Full Disclosure mailing list archives
Re: fast and somewhat reliable cache timing
From: xD 0x41 <secn3t () gmail com>
Date: Mon, 5 Dec 2011 08:11:18 +1100
hey! OK tested THIS variant, and it seems to gather *some* info, so it is working, altho, this is using Private-browsing,, the other one by the other person failed completely (visipi).. Interesting is what results it gathered... Flickr and Newegg , but no ebay or paypal :s i guess they have a higgher level of sec... very cool stuff mick! drew On 4 December 2011 19:51, Michal Zalewski <lcamtuf () coredump cx> wrote:
http://lcamtuf.coredump.cx/cachetime/OK, just for the record: I improved the original PoC quite a bit, and added experimental variants for other browsers. I will shut up now. /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- fast and somewhat reliable cache timing Michal Zalewski (Dec 02)
- Re: fast and somewhat reliable cache timing Michele Orru (Dec 03)
- Re: fast and somewhat reliable cache timing xD 0x41 (Dec 03)
- Message not available
- Re: fast and somewhat reliable cache timing xD 0x41 (Dec 03)
- Re: fast and somewhat reliable cache timing xD 0x41 (Dec 03)
- Re: fast and somewhat reliable cache timing Michele Orru (Dec 03)
- Re: fast and somewhat reliable cache timing Michal Zalewski (Dec 04)
- Re: fast and somewhat reliable cache timing xD 0x41 (Dec 04)