Your SlideShare is downloading. ×
How trustw rthy are your Sand (de)fences?
Rahul Kashyap,
Head of Security Research
Bromium Labs @rckashyap
Bromium Confidential
• Environment designed to run untrusted (or exploitable)
code, in a manner that prevents the encapsul...
Bromium Confidential
• Type A: OS enhancement based (Sandboxie, Buffer Zone
Pro etc.)
• Type B: Master/slave model (Adobe ...
Bromium Confidential
• Example: Sandboxie, BufferZone Pro
• Custom kernel driver modifies Windows behavior, so that
change...
Architectural Discussion: Type A
• There is a lot of kernel
interaction that the
sandbox needs to allow
for applications t...
Bromium Confidential
Application Sandbox Type A
• Sandboxed app: dear kernel, please open a file for me,
the file name is at address X
• Kernel: X points to “allowed_file...
Bromium Confidential
• The problem – sandboxed code has direct access to
almost full OS functionality
• Almost all kernel ...
CVE-2012-0217
Exploit: MS12-042
SANDBOX BYPASS
DEMO
Bromium Confidential
• Example: Google Chrome, Adobe Reader
• Two processes - master and slave, talking over IPC
channel
•...
Architectural Discussion: Type B
• Master has smaller
codebase, the point
being – it should be
tougher to exploit it
• Sla...
Bromium Confidential
Application Sandbox Type B
Bromium Confidential
• Slave runs with low privileges
• restricted token
• job object
• desktop object
• integrity level
C...
Bromium Confidential
• How exhaustive is the OS-based confinement, according
to the documentation [2]?
• Mounted FAT or FA...
Bromium Confidential
Chrome sandbox in action (Adobe Reader)
Bromium Confidential
• How resistant is Master to a malicious Slave?
• This is what other authors focused on
• How resista...
Bromium Confidential
Master/slave type sandbox on Windows, Adobe
Reader
Observe
“Low”
integrity
level
• Slave deprivileged even more than stated in chrome
sandbox documentation
• “Untrusted” integrity level
• Particularly, a...
• Well-known cases of successful attacks against the
master (shown at Pwnium[5], Pwn2own[6])
• The attacks against the mas...
• Slave can still exploit a kernel vulnerability
• Some vulnerabilities are not exploitable by Slave
• If need to create a...
Bromium Confidential
• Exhaustive previous related work on methodology of
attacking the Master [3], [4]
• The first case o...
• Sandboxed app: dear kernel, please draw the text “Hello
world” for me please, using the true type font stored at
address...
Let’s do it differently this time…
CVE-2011-3402
Exploit: MS11-087
SANDBOX BASED
DEFENSE “IN-DEPTH”
#EPICFAIL
Bromium Confidential
• Windows kernel issues are discovered increasingly
frequently
• 25 CVE items for Windows kernel in 2...
App Sandboxes: Important Points
• Application sandboxes are fundamentally vulnerable to
kernel mode attacks
• The sandbox ...
Bromium Confidential
• Wrap the OS in a sandbox such that OS (and other
application) vulnerabilities are nonfatal – this c...
Bromium Confidential
• Evaluate your Defense in Depth architecture, particularly
how resilient is it with advanced attacks...
Bromium Confidential
• Rafal Wojtczuk, Bromium Labs
• [1] http://www.sandboxie.com/
• [2] http://dev.chromium.org/develope...
Bromium Confidential
Thank You!
http://labs.bromium.com
Upcoming SlideShare
Loading in...5
×

Rahul Kashyap "How Trustworthy are your Sand-(de)fences?"

595

Published on

In this talk we cover in-depth architecture details of windows application sandboxes like Google Chrome, Adobe Reader, Sandboxie. Then we look at the design assumptions these sandboxes make. Are these assumptions the weakest link? After this decomposition, we'll do live exploit demos to bypass these sandboxes; not by exploiting vulnerabilities in them - rather by exploiting the architectural assumptions. The talk will also cover aspects of windows internals, kernel mode vulnerabilities and also give ideas on generic ways how to pivot out of some sandboxes. For the malware analyst or security practitioner - this talk will also cover the perils of doing unknown malware analysis inside sandboxes.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
595
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Rahul Kashyap "How Trustworthy are your Sand-(de)fences?""

  1. 1. How trustw rthy are your Sand (de)fences? Rahul Kashyap, Head of Security Research Bromium Labs @rckashyap
  2. 2. Bromium Confidential • Environment designed to run untrusted (or exploitable) code, in a manner that prevents the encapsulated code from damaging the rest of the system • The aim of a sandbox is to isolate threats • Our research focuses on security effectiveness of the isolation primitives for application sandboxes • Are sandboxes worthy of the attention they‟re currently getting? What is a sandbox?
  3. 3. Bromium Confidential • Type A: OS enhancement based (Sandboxie, Buffer Zone Pro etc.) • Type B: Master/slave model (Adobe ReaderX, Chrome browser) Types of Sandboxes
  4. 4. Bromium Confidential • Example: Sandboxie, BufferZone Pro • Custom kernel driver modifies Windows behavior, so that change to protected system components is prevented • Use cases: Most of such sandboxes are used for controlled execution of applications including „safe‟ browsing • Sandboxie is widely used for malware analysis TYPE A
  5. 5. Architectural Discussion: Type A • There is a lot of kernel interaction that the sandbox needs to allow for applications to work as designed • It relies on the assumption that OS kernel is not compromised • The sandbox cannot protect against malicious kernel mode malware
  6. 6. Bromium Confidential Application Sandbox Type A
  7. 7. • Sandboxed app: dear kernel, please open a file for me, the file name is at address X • Kernel: X points to “allowed_file.txt” string; here goes a file handle for you • Sandboxed app: dear kernel, please open a file for me, the file name is at address Y • Kernel: Y points to “secret_file.txt” string; you are a sandboxed app, I will not let you access this file How kernel enforces access control
  8. 8. Bromium Confidential • The problem – sandboxed code has direct access to almost full OS functionality • Almost all kernel vulnerabilities are exploitable from within this sandbox • This sandbox has no means to contain malicious kernel- mode code (because they both run at the same privilege level) Type A sandbox
  9. 9. CVE-2012-0217 Exploit: MS12-042 SANDBOX BYPASS DEMO
  10. 10. Bromium Confidential • Example: Google Chrome, Adobe Reader • Two processes - master and slave, talking over IPC channel • Slave is confined using OS access control facilities • Master mediates access to resources • Use case: protect the application from exploitation • Google Chrome and Adobe Reader are popular applications mainly for web and content rendering TYPE B
  11. 11. Architectural Discussion: Type B • Master has smaller codebase, the point being – it should be tougher to exploit it • Slave has a bigger attack surface that needs to be „brokered‟ by the master • Slave still directly interacts with the OS Kernel
  12. 12. Bromium Confidential Application Sandbox Type B
  13. 13. Bromium Confidential • Slave runs with low privileges • restricted token • job object • desktop object • integrity level Chrome sandbox on Windows
  14. 14. Bromium Confidential • How exhaustive is the OS-based confinement, according to the documentation [2]? • Mounted FAT or FAT32 volumes – no protection • TCP/IP – no protection • Access to most existing securable resources denied • Everybody agrees it is good enough… • … assuming the kernel behaves correctly Chrome sandbox on Windows
  15. 15. Bromium Confidential Chrome sandbox in action (Adobe Reader)
  16. 16. Bromium Confidential • How resistant is Master to a malicious Slave? • This is what other authors focused on • How resistant is OS to a malicious Slave? • We focus on the last aspect Chrome sandbox on Windows
  17. 17. Bromium Confidential Master/slave type sandbox on Windows, Adobe Reader Observe “Low” integrity level
  18. 18. • Slave deprivileged even more than stated in chrome sandbox documentation • “Untrusted” integrity level • Particularly, access to FAT32 filesystem denied Master/slave type sandbox on Windows, Chrome browser
  19. 19. • Well-known cases of successful attacks against the master (shown at Pwnium[5], Pwn2own[6]) • The attacks against the master are complex and relatively rare Master/slave type sandbox on Windows, Chrome browser
  20. 20. • Slave can still exploit a kernel vulnerability • Some vulnerabilities are not exploitable by Slave • If need to create a process • If need to alter specific locations in the registry • win32k.sys still much exposed A vulnerability in win32k.sys can potentially be exploited at the browser level, yielding full control over the machine directly, without the need to achieve code execution in the sandbox first Pwn2own[11]) Master/slave type sandbox on Windows, Chrome browser
  21. 21. Bromium Confidential • Exhaustive previous related work on methodology of attacking the Master [3], [4] • The first case of Adobe sandbox vulnerability exploited in the wild reported in Feb 2013 [9] • This escape possible because of a bug in Master Master/slave type sandbox on Windows, Adobe Reader
  22. 22. • Sandboxed app: dear kernel, please draw the text “Hello world” for me please, using the true type font stored at address X • Kernel: You are a sandboxed app, but using a font is a benign operation which you need to function properly • Kernel: OK, just a moment, I need to parse this font • While processing the font, kernel corrupts its own memory because the parser code in the kernel is buggy • Because of memory corruption, kernel starts executing code at X, which allows the app to do anything it wants How a typical kernel exploit would work
  23. 23. Let’s do it differently this time…
  24. 24. CVE-2011-3402 Exploit: MS11-087 SANDBOX BASED DEFENSE “IN-DEPTH” #EPICFAIL
  25. 25. Bromium Confidential • Windows kernel issues are discovered increasingly frequently • 25 CVE items for Windows kernel in 2012 • 40 CVE items in the first 5 months of 2013 • There have been targeted attacks like Duqu that have targeted kernel vulnerabilities • Yes… it‟s a big problem! Is this a problem?
  26. 26. App Sandboxes: Important Points • Application sandboxes are fundamentally vulnerable to kernel mode attacks • The sandbox is entirely bypassed, not penetrated • Layering sandboxes doesn‟t help • The attack surface of commodity OS kernels is large, with no reasonable hope of securing them
  27. 27. Bromium Confidential • Wrap the OS in a sandbox such that OS (and other application) vulnerabilities are nonfatal – this can be achieved using a Virtual Machine based environment • Hypervisor and supporting environment would still be an attack vector, arguably small enough to be defensible • For robust isolation, implement/design/buy a security centric hypervisor to accomplish robust isolation of unknown threats What are the alternatives for isolation?
  28. 28. Bromium Confidential • Evaluate your Defense in Depth architecture, particularly how resilient is it with advanced attacks? #0days • Remember that it‟s not feasible to defend kernel mode 0days from within the kernel • In our analysis Type A were more vulnerable than Type B application sandboxes. • Definitely avoid malware analysis inside application sandboxes! #D‟0h! • A sandbox inside a sandbox is not really defense in depth • Choose wisely, stay safe! Conclusion
  29. 29. Bromium Confidential • Rafal Wojtczuk, Bromium Labs • [1] http://www.sandboxie.com/ • [2] http://dev.chromium.org/developers/design-documents/sandbox • [3] "A Castle Made of Sand - Adobe Reader X Sandbox" Richard Johnson • [4] “Breeding Sandworms” - Zhenhua Liu, Guillaume Lovet • [5] http://blog.chromium.org/2012/10/pwnium-2-results-and-wrapup_10.html • [6] "Pwn2Own 2012: Google Chrome browser sandbox first to fall" • http://www.zdnet.com/blog/security/pwn2own-2012-google-chromebrowser- sandbox-first-to-fall/10588 • [7] Dennis Fisher • http://threatpost.com/en_us/blogs/its-time-abandon-java-012113 • [8] BufferZone Pro, http://www.trustware.com/BufferZone-Pro/ • [9] arstechnica.com/security/2013/02/zero-day-attack-exploits-latestversion-of- adobe-reader/ • [10] Duqu malware, http://em.wikipedia.org/wiki/Duqu • [11] http://labs.mwrinfosecurity.com/blog/2013/04/19/mwr-labs-pwn2own-2013- write-up---webkit-exploit/ Credits & References
  30. 30. Bromium Confidential Thank You! http://labs.bromium.com

×