 Alright, so today I'll be talking about FPGAs and first of all how many people have seen one of my previous talks? Wow, that's amazing, okay, yeah so I'm just going to go over some of the newer stuff that I've been working on and some of the file vault stuff that I've been working on, I actually worked on with Jake and he has some new developments with that so I thought I'd bring him up here so he can talk about that a little later. But anyway, I am the chairman for Torcon, Torcon by the way is happening October, we have some flyers up here if you guys want to pick them up. And I also do security R&D for Pico Computing, that's the card that I run all my demos on here and I'm also a researcher with the open ciphers project which means that I'm the single person that contributes source to it. So a quick overview here, we'll be doing, well we can skip through the FPGA intro because of so many people that have already seen my talk and then we can just go on to some demos and then talk about file vault and some of the new stuff that's coming out. So skipping over, whoa, alright, Bluetooth pin cracking, has anybody seen this demo before? Raise of hands? No? Oh, okay, oh yeah, yeah, yeah. So have people seen the cow patty demo? Breaking cow patty? Yeah, okay, sweet. So it's pretty similar, you basically sniff the authentication and you can do that now with FTE dongles, you can use the open source sniffer that they just released at the Wi-Fi talk I think, if you guys saw that. And so yeah, if you can force the two devices to repair and capture the authentication then the only thing that you really don't know is the pin and so the whole attack basically works by emulating like all the algorithms that they use, so they use Safer and this whole attack was actually originally outlined by these guys, I'm not even going to try and pronounce their name but they're down at the bottom there. And also Terry Zoller, is he in the audience here? He said he was going to be here. Anyway he also did his own implementation and so there's a couple of different implementations of this out there. So basically how it works is you have this whole authentication bunch of challenges are sent across and there's essentially a key negotiation that's based on both sides having a mutual pin that matches. So if you know the algorithm that they use, you just try a pin and run it through the capture and see if all the checksums match up and stuff and it's actually a really small key space. If you think about the total key space, if people are just typing in pins, it's 10 to the 16 but most of the time people just use a four digit pin or an eight digit pin or just like do all zeros or whatever. So I did an implementation that's all command line based and it implements like all this stuff, it runs in software and also on one of our cards and it uses a 16 stage pipeline if you guys know much about FPGA stuff and this is essentially what it does. This is the algorithm, it runs E22 and does all this sort of crap. All these red things are basically the input, the stuff that you capture off the network and all we're brute forcing is the blue part there and so you just kind of run through with the data you capture and then eventually find a pin that makes everything happy. So in my FPGA code I have a pin generator that feeds into my safer core and it feeds in 16 pins and then as it crunches through the pipeline on it, it ends up, once the data starts coming out the other end it gets looped back in and then basically the implementation is kind of mucked for each time it gets looped back in. So the first time it's running E22 which is a variation of safer plus and then the second time it gets looped back in and it's kind of an E21 mode and then gets looped back again and it essentially just does all these operations here but with a single safer core. So it gets looped around and does all these calculations and at the very end you end up getting these results that you compare with like the check sums that are sent across in authentication and if it matches then it reports back the pin and if it doesn't then it goes on to the next pin and continues on. So a pretty standard cracker. I'm just going to get on to the demo here since I, yeah here's some performance numbers but I can go over that later. I'll show you the boring demo first here. This is running on my laptop, it's doing maybe 10 or 20,000 pins per second roughly and this is running on the FPGA. So it just cracked a six digit pin on that first thing there and right now it's cracking alert. That was a nine digit pin I think and so all these pins it would take a few days to go through on my computer but it just ran through all these in about six seconds or so. Now we have a much better interface here that thanks to Terry Zoller we now have. So I'm going to fire up this VB app here and with this you can actually run it with the FTE software so if you capture the authentication you just take the dump and you can select it inside here. It's very easy to use. So I'm going to capture this one. So there's all the values that we're using to crack it and I'm just going to crack it on my computer right now. We've got some Hollywood effects going. So right now it's only doing about 200,000 per second there and the pins per second. So I'm just going to stop it, click this use FPGA button here and I'll see how fast it runs. It only looks fast because I'm updating it a lot faster but oh! So there's like a eight digit pin right there and there's a link key so now if you had some stuff captured for the conversation you can feed this link key into like your software and then decrypt the whole conversation or you can just start like injecting stuff into the conversation. You basically have the whole conversation owned at that point. So there's the sweet demo. So as far as performance numbers, there's really like a couple orders of magnitude difference here. Using BT Crack there's some optimizations there so you can get like 100,000 maybe 200,000 per second and on this card in my laptop I'm getting about 10 million per second so it's quite a bit faster. Now the next topic is cracking Winsip AES encryption. So I wanted to attack Winsip for a while now and I was looking at trying to reverse engineer Winsip and I'm sure that lots of people have like attacked Winsip because they're trying to write their cracks for it and try and make it so it doesn't do that stupid thing where it counts up a second for every day that you haven't registered and crap. So I started doing that and then I checked out some of their web pages and it turns out they have a web page that describes their encryption algorithm for compatibility reasons and basically they link to the site and they pretty much ripped off this guy's entire code base for implementing all their encryption. So I just had to kind of like figure out the zip format and use this guy's code and it pretty much works and actually it's the same code that OSX ripped off too, right? Yeah, so lots of people are using Dr. Gladman's final encryption code. But their encryption support is 128-bit, 192-bit, 256-bit and it has this cool verification value which I can get to in a minute. So essentially what you do is you try a password, you run it through this hashing algorithm called PBKDF2 which is the same one that you use for WPA and File Vault and it actually ends up taking like the end of it and uses that as a verification value and so you can compare that with the value that's stored in the zip file and initially see like if the password you're trying is valid or not and then like one out of two to the 16 times you'll have to actually go and decrypt the whole file, check the check sum and make sure that you got the right password but this actually works really well and I'll show you it working in a minute. So yeah, pretty much all the same code as a WPA, I just had to reverse engineer some of the formats and do a quick demo. And by the way, like all this code is actually available on the open cipher's website right now if you want to grab it, if you need to crack any WinZip files. So this program just takes a zip file and it takes a file inside the zip file because you can actually have multiple encrypted zip files inside the zip file. Like I'll just look at one of these here. Here's a test file. So this is one file inside of it and this one's actually encrypted with WinZip encryption so Windows doesn't know how to deal with it and I haven't registered WinZip yet so I'll try and show you how to extract this here. Oh wait, I gotta use something else. So yeah, like if I try maybe 7-zip, see if that works. Then it's asking for a password right? So all you have to do is I've got this script here. Like if you're just running this on your PC you do WinZip crack, your zip file, the file inside of it that's encrypted and then you give it a dictionary file and inside your dictionary file it's just a bunch of different passwords you want to try right? So this is running on my computer and it's going a little slow so let me try it on the FPGA. So that's running on the FPGA. It's a little faster. It's not crazy fast but it'll get you where you want to go. So yeah, now on to File Vault. Did you want to explain this or? Okay. So back when I was at the CCC at the Congress this last year, Jake was giving a talk on File Vault and so I kind of like listened in on some of the stuff they were doing and turned out that File Vault also uses PBKDF2 for their password hashing so I coded up this program to crack File Vault images and essentially File Vault, your home directory is stored as like a DMG file that's encrypted and it basically uses AES and then it uses like triple DES for wrapping the keys and stuff and there's a couple different formats for it but it's basically the same hashing for both and so yeah I just modified my code and made it support File Vault and yeah, it's actually exactly the same FPGA file that I'm using for the Winsip stuff so didn't really have to do any modification with that. I had this, oh Jake wrote this program for decrypting files so if you have a DMG file that's encrypted and you have the password for it you can just run a command line tool and takes it in with the password, spits out a totally clean DMG file and I think that some of the people hacking the iPhone actually use that for decrypting some of the iPhone stuff and then I just kind of modified their code to do the cracking so you just try a bunch of passwords and see if they work or not and there's a couple other attacks that Jake can elaborate on in a little bit but I'll just show you the cracking real quick here. We called this vile fault because we didn't want to have any sort of copyright issues with Apple by the way so yeah this is running on my computer here and it's pretty much like the same sort of speed improvement that you see with the Winsip stuff so yeah there's a password. Okay well I'll let Jake talk about the File Vault stuff now and then I'll come back on a little bit. So we did a sort of informal survey of about 100 to 150 max running on PowerPCN x86 and actually I see there are a bunch of max here I'm very scared for you but maybe you could help out. Who here has a terminal open on a macOS 10 machine? Anyone? You? For example? You? Yeah? Can you type pmset-g and tell me if it tells you the hibernate mode for your machine? See if it says it tells you it's three? By any chance? Yeah it does? Oh you're fucked. So that's good. So I'm pretty sure you didn't change that and yeah there's some dick-faced Apple security guy that told me that wasn't the case by default but whatever. Anyway it seems to be the case on every x86 mac that I have found that is a laptop that's the case and if you go ahead and take a look at varvm in that directory you tell me if there's a file called sleep image. Oh cool all right awesome. So if you like close your mac for a second and then open it up give it give it a second wait for it to stop pulsing like observe the light it should be solid for a moment and then it'll pulse. When it starts pulsing open it again type in your passphrase and look at the time stamp on that file. You have your mdns responder on right? Yeah okay so is the time stamp close to what your clock says the time is right now? Yeah oh yeah you're fucked. Sweet. So basically the key to all of this is in the mac kernel I forgot to put the oh no the version number I looked at was x and u 792.13.8 I downloaded this a while ago it's possible that they've changed some stuff but you know maybe not. So the IO hibernate system sleep is inside of the kernel IO hibernate IOC plus plus file and it's called from the IOPM root domain and so in theory the sleep images are encrypted with AES128 in cypher block chaining mode and it looks like a bunch of this stuff is borrowed from that fabulous Dr. Brian Gladman the same stuff that he used for the Wintip. I discovered this sort of like independently from even talking with Akari about this. So if you look inside you see that's 128 bit key like you see this in the kernel source code and you see like the wired Crip key and you see the Crip key and you see all this stuff and you see how they generated. From the previous examination with Ralph during the file vault research we were doing at the KS Computer Club Congress last year we determined that this random function is actually wrapped around yarrow and they do some kind of like strange stuff for the random number generation that seems to be fine. Ralph is actually a real cryptographer I'm just a photographer I don't know much about this technology stuff and in any case it seems to be fine they're just generating key starring it no big deal. So the thing is though is that it's not really okay in that basically every single Mac laptop that I've seen that people didn't know better for every single time they sleep their machine they dump the contents the full contents of memory to the disc like straight up pretty awesome and I was going to demo ripping the key out of NVRAM on this machine but I couldn't get the EFI shell to show up to this projector but basically if in fact you were able to find a way to turn on the encrypted hibernate code that is in the in the Mac kernel you would be able to boot the machine and extract the key from NVRAM and the reason is because the way that Apple ensures that the keys are removed from NVRAM is by doing it in the mock kernel which is interesting because the mock kernel if you never get to that entry point if you're never loading the mock kernel the mock kernel can't free those entries and the NVRAM is persistent across boots and stuff like that right that's that that's kind of the point of it. So there's this really great piece of software called refit or R-E-F-I-T and it has built in NVRAM dumping tools one of them is called DMP Store give it the dash B option and you just get hex dumps of the NVRAM you get the global unique identifier and you get the variable name and I think that's pretty awesome and if you look through the mock kernel you can actually see boot path boot device boot image key boot signature memory signature memsig machine signature there's a whole bunch of really interesting stuff in there but it doesn't matter because I've actually not run across a single Mac that had this encrypted so there's some really interesting things you can do here like for example depending on which mode you have the machine set for the hibernate mode stuff you can actually inject data into the memory structures so like wait a minute so you've got this crypto there but you don't use it okay so mode zero if you enable that that's the only safe mode that I've found because it doesn't write the VARVM sleep image anymore several of the other modes one through four six seven 10 11 and I didn't go above 11 I just figured that 11 since 10 and 11 were the same it's possible that 12 13 that's just like arbitrarily continues to do the same thing but they suspend a RAM they write a sleep image to disk they don't have crypto at all five eight and nine write the sleep image to the disc you'll see the light on the front be solid and then the machine will just turn off and the next time you boot up you'll have you'll have like a progress bar moving this way across the screen and basically it'll just show you and resume where you are at that point depending on which mode you're in you want to experiment around with this but basically depending on what mode you're in you'll type in the password three times and if it fails during that time frame it'll actually take the memory dump of you typing in that pass phrase and we'll write that back out to disk so the time statement will update again so I was thinking about some interesting things you could do there it's like you could actually put like arbitrary data into that field and it'll get written out to the VARVM sleep image so like I don't know what you could put in there like some you know ASCII text string that you would not want like yes I killed my wife or something like that but it would be written back out to that sleep image file which I thought was really interesting because it's like if you fail to authenticate as the user why would you want to save the state I don't know but apparently that was an idea that the Apple people thought was a good idea or maybe they just didn't think about it because they're overloaded they probably need to hire more security people from the sound of it this is by the way without encrypted swap those are all the modes I tested then I enabled encrypted swap mode 3 mode 5 and mode 7 for the hibernate mode and none of them had crypto again and I mean perhaps I'm doing something wrong I'm willing to be corrected about this but it doesn't matter because even if they are doing crypto we can extract the key it's very simple to do it but in any case it negates the value of the encrypted swap which was basically just being used as a band-aid some of you might remember people were typing in their file vault password and you know they would grep through their swap file and they would actually see their password in the password or in the swap file well like they turn on encrypted swap that's how they fixed it instead of zeroing memory and like I just bought a mac mini just to test this stuff I set the password to pwnpwnpwnpwn and it's all over the swap file like everywhere you can imagine it so you could pull out the encrypted swap key if you're interested and you can basically reconstruct the state of the machine at the moment which was put into a sleep mode and this is for you know any laptop so I was thinking about ways you could fix this and EFI is really awesome that I'm glad that Apple went with EFI because basically you can write any portable c-app and you could very easily take a variable like you can patch the mock kernel specifically the parts that do this key stuff and you could set an nvran variable where it was like basically you know some some string that the user has as a passphrase and you could take another set of random numbers and you put them in the variables and you could XOR them together and in theory the worst thing that would happen is that well if you type in the incorrect password at boot you would not be able to authenticate for the hibernate image but the hibernate image if it's actually correctly encrypted with a yes 128 cbc you should be able to just forget about it it doesn't matter if they don't have the right password they're not going to get it but if they do type in the right password then they've at least authenticated themselves and they're in solid okay so um some some future projects that you can see coming out of open ciphers is i guess that we now have some white crawl support i think i see erin back there yeah over there um he's giving a talk tomorrow on um on white crawl and i guess there's pico support in that so that's pretty awesome and you can catch that on in track one at 1130 i think and then um we're also well i'm giving a talk at the ccc camp on cracking gsm crypto using fpgas and so if any of you are out of the country at ccc camp you can check that out it'll be at 3 30 p.m next friday and one of the 10s i guess so conclusions get an fpga and start cracking make use of hardware to break crypto uh if you think that 64 bit is like you know doing pretty good think again and choose bad passwords and if you want to throw rotten fruit at us um wait until a dunk tank tomorrow at 1 p.m because we'll be there um ready to get dunked if you guys want to support the eff and a little bit of thanks to jake uh relphilip wyman uh terry zoller eric zesterhen and all the viewers like you here's some info um i guess we're going to be taking questions in the question room unless there's time anybody know you're all you have some time all right