{"id":2204,"date":"2018-01-12T20:46:32","date_gmt":"2018-01-12T19:46:32","guid":{"rendered":"http:\/\/www.fabionline.net\/aaaaaaa\/?p=2204"},"modified":"2025-03-31T20:44:14","modified_gmt":"2025-03-31T18:44:14","slug":"spectre-meltdown-checker-linux","status":"publish","type":"post","link":"https:\/\/www.fabionline.net\/blog\/it\/linux\/spectre-meltdown-checker-linux\/","title":{"rendered":"Spectre &#8211; Meltdown checker (linux)"},"content":{"rendered":"<p>Ho appena provato sul mio pc questo interessante script,\u00a0\u00a0<a href=\"https:\/\/github.com\/speed47\/spectre-meltdown-checker\" target=\"_blank\" rel=\"noopener\">Specter-Meltdown-Checker<\/a><br>\nCome specificato anche nelle istruzioni, non \u00e8 da considerarsi una Bibbia, ma sicuramente \u00e8 qualcosa\u00a0che puo darti molte utili informazioni.<br>\nQuesto script ti da la possibilit\u00e0 di controllare la tua vulnerabilit\u00e0 a Spectre (2 varianti) e Meltdown<br>\n<strong>Caratteristiche del Pc:<\/strong><br>\nIntel I5-3470 (ivy bridge) 3.20 GHz<br>\nKernel: 4.14.13-1-ARCH<br>\n8 GB ram<br>\nArch Linux<br>\nNvidia Geforce Gt-630<br>\ni dettagli Hardware li trovi\u00a0<a href=\"http:\/\/www.fabionline.net\/aaaaaaa\/wp-content\/uploads\/lshw.png\" target=\"_blank\" rel=\"noopener\">qui<\/a>\u00a0, (ho usato il comando\u00a0<span style=\"color: #0000ff;\">lshw<\/span>\u00a0)<br>\nHo scaricato ed estratto il file zip,<br>\nquindi ho dato i permessi di esecuzione al file .sh\u00a0tramite il comando chmod +x<br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2205\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre-meltdown-chmodh.png\" alt=\"\" width=\"576\" height=\"18\" \/><br>\nHo quindi eseguito lo script (\u00e8 raccomandato avere i permessi di root)<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2224\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdcommandroot.png\" alt=\"\" width=\"562\" height=\"17\" \/><br>\nDopo aver inserito la password, lo script parte<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2219\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdchecking.png\" alt=\"\" width=\"906\" height=\"21\" srcset=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdchecking.png 906w, https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdchecking-768x18.png 768w\" sizes=\"(max-width: 906px) 100vw, 906px\">ecco i risultati:<br>\n<strong style=\"font-size: 12pt;\">Spectre Variante 1 (CVE-2017-5753 bounds check bypass)<\/strong><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2226\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre1root.png\" alt=\"\" width=\"417\" height=\"29\" \/><br>\nil risultato finale \u00e8:<br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2228\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdVuln.png\" alt=\"\" width=\"146\" height=\"16\" \/>\u00a0<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2231\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre1res-1.png\" alt=\"\" width=\"745\" height=\"16\" \/><br>\n<strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt; color: #000000;\">Spectre Variante 2 (CVE-2017-5715 branch target\u00a0injection)<\/span><br>\n<\/span><\/strong><span style=\"font-size: 12pt;\">come si pu\u00f2 vedere, lo script verifica se sono presenti \u00a0una serie di mitigazioni a Spectre\u00a0<\/span><strong><span style=\"font-size: 10pt;\"><br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2233\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre2res.png\" alt=\"\" width=\"441\" height=\"136\" \/><br>\n<\/span><\/strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt;\">risultato finale:<br>\n<\/span>\u00a0<\/span><strong><span style=\"font-size: 10pt;\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2228\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdVuln.png\" alt=\"\" width=\"146\" height=\"16\" \/>\u00a0<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2236\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre2res2.png\" alt=\"\" width=\"696\" height=\"16\" \/><\/span><\/strong><br>\n<strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt; color: #000000;\">Meltdown (CVE-2017-5754 rogue data cache load)<br>\n<\/span><\/span><\/strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt; color: #000000;\">In questo caso il risultato \u00e8 positivo,grazie kernel \ud83d\ude42<br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2239\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/meltdown-res.png\" alt=\"\" width=\"480\" height=\"59\" \/><br>\n<\/span><\/span><br>\n<strong>\u00a0<\/strong>Solo per curiosit\u00e0 ho eseguito nuovamente lo script senza avere i permessi di root (lo so, non ha senso ma volevo vedere le differenze \ud83d\ude42 )<br>\nLo script genera un messaggio di avviso, quindi parte regolarmente<br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2217\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdccommandnoroot.png\" alt=\"\" width=\"529\" height=\"20\" \/><br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2218\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdcwarn.png\" alt=\"\" width=\"628\" height=\"48\" \/><br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2219\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdchecking.png\" alt=\"\" width=\"906\" height=\"21\" srcset=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdchecking.png 906w, https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spmdchecking-768x18.png 768w\" sizes=\"(max-width: 906px) 100vw, 906px\"><br>\n<strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt;\">Spectre (Variante 1)<br>\n<\/span><\/span><\/strong><span style=\"font-size: 12pt;\">Le uniche differenze sono le<strong>\u00a0<\/strong>B^B^B^ aggiuntive mentre vengono contati i LFENCE, mentre il risultato (UNKNOWN),\u00e8 lo stesso\u00a0<\/span><strong><span style=\"font-size: 10pt;\"><br>\n<\/span><\/strong><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2225\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre1noroot.png\" alt=\"\" width=\"472\" height=\"30\" \/><br>\nAnche il risultato finale \u00e8 il medesimo (VULNERABLE)<br>\n<strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt;\">Spectre (Variante 2)<\/span><br>\n<\/span><\/strong><span style=\"font-size: 12pt;\">Durante la fase del controllo di mitigazione 1 c&#8217;\u00e8 stato un errore (prevedibile non avendo i permessi di root) di permessi su \/dev\/cpu\/0\/msr<\/span><strong><span style=\"font-size: 10pt;\"><br>\n<img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-2240\" src=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre2resnoroot.png\" alt=\"\" width=\"938\" height=\"30\" srcset=\"https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre2resnoroot.png 938w, https:\/\/www.fabionline.net\/blog\/wp-content\/uploads\/spectre2resnoroot-768x25.png 768w\" sizes=\"(max-width: 938px) 100vw, 938px\"><br>\n<\/span><\/strong><span style=\"font-size: 12pt;\">ri restanti altri controlli (IBRS kernel support,kernel space,user space etc) hanno dato gli stessi risultati, incluso quello finale(VULNERABLE)<\/span><br>\n<strong><span style=\"font-size: 10pt;\"><span style=\"font-size: 12pt;\">Meltdown<br>\n<\/span><\/span><\/strong>Anche qui il risultato \u00e8 stato lo stesso, anche senza permessi di root (NOT VULNERABLE)<\/p>","protected":false},"excerpt":{"rendered":"<p>Ho appena provato sul mio pc questo interessante script,\u00a0\u00a0Specter-Meltdown-Checker Come specificato anche nelle istruzioni, non \u00e8 da considerarsi una Bibbia, ma sicuramente \u00e8 qualcosa\u00a0che puo darti molte utili informazioni. Questo script ti da la possibilit\u00e0 di controllare la tua vulnerabilit\u00e0 &hellip; <a href=\"https:\/\/www.fabionline.net\/blog\/it\/linux\/spectre-meltdown-checker-linux\/\">Continua a leggere<span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_links_to":"","_links_to_target":""},"categories":[5,8],"tags":[],"_links":{"self":[{"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/posts\/2204"}],"collection":[{"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/comments?post=2204"}],"version-history":[{"count":1,"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/posts\/2204\/revisions"}],"predecessor-version":[{"id":2611,"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/posts\/2204\/revisions\/2611"}],"wp:attachment":[{"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/media?parent=2204"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/categories?post=2204"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fabionline.net\/blog\/it\/wp-json\/wp\/v2\/tags?post=2204"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}