-
Notifications
You must be signed in to change notification settings - Fork 37
/
In-Spectre_meltdown.py
115 lines (100 loc) · 4.42 KB
/
In-Spectre_meltdown.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/usr/bin/python
'''
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Author: Viral Maniar
Twitter: https://twitter.com/maniarviral
Github: https://github.com/Viralmaniar
LinkedIn: https://au.linkedin.com/in/viralmaniar
'''
import os, sys
import subprocess
from subprocess import check_output
import time
def logo():
logo = '''
_____ _____ _ __ __ _ _ _
|_ _| / ____| | | | \/ | | | | | |
| | _ __ _____| (___ _ __ ___ ___| |_ _ __ ___ ______| \ / | ___| | |_ __| | _____ ___ __
| | | '_ |______\___ \| '_ \ / _ \/ __| __| '__/ _ |______| |\/| |/ _ | | __/ _` |/ _ \ \ /\ / | '_ \
_| |_| | | | ____) | |_) | __| (__| |_| | | __/ | | | | __| | || (_| | (_) \ V V /| | | |
|_____|_| |_| |_____/| .__/ \___|\___|\__|_| \___| |_| |_|\___|_|\__\__,_|\___/ \_/\_/ |_| |_|
| |
|_|
[+] Author: Viral Maniar
[+] Twitter: @ManiarViral
[+] Description: This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
[+] Note: Administrator privileges required
[+] Python version: 3.6.3
[+] PowerShell version: 5.1
'''
return logo
OPTIONS = '''
1. Set Execution Policy to Unrestricted
2. Import PowerShell Module
3. Install Spectre related Module
4. Inspect Speculation control Setting for CVE-2017-5715 [branch target injection] & CVE-2017-5754 [rogue data cache load]
5. Exit
'''
def menu():
while True:
try:
choice = str(input('\n[?] Do you want to continue? \n> ')).lower()
if choice[0] == 'y':
return
if choice[0] == 'n':
sys.exit(0)
break
except ValueError:
sys.exit(0)
def checkHostWindows():
if os.name == "nt":
print ('[+] All good....')
else:
print ('[!] Please run the application on Windows machine')
sys.exit(0)
def cmd_exectionPolicy():
process=subprocess.Popen(["powershell","Set-ExecutionPolicy Unrestricted"], shell=False);
result=process.communicate()[0]
print(result)
print ("Execution Policy is now set to unrestricted...")
def cmd_importModule():
process=subprocess.Popen(["powershell","Import-Module PowerShellGet"], shell=False);
result1=process.communicate()[0]
print(result1)
print ("Module Imported Successfully...")
def cmd_specModule():
process=subprocess.Popen(["powershell","Install-Module SpeculationControl"], shell=False);
result2=process.communicate()[0]
print(result2)
print ("Spectre Module Imported Successfully...")
def cmd_showSpeculationControl():
process=subprocess.Popen(["powershell","Get-SpeculationControlSettings"], shell=False);
result3=process.communicate()[0]
print(result3)
print ("Output printed successfully...")
cmds = {
"1" : cmd_exectionPolicy,
"2" : cmd_importModule,
"3" : cmd_specModule,
"4" : cmd_showSpeculationControl,
"5" : lambda: sys.exit(0)
}
def main():
os.system('cls')
print (logo())
checkHostWindows()
try:
while True:
choice = input("\n%s" % OPTIONS)
if choice not in cmds:
print ('[!] Invalid Choice')
continue
cmds.get(choice)()
except KeyboardInterrupt:
print ('[!] Ctrl + C detected\n[!] Exiting')
sys.exit(0)
except EOFError:
print ('[!] Ctrl + D detected\n[!] Exiting')
sys.exit(0)
if __name__ == "__main__":
main()