Giters

zhengyangruc / spectrev2-poc

Proof of Concept of exploit against Spectre Variant 2 Vulnerability

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Spectre Variant 2 PoC

Proof of Concept of Spectre Variant 2 vulnerability.

Spectre is a vulnerability that allows malicious programs to read arbitrary memory locations by exploiting microarchitectural side channels and speculative execution.

Variant 1 of Spectre relies on mistraining the CPUs branch predictor, in order to speculatively execute a code path that is logically prevented by a conditional branch.

Variant 2 is very similar, but instead relies on mistraining the CPUs branch target predictor. For more details, here is a shameless plug to a blog post I wrote on the topic.

How to Run

Take it one step at a time:

$ make
$ ./spectrev2
...output...

If you see the secret phrase, that means the demo worked! If not, the code might not be set up correctly for your system. Feel free to leave a GitHub issue, or submit a pull request if you were able to fix it.

Acknowledgements

This code was written while I was working on the project Ward.

The Makefile was taken from Eugnis' repository for a PoC of the Spectre v1 attack.

About

Proof of Concept of exploit against Spectre Variant 2 Vulnerability

Languages

Language:C 96.1%Language:Makefile 3.9%