Nginx exploit writing weekend

This weekend will be ripe of opportunities for #nginx #exploit writing. Trying a new scheduler algorithm and Stensal's compiler against nginx's stable code base.

---------------------------------------------------

@meteor:~# afl-whatsup ~/Repository/FuzzMe/Nginx/sbin/findings/

status check tool for afl-fuzz by <[email protected]> with scheduler optimizations by <[email protected]> and <[email protected]>

Individual fuzzers

==================

>>> fuzzer01 (4 days, 13 hrs) <<<

cycle 1, lifetime speed 108 execs/sec, path 2626/3234 (81%)

pending 116/2979, coverage 13.58%, 92 crashes

>>> fuzzer02 (4 days, 13 hrs) <<<

cycle 429, lifetime speed 152 execs/sec, path 3562/4483 (79%)

pending 0/5, coverage 13.58%, 34 crashes

.........

Summary stats

1;;1;;1;;;1;;1;;1;;1;;1;;1;;1;;1;;1;;1;;

Fuzzers alive : 5

Total run time : 22 days, 17 hours

Total execs : 264 million

Cumulative speed : 669 execs/sec

Pending paths : 116 faves, 2999 total

Pending per fuzzer : 23 faves, 599 total (on average)

Crashes found : 471 locally unique

Meltdown exploits

Here is an academic exercise to create the Meltdown exploit prior to publication on Jan. 9th.  To keep honest with my CISSP certification, I didn't include all operating systems and the related, modern hypervisors exploits as it would be unethical to publish before Jan. 9th.  Enjoy your patch week and assurance testing.  

 

https://github.com/cloudsriseup/Meltdown-Proof-of-Concept