Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rootkit In a Network Card Demonstrated

Posted by kdawson on from the burrowing-in-deep dept.

KindMind notes coverage in The Register on a researcher who has developed a firmware-based rootkit that resides in a network card. Here is the developer's blog entry. "Guillaume Delugré, a reverse engineer at French security firm Sogeti ESEC, was able to develop proof-of-concept code after studying the firmware from Broadcom Ethernet NetExtreme PCI Ethernet cards... Using the knowledge gained from this process, Delugré was able to develop custom firmware code and flash the device so that his proof-of-concept code ran on the CPU of the network card."

8 of 112 comments (clear)

  1. Need hardware IOMMU by mysidia · · Score: 5, Interesting

    An attacker would then be able to communicate remotely with the rootkit in the network card and get access to the underlying operating system thanks to DMA."

    Not if the CPU had IOMMU hardware that was configured to only allow the network card to write to the proper memory area.

    However, this still would not protect against the network card forging data, manipulating packets before passing them to the OS, for example manipulating packets to be malformed so to exploit an OS security vulnerability, emitting packets the OS did not generate (such as ICMP pings, or other packets for a hardware-based DDoS emitted without assistance from host OS.. or connecting to a P2P network of compromised NICs to form a spam-sending botnet, without host involvement.

    The possibility also exists of capturing packets crossing the NIC and forwarding samples to an outside address, or manipulating aspects of packets to create an "open proxy" the host does not know about, enabling IP spoofing, cache poisoning, or opening other vulnerabilities that don't require manipulation of the host itself.

    1. Re:Need hardware IOMMU by mysidia · · Score: 4, Insightful

      the code+data will have to fit in whatever RAM or EEPROM capacity the network card has.

      Or a downloader/backdoor will have to fit on the card to allow a remote load of any code that can't be stored on the PROM.

      It could be a simple stub, executing exactly instructions carried in magic data packets. Downloaders can pull more code than is stored by using sources found outside the NIC, such as sources on the internet.

      the hacked firmware could remove standard features like Wake on Lan, and use that space to implement features the malware author wants, like "Flood on LAN".

      Most NICs nowadays support things like PXE boot. Either that part of the option ROM could be completely hijacked, OR in fact the PXE boot function could be used as a way of booting the system to a 'boot sector infection' routine next boot after the NIC is infested.

      Think about it... Phase 1, your NIC gets infected, Phase 2, next boot a vulnerability will be opened in your system, thanks to the ability of every PCI card to include an option ROM in the BIOS, or code will run to use blue pill against your OS and introduce malicious code, the hypervisor above your OS downloads code from the attacker.

      Depending on the payload downloaded, the malware could be anything from a keylogger to a spam node

  2. I wonder about the next gen of attacks... by mlts · · Score: 4, Interesting

    I'm sure people are familar with LoJack for Laptops, where either due to a hook in BIOS (Dells and HPs have an option that will reinstall the LoJack software even if the BIOS is reflashed and all disks are zapped) or other means it gets loaded.

    I can see this happening with malware, especially on a NIC with DMA access. Even if a machine is completely DBAN-ed, the botnet client will silently reinstall itself. As more devices (keyboards and such) have ROMs that can be flashed, we will see more and more devices have this avenue for compromise.

    How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different. Another fix would be having the flash process be offline, such as only though a USB port with a usb flash drive. However, NICs won't have USB ports present. Still another possible avenue would be a slot for a MicroSD card, but that adds complexity to the device. So, this isn't something easy to deal with. The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.

    1. Re:I wonder about the next gen of attacks... by cachimaster · · Score: 4, Informative

      I'm sure people are familar with LoJack for Laptops, where either due to a hook in BIOS (Dells and HPs have an option that will reinstall the LoJack software even if the BIOS is reflashed and all disks are zapped) or other means it gets loaded.

      It's not a hook, LoJack comes with every BIOS. That's why it survives reflashing, you don't have the option of a BIOS without it. I co-wrote some article about this not long ago.

      How to fix? The obvious fix would be signing the flash BIOS, but this completely locks out homebrewers wanting to do something different. Another fix would be having the flash process be offline, such as only though a USB port with a usb flash drive. However, NICs won't have USB ports present. Still another possible avenue would be a slot for a MicroSD card, but that adds complexity to the device. So, this isn't something easy to deal with. The only thing that might come close would be a DIP switch toggle to allow for unsigned images to be flashed (which is shipped off), and all updates signed.

      None of this would work. Maybe it will make it more difficult, but can't protect you against a logical flaw in the firmware that allows you to execute code. Firmware is like any other software, what happens if you sign code that executes any code? then all code is automatically "signed".

      The solution IMHO is complex, expensive and involves signing+software protections in the NIC and in the OS (I.E. iommu, etc.) and WILL fail with a sufficiently resourceful attacker.

      BTW, awesome work.

  3. Re:Scary by jimicus · · Score: 4, Funny

    That's pretty frightening. I would think this would be a pain in the ass to discover, and you'd end up replacing motherboards on servers/workstations trying to figure out why they kept crashing. I mean, who would flash their network card as a troubleshooting step?

    I see you've never contacted Dell technical support.

  4. Sensationalized by tom229 · · Score: 3, Informative

    "However, the attack presented only applies to a specific network card model (Broadcom NetXtreme) whenever a remote administration functionality (called ASF for Alert Standard Format 2.0) is turned on (it is off by default) and configured. According to vendors, this functionality is far from being widely used. As a consequence, this vulnerability is really likely to have a very limited impact in practice."

    Doesnt seem like theres much to worry about.

    --
    If it ain't broke, don't fix it.
  5. Re:Do these guys have any driver experience at all by fuzzyfuzzyfungus · · Score: 4, Insightful

    I suspect that they are (reasonably) well aware that somebody, presumably an embedded system/driver dev had to produce the blobs and loaders and other structures they are monkeying with in the first place. However, from their perspective as security guys, the point isn't "Wow, nobody has ever written an embedded device firmware, burned it to a device, and done some stuff with it" it is "Hey, it is possible for a third party of some(but by no means unique) skill and experience to, wholly without the cooperation of the manufacturer, work out everything that is necessary to get an ill documented or undocumented piece of hardware up and running with a new firmware that is both compatible with the original driver and capable of non-malicious operation and also capable of additional malicious functions".

    Anybody who gives the matter a moment's thought, even pure amateurs, must conclude by simple logic that somebody can do it; what the security people are pointing out is that not only can somebody do it, potentially hostile third parties with reasonably available skills and no manufacturer support or collaboration can do it....

  6. Re:how do you hide it? by mysidia · · Score: 5, Insightful

    say you're a front for the chinese military making these things. you install the rootkit. broadcom or whoever will do an audit of retail boxes to make sure the cards are being produced to spec. how do you hide what you did?

    One way is to operate completely within spec. The 'retail box audit' normally includes hardware components, not the actual firmware, so an audit is not likely to detect. It is not like they're going to audit NICs with a $100,000 logic analyzer, and spend thousands of skilled man hours verifying every bit on the programmable chip service matches their master. Hacked firmware can be designed to lie about its own contents when inquired, and these things can be designed to lie dormat for months on average.

    The hacked firmware might open a backdoor only periodically, not every time. Each box will probably be audited once, not 50 times. When an end user gets the thing, they will eventually trigger the malicious code, because they'll use their machine for a long time.

    Isolating the NIC as a cause would be extremely difficult, if the malicious code is sensitive to network activity, and specific kinds of network activity, for example keywords.

    Perhaps the hack is configured only to activate if the computer sends something to an IP address in certain ranges, or containing a certain keyword. There are innumerable criteria that auditing won't detect