GitHub - gkaindl/meltdown-poc: A quick PoC to try out the "meltdown" t...
source link: https://github.com/gkaindl/meltdown-poc
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
POC for meltdown/spectre
I just wanted to see if this really works, and it actually does. Scary!
It reads out the TEST_PHRASE
using the timing attack (in its own process).
Note: This will only work on Intel "Haswell" and later, since it uses the TSX extensions to mitigate the processor trap.
Alternatively, by changing the macro TEST_IN_OWN_PROCESS
to 0, you can
specify an address and length on the command line, and output raw data to pipe
into strings
. In this case, it uses Intel's TSX to prevent crashing when
attempting to access the mem location, just like the meltdown paper says.
Tested on OS X 10.12.6
Update: OS X has a fix available now, so the PoC only works in its own process memory anymore.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK