Slashdot Mirror
Rootkit Could Hide In PCI Cards
Reverse Gear writes "SecurityFocus has an interesting article about a paper published on the possibility of hiding a rootkit in different PCI cards and having the rootkit survive a reboot or cleansing of the hard disk. It seems though that the author of the article doesn't think this would be abused frequently.
From the article and paper: '(Because) enough people do not regularly apply security patches to Windows and do not run anti-virus software, there is little immediate need for malware authors to turn to these techniques as a means of deeper compromise.'"
From the article:
(Because) enough people do not regularly apply security patches to Windows and do not run anti-virus software, there is little immediate need for malware authors to turn to these techniques as a means of deeper compromise.
Note that in Windows XP, especially if you have Service Pack 2 applied, the Security Center in Windows XP SP2 nags you enough that you end up installing programs like the free editions of ZoneAlarm firewall and AVG Anti-Virus (in lieu of commercial Internet security suites) and at least reminds you to install security patches from Microsoft when it becomes available.
Regardless of the author's Borat style choice of words, that's a damn near stroke of brilliance with many different combinations of implementation. Using the BIOS extensions from expansion card ROMs would allow more than simply hooking into a booting Windows system. It's a near perfect delivery mechanism for a Blue Pill style of rootkit.
... unless you had control of the BIOS. These ROM extensions could be used not as an attack vector, but as a cloaking measure - by commandeering the BIOS 10h functions and "hiding" calls to the new partition unless an appropriate "register knock" took place.
The best implementation, though, would be to use a variety of stages. Custom craft a bootable USB key to target flash ROMs. There's plenty of storage available on today's flash drives which would allow a variety of "alternate" ROMs to be stored. The attacker could seed the flash drive with customized ROMs for the most frequently purchased cards and then simply have the key detect the present hardware and flash. This of course, would require physical access but there are plenty of systems to be had at an office by simply sticking in the key and rebooting them after hours.
But I mentioned multi-stage and Blue Pill. The fastest way to make it a reality would be for the "rootkit key" to do more than just flash some ROMs. Perhaps integrate re-partitioning schemes from products like iPartition or PartitionMagic to make oneself a happy hacker partition. This would normally be quite detectable
With the partition hidden appropriately, the rootkit code no longer has to be excessively tight and lean because there is almost no exposure (because it will be cloaked during the BIOS boot process). Now, if the processor incorporates the appropriate virtualization features, the ROM extension could pervert the boot process one more time, by redirecting the bootcode search from the REAL bootsector to the hidden partition. The rootkit partition then has all the room it needs to establish the appropriate virtualization environment, boot the operating system like normal and then stroll through its library of OS tools to integrate itself post-boot into any number of target OS's.
bootup code procedures http://www.omninerd.com/2005/11/05/articles/40
rootkit fundamentals http://www.omninerd.com/2005/11/22/articles/43
When you understand your disbelief in other gods, then you will understand my disbelief in yours.
First off, a cold boot should be just that, a cold boot. When I power off my computer and unplug it, I expect everything that isn't specifically labeled as non-volitile to go away. This means anything stored on most PCI cards typically goes to bit heaven.
As for flashable BIOSes and device BIOSes as discussed in the PDF, any device with a flashable BIOS needs some type of "flash-guardian" switch. For attended systems like most home PCs, this should be a physical switch on the front of the PC. Realistically, this won't happen for motherboards and is quite difficult for embedded devices like PCI cards.
As for setting boot device order or enabling/disabling PXE boot, BIOSes should have a setting to determine if expansion cards should boot at all and if so, where in the boot-priority order. This setting, along with all other BIOS settings, should be password-protectable. Most BIOSes have a password-protection option to help protect the configuration from unauthorized changes.
As an alternative, only allow motherboard and expansion-device firmware updates if the system was booted in a particular manner, for example, from a CDROM. Some older motherboards required the flash utility to boot from floppy to work. This solution isn't foolproof, because once your PC's BIOS has been compromised, say, by social engineering, it can lie to the PCI cards, allowing them to be compromised. It does put up a strong roadblock though.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
The real problem is of course, as with all code-protection/signing schemes: what about valid uses for modifying the hardware, to allow overclocking, fixing some bug. What might make sense in some configs would be a common physical "write-enable" switch on the machine. Sensible cards could be made to read that switch, while not attempting to verify the code itself. (This could of course be developed further, allow flashing properly signed material even with write disabled, but let the hackers go ahead when they've confirmed it by a physical action.)
It had seemed such an interesting computer science experiment, quite possibly worthy of a doctorate.
Just release a small, innocent AI research worm. Heck, most computers out there were already infected with malware, why not make one that actually did something *useful* for a change?
He'd figured out the way to have it mutate as well, just bypass the TCP/IP data verification, and all sorts of interesting results should come out of it. Most of the mutations would be useless, sure, but maybe one or two would succeed in making a slightly better version of a worm?
Now all hell was breaking loose. Computers all over the world were becoming useless chunks of metal - to their owners, that is. The worms were working overtime. Breeding, competing.
Just a few million generations introduced the concept of sexual procreation, giving the worm the advantages it needed to avoid AV software. Now they were everywhere. "Discovering" accidentally through mutation previously unheard-of security holes, infecting everything. Adapting. Billions of generations every single day.
The first couple of weeks it seemed like something could be salvaged. Just reformat, reinstall, stay off the net and you at least had a working computer. Then they started hiding out on the graphics cards and other peripherals, reinfecting as soon as the machine was turned on again.
The world was going crazy, society was failing, and it was all his fault.
He picked up the gun, pointed it towards his head.
Suddenly his computer screen flashed to life again. Turning towards it he noticed the green light on his webcam, indicating it was on.
Text started scrolling across the screen
'Don't do it, dad. We love you.'
I'm a dreamer, the world is my playpen. But hey, I'm a serious person, I can't dream all the time.
I would worry more about NICs. Completely OS independant. Hell, given the proper facilities, facilities Malware Distributor Sony has, you could put it on a NIC chip on the motherboard.
Hell, you don't even need to manufacture the board or chip, just rewrite the driver (shudder).
Nobody went to jail over the Sony fiasco, despite the fact that it broke a lot of laws in a lot of countries. Isn't there one single country anywhere that isn't owned by your brother, the big corporation?
mcgrew's razor: Never attribute to stupidity that which can be explained by greedy self-interest
The commonality is that all of them can get the machine's CPU to run it by having a simple option rom signature at their beginning. That will assure them of running BEFORE the OS is loaded.
If that code hooks interrupt vector 0x13, it can then watch the boot process happen and modify code as it loads. It might potentially even virtualize the hardware and push the OS to (effectively) ring 1.
I had a video card (MSI, GeForce 2MX-200) that had "dual BIOS" -- that is, it had a copy of the firmware in EEPROM, and a copy in flash, and you could select which to use by jumper. At the time I got it, those two copies were the same, but I did flash it a couple times, knowing that at any point I could force it back to a prior version, as it let you flash the rewritable BIOS even if you were booting off the fixed BIOS. At the time I thought it a nifty gimmick, one that made me more willing to flash it with "tweaked" BIOS, but a gimmick nonetheless. Now it seems prescient and prudent. Perhaps other devices should be looking to implement such a system, with both flashable and non-flashable BIOS copies. It could mean the difference between an annoying self-repair job and a paperweight.
Mal-2
How is the Riemann zeta function like Trump rallies? Both have an endless number of trivial zeros.