支持本站 — 捐款将帮助我们持续运营

目标: 1000 元,已筹: 1000

100.0%
立即捐款

POC详情: a1d8957024711581456e42e0f54b872cebdd3562

来源
https://github.com/Shuiliusheng/CVE-2018-3639-specter-v4-
关联漏洞
标题:AMD、ARM和Intel CPUs 信息泄露漏洞 (CVE-2018-3639)
Description:AMD、ARM和Intel CPUs等都是不通厂商的CPU(中央处理器)产品。 AMD、ARM和Intel CPUs存在信息泄露漏洞。攻击者可通过实施边信道攻击利用该漏洞获取信息。
Description
spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux
介绍
# CVE-2018-3639-specter-v4
**spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux**

- **build:** gcc spectre-v4.cpp -o spectre

- **run:** ./spectre


- **result:**

  --------attack--------

  low than threshold:155

  low than threshold:144

  low than threshold:133

  low than threshold:0

  low than threshold:1

  --------attack--------

  low than threshold:133

  low than threshold:0

  low than threshold:1

  --------attack--------

  low than threshold:0

  low than threshold:1


- 
  **Question:**

  every time I want use the same victim function to get other secret data, it will be failed.

  I guess it is because the two  instruction will be marked dependent load and store, so it won't speculate the load instruction.
文件快照

 [4.0K]  /data/pocs/a1d8957024711581456e42e0f54b872cebdd3562
├── [ 766]  README.md
└── [2.0K]  spectre_v4.cpp

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。