Sampei.Nihira Posted January 25, 2018 Share Posted January 25, 2018 (edited) https://github.com/gentilkiwi/spectre_meltdown/tree/master/ErikAugust_724d4a969fb2c6ae1bbd7b2a9e3d4bb6 Spectre.exe not work on Windows XP. and https://github.com/stephanvandekerkhof/cpp-spectre-meltdown-vulnerability-windows-test @Dibya Is it possible to recompile it? TH. Edited January 25, 2018 by Sampei.Nihira Link to comment Share on other sites More sharing options...
Dibya Posted January 26, 2018 Share Posted January 26, 2018 I will try as soon as possible Link to comment Share on other sites More sharing options...
dencorso Posted January 26, 2018 Share Posted January 26, 2018 16 hours ago, Sampei.Nihira said: Spectre.exe not work on Windows XP. And... https://github.com/stephanvandekerkhof/cpp-spectre-meltdown-vulnerability-windows-test Spectre.exe is a 64-bit executable. Now, spectre-meltdown-vulnerability-windows-test.exe does run on XP SP3 all right (provided the processor has SSE2, of course!). What part of... Quote System requirements: SSE2 capable processor (the program crashes without) ...did you fail to understand? Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted January 26, 2018 Author Share Posted January 26, 2018 On 1/26/2018 at 2:34 AM, Dibya said: I will try as soon as possible Good. On 1/26/2018 at 9:04 AM, dencorso said: Spectre.exe is a 64-bit executable. Now, spectre-meltdown-vulnerability-windows-test.exe does run on XP SP3 all right (provided the processor has SSE2, of course!). What part of... ...did you fail to understand? In my pc it crashes. XP (Intel Celeron M380) Link to comment Share on other sites More sharing options...
dencorso Posted January 26, 2018 Share Posted January 26, 2018 XP (Intel Celeron M380)? That's a 90nm Dothan from 2005! It's *not* vulnerable to either Meltdown or Spectre (both variants) and it does have SSE2, so it crashes on some other point or actually due to the exploit failure. Relax, you have no reason at all for worrying. \m/ Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted January 26, 2018 Author Share Posted January 26, 2018 (edited) Who says it is not vulnerable? At the moment it is not on the Intel List. This vulnerability affects the processors from the Pentium Pro 1995 (the first CPU to use speculative execution). The test below shows that my CPU is vulnerable: https://repl.it/repls/DeliriousGreenOxpecker Edited January 26, 2018 by Sampei.Nihira Link to comment Share on other sites More sharing options...
dencorso Posted January 26, 2018 Share Posted January 26, 2018 Figurati! Link to comment Share on other sites More sharing options...
cdob Posted January 26, 2018 Share Posted January 26, 2018 There is a fork: SpectrePoC https://github.com/crozone/SpectrePoC Processor features like rdtscp, mfence, clflush can be disabled. 1 Link to comment Share on other sites More sharing options...
UCyborg Posted January 26, 2018 Share Posted January 26, 2018 4 hours ago, Sampei.Nihira said: The test below shows that my CPU is vulnerable: https://repl.it/repls/DeliriousGreenOxpecker It shows that the CPU on the remote server is vulnerable. 7 hours ago, Sampei.Nihira said: In my pc it crashes. XP (Intel Celeron M380) What is the exception code? Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted January 27, 2018 Author Share Posted January 27, 2018 Link to comment Share on other sites More sharing options...
UCyborg Posted January 27, 2018 Share Posted January 27, 2018 (edited) Good, so now we're certain the problem is that one of the instructions used by that program is not supported by your CPU. I compiled the SpectrePoC fork that was linked by @cdob. I disabled all extras, I hope the binary is good. Needs at least Pentium 3 equivalent or better CPU; it utilizes some function relying on SSE instructions and it wouldn't compile without specifying -march=pentium3 parameter on the command line. https://drive.google.com/open?id=1WG-62M9ZZwDXNf0xlhx6NhR-_gtDv7AC Edited January 27, 2018 by UCyborg Link to comment Share on other sites More sharing options...
Sampei.Nihira Posted January 27, 2018 Author Share Posted January 27, 2018 32 minutes ago, UCyborg said: Good, so now we're certain the problem is that one of the instructions used by that program is not supported by your CPU. I compiled the SpectrePoC fork that was linked by @cdob. I disabled all extras, I hope the binary is good. Needs at least Pentium 3 equivalent or better CPU; it utilizes some function relying on SSE instructions and it wouldn't compile without specifying -march=pentium3 parameter on the command line. https://drive.google.com/open?id=1WG-62M9ZZwDXNf0xlhx6NhR-_gtDv7AC TH. In fast CPUs the window closes automatically after a few seconds. Can you insert a manual closure? Example "press a key to end the program". Link to comment Share on other sites More sharing options...
UCyborg Posted January 27, 2018 Share Posted January 27, 2018 OK, will update the ZIP file with another .exe with manual closure. The thing about console programs, they run, do their thing and and then the process terminates. You can see their output if you run them from Command Prompt. The bigger problem that shouldn't occur is that part of the message it outputs is garbled for some reason, need to look into this as well. Link to comment Share on other sites More sharing options...
Yellow Horror Posted January 27, 2018 Share Posted January 27, 2018 1 hour ago, UCyborg said: I hope the binary is good. Seems that it can't read "the secret string" on my Pentium 4: L:\>spectre.exe Using a cache hit threshold of 80. Build: RDTSCP_NOT_SUPPORTED MFENCE_NOT_SUPPORTED CLFLUSH_NOT_SUPPORTED Reading 40 bytes: Reading at malicious_x = 00001024... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001025... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001026... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001027... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001028... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001029... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102b... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102c... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102d... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102e... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000102f... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001030... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001031... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001032... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001033... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001034... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001035... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001036... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001037... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001038... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001039... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103b... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103c... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103d... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103e... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000103f... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001040... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001041... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001042... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001043... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001044... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001045... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001046... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001047... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001048... Success: 0xFF=’?’ score=0 Reading at malicious_x = 00001049... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000104a... Success: 0xFF=’?’ score=0 Reading at malicious_x = 0000104b... Success: 0xFF=’?’ score=0 Link to comment Share on other sites More sharing options...
UCyborg Posted January 27, 2018 Share Posted January 27, 2018 5 minutes ago, Yellow Horror said: Seems that it can't read "the secret string" on my Pentium 4: I got the same output with the version of that program that uses SSE2 on my AMD Phenom II X4 920. Well, so far, I think I've figured out the garbled text problem on my end, the font I've chosen for command windows doesn't support that ’ character. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now