Xbox security issues and forensic recovery methodology (utilising Linux)

Xbox security issues and forensic recovery methodology (utilising Linux)

Digital Investigation (2004) 1, 165e172 www.elsevier.com/locate/diin Xbox security issues and forensic recovery methodology (utilising Linux) Chris ...

105KB Sizes 0 Downloads 59 Views

Digital Investigation (2004) 1, 165e172

www.elsevier.com/locate/diin

Xbox security issues and forensic recovery methodology (utilising Linux) Chris Vaughan CY4OR Limited, 116a Bury New Road, Whitefield, Manchester M45 6AD, United Kingdom

Abstract Though marketed as a games console, the Xbox internals demonstrate that it is more comparable to a legacy free PC than to the construction of any of its gaming system rivals. Once exploited the Xbox can be used to execute illegal software and/or to run Linux installations e hence allowing such a system to be used as any home PC with full email and Internet access. The console can then be used to harbour indecent images, illegal software, fraudulent documents or anything else that a standard PC might. Mod chips and exploits of the Xbox are not only easy to execute, requiring little technical knowledge, but they are also inexpensive; some Xbox mod chips cost less than a new game. Furthermore, the digital evidence and evidence trails associated with such a system are similar to those of home PCs. This paper presents a methodology of assessing an Xbox system’s evidential value and the methodology of extracting and examining a console should it be deemed of potential forensic value. ª 2004 Elsevier Ltd. All rights reserved.

Introduction With estimated world-wide sales figures of around 16 million consoles sold, the Xbox is one of the brand leaders in home gaming. Microsoft’s game console does, however, bear more than a passing resemblance to a home PC. With 64 MB Ram, 733 MHz Intel processor, 10/100 Ethernet port, IDE DVD Rom drive and a 10 GB IDE hard drive (8 GB in older models), the Xbox is, internally at least, a legacy free PC; a computer containing a motherboard E-mail address: [email protected].

without the traditional set of ports, such as parallel, PCI or PS2. One of the main differences between a standard PC and an ‘out of box’ Xbox is that an Xbox will only run code that is authorized by Microsoft; all executables have to be signed with Microsoft’s key. Despite the Xbox’s similarity to a PC, running unsigned code such as Linux is not simply a matter of inserting an installation CD. Xbox executables (.xbe files) are encrypted with 2048 bit RSA security. If even one byte is altered within the file, the signature becomes unusable, and the Xbox kernel rejects the file. The high level of encryption necessitates the use of exploits to circumvent

1742-2876/$ - see front matter ª 2004 Elsevier Ltd. All rights reserved. doi:10.1016/j.diin.2004.07.006

166 Microsoft security rather than to break it. Such exploits are also required in order to boot DVD-R/ DVD-RW/CD-R/CD-RW, or more likely, ‘pirate’ software. Is the Xbox simply a games console, which bears an uncanny resemblance to a PC? No. In August 2002 the Xbox Linux Project, reportedly, successfully managed to get the Linux operating system core running on an Xbox. Since this time a number of Linux distributions have become available for the Xbox, in the form of both bootable CDs and hard drive installations. Linux can be installed on the standard hard drive or on a replacement larger hard drive placed on the Xbox IDE hard drive channel with no problem at all. An Xbox can then be run as any standard PC, with an Internet connection, email and the ability to play MP3s. Or, it can be run as a server or router. The use of Xbox Linux is seemingly limitless. So is its evidentiary value. A forensic investigator should be aware.

Software exploits When the Xbox is switched on, the Xbox logo is displayed on screen, the kernel (a stripped down version of Windows 2000) then unlocks the hard disk, which is protected by 32 bit ATA password protection, unique to each Xbox eeprom. If there is a valid medium in the DVD drive then the disk will be booted. Otherwise the file, xboxdash.xbe, is loaded from partition 3 on the hard drive. The dashboard, located in the xboxdash.xbe file, is the system configuration and CD player which is permanently stored on the hard drive and is used for saved game management and time setting configuration. The dashboard has been described as the heart of the machine. Unfortunately, the PC like architecture of the Xbox and the dashboard’s construction constitute a high security risk. Microsoft checks most of its files with an SHA1 checksum. However, the check does not include fonts (.xtf) or audio (.wav). There is exploitable integer underflow vulnerability within the font file loader that can be exploited with malformed font files. One well-known exploit is the ‘007 hack’, so called because it is executed from within the Electronic Arts James Bond game e Agent Under Fire, and allows a user to execute non-Microsoft authorized code. The font exploit, for example, involves an altered save game file that is placed on a memory card and executed from within Agent Under Fire. Upon attempting to load a saved

C. Vaughan game, Evolution x (also known as Evox), a replacement dashboard (the Xbox operating system e executable evoxdash.xbe), is executed, allowing a user to initiate an FTP of the exploit’s unsigned code to the Xbox and to install Evox on the hard drive, usually in partition 3 with xboxdash.xbe. Such software exploits only work on the older version of Xboxes, Microsoft are continuously altering both the dashboard and the internals of Xbox in order to ‘move the goals’ for the software pirates. The more recent 5713 kernel, for example, does not accept a downgrade of the dashboard, so the software hacks will not work. The main thing to remember about the software exploits is that to execute, no more extras are required than an intermediate level of PC knowledge and a memory card. This could be one of the main reasons that illegal software is so readily available and utilised on Xbox systems. In the days of the Playstation 1, the illegal software market was so lucrative due to the low cost of modifications and illegal software. It could be that history is repeating itself, though this time it seems that Microsoft is learning the lessons and not Sony.

Mod chips e hardware modifications The original EPROM is a reprogrammable flash chip located on the Xbox motherboard. As the chip is reprogrammable, it is possible to use one mod chip to replace the BIOS so that copied games can be executed. This may be done by installing a mod chip temporarily, which bridges the two pairs of points that disable write protection of the chip. BIOS reprogramming software (such as raincoat in Linux) will then be executed to reprogram the onboard BIOS. Next, the mod chip may be permanently removed from the system and can be used to reprogram other Xboxes. A simple Google search will turn up hundreds of hits on easily obtainable chips. Initially mod chips were cumbersome, containing more than 30 wires, which required soldering and fitting, which needed a reasonable degree of technological knowledge. Many of the more recent chips, however, screw on to the motherboard and can contain a number of ‘flashable’ areas so that more than one BIOS may be installed. The BIOS on the mod chip will override the original Microsoft implementation so that unsigned code can be executed and R/RW media run. The mod chip can contain a hacked version of Microsoft’s BIOS, which has the signature test, the hard disk test and some other things

Xbox security issues and forensic recovery methodology

167

disabled, and contains Microsoft’s encryption keys e hence constituting a breach of copyright. It is also important to note that not all mod chips contain illegal code. One example of legal code is found in the Cromwell BIOS, which was written from scratch and contains code that will execute only Linux distributions (and not games). It is possible to check the legality of the BIOS software by connecting the chip to a Linux configured machine (although Windows based methods are also available), this can often be done with a USB cable as many chips come with USB ports to allow ‘flashing’; software such as raincoat can then identify the BIOS version. As stated, implementations such as the Cromwell BIOS are perfectly legal, although there are a number of illegally ‘hacked’ variants of the Microsoft BIOS. It is suggested that a hash set be created of both illegal and legal variants of the BIOS to allow an investigator to identify the version held on any particular Xbox system.

the drive, the PC has full access to the Xbox hard drive. (2) The Evox disk1 is inserted into an exploited Xbox and the hard drive unlocked using the software on this disk. The hard drive can then be removed and connected to a PC and used as any other hard drive. (3) The Evox disk is again inserted into an exploited Xbox and the hard drive password noted.2 Then, the hard drive is connected to a PC and DOS tools such as unlockhdd are used to unlock the drive. Such software allows a drive to be unlocked from a standard PC though it does require that the hard drive password is known. (4) Xbox hacker, Speedbump (2002) describes a method by which 23 probes are used in order to read the drive during the password transfer. The probes should be triggered when command register is written with a value of 0x52 (SECURITY UNLOCK). At this point the drive is expecting to receive the password. Now the logic analyzer can read the password.

Ata password protection

The majority of Xboxes are likely to be already locked. It is suggested that if an Evox and/or Linux (Xbox Linux) disk will not boot from the system, it is unlikely that there will be much of any evidentiary value on the system. This, perhaps, is one of the first tests that can be applied in order to assess the forensic value of a system. Should Evox and Linux disks not boot then it would seem that the system has not been exploited in any way. Of course, other signs of exploits include soldered and screw in chips that can be compared with a known safe system/Xbox. Non-standard hard drives (drives above 10 GB in storage size), broken warrant seals (a sign that the Xbox has previously been opened up), and apparent Xbox games on writeable/rewriteable disk are a giveaway, as the Xbox drive will not boot such media unless exploited.

The Xbox hard drive uses a relatively unused set of security commands in order to prevent external access of the drive. The ATA specifications provide a command named SECURITY UNLOCK (command code 0xF2), which allow a 32 byte password (sent in clear text) to the hard drive in order to unlock it. The specification details a master and a user password. The user password is utilised by the Xbox. The password protection has not proved a difficult problem for the Xbox community to circumvent. Forensically, however, the ATA password protection does cause a number of problems not least of all because all methods require that the original hard drive be booted from the original Xbox system. The following methods of unlocking the hard drive are noted: (1) The ‘hotswap’ method is possibly the easiest, however, it is the least forensically sound and is certainly the most dangerous in terms of the possibility of corrupting disk data. The Xbox should be placed next to a booted PC (preferably running Linux e although there are alternatives to this). The Xbox casing is removed and the Xbox is booted with no disk in the DVD Rom drive, allowing the kernel to unlock the hard drive. The Xbox’s IDE cable is then removed and replaced with the PC’s. Because the kernel has already unlocked

1 The CD/DVD media executable with a chipped Xbox seems to be reliant on the chip installed and on the original DVD drive placed in the Xbox. The makers of the ‘Xtender’ chip, for example, claim that all -R/RW media are compatible with their chip. Some chips require certain brands of media. Furthermore, there are around three different models of DVD drive shipped with the Xbox as standard. Each of these drives, it seems, are compatible with different media brands. 2 Although it is always desirable to boot original media with a write block connected, during testing this has not been possible. Though this method was attempted, the system immediately requires write access to the system. Otherwise the system will report the error message ‘‘7’’, which indicates a hard drive error.

168 A lucky investigator may discover an unlocked hard drive. This is possible, as many of the replacement dashboards do not require a locked drive e although the MS dashboard does. The hard drive is likely to be unlocked if it has been transferred to the PC, perhaps in order to access data areas more easily or conveniently than via FTP. It is recommended that as per ACPO guidelines, should the original system be booted, that an individual(s) should take fully comprehensive notes and that such individual(s) should be fully aware of the consequences of each action.

C. Vaughan later. All the partition settings are based on an original kernel and hard drive:

Offset

Size

Description

0 MB

5 MB

0.5 MB

750 MB

Disk configuration area: this partition contains no filesystem. Various configuration data are, however, stored at fixed offsets. Game Cache A (also known as Game Cache 1): FATX volume containing temporary data of a game for faster access. This partition is deleted when a new game is run. The partition contains one file, named XMTAXBOX.XBE. Its purpose is unknown. Game Cache B (or Game Cache 2): there are no directory entries in this partition, though there are a lot of binary data. Game Cache C (or Game Cache 3): contains two files, BUFFER.IN and FFT.IN, their purpose is unknown. System files: FATX volume containing menu code, graphics, sound, DVD player, music import. This partition is the backbone of the system and includes xboxdash. xbe (Microsoft’s dashboard). An exploited system is likely to contain evoxdash.xbe, yboxdash. xbe or similar files, which indicate that replacement dashboards are in use. Data: FATX volume containing saved games and imported CD audio tracks. Unused: this space contains no data (filled with zeros). It is unused for compatibility with the first series, which had only 8 GB hard disks.

Imaging An 80 GB Western Digital drive was imaged using Red Hat Linux 9. The following steps were taken once the evidence drive had been connected to Primary Master and the working copy (to contain the bit for bit image) to Primary Slave: (1) The Red Hat terminal was booted (2) The working copy drive was formatted as ext3 with the command ‘mkfs.ext3 /dev/hdb1’ (3) The working copy drive was mounted with the command ‘mount -t ext3 /dev/hdb1 /mnt/hd’ (4) A script was commenced in order to record all terminal activity, ‘script/mnt/hd/log.txt’ (5) Some basic system information was accessed, ‘uname -a’ and ‘date’ (6) An md5 of the original drive was created using md5deep in order to produce a checksum and an estimate of the time to produce the checksum, ‘./md5deep -e /dev/hda’ (7) The Xbox drive was imaged using dcfldd, which produces output on the amount of data imaged, ‘./dcfldd if Z /dev/hda of Z /images/ xbox.dd’ (8) The md5 of the imaged data was checked against the original drive, ‘./md5deep -e / images/xbox.dd’

The Xbox file system and partitioning Understanding the file system is the first step that needs to be taken in analysis of any system. The Xbox hard drive-partitioning scheme is based on the kernel settings, which is believed to be dependent on file offsets. The hard disk consists of a header, 3 game cache partitions, a system partition and a data partition. The Xbox file system is FATX (a derivative of FAT) and will be discussed

750.5 MB 750 MB

1500.5 MB 750 MB

2250.5 MB 500 MB

2750.5 MB 4895 MB

7645.5 MB 1896 MB

The unused space can be utilised once a system has been compromised, and a new partition created (usually referred to as the F drive), which is often used for the storing of additional data such as ‘ripped’ games or the Linux operating system. Installing a new dashboard, which also contains file-exploring applications, will allow a user to place a file virtually anywhere on a system. Hence, it should be noted that potential evidence, like a PC, can be found anywhere on a system.

Xbox security issues and forensic recovery methodology

About FATX

169

sourceforge project website (xbox-linux.sourceforge.net). The following steps should be taken:

FATX is described by Steil (2003), a founder of the Xbox Linux project, as an FAT derivative that has some legacy fields dropped as well as redundant information that could lead to inconsistencies and thus create possible security problems. The File Allocation Table always starts at position 4 kB of the FATX filesystem. Its format is identical to that of FAT16 and FAT32. The cluster size is always set to 32 sectors (16 kB) and there is always just one File Allocation Table. Partitions with less than 65525 clusters (less than 1 GB) are FATX16 and those above are FATX32. Hence, partitions 0, 1, 2 and 3 (the cache partitions and system) are FATX16 and partition 4 (data) is FATX 32. FATX directory entries are constructed as follows:

Offset

Size

Description

0 1 2 44 48 52 54 56 58 60 62

1 1 42 4 4 2 2 2 2 2 2

Size of filename (max 42 char) Attributes as on FAT Filename in ASCII, padded with 0xFF First cluster File size in bytes Modification time Modification date Creation time Creation date Last access time Last access date

Deleted files are marked with a value of 0xe5, which is placed in the filename size field. As with FAT file systems, although the pointer to the file is removed upon ‘deletion’ the file will still be present in the form of unallocated disk space until it has been overwritten by another. Bearing such knowledge in mind, it is acknowledged that the FAT could be accessed directly and the file name size field altered on a marked deleted file e however, this would potentially constitute tampering with original evidence.

The FATX file system Linux kernel In order for Linux to recognize the FATX file system the kernel needs to be recompiled to include the relevant file system driver. This ‘clean’ standard 2.4.26 kernel was recompiled and the file system drivers all transferred to one root directory. The FATX driver was obtained from the xbox-linux

(1) Copy the FATX kernel over the 2.4.26 kernel, ‘cp -rf kernel/* linux-2.4.26’ (2) Replace the linux-2.4.26 config file with FATX config file, ‘cp kernel.config .config’ (3) In order to view and configure the kernel options, ‘make xconfig’ the file system option, which should be altered to incorporate FATX, then save and exit (4) ‘make dep’ (5) ‘make bzimage’ (6) ‘make modules’ (7) ‘make modules_install’ (8) ‘make install’ (9) The system can now be rebooted (grub or lilo boot configuration permitting) and the Xbox kernel booted

Viewing the file system There are a number of options available to the forensic investigator, allowing them to view the FATX file system. As a disk image containing individual partitions cannot be mounted with the standard Linux loopback device, the NASA loopback drivers can be installed and the entire disk image geometry viewed by using ‘losetup -r /dev/ loopa /images/xbox.dd’ and the partitioning scheme viewed using ‘sfdisk -l /dev/loopa.’ These commands will allow the identification of individual partitions within an image. Once the relevant FATX partition has been identified, it can be mounted read-only using ‘mount -t fatx -o ro / dev/loopa(N) /mnt/xbox’ (N being the number of the partition identified by sfdisk). An alternative to this method is to run the sfdisk command on the original evidence drive and note the partition information before imaging so that each partition can be extracted using the skip flag within the dd command. The image can then be mounted using the standard loopback device, remembering of course that it has a 2 GB file size limit. In order to ensure image integrity, it is suggested that all raw images be protected by root and set as read-only. Then, to further avoid accidentally writing to the disk image, the examination of all data should be conducted from a standard user account. Upon viewing the file structure it is often useful to classify the file data in order to effectively manage the case. The various (known) file types may be classified using the following command, ‘find /* -type f -exec file {} /; | less’.

170

C. Vaughan

The examination of standard data, that is, undeleted files is at this stage possible. On a compromised system, the F drive is the most likely storage point of data as it contains the largest amount of (allocatable) free space. This is of particular relevance should the investigation be concerned with illegal software, as an average games directory is likely to contain no less than 2 GB of data. It should be noted that the allocated space of a disk is most likely to contain fully comprehensive evidence of illegal software and that any deleted game data would be sparse, and though recoverable using data carving tools based on file headers and footers, it is unlikely that every single file would ever be recovered. Furthermore, it is suggested that to verify that the game data held on a hard drive is consistent with original software, hash libraries are created.

Evox (Evolution X) In order to examine the system configuration on an exploited Xbox running Evox3 the file evox.ini requires identifying. It can usually be found in the third partition and is named evox.ini. This file contains details on system wide settings (like /etc under Linux) such as networking information. The table below provides some important information that can be extracted from the configuration file:

Text analysis/keyword search As data can be transferred to the Xbox, either by transfer from memory card, FTP, CD/DVD, directly with a USB keyboard or with alternate means via a Linux installation; a method of conducting keyword searches is detailed below. The file system does not require mounting for the method presented e and the raw images can be examined in its entirety. First of all strings of text should be extracted from the raw image. This may be done using the strings command as follows, ‘strings -t d /path/to/ image O /new/strings/file’. The -t flag will detail the offset of each string from the beginning of the file. The default string length (extracted) using the ‘string’ command is four characters, which can be altered. The next step is to compute an md5 of the strings file with the command (again, in order to ensure evidence integrity), ‘./md5deep -e /new/ strings/file’. Again, the file should be altered to read-only by the root user and examined from within a different user account in order to aid preservation of evidence integrity. Next, keywords or grep expressions can be executed on the strings file. For example, ‘ grep ‘‘xbox linux’’ /new/strings/file’ will produce text matches of ‘xbox linux’ from within the extracted string file. The output produces the offset of all keyword matches. The entirety of each keyword match may then be viewed within a text editor such as Vi or with the less command.

Header

Option

Description

Misc

Location of the Microsoft Dashboard

Misc

MSDashBoard [ ‘‘c:\xboxdash.xbe’’ UseFDrive [ Yes

Misc

UseGDrive [ Yes

Networking Networking FTP FTP Telnet

SetupNetwork [ Yes StaticIP [ No Enable [ yes Password [ xbox Enable [ Yes

Allows the use of the F drive, and hence larger volumes of data than the original Microsoft configuration Allows the use of a G drive on drives larger than 137 GB thus further volumes of data can be stored Enables the use of networking on an Xbox If enabled, the networking data such as IP address is stored here Enables FTP The FTP password Enables telnet

The evox.ini is the ‘registry’ of the Xbox and contains a wealth of information, which may be of value to any investigation.

3 There are many other variants of replacement dashboards though Evox is the most widely used.

Data carving As there are currently no FATX file system recovery tools that extract data from the file system (by means of recovery of the FAT), data carving tools, which are not reliant on the file system type may be used. Under testing, Lazarus, part of The Coroner’s Toolkit, was utilised in order to carve out congruent

Xbox security issues and forensic recovery methodology clusters of data from the raw image. The command ‘./lazarus -h /images/xbox.dd’ was used e hence allowing the extraction of files from the raw image. Interestingly, under testing, the first output file was the string BRFR, which is referred to by the Xbox hacking community as the ‘magic number’ because it is the signature test used by Microsoft in order to recognize an Xbox hard drive. As a side note, Steil (2003) estimates that the chances of a non-Xbox disk erroneously getting recognized are around one in four billion. The BRFR signature text can be found at the beginning of the fourth sector and hence serves as useful verification of an Xbox system for an investigator. The data extracted by Lazarus consisted of various (default system) data files, including graphics and text files, which were placed on the system for the purpose of testing. Perhaps a more useful and less time consuming method of extracting (and targeting) specific data is using the tool Foremost available at http://foremost.sourceforge.net. Foremost searches for data based on header and footer information, which is stored in foremost. conf. Therefore, for example, it would be possible to configure the utility to search for xbe (Xbox executables) files and extract data based on its file header, the number 48454258h, which represents the text XBEh. During testing a number of graphics were transferred to the Xbox via FTP and consequently deleted with the system’s file explorer prior to imaging. Foremost.conf was then configured to search for said graphics files. The command was executed with the line ‘./foremost -v path/to/ image -o output/dir’. Ninety percent of all graphics were recovered. It can be concluded that the remaining 10% of files were overwritten by the file system.

Conclusion Mod chips and exploits of the Xbox are not only easy to execute, requiring little technical knowledge, but they are also inexpensive; some Xbox mod chips cost less than a new game! This could be one of the main reasons that illegal software is so readily available and utilised on Xbox systems. Exploited Xboxs not only enable the use of illegal software but also the use of the system as a personal computer or server. Clearly the PC-like nature of the Xbox indicates that it should always be (at least) considered as a source of digital evidence e and as such may be the tool in a crime. The potential of such hybrid systems for storing

171

data, perhaps, is the commencement of a new-era in computer technology e and crime. A number of methods that circumvent the Xbox ATA password protection scheme are presented. Investigators should be aware that although the techniques presented, theoretically at least, should not add extraneous factors to the majority of investigations, such as those based on illegal software or other data harboured on a drive; investigators should be aware of the risks (such as permanently locking a disk) and always take comprehensive notes e and take the time to understand the system and its intricacies. As objectives often differ from case to case it is difficult to prepare any definitive guideline on Xbox hard drive analysis. Furthermore, the analysis stages that are presented will allow an investigator to browse a file system and extract data from it though tools are ideally required in order to recover deleted FAT entries. Due to the nature of FATX, and its similarity FAT, existing tools, such as Sleuth kit could well be modified. An Xbox system utilising the Linux operating system should be treated (in terms of investigation) for the hybrid that it is. The Xbox intricacies need to be understood and catered for, as does its Linux nature. For example, /var/ and /etc/ directory and log files will need dissecting fully. But that is another paper. The FATX file system details are all reverse engineered (majorly by the members of http: //xbox-linux.org) and though a great deal of verification has been applied to the contents of this paper, the details are subject to further verification.

References Speedbump. Details of the Xbox hard drive locking mechanism, !http://www.xbox-linux.org/docs/hdpassword.htmlO; 2002. Steil Michael. Differences between Xbox FATX and MS-DOS FAT, !http://www.xbox-linux.org/docs/fatxfat.htmlO; 2003.

Further reading Burdach Mariusz. Forensic analysis of a live Linux system, !http://securityfocus.com/infocus/1773O; 2004 Casey Eoghan. Handbook of computer crime: Academic Press; 2002. Casey Eoghan. Digital evidence and computer crime: forensic science, computers, and the Internet. 2nd ed. Academic Press; 2004. de Quincey Andrew, Murray-Pitts Lucien. Xbox disk layout; 2001.

172 Robin Hood. XBE file format document; 2001. Vaughan Chris. A model and methodology for data recovery and discovery on Red Hat Linux systems, !chris.vaughan@cy4or. co.ukO; 2003.

C. Vaughan Chris Vaughan has a Master’s in Information Security and Computer Crime and works as a forensics investigator for CY40R in the UK.