poking the s in sd cards
play

Poking the S in SD cards Nicolas Oberli Who am I ? Research team - PowerPoint PPT Presentation

Sep 28, 2023 •170 likes •956 views

Poking the S in SD cards Nicolas Oberli Who am I ? Research team @KudelskiSec Focusing on hardware / embedded devices security @BlackAlpsConf organization Stickers !! @Hydrabus developer Again, Stickers !! 2 How did it

  1. Poking the S in SD cards Nicolas Oberli

  2. Who am I ? ● Research team @KudelskiSec – Focusing on hardware / embedded devices security ● @BlackAlpsConf organization – Stickers !! ● @Hydrabus developer – Again, Stickers !! 2

  3. How did it start ? ● SD stands for Secure Digital – What is the Secure for ? ● Keep the attacks as low cost as possible – You can replicate this at home – No physical attacks on the cards 3

  4. Introduction to SD cards

  5. What is an SD card ? ● Basically a microcontroller interfacing the SD interface with flash memory ● See bunnie and xobs talk @ 30C3 for details https://en.wikipedia.org/wiki/SD_card 5

  6. Communication ● SD cards support 3 communication protocols – SPI Bus protocol ● Classic SPI – SD / UHS-I Bus protocol ● CLK, CMD, Up to 4 data lines – UHS-II Bus protocol ● RCLK, 2 differential data lines https://en.wikipedia.org/wiki/SD_card 6

  7. Time to dig into the specs ● Specs are freely available in a simplified format on the SD association website – 262-pages document (general specs – part 1) – Presents the general description of the SD System 7

  8. Initialization sequence SD specs part 1, figure 7-2 8

  9. Protocol ● Query/reply-based ● Each command has a number and is usually referenced with it – eg. CMD0 - GO_IDLE_STATE 9

  10. Protocol – cont. ● 7 different response formats – Depends on the sent command ● Protocol implements a block transfer feature – Used to transfer more than 4 bytes – Block starts with 0xFE – Length is defined by CMD16 (512 bytes by default) 10

  11. Interfacing with SD card ● First need to communicate correctly with the card ● SPI is used here – Lots of existing tools available to use SPI – Already supported by Hydrabus 11

  12. Hydrabus ● Bus Pirate on steroids – More modern alternative – Many supported protocols – Open source 12

  13. Setup 13

  14. Tool ● Python CLI interface using pyHydrabus ● Drives SD card in SPI mode – Can send raw commands – Helper functions for specific commands ● CRC is optional in SPI mode, easier to play with – Except when some cards require a valid CRC no matter what 14

  15. DEMO 15

  16. SD security features 16

  17. Security features ● SDMI – Secure Digital Music Initiative – Detailed under specs part 3 ● Available only to SD members / NDA ● Not covered here 17

  18. Security features ● Can be read- and/or write-protected – Available through several commands ● CMD27 to set write protection bits ● CMD42 to set read protection password ● These commands are mandatory to get SD label 18

  19. CMD42 – LOCK_UNLOCK ● Used to control the password protection mechanism – Up to 16 bytes – Not limited to printable characters – Keyspace : 2 128 – Same as an AES key ● Bruteforce is unachievable 19

  20. Locking the SD card ● The CMD42 command controls the password locking functions – Takes no parameter, but card expects a following data block 20

  21. CMD42 data block ● Contains the command options, length and the actual password 21

  22. Locking SD card ● Send CMD42 ● Send a data block , setting the SET bit, the password length and the password – Can optionally set the LOCK bit to lock the card in the process ● Lock status is available in the status bits (CMD13) 22

  23. Unlocking SD card ● Send CMD42 ● Send a data block , unsetting the LOCK bit, setting the password length and the password ● Card will assert the MISO line, then send an ACK once the command has been processed ● Lock status is available in the status bits (CMD13) 23

  24. Attacking the password protection 24

  25. Unlocking SD card ● Send CMD42 ● Send a data block , unsetting the LOCK bit, setting the password length and the password ● Card will assert the MISO line, then send an ACK once the command has been processed ● Lock status is available in the status bits (CMD13) 25

  26. Guess what happens ? CMD42 Password block Response CLK MISO MOSI CLK MISO MOSI 00000 000000 26

  27. What’s happening ? ● SD controller checks for the length of the password, then compares each byte to the correct password ● Returns an error as soon as there is a discrepancy ● Possible to determine a correct byte by measuring processing time 27

  28. Measuring time using SPI ● During processing time, read dummy bytes as fast as possible ● As long as we read zeroes, the password check is still ongoing ● Once we read a 1, count the number of zeroes 28

  29. In practice : 29

  30. DEMO 30

  31. So ? ● Bought a bunch of SD cards (~20) – Different vendors – Different sizes ● Also asked colleagues / friends for SD cards – The only card I permanently locked was not mine (‘-’*) ● Locked them with “123456” as password 31

  32. Special cases – Sony SD ● Card refuses to check the password after three failed attempts ● Need to remove and insert the card again to get 3 more attempts – In fact, doing a reset sequence (CMD0) is enough to get 3 more tries – Slightly makes the bruteforce slower 32

  33. Special cases – Sony uSD ● Card seems to have a really fast checking time – Can get no or maybe one zero bit ● Sampling rate might be too slow – SPI interface is ~42MHz – Using logic analyzer (100MS/s) still does not show any usable results 33

  34. Faster !! ● Used lab oscilloscope – Up to 40GS/s, more than enough ● Had to setup a trigger for correct measurement 34

  35. And... 35

  36. And... 36

  37. Special cases - Kingston ● It is possible to count the password length, but not the password chars ● Took a lot of measurements until I found this : 37

  38. 00000 38

  39. 000000 39

  40. 100000 40

  41. 120000 41

  42. 123000 42

  43. 123400 43

  44. 123450 44

  45. Still vulnerable ● Password checking works on groups of 4 bytes ● If remaining bytes to check is >= 4, test each byte individually ● Attack takes more time, but works anyways 45

  46. Results Card Manufacturer Prod. date* Vulnerable ? Transcend uSD 4GB Transcend (0x74) 09/2011 Yes Transcend uSD 16GB Transcend (0x74) 10/2012 Yes Hama 8GB Phison (0x27) 06/2010 Yes Maxell 32GB Phison (0x27) 10/2011 Yes Sony uSD 32GB Sony (0x9c) 07/2012 Yes Sony 32GB Sony (0x9c) 12/2011 Yes Kingston uSD 32GB Unknown (0x9f) 10/2012 Yes Sandisk Extreme 128GB Sandisk (0x03) 03/2012 No Sandisk mobile ultra 16GB Sandisk (0x03) 12/2009 No Samsung Evo+ uSD 32GB Samsung (0x1b) 10/2012 Unsupported * Production date format is not consistent 46

  47. Ouch ● Sandisk only controller I tested not vulnerable to this attack ● Remember : SD vendor != Controller manufacturer ● Samsung cards respond with invalid command when sending CMD42 47

  48. Write lock mechanism 48

  49. Abusing Write lock mechanism ● Setting the TMP_WRITE_PROTECT bit in CSD register puts the card in read-only mode ● Hypothesis: This will prevent the flash memory content to be erased when a clear password is sent 49

  50. Testing for vulnerability ● Write data on some pages ● Set write protection ● Set password ● Power cycle card ● Clear password ● Test for password presence, and if data is still present 50

  51. Results ● All tested cards do correctly erase the TMP_WRITE_PROTECT flag and erase the data ● Did not test the permanent write protect yet 51

  52. Abusing password clear feature 52

  53. Password clearing ● By setting the CLR bit in CMD42, it is possible to remove the password protection on a card ● Card content is erased in the process ● Hypothesis : Does the card clear its password BEFORE erasing the flash memory ? 53

  54. Detecting flash writes ● Flash memory uses charge-pump mechanism to provide enough current to change memory value ● Detecting an increase in power consumption would mean the flash will be written 54

  55. Measuring current consumption ● Ohm’s law : increasing the current through a fixed resistance will increase voltage drop ● Add a small (<10Ω) resistance after the SD card and measure voltage using oscilloscope – Might need to slightly increase source voltage ● Budget-tip: If you don’t have small resistances, vape coils do work 55

  56. Power consumption 56

  57. By the way... ● Checking a password consumes power ● So the timing attack is also visible by looking at the card power consumption 57

  58. 00000 58

  59. 000000 59

  60. 123450 60

  61. Triggering on consumption ● STM32 ADC offers a watchdog feature – Watchdog triggered when voltage goes above or below thresholds ● Added feature to Hydrabus – Programmable thresholds – Programmable delay (1μs minimum delay) 61

  62. Cutting power ● Used a MOSFET to drive the SD card current – Easy to use as a digital switch – Can be operated by a GPIO ● Budget-tip: Motherboards have a lot of MOSFETs that can be used. – Recycle your old stuff ! 62

  63. Final schema 63

  64. In practice 64

  65. Testing for vulnerability ● Write data on some pages ● Set password ● Power cycle card ● Clear password with trigger ● Test for password presence, and if data is still present 65

  66. Example – Flash erase 66

  67. Example – Flash erase glitched 67

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

www.worldofinsights.co How to use the cards REFLECT CARDS Use as an ice-breaker to create

www.worldofinsights.co How to use the cards REFLECT CARDS Use as an ice-breaker to create

www.worldofinsights.co How to use the cards REFLECT CARDS Use as an ice-breaker to create dialogue on learning. RETHINK CARDS Use as a brainstorming tool to spark new ideas. ACT CARDS Use to transform insights into action. Licence to Dare

434 views • 24 slides
with { Poking Servers whoami | head WebAppSec Consultant,

with { Poking Servers whoami | head WebAppSec Consultant,

with { Poking Servers whoami | head WebAppSec Consultant, Penetra:on Tester, Bug Bounty Hunter for Google, Facebook, Paypal, Mozilla and other bounty

740 views • 48 slides
Poking Facebook: Characterization of OSN Applications Minas Gjoka, Michael Sirivianos, Athina

Poking Facebook: Characterization of OSN Applications Minas Gjoka, Michael Sirivianos, Athina

Poking Facebook: Characterization of OSN Applications Minas Gjoka, Michael Sirivianos, Athina Markopoulou, Xiaowei Yang University of California, Irvine Outline Motivation and contributions Datasets description Data analysis User

524 views • 20 slides
POKING HOLES IN INFORMATION HIDING Angelos Oikonomopoulos Elias Athanasopoulos Herbert Bos

POKING HOLES IN INFORMATION HIDING Angelos Oikonomopoulos Elias Athanasopoulos Herbert Bos

POKING HOLES IN INFORMATION HIDING Angelos Oikonomopoulos Elias Athanasopoulos Herbert Bos Cristiano Giuffrida Vrije Universiteit Amsterdam Teaser Break ideal information hiding in seconds Few probes, typically no crashes

854 views • 33 slides
NANO MINING POOL CLOUD CONTRACTS AND MINING SERVICES OUR PRODUCTS Cloud cards are mining cards

NANO MINING POOL CLOUD CONTRACTS AND MINING SERVICES OUR PRODUCTS Cloud cards are mining cards

NANO MINING POOL CLOUD CONTRACTS AND MINING SERVICES OUR PRODUCTS Cloud cards are mining cards and help in earning respective payouts on allocated Hash power. Cloud cards are GPU cards. CLOUD CARDS Rigs provide you more mining speed and make

324 views • 13 slides
REPORT CARDS: an old tradition with a new look Transitioning to Standards-Based Report Cards

REPORT CARDS: an old tradition with a new look Transitioning to Standards-Based Report Cards

REPORT CARDS: an old tradition with a new look Transitioning to Standards-Based Report Cards REPORT CARDS...theyre a lot of work, so why do we do them? To clearly, fairly, and objectively communicate how a child is progressing in

343 views • 10 slides
An Example Blackjack: Goal is to obtain cards whose sum is as great as possible without exceeding

An Example Blackjack: Goal is to obtain cards whose sum is as great as possible without exceeding

An Example Blackjack: Goal is to obtain cards whose sum is as great as possible without exceeding 21. All face cards count as 10, and an Ace can be About this class worth either 1 or 11. Back to MDPs Game proceeds as follows: two cards are

435 views • 9 slides
Ordering TBR Business Cards: When ordering TBR business cards please do not use the Staples

Ordering TBR Business Cards: When ordering TBR business cards please do not use the Staples

Ordering TBR Business Cards: When ordering TBR business cards please do not use the Staples Punchout Catalog in SciQuest. Use Staples Advantage link below: http://www.stapleslink.com You will need: 1. a Customer ID number 2. a user ID, and

256 views • 11 slides
Procurement Cards and Sales Tax Compliance Procurement Cards and Sales Tax Compliance Planning and

Procurement Cards and Sales Tax Compliance Procurement Cards and Sales Tax Compliance Planning and

Presenting a live 110 minute teleconference with interactive Q&amp;A Procurement Cards and Sales Tax Compliance Procurement Cards and Sales Tax Compliance Planning and Executing a Program to Master the Complexities THURSDAY, JULY 7, 2011 1pm

754 views • 50 slides
Joint Primary PTA Meeting: Presentation of New Report Cards Presentation of New Report Cards

Joint Primary PTA Meeting: Presentation of New Report Cards Presentation of New Report Cards

Joint Primary PTA Meeting: Presentation of New Report Cards Presentation of New Report Cards October 27, 2010 Garden City Public Schools Why the Change? The last report card revision was over 10 years ago. A gap existed between the

450 views • 16 slides
Wedge Probe Cards PCBs, Connectors, Applications HTT High Tech Trade GmbH HTT Wedge Probe Cards

Wedge Probe Cards PCBs, Connectors, Applications HTT High Tech Trade GmbH HTT Wedge Probe Cards

Wedge Probe Cards PCBs, Connectors, Applications HTT High Tech Trade GmbH HTT Wedge Probe Cards Dresden Location Hartmut Wauer, Rev1.0, January 2014 Zur Wetterwarte 50, Haus 337b Page 1 D-01109 Dresden Wedge Probe Cards made by HTT Probe Card

249 views • 14 slides
MAXIMUM CARDS MAXIMUM CARDS What is a Maximum Card ? The Maximum Card is the one which contains a

MAXIMUM CARDS MAXIMUM CARDS What is a Maximum Card ? The Maximum Card is the one which contains a

MAXIMUM CARDS MAXIMUM CARDS What is a Maximum Card ? The Maximum Card is the one which contains a Picture Postcard, a Postage Stamp affixed on the picture side of the card and a Cancellation on it and should confirm maximum possible concordance

385 views • 23 slides
World War I Draft Registration Cards Zina Rhone World War I draft registration cards provide a

World War I Draft Registration Cards Zina Rhone World War I draft registration cards provide a

The Genealogical Significance of World War I Draft Registration Cards Zina Rhone World War I draft registration cards provide a wealth of genealogy information including the registrants name, date and place of birth, citizenship status,

735 views • 47 slides
THE NEW LOOK OF GIFT CARDS Gift Cards and Promotions in the New Millennium Melissa Landau

THE NEW LOOK OF GIFT CARDS Gift Cards and Promotions in the New Millennium Melissa Landau

THE NEW LOOK OF GIFT CARDS Gift Cards and Promotions in the New Millennium Melissa Landau Steinman, Esq. Venable 575 7th Street, NW Washington, DC 20005 202-344-4972 (V) 202-344-8300 (F) mlsteinman@venable.com WASHINGTON, DC MARYLAND

716 views • 28 slides
CDBA Peer Forum Financial Inclusion BILL DANA- MAY 26, 2015 Cards are reloadable with minimal

CDBA Peer Forum Financial Inclusion BILL DANA- MAY 26, 2015 Cards are reloadable with minimal

CDBA Peer Forum Financial Inclusion BILL DANA- MAY 26, 2015 Cards are reloadable with minimal fees Point of sale accessible national and international Prepaid Debit Cards cannot be overdrawn Cards for the Track spending, plan

630 views • 7 slides
Powered Cards 6/18/18 A full set of cards to acquire new clients, increase revenue, innovate C o

Powered Cards 6/18/18 A full set of cards to acquire new clients, increase revenue, innovate C o

Powered Cards 6/18/18 A full set of cards to acquire new clients, increase revenue, innovate C o n fid e n tia l / R e s tric te d / M o tio n STRATEGIC c o d e LEVERAGE ACQUIRE PROTECT the card new clients your VIP customers with proof

839 views • 42 slides
Outline Outline Motivation Data Stream Processing &amp; I magine Stream Architecture

Outline Outline Motivation Data Stream Processing &amp; I magine Stream Architecture

High- -Throughput Sketch Update on a Throughput Sketch Update on a High Low - -Power Stream Processor Power Stream Processor Low Yu- -Kuen Lai Kuen Lai Greg Byrd Yu Greg Byrd Dept. of Electrical Engineering Dept. of Electrical and

269 views • 15 slides
Distributed Systems Maciej opatka Facebook Inbox Search Authors Avinash Lakshman (one of

Distributed Systems Maciej opatka Facebook Inbox Search Authors Avinash Lakshman (one of

Distributed Systems Maciej opatka Facebook Inbox Search Authors Avinash Lakshman (one of the authors of Amazon's Dynamo) and Prashant Malik Facebook code dump Community Transfer to Apache Software Foundation An Apache top

406 views • 21 slides
Apache Cassandra STL Java Users Group Cliff Gilmore DataStax Solutions Architect / Engineer

Apache Cassandra STL Java Users Group Cliff Gilmore DataStax Solutions Architect / Engineer

Apache Cassandra STL Java Users Group Cliff Gilmore DataStax Solutions Architect / Engineer Aug 14, 2014 1 Agenda Cassandra Overview Cassandra Architecture Cassandra Query Language Interacting with Cassandra using Java

578 views • 39 slides
INTRODUCING: VIGILES LINUX SECURITY MONITORING TOOL INTRODUCTION AND OVERVIEW DECEMBER 2019

INTRODUCING: VIGILES LINUX SECURITY MONITORING TOOL INTRODUCTION AND OVERVIEW DECEMBER 2019

INTRODUCING: VIGILES LINUX SECURITY MONITORING TOOL INTRODUCTION AND OVERVIEW DECEMBER 2019 EXTERNAL USE NXP External Use Agenda Keeping your product secure Why do I care? What is a CVE? Challenges with CVEs and keeping

499 views • 28 slides
Bingdong Li , Jeff Springer , Mehmet Gunes , George Bebis University of Nevada Reno FloCon 2013

Bingdong Li , Jeff Springer , Mehmet Gunes , George Bebis University of Nevada Reno FloCon 2013

A Distributed Network Security Analysis System Based on Apache Hadoop-Related T echnologies Bingdong Li , Jeff Springer , Mehmet Gunes , George Bebis University of Nevada Reno FloCon 2013 January 7-10, Albuquerque, New Mexico Agenda

493 views • 31 slides
PeerTIS A Peer-to-Peer Traffic Information System | Jedrzej Rybicki | Bjrn Scheuermann | |

PeerTIS A Peer-to-Peer Traffic Information System | Jedrzej Rybicki | Bjrn Scheuermann | |

PeerTIS A Peer-to-Peer Traffic Information System | Jedrzej Rybicki | Bjrn Scheuermann | | Markus Koegel | Martin Mauve | VANETs Limited network capacity ? Limited scalability, connectivity No immediate market penetration

418 views • 16 slides
Evergreen Valley College Campus Forum April 7, 2015 2:00 p.m. to 4:00 p.m. Gullo II 1 Forum

Evergreen Valley College Campus Forum April 7, 2015 2:00 p.m. to 4:00 p.m. Gullo II 1 Forum

Evergreen Valley College Campus Forum April 7, 2015 2:00 p.m. to 4:00 p.m. Gullo II 1 Forum Presenters: Dr. Rita M. Cepeda Chancellor, San Jos - Evergreen Community College District Doug R. Smith Vice Chancellor of Administrative

761 views • 43 slides
The Power of the Log LSM &amp; Append Only Data Structures Ben Stopford Confluent Inc

The Power of the Log LSM &amp; Append Only Data Structures Ben Stopford Confluent Inc

The Power of the Log LSM &amp; Append Only Data Structures Ben Stopford Confluent Inc @benstopford Kafka: a Streaming Platform Producer Consumer Connectors Connectors The Log Streaming Engine KAFKAs Distributed Log Append Only Linear

1.07k views • 71 slides

More recommend