Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

ZeroNights 2014: EMET 5.1 - Armor or Curtain?

No description
by

on 18 November 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of ZeroNights 2014: EMET 5.1 - Armor or Curtain?


Introduction
Exploitation in 2014
Locating EMET.dll in memory
Advanced Code Reuse
Bypassing: ROP protections
Bypassing: EAF
Final thoughts and questions
Agenda
Name:
René Freingruber
Age:
24
Security Consultant at
SEC Consult
Bachelor thesis about exploitation
I want to thank Dipl. Ing. Mag.
Rer.soc.oec. Dr. techn.
Christian Platzer
at this point
Interests:
Memory corruptions & exploitation
Web application security
Reversing, malware analysis, forensic, ...
Who am I?
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
1
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


A journey back to 2000...
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Write direction
Execution
direction
Protections today
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


ASLR - Address Space Layout Randomization
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Bypass methods:
Bruteforce
Use registers (e.g. JMP ESP)
Use pointer on stack (pop pop ret)
Use heap (only ASLR v.1)
Heap Spraying
Use not randomized sections, e.g. text, ...
Call program with execve
Use a format string vulnerability
Overflow function variables
Multiple overflows
Overflow fields from adjacent memory
Relative leaks
Partial overwrites
Use an info leak (manipulate strings)
"Disable" ASLR, e.g. ulimit -s unlimited
....

We have to bypass all these mitigation techniques!

No protection mechanism is 100% bullet proof, exploitability is (mostly) limited by the attackers creativity.

The most difficult part is to bypass ASLR and DEP together
Companies and organisations SEC Consult has released security advisories
for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


DEP - Data Execution Prevention
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Bypass methods:
ret2libc: Return into existing functions from loaded modules
ROP - return oriented programming: Build needed code (e.g. code to disable DEP) by chaining existing gadgets together
...

Firefox Array.reduceRight (CVE-2011-2371)
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Exploit works (reliable) against:
Windows XP, Vista, Win7, Win8, 2k3, 2k8, 2012, ....

Exploit bypasses:
ASLR (Address space layout randomization)
DEP (Data execution prevention)

Exploit does not use heap spray

Exploit does not crash the browser

Today we don't have enough time to explain all details about the exploit...
See the great talk: "A tale of two Firefox Bugs" by Fionnbharr Davies
The vulnerability
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Array.reduceRight() invokes a callback on all elements of an array

Array.reduce() starts with the first element and ends with the last

Array.reduceRight() starts with the last element (with index = length - 1) and ends with the first

By setting length to a very huge value (e.g. 0xc0000000) elements outside the array can be accessed!

Since the index is added as a relative offset to the base address of the array ASLR is easily bypassed because only relative offsets are used (ASLR only randomizes absolute addresses)
Bypassing ASLR
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


0xC0000000-17
0xC0000000
0xC0000000
Relative to absolute leak
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


0xC0000000
Code execution
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


0xC0000000
Code execution
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Relative leaking was done by interpreting the data as "number"

Absolute leaking was done by changing the type to "string"

Code execution can be achieved by changing the type to "object"
Object
execution
Virtual table
Bypass DEP with ROP chain
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


Because of DEP the discussed approach would fail since the shellcode can't be executed

First disable DEP with a ROP chain

After executing one ROP gadget the address of the next will be taken from the stack pointer (ESP/RSP)

If this memory location is not under the attackers control, the stack pointer must be shifted to a memory location that is.
Bypass DEP with ROP chain
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


low address
high address
current ESP
needed ESP
Firefox module contains the following code:
We don't have to jump to the start of an instruction...
ROP chain generated by !mona
The following ROP chain was generated by !mona

It "fake-calls" VirtualAlloc() via a push instruction to disable DEP
We want to protect from real attackers

That means we have to think like real attackers

Goals of real attackers:
Reliable bypass techniques
New exploit should work against EMET unprotected as well as protected applications
Should work against any Windows version running any EMET version
Bypass should be easy to reuse
General considerations
EMET works by injecting a module (EMET.dll) into all protected applications

By hooking functions EMET can add additional checks before and after a function gets executed.

EMET.dll is a great target to build bypasses on top of it because it will be in all protected applications, thus a bypass can easily be reused when exploiting another vulnerability
EMET overview
Other researchers from Offensive Security implemented an EMET bypass which depend on getting the imagebase of EMET.dll first



Their approach: Assume that GetModuleHandle is imported by the module, then read its address from the import table
Locating EMET.dll in memory
http://www.offensive-security.com/vulndev/disarming-enhanced-mitigation-experience-toolkit-emet/
http://www.offensive-security.com/vulndev/disarming-emet-v5-0/
GetModuleHandle approach
Directly implementing the same approach was not possible because mozjs.dll does not import GetModuleHandle
But: mozjs.dll imports exit from mozcrt19.dll and mozcrt19.dll imports GetModuleHandle
The idea:
Read from the IAT (import address table) of mozjs.dll the pointer to the exit function from mozcrt19.dll
Add a relative offset to the address from the exit function to come to the IAT entry for GetModuleHandle and resolve it

The disadvantage:
This approach adds a new dependency to mozcrt19.dll
Maybe there is no module that imports GetModuleHandle
The hook approach
As already mentioned, EMET hooks "critical functions"

Examples of "critical functions":
VirtualAlloc()
VirtualProtect()
WinExec()
LoadLibrary()
....

This way EMET can add checks, e.g. is the stack pointer currently on the stack or was it shifted away (as we do in the Firefox exploit)

Remember: At least one critical function must be imported by one module or it would not be possible to disable DEP!
Digression: Finding ROP gadgets
Put content of EBP into ESP, possible gadgets:
mov esp, ebp # ret
xchg esp, ebp # ret
xchg ebp, esp # ret
push ebp # pop esp # ret
mov ebx, ebp # mov esp, ebx # ret
mov eax, ebp # xchg eax, esp # ret
xor esp, esp # add esp, ebp # ret
lea esp, [ebp] # ret
.....

This is just the stack shifting gadget where only one gadget can be executed! Typically we can also combine gadgets...

Searching for such gadgets can waste a lot of time!
Digression: Finding ROP gadgets
Idea:
Use pyemu to emulate all gadgets
Store the gadgets in a database together with the identified behavior of the gadget
Search for gadgets by specifying the required behaviour

Examples queries:
Get all gadgets which change ESP based on EBP
Get all gadgets which set EAX to zero
Get all gadgets which set ECX to 5
Gadget 1: Set EAX to zero
Gadget 2: Pop 5 into EDX
Gadget 3: Add EDX to EAX
Gadget 4: Move EAX to ECX
The hook approach
Write a ROP chain which does the following:

Resolve the IAT entry for a "critical function"

Read the first 5 bytes of that function
Is the first instruction "mov edi, edi"? => Not EMET protected!
Is the first instruction a jump? => EMET protected

Follow the jump to reach the "hook code"

Find the call-instruction and resolve the call target

Call target points into EMET.dll, thus using a scan-down approach the PE/DOS header can be found
The hook approach
Hardcoded offsets based on version of EMET? => BAD
We currently don't know the exact version of EMET.dll
Attacker must pre-configure the exact version, thus reliable exploitation is not possible

In this ROP chain hardcoded offsets were used to:
Locate the call in the hooking code
Find the PE/DOS header based on the EMET.dll pointer

To dynamically calculate these offsets with need conditional jumps in the ROP chain, which is not easy - but also not impossible
For browser-like applications we have a better approach!
When targeting local applications we need to write such a chain
Advanced code reuse
In ROP we use the idea to "reuse" or "abuse" already existing code

When attacking a browser/pdf reader we know that there must be code related to JavaScript, e.g. to handle strings

Idea: Write a short ROP chain which manipulates data structures, then work in JavaScript with the manipulated data structure

Requirements for this technique:
Vulnerability which does not crash
Application with scripting support

Is already described in: "ROPs are for the 99%" by Yang Yu

Advanced code reuse
Example 1:
Manipulate a string and let it point to the hooking code
Implement the parsing of the hooking code in JavaScript
Thus a ROP chain with conditional jumps is not necessary

Example 2:
Manipulate an array and let it point to the stack
Use JavaScript to copy the payload from the heap to the stack by saving it in this array
Useful when bypassing EMET's StackPivot protections

Example 3:
Place a string over EMET.dll (or NTDLL.dll, ...)
Use search functions such as .indexOf() to dynamically find ROP gadgets
ROP protections - LoadLib
Deny LoadLibrary() from loading modules from UNC paths

Bypass not required because we don't load additional modules

See "Bypassing all of the Things" by Aaron Portnoy for a bypass
ROP protections
Additional checks (via the hooks) before a "critical function" is called

Possible approaches to bypass them:
1) Bypass each protection separately
"Bypassing EMET 4.1" by Jared DeMott gives a great overview

2) Bypass all protections together by "disabling" them
Idea from Offensive Security

3) Do not use hooked functions, use systemcalls instead
Using hardcoded systemcall-numbers will reduce the reliability of the exploit
We will later see a technique which doesn't need hardcoded systemcall numbers
ROP protections - Caller
Check if function was "called" and not "returned" or "jumped" into
Allowed: call function
Disallowed: push return_address # jmp function
Disallowed: push return_address # push function # ret

In a ROP chain we typically would "return" into a function

Bypass:
Return to code which does a "call function"
Modify Metasploit shellcode to call functions instead of jumping to them
ROP protections - Caller
This idea is from "Bypassing EMET 4.1" by Jared DeMott

He used the following "call VirtualAlloc" gadget
Use calls which are near a return to not risk a crash

But what if there is no such call to the critical function?
Use "call r32" instead!
ROP protections - SimExecFlow
Simulate execution forward and check at return addresses if functions were "called" and not "jumped" or "returned" into

Bypassed together with Caller bypass. When doing ROP to disable DEP we use the already discussed approach to return to a "call critical_function"

But: later during shellcode execution (e.g. shellcode of Metasploit) critical functions (e.g. WinExec) will be called and SimExecFlow also triggers there!
Solution 1: Use ROP also there
Solution 2: add "call $+5 # pop r32" after the shellcode to confuse SimExecFlow
"Disable" ROP protections
See:
http://www.offensive-security.com/vulndev/disarming-enhanced-mitigation-experience-toolkit-emet/
http://www.offensive-security.com/vulndev/disarming-emet-v5-0/

Using a ROP chain a global flag can be set to zero to disable all ROP protections....
This worked for EMET 4.1
In EMET 5.0 a pointer must first be decoded to find the global flag but that's easy to implement, see the blog posts
Recommended solution: Store the flag in a read-only location
Use Systemcalls
The third approach is to direct use systemcalls

Hardcoding systemcall numbers is bad because they change from one OS to another (or even between Service Packs)
In a browser exploit we can first execute JavaScript to determine the OS but we can't get the exact Service Pack
We could write a ROP chain to identify the Service Pack but then we need again conditional jumps or the "advanced code reuse" technique

There is something better.... Do you remember the hooking code?
Relative to the first hook address!
points to
WE CAN DIRECTLY JUMP HERE!
EAF
EAF = export address table access filtering

Shellcode must parse the AddressOfFunctions field to find the address for functions such as LoadLibrary() or GetProcAddress()

EMET uses hardware breakpoints to break when a read attempt to such a field (either in kernel32.dll, kernelbase.dll or ntdll.dll) is encountered.

When the breakpoint is triggered EMET checks if the current instruction belongs to a module (if not it is most likely shellcode)
Bypassing EAF
Many methods exist:
Use a ROP gadget to read the field

Use the "advanced code reuse" technique

Resolve function addresses using the IAT

Remove breakpoints before executing shellcode!

Remove hw-breakpoints
We can use two different APIs to remove hardware breakpoints:
SetThreadContext()
NtContinue() (used by exception handling)

Main approach by "Piotr Bania"
See: http://piotrbania.com/all/articles/anti_emet_eaf.txt
Uses hardcoded systemcall numbers

We want to avoid hardcoded systemcall numbers!
Idea: Use API instead of systemcalls
Problem: EMET 5.0 now also hooks both API functions to prevent attackers from removing the breakpoints
Remove hw-breakpoints
1) ZwSetContextThread systemcall
Advantage: Easy to write
Disadvantage: Works only against one OS with a specific SP

2) NtContinue systemcall
Advantage: Easy to write
Disadvantage: Works only against one OS with a specific SP

3) Return to EMET.dll which calls SetThreadContext()
Advantage: Works OS / SP independent
Disadvantage: only for EMET 4.1 or "disable" hooks first on EMET 5.0

Remove hw-breakpoints
4) Register an exception handler, trigger exception and remove breakpoints there
Advantage: can target any OS with any SP
Disadvantage: We have to defeat /SafeSEH first...
If one module is not compiled with /SafeSEH it's easy
Otherwise we have to change the /SafeSEH table of a loaded module first => First make it rwx and then add the needed gadget
....


Remove hw-breakpoints
5) Before the registered exception handler is invoked a callback of EMET will be called. If EMET can hook functions, we can also :) Hook the callback of EMET and manipulate the data in a way to directly return to the NtContinue() call
Advantage: can target any OS with any SP
Disadvantage: Works only against EMET 4.1; For EMET 5.0 hooks
must first be "disabled".

Remove hw-breakpoints
6) Use the already discussed approach to "jump over the hook" directly to the systemcall!
Advantage: Works against any OS with any SP with any EMET version
Disadvantage: None

We now have discussed the most powerful protections of EMET, but EMET contains more protections:
ASR - Attack Surface Reduction
Certificate Trust
SEHOP
Heap Spray / Null Page pre-allocation
See my RuxCon 2014 slides for bypasses!
MandatoryASLR / BottomUpRandomization
EAF+
Final thoughts
Recap:
1) Identify presence of EMET, extract its imagebase and version

2) Build everything based on EMET imagebase
For this presentation I have built all ROP chains based on mozjs.dll, therefore you cannot copy&paste these ROP chains!

Final thoughts
Recap:
3) If the EMET version is unknown, gadgets can be retrieved using "advanced code reuse"

4) A better approach: Use "advanced code reuse" to read the complete EMET.dll file and send it back to the attacker e.g. via AJAX, analyze it and send the new generated payload to the victim => If a vulnerability for a local application is found later, a database for all possible EMET.dll versions is already existing!
Final thoughts
Thank you for your attention.
Any questions?
Questions?
Contact
SEC Consult - Who we are
Global leadership in:
Information security services
Consulting

50+ Security Experts

Fully certified:
ISO 27001/2
Working for:
Financial institutions
Insurances
Government and Defense
Software manufacturers
Worldwide acting vulnerability lab
Offices in:
Austria (HQ)
Germany
Lithuania
Singapore / Thailand
Russia
SEC Consult would appreciate to work with Microsoft on improving the resilience of future EMET releases. We already have a bunch on ideas to make it even harder for attackers to bypass EMET.
Final thoughts
ROP protections - MemProt
Prevent functions like VirtualProtect(), VirtualAlloc() , ... from making the stack executable

Bypass: Make another location (e.g. heap) executable

A modified ROP chain is needed
Typically !mona is used to generate a ROP chain
ROP chain by !mona will make the address executable where ESP is pointing to
We will later see that we have to move the ROP chain to the stack (to bypass StackPivot), therefore we need to write a custom ROP chain
ROP protections - StackPivot
Checks if the stack pointer is pointing to the stack (and not to the heap)
Bypass:
We must ensure that ESP points to the stack when a critical function is called
The easiest way to accomplish this to move the ROP chain to the stack
This technique is already described by some blog posts
Explanation: ROP chain
European leading research lab for the identification of vulnerabilities and the analysis of new technologies, products and applications (security advisories)

Integral part of the education and the further training of the security experts at SEC Consult

Early information of our customers due to SEC Consult security alerts

Support of well-known manufacturers to enhance the security of their products
SEC Consult Vulnerability Lab
Companies and organisations SEC Consult has released security advisories for (excerpt). For details see: https://www.sec-consult.com/de/Vulnerability-Lab/Advisories.htm


function a() {
0x00401000 call b();
0x00401005 instruction a;
0x00401007 return;
}
function b() {
0x00402010 call c();
0x00402015 instruction b;
0x00402019 return;
}
function c() {
0x00403201 call foo();
0x00403206 instruction c;
0x00403207 return;
}
Stack
other stack values
0x00401005 # instr. a
0x00402015 # instr. b
0x00403206 # instr. c
low address
high address
unused stack space
Initial exploit without EMET Bypass
3-5 days (exploit code has about 400 LoC)
EMET 4.1 bypass
high effort (can't estimate real effort)
exploit code has about 5 000 LoC
Migrate EMET 4.1 bypass to 5.0
5 minutes (+4 LoC)
Only had to add parsing of two assembler instructions
Migrate EMET 5.0 bypass to 5.1
40 minutes (+10 LoC)
Scan-down of hooking approach was mitigated
Summary: workload
Full transcript