips and identifying on-chip debugging/programming interfaces

We have just made the “SEC Xtractor” tool (SEC Consult’s hardware exploitation and firmware extraction tool) open-source! It comes with an easy to use and configurable memory reading concept that supports multiple ways to read flash chips (e.g. NAND chips). As its firmware and hardware are completely open-source, it can be easily extended. Interface identification is another requirement that was fulfilled by integrating JTAG brute-forcing and UART scanning. It can also be used as an OpenOCD adapter and it provides two UART-to-USB bridges. Most devices require anything between 1.8 and 5.5 volts, which is supported by the SEC Xtractor.[…]

SEC Xtractor (Hardware)

SEC Xtractor (Firmware)

UL offering IoT security ratings

The IoT Security Rating, which is based on UL’s IoT Security Top 20 Design Principles, aims to serve two purposes:

1) Help manufacturers and developers improve the security posture of their solutions by leveraging proven security best practices

2) Rate the security posture of IoT solutions in order to make security more transparent and accessible to consumers.

Updated artwork IoT

I wish these logos had more specifics, like what boot security technologies are available.

Redfish-Tacklebox: Python based utilities for performing common management operations with Redfish

DMTF has a relatively-new Redfish project, with tools (currently 6 Python-based tools) that’re useful for security researchers, system administrators, and firmware testers:

Sensor List ( walk a Redfish service and list sensor info

System Inventory ( walk a Redfish service and list component information

Power/Reset ( perform a power/reset operation of a system

Boot Override ( perform a one time boot override of a system

Accounts ( manage user accounts on a Redfish service

Update ( perform an update with a Redfish service

There is a new web site with multiple TPM resources, many things to see. And a physical event, if you are based in Germany.