...
In the past, loading a driver and changing kernel structures has been easy to execute by an attacker without too many worries, but since the introduction of mitigations such as
KPP (Kernel Patch Protection aka Patch Guard) in Windows XP/Vista x64, these have become relatively scarce.
Patch Guard is a mechanism that protects kernel structures (like
SSDT and
IDT mentioned later) from being changed in memory or “patched” by an attacker. It periodically checks each kernel structure for changes; if a change occurred, it would cause the system to BSOD with Bug Check
CRITICAL_STRUCTURE_CORRUPTION (0x109) or
KERNEL_SECURITY_CHECK_FAILURE (0x139).
Nowadays, before making any changes to system structures, attackers would have to find a way to disable or bypass Patch Guard or risk crashing the system.
It is also important to note that since Patch Guard works in a periodic manner, if an attacker manages to revert their changes before the next check it would not trigger a BSOD. This is useful for changing a kernel structure such as the
SMEP flag,
CR4’s 20th bit, when an attacker could turn off the flag, execute their malicious code and immediately turn the flag back on to avoid the bug check.
In the past, we’ve seen the following technique used by
Turla/Urobrous to bypass Patch Guard. The attackers used a hook in
KeBugCheckEx to resume the execution after the bug check happened, effectively suppressing the BSOD.
Then, after Microsoft patched this hole, the attackers hooked a different function,
RtlCaptureContext, which is called by
KeBugCheckEx to similarly resume the execution without BSOD-ing the system.
Another method to bypass Patch Guard is described in
this latest article by Kento Oki from 2021. In addition, CyberArk Labs
found a bypass to Patch Guard a few years ago.
Another feature that was introduced to Windows — one that has contributed to the decline of rootkits — is
DSE (Driver Signature Verification a.k.a Code Integrity verification) for drivers that basically checks that a driver is signed by a trusted certificate authority before loading it.
DSE makes it even harder for attackers to load a driver, as they would have to bypass this mitigation too — either by getting their hands on such a certificate, which they could use to sign their driver, or by exploiting the mechanism in such a way that would bypass it.
An example of a Patch Guard+DSE bypass can be found
here.
There are also some older Digital Signing Enforcement/Code Integrity bypasses by hfiref0x, such as
DSEFix and
TDL (Turla Driver Loader).
It is important to note that any bug in a rootkit (such as an ACCESS_VIOLATION) would immediately trigger a BSOD. Zero bugs are allowed, so this is one of the reasons for the certain scarcity of rootkits, as developing and deploying one requires high level of expertise and mature development process that lone actors most often don’t possess.
...
www.cyberark.com
