Intel AMT: Using & Abusing the Ghost in the Machine Parth Shukla - timevortex@google.com Enterprise Infrastructure Protection 1
Project Goals 1 Explore the best* practical attack using Intel AMT 2 Present a holistic perspective covering: My Story of Attack ❏ Options for Detection, Mitigation and Prevention ❏ My Story of Forensics ❏ *stealthiest attack with least amount of effort 2
Intel AMT Background 3
What is Intel AMT? Intel AMT = Intel Active Management Technology ➔ Out-of-Band (OOB) remote management ➔ Always-available solution ➔ Module within the Intel Management Engine (ME) ➔ Ideal Use Case: Remote installation or IT support 4
AMT Core Features Power Management ➔ Boot your own image ➔ KVM ➔ Serial-over-LAN (SOL) ➔ Client Initiated Remote Access (CIRA) ➔ 5
High-Level Requirements for using Intel AMT Manufacturer decision AMT supporting Hardware profile AMT Module within ME BIOS setting Disabled Enabled AMT setup (local or OS or remote) Provisioned Unprovisioned OOB Admin Access 6
AMT Provisioning Options Provisioning Method Provisioning Mode Local Agent on OS CCM * Remote ACM USB ACM Physically via BIOS MEBx menu ACM CCM = Client Control Mode => Limits AMT functionality ACM = Admin Control Mode => No limitations *Can be upgraded to ACM with additional steps 7
AMT in the News INTEL-SA-00075 - escalation of privilege vulnerability ➔ Patch available for all affected versions ◆ PLATINUM group using Serial-Over-LAN (SOL) as a back-channel ➔ 8
Open Source Tools http://www.meshcommander.com/ MeshCommander ➔ Useful for creating setup USB ◆ Allows using AMT capabilities such as KVM, SOL ◆ MeshCentral2 ➔ Allows managing a fleet of AMT machines ◆ Contains MeshCommander ◆ Contains admin server needed for CIRA ◆ Under active development ◆ 9
Abusing the Ghost An attacker's dream? 10
Attacker Goals To control AMT on sample laptop by provisioning it ❏ To maintain constant & persistent access ❏ To be stealthy ❏ 11
After those Goals are achieved? Standard attacker Sophisticated attacker Equivalent to having Insert SMM backdoor into ➔ ➔ flash chip repeated physical access Live undetected ➔ Boot custom OS ➔ Access is uninterrupted on ➔ Hijack passwords through ➔ OS reinstall bootloader/kernel replacement Difficulty: Difficulty: Hard Easy to Hard Note : The attacks are not specific to AMT 12
Provisioning attack vectors Option A Option B Option C Subvert supply Have root/admin on Local Physical chain machine already Access: Access: Access: Unfettered Unfettered Time-constrained Complexity: Complexity: Complexity: High High/Medium Low 13
Attacker Goals ( Updated ) To control AMT on sample laptop* by provisioning it ❏ Via physical access ❏ In under 60 seconds ❏ To maintain constant & persistent access ❏ To be stealthy ❏ *Target Device: Lenovo X1 Carbon 2016 with AMT 11 14
Attacker assumptions for target laptop 1) Machine has Intel AMT support and, 2) Intel AMT has not been provisioned already and, 3) MEBx password is default (usually the case) and, 4) Either: a) AMT is enabled (usually the case); or b) BIOS password is not set (usually the case). 15
Ideal steps for an attack Physical Access ● Look for opportunity or create distraction ● Reboot with provisioning USB plugged in Provision AMT ● If USB fails then enter BIOS to enable AMT and retry ● AMT connects back to us via auto-dialed CIRA tunnel Profit 16
17
USB provisioning findings Value scale Good ◆ MeshCommander used to create ‘setup.bin’ Easy-to-use GUI tool ◆ USB provisioning works painlessly ◆ Cannot set CIRA settings via USB Cannot setup CIRA ◆ Remote provisioning server can be set ◆ Provisioning server in turn can set up CIRA Bad 18
Getting CIRA to work Option A Option B Set provisioning Manual Setup through LAN server via USB Cost: Cost: Increase Attack time Custom Infrastructure 19
Attacker assumptions for target laptop ( Updated ) 1) Machine has Intel AMT support and, 2) Intel AMT has not been provisioned already and, 3) MEBx password is default (usually the case) and, 4) Either: a) AMT is enabled (usually the case); or b) BIOS password is not set (usually the case). 5) Machine has native LAN (directly or via special adapter) 20
Attack Steps Preparation Execution Setup USB 1) Reboot & Plug in USB ➔ Using MeshCommander 2) Plug in LAN Cable + Adapter ◆ Setup C&C Server ➔ 3) Trigger script to setup CIRA Using MeshCentral2 ◆ Write AMT CIRA script ➔ Bring LAN Adapter + Cable ➔ Next : Check C&C Server 21
Connected to AMT via CIRA tunnel initiated by the laptop CIRA Setup! 22
CIRA is setup to tunnel out over WiFi 23
Full KVM via CIRA tunnel Cannot do this over WiFi without OS agent or driver help 24
WiFi as a limit ● WiFi profiles must be added into AMT Attacker ● Attacker needs to know local APs in advance Impact ● Needs to know credentials(s) for AP(s) Limited ● Boot injection attack becomes more involved (must not load WiFi driver in custom OS) Note : Over time, Intel may bridge feature-gap between WiFi and LAN to bring parity 25
How to Detect, Mitigate and Prevent? 26
Detection Network based OS Agent based Look for Intel AMT’s well Query the ME Interface (MEI) ➔ ➔ known network ports for AMT status Traffic can be in the clear Tool exists for Windows ➔ ➔ But CIRA can use Mutual TLS Custom tool deployment ➔ ➔ required for Linux Detection Likelihood: Possible Detection Likelihood: Most likely (if tool deployed prior to OS compromise) 27
User Detection Always a possibility of detection by user Custom OS boot can be seen ➔ Windows tray app ‘IMSS’ will show pop up (app sometimes default installed) ➔ KVM will display animated sprite on screen ➔ 28
Mitigation Ideal Existing Verified boot chain LAN usage on laptop is rare ➔ ➔ Bind HDD encryption against Enterprises with proxy-only ➔ ➔ “correct” TPM PCR values access Remote attestation CIRA will not work ➔ ◆ KVM usage will display sprite ➔ Status: Status: Windows: Achievable Done Others: Good luck! 29
Prevention Options Remove Control Disable Buy machines Fully Provision AMT Disable AMT (in without AMT yourself factory or BIOS) and Set BIOS password Difficulty: Difficulty: Difficulty: Medium High/Medium High/Medium Note: Difficulty described is for an enterprise with large fleet of machines 30
If you are an incident responder... 31
What if? AMT forensics? ● Someone takes over AMT on your machine ● You somehow detect it 32
When your fears come true Provisioned AMT detected on a Linux lab desktop Admin password unknown ➔ Owner: “I have absolutely no idea who installed ➔ AMT or why.” Time to investigate! 33
First up: Due Diligence Check network logs ➔ Verify BIOS integrity ➔ 34
Ask Intel for help Q: How to do forensics when we don’t know AMT admin password? A: Pointed to an existing AMT status report tool. Windows only. Nothing for Linux 35
Ideal vs Reality Want Got Linux tool Windows tool ➔ ➔ Full AMT Audit Log AMT provisioning record ➔ ➔ 36
Learning from Windows Tool - $$osAdmin Peered into Windows Tool Calling GetLocalSystemAccount using the ME Interface (MEI) ➔ Using AMT built-in user $$osAdmin to retrieve information ➔ Replicated idea to Linux* using IOCTL Found that $$osAdmin cannot be used over network ➔ *Code is being open sourced! Repository link at the end. 37
Need this* Source: Page 45, Chapter 2, Platform Embedded Security Technology Revealed by Xiaoyu Ruan *Linux LMS = https://software.intel.com/en-us/articles/download-the-latest-intel-amt-open-source-drivers 38
Retrieving AMT Audit Log Building LMS on Linux required minor fixes* Full AMT Audit Log dumped using $$osAdmin creds and LMS* WSMAN API calls used to retrieve the log entries ➔ Each log entry was base64 encoded ➔ Decoded string seemed mostly garbage ➔ *Repository contains LMS patch + code to dump log along with a README file 39
Decoding the logs... Intel AMT SDK reference code to the rescue Findings: AMT setup on 2015-01-23 ➔ But machine received on 2016-09-27 ➔ Factory fault or interception? ➔ IPs from AMT audit log match network logs Close the investigation? *Repository contains the decoding code 40
Where has this machine been? Ask vendor for machine history 26 emails and 2 weeks later… 41
Recently learnt information MicroLMS as an alternative to LMS ➔ ◆ Comes with Linux mesh agent from meshcommander.com Source & Windows stand-alone binary available ◆ MeshCommander has “Save All State” option ➔ Makes every AMT WSMAN API call and saves it as a JSON ◆ Intel: "Based on customer feedback, Intel is evaluating improvements in support for Linux AMT Tools, and enhancements to AMT Auditing to facilitate access to the AMT Audit Log and expose additional audit information.” 42
Recovery? 43
Recommend
More recommend