I’ll use gdb debugger with gef extension to help us with exploitation and start fuzzing our bitterman. Great it works as we expected it takes the name, the length of the message and the text of the message. Now that we have a good idea about what our program is doing, it is a good practice to run the program and compare what we understood from the static analysis in IDA Pro with the actual running of the binary. Here, the hacker’s sixth sense inside you should tell you that the BOF vulnerability resides here because we control the length of the input text and there is no user input sanitization. let’s continue digging and below is the disassembly of the main function of the binary.įirst the program prompts the user to enter his name, and after entering his name the program prints “Hi, ”, after that it takes the length of the message he wants to write and the text of the message itself. I opened it with IDA and it detected it as a 64-bit ELF program, that’s fine we got something to know about the binary file. So, let’s get our hands dirty and start digging in the binary, first I prefer to take a static taste of any binary I come across with IDA Pro but this is not mandatory it is a preference, other guys prefer to run the binary first directly or with a debugger. There are various techniques to bypass DEP but here we are using the ret2libc technique through leaking the address of the function of interest through GOT (Global Offset Table) and using ROP (Return-Oriented Programming). Quick challenge for the more experienced security people among the readers: consider the following code snippet for a minute or two.This is really was an interesting challenge, it is a classic buffer overflow vulnerability but with DEP enabled and to exploit it we need to bypass DEP (which is exploit mitigation maintained by the OS through making the stack not executable). This is the problematic path that can be attacked.Īs it can be seen in the code excerpt below, the first parameter for the ethereum_extractThorchainSwapData(const EthereumSignTx *msg, char *buffer) function call is the received message msgĪnd the second parameter is the local stack buffer swap_data from the ethereum_signing_init() function context. The issue is in the new Ethereum signing code that was introduced to handle this new logic.Īs with regular Ethereum transactions on the KeepKey, a MessageType_EthereumSignTx protobuf message from the host computer triggers someįinite state machine behavior, which includes the ethereum_signing_init() function: void ethereum_signing_init ( EthereumSignTx * msg, const HDNode * node, bool needs_confirm ) uint8_t swap_data_len = ethereum_extractThorchainSwapData ( msg, swap_data ) The Vulnerabilityįor the purposes of this bug, it is sufficient to know that the THORChain usage is related to a special subset of Ethereum transactions. More specifically, the new logic is located in the Ethereum handling.Īs it turns out, it contains a major flaw: See the following sections for details on this attack. Which included new code changes and logic for their KeepKey wallet firmware. ShapeShift has recently integrated logic for the THORChain network into their exchange, See my other blog articles for more context on this topic and discovered issues. Mainly through extensive automated testing with a custom fuzzing setup in combination with manual auditing. I have done a lot of independent security research on over the last years, The ShapeShift KeepKey is a cryptocurrency hardware wallet with an open source firmware. Go to the general summary of the issue if you are interested in the less technical version. IntroductionĪs with many of my previous blog articles, this is going to be a technical deep-dive into a complex security bug.Ĭorrespondingly, the article is written for technical readers with a background in the area of IT security. If you are looking for assistance to secure your projects or organization, contact me. I’m a freelance Security Consultant and currently available for new projects. Attack Scenario and Security Implications.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |