Episode 4 – Power Glitch Attack
In this episode, we investigate how to conduct a power glitch attack, exploits that some hardware wallets – though not Ledger’s – are still vulnerable to. Watch, learn, and Enter the Donjon.
POWER GLITCH ATTACK
Today, in The Donjon, we are going to show you how we can extract a seed and a PIN from a Trezor wallet, using power glitch attacks. Today, we’re going to introduce you to voltage glitch attacks. Voltage glitch attacks. Power glitching is considered as a type of fault injection attacks. The concept of these attacks is to violently modify the supply voltage of the circuit for a very short time, so that it ends up in an inappropriate state. In this way, the circuit becomes vulnerable, and we will take advantage of this vulnerability to steal its contents. To speak a little figuratively, it is a bit like breaking the circuit lock to access all these files.
SET UP
Here we have a wallet. We don’t have the PIN code. So, we’re going to try to glitch attack it to bypass its protections and access the secret. The first step will be to dismantle the wallet. To do so, we will use a grinder to cut the plastic case and extract the printed circuit. And then, we will recover the PCB that is inside. Now we are going to unsolder the circuit from its PCB to be able to work on it. So here is the microcontroller. It is in this element that the data and secrets of the wallet are contained. It is these chips that we try to glitch to recover the secrets.
METHODOLOGY
Once we have unsoldered the chip, we will connect it to the test model and this test model, we will connect it to the oscilloscope to measure the voltage of the chip during its execution. Unlike side channel attacks, where we only observed the chip’s power consumption to guess the different PIN digits this time we will directly disrupt the power supply of the circuit to force it to reveal all its secrets to us. Here, in red, is the electrical activity of the circuit. We can also display its supply voltage, which is very stable for the moment and which we are going to make vary suddenly as we wish to impact the normal operation of the circuit. The component will then be in a state where it’s no longer able to function normally. This violent voltage drop is our attack. That’s what’s going to confuse the chip.
THE HACK
So, now we can activate the glitch. We are going to force the circuit to reveal its secrets to us, by heckling it a little bit in an electric way. Here we can have a dip, this is our very brief voltage drop. It has a strong impact on the consumption of the circuit and at this moment the chip becomes vulnerable and we will be able to access all its data, including the file system. So, what just happened is that we managed to recover all the data from the chip so our glitch worked and we’re going to be able to dig into this data to find the secrets. What we see here is the firmware. It’s the content of the chip that we managed to extract from the wallet. It is not over yet because all the files we recovered are encrypted and we will have to decrypt them. The files are protected by the user’s PIN code. This is the same PIN code that protected the wallet at the beginning of the manipulation. We don’t know this PIN code. When we are on the wallet we have a limited number of tries but as we have access to all the data of the chip we can try as many times as we want. What we’re going to do now is run a script that we wrote in the Donjon It is a script that will brute-force the PIN code that is to try all possible combinations until it finds the right one. So here I am running the script. And in less than two seconds, we tested the ten thousand combinations and find the correct PIN code, 4-4-2-7. The attack was successful, the user’s PIN and seed were recovered. We now have access to all his funds.