CVE-2018-5407 (Flaw in the Intel processor execution engine sharing on SMT (e.g. Hyper-Threading) architectures.) POC ,

Summary This is a proof-of-concept exploit of the PortSmash microarchitecture attack, tracked by CVE-2018-5407. Setup Prerequisites A CPU featuring SMT (e.g. Hyper-Threading) is the only requirement. This exploit code should work out of the box on Skylake and Kaby Lake. For other SMT architectures, customizing the strategies and/or waiting times in spy is likely needed. OpenSSL Download […]

Read More

Apple T2 security chip on new Macbook prevents software from using the mic to eavesdrop

( Original text by BY DDOS ) Apple MacBook is equipped with a new T2 security chip, which uses a hard-breaking design, can automatically disable the microphone when necessary – such as closing the laptop screen. It is reported that the Apple T2 security chip is bundled with the Secure Enclave security zone coprocessor, which is designed to support MacOS’s Apple […]

Read More

Reverse Engineering Advanced Programming Concepts

BOLO: Reverse Engineering — Part 2 (Advanced Programming Concepts) Preface Throughout this article we will be breaking down the following programming concepts and analyzing the decompiled assembly versions of each instruction: Arrays Pointers Dynamic Memory Allocation Socket Programming (Network Programming) Threading For the Part 1 of the BOLO: Reverse Engineering series, please click here. Please note: While this […]

Read More

Intel CPU security features

List of Intel CPU security features along with short descriptions taken from the Intel manuals. WP (Write Protect) (PDF) Quoting Volume 3A, 4-3, Paragraph 4.1.3: CR0.WP allows pages to be protected from supervisor-mode writes. If CR0.WP = 0, supervisor-mode write accesses are allowed to linear addresses with read-only access rights; if CR0.WP = 1, they […]

Read More