100 Seconds of Solitude: Defeating Cisco Trust Anchor With FPGA Bitstream Shenanigans

The presentation discusses the impact of FPGA bitstream manipulation on various devices, including Cisco routers and switches, advanced driver assistant cars, and legacy weapon systems. The speaker presents a tool called Brian that can unpack, analyze, modify, and repack firmware. The tool can also perform side channel analysis and fault injection to bypass security checks. The speaker also discusses the vulnerability named Three Angry Cat, which is the first vulnerability named after three unpronounceable emojis. The vulnerability affects the domain name and can be exploited to gain access to the firmware. The speaker provides a visualization tool that can pinpoint the exact location of resources in the binary and disable specific pins to prevent the trust anchor from resetting the processor.

• FPGA bitstream manipulation can impact various devices, including Cisco routers and switches, advanced driver assistant cars, and legacy weapon systems
• The tool called Brian can unpack, analyze, modify, and repack firmware
• The tool can perform side channel analysis and fault injection to bypass security checks
• The vulnerability named Three Angry Cat affects the domain name and can be exploited to gain access to the firmware
• A visualization tool can pinpoint the exact location of resources in the binary and disable specific pins to prevent the trust anchor from resetting the processor

The speaker discusses the vulnerability named Three Angry Cat, which is the first vulnerability named after three unpronounceable emojis. The vulnerability affects the domain name and can be exploited to gain access to the firmware. The speaker provides a visualization tool that can pinpoint the exact location of resources in the binary and disable specific pins to prevent the trust anchor from resetting the processor.

First commercially introduced in 2013, Cisco Trust Anchor module(TAm) is a proprietary hardware security module that is used in a wide range of Cisco products, including enterprise routers, switches and firewalls. TAm is the foundational root of trust that underpins all other Cisco security and trustworthy computing mechanisms in such devices. We disclose two 0-day vulnerabilities and show a remotely exploitable attack chain that reliably bypasses Cisco Trust Anchor. We present an in-depth analysis of the TAm, from both theoretical and applied perspectives. We present a series of architectural and practical flaws of TAm, describe theoretical methods of attack against such flaws. Next, we enumerate limitations in current state-of-the-art offensive capabilities that made the design of TAm seem secure. Using Cisco 1001-X series of Trust Anchor enabled routers as a demonstrative platform, we present a detailed analysis of a current implementation of TAm, including results obtained through hardware reverse engineering, Trust Anchor FPGA bitstream analysis, and the reverse engineering of numerous Cisco trustworthy computing mechanisms that depend on TAm. Finally, we present two 0-day vulnerabilities within Cisco IOS and TAm and demonstrate a remotely exploitable attack chain that results in persistent compromise of an up-to-date Cisco router. We discuss the implementation of our TAm bypass, which involves novel methods of reliably manipulating FPGA functionality through bitstream analysis and modification while circumventing the need to perform RTL reconstruction. The use of our methods of manipulation creates numerous possibilities in the exploitation of embedded systems that use FPGAs. While this presentation focuses on the use of our FPGA manipulation techniques in the context of Cisco Trust Anchor, we briefly discuss other uses of our bitstream modification techniques.