Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 04-23-2018, 18:58
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,022 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Smile Exploiting CVE-2018-1038 - Total Meltdown

Exploiting CVE-2018-1038 - Total Meltdown



Full article here :
Quote:
https://blog.xpnsec.com/total-meltdown-cve-2018-1038/
Video Here:
Quote:
http://www.youtube.com/watch?v=5fl5jFy4XMg
Final PoC Code here.

EDIT:

Decided to add a PROJECT FOLDER containing the COMPILED FILES as well , since some have difficulty compiling the PoC.

You can download it here :
Quote:
https://www9.zippyshare.com/v/CJkDnoHW/file.html

Last edited by TechLord; 04-26-2018 at 15:48.
Reply With Quote
The Following 5 Users Say Thank You to TechLord For This Useful Post:
0xall0c (04-24-2018), chants (04-24-2018), demon_da (04-23-2018), Spiderz_Soft (05-04-2018), tonyweb (04-24-2018)
  #2  
Old 04-25-2018, 20:22
Uknow007 Uknow007 is offline
Friend
 
Join Date: Feb 2018
Posts: 15
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 44
Thanks Rcvd at 23 Times in 9 Posts
Uknow007 Reputation: 0
Anyone can share Compiled version of it?
Reply With Quote
  #3  
Old 04-26-2018, 04:01
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,022 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by Uknow007 View Post
Anyone can share Compiled version of it?
Anyone knowledgeable enough to try this out should at least be able to compile a single "C" based source file that's given there ?!

No offence, but normally, I do not encourage the idea of pre-compiled exploits being made readily available. The fun mainly lies in studying each and every line of the exploit source and then understanding it.

Cheers

Last edited by TechLord; 04-26-2018 at 07:05.
Reply With Quote
The Following User Gave Reputation+1 to TechLord For This Useful Post:
uranus64 (04-26-2018)
  #4  
Old 04-26-2018, 13:11
Uknow007 Uknow007 is offline
Friend
 
Join Date: Feb 2018
Posts: 15
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 44
Thanks Rcvd at 23 Times in 9 Posts
Uknow007 Reputation: 0
Why are you so rude?
I was only asking complied version because many users complained on github that it is giving error while compiling.
https://gist.github.com/xpn/3792ec34d712425a5c47caf5677de5fe

Otherwise compiling is not a big issue
Reply With Quote
  #5  
Old 04-26-2018, 14:49
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,022 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
Quote:
Originally Posted by Uknow007 View Post
Why are you so rude?
I was only asking complied version because many users complained on github that it is giving error while compiling.
https://gist.github.com/xpn/3792ec34d712425a5c47caf5677de5fe

Otherwise compiling is not a big issue
Sorry my friend, I guess that I am a little paranoid about members who are new to the forum...

I did not realize that people were having issues compiling it ..

Please find the entire project folder including the compiled debug and release versions in their respective folders :

Quote:
https://www9.zippyshare.com/v/CJkDnoHW/file.html
It's tricky to get the exploit to actually RUN on one's machine though... You would need to tweak a lot of stuff in the source code.

That is why I have included the full project folder for reference in addition to the compiled sources.

Best of luck and of course, Welcome to EXETOOLS
Reply With Quote
The Following User Gave Reputation+1 to TechLord For This Useful Post:
niculaita (04-27-2018)
The Following 2 Users Say Thank You to TechLord For This Useful Post:
niculaita (04-27-2018), Uknow007 (04-26-2018)
  #6  
Old 04-26-2018, 15:10
sendersu sendersu is online now
VIP
 
Join Date: Oct 2010
Posts: 1,066
Rept. Given: 332
Rept. Rcvd 223 Times in 115 Posts
Thanks Given: 234
Thanks Rcvd at 512 Times in 288 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Talking

Quote:
Originally Posted by TechLord View Post
Sorry my friend, I guess that I am a little paranoid about members who are new to the forum...

I did not realize that people were having issues compiling it ..

Please find the entire project folder including the compiled debug and release versions in their respective folders :



It's tricky to get the exploit to actually RUN on one's machine though... You would need to tweak a lot of stuff in the source code.

That is why I have included the full project folder for reference in addition to the compiled sources.

Best of luck and of course, Welcome to EXETOOLS


you are making food from spoon....
but on other thread you said thats evil...

so ?
Reply With Quote
  #7  
Old 04-26-2018, 15:33
cybercoder cybercoder is online now
Friend
 
Join Date: Aug 2005
Posts: 114
Rept. Given: 2
Rept. Rcvd 11 Times in 8 Posts
Thanks Given: 22
Thanks Rcvd at 46 Times in 31 Posts
cybercoder Reputation: 11
Have you tried using #include <windows.h> to try and compile..
Reply With Quote
  #8  
Old 04-26-2018, 15:54
TechLord TechLord is offline
Banned User
 
Join Date: Mar 2005
Location: 10 Steps Ahead of You
Posts: 761
Rept. Given: 384
Rept. Rcvd 247 Times in 112 Posts
Thanks Given: 789
Thanks Rcvd at 2,022 Times in 571 Posts
TechLord Reputation: 200-299 TechLord Reputation: 200-299 TechLord Reputation: 200-299
I have added the Visual Studio Project Folder also to my first post above.


It contains the COMPILED files in DEBUG and RELEASE configurations as well as the ENTIRE project file that you can load directly in your VS IDE.

Please guys, not another fight here please

Last edited by TechLord; 04-26-2018 at 16:45.
Reply With Quote
The Following User Says Thank You to TechLord For This Useful Post:
tonyweb (04-26-2018)
  #9  
Old 04-27-2018, 16:02
sendersu sendersu is online now
VIP
 
Join Date: Oct 2010
Posts: 1,066
Rept. Given: 332
Rept. Rcvd 223 Times in 115 Posts
Thanks Given: 234
Thanks Rcvd at 512 Times in 288 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Talking

Quote:
Originally Posted by TechLord View Post
I have added the Visual Studio Project Folder also to my first post above.


It contains the COMPILED files in DEBUG and RELEASE configurations as well as the ENTIRE project file that you can load directly in your VS IDE.

Please guys, not another fight here please
hey
if you feeding
give all the VS type of projects!
VS2010, VS2013, VS2015, VS2017!


why you gave just one? thats not fair!
Reply With Quote
  #10  
Old 04-27-2018, 23:21
bolo2002 bolo2002 is offline
VIP
 
Join Date: Apr 2002
Posts: 614
Rept. Given: 111
Rept. Rcvd 14 Times in 13 Posts
Thanks Given: 217
Thanks Rcvd at 238 Times in 152 Posts
bolo2002 Reputation: 14
no one asked about the msvcr100d.dll missing,good point
__________________
I like this forum!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Exploiting vBulletin: “A Tale of a Patch Fail” Kurapica General Discussion 1 08-16-2020 00:22
Meltdown exploit and Spectre chants General Discussion 2 01-09-2018 13:27
Need help in exploiting a kernel vuln SinaDiR General Discussion 0 01-10-2011 23:21


All times are GMT +8. The time now is 19:05.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )