OCTOPUS
---

Samuel AUBERTIN - EURECOM - 2022

![SPECTRE Octopus Logo](logo.png "SPECTRE Octopus Logo")

**OCTOPUS** is a [Spectre v2](https://spectreattack.com/spectre.pdf) (_Branch Target Injection_) compiler flag tester for [CVE 2017-5715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715).

It measures the success rate of the same attack using different compiler flags such as:

- Optimisation levels (```-O```)
- Static linking
- TODO

## Dependencies

- ```clang```
- ```glibc-static```

## Execution

```make```

## Results aggregation

TODO
- Craft a JSON with metadata
- Upload over SFTP with dedicated ssh key

## Sources

- [ErikAugust gist](https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6)
- [genua GmbH PoC](https://github.com/genua/meltdown)