anti-forensic resilient memory acquisition -...

Anti-Forensic Resilient Memory Acquisition

Johannes Stüttgen+ and Michael Cohen*

+Department of Computer Science *Google Inc.University Erlangen-Nuremberg Zurich

Germany Switzerland

07.08.2013

Johannes Stüttgen Anti-Forensic Resilient Memory Acquisition 1 / 16

Motivation

Physical memory analysis increasingly common in IR scenariosMemory images are often acquired by softwareThis has raised the attention of malware authorsWe analyse the attack surface of current acquisition tools andpropose an anti-forensic resilient approach for memory acquisition

ScenarioLive AnalysisCompromised MachineNo physical access

Software Acquisition

No access to hardware virtualization supportAbility to load driver/kernel module


Accessing the Physical Address Space

Device DMA Buffer

PCI Resource

OS Memory

Reserved

MMU

CR3 + PTE

Physical Memory

Virtual (Linear) Address Space

Physical Memory

ReservedMemory Access

Memory Access

BIOS Layout as reported by Int 15

AX:E820

OS Memory

Physical Address Space

Reserved

Potentially Hidden


The Anti-Forensics Problem

Defeating WindowsDefeating Windowsmemory forensicsmemory forensics29c329c3

December 28, 2012.December 28, 2012.

Luka Milković[email protected]

INFIGO IS http://www.infigo.hr

Copyright Security-Assessment.com 2006

Low Down and Dirty:Anti-forensic Rootkits

Presented by Darren BilbyRuxcon 2006


The Live Analysis Dilemma

Inherent Problems of Live ForensicsWe work on a potentially compromised machineUsing a potentially subverted operating systemWith the same privileges as an intruderWho was there first

ConclusionsPerform only the most essential steps of analysis on the systemUsing as little APIs as possibleOn the highest possible privilege levelAnd still be aware our results might be wrong


Experiment with Current Tools

Take a „modern“ system (Win 7 x64 SP1)Manipulate a number of commonly used APIs and structures for

Memory Enumeration (GetPhysicalMemoryRanges)Memory (MapMemoryDumpMdl)Location of Kernel Symbols (KDBG)

Evaluate the performance of „current“ memory acquisition tools

Tool Version Format KDBG GetPhysicalMemoryRanges MapMemoryDumpMdlMemoryze 2.0 raw

FTK Imager 3.1.2 raw

Win64dd 1.4.0 raw /Win64dd 1.4.0 dmp

DumpIt 1.4.0 raw

WinPmem 1.3.1 raw

WinPmem 1.3.1 dmp

WindowsMemoryReader 1.0 raw

WindowsMemoryReader 1.0 dmp


The Cause of these Problems

Trust compromised kernelTo report the precise memory geometryTo map memory correctly

Platform independent problemWindows

MmGetPhysicalMemoryRanges() / SMBIOSMapViewOfSection() / MmMapIoSpace() /MmMapMemoryDumpMdl()

Mac OS XPE_state.bootArgsPhysicalMemoryDescriptor

Linuxiomem_ressourcekmap()


Possible Solution

Memory EnumerationDo not trust the information provided by BIOS/EFI/KernelFind out where exactly MMIO is locatedAcquire everything except MMIO regions

Memory MappingWe don’t need the kernel for thatAny driver running in ring 0 has access to the page tablesEdit the page tables ourselves to map physical memoryDo so in a stealthy manner to make detection hard


Memory Enumeration

MMIO is managed by the northbridgeMost devices are attached to PCI(e) busUsing Port I/O, we can query all PCI devices and bridges andretrieve the base address register (BAR) and buffer size

FeasabilityThis is exactly what lspci doesIt does so even from userspacelspci -H1 -v


Direct PTE Remapping I

PML4 Offset PDPT Offset PDT Offset PT Offset Frame Offset

Page Table

PTE

Page Directory

PDE

Page Directory Pointer Table

PDPTE

Page Map Level 4

PML4E

CR3

Virtual Address Space

Rogue Page


Rogue Frame

Rogue Page Virtual Address

Allocate one non-paged page of memoryLocate page table entry (PTE)


Direct PTE Remapping II

PML4 Offset PDPT Offset PDT Offset PT Offset Frame Offset

Page Table

PTE

Page Directory

PDE

Page Directory Pointer Table

PDPTE

Page Map Level 4

PML4E

CR3

Virtual Address Space

Rogue Page


Rogue Frame

Rogue Page Virtual Address

Arbitrary Frame

Flush TLB

Overwrite PTE physical offsetFlush PTE from TLB


Stability

ConcernsSoftware is not supposed to map physical page simultaneouslywith different cache attributesOperating system might use our PTE and crashThere are more than just PCI devices connected to the memorybus (RCT, HPET, APIC, ...)

ExperiencesSince we only read from the rogue mapping caching shouldn’t bea problemUsing non-paged memory prevented the operating system fromtouching the rogue PTE in our testsFor all standard devices present in our test system reading wasnot a problem


Limitations

Memory EnumerationA debug register hook can detect Port I/OWith the general detect bit on this is virtually undetectableA rootkit could simulate a PCI device and mark its memory asdevice memoryOf course this could also point an investigator directly to its code...

Memory MappingA page-fault handler hook together with marking the page tablesread only can detect direct modifications of the rogue PTEA solution to this could be creating and using our own page tablesduring the acquisition step


Conclusions

Software acquisition can always be subverted on the sameprivilege levelCurrently it’s shockingly simple, we should make this harder to do

Code ReleaseInitial release for WindowsGrab it at: http://goo.gl/9VnnkYSlides at http://goo.gl/ALFfT4Our code works on any x86 cpu, regardless of the OSSuccessful tests on OSX and Linux, expect cross platform releaseat https://code.google.com/p/pmem


http://goo.gl/9VnnkY

http://goo.gl/ALFfT4

https://code.google.com/p/pmem

Tool Testing

It is very important to test our tools to find such weaknessesEspecially in the context of an active adversaryWe are not trying to criticise any specific toolThe problem is a general one in any tool relying on kernel API’s

MoonsolsWe would like to thank Mathieu Suiche for openly sharing his toolswith us for testingHe set a great example in a community where many others try tokeep their methods secret


EOF

Questions?


anti-forensic resilient memory acquisition -...

Documents