Rarely in security is anything an absolute, but in the case of the BadUSB research that emerged during this year’s Black Hat conference, phrases such as “completely compromised” and “undetectable” paint a grim picture for the security of devices that communicate over USB.
Over the weekend, the situation may have gotten a bit more desperate with the release of code by two independent security researchers that replicates some of what Karsten Nohl and Jakob Lell of SR Labs in Germany demonstrated this summer during the desert hacker fest.
Brandon Wilson and Adam Caudill posted their attack code to Github, putting a public sample out there for consumption and one that also serves notice that it may be time to look at measures for securing USB firmware from manipulation.
“The security of these devices is completely compromised,” Wilson said. “You can’t trust anything you plug into your computer any longer, not even something as simple as a flash drive.”
Nohl and Lell’s BadUSB demonstrations during Black Hat illustrated how his code could overwrite USB firmware and turn a USB device into anything. A flash drive plugged into a PC, could for example, emulate a keyboard and issue commands that steal data from the machine, spoof a computer’s network interface and redirect traffic by altering DNS settings, or could load malware from a hidden partition on the drive.
The problem is that Nohl and Lell—and Caudill and Wilson—have not exploited vulnerabilities in USB. They’re just taking advantage of weaknesses in the manner in which USBs are supposed to behave.
“We’re just taking advantage of the USB protocol,” Wilson said. “This drive is a reprogrammable computer that allows you to do all sorts of things. It allows you to be any device, and up until now, most developers had hard-coded them to behave in specific ways. The firmware on a flash drive makes it behave like a flash drive.”
Caudill and Wilson published their code after presenting at Derby Con last weekend in Kentucky. Their attack was against USB drives manufactured by Phison Electronics Corp., of Taiwan, similar to Nohl’s attack; Wilson said he still has not seen a replay of Nohl’s Black Hat talk. He said he and Caudill were aware that this type of exploit was possible and that Nohl’s research prompted them to accelerate their own work.
After Black Hat, Wilson said he bought numerous drives and tested them and were able to take advantage of existing tools used to update firmware to get their code to overwrite the firmware on the Phison device. At Derby Con, they were able to demonstrate their attack with the device pretending to be a keyboard that typed out a predetermined script once it was plugged into the host computer. They also showed another demo where they had a hidden partition on a flash drive that was not detected by the host PC.
“It’s undetectable while it’s happening,” Wilson said. “The PC has no way of determining the difference. The way a PC determines the type of device all happens through the USB and code on the other device. Our ability to control that code means you cannot trust anything a USB device tells you.”
While this type of attack exploits the trust users have in USB devices and their willingness to plug anything into an endpoint, fixing the problem from a technology standpoint may be even more challenging.
“The fact that we were so easily able to change the firmware is an easy fix. The manufacturers could implement code-signing, but they don’t do that at all” Wilson said. “That needs to change. And even if they do add code-signing, you still have the other aspect which is that the computer cannot trust what you’re plugging into it. To truly fix the problem, it has to be fixed on the host.”
Wilson said he and Caudill have not heard any criticism about their disclosure; Nohl said during Black Hat that he would not release his code. Wilson said their actions could motivate vendors to take action.
“When you have a firmware image, you want to protect it in some way. You want a checksum, or something that the drive uses to validate that something is coming across correctly,” Wilson said. “There’s nothing like that. There needs to be something. Code signing is one approach to take for now. But to really shut it down long term, the host needs to be aware that when you plug in a device you don’t trust, it has to be given an option not to trust it. Because once you plug it in, it’s done.”