Yet again, I wish we all had ECC ram!
Here's the code: https://github.com/DavidBuchanan314/dram_emfi/blob/main/linu... -- the basic idea is
> Hardware setup: This time I put the "antenna" wire on DQ25, which will fault 64-bit values to +/-32MiB
> Exploit strat: We fill up as much of physical memory as possible with page tables.
> When we fault a PTE read, we have a good chance of landing on a page table, giving us R/W access to a page table from userspace.
So if we don't have the addition of the antenna wire, is the usual case shielding sufficient or do we just need larger/intense pulses, more of them, or somewhere in between? is like to try this at home, but not if I have to solder a wire on the already small RAM traces.
If you try it on a desktop system, the RAM is likely going to be in through-hole DIMM slots, so the soldering will be a lot more managable than in a laptop
This is some low level hacking right here
I remember kids using these things into Street Fighter II machines to get free credits.
Impressive! And a music track like that should be standard for all progress bars.
Do I need a lighter or the matrix soundtrack to accomplish this hack.