Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/ffri/aotpoisoning

PoC code of AOT poisoning presented at Black Hat Asia 2023

https://github.com/ffri/aotpoisoning

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Academic email domains
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (10.9%) to scientific vocabulary
Last synced: 8 months ago · JSON representation

Repository

PoC code of AOT poisoning presented at Black Hat Asia 2023

Basic Info
Statistics
  • Stars: 11
  • Watchers: 4
  • Forks: 1
  • Open Issues: 0
  • Releases: 0
Created about 3 years ago · Last pushed about 3 years ago
Metadata Files
Readme License

README.md

AOT Poisoning

Introduction

Rosetta 2 is a translation mechanism that allows Apple Silicon Mac to run Intel-based applications. It offers two types of translation: Just-In-Time (JIT) and Ahead-Of-Time (AOT). AOT translation is usually employed, but JIT translation is also used for applications that generate dynamic code (e.g., web browsers). AOT translation result is saved as AOT files, which are cached and reused for the next application launch.

We presented a new code injection technique named "AOT Poisoning" abusing this caching mechanism at Black Hat Asia 2023. This repository contains PoC code of AOT Poisoning and other utilities used in my research.

Requirements

How to use the PoC code of AOT Poisoning

Before running this script, you need to install the dependencies.

$ poetry install

This script has two commands: poison-aot-signed and poison-aot-nonsigned.

poison-aot-signed is a command that poisons an AOT file of a signed executable and injects shellcode through this. This issue is currently fixed as CVE-2022-42789, so this code injection does not work for the latest macOS

$ poetry run python main.py poison-aot-signed <path to application bundle (or executable)> <path to shellcode payload>

poison-aot-nonsigned is a command that poisons an AOT file of an unsigned executable and injects shellcode through this.

$ poetry run python main.py poison-aot-nonsigned <path to application bundle (or executable)> <path to shellcode payload>

Some shellcode payloads used in my research are in the shellcode directory.

Other utilities

calc_hash

calc_hash contains the code that calculates AOT lookup hash of an x64 executable. Rosetta 2 uses the AOT lookup hash to check whether the specified x64 executable was previously translated. If there is a previous translation result corresponding to the calculated hash value, the translation result is reused for the execution, resulting in reducing the redundant binary translation. For more details, see my Black Hat Asia 2023 talk slides.

mmaptimestamptest

mmaptimestamptest contains the code that tests the behavior of the APFS timestamp updates issue. The issue is that writing to a file via mmap() & munmap() without calling msync() does not update ctime and mtime. I used code in this directory to check this behavior. You can find some results of this code for Big Sur 11.5.2 and Big Sur 11.7.4.

Author

Koh M. Nakagawa. © FFRI Security, Inc. 2023

License

Apache version 2.0

Owner

  • Name: FFRI Security, Inc.
  • Login: FFRI
  • Kind: organization
  • Location: Tokyo, Japan

Next Generation Security

GitHub Events

Total
  • Watch event: 1
Last Year
  • Watch event: 1

Issues and Pull Requests

Last synced: about 1 year ago

All Time
  • Total issues: 0
  • Total pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Total issue authors: 0
  • Total pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 0
  • Average time to close issues: N/A
  • Average time to close pull requests: N/A
  • Issue authors: 0
  • Pull request authors: 0
  • Average comments per issue: 0
  • Average comments per pull request: 0
  • Merged pull requests: 0
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
Pull Request Authors
Top Labels
Issue Labels
Pull Request Labels

Dependencies

poetry.lock pypi
  • black 22.1.0 develop
  • isort 5.10.1 develop
  • pathspec 0.9.0 develop
  • platformdirs 2.5.1 develop
  • altgraph 0.17.3
  • click 8.0.4
  • colorama 0.4.4
  • macholib 1.16.2
  • mypy 0.971
  • mypy-extensions 0.4.3
  • pefile 2023.2.7
  • pyinstaller 5.8.0
  • pyinstaller-hooks-contrib 2022.15
  • pywin32-ctypes 0.2.0
  • setuptools 67.2.0
  • tomli 2.0.1
  • typer 0.4.0
  • typing-extensions 4.1.1
pyproject.toml pypi
  • black ^22.1.0 develop
  • isort ^5.10.1 develop
  • mypy ^0.971
  • pyinstaller ^5.8.0
  • python >=3.9 <3.12
  • typer ^0.4.0