Forensics Reverse Engineering

chipsec v1.3.6 release: Platform Security Assessment Framework

do son November 21, 2018 No Comments chipsec

CHIPSEC is a framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components. It includes a security test suite, tools for accessing various low-level interfaces, and forensic capabilities. It can be run on Windows, Linux, Mac OS X and UEFI shell. Instructions for installing and using CHIPSEC can be found in the manual.

NOTE: This software is for security testing purposes. Use at your own risk. Read WARNING.txt before using.

The first version of CHIPSEC was released in March 2014: Announcement at CanSecWest 2014

The recent presentation on how to use CHIPSEC to find vulnerabilities in firmware, hypervisors and hardware configuration, explore low-level system assets and even detect firmware implants: Exploring Your System Deeper

What is Platform Security?
Hardware Implementation and Configuration
• Available Security Features
• Correct Configuration of HW Components
• Testing/Demonstration of HW Security Mechanisms
Firmware Implementation and Configuration
• Access Controls on Firmware Interfaces
• Correct Settings of Lock Bits
• Testing/Demonstration of FW Security Mechanisms

Feature:
+ System Management Mode
* CPU SMM Cache Poisoning / SMM Range Registers (SMRR)
* SMM memory (SMRAM) Lock
+ BIOS Write Protection
+ Direct HW Access for Manual Testing
+ Forensics
* Live system firmware analysis
* Offline system firmware analysis

Changelog v1.3.6

New or Updated Modules:

  • Updated memconfig to only check registers that are defined by the platform
  • Updated common.bios_smi to check controls not registers
  • Added me_mfg_mode module
  • Added support for LoJax detection
  • Updated common.spi_lock test support
  • Added sgx_check module and register definitions
  • Updates to DCI support in debugenabled module

New or Updated Functionality:

  • Added ability for is_supported to signal a module is not applicable
  • Added 300 Series PCH support
  • Added support for building Windows driver with VS2017
  • Added fixed I/O bar support
  • Updated XML and JSON log rewrite
  • Updated logger to use python logging support
  • Added JEDEC ID command
  • Added DAL helper support
  • Added 8th Generation Core Processor support
  • Updated UEFI variable fuzzing code
  • Added C600 and C610 configuration
  • Added C620 PCH configuration
  • Updated ACPI table parsing support
  • Updated UEFI system table support
  • Added Denverton (DNV) support
  • Added result delta functionality
  • Added ability to override PCH from detected version

Fixes:

  • Updated readme content
  • Fixed Atom register names to match common names
  • Updated manual source for release
  • Fixed HackingTeam rootkit link
  • Fixed corner case when disabling logging mid test
  • Fixed exception when logging some objects
  • Fixed CFL SPI FREG field sizes
  • Fixed UEFI decompress when NextFileFw is given an invalid file size
  • Fixed 64-bit MMIO accesses in UEFI Shell
  • Fixed Windows variable access support
  • Fixed extra argument in Linux helper
  • Fixed FV decompress buffer overflow
  • Fixed P2SB hide functionality
  • Fixed is_efi interface definition
  • Fixed parsing of secure boot variables
  • Fixed flash region support
  • Fixed FLMSTR display
  • Workaround memlock issue in UEFI shell with Atom
  • Fixed get affinity messages
  • Fixed VMM EPT util support
  • Fixed PREFast issues
  • Fixed exception in XML logging
  • Fixed Linux build issue with alid_mmap_phys_addr_range
  • Fixed code to always detect chipset
  • Fixed Debian packaging support
  • Removed RWE support due to issues accessing PCI resources

Install

Clone chipsec Git repository and install it as a package:
git clone https://github.com/chipsec/chipsec
python setup.py install
sudo chipsec_main
To use CHIPSEC in place without installing it:
python setup.py build_ext -i
sudo python chipsec_main.py

Clone chipsec Git repository and install it as a package:
# git clone https://github.com/chipsec/chipsec
# python setup.py install
# sudo chipsec_main
To use CHIPSEC in place without installing it:
# python setup.py build_ext -i
# sudo python chipsec_main.py

NOTE: Please read chipsec-manual.pdf For Detail installation and Configuration.

Tutorial

Copyright (C) 2018 chipsecintel

Source: https://github.com/chipsec/

Share