Abusing EFI Variables and the AMT
SUPERCEDED: This appears to be downstream of the Dark Symbiote CS/ME 

Speculation on How EFI was Modified:

By simply having Ring 0 (kernel mode) one can place EFI variables into NVRAM via EFI runtime services.  If one of these variables is scanned as a valid FFV, that gives execute at level of Ring -1, from there modifying the SPI contents of the flash chip to re-write the Intel ME / Intel Gigabit Ethernet is possible.  By flashing an old version of the Intel ME (or better the Intel AMT) one can take advantage of known CVEs in the Intel ME giving Ring -3.  From here one can inject any SMBios of their choosing and maintain Ring -2 every boot.  This allows for a evil actor to run their own stack during any OS load or reinstall.  By using AMT ramdisks, EFI drivers, and modifying the ACPI tables they can then live in Ring 0 cooperatively with any OS that is installed.

Booting Into a Decent Shell

After some working around various issues I finally got into a decent EFI v2.2 shell.  The first five entries in the handle table were what are known as “FFV” or flash-firmware-volume entries.  This implies that the lion share of this is happening one of two ways: the flash chip has been somehow updated to a version of EFI that it should not contain, or two that something is persisting to disk and performing a restore in a way that it is not possible to reset with only pulling the power cable out of the device.  It is clearly running vPro and the AMT stack, and has created an entry of a ramdisk entry (shows in the table) as well as loading a number of drivers and Dxe’s that are to say the least, unexpected.

From a running linux view the following EFI vars were observed, not matching in any way what was pulled from the shell: https://gist.githubusercontent.com/rickmark/21059379ab65c11bfcb2f3b339bdbea1/raw/7a0d2a60f38cdc1bf7887df1e7e461474dced25c/refi_var_list.txt

  • PlatformLangCodes = en-US;x-UQI
  • ItkModifiedSetup = 0 
  • MeInfoSetup
  • SIO_DEV_STATUS_VAR
  • VV_SIO_LD0
  • DriverHlthEnable
  • TpmServFlatgs
  • OptaneState
  • FPDT_Volatile
  • NBPlatformData
  • E770BB69-BCB4-4D09-9E97-23FF9456FEAC:SystemAccess = 0
  • BootDebugPolicyApplied
  • CurrentPolicy
  • CurrentActivePolicy
  • 1C697A091199_IAIDPXE
  • Ip6Config:16697A091199
  • IPv4Config2:1C697A091199
  • SetupCpuFetures



  • StandardGUID 8BE4DF61-93CA-11D2-AA0D-00E098032B9C
  • ACA9F304-21E1-4852-9875-7FF488AD67A5
  • PCI_COMMON
  • 7B59104A-C00D-4158-87FF-F03D6396A915
  • SecureBootSetup
  • EC87D643-EBA4-4BB5-A1E5-3F3E36B20DA9
  • SdioDevConfiguration
  • 64192DCA-D034-49D2-A6DE-65A829EB4C74
  • `IccAdvancedSetupDataVar
  • 5432122D-D034-29D2-A6DE-65A829EB4C74
  • MeSetupStorage
  • 90D93E09-4E91-4B3D-8C77-C82FF10E3C81
  • CpuSmm
  • 05A798EA-39EE-40FC-92C5-622582FA634B


Asking the device for the listing of devices shows
Seg:Bus:Dev:Func
Ven:Dev
Description
00:00:00:00
8086:3ED0
Bridge Device - Host/PCI bridge