Welcome to the GhostWrite Exploits repository, where we use the GhostWrite RISC-V CPU vulnerability to directly manipulate physical memory! 💻
This repository contains two PoCs for exploiting hardware vulnerabilities in the XuanTie C910 processor:
- System Crash PoC: Continuously writing junk data to physical memory, causing the system to crash.
- Inter-Process Memory Modification: Exploiting physical memory access to modify the memory of a separate running process.
These PoCs are based on the paper and research from GhostWriteAttack.com by researchers at the CISPA Helmholtz Center for Information Security.
- Hardware Vulnerabilities: Unlike software bugs, hardware vulnerabilities like GhostWrite are significantly harder to patch and may have no solution.
- Physical Memory Access: These PoCs demonstrate how access to physical memory can lead to system-wide control and crash scenarios.
- Learn & Experiment: If you're a student or researcher, you can experiment with these vulnerabilities using real hardware. This is your opportunity to understand hardware exploitation and the risks it poses.
Here's how to get started with the PoCs:
- Clone this repository:
git clone https://github.com/LaurieWired/GhostWriteExploit.git
- Choose a folder:
- Crash PoC: Explore the folder
CrashSystem/to see how we crash the system by writing to physical memory. - Memory Modification PoC: Explore the folder
OverwriteProcess/to see how one process can directly modify the memory of another.
- Crash PoC: Explore the folder
- Build the code:
- To compile directly on the native RISC-V board:
gcc ghostwrite.c -o ghostwrite -march="rv64gzve64x" - Run the PoCs:
- Crash the system: Run the system crash executable and see the CPU bug in action.
- Modify another process's memory: Run the second PoC to witness how physical memory access can manipulate a separate process.
If you want more explanations of the vulnerability, watch the accompanying video on YouTube!
- GhostWrite Video: what happens when your CPU has a bug? (GhostWrite)