FOREWORD by Rodrigo Rubira Branco
Part 3: Defense and Forensic Techniques
1
WHAT’S IN A ROOTKIT: THE TDL3 CASE STUDY
History of TDL3 Distribution in the Wild
How TDL3’s Kernel-Mode Hooks Work
Conclusion: TDL3 Meets Its Nemesis
2
FESTI ROOTKIT: THE MOST ADVANCED SPAM AND DDOS BOT
Festi Configuration Information for C&C Communication
Festi’s Object-Oriented Framework
Anti–Virtual Machine Techniques
The Method for Hiding the Malicious Driver on Disk
The Method for Protecting the Festi Registry Key
The Festi Network Communication Protocol
Bypassing Security and Forensics Software
The Domain Generation Algorithm for C&C Failure
Intercepting the File Operations
Intercepting the Object Dispatcher
The Great Rootkits Arms Race: A Nostalgic Note
The Kernel-Mode Code Signing Policy
5
OPERATING SYSTEM BOOT PROCESS ESSENTIALS
High-Level Overview of the Windows Boot Process
BIOS and the Preboot Environment
The Volume Boot Record and Initial Program Loader
The bootmgr Module and Boot Configuration Data
The Early Launch Anti-Malware Module
Microsoft Kernel-Mode Code Signing Policy
Kernel-Mode Drivers Subject to Integrity Checks
The Legacy Code Integrity Weakness
Defensive Changes in Windows 8
Virtualization-Based Security in Windows 10
Second Level Address Translation
Virtual Secure Mode and Device Guard
Device Guard Limitations on Driver Development
MBR Code Modification: The TDL4 Infection Technique
MBR Partition Table Modification
8
STATIC ANALYSIS OF A BOOTKIT USING IDA PRO
Loading and Decrypting the MBR
Analyzing the BIOS Disk Service
Analyzing the Infected MBR’s Partition Table
Evaluating Other Bootkit Components
Advanced IDA Pro Usage: Writing a Custom MBR Loader
Creating the Partition Table Structure
9
BOOTKIT DYNAMIC ANALYSIS: EMULATION AND VIRTUALIZATION
Using the Bochs Internal Debugger
Virtualization with VMware Workstation
Configuring the VMware Workstation
Microsoft Hyper-V and Oracle VirtualBox
10
AN EVOLUTION OF MBR AND VBR INFECTION TECHNIQUES: OLMASCO
Tracing Functionality for Future Development
Antidebugging and Antiemulation Tricks
Boot Process of the Infected System
Hooking the Hard Drive Device Object and Injecting the Payload
Maintaining the Hidden Filesystem
Implementing the Transport Driver Interface to Redirect Network Communication
11
IPL BOOTKITS: ROVNIX AND CARBERP
Post-Infection Boot Process and IPL
Implementing the Polymorphic Decryptor
Decrypting the Rovnix Bootloader with VMware and IDA Pro
Taking Control by Patching the Windows Bootloader
Loading the Malicious Kernel-Mode Driver
Kernel-Mode Driver Functionality
Stealth Self-Defense Mechanisms
Formatting the Partition as a Virtual FAT System
Encrypting the Hidden Filesystem
Accessing the Hidden Filesystem
The Hidden Communication Channel
Case History: The Carberp Connection
12
GAPZ: ADVANCED VBR INFECTION
Infecting the System with the Gapz Bootkit
Reviewing the BIOS Parameter Block
Loading the Malicious Kernel-Mode Driver
Self-Defense Against Antimalware Software
Payload Communication Interface
A Brief History of Modern Ransomware
Ransomware with Bootkit Functionality
Analyzing the Petya Ransomware
Acquiring Administrator Privileges
Infecting the Hard Drive (Step 1)
Encrypting with the Malicious Bootloader Configuration Data
Wrapping Up: Final Thoughts on Petya
Analyzing the Satana Ransomware
Wrapping Up: Final Thoughts on Satana
14
UEFI BOOT VS. THE MBR/VBR BOOT PROCESS
The Unified Extensible Firmware Interface
Differences Between the Legacy BIOS and UEFI Boot Processes
Disk Partitioning: MBR vs. GPT
GUID Partition Table Specifics
Inside the Operating System Loader
Security Benefits of UEFI Firmware
Overview of Historical BIOS Threats
WinCIH, the First Malware to Target BIOS
An Overview of Other Threats and Counters
(In)Effectiveness of Memory Protection Bits
Modifying an Unsigned UEFI Option ROM
Adding or Modifying a DXE Driver
Understanding Rootkit Injection
Hacking Team’s Vector-EDK Rootkit
16
UEFI FIRMWARE VULNERABILITIES
What Makes Firmware Vulnerable?
Classifying UEFI Firmware Vulnerabilities
Post-Exploitation Vulnerabilities
Compromised Supply Chain Vulnerabilities
Supply Chain Vulnerability Mitigation
A History of UEFI Firmware Protections
SPI Flash Protections and Their Vulnerabilities
Risks Posed by an Unauthenticated BIOS Update
BIOS Protection with Secure Boot
Vulnerabilities in the SMM Modules
Vulnerabilities in the S3 Boot Script
Understanding the S3 Boot Script
Targeting Weaknesses of the S3 Boot Script
Exploiting the S3 Boot Script Vulnerability
Fixing the S3 Boot Script Vulnerability
Vulnerabilities in the Intel Management Engine
A History of ME Vulnerabilities
Case Studies: Attacks on Intel AMT and BMC
PART III: DEFENSE AND FORENSIC TECHNIQUES
UEFI Secure Boot Implementation Details
Executable Authentication with Digital Signatures
UEFI Secure Boot: The Complete Picture
Protection Against Bootkits Using Secure Boot
Patching PI Firmware to Disable Secure Boot
Modifying the UEFI Variables to Bypass Security Checks
Protecting Secure Boot with Verified and Measured Boot
Verified Boot vs. Firmware Rootkits
18
APPROACHES TO ANALYZING HIDDEN FILESYSTEMS
Overview of Hidden Filesystems
Retrieving Bootkit Data from a Hidden Filesystem
Retrieving Data from an Offline System
Hooking the Miniport Storage Driver
Parsing the Hidden Filesystem Image
19
BIOS/UEFI FORENSICS: FIRMWARE ACQUISITION AND ANALYSIS APPROACHES
Limitations of Our Forensic Techniques
Compromising BIOS Through Firmware Vulnerability
Understanding Firmware Acquisition
The Software Approach to Firmware Acquisition
Locating PCI Configuration Space Registers
Calculating SPI Configuration Register Addresses
Reading Data from the SPI Flash
Considering the Drawbacks of the Software Approach
The Hardware Approach to Firmware Acquisition
Reviewing a Lenovo ThinkPad T540p Case Study
Locating the SPI Flash Memory Chip
Reading the SPI Flash with the FT2232 Mini Module
Analyzing the Firmware Image with UEFITool
Getting to Know the SPI Flash Regions
Viewing SPI Flash Regions with UEFITool
Analyzing the Firmware Image with Chipsec
Getting to Know the Chipsec Architecture