hacking toshiba laptopsq3k.org/slides-recon-2018.pdfofficial toshiba statement (from 2017-11-02)...
TRANSCRIPT
![Page 1: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/1.jpg)
Hacking Toshiba LaptopsOr how to mess up your firmware security
REcon Brussels 2018
![Page 2: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/2.jpg)
whoisSerge Bazanski
Freelancer in devops & (hardware) security.
Twitter: @q3k
IRC: q3k @ freenode.net
Michał Kowalczyk
Vice-captain @ Dragon Sector
Researcher @ Invisible Things Lab
Reverse engineer, amateur cryptanalyst
Twitter: @dsredford
IRC: Redford @ freenode.net
![Page 3: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/3.jpg)
Toshiba Portégé R100
Intel Pentium M 1 GHz256MB RAM
![Page 4: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/4.jpg)
But there’s a catch...
![Page 5: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/5.jpg)
Quite the catch, actually.CMOS clear jumper? None to be found.
Yank out the battery? Password still there.
Take a door key and pass it over the pins of things
that look like flash chips hopefully causing a
checksum failure and resetting the password?
Nice try. No luck, though.
![Page 6: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/6.jpg)
A-ha!
![Page 7: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/7.jpg)
BIOS analysis
![Page 8: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/8.jpg)
How to get the BIOS code?
Physical memory? Not with a locked-down laptop.
Dump of the flash chip? Ugh.
Unpack some updates? Let’s see.
![Page 9: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/9.jpg)
Unpacking the updates
https://support.toshiba.com/
![Page 10: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/10.jpg)
7-Zip
![Page 11: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/11.jpg)
+254 KB of compressed data
![Page 12: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/12.jpg)
DecompressionUnknown format
Default unpacker is a 16-bit EXE
There’s an alternative one, 32-bit!
![Page 13: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/13.jpg)
Decompression
BuIsFileCompressed
BuGetFileSize
BuDecodeFile
![Page 14: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/14.jpg)
DecompressionJust ~50 lines of C!
...
BuIsFileCompressed(compressed, &is_compressed);
if (is_compressed) {
BuDecodeFile(compressed, fsize, decompressed);
}
...
![Page 15: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/15.jpg)
The result
![Page 16: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/16.jpg)
Dumping the BIOS flash
![Page 17: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/17.jpg)
Where to start looking
![Page 18: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/18.jpg)
Chip Safari
RAM Flash Google it
![Page 19: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/19.jpg)
Interfacing to flash chips
In-circuit: test pads or protocol that permits
multi-master access
Out-of-circuit (?): desolder, attach to breakout/clip,
use main communication interface
![Page 20: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/20.jpg)
Custom breakout board
KiCAD (or $whatever, really) PCB design.
Thermal transfer for DIY PCB manufacturing.
Hot air gun to desolder, soldering station to
re-solder.
![Page 21: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/21.jpg)
Tools you’ll need
150eur 50eur
3eur
![Page 22: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/22.jpg)
Hackerspace25eur p/m + BYOB
![Page 23: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/23.jpg)
![Page 24: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/24.jpg)
FPGA board(Spartan 3E)
Flash
Kabelsalat
![Page 25: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/25.jpg)
![Page 26: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/26.jpg)
Breakout Board
Setup
FlashFPGADevboard
A/A Mux(~30 wires)PC UART
(2 wires)
Gimme block X
Data word
X * 1024 + 4
Data word
1kB of data
X * 1024
X * 1024 + …
Data word
![Page 27: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/27.jpg)
Breakout Board
Setup issues
FlashFPGADevboard
A/A Mux(~30 wires)PC UART
(2 wires)
Gimme block X
Data word
X * 1024 + 4
Data word
1kB of data
X * 1024
X * 1024 + …
Data wordForgot checksums
Mixed them up.
![Page 28: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/28.jpg)
But why the FPGA?
Using an FPGA was unnecessary - just needed a bunch of I/O.
Comparatively difficult to develop for. And to debug.
Should’ve gone for a uC with a bunch of I/O or with a multiplexer.
But at least now we know ¯\_(ツ)_/¯ .
![Page 29: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/29.jpg)
![Page 30: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/30.jpg)
BIOS code analysis
![Page 31: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/31.jpg)
How to start?CPU mode?
Entry point?
Memory map?
![Page 32: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/32.jpg)
CPU start“A hardware reset sets each processor’s registers to
a known state and places the processor in
real-address mode.”
Intel® 64 and IA-32 Architectures
Software Developer’s Manual Volume 3
![Page 33: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/33.jpg)
![Page 34: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/34.jpg)
CPU startWe start at the address:
CS:EIP = CS.Base + EIP = 0xFFFFFFF0
Real Mode ⇒ physical address. A20 enabled.
So, what’s there?
![Page 35: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/35.jpg)
Memory mappingNorthbridge: Intel Odem MCH-M
No info about that region ⇒ let’s check the
southbridge
![Page 36: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/36.jpg)
Memory mappingSouthbridge: Intel ICH4-M
FWH = Firmware Hub = BIOS flash
Out dump has exactly 0x80000 bytes!
![Page 37: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/37.jpg)
Even more mappings...
...
![Page 38: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/38.jpg)
Entry pointFFFFFFF0: jmp far FC00:3FA0
000FFFA0: jmp far FC00:00A2
000FC0A2: cli
000FC0A3: cld
000FC0A4: mov al, 2
000FC0A6: out 92h, al ; Enable A20
...
![Page 39: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/39.jpg)
BIOS RE: InitializationNo stack! (and also no RAM)
16-bit Protected Mode + Unreal Mode
Checksums
RAM initialization
Self-copying into RAM
![Page 40: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/40.jpg)
BIOS RE: Initialization
16-bit Protected Mode → segments!
We have to find and parse GDT
Only then we can analyze the code
![Page 41: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/41.jpg)
BIOS RE: The password check
![Page 42: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/42.jpg)
BIOS RE: The password checkEverything eventually lands up in one function
f(in_buf) → out_buf
After long analysis: all bytes are sent to I/O ports
62h and 66h
![Page 43: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/43.jpg)
BIOS RE: The password checkFrom the southbridge manual:
Table 6-2. Fixed I/O Ranges Decoded by Intel ICH4
![Page 44: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/44.jpg)
“Microcontroller”???
![Page 45: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/45.jpg)
EC/KBC
CPU
Intel Pentium M
Northbridge
Intel Odem
MCH-M
RAM
GPU
Trident XP4
Southbridge
Intel ICH4-M
HDD Audio
Ethernet
LPC
EC/KBC
Renesas
M306K9FC
LRP
Battery
Keyboard
PSC
Touchpad
BIOS
![Page 46: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/46.jpg)
EC: DumpHow to obtain the code?
Updates!
![Page 47: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/47.jpg)
EC: DumpNo updates available
BIOS changelog: nothing about the EC
Maybe a similar laptop model?
Portégé S100!
![Page 48: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/48.jpg)
EC: Updates
Inside: 3 update
blobs
(different versions)
![Page 49: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/49.jpg)
Uses ports 62h & 66h
Sends the 1st part (~2,5KB)
Sends the 2nd part (~100KB)
EC: Update installer
![Page 50: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/50.jpg)
EC: Update blobIt’s decoded inside EC - no code available :(
Let’s try some analysis!
![Page 51: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/51.jpg)
EC: Update blob - analysisHigh entropy ⇒ encryption or compression
No regularities in trigrams ⇒ encryption
Size always divisible by 8 ⇒ encryption
Longest repeated substring is short ⇒ if encryption,
then not ECB
![Page 52: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/52.jpg)
EC: Update blob - analysis
Looks like a dead-end...
![Page 53: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/53.jpg)
Serge, could you please desolder something again…?
![Page 54: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/54.jpg)
EC..?
![Page 55: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/55.jpg)
One last breakout later...
![Page 56: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/56.jpg)
Let’s dump this thing.
![Page 57: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/57.jpg)
EC: Programming Protocol
M16CProgrammer
SCLK
RXD
TXD
Busy
![Page 58: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/58.jpg)
EC: Programming Protocol
![Page 59: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/59.jpg)
EC: Programming ProtocolM16CProgrammer
Flash Page X?
Flash Page X
![Page 60: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/60.jpg)
Not so fast
![Page 61: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/61.jpg)
EC: Programming ProtocolM16CProgrammer
ID Check (K0...K6)
Status?
Status (Unlocked/locked)
Flash Page X?
Flash Page X
![Page 62: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/62.jpg)
Side channel attacks?
Fault injection?
![Page 63: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/63.jpg)
Not so fast.
![Page 64: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/64.jpg)
Software level ‘side’ channels
Hmm.An PIN unlock request does not result in any immediate success/failure transmission, but...
![Page 65: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/65.jpg)
EC: M16C bootloader bug
Let’s run some quick tests.
![Page 66: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/66.jpg)
EC: M16C bootloader bug
![Page 67: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/67.jpg)
EC: M16C bootloader bug
Byte
Res
pons
e tim
e (μ
s)
![Page 68: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/68.jpg)
Well that’s not good.
![Page 69: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/69.jpg)
EC: M16C Bootloader bugM16CProgrammer
ID Check - 00 FF FF FF FF FF FF
ID Check - 01 FF FF FF FF FF FF
ID Check - 02 FF FF FF FF FF FF
ID Check - .. FF FF FF FF FF FF
ID Check - FE FF FF FF FF FF FF
ID Check - FF FF FF FF FF FF FF
Response time measurement
Average time + 3μs
![Page 70: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/70.jpg)
EC: M16C Bootloader bugM16CProgrammer
ID Check - 00 FF FF FF FF FF FF
ID Check - 01 FF FF FF FF FF FF
ID Check - 02 FF FF FF FF FF FF
ID Check - .. FF FF FF FF FF FF
ID Check - FE FF FF FF FF FF FF
ID Check - FF FF FF FF FF FF FF
Response time measurement
Average time + 3μs
Ergo, the first byte of the key is 02.
![Page 71: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/71.jpg)
EC: M16C Bootloader bug
Thus, we can enumerate all bytes of the key one by one,
using the timing difference for each correct byte to
reduce our search to just 0x100*7 checks.
And we get the key.
![Page 72: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/72.jpg)
EC: M16C Bootloader bug
![Page 73: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/73.jpg)
EC: M16C Bootloader bug
FPGA(iCE40)
(EC)M16C
![Page 74: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/74.jpg)
EC: M16C Bootloader bug
PoC || GTFO
https://github.com/q3k/m16c-interface/
(note: doesn’t work for all M16Cs… yet)
![Page 75: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/75.jpg)
EC: RE
Code
(~700 functions)
R/O data
Crypto
Bootloader
![Page 76: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/76.jpg)
EC: REMuch simpler code than in the BIOS
No strings
We’re looking for LPC communication and
BIOS-call table
![Page 77: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/77.jpg)
EC: REFinding the table is easy
~100 different BIOS<->EC calls
We know the numbers of the interesting calls ⇒
let’s analyze the handlers!
Sounds easy…?
![Page 78: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/78.jpg)
EC: RE of the handlersManual context-switching
No common call convention
Handlers aren’t split into functions
Jumps to the middle of other functions
![Page 79: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/79.jpg)
Password check: BIOSout_buf = call_EC(
func=0x24,
in_buf=MD5(input)[:8] + pwd_type
)
out_buf[0] == 0 ⇒ success
![Page 80: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/80.jpg)
Password check: ECLet’s look at the handler on the EC side...
…6 levels down the call hierarchy:
BMGEU/C p6_4, p6
BSET pd6_4, pd6
JSR.W set_p6_5
JSR.W clear_p6_5
I/O on pins 40 & 41
![Page 81: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/81.jpg)
Password check: ECOh, come on... :(
![Page 82: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/82.jpg)
Password check: ECThis time it’s only an EEPROM :)
EC reads one block, decrypts it and compares with
the received MD5
![Page 83: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/83.jpg)
Challenge/ResponseScrew it, we’re looking for a universal attack
Let’s look at the challenge/response!
![Page 84: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/84.jpg)
Challenge: BIOSout_buf = call_EC(
func=0x1A,
in_buf=rdtsc() + MD5(pc_serial)[:8]
)
challenge = bytes_to_string(out_buf)
![Page 85: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/85.jpg)
Challenge: EC
7 random bytes
RDTSC
Checksum
PC_SERIAL_MD5
ENC
Entropy pool
DEC
CHALL 1 CHALL 2
![Page 86: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/86.jpg)
Response: BIOSout_buf = call_EC(
func=0x1B,
in_buf=string_to_bytes(user_input)
)
out_buf[0] ⇒ success/fail
![Page 87: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/87.jpg)
7 bytes CHK
DEC
DEC
RESP 1 RESP 2 PC_SERIAL_MD5
Verify
checksum
CHALL 2
ENC
== 0?
![Page 88: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/88.jpg)
EC: EncryptionENC? DEC?
![Page 89: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/89.jpg)
EC: EncryptionA custom 64-bit block cipher
ENCKEY A (256B) KEY B (128B)
INPUT (8B)
OUTPUT (8B)
![Page 90: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/90.jpg)
Challenge/ResponseWe just need to rewrite it in Python and ...
![Page 91: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/91.jpg)
DEMO!
![Page 92: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/92.jpg)
EC: Update systemLet’s decrypt the updates!
![Page 93: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/93.jpg)
EC: Update systemUh, symmetric signatures?
We can generate our own!
![Page 94: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/94.jpg)
So, how's it like on their newer laptops?
![Page 95: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/95.jpg)
If it ain’t broke, don’t fix it!
![Page 96: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/96.jpg)
(that applies to keys, too)
![Page 97: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/97.jpg)
Impact
Unlocking any (business) laptop.
Permanent rootkit in the EC.
We can attack the host from the EC.
![Page 98: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/98.jpg)
Rootkit in EC?
DMA to the host via LPC (not supported by this particular EC) .
Keylogging & storage.
USB-Rubber-Ducky-like (key/mouse injection).
BIOS exploitation via the internal API.
![Page 99: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/99.jpg)
Official Toshiba statement (from 2017-11-02)Toshiba is working on a temporary BIOS update that can be used to
prevent the security issue that has been raised and expects to release
this update on its website within the next 2 weeks.
Toshiba plans to start the release of a permanent fix for some models
from January, 2018 and will complete the releases of permanent fix for
all applicable models by the end of March 2018.
![Page 100: Hacking Toshiba Laptopsq3k.org/slides-recon-2018.pdfOfficial Toshiba statement (from 2017-11-02) Toshiba is working on a temporary BIOS update that can be used to prevent the security](https://reader030.vdocuments.net/reader030/viewer/2022040320/5e46da9d33f7ab0f0542ede3/html5/thumbnails/100.jpg)
Questions?
https://q3k.org/slides-recon-2018.pdf