0wning Vista from the boot
The VBootkit authors speak out
Interview Federico Biancuzzi interviews Nitin and Vipin Kumar, authors of VBootkit, a rootkit that is able to load from Windows Vista boot-sectors. They discuss the "features" of their code, the support of the various versions of Vista, the possibility to place it inside the BIOS (it needs around 1,500 bytes), and the chance to use it to bypass Vista's product activation or avoid DRM.
Could you introduce yourselves?
Nitin Kumar: I am a 23-year-old graduate from India. I am passionate about computers. The best part about me is that I never give up something till I give a try to it. I like coding in C and asm. I like Reverse Engineering. In free time I usually pick up something and try to understand that. Vista is new and have many new security features, so we thought of creating something for Vista.
Vipin Kumar: I am a 22-year-old graduate from India. I like analysing OSes (mainly the internals , kernel stuff etc) and testing OS and network security. Our coding stuff includes development of bootkit, vbootkit and numerous shell-codes and lots of Windows stuff.
For money, we also go for vulnerability assessments, security audits, etc. Life is not easy for us, so we struggle/work a lot to have some hardware like many other guys out there. Feel free to contact us if you need us.
What is Vbootkit?
Nitin & Vipin: Vbootkit is much like a door or a shortcut to access vista's kernel.
A bootkit is a rootkit that is able to load from a boot-sectors (master boot record, CD , PXE , floppies etc) and persist in memory all the way through the transition to protected mode and the startup of the OS. It's a very interesting type of rootkit. All rootkits install when the OS is running because they use the OS' features to load (and also they use the Administrator privileges to install), but bootkits are different, they use the boot media to attack the OS , and thus survive. Vbootkit is a bootkit specific for Windows Vista.
It's a total in-Ram concept. So, it doesn't touch the hard-disk under any condition and thus leaves no proofs. Just give a reboot to a vbootkit running system, and it vanishes just as it was never here.
What 'features' does it provide to Windows users?
Nitin & Vipin: At the moment, it doesn't really provide features to the users. It's just a Proof-of-Concept, that such an attack vector exists which can be used to circumvent the full security of the OS, without being easily traceable.
At the moment it can do a few things which are:
- It periodically raises cmd.exe's privilege to SYSTEM after every few seconds.
- Modify Registry so as to start the telnet server automatically
- Create a user mode thread and deliver the user mode payloads in context of a system(protected) process (LSASS.EXE, Winlogon.exe etc)
Basically, it can do ANYTHING what the user programs it to do, since vbootkit becomes part of the kernel, it can do anything that Vista's kernel can do.
Does it work on all the versions of Windows Vista?
Nitin & Vipin: Yes, It should work with almost all Vista releases, even localised ones, but it will need a little bit of fine tuning. Most probably, it will support Vista Pack 1, but hey this is only a guess.
Have you released your code online?
Nitin & Vipin: No, we haven't released the code for vbootkit, but we have provided binaries to a few antivirus vendors.
However, you can download previous versions of bootkit (which runs on Windows 2000/XP/2003) from the our site. Even source code is provided.
What was the anti-virus vendors' response?
Nitin & Vipin: Nowadays, many anti-virus solutions don't scan for boot stuff. We got no official response. Whether they are gonna implement it once again or not! But they are interested in our binaries...
How can an attacker deploy it?
Nitin & Vipin: An attacker doesn't need to install, that's the way it has been designed. Just boot the system by placing the vbootkit media (containing vbootkit in bootsectors) in the drive, and start booting. After Vista boots, you can verify that you are running vbootkit, by checking the privilege of any running cmd.exe, the sample converts all low-privileged cmd.exe process to SYSTEM privileges. It also supports system compromise via PXE booting.
It doesn't need any privileges only physical access to the machine. It can also be installed to a remote system under some conditions (without physical access).
Have you developed a persistent version too?
Nitin & Vipin: It was basically designed to run from CD, Flash drives and portable HDD. However, such versions were not persistent, so if the system rebooted, they were gone. So, during development we also worked on a persistent version, meaning it would attach to MBR of the hard-disk. Attaching means we will copy the original MBR to some-other location, and thus replace the MBR. So, when the System starts now, vbootkit awakes from MBR, it bootstraps itself (since it is larger than 446 bytes), then loads the original MBR and thus normal booting continues.
As far as someone using other boot managers, it has no effect on almost 99% of such systems, because it doesn't replace the original boot process, it only inserts itself into it.
Is it small enough to fit inside BIOS flash memory?
Nitin & Vipin: Definitely, It's just about 1500 bytes in size. It can be reduced further. Todays BIOSes are big in size, therefore, it can easily hide in there.
How does vbootkit work?
Nitin & Vipin: A small summary:
BIOS --> Vbootkit code(from CD,PXE etc.) --> MBR --> NT Boot sector --> Windows Boot manager --> Windows Loader --> Vista Kernel.
Just after vbootkit takes control, it hijacks the interrupt 13, then searches for Signature for Vista OS. After detecting Vista, it starts patching Vista, meanwhile hiding itself (in smaller chunks at different memory locations). The patches includes bypassing several protections such as checksum, digital signature verification etc, and takes steps to keep itself in control, while boot process continues to phase 2.
Phase 2 includes patching vista kernel, so as vbootkit maintains control over the system till the system reboots. Several protection schemes of Vista were analyzed such as the famous PE header checksum (every Windows EXE contains it), the Digital Signature of files.
So, you have vbootkit loaded in Vista's Kernel.
Can your vbootkit be used to avoid the DRM ?
Nitin & Vipin: Yes, the vbootkit can be modified to bypass the DRM stuff. Since the DRM has been implemented in such a way, so as if unsigned drivers are loaded, then DRM will not let you play the content. What vbootkit does is let you load code without the OS knowing that it has been compromised, and thus the vbootkit can be misused to bypass DRM.
What other things can vbootkit be used to do...
Nitin & Vipin: vbootkit can be used to to create the long dead boot sector virus. Even some anti-virus vendors have stopped detecting boot sector viruses. It can revive the viruses.
Just imagine the following scenarios.
Suppose vbootkit is running on a computer and someone plugs-in a USB storage device (vbootkit will copy itself to the boot sector of the new device), now whenever mistakenly the USB devices boots up, it gonna attach to the boot process of new system and thus, it can flow from system to system and the legend continues
Now, just take another interesting scenario. vbootkit is running on a system in a company, it captures all MAC address, and at 00:00, in the silence of the midnight, the vbootkit system starts remote booting, and delivers the vbootkit code as boot code though PXE, so slowly and steadily, the whole organization gets going on vbootkit...
It can also be used to implement backdoors (both local and remote), just an idea. Basically, it can do anything you can imagine (that vista could do).
How can vbootkit be spotted once it is running in a system?
Nitin & Vipin: In the current versions, it shows our signature at OS selection time (Boot menu). Secondly, we have added vbootkit signature into the kernel memory, so a physical dump, or a kernel scan will be able to find it.
How would you modify it if you wanted to make it as "invisible" as possible?
Nitin & Vipin: Removing all the signatures from boot menu and memory locations. Invisibility and detection in rootkits/bootkits is a continuous game of modifying your tools to defeat the other.
How was vbootkit developed?
Nitin & Vipin: Last year during pentesting a client, we needed something that could load our code in kernel, without touching hard-disk.
This started bootkit development. We developed a bootkit for the complete family of Windows NT (including 2000 /XP/ 2003 except Windows NT itself). Then Vista RC1 arrived, since it contained a brand new OS loading mechanism (the boot process is completely different from previous versions), we started analyzing Vista. The process included studying Vista's MBR, NT Boot sector, Boot manager (Bootmgr.exe), Windows Loader (Winload.exe) and Vista's Kernel (NTOSKRNL.EXE). Several kernel-land shell codes were developed to be used as a payload in different scenarios.
Why haven't you released the source code yet?
Nitin & Vipin: We don't want someone to misuse it.We want to show that an attack vector like vbootkit can be used to circumvent whole kernel protections.
Do you need any particular hardware feature?
Nitin & Vipin: No, it doesn't need any particular hardware or cpu capable of virtualization.
What does it patch exactly?
Nitin & Vipin: Mainly we patch the windows boot manager, the windows loader, and the vista kernel.
In the reboot persistent version of vbootkit we also patch MBR. It patches few security checks such as PE security patch, digital signature patch and other patches to maintain control of the boot process. If we miss any patch system won't boot at all.
Please tell us more about the code you had to modify, the shellcodes you developed, and the code that runs when the system is loaded.
Nitin & Vipin: The code modifications are done for the security checks. For example, the PE checksum, since we modify files in memory, they should pass through checks, so, we calculate the new checksum and put it in place.
We have to modify the Vista kernel to keep ourselves in control. The modification lets us stay in spare parts of the kernel, and then we dispatch our payload, which is a shellcode which keeps on escalating commands to System privileges. We also have other kernel land shellcodes such as registry modifications to start the telnet server.
The POC video shows a privilege escalation shellcode. It is just another thread which finds cmd's, escalates them and then sleeps for another 30 secs, so that no noticeable performance loss occurs. The shellcode has negligible affect on system performance.
How much does Vbootkit affect the performance of the system?
Nitin & Vipin: vbootkit has a very little affect on the performance (less than .01%). This is because it doesn't execute at all times, it works, sleeps, awakes, completes work, sleeps and so on (by the way, sleeping doesn't take much CPU cycles).
In the proof of concept videos, Vista is running in vmware on our 4 years old Pentium-IV 2.00Ghz, 512 Ram, 40 Gb hard-disk, Geforce2 MX 400 graphics card. That is why it seems slow :)
Are you taking advantage of a bug in Vista to launch your attack?
Nitin & Vipin: We can't say that we exploited a bug in Vista's kernel (at least related to this scenario). We just created a tunnel to Vista's kernel which doesn't have any protection barriers. Therefore restores full control of the machine to the user.
Could you use vbootkit to bypass Vista's product activation?
Nitin & Vipin: Yes, It can be programmed to bypass Vista's product activation.
Have you had any contact with Microsoft about this?
Nitin & Vipin: We don't have any official contact. But we have discussed this with several Microsoft guys.
What is your suggestion to fight bootkits?
Nitin & Vipin: Software only protections are not enough to protect from bootkits. The only protection available is from hardware (Trusted Platform Module).
Microsoft can just raise the barrier for bootkits by changing algorithms, but there can be no real protection from bootkits using only software methods. Use Secure Boot (TPM).
Would you like to add something?
Nitin & Vipin: The beauty of VBootkit lies in the fact that it isn't about someone else controlling your machine. It's about you controlling your own machine, so you can run software of your choosing. Vbootkit gives control back to the user.
This article originally appeared in Security Focus.
Copyright © 2007, SecurityFocus
Federico Biancuzzi is freelancer. In addition to SecurityFocus he also writes for ONLamp, LinuxDevCenter, and NewsForge.