Although bootkit technology isn’t new, it plays an important role nowadays in attack scenarios against the Microsoft Windows 64-bit platform. Currently more and more sophisticated threats rely on bootkit components to bypass OS security mechanisms and load kernel-mode driver into the system by stealth. Such notorious in-the-wild threats like Win64/Olmarik (TDL4), Win64/Olmasco (MaxSS) and Win64/Rovnix employ bootkit technology so as to be loaded before the operating system is and, thus, are able to bypass Microsoft’s Kernel-Mode Code Signing Policy.
In this presentation we are going to perform in-depth, low-level reverse engineering of the latest modification of the Win64/Rovnix bootkit. The malware is chosen in preference to others due to its noteworthy implementation details (tracing the OS bootloader and kernel, for instance) and its somewhat unusual approach to installing the bootkit component in the system – that is, patching OS bootstrap code. We will start with an overview of bootkit design principles: main modules, their interconnection with each other, ways to receive control before OS kernel and which hooks are necessary to setup in a preboot environment in order to disable security mechanisms so as to be able to load a payload module. We will also enumerate major obstacles that bootkit have to deal with to successfully stay active in the system until the payload receives control. Furthermore, we will concentrate on Win64/Rovnix bootkit implementation details, namely: infected VBR layout, tracing the OS kernel using debugging registers, surviving execution mode switching and loading a kernel-mode driver into system address space. We will look at the OS boot loader and kernel internals that are abused by the bootkit. There will be some live demos of debugging Win64/Rovnix with the disassembler IDA Pro and the Bochs emulator. In the end of the talk, some bootkit prevention techniques are considered. We will analyze implementation details of new features appearing in the Windows 8 operating system such as Secure Boot and the early anti-malware launch module, which are intended to protect the system from bootkit threats.
5. Why?
Why there is a return to bootkit technology nowadays
Microsoft kernel-mode code signing policy
• loading unsigned kernel-mode driver
High level of stealth
• there are no malicious files in the file system
High degree of survival
• difficult to detect and remove
Ability to disable security software
• the malware is launched before security software
6. How?
Bootkits in the wild:
Infecting:
MBR (Master Boot Record)
VBR (Volume Boot Record)
Proof of Concept Bootkits:
Infecting UEFI
8. Boot process
Description of OS boot process:
protected mode without paging
BIOS Kernel
MBR VBR bootmgr winload.exe
initialization initialization
protected mode
real mode
with paging
bootmgr interface
BIOS interface
11. Hidden Storage Architecture
Applications Malware payload
user-mode address space
kernel-mode address space
Malicious kernel-mode driver
File system interface
OS File system driver
Physical storage interface
OS storage device driver stack
Hidden FS
Hard drive area
24. Rovnix Architecture
Dropper
Infected VBR
Kernel-mode
driver x86
Payload x86
Kernel-mode
driver x64
Payload x64
25. Installation Into the System
Check administrative privileges
Check OS version
Locate free space on the hard drive to store
kernel-mode driver & hidden FS image
Store the driver & hidden FS image in the
located area.
Overwrite bootstrap code of the active
partition with malicious one
30. Decrypted VBR code
Hook BIOS int 13h handler
intercept hard drive I/O requests patch bootmgr system module
Hook BIOS int 15h handler
intercept memory map requests protect its memory location
Decompress & Restore Original VBR
continue normal boot process
31. Hooking BIOS int 15h Handler
Used by operating system to System memory
query system address map.
Protected
Abused by malicious VBR to memory
Malicious VBR
protect its memory region from
allocation by OS
Interrupt vectors
Int 15h handler address
Int 13h handler address
32. Surviving Execution Mode Switching
To be able to survive processor execution mode
switching the malware:
detects execution mode switching operation in bootmgr
patches bootmgr right before switching into protected mode
copies itself over the last half of IDT (which isn’t used by OS)
33. Surviving Execution Mode Switching
To be able to survive processor execution mode
switching the malware:
detects execution mode switching operation in bootmgr
patches bootmgr right before switching into protected mode
copies itself over the last half of IDT (which isn’t used by OS)
34. Surviving Execution Mode Switching
To be able to survive processor execution mode
switching the malware:
detects execution mode switching operation in bootmgr
patches bootmgr right before switching into protected mode
copies itself over the last half of IDT (which isn’t used by OS)
35. Surviving Execution Mode Switching
To be able to survive processor execution mode
switching the malware:
detects execution mode switching operation in bootmgr
patches bootmgr right before switching into protected mode
copies itself over the last half of IDT (which isn’t used by OS)
36. Loading Kernel-mode Driver
To be able to load unsigned kernel-mode driver Rovnix:
• Waits until kernel-mode memory manager is properly initialized:
Sets up hardware breakpoint
• Allocates memory buffer in kernel-mode address space to store the
driver:
Calls BlAllocateAlignedDescriptor system routine to allocate memory
buffer
• Inserts corresponding structure in BootDriverList of KeLoaderBlock.
The driver receives control during boot start drivers initialization
38. Hidden Storage Layout
• Rovnix bootkit employs modification of FAT16 for hidden partition
• Hidden partition & kernel-mode driver are written either:
before first partition on the disk – if there is more than 2000 (1 Mb)
free sectors
In the end of the hard drive otherwise
MBR VBR Bootstrap Code File System Data
Before Infecting
Compressed After Infecting
Data
Malicious
Malicious Bootstrap Hidden
MBR VBR File System Data Unsigned
Code Code Partition
Driver
NTFS bootstrap code
(15 sectors)
39. Hidden Storage Layout
• Rovnix bootkit employs modification of FAT16 for hidden partition
• Hidden partition & kernel-mode driver are written either:
before first partition on the disk – if there is more than 2000 (1 Mb)
free sectors
In the end of the hard drive otherwise
MBR VBR Bootstrap Code File System Data
Before Infecting
Compressed After Infecting
Data
Malicious
Malicious Bootstrap Hidden
MBR VBR File System Data Unsigned
Code Code Partition
Driver
NTFS bootstrap code
(15 sectors)
40. Self-defense Mechanisms
To be able to protect VBR & Hidden file system Rovnix bootkit hooks
IRP_MJ_INTERNAL_DEVICE_CONTROL handler:
DriverObject
Device Storage miniport
Harddisk0DR0 driver object
Attached to
MajorFunction
...
IRP_MJ_INTERNAL_DEVICE_CONTROL
Attached to
Lowest device
object
41. Self-defense Mechanisms
To be able to protect VBR & Hidden file system Rovnix bootkit hooks
IRP_MJ_INTERNAL_DEVICE_CONTROL handler:
DriverObject
Device Storage miniport
Harddisk0DR0 driver object
Attached to
MajorFunction
...
IRP_MJ_INTERNAL_DEVICE_CONTROL
Attached to
Lowest device
object
46. Problem Description
Untrusted platform problem:
protected mode without paging
BIOS Kernel
MBR VBR bootmgr winload.exe
initialization initialization
protected mode
real mode
with paging
bootmgr interface
BIOS interface
Point of
Attack
Non boot-start
OS kernel
kernel-mode drivers
Pre boot OS kernel
Bootmgr OS loader
firmware dependencies
Boot-start
drivers
47. Bootkits & GPT Disks
There is no MBR & VBR code which is executed in GPT disks
Bootkits in-the-wild aren’t applicable to GPT disks
Protective MBR
Primary GUID Partition
Primary GUID Table Header GUID Partition Table
Entry
partition Table GUID Partition entry 1
GUID Partition entry 1 Partition type GUID
GUID Partition entry 1 Unique partition GUID
Primary GUID First LBA
GUID Partition entry 1
partitions Last LBA
...
Attributes flags
Backup GUID Partition name
GUID Partition entry 1
partition Table
48. Bootkits & GPT Disks
UEFI Firmware
UEFI Boot Manager
Windows Boot Manager (bootmgr.efi)
Windows OS Loader (winload.efi)
OS Kernel (ntoskrnl.exe)
49. Windows 8 Security Features
Security enhancements introduced in Windows 8:
• Secure boot technology
Employing UEFI secure boot in conjunction with TPM
• Early anti-malware launch module
Allows antimalware software start before any other third-
party components
50. Secure Boot
Secure boot prevents running an unknown OS loader:
UEFI will verify OS loader
The key for verification is stored inside TPM
Trust anchor
TPM
Non boot-start
OS kernel
kernel-mode drivers
OS kernel
UEFI Bootmgr OS loader
dependencies
Boot-start
drivers
51. Early antimalware launch module
Antimalware component receives control before any
other third-party software at boot time.
Early
Windows OS Kernel Third-party
antimalware
loader initialization drivers
module
52. Conclusion
Bootkit technology allows malware to load unsigned kernel-mode
driver and achieve high degree of stealth in the system
The main target of bootkit infection are MBR & VBR
Rovnix is a first known bootkit infecting VBR
The most interesting features of the latest modification of Rovnix
bootkit are:
Polymorphic infected VBR
Hidden Storage
There are additional security features introduced in Windows 8 OS:
Early antimalware launch module
Secure Boot
53. References
Rovnix Reloaded: new step of evolution
http://blog.eset.com/2012/02/22/rovnix-reloaded-new-step-of-evolution
TDL4 reloaded: Purple Haze all in my brain
http://blog.eset.com/2012/02/02/tdl4-reloaded-purple-haze-all-in-my-brain
Bootkit Threat Evolution in 2011
http://blog.eset.com/2012/01/03/bootkit-threat-evolution-in-2011-2
The Evolution of TDL: Conquering x64
http://go.eset.com/us/resources/white-papers/The_Evolution_of_TDL.pdf
Modern bootkit trends: bypassing kernel-mode signing policy
http://www.virusbtn.com/conference/vb2011/abstracts/LastMinute1.xml
King of Spam: Festi botnet analysis
http://blog.eset.com/2012/05/11/king-of-spam-festi-botnet-analysis