There are lots of Holy Grails when it comes to compromising endpoints. One of them has long been an attack that leads to kernel ring0 access on a Windows system. That translates into so-called “God Mode” for hackers — and “game over” for victims.
This is why Microsoft has gone to great lengths over the years to harden defenses to protect the kernel with such things as PatchGuard, Driver Signature Enforcement and SecureBoot. However, attackers continue to devise new kernel-mode malware that evades these protections.
At a Black Hat session on Thursday, researchers at Endgame take these kernel attacks one step further. At their session, “Kernel Mode Threats and Practical Defenses,” they demonstrated how to weaponize Turla Driver Loader into a full, fileless kernel-mode attack.
The Turla Driver Loader (TDL), named for its link to the Turla APT group, is a technique used to bypass a Windows mitigation called Driver Signature Enforcement, first introduced in Windows Vista. Those policies ensure only drivers signed with a valid digital signature can be loaded into the kernel. The TDL technique is not entirely unique, but using it in the context of a full, fileless kernel mode attack is, said Joe Desimone, senior malware researcher at Endgame.
The result is a compromised system stripped of endpoint AV and endpoint detection and response (EDR) defenses — which can be used to silently exfiltrate data or infiltrate a network.
Desimone and his colleague Gabriel Landau were able to leverage existing public code to create a post-exploitation kernel-mode fileless attack technique. “We’re able to get full access on the machines in a very stealthy way,” Landau said.
The attack uses the Squiblydoo/Squiblytwo hacker tools, used in tandem with another tool called DotNetToJS, to execute arbitrary .NET code.
“The .NET payload is responsible for mapping Turla Driver Loader into memory without touching disk,” researchers described. “We use the in-memory Turla Driver Loader to exploit a signed driver and load our implant into kernel mode memory.”
Both researchers said they are unaware of researchers or malware in the wild that combine these techniques to produce an attack of this style.
The attack is a post-infection technique that allows an adversary with limited Ring3 (user mode) access to a system to gain God-Mode Ring0 access – all while sidestepping Microsoft’s advanced kernel protection.
“If an attacker is running their malware at kernel mode, the attacker is running at the same privileges as the security stack itself. So it’s really easy for them to just disable whatever security software is running on the box,” the researchers said.
In response to attacks such as TDL, Microsoft has recently implemented Virtualization Based Security (VBS), which sandboxes the kernel. The feature is currently running on a minority of Windows 10 machines and requires updated hardware.
However, even the latest protections from Microsoft can be sidestepped by attackers to tamper kernel code. “Exploring VBS’s design, we show how kernel mode data-only attacks can be used to silently disable antivirus and EDR software even when VBS and Hypervisor Code Integrity (HVCI) is enforced,” the researchers noted.
Furthermore, the researchers developed a potentially more destructive and stealthy attack. “We are showing how a data-only attack can be leveraged to perform Return Oriented Programming (ROP) [attacks], enabling us to execute arbitrary kernel functions with full ring0 privileges,” they said.
They added, “This attack is the most important, because it gives more flexibly to the attacker [than a data-only attack] and also defeats all available defenses today… We do this by using the vulnerable driver as a puppet.”
The researchers also demonstrated one method which can detect these ROP-based kernel attacks. This method leverages the Performance Monitoring Unit (PMU) on Intel processors and can detect and stop the attackers in real time.
Here at Black Hat, Endgame also released two tools designed to protect against kernel mode malware. The first is Marta, which detects subtle kernel tampering such as from the DOUBLEPULSAR implant. The second is Kernel Attack Surface Reduction (KASR), which blocks blacklisted vulnerable drivers from loading on the system. Both tools are available at endgame.com/communitytools.
(Image credit Bobbo via Wikimedia)