支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: 92f16f29ea2ab15e3f20db678a5254641cec79a9

来源
https://github.com/Viralmaniar/In-Spectre-Meltdown
关联漏洞
标题:Intel和ARM CPU芯片信息泄露漏洞 (CVE-2017-5754)
Description:ARM Cortex-R7等都是英国ARM公司的产品。ARM Cortex-R7是一款中央处理器(CPU)。Cortex-R8是一款中央处理器(CPU)。Intel Xeon CPU E5-1650等都是美国英特尔(Intel)公司的产品。Xeon CPU E5-1650是一款中央处理器(CPU)。 Intel和ARM CPU芯片存在信息泄露漏洞,该漏洞源于处理器数据边界机制中存在缺陷。本地攻击者可通过滥用‘错误推测执行’利用该漏洞读取读取内存信息。以下产品和版本受到影响:ARM Cortex-A75;I
Description
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
介绍
# In-Spectre-Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. <br>
<br>
This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in 

![image](https://user-images.githubusercontent.com/3501170/34603779-710a93b6-f259-11e7-9707-f2145e106e46.png)

# Please note:
This solution has been tested successfully using Python 3.6.3 & PowerShell version 5.1.

# How do I use this?
- Run the python code or download the executable from the releases section and run it as an administrator user.
- Press Number 1, 2, 3 & 4 in sequence to see the results.
- Press 1: Sets the execution policy to unrestricted.
- Press 2: Imports necessary PowerShell modules
- Press 3: Installs Spectre related modules within PowerShell
- Press 4: Inspects control settings for Spectre & Meltdown and displays result
- Press 5: Exit from the program

# Do I need to run the executable as administrator?
- Yes, Right click on the "In-Spectre_meltdown.exe" and run as administrator to get the results.

# Questions?
Twitter: https://twitter.com/maniarviral <br>
LinkedIn: https://au.linkedin.com/in/viralmaniar
文件快照

 [4.0K]  /data/pocs/92f16f29ea2ab15e3f20db678a5254641cec79a9
├── [1.4M]  In-Spectre_meltdown.exe
├── [4.4K]  In-Spectre_meltdown.py
├── [ 34K]  LICENSE.md
├── [ 47K]  meltdown.ico
└── [1.5K]  README.md

0 directories, 5 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。