

# **グ 2** OITUDE



What is primary main objective?







What is primary main objective?





















James







Jatin













James







Jatin Rick













James



















James



















James















100



James



















James



As With many great Erics We begin

As With many great ERICS We begin MEDIAS RES







RECON 0xA







PROJECT

ZAVFET



Primary Main Objective!



2017

We are jerks to Cisco Phones

























What 3 wrong with Ang # 7/1 11 11

Let's punish
our selves for
like... no
reason!







FUNRE

TURE
KICK

## THRANGRY FACT 1



(http://thrangrycat.com for uncool kids)

## THRANGRY FACT 2

#### How do you describe the meaning of this vulnerability name?

We chose to communicate 💆 💆 through a visual representation of symbols, rather than "words." Naming vulnerabilities using emoji sequences instead of other pronounceable natural languages have several advantages. First, emoji sequences are universally understood across nearly all natural languages. Choosing 💆 💆 instead of a name rooted in any one language ensures that the technical contents of our research can be discussed democratically and without latent cultural or linguistic bias. Second, emojis are indexical to the digital age. Third, clear communication is the foundation of friendship, and such a foundation must begin with proper ontological agreement. Just as the universal language of mathematics is largely expressed through interlinguistic symbology, so too is 💆 💆 Fourth, cats are seen as almost paradoxical beings. While they exist in our lives as the ultimate creatures of leisure, cats are also fierce predators. "Cats are the most highly specialized of the terrestrial flesh-eating mammals. They are powerfully built, with a large brain and strong teeth. The teeth are adapted to three functions: stabbing (canines), anchoring (canines), and cutting (carnassial molars)." (Lariviere, Serge; Stains, Howard James. "Feline." Encyclopedia Britannica. Feline). For an incomplete list of felines in various mythologies, see this webpage.

### THRANGRY FACT 2.1

#### How do

We chose to Naming vulni several advolanguages. Contents of of Second, emofriendship, and language of Fourth, cats creatures of I flesh-eating adapted to to (Lariviere, Seof felines in v rlyshw 9 hours ago [-]

I found it interesting that the section that explains the name of this vulnerability is way more thoughtout and verbose than any of the other sections. It's almost like they had a linguist on the team and the emoji name was his prideful contribution.

<u>reply</u>

- · Cisco ASR 1000 Embedded Services Processor
- · Cisco ASR 1000 Fixed Ethernet Line Card (6x10GE) (ASR1000-6TGE)
- · Cisco ASR 1000 Fixed Ethernet Line Card
- · Cisco ASR 1000 Series 100-Gbps Embedded Services Processor (ASR 1000-ESP100)
- · Cisco ASR 1000 Series Modular Interface Processor (ASR1000-MIP100)
- · Cisco ASR 1000 Series Route Processor 3 (Cisco ASR1000-RP3)
- · Cisco ASR 1001-HX Router
- · Cisco ASR 1001-X

- · Cisco ASR 900 Series Route Switch Processor 2 1284
- Cisco ASR 900 Series Route Switch Processor 2 644
- · Cisco ASR 900 Series Route Switch Processor 3 2004
- · Cisco ASR 900 Series Route Switch Processor and Controller 400G (A900-RSP3C-400/W)
- Cisco ASR 9000 Series 16-Port 100 Gigabit Ethernet Line Card (A99-16X100GE-X-SE)
- · Cisco ASR 9000 Series 16-Port 100 Gigabit Ethernet Line Card (A9K-16X100GE-TR
- Cisco ASR 9000 Series 32-Port 100 Gigabit Ethernet Line Card (A99-32X100GE-TR
- Cisco ASR 9000 Series Route Switch Processor 5 for Packet Transport (A9K-RSP5-TR)
- Cisco ASR 9000 Series Route Switch Processor 5 for Service Edge (A9K-RSP5-SE)
- Cisco ASR 920 Series Aggregation Services Routers 10GE and 2-10GE Passively Cooled DC model (ASR-920-10SZ-PD)
- · Cisco ASR 920 Series Aggregation Services Routers 12 x 1/10GE SFP
- Cisco ASR 920 Series Aggregation Services Routers 12 x 1/10GE SFP
- Cisco ASR 920 Series Aggregation Services Routers 12GE and 2-10GE AC model (ASR-920-12CZ-A)

- · Cisco ASR 920 Series Aggregation Services Routers 12GE and 2-10GE DC model (ASR-920-12CZ-D)
- Cisco ASR 920 Series Aggregation Services Routers 24GE Copper and 4-10GE \_ Modular PSU (ASR-920-24TZ-IM)
- Cisco ASR 920 Series Aggregation Services Routers 24GE Copper and 4-10GE \_ Modular PSU (ASR-920-24TZ-M)
- Cisco ASR 920 Series Aggregation Services Routers 24GE Fiber and 4-10GE \_ Modular PSU (ASR-920-245Z-M)
- Cisco ASR 920 Series Aggregation Services Routers 2GE and 4-10GE AC model (ASR-920-45Z-A)
- Cisco ASR 920 Series Aggregation Services Routers 2GE and 4-10GE DC model (ASR-920-45Z-D)
- · Cisco ASR 920 Series Aggregation Services Routers Conformal Coated 12GE and 4-10GE
- · Cisco ASR 9900 Route Processor 3 for Packet Transport (A99-RP3-TR)
- Cisco ASR 9900 Route Processor 3 for Service Edge (A99-RP3-SE)
- · Cisco Catalyst 6800 16-port 10GE with Integrated DFC4-XL (C6800-16P10G-XL)
- · Cisco Catalyst 6800 32-port 10GE with Dual Integrated Dual DFC4-XL (C6800-32P10G-XL)

- · Cisco Catalyst 6800 8-port 10GE with Integrated DFC4-XL (C6800-8P10G-XL)
- · Cisco Catalyst 6800 8-port 40GE with Dual Integrated Dual DFC4-EXL (C6800-8P40G-XL)
- · Cisco Catalyst 6800 Series Supervisor Engine 6T XL
- · Cisco Catalyst 6816-X-Chassis (Standard Tables) (C6816-X-LE)
- · Cisco Catalyst 6824-X-Chassis and 2 x 40G (Standard Tables) (C6824-X-LE-40G)
- · Cisco Catalyst 6832-X-Chassis (Standard Tables) (C6832-X-LE)
- · Cisco Catalyst 6840-X-Chassis and 2 x 40G (Standard Tables) (C6840-X-LE-40G)
- · Cisco Catalyst 9300 Series Switches
- Cisco Catalyst 9500 Series High-Performance Switch with 24x 1/10/25G Gigabit Ethernet + 4x 40/100G Uplink (C9500-2444C)
- · Cisco Catalyst 9500 Series High-Performance Switch with 3dx 100 Gigabit Ethernet (C9500-3dC)
- · Cisco Catalyst 9500 Series High-Performance Switch with 3dx 40 Gigabit Ethernet (C9500-3dQC)
- Cisco Catalyst 9500 Series High-Performance Switch with 48x 1/10/25G Gigabit Ethernet + 4x 40/100G Uplink (C9500-4844C)



- Cisco Catalyst 9500 Scries Switch with 12x 40G Gigabit Ethernet (C9500-12Q)
- Cisco Catalyst 9500 Series Switch with 16x 1/10G Gigabit Ethernet (C9500-16X)
- Cisco Catalyst 9500 Series Switch with 24x 40G Gigabit Ethernet (C9500-24Q)
- Cisco Catalyst 9500 Series Switch with 40x 1/10G Gigabit Ethernet (C9500-40X)
- · Cisco Catalyst 9600 Supervisor Engine-1
- · Cisco Catalyst 9800-40 Wireless Controller
- · Cisco Catalyst 9800-80 Wireless Controller
- · Cisco IC3000 Industrial Compute Gateway
- · Cisco MDS 9000 Family 24/10 SAN Extension Module (DS-X9334-K9)
- · Cisco NCS 200 Series 10/40/1004 MR Muxponder (NCS2K-MR-MXP-K9)
- · Cisco NCS 5500 Series 24 Ports of 100GE and 12 Ports of 40GE High-Scale Line Card (NC55-24H12F-SE)
- Cisco NCS 5500 Series 36 ports of 100GE High-Scale Line Card (NC55-36X100G-A-SE)
- · Cisco NCS 5504 Fabric Card (NC55-5504-FC)
- · Cisco NCS 5516 Fabric Card (NC55-5516-FC)



- Cisco NCS 55A2 Fixed 24XIQG + 16X25G MPA Chassis (NCS-55A2-MOD-S)
- Cisco NCS 55Ad Fixed 24X10G + 16X25G MPA Chassis
- · Cisco NCS 55A2 Fixed 24X10G + 16X25G MPA Chassis
- Cisco NCS 55AA Fixed 24X10G + 16X25G MPA Scale Chassis (NCS-55A2-MOD-SE-S)
- · Cisco NCS 55A2 Fixed 24X10G + 16X25G MPA Scale Chassis
- Cisco NCS5501 40x10G and 4x100G Scale Chassis (NCS-5501-5E)
- Cisco NC55501 Fixed 48x10G and 6x100G Chassis (NC5-5501)
- Cisco NCS5502 48x100G Scale Chassis (NCS-5502-SE)
- Cisco NCS5502 Fixed 48x100G Chassis (NCS-5502)
- · Cisco NCS55A1 Fixed 24x100G Chassis (NCS-55A1-24H)
- · Cisco NCS55A1 Fixed 36x100G Base Chassis (NCS-55A1-36H-S)
- · Cisco NCS55Al Fixed 36x100G Scale Chassis (NCS-55Al-36H-SE)
- · Cisco Network Convergence System 1002
- · Cisco Network Convergence System 5001
- · Cisco Network Convergence System 5002
- Cisco NCS 5500 12X10
- Cisco Network Convergence System 5500 Series: 1.2-Tbps IPODWDM Modular Line Card (NC55-6X200-DWDM-5)



- Cisco Network Convergence System 5500 Series: 36X100G MACsec Modular Line Cards (NC55-36X100G-5)
- · Cisco Nexus 31108PC-V
- · Cisco Nexus 31108TC-V
- · Cisco Nexus 3132C-Z Switches (N3K-C3132C-Z)
- · Cisco Nexus 3264C-E Switches (N3K-C3264C-E)
- · Cisco Nexus 7000 M3-Series 48-Port 1/10G Ethernet Module (N7K-M348XP-25L)
- · Cisco Nexus 7700 M3-Series 12-Port 100G Ethernet Module (N77-M312CQ-26L)
- · Cisco Nexus 7700 M3-Series 24-Port 40G Ethernet Module (N7K-M324FQ-25L)
- · Cisco Nexus 7700 M3-Series 48-Port 1/10G Ethernet Module (N77-M348XP-23L)
- · Cisco Nexus 7700 Supervisor 3 (N77-SUP3E)
- · Cisco Nexus 9332C ACI Spine Switch with 32p 40/1004 QSFP28
- · Cisco Nexus 9364C ACI Spine Switch with 64p 40/100G QSFP28
- · Cisco Nexus 9500 4-Core/4-Thread Supervisor (N9K-SUP-A)
- · Cisco Nexus 9500 6-Core/12-Thread Supervisor (N9K-SUP-B)

# Impact

- · Nexus 9200 with 48p 1/10G/25G SFP+ and 6p 40G QSFP or 4p 100G QSFP28 (N9K-C92160YC-X)
- Nexus 9200 with 48p 10/25 Gbps and 18p 100G Q5FP28 (N9K-C92300YC)
- Nexus 9200 with 48p 100M/1GT
- Nexus 9200 with 56p 40G QSFP+ and 8p 100G QSFP28 (N9K-C92304QC)
- Nexus 9200 with 72p 40G QSFP+ (N9K-C9272Q)
- Nexus 9300 with 48p 1/10G/25G SFP and 6p 40G/100G QSFP28
- Nexus 9300 with 48p 100M/1G BASE-T
- Nexus 9300 with 48p 10G BASE-T and 6p 40G/100G QSFP28
- · Nexus 9K Fixed with 32p 1004 QSFP28 (N9K-C9232C)
- · Nexus 9K Fixed with 48p 1/10G/25G SFP and 12p 40G/100G QSFP28 (N9K-C93240YC-FX2)
- Nexus 9K Fixed with 48p 1/10G/25G SFP and 6p 40G/100G QSFP28 (N9K-C931804C-EX)
- Nexus 9K Fixed with 48p 10G BASE-T and 6p 40G/100G QSFP28 (N9K-C93108TC-EX)
- Nexus 9K Fixed with up to 32p 40/50G QSFP+ or up to 18p 100G QSFP28 (N9K-C93180LC-EX)



- · Cisco 1-Port Gigabit Ethernet WAN Network Interface Module (NIM-1GE-CU-SFP)
- · Cisco 1120 Connected Grid Router
- · Cisco 1240 Connected Grid Router
- · Cisco 2-Port Gigabit Ethernet WAN Network Interface Module (NIM-2GE-CU-SFP)
- · Cisco 3000 Series Industrial Security Appliances
- Cisco 4000 Series Integrated Services Router Packet 1024-Channel High-Density Voice DSP Module (SM-X-PVDM-1000)
- Cisco 4000 Series Integrated Services Router Packet 2048-Channel High-Density Voice DSP Module (SM-X-PVDM-2000)
- · Cisco 4000 Series Integrated Services Router Packet 3080-Channel High-Density Voice DSP Module (SM-X-PVDM-3000)
- · Cisco 4000 Series Integrated Services Router Packet 768-Channel High-Density Voice DSP Module (SM-X-PVDM-500)
- · Cisco 4221 Integrated Services Router
- · Cisco 4321 Integrated Services Router

# Impact

- · Cisco ASA 5506-X with FirePOWER Services
- · Cisco ASA 5506H-X with FirePOWER Services
- · Cisco ASA 5506W-X with FirePOWER Services
- · Cisco ASA 5508-X with FirePOWER Services
- · Cisco ASA 5516-X with FirePOWER Services
- · Cisco Firepower 2100 Series
- · Cisco Firepower 4000 Series
- · Cisco Firepower 9000 Series
- 10Gbps Optical Encryption Line Card for the Cisco NCS 2000 Series and Cisco ONS 15454 MSTP (15454-M-WSE-K9)
- · CBR-8 Converged Broadband Router
- · Cisco 5000 Series Enterprise Network Compute System
- · Cisco 809 Industrial Integrated Services Routers
- · Cisco 829 Industrial Integrated Services Routers
- Supervisor A+ for Nexus 9500 (N9K-SUP-A+)

# Impact

- · Cisco Packet-over-T3/E3 Service Module (SM-X-1T3/E3)
- · Cisco CBR-8 Integrated CCAP 40G Remote PHY Line Card (CBR-CCAP-LC-40G-R)
- · Cisco cBR-8 Integrated CCAP Line Card includes 2 DS D3.1 Modules as well as 1 US D3.1 Module (CBR-LC-8D31-16U31)
- MDS 9700 48-Port 32-Gbps Fibre Channel Switching Module (DS-X9648-1536K9)
- Nexus 9200 with 36p 40G 100G Q5FP28 (N9K-C9236C)
- · Supervisor B+ for Nexus 9500 (N9K-SUP-B+)
- · Cisco 4331 Integrated Services Router
- · Cisco 4351 Integrated Services Router
- · Cisco 4431 Integrated Services Router
- · Cisco 4451-X Integrated Services Router
- · Cisco 4461 Integrated Services Router
- Analog Voice Network Interface Modules for Cisco 4000 Series ISRs (NIM-AFXO, NIM-4FXO, NIM-AFXS, NIM-4FXS, NIM-AFXS/4FXO, NIM-AFXSP, NIM-4FXSP, NIM-AFXS/4FXOP, NIM-4E/M, NIM-ABRI-NT/TE, NIM-4BRI-NT/TE)
- Cisco 4000 Series Integrated Services Router T1/E1 Voice and WAN Network Interface Modules (NIM-IMFT-T1/E1, NIM-AMFT-T1/E1, NIM-8MFT-T1/E1, NIM-1CE1T1-PRI, NIM-ACE1T1-PRI, NIM-8CE1T1-PRI)



Looks like 1001 is End-Of-Life'd

Let's get the 1001-X.
Its probably the same.





Yeah. Who needs to look at the specs to figure out what X means. That's for CHUMPS





# ASR 1221-X Whatever!!





ASR 1001 ASR 1001-X



#### **Cisco ASR 1001-X Router**

**ASR 1000 Series Aggregation Services Router** 





#### **Cisco ASR1000 Series**

#### Cisco ASR1001-X System

Cisco ASR1001-X System, Crypto, 6 built-in GE, Dual P/S



#ASR1001-X

List Price: \$17,000.00

Our Price: \$11,328.80

📜 Add to Cart

Cisco ASR1001-X System, Crypto, 6 built-in GE, Dual P/S, Spare

FŘEÉ

#ASR1001-X=

List Price: <del>\$24,224.99</del>

Our Price: \$16,143.53

🖪 Add to Cart

#### \$\$\$



#ASR1001-X

List Price: \$17,000.00

Our Price: \$11,328.80





#ASR1001-X=

List Price: \$24,224.99

Our Price: \$16,143.53



what 16 \$ 10,000 ?



# what 16 \$ 10,000 ?





# what 16 \$ 10,000 ?





1 gram

# 10,000 7 what

what

# 10,000





1 gram

2×2
old month
babies



# ASR 1201-X Whatever!!





ASR 1001 ASR 1001-X

#### Goal

· Goal:

As simple as change the root key & mod firmware.

#### Hw Analysis



- **A)** Bootloader Flash
- **B)** FPGA Bitstream SPI Flash **C)** Intel Xeon (Route Processor)
- **D)** Intel Comunications Processor **E)** FPGA (Trust Anchor, other services)





















· NO Hash

- · NO Hash
- · NO Certs

- · NO Hash
- · NO Certs
- · Easy Mod for UEFI

### Easy MOD

· Disable PreROMMon check & Boot mod fw

#### Easy MOD

- · Disable PreROMMON check & Boot mod fw
- Everything works! But wait...
   Meow!!

#### Easy MOD

- · Disable PreROMMON check & Boot mod fw
- Everything works! But wait...
  Meow!
- · RESET!!

#### 100 Seconds of Solitude

• Route Processor Resets in 100 seconds

Current image running: Boot ROM0

Last reset cause: PowerOn

ASR1001-X platform with 8388608 Kbytes of main memory

Rommon upgrade requested

Maximum upgrade attempts exceeded, continuing with old Rommon...

rommon 1 >

# Hypotheses for 100

• X86 Mitigations

• X86 Mitigations

· VMM is disabled

- X86 Mitigations
  - · VMM is disabled
  - · Disable Watchdog timers

- X86 Mitigations
  - · VMM is disabled
  - · Disable Watchdog timers
  - · Disable SMM
    - SMI EN

#### How to mind read mystery blackbox computer?



#### ELECTROMAGNETIC EMANATION!









Figure 4: Electromagnetic Spectrum During Boot at 145 MHz (5 MHz Span)



- · X86
- · UNKNOWN bits on SPI bus
  - · Hardware analysis showed microloader on spi bus



Figure 4: Electromagnetic Spectrum During Boot at 145 MHz (5 MHz Span)

- · X86
- · UNKOWN bits ON SPI bus
  - · Hardware analysis showed microloader on spi bus
  - · Also contained Interrupt handlers for the real mode.



Figure 4: Electromagnetic Spectrum During Boot at 145 MHz (5 MHz Span)

- · X86
- · UNKNOWN bits on SPI bus
  - · Hardware analysis showed microloader on spi bus
  - · Also contained Interrupt handlers for the real mode.
  - · BIOS/ROM/vBIOS (0xc000-0xffff)



Figure 4: Electromagnetic Spectrum During Boot at 145 MHz (5 MHz Span)

- X86
- · UNKNOWN bits ON SPI bus
- · PRE-ROMMON



- X86
- · UNKNOWN bits ON SPI bus
- · PRE-ROMMON
- Hijacked 1st x86\_64 instruction



· External Entity Resets RP



# PRESET PULL LOW Hypotheses PP









#### PRESET PULL LOW Hypotheses PP





- **A)** Bootloader Flash
- **B)** FPGA Bitstream SPI Flash **C)** Intel Xeon (Route Processor)
- **D)** Intel Comunications Processor **E)** FPGA (Trust Anchor, other services)



#### FIND RESET PIN

Counter: -\$10K Analysis cost





ai Tortress

Humble beginnings...

• RTL reconstruction is hard

- · RTL reconstruction is hard
- · Test FPGA theory

- · RTL reconstruction is hard
- · test the FPGA theory
- · Pull RESET pin high

- · RTL reconstruction is hard
- · test the FPGA theory
- · Pull the RESET pin high
- 10k resister & Another \$10k

- · RTL reconstruction is hard
- · test the FPGA theory
- · Pull the RESET pin high
- · 10k resister & Another \$10k
- \$1/1<u>0</u>

- · RTL reconstruction is hard
- · test the FPGA theory
- · Pull the RESET pin high
- 10k resister & Another \$10k



- · RTL reconstruction is hard
- · test the FPGA theory
- · Pull the RESET pin high
- 10k resister & Another \$10k
- · \$1/10
- 1 washington == 1 ohm
- · Total Cost -\$20k



ai Tortress 12.0

High towers race towards fail sky...









(19) United States

(12) Patent Application Publication (10) Pub. No.: US 2012/0303941 A1 GRIECO et al.

Nov. 29, 2012 (43) Pub. Date:

(54) METHOD AND APPARATUS FOR SECURING CPUS BOOTED USING ATTACHED FLASH

(52) U.S. Cl. ... 713/2

MEMORY DEVICES

ANTHONY H. GRIECO, Wake Forest, NC (US); CHIRAG K. SHROFF, Apex, NC (US);

ROBERT T. BELL, Bountiful, UT

(21) Appl. No.: 13/114,831

(22) Filed: May 24, 2011

#### **Publication Classification**

(51) Int. Cl. G06F 15/177

(76) Inventors:

(2006.01)

ABSTRACT

The present disclosure describes techniques evaluating compute and/or thermal loads (among other things) to aid in managing a collection of one or more containerized or modular data centers. For example, forecasts (or real-time measurements) of environmental factors (as well as projected computing demands) may be used to tailor the compute loads, cooling strategies or other metric of data center operations for a network of containerized or modular data centers. Doing so allows an operator of such a data center network to manage specific operational goals in real time.



Fpga reversing too complex Leave project in mid 2017 FPGA stuff is scary and hard. Let's give up but say we didn't...



2018 summer:

JK: can hack fpga

· Counter: -\$20k



# FPGA BASICS FOR

#### FPGA ??



# FPGA Design Flow

SOURCE CODE (NDL)

# FPGA Design Flow



# FPGA Design Flow











## FPGA Implementation TYPES

· SRAM-Based

## FPGA Implementation TYPES

· SRAM-Based

· Flash-Based

## FPGA Implementation TYPES

· SRAM-Based

· Flash-Based

· AntiFuse-Based

### But FPGA ??

· Read a lot of docs



### But FPGA ??

· Read a lot of docs



### But FPGA ??

· Read a lot of docs



#### FPGA ??



## FPGA ??



#### IO Block(IOB)

- · Contains Both Input, Output & 3-state driver.
- https://www.xilinx.com/support/documentation/user\_guides/ug381.pdf



IOB Diagram

## IO Block(IOB)



### IO INTERFACE (IOI)



#### Block RAM (BRAM)

- · Programmable RAM blocks
- · 1/2/32-bit Width
- · Single/Dual Port
- · 18kb (SPARTAN-6)
  - 1 18Kb RAM
  - · a 9Kb RAM
- https://www.xilinx.com/support/documentation/use



ug383\_c1\_06\_022010

# Complex Logic Block (CLB)



## SLICE TYPES

· SLICEX = Basic Slice

## SLICE TYPES

· SLICE X = Basic Slice

• SLiceL = SLICEX + Carry logic

## SLICE TYPES

· SLICEX = Basic Slice

· SLiceL = SLICEX + Carry logic

• SLice M = SLICEL + RAM + {other stuff}

# Slice Complexity



### Other FPGA Resources

• DSP

#### Other FPGA Resources

• DSP

· Clock Management

#### Other FPGA Resources

• DSP

· Clock Management

• ETC ....

· Doesn't Matter for our Novel concept

### Developer Domain LOGIC SYNTHESIS MAPPING CONFIGURATION Source BITSTREAM PLACEMENT CODE (BINARY) (NDL) ROUTING BITSTREAM GENERATION DEVELOPER DOMAIN

#### Attacker Domain



#### Reverse FPGA Bitstream



# FPGA Reversing Background

• JBITS 1999

· Bil (Requires Netlist) 2012

· BITMAN 2017

200,000 CLB Count 600 I/O Pin Count









No optimizations in IOB

# FPGA SECURITY ??



#### Constant IOB



#### Constant IOB



#### Constant IOB











IOB Modification Scenarios



IOB Modification Scenarios



## FPGA SECURITY ??

FPGA Security through Obscu

#### RTL RECONSTRUCTION



#### CHANGING IO



#### BITSTREAM REVERSING



# CONFIDENTIALITY HUH!!

· Side Channel Analysis

# CONFIDENTIALITY HUH!!

· Side Channel Analysis

· Fault Injection

# CONFIDENTIALITY HUH!!

· Side Channel Analysis

· Fault Injection

· Photon Emission Analysis

# Development Board



Spartan SP605

## UNPACK

# UNPACK Configuration REGS

• www.xilinx.com/support/documentation/user\_guides/ug380.pdf

# UNPACK Algo

- · www.xilinx.com/support/documentation/user\_guides/ug380.pdf
- · Unpack:
  - · Find SYNC WORD
  - IDCODE
  - · CTL
    - · Check Encryption
  - · Find CMD:
    - · WCFG
  - FDRI
  - · DESYNC

Analyze

# Configuration Frame Types

• Type ∅ \_ Configuration Logic

# Configuration Frame Types

- Type 0 Configuration Logic
- Type 1 \_ BRAM

# Configuration Frame Types

- Type 0 Configuration Logic
- Type 1 \_ BRAM
- Type 2 \_ IOB (IO interface)

• 1 FRAME = 130 bytes

• 1 FRAME = 130 bytes

- · 2d structure (SRAM-based FPGA)
  - ROW x COL(MAJOR x MINOR)

• 1 FRAME = 130 bytes

- · 2d structure (SRAM-based FPGA)
  - ROW x COL(MAJOR => MINOR)

· Find Major info for the fpga device

• 1 FRAME = 130 bytes

- · 2d structure (SRAM-based FPGA)
  - ROW x COL(MAJOR => MINOR)
- · Find Major info for the fpga device
- · Find Minor info for each MAJOR

# Spartanb-LX9 CLB Layout

#### **FPGA Visualizer**

038be8

038bf0 00 00 00 00 00 00 00

. . . . . . .

. . . . . . .

| Info                                                                                                                                                                                                                                                                                                                                                                                 | driLeftloiMajor        | ICIbMajor           | .ClbMajor           | ramMajor            | ClbMajor            | ClbMajor            | accMajor            | ICIbMajor           | ClbMajor               | ClbMajor              | .ClbMajor           | ClbMajor            | .ClbMajor           | BramMajor           | ICIbMajor           | ClbMajor            | jionMajor                        |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------|---------------------|---------------------|---------------------|---------------------|---------------------|---------------------|---------------------|------------------------|-----------------------|---------------------|---------------------|---------------------|---------------------|---------------------|---------------------|----------------------------------|
| Type<br>XilinxFdriLogicFrame<br>Size                                                                                                                                                                                                                                                                                                                                                 | XilinxFdriLe           | XilinxFdriM         | XilinxFdril         | XilinxFdriB         | XilinxFdriM         | XilinxFdril         | XilinxFdriM         | XilinxFdriM         | XilinxFdriL            | XiiinxFdriM           | XilinxFdril         | XilinxFdriM         | XIIInxFdril         | XillinxFdriB        | XilinxFdriM         | XilinxFdriLClbMajo  | iRightloiRe                      |
| 0x82 bytes<br><b>Status</b><br>Packed                                                                                                                                                                                                                                                                                                                                                |                        |                     |                     |                     |                     |                     |                     |                     |                        | Re:                   | sourc               | e                   | H                   | 1                   |                     |                     | XilinxFdr                        |
| Empty False Children Leaf Description LUT D and B equations (X)                                                                                                                                                                                                                                                                                                                      | XiinxFdriLeftloiMajor  | XiinxFdriMClbMajor  | XilinxFdriLOlbMajor | XilinxFdriBramMajor | XilinxFdriMClbMajor | XiinxFdriLOlbMajor  | XilinxFdriMaccMajor | XiinxFdriMClbMajor  | XiinxFdriLClbMajor     | Xilinx EdriMCIb Major | Xilinx Fari Colon   | XilinxFdriMClbMajo  | XiinxFdriLClbMa     | XilinxFdriBramM     | XiinxFdriMOlbMajor  | XiinxFdriLClbMajor  | XilinxFdriRightloiRegionMajor    |
| Bytes  038b70                                                                                                                                                                                                                                                                                                                                                                        | XilinxFdriLeftMcbMajor | XilinxFdriMClbMajor | XilinxFdriLClbMajor | XiiinxFdriBramMajor | XiiinxFdriMClbMajor | XilinxFdriLClbMajor | XilinxFdriMaccMajor | XilinxFdriMClbMajor | XiinxFdriDcmMaybeMajor | XilinxFdriMClbMajor   | XilinxFdriLClbMajor | XilinxFdriMClbMajor | XilinxFdriLClbMajor | XilinxFdriBramMajor | XilinxFdriMClbMajor | XilinxFdriLClbMajor | XilinxFdriRightloiRegionMcbMajor |
| 038ba0       00 00 00 00 00 00 00 00         038ba8       00 00 00 00 00 00 00         038bb0       00 00 00 00 00 00 00         038bb8       00 00 00 00 00 00 00         038bc0       00 00 00 00 00 00 00         038bc8       00 00 00 00 00 00 00         038bc8       00 00 00 00 00 00 00         038bd0       00 00 00 00 00 00 00         038bd8       00 00 00 00 00 00 00 | XiinxFdriLeftloiMajor  | XilinxFdriMClbMajor | XilinxFdriLClbMajor | XilinxFdriBramMajor | XilinxFdriMClbMajor | XiiinxFdriLClbMajor | XilinxFdriMaccMajor | XilinxFdriMClbMajor | XIIInxFdriLClbMajor    | XilinxFdriMClbMajor   | XiiinxFdriLClbMajor | XilinxFdriMClbMajor | XiinxFdriLClbMajor  | XilinxFdriBramMajor | XilinxFdriMClbMajor | XilinxFdriLClbMajor | riRightloiRegionMajor >          |

#### > XilinxBitstream > XilinxPackets > XilinxPacket > XilinxFdriPayload > XilinxFdriLogicBlock > XilinxFdriLogicRow > LClb > XilinxFdriLogicFrame

#### Info

Type

XilinxFdriLogicFrame

Size

0x82 bytes

Status

Packed

Empty

False

Children

Leaf

Description

Directional Wire Switchbox

#### Bytes

| 0ef7f8 | 21 00 11 00 00 00 00 00 | Leave       |
|--------|-------------------------|-------------|
| 0ef800 | 00 84 00 00 00 00 00 00 |             |
| 0ef808 | 00 00 00 00 00 00 00 00 |             |
| 0ef810 | 00 00 10 c0 00 a0 00 a0 |             |
| 0ef818 | 00 40 00 00 00 00 00 00 |             |
| 0ef820 | 00 00 00 00 02 00 00 00 |             |
| 0ef828 | 02 80 00 11 00 00 00 00 |             |
| 0ef830 | 00 00 00 02 00 40 00 00 | 8           |
| 0ef838 | 00 00 00 00 00 00 00 00 |             |
| 0ef840 | 00 00 00 00 00 00 00 00 |             |
| 0ef848 | 00 00 00 00 00 00 00 00 |             |
| 0ef850 | 00 00 00 00 00 00 00 00 |             |
| 0ef858 | 20 80 00 00 02 00 00 21 | - siereiere |
| 0ef860 | 00 00 00 00 00 00 00 00 |             |
| 0ef868 | 00 09 90 84 00 00 00 00 | *********** |
| 0ef870 | 00 00 90 02 00 00 00 00 |             |

| Lefton  | ള   | MOID | Bram | 9        | MCb  | Macc | 2      | MCB  | 9  | MOM  | 9   | Bram | MCB  | 8        | MCID | P          | MCb  | 9        | MCIB | 5      | MCID | QD7 | MOB  | 9   | Bram | 93             | MCID | QD)            | MCb  | 9            | Macc     | MCID | 907 | Bram | MOB  | e C            | Rightloi            |
|---------|-----|------|------|----------|------|------|--------|------|----|------|-----|------|------|----------|------|------------|------|----------|------|--------|------|-----|------|-----|------|----------------|------|----------------|------|--------------|----------|------|-----|------|------|----------------|---------------------|
| Lefto   | ğ   | MCB  | Bram | 9        | MCB  | Macc | 9      | MCB  | 83 | MCB  | 8   | Bram | MCIB | 2        | MCB  | 8          | MCB  | 6        | MCB  | g      | MCB  | 90  | MCB  | 83  | Bram | 9              | MCIB | 9              | MCB  | ĝ            | Mago     | MCIB | 907 | Bram | WCB  | 9              | Righton             |
| refloi  | g   | MCb  | Bram | 9        | MCb  | Macc | g<br>O | MCb  | 9  | MCB  | 907 | Bram | MCIB | 9        | MCb  | 9          | MCb  | 9        | MCb  | g<br>O | MCb  | qon | MCb  | gD7 | Esta | q <sub>O</sub> | MCb  | q <sub>O</sub> | MCB  | <del>g</del> | Mac      | MCb  | qon | Bram | MCb  | qg             | Rightioi            |
| Leffioi | 9   | MCIB | Bram | <b>6</b> | MOB  | Macc | 9      | MCID | 60 | MCIB | 93  | Bram | MCB  | 8        | MOID | 957        | MCID | 83       | MCB  | ğ      | MCIB | 907 | MOID | 8   | Bram | 9              | MCID | 9              | MOID | 9            | Mage     | MCID | 9   | Bram | MOID | g              | Rightloi            |
| LeffMdb | g   | MCIB | Bram | g        | MCIB | Macc | gg.    | MCB  | g  | MCIB | 9   | Bram | WOB  | ĝ        | MCIB | 907        | WOB  | DomMaybe | MOB  | 9      | MOID | 907 | MCIb | 9   | Bram | 95             | MGB  | 99             | MCB  | 907          | Macc     | MCIb | 99  | Bram | MCIB | 95             | RightlotMcb         |
| LeffMdb | 9   | MOB  | Way. | 8        | MGb  | Macc | 음      | MCb  | g  | MOB  | 9   | Bram | MOb  | <u>g</u> | MOb  | 원          | MOB  | 9        | MCb  | g      | MCb  | g   | MCID | 월   | Bram | 9              | MCID | g              | MOb  | gg T         | Macc     | MCID | 음   | Bram | MCb  | 9              | RightsolMcb Ri      |
| Leffici | 9   | MCID | Bram | 8        | MCID | Macc | 8      | MCID | g  | Pck  | ,   |      |      |          | MCID | 90         | MCID | ĝ        | MCID | g      | MCID | 9   | MCID | 80  | Bram | 9              | MCID | ĝ              | MCID | 8            | Maloco   | MCID | 9   | Bram | MCIB | 90             | RightloiSpiBik Rig  |
| Leffloi | eg. | MGB  | Bram | 9        | MCIB | Macc | Gtp    |      |    |      |     |      |      |          |      | g)<br>TOIP | MCIB | 907      | MOID | g      | MCIb | Gtp |      |     |      |                |      |                |      |              | GlpExtra | MCIb | 907 | Bram | MCIb | g <sub>O</sub> | AghtlotSp/Bik Right |

# GET\_IOB\_Encoding

- Bitstream Layout:
  - · Logic + BRAM + IOB
  - Determine Range of IOB\_FRAMES

# GET\_IOB\_Encoding

- · Bitstream Layout:
  - · Logic + BRAM + IOB
  - · Determine Range of IOB\_FRAMES
- For : (0 to #\_PINS)
  - For j in PIN\_CHARACTERISTIC
    - Y = GEN\_BITS(ij\_PIN\_enable)
    - · Z = GEN\_BITS(Ij\_pin disable)
    - X = (y XOR Z ) in IOB\_RANGE

## GET\_BRAM\_Encoding

- Bitstream Layout:
  - · Logic + BRAM + IOB
  - · BRAM\_FRAME for Majors of BRAM

## GET\_BRAM\_Encoding

- · Bitstream Layout:
  - · Logic + BRAM + IOB
  - · BRAM FRAME for Majors of BRAM
- Data\_w:Parity\_w =  $\{8:1, 16:2, 32:4\}$ 
  - · Depends on FPGA Family & BRAM Config
- For I in range(0, bram\_frame, data\_W+parity\_w):
  - Parity = bram\_frame(I: I+parity\_w)
  - Data = bram\_frame(Parity\_w+ I:I+parity\_w+Data\_w)
- . Trial & Error to find if parity bits are used

Modify

#### MODIFY

- IOB MODIFY
  - · Modify Extracted IOB Characteristics
  - Although setting pin=1 is tricky
    - User exercise

#### MODIFY

- · IOB\_MODIFY
  - · Modify Extracted IOB Characteristics
  - · Although setting pin=1 is tricky
    - · User exercise

- BRAM\_MODIFY
  - · Fix Parity Bits

## REPACK

#### REPACK

· 22 bit CRC FOR SEU

· 22 bit CRC FOR SEU

- · Propreitary Algorithm
  - · Skips bunch of registers

- · 22 bit CRC FOR SEU
- · Propreitary Algorithm
  - · Skips bunch of registers
- · CRC Mismatch
  - CRCERRORPIN => HIGH

- · 22 bit CRC FOR SEU
- · Propreitary Algorithm
  - · Skips bunch of registers
- · CRC Mismatch
  - CRCERRORPIN => HIGH
- · Encrypt!!

- · May Be disable crc
  - Configuration Option Register (COR1)
  - CRC\_BYPASS enable

## MOJO Demo



SPARTAN6-LX9

## MOJO Demo



SPARTAN6-LX9

## PWN THE PIN PWN THE ASR

### WHICH FPGA PIN

· JTAG SCANCHAIN

#### WHICH FPGA PIN

· JTAG SCANCHAIN

• Found state change in 10 pins

Automated Bitstream Extraction & Testing ASR 1001-X

## Automated Bitstream Extraction & Testing

• Worst case scenario: Test 296 pins



## Automated Bitstream Extraction Testing

· Worst case scenario: Test 296 pins



## Automated Bitstream Extraction & Testing

Brian, TOUCH EVERY PIN



## Automated Bitstream Extraction & Testing

- · Worst case scenario: Test 296 pins
- BRIAN the Intern



• Another router gone in testing. Counter \$-30k





villortress v3.0

CAT GOD IS NOT PLEASED

## PWNED THE PIN PWNED THE ASR

```
1/1_
                     _l_ 0 _ 0 _l_
                     _l_ (_) _l_
                      \__( o o )__/ kitteh!..\x00"""
    | | | | | ___ | | | | | ___ | | | | / (_)
    | | | | | \ ,___/| | | | | \ \_/ / | | | \ \ |
    |_| |_| \___/ |_|| \___/ |_| \_\_\|_|
                     _I_ 0
                             (_)
                                 o )__/ kitteh!..\x00"""
```

• CPLD driver allows an upgrade of the FPGA bitstream.

· CPLD driver allows an upgrade of the FPGA bitstream.

· Hijacked a driver "quack.ko" & updated the spi flash containing the FPGA bitstream

· CPLD driver allows an upgrade of the FPGA bitstream.

• Hijacked a driver "quack.ko" & updated the spi flash containing the FPGA bitstream

· Need ROOT!

#### Get ROOT!

- · Wrote protocol fuzzers to do fuzzing
  - SNMP
  - RIP
  - · DHCP
  - · OSPF
  - B4P













#### Get ROOT!

· But JAMES I can hack

· LUA is easy

· Cmd injection vuln

#### FINAL COST

- -\$30k
  - -\$10K Sacrifice for Analysis
  - -\$10K RESET pull high \$1/1Ω
  - -\$10K Testing Cost



## ai ortress 4.0

CAT GOD IS PLEASED BY HELIPADS

#### FINAL COST

- -\$37 -\$40K
  - · -\$10K Sacrifice For Analysis
  - -\$10K RESET pull high
  - -\$10K Testing cost
  - -\$10K LOSS
    - . DEMO GODS



# ortress V5.D

OUR FAILS SURPASS

CAT GOD

WE SEARCH FOR MEANING
IN A CAT-GODLESS WORLD

## a LIVE DEMOS

#### DEMO 1

· ASR DEMO for full remote attack

#### DEMO 2

- · ASR DEMO for full remote attack
- . DEMO of the open source tool to disable any pin















# 

Mitigation



## [ASMR] Field patching an FPGA trust anchor vulnerability (Soft Spoken)

218K views











1.4K

66

Share

Download

Save





• FPGA va forces SPI select line to be low.



. FPGA va forces SPI select line to be low.

## Still MUTABLE ROOT OF TRUST



- A) Bootloader Flash B) FPGA Bitstream SPI Flash C) Intel Xeon (Route Processor)
- D) Intel Comunications Processor E) FPGA (Trust Anchor, other services)

- FPGA va forces SPI select line to be low.
- . BUT WHAT ABOUT THIS CHIP ??

# Still MUTABLE ROOT OF TRUST



???\$\$\$

- . FPGA va forces SPI select line to be low.
- · No other way to update the FPGA ???
- . BUT WHAT ABOUT THIS CHIP ??

# Still MUTABLE ROOT OF TRUST





- . FPGA va forces SPI select line to be low.
- · No other way to update the FPGA ???
- . BUT WHAT ABOUT THIS CHIP ??
- · QUAAAAT!!!

# Still MUTABLE ROOT OF TRUST





#### QUAAAAT

• Is there a key to FPGA update

· Partial Dynamic Reconfiguration

#### QUAAAAT

- Is there a key to FPGA update
  - · Partial Dynamic Reconfiguration
  - . SYNFUL KNOCK

#### QUAAAAT

- Is there a key to FPGA update
  - · Partial Dynamic Reconfiguration
  - · SYNFUL KNOCK
  - · Look at that chip!!

### Question for VENDORS

- · What we need is tool for detection
- · Just encrypting the bitstream doesn't work Fault injection defeats that

## Our thoughts

- Adding authentication in hw improves the security but still side channel attacks are possible
- In the end whats left is poor hackers down 40k

### Future Work

· Compression/Optimization effects

· Hardware trojans

• Funtenna

Open Source Tool

https://github.com/RedBalloonShenanigans/hal-xilinx

## Objective

• Run modified firmware On Cisco router 1001-X

### Why?

· Picture of how Cisco owns 60 % worlds internet infrastructure













#### CONTRIBUTIONS

- Joseph Pantoga
- · James Chambers
- · Brian the Intern

- · Alex Massonneau
- · ATREDIS Partners

#### Our Past WORK

- BADFET
- · Interrupt hijacker