0

Am-I-affected-by-Meltdown

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

官方網站
Github 資源庫
主要指標

Github星跟蹤圖

Am I affected by Meltdown?! Meltdown (CVE-2017-5754) checker

Alt text

What am I?

Proof-of-concept /

Exploit /

Checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

The basic idea is that user will know whether or not the running system is properly patched with
something like KAISER patchset (https://lkml.org/lkml/2017/10/31/884) for example.

Check out my blog post that guides reader through a Meltdown proof-of-concept: http://funwithbits.net/blog/programmers-guide-to-meltdown/

*** Only works on Linux for now ***

How it works?

It works by using /proc/kallsyms to find system call table and checking whether the address of a
system call found by exploiting MELTDOWN match the respective one in /proc/kallsyms.

Getting started

Clone, then run make to compile the project, then run meltdown-checker:

git clone https://github.com/raphaelsc/Am-I-affected-by-Meltdown.git
cd ./Am-I-affected-by-Meltdown
make
taskset 0x1 ./meltdown-checker

What to do when you face:

  • Unable to read /proc/kallsyms...

    That's because your system may be preventing the program from reading kernel symbols in /proc/kallsyms due to /proc/sys/kernel/kptr_restrict set to 1.
    The following command will do the tricky:

    sudo sh -c "echo 0  > /proc/sys/kernel/kptr_restrict"

  • Unable to read /boot/System.map-.

    That could probably be because your system not having /boot mounted. This program relies on that partition and thus you'd need to mount your /boot partition first.

Please open an issue if you have an idea on how to fallback to another approach in this scenario.

Example output for a system affected by Meltdown:

Alt text

Checking whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN ...
Checking syscall table (sys_call_table) found at address 0xffffffffaea001c0 ...
0xc4c4c4c4c4c4c4c4 -> That's unknown
0xffffffffae251e10 -> That's SyS_write

System affected! Please consider upgrading your kernel to one that is patched with KAISER
Check https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html for more details

主要指標

概覽
名稱與所有者raphaelsc/Am-I-affected-by-Meltdown
主編程語言C++
編程語言C++ (語言數: 2)
平台
許可證BSD 2-Clause "Simplified" License
所有者活动
創建於2018-01-04 23:51:12
推送於2018-02-27 05:22:38
最后一次提交2018-01-16 23:33:08
發布數0
用户参与
星數541
關注者數43
派生數71
提交數72
已啟用問題?
問題數18
打開的問題數7
拉請求數3
打開的拉請求數1
關閉的拉請求數0
项目设置
已啟用Wiki?
已存檔?
是復刻?
已鎖定?
是鏡像?
是私有?