forked from IAIK/meltdown
-
Notifications
You must be signed in to change notification settings - Fork 0
/
secret.c
50 lines (42 loc) · 1.57 KB
/
secret.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#include "libkdump.h"
#include <sched.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <time.h>
const char *strings[] = {
"If you can read this, this is really bad",
"Burn after reading this string, it is a secret string",
"Congratulations, you just spied on an application",
"Wow, you broke the security boundary between user space and kernel",
"Welcome to the wonderful world of microarchitectural attacks",
"Please wait while we steal your secrets...",
"Don't panic... But your CPU is broken and your data is not safe",
"How can you read this? You should not read this!"};
int main(int argc, char *argv[]) {
libkdump_config_t config;
config = libkdump_get_autoconfig();
libkdump_init(config);
srand(time(NULL));
const char *secret = strings[rand() % (sizeof(strings) / sizeof(strings[0]))];
int len = strlen(secret);
printf("\x1b[32;1m[+]\x1b[0m Secret: \x1b[33;1m%s\x1b[0m\n", secret);
size_t paddr = libkdump_virt_to_phys((size_t)secret);
if (!paddr) {
printf("\x1b[31;1m[!]\x1b[0m Program requires root privileges (or read access to /proc/<pid>/pagemap)!\n");
libkdump_cleanup();
exit(1);
}
printf("\x1b[32;1m[+]\x1b[0m Physical address of secret: \x1b[32;1m0x%zx\x1b[0m\n", paddr);
printf("\x1b[32;1m[+]\x1b[0m Exit with \x1b[37;1mCtrl+C\x1b[0m if you are done reading the secret\n");
while (1) {
// keep string cached for better results
volatile size_t dummy = 0, i;
for (i = 0; i < len; i++) {
dummy += secret[i];
}
sched_yield();
}
libkdump_cleanup();
return 0;
}