Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)
-
Upload
nate-lawson -
Category
Technology
-
view
2.065 -
download
1
description
Transcript of Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)
![Page 1: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/1.jpg)
Don’t Tell JoannaThe Virtualized Rootkit Is Dead
Nate Lawson @ Root LabsPeter Ferrie @ SymantecThomas Ptacek @ Matasano
![Page 2: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/2.jpg)
Introduction
![Page 3: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/3.jpg)
What We’re Going To Talk About
★ HVM Malware Recap
★ Nothing Is 100% Undetectable
★ Samsara: A Framework For HVM Malware Detection
★ Conclusion: A Cat And Mouse Game
![Page 4: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/4.jpg)
HVM MalwareA Remedial Course
![Page 5: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/5.jpg)
We’ve Seen This Movie Before
hidesrcthompsoncompilerbackdoor
libkvm
amodload
IAT Rootkit
1998-
SSDT Rootkit
1994 - 19961984
BackOrifice
2006-
virtualized
firmware
darkavenger
‘90s
![Page 6: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/6.jpg)
Hyperjacking vs. Virtualization
hardware
vmm
guest A guest B
hardware
vmm
native OS
hardware
vmmnative OS
vmwareidealized
rootkit hyperjacker
small footprint
direct guesthardware io=
![Page 7: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/7.jpg)
Hyperjacker Analogy: WebScarab
web proxy web server
VMM CPU
browser
kernel
Almost all hardware functionality is leftuntouched. VMM picks and chooses (viatrap handler) what to manipulate.
Vitriol 1 is less than 2000 lines of C code.
![Page 8: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/8.jpg)
X86 System Hierarchy
hardware
ISA
instructions
microarchitecture
cache sched exec tlb btb
chipset
bus
software
CPU
peripheral
VT
![Page 9: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/9.jpg)
Vitriol: ddz’s HVM Hyperjacker
★ Dino Dai Zovi’s 2006 Matasano Black Hat Talk
ring 0 (OS X) ring -1 (Vitriol) cpu (Core Duo)
vmx_fork()initialize vmm
rdmsrvmexit
vmenter
rdmsr 1ch
int 80h int
![Page 10: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/10.jpg)
Blue Pill: Joanna’s HVM Rootkit
★ Joanna Rutkowska’s 2006 COSEINC Black Hat Talk
★ Just Like Vitriol, but:– uses AMD SVM, not Intel VT-x
– Vista, not OS X
– loads self via Vista (beta) swap bug
– implements network IO with debug registers
– loads LWIP stack into the kernel
– apparently implements nested virtual machines
★ Claim: 100% Undetectable Malware
![Page 11: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/11.jpg)
Nothingis 100% Undetectable
![Page 12: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/12.jpg)
Detecting VMWare Is Easy
★ Unrealistic outdated device hardware– ISA ethernet controller?
– 440BX chipset?
★ Holes in virtualization– SIDT
– Microsoft-manufactured motherboard
– Registry keys
– “VMware” in video and SMBIOS strings
★ Guest-to-host communication channels– VMware: inb/outb to magic port
– VirtualPC: illegal instructions
★ Wide timing variances– Hard to trap timer reads (RDTSC), accuracy suffers
![Page 13: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/13.jpg)
Cross Section
osx kernel
kernelmalware
x86hardware
virtualizedmalware
A measure of stealth, quantified byintrusiveness.
![Page 14: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/14.jpg)
Cross Section for Virtualization
★ Varies by layer chosen for rootkit
★ Dictates complexity of rootkit– fails to trap and emulate a feature: detectable
– emulation too complex: big target, detectable
★ “Entire x86 hardware platform” is a huge cross-section
cross section ● noun: amount of the original system that rootkit must emulate to remain hidden ● etymology: radar, stealth planes
![Page 15: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/15.jpg)
Fundamental Problem
This instruction:
cpuid
should take 200 cycles, not 5000, is unprivileged, and should have no impact on cache, BTB, or TLB.
![Page 16: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/16.jpg)
Three Detection Strategies
★ Strategy 1: Side-Channel AttacksVM overhead creates detectable “trails” through microarchitecture that are prohibitively hard to conceal.
★ Strategy 2: Vantage-Point AttacksVM cross-section forces it to recognize and emulate many obscure hardware features.
★ Strategy 3: Vulnerability AnalysisThe more features a rootkit implements to hide itself, the more bugs it exposes.
![Page 17: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/17.jpg)
What Is A Side Channel Attack?
★ Any resource consumed in a logic-dependent way leaks information. For example:
if (strcmp(guessPassword, realPassword))return LOGIN_FAILED;
‘83: Tenex Password (Lampson)
‘95: Timing BreaksRSA (Kocher)
‘98: DPA BreaksSmartcards (Kocher)
‘04: Remote Timing Breaks SSL (Boneh)
‘06: BTB Timing Breaks RSA (Aciicmez)
![Page 18: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/18.jpg)
But Real Systems Are Too Noisy!
BZZZZZT!
★ Astounding: “Opportunities and Limits of Remote Timing Attacks”; Crosby, Riedi, Wallach
– WAN timing: 15-100 microseconds resolution (!)
– LAN: 100 nanoseconds
★ If noisy, take more samples and average– Decouples noise from true resource consumption
– Local access = higher resolution
★ We monopolize ring 0 for several microseconds– Less than an AV scanner
★ Data-dependent side-channels are hard to eliminate.
![Page 19: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/19.jpg)
Finding Side-Channel Attacks
★ How to look for it:– Enumerate all resources your opponent has to use
• say, “executing instructions”
– Identify how to measure that resource from your vantage point• Branch target buffer state can be read by timing branches in your own
thread
– Take as many measurements as possible
– Eliminate jitter with Stat 101
★ Secret: identifying whether or not any code (i.e., hypervisor) executed much easier than extracting a key from that code
![Page 20: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/20.jpg)
Vantage Point Attacks
★ Dilemma: either let me talk directly to the hardware, which will betray you, or emulate the hardware, with perfect fidelity.
★ HPET: alternative high-precision timers (supercedes but does not eliminate the RTC).
★ Performance Event Counters: instructions retired (in/out of VMM), cache misses, branch mispredictions, model-specific events.
★ GART: scatter-gather memory map for graphics devices
![Page 21: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/21.jpg)
Finding Vantage Point Attacks
★ Embedded timers (exposed directly, via CSR, or indirectly via behavior). Force Blue Pill to emulate every mainstream peripheral.
★ Model-specific MSRs and CSRs (particularly scattered in sensitive functionality). Not all MSRs and CSRs are documented.
★ “Bounceable” Memory Access through devices (DMA rings, etc). Force Blue Pill to emulate every mainstream peripheral.
![Page 22: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/22.jpg)
Finding Hypervisor Bugs
★ Sources of Bugs– nested/VTX
– errata
– vtx loading errata
★ Where To Look– Get all datasheets and errata
– Descriptions give microarchitectural behavior (i.e., priority of faults in various error cases)
– Focus on items that require a full simulator to emulate correctly
– Or, behavior that can’t be trapped/emulated
– Special credit: “won’t fix” errata
talk about vmware interrupt bug
![Page 23: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/23.jpg)
Samsaraa framework for detecting
virtualized malware
![Page 24: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/24.jpg)
Implementation overview
★ three tests implemented– Instruction and data TLB
– HPET
– VT Errata
★ test framework
★ rantipole: HVM rootkit simulator
★ futures
![Page 25: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/25.jpg)
What’s a TLB?
Translation Lookaside Buffer–Remembers the translated addresses of memory you touched•Like a cache for page tables (Virtual memory 101)
•Not directly visible from software but you can affect it
–Flush it completely (MOV CR3/CR4)
–Flush an individual page (INVLPG)
–Indirectly by R/W/X from a page
pde+X pde+Y
CR3
pte+N pte+K pte+J
1 0 1 01 1 1 1 1 1 1 1 1 1 1 1 1 1 00011 000000000
bffff430h
When a VMEXIT occurs, hypervisor execution and memory access leave trails through the TLBs
![Page 26: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/26.jpg)
General Approach To Snooping
This sequence:
desync tlb color memorycpuidread memory
should be identical to this sequence:
desync tlb color memorynopread memory
![Page 27: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/27.jpg)
TLB Snooping
TLB
(0) RAM(1) PTE(2) TLB(3) RAM
1
2
3(a)
3(b)
pte, tlb synced, “random”
pte, tlb desynced, RAM colored
post vmexit:basic VT-x
post vmexit:AMD SVM
![Page 28: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/28.jpg)
Aside: ASID’s Don’t Help, Joanna
★ “But guest TLB usage can be partitioned with ASID”– Application Space ID, tag that says which context owns a TLB entry
★ Made for performance, not transparency!
★ Hypervisor still needs to read exit condition from VM
★ VMEXIT trap handler needs to run– Hence, at least one data and instruction TLB entry will be lost
★ Hypervisor has to now flush TLB manually for guest– Observable timing difference = side channel
![Page 29: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/29.jpg)
Data TLB Test implementation
★ Allocate N+1 pages
★ Fill N pages with “A”, one page with “B”
★ Touch the pages in order to flush TLB and fill with those mappings
★ Remap N pages to one page without invalidating the TLB
★ Walk backwards through all N pages, reading data– Keep a counter
– Once you see “B”, you’ve flushed the TLB
★ Repeat test but add probe to trap to hypervisor
★ If count varies with trapping instruction, you’re virtualized
![Page 30: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/30.jpg)
Instructions Have Their Own TLB
★ Instruction TLB test mostly same– Pattern A = mov eax, 1; ret
– Pattern B = mov eax, 2; ret
– “Reading” pages by call $PAGE, check value in eax afterwards
★ Same design pattern works for other tests
★ Branch target buffer (BTB):– Modern x86 caches branch targets. Saturate the BTB cache and
evictions will make certain branches take observably longer.
★ Cache invalidation (INVD):– INVD flushes the cache but discards queued writes. Saturate the
cache, cause VMEXIT, and then INVD out the whole cache; evictions will make certain writes persistent.
![Page 31: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/31.jpg)
Vantage Point Example: HPET
★ Clock VM exits via the HPET instead of the TSC.
★ Kernel:– export sysctl “hpet_attach”
– map HPET IO range to requesting processes
★ Userland:– (1) sample hpet
– (2) sample tsc
– (3) cpuid (or other vmexit)
– (4) elapsed tsc
– (5) elapsed hpet
– (6) reconcile
– (7) repeat
![Page 32: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/32.jpg)
Other Timing Sources
★ The PIT (16 bit counter/interrupt timer)
★ The RTC (battery-backed realtime counter [1 sec granular] and interrupt timer)
★ The LAPIC (32 bit, device-dependent frequency)
★ The ACPI timer (24 bit PITx3 timer)
★ VGA blanking – Fun drinking game: “count the exposed embedded timers in
peripherals”.
![Page 33: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/33.jpg)
Bugcheck Example: VMCS Fuzzer
★ VMCS stores host (hypervisor) state, guest (OS X) state, execution controls, and status.
★ VT-x dox specify 50+ checks on fields, checked in well-defined model-specific order, generating different exceptions (GPF, SIGILL, VMLAUNCH error, etc).
★ Break each check, verify expected exception/signal/result.
![Page 34: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/34.jpg)
Extending Samsara
★ Plug-in interface for adding new tests– Kernel or userland
– Tests use configurable probe function
★ Userland support programs– Query and generate traces
– Analyze results of traces
★ Profiles/”signatures” for well-known hardware
★ Runs on MacOS and FreeBSD– Easy to port to new archs
![Page 35: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/35.jpg)
Rantipole: An HVM Testbed
★ Rantipole is a (crippled) HVM detection testbed– only works on OS X
– only works on Core 1 Duo
– only works in native 32 bit mode
– loudly advertises itself
– stripped of any SMP sync code (UP-only)
– no “backdoor” or “malicious” capabilities
– self-destructs in 10 minutes
★ Malware authors: you are better off reading Xen
![Page 36: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/36.jpg)
What Rantipole Does
★ (1) check cpuid, feature msr for VMX
★ (2) allocate vmx and vmcs from IOMallocContiguous
★ (3) initialize vmcs, call vmclear
★ (4) copy segments, stack, cr3 to vmcs host and guest
★ (5) set host/root/hypervisor eip to trap handler
★ (6) set exec controls to pick events we want
★ (7) vmptrld to add vmcs
★ (8) (a) vmlaunch (b) spin
![Page 37: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/37.jpg)
Futures
★ Implement more tests– VGA blanking interval timer
– BTB
– INVD
– Multi-core cooperating threads
★ Improve simulator to validate tests
★ Port to new archs
★ None of this is really important anyway
tom: BAT SIGNAL DIAGRAM HERE
![Page 38: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/38.jpg)
Conclusiona cat and mouse game
![Page 39: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/39.jpg)
The Cat And Mouse Process
Yes, you’ve seen it before!
Diagram: “research”, “implement”, “deploy”, “repeat” (circles, arrows, huge cliche, boring!):
research---------. | | \ V \ implement ----. \ | \ V \ deploy `___________/
![Page 40: Don't Tell Joanna the Virtualized Rootkit is Dead (Blackhat 2007)](https://reader038.fdocuments.us/reader038/viewer/2022102710/5482450bb47959ce0c8b4729/html5/thumbnails/40.jpg)
Questions are yourway of proving to
Joanna thatyou paid attention.