Post on 15-Aug-2015
SOURCE Boston 2015
• Xiaoning Li (Intel Labs) • Nicholas Carlini (Intel Labs)
iROP: Interesting ROP Gadgets Setting One's Spear Against His Own Shield
About Us: Xiaoning
• Security Researcher and Architect at Intel Labs: DeepSafe, VMFUNC/VE, SGX from Intel Labs • Focused on analyzing/detecting/preventing zero-
day/malware with existing/new processor features
• Bypassed PatchGuard (dissected PatchGuard decoder)
• Presented at CARO 2013, ShmooCon 2014, Black Hat Asia 2014, Black Hat 2014, HackMiami 2014, ToorCon 2014, Threads 2014, CanSecWest 2015
Agenda
Background of Return-Oriented Programming
Branch Transfer Instructions
ROP Defense and Bypass
Valid Gadgets
More Gadgets From WOW64
Return-into-lib(c) and Return-Oriented Programming have been hot topics for many
years and well researched by many excellent researchers.
ROP frequently used in APTs
For example, APSA13-02 PDF zero day
Reported by FireEye in February 2013
Best Client-Side Bug: CVE-2013-0641
Sophisticated ROP only, without shellcode
First public in-the-wild exploit of Adobe Sandbox
Bypassing
ROP Exploits in APTs
Malicious PDF
Acro32 Trigger 1nd
Vul StackPivoting D.T 2 Threads IPC StackPivoting L2P.T L2P.T L2P.T Acro32
Bro
ke
r
Re
ad
er
Sa
nd
bo
xe
d
Re
ad
er
Open PDF file Heap OverflowRun ROP
Stackpivoting
Create and Load
D.T Library
1:Show Error
2: Create L2P.TIPC to trigger 2nd
vul , then quit
Heap OverflowRun ROP via
Stackpivoting Load L2P.T
Create Visaform Turkey.pdf
Create new
sandboxed
process to open
new pdf
New Process
shows Visaform
Turkey.pdf
Create Langbar.dll
And load it
Trigger Point and StackPivoting ROP Gadget
CVE-2013-0640 CVE-2013-0641
APSA13-02 ROP Gadgets
ROP (Return-Oriented Programming) is one way to
reuse oriented code
RET is only one way to reuse code
There are others ways to reuse code JOP (Jump-Oriented Programming)
COP (Call-Oriented Programming)
Reuse-Oriented Programming
Agenda
Background of Return-Oriented Programming
Branch Transfer Instructions
ROP Defense and Bypass
Valid Gadgets
More Gadgets from WOW64
There are many types of branch transfer instructions
Return Near Return
Far Return
Jump Conditional Jump
Near/Short/Far Jump
Direct/Indirect Jump
Call Near/Far Call
Direct/Indirect Call
Interrupt Return
Branch Transfer Instructions
Near Return A return to a calling procedure within the current code
segment (Intrasegment Return )
Far Return A return to a calling procedure located in a different segment
than the current code segment (Intersegment Return )
Inter-privilege-level far return
A far return to a different privilege level than that of the
currently executing program or procedure
Return
Conditional Jump
Jump: Conditional Jump
Near Jump A jump to an instruction within the current code segment
(Intrasegment Jump)
Short Jump: A near jump where the jump range is limited
to -128 to +127 from the current EIP value
Far Jump A jump to an instruction located in a different segment than
the current code segment but at the same privilege level
(Intersegment Jump)
Jump
Near Call A call to a procedure in the current code segment
(Intrasegment Call)
Far Call A call to a procedure located in a different segment than the
current code segment (Intersegment Call)
Inter-privilege-level Far Call A far call to a procedure in a segment at a different privilege
level than that of the currently executing program or
procedure
Call
IRET
Interrupt Return
Agenda
Background of Return-Oriented Programming
Branch Transfer Instructions
ROP Defense and Bypass
Valid Gadgets
More Gadgets from WOW64
ROP Defense and Bypass
Winner of the first BlueHat Prize
Uses Last-Branch Recording (LBR)
Call-Preceded Gadgets policy
Long sequence of short gadget
KBouncer
Source: Transparent ROP Exploit Mitigation Using Indirect Branch Tracing
IA32_DEBUGCTL MSR
LBR_SELECT MSR
Last Branch Record Control
MSR_LASTBRANCH_TOS
MSR_LASTBRANCH_X_FROM_IP
MSR_LASTBRANCH_X_TO_IP
For example: Silvermont
MSR_LASTBRANCH_0_FROM_IP (MSR 40H)
MSR_LASTBRANCH_0_TO_IP (MSR 60H)
Haswell
MSR_LASTBRANCH_0_FROM_IP (MSR 680H)
MSR_LASTBRANCH_0_TO_IP (MSR 6C0H)
Last Branch Record Data
Bypass: LBR History Flush
Source:http://nicholas.carlini.com/papers/2014_usenix_ropattacks.pdf
LBR History Flush with COP
VirtualProtect Ret with Eax=0x540e22F2
0x543258D4 0x543258D4 0x543258D4 0x543258D4
… 0x543258D4
VirtualProtect VirtualProtect VirtualProtect VirtualProtect
Use IRET instead of Ret
IRET is recorded only if far branch is enabled (as 0)
If IRET in LBR Flush LBR with multiple IRETs
If IRET not in LBR Use IRET gadgets
LBR History Flush with IRET
LBR History Flush With Call-Preceded Gadget
VirtualProtect Ret with AL=0
0x5419CAAA 0x5419CAAA 0x5419CAAA
… 0x5419CAAA
VirtualProtect …
0x540E22E9 0x540E22E9 0x540E22E9
Ret Misprediction
Indirect Call/JMP Misprediction
Branch Misprediction Approach
Use IRET gadgets
Ind Call -> Gadget->Ret-> … ->Ind Call -> Gadget-
>Ret
Use JOP gadgets
Use mixed COP/JOP/ROP gadgets Ind Call -> Gadget->Ret->Ind JMP
Ind Call -> Ind JMP -> gadgets->Ret
Ret Misprediction Bypass
Ind Call -> Ind JMP -> gadgets->Ret
For example, Gadget1: copy 4 bytes from ECX to
parameter 1
Ret Misprediction Bypass
Preload target address to avoid misprediction
1) Call/JMP -> Function/Code Block
2) Cal/JMP -> Gadgets in Intended Code
Indirect Call/JMP Misprediction Bypass
Control Flow Guard
Source: http://sjc1-te-ftp.trendmicro.com/assets/wp/exploring-control-flow-guard-in-windows10.pdf
Source:http://www.powerofcommunity.net/poc2014/mj0011.pdf
Source:https://www.blackhat.com/us-15/briefings.html#Zhang
Control Flow Branch Label
Bypass Unintended CFILabel-preceded gadgets
Valid Gadgets
Hardware Control Flow Integrity
Source: https://www.tk.informatik.tu-darmstadt.de/fileadmin/user_upload/Group_TRUST/PubsPDF/hardware-assisted-cfi.pdf
Use shadow stack to track return operation
Bypass Refer to “Ret Misprediction Bypass”
Shadow Stack
Source: http://www.cs.berkeley.edu/~daw/papers/shadow-asiaccs15.pdf
Agenda
Background of Return-Oriented Programming
Branch Transfer Instructions
ROP Defense and Bypass
Valid Gadgets
More Gadgets from WOW64
ROP requires control of the stack When attacker doesn’t, can pivot ESP to point to controlled memory
Unintended instructions often have stackpivoting gadgets
IRET in 64-bit Pops off of the stack EIP, CS, EFLAG, ESP, SS Can not be stopped because semantics of IRET require moving stack pointer
IRET can be used to deliver stackpivoting in 64-bit
StackPivoting
Valid Gadgets: StackPivoting
Valid Gadgets From JIT Engine
Agenda
Background of Return-Oriented Programming
Branch Transfer Instructions
ROP Defense and Bypass
Valid Gadgets
More Gadgets from WOW64
Windows 32-bit on Windows 64-bit
A subsystem on all 64-bit versions of Windows
capable of running 32-bit applications
Focus on the differences between 32-bit and 64-bit
Windows, such as data structure
Components Wow64.dll
Wow64win.dll
Wow64cpu.dll
WOW64
Wow64.dll The core interface to the Windows NT kernel that translates
between 32-bit and 64-bit calls, including pointer and call-
stack manipulations
Wow64win.dll Provides the appropriate entry points for 32-bit applications
Wow64cpu.dll Switches the processor between 32-bit and 64-bit modes
WOW64 Components
Logical Addr to Linear Addr
Segment Selectors
Segment Descriptor
Code Segment 33 for 64-bit code The L bit is 1 to indicate 64-bit code
Code Segment 23 for 32-bit code The L bit is 0 to indicate compatibility mode
DS: Data Segment
SS: Stack Segment
Additional data segments
ES, FS, GS
64-bit Windows Code Segments
Far JMP is used to transfer from 32-bit code to 64-bit
code
Hooked 32-bit NTDLL code
FS:[0C0h]
X86SwitchTo64BitMode
Switch From 32-bit to 64-bit
Far JMP or IRETQ is used to transfer from 64-bit code
to 32-bit code
Far JMP
IRETQ
Switch From 64-bit to 32-bit
64-bit and 32-bit CS share same address space
Same code binary can be decoded as different
instructions per CPU mode
For example, ntdll!NtTerminateThread
Valid Code Gadget
Compatibility Mode 64-bit Mode
64-bit DLLs are available during 32-bit code running
The processor, when in 32-bit mode, can execute
instructions compiled for 64-bit mode Lots of unintended instructions.
Unintended 32-bit Valid Gadget
ModLoad: 00000000`76d90000 00000000`76f38000 C:\Windows\SYSTEM32\ntdll.dll
ModLoad: 00000000`747c0000 00000000`747ff000 C:\Windows\SYSTEM32\wow64.dll
ModLoad: 00000000`74760000 00000000`747bc000 C:\Windows\SYSTEM32\wow64win.dll
ModLoad: 00000000`74750000 00000000`74758000 C:\Windows\SYSTEM32\wow64cpu.dll
Intended RtlpWow64SetContextOnAmd64 in 64-bit
WOW64CPU.DLL
RtlpWow64SetContextOnAmd64 proc near
mov edx, [r8]
mov byte ptr [r9], 0
mov r9d, 10001h
mov eax, edx
and eax, r9d
cmp eax, r9d
jnz short loc_78B62010
mov eax, [r8+0B4h]
mov [rcx+0B4h], eax
mov eax, [r8+0B8h]
mov dword ptr [rcx+0BCh], 23h
mov [rcx+0B8h], eax
mov eax, [r8+0C0h]
and eax, 3F0DD5h
or eax, 202h
mov [rcx+0C0h], eax
mov eax, [r8+0C4h]
mov [rcx+0C4h], eax
mov eax, [r8+0C8h]
mov [rcx+0C8h], eax
loc_78B62010:
mov r9d, 10002h
mov eax, edx
and eax, r9d
cmp eax, r9d
jnz short loc_78B6206E
mov eax, [r8+9Ch]
mov [rcx+9Ch], eax
mov eax, [r8+0A0h]
mov [rcx+0A0h], eax
mov eax, [r8+0A4h]
mov [rcx+0A4h], eax
mov eax, [r8+0A8h]
mov [rcx+0A8h], eax
mov eax, [r8+0ACh]
mov [rcx+0ACh], eax
mov eax, [r8+0B0h]
mov [rcx+0B0h], eax
loc_78B6206E:
mov r9d, 10020h
mov eax, edx
and eax, r9d
cmp eax, r9d
jnz short loc_78B620E4
movdqu xmm0, xmmword ptr [r8+16Ch]
movdqu xmmword ptr [rcx+16Ch], xmm0
movdqu xmm1, xmmword ptr [r8+17Ch]
movdqu xmmword ptr [rcx+17Ch], xmm1
movdqu xmm0, xmmword ptr [r8+18Ch]
movdqu xmmword ptr [rcx+18Ch], xmm0
movdqu xmm1, xmmword ptr [r8+19Ch]
movdqu xmmword ptr [rcx+19Ch], xmm1
movdqu xmm0, xmmword ptr [r8+1ACh]
movdqu xmmword ptr [rcx+1ACh], xmm0
movdqu xmm1, xmmword ptr [r8+1BCh]
movdqu xmmword ptr [rcx+1BCh], xmm1
loc_78B620E4:
mov [rcx], edx
xor eax, eax
retn
RtlpWow64SetContextOnAmd64 endp
Unintended RtlpWow64SetContextOnAmd64 in 32-bit
WOW64CPU.DLL
RtlpWow64SetContextOnAmd64 proc near
inc ecx
mov edx, [eax]
inc ecx
mov byte ptr [ecx], 0
inc ecx
mov ecx, 10001h
mov eax, edx
inc ecx
and eax, ecx
inc ecx
cmp eax, ecx
jnz short loc_78B71410
inc ecx
mov eax, [eax+0B4h]
mov [ecx+0B4h], eax
inc ecx
mov eax, [eax+0B8h]
mov dword ptr [ecx+0BCh], 23h
mov [ecx+0B8h], eax
inc ecx
mov eax, [eax+0C0h]
and eax, 3F0DD5h
or eax, 202h
mov [ecx+0C0h], eax
inc ecx
mov eax, [eax+0C4h]
mov [ecx+0C4h], eax
inc ecx
mov eax, [eax+0C8h]
mov [ecx+0C8h], eax
loc_78B71410:
inc ecx
mov ecx, 10002h
mov eax, edx
inc ecx
and eax, ecx
inc ecx
cmp eax, ecx
jnz short loc_78B7146E
inc ecx
mov eax, [eax+9Ch]
mov [ecx+9Ch], eax
inc ecx
mov eax, [eax+0A0h]
mov [ecx+0A0h], eax
inc ecx
mov eax, [eax+0A4h]
mov [ecx+0A4h], eax
inc ecx
mov eax, [eax+0A8h]
mov [ecx+0A8h], eax
inc ecx
mov eax, [eax+0ACh]
mov [ecx+0ACh], eax
inc ecx
mov eax, [eax+0B0h]
mov [ecx+0B0h], eax
loc_78B7146E:
inc ecx
mov ecx, 10020h
mov eax, edx
inc ecx
and eax, ecx
inc ecx
cmp eax, ecx
jnz short loc_78B714E4
rep inc ecx
movq mm0, qword ptr [eax+16Ch]
movdqu xmmword ptr [ecx+16Ch], xmm0
rep inc ecx
movq mm1, qword ptr [eax+17Ch]
movdqu xmmword ptr [ecx+17Ch], xmm1
rep inc ecx
movq mm0, qword ptr [eax+18Ch]
movdqu xmmword ptr [ecx+18Ch], xmm0
rep inc ecx
movq mm1, qword ptr [eax+19Ch]
movdqu xmmword ptr [ecx+19Ch], xmm1
rep inc ecx
movq mm0, qword ptr [eax+1ACh]
movdqu xmmword ptr [ecx+1ACh], xmm0
rep inc ecx
movq mm1, qword ptr [eax+1BCh]
movdqu xmmword ptr [ecx+1BCh], xmm1
loc_78B714E4:
mov [ecx], edx
xor eax, eax
retn
RtlpWow64SetContextOnAmd64 endp
WOW64CPU.DLL ~64 functions
WOW64.DLL ~694 functions
WOW64Win.DLL ~1,906 functions
NTDLL.DLL ~3,204 functions
Lots of unintended valid code exists!
Valid Functions
If exploit code turns CPU mode to 64-bit, then how
many valid functions will there be in 32-bit code?
Windows should not share different mode-
sensitive code across different CPU modes!
Even Worse
If exploit code turns CPU mode to 32-bit from native
64-bit, then how many valid functions will there be in
64-bit code?
Windows should not create 32-bit segment for
native 64-bit application?
Even Worse
Potential Solution: Branch Transfer Access Control!
References
The Performance Cost of Shadow Stacks and Stack Canaries. Thurston H.Y. Dang, Petros
Maniatis, David Wagner. ASIACCS 2015
Counterfeit Object-oriented Programming: On the Difficulty of Preventing Code Reuse Attacks in
C++ Applications. Felix Schuster, Thomas Tendyck, Christopher Liebchen, Lucas Davi, Ahmad-
Reza Sadeghi, Thorsten Holz. 36th IEEE Symposium on Security and Privacy (Oakland), May
2015
Exploring Control Flow Guard in Windows 10. Jack Tang. Trend Micro Threat Solution Team, 2015
ROP is Still Dangerous: Breaking Modern Defenses. Nicholas Carlini and David Wagner. 23rd
USENIX Security Symposium, Berkeley 2014
Windows 10 Control Flow Guard Internals. MJ0011, POC 2014
Write Once, Pwn Anywhere. Yu Yang. Blackhat 2014
Hardware-Assisted Fine-Grained Control-Flow Integrity: Towards Efficient Protection of Embedded
Systems Against Software Exploitation. Lucas Davi, Patrick Koeberl, and Ahmad-Reza Sadeghi.
DAC 2014
Transparent ROP Exploit Mitigation Using Indirect Branch Tracing. Vasilis Pappas, Michalis
Polychronakis, and Angelos D. Keromytis. Columbia University, 22nd USENIX Security
Symposium 2013
kBouncer: Efficient and Transparent ROP Mitigation. Vasilis Pappas. Columbia University 2012
Security Breaches as PMU Deviation: Detecting and Identifying Security Attacks Using
Performance Counters. Liwei Yuan, Weichao Xing, Haibo Chen, Binyu Zang. APSYS 2011
Transparent Runtime Shadow Stack: Protection against malicious return address modifications.
Saravanan Sinnadurai, Qin Zhao, and Weng-Fai Wong. 2008
Control-Flow Integrity Principles, Implementations, and Applications. Martín Abadi, Mihai Budiu,
Úlfar Erlingsson, Jay Ligatti. CCS2005
Thank You!
Xiaoning.Li@intel.com
Thanks to Haifei Li, Bing Sun, Chong Xu, and Dan Sommer of McAfee
Labs, and to Rodrigo Branco of Intel