Speculative Probing: Hacking Blind in the Spectre Era

Enes Göktas; Kaveh Razavi; Georgios Portokalidis; Herbert Bos; Cristiano Giuffrida

doi:10.1145/3372297.3417289

Speculative Probing: Hacking Blind in the Spectre Era

Enes Göktas, Kaveh Razavi, Georgios Portokalidis, Herbert Bos, Cristiano Giuffrida

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

330 Downloads (Pure)

Abstract

To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization schemes, modern software exploits rely on information disclosure to locate gadgets inside the victim's code. In the absence of such info-leak vulnerabilities, attackers can still hack blind and derandomize the address space by repeatedly probing the victim's memory while observing crash side effects, but doing so is only feasible for crash-resistant programs. However, high-value targets such as the Linux kernel are not crash-resistant. Moreover, the anomalously large number of crashes is often easily detectable. In this paper, we show that the Spectre era enables an attacker armed with a single memory corruption vulnerability to hack blind without triggering any crashes. Using speculative execution for crash suppression allows the elevation of basic memory write vulnerabilities into powerful speculative probing primitives that leak through microarchitectural side effects. Such primitives can repeatedly probe victim memory and break strong randomization schemes without crashes and bypass all deployed mitigations against Spectre-like attacks. The key idea behind speculative probing is to break Spectre mitigations using memory corruption and resurrect Spectre-style disclosure primitives to mount practical blind software exploits. To showcase speculative probing, we target the Linux kernel, a crash-sensitive victim that has so far been out of reach of blind attacks, mount end-to-end exploits that compromise the system with just-in-time code reuse and data-only attacks from a single memory write vulnerability, and bypass strong Spectre and strong randomization defenses. Our results show that it is crucial to consider synergies between different (Spectre vs. code reuse) threat models to fully comprehend the attack surface of modern systems.

Original language	English
Title of host publication	CCS '20
Subtitle of host publication	Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
Publisher	Association for Computing Machinery
Pages	1871-1885
Number of pages	15
ISBN (Electronic)	9781450370899
DOIs	https://doi.org/10.1145/3372297.3417289
Publication status	Published - Oct 2020
Event	27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 - Virtual, Online, United States Duration: 9 Nov 2020 → 13 Nov 2020

Publication series

Name	Proceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)	1543-7221

Conference

Conference	27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020
Country/Territory	United States
City	Virtual, Online
Period	9/11/20 → 13/11/20

Funding

We would like to thank Andrea Bittau (1983-2017) for inspiring us to work on “Speculative” BROP. We would also like to thank the anonymous reviewers for their valuable feedback. This work was supported by the European Union’s Horizon 2020 research and innovation programme under grant agreements No. 786669 (ReAct), No. 825377 (UNICORE) and No. 690972 (PROTASIS), by Intel Corporation through the Side Channel Vulnerability ISRA, by the Netherlands Organisation for Scientific Research through grants NWO 639.021.753 VENI "PantaRhei", and NWO 016.Veni.192.262, and by the Office of Naval Research (ONR) under awards N00014-16-1-2261 and N00014-17-1-2788. This paper reflects only the authors’ view. The funding agencies are not responsible for any use that may be made of the information it contains.

Funders	Funder number
Office of Naval Research	N00014-17-1-2788, N00014-16-1-2261
Office of Naval Research
Intel Corporation
Horizon 2020 Framework Programme	825377, 690972, 786669
Horizon 2020 Framework Programme
Nederlandse Organisatie voor Wetenschappelijk Onderzoek	639.021.753
Nederlandse Organisatie voor Wetenschappelijk Onderzoek

Keywords

code-reuse attacks
speculative execution

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1145/3372297.3417289

Speculative Probing_Hacking Blind in the Spectre EraFinal published version, 1.93 MBLicence: Article 25fa Dutch Copyright Act

Persistent URL (handle)

Persistent link

Cite this

Göktas, E., Razavi, K., Portokalidis, G., Bos, H., & Giuffrida, C. (2020). Speculative Probing: Hacking Blind in the Spectre Era. In CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (pp. 1871-1885). (Proceedings of the ACM Conference on Computer and Communications Security). Association for Computing Machinery. https://doi.org/10.1145/3372297.3417289

@inproceedings{68495f5fc4ce4090a2e4ef64e901bbdf,

title = "Speculative Probing: Hacking Blind in the Spectre Era",

abstract = "To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization schemes, modern software exploits rely on information disclosure to locate gadgets inside the victim's code. In the absence of such info-leak vulnerabilities, attackers can still hack blind and derandomize the address space by repeatedly probing the victim's memory while observing crash side effects, but doing so is only feasible for crash-resistant programs. However, high-value targets such as the Linux kernel are not crash-resistant. Moreover, the anomalously large number of crashes is often easily detectable. In this paper, we show that the Spectre era enables an attacker armed with a single memory corruption vulnerability to hack blind without triggering any crashes. Using speculative execution for crash suppression allows the elevation of basic memory write vulnerabilities into powerful speculative probing primitives that leak through microarchitectural side effects. Such primitives can repeatedly probe victim memory and break strong randomization schemes without crashes and bypass all deployed mitigations against Spectre-like attacks. The key idea behind speculative probing is to break Spectre mitigations using memory corruption and resurrect Spectre-style disclosure primitives to mount practical blind software exploits. To showcase speculative probing, we target the Linux kernel, a crash-sensitive victim that has so far been out of reach of blind attacks, mount end-to-end exploits that compromise the system with just-in-time code reuse and data-only attacks from a single memory write vulnerability, and bypass strong Spectre and strong randomization defenses. Our results show that it is crucial to consider synergies between different (Spectre vs. code reuse) threat models to fully comprehend the attack surface of modern systems.",

keywords = "code-reuse attacks, speculative execution",

author = "Enes G{\"o}ktas and Kaveh Razavi and Georgios Portokalidis and Herbert Bos and Cristiano Giuffrida",

year = "2020",

month = oct,

doi = "10.1145/3372297.3417289",

language = "English",

series = "Proceedings of the ACM Conference on Computer and Communications Security",

publisher = "Association for Computing Machinery",

pages = "1871--1885",

booktitle = "CCS '20",

note = "27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 ; Conference date: 09-11-2020 Through 13-11-2020",

}

Göktas, E, Razavi, K, Portokalidis, G, Bos, H & Giuffrida, C 2020, Speculative Probing: Hacking Blind in the Spectre Era. in CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, pp. 1871-1885, 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020, Virtual, Online, United States, 9/11/20. https://doi.org/10.1145/3372297.3417289

Speculative Probing: Hacking Blind in the Spectre Era. / Göktas, Enes; Razavi, Kaveh; Portokalidis, Georgios et al.
CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 2020. p. 1871-1885 (Proceedings of the ACM Conference on Computer and Communications Security).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Speculative Probing

T2 - 27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020

AU - Göktas, Enes

AU - Razavi, Kaveh

AU - Portokalidis, Georgios

AU - Bos, Herbert

AU - Giuffrida, Cristiano

PY - 2020/10

Y1 - 2020/10

N2 - To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization schemes, modern software exploits rely on information disclosure to locate gadgets inside the victim's code. In the absence of such info-leak vulnerabilities, attackers can still hack blind and derandomize the address space by repeatedly probing the victim's memory while observing crash side effects, but doing so is only feasible for crash-resistant programs. However, high-value targets such as the Linux kernel are not crash-resistant. Moreover, the anomalously large number of crashes is often easily detectable. In this paper, we show that the Spectre era enables an attacker armed with a single memory corruption vulnerability to hack blind without triggering any crashes. Using speculative execution for crash suppression allows the elevation of basic memory write vulnerabilities into powerful speculative probing primitives that leak through microarchitectural side effects. Such primitives can repeatedly probe victim memory and break strong randomization schemes without crashes and bypass all deployed mitigations against Spectre-like attacks. The key idea behind speculative probing is to break Spectre mitigations using memory corruption and resurrect Spectre-style disclosure primitives to mount practical blind software exploits. To showcase speculative probing, we target the Linux kernel, a crash-sensitive victim that has so far been out of reach of blind attacks, mount end-to-end exploits that compromise the system with just-in-time code reuse and data-only attacks from a single memory write vulnerability, and bypass strong Spectre and strong randomization defenses. Our results show that it is crucial to consider synergies between different (Spectre vs. code reuse) threat models to fully comprehend the attack surface of modern systems.

AB - To defeat ASLR or more advanced fine-grained and leakage-resistant code randomization schemes, modern software exploits rely on information disclosure to locate gadgets inside the victim's code. In the absence of such info-leak vulnerabilities, attackers can still hack blind and derandomize the address space by repeatedly probing the victim's memory while observing crash side effects, but doing so is only feasible for crash-resistant programs. However, high-value targets such as the Linux kernel are not crash-resistant. Moreover, the anomalously large number of crashes is often easily detectable. In this paper, we show that the Spectre era enables an attacker armed with a single memory corruption vulnerability to hack blind without triggering any crashes. Using speculative execution for crash suppression allows the elevation of basic memory write vulnerabilities into powerful speculative probing primitives that leak through microarchitectural side effects. Such primitives can repeatedly probe victim memory and break strong randomization schemes without crashes and bypass all deployed mitigations against Spectre-like attacks. The key idea behind speculative probing is to break Spectre mitigations using memory corruption and resurrect Spectre-style disclosure primitives to mount practical blind software exploits. To showcase speculative probing, we target the Linux kernel, a crash-sensitive victim that has so far been out of reach of blind attacks, mount end-to-end exploits that compromise the system with just-in-time code reuse and data-only attacks from a single memory write vulnerability, and bypass strong Spectre and strong randomization defenses. Our results show that it is crucial to consider synergies between different (Spectre vs. code reuse) threat models to fully comprehend the attack surface of modern systems.

KW - code-reuse attacks

KW - speculative execution

UR - http://www.scopus.com/inward/record.url?scp=85096176663&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85096176663&partnerID=8YFLogxK

U2 - 10.1145/3372297.3417289

DO - 10.1145/3372297.3417289

M3 - Conference contribution

AN - SCOPUS:85096176663

T3 - Proceedings of the ACM Conference on Computer and Communications Security

SP - 1871

EP - 1885

BT - CCS '20

PB - Association for Computing Machinery

Y2 - 9 November 2020 through 13 November 2020

ER -

Göktas E, Razavi K, Portokalidis G, Bos H , Giuffrida C. Speculative Probing: Hacking Blind in the Spectre Era. In CCS '20: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery. 2020. p. 1871-1885. (Proceedings of the ACM Conference on Computer and Communications Security). Epub 2020 Oct 30. doi: 10.1145/3372297.3417289

Speculative Probing: Hacking Blind in the Spectre Era

Abstract

Publication series

Conference

Funding

Keywords

UN SDGs

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this