Skip to content

A quick PoC to try out the "meltdown" timing attack.

Notifications You must be signed in to change notification settings

gkaindl/meltdown-poc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

POC for meltdown/spectre

I just wanted to see if this really works, and it actually does. Scary!

It reads out the TEST_PHRASE using the timing attack (in its own process).

Note: This will only work on Intel "Haswell" and later, since it uses the TSX extensions to mitigate the processor trap.

Alternatively, by changing the macro TEST_IN_OWN_PROCESS to 0, you can specify an address and length on the command line, and output raw data to pipe into strings. In this case, it uses Intel's TSX to prevent crashing when attempting to access the mem location, just like the meltdown paper says.

Tested on OS X 10.12.6

Update: OS X has a fix available now, so the PoC only works in its own process memory anymore.

About

A quick PoC to try out the "meltdown" timing attack.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages