Modern Bootkit Trends: Bypassing Kernel-Mode Signing Policy

4,087 views

Published on

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
4,087
On SlideShare
0
From Embeds
0
Number of Embeds
1,048
Actions
Shares
0
Downloads
75
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Modern Bootkit Trends: Bypassing Kernel-Mode Signing Policy

  1. 1. Modern Bootkit Trends: Bypassing Kernel-Mode Signing PolicyAleksandr MatrosovEugene Rodionov
  2. 2. Agenda Evolution of payloads and rootkits Bypassing code integrity checks Attacking Windows Bootloader Modern Bootkit details:  Win64/Olmarik  Win64/Rovnix What Facilitates Bootkit Attack Vector
  3. 3. Evolution of Rootkits
  4. 4. Evolution of Rootkit Installation Malicious Exploit Bypass Escape Web-site Vulnerability ASLR/DEP Sandbox Execute Download Escalate Payload Rootkit Local Privilege Kernel-Mode Exploit Install Rootkit
  5. 5. Evolution of Rootkit Features x86 Dropper Rootkit bypassing HIPS/AV self-defense privilege escalation surviving reboot installing rootkit driver Kernel mode injecting payload User mode
  6. 6. Evolution of Rootkit Features x86 x64 Dropper Rootkit Rootkit bypassing HIPS/AV self-defense self-defense privilege escalation surviving reboot surviving reboot installing rootkit bypassing signature driver injecting payload check Rootkit bypassing MS PatchGuard Kernel mode User mode injecting payload
  7. 7. Obstacles for 64-bit Rootkitso Kernel-Mode Code Signing Policy:  It is “difficult” to load unsigned kernel-mode drivero Kernel-Mode Patch Protection (Patch Guard):  SSDT (System Service Dispatch Table)  IDT (Interrupt Descriptor Table)  GDT (Global Descriptor Table)  MSRs (Model Specific Registers)
  8. 8. Bypassing Code Integrity Checks
  9. 9. Subverting KMCSPo Abusing vulnerable, signed, legitimate kernel-mode drivero Switching off kernel-mode code signing checks by altering BCD data: abusing WinPE Mode disabling signing check enabling test signingo Patching Bootmgr and OS loader
  10. 10. Bypassing Integrity Checks Bypassing Integrity Check Techniques USER-MODE KERNEL-MODE TESTSIGNING ON System Boot Modification MBR DISABLE INTEGRITY CHECKS (Master Boot Record) VBR (Volume Boot Record)
  11. 11. Attacking Windows Bootloader
  12. 12. Boot Process First BIOS Boot Full Kernel MBR User-Mode Initialization Loader Initialization Process Early Kernel Initialization BIOS Services Kernel Services Hardware
  13. 13. Boot Process with Bootkit Infection load malicious MBR/VBR NT kernel modifications load rootkit driver
  14. 14. Code Integrity Check Non boot-start OS kernel kernel-mode drivers OS kernel Bootmgr OS loader dependencies Boot-start drivers
  15. 15. Evolution of Bootkitso Bootkit PoC evolution: o Bootkit Threats evolution:  eEye Bootroot (2005)  Win32/Mebroot (2007)  Vbootkit (2007)  Win32/Mebratix (2008)  Vbootkit v2 (2009)  Win32/Mebroot v2 (2009)  Stoned Bootkit (2009)  Win64/Olmarik (2010/11)  Evilcore x64 (2011)  Win64/Rovnix (2011)
  16. 16. Win64/Olmarik
  17. 17. TDL4 Installation on x64 Prepare hidden FS image Write FS image, fail patch MBR and Adjust success SE_SHUTDOWN_PRIVILEGE Exploitation success MS10-092 fail Call ZwRaiseHardError to create BSOD Copy itself into %TMP% directory Restart Dropper Create manifest requesting admin privilege Call success ShellExecute Report to C&C fail
  18. 18. BCD Elements determining KMCSP(before KB2506014)BCD option DescriptionBcdLibraryBoolean_DisableIntegrityCheck disables kernel-mode code integrity(0x16000020) checksBcdOSLoaderBoolean_WinPEMode instructs kernel to be loaded in(0x26000022) preinstallation mode, disabling kernel-mode code integrity checks as a byproductBcdLibraryBoolean_AllowPrereleaseSignatures enables test signing(0x16000049)
  19. 19. Abusing Win PE mode: TDL4 modulesModule name Descriptionmbr (infected) infected MBR loads ldr16 module and restores original MBR in memoryldr16 hooks 13h interrupt to disable KMCSP and substitute kdcom.dll with ldr32 or ldr64ldr32 reads TDL4’s kernel-mode driver from hidden file system and maps it into kernel-mode address spaceldr64 implementation of ldr32 module functionality for 64-bit OS int 13h – service provided by BIOS to communicate with IDE HDD controller
  20. 20. Abusing Win PE mode: Workflow Load infected MBR Continue kernel Infected mbr is initialization loaded and executed Load ”drv32” Call or “drv64" Load “ldr16” from KdDebuggerInitialize1 hidden file system “ldr16” is from loaded kdcom.dll loaded and executed substitute Hook BIOS int 13h kdcom.dll Load ntoskrnl.exe, with”ldr32” handler and hal.dll,kdcom.dll,b or “ldr64" restore original Original mbr is ootvid.dll ant etc MBR loaded and executed distrort /MININT option Load VBR Load winload.exe VBR is loaded and executed Substitute EmsEnabled option with WinPe Load bootmgr read bcd Bootmgr is loaded and executed
  21. 21. MS Patch (KB2506014)o BcdOsLoaderBoolean_WinPEMode option no longer influences kernel-mode code signing policyo Size of the export directory of kdcom.dll has been changed
  22. 22. Win64/Rovnix
  23. 23. Win64/Rovnix: Installation Check if success already infected Check OS Windows XP Windows 2000 Version Vista/Win7 fail success Check Admin fail Privileges Determine OS Digit Capacity Call ShellExecuteEx Install Corresponding API with “runas” Kernel-mode Driver Overwrite Bootstrap Code of Active Partition Self Delete and Exit Initiate System Reboot
  24. 24. Win64/Rovnix: Bootkit Overview real mode Load MBR real mode Load VBR real mode/ Load protected mode bootstrap code real mode/ protected mode Load bootmgr Target of Win64Rovnix real mode/ Load protected mode winload.exe or winresume.exe Load kernel and boot start drivers
  25. 25. Win64/Rovnix: Infected Partition Layouto Win64/Rovnix overwrites bootstrap code of the active partitiono The malicious driver is written either:  before active partition, in case there is enough space  to the end of the hard drive, otherwise MBR VBR Bootstrap Code File System Data Before Infecting Compressed After Infecting Data Malicious Malicious Bootstrap MBR VBR File System Data Unsigned Code Code Driver NTFS bootstrap code (15 sectors)
  26. 26. Win64/Rovnix: Bootkit Details Load MBR Continue kernel MBR is initialization loaded and executed Map malicious driver into Load ntoskrnl.exe, kernel-mode address space Load VBR hal.dll,kdcom.dll,b VBR is loaded ootvid.dll ant etc and executed Hook BlImgAllocateImageBuffer Load malicious bootstrap code Load winload.exe Malicious bootstrap code is loaded and executed Bootloader parameters Hook BIOS int 13h are read from BCD handler and Read BCD restore original Original bootstrap bootstrap code code is restored Restore bootmgr, hook int1 handler and copy itself over IDT Load bootmgr Patch bootmgr Bootmgr is loaded and receives control
  27. 27. Win64/Rovnix: Loading Unsigned Drivero Insert malicious driver in BootDriverList of KeLoaderBlock structureo When kernel receives control it calls entry point of each module in the BootDriverList KeLoaderBlock Malicious Ntoskrnl.exe Driver
  28. 28. Win64/Rovnix: Abusing Debugging FacilitiesWin64/Rovnix:o hooks Int 1h  tracing  handles hardware breakpoints (DR0-DR7)o overwrites the last half of IDT (Interrupt Descriptor Table)  is not used by OS As a result the malware is able to:  set up hooks without patching bootloader components  retain control after switching into protected mode
  29. 29. Win64/Rovnix: Abusing Debugging FacilitiesWin64/Rovnix:o hooks Int 1h  tracing  handles hardware breakpoints (DR0-DR7)o overwrites the last half of IDT (Interrupt Descriptor Table)  is not used by OS As a result the malware is able to:  set up hooks without patching bootloader components  retain control after switching into protected mode
  30. 30. Olmarik vs RovnixCharacteristics Win64/Olmarik Win64/RovnixPrivilege escalation MS10-092 Reboot technique ZwRaiseHardError API ExitWindowsEx APIMBR/VBR infection MBR VBR (bootstrap code) Inserting into boot driver listLoading driver ZwCreateDriver API of KeLoaderBlock structure KeInitializeApc/ KeInitializeApc/Payload injection KeInstertQueueApc APIs KeInstertQueueApc APIs Kernel-mode hooks,Self-defense MBR monitoring Number of modules 10 2Stability of code  Threat complexity  
  31. 31. Bootkit Attack Vector
  32. 32. Modern Bootkits’ Approacheso Hooking BIOS 13h Interrupt Handler  Win64/Olmariko Tracing Bootloader Components  Win64/Rovnix  “Deep Boot” (PoC)o Stealing a Processor’s Core  “EvilCore” (PoC)
  33. 33. Tracing Bootloader Componentso Microsoft Windows Bootloader Components: Component Name Processor Execution Mode Bootstrap code real mode Bootmgr real mode/protected mode Winload.exe/Winresume.exe protected modeo Surviving processor’s execution mode switching  Malware has to retain control after execution mode switching  IDT and GDT are most frequently abused data structures
  34. 34. What Facilitates the Attack Vector?o Untrusted platform problem  BIOS controls boot process, but who controls it?  The trust of trust is below point of attack Point of Attack Non boot-start OS kernel kernel-mode drivers Pre boot OS kernel Bootmgr OS loader firmware dependencies Boot-start drivers The Root of Trust
  35. 35. How to Defend Against the Attack?oTo resist bootkit attacks we need the root of trust be above point of attack:  TPM  UEFI Secure Boot Point of Attack Non boot-start OS kernel kernel-mode drivers Pre boot OS kernel Bootmgr OS loader firmware dependencies Boot-start The Root of drivers Trust
  36. 36. Conclusion Bootkits  ability to bypass KMCSP Return of old-school techniques  MBR infections Win64/Olmarik (TDL4)  1st widely spread Win64 rootkit Win64/Rovnix  debugging facilities to subvert KMCSP Untrusted platform facilitates bootkit techniques
  37. 37. References “The Evolution of TDL: Conquering x64”http://www.eset.com/us/resources/white-papers/The_Evolution_of_TDL.pdf “Defeating x64: The Evolution of the TDL Rootkit”http://www.eset.com/us/resources/white-papers/TDL4-CONFidence-2011.pdf “Hasta La Vista, Bootkit: Exploiting the VBR”http://blog.eset.com/2011/08/23/hasta-la-vista-bootkit-exploiting-the-vbr Follow ESET Threat Bloghttp://blog.eset.com
  38. 38. Thank you for your attention ;)Aleksandr Matrosovmatrosov@eset.sk@matrosovEugene Rodionovrodionov@eset.sk@vxradius

×