Category Archives: Reverse engineering

It is the turn of PS3

Posted on by
Reply

For years Sony’s Playstation resisted to hackers. One potential explanation was that when authorizing homebrew applications to execute on PS, Sony removed as attacker the complete homebrew community (which is a large chunk of the reverse engineering community). This is not anymore true.

Since 19 august, the PSjailbreak is available. This USB stick allows to execute duplicate of games. It is a kind of R4 but for PS3. It works for PS3 and PS3 slim. The price is rather high (at least in France around 130€ or $160). Every reports claim that it works.

Sony already claimed that through their network PSN they can detect the presence of the JailBreak and then retaliate. I did not yet find a post that confirmed a counterstrike by Sony on PSN. The current version of PS3Jailbreak does not propose any upgrade feature, thus it may be a weakness.

The funny part of the story is that pirates may soon be pirated. The reverse engineering of the PSJailBreak already started. The hack is based on a standard PIC microcontroller PIC18F. It seems that the code has already been successfully dumped. Some sites are already proposing clones such as PS3stinger, PS3key, X3JailBreak… Clearly, the distributor foresaw this because the site clearly warns about imitators and created a logo for authorized dealers.

 

Once more, our law #1 “attackers will always find their way” was verified. It took just longer than for the other game consoles. Now, let’s wait the reaction of Sony.

The JailBreaking race

Posted on by
1

Two weeks ago, two vulnerabilities were disclosed on iPad, iTouch, and iPhones. In a nutshell:

  • A buffer overflow in FreeType allowed arbitrary code execution from specially crafted pdf files
  • An integer overflow in IOsource allows gaining system privilege

Combining both exploits, it is possible to take control of the devices. A site JailBreakMe.com used it to easily jailbreak iPhones and iPads. Jailbreaking allows to use a different network operator than the one locked by the manufacturer, in the case of Apple ATT Interestingly, since end of July, jailbreaking is legal in the US.

Apple has just issued new versions that correct these flaws: iOS 3.2.2 for iPads and iOS 4.0.2 for iPhones. It is a good thing because these vulnerabilities could be used for more than jailbreaking (although Apple may not have the same appreciation on jailbreaking)

ReFormat: Automatic Reverse Engineering of Encrypted Messages

Posted on by
Reply

Five researchers, Z. WANG, X. JANG, W. CUI, W. WANG and M. GRACE presented, according to me, a nice piece of work at Esorics 2009.

The objective was to automatically reverse engineer encrypted messages without breaking the algorithms. The basic idea is simple. When a piece of software receives an encrypted message, it performs two steps (regardless of the used cryptographic algorithms and protocols). First, it decrypts the message and then it processes the clear message. This means that the message is during a while in the clear in the memory. if you identify the location of this buffer, and when it is used, then game over.

To succeeed, they used two tricks. The first was to distinguish between decryption routines and normal processing routines. Cryptographic functions use far more bit wise and arithmetic operations than normal software. They measured (on OpenSSL) that more than 80% of the operations were bit wise and arithmetic for cryptographic functions. The rate dropped beneath 25% for normal processing. This heuristic allows to detect the encryption/decryption phases.

The second step is to locate the buffer containing the clear text. They identify all the buffers that are written while in decryption phase. Then, they identify all the buffers that are read during the processing phase. The expected buffer should be in the intersection between the two sets.

Obviously, there are many ways to deter this attack. For instance code obfuscation may change the rate. Dynamic code encryption is of course a must. Nevertheless, I found the approach extremely clever.

Once more, it proves that writing secure implementations is extremely difficult. And it requires clearly a twisted mindset. :Happy:

If you are interested in tamper resistance, you have to read this paper. It is available here.

Attacking the BitLocker Boot Process

Posted on by
Reply

TPM and BitLocker are interesting targets for security experts. Tarnovsky has recently reverse engineered a Trusted Platform Module (TPM) chip from Infineon. Five researchers from German Fraunhofer Institute have explored attacks on BitLocker when using TPM to seal the data.

The paper is interesting even if you are not familiar with TPM. The team targets the boot loader and especially the recovery strategy. If you illegaly modify the environment of the machine, the TPM will detect it but the sealing data for BitLocker will not be accurate anymore. Thus, Bitlocker uses a recovery mechanism independent from the TPM. The idea is to trick the user in this mode. They suggest five attacks: create a false plausible recovery situation, spoof the recovery message, Spoof then hide, replace the computer by a “‘phishing” computer, and preemptive modification (i.e. modify the computer before activating BitLocker. The two last attacks are less plausible. All attacks require physical access to the target.

Lesson: The attacks target the operating mode and process and not the technology itself. Therefore, they are clever.
Recovery systems are always BACKDOORS in a system!!

The paper is available at here.

Doom9 and BD+

Posted on by
Reply

It is now public knowledge. Doom9 hackers have reverse engineered the virtual machine at the core of BD+ protection (See issue #7 of security newsletter about more information on SPDC). The work is a master piece of reverse engineering (although the VM is rather simple and very near old 8-bit assembly language). Reading the thread of Doom9 is extremely instructive. You see how they operate and confirm our law #1.

One of the interesting lesson is the use of CRI’s patent to help understanding how it works. We always face the dilemna between securing Intellectual Property Rights through a patent or keeping trade secrets.

Can we claim that BD+ is broken? The answer is no. It would be similar to state that Java cards are broken because you have the java virtual machine. Paul Kocher’s team was wise enough no to base the trust model on the secrecy of the VM. I had discussion with him on that topic. The fight will now be at the level of the BD+ application. They will have to distinguish between good guys and bad guys. This will be the new arm race. The objective of BD+ designers will be to force to require a new pirate application for each title.

The speed of “erosion” of the different protections is impressive. We will follow the story.

Designing and implementing malicious hardware

Posted on by
Reply

A group of researchers from the University of Illinois (USA), led by Samuel KING, disclosed a new breed of stealth attacks at the Usenix Workshop on Large-Scale Exploits and Emergent Threats. They have implemented in a SPARC CPU two stealth functions. A first function allows bypassing the privilege protection of memory access. A second function, more complex, puts the processor in a shadow mode that may execute some tiny shadow program while being invisible to the external hardware. The added complexity was less than 0.1% of logical gates.

Obviously, these functions break all the security assumptions on which most (if not all) systems are based. It is then rather “easy” to generate exploits. They demonstrated a privilege escalation (through the memory access), and how to steal passwords by hooking write function (through the shadow mode). Interestingly, these attacks operate beneath system and OS. thus they are deeper than rootkits and may be stealthier. If well designed the modifications of the chip are extremely difficult to detect from outside. The only efficient method is reverse engineering that is costly.

How dangerous is this attack?

  1. This is an extremely complex attack. It requires knowledge in IC design and CPU architecture. Not for script kiddies or even garage hackers
  2. It requires access to the design of a chip. The researchers used a Field Programmable Gate Array (FPGA) with the open source Leon processor. Thus, the attack is feasible in case of an FPGA with access to the initial design. If the IC is a full custom, like normal CPUs, then it is more complex. Attacker needs access to full custom design system, masking facilities and silicon foundry.
  3. It requires physical access to the device to be hacked to ensure that it will use a circumvented IC rather than a genuine one.
  4. Thus, clearly it is an attack that could only be mounted by organized and well funded teams such a s government agencies or mafia.

It is also interesting the note the use of an idea disclosed in a recent patent to load bootstrap the shadow mode code. Searching information and ideas everywhere is the hacker true mindset.

No free Linux equal call for hack?

Posted on by
Reply

A presentation about XBOX security at last Chaos Computer Camp (CCC) in December 2007 sheds some interesting lights on the hack of game consoles.

During the first five minutes, Michael Steil analyses the latest hacks. According to him, the influence of the Linux community is important. PS3 is still not yet hacked perhaps because it authorized Linux community to play homebrew applications. Thus, the linux hacker community had no incentive to hack. According to his figures, where Linux community was involved, hack occurred faster. I would like to remind that DVD Jon claimed that he wrote DeCSS, the software breaking the protection of DVD, because DVD play back was not available under Linux.
After this introduction, Felix Domke detailed the hack of XBOX360. Some interesting statements, unfortunately true :Sad:

  • Hackers own the flash memory, in fact the hacker controls all
  • The chain of trust does not work

The analysis of the attacks and countermeasures is impressive. It is also a good introduction to secure coding techniques.

Once more, a perfect illustration of Law 1. A lesson is that game console designers should not assume that their console is trusted. The hackers may control it.
Second lesson: enthusiasm is better incentive for hacking than commercial incentive. This is true for serious hacking: reverse engineering. It is perhaps less true for IT hacking (spam, intrusion, defacing, malware, …)
How long will PS3 resist?

Many thanks to Yves for this link  :Happy: