Se puede hacer a nivel físico que es lo más facil, o incluso con exploids.
Con esta herramienta podemos analizar nuestro firmware bios para saber si nos han modificado la bios y han bloqueado regiones de esta misma.
https://neverendingsecurity.wordpress.com/2015/04/07/uefi_boot_script_expl-chipsec-module-that-exploits-uefi-boot-script-table-vulnerability/?fbclid=IwAR2W9mLusuTHsJ70vw4U3fdma5W4xinqc8Qp08ttF07iAHlWTwS9XSKe8Z4
Este es mi log de chipsec con linux:
Código:
root@pow:/home/pow/chipsec# sudo chipsec_main
################################################################
## ##
## CHIPSEC: Platform Hardware Security Assessment Framework ##
## ##
################################################################
[CHIPSEC] Version 1.4.7
[CHIPSEC] Arguments:
****** Chipsec Linux Kernel module is licensed under GPL 2.0
[CHIPSEC] API mode: using CHIPSEC kernel module API
[CHIPSEC] OS : Linux 4.15.0-87-generic #87-Ubuntu SMP Fri Jan 31 19:32:37 UTC 2020 x86_64
[CHIPSEC] Python : 2.7.17 (64-bit)
[CHIPSEC] Helper : LinuxHelper (/usr/local/lib/python2.7/dist-packages/chipsec-1.4.7-py2.7-linux-x86_64.egg/chipsec/helper/linux/chipsec.ko)
[CHIPSEC] Platform: Desktop 4th Generation Core Processor (Haswell CPU / Lynx Point PCH)
[CHIPSEC] VID: 8086
[CHIPSEC] DID: 0C00
[CHIPSEC] RID: 06
[CHIPSEC] PCH : Default PCH
[CHIPSEC] VID: 8086
[CHIPSEC] DID: 8C5C
[CHIPSEC] RID: 05
[*] loading common modules from "/usr/local/lib/python2.7/dist-packages/chipsec-1.4.7-py2.7-linux-x86_64.egg/chipsec/modules/common" ..
[+] loaded chipsec.modules.common.bios_smi
[+] loaded chipsec.modules.common.ia32cfg
[+] loaded chipsec.modules.common.spi_access
[+] loaded chipsec.modules.common.smm
[+] loaded chipsec.modules.common.memlock
[+] loaded chipsec.modules.common.me_mfg_mode
[+] loaded chipsec.modules.common.spi_fdopss
[+] loaded chipsec.modules.common.spi_desc
[+] loaded chipsec.modules.common.spi_lock
[+] loaded chipsec.modules.common.bios_wp
[+] loaded chipsec.modules.common.bios_ts
[+] loaded chipsec.modules.common.rtclock
[+] loaded chipsec.modules.common.bios_kbrd_buffer
[+] loaded chipsec.modules.common.spd_wd
[+] loaded chipsec.modules.common.smrr
[+] loaded chipsec.modules.common.sgx_check
[+] loaded chipsec.modules.common.secureboot.variables
[+] loaded chipsec.modules.common.cpu.spectre_v2
[+] loaded chipsec.modules.common.cpu.cpu_info
[+] loaded chipsec.modules.common.uefi.access_uefispec
[+] loaded chipsec.modules.common.uefi.s3bootscript
[*] loading platform specific modules from "/usr/local/lib/python2.7/dist-packages/chipsec-1.4.7-py2.7-linux-x86_64.egg/chipsec/modules/hsw" ..
[*] loading modules from "/usr/local/lib/python2.7/dist-packages/chipsec-1.4.7-py2.7-linux-x86_64.egg/chipsec/modules" ..
[+] loaded chipsec.modules.remap
[+] loaded chipsec.modules.smm_dma
[+] loaded chipsec.modules.memconfig
[+] loaded chipsec.modules.debugenabled
[*] running loaded modules ..
[*] running module: chipsec.modules.common.bios_smi
[x][ =======================================================================
[x][ Module: SMI Events Configuration
[x][ =======================================================================
[+] SMM BIOS region write protection is enabled (SMM_BWP is used)
[*] Checking SMI enables..
Global SMI enable: 1
TCO SMI enable : 1
[+] All required SMI events are enabled
[*] Checking SMI configuration locks..
[+] TCO SMI configuration is locked (TCO SMI Lock)
[+] SMI events global configuration is locked (SMI Lock)
[+] PASSED: All required SMI sources seem to be enabled and locked
[*] running module: chipsec.modules.common.ia32cfg
[x][ =======================================================================
[x][ Module: IA32 Feature Control Lock
[x][ =======================================================================
[*] Verifying IA32_Feature_Control MSR is locked on all logical CPUs..
[*] cpu0: IA32_Feature_Control Lock = 1
[*] cpu1: IA32_Feature_Control Lock = 1
[*] cpu2: IA32_Feature_Control Lock = 1
[*] cpu3: IA32_Feature_Control Lock = 1
[+] PASSED: IA32_FEATURE_CONTROL MSR is locked on all logical CPUs
[*] running module: chipsec.modules.common.spi_access
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
SPI Flash Region Access Permissions
------------------------------------------------------------
[*] FRAP = 0x0000FFFF << SPI Flash Regions Access Permissions Register (SPIBAR + 0x50)
[00] BRRA = FF << BIOS Region Read Access
[08] BRWA = FF << BIOS Region Write Access
[16] BMRAG = 0 << BIOS Master Read Access Grant
[24] BMWAG = 0 << BIOS Master Write Access Grant
BIOS Region Write Access Grant (00):
FREG0_FLASHD: 0
FREG1_BIOS : 0
FREG2_ME : 0
FREG3_GBE : 0
FREG4_PD : 0
FREG5 : 0
FREG6 : 0
BIOS Region Read Access Grant (00):
FREG0_FLASHD: 0
FREG1_BIOS : 0
FREG2_ME : 0
FREG3_GBE : 0
FREG4_PD : 0
FREG5 : 0
FREG6 : 0
BIOS Region Write Access (FFF):
FREG0_FLASHD: 1
FREG1_BIOS : 1
FREG2_ME : 1
FREG3_GBE : 1
FREG4_PD : 1
FREG5 : 1
FREG6 : 1
BIOS Region Read Access (FFF):
FREG0_FLASHD: 1
FREG1_BIOS : 1
FREG2_ME : 1
FREG3_GBE : 1
FREG4_PD : 1
FREG5 : 1
FREG6 : 1
[*] Software has write access to Platform Data region in SPI flash (it's platform specific)
[!] WARNING: Software has write access to GBe region in SPI flash
[-] Software has write access to SPI flash descriptor
[-] Software has write access to Management Engine (ME) region in SPI flash
[-] FAILED: SPI Flash Region Access Permissions are not programmed securely in flash descriptor
[*] running module: chipsec.modules.common.smm
[x][ =======================================================================
[x][ Module: Compatible SMM memory (SMRAM) Protection
[x][ =======================================================================
[*] PCI0.0.0_SMRAMC = 0x1A << System Management RAM Control (b:d.f 00:00.0 + 0x88)
[00] C_BASE_SEG = 2 << SMRAM Base Segment = 010b
[03] G_SMRAME = 1 << SMRAM Enabled
[04] D_LCK = 1 << SMRAM Locked
[05] D_CLS = 0 << SMRAM Closed
[06] D_OPEN = 0 << SMRAM Open
[*] Compatible SMRAM is enabled
[+] PASSED: Compatible SMRAM is locked down
[*] running module: chipsec.modules.common.memlock
[x][ =======================================================================
[x][ Module: Check MSR_LT_LOCK_MEMORY
[x][ =======================================================================
[X] Checking MSR_LT_LOCK_MEMORY status
[*] cpu0: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu1: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu2: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[*] cpu3: MSR_LT_LOCK_MEMORY[LT_LOCK] = 1
[+] PASSED: Check have successfully passed
[*] running module: chipsec.modules.common.me_mfg_mode
[x][ =======================================================================
[x][ Module: ME Manufacturing Mode
[x][ =======================================================================
[-] FAILED: ME is in Manufacturing Mode
[*] running module: chipsec.modules.common.spi_fdopss
[x][ =======================================================================
[x][ Module: SPI Flash Descriptor Security Override Pin-Strap
[x][ =======================================================================
[*] HSFS = 0xF008 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 0 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[03] BERASE = 1 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 1 << Flash Configuration Lock-Down
[+] PASSED: SPI Flash Descriptor Security Override is disabled
[*] running module: chipsec.modules.common.spi_desc
[x][ =======================================================================
[x][ Module: SPI Flash Region Access Control
[x][ =======================================================================
[*] FRAP = 0x0000FFFF << SPI Flash Regions Access Permissions Register (SPIBAR + 0x50)
[00] BRRA = FF << BIOS Region Read Access
[08] BRWA = FF << BIOS Region Write Access
[16] BMRAG = 0 << BIOS Master Read Access Grant
[24] BMWAG = 0 << BIOS Master Write Access Grant
[*] Software access to SPI flash regions: read = 0xFF, write = 0xFF
[-] Software has write access to SPI flash descriptor
[-] FAILED: SPI flash permissions allow SW to write flash descriptor
[*] running module: chipsec.modules.common.spi_lock
[x][ =======================================================================
[x][ Module: SPI Flash Controller Configuration Locks
[x][ =======================================================================
[*] HSFS = 0xF008 << Hardware Sequencing Flash Status Register (SPIBAR + 0x4)
[00] FDONE = 0 << Flash Cycle Done
[01] FCERR = 0 << Flash Cycle Error
[02] AEL = 0 << Access Error Log
[03] BERASE = 1 << Block/Sector Erase Size
[05] SCIP = 0 << SPI cycle in progress
[13] FDOPSS = 1 << Flash Descriptor Override Pin-Strap Status
[14] FDV = 1 << Flash Descriptor Valid
[15] FLOCKDN = 1 << Flash Configuration Lock-Down
[+] SPI Flash Controller configuration is locked
[+] PASSED: SPI Flash Controller locked correctly.
[*] running module: chipsec.modules.common.bios_wp
[x][ =======================================================================
[x][ Module: BIOS Region Write Protection
[x][ =======================================================================
[*] BC = 0x2A << BIOS Control (b:d.f 00:31.0 + 0xDC)
[00] BIOSWE = 0 << BIOS Write Enable
[01] BLE = 1 << BIOS Lock Enable
[02] SRC = 2 << SPI Read Configuration
[04] TSS = 0 << Top Swap Status
[05] SMM_BWP = 1 << SMM BIOS Write Protection
[+] BIOS region write protection is enabled (writes restricted to SMM)
[*] BIOS Region: Base = 0x00180000, Limit = 0x007FFFFF
SPI Protected Ranges
------------------------------------------------------------
PRx (offset) | Value | Base | Limit | WP? | RP?
------------------------------------------------------------
PR0 (74) | 00000000 | 00000000 | 00000000 | 0 | 0
PR1 (78) | 00000000 | 00000000 | 00000000 | 0 | 0
PR2 (7C) | 00000000 | 00000000 | 00000000 | 0 | 0
PR3 (80) | 00000000 | 00000000 | 00000000 | 0 | 0
PR4 (84) | 00000000 | 00000000 | 00000000 | 0 | 0
[!] None of the SPI protected ranges write-protect BIOS region
[+] PASSED: BIOS is write protected
[*] running module: chipsec.modules.common.bios_ts
[x][ =======================================================================
[x][ Module: BIOS Interface Lock (including Top Swap Mode)
[x][ =======================================================================
[*] BiosInterfaceLockDown (BILD) control = 1
[*] BIOS Top Swap mode is disabled (TSS = 0)
[*] RTC TopSwap control (TS) = 0
[+] PASSED: BIOS Interface is locked (including Top Swap Mode)
[*] running module: chipsec.modules.common.rtclock
[x][ =======================================================================
[x][ Module: Protected RTC memory locations
[x][ =======================================================================
[*] RC = 0x00000004 << RTC Configuration (RCBA + 0x3400)
[02] UE = 1 << Upper 128 Byte Enable
[03] LL = 0 << Lower 128 Byte Lock
[04] UL = 0 << Upper 128 Byte Lock
[-] Protected bytes (0x38-0x3F) in low 128-byte bank of RTC memory are not locked
[-] Protected bytes (0x38-0x3F) in high 128-byte bank of RTC memory are not locked
[!] WARNING: Protected locations in RTC memory are accessible (BIOS may not be using them)
[*] running module: chipsec.modules.common.bios_kbrd_buffer
[x][ =======================================================================
[x][ Module: Pre-boot Passwords in the BIOS Keyboard Buffer
[x][ =======================================================================
[*] Keyboard buffer head pointer = 0x1E (at 0x41A), tail pointer = 0x1E (at 0x41C)
[*] Keyboard buffer contents (at 0x41E):
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 |
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 |
[*] Checking contents of the keyboard buffer..
[+] PASSED: Keyboard buffer looks empty. Pre-boot passwords don't seem to be exposed
[*] running module: chipsec.modules.common.spd_wd
[x][ =======================================================================
[x][ Module: SPD Write Disable
[x][ =======================================================================
[-] FAILED: SPD Write Disable is not set and SPDs were detected
[*] running module: chipsec.modules.common.smrr
[x][ =======================================================================
[x][ Module: CPU SMM Cache Poisoning / System Management Range Registers
[x][ =======================================================================
[+] OK. SMRR range protection is supported
[*] Checking SMRR range base programming..
[*] IA32_SMRR_PHYSBASE = 0xDA000006 << SMRR Base Address MSR (MSR 0x1F2)
[00] Type = 6 << SMRR memory type
[12] PhysBase = DA000 << SMRR physical base address
[*] SMRR range base: 0x00000000DA000000
[*] SMRR range memory type is Writeback (WB)
[+] OK so far. SMRR range base is programmed
[*] Checking SMRR range mask programming..
[*] IA32_SMRR_PHYSMASK = 0xFF000800 << SMRR Range Mask MSR (MSR 0x1F3)
[11] Valid = 1 << SMRR valid
[12] PhysMask = FF000 << SMRR address range mask
[*] SMRR range mask: 0x00000000FF000000
[+] OK so far. SMRR range is enabled
[*] Verifying that SMRR range base & mask are the same on all logical CPUs..
[CPU0] SMRR_PHYSBASE = 00000000DA000006, SMRR_PHYSMASK = 00000000FF000800
[CPU1] SMRR_PHYSBASE = 00000000DA000006, SMRR_PHYSMASK = 00000000FF000800
[CPU2] SMRR_PHYSBASE = 00000000DA000006, SMRR_PHYSMASK = 00000000FF000800
[CPU3] SMRR_PHYSBASE = 00000000DA000006, SMRR_PHYSMASK = 00000000FF000800
[+] OK so far. SMRR range base/mask match on all logical CPUs
[*] Trying to read memory at SMRR base 0xDA000000..
[+] PASSED: SMRR reads are blocked in non-SMM mode
[+] PASSED: SMRR protection against cache attack is properly configured
[*] running module: chipsec.modules.common.sgx_check
Skipping module chipsec.modules.common.sgx_check since it is not supported in this platform
[*] running module: chipsec.modules.common.secureboot.variables
[*] NOT IMPLEMENTED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.secureboot.variables since it is not supported in this platform
[*] running module: chipsec.modules.common.cpu.spectre_v2
[x][ =======================================================================
[x][ Module: Checks for Branch Target Injection / Spectre v2 (CVE-2017-5715)
[x][ =======================================================================
[*] CPUID.7H:EDX[26] = 1 Indirect Branch Restricted Speculation (IBRS) & Predictor Barrier (IBPB)
[*] CPUID.7H:EDX[27] = 1 Single Thread Indirect Branch Predictors (STIBP)
[*] CPUID.7H:EDX[29] = 0 IA32_ARCH_CAPABILITIES
[+] CPU supports IBRS and IBPB
[+] CPU supports STIBP
[-] CPU doesn't support enhanced IBRS
[!] WARNING: CPU supports mitigation (IBRS) but doesn't support enhanced IBRS
[!] OS may be using software based mitigation (eg. retpoline)
[*] running module: chipsec.modules.common.cpu.cpu_info
[x][ =======================================================================
[x][ Module: Current Processor Information:
[x][ =======================================================================
[*] Thread 0000
[*] Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
[*] Family: 06 Model: 3C Stepping: 3
[*] Microcode: 00000027
[*]
[*] Thread 0001
[*] Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
[*] Family: 06 Model: 3C Stepping: 3
[*] Microcode: 00000027
[*]
[*] Thread 0002
[*] Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
[*] Family: 06 Model: 3C Stepping: 3
[*] Microcode: 00000027
[*]
[*] Thread 0003
[*] Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
[*] Family: 06 Model: 3C Stepping: 3
[*] Microcode: 00000027
[*]
[#] INFORMATION: Processor information displayed
[*] running module: chipsec.modules.common.uefi.access_uefispec
[*] NOT IMPLEMENTED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.access_uefispec since it is not supported in this platform
[*] running module: chipsec.modules.common.uefi.s3bootscript
[*] NOT IMPLEMENTED: OS does not support UEFI Runtime API
Skipping module chipsec.modules.common.uefi.s3bootscript since it is not supported in this platform
[*] running module: chipsec.modules.remap
[x][ =======================================================================
[x][ Module: Memory Remapping Configuration
[x][ =======================================================================
[*] Registers:
[*] TOUUD : 0x000000021FE00001
[*] REMAPLIMIT: 0x000000021FD00001
[*] REMAPBASE : 0x00000001FF000001
[*] TOLUD : 0xDF200001
[*] TSEGMB : 0xDA000001
[*] Memory Map:
[*] Top Of Upper Memory: 0x000000021FE00000
[*] Remap Limit Address: 0x000000021FDFFFFF
[*] Remap Base Address : 0x00000001FF000000
[*] 4GB : 0x0000000100000000
[*] Top Of Low Memory : 0x00000000DF200000
[*] TSEG (SMRAM) Base : 0x00000000DA000000
[*] checking memory remap configuration..
[*] Memory Remap is enabled
[+] Remap window configuration is correct: REMAPBASE <= REMAPLIMIT < TOUUD
[+] All addresses are 1MB aligned
[*] checking if memory remap configuration is locked..
[+] TOUUD is locked
[+] TOLUD is locked
[+] REMAPBASE and REMAPLIMIT are locked
[+] PASSED: Memory Remap is configured correctly and locked
[*] running module: chipsec.modules.smm_dma
[x][ =======================================================================
[x][ Module: SMM TSEG Range Configuration Check
[x][ =======================================================================
[*] TSEG : 0x00000000DA000000 - 0x00000000DAFFFFFF (size = 0x01000000)
[*] SMRR range: 0x00000000DA000000 - 0x00000000DAFFFFFF (size = 0x01000000)
[*] checking TSEG range configuration..
[+] TSEG range covers entire SMRAM
[+] TSEG range is locked
[+] PASSED: TSEG is properly configured. SMRAM is protected from DMA attacks
[*] running module: chipsec.modules.memconfig
[x][ =======================================================================
[x][ Module: Host Bridge Memory Map Locks
[x][ =======================================================================
[+] PCI0.0.0_BDSM = 0x00000000DB200001 - LOCKED - Base of Graphics Stolen Memory
[+] PCI0.0.0_BGSM = 0x00000000DB000001 - LOCKED - Base of GTT Stolen Memory
[+] PCI0.0.0_DPR = 0x00000000DA000001 - LOCKED - DMA Protected Range
[+] PCI0.0.0_GGC = 0x0000000000000211 - LOCKED - Graphics Control
[+] PCI0.0.0_MESEG_MASK = 0x0000007FFF000C00 - LOCKED - Manageability Engine Limit Address Register
[+] PCI0.0.0_PAVPC = 0x00000000DF100017 - LOCKED - PAVP Configuration
[+] PCI0.0.0_REMAPBASE = 0x00000001FF000001 - LOCKED - Memory Remap Base Address
[+] PCI0.0.0_REMAPLIMIT = 0x000000021FD00001 - LOCKED - Memory Remap Limit Address
[+] PCI0.0.0_TOLUD = 0x00000000DF200001 - LOCKED - Top of Low Usable DRAM
[+] PCI0.0.0_TOM = 0x0000000200000001 - LOCKED - Top of Memory
[+] PCI0.0.0_TOUUD = 0x000000021FE00001 - LOCKED - Top of Upper Usable DRAM
[+] PCI0.0.0_TSEGMB = 0x00000000DA000001 - LOCKED - TSEG Memory Base
[+] PASSED: All memory map registers seem to be locked down
[*] running module: chipsec.modules.debugenabled
[x][ =======================================================================
[x][ Module: Debug features test
[x][ =======================================================================
[*] Checking IA32_DEBUG_INTERFACE msr status
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[+] CPU debug interface state is correct.
[*] Module Result
[+] PASSED: All checks have successfully passed
[CHIPSEC] *************************** SUMMARY ***************************
[CHIPSEC] Time elapsed 0.078
[CHIPSEC] Modules total 25
[CHIPSEC] Modules failed to run 0:
[CHIPSEC] Modules passed 14:
[+] PASSED: chipsec.modules.common.bios_smi
[+] PASSED: chipsec.modules.common.ia32cfg
[+] PASSED: chipsec.modules.common.smm
[+] PASSED: chipsec.modules.common.memlock
[+] PASSED: chipsec.modules.common.spi_fdopss
[+] PASSED: chipsec.modules.common.spi_lock
[+] PASSED: chipsec.modules.common.bios_wp
[+] PASSED: chipsec.modules.common.bios_ts
[+] PASSED: chipsec.modules.common.bios_kbrd_buffer
[+] PASSED: chipsec.modules.common.smrr
[+] PASSED: chipsec.modules.remap
[+] PASSED: chipsec.modules.smm_dma
[+] PASSED: chipsec.modules.memconfig
[+] PASSED: chipsec.modules.debugenabled
[CHIPSEC] Modules information 1:
[#] INFORMATION: chipsec.modules.common.cpu.cpu_info
[CHIPSEC] Modules failed 4:
[-] FAILED: chipsec.modules.common.spi_access
[-] FAILED: chipsec.modules.common.me_mfg_mode
[-] FAILED: chipsec.modules.common.spi_desc
[-] FAILED: chipsec.modules.common.spd_wd
[CHIPSEC] Modules with warnings 2:
[!] WARNING: chipsec.modules.common.rtclock
[!] WARNING: chipsec.modules.common.cpu.spectre_v2
[CHIPSEC] Modules not implemented 3:
[*] NOT IMPLEMENTED: chipsec.modules.common.secureboot.variables
[*] NOT IMPLEMENTED: chipsec.modules.common.uefi.access_uefispec
[*] NOT IMPLEMENTED: chipsec.modules.common.uefi.s3bootscript
[CHIPSEC] Modules not applicable 1:
[*] NOT APPLICABLE: chipsec.modules.common.sgx_check
[CHIPSEC] *****************************************************************
Tengo el chip bios bloqueado en ciertas regiones, y hay que desbloquearlo, con el mismo programa chipsec puede hacerse según tengo entendido, pero me quedé atascado por ataques físicos para que no pueda hacerlo.
Bueno, yo comparto por si alguien más quiere analizarselo o saberlo.
Saludos.