当前位置:首页 > 报告详情

Copilot+ 的(奇遇)经历:攻击和利用 Windows NPU 驱动程序.pdf

上传人: 竿*** 编号:981755 2025-11-29 94页 5.81MB

1、#BHAS BlackHatEvents(Mis)adventures with Copilot+:Attacking and Exploiting Windows NPU DriversNicola Stauffer&Grkan Gr Nicola Stauffer Graduate Student Member of the security research team Grkan Gr Senior Lecturer Zurich Uni.of Applied Sciences(ZHAW)InIT Information Security Group(ISE)AIAI!What abou

2、t?PrivacyCostAvailabilityRun it locally!GPUNPUASICFPGACopilot+ArchitectureApplicationDX12/User Mode DriverONNX RuntimeDirectMLWDDM/MCDM Kernel DriverDevice Driver Interface(DDI)GPU/NPUWebNNhttps:/www.w3.org/2024/01/webevolve-series-events/media/slides/hu-ningxin.pdfWeb AppWebNN APIONNX Runtime WebWe

3、b NN EPDirectMLONNX RuntimeDirectMLOMG I love COM said no one everKernelmodeUsermodeDDIHear me out!What is this BH 2014?Vista called,it wants its architecture backBro gonna talk about DDI in 2025 lmaoThats some old sh*tWin32k.sysUserspaceKernelspaceGDI32.DLLDxgkrnl.sysWin32k SyscallWDDM/MCDMGPU/NPUU

4、MD_Vendor.DLLApplicationWDDMGPUhttps:/ DDI functions are required42 DDI functions are optional29 DDI functions are prohibitedhttps:/ drivers are like a box of chocolates,you never know what youre going to get.Forest GumpSet to 1Call D3DKMTEnumadapters3Iterate over handlesCheck the resulting bufferSe

5、t typeCall D3DKMTQueryAdapterInfoWe forgot a“what about”securityAttack vectorsDDI FunctionspPrivateDriverDatapPrivateDriverDataSizetwoProcess interferenceUserspaceKernelspaceWDDM/MCDMLLM 2Process 2Process 1LLM 1UserspaceKernelspaceWDDM/MCDMLLM 2ChangedProcess 2Process 1LLM 1UserspaceKernelspaceWDDM/

6、MCDMLLM 2ChangedProcess 2WTF Dude?Process 1LLM 1FirmwareOften loaded inside the NPU driverMitigationsNPUGPUUser32.dllGDI32.dllGUI stuffChrome has the mitigation enabledSo WebNN is safe,right?So WebNN is safe,right?Not yet(?)Snapping DragonsUser supplied valuesPassed to lock_virt_addr_sizeCVE-2024-53

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要探讨了Windows NPU(神经网络处理器)驱动程序的攻击和利用。以下是关键点: 1. Windows NPU驱动程序架构:涉及DX12、ONNX Runtime、DirectML、WDDM/MCDM内核驱动程序和设备驱动接口(DDI)。 2. 攻击向量:包括DDI函数、用户空间与内核空间交互、以及利用NPU和GPU的漏洞。 3. 漏洞示例:CVE-2024-53033和CVE-2024-36336,涉及整数溢出和缓冲区溢出。 4. 利用方法:通过堆风水、覆盖_WNF_DATA、设置权限提升等手段。 5. 演示了如何通过利用引用计数器来提升权限。 6. 结论:NPU和引用计数器是安全研究的重点,应从历史漏洞中学习。
"Windows NPU驱动漏洞揭秘" "WebNN安全漏洞大揭秘" "NPU驱动攻击手法解析"
客服
商务合作
小程序
服务号
折叠