A friend of mine, Arrigo Triulzi (no web page that he wants to admit to), has just posted this fantastically scary missive to the Robust Open Source mailing list (no public archive, so I will quote it in its entirety)
I’ve been working on firmware for the past two and a bit years, in particular in the field of firmware viruses.
Without needlessly boring everyone with the various steps allow me to share an interesting observation: drivers often assume the hardware is misbehaved but never malicious. It is fascinating to discover what can be done by making the hardware malicious.
Summarising briefly my work, as yet unpublished except the obligatory notices to the affected vendors (in what follows please read NIC as strictly wired, no wireless cards):
1) there are remarkably naive “protection” methods to prevent malicious users from overwriting NIC firmware with something of their choice,
2) as an extension to 1) above it is amazing to discover how simply firmware can be updated over the wire on specific NICs,
3) from 1 & 2 above, after about two years, I’ve reached my goal of writing a totally transparent firewall bypass engine for those firewalls which are PC-based: you simply overwrite the firmware in both NICs and then perform PCI-to-PCI transfers between the two cards for suitably formatted IP packets (modern NICs have IP “offload engines” in hardware and therefore can trigger on incoming and outgoing packets). The resulting “Jedi Packet Trick” (sorry, couldn’t resist) fools, amongst others, CheckPoint FW-1, Linux-based Strongwall, etc. This is of course obvious as none of them check PCI-to-PCI transfers,
4) I have extended the technique to provide VM escape support: one writes packets from a bridged guest into the network which initiates the NIC firmware update, updates the firmware and then the NIC firmware is used to inject code into the underlying VM host. The requirement to write to the network is then dropped as all that is required is the pivoting in the NIC firmware.
This scares the crap out of me, just as it stands. But he’s missed a trick, IMO: because of the nature of the PCI bus, you can use the same technique on any machine with a vulnerable NIC to read all of RAM. You might even be able to read disk, too, depending on the disk controller.
Oh boy, this is going to be a can of worms once exploits start appearing (if they haven’t already, that is).