1780 27c3 console_hacking_2010

1. 27th Chaos Communication Congress Console Hacking 2010 PS3 Epic Fail bushing, marcan, segher, sven Mittwoch, 29. Dezember 2010

2. Who are we? • In 2008 at 25c3 these teams worked together as 'WiiPhonies' • We won the 25c3 CTF • We changed our name to 'Fail 0verﬂow' • Not trademark infringing • The domain was available • The ratio of fail to win is high. We've been collaborating on various embedded and thought expansive projects, the most famous of which that hit the press earlier this year was the full reconstruction of the $REDACTED allowing $REDACTED to be completely broken, that was a fun couple of weeks. Mittwoch, 29. Dezember 2010

3. Wii had a good run • 3 years, 9 ﬁrmware updates, 1 real feature • 73 mil. consoles, 30 mil. vuln. bootloaders • 1 million users of Homebrew Channel Mittwoch, 29. Dezember 2010

4. Wii Xbox 360 PS3 2006 2007 2008 2009 2010 2011 t Mittwoch, 29. Dezember 2010

5. Wii Xbox 360 PS3 2006 Drivechips 2007 Twiizer Attack 2008 Twilight Hack Homebrew Channel 2009 Bannerbomb Indiana Pwns Bannerbomb for 4.2 2010 latest update broken 2011 t Mittwoch, 29. Dezember 2010

6. Wii Xbox 360 PS3 2006 Drive ﬁrmware hacked Drivechips King Kong Hack 2007 Twiizer Attack 2008 Twilight Hack Homebrew Channel 2009 Bannerbomb JTAG Hack Indiana Pwns Bannerbomb for 4.2 2010 latest update broken 2011 t Mittwoch, 29. Dezember 2010

7. Wii Xbox 360 PS3 2006 Drive ﬁrmware hacked Drivechips King Kong Hack 2007 Twiizer Attack OtherOS RSX exploit 2008 Twilight Hack Homebrew Channel 2009 Bannerbomb JTAG Hack Indiana Pwns slim w/o Linux Bannerbomb released for 4.2 Geohot’s hack 2010 Linux removed latest update Jailbreak broken Downgrade this talk :) 2011 t Mittwoch, 29. Dezember 2010

8. Mittwoch, 29. Dezember 2010

9. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed PS3 2006 executables, hypervisor, eFuses, isolated SPU not yet - - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy Mittwoch, 29. Dezember 2010

15. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed PS3 2006 executables, hypervisor, eFuses, isolated SPU not yet - - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

16. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed PS3 2006 executables, hypervisor, eFuses, isolated SPU not yet - - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

17. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed PS3 2006 executables, hypervisor, eFuses, isolated SPU 4 years not yet - - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

18. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed Homebrew PS3 2006 executables, hypervisor, eFuses, isolated SPU 4 years not yet - Piracy - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

19. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed Homebrew PS3 2006 executables, hypervisor, eFuses, isolated SPU 4 years not yet - Piracy piracy - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

20. device y security hacked for effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed Homebrew PS3 2006 executables, hypervisor, eFuses, isolated SPU 4 years not yet - Piracy piracy - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

21. hacked after device y security hacked for it was closed effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed Homebrew PS3 2006 executables, hypervisor, eFuses, isolated SPU 4 years not yet - Piracy piracy - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

22. hacked after device y security hacked for it was closed effect PS2 1999 ? ? piracy - pay TV dbox2 2000 signed kernel 3 months Linux decoding GameCube 2001 encrypted boot 12 months Homebrew piracy Linux Xbox 2001 encrypted/signed bootup, signed executables 4 months Homebrew piracy iPod 2001 checksum <12 months Linux - DS 2004 signed/encrypted executables 6 months Homebrew piracy PSP 2004 signed bootup/executables 2 months Homebrew piracy encrypted/signed bootup,encrypted/signed Linux Xbox 360 2005 executables, encrypted RAM, hypervisor, eFuses 12 months Homebrew leaked keys encrypted/signed bootup,encrypted/signed Homebrew PS3 2006 executables, hypervisor, eFuses, isolated SPU 12 moyet s 4 years not nth - Piracy piracy - Wii 2006 encrypted bootup 1 month Linux piracy Front Row AppleTV 2007 signed bootloader 2 weeks Linux piracy Homebrew, iPhone 2007 signed/encrypted bootup/executables 11 days SIM-Lock piracy iPad 2010 signed/encrypted bootup/executables 1 day Homebrew piracy Mittwoch, 29. Dezember 2010

23. PS3 Architecture Mittwoch, 29. Dezember 2010

24. The Cell Broadband Engine Source: IBM Mittwoch, 29. Dezember 2010

25. SPU Isolation Source: IBM 0x00000 0x3e000 0x40000 Mittwoch, 29. Dezember 2010

26. LV1 / Hypervisor LV2 / GameOS SPU Problem State / Games Mittwoch, 29. Dezember 2010

27. metldr Mittwoch, 29. Dezember 2010

28. metldr lv0ldr Mittwoch, 29. Dezember 2010

29. metldr lv0ldr lv0 Mittwoch, 29. Dezember 2010

30. metldr lv0ldr lv0 metldr / lv1ldr Mittwoch, 29. Dezember 2010

31. metldr lv0ldr lv0 metldr / lv1ldr lv1 Mittwoch, 29. Dezember 2010

32. metldr lv0ldr lv0 metldr / lv1ldr lv1 metldr / lv2ldr Mittwoch, 29. Dezember 2010

33. metldr lv0ldr lv0 metldr / lv1ldr lv1 metldr / lv2ldr lv2 Mittwoch, 29. Dezember 2010

35. Xbox Wii 360 PS3 On-die bootROM ✓ ✓ ✓ ✓ On-die key storage ✓ ✓ Public-key crypto ✓ ✓ ✓ ✓ Chain of trust ✓ ✓ ✓ Per-console keys ✓ ✓ ✓ Signed executables ✓ ✓ ✓ Security coprocessor ✓ ✓ Full media encryption and signing ✓ Encrypted storage ✓ ✓ Self-signed storage ✓ Memory encryption/hashing ✓ Hypervisor ✓ ✓ User/kernelmode ✓ Anti-downgrade eFUSEs ✓ Mittwoch, 29. Dezember 2010

50. Xbox Wii 360 PS3 On-die bootROM ✓ ✓ ✓ ✓ On-die key storage ✓ ✓ Public-key crypto ✓ ✓ ✓ ✓ Chain of trust ✓ ✓ ✓ Per-console keys ✓ ✓ ✓ Signed executables ✓ ✓ ✓ Security coprocessor ✓ ✓ Full media encryption and signing ✓ Encrypted storage ✓ ASSED BYP ✓ Self-signed storage ✓ Memory encryption/hashing ✓ Hypervisor ✓ ✓ User/kernelmode ✓ Anti-downgrade eFUSEs ✓ Mittwoch, 29. Dezember 2010

51. OtherOS Mittwoch, 29. Dezember 2010

52. ✘ OtherOS Not supported on the PS3 Slim Mittwoch, 29. Dezember 2010

53. ! You have earned a trophy. Draw Attention ✘ OtherOS Not supported on the PS3 Slim Mittwoch, 29. Dezember 2010

54. Geohot Exploit XDR RAM Glitching Attack Mittwoch, 29. Dezember 2010

55. RAM Kernel Hypervisor HTAB Mittwoch, 29. Dezember 2010

60. RAM Kernel HTAB Hypervisor HTAB Mittwoch, 29. Dezember 2010

61. RAM Kernel HTAB Hypervisor HTAB Mittwoch, 29. Dezember 2010

62. RAM You have earned a trophy. HV Hypervisor Exposed Kernel HTAB Hypervisor HTAB Mittwoch, 29. Dezember 2010

63. ✘ OtherOS Mittwoch, 29. Dezember 2010

64. ✘ ✘✘OtherOS Forcibly removed on the PS3 Fat Mittwoch, 29. Dezember 2010

65. You have earned a trophy. Pissed Off Hackers ✘ ✘✘OtherOS Forcibly removed on the PS3 Fat Mittwoch, 29. Dezember 2010

67. PSJailbreak Mittwoch, 29. Dezember 2010

68. PSJailbreak (And over 9000 clones) Mittwoch, 29. Dezember 2010

69. PSJailbreak Exploit Mittwoch, 29. Dezember 2010

70. PSJailbreak Hub PWN1 PWN2 PWN3 PWN4 JIG FINAL Mittwoch, 29. Dezember 2010

71. Device 1 TL = 0xF00 CONFIGURATION #1 .. #4 INTERFACE #1 PAYLOAD Mittwoch, 29. Dezember 2010

72. Device 4 Mittwoch, 29. Dezember 2010

73. Device 4 TL = 0x12 CONFIGURATION #1 INTERFACE #1 Mittwoch, 29. Dezember 2010

74. Device 4 TL = 0x12 CONFIGURATION #1 INTERFACE #1 CONFIGURATION #2 Mittwoch, 29. Dezember 2010

75. Device 2 TL = 0x16 INTERFACE #1 CONFIGURATION #1 04 21 B4 2F Mittwoch, 29. Dezember 2010

76. Device 4 TL = 0x12 CONFIGURATION #1 INTERFACE #1 CONFIGURATION #1 04 21 B4 2F CONFIGURATION #2 Mittwoch, 29. Dezember 2010

77. Device 4 TL = 0x12 CONFIGURATION #1 INTERFACE #1 TL = 0x2FB4 CONFIGURATION #2 Mittwoch, 29. Dezember 2010

78. C++ Objects VTABLE POINTER INTERFACE OBJECT #N C++ VTABLE POINTER INTERFACE OBJECT #N+1 C++ VTABLE POINTER INTERFACE OBJECT #N+2 C++ Mittwoch, 29. Dezember 2010

79. C++ Objects VTABLE POINTER INTERFACE OBJECT #N C++ CONFIGURATION #3 INTERFACE #1 INTERFACE OBJECT #N+1 C++ VTABLE POINTER INTERFACE OBJECT #N+2 C++ Mittwoch, 29. Dezember 2010

80. C++ Objects VTABLE POINTER INTERFACE OBJECT #N C++ CONFIGURATION #3 INTERFACE #1 PAYLOAD POINTER INTERFACE OBJECT #N+1 C++ VTABLE POINTER INTERFACE OBJECT #N+2 C++ Mittwoch, 29. Dezember 2010

81. Device 3 CONFIGURATION #1 .. #2 INTERFACE #1 INTERFACE #2 INTERFACE #3 INTERFACE #4 INTERFACE #5 INTERFACE #6 INTERFACE #7 INTERFACE #8 INTERFACE #9 INTERFACE #10 INTERFACE #11 ........... Mittwoch, 29. Dezember 2010

83. You have earned a trophy. LV2 Code Execution Mittwoch, 29. Dezember 2010

84. NO W^X in LV2 Any old exploit == code execution Mittwoch, 29. Dezember 2010

85. Hypervisor allows unsigned code It happily marks pages as executable and plays no role in enforcing that only trusted code runs Mittwoch, 29. Dezember 2010

86. Results • LV2 “GameOS” compromised • LV1 Hypervisor NOT compromised • Secure SPE NOT compromised Mittwoch, 29. Dezember 2010

87. Resultsearned a trophy. You have Piracy • LV2 “GameOS” compromised • LV1 Hypervisor NOT compromised • Secure SPE NOT compromised • Piracy Mittwoch, 29. Dezember 2010

88. Fail Security Model • The hypervisor does not enforce LV2 and game integrity • You can just patch LV2 to run games from HDD Mittwoch, 29. Dezember 2010

89. Xbox Wii 360 PS3 On-die bootROM ✓ ✓ ✓ ✓ On-die key storage ✓ ✓ Public-key crypto ✓ ✓ ✓ ✓ Chain of trust ✓ ✓ ✓ Per-console keys ✓ ✓ ✓ Signed executables ✓ ✓ ✓ Security coprocessor ✓ ✓ Full media encryption and signing ✓ Encrypted storage ✓ ASSED BYP ✓ Self-signed storage ✓ Memory encryption/hashing ✓ Hypervisor ✓ ✓ User/kernelmode ✓ Anti-downgrade eFUSEs ✓ Mittwoch, 29. Dezember 2010

90. Xbox Wii 360 PS3 On-die bootROM ✓ ✓ ✓ ✓ On-die key storage ✓ ✓ Public-key crypto ✓ ✓ ✓ ✓ Chain of trust ✓ ✓ ✓ Per-console keys ✓ ✓ ✓ Signed executables ✓ ✓ ✓ Security coprocessor ✓ ✓ Full media encryption and signing ✓ Encrypted storage ✓ ASSED BYP ✓ Self-signed storage ✓ Memory encryption/hashing ✓ Hypervisor ✓ E✓ ESS US L User/kernelmode ✓ Anti-downgrade eFUSEs ✓ Mittwoch, 29. Dezember 2010

91. Xbox Wii 360 PS3 On-die bootROM ✓ ✓ ✓ ✓ On-die key storage ✓ ✓ Public-key crypto ✓ ✓ ✓ ✓ Chain of trust ✓ ✓ ✓ Per-console keys ✓ ✓ ✓ Signed executables ✓ ✓ ✓CTIVE FFE INE Security coprocessor ✓ ✓ Full media encryption and signing ✓ Encrypted storage ✓ ASSED BYP ✓ Self-signed storage ✓ Memory encryption/hashing ✓ Hypervisor ✓ E✓ ESS US L User/kernelmode ✓ Anti-downgrade eFUSEs ✓ Mittwoch, 29. Dezember 2010

92. Downgrades Mittwoch, 29. Dezember 2010

93. Downgrades • Sony ﬁxed the exploit Mittwoch, 29. Dezember 2010

94. Downgrades • Sony ﬁxed the exploit • Service mode triggered by USB “JIG” • HMAC authenticated, keys dumped Mittwoch, 29. Dezember 2010

95. Downgrades • Sony ﬁxed the exploit • Service mode triggered by USB “JIG” • HMAC authenticated, keys dumped • Leaked service app used to enable downgrades Mittwoch, 29. Dezember 2010

96. Downgrades a trophy. You have earned More Piracy • Sony ﬁxed the exploit • Service mode triggered by USB “JIG” • HMAC authenticated, keys dumped • Leaked service app used to enable downgrades Mittwoch, 29. Dezember 2010

97. AsbestOS Mittwoch, 29. Dezember 2010

98. AsbestOS • Replace LV2/GameOS in memory Mittwoch, 29. Dezember 2010

99. AsbestOS • Replace LV2/GameOS in memory • OtherOS mode and GameOS mode are virtually identical • Except GameOS can do more stuff, e.g. 3D Mittwoch, 29. Dezember 2010

100. AsbestOS • Replace LV2/GameOS in memory • OtherOS mode and GameOS mode are virtually identical • Except GameOS can do more stuff, e.g. 3D • Run Linux again (even on the Slim!) Mittwoch, 29. Dezember 2010

101. AsbestOS • Replace LV2/GameOS in memory • OtherOS mode and GameOS mode are virtually identical • Except GameOS can do more stuff, e.g. 3D • Run Linux again (even on the Slim!) • Use NetRPC to remote-control the PS3 and experiment... Mittwoch, 29. Dezember 2010

102. SELFs SCE header ehdr + phdr ehdrehdr + phdr encrypted metadata key metadata ECDSA signature { ehdr + phdr (again...) phdr #0 data #0 phdr #1 data ELF ... phdr #N data Mittwoch, 29. Dezember 2010

103. SELFs SCE header ehdr + phdr ehdrehdr + phdr encrypted metadata key r key l oade metadata ECDSA signature { SELF key ehdr + phdr (again...) phdr #0 data #0 phdr #1 data ELF ... phdr #N data Mittwoch, 29. Dezember 2010

104. SELFs SCE header ehdr + phdr ehdrehdr + phdr encrypted metadata key er key load metadata AES ECDSA signature { SELF key ehdr + phdr (again...) phdr #0 data #0 phdr #1 data ELF ... phdr #N data Mittwoch, 29. Dezember 2010

105. SELFs SCE header ehdr + phdr ehdrehdr + phdr encrypted metadata key er key load metadata AES ECDSA signature { SELF key AES + SHA-1 ehdr + phdr (again...) phdr #0 data #0 phdr #1 data ELF ... phdr #N data Mittwoch, 29. Dezember 2010

106. The Oracle • Sony‘s idea: “No one can see our code!” • ... unless the PPE is compromised • Decrypting all code possible from GameOS • security coprocessor pointless! • But we want keys! Mittwoch, 29. Dezember 2010

107. The Oracle a trophy. You have earned Obfuscation useless • Sony‘s idea: “No one can see our code!” • ... unless the PPE is compromised • Decrypting all code possible from GameOS • security coprocessor pointless! • But we want keys! Mittwoch, 29. Dezember 2010

1780 27c3 console_hacking_2010

Recomendados

Recomendados

Mais conteúdo relacionado

Destaque

Destaque (6)

Semelhante a 1780 27c3 console_hacking_2010

Semelhante a 1780 27c3 console_hacking_2010 (11)

1780 27c3 console_hacking_2010