GitHub - vnik5287/kaslr_tsx_bypass: Linux kASLR (Intel TSX/RTM) bypass static li...

6 years ago

source link: https://github.com/vnik5287/kaslr_tsx_bypass
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Linux kASLR (Intel TSX/RTM) bypass static library

Uses Intel TSX/RTM (Restricted Transactional Memory) cache side-channel to get the kernel offset.

Usage

Link libkaslr.a to your exploit and call get_kaslr_offset() to get the offset. The return value is either the kernel offset or (uint64_t)-1 on error.

$ gcc example.c libkaslr.a -static -lm -lpthread

Might try running get_kaslr_offset() in a loop to make sure the return value is stable.

https://asciinema.org/a/UQhuoTWP3ZtfPbPMR69OLSK1f

Recommend

GitHub - vnik5287/kaslr_tsx_bypass: Linux kASLR (Intel TSX/RTM) bypass static li...

Linux kASLR (Intel TSX/RTM) bypass static library

Usage

Recommend

GitHub - Shies/PHP7-forp: 用c语言编写forp PHP分析器是一个轻量级的PHP扩展提供脚本...

Meet Rafael Ponte - In Relation To

A Guide to Deeplearning4j | Baeldung

GitHub - ForstaLabs/libsignal-node: Node build of libsignal-protocol-javascript

GitHub - fastify/fastify: Fast and low overhead web framework, for Node.js

阿里系43人上百富榜！陈亮，我真没有34个亿！究竟谁在说谎

传彭于晏出柜？明星跨界投资做LP很正常！

sql: support JSON/Protobuf · Issue #2969 · cockroachdb/cockroach · GitHub

GitHub - mschoch/smat: State Machine Assisted Testing

Monitoring Slow SQL Queries via Slack - Azer Koçulu's Journal

About Joyk