Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Fri, 10 May 2024 13:19:35 +0000
From: Corey Lopez <Corey.lopez09160587@...mail.com>
To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com>
Subject: Microsoft Device Firmware Configuration Interface (DFCI) in Linux
 efivars directory

I have dual boot Windows 11 Home Edition and Debian based setup on my laptop.

Distributor ID: Kali
Description:    Kali GNU/Linux Rolling
Release:        2024.1
Codename:       kali-rolling

After realizing a security breach on my Kali system I discovered /etc/network/interface
had the immutable attribute set while trying to restrict access using chmod. I decided to
investigate other files on my system with the immutable attribute set by running this
command as root:

# find / -type f -exec lsattr {} + 2>/dev/null > immutable-list-find.txt

This led me the directory /sys/firmware/efi/efivars/ where I discovered efi variables
pertaining Microsoft's Device Firmware Configuration Interface (DFCI). Microsoft's
DFCI enables zero touch remote configuration of UEFI BIOS giving the ability to
manage BIOS settings and hardware. The DFCI allows for remote disabling or enabling
of cameras, microphones, radios, boot external media, bootstrapping an OS, cpu
virtualization, and I/O virtualization. According to Microsoft's github page, the zero
touch certificate is shared by all DFCI-enabled systems and does not need to be injected
at manufacturing.

Microsoft advertises DFCI as a defense mechanism against rootkits, however it seems that it
is being used as a UEFI bootkit. According to Microsoft DFCI is not available for Windows 10
or 11 Home Edition. My Acer Aspire 3 15 has Windows 11 Home Edition, and was purchased
as a consumer product versus a commercial. This means that not only is there a capability that
DFCI can be implemented on a consumer product, but through a Linux based operating system.

I will provide the ASCII output of each file that I found on my Kali Linux system from the
/sys/firmware/efi/efivars/ directory. I will not provide the entire hexdump output to save space.
However, I will provide more if requested after my initial posting. 

File Name: DfciDeviceIdentifier-4123a1a9-6f50-4b58-9c3d-56fc24c6c89e

ASCII output:

|....<?xml versio|
|n="1.0" encoding|
|="utf-8"?><UEFID|
|eviceIdentifierP|
|acket><Identifie|
|rs><Identifier><|
|Id>Manufacturer<|
|/Id><Value>Acer<|
|/Value></Identif|
|ier><Identifier>|
|<Id>Product Name|
|</Id><Value>Aspi|
|re A315-44P</Val|
|ue></Identifier>|
|<Identifier><Id>|
|Serial Number</I|
|d><Value>NXKSJAA|
|0044050439E3400<|
|/Value></Identif|
|ier></Identifier|
|s><DfciVersion>2|
|</DfciVersion></|
|UEFIDeviceIdenti|
|fierPacket>.|

File Name: DfciIdentityCurrent-de6a8726-05df-43ce-b600-92bd5d286cfd

(NOTE: something that stood out to me is the 
Zero Touch ID: 0989C5F7EA3379388F79990875B23E031A5DA554)

ASCII Output:

|....<?xml versio|
|n="1.0" encoding|
|="utf-8"?><UEFII|
|dentityCurrentPa|
|cket><Certificat|
|es><Certificate>|
|<Id>User</Id><Va|
|lue>Cert not ins|
|talled</Value></|
|Certificate><Cer|
|tificate><Id>Use|
|r1</Id><Value>Ce|
|rt not installed|
|</Value></Certif|
|icate><Certifica|
|te><Id>User2</Id|
|><Value>Cert not|
| installed</Valu|
|e></Certificate>|
|<Certificate><Id|
|>Owner</Id><Valu|
|e>Cert not insta|
|lled</Value></Ce|
|rtificate><Certi|
|ficate><Id>ZeroT|
|ouch</Id><Value>|
|0989C5F7EA337938|
|8F79990875B23E03|
|1A5DA554</Value>|
|</Certificate></|
|Certificates></U|
|EFIIdentityCurre|
|ntPacket>.|

File Name: DfciPermissionCurrent-3a9777ea-0d9f-4b65-9ef3-7caa7c41994b

ASCII Output:

|....<?xml versio|
|n="1.0" encoding|
|="utf-8"?><Curre|
|ntPermissionsPac|
|ket Default="1" |
|Delegated="128">|
|<Date>2024-01-30|
|T13:51:08</Date>|
|<Permissions><Pe|
|rmissionCurrent>|
|<Id>Dfci.OwnerKe|
|y.Enum</Id><PMas|
|k>9</PMask><DMas|
|k>128</DMask></P|
|ermissionCurrent|
|><PermissionCurr|
|ent><Id>Dfci.Ztd|
|Key.Enum</Id><PM|
|ask>1</PMask></P|
|ermissionCurrent|
|><PermissionCurr|
|ent><Id>Dfci.Ztd|
|Unenroll.Enable<|
|/Id><PMask>0</PM|
|ask></Permission|
|Current><Permiss|
|ionCurrent><Id>D|
|fci.Ztd.Recovery|
|.Enable</Id><PMa|
|sk>0</PMask></Pe|
|rmissionCurrent>|
|</Permissions><L|
|SV>0</LSV></Curr|
|entPermissionsPa|
|cket>.|

File Name: DfciSettingsCurrent-d41c8c24-3f5e-4ef4-8fdd-073e1866cd01

ASCII Output:

|....<?xml versio|
|n="1.0" encoding|
|="utf-8"?><Curre|
|ntSettingsPacket|
|><Date>2024-01-3|
|0T13:51:34</Date|
|><Settings><Sett|
|ingCurrent><Id>D|
|evice.BootOrderL|
|ock.Enable</Id><|
|Value>Disabled</|
|Value></SettingC|
|urrent><SettingC|
|urrent><Id>Devic|
|e.USBBoot.Enable|
|</Id><Value>Enab|
|led</Value></Set|
|tingCurrent><Set|
|tingCurrent><Id>|
|Dfci.BootOnboard|
|Network.Enable</|
|Id><Value>Disabl|
|ed</Value></Sett|
|ingCurrent><Sett|
|ingCurrent><Id>D|
|evice.Password.P|
|assword</Id><Val|
|ue>No System Pas|
|sword</Value></S|
|ettingCurrent><S|
|ettingCurrent><I|
|d>Dfci.RecoveryU|
|rl.String</Id><V|
|alue /></Setting|
|Current><Setting|
|Current><Id>Dfci|
|.RecoveryBootstr|
|apUrl.String</Id|
|><Value /></Sett|
|ingCurrent><Sett|
|ingCurrent><Id>D|
|fci.HttpsCert.Bi|
|nary</Id><Value |
|/></SettingCurre|
|nt><SettingCurre|
|nt><Id>Dfci.Regi|
|strationId.Strin|
|g</Id><Value /><|
|/SettingCurrent>|
|<SettingCurrent>|
|<Id>Dfci.TenantI|
|d.String</Id><Va|
|lue /></SettingC|
|urrent><SettingC|
|urrent><Id>MDM.F|
|riendlyName.Stri|
|ng</Id><Value />|
|</SettingCurrent|
|><SettingCurrent|
|><Id>MDM.TenantN|
|ame.String</Id><|
|Value /></Settin|
|gCurrent><Settin|
|gCurrent><Id>Dev|
|ice.CpuAndIoVirt|
|ualization.Enabl|
|e</Id><Value>Ena|
|bled</Value></Se|
|ttingCurrent><Se|
|ttingCurrent><Id|
|>Dfci3.OnboardWp|
|bt.Enable</Id><V|
|alue>Enabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Dfci3.A|
|ssetTag.String</|
|Id><Value /></Se|
|ttingCurrent><Se|
|ttingCurrent><Id|
|>Dfci.OnboardAud|
|io.Enable</Id><V|
|alue>Enabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Dfci.On|
|boardRadios.Enab|
|le</Id><Value>En|
|abled</Value></S|
|ettingCurrent><S|
|ettingCurrent><I|
|d>Device.IRCamer|
|a.Enable</Id><Va|
|lue>Disabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Device.|
|FrontCamera.Enab|
|le</Id><Value>Di|
|sabled</Value></|
|SettingCurrent><|
*
|Id>Device.RearCa|
|mera.Enable</Id>|
|<Value>Disabled<|
|/Value></Setting|
|Current><Setting|
|Current><Id>Dfci|
|3.ProcessorSMT.E|
|nable</Id><Value|
|>Disabled</Value|
|></SettingCurren|
|t><SettingCurren|
|t><Id>Dfci.CpuAn|
|dIoVirtualizatio|
|n.Enable</Id><Va|
|lue>Disabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Dfci.Bo|
|otExternalMedia.|
|Enable</Id><Valu|
|e>Enabled</Value|
|></SettingCurren|
|t><SettingCurren|
|t><Id>Dfci.Onboa|
|rdCameras.Enable|
|</Id><Value>Unkn|
|own</Value></Set|
|tingCurrent></Se|
|ttings><LSV>0</L|
|SV></CurrentSett|
|ingsPacket>.|

File Name: UEFISettingsCurrent-d41c8c24-3f5e-4ef4-8fdd-073e1866cd01

ASCII Output:

|....<?xml versio|
|n="1.0" encoding|
|="utf-8"?><Curre|
|ntSettingsPacket|
|><Date>2024-01-3|
|0T13:51:34</Date|
|><Settings><Sett|
|ingCurrent><Id>D|
|evice.BootOrderL|
|ock.Enable</Id><|
|Value>Disabled</|
|Value></SettingC|
|urrent><SettingC|
|urrent><Id>Devic|
|e.USBBoot.Enable|
|</Id><Value>Enab|
|led</Value></Set|
|tingCurrent><Set|
|tingCurrent><Id>|
|Dfci.BootOnboard|
|Network.Enable</|
|Id><Value>Disabl|
|ed</Value></Sett|
|ingCurrent><Sett|
|ingCurrent><Id>D|
|evice.Password.P|
|assword</Id><Val|
|ue>No System Pas|
|sword</Value></S|
|ettingCurrent><S|
|ettingCurrent><I|
|d>Dfci.RecoveryU|
|rl.String</Id><V|
|alue /></Setting|
|Current><Setting|
|Current><Id>Dfci|
|.RecoveryBootstr|
|apUrl.String</Id|
|><Value /></Sett|
|ingCurrent><Sett|
|ingCurrent><Id>D|
|fci.HttpsCert.Bi|
|nary</Id><Value |
|/></SettingCurre|
|nt><SettingCurre|
|nt><Id>Dfci.Regi|
|strationId.Strin|
|g</Id><Value /><|
|/SettingCurrent>|
|<SettingCurrent>|
|<Id>Dfci.TenantI|
|d.String</Id><Va|
|lue /></SettingC|
|urrent><SettingC|
|urrent><Id>MDM.F|
|riendlyName.Stri|
|ng</Id><Value />|
|</SettingCurrent|
|><SettingCurrent|
|><Id>MDM.TenantN|
|ame.String</Id><|
|Value /></Settin|
|gCurrent><Settin|
|gCurrent><Id>Dev|
|ice.CpuAndIoVirt|
|ualization.Enabl|
|e</Id><Value>Ena|
|bled</Value></Se|
|ttingCurrent><Se|
|ttingCurrent><Id|
|>Dfci3.OnboardWp|
|bt.Enable</Id><V|
|alue>Enabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Dfci3.A|
|ssetTag.String</|
|Id><Value /></Se|
|ttingCurrent><Se|
|ttingCurrent><Id|
|>Dfci.OnboardAud|
|io.Enable</Id><V|
|alue>Enabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Dfci.On|
|boardRadios.Enab|
|le</Id><Value>En|
|abled</Value></S|
|ettingCurrent><S|
|ettingCurrent><I|
|d>Device.IRCamer|
|a.Enable</Id><Va|
|lue>Disabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Device.|
|FrontCamera.Enab|
|le</Id><Value>Di|
|sabled</Value></|
|SettingCurrent><|
*
|Id>Device.RearCa|
|mera.Enable</Id>|
|<Value>Disabled<|
|/Value></Setting|
|Current><Setting|
|Current><Id>Dfci|
|3.ProcessorSMT.E|
|nable</Id><Value|
|>Disabled</Value|
|></SettingCurren|
|t><SettingCurren|
|t><Id>Dfci.CpuAn|
|dIoVirtualizatio|
|n.Enable</Id><Va|
|lue>Disabled</Va|
|lue></SettingCur|
|rent><SettingCur|
|rent><Id>Dfci.Bo|
|otExternalMedia.|
|Enable</Id><Valu|
|e>Enabled</Value|
|></SettingCurren|
|t><SettingCurren|
|t><Id>Dfci.Onboa|
|rdCameras.Enable|
|</Id><Value>Unkn|
|own</Value></Set|
|tingCurrent></Se|
|ttings><LSV>0</L|
|SV></CurrentSett|
|ingsPacket>.|

I did discover loop devices on my system that I could not remove with the 
losetup command. I had to manually remove them with the rm -f command from 
the /dev/disks directory. Also, I ran the lsof command, which helped me discover 
the type of file systems that were being used. This prompted me to use apt purge 
to remove Gnome Virtual File System from my laptop. 

# lsof /dev/loop*

I received this in response:

can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
can't stat() fuse.portal file system /run/user/1000/doc

This should be enough to give others places to look to determine if they have been
infected, however I will be more than happy to provide more if needed. 

Sources:

https://microsoft.github.io/mu/dyn/mu_feature_dfci/DfciPkg/Docs/Dfci_Feature/
https://learn.microsoft.com/en-us/windows/client-management/mdm/uefi-csp

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.