Skip to content
/ spec-fault Public

memory breakpoint detector PoC (among other things)

License

0BSD license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

zhilemann/spec-fault

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.md
.md
 
 
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
demo.c
demo.c
 
 

Repository files navigation

spec-fault - a syscall-free memory fault oracle

a funny demo GIF

what is this?

spec-fault "predicts" whether accessing said memory will trigger a fault via side-channel speculative execution.

the demo above uses spec-fault to detect memory breakpoints and protect critical memory from debuggers.

usage

  1. compile lib/spec-fault.c and include lib/spec-fault.h.
  2. use spec_fault_read to check for read faults.
  3. use spec_fault_write to check for write faults.
  4. a return value of true indicates a (possible) fault.

pitfalls

although the GIF above does look pretty cool:

  • like any other timing-based technique, this method is never 100% accurate.
  • while a memory breakpoint does cause a fault, not every fault is due to a breakpoint.
  • currently, altering a page's flags makes spec_fault_write report a fault indefinitely.

please bear these issues in mind when evaluating this project.

credits

About

memory breakpoint detector PoC (among other things)

Resources

Readme

License

0BSD license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages