Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/gkaindl/meltdown-poc
A quick PoC to try out the "meltdown" timing attack.
https://github.com/gkaindl/meltdown-poc
Last synced: 2 months ago
JSON representation
A quick PoC to try out the "meltdown" timing attack.
- Host: GitHub
- URL: https://github.com/gkaindl/meltdown-poc
- Owner: gkaindl
- Created: 2018-01-04T17:34:21.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2018-01-06T15:29:38.000Z (about 7 years ago)
- Last Synced: 2024-08-02T01:21:52.783Z (6 months ago)
- Language: C
- Size: 3.91 KB
- Stars: 154
- Watchers: 9
- Forks: 43
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- osx-security-awesome - Proof of concept
README
# POC for meltdown/spectre
I just wanted to see if this really works, and it actually does. Scary!
It reads out the `TEST_PHRASE` using the timing attack (in its own process).
**Note:** This will only work on Intel "Haswell" and later, since it uses
the TSX extensions to mitigate the processor trap.
Alternatively, by changing the macro `TEST_IN_OWN_PROCESS` to 0, you can
specify an address and length on the command line, and output raw data to pipe
into `strings`. In this case, it uses Intel's TSX to prevent crashing when
attempting to access the mem location, just like the meltdown paper says.
Tested on OS X 10.12.6
Update: OS X has a fix available now, so the PoC only works in its own process
memory anymore.