Hiding a Rootkit In System Management Mode

Sniper223 notes a PC World article on a new kind of rootkit recently developed by researchers, which will be demoed at Black Hat in August. The rootkit runs in System Management Mode, a longtime feature of x86 architecture that allows for code to run in a locked part of memory. It is said to be harder to detect, potentially, than VM-based rootkits. The article notes that the technique is unlikely to lead to widespread expoitation: "Being divorced from the operating system makes the SMM rootkit stealthy, but it also means that hackers have to write this driver code expressly for the system they are attacking."

LiveCD

[Anonymous Coward]

With all the security issues that we hear so much about, I have decided that one potential way of avoiding most of them is to run a liveCD distro of whatever OS when working with sensitive data.
I do all my internet banking via freeBSIE now - yes it takes a veeeeery long time to boot, and I know that it doesn't solve ALL of the problems but it has to eliminate enouogh problems to be a viable solution.
Agree / disagree ?

Difficult in practice

[Anonymous Coward]

In theory, SMM is the ultimate rootkit hiding place. In practice, it's difficult to exploit on a wide scale. Getting the system to execute rootkit code in SMM isn't easy. You're going to need an exploitable BIOS bug, or the ability to reflash the ROM. Either is going to be very system-specific.

Re:hmm

[Anonymous Coward]

Strongly suggest you spend some time learning about SMM. Hnt: the OS stops running while this takes place in the background - Norton wouldn't have a clue.

There could be something to this

[lakeland]

Lets say you are an evil terrorist hell-bent on infultrating the American military and wrecking havoc.

It seems to me that this would be exactly the sort of thing you'd look for. Military machines are specced very precisely, you'd know exactly what hardware was on the system so drivers wouldn't be much of an issue.

All you'd have to do is sneak your code in here once, and the timebomb would be ticking for when you want to activate it. Yeah, it wouldn't be easy to get it on there, but it means breaking through once allows you to lay a trap for another time. That sounds pretty serious to me.

Re:Difficult in practice

[moteyalpha]

This is one area where I have worked a bit and there is tremendous potential for abuse of VMM and SMM when you combine it with users that trust a company to deliver binaries. I will not use a binary program, unless I have the source and can verify it is legitimate. A bit of social engineering and the right picture and an uninformed user will be flashing their BIOS while they wait for the security update they think they are getting. If it is done right, this type of program can remain dormant and use no CPU time to give itself away, until it is keyed to act in something like a bot net or some other purpose.

IPMI Card Vulnerabilities

[landonf]

What about vulnerabilities in onboard IPMI [wikipedia.org] cards? Our new servers have ARM-based cards running Linux. The built-in HTTP server is vulnerable to a widely-known buffer overflow:

landonf@ahost:~> telnet XXX.XXX.XXX.XXX 80
Trying XXX.XXX.XXX.XXX...
Connected to XXX.XXX.XXX.XXX.
Escape character is '^]'.
GET /x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/x/ HTTP/1.0
Connection closed by foreign host.
landonf@timor:~> telnet XXX.XXX.XXX.XXX 80
Trying XXX.XXX.XXX.XXX...
telnet: connect to address XXX.XXX.XXX.XXX: Connection refused

Seems like a recipe for compromised data centers, to me. Re-imaging a machine won't touch the IPMI card.

Re:oooooh scary

[Anonymous Coward]

At last, someone who is familiar with the problem and the technology involved. Yes, SMM memory space is often locked by the BIOS and not subject to viewing by antivirus. Not that antivirus would know what code written to run in SMM looks like since it's not exactly a normal Windows or Linux binary.

How specific of a target?

[rocketPack]

TFS says the code must be specifically targeted to a particular machine which, on a PC, means a very big challenge.

On a Mac, however, you could easily target a very large number of people using only a very small number of hardware variations. Could this exploit be better suited to Macs than PCs? On the other hand, it also seems like it would be equally easier to detect the problem, since your algorithm can be fairly specific (both in terms of Macs and PCs), since the code needed to exploit would be rather specific.

Re:oooooh scary

[Anonymous Coward]

FWIW, an even easier vector for stuffing data into the SMM, and not as a BIOS payload (which will be very motherboard specific) is to chain it into the VGA BIOS (which most PCs have..). The VGA bios is nice because it's a very clean interface (as far as option roms go) for getting called and you can chain in the real VGA bios after doing whatever you see fit.

You can even have it trigger on the first BIOS calls of the windows bootloader so that you can easily overwrite the SMM memory regions in a nice and portable way.

Re:There could be something to this

[PhireN]

Its true, I worked in a company involved in air traffic control over the summer, And the computers which they had to use were old Compaq servers from 1998, of a certain model, with exactly x ram.
They were using eBay to track down replacements.

General Software BIOS

[Anonymous Coward]

Have a look at General Software's Firmbase technology. They are using the SMM for lots of crazy stuff - a tiny OS is running in SMM mode. It is interacting with USB, network adapter, serial ports etc. It has a web server, telnet server, snmp server... It is possible to get a prompt on serial port to poke the hw registers, memory, cpu registers etc while the main OS is running and doesn't have a clue what's going on. This comes very handy when developing drivers for such systems, but if some evil bios engineer would add an exploit to SMM, nobody would figure out where to look for it.

Re:oooooh scary

[cbrocious]

ACPI is even easier and it's far more portable (that is, less specific to a given hardware configuration)

Re:Invisible to anti-virus?

[Opportunist]

A signature can only catch what it knows. Now, it may match any variant of a known virus or at least a known exploit strategy, but it as well may not. Malware writers do check their creations against the most used AV kits. In a targeted attack, they usually even know what AV suit their target uses. So it is likely that at the time of launch, no relevant AV suit detects a certain trojan.

Malware writers ain't dumb. They know they are the offensive player in that game and they use that advantage.