Spectre Attack POC Video: Spectre Attack POC on Intel i7-6820HQ References: Spectre Attack Github
Fuzzing Command Line Utilities Following up from one of my previous article, I will be fuzzing CLI params using JAFFY fuzzer and try to smash the stack on a vulnerable program. Jaffy can fuzz binaries that you run on the command line. It takes a simple XML as input to specify the arguments details and you are ready to go. In order to run jaffy you need to install this python3 module:
Command Line Interface Security Testing CLIs (Command Line Interface/Utility) offer a lot of commands to make system information easily available & manageable. Many of these commands offer various arguments (functionalities). These command line utilities and their arguments should be programmed in such a way that they should not be vulnerable or contain any logical flaw that can allow malicious user of CLI to escalate privilege, access unauthorized info, bypass ACL etc.