sponsors
usenix conference policies
Read It Twice! A Mass-Storage-Based TOCTTOU Attack
Collin Mulliner and Benjamin Michéle, Technische Universität Berlin and Telekom Innovation Laboratories
Awarded Best Paper!
Consumer electronics and embedded devices often allow the installation of applications and firmware upgrades from user-provided mass-storage devices. To protect the integrity of these devices and the associated electronic markets, the software packages are protected by cryptographic signatures. The software installation code assumes that files on attached mass-storage devices cannot change while the storage device is connected. The software installation is therefore not bound to the file integrity check, thus laying the foundations for a time-of-check-to-time-of-use (TOCTTOU) attack. This work presents a TOCTTOU attack via externally attached mass-storage devices. The attack is based on emulating a mass-storage device to observe and alter file access from the consumer device. The TOCTTOU attack is executed by providing different file content to the check and installation code of the target device, respectively. The presented attack effectively bypasses the file content inspection, resulting in the execution of rogue code on the device.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
title = {Read It Twice! A {Mass-Storage-Based} {TOCTTOU} Attack},
booktitle = {6th USENIX Workshop on Offensive Technologies (WOOT 12)},
year = {2012},
address = {Bellevue, WA},
url = {https://www.usenix.org/conference/woot12/workshop-program/presentation/mulliner},
publisher = {USENIX Association},
month = aug
}
connect with us