A simple demo of the Spectre vulnerability
-
Updated
Jan 16, 2018 - C
A simple demo of the Spectre vulnerability
🕹️👻This fork of burntmacncheese's project checks your Windows workstation or server for it's vulnerability to Spectre / Meltdown. This version doesn't query Active Directory and is intended to work as a Configuration Baseline for SCCM 2012.
A simple implementation of spectre vulnerability using Go
Spectre-based Meltdown attack (i.e. 2-in1) proof of concept in 99 lines of code. For more details see 'The Spectre of Meltdowns' presentation:
Proof of Concept implementation + Brief Tutorial of the Meltdown and Spectre attacks [+ Flush/Realod]
InSpectre allows you to detect whether your CPU is affected by the Meltdown/Spectre vulnerability.
A distillation of the Spectre and Meltdown vulnerabilities.
Variant 1 of the Spectre attack which is to bypass the bounds checks in the target process and retrieve the private data. Here in this example, I have demonstrated how to retrieve a string data using the attack.
Spectre attack variant 1 is used here to extract an image data buffer from a program. The output image data is then decoded and median filters are applied to remove the hot pixels in the output image. Here I have included files for RGB and base64 format.
Benchmarks for Binsec/Rel tool.
Advanced Computer Architecture at EPFL.
A simple piece of software which can infer the size of the Last Level Cache (LLC) of a system via timing memory access. Created as part of a university assignment.
A bibliography of hardware vulnerabilities.
MSc. thesis on the detection of Spectre-like vulnerabilities in AES modes of operation in OpenSSL
Fuzzer that searches for vulnerabilities like Spectre and Meltdown in CPUs
String and memory handling functions based around the Spectre misfeature
Binsec/Haunted is an extension of Binsec to verify speculative constant-time and detect Spectre attacks.
Constant-time big number library resistant to Spectre v1 written in Jasmin
Add a description, image, and links to the spectre-vulnerability topic page so that developers can more easily learn about it.
To associate your repository with the spectre-vulnerability topic, visit your repo's landing page and select "manage topics."