Raspberry Pi Pico-Powered DaMAgeCard Attacks System Memory — Through the SD Card Reader
New SD Express standard delivers big performance gains, but thanks to DMA can also mean a hardware vulnerability.
Positive Technology's "offensive security department," PT SWARM, has developed a Raspberry Pi Pico-powered tool that lets you target the memory of a laptop or single-board computer through its SD card slot — providing, that is, it supports the new SD Express standard: the DaMAgeCard.
"The peripheral device industry has once again sacrificed security in the name of speed," PT SWARM's pseudonymous "gesser" claims. "Media sizes have risen dramatically, and with them the requirements for how fast we can process media. It just takes too long to copy hundreds of gigabytes of RAW images, even with Ultra High Speed 2 (UHS-II) SD cards. And so the SD Association heard the cries of DSLR geeks, and made a move. They released SD Express."
Standardized in 2018 SD Express adapts the existing SD card and microSD card standard to include PCI Express connectivity, essentially delivering a backwards-compatible interface that can work with existing SD cards or what are effectively compact, portable Non-Volatile Memory Express (NVMe) cards. This delivers a dramatic improvement in performance, but comes with a potential security concern: access to system memory through the PCI bus, via direct memory access (DMA), on systems which have no input/output memory management unit (IOMMU) active.
"When we hear 'PCI,' we think 'A-ha! Possible memory access," "gesser" explains. Experiments proved that it would be possible to develop an adapter compatible with PCILeech — an open-source tool for attacking a system's memory over DMA. The only problem: the hacked-together adapters were a little fragile, and required an original SD Express card "questionably soldered on." A desire for something less fiddly and more reliable led to the DaMAgeCard.
"We decided to emulate the necessary mode-switching interaction," "gesser" explains of how the resulting device does away with the need for a real SD Express card. "It appears we don't even need a hardware SD controller — a regular bit-bang approach via [Raspberry] Pi Pico is enough, even without using [the] PIO [Programmable Input/Output] core. History has taken us full circle, and for now, DMA attacks again have a working entry point. We named this type of attack as DaMAgeCard."
"15 years ago there were no openly available tools to conduct them; not hardware, nor software. Today, we have multiple open source projects that provide ready-to-use solutions for extracting and analyzing memory images, bypassing authentication in modern OSs, and attacking encryption," "gesser" adds. "Bleeding-edge research papers and conference talks demonstrate year after year how to bypass the sole protection solution. All the while, hundreds of thousands of devices still in use do not even have this protection enabled."
More information on the DaMAgeCard, and the devices with which the team was able to access memory over the SD Express slot, is available on the PT SWARM blog.