45085481KIDS – Kernel Intrusion Detection System.ppt

《45085481KIDS – Kernel Intrusion Detection System.ppt》由会员分享，可在线阅读，更多相关《45085481KIDS – Kernel Intrusion Detection System.ppt（66页珍藏版）》请在三一办公上搜索。

1、KIDS Kernel Intrusion Detection System,Rodrigo Rubira BrancoDomingo Montanaro,Disclaimer,This presentation is just about issues we have worked on in our own time,and is NOT related to the companies ideas,opinions or works.We are just security guys who work for big companiesand in our spare time we d

2、o security research and we areorganizers of the Brazilians largest hacking conferencecalled H2HC Hackers 2 Hackers Conference(Hope 2 c u there!)Montanaro main research efforts are in Forensics and Anti-Forensics technics and backdoor detection/reversingRodrigo research efforts are in going inside th

3、eSystem Internals and trying to create new problems tobe solved,Agenda,Motivation Actual Issues to be solvedTools that try to act on this issues and their vulnerabilitiesDifferences between protection levels(software/hardware)StMichael what it actually doesOur ProposalComments on efforts of breaking

4、 our ideasImprovements on StMichael Technical StuffQuestions and Astalavista baby:D,Motivation,Linux is not secure by default(we know,many*secure*linux distributions exist.)Most of efforts till now on OS protection dont really protect the kernel itselfMost of modern OSs use only 2 privileges rings p

5、rovided by Intel arch(4)These efforts in most of current security tools/methods/politics try to block ring3(user-mode)scalation to ring0(kernel-mode)Many(a lot!)of public exploits were released for direct kernel exploitationBeyond of the fact above,it is possible to bypass the systems protectors(suc

6、h as SELinux)After a kernel compromise,life is not the same(never ever!),Userland protections,We enjoined this picture from Julie Tinnes presentationon Windows HIPS evaluation with Slipfest,In ring0 fights,its all a mess.-Lets protect the ring0!First thing the we should do to analize a compromised m

7、achine is to clone the RAM contents.Why?Because all binaries in the system can be cheated statically(binary itself modified)or dynamically(hooked in int80h).So,what do we find in the RAM analisys?*Should be*Everything,Structures commonly searched in memoryEPROCESS and ETHREAD blocks(with references

8、to the memory pages used by the process/threads)Lists like PsActiveProcessList and waiting threads to be scheduled(used for cross-view detection)Interfaces(Ex:Ethernet IP,MAC addr,GW,DNS servers)Sockets and other objects used by running processes(with detailed information regarding endpoints,proto,e

9、tc),There are many techniques in the wild to subvert forensics analisys,Never ever?,Grabbing RAM contents,RAM clone,WindowsE:binUnicodeRelease.dd.exe if=.PhysicalMemory of=E:Ram_Clone.bin bs=512 conv=noerror Linuxking:/mnt/sda1#./dcfldd if=/dev/mem of=Ram_Clone.bin bs=512 conv=noerror,Trustable Meth

10、od?,Windows Malware,Piece of cake:Malware running in user-space(99%of trojan horses that attack brazilian users in Scam),Windows Malware,Inject kernel modules to hide themselvesExamples:Hacker DefenderSuckitAdoreShadow Walker,These rootkits use well known techniques(Ex:IDT hooking)to monitor/subvert

11、 user-space/kernel-space conversations.,dd.exe,Kernel,User-Space,Kernel-Space,ReadFile(),Which File?.PhysicalMemory.PhysicalDrive0Etc.,RAM Forensics Linux Scenario,On Linux,to proceed with RAM analysis,tools like Fatkit are used(Static memory dump file analysis)But at clone time,the destination imag

12、e can be subverted if the machine is compromised with a custom rootkit,dcfldd,Kernel,User-Space,Kernel-Space,int0 x80,execve-/bin/dcflddopen-/etc/ld.so.cacheread-/bin/dcfldd(ELF)mmap2,fstat and others,Is it requesting the addrs of my backdoor task_struct?Yes?So send httpd task_struct,RAM Forensics,s

13、size_t h_read(int fd,void*buf,size_t count)unsigned int i;ssize_t ret;char*tmp;pid_t pid;If the fd(file descriptor)contains somethingthat we are looking for(kmem or mem)return_address();At this point we could check the offset beingrequired.If is our backdoor addr,send another task_structret=o_read(f

14、d,buf,count);change_address();return ret;,int change_address()put our hacks into the kernel,int return_address()return our hacks to the original state,Windows Malware,Lets say our scanner/detector/memory dumper/whatever resides in Kernel-Space and althout using ReadFile()uses ZwReadFile or ZwOpenKey

15、 or Zw*.Reliable?,SST System Service Table Hooking,C:SDTrestore.exeSDTrestore Version 0.2 Proof-of-Concept by SIG2 G-TEC(www.security.org.sg)KeServiceDescriptorTable 80559B80KeServiceDecriptorTable.ServiceTable 804E2D20KeServiceDescriptorTable.ServiceLimit 284ZwClose 19-hooked by unknown at FA881498

16、-ZwCreateFile 25-hooked by unknown at FA881E16-ZwCreateKey 29-hooked by unknown at FA882266-ZwCreateThread 35-hooked by unknown at FA880F8E-ZwEnumerateKey 47-hooked by unknown at FA882360-ZwEnumerateValueKey 49-hooked by unknown at FA881EDE-ZwOpenFile 74-hooked by unknown at FA881D6C-ZwOpenKey 77-ho

17、oked by unknown at FA8822E2-ZwQueryDirectoryFile 91-hooked by unknown at FA881924-ZwQuerySystemInformation AD-hooked by unknown at FA881A4A-ZwReadFile B7-hooked by unknown at FA8810EE-ZwRequestWaitReplyPort C8-hooked by unknown at FA881310-ZwSecureConnectPort D2-hooked by unknown at FA8813EA-ZwWrite

18、File 112-hooked by unknown at FA881146-Number of Service Table entries hooked=14,Windows Malware,Ok,lets say we want to go deeper and grab a file directly from the HD:Then we use IoCallDriver()to talk directly with the HDD.Reliable?,IRP(I/O Request Packet)Hooking,Fonte:Rootkits Advanced MalwareDarre

19、n Bilby,Keep it simple!,How about if our memory grabber just sets up a pointer to offset 0 x00 of RAM memory and copies to another var till it reaches the end of memory?(Regardless of race conditions to kernel memory),Reliable?,WatchPoints in memory pages(DR0 to DR3),When our backdoor offset is hitb

20、y the“inspector”it will generate a#DB(Debug Exception)which we can work on it,Securely?Grabbing the RAM contents,Some hardwares attempt to get the RAM contents,These type of solutions rely on the DMA method of accessing the RAM and then acting on it(CoPolit)or dumping it(Tribble)Tribble Takes a snap

21、shot(dump)of the RAMhttp:/www.digital-evidence.org CoPilot Audits the system integrity by looking at the RAM C Other Firewire(IEEE 1394)Methods Michael Becher,Maximillian Dornseif,Christian N.Klein Core05 CanSecWest,So,after all these steps,we conclude that we*need*to protect the kernel(even from th

22、e own kernel),Breaking into security systems SELinux&LSM,Spenders public exploit(null pointerdereference is a sample):-get_current-disable_selinux&lsm-change gids/uids of the current-chmod/bin/bash to be suid,Disabling SELinux&LSM,disable_selinux-find_selinux_ctxid_to_string()/*find string,then find

23、 the reference to it,then work backwards to find a call to selinux_ctxid_to_string*/What string?audit_rate_limit=%d old=%d by auid=%u subj=%s-/*look for cmp addr,0 x0*/then set selinux_enable to zero-find_unregister_security();What string?%s:trying to unregister aThan set the security_ops to dummy_s

24、ec_ops;),Why this code is so important?,It is a public way to bypass security mechanisms if you have kernel code executionWE HAVE USED IT TO PROTECT SELINUX AND LSM in StMichael;),PaX Details Kernel Protections,-KERNEXEC*Introduces non-exec data into the kernel level*Read-only kernel internal struct

25、ures-RANDKSTACK*Introduce randomness into the kernel stack address of a task*Not really useful when many tasks are involved nor when a task isptraced(some tools use ptraced childs)-UDEREF*Protects agains usermode null pointer dereferences,mapping guardpages and putting different user DS The PaX KERN

26、EXEC improves the kernel security because it turnsmany parts of the kernel read-only.To get around of this an attacker need a bug that gives arbitrary write ability(to modify page entries directly).,Actual Problems,Security normally runs on ring0,but usually on kernel bugs attacker has ring0 privill

27、egesAlmost impossible to prevent(Joanna said we need a new hardware-help,really?)Lots of kernel-based detection bypassing(forensics challenge)Detection on kernel-based backdoors or attacks rely on“mistakes”made by attackers-how to detect an unknown rootkit?,Changing page permissions(writing in a pax

28、 protected kernel),static int change_perm(unsigned int*addr)struct page*pg;pgprot_t prot;/*Change kernel Page Permissions*/pg=virt_to_page(addr);/*We may experience some problems in RHEL 5 because it uses sparse mem*/prot.pgprot=VM_READ|VM_WRITE|VM_EXEC;/*0 x7-R-W-X*/change_page_attr(pg,1,prot);glob

29、al_flush_tlb();/*We need to flush the tlb,its done reloading the value in cr3*/return 0;/StMichael uses similar code to change kernel pages to RO,Handling page faults,void do_page_fault(struct pt_regs*regs,unsigned long error_code)arch/mm/fault.cGet the unaccessible address from cr2Get the address t

30、hat caused the exception from regs-eipVerify if someone is trying to write in a protected areaWe need to care about page access violations,to provide realtime detection.When the system tries to access an invalid memory location,the MMU will generate an exception and the CPU will call thedo_page_faul

31、t to search the exception table for this EIP(ELFsection _ex_table),Optimization,Many efforts are needed to accomplish code optimizationWe already do Lazy TLB:When our threads executes,we copy the old active mm pointer to be our own pointerDoing so,the system does not need to flush the TLB(one of the

32、 most expensive things)Because our system just touch kernel-level memory,we dont need to care about wrong resolutionsThats why we cannot just protect the kcrash kernel,How interrupts are handled,Here we will try to cover two different platforms:Intel and PowerPCThe general idea is to begin showing h

33、ow our model can be expanded to other architectures(Like Power,which does not have System Management Mode in the same way as the Intel arch)Interruptions are handled in different ways by different platforms,Intel Platform system calls,Two different ways:Software interrupt 0 x80Vsyscalls(newer PIV+pr

34、ocessors calls to user space memory(vsyscall page)and using sysenter and sysexit functionsTo create the system call handler,the system does:set_system_gate(SYSCALL_VECTOR,&system_call)This is done in entry.S and creates a user privilege descriptor at entry 128(the syscall_vector)pointing to the addr

35、ess of the syscall handler(in that case,system_call),Power Platform system calls,PPC interrupt routines are anchored to fixed memory locationsIn head.S the system does:.=0 xc00SystemCall:EXCEPTION_PROLOGEXC_XFER_EE_LITE(0 xc00,DoSyscall),Intel Platform Time interrupts,Historically used a cascaded pa

36、ir of Intel 8259 interrupt controllersNow,most of the system uses APIC,which can emulate the old behaviorEach interrupt on x86 is assigned a unique number,known as vector.At the interrupt time,this vector is used as index to the Interrupt Descriptor Table(IDT)Uses the Intel 8254 timer with a Program

37、mable Interval Timer(PIT)16-bit down counter activate an interrupt in the IRQ0 of the 8259 controller,Power uses a 32 bit decrementer,built-in in the CPU(running in the same clock)The timer handler is located at the fixed address 0 x900:In head.S:EXCEPTION(0 x900,Decrementer,timer_interrupt,EXC_XFER

38、_LITE)External interrupts comes in the fixed address 0 x500 and are treated in a similar way to the intel IDT jump,Power Platform Time interrupts,Julio Auto at H2HC III proposed an IDT hooking to bypass StMichael in Vietnam we showed a working sample of this proposal(he just give a theorical idea to

39、 bypass it)Also,he has proposed a way to protect it hooking the init_module and checking the opcodes of the new-inserted moduleIt has two main problems:Can be easily defeated using polymorphic shellcodesJust protect against module insertion not against arbitrary write(main purpose of stmichael),Effo

40、rts on bypassing StMichael,Proposed solutions against it,Julio Auto proposed statical memory analysis as solution but,what about polymorphic code?:asm(jmp label3nlabel1:npopl%eaxnmovl%eax,%0njmp label2nlabel3:ncall label1nlabel2:=m(address);,Memory cloaking,As exposed by Sherri Sparks and Jamie Butl

41、er in the Shadow Walker talk at Blackhat and already used by PaX project,the Intel architecture has splitted TLBs for data and code executionSomeone can force a TLB desynchronization to hide kernel-text modifications from our reads(we will explain more about that in our HITB Malaysia talk)This techn

42、ique relies in the page fault handler patch,since we protect the hardware debug registers(see more ahead)and we also check the default handler,it cannot be used to bypass StMichael.,Efforts on bypassing StMichael,The best approach(and easy?)way to bypass StMichael is:Read the list of VMAs in the sys

43、tem,detecting the ones with execution property enabled in the dynamic memory sectionDoing so you can spot where is the StMichael code in the kernel memory,so,just need to attack it.Thats the motivation in the Joannas comment about we need new hardware helping us.but.,How?SMM!,SMM System Management M

44、ode,The Intel System Management Mode(SMM)is typically used to execute specific routines for power management.After entering SMM,various parts of a system can be shut down or disabled to minimize power consumption.SMM operates independently of other system software,and can be used for other purposes

45、too.,From the Intel386tm Product Overview,Context switches,From Cansecwest 2006 Duflot,PE Protection Mode Enable FlagVM Virtual Mode Enable FlagRSM Return from SMMSMI SMM Interrupt,SMM Resources,No paging 16 bits addressing mode,but all memory accessible using memory extension addressingTo enter SMM

46、,we need an SMITo leave the SMM,we need the RSM instructionWhen entering in SMM,the processor will save the actual context so,we can leave it in any portion of the address space we want see more aheadSMM runs in a protected memory,at SMBASE and called SMRAM,SMM Details,SMM registers can be locked se

47、tting the D_LCK flag(bit 4 in the MCH SMM register)SMI_STS contains the device who generated the SMI(write-reset register)In the NorthBridge,the memory controller hub contains the SMM control register the bit 6,D_OPEN,specifies that access to the memory range SMRAM will go to SMM and not for the I/O

48、 portThe BIOS may set the D_LCK register,if so,we need to patch the BIOS too(tks to the LinuxBIOS project,its pretty easy),Generating an SMI event,We have many possibilities:Using ACPI events(do you remember hibernation and sleep)Using an external#SMI generator in the bus Some systems(AMD Geode?)are

49、 always generating this kind of interruptWriting to a specific I/O port also generates an#SMIThis can be used to instrument the system to generate#SMI events in some situations compiler modifications,statical patch need to be done yet SystemTAP gurus wanted,Generating an SMI event-deeper,All memory

50、transactions from the CPU are placed on the host bus to be consumed by some devicePotentially the CPU itself would decode a range such as the Local APIC range,and the transaction would be satisfied before needing to be placed on the external bus at all.If the CPU does not claim the transaction,then