Guest Posted January 25, 2018 Posted January 25, 2018 (edited) https://github.com/gentilkiwi/spectre_meltdown/tree/master/ErikAugust_724d4a969fb2c6ae1bbd7b2a9e3d4bb6 Spectre.exe not work on Windows XP. and https://github.com/stephanvandekerkhof/cpp-spectre-meltdown-vulnerability-windows-test @Dibya Is it possible to recompile it? TH. Edited January 25, 2018 by Sampei.Nihira
dencorso Posted January 26, 2018 Posted January 26, 2018 16 hours ago, Sampei.Nihira said: Spectre.exe not work on Windows XP. And... https://github.com/stephanvandekerkhof/cpp-spectre-meltdown-vulnerability-windows-test Spectre.exe is a 64-bit executable. Now, spectre-meltdown-vulnerability-windows-test.exe does run on XP SP3 all right (provided the processor has SSE2, of course!). What part of... Quote System requirements: SSE2 capable processor (the program crashes without) ...did you fail to understand?
Guest Posted January 26, 2018 Posted January 26, 2018 On 1/26/2018 at 2:34 AM, Dibya said: I will try as soon as possible Good. On 1/26/2018 at 9:04 AM, dencorso said: Spectre.exe is a 64-bit executable. Now, spectre-meltdown-vulnerability-windows-test.exe does run on XP SP3 all right (provided the processor has SSE2, of course!). What part of... ...did you fail to understand? In my pc it crashes. XP (Intel Celeron M380)
dencorso Posted January 26, 2018 Posted January 26, 2018 XP (Intel Celeron M380)? That's a 90nm Dothan from 2005! It's *not* vulnerable to either Meltdown or Spectre (both variants) and it does have SSE2, so it crashes on some other point or actually due to the exploit failure. Relax, you have no reason at all for worrying. \m/
Guest Posted January 26, 2018 Posted January 26, 2018 (edited) Who says it is not vulnerable? At the moment it is not on the Intel List. This vulnerability affects the processors from the Pentium Pro 1995 (the first CPU to use speculative execution). The test below shows that my CPU is vulnerable: https://repl.it/repls/DeliriousGreenOxpecker Edited January 26, 2018 by Sampei.Nihira
cdob Posted January 26, 2018 Posted January 26, 2018 There is a fork: SpectrePoC https://github.com/crozone/SpectrePoC Processor features like rdtscp, mfence, clflush can be disabled. 1
UCyborg Posted January 26, 2018 Posted January 26, 2018 4 hours ago, Sampei.Nihira said: The test below shows that my CPU is vulnerable: https://repl.it/repls/DeliriousGreenOxpecker It shows that the CPU on the remote server is vulnerable. 7 hours ago, Sampei.Nihira said: In my pc it crashes. XP (Intel Celeron M380) What is the exception code?
UCyborg Posted January 27, 2018 Posted January 27, 2018 (edited) Good, so now we're certain the problem is that one of the instructions used by that program is not supported by your CPU. I compiled the SpectrePoC fork that was linked by @cdob. I disabled all extras, I hope the binary is good. Needs at least Pentium 3 equivalent or better CPU; it utilizes some function relying on SSE instructions and it wouldn't compile without specifying -march=pentium3 parameter on the command line. https://drive.google.com/open?id=1WG-62M9ZZwDXNf0xlhx6NhR-_gtDv7AC Edited January 27, 2018 by UCyborg
Guest Posted January 27, 2018 Posted January 27, 2018 32 minutes ago, UCyborg said: Good, so now we're certain the problem is that one of the instructions used by that program is not supported by your CPU. I compiled the SpectrePoC fork that was linked by @cdob. I disabled all extras, I hope the binary is good. Needs at least Pentium 3 equivalent or better CPU; it utilizes some function relying on SSE instructions and it wouldn't compile without specifying -march=pentium3 parameter on the command line. https://drive.google.com/open?id=1WG-62M9ZZwDXNf0xlhx6NhR-_gtDv7AC TH. In fast CPUs the window closes automatically after a few seconds. Can you insert a manual closure? Example "press a key to end the program".
UCyborg Posted January 27, 2018 Posted January 27, 2018 OK, will update the ZIP file with another .exe with manual closure. The thing about console programs, they run, do their thing and and then the process terminates. You can see their output if you run them from Command Prompt. The bigger problem that shouldn't occur is that part of the message it outputs is garbled for some reason, need to look into this as well.
Yellow Horror Posted January 27, 2018 Posted January 27, 2018 1 hour ago, UCyborg said: I hope the binary is good. Seems that it can't read "the secret string" on my Pentium 4: L:\>spectre.exe Using a cache hit threshold of 80. Build: RDTSCP_NOT_SUPPORTED MFENCE_NOT_SUPPORTED CLFLUSH_NOT_SUPPORTED Reading 40 bytes: Reading at malicious_x = 00001024... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001025... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001026... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001027... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001028... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001029... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102b... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102c... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102d... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102e... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102f... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001030... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001031... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001032... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001033... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001034... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001035... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001036... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001037... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001038... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001039... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103b... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103c... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103d... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103e... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103f... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001040... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001041... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001042... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001043... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001044... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001045... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001046... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001047... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001048... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001049... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000104a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000104b... Success: 0xFF=’?’ score=0
UCyborg Posted January 27, 2018 Posted January 27, 2018 5 minutes ago, Yellow Horror said: Seems that it can't read "the secret string" on my Pentium 4: I got the same output with the version of that program that uses SSE2 on my AMD Phenom II X4 920. Well, so far, I think I've figured out the garbled text problem on my end, the font I've chosen for command windows doesn't support that ’ character.
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now