Professional Documents
Culture Documents
1. You will need to evidence that you have run the exploit on your
test machine with screenshots as above.
2. Provide an analysis of every screenshot you use to demonstrate
your understanding of what the test did. Example: You could
have a ‘Meltdown Run-Through’ title with a discussion directly
after your screenshot.
PUBLIC / CYHOEDDUS
‘Main’ Method:
This is always the start point of any running program. All other methods declared
outside of the main method will at some point be called within ‘main’.
In line Comments
These are useful! Coders (the nice ones..) insert comments to help other developers or
testers understand their code. Understanding the comments used can help in
understanding what the code is doing.
PUBLIC / CYHOEDDUS
Run Through
Run the exploit from start to finish. Does it work as intended? Verify your result against
another result from an online source. (there are plenty online for Spectre).
Debug Methods
Debugging methods should reveal how they work. Looking at registers, variables and
memory can reveal the critical components.
Look at the disassembly ( the Assembly code). This will gain some extra marks if your
analysis shows some understanding at this lower level.
Don’t debug everything! Remember the aim of your report is to identify the critical
components that demonstrate HOW the exploit exposes the vulnerability.
PUBLIC / CYHOEDDUS
Any Questions?