Jon Aubrey Profile picture
Oct 4, 2021 20 tweets 7 min read Read on X
I’ve been doing a bit of work recently, attacking laptops that are protected by Microsoft Bitlocker drive encryption.

Join me on a journey where we break into this CEO’s laptop to steal company secrets and plant malware. Image
The background for this came from the recent blog post dolosgroup.io/blog/2021/7/9/… and from the earlier labs.f-secure.com/blog/sniff-the… post, they’re well worth a read.
This is your threat scenario.

Your CEO has gone to a high risk country for a well publicised business trip. They’ve been targeted by a criminal gang that wants to steal the laptop data and implant malware but without raising any suspicions.
The gang has bribed a hotel employee to let them into the room one night while the CEO has gone out for drinks. They have only a few hours to pull off this attack, which is plenty of time.
If you’re playing along at home, this is how the laptop is set up.

It’s a Dell E7450 with Windows 10 Professional and BitLocker full drive encryption enabled. Keys are stored in the onboard TPM 1.2 module Image
Back to our attack.

We have physical access to a turned off laptop in a hotel room. When I do this I first like to do a full tear down of the machine. Googling for ‘motherboard replacement’ is usually a good start and for me, up pops this video.
This is what we’re left with. ImageImage
We need to get access to the TPM module for this attack, but we have no idea what it looks like!

To fix this we’re going to start picking chips at random and Googling the writing on top of them. You end up with diagrams that look a bit like this ImageImage
Bingo! We’re found the TPM module.

A google for the data sheet turns up ww1.microchip.com/downloads/en/d… which tells us it communicates over the SPI protocol and is in a TSSOP28 chip, which is not exactly easy to connect to. As seen in the Dolos attack there might be another way though
For cost and simplicity, manufacturers often bundle several chips onto the same SPI ‘bus’. If we can find another chip that’s easy to connect to on the same bus, we can sniff the key off the wire.
What I’m doing here is ‘walking’ my multimeter over the TPM pins while connected to various different chips to see if any of them ‘beep’ to tell us there is a connection. Image
Unfortunately, no dice. Either that means there isn’t anything else on that SPI bus, or, as @Iskuri1 pointed out to me a while ago, it might mean there is a resistor in the way.

A google for ‘e7450 schematic’ turns up this diagram though which looks promising. Image
Look back earlier where I labelled the chips. There are two Winbond flash modules that look like they might be the ones on the diagram, so this attack might not be dead in the water yet. Trouble is, our laptop won’t do anything when it’s in bits…
Reassembling the laptop again and we can see those little flash chips just poking out. All we had to do to access them in this case was remove the back covers, which is 8 screws. Image
To determine whether is an attack vector or not, we’re going to have to hook up a logic analyser. We’re using a Salae here because there is a nice extension for it that’ll pull out any bitlocker keys it sees. We just connect up and boot the laptop. Image
Success! With the laptop booting come booting into Windows, the analyser has sniffed all of the SPI communications and the script has found a bitlocker key hiding in there. Remember to invert the ‘enable’ line if you’re doing this yourself and capture at a good speed. Image
Now you’ve got a key, we need a way to decrypt the hard drive. Here, I’ve pulled the drive out but you could do it in the machine if it boots from USB. As you can see, Kali sees an encrypted drive. ImageImage
As we have the BitLocker VMK key, we can now use the Dislocker toolkit in Kali to decrypt it. Image
But stealing data is one thing, all we have access to is what’s contained on the laptops drive. What makes this attack so insidious is that we can also plant malware on the drive to execute on next boot, giving us access to all of the CEOs data and a foot inside the organisation ImageImage
With a little prior knowledge, this entire attack can be pulled off in as little as 10 mins, it’s certainly a viable attack method.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Jon Aubrey

Jon Aubrey Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SecurityJon

Dec 1, 2020
Inspired by @cybergibbons hardware teardown thread, thought I'd document an investigation into an oddity that has been bugging me for a few years.

This is a TP-Link TL-WA701ND AP that I was using for a few years around the house. When I repurposed it, I noticed something odd..
The AP can be set into different modes, including as Ethernet/Wifi client to permit wired devices to access a wireless network. I used this to connect my gaming machine as I was sick of ethernet cables lying across the floors.
One day while I was scanning around my house for WiFi networks I noticed a high-powered WiFi network with a hidden SSID broadcasting from my main office. With a little more investigation I determined this was coming from the TP-Link, but what was it?
Read 18 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

:(