GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → flxwu → spectre-attack-demo

flxwu / spectre-attack-demo

Licence: other
Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack

Programming Languages

c
50402 projects - #5 most used programming language

Labels

awscpuattackintelspectreprocessorsmeltdownvulnaribility

Projects that are alternatives of or similar to spectre-attack-demo

hardware-attacks-state-of-the-art
Microarchitectural exploitation and other hardware attacks.
Stars: ✭ 29 (-66.67%)
Mutual labels:  intel, spectre, meltdown
Spectre Attack Sgx
Spectre attack against SGX enclave
Stars: ✭ 214 (+145.98%)
Mutual labels:  attack, spectre
jpeg-defense
SHIELD: Fast, Practical Defense and Vaccination for Deep Learning using JPEG Compression
Stars: ✭ 82 (-5.75%)
Mutual labels:  attack, intel
darknet
Darknet on OpenCL Convolutional Neural Networks on OpenCL on Intel & NVidia & AMD & Mali GPUs for macOS & GNU/Linux
Stars: ✭ 160 (+83.91%)
Mutual labels:  cpu, intel
kleespectre
KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling
Stars: ✭ 31 (-64.37%)
Mutual labels:  spectre, meltdown
Spectre Meltdown Checker
Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD
Stars: ✭ 3,482 (+3902.3%)
Mutual labels:  spectre, meltdown
ddcpuid
🔬 dd's x86 CPU Identification tool
Stars: ✭ 21 (-75.86%)
Mutual labels:  cpu, intel
Pcm
Processor Counter Monitor
Stars: ✭ 1,240 (+1325.29%)
Mutual labels:  cpu, intel
Thor Os
Simple operating system in C++, written from scratch
Stars: ✭ 1,204 (+1283.91%)
Mutual labels:  cpu, intel
Specucheck
SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
Stars: ✭ 542 (+522.99%)
Mutual labels:  cpu, spectre
meltdown-spectre-bios-list
a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Stars: ✭ 16 (-81.61%)
Mutual labels:  spectre, meltdown
Neorv32
A small and customizable full-scale 32-bit RISC-V soft-core CPU and SoC written in platform-independent VHDL.
Stars: ✭ 106 (+21.84%)
Mutual labels:  cpu, intel
AtomicWatch
Intel Atom C2000 series discovery tool that parses log files and returns results if a positive match is found. #nsacyber
Stars: ✭ 25 (-71.26%)
Mutual labels:  cpu, intel
Ilgpu
ILGPU JIT Compiler for high-performance .Net GPU programs
Stars: ✭ 374 (+329.89%)
Mutual labels:  cpu, intel
In Spectre Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-1.15%)
Mutual labels:  cpu, spectre
Onemkl
oneAPI Math Kernel Library (oneMKL) Interfaces
Stars: ✭ 122 (+40.23%)
Mutual labels:  cpu, intel
md5-extension-attack
MD5长度扩展攻击
Stars: ✭ 36 (-58.62%)
Mutual labels:  attack
Hackintosh-ASUS-A455LF-Notebook
EFI Folder for ASUS A455LF-WX039D Notebook Series with Clover/OpenCore Legacy or UEFI
Stars: ✭ 27 (-68.97%)
Mutual labels:  intel
xconfigure
High-Performance configuration patterns and recipes.
Stars: ✭ 42 (-51.72%)
Mutual labels:  intel
COExperiment Repo
支持 45 条 MIPS 指令的单周期处理器 -- 计算机组成原理实验 NUAA Spring 2017
Stars: ✭ 23 (-73.56%)
Mutual labels:  cpu
View All Similar Projects ➔

Spectre Attack Demo (i5-3320M and Intel Xeon v3)

This shows my own try of Proof of Concept Exploit demonstrating the Spectre attack. Unfortunately, I have been able to reproduce it smoothly both on my local laptop and on my AWS Server.

Exploiting Speculative Execution

According to the Spectre paper,

Spectre attacks trick the processor into speculatively executing instructions sequences that should not have executed during correct program execution

The two secrets are declared here:

char * secret = "This is some sample sensitive data";
char * secret2= "This is some other sample sensitive data";

I first tried it on my local laptop running an Intel i5-3320M on Ubuntu 16.10 Yaketty

local_cpu.png

and it worked, as seen here:

Spectre_i5_ubuntuYakkety.jpeg

Then, I tried it on my AWS EC2 Instance running an Intel Xeon E5-2676 v3 on Ubuntu Server 16.04TLS

server_cpu.png

and it worked as well:

Spectre_Xeonv3_ubuntuXenial.jpeg

Seems like we are all f*ucked.

Credits

Spectre was independently discovered and reported by Jann Horn and Paul Kocher in collaboration with, Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61).

Their great researching work is documented in the Spectre Paper.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].