At the conference “Chaos Communication Congress (30C3)”, researchers “Bunnie” and “xobs” revealed the existence of vulnerabilities in Secure Digital (SD) κάρτες μνήμης που μπορούν να αξιοποιηθούν για την εκτέλεση αυθαίρετου κώδικα.
The security holes in memory cards can be exploited for man-in-the-middle (MITM) attacks. In addition, the flaws of SD can be used by hardware hardware connoisseurs to gain access to the microcontrollers incorporated into the devices.
The researchers conducted tests on products by appotech, especially in the AX211 and AX 215 models. However, other brands may contain similar vulnerabilities.
In particular, Bunnie says: "We have discovered a simple vulnerable sequence transmitted through the manufacturer's commands (ie, CMD63 followed by 'A', 'P', 'P', 'O') that puts the controller into a loading state of firmware. At this point, the card will accept the next 512 bytes and run them as code."
With the methodology of reverse engineering the registers of the specific functions in the 8051 microcontroller, they have managed to create new applications even without access to the documentation from the supplier.
It is worth noting that the experts used the open source hardware platform Novena and some adaptable card adapter card.
Also, - added Bunnie, - in terms of security, our findings show that even if the memory cards look idle, they still run a body of code that can be modified to execute MITM attacks that would be difficult to detect. And as we know, there is no standard protocol or method to inspect and certify the contents of the code running on the memory card microcontroller.
Excessive details that might even put the average reader to sleep. We will not go into greater analysis, but the basic lesson of all the above, as well as the researchers, is that there is no guarantee that with the safe deletion of the card, the sensitive information stored on it is also completely deleted.
This must be taken into account, especially in situations of "high risk and high sensitivity". Experts recommend the physical destruction of memory cards, ie hitting them with a hammer or a pestle (!!), to make sure that sensitive information is deleted 100% before throwing it away.
Watch the related video from the researchers' presentation at the conference.
