REboot: Bootkits Revisited · Load Winresume.exe Hibernation state FALSE Mount BCD database, and...
Transcript of REboot: Bootkits Revisited · Load Winresume.exe Hibernation state FALSE Mount BCD database, and...
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
REboot: Bootkits Revisited
Samuel Chevet
29 May 2014
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Agenda
Describe what a bootkit isHow the Windows boot process worksState of the art in the real worldREboot projectConclusion
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Plan
1 Bootkit
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Rootkit
Type of "malicious" softwareKernel-LandFull controlHide malicious stuffAdding / Replacing portions of OSProprietary software protections used it sometimes
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Bootkit
Problem with x64 versionDriver signing is mandatoryBuy or steal certificate ?Kernel Protection
New attackCompromise the boot processSubvert 64-bit kernel mode driver signingLoad malicious driverBotnets: Spam, steal credentials, DDOS, . . .
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Bootkit
Problem with x64 versionDriver signing is mandatoryBuy or steal certificate ?Kernel Protection
New attackCompromise the boot processSubvert 64-bit kernel mode driver signingLoad malicious driverBotnets: Spam, steal credentials, DDOS, . . .
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Bootkit
Bootkits’ evolution (http://www.welivesecurity.com/ c©)
http ://www.welivesecurity.com/
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Plan
2 BasicsBoot process
BIOSMBRVBRBootMGRWinload
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Boot process
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Plan
2 BasicsBoot process
BIOSMBRVBRBootMGRWinload
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
BIOS
Initialize and test the system hardware componentsExecuted in Real modeTransfer execution to some other medium :
Disk driveCD-ROMNetwork boot
Load first sector of hardware drive at 0000:7C00First sector is called Master Boot Record(MBR)
Some bogus BIOSes jump to 07C0:0000 instead of0000:7C00
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Boot process
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Plan
2 BasicsBoot process
BIOSMBRVBRBootMGRWinload
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Master Boot Record
Executed in Real modeCopies itself to 0000:0600Searches bootable partition inside partition tableCopies first sector of bootable partition at 0000:7C00Jump to 0000:7C00
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Boot process
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Plan
2 BasicsBoot process
BIOSMBRVBRBootMGRWinload
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Volume Boot Record
1 sector containing Bios Parameter Block (BPB)BPB structure is completely different from FAT toNTFSBPB uses HiddenSectors field to load InitialProgram Loader (IPL)Jump to it
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Initial Program Loader
Ability to read FAT32 and NTFSLoad BootMGR at 2000h:0000h (0x20000)Jump to itOr NTLDR for older version (branch is still here ;))
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Boot process
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Plan
2 BasicsBoot process
BIOSMBRVBRBootMGRWinload
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
BootMGR
Map a 32 bit embedded executable to 0x400000Activate protected modeLoad GDT, IDTChecksum of the embedded file
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
BootMGR 32
Ability to use symbols (.pdb) from MicrosoftBmMain(x), BmFwVerifySelfIntegrity(x),ImgpLoadPEImage()Check for hibernation state
Hibernation state TRUELoad Winresume.exe
Hibernation state FALSEMount BCD database, and enumerate boot entries,settings, . . .Change CPU mode to 64 bitsLoad Winload.exe (BmpLaunchBootEntry(x, x, x))
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Boot process
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Plan
2 BasicsBoot process
BIOSMBRVBRBootMGRWinload
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Winload
Setup minimal 64 bits kernelEnable pagingGet Boot Options (DISABLE_INTEGRITY_CHECKS,TESTSIGNING, . . . )Load BCD entriesFill LOADER_PARAMETER_BLOCKLoad SYSTEM Hives (system32\config\system)Load Ntoskrnl.exe, hal.dll,SERVICE_BOOT_START driversCreate PsLoadedModuleList
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Winload
GDT EntryCode entry for long modeCode entry for protected modeData entry for protected modeTss for long modeCode entry for real modeData entry for real modeData entry for framebuffer (0x000B8000)
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Winload
BIOS interruption while in Long modeWinload needs to read / write filesPrint UI, get keyboard input, . . .Winload is able to execute BIOS interruption
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Boot process
-
REboot: BootkitsRevisited
Bootkit
BasicsBoot process
BIOS
MBR
VBR
BootMGR
Winload
Chain of trust
State of the art
REboot
Conclusion
Samuel Chevet
Chain of trust
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
Plan
3 State of the artType of infectionPayloadProblems
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
State of the art
In 2010, bad guys started to attack 64 bits systemTDL, aka Alureon family of malware
Some BootkitsTDL4TurlagapzxpajCidoxyurnprioxerrovnix. . .
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
Type of infection
Bootkit techniques (http://www.welivesecurity.com/ c©)
http ://www.welivesecurity.com/
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
Payload
Keep control during all bootprocess stages untilNtoskrnl.exe loadingFinal malicious payload is injected duringNtoskrnl.exe stage
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
Payload
BIOS provides interruptionsint 013h (Function : 042h) : Extended Read SectorsHook this interruptionSame technique used in all infection methods
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
Hook interest
Scan all disk read operations inside hookPatch file in memorySetup new trampoline in next stage(Ex : from MBR -> VBR, VBR -> BootMGR, . . . )Final goal is to reach Ntoskrnl.exe loadingLoad unsigned driversDisable Kernel Protection
Open Source ProjectStonedBootkitVBootkitDreamBoot. . .
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the artType of infection
Payload
Problems
REboot
Conclusion
Samuel Chevet
Problems
Focused only on executable (VBR, BootMGR_16,BootMGR_32, Windload)Most bootkits rely on code modifications and hooks:
Those are setuped based on patterns matching andhardcoded offsetsRequire to patch the chain of trust
Those techniques are not reliable:Not generic across all Windows versionsTrueCrypt & BitLocker are not supported (oneproject setup two hook layers)Can easily be detected
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Plan
4 REbootResearchReal mode to Protected modeProtected mode to Long modeWinload to NtoskrnlPayload
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Research
Create a proof of concept able to control allbootprocess stages until Windows kernel startupNot based on currently well known techniques
GoalFind a new way to implement bootkits on Windowsusing generic methodsBypass Windows bootprocess chain of trustLoad unsigned drivers at boot
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Ideas
Main problems are CPU mode switches whilebooting:
Real mode (16 bits)Protected mode (32 bits)Long mode (64 bits)
We want to be able to execute arbitrary code at eachstageWithout using hooks or scanning patterns inmemorySo we only use provided processor features!
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Four main steps
1 From Real mode (16 bits) to Protected mode (32 bits)2 From Protected mode to Long mode (64 bits,
Winload)3 From Winload to Ntoskrnl4 Payload execution
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
4 Steps
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Plan
4 REbootResearchReal mode to Protected modeProtected mode to Long modeWinload to NtoskrnlPayload
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Virtual 8086 mode
Virtual 8086 mode is a sub-mode of Protected modeV86 allows to execute 8086 code under protectedmodeNTVDMVirtual machine (VM) bit in the EFLAGS (bit #17)register is setWe need only one taskpopf does not work, use iret or 386 TSSTrap on privileged instruction, like lgdt
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Virtual 8086 mode
Problem encounteredAt first we used an I/O privilege level (IOPL) equalto 3Only exceptions during privilegied instructionsTPM BIOS interruption (0x1A) setup a protectedmodeFalse positive detection of BootMGR
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Virtual 8086 mode
SolutionUse IOPL equal to 1When an interruption is trying to be executed
1 We setup back real mode CPU2 Execute it3 We go back to v8086 mode
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Virtual 8086 mode
Step by StepSetup Protected modeLoad original MBRSetup and enable VM 86 modeJump to original MBRManage all exceptionsGP Handler executed during lgdt instruction
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Real mode to Protected mode
First step has been solved using V8086 mode
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Plan
4 REbootResearchReal mode to Protected modeProtected mode to Long modeWinload to NtoskrnlPayload
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Protected mode to Long mode
With V8086 mode, we control until BootMGR_32BootMGR_32 must :
Prepare Long mode in case of 64 bits kernelSetup new GDT and IDTEnable paging
This new IDT must be placed on an allocated pageAll these operations are carried out byImgArchPcatStartBootApplication() function
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Protected mode to Long mode
ImgArchPcatStartBootApplication()Setup a page for new GDT and IDTUse sidt instruction to get current IDT entries(created by BootMGR_16) and copy them to the newoneTest IMAGE_FILE_HEADER->Machine for starting32 bits application or 64 bits
ImgPcatStart64BitApplication()Case for 64 bits applicationReset all new IDT entries because it is invalid forLong mode
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Protected mode to Long mode
When in protected mode we can :Use Debug registers (dr0 . . . dr3)Setup Debug Interrupt (0x1)We control until Winload execution
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Protected mode to Long mode
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Protected mode to Long mode
Second step has been solved using debug registers
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Plan
4 REbootResearchReal mode to Protected modeProtected mode to Long modeWinload to NtoskrnlPayload
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Winload to Ntoskrnl
With debug registers, we control until WinloadWinload starts with an empty IDT_64
BlpArchInstallTrapVectors()Retrieve IDTR with ArchGetIdtRegister() and setupnew Long mode entries
We can setup a DRX on access on these entries beforeswitching from Protected mode to Long mode
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Winload to Ntoskrnl
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Winload to Ntoskrnl
Now we can control execution "inside" WinloadWe want to monitor the transition between Winloadand NtosknrlWinload will setup a new GDT and IDT beforejumping to kernelWe can follow these operations by tracing privilegedinstructionsSo we run Winload’s code at ring 1 privilege (DPL=1)
Why ring 1?Winload sections are in paged area
Intel 64 and IA-32 Architectures Developer’s Manual: Vol. 3A 4-38
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Ring 1
Setup new Code / Data segment with DPL = 1Setup General Protection fault handlerFill rsp0 field inside TSS_64
GP HandlerCheck where the fault occuredCheck what privileged instruction occuredCopy it and execute it somewhere elseOr "emulate" it
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Ring 1
Examplemov ds, axmov rax, cr3jmp far . . .. . .
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Ring 1 : Special cases
mov ds, axIn PcatX64SuCallbackWinload wants to update data segment to perform aBIOS interrupt (swich from long mode to real mode)At this point, restore ring0 to avoid any problemWait come back from real mode (jmp far10h:343D31h)
jmp far XX:YYYYFault occurs because DPL != RPLUpdate cs, ss and ip before iretq
mov ss, axHappen just after jmp:farAvoid instruction
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Winload to Ntoskrnl
All other cases can be copied and executed fromsomewhere elseLast case is lgdt fword ptr [rax]In function : OslArchTransferToKernelJust before jumping into Ntoskrnl.exeFirst parameter of KiSystemStartup() isLOADER_PARAMETER_BLOCK+0x10 : _LDR_DATA_TABLE_ENTRY (boot driver)
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Winload to Ntoskrnl
Third step has been solved using ring protection
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Plan
4 REbootResearchReal mode to Protected modeProtected mode to Long modeWinload to NtoskrnlPayload
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Just before Ntoskrnl.exe
Inject our own driver in the PsLoadModuleListWe have access to ntoksrnl’s APIsBut we cannot use it because kernel is not initialisedSo replace EntryPoint of known driversBut most of driver’s entry point are called fromhal.dll, kernel is still not fully initialisedSo replace export function of kdcom.dll(KdDebuggerInitialize1)
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Payload
We do not want to inject specific payloadGoal is loading unsigned driversUse undocumented method to avoid signaturechecking
Undocumented methodIoCreateDriver(PUNICODE_STRING DriverName,PDRIVER_INITIALIZE InitializationFunction)Function exported by Ntoskrnl.exe in order to createa driver objectDriverName can be null
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Payload
We do not want to inject specific payloadGoal is loading unsigned driversUse undocumented method to avoid signaturechecking
Undocumented methodIoCreateDriver(PUNICODE_STRING DriverName,PDRIVER_INITIALIZE InitializationFunction)Function exported by Ntoskrnl.exe in order to createa driver objectDriverName can be null
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Payload
InitializationFunctionOpen and Read (PE) driver fileMap sections in memoryResolve importsFix image relocationsFill information of DRIVER_OBJECTCall entry point
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REbootResearch
Real mode to Protectedmode
Protected mode to Longmode
Winload to Ntoskrnl
Payload
Conclusion
Samuel Chevet
Driver example
Patch msv1_0!MsvpPasswordValidate from LSASSprocessEscalate privileges of any cmd.exe commandChange behavior of CTRL+ALT+DEL. . .
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Plan
5 Conclusion
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Demo
Demo time !
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
TODO
Still work to be doneImplementing UEFI (without SecureBoot)More work to do with BitLocker or TrueCrypt:Extract passphrase at boot
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Conclusion
Real interest to use bootkit techniques, for loadingunsigned driversREBoot uses no memory modifications!Chain of trust defeatedWorks on all 64 bits Windows versionsVirtual environments or emulated environmentsPhysical machines with BIOS or UEFI legacyDoes not work if UEFI Secureboot is present
-
REboot: BootkitsRevisited
Bootkit
Basics
State of the art
REboot
Conclusion
Samuel Chevet
Questions ?
Thank you for your attention
BootkitBasicsBoot processChain of trust
State of the artType of infectionPayloadProblems
REbootResearchReal mode to Protected modeProtected mode to Long modeWinload to NtoskrnlPayload
Conclusion