A story of Research by: !

Josh “m0nk” Thomas / @m0nk_dot!

44CON 2014

I gave a talk about robots

and hardware!

this hour, your talking head is…✤ Josh “m0nk” Thomas!

✤ @m0nk_dot !

✤ Partner and Chief Breaking Officer @ Atredis Partners!

✤ Recovering software developer (AI / Crypto / Mobile “stuff”)!

✤ Atredis Partners!

✤ Focused and targeted security firm!

✤ Specializing in advanced hardware and software assessments!

✤ Mobile and embedded systems!

✤ Societal infrastructure!

✤ Black boxes!

✤ Advanced malware and rootkit analysis!

✤ Handcrafted artisanal and deep bespoke research

@m0nk_dot likes to put trite commentary in

front of pretty pictures

story arc

✤ preface[0] = “Tongue Tied by many nights of NDA curiosity”!

✤ preface[1] = “What is the point / Where is the squishy?”!

✤ history lesson [0] = “The story of Wang and the Bed”!

✤ story[0] = “Hardware Design”!

✤ story[1] = “Iteration”!

✤ story [2] = “SoC, Bootloaders and trust chains”

I haz NDA?

✤ I hate this, but it is sadly worth mentioning!✤ … and you thought open source licenses were annoying!

✤ Words I can say:!✤ Sony!✤ HTC!✤ LG!

✤ I can sometimes say the words:!✤ Nokia!✤ Qualcomm!✤ BlackBerry!

✤ Words I cannot say:

Why to care?

Why Hit Hardware?

✤ Hard to get Code Exec / Control!

✤ Forensic OS Dumps!

✤ Crypto Keys & Boot Settings

What to look for?

✤ JTAG & Debug Access!

✤ Direct NAND Access!

✤ Bootloader Access & Manipulation

Functionality aside, why is hardware interesting

✤ Pretty!

✤ It is just as raw as source code, ASM or IDA!

✤ A concrete example of how much a company cares / what level of effort should be expected to break it!

✤ Not normally “patchable” / LOOOOOOOONG shelf life

The story of Wang and the Bed

history lesson [0]: could be true?

…had a kid, scada-curious, , talked about StuxNet, met at the pub… proof that I am not a EE and that some people are just damn cool

story[0] All hardware has a story to tell

stick with me here… I promise the following has a point and is more that “vacation pics”

What Simple Looks Like: MasterLock dialSpeed

What Complex Looks Like: Microsoft Xbox 360

Traces I Love: Samsung ChromeBook (Daisy)

Ol’ Grand Dad: Qualcomm Dragon Board

The Godfather Phone: Qualcomm Snapdragon 8974 Dev Platform

One Sided Conversation / Traces I Hate: Motorola Moto X

Grumble Grumble RF Shields: BlackBerry Z30

Hidden for a Reason: HTC One

Advanced Game: Apple iPhone 5S

XXX: BlackBerry Z10

XXX: Nokia Lumia 635

Speaking of… Microsoft Surface RT (V1)

Squares and NAND: Sony Arc S

Squares and Burner: Sony Xperia Z

XXX: LG Nexus 5

Old School: LG Nexus 4

Not a Monster: Samsung Galaxy Note 3

Oddly Normal: Samsung Galaxy 4

Lessons Learned

✤ Motorola tends to make one sided boards that are very simple and masked!

✤ Samsung likes uber dense complexity and non-euclidean shapes!

✤ Sony is just kinda boring and square!

✤ BlackBerry and Nokia internals look oddly identical!

✤ No one is a dense as Apple!

✤ Microsoft should QA a bit more!

✤ The new style is to hide Qualcomm below the NAND

story[1] Background Complete:

Exploring Iterative Design with Amazon Prime

Catching Fire - An Evolution

✤ Amazon has released 7 iterations of the Kindle Fire platform since late 2011:!

✤ Kindle Fire (1st Generation - 11/15/2011)!

✤ Kindle Fire (2nd Generation - 09/14/2012)!

✤ Kindle Fire HD 7" (1st Generation - 09/14/2012)!

✤ Kindle Fire HD 8.9" (1st Generation - 11/20/2012) (also has a cellular variant)!

✤ Kindle Fire HD 7" (2nd Generation - 10/02/2013)!

✤ Kindle Fire HDX 7" (3rd Generation - 10/18/2013) (also has a cellular variant)!

✤ Kindle Fire HDX 8.9" (3rd Generation - 11/07/2013) (also has a cellular variant)!

✤ Fire Phone (released 07/25/2014).

Amazon Fire V1

Amazon Fire V2

Amazon Fire V1

Amazon Fire V2

Amazon Fire HD V1

Amazon Fire HD V2

Amazon Fire HDX V1

Amazon Fire HDX V1

story[2]: SoC, Bootloaders and trust chains

TEE on the MSM8960 SoC

✤ Hosts a collection of Trusted Execution Environments!

✤ Krait Core 0 (Trust Zone)!

✤ The ARM7 based RPM (Resource and Power Management System)!

✤ The Modem System (assume this is the Hexagon Baseband platform)!

✤ The SPS (Smart Peripheral System)

Hardware of Note

✤ eFuses / QFPROM hold a lot of data (covered later)!

✤ The SoC reuses the ARM7 and ARM9 cores for different functions depending on the current processing needs!

✤ Hardware hosts 2 discrete “Crypto Engine” processors in hardware!

✤ CE1 is hardware latched to fuses for the the Primary Hardware Key !

✤ CE2 is hardware latched to fuses for the User Hardware Key!

✤ Assumed to be the ARM9 cores

A Glance at the Boot Chain before the “Bootloader”

The Secure Boot 3.0 Process Interesting tidbits

✤ RPM PBL starts executing at physical address 0x00!

✤ Multitude of Bootloader options here specifying where to look for more code to execute!

✤ All Authentication pre TZ load uses the Crypto Engine 1 (CE1) & the Primary Hardware Key (PHK) from the eFuse block!

✤ (Supposedly) Debuggable via “proprietary” tools!

✤ Highly eFuse controlled!

✤ Supports an “Emergency Download Mode” upon crash

Things are getting fused

How Fuses Work

✤ Total of 16kb block of eFuses / QFPROM on MSM8960!

✤ 4kb mapped and easily accessible:!

✤ QFPROM BASE PHYSICAL: 0x00700000!

✤ QFPROM SHADOW BASE: 0x00706000!

✤ Can be read whenever / Written Once!

✤ To write, need to hold voltage for $TIME_PERIOD

Interesting QFPROM

✤ A 256-bit Primary Hardware Key (PHK used by CE1)!

✤ A 256-bit Secondary Hardware Key (SHK used by CE2)!

✤ A 128-bit OEM Customer key!

✤ A 2048-bit Customer private key!

✤ Fuses to disable debug / JTAG!

✤ Fuses to reenable debug / JTAG!

✤ Possible large swaths of unmapped free space

<insert POC||GTFO source here>

There is no conclusion, only Zuul

thanks for letting me talk… any questions?