Now where was I in my ramblings? Oh yeah… presentations and DefCon music.

What I have always admired about DefCon content is that it is not exclusively about computer hacking but rather about hacking more as a way of thinking. In line with that, one of my favorite presentations was by Aaron Higbee entitled Hack Your Car for Boost and Power which discussed numerous ways (yes, some computer-based) of boosting a cars horsepower. He covers many areas of tuning and even touches on privacy concerns with the on-board ECU.

I also very much liked Peter Gutmann’s talk on The Commercial Malware Industry but one of the best talks was by Lukas Grunwald’s Security by Politics - Why it will never work. Lukas, for those who don’t already know, is a quite clever security researcher from Germany who discussed what happens if security is driven by politics and compromise. He also covered additional security risks by the new generation of electronic passports. Lukas is simply brilliant in the areas of RFID and ePassport security. It was a very though provoking talk.

Many of the other talks were great but those really stick out in my mind (aside from our own Toralv and Dirk).

The Black Ball, another DefCon staple, was equally a hoot. Music was great as I have been a fan of Regenerator for quite a while now. They and the other DJs (Patrice, Wintamute, SailorGloom, Great Scott!, Catharsis and Kris Klink) are all worth a Google or two. Dark room, industrial noize, good beer and latex….. Ahh what more couldya want!

I highly recommend everyone bookmark the following sites: DefCon Forum and DefCon Pics as they will do the best job of post convention updates.

Cheers!

W32/Nuwar aka Storm worm authors have been active again recently. It is speculated to be one of the largest botnets and has the potential to launch a mammoth DDoS attack. The huge rise in the numbers of botnets lately has been attributed to the social engineering tactics that recent eCard spam mails employ. This threat is also believed to be behind the recent spams of RAR-Compacted text files.

This notorious group is not only focusing on ‘improving the effectiveness’ of their spam but are also trying hard to evade detection of the malignant eCard executables by using some of the techniques as mentioned below.

There is a re-emerging trend among malware to parasitically infect executables that are already listed in the startup registries to insert loader code for malicious binary instead of using the traditional techniques of modifying the startup registry. This could potentially help bypass some of the tools that system administrators might use to inspect the registry for suspicious executables. Recent variants of Nuwar parasitically infect the tcpip.sys to insert the loader code for its malicious device driver file. It is a pretty interesting technique to specifically target and infect Windows device driver files (tcpip.sys in this case). The following image shows the malicious code inserted at the end of the infected tcpip.sys file whose entry point is modified to point to this.

Nuwar variants have also been using ‘Server-based Polymorphisms’ to evade detection, wherein the code for the top-level decryptor of the executable hosted on the server keeps changing while still preserving the overall semantics. A cocktail of some of the following anti-emulation techniques is also frequently introduced; the code for these is constantly morphed as well.

- Use of various MMX instructions
- Using fake API calls: most Nuwar variants make fake Windows API calls such as CreateMDIWindowA, ILGetSize etc. This is not dead code. These API calls are fake because they are not called to solve the actual purpose they exist for. Instead, null or junk parameters are passed and the returned error codes are validated during decryption.
- Verifying the value at the end of Structured Exception Handling chain.

We are keeping our eyes open!

Well, here it is, yet another flavor of Nigerian scam - this one involves Real Estate. The scam email asks for a wide variety of personal information (in this case including marital status and religion!), and a deposit in order to see the house.

If you’re a reader of this blog I know you’ve probably taken this message to heart, so take this opportunity to tell your friends and family:

No matter how compelling, terrifying or pitiful someone’s request, don’t divulge personal information to people who you have not initiated an exchange with. In email, on websites (including Facebook, MySpace, LinkedIn, etc.), in IM… just say no.

Oh the irony: Apparently someone has taken issue with some of the things I have said about the Immunity Debugger, available from Immunity and posted about an alleged backdoor within the program to the full-disclosure mailing list! Below is a copy of beginning of the post:

From: goudatr0n
Date: Thu, 9 Aug 2007 13:58:01 -0400 (EDT)

2. OVERVIEW
The Immunity Debugger contains a backdoor that emails
session history, running applications and other system
information (location, IP address, machine Owner Name)
to an email address at immunitysec.com

The original post with full text and comments can be read here. Needless to say, I am not involved in any way. Let me restate that I think this to be a very powerful tool that was written for all the right reasons. My objections to it are how it can be used by all the wrong people to write more zero-day exploits, quicker and more efficiently. That puts users at risk. I know this is not the intent of the tool or Immunity.

I gotta say tho that anyone who takes the time to go through this much trouble to goof on me, I got nothing but love for!

Just 3 days after the closing ceremony of Defcon, security enthusiasts from all over the world continue their meetings at the Chaos Communication Camp 2007 at a retired military airport near Finowfurt, close to Berlin. Can you even imagine a camping site with fast ethernet and power in every tent and crowded with some of the world leading security experts? If you’re not on site and witness it yourself, the answer is probably no, so here are some pictures.

Same as with Defcon, meeting people and exchanging information and ideas is really why most participants are here, but there also a number of excellent talks. Many speakers chose to present here and didn’t bother going to Black Hat and Defcon, saving hassle with U.S. immigration, giving their fingerprints at the border, etc. The talks are delivered in two concrete quansit huts, a kind of overground bunker for fighter jets, which is just cool. Having just delivered my talk about Trojans, this is likely to be the most awesome location where I’ve ever spoken. Here is a schedule of the talks and the list of speakers. Besides those talks there are numerous activities, projects and workshops going on all over the camp and there are dozens of small villages set up, including the Hackers on a Plane (Hackers on a Bus, really) and a large tent to hang out by c-base, Berlin’s famous cultural project. Right now there is some thunder on the horizon, so let’s just hope it doesn’t start to rain, or there will be LOTS of mud encrusted electronic devices for sale on your favorite internet auction site!

Yes, say goodbye to the PDF spam wave and welcome the FDF stock spam wave!
And yes, you will be able to open it with the regular Acrobat reader! Maybe to bypass filters based on file extension, the spam now is using the file extension .FDF, which is the format used by the data exported from a pdf form fields. The new spam will usually follow the format: -UserEmail.FDF, like GlobalTrading-pbueno.fdf .

Yes…something new to play with…

We’ve been receiving inquiries about a recent anti-virus comparative test that was performed at LinuxWorld by a start-up network gateway vendor named Untangle. Their goal was to prove that open-source anti-virus solutions (in this case ClamAV) were just as effective, if not better than commercial anti-virus products. It seems that they were highly motivated to prove this because evidently they use ClamAV in their gateway product (more on this conflict of interest later).

As with any comparative test involving McAfee, we analyzed the results and testing methodology used. Here is a basic breakdown of the testing that was performed by this vendor (their presentation can be found here):

• 10 anti-virus vendors were tested (ClamAV, FProt, Fortinet, Global Hauri, Kaspersky, McAfee, SonicWall, Sophos, Symantec, Watchgaurd)
• 35 samples were used (6 EICAR samples, 12 from Untangle, and 17 user-submitted samples)
• It appears they performed an on-demand scan of the sample set.

Before delving into the many problematic facets of this test, if you would like a quick primer on comparative tests, please read “Comparing the Comparatives”. We recently discussed “(Mis)interpreting Reviews” here. For an introduction into false statistical interpretation go here.

Now let’s take a look at the flaws in the methodology used in this test:

1. Blatantly False Results - We ran our own scan on the exact same files and our results showed we detected everything that was not a password-protected zip or 0-byte file. How many other AV vendors’ results were wrong? I’m sure I’ll soon find out from my counterparts.
2. Small Sample Size – One of the first rules of Statistical Method is using a large enough sample size for your test in order to accurately represent the entire population. In this case, they used only 35 samples of the hundreds of thousands malware samples in the wild today.
3. Biased Samples - The fact that 12 of the 35 samples came from the CTO of Untangle’s mailbox negates the fact that they used a random sampling that accurately represents the true population of malware samples.
4. Comparing the Wrong Products – The test compares 5 Linux, 2 Windows, and 3 Gateway products. This is like comparing apples with oranges with kumquats.
5. Misconfigurations of Vendor’s Products – The CTO admits in his blog that “In fact, one audience participant significantly improved one vendor’s performance, Sophos, by pointing out that I needed to add a command-line option. Others pointed out mistakes I made recording results.” What other misuses occurred during this test?
6. Conflict of Interest – One of the first rules of comparative tests is that it needs to be performed by an arbitrary third party with no vested interests in the outcome of the results. The fact that this test was performed by Untangle who develops, markets, and sells an anti-virus solution with their gateway product is a blatant example of a conflict of interest.
7. Improper Handling & Distribution of Viruses - By offering a link to these live viruses on their company’s public website, they are in violation of the Computer Fraud & Abuse Act which prohibits the distribution of computer viruses because it is endangering public safety. There is a reason why only trained security professionals should handle computer viruses. I have already contacted them to remove the links. Note: If the link is not removed, SiteAdvisor’s webcrawlers will automatically identify the company’s site as red due to the malicious link.

Needless to say, the methodology used in this test was riddled with flaws. So if anyone thinks this test proves anything, we have $14 million in a Nigerian bank account waiting to be transferred to a US account.

* Rather than adding to the confusion of proper anti-virus comparative testing, those in the industry are working towards a better solution. McAfee Avert Labs recently participated in an Anti-Virus Testing Workshop in order to define more robust testing methodologies.

So who said that Hackers cannot survive outside closed buildings?

Closing ceremony is just over and the approximately 2000 visitors of Chaos Communication Camp 2007 are packing their electronic gear and camping equipment, as well as assessing the damage caused by yesterday’s heavy rain. Those of you who did not make it here missed 5 days of exciting cultural exchange in a truly unique environment. To get an idea what it was like, check out the picture archive.

The hottest topics discussed all over the camp were a new german law in effect banning hacker tools and the so-called Bundestrojaner, proposed to make online searches of suspect’s computers possible. And then there were talks. A lot of them, covering various technical, cultural, social and legal aspects. For those missing a talk or missing camps altogether there is some hope: All talks in the big speaking areas were recorded and will be made publicly available for download sometime later.

And finaly what I liked most: Powerpoint Karaoke

Speakers and volunteers from the audience get a random powerpoint presentation to present, seeing the slides for the first time while doing so. Just so funny to watch!

We have been studying the issue of malicious hypervisors for quite some time at McAfee Avert Labs and have come up with several techniques to detect whether the system runs on top of a hypervisor or whether there is a piece of code that is trying to initiate a hypervisor. Our work included, of course, analyzing things like Blue Pill and other similar malicious hypervisors.

Last week I was at BlackHat, and it was a very exciting week in terms of Blue Pill and the virtualization rootkits issue in general. During the BlackHat 2007 Briefings in Las Vegas there were three interesting sessions that relate to virtualization system security and rootkits. I attended those three sessions and had a chance to chat some with three presenters. The main points I would emphasize are the following:

1. Providing a system virtualization facility at the processor level without applying any sound security policy is a serious design flaw.
2. A malware authors’ job is to leverage system design flaws and hence the virtualization rootkits were very expected, including Blue Pill.
3. There is no rootkit that is undetectable even if it installs itself as a hypervisor. The challenge is always in how to repair rootkits once they control some layer in the system architecture
4. There needs to be a more organized effort between hardware virtualization vendors, software hypervisor providers and security companies to ensure the secure deployment of virtualization solutions

Now before I go into what happened during the three sessions at BlackHat, I would like to provide our readers with some background and personal thoughts about this topic. Less than two years ago, both Intel and AMD started to provide virtualization support at the processor level. This support is essentially comprised of a set of processor enhancements that improve traditional software-based virtualization solutions. These integrated features give virtualization software, namely Virtual Machine Monitors (VMMs) and Hypervisors, the ability to take advantage of offloading workloads to the system hardware, enabling more streamlined virtualization software stacks and “near native” performance characteristics. For instance, virtualization-enabled processors allow VMMs to rely on the hardware for isolating and mapping memory between virtual machines. This is achieved by adding another level of indirection for mapping VM-based physical address to host-based physical addresses. Both Intel and AMD also provide an additional level of indirection for mapping VM I/O addresses to host I/O physical address. Virtualizing memory addresses and I/O addresses at the processor level is a great extension that would minimize the work done by today’s software hypervisors. However, in doing that neither Intel nor AMD considered the security risk by providing such a powerful facility in the hardware with no restriction to which software piece could take advantage of it. In theory there have been lots of publications about safer computing initiative and how to use TPM technology to authenticate the piece of software that is initializing the processor into the virtualization mode. But in reality, this was not provided in the first release of the virtualization-aware processors as the hypervisors authentication was not provided at the firmware or BIOS level.

Now think of that with me for a moment – we have now a very powerful un-locked facility in the processor that allows any piece of software running in ring zero (like a device driver) to initialize a processor-supported hypervisor and hence take control of the whole computing environment, including the operating system. Yes, this is true, and it was a serious design flaw. Of course both Intel and AMD designers assumed that operating system kernel developers are the only ones who would care about virtualization and would use that facility provided by their processors, which turned out to be untrue. Joanna Rutkowska (the Blue Pill author) and other people have demonstrated some sample code that would initiate a hypervisor, and since it runs outside the operating a system then it can be considered a rootkit. But as the reader may understand now, there are no secrets there. No undocumented stuff; it is all about a powerful hardware feature that was not protected by any security policy.

Now to make the situation worse, both Intel and AMD are competing in that space and I guess both are trying to get software virtualization vendors to rely on their processor native virtualization support. But software-based hypervisors do more than memory and I/O virtualization. They do binary translation for instance which allows them to control programs execution at the instruction level and control programs response to system interrupts. To accommodate that need, both Intel and AMD provide the ability to exit from the VM to the VMM when a certain instruction is executed or a certain condition takes place inside the VM. For hackers this is a very lucrative feature, so not only can they install a thin hypervisor but they can also control the execution of certain instructions and fake many things from below the operating system, like timestamp counters which used to be a very reliable method for measuring elapsed time. When looking at the Intel and AMD virtualization specification, it does not look like they require many things from the hypervisor. In other words, it is up to the hypervisor to decide on what it wants and what it does not want to virtualize. This by itself lowers the cost of making a malicious hypervisor. Let me conclude this introduction by making the following statements:

• Providing a hardware based virtualization support without protecting it with sound security policy is a major flaw in the system design!!!;
• Hardware assisted hypervisors have the freedom to choose which software execution facility to virtualize and control;
• Blue Pill and other types of malicious hypervisors were anticipated by security experts who are well acquainted with the processor architecture.

I think I have provided quite enough background as well as some personal thoughts on the subject, so let’s move on to talk about what happened at Las Vegas last week. As I said there were three sessions that related to virtualization based malware and Blue Pill:

1. “Don’t Tell Joanna, The Virtualized Rootkit Is Dead,” by Thomas Ptacek, Nate Lawson and Peter Ferrie;
2. “IsGameOver(), anyone?,” by Joanna Rutkowska and Alexander Tereshkin; and
3. “Kick Ass Hypervisoring: Windows Server Virtualization,” by Brandon Baker.

The first session was the “Don’t tell Joanna” on Wednesday morning. The main point we got from that session is that it is very easy to detect virtualization rootkits. Speaking from my experience in the anti-rootkit space over twelve years, including my last project/product offered by McAfee “The McAfee Rootkit Detective”, I totally believe that “there is no rootkit that is undetectable”. I also tried to emphasize that fact in a McAfee podcast recorded before Black Hat. In their session Peter, Thomas and Nate focused more on time-based detection methods by calling an instruction that would cause the system to exit from the VM to the VMM, then measure the time elapsed until the execution is back to the VM and compare that with the regular time taken when running without the hypervisor. I have always liked that time-based approach and it was heavily discussed in Avert Labs some time ago, but we thought of using some other non-time based methods that rely on observing changes made to some processor status and cache fields like TLB (Translation Lookaside Buffers). Anyhow, after the session ended I talked for about an hour or more with Peter Ferrie – I told Peter that it was a very nice presentation and that my personal research findings support their conclusions although I use some different non-time based detection methods. Peter and I were wondering how Joanna would respond in her presentation in the afternoon.

Then came the afternoon and I was sitting there in the second row in front of Joanna. Joanna seemed a little bit nervous when she started her presentation. Initially Joanna picked again on Windows Vista by showing some Visa-signed drivers that allow anyone to write to any kernel memory or modify the MSR (Model Specific Register). That was nice but it is something we see every week at Avert Labs so nothing new in it to me at least. Then came the second part of Joanna’s presentation and she started to say how her Blue Pill rootkit can adjust the time stamp counters in such a way that would not allow any code to detect the overhead of running on top of a hypervisor. I made a comment in the form of a question during the presentation but Joanna said questions would be answered only after she finished the presentation. The point I wanted to make and maybe Joanna is reading this now, is that her argument of being able to fix the time stamp counters is not a strong technical argument for the following reasons:

1. This would require Blue Pill to emulate all the processor instructions that cause a VM exit and adjust the time stamp counter. Therefore we are no longer talking about a thin hypervisor that intercepts only specific instruction, interrupt, etc. but rather about a heavy hypervisor that would require significant amount of work from Joanna and her team.
2. The detection code can still issue arbitrary I/O requests to any I/O device that may be doing nothing but causing a VM exit and would then calculate the execution time. This would require Blue Pill to handle requests to I/O devices.
3. Manipulating time stamp counters does not seem to be a wise thing to do and there might be some device drivers that rely on the validity of those time stamp counters to perform correctly.

During the session I started questioning the value in spending all that time trying to build a Blue Pill that cannot be detected. There are many factors to consider like:

1. One day soon either hardware systems or operating systems will ship by default with a hypervisor. That hypervisor would have to be the first hypervisor and would not allow nested hypervisors. Intel has already produced the Intel AMT/vPro systems that ship with a hypervisor. Microsoft is soon to release the next version of its server platform that has a built-in hypervisor.
2. There are only a few commercial hypervisors and most provide some interface to the VM to communicate with the hypervisor if it exists. This interface can be used to authenticate the hypervisor. Security software can decide to halt the system if the system is not running on a hypervisor that is trusted by the company security policy. McAfee as a security company certainly encourages hypervisor vendors to pay more attention to those interfaces and make them solid enough to be used by security software running inside the VM.
3. Maybe Joanna can still claim that Blue Pill will emulate that commercial hypervisor interface, which is another layer in the system that would be emulated to hide its presence. Still we have a valid question: “what is this all about”. Eventually and very soon there will be only certain hypervisors that are trusted by the firmware and that’s it.

Anyhow, I felt kind of bored in the middle of the presentation and started to write a simple detection method that is not time-based and would definitely detect if the system is running on top of a hypervisor or not. This technique is based on some research I was doing less than a year ago at Avert Labs. Here is a scanned image of my hand writing of that approach made during Joana’s presentation.

Link to my Blue Pill notes here.

This detection method relies also on another major design flaw in the existing processor architecture. Here is some technical background: processors use TLBs (Translation Lookaside buffers) to cache the mapping from virtual (more accurately linear) addresses to physical addresses. But in doing that processors need to know where to get the address translation or mapping from. Well the mapping is stored inside the PTE (Page Table Entries). But the question is who would fill those entries inside the PTE? Well presumably (at least by the system designer) it’s the operating system of course. But guess what? PTEs themselves are writable and any code running in ring zero (like a device driver) can modify PTEs and hence change the mapping of linear addresses to physical addresses. Hah, this is the trick, and here is how the detection code works:

1. Allocate large contiguous block of non-paged memory;
2. Fill that allocated memory with character ‘A’;
3. Allocate another contiguous block of non-paged memory of the same size like block ‘A’;
4. Fill that second allocated memory with character ‘B’;
5. Freeze the execution of the operating system (do not ask how but we can do it);
6. Invalidate all TLB entries. There are processor instructions for that which could be as simple as moving execution “cr3, system_page_directory_table_address”;
7. Read the first byte of each page in the allocated ‘A’. This would cause those entries to be added to the processor TLB cache;
8. Change the mapping of the allocated ‘A’ pages to point to physical memory holding pages ‘B’. This means that what the processor uses inside the TLBs is not what is there in the PTE;
9. Call any instruction that would cause an exit to the hypervisor if it exists like CPUID. Exiting from the VM to the VMM causes the TLBs to be invalidated or cleared; and
10. Try to read the virtual memory of the first allocated block. If you see character ‘A’ then it means that the processor found entries in the TLBs and hence those entries were not cleared among an exit from the VM to the VMM. If it reads B, then it means that the TLB entries were invalidated due to the existence of the hypervisor and the processor has to use PTEs again to get the mapping from virtual to physical.

I wrote those steps briefly in my BlackHat conference block note and waited for the session to end. Then to my surprise just before the end of the presentation Joanna had a slide that mentioned a detection method similar to mine but without the step that freezes the system. I kind of felt proud of myself, of course, and showed the person next to me that I had it written in my block note. Anyhow, after briefly embracing that detection method Joanna said that it does not work and the people who came up with it did not try it. Well, that was too much! I have been researching that space for quite some time and I know it works!

After Joanna finished her presentation, off course, with no room for asking questions or making comments I felt that maybe I needed to talk with her. I waited until the crowd around Joanna was reduced to few people that included my friend Peter Ferrie, and I went to talk to Joanna. I told her “Joanna, this detection method that you mentioned at the end of your presentation should work and we have tried similar things.” Joanna looked at me and said no it does not. I said well I know it works. She then grabbed my conference ID and looked at my name while asking me who I am. I said Ahmed Sallam from McAfee Avert Labs. Joanna said she did not know that McAfee is working on that and I told her that we have been researching that area for some time. She then asked how it worked, I said that this is not a subject to be discussed in front in a crowd. But in all cases, Joanna, we can detect the Blue Pill so you may stop claiming that it is undetectable.

That was the end of the first day at Black Hat and I started to feel that we have been putting too much energy into something that may not deserve all the time and effort that we have been putting into it.

Now let’s get to the third session which was the “Kick Ass Hypervisoring: Windows Server Virtualization” by Brandon Baker from Microsoft, the following day. I went very excited to the session waiting for Microsoft to outline their plan for how to secure the hypervisor or to leverage the hypervisor for having better security. I heard none of that. As a matter of fact, Microsoft said that they are not utilizing the processor-based DMA remapping feature which allows true isolation of physical memory and hence protect against DMA-based physical memory attacks. We certainly understand that Microsoft is working hard to build its new hypervisor but we need to hear some good answers on Microsoft plans to make its hypervisor truly secured.

I hope that our blog readers now have a better understanding of this serious topic and would like to conclude this post by re-emphasizing on the importance of having an organized effort between hardware virtualization vendors, software hypervisor providers and security companies to ensure the secure deployment of virtualization solutions.

On July 31st Apple released the iPhone patch 1.0.1. The next day, Charles Miller released details of a vulnerability that was included in the patch release. The vulnerability was in an open source application on the iPhone, the PCRE (Perl Regular Expression Library) parser used by the JavaScript engine in Safari. Even though Miller found the exploit via fuzzing, he made a really interesting point which can lead to attackers finding easy 0-day exploits for the iPhone: the iPhone is running outdated open source applications. In this case, it was PCRE 6.2 with the latest version being 7.2. Just by simply looking at the changelog you can see that PCRE version 6.7 documented the vulnerability that was used,

18. A valid (though odd) pattern that looked like a POSIX character class but used an invalid character after [ (for example [[,abc,]]) caused pcre_compile() to give the error “Failed: internal error: code overflow” or in some cases to crash with a glibc free() error. This could even happen if the pattern terminated after [[ but there just happened to be a sequence of letters, a binary zero, and a closing ] in the memory that followed.

As more layers are uncovered with the iPhone and the Mac OS X underneath expect more 0-day exploits using the simple technique of open source version diffing. Also, hopefully, Apple will learn from this experience and keep the open source components up to date.