Embed Size (px)
Citation preview
A �lesystem attack vectorfor backdoors, rowhammer-like attacks, and
more.
Anil Kurmus
with Nikolas Ioannou, Matthias Neugschwandtner,Nikolaos Papandreou and Thomas Parnell
IBM Research - Zurich
This talkIntroduces �lesystem-tricks that can be used in two
attack scenarios (on ext3):
1. Persistence without tampering binaries/con�g2. Privilege escalation assuming rowhammer-like
attacks on storage media
Outline1. Indirect block manipulation on ext32. Persistence backdoor3. Privesc for rowhammer-like attacks
Primer on ext3... and similar indirect-block-based �lesystems
Inodes
Indirect blocks
Indirect blockmanipulation
It's a pointer... we can and should corrupt it!
Application #1
Persistence backdoorImplant a backdoor to persist root access acrossreboots without modifying system �les, binaries,
con�g �les.
Threat modelAssume attacker has raw disk access (root access)
IdeaCreate "backdoor" �leUpdate its inode: indirect block points to inodetablePersistence achieved!
On rebootWrite into the "backdoor" �leUpdates inode of another �le: for example ashellGet root by creating a suid-root shellDone!
Live demo
Application #2
Flash primer
Flash weaknessesProgram/Erase wearCharge loss over timeCell-to-cell interferenceRead disturb
All were demonstrated, characterized
Cell-to-cell interference
MitigationsScramblerBlock allocation/wear levelingError correcting codes (ECC)
Implemented in SSDs
Flash storage layers1. Flash chip2. Flash controller3. SSD controller4. OS (�lesystem/driver)5. User
A path to rowhammer-likeattacks on �ash
1. Flash chip: cell-to-cell interference.2. Flash controller: scrambler and ECC bypass.3. SSD Controller: wear leveling and block
placement algorithm.4. OS: �lesystem caching and error detection
bypass.5. User: privilege escalation payload.
Prior work1. [Flash chip: cell-to-cell interference.]2. Flash controller: [scrambler] and ECC bypass.3. SSD Controller: wear leveling and block
placement algorithm.4. OS: �lesystem caching and error detection
bypass.5. User: privilege escalation payload.
Our WOOT paper1. Flash chip: cell-to-cell interference.2. Flash controller: scrambler and ECC bypass.3. SSD Controller: wear leveling and block
placement algorithm.4. OS: �lesystem caching and error detection
bypass.5. User: privilege escalation payload.
Flash ECCLong codewords (e.g., >1KB)High correction capability (e.g., >50 bits)
Codewords
Codewords
Codewords
Codewords
Extremely di�cult to achieve this!
The �lesystem attackAssumes:
Attacker can corrupt chosen blockrandom contents (weaker)ext3 �lesystem
Filesystem attackMain idea:
Cause corruption of indirect blockGood chance one pointer points to inode tableOverwrite inode to set SUID-bit rootElevate by executing SUID-root shell
Inodes, indirect blocks
Indirect block corruption
Overwrite inode entries
Improved attackUses double indirect block insteadAchieves full �lesystem read/write99% success
Limitations & Mitigationsunclear whether applicable beyond ext3data integrity checks prevent the attack (ZFS)more in the paper
Conclusion 1/2Random corruption of a chosen block impliesprivilege escalation
with high probability on ext3There is a path to rowhammer-like attacks onSSDs
but none demonstrated yetThis is one piece of the puzzle: the �lesystempart.
Conclusion 2/2The technique is nevertheless applicable in otherdomains:
persistence without modifying binaries/con�g�lesactive attacks against XTS encryption? (futurework!)
We can do neat attacks by manipulating fspointers!
