On Tue, Jun 19, 2007 at 07:05:38PM -0700, Don Scott wrote: > I think Artur Grabowski too easily dismisses the question. > > I'd be interested to know if you get any informative responses that > are not also posted to [EMAIL PROTECTED]
Mikulas (the friend) told me the algorithm to hack the root password. First you need to know the addresses of the individual keys in the translation tables - that's probably doable from the operating system kernel memory map. Then you need to know how many way associative your cache is and how the addresses are shared. If it's say 4-way you use 4 addresses in your userspace that share the cache entry. Then you read all of them 4. Now comes the monitoring phase. You cyclically time how long it takes to read each of these 4 addresses using rdtsc. When you get anomalously high reading on any of them, you know the given address in the key translation table has been accessed. This will probably suffer from some noise (made up keystrokes - other process flushing the cache entry for you). But I guess if you run this long enough and the admin comes to the console and types the root password and you see "root" in the keystroke stream and you have luck that no other activity created too much fake keystrokes, then you can know or at least well guess for the password. Of course this will be a local exploit only. This stuf is generally called "side channels" (don't confuse with covert channels). The idea is that a secret information leaks out and can be read in supposedly irrelevant signs of the CPU operation. It's the CPU equivalent of trashdiving - picking up those yellow post-it notes from the dustbin and searching for the root passwords. Like if you ask someone and he needs a time to think even for a trivial question, then he's probably lying - he needs brain CPU time to carefully make things up in a way it doesn't create apparent discrepancies. But if you ask him "are you lying", he tells you "no". You are getting an access to a secret through the timing. Mikulas said he even knew some link to where they cracked OpenSSL this way - Mikulas can you post it? CL< > > On 6/19/07, Karel Kulhavy <[EMAIL PROTECTED]> wrote: > >A friend who is happening to write his own operating system just pointed > >out > >to me that a keyboard driver cannot use > > > >- lookup tables, because timing accessing these lookup tables would yield > > information what key was pressed when entering a root password > >- tests and jumps, because the same would be possible with the BTB (branch > > target buffer). > > > >He said he had to write the whole driver using logical operation masking. > >Does > >OpenBSD also have this trick? How is the keyboard security designed in > >OpenBSD > >to prevent these covert channels leaking the information to an unprivileged > >process? > > > >CL<
