prefetch-lib

Static library implementing prefetch side-channel KASLR leaks based on prefetch-tool.

Resources:

• Original write-up
  • EntryBleed
• Explanation of the side-channel and implementation
• Improvements ("strip") for Intel i5/i7

Usage

• Add the directory of prefetch-lib.h as an Additional Include Directory (C/C++->General->Include Directories)
• Add the directory of prefetch-lib.lib as an Additional Library Directory (Linker->General-> Library Directories)
• Add ntdll.lib and prefetch-lib.lib to Linker->Input->Additional Dependencies

A sample project is here.

Development Notes

MSVC configuration is a mess, so here are some notes to make this project work:

• You have to enable the MASM build customization under Build Dependencies->Build Customizations (not present under project Properties!) otherwise the assembly module will be ignored.
• The assembly source needs the includelib directive so the linker will know which library the resulting object is part of.
• If you don't manually specify /wholearchive the object file of the assembly will be discarded by the linker.