teerex-exploits
teerex-exploits copied to clipboard
uni-due-syssec
PoC exploits against various SGX enclaves
TeeRex SGX Exploits
This repository contains several exploits that we developed in the course of our research on memory corruption bugs in SGX enclaves. The full results of our research are published at USENIX Security 2020.
| Project | Vulnerable Version | Exploit | Comment |
|---|---|---|---|
| Intel GMP Demo | 9533574 | Intel SGX GMP Demo Exploit | ✔️ Fixed |
| Rust SGX SDK TLSClient | v1.0.9 | Rust TLSClient Overlap Exploit | ✔️ Fixed |
| WolfSSL | d330c53 | WolfSSL Exploit | ✔️ Fixed |
| TaLoS | all | - TaLoS Exploit - TaLoS Arbitrary Read - TaLoS Arbitrary Write |
❌ Not fixed, Project not maintained: Issue |
| Synaptics SynaTEE Driver | 5.2.3535.26 | Exploit not public | ✔️ Fixed (CVE-2019-18619) |
| Goodix Fingerprint Driver | 2.1.32.200 | Exploit not public | ✔️ Fixed (DSA-2020-138) |
Running the Exploits
Prerequisites
Install the Intel SGX driver and the Intel SGX SDK.
Build and Run
Note: The PoC exploits contain hard-coded addresses that depend on the compiled enclaves included in the repository.
The exploit code follows the make principles of the SGX SDK:
- Use
makein the respective directories to compile the exploit - Run the exploit using:
./app
All exploits overwrite the instruction pointer in the enclave, some also include follow up code to also control the stack pointer. Therefore there are different outputs when executing the exploits: Some will return a simple value to indicate the result, others just crash after the exploit hijacked the control flow and jumped to a bogus address. None of the PoC exploits will harm you or your setup in any way!
Exploit Concepts
Intel SGX GMP Demo Exploit
The Intel GMP Demo shows how to use the GMP library inside an SGX enclave. Insufficient input validation made it possible to read and write arbitrary memory including the secure region.
Rust TLSClient Overlap Exploit
The Rust SGX SDK provides a compatibility layer to enable enclave development using the memory-safe Rust-language. The demonstrative implementation of a TLS Client/Server application contained a design flaw that can be used to hijack the control flow.
WolfSSL Exploit
WolfSSL is a portable SSL/TLS library that can be used in an SGX enclave. The SGX layer contained a conceptual error that allowed an attacker to hijack the control flow.
TaLoS Exploits
⚠️ Warning: The project is unmaintained and is still vulnerable!
The TaLoS project provides TLS termination for nginx or apache inside an SGX enclave. We demonstrate:
- Control Flow Hijacking using an insufficiently validated pointer,
- Arbitrary Read using a NULL-pointer dereference,
- Arbitrary Write using a race condition.
Citing in Academic Work
These PoC exploits are part of the research that we present in our USENIX Security 2020 paper. If you want to refer to these exploits or our paper in academic work, please use the following BibTeX entry for citation:
@InProceedings{cloosters2020teerex,
title = "{TeeRex:} Discovery and Exploitation of Memory Corruption Vulnerabilities in {SGX} Enclaves",
author = "Tobias Cloosters and Michael Rodler and Lucas Davi",
booktitle = "29th {USENIX} Security Symposium ({USENIX} Security '20)",
year = "2020",
}
uni-due-syssec