Trusted Platform Module (TPM) is a standard for a secure cryptoprocessor. TPMs come in different flavors: there are discrete chips, integrated TPMs, firmware-based TPMs, and virtual TPMs. They provide a number of cryptographic features, such as generation and secure storage of cryptographic keys, symmetric and asymmetric encryption/decryption, digital signature generation/verification, and random number generation. Typical use cases include attestation of the boot process integrity, storage of disk encryption keys, and digital rights management.
The Trusted Computing Group (TCG), a nonprofit organization, is in charge of publishing and maintaining the TPM standard. As such, they provide a reference implementation of the TPM 2.0 specification. While auditing this reference implementation code, we discovered two vulnerabilities in the handling of encrypted parameters: an out-of-bounds write and an out-of-bounds read, which were assigned CVE-2023-1017 and CVE-2023-1018, respectively. Given that the bugs originate from the reference implementation, these two vulnerabilities propagated across multiple code bases and ended up affecting a wide range of vendors, from chip manufacturers to virtualization solutions and cloud computing providers. Among the impacted source trees we can mention the open source implementations of the TPM 2.0 standard published by Microsoft and IBM, as well as libtpms, an open source library providing software emulation of a Trusted Platform Module, which in turn is used by other free software projects, such as QEMU and VirtualBox, to provide a virtual TPM device for VMs.
We'll start this presentation by discussing how TPMs work, implementation details of the different virtual TPMs, and the internals of the protocol used to send TPM 2.0 commands. Then we'll go over the specifics of the two vulnerabilities we discovered, addressing the affected products as well as the possibilities for exploitation. Finally, we'll conclude the talk with some highlights of the complex, industry-wide disclosure process we conducted, in which numerous parties were involved.
During the boot of a PC, it is now common to have each stage involved in the booting process to store measurements of the next component to be loaded into a Trusted Platform Module (TPM), in order to keep a tamper-proof log of the boot chain.
Those measurements are then leveraged to seal secrets, e.g. a disk encryption key, or to report the state of the device to a remote server in a cryptographically secure way, using a procedure known as remote attestation.
Remote attestation has slowly gained traction over the last few years, most notably among cloud providers such as Azure, to guard access to online resources.
It is also a key element in validating Dynamic Root-of-Trust Measurements (DRTM), which reduce the Trusted Computing Base (TCB) compared to traditional UEFI-based boot chains,
but require a trusted third-party to validate the final state of the system.
Unfortunately, little progress has been made recently to enable individual users without access to server resources to reap the benefits of remote attestation.
This is particularly frustrating considering that almost everybody carries a small trusted server with them all the time: smartphones.
Building upon an idea by Matthew Garrett[^1], we introduce Ultrablue (User-friendly Lightweight TPM Remote Attestation over Bluetooth), a solution to securely inspect and validate a TPM event log from a phone.
Ultrablue consists of a command-line attester, running on a computer, and an Android graphical application, running on a trusted phone, communicating over encrypted Bluetooth low-energy (BLE).
Pairing the phone and computer is made easier and more secure through the use of a QR Code.
After a trust-on-first-use provisioning phase to enroll the computer on the phone, the phone can check that the boot chain has not been compromised in later boots.
Sample scripts and a self-contained virtual machine are also provided as a reference of how to integrate Ultrablue in the boot process to guard disk encryption by a secret delivered by the phone. A practical session will demonstrate this process during the conference.
Future work includes improving the user interface to inspect and validate unexpected event logs, adding support for more versatile verification policies,
and integrating Ultrablue into existing hardened systems such as Safeboot (safeboot.dev).
The Ultrablue project has been developped at ANSSI (ssi.gouv.fr) by Loïc Falkau--Buckwell, under the supervision of Nicolas Bouchinet and Gabriel Kerneis.
[^1]: Linux Conference Australia, 2020. https://www.youtube.com/watch?v=FobfM9S9xSI
EDK II is the public implementation of UEFI on which a large part of the OEMs rely to craft their own firmware. If a vulnerability were to be found in this project, it could become a huge problem as it could impact many devices. Or... It could be unimpressive and go totally unnoticed because nobody cares. ¯\_(ツ)_/¯
In this talk, we'll present a bug in EDK II which is difficult to leverage in real life but still quite fun to attack.
We'll see how we can build a complete exploit solely based on the mechanisms that are present in the public implementation and how we can gain arbitrary code execution in SMM thanks to that.
The ups and downs of a pentester who decided to daily drive Qubes OS as his working environment.
After 13 years, a new major release of the syslog-ng logging application is available. Previously, syslog-ng handled all data as text. Syslog-ng 4.0 can associate the proper type information with data parsed from log messages. You can use type information for comparisons within syslog-ng, and storing data to various destinations, like Elasticsearch or MongoDB. Type support enables more precise filtering and thus real-time security alerting in syslog-ng, and easier searching and reporting in databases. I give a quick overview of the major new syslog-ng 4 features and show with examples how these improve security at your organization.
Websites are a hellish mess and even when you're lucky enough to have a still-working URL they will often have widely different outcomes depending on your browser settings, your location and the instant you try to load it. This talk will show you a few examples and a complete suite of tools to integrate such an analysis in your day-to-day workflow.
The syslog-ng application is an enhanced logging daemon with a focus on portability and high-performance central log collection. It is used mainly by IT security professionals, but also in Ops and DevOps environments and by embedded developers. The syslog-ng workshop helps you take the first steps with syslog-ng, and shows how you can quickly get more information out of your logs and have greater insight into what happens on your network. Ideal for beginners, but covers advanced possibilities for seasoned syslog-ng users as well. It also introduces you to syslog-ng 4 changes, focusing on type support, and how it makes your work easier and broadens possibilities.
Existing tools like dnstwist or urlcrazy are useful for identifying typosquatting, but they don't allow users to choose a generation of variation with all possible algorithms. To address this, we created a library that compiles all possible variations for a domain name. But why stop there? We also developed a user-friendly website to make the tool accessible to everyone. And now, there's a possibility to look for package squatting on platform like pypi...
In this session, we will introduce the website and its functionalities, including all possible algorithms currently implemented in the library. Our library and website are both open source, and there is even an online version available to the public, as well as MISP integration. With these resources, there is no excuse for not protecting your organization from potential typosquatting domains.
In the last decades, the world connectivity has increased exponentially, and emails is one of the key indicator of this connectivity. In 2022, more than 340 billions emails were sent on average each day, an increase of about 5% in comparison to the preview year. Because the reach of emails is so broad, they have been in the recent years used more and more to perform a wide variety of cyber security attacks. On the one side, targeted attack such as spear-phishing or Business Email Comprise (BEC) can be disastrous for companies and are responsible for millions of dollar loss each year. These kind of attacks are usually fine tuned to deceive the victim, and thus very hard to detect with automation. Furthemore they are really sparse in comparison to other types of email attacks (1 in 100 000 emails). On the other side, spam and phishing campaigns are broad attacks that usually target large group of email address. Campaign attacks are typically composed of bulks of email sharing a similar template and sent en masse in the hope of hitting just a small fraction of their targets, prioritizing quantity of attack sent over quality of the attack (about 80% of emails sent every day are spam emails). For cybersecurity providers such as Vade, a challenge is to detect and block these campaigns as fast as possible. While emails in a campaign used to be the exact same and thus relatively easy to catch, attackers have been more and more keen to add noise and tricks to fool detection algorithms, while still maintaining the visual aspect of the email. This evolution has seen, as a consequence, an increase in interest for the nearest neighbor problem. The nearest neighbor problem (nnp) is an optimization problem that arise for many kind of data driven tools. In particular, detecting duplicate or near-duplicate document is a critical application of the nnp. A similarity search problem usually involves a large collection of object, each characterized by a set of features and re-presentable as points in high-dimensional attribute space. Given a document, we are queried to find its most similar documents in the database. This problem has been shown to be NP-complete, and as such is still unfeasible to solve in reasonable time
Data Mining, Darknet, and Social Network Monitoring are critical components of modern threat intelligence and security operations. The AIL Project is an open source framework designed to collect, crawl, dig, and analyze unstructured data from various sources. With its extensible Python-based framework, AIL can analyze unstructured data collected via an advanced Crawler manager or from different feeders such as PasteBin-alike sites, Twitter, Discord, Telegram Stream providers, or custom feeders.
AIL supports active crawling of Tor hidden services, protected websites and forums with pre-recorded session cookies. Its modular design allows for easy contribution and extension, enabling the addition of new Analyzer modules, feeders, or streams without the need to know the inner workings. The framework also has integrations with other open source projects such as MISP or cve-search.
This presentation will focus on the latest version of the AIL framework (v5.0) and its new features. Attendees will learn about the following:
- An overview of the modular design of AIL and its extensibility through Analyzer modules, feeders, and exporters.
- Demonstrations of how the new features can be used in practice, including practical examples of investigating Tor hidden services and other sources of data.
- Best practices for data collection and analysis with AIL, including performance optimization techniques and integration with other open source projects such as MISP.
Join us for this exciting presentation and learn how AIL can help you with your data analysis and threat detection needs.
https://github.com/ail-project/
https://github.com/ail-project/ail-framework
Reproducible research is generally speaking a good idea we all agree on, but can be a bit of a nightmare when dealing with hardware -- and actually, even software. In this presentation, I will talk about reproducibility in the context of academic security, and more precisely the reproducibility of attacks on micro-architecture.
In a first part, we will see the limits of "just sharing code" in terms of reproducible research. In a second part, we will explore the good, the bad, and the ugly of trying to reproduce micro-architectural attacks. Finally, we will discuss a great (and quite recent) initiative of academic security conferences: artifact evaluation.
Rust is an increasingly popular systems programming language, especially thanks to its memory safety guarantees and more general focus on safety.
This talk will give an overview of where it stands regarding the software supply-chain security challenges, including vulnerability management across the ecosystem, dedicated tooling and integration into larger efforts (OpenSSF projects, etc.)
It will cover the topic from both an internal (as a member of the Rust Secure Code WG) and an external (as a software editor using Rust) point of view.
The last few years have seen a significant raise in Supply Chain attacks targeting third party software used in larger projects. With the need for developers to attest of the integrity and provenance of their software dependencies, alternatives have emerged to make tracing software back to the source more accessible, without a need for specific knowledge of cryptographic protocols used for generating and verifying artifact signatures.
Project Sigstore (https://www.sigstore.dev/) is a new standard for signing, verifying and protecting software. This talk will provide an introduction to Sigstore, explaining the different components the project is built upon and how developers can use it to sign and verify software artifacts (software packages, container images...) in a secure way. Notably, Sigstore solves the issue of private key storage and management by implementing "keyless" signing, where users can generate ephemeral key pairs and sign an artifact using an identity provider such as GitHub, Microsoft or Google.
Hashlookup aim is to index the hashes of all the published and released software. It crawls and indexes the hashes from many different public sources which include Linux distributions, operating systems such as Windows or alternative distributions. The goal is provide a fast and efficient way for analysts, digital forensic investigators and security researchers contextual information about published software. hashlookup goal is to support digital forensic investigation but also the review of software supply chain and distribution channels.
Nowadays structured firmwares can be a complete OS with thousands of files. It usually requires several hours to find the links between some components, and it is easy to get lost in this mass of information.
This talk will introduce how we have combined and extended already existing open-source solutions to solve this issue and help reversers in their daily tasks. The resulting tool, Pyrrha, allows users to visualize the different binaries and libraries of the firmware and their interactions in the form of several dependency graphs.
AI tools have broken out spectacularly in 2022, offering image generation, video upscaling, text completion, and much more.
The recent release of OpenAI's ChatGPT led researchers to discover that the new language model had unexpected security engineering capabilities. In particular, this talk explores the use of the davinci-003 model to automatically comment decompiled functions and suggest new names for their variables.
This led to the creation of Gepetto, an IDA Pro plugin that extracts information from the tool and submits it into OpenAI's API to speed up the analysis dramatically for the rough equivalent of 1$ per day.
The plugin's code is available here: https://github.com/JusticeRage/Gepetto
Scapy (https://www.scapy.net & https://github.com/secdev/scapy) is a powerful Python-based interactive packet manipulation program and library. It can be used to forge or decode packets for a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more.
Local file inclusion methods in PHP evolved through time, there are 2 main objectives when exploiting them:
- Getting a remote code execution by including files containing PHP via include() or require() functions.
- Leak local files such as PHP sources or configuration files via file_get_contents() or file() functions for example.
In the past, the following requirements had to be met to exploit a local file inclusion.
To exploit a remote code execution you could inject information in log files and include them, or control a variable in your PHP session to poison the session file. But in most cases, you needed to be able to upload a file on the system.
To leak local files, it was required to either fully control the path pointing to the file to leak, or to have a path traversal to go up in the file tree. Most importantly, it was mandatory for the server to send you back its content in the response.
In both cases, the affected functions support several wrappers, the most iconic being file:// which is a prefix before a file path. Other wrappers such as php://filter can be passed on these methods and for example it was well known to allow leaking PHP sources by base64 encoding them (ex : php://filter/convert.base64-encode/resource=index.php).
In a 2021 CTF write-up by loknop , this wrapper was actually proven to be much more useful. Indeed, it allows setting the encoding of contents passing through it, and most importantly to chain an infinite number of encodings leading to the generation of arbitrary data at the start of a file. In this presentation, the full process will be explained with examples allowing, for instance, to generate interesting prefixes to a file content, such as '<?php system("id"); ?>', therefore removing the need to have a file upload when exploiting include() or require() functions to get remote code execution (if the full path is controlled).
In 2022, hash_kitten showed that it was also possible to use PHP filters chain as an error-base oracle when used in many built-in functions, such as file_get_contents(). Its method chains encodings that will make the content size of a file exponential, triggering a PHP memory_limit exhaustion. By using other filters, the first character of the file content can also be determined. By using other encodings it is also possible to rotate the chain order to retrieve characters that are located further away in the content.
Using this error-based oracle, it is therefore possible to leak the entire file content without having PHP to serve it in a server response.
Over the last few years, the popularity of proving systems based on zkSNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge) has risen, typically due to real-world use cases such as private authentication, private set membership, proofs of correct execution by a non-trusted entity and more.
There are different proving systems that have been proposed in the last 5-7 years (Groth16, Marlin, PLONK, TurboPLONK, etc.), with their primary objectives being reducing the size of the proof, reducing the proving/verifying time and minimizing the need for a trusted setup. Further, there are different ways to implement zkSNARKs, but the common idea behind all of them is that the construction has to be represented in an arithmetic circuit on top of a finite field. This is possible using domain-specific languages (DSLs) such as Circom or Leo, or using a library such as gnark, Halo2 or arkworks-rs.
In the aforementioned applications, typically, encryption and hashing operations are needed. However, the performance of traditional designs such as AES or BLAKE2 is not optimal in circuits. This has led to the apparition of arithmetization-oriented constructions for hashing and encryption. Moreover, the Sponge API for Field Elements (SAFE API) has been recently proposed, which can be used to create different cryptographic primitives for zkSNARK circuits using the sponge construction. In many cases, the performance of this type of constructions and the difficulty of implementing them using modern libraries for creating circuits has not been evaluated.
In this talk, we present zekrom, an open-source library of arithmetization-oriented constructions for zkSNARK circuits. The goal of zekrom is to analyze the performance of novel constructions for circuits using modern libraries such as arkworks-rs and Halo2 and frameworks such as the SAFE API. Other goals of zekrom are: 1) to provide recently proposed arithmetization-oriented constructions for creating privacy-friendly applications based on zero-knowledge proofs, 2) to help developers by providing tools to generate the type of parameters that this type of constructions require, and 3) to provide a reusable implementation of the SAFE API that can be easily adapted to new proposed permutations for circuits. Finally, in our talk, we'll describe the obstacles we have found when implementing this type of construction.
Edition of DER encoded ASN.1 structures is a pretty tedious work when done manually.
Solutions to this problem exist. For instance, der-ascii [0] is a tool written in Go that helps with back and forth conversions from/to DER structures to/from a textual representation using a custom defined language.
I present a somehow short Perl script [1] that leverages the OpenSSL configuration language along with the ASN1_generate_nconf(3) function in order to achieve the same goal with almost no dependencies apart from Perl and OpenSSL.
This tool can be used to ease the exploitation of CVE-2022-0778 [2] & [3].
[0] https://github.com/google/der-ascii
[1] https://github.com/wllm-rbnt/asn1template
[2] https://www.openssl.org/news/secadv/20220315.txt
[3] https://github.com/drago-96/CVE-2022-0778#using-asn1-templates
Ensuring the seamless flow of threat intelligence between sharing communities, CTI pipelines, and detection engineering teams heavily relies on the interoperability of CTI standards.
To achieve this, the misp-stix Python library (>=3.8) was developed and specifically designed to handle all conversions between the MISP standard format and STIX formats.
This library serves as a versatile and comprehensive solution that addresses the challenges faced in CTI standard conversion.
In this talk, we will discuss the implementation of misp-stix, which provides a generic Python library that supports various formats and conversions.
We often use Wireshark to analyze Windows and Active Directory network protocols, especially those juicy RPC! But we are often interrupted in our enthusiasm by the payload dissected as “encrypted stub data”. Until we discover that Wireshark has a helpful feature to decrypt this traffic, which is protected by secrets derived from the prior Kerberos or NTLM authentication. We will briefly describe the theory and show in practice how to configure Wireshark, and fill the required keytab file, so this “encrypted stub data” gets decrypted. This feature will offer you more visibility into those protocols in your future network analysis sessions (security research, network forensics, etc.)
Suricata can be used to provide visibility and build detection of lateral movement in Windows environment using dedicated signatures or analysis of network security monitoring data. The talk will provide practical methods to increase visibility and provide detection of attacks.
Despite strong public statements that they want "a safer internet for everyone", many states appear to be double-dealing in the cyber-space and engage in the very activities they discourage. In order to convince decision-makers to genuinely discuss acceptable behavior in the cyberspace, we need to give up on moral arguments and focus on pragmatic reasons to favor defense. But the incentives towards offense may just be too strong.