[Q] Hacking Windows RT to Run Desktop Apps?

Search This thread
By:
Advanced…
G

GoodDayToDie

Inactive Recognized Developer
Jan 20, 2011
6,066
2,933
Seattle
@clrokr: Wow, interesting find. I already discovered the overwrite problem, but didn't know about editing the registry. You say you were still unable to execute programs even when the BCD setting for testsigning was present? That's a shame... means something in the either the bootloader or the EFI is enforcing it. That doesn't really surprise me, I guess; Safe Boot is an EFI feature and that's supposedly what stops BcdEdit from adding the testsigning (or debug, I noticed) options directly. Still, a worthy avenue of exploration. Also, there are probably easier and less unofficial ways to get a CMD command prompt as SYSTEM (I know of a few official ways, although the option of simple impersonation from an Admin process probably would be hard to do on a Surface).

@netham45: Testsigning mode just allows executing code that is signed with anybody's certificate, instead of only with Microsoft's cert. However, there is another bootloader option - nointegritychecks - which disables driver signing enforcement entirely on "normal" versions of Windows. It might be worth pursuing that here too...
 
G

GoodDayToDie

Inactive Recognized Developer
Jan 20, 2011
6,066
2,933
Seattle
I actually have a couple ideas for doing this, but they rely on what amounts to outright security vulnerabilities in the OS.

One of them is to try flipping the testsigning mode option directly in kernel memory on a running system. This has been demonstrated to be possible on Win8 x86 with the nointegritychecks value, using a local exploit of the CSRSS process to overwrite some kernel memory. Whether the same exploit will work, or is even possible to attempt, on Windows RT... I can't say. I also don't (at this time) know where the testsigning flag is in kernel memory (although that's probably pretty easy to discover), nor whether it's useful to change it on an already-booted OS.

The other is to try and fool the signature check somehow. For example, this might be possible using the debugger; attach to a process that is legitimate and signed (say, cmd.exe) and then replace the program code with something else (the target EXE) and go to town. Of course, that isn't a real solution (unless somebody figures out how to run a debugger on RT, it requires an additional PC coordinating with the tablet) but it *might* work. Another possible option is to, instead of subbing in our own file after checking the signature, hook the signature-checking code itself (somehow) and basically spoof the result. *Waves hand* "These aren't the binaries you're looking for."

Either one will require a fair bit of research, and will probably rely on things that MS could patch fairly easily. That is (obviously) not ideal, but we shall cope. Hackers always do.
 
C

clrokr

Senior Member
Aug 2, 2009
69
54
@GoodDayToDie: It seems you know a lot about Windows internals. I have read about at least a dozen different vulnerablilities in signed third-party drivers and also in Microsoft's own ones. Some of these have to exist on Windows RT as well. I have disabled Automatic Updates for the time being and also backed up the recovery partition in case that gets updated too.

I will continue digging through the UEFI firmware and the first stage bootloader (bootarm.efi). Thanks to Microsoft for sharing a firmware image with us. A vulnerability in the UEFI firmware would be great.

The Tegra3 TRM is also available on XDA, maybe i can find a way to just flash this stuff away.

Of course, the greatest thing ever would be a private key to sign stuff.
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
Getting some fun stuff by screwing with the boot from USB stuff. I've gotten it to boot the built-on partition from the bootloader off of the USB, and it seems to fully preserve the BCD options, however testsigning doesn't seem to have any effect on running .exe's. I don't think that the bootloader on the recovery is checking kernel state, though. I'm about to try changing some string in the kernel to invalidate it and see if it still boots it.

bQ8i6.png

Ai8a7.jpg


Also, another thing, if you unplug the USB drive while it's booted from it it'll BSoD. Would a minidump do anyone any good?

Edit: Did not boot a modified kernel. A red pixel also appeared near the bottom of the screen. (Edited both ntoskrnl.exe and win32k.sys, both gave the same result.)

Edit 2: And editing the winload.efi file gives me this:
QafCn.png


Trying to load a modified (and resigned) driver right now.

Edit 3:
CPpan.png


/TESTSIGNING didn't seem to have any change, though I found it crashes if I try to force safemode. /DISABLE_INTEGRITY_CHECKS doesn't seem to do anything either.

Edit 4: Since playing with this my tablet now insists that I'm running Windows To Go and refuses to let me use the store. Beware, I suppose.
 
Last edited:
M

mamaich

Retired Recognized Developer
Apr 29, 2004
1,150
228
mamaich-eng.blogspot.ru
Regarding "The header checksum ... does not match". You should fix the checksum in PE header, it is a standard field. I usually use HIEW (hiew.ru) for this, as it calculates checksum automatically (press F8, then F3, then navigate to checksum, then press F3 and F9). Other PE editors may fix checksum too.
PE header checksum for drivers was used since NT4 (or may be even earlier), and, as far as I remember, it cannot be turned off, so you need to fix it before using a patched file.
 
Last edited:
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
mamaich said:
Regarding "The header checksum ... does not match". You should fix the checksum in PE header, it is a standard field. I usually use HIEW (hiew.ru) for this, as it calculates checksum automatically (press F8, then F3, then navigate to checksum, then press F3 and F9). Other PE editors may fix checksum too.
PE header checksum for drivers was used since NT4 (or may be even earlier), and, as far as I remember, it cannot be turned off, so you need to fix it before using a patched file.
Click to expand...
Click to collapse

I did (using DSEO) then it whined about a bad certificate. Though I can try with hiew.

Edit: I'm stumped as of now. If anyone wants to try doing what I did, here it is:

Create recovery drive
Add entry on drive's BCD to boot to the OS (The two entries cause the menu to show)
Press F10 at boot menu on Windows 8
Enter Bitlocker Key (Get it from the URL it provides)
Edit boot options

I tried editing numerous files to no avail.
 
Last edited:
G

GoodDayToDie

Inactive Recognized Developer
Jan 20, 2011
6,066
2,933
Seattle
BTW, for the Bitlocker key, you can skip that step by temporarily disabling protection on Bitlocker (even if your Exchange server mandates device encryption).

Root prompt:
manage-bde -protectors -disable C:

What this does: It puts a plain-text decryption key into the Bitlocker metadata (normally, the decryption key is only stored in an encrypted form, and to decrypt it you either need to use the TPM, the recovery key, or some other so-called "key protector"). It's basically instant to do this, because the data on the disk is still encrypted. It allows Windows to automatically unlock the disk though, without you needing to enter the recovery key. However, it completely breaks the security of BitLocker. Once you're done, re-enable BL either by specifying "-enable" instead of "-disable", or by selecting "Resume protection" (or similar text) in the GUI.

Side note: this also works on Vista and Win7 (and of course x86 Win8). Very, very handy when modifying boot options.
 
  • Like
Reactions: marpetr
S

smx06

Member
Nov 10, 2012
26
0
Nice researches.

But did anyone tried to do official development apps for ARM steps?:

http://xdaforums.com/showthread.php?t=1466400&page=3
http://blogs.msdn.com/b/jasonz/arch...-about-developing-for-windows-on-arm-woa.aspx

There is a section of signing self app and this app can contain native code (if written on C++)
Maybe it is possible to modify sign procedures to sign self built arm legacy-desktop apps(MSVS 2012)

Or are the sign checks different for win8 apps (even containing native code) and desktop apps?

p.s. other interesting thing for me is to try to launch low level native app
built in VS2012 (for arm)
(SUBSYSTEM:native ; those that use just ntdll.dll and run even before login like chckdsk;
they started from
SYSTEM\\CurrentControlSet\\Control\\Session Manager
"BootExecute")
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
GoodDayToDie said:
BTW, for the Bitlocker key, you can skip that step by temporarily disabling protection on Bitlocker (even if your Exchange server mandates device encryption).

Root prompt:
manage-bde -protectors -disable C:

What this does: It puts a plain-text decryption key into the Bitlocker metadata (normally, the decryption key is only stored in an encrypted form, and to decrypt it you either need to use the TPM, the recovery key, or some other so-called "key protector"). It's basically instant to do this, because the data on the disk is still encrypted. It allows Windows to automatically unlock the disk though, without you needing to enter the recovery key. However, it completely breaks the security of BitLocker. Once you're done, re-enable BL either by specifying "-enable" instead of "-disable", or by selecting "Resume protection" (or similar text) in the GUI.

Side note: this also works on Vista and Win7 (and of course x86 Win8). Very, very handy when modifying boot options.
Click to expand...
Click to collapse

I tried that yesterday, it informed me that my device did not support that feature, though I just tried it after doing a reinstall and it worked fine... Perhaps that was related to it thinking I was using Windows To Go, not sure.

And as far as modifying the low-level code, the only code we could modify that won't get checked is the UEFI code.

UEFI checks bootloader, bootloader checks winload.efi, winload.efi checks ntoskrnl, ntoskrnl checks everything else. We need to disable verification somewhere. The kernel options to disable it seem to be overridden by the secureboot option, and we have no means of getting into the BIOS and changing that, as far as I know.

Maybe there's some way we could fool the kernel into thinking the device isn't ACPI aware so it couldn't check secureboot status or something?

Edit: I was also able to get a remote debugger to attach to a command prompt on the system. Download (Signed, for ARM)

It should be possible to replace code with it, as the EXEs -should- only be checked upon load. I haven't done enough with VS to know how to do that, though. I was able to change the current instruction (PC) though, and it did have an effect on the process.
PTVPK.png


Also, just to note, booting off of USB like I laid out in the previous post even once will mark your install as a to-go install and break the store. Only way I've found so far to fix it is to reinstall windows.
 
Last edited:
C

clrokr

Senior Member
Aug 2, 2009
69
54
The UEFI firmware is signed, so we can't flash our own. Maybe there exists a vulnerability in the certificate parsing code, in that case we could. Still digging.
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
clrokr said:
The UEFI firmware is signed, so we can't flash our own. Maybe there exists a vulnerability in the certificate parsing code, in that case we could. Still digging.
Click to expand...
Click to collapse

On the note of flashing, are there any easy to access jtag pins?

Edit: I'm playing with the drivers in the c:\windows\system32\drivers folder, you can append whatever you want to them and they still work, and they don't seem to contain any signatures internally. However, if you edit them, it gives a digital signature error. Anyone know where the signatures for them would be stored?

More edit: There's seemingly no way to disable DEP. /execute and /noexecute=AlwaysOff have no effect on the kernel (Querying WMI in powershell reports DEP is still on).
 
Last edited:
G

GoodDayToDie

Inactive Recognized Developer
Jan 20, 2011
6,066
2,933
Seattle
The debugger is a good step. Even without kernel debugging, that means we already have arbitrary code exeution (if very, very clunkily) on the desktop, potentially as Admin. That's huge.

I'll try and do some research next week, when I've got a bit of time off from work. I think I have a non-debugger way of running third-party desktop code on RT, although it will currently require being networked to another PC.
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
GoodDayToDie said:
The debugger is a good step. Even without kernel debugging, that means we already have arbitrary code exeution (if very, very clunkily) on the desktop, potentially as Admin. That's huge.

I'll try and do some research next week, when I've got a bit of time off from work. I think I have a non-debugger way of running third-party desktop code on RT, although it will currently require being networked to another PC.
Click to expand...
Click to collapse

How would you get arbitrary code with the debugger? I can change registers, but I can't see any way to change opcodes or data.

Edit: I also stepped through the process creation in commandprompt, it's all fine until it makes a call off to kernel-land, then the kernel returns with a failure error. I was hoping it was checking in userland (similar to how Software Restriction Policies work), but it's not.

On that note, a developer-signed app is signed with a temporary key (generated off of your developer license), but the resulting .exes are not runnable, except through metro. They give the certificate error, but they run as their own process through Metro.
bnQMG.png


Said exe seems to be completely unsigned, and is not challenged when I change strings inside it.

Also note that you should be able to use powershell to P/Invoke stuff.
 
Last edited:
S

smx06

Member
Nov 10, 2012
26
0
netham45 said:
On that note, a developer-signed app is signed with a temporary key (generated off of your developer license), but the resulting .exes are not runnable, except through metro. They give the certificate error, but they run as their own process through Metro.
bnQMG.png


Said exe seems to be completely unsigned, and is not challenged when I change strings inside it.
Click to expand...
Click to collapse

and what will go on if call desktop exe from metro app (createprocess or somth)?
did You create native code app? (c++) or .net one?
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
smx06 said:
and what will go on if call desktop exe from metro app (createprocess or somth)?
did You create native code app? (c++) or .net one?
Click to expand...
Click to collapse

I created a default project, it seems to be C++.

I also found out how to get it to stop thinking I'm on Windows To Go, set HKLM\System\CurrentControlSet\Control\PortableOperatingSystem to 0. I also managed to get msinfo32 to report secureboot as off (locked down the HKLM\System\CurrentControlSet\Control\SecureBoot key), but the kernel is still enforcing it.
 
S

smx06

Member
Nov 10, 2012
26
0
Thanks

Imho there are more chances playing with apps signing with developer license than finding a way to switch off the signing at all
 
G

GoodDayToDie

Inactive Recognized Developer
Jan 20, 2011
6,066
2,933
Seattle
The debugger allows you to override memory and modify memory protections within the process address space. This includes the code pages (normally read-only) and data pages (normally not executable). At least, you can do such things with WinDBG on x86 processes; I'd be quite surprised if it didn't work on ARM too (considering that the entire way that a debugger does breakpoints requires modifying the process code...)

It is, as I said, very clunky. However, you should be able to trap a program as soon as it is loaded (after the kernel checks and such, but before the program actually begins executing) and basically replace it wholesale with a different program.
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
GoodDayToDie said:
The debugger allows you to override memory and modify memory protections within the process address space. This includes the code pages (normally read-only) and data pages (normally not executable). At least, you can do such things with WinDBG on x86 processes; I'd be quite surprised if it didn't work on ARM too (considering that the entire way that a debugger does breakpoints requires modifying the process code...)

It is, as I said, very clunky. However, you should be able to trap a program as soon as it is loaded (after the kernel checks and such, but before the program actually begins executing) and basically replace it wholesale with a different program.
Click to expand...
Click to collapse

Yup, I was able to change some code in the command prompt. Just had to find where they hid the memory window in VS2012.

Edit:
IaHmM.png


Top being normal command prompt behavior, the bottom being after I flipped a few random opcodes in the function that's returned to right after the kernel tries to run the exe.

So yea, unsigned code, though however tedious, is running.

Now that we can do that, we need to find some way to get into kernel mode and disable the signing checks.

Edit 2: Or, if you want to elaborate a bit more on your idea, I can start trying to poke at it to see if I can get any results.
 
Last edited:
C

chris3ds

Member
Nov 14, 2012
27
7
Chichester, UK
www.chrismayerapps.co.uk
App Certification Kit for Windows RT

Microsoft have released a version of their App Certification Kit, it's a desktop app that'll install and run on Windows RT and is designed for validating Metro-style apps for the Windows Store, however for whatever reason it's possible to select the option to validate a desktop app. Not sure if this could maybe be used as a method of loading unsigned desktop apps on Windows RT.

http://msdn.microsoft.com/en-US/windows/apps/jj572486
 
N

netham45

Inactive Recognized Developer
Jun 24, 2009
886
569
Denver
chris3ds said:
Microsoft have released a version of their App Certification Kit, it's a desktop app that'll install and run on Windows RT and is designed for validating Metro-style apps for the Windows Store, however for whatever reason it's possible to select the option to validate a desktop app. Not sure if this could maybe be used as a method of loading unsigned desktop apps on Windows RT.

http://msdn.microsoft.com/en-US/windows/apps/jj572486
Click to expand...
Click to collapse

Gave it a shot, it didn't run the app. It flickered some error after thinking for about 5 minutes, then said it didn't run.

https://code.google.com/p/chromium/issues/detail?id=146254 (Don't just click links on there, you may BSoD)

The OS that comes in recovery is vulnerable to that kernel exploit that should be able to give us code execution.
 
Last edited:
You must log in or register to reply here.

Similar threads

G
Desktop apps ported to Windows RT
Replies
1K
Views
2M
M
michael.santos
N
  • Locked
  • Sticky
[Release] RT Jailbreak Tool
Replies
519
Views
1M
N
netham45
M
[Beta] Win86emu: Running x86 apps on WinRT devices
Replies
427
Views
590K
G
gailium
V
[Windows RT 8.1] Development Tool V3.0 BUILD XXXX
Replies
685
Views
340K
N
naytmare66
T
[RT] Windows RT 8.1 Jailbreak Discussion
Replies
230
Views
286K
N
nar001

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 17
    N
    netham45
    diablos991 said:
    This would be fantastic.
    Click to expand...
    Click to collapse

    Other than one bug I just tracked down I've got everything except getting the kernel base automated in a batch file + debugger.

    Edit: Here's what I've got so far. To use:

    1) Install the app in the top of THIS thread (Sorry, you'll have to compile it for now, I'm working on a clean app I can package, but it's not ready yet)
    2) Copy the 'getKernelBase.exe' from the ZIP attached to this post to the folder it installs to (%userprofile%\appxlayouts\<appname>)
    3) Run the app, click the button
    4) Click OK on the prompt, type 'getKernelBase' into the command prompt. If it doesn't do anything, snap the app to the side of your screen.
    5) Keep the 4 numbers it gives you
    6) Open 'runExploit.bat' as an administrator
    7) Put those 4 numbers in there, make sure you keep the spaces between them
    8) Press enter
    9) Press Volume Down
    10) Press enter again
    11) You should be jailbroken now.

    And a writeup for what I'm doing for my hack:
    It's mainly the same basic hack as clrokr, but I found a way that I could write process memory using cdb (but, I can't attach as a debugger, so I lose breakpoints)

    I change winsrv.dll+0x3644 to redirect to winsrv.dll+0x10800

    I inject this modified payload at winsrv.dll+0x10800:
    Code: 
    	push {r5-r8}
	mov r7, 0x80000
	ldr r8, my_addr
loc_loop_begin
	movs r3, 0xC
	add r2, sp, 0x68 ;0x58 org.
	add r5, r2, 4
	str r8, [r5]
	movs r1, 9
	mvn r0, 1
	mov r12, 0x10E1
	svc 1
	subs r7, r7, 1
	cmp r7, 0
	bne loc_loop_begin
	pop {r5-r8}
	mov r7, r0
endloop
	cmp r7,#0
	b endloop
	b -0xD1E6
my_addr dcd 0x<Kernel Base>
	end

    That then gets called when you press vol down. It hangs at the loop at the end so it doesn't execute the exploit twice (which would crash the tablet)

    I then reset winsrv.dll+0x3644 back to default
    Once it's default, I zero out 'b endloop', allowing it to progress to the b -0xD1E6 and resume execution

    cdb -pvr <pid> attaches to <pid> in non-invasive mode, which grants the ability to see loaded modules and change ram but not debug (pause, resume, break, manage breakpoints, get debug events), since there's no debugger actually attaching. That's why it works on the ARM too.

    And that's it.


    Edit: I missed something, it's not working in the zip. I'll check it real fast.
    More edit: I see what I did, fix in a couple minutes.
    Even more edit: Should be fixed, the offset I had at the bottom of the payload was off by 0x6.
    Super edit: Nope, something is still up. It works perfectly if the debugger is attached to csrss, but if not it crashes. =/
    Super-duper edit: seems to work intermittently, I'm not 100% sure why it crashes some of the time, though.
    Mega Edit: One of the offsets I'm using changes randomly between a few different possibilities, I'll see if I can come up with some way to generate the code for it.
    View
    9
    N
    netham45
    I just got the exploit running using only on-tablet programs, I should be able to bundle it into a nice little app where you just have to click one or two things.
    View
    9
    N
    netham45
    Got Mouse Without Borders (MS-Made Synergy-ish app) working.
    Simple guide:
    Install it on desktop
    Copy the folder out of the program files to the tablet
    Open admin command prompt on tablet
    run sc create MouseWithoutBorders binpath="c:\Path\To\MouseWithoutBordersSvc.exe" (Fix the path)
    Open services.msc, start the service you just created
    It'll then prompt to set it up.
    View
    7
    N
    netham45
    GoodDayToDie said:
    Pardon if I misunderstood, but why *not* decrement it oh, 0x7FFF0 times? That way, if it was 0x80101, it will now be 0x00110 (which is maybe not ideal, but depending on what those other bytes represent it might still work) and if it was 0x80000, it will now be 0x0000F (which again may be less than ideal, but won't be the fully zeroed-out value).
    Click to expand...
    Click to collapse

    Working on that exact thing right now. Should have a result momentarily.

    Edit: Seems to have worked, at least for the initial test. If all goes well, I should be able to get a 100% exploit rate.

    Edit 2: 3 for 4 so far, with the one that failed being because the offset was off.

    Edit 3: Still getting a crash. Going to try 0x7EFF0 instead of 0x7FFF0.

    Edit 4: Seem to at least be getting a higher success rate with this method.

    Edit 5: Hopefully not jumping the gun, but I seem to have gotten it except in the occasions where the offset is not what I've preprogrammed. I think I've got a means to fix it when the offset is wrong, but I haven't actually managed to get a debugger attached recently when it was wrong.

    Edits are fun: I've tried it 7 times now, all worked. I've never had that success rate with it before, I'm going to call this one fixed.

    More edit: It's odd, it only seems to give the SYSTEM_SERVICE_EXCEPTION when I don't have a debugger attached. Guess I get to go dig through a memory dump. Does it make sense that the debugger would be shifting everything down (0x....3646 -> 0x....3644) just by having a debugger on?

    Edit 8: I can say with 75% certainty that I've fixed the 0x18 bugcheck.

    Edit 9: I think the bug might be caused because the debuggers I'm using in the script don't have the PDB loaded for winsrv.dll, I'm going to give it the PDB and see what it does.

    Edit 10: I've found out that the crash happens reliably if the exploit is ran within a few seconds of the system booting, it seems to work best if you wait at least a minute after logging in before running it.

    Edit 11: Please see THIS THREAD for what I believe will be the final version of my jailbreaking tool.
    View
    7
    C
    clrokr
    Okay you guys, I found a way to change the required signing level. I'm trying to figure out how to automate this so everybody can profit. You basically use VS2012 to edit the last code page of a module that runs in CSRSS's process. Insert some hand-assembled ARM opcodes to trigger the (still not patched) exploit in NtUserSetInformationThread, set a breakpoint somewhere specific and hit it, then modify this instruction pointer PC to point to the hand assembled code. Boom.

    As you can see, this is not quite ready for the general public.

    I have built a proof of concept that loads ntoskrnl as an image resource and scans through the code segment to find the literal that points to the value we need to change. Using this offset and NtQuerySystemInformation it calculates the linear address of the byte that needs to be zeroed out and fixes the alignment.

    Note that using the hand assembled code we can easily trigger the exploit 524288 times which would be impractical otherwise.

    You can however set a trace point in VS2012 that displays a message and use the evaluation function to change memory just before NtUserSetInformationThread is called. For example, the last call to NtUserSetInformationThread in TerminalServerRequestThread is perfect for this. It hits every time you press a volume button. I got the signature level down from 8 (the address read 0x00080101) to 7 by pressing a volume button very often.

    So, stay prepared.
    View

New posts