Skip to content

Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack

Notifications You must be signed in to change notification settings

Hansenberg/spectre-attack-demo

 
 

Repository files navigation

Spectre Attack Demo (i5-3320M and Intel Xeon v3)

This shows my own try of Proof of Concept Exploit demonstrating the Spectre attack. Unfortunately, I have been able to reproduce it smoothly both on my local and on my AWS Server.

Credits

Spectre was independently discovered and reported by Jann Horn and Paul Kocher in collaboration with, Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61).

Their great researching work is documented in the Spectre Paper.

Exploiting Speculative Execution

According to the Spectre paper,

Spectre attacks trick the processor into speculatively executing instructions sequences that should not have executed during correct program execution

The two secrets are declared here:

char * secret = "This is some sample sensitive data";
char * secret2= "This is some other sample sensitive data";

I first tried it on my local laptop running an Intel i5-3320M on Ubuntu 16.10 Yaketty

local_cpu.png

and it worked, as seen here:

Spectre_i5_ubuntuYakkety.jpeg

Then, I tried it on my AWS EC2 Instance running an Intel Xeon E5-2676 v3

server_cpu.png

and it worked as well:

Spectre_Xeonv3_ubuntuXenial.jpeg

Seems like we are all f*ucked.

About

Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 100.0%