Skip to content

strm-exploits/exploit-cve-2017-5715

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Spectre attack

logo

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.

This exploit check your Linux (x64 only) for the spectre vulnerability.

Compile

Just run make to compile the source code.

Run

Execute the exploit

taskset -c 1 ./exploit 

[+] Testing for Spectre
[+] Dumping memory from 0xffffffffffdfeea8 to 0xffffffffffdfeec2
[+] Dumped bytes match the expected value
[+] System vulnerable to spectre

Authors

Spectre was independently discovered and reported by two people:

  • Jann Horn (Google Project Zero).
  • Paul Kocher in collaboration with, in alphabetical order, Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61).

References

Releases

No releases published

Packages

No packages published

Languages

  • C 97.2%
  • Makefile 2.8%