Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 11 May 2024 21:44:17 -0500
From: Jacob Bachmeyer <jcb62281@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: Microsoft Device Firmware Configuration Interface
 (DFCI) in Linux efivars directory

Corey Lopez wrote:
> I have dual boot Windows 11 Home Edition and Debian based setup on my laptop.
>
> Distributor ID: Kali
> Description:    Kali GNU/Linux Rolling
> Release:        2024.1
> Codename:       kali-rolling
>
> After realizing a security breach on my Kali system I discovered /etc/network/interface
> had the immutable attribute set while trying to restrict access using chmod. I decided to
> investigate other files on my system with the immutable attribute set by running this
> command as root:
>
> # find / -type f -exec lsattr {} + 2>/dev/null > immutable-list-find.txt
>
> This led me the directory /sys/firmware/efi/efivars/ where I discovered efi variables
> pertaining Microsoft's Device Firmware Configuration Interface (DFCI).

Were the EFI variables marked immutable or did you make a list of every 
file on the system and notice them on that list?

> Microsoft's
> DFCI enables zero touch remote configuration of UEFI BIOS giving the ability to
> manage BIOS settings and hardware. The DFCI allows for remote disabling or enabling
> of cameras, microphones, radios, boot external media, bootstrapping an OS, cpu
> virtualization, and I/O virtualization. According to Microsoft's github page, the zero
> touch certificate is shared by all DFCI-enabled systems and does not need to be injected
> at manufacturing.
>
> Microsoft advertises DFCI as a defense mechanism against rootkits, however it seems that it
> is being used as a UEFI bootkit. According to Microsoft DFCI is not available for Windows 10
> or 11 Home Edition. My Acer Aspire 3 15 has Windows 11 Home Edition, and was purchased
> as a consumer product versus a commercial. This means that not only is there a capability that
> DFCI can be implemented on a consumer product, but through a Linux based operating system.
>   

I will admit that this seems strange, but it appears that your laptop 
has firmware support for DFCI even though, by Microsoft's claims, it 
should not be eligible for that feature.

> I will provide the ASCII output of each file that I found on my Kali Linux system from the
> /sys/firmware/efi/efivars/ directory. I will not provide the entire hexdump output to save space.
> However, I will provide more if requested after my initial posting. 
>
> [... snip ASCII columns from hex dump; reformatted below ...]

For a first step, I note that those EFI variables appear to contain XML, 
and have (using ` sed -e '/^|/{: L;/|$/N;s/|\n|//;t L}' | sed -e 
'/|$/{N;N;s/\(.\{16\}\)|\n\*\n|/\1\1/}' -e 's/^|\.\.\.\.//' -e 
's/\.|\n/\n/' -e 's/\.|$//' | awk '/^<\?xml/ { print | "xml_pp"; 
close("xml_pp"); next } 1' `) converted that back to readable ASCII, 
with the XML nicely pretty-printed; attached in full, some possibly 
interesting details inline below:

> File Name: DfciPermissionCurrent-3a9777ea-0d9f-4b65-9ef3-7caa7c41994b
>
> ASCII Output:
>
> <?xml version="1.0" encoding="utf-8"?>
> <CurrentPermissionsPacket Default="1" Delegated="128">
>   <Date>2024-01-30T13:51:08</Date>
>   [...]
>   <LSV>0</LSV>
> </CurrentPermissionsPacket>


The "Date" field is potentially interesting if you had the laptop at 
that time, but if the laptop is newer than that date, it and the other 
dates are likely manufacturing-related timestamps.

> File Name: DfciSettingsCurrent-d41c8c24-3f5e-4ef4-8fdd-073e1866cd01
>
> ASCII Output:
>
> <?xml version="1.0" encoding="utf-8"?>
> <CurrentSettingsPacket>
>   <Date>2024-01-30T13:51:34</Date>
>   

The dates are close together; did you have that laptop prior to January 
30th, 2024?

>   <Settings>
>     [...]
>     <SettingCurrent>
>       <Id>Device.Password.Password</Id>
>       <Value>No System Password</Value>
>     </SettingCurrent>
>   

I could not pass up this apparent detail that it seems Microsoft may be 
putting passwords in plaintext again, unless that field merely reports a 
status.

>     <SettingCurrent>
>       <Id>Dfci.RecoveryUrl.String</Id>
>       <Value/>
>     </SettingCurrent>
>   

This and several following fields all have no value whatsoever, while 
others seem to me to have neutral values; this looks like DFCI is 
present but unconfigured.

>     [...]
>   </Settings>
>   <LSV>0</LSV>
> </CurrentSettingsPacket>
>
> File Name: UEFISettingsCurrent-d41c8c24-3f5e-4ef4-8fdd-073e1866cd01
>
> ASCII Output:
>
> <?xml version="1.0" encoding="utf-8"?>
> <CurrentSettingsPacket>
>   <Date>2024-01-30T13:51:34</Date>
>   <Settings>
>   [... snip apparent duplicate settings ...]
>   </Settings>
>   <LSV>0</LSV>
> </CurrentSettingsPacket

The date here matches the date on the DfciSettingsCurrent variable.

> I did discover loop devices on my system that I could not remove with the 
> losetup command. I had to manually remove them with the rm -f command from 
> the /dev/disks directory.

Using rm does not remove the devices at all:  they are still present in 
the kernel, and you only removed the nodes from the filesystem.

> Also, I ran the lsof command, which helped me discover 
> the type of file systems that were being used. This prompted me to use apt purge 
> to remove Gnome Virtual File System from my laptop. 
>
> # lsof /dev/loop*
>
> I received this in response:
>
> can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
> can't stat() fuse.portal file system /run/user/1000/doc
>   

Others have explained this weirdness; it is actually normal 
functionality, except possibly for loop devices having been in use.  
Just to make sure, you did run lsof *before* using rm, right?

> This should be enough to give others places to look to determine if they have been
> infected, however I will be more than happy to provide more if needed.
>   

See if the mystery loop devices come back after a reboot, and if so, use 
losetup to determine what files they are attached to; that information 
is needed to distinguish between normal operation and a possible 
persistent compromise.  Also, I vaguely remember that attempting to 
detach a loop device that is not attached can also report an error.  
They may not actually be in use after all.


-- Jacob

View attachment "dfcidump.txt" of type "text/plain" (7657 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.