# NSA Playset: JTAG Implants

## Introductory Rites

### **Today's Clergy**

- Electrical Engineering education with focus on CS and Infosec
- 10 years of fun with hardware
  - silicon debug
  - security research
  - pen testing of CPUs
  - security training
- Hardware Security Training:
  - Secure RTL design
  - Low-cost physical attacks
  - "Applied Physical Attacks on x86 Systems"



Joe FitzPatrick
@securelyfitz
joefitz@securinghardware.com



### **Today's Clergy**

- Degrees in Electrical and Computer Engineering
- 10+ years designing, implementing, and testing SoC silicon debug features
- Hardware and firmware pentesting



Matt King
@syncsrc
jtag@syncsrc.org

# **NSA Playset**

Search this site





#### Site Information

Contributions

Project Requirements

Open Problems

#### Passive Radio Interception

TWILIGHTVEGETABLE (GSM)

LEVITICUS

DRIZZLECHAIR

PORCUPINEMASQUERADE (WiFi)

KEYSWEEPER

#### **Physical Domination**

SLOTSCREAMER (PCI)

ADAPTERNOODLE (USB)

#### Welcome to the home of the NSA Playset.

In the coming months and beyond, we will release a series of dead simple, easy to use tools to enable the next generation of security researchers. We, the security community have learned a lot in the past couple decades, yet the general public is still ill equipped to deal with real threats that face them every day, and ill informed as to what is possible.



Inspired by the NSA ANT catalog, we hope the NSA Playset will make cutting edge security tools more accessible, easier to understand, and harder to forget. Now you can play along with the NSA!

https://en.wikipedia.org/wiki/NSA\_ANT\_catalog

# NSA Playset

Search this site





#### Site Information

Contributions

Project Requirements Open Problems

#### Passive Radio Interception

TWILIGHTVEGETABLE (GSM)

LEVITICUS DRIZZLECHAIR

PORCUPINEMASQUERADE (WIFI)

KEYSWEEPER

#### **Physical Domination**

SLOTSCREAMER (PCI)

ADAPTERNOODLE (USB)

More toys for sale!

Sunday at Hacker Warehouse in the vendor area!

### The Penitence of Godsurge & Fluxbabbit



## Liturgy of the DWORD: JTAG

# Joint Test Action Group

### A reading from IEEE 1149



#### OSI Model

data unit layers application Network Process to Application data Layers presentation
Data Representation & Encryption data Host session data Interhost Communication transport End-to-End Connections segments and Reliability network
Path Determination & Media Layers packets Logical Addressing (IP) data link frames Physical Addressing (MAC & LLC) physical bits Media, Signal and Binary Transmission

# Remember This?

#### OSI Model data unit layers application Network Process to Application data -ayers presentation Data Representation & Encryption data Host session data Interhost Communication transport End-to-End Connections segments and Reliability network Media Layers packets Path Determination & Logical Addressing (IP) data link frames Physical Addressing (MAC & LLC) physical bits Media, Signal and Binary Transmission

#### **JTAG Model**

TDI, TDO, TMS, TCK, TRST

### **Physical Layer: Test Access Port**



# TDO unto others As others TDI unto you

#### OSI Model data unit layers application Network Process to Application data -ayers presentation Data Representation & Encryption data Host session data Interhost Communication transport End-to-End Connections segments and Reliability network Media Layers packets Path Determination & Logical Addressing (IP) data link frames Physical Addressing (MAC & LLC) physical bits Media, Signal and Binary Transmission

#### **JTAG Model**

TAP FSM

TDI, TDO, TMS, TCK, TRST

### **Data Link: TAP FSM**



### **Data Link: TAP FSM**



#### OSI Model data unit layers application Network Process to Application data -ayers presentation Data Representation & Encryption data Host session data Interhost Communication transport End-to-End Connections segments and Reliability network -ayers packets Path Determination & Logical Addressing (IP) data link frames Media I Physical Addressing (MAC & LLC) physical bits Media, Signal and Binary Transmission

#### **JTAG Model**

IR/DR access

TAP FSM

TDI, TDO, TMS, TCK, TRST

### **Network Layer: IRs & DRs**



#### OSI Model JTAG Model data unit layers application Network Process to Application data ayers presentation Data Representation & Encryption data session Host data Interhost Communication transport End-to-End Connections Target-specific configuration segments and Reliability network -ayers IR/DR access packets Path Determination & Logical Addressing (IP) data link TAP FSM frames Physical Addressing (MAC & LLC) Media physical TDI, TDO, TMS, TCK, TRST bits Media, Signal and Binary Transmission

### **Transport Layer: Target-Specific**

Instruction Register Table 6-1 TAP Instruction Overview

| Code        | Instruction          | Function                                                  |          |
|-------------|----------------------|-----------------------------------------------------------|----------|
| All 0's     | (Free for other use) | Free for other use, such as JTAG boundary scan            | Data Out |
| 0x01        | IDCODE               | Selects Device Identification (ID) register               |          |
| 0x02        | (Free for other use) | Free for other use, such as JTAG boundary scan            |          |
| 0x03        | IMPCODE              | Selects Implementation register                           |          |
| 0x04 - 0x07 | (Free for other use) | Free for other use, such as JTAG boundary scan            |          |
| 0x08        | ADDRESS              | Selects Address register EXTEST                           |          |
| 0x09        | DATA                 | Selects Data register                                     |          |
| 0x0A        | CONTROL              | Selects EJTAG Control register                            |          |
| 0x0B        | ALL                  | Selects the Address, Data and EJTAG Control registers     |          |
| 0x0C        | EJTAGBOOT            | Makes the processor take a debug exception after reset    |          |
| 0x0D        | NORMALBOOT           | Makes the processor execute the reset handler after reset |          |

·Data In-

X86 is different ARM is different Each SOC is different

X86 is different
ARM is different
Each SOC is different

Romans 12:2 (NIV)

Do not conform to the pattern of this world

X86 is different
ARM is different
Each SOC is different

Romans 12:2 (NIV) NIH

Do not conform to the pattern of this world

#### OSI Model data unit layers application Network Process to Application data ayers presentation data Data Representation & Encryption session lost data Interhost Communication transport End-to-End Connections segments and Reliability network packets Path Determination & Logical Addressing (IP) data link frames Physical Addressing (MAC & LLC) Media physical bits Media, Signal and Binary Transmission

#### **JTAG Model**

- --- (no one uses this crap)
- --- N/A sessionless...

Target-specific configuration

IR/DR access

TAP FSM

TDI, TDO, TMS, TCK, TRST

# A Reading from The second email from Joe to people with JTAG questions



#### OSI Model data unit layers application Network Process to Application data ayers presentation data Data Representation & Encryption session lost data Interhost Communication transport End-to-End Connections segments and Reliability network packets Path Determination & Logical Addressing (IP) data link frames Physical Addressing (MAC & LLC) Media physical bits Media, Signal and Binary Transmission

#### **JTAG Model**

Boundary Scan, Run Control, Memory Access

\_\_\_

\_\_\_

Target-specific configuration

IR/DR access

TAP FSM

TDI, TDO, TMS, TCK, TRST





image from intelletech.com, they make stuff to read flash like this

### **Run Control**



### Run Stop Control



### The Debugger's Gospel



### **Homily**

#### 1149.1 Section 8.3: Private Instructions

c) If private instructions are utilized in a component, the vendor shall clearly identify any instruction binary codes that, if selected, would cause hazardous operation of the component.



# Liturgy of the PCB

### **SAVIORBURST Payload**

Replay of debug performed in OpenOCD

- Target (potentially kernel) specific

Commands are converted into a standard format (SVF/XSVF)

```
!Begin Test Prog
TRST OFF;
ENDIR IDLE;
ENDDR IDLE;
HIR 8 TDI (00);
HDR 16 TDI (FFFF
TIR 16 TDI (0000)
TDR 8 TDI (12);
SIR 8 TDI (41);
SDR 32 TDI (ABCD:
```

STATE DRPAUSE;

DIMPERM 100 POR I

### **SOLDERPEEK Implant**





#### **Transubstantiation**

```
"/openocd=0.9.0/contrib
File Edit View Search Terminal Help
[matt#
              contrib)$ ./log2svf.py -h
usage: log2svf.py [-h] [-v] [-w] [-] JTAG] [-s SVF] -l LOG [LOG ...]
This script will take an OpenOCD log file and generate an SVF from it.
optional arguments:
 -h, --help
                       show this help message and exit
 -v, --version
                       show program's version number and exit
 -w, --warn
                       Issue warnings for non-fatal errors instead of exiting
 -j JTAG, --jtag JTAG file to read DEBUS JTAG parameters from (defaults to
                       src/jtag/jtag.h)
 -s SVF, --svf SVF
                       Output file
 -1 L06 [L06 ...], --log L06 [L06 ...]
                        OpenOCD log file(s) to parse. If multiple files are
                       specified commands from all log files will be
                       concatenated into a single SVF
This script parses debug messages from the [tag build buffer() function. To
enable JTAS debug printing, OpenOCD must be configured with the "...enable.
verbose-jtag-io' option and run with the '-d l' switch. It is also recommended
to run with '-c init -c "poll off"' to disable target status polling.
              contribl$ ./log2svf.pv -l ../bin/openccd.log -w
Begin Test Program
TRST OFF;
ENDIR IDLE:
ENDOR IDLE:
WARNING: Scan length of 672 exceeded length of data from log file: 64
WARNING: Scan length of 672 exceeded length of data from log file: 64
```

SIR 5 TDI (02); SDR 5 TDI (07); https://github.com/NSAPlayset/SAVIORBURST

### **Transubstantiation**

Done uploading.

```
File Edit Sketch Tools Help
   JTAGWhisperer §
  The JTAG Whisperer: An Arduino library for JTAG.
  By Mike Tsao <http://github.com/sowbug>.
  Copyright @ 2012 Mike Tsao. Use, modification, and distribution are
  subject to the BSD-style license as described in the accompanying
  LICENSE file.
  See README for complete attributions.
#include <BitTviddler.h>
#include <JTAGWhisperer.h>
                             https://github.com/NSAPlayset/SAVIORBURST
#include <SerialComm.h>
const int BLINK PIN = 13;
static bool is pin on;
void blink() ()
  digitalWrite(BLINK PIN, is pin on);
  ic nin on - lic nin on.
```

### Communion



# Concluding Rites

### **Solemn Invocation**

Not all devices can rely on physical security

Protecting user data requires user control over hardware debug capabilities

### **Dismissal**

I don't want to talk to you no more, you emptyheaded animal food trough wiper! I fart in your general direction! Your mother was a hamster and your father smelt of elderberries!

## Q & A