Embedded or platform software and firmware implementation involves different System-on-Chip (SoC) hardware. These fundamentals are applied in various industries such as mobile phones, game consoles, automobiles, and aerospace, where a large amount of embedded platform technology stack is utilized.
-
Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 1) - 201704
-
Over The Air: Exploiting Broadcom’s Wi-Fi Stack (Part 2) - 201704
-
Over The Air - Vol. 2, Pt. 1: Exploiting The Wi-Fi Stack on Apple Devices - 201709
-
Over The Air - Vol. 2, Pt. 2: Exploiting The Wi-Fi Stack on Apple Devices - 201710
-
Over The Air - Vol. 2, Pt. 3: Exploiting The Wi-Fi Stack on Apple Devices - 201710
-
War of the Worlds - Hijacking the Linux Kernel from QSEE - 201605, PoC
-
Lifting the (Hyper) Visor: Bypassing Samsung’s Real-Time Kernel Protection - 201702
We're focusing on the FullMAC implementation which had a sperate OS running inside wifi soc, while SoftMAC is matters to RING 0 only. This is a typical attack surface which is able to apply to other fields like Automotive industry.
| Wifi SoC communication protocol w/ HOST | DMA support | Device support |
|---|---|---|
| SDIO/v3.0 | optional | Nexus 5 |
| USB/v3.1 | USB protocol does not allow DMA, though USB controllers may send and receive packets via DMA | <= iPhone 5 |
| PCIe | by default | >= Nexus 6, >= iPhone 6, >= Galaxy S6 |
If there's no IOMMU/SMMU configured correctly, the attack path could be much easier:
Pwned SoC kernel (ThreadX or other RTOSes)--> infoleak via DMA (identify kernsymbols)--> hijack the function by overwriting the code--> boom!
- Experimental Security Assessment of BMW Cars: A Summary Report - 201802 and the white paper w/o MCU exploitation.
- |Webkit/browser -> Linux kernel privilege escalation (CVE-2017-6261) | Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECUs of Tesla Cars - 2018 and white paper.
- 0-Days & Mitigations: Roadways to Exploit and Secure Connected BMW Cars - 201908 and white paper.
- Mercedes-Benz MBUX Security Research Report - 202105
- | Likely Wi-Fi firmware to Linux kernel privilege escalation| T-BONE: Drone vs. Tesla - 202104
- Jailbreaking an Electric Vehicle in 2023 or What It Means to Hotwire Tesla's x86-Based Seat Heater - 202308, tools PSPReverse on Github.
The attacking path through either out-of-band SoC or browser are quite long to achieve the goals (exploitation and post-exploitation). The exploit chains can be defeated one by one, which means you need a set of building blocks to build a defense-in-depth solution. This list only contains the content cited in this document (contribution are always welcomed!).
| Weak spots/exploitation methods | Description | Mitigation |
|---|---|---|
| RTOS | w/o modern mitigation and binary blobs (mostly) | N/A |
| HOST infoleak | /proc/iomem | Priv only |
| SoC infoleak | DMA to locate kernel symbols | IOMMU/SMMU |
| Hijack kernel | Overwriting the code | CFI |
| SoC infoleak | DMA to locate kernel symbols | IOMMU/SMMU |
| Heap shaping | Craft a predictive layout | freelist randomization and pointer encryption |
| AudioManager | No full ASLR | PIE |
| Webkit/QtWebEngine | exploit on Browser | sandboxing and MAC (SELinux/AppArmor) |
| Hijacking GOT | Writable Global Offset Table | Full RELRO |
| Hardware-based fault injection | Effective method targets at verified boot to break chain of trust | CFI, e.g: PaX RAP enabled for firmware payload |