About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Espressif ESP32: Bypassing Flash Encryption- 537

RaelizePosted 4 Years Ago
  • In part 3 of a 4 part series, they decide to takes things to another level! While glitching Secure Boot to control the instruction pointer, this required control over a value being written. Because there is Flash encryption, which prevents the bootloader overwrite, they decided to bypass the Flash Encryption protection.
  • The Flash Encryption protection is used to assure the confidentiality of the code and data stored in external flash. Decryption of the data is done transparently to the processor by the flash controller. Because of the encryption, it is next to impossible to alter the code on the flash chip properly.
  • There is a main decryption key. From this one key, each 32 byte block has its own decryption key. But, the ciphertext is in 16 byte blocks.
  • The boot process has multiple sections. With these each of these sections, the some small information is printed out to the console. In particular, this is the length and the load address. This is printed out after decryption but before signature validation.
  • If one of the sections of the bootloader was aligned to 16 bytes instead of 32 bytes, the memory could be swapped with a section with the same to print the output. This creates somewhat of a decryption oracle! By swapping the last 16 bytes of slot E with F, we can brute force a value that comes up to the address that we want. This would take 10+ years though.
  • The idea is to use the glitch PC attack in part 2 but while only controlling a single value on the Flash. The goal was to find a location at the end of slot E (which we could partially control with the above vuln) that when glitched used this value as the PC.
  • After 300K glitching or 12 hours of experiments, the authors were able to cause two successful glitches that used the value at the end of E. This attack demonstrates it is possible to control PC with glitching attacks when only a single value is controlled on boot. Additionally, the flaw in the cryptography was the in for this attack.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed