Rootkit In a Network Card Demonstrated 112
KindMind notes coverage in The Register on a researcher who has developed a firmware-based rootkit that resides in a network card. Here is the developer's blog entry. "Guillaume Delugré, a reverse engineer at French security firm Sogeti ESEC, was able to develop proof-of-concept code after studying the firmware from Broadcom Ethernet NetExtreme PCI Ethernet cards... Using the knowledge gained from this process, Delugré was able to develop custom firmware code and flash the device so that his proof-of-concept code ran on the CPU of the network card."
Cool (Score:1)
First Post (Score:3, Funny)
Re: (Score:1)
Re: (Score:1)
Unfortunately, they seem to be incompatible with my file system. Do you know any other FS that might work with that?
or buy a cheaper intel pro nic card that does the (Score:2)
or buy a cheaper intel pro nic card that does the same with out the software bloat.
Need hardware IOMMU (Score:5, Interesting)
An attacker would then be able to communicate remotely with the rootkit in the network card and get access to the underlying operating system thanks to DMA."
Not if the CPU had IOMMU hardware that was configured to only allow the network card to write to the proper memory area.
However, this still would not protect against the network card forging data, manipulating packets before passing them to the OS, for example manipulating packets to be malformed so to exploit an OS security vulnerability, emitting packets the OS did not generate (such as ICMP pings, or other packets for a hardware-based DDoS emitted without assistance from host OS.. or connecting to a P2P network of compromised NICs to form a spam-sending botnet, without host involvement.
The possibility also exists of capturing packets crossing the NIC and forwarding samples to an outside address, or manipulating aspects of packets to create an "open proxy" the host does not know about, enabling IP spoofing, cache poisoning, or opening other vulnerabilities that don't require manipulation of the host itself.
Re: (Score:2, Interesting)
Yes, but wouldn't the network card's limited hardware be a problem? I mean if you want to make a spam bot / P2P, etc., the code+data will have to fit in whatever RAM or EEPROM capacity the network card has.
Re:Need hardware IOMMU (Score:4, Insightful)
the code+data will have to fit in whatever RAM or EEPROM capacity the network card has.
Or a downloader/backdoor will have to fit on the card to allow a remote load of any code that can't be stored on the PROM.
It could be a simple stub, executing exactly instructions carried in magic data packets. Downloaders can pull more code than is stored by using sources found outside the NIC, such as sources on the internet.
the hacked firmware could remove standard features like Wake on Lan, and use that space to implement features the malware author wants, like "Flood on LAN".
Most NICs nowadays support things like PXE boot. Either that part of the option ROM could be completely hijacked, OR in fact the PXE boot function could be used as a way of booting the system to a 'boot sector infection' routine next boot after the NIC is infested.
Think about it... Phase 1, your NIC gets infected, Phase 2, next boot a vulnerability will be opened in your system, thanks to the ability of every PCI card to include an option ROM in the BIOS, or code will run to use blue pill against your OS and introduce malicious code, the hypervisor above your OS downloads code from the attacker.
Depending on the payload downloaded, the malware could be anything from a keylogger to a spam node
Re: (Score:2)
Quite true. But I would be willing to bet that most NICs don't have a very big program in EEPROM, but have at least 8 to 32 megabits of the stuff. After all, flash prices have dropped a ton and it's probably a better idea when building something to go with the 1.0078 cent flash rom that gives you lots of space you probably don't need than the 1.0072 cent one that gives you a constraint and may be hard to source next year due to it's small size.
I'd be willing to bet that for this reason, most NICs have lots
Re: (Score:2)
the code+data will have to fit in whatever RAM or EEPROM capacity the network card has.
Or a downloader/backdoor will have to fit on the card to allow a remote load of any code that can't be stored on the PROM.
This solution is defeated by a proper IOMMU.
the hacked firmware could remove standard features like Wake on Lan, and use that space to implement features the malware author wants, like "Flood on LAN".
Yes, that's space in the adapter ROM which you're reusing as was suggested previously.
Most NICs nowadays support things like PXE boot. Either that part of the option ROM could be completely hijacked, OR in fact the PXE boot function could be used as a way of booting the system to a 'boot sector infection' routine next boot after the NIC is infested.
Anything with user-upgradeable firmware and enough hardware to insert itself into the boot sequence is a potential threat.
Re: (Score:1)
Or a downloader/backdoor will have to fit on the card to allow a remote load of any code that can't be stored on the PROM.
This solution is defeated by a proper IOMMU.
My assumption is the 'remote loaded code' would be loaded into NIC RAM managed by the NIC firmware, not host memory managed by the CPU and IOMMU hardware
Many NICs have some memory space for transmit and receive buffers, and multiple I/O queues, no doubt some of that would be unused and could be repurposed by a hacked firmware, without t
Re: (Score:2)
If necessary, the spammers could just have the card do NAT so you get blamed for the spam.
Re: (Score:1)
If necessary, the spammers could just have the card do NAT so you get blamed for the spam.
Interestingly.. they wouldn't even have to do that much. Just provide the spammer a 'magic packet' to tell the NIC to start replacing and forwarding either all packets, or packets destined to certain ports to the spammer's destination IP.
Dumb rewriting is fine as long as the spammer gets the packet otherwise unchanged, as the spammer can implement all the 'NAT logic' in their own software.
In fact, since nobod
Re: (Score:2)
Re: (Score:2)
Or perhaps creatively re-routing packets into a GRE tunnel so they can all be watched remotely.
Re: (Score:2)
But wouldn't he first have to sneak into your home and flash your NIC firmware, then sneak out again, and start the electronic attack?
There are plenty of people with access to your network card before it reaches you. People at the factory, those doing transportation, people working in customs, people near all the places the card is stored before it reaches you, etc. You may also take the card to repair once you got it. And if your computer already is compromised the malware can flash itself to the network card so it will survive a reinstall of the operating system and boot loader.
how do you hide it? (Score:2)
say you're a front for the chinese military making these things. you install the rootkit. broadcom or whoever will do an audit of retail boxes to make sure the cards are being produced to spec. how do you hide what you did?
Re: (Score:2)
Re: (Score:2)
but it will be done randomly so to get value from your virus you have to know who to sell the virus cards to. and since the chinese don't control the serial numbers you somehow have to produce and sneak them into the market with the right numbers
Re: (Score:2)
How will they successfully audit them?
Re: (Score:3, Informative)
By doing what they do now, pull one out of every X and take a look at it.
Re: (Score:2)
the companies that make these will have reference boards, software and debugging tools
buy the retail boxes via CDW
install in test server or workstation
run your in house tools to verify that the code on the card is the same as your in house code you developed
and most of these cards are sold via dell and HP which write their own custom firmware as well just like they do for all the other add on boards.
Re: (Score:1)
run your in house tools to verify that the code on the card is the same as your in house code you developed
And a properly hacked card outputs to the in-house tool the exact code it's supposed to, because the hack contains a bit of code to remove all the patches and return itself to pristine state, when a debug connection is detected
Re: (Score:2)
but then how do you control who gets the virus laptops? with lenovo and acer they also have huge US workforces that can catch on.
and with all the security appliances that everyone runs these days it's going to be hard to hide the malicious network traffic
Re: (Score:1)
and with all the security appliances that everyone runs these days it's going to be hard to hide the malicious network traffic
Security appliances need NICs too
Perhaps version 1 of the 'hack' is to obscure traffic that would be emitted by version 2
Re: (Score:2, Insightful)
You're assuming the NIC manufacturer is conducting audits in the first place. If they are, there's probably single person who maintains a list of good hash values for the firmware. Bribe that person and the audits won't matter.
The easier solution is to simply buy the cards from the OEM, flash them with a malicious firmware, then resell those cards at discount prices. Are NIC manufacturers purchasing off-the-shelf goods and conducting audits on those? Probably not.
And even then, you could always create a wor
Re: (Score:1)
Another attack level could be if you already rooted an OS, and want to protect your root kit against reinstall. Someone already mentioned PXE boot, as well as option ROM. In short, as soon as the PC gets rebooted (which is required for a wipe/reinstall), you get complete control.
Re:how do you hide it? (Score:5, Insightful)
say you're a front for the chinese military making these things. you install the rootkit. broadcom or whoever will do an audit of retail boxes to make sure the cards are being produced to spec. how do you hide what you did?
One way is to operate completely within spec. The 'retail box audit' normally includes hardware components, not the actual firmware, so an audit is not likely to detect. It is not like they're going to audit NICs with a $100,000 logic analyzer, and spend thousands of skilled man hours verifying every bit on the programmable chip service matches their master. Hacked firmware can be designed to lie about its own contents when inquired, and these things can be designed to lie dormat for months on average.
The hacked firmware might open a backdoor only periodically, not every time. Each box will probably be audited once, not 50 times. When an end user gets the thing, they will eventually trigger the malicious code, because they'll use their machine for a long time.
Isolating the NIC as a cause would be extremely difficult, if the malicious code is sensitive to network activity, and specific kinds of network activity, for example keywords.
Perhaps the hack is configured only to activate if the computer sends something to an IP address in certain ranges, or containing a certain keyword. There are innumerable criteria that auditing won't detect
Re: (Score:2)
Don't have to turn it on for all cards, just like one of the prime vectors for malware are ad infected ad rotators where the ads just show to a small percentage -- just one in every several thousand cards with a bongoed ROM can bring in a superb ROI for blackhats.
Scary (Score:1)
Re:Scary (Score:5, Funny)
That's pretty frightening. I would think this would be a pain in the ass to discover, and you'd end up replacing motherboards on servers/workstations trying to figure out why they kept crashing. I mean, who would flash their network card as a troubleshooting step?
I see you've never contacted Dell technical support.
Re: (Score:2)
or HP for that matter
last week they almost made me upgrade to the latest RAID controller firmware to replace a few drives showing predictive failure. i was one version behind and this new firmware was a week old. but generally if you're a few months behind they will make you upgrade.
and i've seen a lot of mysterious reboots and other problems thought to be MS's fault fixed by HP firmware/driver upgrades
Re: (Score:2)
HP's firmware writers are really crap. At least they DO fix issues eventually, even if they "only" affect Linux.
The only upside is that all the other vendors seem to be at least as bad, in some cases significantly worse.
Re: (Score:1)
and i've seen a lot of mysterious reboots and other problems thought to be MS's fault fixed by HP firmware/driver upgrades
The real question is... if you didn't upgrade it, would the problem still have gone away?
How many firmware fixes are genuine hardware issues VS workarounds for buggy Microsoft drivers? :)
Re: (Score:3, Interesting)
Modded funny but should be informative.
No seriously - Dell Technical support will walk you through the most bizarre troubleshooting tips - and on the odd time it works.
One time we had a desktop that was bluescreening right after post - and would bluescreen if we tried to re-install Windows. It would bluescreen if we tried to get into the windows repair console.
After calling Dell, they simply made me go into the Bios, switch it off AHCI to Serial ATA, reboot, go back into the bios, switch it back to AHCI, re
Re: (Score:3, Informative)
Re: (Score:2)
I see you've never contacted Dell technical support.
No, but by calling the Dell number I have contacted a collection of semi-autonomous, partially intelligent voice response systems with limited input parameters and limited output responses.
Re: (Score:2)
Why would they crash it? Much better to sit and eavesdrop quietly.
Do these guys have any driver experience at all? (Score:1)
I read these security reports and have to wonder how much, if any, driver experience these security specialists have.
When we talk about patents, we like to drone on and on about prior art and how obvious something is to someone skilled in the art. But these security reports about flashing the EEPROM and running code on the NIC CPU and using DMA to corrupt the OS are all things that are done daily by embedded systems and driver developers.
Re: (Score:2)
Re: (Score:1)
Mainly because the security experts, for the most part, don't know what they are doing and spend most of their time reinventing bugs that developers have already grappled with and overcome.
It's a lot like how a lot of teachers have a Masters in Education but not in anything specific to the courses they teach. Basically, all they have is a bunch of random ideas without any expertise to show them the right way.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Maybe there are, but to see it you need to install a antitivirus product on your firmware.
wait... there are none..
Re:Do these guys have any driver experience at all (Score:5, Insightful)
Anybody who gives the matter a moment's thought, even pure amateurs, must conclude by simple logic that somebody can do it; what the security people are pointing out is that not only can somebody do it, potentially hostile third parties with reasonably available skills and no manufacturer support or collaboration can do it....
Re: (Score:1)
I suspect that they are (reasonably) well aware that somebody, presumably an embedded system/driver dev had to produce the blobs and loaders and other structures they are monkeying with in the first place.
I don't suspect they know this at all.
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
print map{($_%5?$_%3?$_:Fizz:$_%3?Buzz:FizzBuzz).$/}(1..100)
Re: (Score:2)
This is slashdot. Hackers are people who make a device do things it wasn't designed to do, or who write quick-and-dirty, or exceptionally elegant, code.
CRACKERS break into computers.
Re: (Score:2)
You're assuming intelligence. An intelligent person would come to the same conclusions as you have. The same caution has come out for the Intel microcode uploader, flash-based BIOSes of all kinds and intelligent devices that can handle uploadable programs. It's not new, it's not even that dramatic, but it is (sooner or later) going to be highly significant. And all those who failed to take any action now will deny that they were ever told it was a possibility, and all those manufacturers who opted for point
I wonder about the next gen of attacks... (Score:5, Interesting)
I'm sure people are familar with LoJack for Laptops, where either due to a hook in BIOS (Dells and HPs have an option that will reinstall the LoJack software even if the BIOS is reflashed and all disks are zapped) or other means it gets loaded.
I can see this happening with malware, especially on a NIC with DMA access. Even if a machine is completely DBAN-ed, the botnet client will silently reinstall itself. As more devices (keyboards and such) have ROMs that can be flashed, we will see more and more devices have this avenue for compromise.
How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different. Another fix would be having the flash process be offline, such as only though a USB port with a usb flash drive. However, NICs won't have USB ports present. Still another possible avenue would be a slot for a MicroSD card, but that adds complexity to the device. So, this isn't something easy to deal with. The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.
Re:I wonder about the next gen of attacks... (Score:4, Informative)
I'm sure people are familar with LoJack for Laptops, where either due to a hook in BIOS (Dells and HPs have an option that will reinstall the LoJack software even if the BIOS is reflashed and all disks are zapped) or other means it gets loaded.
It's not a hook, LoJack comes with every BIOS. That's why it survives reflashing, you don't have the option of a BIOS without it. I co-wrote some article [coresecurity.com] about this not long ago.
How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different. Another fix would be having the flash process be offline, such as only though a USB port with a usb flash drive. However, NICs won't have USB ports present. Still another possible avenue would be a slot for a MicroSD card, but that adds complexity to the device. So, this isn't something easy to deal with. The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.
None of this would work. Maybe it will make it more difficult, but can't protect you against a logical flaw in the firmware that allows you to execute code. Firmware is like any other software, what happens if you sign code that executes any code? then all code is automatically "signed".
The solution IMHO is complex, expensive and involves signing+software protections in the NIC and in the OS (I.E. iommu, etc.) and WILL fail with a sufficiently resourceful attacker.
BTW, awesome work.
Re: (Score:1)
Doesn't anyone remembers that BIOSes in 90s used to have "Virus warning" which activated when you tried to flash BIOS.
Re: (Score:2)
Some vendors would, no doubt, cry about the security of their precious binary blobs; but the customer, and security must ultima
Re: (Score:2)
Perhaps even just having a standard connector and method for accessing the JTAG ports might be the way to go. Plug a connector in, check on a second device if the code stored matches what it should be. If not, copy over a version that does. This could be automated so the NIC maker can make a security tool with a green/yellow/red light about the size of a 1/8 to 1/4" audio jack adapter that plugs into cards, reads a green light if the ROM matches a known good one, red if it doesn't, and yellow to tell the
Re: (Score:2)
In effect, unless you can take the system offline and scan the raw memory, you are really just asking the (potentially compromised) firmware running on the embedded CPU "Dear sir, are you compromised?" to which the answer will, i
Re: (Score:2)
Perhaps a separate, burned ROM (that can't be tampered with) that boots if a button is pressed? This ROM would scan the other BIOS storage and do exactly as you say -- compare everything to known hashes, and if there is an issue, zero out the BIOS and slap a "1.0" image that originally shipped with it, or perhaps have another mechanism for writing a BIOS to the storage. This is similar to booting a Linux machine from a Knoppix CD, running a hash of all files, then permissions and comparing the two to a kn
Re: (Score:1)
The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.
How about a special cable?
Have say a USB port with an extra 'notch' at the bottom.
When a special proprietary flash drive is plugged in that has an extra plastic notch attached to the bottom, the 'button' will be pushed and held down while it is plugged in, enabling a "hardware maintenance" signal line.
When the system is rebooted with the 'm
Re: (Score:1)
How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different.
Why not just have the hardware detect an unsigned BIOS and print a message on every boot that says "Modified firmware detected, press F7 for ten seconds to restore to factory default"? Then you can modify it if you like and you just ignore the message.
Re: (Score:2)
Re: (Score:2)
Not even close to a solution.
First, passwords are not secure. They were always a kludge that made things 'better', but not secure.
Second, you are creating your password through the potentially infected system.
Third, this password would be stored somewhere in the system, since it would have to be checked. Stored data WILL be read by a malicious user.
Fourth, the password check is performed by software installed on the system that is potentially under attack.
Here's a good rule for security: If it's not bloc
Re: (Score:2)
Re: (Score:2)
Ok, we'll delve back into Security 51 class for you. This is a bit too basic for Security 101.
Security comes from 3 things:
You must have at least 2 of those components to have actual security. A password alone is not secure. A username and password is not
Re: (Score:2)
Re: (Score:2)
I'd say the simple switch or button located on the device, like you propose, would be the best option. Just add couple steps, "Find paperclip." "Find the little hole you wondered about in the plastic." "Stick paperclip into hole to press tiny button." The device is now flashable for x period and will revert back on its own after x or it is flashed."
Why is that hard?
Old News (Score:3, Informative)
See their writeup here www.ssi.gouv.fr/IMG/pdf/csw-trustnetworkcard.pdf or go to their company's website http://www.ssi.gouv.fr/site_article185.html [ssi.gouv.fr]
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
Re: (Score:2)
So they use the NIC exploit to gain access to the system, then flash the NIC and remove the tools. Seems pretty related, to me; and I'm certain we'll see it happen in the next year.
or infect NICs in the factory (Score:2)
If they bribed/coopted someone in the factory they could infect a bunch of NICs before they ever got to the end user, and they'd have backdoors all over.
Re: (Score:2)
Cragslist pva (Score:1)
Comment removed (Score:3, Interesting)
Sensationalized (Score:3, Informative)
Doesnt seem like theres much to worry about.
He Is A Reverse Engineer (Score:2, Interesting)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
My point was that the instincts of human language has no regards for the finer points of naming. If reverse engineering is a major activity in your life, you're going to get the title reverse engineer.
Doubtful. It sounds kind of ... wrong to me, so I would avoid the term. I might use it now and then in Slashdot summaries etc for humorous effect.
Perhaps the actual title should be "reenigne".
Re: (Score:2)
Well, it depends a bit on taste. I imagine some people would do a bricklayer, but so long as they keep that to themselves it doesn't bother me.
Re: (Score:2)
Cheap Chinese Manufacturing! (Score:2)
If we haven't been concerned over all of the cheap manufacturing going on in China, I would say this clearly illustrates what can really be done in a hard-to-detect way.
I have been repeating how "fear beats facts" lately, but there is one thing that beats fear... that would be greed. Not a lot beats greed and that is what is at the core so much. In this case, greed over the low cost of manufacturing in China to save a few bucks and to boost that bottom line.
BIOS boot process is also vulnerable... (Score:3, Interesting)
I recall this article [ksplice.com] that hypothetically starts by using the BIOS extension ROM function to hook into GRUB and modify it, then the modified GRUB loads and patches the kernel to host a rootkit, then runs that.
So instead of a smart peripheral with onboard processor and firmware, the dumb ones are affected as well (which only requires the BIOS extension ROM interface).
Even though BIOS is on its way out (we can't MBR-boot >2TiB drives anymore, so we have to use GPT) and EFI is on its way in, we're still stuck because EFI has similar features. Apple's video cards for Mac Pros have both BIOS extension ROMs and EFI ROMs.
Re: (Score:2)
People running consumer routers are already very vulnerable for the most part. Reflashing the NIC is too much work. What you need to worry about is if you are doing everything else right, running full disk encryption, with encrypted swap, and a nice long passphrase. Let your computer out of sight for a bit and it's been flashed with firmware that will tftp your encryption key to hostile intelligence agencies (foreign or domestic, take your pick). Hell, they could even intercept your equipment before you
Firewall for my Firewall? (Score:1)
Terms (Score:1)
Network card does not have CPU, CPU by definition is central processor.
Over 17 Years - subversionhack (Score:2)
Over 17 Years - subversionhack:
http://subversionhack.livejournal.com/1093.html [livejournal.com]
http://subversionhack.livejournal.com/1745.html [livejournal.com]
Subversionhack Archive:
(expired certificate)
https://tagmeme.com/subhack/a/ [tagmeme.com]