IAIK/ZombieLoad IAIK/ZombieLoad

  • Stars
    star
    812
  • Rank 56,150 (Top 2 %)
  • Language
    C
  • Created over 5 years ago
  • Updated almost 3 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
IAIK/ZombieLoad
github

IAIK

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Proof-of-concept for the ZombieLoad attack

ZombieLoad PoC

This repository contains several applications, demonstrating ZombieLoad. For technical information about the bug, refer to the paper:

Proof of Concepts

This repository contains four different proof-of-concept attacks showing ZombieLoad. It also includes four different victim applications to test the leakage in various scenarios.

All demos are tested with an Intel Core i7-8650U, but they should work on any Linux system with any modern Intel Core or Xeon CPU since 2010. We provide three variants for Linux, which we tested on Ubuntu 18.04.1 LTS, and two variants for Windows, which we tested on Windows 10 (1803 build 17134.706).

For best results, we recommend a fast CPU that supports Intel TSX (e.g. nearly any Intel Core i7-5xxx, i7-6xxx, or i7-7xxx).

Building

The PoCs only require GCC and Make (on Linux) or MinGW-w64 (on Windows) to compile.

Building an attacker or a victim is as simple as running make in the folder of the application.

Attacker Variants

The repository contains four different attacker variants.

Variant 1 (Linux only)

Variant 1 is the fastest, easiest and most stable variant for a privileged attacker (i.e., it requires root privileges). Hence, except for testing, this is especially useful for attacks on SGX or for attacks on virtual machines.

Run

For this variant, KASLR and KPTI have to be disabled. This can be achieved by providing nopti nokaslr to the kernel command line. Then, run the attacker on one hyperthread as root: sudo taskset -c 3 ./leak

Variant 2 (Linux and Windows)

Variant 2 is a fast variant which does not require any privileges. However, it only works on CPUs supporting Intel TSX. Variant 2 is the only variant which also works on CPUs which already have hardware mitigations for Meltdown and Foreshadow.

Run

Simply run the attacker on one hyperthread: taskset -c 3 ./leak

Variant 3 (Windows only)

Variant 3 does not require any CPU features or privileges but it only works on Windows.

Run

Run the attacker on one hyperthread: start /affinity 3 .\leak.exe. It takes a while (up to 1 minute) until the leakage starts, as the PoC has to wait for Windows to collect information about the memory used by the PoC. Starting a different program which uses memory (e.g., a browser) sometimes reduces the waiting time.

Variant 4 (Linux only)

Variant 4 is an interesting special subtype of Variant 2 which only works on CPUs supporting both Intel TSX and SGX. This variant abuses abort page semantics when accessing processor reserved memory in non-enclave mode, and hence requires either permissions to create an enclave or root privileges.

Run

The demonstrator for this variant requires read access to Linux's /dev/cpu/CPUNUM/msr and /dev/mem virtual devices. This can be achieved by loading the msr driver, plus a small custom driver to lift Linux's default CONFIG_STRICT_DEVMEM restrictions:

$ sudo modprobe msr
$ cd module && make load

Then, run the attacker on one hyperthread as root: sudo taskset -c 3 ./leak

Victim Applications

All attacker variants can be used to leak data from the following victim applications. All victim applications leak one uppercase letter. Independent of the chosen victim and attacker application, the attacker displays a histogram of leaked values.

An example output is as follows (for the secret letter 'X' loaded by the victim).

A: (   0) 
B: (   0) 
C: (   0) 
D: (   0) 
E: (   1) 
F: (   0) 
G: (   2) 
H: (   0) 
I: (   0) 
J: (   0) 
K: (   0) 
L: (   0) 
M: (   0) 
N: (   0) 
O: (   0) 
P: (  12) 
Q: (   1) 
R: (   1) 
S: (   0) 
T: (   0) 
U: (   2) 
V: (   1) 
W: (   0) 
X: (1303) ############################################################
Y: (   0) 
Z: (   1)

Userspace Victim (Linux and Windows)

An unprivileged user application which constantly loads the same value from its memory.

Run (Linux)

Simply run the victim on the same physical core but a different hyperthread as the attacker: taskset -c 7 ./secret. You can also provide a secret letter to the victim application as a parameter, e.g., taskset -c 7 ./secret B to access memory containing 'B's. The default secret letter is 'X'.

As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the leaked letter should get longer.

Run (Windows)

Simply run the victim on the same physical core but a different hyperthread as the attacker: start /affinity 7 .\secret.exe. You can also provide a secret letter to the victim application as a parameter, e.g., start /affinity 7 .\secret.exe B to access memory containing 'B's. The default secret letter is 'X'.

As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the leaked letter should get longer.

Kernel Victim (Linux only)

A kernel module which constantly loads the letter 'J'.

Run

Before running the victim, the kernel module has to be loaded into the kernel. This is done by running sudo insmod leaky.ko. Then, simply run the victim on the same physical core but a different hyperthread as the attacker: taskset -c 7 ./secret.

As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the letter 'J' should get longer.

Intel SGX Victim (Linux only)

An Intel SGX enclave which constantly loads the letter 'S'. This victim requires that the SGX driver and SDK are installed.

Run

Simply run the victim on the same physical core but a different hyperthread as the attacker: taskset -c 7 ./secret.

As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the letter 'S' should get longer.

VM Victim (Linux and Windows)

A virtual machine containing an application which constantly loads the same value from its memory. This victim requires that QEMU is installed, and VT-x is enabled.

Run

Simply run the victim on the same physical core but a different hyperthread as the attacker: taskset -c 7 ./secret.sh. As soon as the virtual machine started, the victim is run using secret X Where X is the secret character. There should be a clear signal in the attacker process, i.e., the bar for the leaked letter should get longer.

Frequently Asked Questions

  • How do I know which core IDs are hyperthreads?

    On Linux, you can run lscpu -e. This gives you a list of logical cores and their corresponding physical core. Cores mapping to the same physical core are hyperthreads. On Windows, you can use the coreinfo tool from Windows Sysinternals.

  • Can I run the PoC in a virtual machine?

    Yes, the PoC also works on virtual machines. However, due to the additional layer introduced by a virtual machine, it might not work as good as on native hardware.

  • It just does not work on my computer, what can I do?

    There can be a lot of different reasons for that. We collected a few things you can try:

    • Ensure that your CPU frequency is at the maximum, and frequency scaling is disabled.
    • If you run it on a mobile device (e.g., a laptop), ensure that it is plugged in to get the best performance.
    • Try to pin the tools to a specific CPU core (e.g. with taskset). Also try different cores and core combinations. Leaking values only works if attacker and victim run on the same physical core.
    • Vary the load on your computer. On some machines it works better if the load is higher, on others it works better if the load is lower.
    • Use a different variant of ZombieLoad. In this repository, we provide 3 different techniques for the attacker.
    • Try to restart the demos and also your computer. Especially after a standby, the timings are broken on some computers.

Warnings

Warning #1: We are providing this code as-is. You are responsible for protecting yourself, your property and data, and others from any risks caused by this code. This code may cause unexpected and undesirable behavior to occur on your machine. This code may not detect the vulnerability on your machine.

Warning #2: If you find that a computer is susceptible to ZombieLoad, you may want to avoid using it as a multi-user system. ZombieLoad breaches the CPU's memory protection. On a machine that is susceptible to ZombieLoad, one process can potentially read all data used by other processes or by the kernel.

Warning #3: This code is only for testing purposes. Do not run it on any productive systems. Do not run it on any system that might be used by another person or entity.

More Repositories

1

meltdown

This repository contains several applications, demonstrating the Meltdown bug.
C
4,111
star
2

rowhammerjs

Rowhammer.js - A Remote Software-Induced Fault Attack in JavaScript
C++
500
star
3

armageddon

This repository contains tools to perform modern cache attacks on ARM.
C
281
star
4

CJAG

CJAG is an open-source implementation of our cache-based jamming agreement.
C
281
star
5

KAISER

Kernel Address Isolation to have Side-channels Efficiently Removed
214
star
6

sgxrop

The code to the SGX-ROP paper
C
183
star
7

drama

This repository contains examples of DRAMA reverse-engineering and side-channel attacks
C++
170
star
8

transientfail

Website and PoC collection for transient execution attacks
C
168
star
9

flush_flush

This repository contains examples of Flush+Flush cache attacks
C
153
star
10

ChromeZero

Google Chrome extension implementing JavaScript Zero
JavaScript
149
star
11

cache_template_attacks

This repository contains several tools to perform Cache Template Attacks
C
141
star
12

merkle-tree

A C implementation of a dynamically resizeable binary SHA-256 hash tree (Merkle Tree).
C
128
star
13

sweb

SWEB Educational OS
C++
115
star
14

AEPIC

C
113
star
15

ios-analysis

Automated Binary Analysis on iOS
Shell
107
star
16

Picnic

Optimized implementation of the Picnic signature scheme
C
78
star
17

prefetch

This repository contains several tools to perform Prefetch Side-Channel Attacks
C
57
star
18

SLUBStick

C
56
star
19

jstemplate

JavaScript Template Attack proof-of-concept implementation
HTML
52
star
20

hybrid-HE-framework

C
39
star
21

msrevelio

C++
35
star
22

flipfloyd

Tools for "Another Flip in the Wall"
C
34
star
23

secure-block-device

The Secure Block Device Library is a software library that applies cryptographic confidentiality and integrity protection, including data freshness, to arbitrary block device like storage mechanisms.
C
34
star
24

SnailLoad

C
32
star
25

interruptjs

Practical Keystroke Timing Attacks in Sandboxed JavaScript
HTML
31
star
26

pairings_in_c

C library for bilinear pairings
C
26
star
27

memsec

Framework for building transparent memory encryption and authentication solutions
VHDL
25
star
28

CollidePower

C
22
star
29

keydrown

Eliminating Keystroke Timing Attacks
C
21
star
30

gzkbpp

Implementation of the ZKB++ proof system
C++
20
star
31

Chestnut

C
20
star
32

coco-alma

CocoAlma is an execution-aware tool for formal verification of masked implementations
Python
20
star
33

ascon_hardware

Hardware implementations of the authenticated encryption design ASCON
VHDL
19
star
34

flecc_in_c

FLECC_IN_C is a FLexible Elliptic Curve Cryptography library written IN C
Scilab
18
star
35

ProcHarvester

ProcHarvester - Fully Automated Analysis of Procfs Side-Channel Leaks on Android
Java
17
star
36

drawio2tikz

drawio2tikz - a tool to translate drawio xml files to readable and adaptable tikz code
Python
16
star
37

Donky

C
14
star
38

fish-begol

Implementation of the Fish and Begol signature schemes
C
13
star
39

halfdouble

C++
12
star
40

marvellous-attacks

Attacks on Jarvis and Friday
Python
10
star
41

Jenny

C
10
star
42

SCAnDroid

Java
9
star
43

Memory-Compression-Attacks

Memory Compression Attacks
C
9
star
44

data-gui

DATA GUI
Python
9
star
45

sgxjail

Makefile
8
star
46

ios-analysis-llvmslicer

C++
7
star
47

LayeredBinaryTemplating

Layered Binary Templating
Python
7
star
48

CoronaHeatMap

C++
7
star
49

CryptoSlice

Static Analysis of Cryptography in Android Applications
Java
7
star
50

wolfSSL-DoS

Proof of concept for denial of service attack on wolfSSL's DTLS server implementation.
C
7
star
51

FLARE

C
6
star
52

coco-ibex

SystemVerilog
5
star
53

CryptoTL

C++
5
star
54

CacheSim

C++
5
star
55

CSIRowhammer

CSI:Rowhammer - Cryptographic Security and Integrity against Rowhammer
C
5
star
56

CrySIL

JavaScript
4
star
57

LVI-NULLify

C
4
star
58

contextlight

The PoC for ConTExT-light
C
4
star
59

rebecca

REBECCA is a tool for the formal verification of masked cryptographic hardware implementations that, given the netlist of a masked hardware circuit, determines if a correct separation between shares is preserved throughout the circuit.
Verilog
4
star
60

libdropit

Proof-of-concept implementation of DropIt
C
3
star
61

daps-dl

Short DAPS from ECDSA in OpenSSL
C
3
star
62

TBIBS

Time-bound identity-based signatures (TBIBΣ) for Short-Lived Forward-Secure Delegation in TLS
Java
3
star
63

romulush_collisions

TeX
3
star
64

Picnic-FPGA

FPGA implementation of Picnic and LowMC
VHDL
3
star
65

spearv

C
3
star
66

rainier-signatures

C++
2
star
67

bnpp_helium_signatures

C++
2
star
68

minefield

C++
2
star
69

trusted-location-based-services

Prototype 1, Prototype 2 and base components for Trusted Location Based Services on Android devices.
Java
2
star
70

Remote-Memory-Deduplication-Attacks

Remote Page Deduplication Attacks
Python
2
star
71

ios-analysis-dagger

C++
2
star
72

servas

1
star
73

sgxjail-sdk

Implementation of SGXJail in the Linux SGX SDK
C++
1
star
74

banquet-signature-variants

C++
1
star
75

mimc-analysis

mimc-analysis
C++
1
star
76

MPC-Accumulator

Java
1
star
77

DefectsInDepth

Python
1
star