Beruflich Dokumente
Kultur Dokumente
January 2018
Shahar Tal a.k.a. @jifa, VP Research
Gil Kaminker, Android Research Team Leader
1
Digital evidence
Key to most investigations today.
Mobile devices contain crucial evidence to investigate crime.
Often make or break a case.
2
Cellebrite – for a safer world
We understand and master Digital Intelligence
Support Law Enforcement agencies protecting our communities
We allow extraction, decoding, and advanced analysis of data
We bring truth to light
3
Guess the chart
4
World-wide Smartphone Market Q2 2017
22%
55%
12%
11%
5
Back to basics
Extraction 101
6
Extraction types
Nand Device Partition File Record
7
The Lock-Screen
The Mobile Forensics
Game-changer (2010)
8
Lock screen adoption
100%
90%
80% 71%
70%
60%
60%
49%
50%
40%
30%
20%
10%
0%
Android 5 (Lollipop) Android 6 (Marshmallow) Android 7 (Nougat)
9
Samsung Galaxy S7
10
Samsung Galaxy S7
11
Full Disk Encryption From Android 6.0 CDD:
For device implementations supporting full-
The Mobile Forensics
disk encryption and with Advanced
Game-changer (2015) Encryption Standard (AES) crypto
performance above 50MiB/sec, the full-disk
encryption MUST be enabled by default at
the time the user has completed the out-of-
box setup experience.
12
Encryption adoption
100%
90%
78%
80%
70%
60%
50%
40%
30% 24%
20%
10% 2%
0%
Android 5 (Lollipop) Android 6 (Marshmallow) Android 7 (Nougat)
13
Encryption effects
JTAG/ISP/Chip-off methods – out of the window.
“Secure Startup” == requires more work
14
Growing Awareness
Dramatic security improvements
Frequent patching and OS updates
15
1-day Vulnerabilities
Very rare.
16
Extracting the ZTE Zmax Pro
17
Plan
Find a unique feature
Make it extract data
Save the world
18
ZTE Diagnostics mode (DFU)
Pressing Vol+&Vol- on boot enters DFU
Exposing a VCOM connection over USB
Sahara?
19
What is EDL?
Qualcomm Emergency Download Mode (aka QDLoader 9008)
A rescue mode - exposed when a device can’t boot
• As a VCOM Connection over USB
20
What is EDL?
A permanent mechanism in the PBL
21
What is EDL?
Support tools available (QPST/QFIL)
22
Regular unbrick/extraction flow
Enter EDL
Upload Programmer
Programmer Actions
Flash partitions Read data
23
A less generic plan
Enter DFU
Upload a programmer
Extract the data
Save the world
24
Zmax Pro - Extraction flow
Enter DFU
Upload Programmer
Programmer Actions
Read data
25
From DFU to EDL
DFU is not enough
Exposes a limited Sahara protocol
• Some features are not accessible
• Can’t Upload a programmer or issue special commands
This code resides in the bootloader (SBL)
From DFU to EDL
From DFU to EDL
A weird command is spotted
A special magic packet in Sahara does something undocumented
From DFU to EDL
A solid plan
Enter DFU
Switch to EDL
Upload a programmer
Extract the data
Save the world
30
Uploading a programmer (“firehose”)
A Programmer is a simple ELF image that is loaded with the Sahara protocol in EDL
After uploaded, the programmer can interact with the eMMC chip
We found programmers that seem HW compatible but none of them worked properly
Maybe it is not that easy to just upload code to a device?
31
Qualcomm Secure Boot
All components are signed ELF images, verified when loaded
Android
32
Qualcomm Secure Boot
Root Key Hash (PK_HASH)
Root of the chain of trust
Stored in eFuse
Set by vendors
33
Matching a programmer
We need to find a matching programmer
An original signed programmer for a specific vendor & device
Sahara protocol command mode
Sahara has a special mode to perform actions other than upload
Can also read certificate identifiers from the device
Certificate identifiers
Ensure that the programmer matches the device
PK_HASH (Root Key Hash)
HW_ID (Mapped to a chipset, OEM and model IDs)
Oneplus3 as an example
The programmer is available online for unbrick purposes
The PK_HASH and HW_ID calculated from the programmer match those retrieved from the device
34
Matching a programmer
35
A less generic plan, revisited
Enter DFU
Switch to EDL
Upload a matching programmer
Extract the data
Save the world
36
Zmax Pro - extraction flow
Enter EDL
Upload Programmer
Programmer Actions
Read data
37
Uploading a programmer
No matching signed programmer was found
Qualcomm Secure Boot requires a specifically signed programmer!
38
A more ambitious plan
Enter DFU
Switch to EDL
Run code in SBL
Extract the data
Save the world
39
Sahara state machine
Wait_memory_read
Mode MEMORY_DEBUG
Got Hello Mode
Wait_hello_resp Resp Mode? Data_elf_header
IMAGE_TX_PENDING
or IMAGE_TX_COMPLETE
Got Valid Header
Mode COMMAND
Data_elf_prog_hdr
Wait_cmd_exec
Got Valid Program Header
Send Get command, prepare answer
Answer Data_elf_segments
Wait_cmd_exec_data
Got Valid Image
Wait_done
Execute programmer
Bug hunting
The code is *very* well written:
Initializing variables when declared and right before using them
Adding nulls to end of string buffers before using them
No use of dynamic memory
(almost) no use of loops in parsing
Size/length verification
Overflow checks right before using values
Range checks for addresses
The protocol host is the phone, not the PC
Reading only the minimum amount of data needed
41
“Difficult is only in bread.”
eMMC TZ/QSEE
Enter DFU
Switch to EDL
Exploit the PBL
Extract the data
Save the world
44
TL;DR
The PBL had an older (less secure) version of the
Sahara implementation
A bug Sahara
45
Run code
Problem
We can’t write to the code section to patch the code
We can’t execute code from the data section
Solution
Write a shellcode to an empty RAM area
Build a ROP chain
Disable XN bit for the shellcode’s page
Jump to shellcode
Zmax Pro - extraction flow
Enter EDL
Upload Programmer
Programmer Actions
Read data
47
A more ambitious plan in reality
Enter DFU
Switch to EDL
Exploit the PBL
Exploit TZ to Retrieve Encryption Key
Extract data
Decrypt data
Save the world
48
Thanks to…
Nadav
Ben & Dror
49
Questions?
Thank you!
Shahar Tal @jifa
Gil Kaminker
50