Saturday, August 5, 2017

BHUSA2017: Intel AMT Stealth Breakthrough

Dmitriy Evdokimov, CTO Embedi
Aleander Ermolov, Security Researcher, Embedi
Maksim Malyutin, Security Researcher, Embedi

Presented by Donald Anderson and Dmitriy Evdokimov.

[Note: As a reminder, these are my notes. The opinions are generally of the presenter, unless specifically noted.]

The best known execution environments are Intel CPU and Intel ME. UEFI BIOS and Intel ME firmware (and a few other blobs) are system firmware. Ring 3 in the CPU is the least privileged (for user applications and the like), Ring 0 is the kernel and Ring -2 and Ring -3 have many more privileges. Intel ME is based on the MCU with ROM and SRAM, the most privileged and hidden execution environment. It has a runtime memory in DRAM, hidden from the CPU. It works even if the device is turned off, as long as there is power.
BlackHat 2017
There have been known issues with reverse engineering, which tend to fall into various categories: Unknown ME ROM contents, code is partially compressed with Huffman (dictionary is unknown), undocumented MEI communication protocol and inaccessible UMEI.

The main firmware components are the bringup module, kernel and drivers and services (to support timers, network, heci, ...)and applications that implements different Intel technologies: PTT and AMD, etc. Intel AMT features a web-interface, SOL, IDE-R, KVM. It is part of the vPro brand. Allows remote power on and other things. A very powerful tool.

Intel AMT can be accessed cia a network or a local interface.

How can this be attacked? When accessed through a regular we-browser, Intel AMT redirects us to a logon page and challenges us with a password. If you send the wrong password, you'll get an error. They snooped the packets to look at the authorization headers. They did a quick search on things like nonce, user, login, etc - found use of cnonce.  Discovered an issue with how strncmp() was used: if an empty string is given, strncmp() returns 0 which also means authentication success.

There is a vuln where an attacker can log in as admin user, as long as the right ports are open. Turned off devices can be attacked as well. This was previously released.

Intel has created a patch for this, provided to all OEM vendors and they have all made new firmware patches. As it's in the firmware, it requires manual updates from the user. There is Intel AMT code in all modern chips. There is an Intel MEI(HECI) that can be used to check the state of he Intel ME subsystem.

HECI is used to configure Intel AMT. HECI is based on DCMI-HI protocol. Message sent to Intel ME should contain the command description, groupID, command, and results.

Non-vPro systems do not have user interface for disable Intel AMT. Once it's activated, you're stuck.  After some reverse engineering, they found the commands for activation and the code to acknowledge. If you don't want/need Intel AMT, make sure you check often to make sure it is turned off.