flip feng shui: hammering a needle in the software stack · flip feng shui: hammering a needle in...

Flip Feng Shui:Hammering a Needle in the Software Stack

Kaveh Razavi Ben Gras Erik BosmanBart Preneel1 Cristiano Giuffrida Herbert Bos

August 10, 2016

1

Teaser

I OpenSSH compromise

I apt-get compromise by GPG signature forgery

I No software bug

I Weak assumptions

I Demo!

1

Contribution

Flip Feng Shui is a novel exploitation structure

I Hardware glitch

I Memory massaging primitive

Makes the glitch

I Easy to target precisely

I Reliable

We demonstrate FFS = Rowhammer + Memory Deduplication

2

Outline

Flip Feng Shui At Work

Flip Feng Shui Mechanics

OpenSSH Attack

GPG/APT Updates Attack Demo

Notification, Conclusion & Further Resources

3

Outline



OpenSSH Attack



4

Outline



OpenSSH Attack



5

Outline



OpenSSH Attack



6

Outline



OpenSSH Attack



7

Section 1


8

Flip Feng ShuiI Flip one bit per page in a co-hosted victim VM

I Whenever you know its contents

I Organised bitflip

I DRAM glitch

I Breaks CPU virtualization isolation

9

Section 2


10


I Co-hosted VMs

I Memory deduplication

I Rowhammer

I RSA

11

Memory deduplication

12


13


14


15


16

Rowhammer

I Causes charge to leak in DRAM

I DRAM row activations cause flips

17

Rowhammer



18

Rowhammer



19

Rowhammer



20

Rowhammer



21

Rowhammer



22

Rowhammer



23

Rowhammer



24

Rowhammer



25

Memory deduplication + Rowhammer = FFS

26


27


28


I FFS breaks COW

29

RSA

I Public key cryptosystem

I Two keys: public and private

I Compute secret private from factorization

30

FFS - What now?Break weakened RSA.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

0 10 20 30 40 50

Fact

ori

zati

on S

ucc

ess

Pro

babili

ty

Available Templates

1024-bit Moduli2048-bit Moduli4096-bit Moduli

31

Section 3

OpenSSH Attack

32

authorized keys file

Looks like this:ssh -rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDXy7MdVToVAvKB0/Xven/kqBzfRZm+GITl6sB0u+Aa3/ UTC3x+eKjB2jf +48 kTP7AvsdbSwg9Q5upN77xX3mNGwwj1RUQpOPPc99XH09M84iCydE +9 smYseySfbJQnrov5Ricz2Z18Neuy5ZUH/Ldrf1NSwWoo5NZL6tj0E9JvZurMPPk2EqEyHltEFC6OetJwEfaPq9kOglmzFtBWLHR4dF1796JeVkFiWcmMaykAoN+JRF2nMlayPlUxdWR0JwxZ2cJ9la/QLXvv8x0tsORGP9ZG5BWqOcD781evuSS3i91BNg6Osl7mlxo6Mc3oUbew/7 ddV08WjdRBn7iQF9WN beng@mymachine

I RSA public key

I Attacker writes this to memory

I We need the private key

33

OpenSSH FFS attack

34

OpenSSH FFS attack

35

OpenSSH FFS attack

36

OpenSSH FFS attack

37

OpenSSH Attack

0

0.2

0.4

0.6

0.8

1

0 2 4 6 8 10 12

CD

F

Attack time (mins)

successful attacks

I Could retry

38

Section 4


39

GPG/APT Updates

I With FFS we flip /etc/apt/sources.list

I With FFS we flip /etc/apt/trusted.gpg

I Use computed private key

I Long term RSA Ubuntu signing keys

40

Section 5

Notification, Conclusion & Further

Resources

41

NotificationI Notified: Red Hat, Oracle, Xen, VMware, Debian,

Ubuntu, OpenSSH, GnuPG, some hosting companies

I Thank you NCSC

I GnuPG commit

42

Conclusion

I Flip Feng Shui breaks isolation

I Co-hosting VMs is risky

I Disable memory dedup

https://www.vusec.net/projects/flip-feng-shui

43

https://www.vusec.net/projects/flip-feng-shui

flip feng shui: hammering a needle in the software stack · flip feng shui: hammering a needle in...

Documents