Skip to content
/ specrop Public
forked from HexHive/specrop

Code repository for experiments in SpecROP paper

Notifications You must be signed in to change notification settings

atrib/specrop

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SpecROP

This repository contains code used for the paper SpecROP: Speculative exploition of ROP chains. This work was published in the 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020). The full paper is available here.

The folders are:

  • contexts: This explores the contexts in which branch target poisoning is possible. This corresponds to Section 4.1 in the paper.
  • chaining: This explores the number of gadgets which can be chained using BTB and RSB poisoning (Sections 4.1.1 and 4.1.2 respectively).
  • poc: This is a laboratory proof-of-concept attack based on SMoTherSpectre and corresponds to Section 4.2 in the paper.
  • openssl: This is a realistic attack on OpenSSL. This is described in Section 4.3 in the paper.

Please note that the results might change with processor microcode updates and the software environment.

About

Code repository for experiments in SpecROP paper

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 74.8%
  • Perl 20.6%
  • Makefile 1.8%
  • C++ 1.1%
  • Assembly 0.6%
  • Objective-C 0.6%
  • Other 0.5%