Editing Bugs & Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
| Latest revision | Your text | ||
| Line 1: | Line 1: | ||
== Theoretical Hardware Attacks == | == Theoretical Hardware Attacks == | ||
We already know for certain someone out there has hacked the SAMU or stolen Sony's keys because of leaked decrypted kernels. These are some end-all hardware solutions to hack the PS4, theorized by golden. I give a score out of 10 for each. | We already know for certain someone out there has hacked the SAMU or stolen Sony's keys because of leaked decrypted kernels. These are some end-all hardware solutions to hack the PS4, theorized by golden. I give a score out of 10 for each. | ||
=== Power analysis against SAMU 9.9/10 === | === Power analysis against SAMU 9.9/10 === | ||
There are theories that this won't work because... | There are theories that this won't work because... | ||
* SAMU silicon spoofs hamming weight (prevents differential power analysis and EM analysis) | * SAMU silicon spoofs hamming weight (prevents differential power analysis and EM analysis) | ||
* It is running too fast and not feasible since cost is too high | * It is running too fast and not feasible since cost is too high | ||
* You | |||
* You can't slow down the SAMU clock since it is internally checked | |||
* Some more issues? | * Some more issues? | ||
If there is some sort of main CPU/SAMU PLL bypass we might be able to slow the clock down really easily, otherwise we must inject our own clock signal. I believe the SAMU clock is controlled by syscon? If the check is in syscon then we can just patch it out. Maybe write a custom Linux fork that never loads into usermode but just sits and constantly decrypts different self/sprx files. We could communicate with this Linux fork over UART. This attack only needs to work once to recover some keys. | If there is some sort of main CPU/SAMU PLL bypass we might be able to slow the clock down really easily, otherwise we must inject our own clock signal. I believe the SAMU clock is controlled by syscon? If the check is in syscon then we can just patch it out. Maybe write a custom Linux fork that never loads into usermode but just sits and constantly decrypts different self/sprx files. We could communicate with this Linux fork over UART. This attack only needs to work once to recover some keys. | ||
=== SAMU power/clock glitch fault injection 5/10 === | === SAMU power/clock glitch fault injection 5/10 === | ||
During an AES round we might be able to do some SCA by injecting faults. See the paper from umass.edu in the section below. We would write a minimal operating system to reboot into after exploiting an older firmware. This 'operating system' will simply shutdown most of the CPU cores and pin one core. This code would communicate with the SAMU and do everything the normal SCE SAMU driver does for decryption. We can then use UART output from CPU to time our glitch attacks. The faulty data retrieved by our custom SAMU driver might be able to reveal secret key data. This attack only needs to work once to recover some keys. | During an AES round we might be able to do some SCA by injecting faults. See the paper from umass.edu in the section below. We would write a minimal operating system to reboot into after exploiting an older firmware. This 'operating system' will simply shutdown most of the CPU cores and pin one core. This code would communicate with the SAMU and do everything the normal SCE SAMU driver does for decryption. We can then use UART output from CPU to time our glitch attacks. The faulty data retrieved by our custom SAMU driver might be able to reveal secret key data. This attack only needs to work once to recover some keys. | ||
=== SAMU backside UV/IR fault injection 3/10 === | === SAMU backside UV/IR fault injection 3/10 === | ||
Just as the title states. Very expensive to setup and do properly. If we can flip an even number of bits it the encrypted SAMU SRAM region of the chip (even since ECC parity bit), then some sort of side channel analysis might be able to be done to recover key material. Some silicon reverse engineering would be involved to find the SRAM region on die. | Just as the title states. Very expensive to setup and do properly. If we can flip an even number of bits it the encrypted SAMU SRAM region of the chip (even since ECC parity bit), then some sort of side channel analysis might be able to be done to recover key material. Some silicon reverse engineering would be involved to find the SRAM region on die. | ||
"Moreover, it is no longer possible to hit a single SRAM cell with the current etching technologies, since the width of the gate dielectric is now more than 10 times smaller than the shortest wavelength of visible light." To get an idea of the cost of this equipment... "A class of threats which cannot be ignored if the attackers have access to a larger budget (above the aforementioned $3000 and up to millions of dollars)" ( | "Moreover, it is no longer possible to hit a single SRAM cell with the current etching technologies, since the width of the gate dielectric is now more than 10 times smaller than the shortest wavelength of visible light." To get an idea of the cost of this equipment... "A class of threats which cannot be ignored if the attackers have access to a larger budget (above the aforementioned $3000 and up to millions of dollars)" (hxxp://euler.ecs.umass.edu/research/bbkn-IEEEP-2012.pdf) | ||
The fault injection is all infeasible unless some elite hackzor came out of the woodwork. We only need to have this work once. | The fault injection is all infeasible unless some elite hackzor came out of the woodwork. We only need to have this work once. | ||
=== SEM/FIB/microprobes 2/10 === | === SEM/FIB/microprobes 2/10 === | ||
We might be able to readout the bootrom with some microprobes? Sniff data lines somewhere? The SAMU SRAM memory is encrypted so we would have to probe the LM32 instruction bus or something... infeasible but possible. | We might be able to readout the bootrom with some microprobes? Sniff data lines somewhere? The SAMU SRAM memory is encrypted so we would have to probe the LM32 instruction bus or something... infeasible but possible. | ||
=== USB === | === USB pwnage === | ||
The FreeBSD USB stack has been theorized, by a well know security researcher, to contain some high profile bugs. A dongle might just be possible. For example, last year someone ran a fuzzer on the Linux USB stack and found some crazy bugs: | The FreeBSD USB stack has been theorized, by a well know security researcher, to contain some high profile bugs. A dongle might just be possible. For example, last year someone ran a fuzzer on the Linux USB stack and found some crazy bugs: hxxps://github.com/google/syzkaller/blob/master/docs/linux/found_bugs_usb.md | ||
=== Bluetooth === | === Bluetooth pwnage === | ||
Look at Blueborne and CVE-2017-0781. There are probably some bugs in the Sony/FreeBSD Bluetooth stack. Sony has a habit of ruining their own copy and paste. One of the reasons fail0verflow decided to attack the DS4 controller firmware was because it had a nice interface to the kernel which could contain bugs. | Look at Blueborne and CVE-2017-0781. There are probably some bugs in the Sony/FreeBSD Bluetooth stack. Sony has a habit of ruining their own copy and paste. One of the reasons fail0verflow decided to attack the DS4 controller firmware was because it had a nice interface to the kernel which could contain bugs. | ||
| Line 99: | Line 103: | ||
[http://hpiers.obspm.fr/iers/bul/bulc/bulletinc.dat Leap second 2015 June 30, 23h 59m 60s should theoretically not be a problem, since PS4 is based on BSD which can implement 23:59:60]. | [http://hpiers.obspm.fr/iers/bul/bulc/bulletinc.dat Leap second 2015 June 30, 23h 59m 60s should theoretically not be a problem, since PS4 is based on BSD which can implement 23:59:60]. | ||
== Reference sites == | == Reference sites == | ||