Skip to content
/ specrop Public

Code repository for experiments in SpecROP paper

11 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

HexHive/specrop

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
chaining
chaining
 
 
contexts
contexts
 
 
gadget_search
gadget_search
 
 
openssl
openssl
 
 
poc
poc
 
 
README.md
README.md
 
 

Repository files navigation

SpecROP

This repository contains code used for the paper SpecROP: Speculative exploition of ROP chains. This work was published in the 23rd International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2020). The full paper is available here.

The folders are:

  • contexts: This explores the contexts in which branch target poisoning is possible. This corresponds to Section 4.1 in the paper.
  • chaining: This explores the number of gadgets which can be chained using BTB and RSB poisoning (Sections 4.1.1 and 4.1.2 respectively).
  • poc: This is a laboratory proof-of-concept attack based on SMoTherSpectre and corresponds to Section 4.2 in the paper.
  • openssl: This is a realistic attack on OpenSSL. This is described in Section 4.3 in the paper.

Please note that the results might change with processor microcode updates and the software environment.

About

Code repository for experiments in SpecROP paper

Resources

Readme
Activity
Custom properties

Stars

11 stars

Watchers

5 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages