From 8e6bf935a4376f9885f339cf6e623f38c9c7124b Mon Sep 17 00:00:00 2001 From: c01dkit Date: Wed, 4 Dec 2024 23:54:29 +0800 Subject: [PATCH] Deployed 9688a2b with MkDocs version: 1.6.1 --- 404.html | 2 +- IDA/index.html | 4 +- autoconf/index.html | 4 +- c/index.html | 4 +- code-gracely/index.html | 4 +- cpp/index.html | 4 +- crawler/index.html | 4 +- docker/index.html | 4 +- dsa/array/index.html | 4 +- dsa/branch-and-bound-algo/index.html | 4 +- dsa/dynamic-algo/index.html | 4 +- dsa/graph-algo/index.html | 4 +- dsa/graph/index.html | 4 +- dsa/greedy-algo/index.html | 4 +- dsa/linkedlist/index.html | 4 +- dsa/queue/index.html | 4 +- dsa/stack/index.html | 4 +- dsa/tree/index.html | 4 +- envs/index.html | 4 +- fuzzing/index.html | 4 +- git/index.html | 4 +- go/index.html | 4 +- index.html | 2 +- interesting-articles/index.html | 4 +- investigations/index.html | 4 +- java/index.html | 4 +- latex/index.html | 4 +- linux-kernel/index.html | 4 +- linux-server/index.html | 4 +- llvm/index.html | 603 ++++++++++++++---- llvm/testsuite/sample1-g-no-opaque-pointer.ll | 120 ++++ llvm/testsuite/sample1-g.ll | 120 ++++ llvm/testsuite/sample1-no-opaque-pointer.ll | 57 ++ llvm/testsuite/sample1.c | 21 + llvm/testsuite/sample1.ll | 57 ++ openssh/index.html | 4 +- picking-ups/index.html | 4 +- porting/index.html | 4 +- proxy/index.html | 4 +- pwn-college-cse365-spring2023/index.html | 4 +- python/index.html | 4 +- rca/index.html | 4 +- readings/index.html | 4 +- reverse-advanced/index.html | 4 +- reverse-basic/index.html | 4 +- sci-thoughts/index.html | 4 +- search/search_index.json | 2 +- sentence-templates/index.html | 4 +- sitemap.xml | 88 +-- sitemap.xml.gz | Bin 511 -> 511 bytes tech-sslh/index.html | 4 +- try-chatgpt/index.html | 4 +- word-learning/index.html | 4 +- 53 files changed, 995 insertions(+), 245 deletions(-) create mode 100644 llvm/testsuite/sample1-g-no-opaque-pointer.ll create mode 100644 llvm/testsuite/sample1-g.ll create mode 100644 llvm/testsuite/sample1-no-opaque-pointer.ll create mode 100644 llvm/testsuite/sample1.c create mode 100644 llvm/testsuite/sample1.ll diff --git a/404.html b/404.html index 0efa18b..e738e1d 100644 --- a/404.html +++ b/404.html @@ -1 +1 @@ - c01dkit's tech blog

404 - Not found

\ No newline at end of file + c01dkit's tech blog

404 - Not found

\ No newline at end of file diff --git a/IDA/index.html b/IDA/index.html index c12c7ee..6fff10e 100644 --- a/IDA/index.html +++ b/IDA/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

IDA使用

约 112 个字 预计阅读时间不到 1 分钟

反编译ARM raw binary

加载时选择Processor type,比如ARM Little-endian [ARM],随后根据实际加载情况设置ROM的起始地址和Input file地址。

raw binary的前四字节可能是初始sp值,随后四字节可能是初始pc值。按G并输入pc值,Alt+G设置T寄存器值为1(0表示ARM,1表示Thumb),然后选中pc及之后所有代码,按C进行MakeCode。

IDA使用

约 112 个字 预计阅读时间不到 1 分钟

反编译ARM raw binary

加载时选择Processor type,比如ARM Little-endian [ARM],随后根据实际加载情况设置ROM的起始地址和Input file地址。

raw binary的前四字节可能是初始sp值,随后四字节可能是初始pc值。按G并输入pc值,Alt+G设置T寄存器值为1(0表示ARM,1表示Thumb),然后选中pc及之后所有代码,按C进行MakeCode。

\ No newline at end of file diff --git a/autoconf/index.html b/autoconf/index.html index 08d0fbb..500818b 100644 --- a/autoconf/index.html +++ b/autoconf/index.html @@ -87,7 +87,7 @@ AC_CONFIG_FILES([Makefile src/Makefile]) AC_OUTPUT -

执行aclocal && autoheader && autoconf,生成aclocal.m4、config.h.in和configure

运行automake --add-missing,会根据Makefile.am生成Makefile.in

运行./configure生成makefile

运行make,基于makefile编译代码

\ No newline at end of file diff --git a/c/index.html b/c/index.html index d6e43ec..5cb899f 100644 --- a/c/index.html +++ b/c/index.html @@ -35,7 +35,7 @@ return 0; } -
\ No newline at end of file diff --git a/code-gracely/index.html b/code-gracely/index.html index e0ef7b5..d66a03d 100644 --- a/code-gracely/index.html +++ b/code-gracely/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

优雅编程

约 1414 个字 预计阅读时间 5 分钟

程序变量

  • 最好在声明的同时初始化,尤其是避免仅初始化对象的部分成员
  • 尽可能地缩短变量的生命周期与跨度(即在使用前先初始化、多定义变量)
  • 不要在多个代码片段之间使用temp等不明意义的命名,这样会使不相关的代码看起来相关
  • 警惕隐式含义,比如某变量为正数时为整数类型,负数时表示隐含的“出错”(即隐含布尔类型),改用多个变量
  • 确保所有声明的变量都使用过
  • 变量名称要描述“什么”,而不是“怎么”,要具象
  • 变量名称长度在8-20个字母比较适宜
  • Total、Sum、Max、Record、String、Pointer等等限定词要加到名字最后
  • i、j、k等约定速成的变量名适用于简单的循环,不要用于任何简单循环的下标循环之外的任何场合
  • 多个复杂循环嵌套时,最好不要使用i、j、k
  • 为状态变量起一个比flag更好的名字,比如不使用statusFlag,而是characterType(更加具体描述是什么status)
  • 使用done、error、found、ok等为布尔变量赋值
  • 为布尔变量赋予隐含真假意义的名字,比如sourceFileAvailable、sourceFileFound
  • 使用肯定的布尔变量名,不要包含“not”之类的否定含义
  • 如果枚举类型变量不需要指定域,那么使用类似COLOR_xxx的前缀来指定类别会比较好

程序优化方法

优化需要通过大量测试来验证一致性、性能,因为并非所有优化都是正确或必要的。从重构程序执行流的角度来讲,优化并不是灵丹妙药,并在不同语言、不同编译器、不同环境、不同任务中表现出巨大的差异。以下的优化方法均仅供参考。

利用短路与哨兵

  • 将出现频率高的情况放在优先执行的位置
  • 循环中,搜索到目标后立即退出循环
  • 循环搜索时,也可以将搜索对象放在数组最后(额外空间),最后检查下标。(本质上是保证不会越界搜索,且保证循环一定正确结束)

优化计算效率

  • 程序执行前计算结果,通过常量保存、硬编码、文件保存的方法来避免重复计算
  • 尽量减少循环体内的计算工作,可以在之前计算完毕并保存,之后引用
  • 公共子表达式应当保存在变量里
  • 适当将乘法重写为加法、幂重写为乘法、整数代替浮点数、单精度代替双精度、移位操作代替乘除2、三角恒等式代替三角函数
  • 尽量减少数组维度与数组引用
  • 多重循环时,将循环次数少的放外层

使用低级语言重写代码

  1. 使用高级语言完成程序编写
  2. 进行测试,验证正确性
  3. 进行程序分析,确定热点代码
  4. 对热点代码使用低级语言改写

设计恰当的执行控制流

循环

  • 循环层数最好不要超过三层
  • 短循环可以多使用break、continue等控制,长循环尽量保证唯一出口
  • 循环附近不要写重复的代码(修改需要同步修改多处,不便维护)
  • for适合与“数量”有关的循环,且不要在内部修改下标;while适合与“条件”有关的循环
  • 循环体应当自成子程序,循环条件应当清晰易读
  • 多使用for循环,但不要把与循环无关的语句(比如初始化一个不用于循环的变量)放在循环头
  • 不要写空循环,将空循环改写成while循环
  • 如果一个循环可以做两件事情,把它们拆成两个循环,除非注明在性能上有所提高
  • 不要将循环下标作为结果返回。如果需要使用,可以在循环开始前定义新的变量,然后在循环内部对这一变量进行赋值

建表,以提高代码质量

用查表法替换繁琐的if-else判断

使用大量if-else的坏处:

  • 不易阅读
  • 代码重复度高,无意义
  • 对于复杂情况,容易漏条件
  • 判断逻辑硬编码在代码中,维护不便

使用查表法的好处:

  • 易读
  • 代码简洁且高效
  • 不会漏掉条件
  • 可以将表放在外部文件或者统一放在一起,便于维护;可以在不改变程序的情况下修正运行结果

用法:将要判断的各个参数作为表的维度,将判断结果作为表索引后的结果。

用索引表替换数据表

稀疏的数据表在存储对齐的情况下会浪费大量空间。与之相比,采用索引表可以降低空间浪费量(仍然会产生浪费)。为了进一步减少索引表空间,可以使用阶梯索引表,根据数据的范围(而不是具体的数据值)进行建索引,比如根据百分制成绩计算绩点,建立相应的data-to-key函数,放在数组中。

用结果表替换数学计算结果

考虑到系统函数的精确性,计算速度可能较慢。可以预先手动算出一些数据并建表,计算时直接查表即可,大大提高程序性能。

优雅编程

约 1414 个字 预计阅读时间 5 分钟

程序变量

  • 最好在声明的同时初始化,尤其是避免仅初始化对象的部分成员
  • 尽可能地缩短变量的生命周期与跨度(即在使用前先初始化、多定义变量)
  • 不要在多个代码片段之间使用temp等不明意义的命名,这样会使不相关的代码看起来相关
  • 警惕隐式含义,比如某变量为正数时为整数类型,负数时表示隐含的“出错”(即隐含布尔类型),改用多个变量
  • 确保所有声明的变量都使用过
  • 变量名称要描述“什么”,而不是“怎么”,要具象
  • 变量名称长度在8-20个字母比较适宜
  • Total、Sum、Max、Record、String、Pointer等等限定词要加到名字最后
  • i、j、k等约定速成的变量名适用于简单的循环,不要用于任何简单循环的下标循环之外的任何场合
  • 多个复杂循环嵌套时,最好不要使用i、j、k
  • 为状态变量起一个比flag更好的名字,比如不使用statusFlag,而是characterType(更加具体描述是什么status)
  • 使用done、error、found、ok等为布尔变量赋值
  • 为布尔变量赋予隐含真假意义的名字,比如sourceFileAvailable、sourceFileFound
  • 使用肯定的布尔变量名,不要包含“not”之类的否定含义
  • 如果枚举类型变量不需要指定域,那么使用类似COLOR_xxx的前缀来指定类别会比较好

程序优化方法

优化需要通过大量测试来验证一致性、性能,因为并非所有优化都是正确或必要的。从重构程序执行流的角度来讲,优化并不是灵丹妙药,并在不同语言、不同编译器、不同环境、不同任务中表现出巨大的差异。以下的优化方法均仅供参考。

利用短路与哨兵

  • 将出现频率高的情况放在优先执行的位置
  • 循环中,搜索到目标后立即退出循环
  • 循环搜索时,也可以将搜索对象放在数组最后(额外空间),最后检查下标。(本质上是保证不会越界搜索,且保证循环一定正确结束)

优化计算效率

  • 程序执行前计算结果,通过常量保存、硬编码、文件保存的方法来避免重复计算
  • 尽量减少循环体内的计算工作,可以在之前计算完毕并保存,之后引用
  • 公共子表达式应当保存在变量里
  • 适当将乘法重写为加法、幂重写为乘法、整数代替浮点数、单精度代替双精度、移位操作代替乘除2、三角恒等式代替三角函数
  • 尽量减少数组维度与数组引用
  • 多重循环时,将循环次数少的放外层

使用低级语言重写代码

  1. 使用高级语言完成程序编写
  2. 进行测试,验证正确性
  3. 进行程序分析,确定热点代码
  4. 对热点代码使用低级语言改写

设计恰当的执行控制流

循环

  • 循环层数最好不要超过三层
  • 短循环可以多使用break、continue等控制,长循环尽量保证唯一出口
  • 循环附近不要写重复的代码(修改需要同步修改多处,不便维护)
  • for适合与“数量”有关的循环,且不要在内部修改下标;while适合与“条件”有关的循环
  • 循环体应当自成子程序,循环条件应当清晰易读
  • 多使用for循环,但不要把与循环无关的语句(比如初始化一个不用于循环的变量)放在循环头
  • 不要写空循环,将空循环改写成while循环
  • 如果一个循环可以做两件事情,把它们拆成两个循环,除非注明在性能上有所提高
  • 不要将循环下标作为结果返回。如果需要使用,可以在循环开始前定义新的变量,然后在循环内部对这一变量进行赋值

建表,以提高代码质量

用查表法替换繁琐的if-else判断

使用大量if-else的坏处:

  • 不易阅读
  • 代码重复度高,无意义
  • 对于复杂情况,容易漏条件
  • 判断逻辑硬编码在代码中,维护不便

使用查表法的好处:

  • 易读
  • 代码简洁且高效
  • 不会漏掉条件
  • 可以将表放在外部文件或者统一放在一起,便于维护;可以在不改变程序的情况下修正运行结果

用法:将要判断的各个参数作为表的维度,将判断结果作为表索引后的结果。

用索引表替换数据表

稀疏的数据表在存储对齐的情况下会浪费大量空间。与之相比,采用索引表可以降低空间浪费量(仍然会产生浪费)。为了进一步减少索引表空间,可以使用阶梯索引表,根据数据的范围(而不是具体的数据值)进行建索引,比如根据百分制成绩计算绩点,建立相应的data-to-key函数,放在数组中。

用结果表替换数学计算结果

考虑到系统函数的精确性,计算速度可能较慢。可以预先手动算出一些数据并建表,计算时直接查表即可,大大提高程序性能。

\ No newline at end of file diff --git a/cpp/index.html b/cpp/index.html index 3e5ef8a..16993fe 100644 --- a/cpp/index.html +++ b/cpp/index.html @@ -202,7 +202,7 @@ using Vec = std::vector<T>; Vec<int> myVec; // 等价于 std::vector<int> -

C++14新特性

C++17新特性

C++20新特性

\ No newline at end of file diff --git a/crawler/index.html b/crawler/index.html index 20d952b..d9f225a 100644 --- a/crawler/index.html +++ b/crawler/index.html @@ -159,7 +159,7 @@ if p.poll() == 0: break p.wait() -
\ No newline at end of file diff --git a/docker/index.html b/docker/index.html index fa0c923..74b1245 100644 --- a/docker/index.html +++ b/docker/index.html @@ -18,7 +18,7 @@ sudo systemctl restart docker

还有一种做法,适用于已经使用过一段时间的docker,关闭docker后mv原来的/var/lib/docker到新目录(比如/data/docker)然后再ln -s /data/docker /var/lib/docker建立软链接。

从镜像创建容器并挂载目录

会在容器中创建目录,映射宿主机目录。宿主机的目录和容器目录内容是一样的,修改一方,另一方随之改变

docker run -it --name=<container_name> --user=<user_id>:<group_id> --hostname=xxxx --workdir=xxxx  -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro --mount type=bind,source=<宿主机目录>,target=<容器目录> <镜像名>:<tag> /bin/bash
 

以上命令可以完成对指定镜像创建一个比较完备的容器,指定了容器名称、用户名称和组别、主机名、用户工作目录,并挂载了主机的一些目录。指定passwd和group文件的只读挂载可以避免–user使用用户(组)id进行新建容器时引发的找不到用户名和组名的问题。并且避免了默认root用户导致的主机端无法访问容器新建文件的问题。

注意这样创建的用户没有root权限。如果需要,则不使用user参数,但存在容器创建文件是root,宿主机无法修改的问题。

一个不太聪明的解决方法是user_id设成root的0,group_id设成普通用户,然后在容器里给root的.bashrc加一行umask 0002。就是说让用户组也能修改文件了。

一些其他的办法:docker exec -u好像可以指定启动容器时的用户,不知道有什么用,可以试试;或者root进去以后把普通用户加到sudoers里

新容器初始化

apt-get update更新一下list,然后才能使用apt-get下载其他包。一些常用的包:apt-get install build-essential

退出初次创建的容器

连按Ctrl+PCtrl+Q退出容器。否则简单退出后容器就stop了,下次exec的时候还要restart,甚至还会出现restart自动又stop的情况

进入已有的容器

docker exec -it <容器id> /bin/bash
-

可以Ctrl+D退出

\ No newline at end of file diff --git a/dsa/array/index.html b/dsa/array/index.html index b25d761..6a4c990 100644 --- a/dsa/array/index.html +++ b/dsa/array/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

数组

约 2 个字 预计阅读时间不到 1 分钟

数组

约 2 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/branch-and-bound-algo/index.html b/dsa/branch-and-bound-algo/index.html index fafd667..6b95787 100644 --- a/dsa/branch-and-bound-algo/index.html +++ b/dsa/branch-and-bound-algo/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

分支定界算法

约 6 个字 预计阅读时间不到 1 分钟

分支定界算法

约 6 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/dynamic-algo/index.html b/dsa/dynamic-algo/index.html index 2d9f5f2..e265ac8 100644 --- a/dsa/dynamic-algo/index.html +++ b/dsa/dynamic-algo/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

动态规划算法

约 6 个字 预计阅读时间不到 1 分钟

动态规划算法

约 6 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/graph-algo/index.html b/dsa/graph-algo/index.html index 8907e10..98fb28c 100644 --- a/dsa/graph-algo/index.html +++ b/dsa/graph-algo/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

图算法

约 3 个字 预计阅读时间不到 1 分钟

图算法

约 3 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/graph/index.html b/dsa/graph/index.html index 54d96a2..98d4cbe 100644 --- a/dsa/graph/index.html +++ b/dsa/graph/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

约 1 个字 预计阅读时间不到 1 分钟

约 1 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/greedy-algo/index.html b/dsa/greedy-algo/index.html index 636feb7..ab2491e 100644 --- a/dsa/greedy-algo/index.html +++ b/dsa/greedy-algo/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

贪心算法

约 4 个字 预计阅读时间不到 1 分钟

贪心算法

约 4 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/linkedlist/index.html b/dsa/linkedlist/index.html index e12a84b..5fb0d72 100644 --- a/dsa/linkedlist/index.html +++ b/dsa/linkedlist/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

链表

约 2 个字 预计阅读时间不到 1 分钟

链表

约 2 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/queue/index.html b/dsa/queue/index.html index 17e4c11..0a68273 100644 --- a/dsa/queue/index.html +++ b/dsa/queue/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

队列

约 2 个字 预计阅读时间不到 1 分钟

队列

约 2 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/stack/index.html b/dsa/stack/index.html index de80620..7fb540a 100644 --- a/dsa/stack/index.html +++ b/dsa/stack/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

约 1 个字 预计阅读时间不到 1 分钟

约 1 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/dsa/tree/index.html b/dsa/tree/index.html index 14741a0..2c9697a 100644 --- a/dsa/tree/index.html +++ b/dsa/tree/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

约 1 个字 预计阅读时间不到 1 分钟

约 1 个字 预计阅读时间不到 1 分钟

\ No newline at end of file diff --git a/envs/index.html b/envs/index.html index 1bcef3e..ce4e5ae 100644 --- a/envs/index.html +++ b/envs/index.html @@ -55,7 +55,7 @@ apt install fonts-wqy-microhei # 安装一个就行 fc-cache # 刷新缓存 fc-list # 检查列表 -

参考文章

\ No newline at end of file diff --git a/fuzzing/index.html b/fuzzing/index.html index 4134087..f282716 100644 --- a/fuzzing/index.html +++ b/fuzzing/index.html @@ -9,7 +9,7 @@ body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

模糊测试基本介绍

约 1699 个字 2 行代码 预计阅读时间 6 分钟

覆盖率指引的模糊测试方法获得覆盖率的四种追踪方式1

  1. 使用编译器向基本块边缘插桩,可以准确地插桩并易于优化,但需要源码已知。
  2. 静态二进制重写,不需要源码,仍在研究,因为静态代码插桩准确性难以保证,并且优化能力有限。这些限制条件会影响代码率信息的质量与准确性,以及二进制重写的表现。
  3. 动态二进制插桩,不需要源码,可以容易、准确插入代码,但是动态翻译二进制的开销可能大到不能接受。
  4. 硬件辅助追踪,不需要源码,利用内置的硬件追踪扩展,在运行时直接获取控制执行流信息。

侵入式与非侵入式追踪2

Traces can be generated by trace code that is executed within tasks and/or interrupt service routines, just like application code that is executed on the same CPU. This is the most flexible approach, as both the content and the amount of trace information output can be defined in software. However, this tracing method comes with a significant drawback: It uses resources that are shared with the application software, hence tracing may significantly reduce the amount of memory available for the applications, increase the gross execution times of the applications and, in the case of real-time systems, impair functionality. This is why it is called intrusive tracing.

The most common case is that adding trace code is detrimental to the functionality of the applications in real-time systems because the resource requirements for intrusive tracing have been underestimated in the early stages of the project, such that tracing would eventually eat up resources that are required by the application. Therefore, the resource requirements for tracing must be properly considered throughout the whole development lifecycle. Removing trace code from real-time systems may also cause functional issues, typically just before the final production software release. This is the worst case, as trace information is no longer available in this scenario.

Non-intrusive tracing does not change the intrinsic timing behavior of the system under test. This approach simplifies the software development process a lot and requires dedicated hardware support for tracing. External trace probes connected to the target system, in conjunction with on-chip debug modules, capture code execution on instruction level, memory accesses and other events on the target processor. This approach is the best option when it comes to debugging the code execution down to the instruction level. The PCB design of the device under test must provide the connectors required by the external probe.

Another option for non-intrusive tracing is on-chip tracing, where most of the trace hardware is packed into the same chip that also contains the CPU that executes the application code. Non-intrusive tracing can, however, be restricted by limitations of the respective trace module or probe, such as buffer sizes, bus bandwidth or the size of an external probe.

Due to cost savings (no expensive third-party trace hardware required), reduced footprint (very small connectors instead of larger probe connectors), and limited trace bandwidth requirements, the on-chip tracing method is the preferred approach for generating the trace data required for in-depth timing analysis on task, runnable and ISR level. On-chip tracing is a suitable tracing method for devices under test with form factors very close to the final volume production devices.

针对网络协议的模糊测试

网络协议的特点是一般有明确的状态信息,相同的input在不同的状态可能得到不同的output。针对网络协议的模糊测试一般具有stateful的特点。这类模糊测试有几个难点: 1. 生成格式正确的信息,满足对特定状态的fuzz 2. 扩展到不同的协议中 3. 测试样例有效性,需要通过格式校验比如长度、协议认证、校验和等

AFLNET

首次提出针对有状态协议的灰盒模糊测试。AFLNET从响应信息中提取响应码来表示状态信息,并用响应码序列来推断协议实现的状态模型,并进一步使用这一模型来指导fuzz。

一些不足: 1. 状态表示能力:AFLNET要求响应信息中包含状态码,这并不是协议必须实现的。而且状态码表示能力有限,且可能产生冗余状态。 2. 测试效率:没有明确的信号反映待测程序是否处理完消息,因此设置固定的计时器来控制消息发送,时间窗口可能过小或过大。

STATEAFL

使用程序内存状态来表示服务状态,通过对被测程序插桩来收集状态信息并推测状态模型。在每一轮网络交互中,STATEAFL将程序变量值转储给分析队列,并进行post-execution的分析,来更新状态模型。

一些不足: 1. 面对和AFLNET相同的测试效率问题,而且因为后执行分析,产生额外的开销,会降低测试吞吐量。

NSFuzz

使用基于变量的状态表示方法推断状态模型来指导模糊测试,使用基于网络事件循环的同步机制来提高吞吐量。

启发式的变量判断方法:静态分析中只在事件循环代码中分辨状态变量,且关注被读与写、被赋予枚举类型的数据或是数据结构体里的整型成员。

表示状态的方法:使用两条语句维护shared_state数组,当状态变量值被更新时同步更新shared_state;当fuzzer在通信管道收到消息处理结果时,对这个数组进行hash,作为当前程序所处的state。

shared_state[hash(var_id) ^ cur_store_val] = 1;
 shared_state[hash(var_id) ^ pre_store_val] = 0;
-

IoTHunter

提出多阶段信息生成方法来对IoT固件中的有状态网络协议进行fuzz。分为对已知状态的模糊测试与未知状态的探索。基于整数变异的方法改变包类型,并对包格式(比如长度、校验和)做检查等。

数据流指导的模糊测试

控制流指导的模糊测试侧重程序操作的执行顺序(比如分支与循环),数据流指导的模糊测试侧重变量如何定义与使用。变量的定义与使用位置可以不存在控制上的依赖关系。在模糊测试中,数据流主要使用动态污点分析(DTA)技术,即将目标程序的输入数据在定义处视为污点,并在运行时追踪它是如何被访问与使用的。

在实践中,难以做到准确的DTA,开销会很大。并且部分真实程序无法在应用DTA技术的情况下成功编译。因此大部分灰盒模糊测试不使用DTA,以期获得更高的吞吐量。

有一些轻量级的DTA代替方案(比如REDQUEUE、GREYONE),而基于控制流与数据流的模糊测试器的覆盖率指标还没有被完全探索。

DATAFLOW

源码

在程序执行时并行使用数据流分析来指导模糊测试,使用不精确的推断来降低开销并提高吞吐量。对数据流有效性进行了简单的评估,认为对大部分测试目标而言,数据流并不比控制流优越,但是在部分特定场景(比如控制流和语义解耦,如parser)下,数据流可能会有用。


\ No newline at end of file diff --git a/git/index.html b/git/index.html index 22967e7..25f2cf4 100644 --- a/git/index.html +++ b/git/index.html @@ -10,7 +10,7 @@ body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

Git学习笔记

约 1937 个字 3 行代码 预计阅读时间 7 分钟

将本地已有仓库推送至Github的新建仓库中

默认以下条件均成立:

  • 已在github上创建同名空仓库(不同名也行)
  • 已配置好ssh密钥
  • 已建立好本地仓库(git init +git add . +git commit -m "comments")
  • 本地仓库为clean状态(使用git status查看)
  1. 进入本地git仓库,使用git remote add origin git@github.com:xxx(仓库网站比如github提供的ssh地址)
  2. 使用git push -u origin master向远程仓库提交代码(后来听说github默认名改成main了?)

强制推送可以再加个--force参数

添加.gitignore文件以不追踪文件

初次向github提交代码前,在本地工作目录下创建.gitignore文件,里面直接写上不想追踪的文件名和文件夹名即可。(文件名不需要补全路径)

撤回add

使用git add .可以直接把当前目录都add进暂存区,对于不慎添加的内容可以使用git rm --cached <file>来撤回add。可以使用git rm -r --cached .来撤回git add . 。(使用git status可以查看暂存区,里面也有提示怎么撤回)

配置git账号并加入github项目

  1. 使用git config --global user.name "<yourname>"设置用户名
  2. 使用git config --global user.email "<email>"设置邮箱
  3. 使用ssh-keygen -t rsa -C "<comments>"生成密钥对,然后一路回车直到生成结束(也可以提示添加passwd phrase,这样的话如果使用ssh-add添加时会要求输入这个密码防止被别人滥用。注意相同的passwd phrase不会生成相同的密钥对)
  4. 在上一步过程中默认的路径(比如~/.ssh)找到id_rsa.pub文件,拷贝其全部内容
  5. 打开github,右上角头像,settings,左侧的SSH and GPG keys,然后给SSH添加这个公钥即可

ed25519似乎比默认的rsa更安全、计算更快、密钥更短,可以使用

有时需要指定密钥,比如不使用默认的密钥文件名。此时可以先eval $(ssh-agent -s)启用agent,然后ssh-add <private keyfile> 来添加密钥。ssh-add -l可以查看添加的密钥。

或者可以把密钥在~/.ssh/config文件里指定一下,就可以省去ssh-agent的操作,比如

Host github.com
     HostName github.com
     IdentityFile ~/.ssh/id_ed25519_user_github
-

有的时候git进行push到私仓时会出现卡机的问题,不确定是什么原因,如果remote repo使用的是git@xxx的url的话,可以试试改成https的链接;还不行的话可以试试git config的proxy,设置或清空。

放弃对文件的跟踪

与他人合作项目时,有时需要做一些本地适配,但是不想妨碍其他人,可以添加到.gitignore。但对于已经处于跟踪状态的文件来说后添进.gitignore是无效的。因此可以先将文件移出跟踪态,然后再加进.gitignore里。如下:git rm -r --cached <file/dir>其中-r表示递归。也可以加-n表示伪放弃跟踪(用于预览会放弃对哪些文件的追踪)

更换远程仓库

有的时候从官方仓库git clone下代码,本地拷贝一份、各种魔改并上传到自己的私仓。又由于windows、linux环境不同,想把原来的代码更新成自己的私仓,所以需要换一下远程仓库。

  1. 首先取消原来的远程分支跟踪git remote rm <remote repo name>
  2. 然后添加自己的仓库作为远程git remote add <remote repo name> <repo url>

好像也可以直接更换远程仓库:git remote set-url <remote repro name> <repo url>

这里的<remote repo name>是自己取的仓库名,之后的操作可以用它来指定对象。可以随便取,比如常见的origin。

子模块的下载

有的时候一个代码仓库拿其他仓库来当做子模块,在github上这些模块是图中的表示形式。git仓库里也会有.gitmodules文件来说明这些子模块。当clone主仓库时,这些子模块不会跟着下载下来。

初次部署时,在主仓库目录下里使用git submodule update --init --recursive来从.gitmodules字clone子模块。

如果子模块被别的开发者更新了,可以进到子模块中然后git pull

如果希望添加某个仓库作为子模块,使用git submodule add <repo url>来下载子模块并更新.gitmodules文件

自己的项目需要对其他项目进行修改

如果自己的项目用到别的项目,需要对其中一些代码进行修改,而不需要把在上传github时把整个项目全部放到自己的项目下,可以先用submodule添加子模块,然后直接修改代码,并在其项目下用git diff <commit id> > <file.patch>生成一个diff文件。把diff文件放到自己的项目里,再上传到github上。其中commit id是第三方项目的commit,也就是这个submodule下载时的commit id,可以通过git log找到。

如果直接用git diff > <file.patch>,会输出未加入暂存的修改和最近一次暂存/commit的diff文件。

其他人使用时,就先把第三方项目获取下来,然后git apply <file.patch>即可。撤回补丁使用git apply -R <file.patch>

不同版本多人合作与分支使用

最近在跑fuzzer,合作时有时需要切换不同的测试目标,每个测试目标都有自己的一大堆配套设置。大家都在主分支删改太麻烦而且很乱,所以需要针对每个测试目标设置不同的branch。

可以使用git branch -a查看所有分支。其中前面带*的是当前branch。

新建分支时使用 git checkout -b <branch name> 相当于先git branch <branch name> 创建了一个新的分支,然后git checkout <branch name>切换到那个分支。

在新的分支commit后,使用git push -u <remote repo name> <local branch name>:<remote branch name>可以将自己的这个分支推送到远程仓库。其中:

  • -u表示记住当前设定,之后在这一分支上push时,简单使用git push就会推送,不需要再敲这么长了。
  • origin 是之前git remote add origin 设定的远程主机名称,需要和实际设定一样。因为大家使用origin是在太普遍了,所以这里没有用<remote host name>来表示,意会即可。
  • local branch name和remote branch name一般情况是相同的。会在远程新建remote branch name

如果需要删除远程分支,可以简单地推送空分支:git push origin :<remote branch name>。这里本地分支名留空了。也可以使用专门的删除方式:git push origin --delete <remote branch name>

如果需要删除本地分支,使用git branch -d <local branch name>

合并分支时,先切换到需要接收改动的分支上,然后git merge <new branch name>,即可将new branch的改动更新到当前分支上。new branch的内容是不变的。

拉取远程分支到本地,而不影响本地分支:git fetch <remote repo name> <remote branch name>:<local branch name>会将远程仓库的分支保存在本地对应分支下。

可以用git fetch --all拉取所有远程分支,如果没有效果,注意检查remote.origin.fetch的设置:git config --get remote.origin.fetch,如果是+refs/heads/master:refs/remotes/origin/master,则表示只拉master分支。可以修改成拉取所有分支:git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*"

Github debug合集

某种东西真的神烦,科研需要下载的仓库代码经常莫名其妙下载不了,写的代码上传补上去,build个docker慢的要死,第三方包拉取不到……浪费很多时间在因为网络连接不了导致的各种bug上,有效科研时间白白被消耗,真的很xx。

Git clone报错gnutls_handshake() failed: The TLS connection was non-properly terminated.

一种做法是设置或者取消设置http.proxy和https.proxy

另一种做法是直接取消SSL校验,虽然粗暴了点:git config http.sslVerify false

\ No newline at end of file diff --git a/go/index.html b/go/index.html index 486dd50..d17838b 100644 --- a/go/index.html +++ b/go/index.html @@ -20,7 +20,7 @@ fmt.Println(i) } } -
\ No newline at end of file diff --git a/index.html b/index.html index b01e169..4779fd0 100644 --- a/index.html +++ b/index.html @@ -7,6 +7,6 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

首页

约 13 个字 预计阅读时间不到 1 分钟

欢迎,这里是 c01dkit 的技术笔记

跳转至
\ No newline at end of file diff --git a/interesting-articles/index.html b/interesting-articles/index.html index 741aef1..f973698 100644 --- a/interesting-articles/index.html +++ b/interesting-articles/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

有趣文章

约 179 个字 预计阅读时间 1 分钟

  1. [Usenix Security 2021] Understanding and Detecting Disordered Error Handling with Precise Function Pairing 不正确的错误处理函数本身可能也会带来新的错误,尤其是在做一些前期清理工作时,执行顺序不正确会带来提权、崩溃与DoS。本文希望推断出预期的清理函数。
  2. [Usenix Security 2020] Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck 考虑到数据流向的实体,对应用程序的隐私规范进行研究建模。
  3. [NDSS 2019] https://www.youtube.com/watch?v=dMndb0Xmr4k&t=1s&list=PLfUWWM-POgQs9SPvg-UA-TNG7UVEcdz8l&index=5 GitHub上由于一些不当操作可能会导致API密钥泄露。本文研究表明这种泄露非常猖獗,并且远没有解决问题。

有趣文章

约 179 个字 预计阅读时间 1 分钟

  1. [Usenix Security 2021] Understanding and Detecting Disordered Error Handling with Precise Function Pairing 不正确的错误处理函数本身可能也会带来新的错误,尤其是在做一些前期清理工作时,执行顺序不正确会带来提权、崩溃与DoS。本文希望推断出预期的清理函数。
  2. [Usenix Security 2020] Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck 考虑到数据流向的实体,对应用程序的隐私规范进行研究建模。
  3. [NDSS 2019] https://www.youtube.com/watch?v=dMndb0Xmr4k&t=1s&list=PLfUWWM-POgQs9SPvg-UA-TNG7UVEcdz8l&index=5 GitHub上由于一些不当操作可能会导致API密钥泄露。本文研究表明这种泄露非常猖獗,并且远没有解决问题。
\ No newline at end of file diff --git a/investigations/index.html b/investigations/index.html index caa2ef8..749b5ea 100644 --- a/investigations/index.html +++ b/investigations/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

四大调查

约 311 个字 预计阅读时间 1 分钟

  1. [Usenix Security 2022] “I feel invaded, annoyed, anxious and I may protect myself”: Individuals’ Feelings about Online Tracking and their Protective Behaviour across Gender and Country
  2. [Usenix Security 2022] “Like Lesbians Walking the Perimeter”: Experiences of U.S. LGBTQ+ Folks With Online Security, Safety, and Privacy Advice
  3. [Usenix Security 2022] How and Why People Use Virtual Private Networks
  4. [Usenix Security 2021] “It’s the Company, the Government, You and I”: User Perceptions of Responsibility for Smart Home Privacy and Security
  5. [Usenix Security 2021] “Shhh…be quiet!” Reducing the Unwanted Interruptions of Notification Permission Prompts on Chrome
  6. [Usenix Security 2021] Effect of Mood, Location, Trust, and Presence of Others on Video-Based Social Authentication
  7. [Usenix Security 2021] ‘Passwords Keep Me Safe’ – Understanding What Children Think about Passwords
  8. [Usenix Security 2021] “It’s stressful having all these phones”: Investigating Sex Workers’ Safety Goals, Risks, and Practices Online
  9. [Usenix Security 2021] “Now I’m a bit angry:” Individuals’ Awareness, Perception, and Responses to Data Breaches that Affected Them
  10. [Usenix Security 2020] “I am uncomfortable sharing what I can’t see”: Privacy Concerns of the Visually Impaired with Camera Based Assistive Applications
  11. [Usenix Security 2020 | Distingguished Paper Award] Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It
  12. [Usenix Security 2020] An Observational Investigation of Reverse Engineers’ Processes
  13. [Usenix Security 2020] That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers
  14. [NDSS 2022] An In-depth Analysis of Duplicated Linux Kernel Bug Reports
  15. [NDSS 2020] Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators
  16. [NDSS 2019] Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers
  17. [NDSS 2019] A First Look into the Facebook Advertising Ecosystem

四大调查

约 311 个字 预计阅读时间 1 分钟

  1. [Usenix Security 2022] “I feel invaded, annoyed, anxious and I may protect myself”: Individuals’ Feelings about Online Tracking and their Protective Behaviour across Gender and Country
  2. [Usenix Security 2022] “Like Lesbians Walking the Perimeter”: Experiences of U.S. LGBTQ+ Folks With Online Security, Safety, and Privacy Advice
  3. [Usenix Security 2022] How and Why People Use Virtual Private Networks
  4. [Usenix Security 2021] “It’s the Company, the Government, You and I”: User Perceptions of Responsibility for Smart Home Privacy and Security
  5. [Usenix Security 2021] “Shhh…be quiet!” Reducing the Unwanted Interruptions of Notification Permission Prompts on Chrome
  6. [Usenix Security 2021] Effect of Mood, Location, Trust, and Presence of Others on Video-Based Social Authentication
  7. [Usenix Security 2021] ‘Passwords Keep Me Safe’ – Understanding What Children Think about Passwords
  8. [Usenix Security 2021] “It’s stressful having all these phones”: Investigating Sex Workers’ Safety Goals, Risks, and Practices Online
  9. [Usenix Security 2021] “Now I’m a bit angry:” Individuals’ Awareness, Perception, and Responses to Data Breaches that Affected Them
  10. [Usenix Security 2020] “I am uncomfortable sharing what I can’t see”: Privacy Concerns of the Visually Impaired with Camera Based Assistive Applications
  11. [Usenix Security 2020 | Distingguished Paper Award] Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It
  12. [Usenix Security 2020] An Observational Investigation of Reverse Engineers’ Processes
  13. [Usenix Security 2020] That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers
  14. [NDSS 2022] An In-depth Analysis of Duplicated Linux Kernel Bug Reports
  15. [NDSS 2020] Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators
  16. [NDSS 2019] Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers
  17. [NDSS 2019] A First Look into the Facebook Advertising Ecosystem
\ No newline at end of file diff --git a/java/index.html b/java/index.html index ef0c941..9d2e69b 100644 --- a/java/index.html +++ b/java/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

Java

约 108 个字 预计阅读时间不到 1 分钟

Java环境配置

https://www.oracle.com/java/technologies/downloads/下载对应系统的包。Linux选择Compressed Archive,解压缩以后配置下path;Windows可以用MSI Installer。对应的源码在lib/src.zip中。

Java源码架构理解

核心代码、主要功能在java.base/java目录下,其中包含了io、lang、util等多个关键模块。

Java里有哪些数据结构类型?如何实现的?

Java中常见的数据类型比如Set、Array、

Java

约 108 个字 预计阅读时间不到 1 分钟

Java环境配置

https://www.oracle.com/java/technologies/downloads/下载对应系统的包。Linux选择Compressed Archive,解压缩以后配置下path;Windows可以用MSI Installer。对应的源码在lib/src.zip中。

Java源码架构理解

核心代码、主要功能在java.base/java目录下,其中包含了io、lang、util等多个关键模块。

Java里有哪些数据结构类型?如何实现的?

Java中常见的数据类型比如Set、Array、

\ No newline at end of file diff --git a/latex/index.html b/latex/index.html index 9c9cc17..a09b2de 100644 --- a/latex/index.html +++ b/latex/index.html @@ -196,7 +196,7 @@ \end{sloppypar} \end{document} -
\ No newline at end of file diff --git a/linux-kernel/index.html b/linux-kernel/index.html index eb90eb6..5811e7b 100644 --- a/linux-kernel/index.html +++ b/linux-kernel/index.html @@ -12,7 +12,7 @@ make[2]: *** Waiting for unfinished jobs.... 参考StackOverflow上的解答,可以修改conf文件,也可以简单地运行

scripts/config --disable SYSTEM_TRUSTED_KEYS
 scripts/config --disable SYSTEM_REVOCATION_KEYS
-
重新make后一路回车。

\ No newline at end of file diff --git a/linux-server/index.html b/linux-server/index.html index ad9804d..316c2de 100644 --- a/linux-server/index.html +++ b/linux-server/index.html @@ -75,7 +75,7 @@ # multi-user.target组中的服务都将开机启动 # 常用Target,1. multi-user.target-多用户命令行;2. graphical.target-图形界面模式 WantedBy=[表示该服务所在的Target] -

定时服务

定时程序执行失败的原因是多样的,可能是因为定时服务没启动,需要systemctl restart cron.service,或者是cron服务坏掉了,先apt install cron --reinstall强制重新安装下,再重启服务,或者是安装了别的依赖库但是没有重启cron导致运行失败,试试/etc/init.d/cron restart

打开文件数

https://www.baeldung.com/linux/list-open-file-descriptors

Linux默认最多同时打开1024个文件,可以通过ulimit -n查看。fuzzing等要注意关闭文件描述符,否则可能导致服务器故障(比如ssh连不上)。/proc//fd里列出了pid锁打开的文件。

参考资料

  1. systemd相关资料
\ No newline at end of file diff --git a/llvm/index.html b/llvm/index.html index 21f59e8..f355b87 100644 --- a/llvm/index.html +++ b/llvm/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

LLVM 学习

约 508 个字 158 行代码 预计阅读时间 17 分钟

快速上手

源码编译

首先在https://github.com/llvm/llvm-project/releases/ 下载心仪的llvm-project-xx.x.x.src.tar.xz,然后tar -xf llvm*解压缩后按如下进行编译:

cd llvm-project-*
+    body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}      

LLVM 学习

约 739 个字 163 行代码 预计阅读时间 19 分钟

快速上手

源码编译

首先在https://github.com/llvm/llvm-project/releases/ 下载心仪的llvm-project-xx.x.x.src.tar.xz,然后tar -xf llvm*解压缩后按如下进行编译:

cd llvm-project-*
 mkdir build && cd build
 cmake -G "Unix Makefiles" -DLLVM_ENABLE_PROJECTS="clang" -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=On -DLLVM_TARGETS_TO_BUILD=host ../llvm
 cmake --build . -j8 # make -j8  根据实际情况选择多线程编译
@@ -218,119 +218,494 @@
 };
 
 #endif // PRINT_FUNCTION_NAMES_PASS_HPP
-

LLVM API学习

头文件架构

关注之前下载的llvm-project-xx.x.x.src目录下的llvm/include/llvm文件夹,里面包含ADTIRIRReader等各种头文件,从中可以了解如何调API。以15.0.7版本为例,目录架构如下:

tree ./llvm-project-15.0.7.src/llvm/include/llvm -LF 1
./
-├── ADT/
-├── Analysis/
-├── AsmParser/
-├── BinaryFormat/
-├── Bitcode/
-├── Bitstream/
-├── CMakeLists.txt
-├── CodeGen/
-├── Config/
-├── DebugInfo/
-├── Debuginfod/
-├── Demangle/
-├── DWARFLinker/
-├── DWP/
-├── ExecutionEngine/
-├── FileCheck/
-├── Frontend/
-├── FuzzMutate/
-├── InitializePasses.h
-├── InterfaceStub/
-├── IR/
-├── IRReader/
-├── LineEditor/
-├── LinkAllIR.h
-├── LinkAllPasses.h
-├── Linker/
-├── LTO/
-├── MC/
-├── MCA/
-├── module.extern.modulemap
-├── module.install.modulemap
-├── module.modulemap
-├── module.modulemap.build
-├── ObjCopy/
-├── Object/
-├── ObjectYAML/
-├── Option/
-├── PassAnalysisSupport.h
-├── Passes/
-├── Pass.h
-├── PassInfo.h
-├── PassRegistry.h
-├── PassSupport.h
-├── ProfileData/
-├── Remarks/
-├── Support/
-├── TableGen/
-├── Target/
-├── Testing/
-├── TextAPI/
-├── ToolDrivers/
-├── Transforms/
-├── WindowsDriver/
-├── WindowsManifest/
-├── WindowsResource/
-└── XRay/
-
-43 directories, 13 files
-

Pass.h

LLVM Pass的基础是一个个pass,比如自己写一个类继承llvm::ModulePass,在内部覆写runOnModule函数。而ModulePass又是继承自llvm::Pass的,也就是直接来自头文件目录下的Pass.h文件。这个头文件大致结构如下:

Pass.h
#ifndef LLVM_PASS_H
-#define LLVM_PASS_H
-#include <string>
-
-namespace llvm {
-
-class AnalysisResolver;
-class AnalysisUsage;
-class Function;
-//   ...
-
-// AnalysisID - Use the PassInfo to identify a pass...
-using AnalysisID = const void *;
-
-/// Different types of internal pass managers.
-enum PassManagerType {
-//   ...
-};
-
-// Different types of passes.
-enum PassKind {
-//   ...
-};
-
-/// This enumerates the LLVM full LTO or ThinLTO optimization phases.
-enum class ThinOrFullLTOPhase {
-//   ...
-};
-
-class Pass {
-// ...
-};
-
-class ModulePass : public Pass {
-// ...
-};
-
-class ImmutablePass : public ModulePass {
-// ...
-};
-
-class FunctionPass : public Pass {
-// ...
-};
+

LLVM IR

opaque pointer

不透明指针即不关心具体的指针类型,而使用ptr来取代之前的具体类型比如i32*。不透明指针在LLVM 15成为默认选项,并在LLVM 17移除透明指针。对于允许禁用不透明指针的LLVM版本而言,在命令行编译时,可以添加-Xclang -no-opaque-pointers来保留显式类型。cmake可以使用-DCLANG_ENABLE_OPAQUE_POINTERS=OFF

在启用不透明指针的情况下,可以在编译时启用-g参数,使得可以从编译器生成的调试信息中恢复出指针的类型信息。

#include<stdio.h>
+
+struct sample {
+    int x1;
+    int x2;
+    struct sample *next;
+};
+
+void test(int *p, struct sample* s) {
+    s->x2 = *p;
+}
+
+int main () {
+    int a, *p;
+    a = 10;
+    p = &a;
+    struct sample s1;
+    s1.x1 = 20;
+    test(p, &s1);
+    printf("%d",s1.x2 + s1.x1);
+}
+
; ModuleID = 'testsuite/sample1.c'
+source_filename = "testsuite/sample1.c"
+target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128"
+target triple = "x86_64-unknown-linux-gnu"
+
+%struct.sample = type { i32, i32, ptr }
+
+@.str = private unnamed_addr constant [3 x i8] c"%d\00", align 1
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local void @test(ptr noundef %0, ptr noundef %1) #0 {
+  %3 = alloca ptr, align 8
+  %4 = alloca ptr, align 8
+  store ptr %0, ptr %3, align 8
+  store ptr %1, ptr %4, align 8
+  %5 = load ptr, ptr %3, align 8
+  %6 = load i32, ptr %5, align 4
+  %7 = load ptr, ptr %4, align 8
+  %8 = getelementptr inbounds %struct.sample, ptr %7, i32 0, i32 1
+  store i32 %6, ptr %8, align 4
+  ret void
+}
+
+; Function Attrs: noinline nounwind optnone uwtable
+define dso_local i32 @main() #0 {
+  %1 = alloca i32, align 4
+  %2 = alloca ptr, align 8
+  %3 = alloca %struct.sample, align 8
+  store i32 10, ptr %1, align 4
+  store ptr %1, ptr %2, align 8
+  %4 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 0
+  store i32 20, ptr %4, align 8
+  %5 = load ptr, ptr %2, align 8
+  call void @test(ptr noundef %5, ptr noundef %3)
+  %6 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 1
+  %7 = load i32, ptr %6, align 4
+  %8 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 0
+  %9 = load i32, ptr %8, align 8
+  %10 = add nsw i32 %7, %9
+  %11 = call i32 (ptr, ...) @printf(ptr noundef @.str, i32 noundef %10)
+  ret i32 0
+}
+
+declare i32 @printf(ptr noundef, ...) #1
 
-} // end namespace llvm
-
-// Include support files that contain important APIs commonly used by Passes,
-// but that we want to separate out to make it easier to read the header files.
-#include "llvm/PassAnalysisSupport.h"
-#include "llvm/PassSupport.h"
-
-#endif // LLVM_PASS_H
-

可见,从Pass类直接继承了ModulePass和FunctionPass两个类。

\ No newline at end of file diff --git a/llvm/testsuite/sample1-g-no-opaque-pointer.ll b/llvm/testsuite/sample1-g-no-opaque-pointer.ll new file mode 100644 index 0000000..995f5de --- /dev/null +++ b/llvm/testsuite/sample1-g-no-opaque-pointer.ll @@ -0,0 +1,120 @@ +; ModuleID = 'testsuite/sample1.c' +source_filename = "testsuite/sample1.c" +target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128" +target triple = "x86_64-unknown-linux-gnu" + +%struct.sample = type { i32, i32, %struct.sample* } + +@.str = private unnamed_addr constant [3 x i8] c"%d\00", align 1, !dbg !0 + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local void @test(i32* noundef %0, %struct.sample* noundef %1) #0 !dbg !17 { + %3 = alloca i32*, align 8 + %4 = alloca %struct.sample*, align 8 + store i32* %0, i32** %3, align 8 + call void @llvm.dbg.declare(metadata i32** %3, metadata !29, metadata !DIExpression()), !dbg !30 + store %struct.sample* %1, %struct.sample** %4, align 8 + call void @llvm.dbg.declare(metadata %struct.sample** %4, metadata !31, metadata !DIExpression()), !dbg !32 + %5 = load i32*, i32** %3, align 8, !dbg !33 + %6 = load i32, i32* %5, align 4, !dbg !34 + %7 = load %struct.sample*, %struct.sample** %4, align 8, !dbg !35 + %8 = getelementptr inbounds %struct.sample, %struct.sample* %7, i32 0, i32 1, !dbg !36 + store i32 %6, i32* %8, align 4, !dbg !37 + ret void, !dbg !38 +} + +; Function Attrs: nocallback nofree nosync nounwind readnone speculatable willreturn +declare void @llvm.dbg.declare(metadata, metadata, metadata) #1 + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local i32 @main() #0 !dbg !39 { + %1 = alloca i32, align 4 + %2 = alloca i32*, align 8 + %3 = alloca %struct.sample, align 8 + call void @llvm.dbg.declare(metadata i32* %1, metadata !42, metadata !DIExpression()), !dbg !43 + call void @llvm.dbg.declare(metadata i32** %2, metadata !44, metadata !DIExpression()), !dbg !45 + store i32 10, i32* %1, align 4, !dbg !46 + store i32* %1, i32** %2, align 8, !dbg !47 + call void @llvm.dbg.declare(metadata %struct.sample* %3, metadata !48, metadata !DIExpression()), !dbg !49 + %4 = getelementptr inbounds %struct.sample, %struct.sample* %3, i32 0, i32 0, !dbg !50 + store i32 20, i32* %4, align 8, !dbg !51 + %5 = load i32*, i32** %2, align 8, !dbg !52 + call void @test(i32* noundef %5, %struct.sample* noundef %3), !dbg !53 + %6 = getelementptr inbounds %struct.sample, %struct.sample* %3, i32 0, i32 1, !dbg !54 + %7 = load i32, i32* %6, align 4, !dbg !54 + %8 = getelementptr inbounds %struct.sample, %struct.sample* %3, i32 0, i32 0, !dbg !55 + %9 = load i32, i32* %8, align 8, !dbg !55 + %10 = add nsw i32 %7, %9, !dbg !56 + %11 = call i32 (i8*, ...) @printf(i8* noundef getelementptr inbounds ([3 x i8], [3 x i8]* @.str, i64 0, i64 0), i32 noundef %10), !dbg !57 + ret i32 0, !dbg !58 +} + +declare i32 @printf(i8* noundef, ...) #2 + +attributes #0 = { noinline nounwind optnone uwtable "frame-pointer"="all" "min-legal-vector-width"="0" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } +attributes #1 = { nocallback nofree nosync nounwind readnone speculatable willreturn } +attributes #2 = { "frame-pointer"="all" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } + +!llvm.dbg.cu = !{!7} +!llvm.module.flags = !{!9, !10, !11, !12, !13, !14, !15} +!llvm.ident = !{!16} + +!0 = !DIGlobalVariableExpression(var: !1, expr: !DIExpression()) +!1 = distinct !DIGlobalVariable(scope: null, file: !2, line: 20, type: !3, isLocal: true, isDefinition: true) +!2 = !DIFile(filename: "testsuite/sample1.c", directory: "/home/cby/llm-pca/01-project", checksumkind: CSK_MD5, checksum: "086ff607109bac3c6d0d457996aa6d0d") +!3 = !DICompositeType(tag: DW_TAG_array_type, baseType: !4, size: 24, elements: !5) +!4 = !DIBasicType(name: "char", size: 8, encoding: DW_ATE_signed_char) +!5 = !{!6} +!6 = !DISubrange(count: 3) +!7 = distinct !DICompileUnit(language: DW_LANG_C99, file: !2, producer: "clang version 15.0.7", isOptimized: false, runtimeVersion: 0, emissionKind: FullDebug, globals: !8, splitDebugInlining: false, nameTableKind: None) +!8 = !{!0} +!9 = !{i32 7, !"Dwarf Version", i32 5} +!10 = !{i32 2, !"Debug Info Version", i32 3} +!11 = !{i32 1, !"wchar_size", i32 4} +!12 = !{i32 7, !"PIC Level", i32 2} +!13 = !{i32 7, !"PIE Level", i32 2} +!14 = !{i32 7, !"uwtable", i32 2} +!15 = !{i32 7, !"frame-pointer", i32 2} +!16 = !{!"clang version 15.0.7"} +!17 = distinct !DISubprogram(name: "test", scope: !2, file: !2, line: 10, type: !18, scopeLine: 10, flags: DIFlagPrototyped, spFlags: DISPFlagDefinition, unit: !7, retainedNodes: !28) +!18 = !DISubroutineType(types: !19) +!19 = !{null, !20, !22} +!20 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !21, size: 64) +!21 = !DIBasicType(name: "int", size: 32, encoding: DW_ATE_signed) +!22 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !23, size: 64) +!23 = distinct !DICompositeType(tag: DW_TAG_structure_type, name: "sample", file: !2, line: 4, size: 128, elements: !24) +!24 = !{!25, !26, !27} +!25 = !DIDerivedType(tag: DW_TAG_member, name: "x1", scope: !23, file: !2, line: 5, baseType: !21, size: 32) +!26 = !DIDerivedType(tag: DW_TAG_member, name: "x2", scope: !23, file: !2, line: 6, baseType: !21, size: 32, offset: 32) +!27 = !DIDerivedType(tag: DW_TAG_member, name: "next", scope: !23, file: !2, line: 7, baseType: !22, size: 64, offset: 64) +!28 = !{} +!29 = !DILocalVariable(name: "p", arg: 1, scope: !17, file: !2, line: 10, type: !20) +!30 = !DILocation(line: 10, column: 16, scope: !17) +!31 = !DILocalVariable(name: "s", arg: 2, scope: !17, file: !2, line: 10, type: !22) +!32 = !DILocation(line: 10, column: 34, scope: !17) +!33 = !DILocation(line: 11, column: 14, scope: !17) +!34 = !DILocation(line: 11, column: 13, scope: !17) +!35 = !DILocation(line: 11, column: 5, scope: !17) +!36 = !DILocation(line: 11, column: 8, scope: !17) +!37 = !DILocation(line: 11, column: 11, scope: !17) +!38 = !DILocation(line: 12, column: 1, scope: !17) +!39 = distinct !DISubprogram(name: "main", scope: !2, file: !2, line: 13, type: !40, scopeLine: 13, spFlags: DISPFlagDefinition, unit: !7, retainedNodes: !28) +!40 = !DISubroutineType(types: !41) +!41 = !{!21} +!42 = !DILocalVariable(name: "a", scope: !39, file: !2, line: 14, type: !21) +!43 = !DILocation(line: 14, column: 9, scope: !39) +!44 = !DILocalVariable(name: "p", scope: !39, file: !2, line: 14, type: !20) +!45 = !DILocation(line: 14, column: 13, scope: !39) +!46 = !DILocation(line: 15, column: 7, scope: !39) +!47 = !DILocation(line: 16, column: 7, scope: !39) +!48 = !DILocalVariable(name: "s1", scope: !39, file: !2, line: 17, type: !23) +!49 = !DILocation(line: 17, column: 19, scope: !39) +!50 = !DILocation(line: 18, column: 8, scope: !39) +!51 = !DILocation(line: 18, column: 11, scope: !39) +!52 = !DILocation(line: 19, column: 10, scope: !39) +!53 = !DILocation(line: 19, column: 5, scope: !39) +!54 = !DILocation(line: 20, column: 20, scope: !39) +!55 = !DILocation(line: 20, column: 28, scope: !39) +!56 = !DILocation(line: 20, column: 23, scope: !39) +!57 = !DILocation(line: 20, column: 5, scope: !39) +!58 = !DILocation(line: 21, column: 1, scope: !39) diff --git a/llvm/testsuite/sample1-g.ll b/llvm/testsuite/sample1-g.ll new file mode 100644 index 0000000..9abc781 --- /dev/null +++ b/llvm/testsuite/sample1-g.ll @@ -0,0 +1,120 @@ +; ModuleID = 'testsuite/sample1.c' +source_filename = "testsuite/sample1.c" +target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128" +target triple = "x86_64-unknown-linux-gnu" + +%struct.sample = type { i32, i32, ptr } + +@.str = private unnamed_addr constant [3 x i8] c"%d\00", align 1, !dbg !0 + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local void @test(ptr noundef %0, ptr noundef %1) #0 !dbg !17 { + %3 = alloca ptr, align 8 + %4 = alloca ptr, align 8 + store ptr %0, ptr %3, align 8 + call void @llvm.dbg.declare(metadata ptr %3, metadata !29, metadata !DIExpression()), !dbg !30 + store ptr %1, ptr %4, align 8 + call void @llvm.dbg.declare(metadata ptr %4, metadata !31, metadata !DIExpression()), !dbg !32 + %5 = load ptr, ptr %3, align 8, !dbg !33 + %6 = load i32, ptr %5, align 4, !dbg !34 + %7 = load ptr, ptr %4, align 8, !dbg !35 + %8 = getelementptr inbounds %struct.sample, ptr %7, i32 0, i32 1, !dbg !36 + store i32 %6, ptr %8, align 4, !dbg !37 + ret void, !dbg !38 +} + +; Function Attrs: nocallback nofree nosync nounwind readnone speculatable willreturn +declare void @llvm.dbg.declare(metadata, metadata, metadata) #1 + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local i32 @main() #0 !dbg !39 { + %1 = alloca i32, align 4 + %2 = alloca ptr, align 8 + %3 = alloca %struct.sample, align 8 + call void @llvm.dbg.declare(metadata ptr %1, metadata !42, metadata !DIExpression()), !dbg !43 + call void @llvm.dbg.declare(metadata ptr %2, metadata !44, metadata !DIExpression()), !dbg !45 + store i32 10, ptr %1, align 4, !dbg !46 + store ptr %1, ptr %2, align 8, !dbg !47 + call void @llvm.dbg.declare(metadata ptr %3, metadata !48, metadata !DIExpression()), !dbg !49 + %4 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 0, !dbg !50 + store i32 20, ptr %4, align 8, !dbg !51 + %5 = load ptr, ptr %2, align 8, !dbg !52 + call void @test(ptr noundef %5, ptr noundef %3), !dbg !53 + %6 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 1, !dbg !54 + %7 = load i32, ptr %6, align 4, !dbg !54 + %8 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 0, !dbg !55 + %9 = load i32, ptr %8, align 8, !dbg !55 + %10 = add nsw i32 %7, %9, !dbg !56 + %11 = call i32 (ptr, ...) @printf(ptr noundef @.str, i32 noundef %10), !dbg !57 + ret i32 0, !dbg !58 +} + +declare i32 @printf(ptr noundef, ...) #2 + +attributes #0 = { noinline nounwind optnone uwtable "frame-pointer"="all" "min-legal-vector-width"="0" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } +attributes #1 = { nocallback nofree nosync nounwind readnone speculatable willreturn } +attributes #2 = { "frame-pointer"="all" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } + +!llvm.dbg.cu = !{!7} +!llvm.module.flags = !{!9, !10, !11, !12, !13, !14, !15} +!llvm.ident = !{!16} + +!0 = !DIGlobalVariableExpression(var: !1, expr: !DIExpression()) +!1 = distinct !DIGlobalVariable(scope: null, file: !2, line: 20, type: !3, isLocal: true, isDefinition: true) +!2 = !DIFile(filename: "testsuite/sample1.c", directory: "/home/cby/llm-pca/01-project", checksumkind: CSK_MD5, checksum: "086ff607109bac3c6d0d457996aa6d0d") +!3 = !DICompositeType(tag: DW_TAG_array_type, baseType: !4, size: 24, elements: !5) +!4 = !DIBasicType(name: "char", size: 8, encoding: DW_ATE_signed_char) +!5 = !{!6} +!6 = !DISubrange(count: 3) +!7 = distinct !DICompileUnit(language: DW_LANG_C99, file: !2, producer: "clang version 15.0.7", isOptimized: false, runtimeVersion: 0, emissionKind: FullDebug, globals: !8, splitDebugInlining: false, nameTableKind: None) +!8 = !{!0} +!9 = !{i32 7, !"Dwarf Version", i32 5} +!10 = !{i32 2, !"Debug Info Version", i32 3} +!11 = !{i32 1, !"wchar_size", i32 4} +!12 = !{i32 7, !"PIC Level", i32 2} +!13 = !{i32 7, !"PIE Level", i32 2} +!14 = !{i32 7, !"uwtable", i32 2} +!15 = !{i32 7, !"frame-pointer", i32 2} +!16 = !{!"clang version 15.0.7"} +!17 = distinct !DISubprogram(name: "test", scope: !2, file: !2, line: 10, type: !18, scopeLine: 10, flags: DIFlagPrototyped, spFlags: DISPFlagDefinition, unit: !7, retainedNodes: !28) +!18 = !DISubroutineType(types: !19) +!19 = !{null, !20, !22} +!20 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !21, size: 64) +!21 = !DIBasicType(name: "int", size: 32, encoding: DW_ATE_signed) +!22 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !23, size: 64) +!23 = distinct !DICompositeType(tag: DW_TAG_structure_type, name: "sample", file: !2, line: 4, size: 128, elements: !24) +!24 = !{!25, !26, !27} +!25 = !DIDerivedType(tag: DW_TAG_member, name: "x1", scope: !23, file: !2, line: 5, baseType: !21, size: 32) +!26 = !DIDerivedType(tag: DW_TAG_member, name: "x2", scope: !23, file: !2, line: 6, baseType: !21, size: 32, offset: 32) +!27 = !DIDerivedType(tag: DW_TAG_member, name: "next", scope: !23, file: !2, line: 7, baseType: !22, size: 64, offset: 64) +!28 = !{} +!29 = !DILocalVariable(name: "p", arg: 1, scope: !17, file: !2, line: 10, type: !20) +!30 = !DILocation(line: 10, column: 16, scope: !17) +!31 = !DILocalVariable(name: "s", arg: 2, scope: !17, file: !2, line: 10, type: !22) +!32 = !DILocation(line: 10, column: 34, scope: !17) +!33 = !DILocation(line: 11, column: 14, scope: !17) +!34 = !DILocation(line: 11, column: 13, scope: !17) +!35 = !DILocation(line: 11, column: 5, scope: !17) +!36 = !DILocation(line: 11, column: 8, scope: !17) +!37 = !DILocation(line: 11, column: 11, scope: !17) +!38 = !DILocation(line: 12, column: 1, scope: !17) +!39 = distinct !DISubprogram(name: "main", scope: !2, file: !2, line: 13, type: !40, scopeLine: 13, spFlags: DISPFlagDefinition, unit: !7, retainedNodes: !28) +!40 = !DISubroutineType(types: !41) +!41 = !{!21} +!42 = !DILocalVariable(name: "a", scope: !39, file: !2, line: 14, type: !21) +!43 = !DILocation(line: 14, column: 9, scope: !39) +!44 = !DILocalVariable(name: "p", scope: !39, file: !2, line: 14, type: !20) +!45 = !DILocation(line: 14, column: 13, scope: !39) +!46 = !DILocation(line: 15, column: 7, scope: !39) +!47 = !DILocation(line: 16, column: 7, scope: !39) +!48 = !DILocalVariable(name: "s1", scope: !39, file: !2, line: 17, type: !23) +!49 = !DILocation(line: 17, column: 19, scope: !39) +!50 = !DILocation(line: 18, column: 8, scope: !39) +!51 = !DILocation(line: 18, column: 11, scope: !39) +!52 = !DILocation(line: 19, column: 10, scope: !39) +!53 = !DILocation(line: 19, column: 5, scope: !39) +!54 = !DILocation(line: 20, column: 20, scope: !39) +!55 = !DILocation(line: 20, column: 28, scope: !39) +!56 = !DILocation(line: 20, column: 23, scope: !39) +!57 = !DILocation(line: 20, column: 5, scope: !39) +!58 = !DILocation(line: 21, column: 1, scope: !39) diff --git a/llvm/testsuite/sample1-no-opaque-pointer.ll b/llvm/testsuite/sample1-no-opaque-pointer.ll new file mode 100644 index 0000000..ca04d07 --- /dev/null +++ b/llvm/testsuite/sample1-no-opaque-pointer.ll @@ -0,0 +1,57 @@ +; ModuleID = 'testsuite/sample1.c' +source_filename = "testsuite/sample1.c" +target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128" +target triple = "x86_64-unknown-linux-gnu" + +%struct.sample = type { i32, i32, %struct.sample* } + +@.str = private unnamed_addr constant [3 x i8] c"%d\00", align 1 + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local void @test(i32* noundef %0, %struct.sample* noundef %1) #0 { + %3 = alloca i32*, align 8 + %4 = alloca %struct.sample*, align 8 + store i32* %0, i32** %3, align 8 + store %struct.sample* %1, %struct.sample** %4, align 8 + %5 = load i32*, i32** %3, align 8 + %6 = load i32, i32* %5, align 4 + %7 = load %struct.sample*, %struct.sample** %4, align 8 + %8 = getelementptr inbounds %struct.sample, %struct.sample* %7, i32 0, i32 1 + store i32 %6, i32* %8, align 4 + ret void +} + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local i32 @main() #0 { + %1 = alloca i32, align 4 + %2 = alloca i32*, align 8 + %3 = alloca %struct.sample, align 8 + store i32 10, i32* %1, align 4 + store i32* %1, i32** %2, align 8 + %4 = getelementptr inbounds %struct.sample, %struct.sample* %3, i32 0, i32 0 + store i32 20, i32* %4, align 8 + %5 = load i32*, i32** %2, align 8 + call void @test(i32* noundef %5, %struct.sample* noundef %3) + %6 = getelementptr inbounds %struct.sample, %struct.sample* %3, i32 0, i32 1 + %7 = load i32, i32* %6, align 4 + %8 = getelementptr inbounds %struct.sample, %struct.sample* %3, i32 0, i32 0 + %9 = load i32, i32* %8, align 8 + %10 = add nsw i32 %7, %9 + %11 = call i32 (i8*, ...) @printf(i8* noundef getelementptr inbounds ([3 x i8], [3 x i8]* @.str, i64 0, i64 0), i32 noundef %10) + ret i32 0 +} + +declare i32 @printf(i8* noundef, ...) #1 + +attributes #0 = { noinline nounwind optnone uwtable "frame-pointer"="all" "min-legal-vector-width"="0" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } +attributes #1 = { "frame-pointer"="all" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } + +!llvm.module.flags = !{!0, !1, !2, !3, !4} +!llvm.ident = !{!5} + +!0 = !{i32 1, !"wchar_size", i32 4} +!1 = !{i32 7, !"PIC Level", i32 2} +!2 = !{i32 7, !"PIE Level", i32 2} +!3 = !{i32 7, !"uwtable", i32 2} +!4 = !{i32 7, !"frame-pointer", i32 2} +!5 = !{!"clang version 15.0.7"} diff --git a/llvm/testsuite/sample1.c b/llvm/testsuite/sample1.c new file mode 100644 index 0000000..3e3c892 --- /dev/null +++ b/llvm/testsuite/sample1.c @@ -0,0 +1,21 @@ +#include + +struct sample { + int x1; + int x2; + struct sample *next; +}; + +void test(int *p, struct sample* s) { + s->x2 = *p; +} + +int main () { + int a, *p; + a = 10; + p = &a; + struct sample s1; + s1.x1 = 20; + test(p, &s1); + printf("%d",s1.x2 + s1.x1); +} \ No newline at end of file diff --git a/llvm/testsuite/sample1.ll b/llvm/testsuite/sample1.ll new file mode 100644 index 0000000..142eb0f --- /dev/null +++ b/llvm/testsuite/sample1.ll @@ -0,0 +1,57 @@ +; ModuleID = 'testsuite/sample1.c' +source_filename = "testsuite/sample1.c" +target datalayout = "e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128" +target triple = "x86_64-unknown-linux-gnu" + +%struct.sample = type { i32, i32, ptr } + +@.str = private unnamed_addr constant [3 x i8] c"%d\00", align 1 + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local void @test(ptr noundef %0, ptr noundef %1) #0 { + %3 = alloca ptr, align 8 + %4 = alloca ptr, align 8 + store ptr %0, ptr %3, align 8 + store ptr %1, ptr %4, align 8 + %5 = load ptr, ptr %3, align 8 + %6 = load i32, ptr %5, align 4 + %7 = load ptr, ptr %4, align 8 + %8 = getelementptr inbounds %struct.sample, ptr %7, i32 0, i32 1 + store i32 %6, ptr %8, align 4 + ret void +} + +; Function Attrs: noinline nounwind optnone uwtable +define dso_local i32 @main() #0 { + %1 = alloca i32, align 4 + %2 = alloca ptr, align 8 + %3 = alloca %struct.sample, align 8 + store i32 10, ptr %1, align 4 + store ptr %1, ptr %2, align 8 + %4 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 0 + store i32 20, ptr %4, align 8 + %5 = load ptr, ptr %2, align 8 + call void @test(ptr noundef %5, ptr noundef %3) + %6 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 1 + %7 = load i32, ptr %6, align 4 + %8 = getelementptr inbounds %struct.sample, ptr %3, i32 0, i32 0 + %9 = load i32, ptr %8, align 8 + %10 = add nsw i32 %7, %9 + %11 = call i32 (ptr, ...) @printf(ptr noundef @.str, i32 noundef %10) + ret i32 0 +} + +declare i32 @printf(ptr noundef, ...) #1 + +attributes #0 = { noinline nounwind optnone uwtable "frame-pointer"="all" "min-legal-vector-width"="0" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } +attributes #1 = { "frame-pointer"="all" "no-trapping-math"="true" "stack-protector-buffer-size"="8" "target-cpu"="x86-64" "target-features"="+cx8,+fxsr,+mmx,+sse,+sse2,+x87" "tune-cpu"="generic" } + +!llvm.module.flags = !{!0, !1, !2, !3, !4} +!llvm.ident = !{!5} + +!0 = !{i32 1, !"wchar_size", i32 4} +!1 = !{i32 7, !"PIC Level", i32 2} +!2 = !{i32 7, !"PIE Level", i32 2} +!3 = !{i32 7, !"uwtable", i32 2} +!4 = !{i32 7, !"frame-pointer", i32 2} +!5 = !{!"clang version 15.0.7"} diff --git a/openssh/index.html b/openssh/index.html index ab4e382..e9238f6 100644 --- a/openssh/index.html +++ b/openssh/index.html @@ -12,7 +12,7 @@

为了防止之后make install出的文件覆盖系统自己的ssh,这里指定configure将之后编译出的文件放到项目的/output文件夹下。按readme的Building from git的方法,进入openssh所在目录后,运行:

autoreconf
 ./configure --prefix=`pwd`/output
 make
-

此时相关可执行文件已经编译完毕。为了进一步清晰显示,可以运行make install,则在当前目录的output文件夹下会生成对应的结构。

\ No newline at end of file diff --git a/picking-ups/index.html b/picking-ups/index.html index e064aa2..ee1dc9c 100644 --- a/picking-ups/index.html +++ b/picking-ups/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

文句摘录

约 1043 个字 预计阅读时间 3 分钟

Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features (ISSTA 2023)

  • In light of these limitations, we propose Investigator, a practical failure diagnosis framework on Arm to fulfill the three requirements.

RR: A Fault Model for Efficient TEE Replication (NDSS 2023)

  • The correctness of replication protocols hinges on the property of quorum intersection.
  • In quorum-based protocols, this property is enforced by ensuring that any pair of quorums intersects in at least one replica that does not deviate from its prescribed behavior.

No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions (NDSS 2023)

  • However, the process of manually collecting system-call traces, or writing descriptions is prone to human-error: the immediate coverage gains from descriptions and traces risk obscuring parts of the code that the fuzzer can no longer exercise meaningfully.

FUZZUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks (Oakland 2022)

  • While the prevalence and versatility of USB have made our daily life convenient, it has also attracted attackers seeking to exploit vulnerabilities within the USB ecosystem.

Registered Report: DATAFLOW Towards a Data-Flow-Guided Fuzzer

  • Unfortunately, these more accurate analyses incur a high run-time penalty, impeding fuzzer throughput.
  • Unlike DTA, which strives for accuracy, we take inspiration from popular greybox fuzzers (e.g., AFL) and embrace some imprecision in an effort to reduce overhead and thus maximize fuzzing throughput.

A Survey on Adversarial Attacks for Malware Analysis

  • Adversarial attacks has now emerged as a serious concern, threatening to dismantle and undermine all the progress made in the machine learning domain.
  • The fear of evolving adversarial attack is growing among the cyber security research community and has provoked the everlasting war between adversarial attackers and defenders.

Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land (Oakland 2021)

  • Orthogonal to our research is the analysis and deobfuscation of script-based malware.

A Systematical and longitudinal study of evasive behaviors in windows malware (Computers & Security 2021)

  • Using our framework and taxonomy, we study the evasive behaviors adopted by 45,375 malware samples observed in the wild between 2010 and 201*
  • We harvest papers, reports, and blog posts from the security community estimating the influence of the public disclosure of evasive techniques on their adoption in the wild.

Structural Attack against Graph Based Android Malware Detection (CCS 2021)

  • Graph-based detection methods extract features from graphs and use these features to train classifiers for malware detection. By contrast, structural attacks directly modify the graph features and thus they are more intrinsic and effective.

Deep Learning for Android Malware Defenses: a Systematic Literature Review (ACM Survey 2021)

  • In front of the increasing difficulties of Android malware detection, it is non-trivial to build a robust and transparent detecting model or system only by traditional machine learning techniques.

Intriguing Properties of Adversarial ML Attacks in the Problem Space (Oakland 2020)

  • We shed light on the relationship between feature space and problem space, and we introduce the concept of side-effect features as the byproduct of the inverse feature-mapping problem. This enables us to define and prove necessary and sufficient conditions for the existence of problem-space attacks.

P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling (USENIX SECURITY 2020)

  • The inapplicability of fuzzers on MCU boils down to the lack of a platform where firmware can execute while taking inputs from fuzzers.
  • Although the register access patterns and the type identification method are purely empirical, we find that in practice they work fairly reliably and accurately across a wide range of peripheral devices. We attribute this practical and promising results to two factors.
  • The instantiation is on-demand and interleaved with the firmware fuzzing/testing process.

Toward the Analysis of Embedded Firmware through Automated Re-hosting (RAID 2019)

  • Unfortunately for security researchers, in stark contrast to the desktop and mobile ecosystems, market forces have not created any de facto standard for components, protocols, or software, hampering existing program analysis approaches, and making the understanding of each new device an independent, mostly manual, time-consuming effort.
  • In this work, we develop an approach to re-hosting that achieves all of them, and propose a proof-of-concept system, called PRETENDER, which is able to observe hardware-firmware interactions and create models of hardware peripherals automatically.
  • To deal with the plethora of software applications that need to be analyzed on desktop and mobile platforms, the security community has developed many techniques for enabling the scalable analysis of programs to find bugs and detect malice.
  • Dynamic approaches typically rely on virtualization to enable parallel, scalable analyses, while symbolic approaches rely on function summarization of the underlying operating system to minimize the code that they need to execute. In order to use any of these tools, the analyst must take the program out of its original execution environment, and provide a suitable analysis environment able to execute it. This is a process referred to as re-hosting.

REPT: Reverse Debugging of Failures in Deployed Software (USENIX SECURITY 2018)

  • Moreover, even though root cause diagnosis can help a developer determine the reasons behind a failure, developers often require a deeper understanding of the conditions and the state leading to a failure to fix a bug, which these systems do not provide.

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (NDSS 2018)

  • As a result, silent memory corruptions occur more frequently on embedded devices than on traditional computer systems, creating a significant challenge for conducting fuzzing sessions on embedded systems software.

Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts (USENIX SECURITY 2017)

  • As such, it is tedious and arduous for a software developer to plow through an execution trace to diagnose the root cause of a software failure.
  • Given that backward taint analysis mimics how a software developer (or security analyst) typically diagnoses the root cause of a program failure, this observation indicates that POMP has a great potential to reduce manual efforts in failure diagnosis.

POMP++: Facilitating Postmortem Program Diagnosis with Value-Set Analysis

  • Briefly speaking, postmortem program diagnosis is to identify the program statements pertaining to the crash, analyze these statements, and eventually figure out why a bad value was passed to the crash site.

A Survey on Software Fault Localization (TSE 2016)

  • Furthermore, manual fault localization relies heavily on the software developer’s experience, judgment, and intuition to identify and prioritize code that is likely to be faulty.

文句摘录

约 1043 个字 预计阅读时间 3 分钟

Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features (ISSTA 2023)

  • In light of these limitations, we propose Investigator, a practical failure diagnosis framework on Arm to fulfill the three requirements.

RR: A Fault Model for Efficient TEE Replication (NDSS 2023)

  • The correctness of replication protocols hinges on the property of quorum intersection.
  • In quorum-based protocols, this property is enforced by ensuring that any pair of quorums intersects in at least one replica that does not deviate from its prescribed behavior.

No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions (NDSS 2023)

  • However, the process of manually collecting system-call traces, or writing descriptions is prone to human-error: the immediate coverage gains from descriptions and traces risk obscuring parts of the code that the fuzzer can no longer exercise meaningfully.

FUZZUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks (Oakland 2022)

  • While the prevalence and versatility of USB have made our daily life convenient, it has also attracted attackers seeking to exploit vulnerabilities within the USB ecosystem.

Registered Report: DATAFLOW Towards a Data-Flow-Guided Fuzzer

  • Unfortunately, these more accurate analyses incur a high run-time penalty, impeding fuzzer throughput.
  • Unlike DTA, which strives for accuracy, we take inspiration from popular greybox fuzzers (e.g., AFL) and embrace some imprecision in an effort to reduce overhead and thus maximize fuzzing throughput.

A Survey on Adversarial Attacks for Malware Analysis

  • Adversarial attacks has now emerged as a serious concern, threatening to dismantle and undermine all the progress made in the machine learning domain.
  • The fear of evolving adversarial attack is growing among the cyber security research community and has provoked the everlasting war between adversarial attackers and defenders.

Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land (Oakland 2021)

  • Orthogonal to our research is the analysis and deobfuscation of script-based malware.

A Systematical and longitudinal study of evasive behaviors in windows malware (Computers & Security 2021)

  • Using our framework and taxonomy, we study the evasive behaviors adopted by 45,375 malware samples observed in the wild between 2010 and 201*
  • We harvest papers, reports, and blog posts from the security community estimating the influence of the public disclosure of evasive techniques on their adoption in the wild.

Structural Attack against Graph Based Android Malware Detection (CCS 2021)

  • Graph-based detection methods extract features from graphs and use these features to train classifiers for malware detection. By contrast, structural attacks directly modify the graph features and thus they are more intrinsic and effective.

Deep Learning for Android Malware Defenses: a Systematic Literature Review (ACM Survey 2021)

  • In front of the increasing difficulties of Android malware detection, it is non-trivial to build a robust and transparent detecting model or system only by traditional machine learning techniques.

Intriguing Properties of Adversarial ML Attacks in the Problem Space (Oakland 2020)

  • We shed light on the relationship between feature space and problem space, and we introduce the concept of side-effect features as the byproduct of the inverse feature-mapping problem. This enables us to define and prove necessary and sufficient conditions for the existence of problem-space attacks.

P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling (USENIX SECURITY 2020)

  • The inapplicability of fuzzers on MCU boils down to the lack of a platform where firmware can execute while taking inputs from fuzzers.
  • Although the register access patterns and the type identification method are purely empirical, we find that in practice they work fairly reliably and accurately across a wide range of peripheral devices. We attribute this practical and promising results to two factors.
  • The instantiation is on-demand and interleaved with the firmware fuzzing/testing process.

Toward the Analysis of Embedded Firmware through Automated Re-hosting (RAID 2019)

  • Unfortunately for security researchers, in stark contrast to the desktop and mobile ecosystems, market forces have not created any de facto standard for components, protocols, or software, hampering existing program analysis approaches, and making the understanding of each new device an independent, mostly manual, time-consuming effort.
  • In this work, we develop an approach to re-hosting that achieves all of them, and propose a proof-of-concept system, called PRETENDER, which is able to observe hardware-firmware interactions and create models of hardware peripherals automatically.
  • To deal with the plethora of software applications that need to be analyzed on desktop and mobile platforms, the security community has developed many techniques for enabling the scalable analysis of programs to find bugs and detect malice.
  • Dynamic approaches typically rely on virtualization to enable parallel, scalable analyses, while symbolic approaches rely on function summarization of the underlying operating system to minimize the code that they need to execute. In order to use any of these tools, the analyst must take the program out of its original execution environment, and provide a suitable analysis environment able to execute it. This is a process referred to as re-hosting.

REPT: Reverse Debugging of Failures in Deployed Software (USENIX SECURITY 2018)

  • Moreover, even though root cause diagnosis can help a developer determine the reasons behind a failure, developers often require a deeper understanding of the conditions and the state leading to a failure to fix a bug, which these systems do not provide.

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (NDSS 2018)

  • As a result, silent memory corruptions occur more frequently on embedded devices than on traditional computer systems, creating a significant challenge for conducting fuzzing sessions on embedded systems software.

Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts (USENIX SECURITY 2017)

  • As such, it is tedious and arduous for a software developer to plow through an execution trace to diagnose the root cause of a software failure.
  • Given that backward taint analysis mimics how a software developer (or security analyst) typically diagnoses the root cause of a program failure, this observation indicates that POMP has a great potential to reduce manual efforts in failure diagnosis.

POMP++: Facilitating Postmortem Program Diagnosis with Value-Set Analysis

  • Briefly speaking, postmortem program diagnosis is to identify the program statements pertaining to the crash, analyze these statements, and eventually figure out why a bad value was passed to the crash site.

A Survey on Software Fault Localization (TSE 2016)

  • Furthermore, manual fault localization relies heavily on the software developer’s experience, judgment, and intuition to identify and prioritize code that is likely to be faulty.
\ No newline at end of file diff --git a/porting/index.html b/porting/index.html index 75c6ed7..074e92c 100644 --- a/porting/index.html +++ b/porting/index.html @@ -116,7 +116,7 @@ echo ${CERTBOT_DOMAIN} >> xxx.txt sleep 120 exit 0 -

然后在两分钟之内,把xxx.txt里CERTBOT_VALIDATION对应的哈希值手动更新在DNS记录里即可。

此外,新找到一个可以方便地在web端配置新证书的网站:https://xiangyuecn.github.io/ACME-HTML-Web-Browser-Client/ACME-HTML-Web-Browser-Client.html

\ No newline at end of file diff --git a/proxy/index.html b/proxy/index.html index 174c900..86a18c4 100644 --- a/proxy/index.html +++ b/proxy/index.html @@ -16,7 +16,7 @@ [Install] WantedBy=multi-user.target -
\ No newline at end of file diff --git a/pwn-college-cse365-spring2023/index.html b/pwn-college-cse365-spring2023/index.html index f4da974..120035d 100644 --- a/pwn-college-cse365-spring2023/index.html +++ b/pwn-college-cse365-spring2023/index.html @@ -1353,7 +1353,7 @@ #ªt®s­yºe»a½i¶hµ°o°b¾aºz¦r¬p® #然后把两个结果中字母排起来 #utqsryeedabiihjooobaaezyrspq -

总结

CSE 365还是属于比较入门的类型,打好基础!

\ No newline at end of file diff --git a/python/index.html b/python/index.html index 84bea6e..aa3a779 100644 --- a/python/index.html +++ b/python/index.html @@ -239,7 +239,7 @@ # 输出还原后的data字典 print(restored_data) # {536879104: b'\x04\x05\x06\x07', 805306368: b'\x00\x01\x02\x03\x04'} -

参考资料

\ No newline at end of file diff --git a/rca/index.html b/rca/index.html index db9f072..bc0e2d5 100644 --- a/rca/index.html +++ b/rca/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

根因分析

约 2291 个字 预计阅读时间 8 分钟

什么是根因分析? 根因分析(Root Cause Analysis)或者说缺陷定位(Fault Localization)是程序开发人员或安全分析人员在确认程序存在异常行为后,通过手动或自动的方法来定位异常行为的根本原因的过程。根因分析是程序安全分析流程中比较重要的一环。

为什么需要设计一些根因分析方法? 在当下各类自动化漏洞挖掘工具(比如各类fuzzer)的辅助下,每日发现的bug数量已经远超开发人员确认并修复的数量。设计一种自动化发现漏洞的工具并不难,难在如何根据这些工具报出的crash信息来准确地分析出漏洞的根本原因。对于大型程序而言,崩溃测试样例(crashing testcase)执行下来可能经历了几百万条汇编指令,手工确认稍微有点不现实了。因此需要设计一些(自动化)的根因分析工具。

怎么进行根因分析?目前有哪些工作? 最朴素而直观的思想就是消耗安全分析人员的精力,从程序的入口点(entry)或者崩溃点(crash site)出发,看看程序是怎么执行的,哪些元素(program entity)会导致最后的crash,然后再进行对应的修复。根据定位元素的粒度不同,根因分析可以定位到函数级(function level)、语句级(statement level)、汇编指令级(instruction level)。由于在汇编指令上进行分析可以更普适地适应多种编程语言、不需要获取源码,所以下文的讨论都是围绕汇编指令级展开。

目前一些自动化根因分析研究思路有:

  1. 基于程序谱的分析方法(Spectrum-based)。大概思路是不需要考虑汇编指令的语义信息,利用一些统计学的方法来分析哪些指令有问题。这类方法基于这样一个场景:假设我们有一大批相似的测试样例,其中有些会导致程序崩溃,有些不会,那么这两类测试样例的执行路径可能有不同的偏好。那么那些更倾向于在崩溃测试样例中执行的指令更有可能是root cause。
  2. 事后分析方法(Postmortem-based)。直译尸检分析,形象理解为从程序崩溃后留下的“尸体”开始分析。它假定程序崩溃后会产生一个coredump(核心转储)文件,包含了崩溃点的内存快照(memory snapshot),以及这个测试样例的执行路径(execution trace)。前者用于提供数据流信息(比如内存值、寄存器值),后者用于提供控制流信息(汇编指令执行与跳转)。在此基础上,结合一些逆向执行(reverse execution)和后向污点分析(backward taint analysis)的方法,定位可能的root cause。
  3. 基于模型的分析方法(Model-based)。这一类方法是近些年提出的,它通过定义语义相关的模型,利用机器学习或深度学习的思想,找到语义上导致崩溃的root cause。

这些研究思路都解决了什么问题?有什么独特的优点?存在哪些独有的不足? 基于程序谱的分析方法直观上似乎有点道理。它仅考虑汇编指令本身,而但仅仅从统计结果上去分析,可能并不能准确分析出逻辑上的root cause。这类方法一般会设计一种排名策略(ranking),对选择出的可疑指令进行top1-topn的排名,来试图提高准确性。这类方法一般需要根据一个崩溃样例以及和它相似的崩溃样例和非崩溃样例进行分析,因此时空开销都比较大。

事后分析方法相比程序谱分析方法考虑了指令语义,比如在逆向执行的时候会设计一些汇编指令handler,对于内存的分析也会更精确些。但污点分析方法毕竟存在过度污染(over-tainting)的问题,导致结果冗余比较严重。

基于模型的分析方法利用AI的优势,可以给出更有语义信息的root cause,在一定程度上帮助开发人员去分析。不过模型的训练依赖训练集的质量,并且受程序语义影响很大。在不同领域之间可能迁移性不是很好,比如没法处理一些特定的密码学函数。且为待测程序建立模型来描述其结构与行为是非常复杂、耗时的事情

现有的这些方法有没有什么普遍存在的问题? 在最后评估阶段(evaluation),一般先通过手工分析确定哪些汇编指令,如果方法输出的汇编指令集合里包含这些指令,那么就认为是发现了root cause。但自动化方法毕竟缺少人工参与,给出的结果一定是不准确的。现有的工作的一个主流思想在于“方法给出的集合可以包含无关指令,但不能缺少相关指令”,旨在提高召回率(recall)。因此往往给出与root cause不相关的指令。但实际上,在最后的修复端,如果给出不相关指令过多,那么仍然需要开发者去分析,依旧耗时耗力。

据ISSTA 2016一篇调研(Practitioners’ expectations on automated fault localization),9.43%希望root cause在分析结果的Top1,73.58%容许在Top5,15.09%容许在Top10。所以约98%的情况下需要在Top10内给出结果。就分析准确度与开发人员满意度而言,如果RCA工具准确度达90%,满意度几乎达到100%了。准确度低于20%时只有12%接受,如果满意度达50%、75%、90%,准确度需要分别达到50%、75%、85%(但是原文说90%)。

目前的绝大部分RCA分析的工作的输出是两类:ranked list和suspicious set。但两者都存在的问题是仅仅高亮了可能存在bug的元素,而缺乏一些rational的分析。

不同的分析粒度的优势

基于文件粒度的RCA工作(比如Scaffle)希望找到包含百万级同质代码库中哪些文件和crash有关。在此基础上让对应的工程师团队去处理bug,有利于大型组织管理。

据ISSTA 2016一篇调研(Practitioners’ expectations on automated fault localization),开发者对粒度的top3期望依次是方法级别、语句级别、基本块级别,不过对这三种粒度的倾向之间没有明显差异。而当时比较多的方法是语句级别的

分析时间开销

根据采用的策略不同,RCA之间的时间开销差异可能达两个数量级。(秒级-分钟级-小时级)。

据ISSTA 2016一篇调研(Practitioners’ expectations on automated fault localization),90%开发者接受1min以内的分析,不到9%开发者接受超过1h的分析。50%开发者大概在30min以内。

一些想法

  1. 什么是漏洞的根本原因?假如函数A内创建临时变量x并调用函数B(x),在B内引发crash,那么应该归咎为A没有处理x呢,还是B没有检查x呢?这是API实现的问题,还是API误用的问题?(开发者or用户)
  2. 对于某一个crash,如果开发人员进行了修复,那么这个修复能拿来当root cause吗?不同开发人员修复的风格可能不一样,修复也未必是完全的,root cause就是一个主观的问题了。

相关论文的一些发现(疑问)

  • “传统的SFL方法效果在Defects4J等部分数据集可能远优于DLFL方法,可能是基准实验的过拟合问题。”传统方法的过拟合指的是什么?DLFL为什么在基准测试集取得和别的数据集一样好的效果?传统方法在不同测试集的表现差异是方法的问题还是测试集的问题?(A Universal Data Augmentation Approach for Fault Localization, ICSE 2022)
  • 不同种类的FL方法在时间开销上数量级是不同的。测试的时候如果集成上较低数量级开销的方法,不会对运行时间有很大影响,但可以提升效率。不同种类FL方法相关性不高,可以考虑结合使用。(An Empirical Study of Fault Localization Families and Their Combinations, TSE 2021)
  • 调用栈做FL分析时,如果根因在栈上的话,40%是第一个栈帧,90%在前10个栈帧里。(Do stack traces help developers fix bugs? Mining Softw. Repositories, 2010)

参考文献

  • Scaffle: Bug Localization on Millions of Files, ISSTA 2020
  • Probabilistic reasoning in diagnosing causes of program failures, STVR 2016
  • Practitioners’ expectations on automated fault localization, ISSTA 2016

以上内容仅代表个人观点,不定期更新,欢迎讨论

根因分析

约 2291 个字 预计阅读时间 8 分钟

什么是根因分析? 根因分析(Root Cause Analysis)或者说缺陷定位(Fault Localization)是程序开发人员或安全分析人员在确认程序存在异常行为后,通过手动或自动的方法来定位异常行为的根本原因的过程。根因分析是程序安全分析流程中比较重要的一环。

为什么需要设计一些根因分析方法? 在当下各类自动化漏洞挖掘工具(比如各类fuzzer)的辅助下,每日发现的bug数量已经远超开发人员确认并修复的数量。设计一种自动化发现漏洞的工具并不难,难在如何根据这些工具报出的crash信息来准确地分析出漏洞的根本原因。对于大型程序而言,崩溃测试样例(crashing testcase)执行下来可能经历了几百万条汇编指令,手工确认稍微有点不现实了。因此需要设计一些(自动化)的根因分析工具。

怎么进行根因分析?目前有哪些工作? 最朴素而直观的思想就是消耗安全分析人员的精力,从程序的入口点(entry)或者崩溃点(crash site)出发,看看程序是怎么执行的,哪些元素(program entity)会导致最后的crash,然后再进行对应的修复。根据定位元素的粒度不同,根因分析可以定位到函数级(function level)、语句级(statement level)、汇编指令级(instruction level)。由于在汇编指令上进行分析可以更普适地适应多种编程语言、不需要获取源码,所以下文的讨论都是围绕汇编指令级展开。

目前一些自动化根因分析研究思路有:

  1. 基于程序谱的分析方法(Spectrum-based)。大概思路是不需要考虑汇编指令的语义信息,利用一些统计学的方法来分析哪些指令有问题。这类方法基于这样一个场景:假设我们有一大批相似的测试样例,其中有些会导致程序崩溃,有些不会,那么这两类测试样例的执行路径可能有不同的偏好。那么那些更倾向于在崩溃测试样例中执行的指令更有可能是root cause。
  2. 事后分析方法(Postmortem-based)。直译尸检分析,形象理解为从程序崩溃后留下的“尸体”开始分析。它假定程序崩溃后会产生一个coredump(核心转储)文件,包含了崩溃点的内存快照(memory snapshot),以及这个测试样例的执行路径(execution trace)。前者用于提供数据流信息(比如内存值、寄存器值),后者用于提供控制流信息(汇编指令执行与跳转)。在此基础上,结合一些逆向执行(reverse execution)和后向污点分析(backward taint analysis)的方法,定位可能的root cause。
  3. 基于模型的分析方法(Model-based)。这一类方法是近些年提出的,它通过定义语义相关的模型,利用机器学习或深度学习的思想,找到语义上导致崩溃的root cause。

这些研究思路都解决了什么问题?有什么独特的优点?存在哪些独有的不足? 基于程序谱的分析方法直观上似乎有点道理。它仅考虑汇编指令本身,而但仅仅从统计结果上去分析,可能并不能准确分析出逻辑上的root cause。这类方法一般会设计一种排名策略(ranking),对选择出的可疑指令进行top1-topn的排名,来试图提高准确性。这类方法一般需要根据一个崩溃样例以及和它相似的崩溃样例和非崩溃样例进行分析,因此时空开销都比较大。

事后分析方法相比程序谱分析方法考虑了指令语义,比如在逆向执行的时候会设计一些汇编指令handler,对于内存的分析也会更精确些。但污点分析方法毕竟存在过度污染(over-tainting)的问题,导致结果冗余比较严重。

基于模型的分析方法利用AI的优势,可以给出更有语义信息的root cause,在一定程度上帮助开发人员去分析。不过模型的训练依赖训练集的质量,并且受程序语义影响很大。在不同领域之间可能迁移性不是很好,比如没法处理一些特定的密码学函数。且为待测程序建立模型来描述其结构与行为是非常复杂、耗时的事情

现有的这些方法有没有什么普遍存在的问题? 在最后评估阶段(evaluation),一般先通过手工分析确定哪些汇编指令,如果方法输出的汇编指令集合里包含这些指令,那么就认为是发现了root cause。但自动化方法毕竟缺少人工参与,给出的结果一定是不准确的。现有的工作的一个主流思想在于“方法给出的集合可以包含无关指令,但不能缺少相关指令”,旨在提高召回率(recall)。因此往往给出与root cause不相关的指令。但实际上,在最后的修复端,如果给出不相关指令过多,那么仍然需要开发者去分析,依旧耗时耗力。

据ISSTA 2016一篇调研(Practitioners’ expectations on automated fault localization),9.43%希望root cause在分析结果的Top1,73.58%容许在Top5,15.09%容许在Top10。所以约98%的情况下需要在Top10内给出结果。就分析准确度与开发人员满意度而言,如果RCA工具准确度达90%,满意度几乎达到100%了。准确度低于20%时只有12%接受,如果满意度达50%、75%、90%,准确度需要分别达到50%、75%、85%(但是原文说90%)。

目前的绝大部分RCA分析的工作的输出是两类:ranked list和suspicious set。但两者都存在的问题是仅仅高亮了可能存在bug的元素,而缺乏一些rational的分析。

不同的分析粒度的优势

基于文件粒度的RCA工作(比如Scaffle)希望找到包含百万级同质代码库中哪些文件和crash有关。在此基础上让对应的工程师团队去处理bug,有利于大型组织管理。

据ISSTA 2016一篇调研(Practitioners’ expectations on automated fault localization),开发者对粒度的top3期望依次是方法级别、语句级别、基本块级别,不过对这三种粒度的倾向之间没有明显差异。而当时比较多的方法是语句级别的

分析时间开销

根据采用的策略不同,RCA之间的时间开销差异可能达两个数量级。(秒级-分钟级-小时级)。

据ISSTA 2016一篇调研(Practitioners’ expectations on automated fault localization),90%开发者接受1min以内的分析,不到9%开发者接受超过1h的分析。50%开发者大概在30min以内。

一些想法

  1. 什么是漏洞的根本原因?假如函数A内创建临时变量x并调用函数B(x),在B内引发crash,那么应该归咎为A没有处理x呢,还是B没有检查x呢?这是API实现的问题,还是API误用的问题?(开发者or用户)
  2. 对于某一个crash,如果开发人员进行了修复,那么这个修复能拿来当root cause吗?不同开发人员修复的风格可能不一样,修复也未必是完全的,root cause就是一个主观的问题了。

相关论文的一些发现(疑问)

  • “传统的SFL方法效果在Defects4J等部分数据集可能远优于DLFL方法,可能是基准实验的过拟合问题。”传统方法的过拟合指的是什么?DLFL为什么在基准测试集取得和别的数据集一样好的效果?传统方法在不同测试集的表现差异是方法的问题还是测试集的问题?(A Universal Data Augmentation Approach for Fault Localization, ICSE 2022)
  • 不同种类的FL方法在时间开销上数量级是不同的。测试的时候如果集成上较低数量级开销的方法,不会对运行时间有很大影响,但可以提升效率。不同种类FL方法相关性不高,可以考虑结合使用。(An Empirical Study of Fault Localization Families and Their Combinations, TSE 2021)
  • 调用栈做FL分析时,如果根因在栈上的话,40%是第一个栈帧,90%在前10个栈帧里。(Do stack traces help developers fix bugs? Mining Softw. Repositories, 2010)

参考文献

  • Scaffle: Bug Localization on Millions of Files, ISSTA 2020
  • Probabilistic reasoning in diagnosing causes of program failures, STVR 2016
  • Practitioners’ expectations on automated fault localization, ISSTA 2016

以上内容仅代表个人观点,不定期更新,欢迎讨论

\ No newline at end of file diff --git a/readings/index.html b/readings/index.html index 2c776bb..fb746f0 100644 --- a/readings/index.html +++ b/readings/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

文章阅读

约 156 个字 预计阅读时间 1 分钟

综合性知识学习

会议总结

软件供应链

大模型

Google

编程语言

磨刀不误砍柴工

文章阅读

约 156 个字 预计阅读时间 1 分钟

综合性知识学习

会议总结

软件供应链

大模型

Google

编程语言

磨刀不误砍柴工

\ No newline at end of file diff --git a/reverse-advanced/index.html b/reverse-advanced/index.html index bf99195..9f50ada 100644 --- a/reverse-advanced/index.html +++ b/reverse-advanced/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

逆向高阶

约 59 个字 预计阅读时间不到 1 分钟

Windows逆向技术概念

DLL注入,Windows消息钩取,DLL卸载,代码注入,API钩取,进程隐藏,IE连接控制,TLS回调函数,TEB,PEB,SEH,IA-32,反调试(静态、动态),PE镜像,Debug Blocker

逆向高阶

约 59 个字 预计阅读时间不到 1 分钟

Windows逆向技术概念

DLL注入,Windows消息钩取,DLL卸载,代码注入,API钩取,进程隐藏,IE连接控制,TLS回调函数,TEB,PEB,SEH,IA-32,反调试(静态、动态),PE镜像,Debug Blocker

\ No newline at end of file diff --git a/reverse-basic/index.html b/reverse-basic/index.html index 79719c6..970863e 100644 --- a/reverse-basic/index.html +++ b/reverse-basic/index.html @@ -17,7 +17,7 @@ std::string format(); } } -

其中_Z是开头(下划线+大写字母在C中是保留的标志符,避免冲突),N表示是嵌套有命名空间和类名,随后的数字+字母中,数字表示长度,字母表示名称,并以E结束。之后的参数表示函数的参数类型,v为void。

PE文件

PE(Portable Execution)文件是Windows系统使用的可执行文件格式。

PE文件的数据节

#pragma data_seg()可以将代码任意部分编译到PE文件任意节,节名也可以自定义。

静态链接库与动态链接库

静态库的拓展名为.a.lib;动态库的拓展名一般为.so.dll

静态库编译时直接整合到目标程序中,编译成功后的可执行文件可以独立运行;动态库编译时可执行程序无法独立运行

静态库更新后需要更新整个目标程序;动态库更新后只需更换新的动态库即可

静态库编译命令:gcc -c xx.c -o xx.oar crs libxx.a xx.o;动态库编译命令:gcc xx.c -o libxx.so -shared -fPIC其中-fPIC表示使用相对位置

gdb

添加多个符号表add-symbol-file xxx addr其中addr是代码段起始地址,xxx可以为sym文件,或elf文件等。变异时需要加上-g保留符号表(指定具体格式如-g2 -gdwarf-2),可以逐个使用add-symbol-file,都添加进去。

使用ulimit -c unlimited设置不限制coredump文件大小,然后root用户echo "core-%e-%p" > /proc/sys/kernel/core_pattern设置保留程序名、pid,则对于编译时添加了-g选项的程序,其崩溃产生的coredump文件可以使用gdb <程序名> <coredump文件名>来寻找root cause。gdb内用where查看调用栈。

推荐阅读

Linux 静态库 编译和使用 Linux 动态库 编译和使用 Makefile入门 Makefile官方文档 coredump文件基础用法

\ No newline at end of file diff --git a/sci-thoughts/index.html b/sci-thoughts/index.html index 37361b4..b59da5e 100644 --- a/sci-thoughts/index.html +++ b/sci-thoughts/index.html @@ -7,7 +7,7 @@ .gdesc-inner { font-size: 0.75rem; } body[data-md-color-scheme="slate"] .gdesc-inner { background: var(--md-default-bg-color);} body[data-md-color-scheme="slate"] .gslide-title { color: var(--md-default-fg-color);} - body[data-md-color-scheme="slate"] .gslide-desc { color: var(--md-default-fg-color);}
跳转至

科研心得

约 508 个字 预计阅读时间 2 分钟

养成习惯

时间过得总是非常快的。忙着做一个课题,可能每天感觉不到有什么进展呢,半年一年就过去了。如果有这种想法,多半是没做好规划,像个无头苍蝇一样东闯西撞。

感觉有两个习惯是必须养成的,一是读论文要思考问题与意义:看到题目和摘要,思考这篇文章希望解决什么问题、这个问题有什么价值、解决这个问题有什么思路、会遇到哪些普遍与特殊的挑战,以及文章基于哪些假设并且会试图避而不谈的缺陷;二是每天进行总结与归纳,思考一天到底有什么进展,凝练总结成文字或ppt讲稿。每天光看不总结,等于白看!平时对各种问题就要有所准备与思考,不要别人问起的时候就敷衍地给一个回答,没有意义。

早上写todo list,晚上写done list,看看这一天进展如何。是否有没做完的事情,是否有分心做了别的事情,明天如何规划时间……对自己每天、每周、每月能做的事情有清楚的认识,不盲目自大也不妄自菲薄。

做任何事都要给一个清晰的ddl,督促尽快完成不要拖沓。另一方面是为了限制思考,要集中、快速,不要漫无目的地发散。比如读论文前思考这篇文章需要解决的挑战时,限定在3min之内,超时以后无论是否想到多少都要停下来。也可以有效避免分心。

科研写作

科研写作需要系统的训练。每天愉快地读、写一小时,长期坚持,叫做“read and write”。

写文章要弄清楚读者都是同专业的人,因此要体现出专业性与科学性、精确性、简洁性、逻辑性。

科研心得

约 508 个字 预计阅读时间 2 分钟

养成习惯

时间过得总是非常快的。忙着做一个课题,可能每天感觉不到有什么进展呢,半年一年就过去了。如果有这种想法,多半是没做好规划,像个无头苍蝇一样东闯西撞。

感觉有两个习惯是必须养成的,一是读论文要思考问题与意义:看到题目和摘要,思考这篇文章希望解决什么问题、这个问题有什么价值、解决这个问题有什么思路、会遇到哪些普遍与特殊的挑战,以及文章基于哪些假设并且会试图避而不谈的缺陷;二是每天进行总结与归纳,思考一天到底有什么进展,凝练总结成文字或ppt讲稿。每天光看不总结,等于白看!平时对各种问题就要有所准备与思考,不要别人问起的时候就敷衍地给一个回答,没有意义。

早上写todo list,晚上写done list,看看这一天进展如何。是否有没做完的事情,是否有分心做了别的事情,明天如何规划时间……对自己每天、每周、每月能做的事情有清楚的认识,不盲目自大也不妄自菲薄。

做任何事都要给一个清晰的ddl,督促尽快完成不要拖沓。另一方面是为了限制思考,要集中、快速,不要漫无目的地发散。比如读论文前思考这篇文章需要解决的挑战时,限定在3min之内,超时以后无论是否想到多少都要停下来。也可以有效避免分心。

科研写作

科研写作需要系统的训练。每天愉快地读、写一小时,长期坚持,叫做“read and write”。

写文章要弄清楚读者都是同专业的人,因此要体现出专业性与科学性、精确性、简洁性、逻辑性。

\ No newline at end of file diff --git a/search/search_index.json b/search/search_index.json index f0d334a..0bb6687 100644 --- a/search/search_index.json +++ b/search/search_index.json @@ -1 +1 @@ -{"config":{"lang":["en"],"separator":"[\\s\\u200b\\u3000\\-\u3001\u3002\uff0c\uff0e\uff1f\uff01\uff1b]+","pipeline":["stemmer"]},"docs":[{"location":"","title":"\u9996\u9875","text":"

\u7ea6 13 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

\u6b22\u8fce\uff0c\u8fd9\u91cc\u662f c01dkit \u7684\u6280\u672f\u7b14\u8bb0

"},{"location":"IDA/","title":"IDA\u4f7f\u7528","text":"

\u7ea6 112 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"IDA/#\u53cd\u7f16\u8bd1arm-raw-binary","title":"\u53cd\u7f16\u8bd1ARM raw binary","text":"

\u52a0\u8f7d\u65f6\u9009\u62e9Processor type\uff0c\u6bd4\u5982ARM Little-endian [ARM]\uff0c\u968f\u540e\u6839\u636e\u5b9e\u9645\u52a0\u8f7d\u60c5\u51b5\u8bbe\u7f6eROM\u7684\u8d77\u59cb\u5730\u5740\u548cInput file\u5730\u5740\u3002

raw binary\u7684\u524d\u56db\u5b57\u8282\u53ef\u80fd\u662f\u521d\u59cbsp\u503c\uff0c\u968f\u540e\u56db\u5b57\u8282\u53ef\u80fd\u662f\u521d\u59cbpc\u503c\u3002\u6309G\u5e76\u8f93\u5165pc\u503c\uff0cAlt+G\u8bbe\u7f6eT\u5bc4\u5b58\u5668\u503c\u4e3a1\uff080\u8868\u793aARM\uff0c1\u8868\u793aThumb\uff09\uff0c\u7136\u540e\u9009\u4e2dpc\u53ca\u4e4b\u540e\u6240\u6709\u4ee3\u7801\uff0c\u6309C\u8fdb\u884cMakeCode\u3002

"},{"location":"autoconf/","title":"autoconf\u5b66\u4e60\u7b14\u8bb0","text":"

\u7ea6 292 \u4e2a\u5b57 85 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 9 \u5206\u949f

\u81ea\u5df1\u5f00\u53d1\u8f6f\u4ef6\u65f6\uff0c\u751f\u6210\u89c4\u8303\u7684configure\u7b49\u6587\u4ef6\u3002\u53ef\u53c2\u8003https://www.cnblogs.com/klausage/p/14163844.html\u7b49

"},{"location":"autoconf/#\u4e0d\u5206\u76ee\u5f55\u7ed3\u6784","title":"\u4e0d\u5206\u76ee\u5f55\u7ed3\u6784","text":"

\u7f16\u5199Makefile.am\u6587\u4ef6\uff0c\u6bd4\u5982\uff1a

bin_PROGRAMS=helloworld\nhelloworld_SOURCES=helloworld.c\n

\u6267\u884cautoscan\uff0c\u751f\u6210configure.scan\uff0c\u5e76\u4fee\u6539\u5176\u4e2d\u7684AC_INIT\u3001AM_INIT_AUTOMAKE\uff0c\u91cd\u547d\u540d\u6587\u4ef6\u4e3aconfigure.ac\uff0c\u6bd4\u5982\uff1a

#                                               -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ([2.69])\nAC_INIT([FULL-PACKAGE-NAME], [VERSION], [BUG-REPORT-ADDRESS])\nAM_INIT_AUTOMAKE([foreign]) # \u5982\u679c\u4e0d\u52a0\u8fd9\u4e00\u53e5\uff0c\u9ed8\u8ba4gnu\uff0c\u5219\u4e4b\u540e\u76ee\u5f55\u91cc\u8981\u6709NEWS\u3001README\u3001AUTHORS\u3001ChangLog\u7b49\u6587\u4ef6\uff08\u9700\u81ea\u5df1\u624b\u52a8\u5efa\u7acb\uff09\nAC_CONFIG_SRCDIR([main.h])\nAC_CONFIG_HEADERS([config.h])\n# Checks for programs.\nAC_PROG_CC\n\n# Checks for libraries.\n\n# Checks for header files.\n\n# Checks for typedefs, structures, and compiler characteristics.\n\n# Checks for library functions.\n\nAC_CONFIG_FILES([Makefile])\nAC_OUTPUT\n

\u6267\u884caclocal && autoheader && autoconf\uff0c\u751f\u6210aclocal.m4\u3001config.h.in\u548cconfigure

\u8fd0\u884cautomake --add-missing\uff0c\u4f1a\u6839\u636eMakefile.am\u751f\u6210Makefile.in

\u8fd0\u884c./configure\u751f\u6210makefile

\u8fd0\u884cmake\uff0c\u57fa\u4e8emakefile\u7f16\u8bd1\u4ee3\u7801

"},{"location":"autoconf/#\u533a\u5206\u76ee\u5f55\u7ed3\u6784","title":"\u533a\u5206\u76ee\u5f55\u7ed3\u6784","text":"

\u4e5f\u5c31\u662f\u8bf4\u6e90\u7801\u53ef\u80fd\u5728\u591a\u4e2a\u6587\u4ef6\u5939\u4e0b\uff0c\u6bd4\u5982src\u3002\u90a3\u4e48\u6bcf\u4e2a\u6587\u4ef6\u5939\u9700\u8981\u5355\u72ec\u5199Makefile.am\u6765\u6307\u5b9a\u5982\u4f55\u7f16\u8bd1\u3002

\u7f16\u5199Makefile.am\u6587\u4ef6

\u6e90\u7801\u6240\u5728\u7684\u6587\u4ef6\u5939\u7684Makefile\u6587\u4ef6\u793a\u4f8b\uff1a

bin_PROGRAMS = reverse\n\n#AM_CFLAGS= -DDEBUG -DLOG_INSTRUCTIONS -I ../include\nAM_CFLAGS= -DDEBUG -I ../include\n\nreverse_CPPFLAGS = -msse4.1\n\n# \u4f7f\u7528LDFLAG\u4f1a\u5728gcc\u4e2d\u90e8\u653e-l\uff0c\u5bfc\u81f4\u627e\u4e0d\u5230\u7b2c\u4e09\u65b9\u5e93\u3002\u7528LDADD\u53ef\u4ee5\u6dfb\u52a0\u5230\u6574\u4e2agcc\u6307\u4ee4\u7684\u6700\u540e\nreverse_LDADD = -lcapstone\n\nhandlers_FILES = handler_flag_manip.c handler_interrupt.c\n\n#handler_interrupt.c\n\nreverse_SOURCES = access_memory.c alias_manager.c $(handlers_FILES)\n

\u9879\u76ee\u6587\u4ef6\u5939\u9700\u8981\u6307\u5b9a\u6e90\u6587\u4ef6\u6240\u5728\u7684\u6587\u4ef6\u5939

POMP\u7684\u4f8b\u5b50\uff1a

SUBDIRS=src # \u6307\u5b9asrc\u6587\u4ef6\u5939\ndist_doc_DATA=README\n\nTESTSUITES_DIR = testsuites\nEXECUTABLE=$(SUBDIRS)/reverse\n\nabc2mtex:\n\t$(EXECUTABLE) $(TESTSUITES_DIR)/$@/core $(TESTSUITES_DIR)/library/ $(TESTSUITES_DIR)/$@/inst.reverse\n\naireplay-ng:\n\t$(EXECUTABLE) $(TESTSUITES_DIR)/$@/core $(TESTSUITES_DIR)/library/ $(TESTSUITES_DIR)/$@/inst.reverse\n

\u6267\u884cautoscan\uff0c\u751f\u6210configure.scan\uff0c\u5e76\u4fee\u6539\u5176\u4e2d\u7684AC_INIT\u3001AM_INIT_AUTOMAKE\uff0c\u91cd\u547d\u540d\u6587\u4ef6\u4e3aconfigure.ac\uff0c\u6bd4\u5982\uff1a

#                                               -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ([2.69])\nAC_INIT([reverse_from_coredump], [0.0.1], [mudongliangabcd@gmail.com])\nAM_INIT_AUTOMAKE([-Wall -Werror foreign])\nAC_CONFIG_HEADERS([config.h])\n\n# Checks for programs.\nAC_PROG_CC\n\n# Checks for libraries.\nAC_CHECK_LIB([disasm], [x86_init])\nAC_CHECK_LIB([elf], [gelf_getehdr])\n\n# Checks for header files.\nAC_CHECK_HEADERS([fcntl.h malloc.h stddef.h stdint.h stdlib.h string.h unistd.h])\n\n# Checks for typedefs, structures, and compiler characteristics.\nAC_CHECK_HEADER_STDBOOL\nAC_C_INLINE\nAC_TYPE_OFF_T\nAC_TYPE_SIZE_T\n\n# Checks for library functions.\nAC_FUNC_MALLOC\nAC_CHECK_FUNCS([memset strerror])\n\nAC_CONFIG_FILES([Makefile\n                 src/Makefile])\nAC_OUTPUT\n

\u6267\u884caclocal && autoheader && autoconf\uff0c\u751f\u6210aclocal.m4\u3001config.h.in\u548cconfigure

\u8fd0\u884cautomake --add-missing\uff0c\u4f1a\u6839\u636eMakefile.am\u751f\u6210Makefile.in

\u8fd0\u884c./configure\u751f\u6210makefile

\u8fd0\u884cmake\uff0c\u57fa\u4e8emakefile\u7f16\u8bd1\u4ee3\u7801

"},{"location":"c/","title":"C\u8bed\u8a00","text":"

\u7ea6 386 \u4e2a\u5b57 30 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 4 \u5206\u949f

"},{"location":"c/#\u6839\u636e\u7ed3\u6784\u4f53\u6210\u5458\u53d6\u7ed3\u6784\u4f53\u9996\u5730\u5740","title":"\u6839\u636e\u7ed3\u6784\u4f53\u6210\u5458\u53d6\u7ed3\u6784\u4f53\u9996\u5730\u5740","text":"
member_address - &(((TYPE *)0)->member);\n

\u540e\u534a\u90e8\u5206\u770b\u4f3c\u4f1a\u89e3\u5f15\u75280\u5730\u5740\u800ccrash\uff0c\u4f46\u7f16\u8bd1\u5668\u4f1a\u4f18\u5316\u4e3a\u76f4\u63a5\u8ba1\u7b97member\u7684offset\u3002\u53c2\u89c1kernel\u4ee3\u7801\u5e38\u7528\u7684container_of\u3002

"},{"location":"c/#\u52a8\u6001\u94fe\u63a5\u5e93","title":"\u52a8\u6001\u94fe\u63a5\u5e93","text":"

\u7f16\u8bd1\u52a8\u6001\u94fe\u63a5\u5e93\u672c\u8eab

\u4f7f\u7528gcc\u7f16\u8bd1\u51fa\u52a8\u6001\u94fe\u63a5\u5e93\uff1a

gcc <source C file> -shared -fPIC -o lib<source>.so\n

\u7f16\u8bd1\u539f\u9879\u76ee\u65f6\u6307\u5b9a\u52a8\u6001\u94fe\u63a5\u5e93

\u4f7f\u7528-l\u6307\u5b9a\u52a0\u8f7d\u94fe\u63a5\u5e93\uff0c\u6ce8\u610f\u53bb\u6389\u5e93\u6587\u4ef6\u7684lib\u5f00\u5934\u548c.so\u7ed3\u5c3e\u3002\u7f16\u8bd1\u65f6\uff0c\u6ce8\u610f\u628a\u5e93\u653e\u5728\u6574\u4e2a\u547d\u4ee4\u7684\u7ed3\u5c3e\uff0c\u5426\u5219\u53ef\u80fd\u63d0\u793a\u5e93\u51fd\u6570\u672a\u5b9a\u4e49\u3002

\u6bd4\u5982gcc main.c -lcapstone\u4e0d\u4f1a\u62a5\u9519\uff0cgcc -lcapstone main.c\u4f1a\u63d0\u793a\u62a5\u9519\u3002\uff08\u5047\u8bbe\u8fd9\u91ccmain.c\u8c03\u7528\u4e86capstone\u7684\u5e93\u51fd\u6570\uff09

\u5982\u679c\u52a8\u6001\u94fe\u63a5\u5e93\u4e0d\u5728\u9ed8\u8ba4\u7684\u7cfb\u7edf\u5e93\u4e2d\uff0c\u53ef\u4ee5\u6dfb\u52a0-L\u6765\u6307\u5b9a\u52a8\u6001\u94fe\u63a5\u5e93\u7684\u4fdd\u5b58\u4f4d\u7f6e\u3002

\u8fd0\u884c\u9879\u76ee\u65f6\u52a0\u8f7d\u52a8\u6001\u94fe\u63a5\u5e93

\u5373\u4fbf\u7f16\u8bd1\u6210\u529f\uff0c\u8fd0\u884c\u53ef\u80fd\u62a5\u9519\u3002\u641c\u7d22\u987a\u5e8f\u4e3a\uff1a

  1. \u5728\u7f16\u8bd1\u65f6\u6dfb\u52a0-Wl,-rpath=xxx\u6765\u6307\u5b9a\u8fd0\u884c\u65f6\u6240\u9700\u7684\u52a8\u6001\u5e93\u6587\u4ef6
  2. \u5728\u73af\u5883\u53d8\u91cfLD_LIBRARY_PATH\u6307\u5b9a\u7684\u76ee\u5f55\u4e2d\u641c\u7d22
  3. \u5728/etc/ld.so.conf\u7ed9\u51fa\u7684\u76ee\u5f55\u4e2d\u641c\u7d22
  4. \u5728\u9ed8\u8ba4\u7684\u641c\u7d22\u8def\u5f84/lib\u3001/lib64\u3001/usrlib\u3001/usrlib64\u7b49\u641c\u7d22
"},{"location":"c/#\u8d4b\u503c","title":"\u8d4b\u503c","text":"

\u521d\u59cb\u5316\u6570\u7ec4\uff0c\u53ef\u4ee5\u8fde\u7eed\u8d4b\u503c

int arr[10] = {\n    [0]       = 1,\n    [1 ... 4] = 2,\n    [5 ... 7] = 4,\n};\n

\u6570\u7ec4\u5728\u5b9a\u4e49\u7684\u540c\u65f6\u8fdb\u884c\u90e8\u5206\u521d\u59cb\u5316\u65f6\uff0c\u672a\u88ab\u8d4b\u503c\u7684\u5143\u7d20\u90fd\u4f1a\u6309\u7167\u9759\u6001\u53d8\u91cf\u8fdb\u884c\u5904\u7406\uff0c\u5373\u9ed8\u8ba4\u7f6e\u96f6\uff0c\u5373\u4fbfint a[10] = {};\u6ca1\u6709\u663e\u5f0f\u521d\u59cb\u5316\u4efb\u4f55\u503c\u3002

\u521d\u59cb\u5316\u7ed3\u6784\u4f53\u6216\u8054\u5408\uff0c\u53ef\u4ee5\u4e00\u8d77\u8d4b\u503c

struct test {\n    int a;\n    int b;\n    int c;\n    int d;\n};\n\nint main(\n    int argc, \n    char const *argv[]\n    )\n{\n    struct test t = {\n        .a = 1,\n        .b = 2,\n        .c = 3,\n        .d = 4,\n    };\n\n    return 0;\n}\n
"},{"location":"code-gracely/","title":"\u4f18\u96c5\u7f16\u7a0b","text":"

\u7ea6 1414 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 5 \u5206\u949f

"},{"location":"code-gracely/#\u7a0b\u5e8f\u53d8\u91cf","title":"\u7a0b\u5e8f\u53d8\u91cf","text":""},{"location":"code-gracely/#\u7a0b\u5e8f\u4f18\u5316\u65b9\u6cd5","title":"\u7a0b\u5e8f\u4f18\u5316\u65b9\u6cd5","text":"

\u4f18\u5316\u9700\u8981\u901a\u8fc7\u5927\u91cf\u6d4b\u8bd5\u6765\u9a8c\u8bc1\u4e00\u81f4\u6027\u3001\u6027\u80fd\uff0c\u56e0\u4e3a\u5e76\u975e\u6240\u6709\u4f18\u5316\u90fd\u662f\u6b63\u786e\u6216\u5fc5\u8981\u7684\u3002\u4ece\u91cd\u6784\u7a0b\u5e8f\u6267\u884c\u6d41\u7684\u89d2\u5ea6\u6765\u8bb2\uff0c\u4f18\u5316\u5e76\u4e0d\u662f\u7075\u4e39\u5999\u836f\uff0c\u5e76\u5728\u4e0d\u540c\u8bed\u8a00\u3001\u4e0d\u540c\u7f16\u8bd1\u5668\u3001\u4e0d\u540c\u73af\u5883\u3001\u4e0d\u540c\u4efb\u52a1\u4e2d\u8868\u73b0\u51fa\u5de8\u5927\u7684\u5dee\u5f02\u3002\u4ee5\u4e0b\u7684\u4f18\u5316\u65b9\u6cd5\u5747\u4ec5\u4f9b\u53c2\u8003\u3002

"},{"location":"code-gracely/#\u5229\u7528\u77ed\u8def\u4e0e\u54e8\u5175","title":"\u5229\u7528\u77ed\u8def\u4e0e\u54e8\u5175","text":""},{"location":"code-gracely/#\u4f18\u5316\u8ba1\u7b97\u6548\u7387","title":"\u4f18\u5316\u8ba1\u7b97\u6548\u7387","text":""},{"location":"code-gracely/#\u4f7f\u7528\u4f4e\u7ea7\u8bed\u8a00\u91cd\u5199\u4ee3\u7801","title":"\u4f7f\u7528\u4f4e\u7ea7\u8bed\u8a00\u91cd\u5199\u4ee3\u7801","text":"
  1. \u4f7f\u7528\u9ad8\u7ea7\u8bed\u8a00\u5b8c\u6210\u7a0b\u5e8f\u7f16\u5199
  2. \u8fdb\u884c\u6d4b\u8bd5\uff0c\u9a8c\u8bc1\u6b63\u786e\u6027
  3. \u8fdb\u884c\u7a0b\u5e8f\u5206\u6790\uff0c\u786e\u5b9a\u70ed\u70b9\u4ee3\u7801
  4. \u5bf9\u70ed\u70b9\u4ee3\u7801\u4f7f\u7528\u4f4e\u7ea7\u8bed\u8a00\u6539\u5199
"},{"location":"code-gracely/#\u8bbe\u8ba1\u6070\u5f53\u7684\u6267\u884c\u63a7\u5236\u6d41","title":"\u8bbe\u8ba1\u6070\u5f53\u7684\u6267\u884c\u63a7\u5236\u6d41","text":""},{"location":"code-gracely/#\u5faa\u73af","title":"\u5faa\u73af","text":""},{"location":"code-gracely/#\u5efa\u8868\u4ee5\u63d0\u9ad8\u4ee3\u7801\u8d28\u91cf","title":"\u5efa\u8868\uff0c\u4ee5\u63d0\u9ad8\u4ee3\u7801\u8d28\u91cf","text":""},{"location":"code-gracely/#\u7528\u67e5\u8868\u6cd5\u66ff\u6362\u7e41\u7410\u7684if-else\u5224\u65ad","title":"\u7528\u67e5\u8868\u6cd5\u66ff\u6362\u7e41\u7410\u7684if-else\u5224\u65ad","text":"

\u4f7f\u7528\u5927\u91cfif-else\u7684\u574f\u5904\uff1a

\u4f7f\u7528\u67e5\u8868\u6cd5\u7684\u597d\u5904\uff1a

\u7528\u6cd5\uff1a\u5c06\u8981\u5224\u65ad\u7684\u5404\u4e2a\u53c2\u6570\u4f5c\u4e3a\u8868\u7684\u7ef4\u5ea6\uff0c\u5c06\u5224\u65ad\u7ed3\u679c\u4f5c\u4e3a\u8868\u7d22\u5f15\u540e\u7684\u7ed3\u679c\u3002

"},{"location":"code-gracely/#\u7528\u7d22\u5f15\u8868\u66ff\u6362\u6570\u636e\u8868","title":"\u7528\u7d22\u5f15\u8868\u66ff\u6362\u6570\u636e\u8868","text":"

\u7a00\u758f\u7684\u6570\u636e\u8868\u5728\u5b58\u50a8\u5bf9\u9f50\u7684\u60c5\u51b5\u4e0b\u4f1a\u6d6a\u8d39\u5927\u91cf\u7a7a\u95f4\u3002\u4e0e\u4e4b\u76f8\u6bd4\uff0c\u91c7\u7528\u7d22\u5f15\u8868\u53ef\u4ee5\u964d\u4f4e\u7a7a\u95f4\u6d6a\u8d39\u91cf\uff08\u4ecd\u7136\u4f1a\u4ea7\u751f\u6d6a\u8d39\uff09\u3002\u4e3a\u4e86\u8fdb\u4e00\u6b65\u51cf\u5c11\u7d22\u5f15\u8868\u7a7a\u95f4\uff0c\u53ef\u4ee5\u4f7f\u7528\u9636\u68af\u7d22\u5f15\u8868\uff0c\u6839\u636e\u6570\u636e\u7684\u8303\u56f4\uff08\u800c\u4e0d\u662f\u5177\u4f53\u7684\u6570\u636e\u503c\uff09\u8fdb\u884c\u5efa\u7d22\u5f15\uff0c\u6bd4\u5982\u6839\u636e\u767e\u5206\u5236\u6210\u7ee9\u8ba1\u7b97\u7ee9\u70b9\uff0c\u5efa\u7acb\u76f8\u5e94\u7684data-to-key\u51fd\u6570\uff0c\u653e\u5728\u6570\u7ec4\u4e2d\u3002

"},{"location":"code-gracely/#\u7528\u7ed3\u679c\u8868\u66ff\u6362\u6570\u5b66\u8ba1\u7b97\u7ed3\u679c","title":"\u7528\u7ed3\u679c\u8868\u66ff\u6362\u6570\u5b66\u8ba1\u7b97\u7ed3\u679c","text":"

\u8003\u8651\u5230\u7cfb\u7edf\u51fd\u6570\u7684\u7cbe\u786e\u6027\uff0c\u8ba1\u7b97\u901f\u5ea6\u53ef\u80fd\u8f83\u6162\u3002\u53ef\u4ee5\u9884\u5148\u624b\u52a8\u7b97\u51fa\u4e00\u4e9b\u6570\u636e\u5e76\u5efa\u8868\uff0c\u8ba1\u7b97\u65f6\u76f4\u63a5\u67e5\u8868\u5373\u53ef\uff0c\u5927\u5927\u63d0\u9ad8\u7a0b\u5e8f\u6027\u80fd\u3002

"},{"location":"cpp/","title":"C++","text":"

\u7ea6 1221 \u4e2a\u5b57 196 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 24 \u5206\u949f

"},{"location":"cpp/#stl","title":"STL","text":""},{"location":"cpp/#vector\u52a8\u6001\u6570\u7ec4","title":"vector\u52a8\u6001\u6570\u7ec4","text":"

vector \u52a8\u6001\u6570\u7ec4\u53ef\u4ee5\u968f\u673a\u8bbf\u95ee\uff0c\u5176\u5927\u5c0f\u7531\u7cfb\u7edf\u81ea\u52a8\u7ba1\u7406\u3002

#include<vector>\n\n// \u58f0\u660e\u4e0e\u521d\u59cb\u5316\nstd::vector<int> vec1;\nstd::vector<int> vec2(3); // \u6307\u5b9a\u957f\u5ea6\uff0c\u9ed8\u8ba4\u521d\u59cb\u5316\nstd::vector<int> vec3(3, 10); // \u6307\u5b9a\u957f\u5ea6\u548c\u9ed8\u8ba4\u503c\nstd::vector<int> vec4 = {1,2,3,4} // \u5217\u8868\u8fdb\u884c\u521d\u59cb\u5316\n\n// \u4f7f\u7528\u65b9\u6cd5\nvec.push_back(val); // \u4f20\u9012\u5f15\u7528\nvec.pop_back();\nvec.at(pos);  // \u6709\u8fb9\u754c\u68c0\u67e5\nvec[1];  // \u65e0\u8fb9\u754c\u68c0\u67e5\nvec.clear(); // \u6e05\u7a7a\nvec.front(); // \u8fd4\u56de\u7b2c\u4e00\u4e2a\u5143\u7d20\nvec.back(); // \u8fd4\u56de\u6700\u540e\u4e00\u4e2a\u5143\u7d20\nvec.data(); // \u8fd4\u56de\u5e95\u5c42\u6570\u7ec4\u6307\u9488\nvec.size();\nvec.capacity();\nvec.reserve(n); // \u9884\u7559n\u4e2a\u5143\u7d20\u7a7a\u95f4\nvec.resize(n);\nvec.insert(pos, val);\nvec.erase(pos);\nvec.begin(); // \u8d77\u59cb\u8fed\u4ee3\u5668\nvec.end(); // \u7ed3\u675f\u8fed\u4ee3\u5668\n\n// \u904d\u5386\u65b9\u6cd5\nfor (int i = 0; i < vec.size(); i++) { x = vec[i] ;}\n
"},{"location":"cpp/#deque\u53cc\u7aef\u961f\u5217","title":"deque\u53cc\u7aef\u961f\u5217","text":"

deque \u53cc\u7aef\u961f\u5217\u53ef\u4ee5\u968f\u673a\u8bbf\u95ee\uff0c\u5176\u5927\u5c0f\u7531\u7cfb\u7edf\u81ea\u52a8\u7ba1\u7406\u3002

#include<deque>\n\n// \u58f0\u660e\u4e0e\u521d\u59cb\u5316\nstd::deque<int> deque;\nstd::deque<int> deque(3); // \u6307\u5b9a\u957f\u5ea6\uff0c\u9ed8\u8ba4\u521d\u59cb\u5316\nstd::deque<int> deque(3, 10); // \u6307\u5b9a\u957f\u5ea6\u548c\u9ed8\u8ba4\u503c\nstd::deque<int> deque = {1,2,3,4} // \u5217\u8868\u8fdb\u884c\u521d\u59cb\u5316\n\n// \u4f7f\u7528\u65b9\u6cd5\ndeque.push_back(val); // \u4f20\u9012\u5f15\u7528\ndeque.pop_back();\ndeque.push_front(val);\ndeque.pop_front();\ndeque.at(pos);  // \u6709\u8fb9\u754c\u68c0\u67e5\ndeque[1];  // \u65e0\u8fb9\u754c\u68c0\u67e5\ndeque.clear(); // \u6e05\u7a7a\ndeque.front(); // \u8fd4\u56de\u7b2c\u4e00\u4e2a\u5143\u7d20\ndeque.back(); // \u8fd4\u56de\u6700\u540e\u4e00\u4e2a\u5143\u7d20\ndeque.size();\ndeque.capacity();\ndeque.reserve(n); // \u9884\u7559n\u4e2a\u5143\u7d20\u7a7a\u95f4\ndeque.resize(n);\ndeque.insert(pos, val);\ndeque.erase(pos);\ndeque.swap(other_deque) // \u4ea4\u6362\u4e24\u4e2adeque\u5185\u5bb9\ndeque.begin(); // \u8d77\u59cb\u8fed\u4ee3\u5668\ndeque.end(); // \u7ed3\u675f\u8fed\u4ee3\u5668\n
"},{"location":"cpp/#\u5934\u6587\u4ef6\u4e0e\u547d\u540d\u7a7a\u95f4","title":"\u5934\u6587\u4ef6\u4e0e\u547d\u540d\u7a7a\u95f4","text":"

\u547d\u540d\u7a7a\u95f4\u7528\u4e8e\u5904\u7406\u4e0d\u540c\u5e93\u4e2d\u7684\u540c\u540d\u51fd\u6570\u3001\u7c7b\u4e0e\u53d8\u91cf\uff0c\u76f8\u5f53\u4e8e\u5b9a\u4e49\u4e0a\u4e0b\u6587\u3002

// \u547d\u540d\u7a7a\u95f4\u5b9a\u4e49\nnamespace namespace_name {\n    // \u4ee3\u7801\u58f0\u660e\n}\n\n// \u4f7f\u7528\u547d\u540d\u7a7a\u95f4\u5185\u7684\u51fd\u6570\uff0c\u9700\u8981\u6307\u5b9a \u547d\u540d\u7a7a\u95f4::\nnamespace_name::namespace_func;\n\n// using\u6307\u4ee4\uff0c\u5219\u4e4b\u540e\u4f7f\u7528\u8be5\u547d\u540d\u7a7a\u95f4\u5185\u7684\u51fd\u6570\u4e0d\u9700\u8981\u52a0 \u547d\u540d\u7a7a\u95f4::\nusing namespace namespace_name;\nnamespace_func;\n\n//\u5168\u5c40\u53d8\u91cf\u548c\u5c40\u90e8\u53d8\u91cf\u51b2\u7a81\u65f6::val\u8868\u793a\u5168\u5c40\u53d8\u91cf\n::global_val;\nlocal_val;\n
"},{"location":"cpp/#\u8f93\u5165\u4e0e\u8f93\u51fa","title":"\u8f93\u5165\u4e0e\u8f93\u51fa","text":"

\u4f7f\u7528iostream\u5934\u6587\u4ef6\u5f15\u5165\u8f93\u5165\u8f93\u51fa\u3002

#include <iostream>\nusing namespace std;\nint main() {\n    char a[10];\n    cin >> a;\n    cout << a;\n}\n
"},{"location":"cpp/#\u53d8\u91cf\u5e38\u91cf\u4e0e\u7c7b\u578b\u9650\u5b9a\u7b26","title":"\u53d8\u91cf\u3001\u5e38\u91cf\u4e0e\u7c7b\u578b\u9650\u5b9a\u7b26","text":"

\u57fa\u672c\u6570\u636e\u7c7b\u578b\u7c7b\u4f3cC\u8bed\u8a00\uff0c\u6b64\u5916\u8fd8\u5305\u62ecbool\u7b49\u3002\u5b57\u7b26\u7c7b\u578b\u9664\u4e861\u5b57\u8282\u7684char\uff0c\u8fd8\u5305\u62ecwchar_t\uff08\u5bbd\u5b57\u7b26\uff0c\u53602\u62164\u5b57\u8282\uff09\u3001char16_t\u3001char32_t\u3002

\u7c7b\u578b\u9650\u5b9a\u7b26\u5305\u62ecconst\u3001mutable\u3001volatile\u3001restrict\u3001static\u3001register\u7b49\uff0c\u7f6e\u4e8e\u7c7b\u578b\u524d\u3002

Note

class Sample {\n    public:\n    int get_data() const { // const \u6210\u5458\u51fd\u6570\u5185\u90e8\u4e0d\u80fd\u4fee\u6539\u4efb\u4f55\u975e\u9759\u6001\u6210\u5458\u53d8\u91cf\u7684\u503c\n        return __data;\n    }\n    void set_data(int new_value) const {\n        __data = new_value; // \u867d\u7136\u662fconst \u6210\u5458\u51fd\u6570\u5185\u90e8\uff0c\u4f46\u7531\u4e8e__data\u662fmutable\u7684\uff0c\u6240\u4ee5\u53ef\u4ee5\u4fee\u6539\n    }\n    private:\n    mutable int __data;\n}\n\nint main () {\n    const Sample obj; // const\u5bf9\u8c61\u53ea\u80fd\u8c03\u7528const\u51fd\u6570\n    obj.set_data(10);\n    obj.get_data(); \n}\n
"},{"location":"cpp/#\u6307\u9488\u4e0e\u5f15\u7528","title":"\u6307\u9488\u4e0e\u5f15\u7528","text":""},{"location":"cpp/#\u51fd\u6570\u6a21\u677f\u4e0e\u6cdb\u578b\u7f16\u7a0b","title":"\u51fd\u6570\u6a21\u677f\u4e0e\u6cdb\u578b\u7f16\u7a0b","text":""},{"location":"cpp/#\u7c7b\u4e0e\u5bf9\u8c61","title":"\u7c7b\u4e0e\u5bf9\u8c61","text":""},{"location":"cpp/#\u7c7b\u6210\u5458\u51fd\u6570","title":"\u7c7b\u6210\u5458\u51fd\u6570","text":"

\u7c7b\u6210\u5458\u51fd\u6570\u53ef\u4ee5\u5728\u7c7b\u5b9a\u4e49\u7684\u5185\u90e8\u8fdb\u884c\u5b9a\u4e49\uff0c\u6b64\u65f6\u6210\u5458\u51fd\u6570\u5373\u4e3a\u5185\u8054\u51fd\u6570\u3002\u4e5f\u53ef\u4ee5\u5728\u7c7b\u5b9a\u4e49\u7684\u5916\u90e8\u8fdb\u884c\u5b9a\u4e49\uff0c\u4e00\u822c\u4f7f\u7528\u8fd4\u56de\u503c\u7c7b\u578b \u7c7b\u540d::\u51fd\u6570\u540d(\u53c2\u6570\u5217\u8868) {\u51fd\u6570\u4f53}\u7684\u5f62\u5f0f\u3002

class Sample {\n    public:\n    int sample1() {return 1;} // \u5728\u7c7b\u5185\u90e8\u5b9a\u4e49\u51fd\u6570\u5b9e\u73b0\n    int sample2(); // \u5728\u7c7b\u5916\u90e8\u5b9a\u4e49\u51fd\u6570\u5b9e\u73b0\n}\n\n// \u9700\u8981\u4f7f\u7528\u8303\u56f4\u89e3\u6790\u8fd0\u7b97\u7b26::\u6765\u6307\u5b9a\u54ea\u4e2a\u7c7b\nint Sample::sample2() {return 2;}\n
"},{"location":"cpp/#\u6784\u9020\u51fd\u6570\u62f7\u8d1d\u6784\u9020\u51fd\u6570\u6790\u6784\u51fd\u6570","title":"\u6784\u9020\u51fd\u6570\u3001\u62f7\u8d1d\u6784\u9020\u51fd\u6570\u3001\u6790\u6784\u51fd\u6570","text":"

\u7c7b\u7684\u6784\u9020\u51fd\u6570\u5728\u521b\u5efa\u65b0\u7684\u7c7b\u5bf9\u8c61\u662f\u6267\u884c\uff0c\u540d\u79f0\u4e0e\u7c7b\u540d\u76f8\u540c\uff0c\u6ca1\u6709\u8fd4\u56de\u503c\u3002\u4e00\u822c\u7528\u4e8e\u4e3a\u6210\u5458\u53d8\u91cf\u8bbe\u7f6e\u521d\u59cb\u503c\u3002 \u6784\u9020\u51fd\u6570\u4e2d\uff0c\u4f7f\u7528\u521d\u59cb\u5316\u5217\u8868\u6765\u5bf9\u7c7b\u6210\u5458\u8fdb\u884c\u8d4b\u503c\u65f6\uff0c\u5728\u6784\u9020\u51fd\u6570\u5b9a\u4e49\u7684\u5927\u62ec\u53f7\u524d\u52a0\u4e0a: X(a)\uff0c\u5176\u4e2dX\u662f\u5185\u90e8\u6210\u5458\uff0ca\u662f\u6784\u9020\u51fd\u6570\u7684\u53c2\u6570\uff0c\u5b9e\u73b0\u5c06a\u8d4b\u7ed9X\u3002\u8ba1\u7b97\u987a\u5e8f\u662f\u6309\u7c7b\u5185\u7684\u6210\u5458\u5b9a\u4e49\u987a\u5e8f\uff0c\u800c\u4e0d\u662f\u6309\u521d\u59cb\u5316\u5217\u8868\u7684\u987a\u5e8f\u6765\u8fdb\u884c\u8d4b\u503c\u3002 \u62f7\u8d1d\u6784\u9020\u51fd\u6570\u4e00\u822c\u7528\u4e8e\u6839\u636e\u5df2\u6709\u7684\u7c7b\u5bf9\u8c61\uff0c\u751f\u6210\u65b0\u7684\u7c7b\u5bf9\u8c61\uff0c\u6bd4\u5982\u590d\u5236\u3002\u5982\u679c\u7c7b\u4e0d\u5305\u542b\u6307\u9488\u6216\u52a8\u6001\u5185\u5b58\u5206\u914d\uff0c\u53ef\u4ee5\u4e0d\u5199\uff0c\u7f16\u8bd1\u5668\u4f1a\u5e2e\u52a9\u751f\u6210\uff1b\u5426\u5219\u5fc5\u987b\u81ea\u5df1\u5b9e\u73b0\u3002 \u6790\u6784\u51fd\u6570\u7c7b\u4f3c\u4e8e\u6784\u9020\u51fd\u6570\uff0c\u4f46\u51fd\u6570\u540d\u524d\u52a0\u4e86~\u7b26\u53f7\u3002\u5b83\u4e0d\u80fd\u5e26\u6709\u53c2\u6570\uff0c\u4e5f\u6ca1\u6709\u8fd4\u56de\u503c\uff0c\u4e00\u822c\u7528\u4e8e\u91ca\u653e\u5bf9\u8c61\u65f6\u8fdb\u884c\u8d44\u6e90\u91ca\u653e\u3002 \u6790\u6784\u51fd\u6570\u90fd\u4e0d\u9700\u8981\u663e\u5f0f\u8c03\u7528\u3002

#include<iostream>\nclass Sample {\n    public:\n    void setData(int i);\n    Sample(); // \u6784\u9020\u51fd\u6570\n    Sample(int i); // \u5e26\u53c2\u6784\u9020\u51fd\u6570\n    Sample(const Sample & obj); // \u62f7\u8d1d\u6784\u9020\u51fd\u6570\n    ~Sample(); // \u6790\u6784\u51fd\u6570\n    private:\n    int * data;\n}\n\n// \u5728\u7c7b\u58f0\u660e\u5916\u90e8\u5b9e\u73b0\u51fd\u6570\uff0c\u5219\u4e3a\u975e\u5185\u8054\nSample::Sample() {\n    std::cout << \"Construction\" << std::endl;\n    data = new int;\n    *data = 0;\n}\n\n// \u5e26\u521d\u59cb\u5316\u5217\u8868\u7684\u6784\u9020\u51fd\u6570\nSample::Sample(int i): data(i) {\n    std::cout << \"Construction with initial list\" << std::endl;\n    data = new int;\n    *data = i;\n}\n\n// \u62f7\u8d1d\u6784\u9020\u51fd\u6570\u5b9a\u4e49\nSample::Sample(const Sample & obj) {\n    std::cout << \"Construction with another object\" << std::endl;\n    data = new int;\n    *data = *obj.data;\n}\n\n// \u6790\u6784\u51fd\u6570\u5b9a\u4e49\nSample::~Sample() {\n    std::cout << \"Deletion\" << std::endl;\n    delete data;\n}\n\nvoid Sample::setData(int i) {\n    data = i;\n}\n\nint main () {\n    Sample sample1;\n    sample1.setData(1);\n    Sample sample2(2);\n    Sample sample3(sample1);\n    Sample sample4 = sample3;\n}\n

\u521b\u5efa\u7c7b\u7684\u5bf9\u8c61\u65f6\uff0c\u53ef\u4ee5\u76f4\u63a5\u4ee5\u7c7b\u540d \u5bf9\u8c61\u540d\u7684\u5f62\u5f0f\u6784\u5efa\u4e00\u4e2a\u9ed8\u8ba4\u5bf9\u8c61\uff0c\u6216\u8005\u7c7b\u540d \u5bf9\u8c61\u540d(\u53c2\u6570\u5217\u8868)\u6784\u5efa\u4e00\u4e2a\u5e26\u53c2\u6570\u7684\u5bf9\u8c61\uff0c\u6216\u8005\u7c7b\u540d \u5bf9\u8c61\u540d=\u5df2\u6709\u5bf9\u8c61\u3001\u7c7b\u540d \u5bf9\u8c61\u540d(\u5df2\u6709\u5bf9\u8c61)\u6765\u7528\u62f7\u8d1d\u6784\u9020\u51fd\u6570\u3002\u6ce8\u610f\u4e0d\u8981\u76f4\u63a5\u8c03\u7528\u6784\u9020\u51fd\u6570\u672c\u8eab\uff0c\u5b83\u6ca1\u6709\u8fd4\u56de\u503c\u3002

"},{"location":"cpp/#\u5220\u9664\u51fd\u6570","title":"\u5220\u9664\u51fd\u6570","text":"

\u5728\u4e00\u4e9b\u9ed8\u8ba4\u51fd\u6570\uff08\u6bd4\u5982\u62f7\u8d1d\u6784\u9020\u51fd\u6570\uff09\u540e\u52a0\u4e0a= delete\u610f\u4e3a\u7981\u6b62\u8be5\u51fd\u6570\u88ab\u8c03\u7528\u3002

class Sample {\n    Sample(const Sample &) = delete; // \u7981\u6b62\u901a\u8fc7\u62f7\u8d1d\u6784\u9020\u51fd\u6570\u65b0\u5efa\u5bf9\u8c61\n    Sample &operator=(const Sample &) = delete; // \u7981\u6b62\u901a\u8fc7\u8d4b\u503c\u6765\u62f7\u8d1d\u5bf9\u8c61\n}\n
"},{"location":"cpp/#explicit","title":"explicit","text":"

\u5982\u679c\u4e00\u4e2a\u6784\u9020\u51fd\u6570\u53ea\u63a5\u53d7\u4e00\u4e2a\u53c2\u6570\uff08\u6216\u8005\u662f\u53ef\u4ee5\u901a\u8fc7\u9ed8\u8ba4\u503c\u53d8\u6210\u53ea\u63a5\u53d7\u4e00\u4e2a\u53c2\u6570\uff09\uff0c\u5b83\u4f1a\u88ab\u89c6\u4e3a\u4e00\u4e2a\u8f6c\u6362\u6784\u9020\u51fd\u6570\u3002\u8fd9\u79cd\u6784\u9020\u51fd\u6570\u5141\u8bb8\u901a\u8fc7\u9690\u5f0f\u8f6c\u6362\u5c06\u5176\u4ed6\u7c7b\u578b\u7684\u5bf9\u8c61\u8f6c\u6362\u4e3a\u5f53\u524d\u7c7b\u7684\u5bf9\u8c61\uff0c\u53ef\u80fd\u4f1a\u4ea7\u751f\u4e0d\u5fc5\u8981\u7684\u884c\u4e3a\u3002\u4e3a\u4e86\u907f\u514d\u8fd9\u79cd\u60c5\u51b5\uff0c\u4f7f\u7528explicit\u6765\u663e\u5f0f\u521b\u5efa\u5bf9\u8c61\u3002

\u663e\u5f0f\u521b\u5efa\u5bf9\u8c61\u663e\u5f0f\u7c7b\u578b\u8f6c\u6362
#include <iostream>\nusing namespace std;\nclass MyClass {\npublic:\n    explicit MyClass(int value) {\n        cout << \"Constructor called with value: \" << value << endl;\n    }\n};\n\nvoid print(const MyClass& obj) {\n    cout << \"print function called\" << endl;\n}\n\nint main() {\n    // print(42); // \u9519\u8bef\uff0c\u65e0\u6cd5\u9690\u5f0f\u8f6c\u6362\n    print(MyClass(42)); // \u5fc5\u987b\u663e\u5f0f\u521b\u5efa\u5bf9\u8c61\n    return 0;\n}\n
#include <iostream>\nusing namespace std;\n\nclass MyClass {\npublic:\n    explicit operator int() const {\n        return 42;\n    }\n};\n\nint main() {\n    MyClass obj;\n    // int value = obj; // \u9519\u8bef\uff0c\u65e0\u6cd5\u9690\u5f0f\u8f6c\u6362\n    int value = static_cast<int>(obj); // \u5fc5\u987b\u663e\u5f0f\u8f6c\u6362\n    cout << \"value = \" << value << endl;\n    return 0;\n}\n
"},{"location":"cpp/#\u5c01\u88c5","title":"\u5c01\u88c5","text":""},{"location":"cpp/#\u7ee7\u627f","title":"\u7ee7\u627f","text":""},{"location":"cpp/#\u591a\u6001","title":"\u591a\u6001","text":""},{"location":"cpp/#\u8fd0\u7b97\u7b26\u91cd\u8f7d","title":"\u8fd0\u7b97\u7b26\u91cd\u8f7d","text":""},{"location":"cpp/#\u9759\u6001\u6210\u5458\u53d8\u91cf\u4e0e\u9759\u6001\u6210\u5458\u51fd\u6570","title":"\u9759\u6001\u6210\u5458\u53d8\u91cf\u4e0e\u9759\u6001\u6210\u5458\u51fd\u6570","text":""},{"location":"cpp/#\u5e38\u91cf\u6210\u5458\u51fd\u6570","title":"\u5e38\u91cf\u6210\u5458\u51fd\u6570","text":""},{"location":"cpp/#this\u6307\u9488","title":"this\u6307\u9488","text":""},{"location":"cpp/#\u5bf9\u8c61\u7684\u6df1\u62f7\u8d1d\u4e0e\u6d45\u62f7\u8d1d","title":"\u5bf9\u8c61\u7684\u6df1\u62f7\u8d1d\u4e0e\u6d45\u62f7\u8d1d","text":""},{"location":"cpp/#\u6a21\u677f\u7f16\u7a0b","title":"\u6a21\u677f\u7f16\u7a0b","text":""},{"location":"cpp/#\u667a\u80fd\u6307\u9488","title":"\u667a\u80fd\u6307\u9488","text":""},{"location":"cpp/#c11\u65b0\u7279\u6027","title":"C++11\u65b0\u7279\u6027","text":""},{"location":"cpp/#\u7c7b\u578b\u522b\u540d","title":"\u7c7b\u578b\u522b\u540d","text":"

\u4f7f\u7528 using NewType = OldType\u4e3a\u590d\u6742\u7c7b\u578b\u6784\u5efa\u7b80\u5355\u522b\u540d\uff0c\u539f\u7406\u7c7b\u4f3ctypedef OldType NewType\uff0c\u4f46\u8868\u8fbe\u66f4\u52a0\u6e05\u6670\uff0c\u800c\u4e14\u652f\u6301\u6cdb\u578b\u3002

template <typename T>\nusing Vec = std::vector<T>;\n\nVec<int> myVec; // \u7b49\u4ef7\u4e8e std::vector<int>\n
"},{"location":"cpp/#c14\u65b0\u7279\u6027","title":"C++14\u65b0\u7279\u6027","text":""},{"location":"cpp/#c17\u65b0\u7279\u6027","title":"C++17\u65b0\u7279\u6027","text":""},{"location":"cpp/#c20\u65b0\u7279\u6027","title":"C++20\u65b0\u7279\u6027","text":""},{"location":"crawler/","title":"\u722c\u866b\u6a21\u677f","text":"

\u7ea6 142 \u4e2a\u5b57 156 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 16 \u5206\u949f

"},{"location":"crawler/#scrapy","title":"Scrapy","text":"

\u4e5f\u53ef\u4ee5\u770b\u8fd9\u91cc\u7684\u4ecb\u7ecd

"},{"location":"crawler/#\u52a0\u56fd\u5185\u4ee3\u7406","title":"\u52a0\u56fd\u5185\u4ee3\u7406","text":"

\u9488\u5bf9\u4e2a\u522b\u7f51\u7ad9\u9501ip\uff0c\u53ef\u4ee5\u8003\u8651\u6574\u4e2a\u4ee3\u7406

import base64\nusername = 'xxxxx'\npasswd = 'xxxxx'\nproxy_ip = 'xxxx.kdltps.com'\nproxy_port = '15818'\n\nmeta = {'proxy': f'http://{proxy_ip}:{proxy_port}'}\ncode = base64.b64encode(f'{username}:{passwd}'.encode()).decode()\n\nheaders = {\n\t\"Proxy-Authorization\": f\"Basic {code}\", # \u5728headers\u91cc\u8bbe\u7f6e\u4e0b\u4ee3\u7406token\n}\n\ndef start_requests(self):\n\tyield scrapy.Request(\n\t\theaders = headers, # \u8bbe\u7f6e\u4f7f\u7528headers\uff0c\u5305\u542btoken\n\t\tmeta = meta, # \u8bbe\u7f6e\u4f7f\u7528\u4ee3\u7406\n\t\t)\n
"},{"location":"crawler/#applicationjson\u7c7b\u578b","title":"application/json\u7c7b\u578b","text":"

\u9488\u5bf9\u8bf7\u6c42\u5934Content-Type\u4e3aapplication/json\u7c7b\u578b\uff0cstart_requests\u91cc\u7528Request\uff0c\u6ce8\u660emethod\u548cbody\uff1a

import json\nheaders = {\n    \"Content-Type\": \"application/json\",\n    \"User-Agent\": \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36\",\n}\n\ndata = json.dumps({\"key\":\"value\"})\n\n# \u7701\u7565\u65e0\u5173\u4fe1\u606f\n\nyield scrapy.Request(\n    url=url, \n    method='POST', \n    headers=headers, \n    body=data,\n    callback=self.parse, \n    meta={'period': t}, \n    errback=self.err,\n    cb_kwargs={'period': t,'page':0}\n)\n
"},{"location":"crawler/#applicationx-www-form-urlencoded\u7c7b\u578b","title":"application/x-www-form-urlencoded\u7c7b\u578b","text":"

\u9488\u5bf9\u8bf7\u6c42\u5934Content-Type\u4e3aapplication/x-www-form-urlencoded\u7c7b\u578b\uff0cstart_requests\u91cc\u7528FormRequest\uff0c\u6ce8\u660eformdata\uff1a

post_data = {\"key\":\"value\"}\n\n# \u7701\u7565\u65e0\u5173\u4fe1\u606f\n\nyield scrapy.FormRequest(\n    url=url,\n    formdata=post_data,\n    errback=self.err,\n    callback = self.parse,\n    cookies = cookies,\n    cb_kwargs = {'id':'shixian','page':str(page)},\n    )\n

\u666e\u901a\u8bf7\u6c42\u7528scrapy.Request\u5373\u53ef\u3002

"},{"location":"crawler/#selenium","title":"Selenium","text":"

\u722c\u4e45\u4e86\u603b\u4f1a\u7206\u5185\u5b58\uff0c\u4e0d\u77e5\u9053\u5185\u5b58\u6cc4\u9732\u7684bug\u6709\u6ca1\u6709\u4fee\u590d\u3002\u4ee5\u4e0b\u7528\u7684\u662fchrome\u6d4f\u89c8\u5668\uff0c\u9700\u8981\u9884\u5148\u4e0b\u8f7d\u4e0b\u9a71\u52a8

from selenium import webdriver\nfrom selenium.webdriver.common.by import By\nfrom selenium.webdriver.chrome.service import Service\nfrom pathlib import Path\nimport time\nimport json\nimport ast \nimport re\nimport os\nimport yaml\nimport shutil\n\noptions = webdriver.ChromeOptions()\n# options.add_argument('--headless')\n# https://chromedriver.chromium.org/downloads\ns = Service('S:/chromedriver.exe')\noptions.add_experimental_option('excludeSwitches', ['enable-logging'])\ndriver = webdriver.Chrome(service=s,options=options)\ndriver.get('http://www.baidu.com')\ntime.sleep(1)\n\ndef get_current_and_final_page_of_one_book():\n    cur = -1\n    final = -1\n    try:\n        pages = driver.find_elements(By.XPATH,'//ul[@class=\"t-pager\"]/li')\n    except:\n        print('Current page is not found')\n        return cur,final\n   \n    for page in pages:\n        if 'active' in page.get_attribute('class'):\n            cur = int(page.text)\n        if 'number' in page.get_attribute('class'):\n            final = int(page.text)\n    return cur,final\n\ndef download_one_page_of_a_book(skip,config):\n    \"\"\"\u4e00\u9875\u6240\u6709\u6587\u6863\u5168\u90e8\u4e0b\u8f7d\u6210\u529f\u5219\u8fd4\u56deTrue,OK\n    \"\"\"\n    global CURRENT_PAGE\n    global CURRENT_TITLE\n    titles = driver.find_elements(By.XPATH,'//div[@class=\"container\"]/div[1]/div[2]/div[2]/table/tbody/tr/td[1]')\n    icons = driver.find_elements(By.XPATH,'//div[@class=\"container\"]/div[1]/div[2]/div[2]/table/tbody/tr/td[4]')\n    jscode = 'document.location = '+'\"'+config['url']+'\"'\n    driver.execute_script(jscode)\n    for title,svgs in zip(titles,icons):\n        svgs = svgs.find_elements(By.XPATH,'.//*[name()=\"svg\"]')\n        print(f'Current title: {title.text}, skip: {skip}, CURRENT_TITLE: {CURRENT_TITLE}')\n        if CURRENT_TITLE is not None and skip and title.text != CURRENT_TITLE:\n            continue\n        skip = False\n        for svg in svgs:\n            # if visible \n            if svg.get_attribute('style') == 'display: inline-block;':\n                svg.click()\n                time.sleep(7)\n                cls = driver.window_handles\n                if len(cls) > 1:\n                    time.sleep(20)\n                ok = archive_file(title.text,config)\n                if not ok:\n                    print(f'Failed to download {title.text}')\n                    while len(cls) > 1:\n                        driver.switch_to.window(cls[1])\n                        driver.close()\n                        driver.switch_to.window(cls[0])\n                        cls = driver.window_handles\n                    return (False, title.text)\n                cls = driver.window_handles\n                driver.switch_to.window(cls[0])\n    CURRENT_TITLE = None\n    CURRENT_PAGE += 1\n    return (True, 'OK')\n\n# load yaml\nwith open(target_yml,'r',encoding='utf8') as f:\n    SETTINGS = yaml.load(f,Loader=yaml.FullLoader)\n# dump yaml\nwith open(target_yml,'w',encoding='utf8') as f:\n    yaml.dump(SETTINGS,f,allow_unicode=True)\n\ndriver.close()\ndriver.quit()\n

\u6216\u8005\u8bbe\u7f6e\u4e00\u4e2ahelper\u7a0b\u5e8f\uff0c\u53cd\u590d\u542f\u52a8selenium\uff1a

import subprocess\nimport time\nimport datetime\nimport sys\ncmd = 'python ./main.py'\nop = 0\nwhile True:\n    if op >= 200:\n        print('failed 200 times!')\n        break\n    p = subprocess.Popen(cmd.split(), stdout=sys.stdout, stderr=sys.stderr)\n    print('new round at', datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'),f'op = {op}')\n    op += 1\n    \n    time.sleep(30)\n    if p.poll() == 0:\n        break\n    p.wait()\n
"},{"location":"docker/","title":"Docker\u4f7f\u7528\u7b14\u8bb0","text":"

\u7ea6 722 \u4e2a\u5b57 11 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 4 \u5206\u949f

"},{"location":"docker/#\u5b89\u88c5docker","title":"\u5b89\u88c5docker","text":"

\u6309\u7167https://docs.docker.com/engine/install/ubuntu/\u7684\u8bf4\u660e\u5b89\u88c5\u5373\u53ef

\u4e5f\u53ef\u4ee5\u6309curl -fsSL https://get.docker.com -o get-docker.sh\u3001sudo sh get-docker.sh\u6765\u5b89\u88c5\u3002

"},{"location":"docker/#\u8bbe\u7f6edocker\u4f7f\u7528\u955c\u50cf\u4ed3\u5e93","title":"\u8bbe\u7f6edocker\u4f7f\u7528\u955c\u50cf\u4ed3\u5e93","text":"

docker\u9ed8\u8ba4\u4ece\u5b98\u7f51\u62c9\u53d6\u955c\u50cf\uff0c\u53ef\u80fd\u7531\u4e8e\u5899\u800c\u62c9\u4e0d\u5230\u3002\u53ef\u4ee5\u8003\u8651\u4f7f\u7528\u963f\u91cc\u63d0\u4f9b\u7684\u955c\u50cf\u670d\u52a1\uff0c\u53c2\u8003https://zhuanlan.zhihu.com/p/347643668\u3002

\u8003\u8651\u5230\u56fd\u5185\u4f3c\u4e4e\u628adocker\u955c\u50cf\u4e0b\u67b6\u4e86\uff0c\u8fd8\u662f\u76f4\u63a5\u4fee\u6539docker\u4ee3\u7406\u5427\u3002

\u5148\u521b\u5efa\u76ee\u5f55mkdir /etc/systemd/system/docker.service.d\uff0c\u518d\u521b\u5efa\u6587\u4ef6/etc/systemd/system/docker.service.d/http-proxy.conf\uff0c\u518d\u5f80\u91cc\u9762\u6dfb\u52a0\u4ee3\u7406\uff1a

[Service]\nEnvironment=\"HTTP_PROXY=http://proxy.example.com:80/\"\nEnvironment=\"HTTPS_PROXY=http://proxy.example.com:80/\"\nEnvironment=\"NO_PROXY=localhost,127.0.0.0/8,docker-registry.somecorporation.com\" #\u53ef\u9009\u3002\u5982\u679c\u4f7f\u7528\u672c\u5730\u955c\u50cf\u4ed3\u5e93\u3002\n

\u7136\u540e\u66f4\u65b0\u914d\u7f6esudo systemctl daemon-reload\uff0c\u5e76\u91cd\u542fdocker\uff1asudo systemctl restart docker

"},{"location":"docker/#\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e","title":"\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e","text":"

\u9ed8\u8ba4\u4f7f\u7528\u7684\u4f4d\u7f6e\u662f/var/lib/docker\uff0c\u5728\u6839\u76ee\u5f55\u4e0b\u5bb9\u6613\u5360\u6ee1\u3002\u53ef\u4ee5\u901a\u8fc7docker info\u67e5\u770b\u4fdd\u5b58\u7684\u4f4d\u7f6eDocker Root Dir\u3002

\u914d\u7f6e\u6587\u4ef6\u53ef\u4ee5\u901a\u8fc7systemctl status docker\u5e76\u67e5\u770bLoad\u4f7f\u7528\u7684\u914d\u7f6e\u6587\u4ef6\u662f\u54ea\u4e2a\u3002

\u4e00\u79cd\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e\u7684\u65b9\u6cd5\uff1a\u4fee\u6539/etc/docker/daemon.json\uff0c\u8bbe\u7f6e\u4e3a

{\n  \"data-root\": \"/home/docker\"\n}\n

\u968f\u540e\u91cd\u8f7d\u4e00\u4e0b\u914d\u7f6e\uff1a

sudo systemctl daemon-reload\nsudo systemctl restart docker\n

\u8fd8\u6709\u4e00\u79cd\u505a\u6cd5\uff0c\u9002\u7528\u4e8e\u5df2\u7ecf\u4f7f\u7528\u8fc7\u4e00\u6bb5\u65f6\u95f4\u7684docker\uff0c\u5173\u95eddocker\u540emv\u539f\u6765\u7684/var/lib/docker\u5230\u65b0\u76ee\u5f55\uff08\u6bd4\u5982/data/docker\uff09\u7136\u540e\u518dln -s /data/docker /var/lib/docker\u5efa\u7acb\u8f6f\u94fe\u63a5\u3002

"},{"location":"docker/#\u4ece\u955c\u50cf\u521b\u5efa\u5bb9\u5668\u5e76\u6302\u8f7d\u76ee\u5f55","title":"\u4ece\u955c\u50cf\u521b\u5efa\u5bb9\u5668\u5e76\u6302\u8f7d\u76ee\u5f55","text":"

\u4f1a\u5728\u5bb9\u5668\u4e2d\u521b\u5efa\u76ee\u5f55\uff0c\u6620\u5c04\u5bbf\u4e3b\u673a\u76ee\u5f55\u3002\u5bbf\u4e3b\u673a\u7684\u76ee\u5f55\u548c\u5bb9\u5668\u76ee\u5f55\u5185\u5bb9\u662f\u4e00\u6837\u7684\uff0c\u4fee\u6539\u4e00\u65b9\uff0c\u53e6\u4e00\u65b9\u968f\u4e4b\u6539\u53d8

docker run -it --name=<container_name> --user=<user_id>:<group_id> --hostname=xxxx --workdir=xxxx  -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro --mount type=bind,source=<\u5bbf\u4e3b\u673a\u76ee\u5f55>,target=<\u5bb9\u5668\u76ee\u5f55> <\u955c\u50cf\u540d>:<tag> /bin/bash\n

\u4ee5\u4e0a\u547d\u4ee4\u53ef\u4ee5\u5b8c\u6210\u5bf9\u6307\u5b9a\u955c\u50cf\u521b\u5efa\u4e00\u4e2a\u6bd4\u8f83\u5b8c\u5907\u7684\u5bb9\u5668\uff0c\u6307\u5b9a\u4e86\u5bb9\u5668\u540d\u79f0\u3001\u7528\u6237\u540d\u79f0\u548c\u7ec4\u522b\u3001\u4e3b\u673a\u540d\u3001\u7528\u6237\u5de5\u4f5c\u76ee\u5f55\uff0c\u5e76\u6302\u8f7d\u4e86\u4e3b\u673a\u7684\u4e00\u4e9b\u76ee\u5f55\u3002\u6307\u5b9apasswd\u548cgroup\u6587\u4ef6\u7684\u53ea\u8bfb\u6302\u8f7d\u53ef\u4ee5\u907f\u514d\u2013user\u4f7f\u7528\u7528\u6237(\u7ec4)id\u8fdb\u884c\u65b0\u5efa\u5bb9\u5668\u65f6\u5f15\u53d1\u7684\u627e\u4e0d\u5230\u7528\u6237\u540d\u548c\u7ec4\u540d\u7684\u95ee\u9898\u3002\u5e76\u4e14\u907f\u514d\u4e86\u9ed8\u8ba4root\u7528\u6237\u5bfc\u81f4\u7684\u4e3b\u673a\u7aef\u65e0\u6cd5\u8bbf\u95ee\u5bb9\u5668\u65b0\u5efa\u6587\u4ef6\u7684\u95ee\u9898\u3002

\u6ce8\u610f\u8fd9\u6837\u521b\u5efa\u7684\u7528\u6237\u6ca1\u6709root\u6743\u9650\u3002\u5982\u679c\u9700\u8981\uff0c\u5219\u4e0d\u4f7f\u7528user\u53c2\u6570\uff0c\u4f46\u5b58\u5728\u5bb9\u5668\u521b\u5efa\u6587\u4ef6\u662froot\uff0c\u5bbf\u4e3b\u673a\u65e0\u6cd5\u4fee\u6539\u7684\u95ee\u9898\u3002

\u4e00\u4e2a\u4e0d\u592a\u806a\u660e\u7684\u89e3\u51b3\u65b9\u6cd5\u662fuser_id\u8bbe\u6210root\u76840\uff0cgroup_id\u8bbe\u6210\u666e\u901a\u7528\u6237\uff0c\u7136\u540e\u5728\u5bb9\u5668\u91cc\u7ed9root\u7684.bashrc\u52a0\u4e00\u884cumask 0002\u3002\u5c31\u662f\u8bf4\u8ba9\u7528\u6237\u7ec4\u4e5f\u80fd\u4fee\u6539\u6587\u4ef6\u4e86\u3002

\u4e00\u4e9b\u5176\u4ed6\u7684\u529e\u6cd5\uff1adocker exec -u\u597d\u50cf\u53ef\u4ee5\u6307\u5b9a\u542f\u52a8\u5bb9\u5668\u65f6\u7684\u7528\u6237\uff0c\u4e0d\u77e5\u9053\u6709\u4ec0\u4e48\u7528\uff0c\u53ef\u4ee5\u8bd5\u8bd5\uff1b\u6216\u8005root\u8fdb\u53bb\u4ee5\u540e\u628a\u666e\u901a\u7528\u6237\u52a0\u5230sudoers\u91cc

"},{"location":"docker/#\u65b0\u5bb9\u5668\u521d\u59cb\u5316","title":"\u65b0\u5bb9\u5668\u521d\u59cb\u5316","text":"

apt-get update\u66f4\u65b0\u4e00\u4e0blist\uff0c\u7136\u540e\u624d\u80fd\u4f7f\u7528apt-get\u4e0b\u8f7d\u5176\u4ed6\u5305\u3002\u4e00\u4e9b\u5e38\u7528\u7684\u5305\uff1aapt-get install build-essential

"},{"location":"docker/#\u9000\u51fa\u521d\u6b21\u521b\u5efa\u7684\u5bb9\u5668","title":"\u9000\u51fa\u521d\u6b21\u521b\u5efa\u7684\u5bb9\u5668","text":"

\u8fde\u6309Ctrl+P\u3001Ctrl+Q\u9000\u51fa\u5bb9\u5668\u3002\u5426\u5219\u7b80\u5355\u9000\u51fa\u540e\u5bb9\u5668\u5c31stop\u4e86\uff0c\u4e0b\u6b21exec\u7684\u65f6\u5019\u8fd8\u8981restart\uff0c\u751a\u81f3\u8fd8\u4f1a\u51fa\u73b0restart\u81ea\u52a8\u53c8stop\u7684\u60c5\u51b5

"},{"location":"docker/#\u8fdb\u5165\u5df2\u6709\u7684\u5bb9\u5668","title":"\u8fdb\u5165\u5df2\u6709\u7684\u5bb9\u5668","text":"
docker exec -it <\u5bb9\u5668id> /bin/bash\n

\u53ef\u4ee5Ctrl+D\u9000\u51fa

"},{"location":"envs/","title":"\u73af\u5883\u914d\u7f6e","text":"

\u7ea6 593 \u4e2a\u5b57 49 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 7 \u5206\u949f

\u7ecf\u5e38\u9047\u5230\u65b0\u7cfb\u7edf\u5feb\u901f\u914d\u7f6e\u7684\u73af\u5883\uff08wsl\u3001\u65b0\u670d\u52a1\u5668\uff09\uff0c\u7279\u6b64\u603b\u7ed3\u4e00\u4e0b

"},{"location":"envs/#ubuntu\u66f4\u65b0\u57fa\u672c\u73af\u5883","title":"Ubuntu\u66f4\u65b0\u57fa\u672c\u73af\u5883","text":"
sudo apt update\nsudo apt install curl build-essential gcc make -y\n
"},{"location":"envs/#\u5b89\u88c5docker","title":"\u5b89\u88c5docker","text":"

\u6309\u7167https://docs.docker.com/engine/install/ubuntu/\u7684\u8bf4\u660e\u5b89\u88c5\u5373\u53ef

\u4e5f\u53ef\u4ee5\u6309curl -fsSL https://get.docker.com -o get-docker.sh\u3001sudo sh get-docker.sh\u6765\u5b89\u88c5\u3002

"},{"location":"envs/#rust\u5b89\u88c5\u4e0e\u66f4\u65b0","title":"rust\u5b89\u88c5\u4e0e\u66f4\u65b0","text":"
curl --proto '=https' --tlsv1.3 -sSf https://sh.rustup.rs | sh\n
rustup update\n

\u56fd\u5185\u4f7f\u7528\u65f6crates.io\u53ef\u80fd\u767b\u4e0d\u4e0a\uff0c\u8bd5\u8bd5\u4fee\u6539\u5b89\u88c5\u76ee\u5f55\u4e0b\u7684config\u6587\u4ef6(\u6bd4\u5982$HOME/.cargo/config)

[source.crates-io]\nregistry = \"https://github.com/rust-lang/crates.io-index\"\n\n# \u66ff\u6362\u6210\u4f60\u504f\u597d\u7684\u955c\u50cf\u6e90\n#replace-with = 'sjtu'\n#replace-with = 'ustc'\n#replace-with = 'tuna'\n#replace-with = 'rustcc'\n\n# \u6e05\u534e\u5927\u5b66\n[source.tuna]\nregistry = \"https://mirrors.tuna.tsinghua.edu.cn/git/crates.io-index.git\"\n\n# \u4e2d\u56fd\u79d1\u5b66\u6280\u672f\u5927\u5b66\n[source.ustc]\nregistry = \"git://mirrors.ustc.edu.cn/crates.io-index\"\n\n# \u4e0a\u6d77\u4ea4\u901a\u5927\u5b66\n[source.sjtu]\nregistry = \"https://mirrors.sjtug.sjtu.edu.cn/git/crates.io-index\"\n\n# rustcc\u793e\u533a\n[source.rustcc]\nregistry = \"git://crates.rustcc.cn/crates.io-index\"\n\n[source.rustcchttp]\nregistry = \"https://code.aliyun.com/rustcc/crates.io-index.git\"\n
"},{"location":"envs/#\u8bbe\u7f6egolang\u4ee3\u7406","title":"\u8bbe\u7f6egolang\u4ee3\u7406","text":"
go env -w  GOPROXY=https://goproxy.cn\n
"},{"location":"envs/#\u5b89\u88c5ohmyzsh","title":"\u5b89\u88c5ohmyzsh","text":"
sudo apt install zsh\n

curl\u548cwget\u4e8c\u9009\u4e00

sh -c \"$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)\"\n
sh -c \"$(wget https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh -O -)\"\n

\u4e2a\u4eba\u89c9\u5f97jonathan\u7684\u4e3b\u9898\u6bd4\u8f83\u597d\u770b\uff0c\u53ef\u4ee5\u914d\u7f6e\u4e0b~/.zshrc\u7684ZSH_THEME\u3002

"},{"location":"envs/#git\u8bbe\u7f6e\u5168\u5c40\u4ee3\u7406","title":"git\u8bbe\u7f6e\u5168\u5c40\u4ee3\u7406","text":"

\u9700\u8981\u6839\u636e\u672c\u5730\u5b9e\u9645\u7684\u60c5\u51b5\u4fee\u6539\u76ee\u6807ip\u548c\u7aef\u53e3

git config --global http.https://github.com.proxy http://xxx.xxx.xxx.xxx:xxx\n
"},{"location":"envs/#perf-\u5b89\u88c5ubuntu","title":"perf \u5b89\u88c5(ubuntu)","text":"
sudo apt-get install linux-tools-`uname -r`\n
"},{"location":"envs/#\u9009\u62e9ssh\u5bc6\u94a5","title":"\u9009\u62e9ssh\u5bc6\u94a5","text":"

\u4f1a\u5728\u5f53\u524dterminal\u521b\u5efa\u4e00\u4e2aagent\uff0c\u540e\u7eed\u9ed8\u8ba4\u4f7f\u7528\u8fd9\u4e2aagent\u8fdb\u884cssh\u64cd\u4f5c\u3002\u5bf9\u4e8e\u6709\u5bc6\u7801\u7684\u79c1\u94a5\u6216\u8005\u81ea\u5b9a\u4e49\u547d\u540d\u79c1\u94a5\u6765\u8bf4\u6bd4\u8f83\u597d\u7528\u3002

evel `ssh-agent`\nssh-add <\u79c1\u94a5\u6587\u4ef6>\n
"},{"location":"envs/#windows\u4e0b\u5b89\u88c5make","title":"Windows\u4e0b\u5b89\u88c5make","text":"

\u4f7f\u7528chocolatey\u5305\u7ba1\u7406\u5668\u3002\u6309https://chocolatey.org/install#individual\u7684\u8bf4\u660e\u5373\u53ef\uff0c\u6700\u540echoco install make

"},{"location":"envs/#\u66f4\u6539wsl2\u955c\u50cf\u4f4d\u7f6e","title":"\u66f4\u6539WSL2\u955c\u50cf\u4f4d\u7f6e","text":""},{"location":"envs/#nodejs\u914d\u7f6e","title":"nodejs\u914d\u7f6e","text":"

\u4e0b\u8f7dhttps://nodejs.org/en/download/

npm\u8bbe\u7f6e\u56fd\u5185\u6e90\uff1a npm config set registry=\"http://r.cnpmjs.org\"

"},{"location":"envs/#\u5feb\u901f\u90e8\u7f72\u53d1\u5e03vue\u7ad9\u70b9","title":"\u5feb\u901f\u90e8\u7f72\u53d1\u5e03vue\u7ad9\u70b9","text":"

\u5728\u8981\u4fdd\u5b58\u9879\u76ee\u76ee\u5f55\u7684\u76ee\u5f55\u91cc\uff0c\u8fd0\u884cnpm create vue@latest\uff0c\u968f\u540e\u4f1a\u5f15\u5bfc\u521b\u5efa\u9879\u76ee\u540d\u7b49\u3002\u8fdb\u5165\u9879\u76ee\u540e\uff0c\u5148npm install\uff0c\u7136\u540e\u53ef\u4ee5\u4f7f\u7528npm run dev\u548cnpm run build\u6765\u751f\u6210\u7f51\u7ad9\u3002

\u4f7f\u7528docker pull nginx\u76f4\u63a5\u62c9\u53d6\u65b0\u7684nginx\u955c\u50cf\uff0c\u7136\u540edocker run -itd --name=<\u5bb9\u5668\u540d\u5b57> -p 4000:80 -v /vue\u9879\u76ee\u8def\u5f84/dist:/usr/share/nginx/html nginx\u6765\u76f4\u63a5\u63d0\u4f9b\u7f51\u7ad9\u670d\u52a1\u3002\u6ce8\u610f\u8fd9\u91cc\u662f\u5c06\u4e3b\u673a4000\u7aef\u53e3\u6620\u5c04\u523080\u7aef\u53e3\uff0c\u540c\u65f6\u5c06npm run build\u751f\u6210\u7684\u7f51\u7ad9\u6302\u8f7d\u5230nginx\u7684\u9ed8\u8ba4\u7ad9\u70b9\u76ee\u5f55\u4e2d\uff08nginx\u7248\u672c1.25\uff09\u3002

\u53ef\u4ee5\u5728\u5916\u90e8\u8bbf\u95ee\u4e00\u4e0b\uff0c\u5982\u679c\u770b\u5230\u7684\u7f51\u7ad9\u662fnginx\u9ed8\u8ba4\u9875\u9762\uff0c\u53ef\u4ee5docker exec\u5230nginx\u5bb9\u5668\u91cc\u68c0\u67e5\u4e0b/etc/nginx/conf.d/default.conf\uff08\u6216\u76f8\u4f3c\u7684\u5176\u4ed6conf\u8def\u5f84\uff0c\u6839\u636enginx\u7248\u672c\u6709\u6240\u533a\u522b\uff09\uff0c\u770b\u770broot\u5230\u5e95\u662f\u7528\u54ea\u4e2a\u76ee\u5f55\u4f5c\u4e3a\u7ad9\u70b9\u7684\u3002

"},{"location":"envs/#\u5b89\u88c5chrome\u6d4f\u89c8\u5668","title":"\u5b89\u88c5Chrome\u6d4f\u89c8\u5668","text":"

\u6709\u65f6\u5019\u9700\u8981\u7528ssh\u7684X11 Forward\u529f\u80fd\uff0c\u8fde\u63a5\u670d\u52a1\u5668\u4e0a\u7684\u6d4f\u89c8\u5668\u3002

wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -\n\necho 'deb http://dl.google.com/linux/chrome/deb/ stable main' >>   /etc/apt/sources.list\nsudo apt-get update \nsudo apt-get install google-chrome-stable\n

\u5b89\u88c5\u597d\u540e\uff0c\u7528\u975eroot\u7528\u6237\uff0cssh -X\u8fde\u63a5\u670d\u52a1\u5668\uff0c\u518d\u8fd0\u884cchrome-google\u5373\u53ef\u6253\u5f00\u6d4f\u89c8\u5668\u3002

"},{"location":"envs/#\u5b89\u88c5\u7b80\u4e2d\u5b57\u4f53","title":"\u5b89\u88c5\u7b80\u4e2d\u5b57\u4f53","text":"
apt install ttf-wqy-zenhei\napt install fonts-wqy-microhei # \u5b89\u88c5\u4e00\u4e2a\u5c31\u884c\nfc-cache # \u5237\u65b0\u7f13\u5b58\nfc-list # \u68c0\u67e5\u5217\u8868\n
"},{"location":"envs/#\u53c2\u8003\u6587\u7ae0","title":"\u53c2\u8003\u6587\u7ae0","text":""},{"location":"fuzzing/","title":"\u6a21\u7cca\u6d4b\u8bd5\u57fa\u672c\u4ecb\u7ecd","text":"

\u7ea6 1699 \u4e2a\u5b57 2 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 6 \u5206\u949f

\u8986\u76d6\u7387\u6307\u5f15\u7684\u6a21\u7cca\u6d4b\u8bd5\u65b9\u6cd5\u83b7\u5f97\u8986\u76d6\u7387\u7684\u56db\u79cd\u8ffd\u8e2a\u65b9\u5f0f1\uff1a

  1. \u4f7f\u7528\u7f16\u8bd1\u5668\u5411\u57fa\u672c\u5757\u8fb9\u7f18\u63d2\u6869\uff0c\u53ef\u4ee5\u51c6\u786e\u5730\u63d2\u6869\u5e76\u6613\u4e8e\u4f18\u5316\uff0c\u4f46\u9700\u8981\u6e90\u7801\u5df2\u77e5\u3002
  2. \u9759\u6001\u4e8c\u8fdb\u5236\u91cd\u5199\uff0c\u4e0d\u9700\u8981\u6e90\u7801\uff0c\u4ecd\u5728\u7814\u7a76\uff0c\u56e0\u4e3a\u9759\u6001\u4ee3\u7801\u63d2\u6869\u51c6\u786e\u6027\u96be\u4ee5\u4fdd\u8bc1\uff0c\u5e76\u4e14\u4f18\u5316\u80fd\u529b\u6709\u9650\u3002\u8fd9\u4e9b\u9650\u5236\u6761\u4ef6\u4f1a\u5f71\u54cd\u4ee3\u7801\u7387\u4fe1\u606f\u7684\u8d28\u91cf\u4e0e\u51c6\u786e\u6027\uff0c\u4ee5\u53ca\u4e8c\u8fdb\u5236\u91cd\u5199\u7684\u8868\u73b0\u3002
  3. \u52a8\u6001\u4e8c\u8fdb\u5236\u63d2\u6869\uff0c\u4e0d\u9700\u8981\u6e90\u7801\uff0c\u53ef\u4ee5\u5bb9\u6613\u3001\u51c6\u786e\u63d2\u5165\u4ee3\u7801\uff0c\u4f46\u662f\u52a8\u6001\u7ffb\u8bd1\u4e8c\u8fdb\u5236\u7684\u5f00\u9500\u53ef\u80fd\u5927\u5230\u4e0d\u80fd\u63a5\u53d7\u3002
  4. \u786c\u4ef6\u8f85\u52a9\u8ffd\u8e2a\uff0c\u4e0d\u9700\u8981\u6e90\u7801\uff0c\u5229\u7528\u5185\u7f6e\u7684\u786c\u4ef6\u8ffd\u8e2a\u6269\u5c55\uff0c\u5728\u8fd0\u884c\u65f6\u76f4\u63a5\u83b7\u53d6\u63a7\u5236\u6267\u884c\u6d41\u4fe1\u606f\u3002

\u4fb5\u5165\u5f0f\u4e0e\u975e\u4fb5\u5165\u5f0f\u8ffd\u8e2a2\uff1a

Traces can be generated by trace code that is executed within tasks and/or interrupt service routines, just like application code that is executed on the same CPU. This is the most flexible approach, as both the content and the amount of trace information output can be defined in software. However, this tracing method comes with a significant drawback: It uses resources that are shared with the application software, hence tracing may significantly reduce the amount of memory available for the applications, increase the gross execution times of the applications and, in the case of real-time systems, impair functionality. This is why it is called intrusive tracing.

The most common case is that adding trace code is detrimental to the functionality of the applications in real-time systems because the resource requirements for intrusive tracing have been underestimated in the early stages of the project, such that tracing would eventually eat up resources that are required by the application. Therefore, the resource requirements for tracing must be properly considered throughout the whole development lifecycle. Removing trace code from real-time systems may also cause functional issues, typically just before the final production software release. This is the worst case, as trace information is no longer available in this scenario.

Non-intrusive tracing does not change the intrinsic timing behavior of the system under test. This approach simplifies the software development process a lot and requires dedicated hardware support for tracing. External trace probes connected to the target system, in conjunction with on-chip debug modules, capture code execution on instruction level, memory accesses and other events on the target processor. This approach is the best option when it comes to debugging the code execution down to the instruction level. The PCB design of the device under test must provide the connectors required by the external probe.

Another option for non-intrusive tracing is on-chip tracing, where most of the trace hardware is packed into the same chip that also contains the CPU that executes the application code. Non-intrusive tracing can, however, be restricted by limitations of the respective trace module or probe, such as buffer sizes, bus bandwidth or the size of an external probe.

Due to cost savings (no expensive third-party trace hardware required), reduced footprint (very small connectors instead of larger probe connectors), and limited trace bandwidth requirements, the on-chip tracing method is the preferred approach for generating the trace data required for in-depth timing analysis on task, runnable and ISR level. On-chip tracing is a suitable tracing method for devices under test with form factors very close to the final volume production devices.

"},{"location":"fuzzing/#\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5","title":"\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5","text":"

\u7f51\u7edc\u534f\u8bae\u7684\u7279\u70b9\u662f\u4e00\u822c\u6709\u660e\u786e\u7684\u72b6\u6001\u4fe1\u606f\uff0c\u76f8\u540c\u7684input\u5728\u4e0d\u540c\u7684\u72b6\u6001\u53ef\u80fd\u5f97\u5230\u4e0d\u540c\u7684output\u3002\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5\u4e00\u822c\u5177\u6709stateful\u7684\u7279\u70b9\u3002\u8fd9\u7c7b\u6a21\u7cca\u6d4b\u8bd5\u6709\u51e0\u4e2a\u96be\u70b9\uff1a 1. \u751f\u6210\u683c\u5f0f\u6b63\u786e\u7684\u4fe1\u606f\uff0c\u6ee1\u8db3\u5bf9\u7279\u5b9a\u72b6\u6001\u7684fuzz 2. \u6269\u5c55\u5230\u4e0d\u540c\u7684\u534f\u8bae\u4e2d 3. \u6d4b\u8bd5\u6837\u4f8b\u6709\u6548\u6027\uff0c\u9700\u8981\u901a\u8fc7\u683c\u5f0f\u6821\u9a8c\u6bd4\u5982\u957f\u5ea6\u3001\u534f\u8bae\u8ba4\u8bc1\u3001\u6821\u9a8c\u548c\u7b49

"},{"location":"fuzzing/#aflnet","title":"AFLNET","text":"

\u9996\u6b21\u63d0\u51fa\u9488\u5bf9\u6709\u72b6\u6001\u534f\u8bae\u7684\u7070\u76d2\u6a21\u7cca\u6d4b\u8bd5\u3002AFLNET\u4ece\u54cd\u5e94\u4fe1\u606f\u4e2d\u63d0\u53d6\u54cd\u5e94\u7801\u6765\u8868\u793a\u72b6\u6001\u4fe1\u606f\uff0c\u5e76\u7528\u54cd\u5e94\u7801\u5e8f\u5217\u6765\u63a8\u65ad\u534f\u8bae\u5b9e\u73b0\u7684\u72b6\u6001\u6a21\u578b\uff0c\u5e76\u8fdb\u4e00\u6b65\u4f7f\u7528\u8fd9\u4e00\u6a21\u578b\u6765\u6307\u5bfcfuzz\u3002

\u4e00\u4e9b\u4e0d\u8db3\uff1a 1. \u72b6\u6001\u8868\u793a\u80fd\u529b\uff1aAFLNET\u8981\u6c42\u54cd\u5e94\u4fe1\u606f\u4e2d\u5305\u542b\u72b6\u6001\u7801\uff0c\u8fd9\u5e76\u4e0d\u662f\u534f\u8bae\u5fc5\u987b\u5b9e\u73b0\u7684\u3002\u800c\u4e14\u72b6\u6001\u7801\u8868\u793a\u80fd\u529b\u6709\u9650\uff0c\u4e14\u53ef\u80fd\u4ea7\u751f\u5197\u4f59\u72b6\u6001\u3002 2. \u6d4b\u8bd5\u6548\u7387\uff1a\u6ca1\u6709\u660e\u786e\u7684\u4fe1\u53f7\u53cd\u6620\u5f85\u6d4b\u7a0b\u5e8f\u662f\u5426\u5904\u7406\u5b8c\u6d88\u606f\uff0c\u56e0\u6b64\u8bbe\u7f6e\u56fa\u5b9a\u7684\u8ba1\u65f6\u5668\u6765\u63a7\u5236\u6d88\u606f\u53d1\u9001\uff0c\u65f6\u95f4\u7a97\u53e3\u53ef\u80fd\u8fc7\u5c0f\u6216\u8fc7\u5927\u3002

"},{"location":"fuzzing/#stateafl","title":"STATEAFL","text":"

\u4f7f\u7528\u7a0b\u5e8f\u5185\u5b58\u72b6\u6001\u6765\u8868\u793a\u670d\u52a1\u72b6\u6001\uff0c\u901a\u8fc7\u5bf9\u88ab\u6d4b\u7a0b\u5e8f\u63d2\u6869\u6765\u6536\u96c6\u72b6\u6001\u4fe1\u606f\u5e76\u63a8\u6d4b\u72b6\u6001\u6a21\u578b\u3002\u5728\u6bcf\u4e00\u8f6e\u7f51\u7edc\u4ea4\u4e92\u4e2d\uff0cSTATEAFL\u5c06\u7a0b\u5e8f\u53d8\u91cf\u503c\u8f6c\u50a8\u7ed9\u5206\u6790\u961f\u5217\uff0c\u5e76\u8fdb\u884cpost-execution\u7684\u5206\u6790\uff0c\u6765\u66f4\u65b0\u72b6\u6001\u6a21\u578b\u3002

\u4e00\u4e9b\u4e0d\u8db3\uff1a 1. \u9762\u5bf9\u548cAFLNET\u76f8\u540c\u7684\u6d4b\u8bd5\u6548\u7387\u95ee\u9898\uff0c\u800c\u4e14\u56e0\u4e3a\u540e\u6267\u884c\u5206\u6790\uff0c\u4ea7\u751f\u989d\u5916\u7684\u5f00\u9500\uff0c\u4f1a\u964d\u4f4e\u6d4b\u8bd5\u541e\u5410\u91cf\u3002

"},{"location":"fuzzing/#nsfuzz","title":"NSFuzz","text":"

\u4f7f\u7528\u57fa\u4e8e\u53d8\u91cf\u7684\u72b6\u6001\u8868\u793a\u65b9\u6cd5\u63a8\u65ad\u72b6\u6001\u6a21\u578b\u6765\u6307\u5bfc\u6a21\u7cca\u6d4b\u8bd5\uff0c\u4f7f\u7528\u57fa\u4e8e\u7f51\u7edc\u4e8b\u4ef6\u5faa\u73af\u7684\u540c\u6b65\u673a\u5236\u6765\u63d0\u9ad8\u541e\u5410\u91cf\u3002

\u542f\u53d1\u5f0f\u7684\u53d8\u91cf\u5224\u65ad\u65b9\u6cd5\uff1a\u9759\u6001\u5206\u6790\u4e2d\u53ea\u5728\u4e8b\u4ef6\u5faa\u73af\u4ee3\u7801\u4e2d\u5206\u8fa8\u72b6\u6001\u53d8\u91cf\uff0c\u4e14\u5173\u6ce8\u88ab\u8bfb\u4e0e\u5199\u3001\u88ab\u8d4b\u4e88\u679a\u4e3e\u7c7b\u578b\u7684\u6570\u636e\u6216\u662f\u6570\u636e\u7ed3\u6784\u4f53\u91cc\u7684\u6574\u578b\u6210\u5458\u3002

\u8868\u793a\u72b6\u6001\u7684\u65b9\u6cd5\uff1a\u4f7f\u7528\u4e24\u6761\u8bed\u53e5\u7ef4\u62a4shared_state\u6570\u7ec4\uff0c\u5f53\u72b6\u6001\u53d8\u91cf\u503c\u88ab\u66f4\u65b0\u65f6\u540c\u6b65\u66f4\u65b0shared_state\uff1b\u5f53fuzzer\u5728\u901a\u4fe1\u7ba1\u9053\u6536\u5230\u6d88\u606f\u5904\u7406\u7ed3\u679c\u65f6\uff0c\u5bf9\u8fd9\u4e2a\u6570\u7ec4\u8fdb\u884chash\uff0c\u4f5c\u4e3a\u5f53\u524d\u7a0b\u5e8f\u6240\u5904\u7684state\u3002

shared_state[hash(var_id) ^ cur_store_val] = 1;\nshared_state[hash(var_id) ^ pre_store_val] = 0;\n
"},{"location":"fuzzing/#iothunter","title":"IoTHunter","text":"

\u63d0\u51fa\u591a\u9636\u6bb5\u4fe1\u606f\u751f\u6210\u65b9\u6cd5\u6765\u5bf9IoT\u56fa\u4ef6\u4e2d\u7684\u6709\u72b6\u6001\u7f51\u7edc\u534f\u8bae\u8fdb\u884cfuzz\u3002\u5206\u4e3a\u5bf9\u5df2\u77e5\u72b6\u6001\u7684\u6a21\u7cca\u6d4b\u8bd5\u4e0e\u672a\u77e5\u72b6\u6001\u7684\u63a2\u7d22\u3002\u57fa\u4e8e\u6574\u6570\u53d8\u5f02\u7684\u65b9\u6cd5\u6539\u53d8\u5305\u7c7b\u578b\uff0c\u5e76\u5bf9\u5305\u683c\u5f0f\uff08\u6bd4\u5982\u957f\u5ea6\u3001\u6821\u9a8c\u548c\uff09\u505a\u68c0\u67e5\u7b49\u3002

"},{"location":"fuzzing/#\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5","title":"\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5","text":"

\u63a7\u5236\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5\u4fa7\u91cd\u7a0b\u5e8f\u64cd\u4f5c\u7684\u6267\u884c\u987a\u5e8f\uff08\u6bd4\u5982\u5206\u652f\u4e0e\u5faa\u73af\uff09\uff0c\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5\u4fa7\u91cd\u53d8\u91cf\u5982\u4f55\u5b9a\u4e49\u4e0e\u4f7f\u7528\u3002\u53d8\u91cf\u7684\u5b9a\u4e49\u4e0e\u4f7f\u7528\u4f4d\u7f6e\u53ef\u4ee5\u4e0d\u5b58\u5728\u63a7\u5236\u4e0a\u7684\u4f9d\u8d56\u5173\u7cfb\u3002\u5728\u6a21\u7cca\u6d4b\u8bd5\u4e2d\uff0c\u6570\u636e\u6d41\u4e3b\u8981\u4f7f\u7528\u52a8\u6001\u6c61\u70b9\u5206\u6790\uff08DTA\uff09\u6280\u672f\uff0c\u5373\u5c06\u76ee\u6807\u7a0b\u5e8f\u7684\u8f93\u5165\u6570\u636e\u5728\u5b9a\u4e49\u5904\u89c6\u4e3a\u6c61\u70b9\uff0c\u5e76\u5728\u8fd0\u884c\u65f6\u8ffd\u8e2a\u5b83\u662f\u5982\u4f55\u88ab\u8bbf\u95ee\u4e0e\u4f7f\u7528\u7684\u3002

\u5728\u5b9e\u8df5\u4e2d\uff0c\u96be\u4ee5\u505a\u5230\u51c6\u786e\u7684DTA\uff0c\u5f00\u9500\u4f1a\u5f88\u5927\u3002\u5e76\u4e14\u90e8\u5206\u771f\u5b9e\u7a0b\u5e8f\u65e0\u6cd5\u5728\u5e94\u7528DTA\u6280\u672f\u7684\u60c5\u51b5\u4e0b\u6210\u529f\u7f16\u8bd1\u3002\u56e0\u6b64\u5927\u90e8\u5206\u7070\u76d2\u6a21\u7cca\u6d4b\u8bd5\u4e0d\u4f7f\u7528DTA\uff0c\u4ee5\u671f\u83b7\u5f97\u66f4\u9ad8\u7684\u541e\u5410\u91cf\u3002

\u6709\u4e00\u4e9b\u8f7b\u91cf\u7ea7\u7684DTA\u4ee3\u66ff\u65b9\u6848\uff08\u6bd4\u5982REDQUEUE\u3001GREYONE\uff09\uff0c\u800c\u57fa\u4e8e\u63a7\u5236\u6d41\u4e0e\u6570\u636e\u6d41\u7684\u6a21\u7cca\u6d4b\u8bd5\u5668\u7684\u8986\u76d6\u7387\u6307\u6807\u8fd8\u6ca1\u6709\u88ab\u5b8c\u5168\u63a2\u7d22\u3002

"},{"location":"fuzzing/#dataflow","title":"DATAFLOW","text":"

\u6e90\u7801

\u5728\u7a0b\u5e8f\u6267\u884c\u65f6\u5e76\u884c\u4f7f\u7528\u6570\u636e\u6d41\u5206\u6790\u6765\u6307\u5bfc\u6a21\u7cca\u6d4b\u8bd5\uff0c\u4f7f\u7528\u4e0d\u7cbe\u786e\u7684\u63a8\u65ad\u6765\u964d\u4f4e\u5f00\u9500\u5e76\u63d0\u9ad8\u541e\u5410\u91cf\u3002\u5bf9\u6570\u636e\u6d41\u6709\u6548\u6027\u8fdb\u884c\u4e86\u7b80\u5355\u7684\u8bc4\u4f30\uff0c\u8ba4\u4e3a\u5bf9\u5927\u90e8\u5206\u6d4b\u8bd5\u76ee\u6807\u800c\u8a00\uff0c\u6570\u636e\u6d41\u5e76\u4e0d\u6bd4\u63a7\u5236\u6d41\u4f18\u8d8a\uff0c\u4f46\u662f\u5728\u90e8\u5206\u7279\u5b9a\u573a\u666f\uff08\u6bd4\u5982\u63a7\u5236\u6d41\u548c\u8bed\u4e49\u89e3\u8026\uff0c\u5982parser\uff09\u4e0b\uff0c\u6570\u636e\u6d41\u53ef\u80fd\u4f1a\u6709\u7528\u3002

  1. FUZZING WITH PERFORMANCE MONITORING AND TRACING HARDWARE \u21a9

  2. Intrusive v.s. non-intrusive tracing \u21a9

"},{"location":"git/","title":"Git\u5b66\u4e60\u7b14\u8bb0","text":"

\u7ea6 1937 \u4e2a\u5b57 3 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 7 \u5206\u949f

"},{"location":"git/#\u5c06\u672c\u5730\u5df2\u6709\u4ed3\u5e93\u63a8\u9001\u81f3github\u7684\u65b0\u5efa\u4ed3\u5e93\u4e2d","title":"\u5c06\u672c\u5730\u5df2\u6709\u4ed3\u5e93\u63a8\u9001\u81f3Github\u7684\u65b0\u5efa\u4ed3\u5e93\u4e2d","text":"

\u9ed8\u8ba4\u4ee5\u4e0b\u6761\u4ef6\u5747\u6210\u7acb\uff1a

  1. \u8fdb\u5165\u672c\u5730git\u4ed3\u5e93\uff0c\u4f7f\u7528git remote add origin git@github.com:xxx(\u4ed3\u5e93\u7f51\u7ad9\u6bd4\u5982github\u63d0\u4f9b\u7684ssh\u5730\u5740)
  2. \u4f7f\u7528git push -u origin master\u5411\u8fdc\u7a0b\u4ed3\u5e93\u63d0\u4ea4\u4ee3\u7801\uff08\u540e\u6765\u542c\u8bf4github\u9ed8\u8ba4\u540d\u6539\u6210main\u4e86\uff1f\uff09

\u5f3a\u5236\u63a8\u9001\u53ef\u4ee5\u518d\u52a0\u4e2a--force\u53c2\u6570

"},{"location":"git/#\u6dfb\u52a0gitignore\u6587\u4ef6\u4ee5\u4e0d\u8ffd\u8e2a\u6587\u4ef6","title":"\u6dfb\u52a0.gitignore\u6587\u4ef6\u4ee5\u4e0d\u8ffd\u8e2a\u6587\u4ef6","text":"

\u521d\u6b21\u5411github\u63d0\u4ea4\u4ee3\u7801\u524d\uff0c\u5728\u672c\u5730\u5de5\u4f5c\u76ee\u5f55\u4e0b\u521b\u5efa.gitignore\u6587\u4ef6\uff0c\u91cc\u9762\u76f4\u63a5\u5199\u4e0a\u4e0d\u60f3\u8ffd\u8e2a\u7684\u6587\u4ef6\u540d\u548c\u6587\u4ef6\u5939\u540d\u5373\u53ef\u3002\uff08\u6587\u4ef6\u540d\u4e0d\u9700\u8981\u8865\u5168\u8def\u5f84\uff09

"},{"location":"git/#\u64a4\u56deadd","title":"\u64a4\u56deadd","text":"

\u4f7f\u7528git add .\u53ef\u4ee5\u76f4\u63a5\u628a\u5f53\u524d\u76ee\u5f55\u90fdadd\u8fdb\u6682\u5b58\u533a\uff0c\u5bf9\u4e8e\u4e0d\u614e\u6dfb\u52a0\u7684\u5185\u5bb9\u53ef\u4ee5\u4f7f\u7528git rm --cached <file>\u6765\u64a4\u56deadd\u3002\u53ef\u4ee5\u4f7f\u7528git rm -r --cached .\u6765\u64a4\u56degit add . \u3002\uff08\u4f7f\u7528git status\u53ef\u4ee5\u67e5\u770b\u6682\u5b58\u533a\uff0c\u91cc\u9762\u4e5f\u6709\u63d0\u793a\u600e\u4e48\u64a4\u56de\uff09

"},{"location":"git/#\u914d\u7f6egit\u8d26\u53f7\u5e76\u52a0\u5165github\u9879\u76ee","title":"\u914d\u7f6egit\u8d26\u53f7\u5e76\u52a0\u5165github\u9879\u76ee","text":"
  1. \u4f7f\u7528git config --global user.name \"<yourname>\"\u8bbe\u7f6e\u7528\u6237\u540d
  2. \u4f7f\u7528git config --global user.email \"<email>\"\u8bbe\u7f6e\u90ae\u7bb1
  3. \u4f7f\u7528ssh-keygen -t rsa -C \"<comments>\"\u751f\u6210\u5bc6\u94a5\u5bf9\uff0c\u7136\u540e\u4e00\u8def\u56de\u8f66\u76f4\u5230\u751f\u6210\u7ed3\u675f\uff08\u4e5f\u53ef\u4ee5\u63d0\u793a\u6dfb\u52a0passwd phrase\uff0c\u8fd9\u6837\u7684\u8bdd\u5982\u679c\u4f7f\u7528ssh-add\u6dfb\u52a0\u65f6\u4f1a\u8981\u6c42\u8f93\u5165\u8fd9\u4e2a\u5bc6\u7801\u9632\u6b62\u88ab\u522b\u4eba\u6ee5\u7528\u3002\u6ce8\u610f\u76f8\u540c\u7684passwd phrase\u4e0d\u4f1a\u751f\u6210\u76f8\u540c\u7684\u5bc6\u94a5\u5bf9\uff09
  4. \u5728\u4e0a\u4e00\u6b65\u8fc7\u7a0b\u4e2d\u9ed8\u8ba4\u7684\u8def\u5f84\uff08\u6bd4\u5982~/.ssh\uff09\u627e\u5230id_rsa.pub\u6587\u4ef6\uff0c\u62f7\u8d1d\u5176\u5168\u90e8\u5185\u5bb9
  5. \u6253\u5f00github\uff0c\u53f3\u4e0a\u89d2\u5934\u50cf\uff0csettings\uff0c\u5de6\u4fa7\u7684SSH and GPG keys\uff0c\u7136\u540e\u7ed9SSH\u6dfb\u52a0\u8fd9\u4e2a\u516c\u94a5\u5373\u53ef

ed25519\u4f3c\u4e4e\u6bd4\u9ed8\u8ba4\u7684rsa\u66f4\u5b89\u5168\u3001\u8ba1\u7b97\u66f4\u5feb\u3001\u5bc6\u94a5\u66f4\u77ed\uff0c\u53ef\u4ee5\u4f7f\u7528

\u6709\u65f6\u9700\u8981\u6307\u5b9a\u5bc6\u94a5\uff0c\u6bd4\u5982\u4e0d\u4f7f\u7528\u9ed8\u8ba4\u7684\u5bc6\u94a5\u6587\u4ef6\u540d\u3002\u6b64\u65f6\u53ef\u4ee5\u5148eval $(ssh-agent -s)\u542f\u7528agent\uff0c\u7136\u540essh-add <private keyfile> \u6765\u6dfb\u52a0\u5bc6\u94a5\u3002ssh-add -l\u53ef\u4ee5\u67e5\u770b\u6dfb\u52a0\u7684\u5bc6\u94a5\u3002

\u6216\u8005\u53ef\u4ee5\u628a\u5bc6\u94a5\u5728~/.ssh/config\u6587\u4ef6\u91cc\u6307\u5b9a\u4e00\u4e0b\uff0c\u5c31\u53ef\u4ee5\u7701\u53bbssh-agent\u7684\u64cd\u4f5c\uff0c\u6bd4\u5982

Host github.com\n    HostName github.com\n    IdentityFile ~/.ssh/id_ed25519_user_github\n

\u6709\u7684\u65f6\u5019git\u8fdb\u884cpush\u5230\u79c1\u4ed3\u65f6\u4f1a\u51fa\u73b0\u5361\u673a\u7684\u95ee\u9898\uff0c\u4e0d\u786e\u5b9a\u662f\u4ec0\u4e48\u539f\u56e0\uff0c\u5982\u679cremote repo\u4f7f\u7528\u7684\u662fgit@xxx\u7684url\u7684\u8bdd\uff0c\u53ef\u4ee5\u8bd5\u8bd5\u6539\u6210https\u7684\u94fe\u63a5\uff1b\u8fd8\u4e0d\u884c\u7684\u8bdd\u53ef\u4ee5\u8bd5\u8bd5git config\u7684proxy\uff0c\u8bbe\u7f6e\u6216\u6e05\u7a7a\u3002

"},{"location":"git/#\u653e\u5f03\u5bf9\u6587\u4ef6\u7684\u8ddf\u8e2a","title":"\u653e\u5f03\u5bf9\u6587\u4ef6\u7684\u8ddf\u8e2a","text":"

\u4e0e\u4ed6\u4eba\u5408\u4f5c\u9879\u76ee\u65f6\uff0c\u6709\u65f6\u9700\u8981\u505a\u4e00\u4e9b\u672c\u5730\u9002\u914d\uff0c\u4f46\u662f\u4e0d\u60f3\u59a8\u788d\u5176\u4ed6\u4eba\uff0c\u53ef\u4ee5\u6dfb\u52a0\u5230.gitignore\u3002\u4f46\u5bf9\u4e8e\u5df2\u7ecf\u5904\u4e8e\u8ddf\u8e2a\u72b6\u6001\u7684\u6587\u4ef6\u6765\u8bf4\u540e\u6dfb\u8fdb.gitignore\u662f\u65e0\u6548\u7684\u3002\u56e0\u6b64\u53ef\u4ee5\u5148\u5c06\u6587\u4ef6\u79fb\u51fa\u8ddf\u8e2a\u6001\uff0c\u7136\u540e\u518d\u52a0\u8fdb.gitignore\u91cc\u3002\u5982\u4e0b\uff1agit rm -r --cached <file/dir>\u5176\u4e2d-r\u8868\u793a\u9012\u5f52\u3002\u4e5f\u53ef\u4ee5\u52a0-n\u8868\u793a\u4f2a\u653e\u5f03\u8ddf\u8e2a\uff08\u7528\u4e8e\u9884\u89c8\u4f1a\u653e\u5f03\u5bf9\u54ea\u4e9b\u6587\u4ef6\u7684\u8ffd\u8e2a\uff09

"},{"location":"git/#\u66f4\u6362\u8fdc\u7a0b\u4ed3\u5e93","title":"\u66f4\u6362\u8fdc\u7a0b\u4ed3\u5e93","text":"

\u6709\u7684\u65f6\u5019\u4ece\u5b98\u65b9\u4ed3\u5e93git clone\u4e0b\u4ee3\u7801\uff0c\u672c\u5730\u62f7\u8d1d\u4e00\u4efd\u3001\u5404\u79cd\u9b54\u6539\u5e76\u4e0a\u4f20\u5230\u81ea\u5df1\u7684\u79c1\u4ed3\u3002\u53c8\u7531\u4e8ewindows\u3001linux\u73af\u5883\u4e0d\u540c\uff0c\u60f3\u628a\u539f\u6765\u7684\u4ee3\u7801\u66f4\u65b0\u6210\u81ea\u5df1\u7684\u79c1\u4ed3\uff0c\u6240\u4ee5\u9700\u8981\u6362\u4e00\u4e0b\u8fdc\u7a0b\u4ed3\u5e93\u3002

  1. \u9996\u5148\u53d6\u6d88\u539f\u6765\u7684\u8fdc\u7a0b\u5206\u652f\u8ddf\u8e2agit remote rm <remote repo name>
  2. \u7136\u540e\u6dfb\u52a0\u81ea\u5df1\u7684\u4ed3\u5e93\u4f5c\u4e3a\u8fdc\u7a0bgit remote add <remote repo name> <repo url>

\u597d\u50cf\u4e5f\u53ef\u4ee5\u76f4\u63a5\u66f4\u6362\u8fdc\u7a0b\u4ed3\u5e93\uff1agit remote set-url <remote repro name> <repo url>

\u8fd9\u91cc\u7684<remote repo name>\u662f\u81ea\u5df1\u53d6\u7684\u4ed3\u5e93\u540d\uff0c\u4e4b\u540e\u7684\u64cd\u4f5c\u53ef\u4ee5\u7528\u5b83\u6765\u6307\u5b9a\u5bf9\u8c61\u3002\u53ef\u4ee5\u968f\u4fbf\u53d6\uff0c\u6bd4\u5982\u5e38\u89c1\u7684origin\u3002

"},{"location":"git/#\u5b50\u6a21\u5757\u7684\u4e0b\u8f7d","title":"\u5b50\u6a21\u5757\u7684\u4e0b\u8f7d","text":"

\u6709\u7684\u65f6\u5019\u4e00\u4e2a\u4ee3\u7801\u4ed3\u5e93\u62ff\u5176\u4ed6\u4ed3\u5e93\u6765\u5f53\u505a\u5b50\u6a21\u5757\uff0c\u5728github\u4e0a\u8fd9\u4e9b\u6a21\u5757\u662f\u56fe\u4e2d\u7684\u8868\u793a\u5f62\u5f0f\u3002git\u4ed3\u5e93\u91cc\u4e5f\u4f1a\u6709.gitmodules\u6587\u4ef6\u6765\u8bf4\u660e\u8fd9\u4e9b\u5b50\u6a21\u5757\u3002\u5f53clone\u4e3b\u4ed3\u5e93\u65f6\uff0c\u8fd9\u4e9b\u5b50\u6a21\u5757\u4e0d\u4f1a\u8ddf\u7740\u4e0b\u8f7d\u4e0b\u6765\u3002

\u521d\u6b21\u90e8\u7f72\u65f6\uff0c\u5728\u4e3b\u4ed3\u5e93\u76ee\u5f55\u4e0b\u91cc\u4f7f\u7528git submodule update --init --recursive\u6765\u4ece.gitmodules\u5b57clone\u5b50\u6a21\u5757\u3002

\u5982\u679c\u5b50\u6a21\u5757\u88ab\u522b\u7684\u5f00\u53d1\u8005\u66f4\u65b0\u4e86\uff0c\u53ef\u4ee5\u8fdb\u5230\u5b50\u6a21\u5757\u4e2d\u7136\u540egit pull\u3002

\u5982\u679c\u5e0c\u671b\u6dfb\u52a0\u67d0\u4e2a\u4ed3\u5e93\u4f5c\u4e3a\u5b50\u6a21\u5757\uff0c\u4f7f\u7528git submodule add <repo url>\u6765\u4e0b\u8f7d\u5b50\u6a21\u5757\u5e76\u66f4\u65b0.gitmodules\u6587\u4ef6

"},{"location":"git/#\u81ea\u5df1\u7684\u9879\u76ee\u9700\u8981\u5bf9\u5176\u4ed6\u9879\u76ee\u8fdb\u884c\u4fee\u6539","title":"\u81ea\u5df1\u7684\u9879\u76ee\u9700\u8981\u5bf9\u5176\u4ed6\u9879\u76ee\u8fdb\u884c\u4fee\u6539","text":"

\u5982\u679c\u81ea\u5df1\u7684\u9879\u76ee\u7528\u5230\u522b\u7684\u9879\u76ee\uff0c\u9700\u8981\u5bf9\u5176\u4e2d\u4e00\u4e9b\u4ee3\u7801\u8fdb\u884c\u4fee\u6539\uff0c\u800c\u4e0d\u9700\u8981\u628a\u5728\u4e0a\u4f20github\u65f6\u628a\u6574\u4e2a\u9879\u76ee\u5168\u90e8\u653e\u5230\u81ea\u5df1\u7684\u9879\u76ee\u4e0b\uff0c\u53ef\u4ee5\u5148\u7528submodule\u6dfb\u52a0\u5b50\u6a21\u5757\uff0c\u7136\u540e\u76f4\u63a5\u4fee\u6539\u4ee3\u7801\uff0c\u5e76\u5728\u5176\u9879\u76ee\u4e0b\u7528git diff <commit id> > <file.patch>\u751f\u6210\u4e00\u4e2adiff\u6587\u4ef6\u3002\u628adiff\u6587\u4ef6\u653e\u5230\u81ea\u5df1\u7684\u9879\u76ee\u91cc\uff0c\u518d\u4e0a\u4f20\u5230github\u4e0a\u3002\u5176\u4e2dcommit id\u662f\u7b2c\u4e09\u65b9\u9879\u76ee\u7684commit\uff0c\u4e5f\u5c31\u662f\u8fd9\u4e2asubmodule\u4e0b\u8f7d\u65f6\u7684commit id\uff0c\u53ef\u4ee5\u901a\u8fc7git log\u627e\u5230\u3002

\u5982\u679c\u76f4\u63a5\u7528git diff > <file.patch>\uff0c\u4f1a\u8f93\u51fa\u672a\u52a0\u5165\u6682\u5b58\u7684\u4fee\u6539\u548c\u6700\u8fd1\u4e00\u6b21\u6682\u5b58/commit\u7684diff\u6587\u4ef6\u3002

\u5176\u4ed6\u4eba\u4f7f\u7528\u65f6\uff0c\u5c31\u5148\u628a\u7b2c\u4e09\u65b9\u9879\u76ee\u83b7\u53d6\u4e0b\u6765\uff0c\u7136\u540egit apply <file.patch>\u5373\u53ef\u3002\u64a4\u56de\u8865\u4e01\u4f7f\u7528git apply -R <file.patch>

"},{"location":"git/#\u4e0d\u540c\u7248\u672c\u591a\u4eba\u5408\u4f5c\u4e0e\u5206\u652f\u4f7f\u7528","title":"\u4e0d\u540c\u7248\u672c\u591a\u4eba\u5408\u4f5c\u4e0e\u5206\u652f\u4f7f\u7528","text":"

\u6700\u8fd1\u5728\u8dd1fuzzer\uff0c\u5408\u4f5c\u65f6\u6709\u65f6\u9700\u8981\u5207\u6362\u4e0d\u540c\u7684\u6d4b\u8bd5\u76ee\u6807\uff0c\u6bcf\u4e2a\u6d4b\u8bd5\u76ee\u6807\u90fd\u6709\u81ea\u5df1\u7684\u4e00\u5927\u5806\u914d\u5957\u8bbe\u7f6e\u3002\u5927\u5bb6\u90fd\u5728\u4e3b\u5206\u652f\u5220\u6539\u592a\u9ebb\u70e6\u800c\u4e14\u5f88\u4e71\uff0c\u6240\u4ee5\u9700\u8981\u9488\u5bf9\u6bcf\u4e2a\u6d4b\u8bd5\u76ee\u6807\u8bbe\u7f6e\u4e0d\u540c\u7684branch\u3002

\u53ef\u4ee5\u4f7f\u7528git branch -a\u67e5\u770b\u6240\u6709\u5206\u652f\u3002\u5176\u4e2d\u524d\u9762\u5e26*\u7684\u662f\u5f53\u524dbranch\u3002

\u65b0\u5efa\u5206\u652f\u65f6\u4f7f\u7528 git checkout -b <branch name> \u76f8\u5f53\u4e8e\u5148git branch <branch name> \u521b\u5efa\u4e86\u4e00\u4e2a\u65b0\u7684\u5206\u652f\uff0c\u7136\u540egit checkout <branch name>\u5207\u6362\u5230\u90a3\u4e2a\u5206\u652f\u3002

\u5728\u65b0\u7684\u5206\u652fcommit\u540e\uff0c\u4f7f\u7528git push -u <remote repo name> <local branch name>:<remote branch name>\u53ef\u4ee5\u5c06\u81ea\u5df1\u7684\u8fd9\u4e2a\u5206\u652f\u63a8\u9001\u5230\u8fdc\u7a0b\u4ed3\u5e93\u3002\u5176\u4e2d\uff1a

\u5982\u679c\u9700\u8981\u5220\u9664\u8fdc\u7a0b\u5206\u652f\uff0c\u53ef\u4ee5\u7b80\u5355\u5730\u63a8\u9001\u7a7a\u5206\u652f\uff1agit push origin :<remote branch name>\u3002\u8fd9\u91cc\u672c\u5730\u5206\u652f\u540d\u7559\u7a7a\u4e86\u3002\u4e5f\u53ef\u4ee5\u4f7f\u7528\u4e13\u95e8\u7684\u5220\u9664\u65b9\u5f0f\uff1agit push origin --delete <remote branch name>

\u5982\u679c\u9700\u8981\u5220\u9664\u672c\u5730\u5206\u652f\uff0c\u4f7f\u7528git branch -d <local branch name>

\u5408\u5e76\u5206\u652f\u65f6\uff0c\u5148\u5207\u6362\u5230\u9700\u8981\u63a5\u6536\u6539\u52a8\u7684\u5206\u652f\u4e0a\uff0c\u7136\u540egit merge <new branch name>\uff0c\u5373\u53ef\u5c06new branch\u7684\u6539\u52a8\u66f4\u65b0\u5230\u5f53\u524d\u5206\u652f\u4e0a\u3002new branch\u7684\u5185\u5bb9\u662f\u4e0d\u53d8\u7684\u3002

\u62c9\u53d6\u8fdc\u7a0b\u5206\u652f\u5230\u672c\u5730\uff0c\u800c\u4e0d\u5f71\u54cd\u672c\u5730\u5206\u652f\uff1agit fetch <remote repo name> <remote branch name>:<local branch name>\u4f1a\u5c06\u8fdc\u7a0b\u4ed3\u5e93\u7684\u5206\u652f\u4fdd\u5b58\u5728\u672c\u5730\u5bf9\u5e94\u5206\u652f\u4e0b\u3002

\u53ef\u4ee5\u7528git fetch --all\u62c9\u53d6\u6240\u6709\u8fdc\u7a0b\u5206\u652f\uff0c\u5982\u679c\u6ca1\u6709\u6548\u679c\uff0c\u6ce8\u610f\u68c0\u67e5remote.origin.fetch\u7684\u8bbe\u7f6e\uff1agit config --get remote.origin.fetch\uff0c\u5982\u679c\u662f+refs/heads/master:refs/remotes/origin/master\uff0c\u5219\u8868\u793a\u53ea\u62c9master\u5206\u652f\u3002\u53ef\u4ee5\u4fee\u6539\u6210\u62c9\u53d6\u6240\u6709\u5206\u652f\uff1agit config remote.origin.fetch \"+refs/heads/*:refs/remotes/origin/*\"\u3002

"},{"location":"git/#github-debug\u5408\u96c6","title":"Github debug\u5408\u96c6","text":"

\u67d0\u79cd\u4e1c\u897f\u771f\u7684\u795e\u70e6\uff0c\u79d1\u7814\u9700\u8981\u4e0b\u8f7d\u7684\u4ed3\u5e93\u4ee3\u7801\u7ecf\u5e38\u83ab\u540d\u5176\u5999\u4e0b\u8f7d\u4e0d\u4e86\uff0c\u5199\u7684\u4ee3\u7801\u4e0a\u4f20\u8865\u4e0a\u53bb\uff0cbuild\u4e2adocker\u6162\u7684\u8981\u6b7b\uff0c\u7b2c\u4e09\u65b9\u5305\u62c9\u53d6\u4e0d\u5230\u2026\u2026\u6d6a\u8d39\u5f88\u591a\u65f6\u95f4\u5728\u56e0\u4e3a\u7f51\u7edc\u8fde\u63a5\u4e0d\u4e86\u5bfc\u81f4\u7684\u5404\u79cdbug\u4e0a\uff0c\u6709\u6548\u79d1\u7814\u65f6\u95f4\u767d\u767d\u88ab\u6d88\u8017\uff0c\u771f\u7684\u5f88xx\u3002

"},{"location":"git/#git-clone\u62a5\u9519gnutls_handshake-failed-the-tls-connection-was-non-properly-terminated","title":"Git clone\u62a5\u9519gnutls_handshake() failed: The TLS connection was non-properly terminated.","text":"

\u4e00\u79cd\u505a\u6cd5\u662f\u8bbe\u7f6e\u6216\u8005\u53d6\u6d88\u8bbe\u7f6ehttp.proxy\u548chttps.proxy

\u53e6\u4e00\u79cd\u505a\u6cd5\u662f\u76f4\u63a5\u53d6\u6d88SSL\u6821\u9a8c\uff0c\u867d\u7136\u7c97\u66b4\u4e86\u70b9\uff1agit config http.sslVerify false

"},{"location":"go/","title":"go","text":"

\u7ea6 66 \u4e2a\u5b57 14 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 2 \u5206\u949f

"},{"location":"go/#go\u73af\u5883\u914d\u7f6e","title":"go\u73af\u5883\u914d\u7f6e","text":"
  1. \u4ecehttps://go.dev/dl/\u4e0b\u8f7dArchive\u7684\u5305\uff0c\u89e3\u538b\u7f29\uff08\u6bd4\u5982\u5230~/.local\uff09\uff0c\u6dfb\u52a0\u5176\u4e2d\u7684bin\u76ee\u5f55\u5230PATH\u8def\u5f84
  2. \u56fd\u5185\u4f7f\u7528\u65f6\u8bbe\u7f6e\u4ee3\u7406
go env -w GO111MODULE=on\ngo env -w  GOPROXY=https://goproxy.cn\n
"},{"location":"go/#\u521b\u5efa\u5de5\u7a0b","title":"\u521b\u5efa\u5de5\u7a0b","text":"

\u5de5\u7a0b\u4fdd\u5b58\u5728xxx/go/src/xxx\u4e0b\uff0c\u5e76\u5c06GOPATH=xxx/go\u52a0\u5230\u73af\u5883\u53d8\u91cf\u4e2d

"},{"location":"go/#\u5feb\u901f\u5165\u95e8","title":"\u5feb\u901f\u5165\u95e8","text":"
package main\nimport (\n    \"fmt\"\n)\n\nfunc main() {\n    //\u5faa\u73af\u8f93\u51fa\n    for i:=0; i<10; i++{\n        fmt.Println(i)\n    }\n}\n
"},{"location":"interesting-articles/","title":"\u6709\u8da3\u6587\u7ae0","text":"

\u7ea6 179 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 1 \u5206\u949f

  1. [Usenix Security 2021] Understanding and Detecting Disordered Error Handling with Precise Function Pairing \u4e0d\u6b63\u786e\u7684\u9519\u8bef\u5904\u7406\u51fd\u6570\u672c\u8eab\u53ef\u80fd\u4e5f\u4f1a\u5e26\u6765\u65b0\u7684\u9519\u8bef\uff0c\u5c24\u5176\u662f\u5728\u505a\u4e00\u4e9b\u524d\u671f\u6e05\u7406\u5de5\u4f5c\u65f6\uff0c\u6267\u884c\u987a\u5e8f\u4e0d\u6b63\u786e\u4f1a\u5e26\u6765\u63d0\u6743\u3001\u5d29\u6e83\u4e0eDoS\u3002\u672c\u6587\u5e0c\u671b\u63a8\u65ad\u51fa\u9884\u671f\u7684\u6e05\u7406\u51fd\u6570\u3002
  2. [Usenix Security 2020] Actions Speak Louder than Words: Entity-Sensitive Privacy Policy and Data Flow Analysis with PoliCheck \u8003\u8651\u5230\u6570\u636e\u6d41\u5411\u7684\u5b9e\u4f53\uff0c\u5bf9\u5e94\u7528\u7a0b\u5e8f\u7684\u9690\u79c1\u89c4\u8303\u8fdb\u884c\u7814\u7a76\u5efa\u6a21\u3002
  3. [NDSS 2019] https://www.youtube.com/watch?v=dMndb0Xmr4k&t=1s&list=PLfUWWM-POgQs9SPvg-UA-TNG7UVEcdz8l&index=5 GitHub\u4e0a\u7531\u4e8e\u4e00\u4e9b\u4e0d\u5f53\u64cd\u4f5c\u53ef\u80fd\u4f1a\u5bfc\u81f4API\u5bc6\u94a5\u6cc4\u9732\u3002\u672c\u6587\u7814\u7a76\u8868\u660e\u8fd9\u79cd\u6cc4\u9732\u975e\u5e38\u7316\u7357\uff0c\u5e76\u4e14\u8fdc\u6ca1\u6709\u89e3\u51b3\u95ee\u9898\u3002
"},{"location":"investigations/","title":"\u56db\u5927\u8c03\u67e5","text":"

\u7ea6 311 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 1 \u5206\u949f

  1. [Usenix Security 2022] \u201cI feel invaded, annoyed, anxious and I may protect myself\u201d: Individuals\u2019 Feelings about Online Tracking and their Protective Behaviour across Gender and Country
  2. [Usenix Security 2022] \u201cLike Lesbians Walking the Perimeter\u201d: Experiences of U.S. LGBTQ+ Folks With Online Security, Safety, and Privacy Advice
  3. [Usenix Security 2022] How and Why People Use Virtual Private Networks
  4. [Usenix Security 2021] \u201cIt\u2019s the Company, the Government, You and I\u201d: User Perceptions of Responsibility for Smart Home Privacy and Security
  5. [Usenix Security 2021] \u201cShhh\u2026be quiet!\u201d Reducing the Unwanted Interruptions of Notification Permission Prompts on Chrome
  6. [Usenix Security 2021] Effect of Mood, Location, Trust, and Presence of Others on Video-Based Social Authentication
  7. [Usenix Security 2021] \u2018Passwords Keep Me Safe\u2019 \u2013 Understanding What Children Think about Passwords
  8. [Usenix Security 2021] \u201cIt\u2019s stressful having all these phones\u201d: Investigating Sex Workers\u2019 Safety Goals, Risks, and Practices Online
  9. [Usenix Security 2021] \u201cNow I\u2019m a bit angry:\u201d Individuals\u2019 Awareness, Perception, and Responses to Data Breaches that Affected Them
  10. [Usenix Security 2020] \u201cI am uncomfortable sharing what I can\u2019t see\u201d: Privacy Concerns of the Visually Impaired with Camera Based Assistive Applications
  11. [Usenix Security 2020 | Distingguished Paper Award] Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It
  12. [Usenix Security 2020] An Observational Investigation of Reverse Engineers\u2019 Processes
  13. [Usenix Security 2020] That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers
  14. [NDSS 2022] An In-depth Analysis of Duplicated Linux Kernel Bug Reports
  15. [NDSS 2020] Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators
  16. [NDSS 2019] Time Does Not Heal All Wounds: A Longitudinal Analysis of Security-Mechanism Support in Mobile Browsers
  17. [NDSS 2019] A First Look into the Facebook Advertising Ecosystem
"},{"location":"java/","title":"Java","text":"

\u7ea6 108 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"java/#java\u73af\u5883\u914d\u7f6e","title":"Java\u73af\u5883\u914d\u7f6e","text":"

\u5728https://www.oracle.com/java/technologies/downloads/\u4e0b\u8f7d\u5bf9\u5e94\u7cfb\u7edf\u7684\u5305\u3002Linux\u9009\u62e9Compressed Archive\uff0c\u89e3\u538b\u7f29\u4ee5\u540e\u914d\u7f6e\u4e0bpath\uff1bWindows\u53ef\u4ee5\u7528MSI Installer\u3002\u5bf9\u5e94\u7684\u6e90\u7801\u5728lib/src.zip\u4e2d\u3002

"},{"location":"java/#java\u6e90\u7801\u67b6\u6784\u7406\u89e3","title":"Java\u6e90\u7801\u67b6\u6784\u7406\u89e3","text":"

\u6838\u5fc3\u4ee3\u7801\u3001\u4e3b\u8981\u529f\u80fd\u5728java.base/java\u76ee\u5f55\u4e0b\uff0c\u5176\u4e2d\u5305\u542b\u4e86io\u3001lang\u3001util\u7b49\u591a\u4e2a\u5173\u952e\u6a21\u5757\u3002

"},{"location":"java/#java\u91cc\u6709\u54ea\u4e9b\u6570\u636e\u7ed3\u6784\u7c7b\u578b\u5982\u4f55\u5b9e\u73b0\u7684","title":"Java\u91cc\u6709\u54ea\u4e9b\u6570\u636e\u7ed3\u6784\u7c7b\u578b\uff1f\u5982\u4f55\u5b9e\u73b0\u7684\uff1f","text":"

Java\u4e2d\u5e38\u89c1\u7684\u6570\u636e\u7c7b\u578b\u6bd4\u5982Set\u3001Array\u3001

"},{"location":"latex/","title":"latex\u57fa\u7840","text":"

\u7ea6 21 \u4e2a\u5b57 190 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 19 \u5206\u949f

"},{"location":"latex/#\u63a8\u8350\u5de5\u5177","title":"\u63a8\u8350\u5de5\u5177","text":"

\u4f7f\u7528Table Generator\u7ed8\u5236\u8868\u683c

"},{"location":"latex/#\u82f1\u6587latex","title":"\u82f1\u6587latex","text":"
\\documentclass[conference,11pt]{IEEEtran}\n\\IEEEoverridecommandlockouts\n% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please comment it out.\n\\usepackage{cite}\n\\usepackage{amsmath,amssymb,amsfonts}\n\\usepackage{algorithmic}\n\\usepackage{graphicx}\n\\usepackage{textcomp}\n\\usepackage{xcolor}\n\\usepackage{caption}\n\\usepackage{url}\n\\def\\UrlBreaks{\\do\\A\\do\\B\\do\\C\\do\\D\\do\\E\\do\\F\\do\\G\\do\\H\\do\\I\\do\\J\n\\do\\K\\do\\L\\do\\M\\do\\N\\do\\O\\do\\P\\do\\Q\\do\\R\\do\\S\\do\\T\\do\\U\\do\\V\n\\do\\W\\do\\X\\do\\Y\\do\\Z\\do\\[\\do\\\\\\do\\]\\do\\^\\do\\_\\do\\`\\do\\a\\do\\b\n\\do\\c\\do\\d\\do\\e\\do\\f\\do\\g\\do\\h\\do\\i\\do\\j\\do\\k\\do\\l\\do\\m\\do\\n\n\\do\\o\\do\\p\\do\\q\\do\\r\\do\\s\\do\\t\\do\\u\\do\\v\\do\\w\\do\\x\\do\\y\\do\\z\n\\do\\.\\do\\@\\do\\\\\\do\\/\\do\\!\\do\\_\\do\\|\\do\\;\\do\\>\\do\\]\\do\\)\\do\\,\n\\do\\?\\do\\'\\do+\\do\\=\\do\\#}\n\\def\\BibTeX{{\\rm B\\kern-.05em{\\sc i\\kern-.025em b}\\kern-.08em\n    T\\kern-.1667em\\lower.7ex\\hbox{E}\\kern-.125emX}}\n\\usepackage{lscape, latexsym, amssymb, algorithmic, multirow}\n\\usepackage[linesnumbered, vlined, ruled]{algorithm2e}\n\\usepackage{mathtools, bbm, color}\n\\usepackage{booktabs}\n\\usepackage{amsthm,mathrsfs,amsfonts,dsfont}\n\\usepackage{listings}\n\\definecolor{codegreen}{rgb}{0,0.6,0}\n\\definecolor{codegray}{rgb}{0.5,0.5,0.5}\n\\definecolor{codepurple}{rgb}{0.58,0,0.82}\n\\definecolor{backcolour}{rgb}{0.95,0.95,0.95}\n\\lstdefinestyle{mystyle}{\n % backgroundcolor=\\color{backcolour},   \n commentstyle=\\color{codegreen},\n keywordstyle=\\color{magenta},\n numberstyle=\\tiny\\color{codegray},\n stringstyle=\\color{codepurple},\n % basicstyle=\\footnotesize\\ttfamily,\n basicstyle=\\footnotesize\\scriptsize,\n breakatwhitespace=false,         \n breaklines=true,                 \n captionpos=b,                    \n keepspaces=true,\n numbers=left,  %% \u884c\u53f7 \n % numbersep=2pt,                  \n showspaces=false,                \n showstringspaces=false,\n showtabs=false,                  \n tabsize=1,\n xleftmargin=\\parindent,\n}\n\\lstset{style=mystyle}\n\\begin{document}\n\n\\title{xxxx}\n\n\\author{xxxx}\n\n\\maketitle\n\n\\begin{abstract}\n\\end{abstract}\n\n\n\\begin{IEEEkeywords}\nxxx,xxx\n\\end{IEEEkeywords}\n\n\\bibliographystyle{IEEEtran}\n{\n\\begingroup\n\\bibliography{ref}\n\\endgroup\n}\n\n\\end{document}\n
"},{"location":"latex/#\u4e2d\u6587latex","title":"\u4e2d\u6587latex","text":"
\\documentclass[12pt]{article}\n\n\\usepackage{cite} % \u5f15\u7528\u53c2\u8003\u6587\u732e\n\\usepackage{ctex} % \u4e2d\u6587\u652f\u6301\n\\usepackage{times}% \u82f1\u6587\u4f7f\u7528Times New Roman\n\\usepackage{url,hyperref} % \u8d85\u94fe\u63a5\n\\usepackage{xspace} % \u65e0\u6807\u70b9\u81ea\u52a8\u7a7a\u683c\n\\usepackage{graphicx} % \u63d2\u5165\u56fe\u7247\u7528\n\\usepackage{geometry} % \u8bbe\u7f6e\u9875\u8fb9\u8ddd\n\\usepackage{listings} % \u63d2\u5165\u4ee3\u7801\u5757\n\\usepackage{color} % \u5b9a\u4e49\u989c\u8272\uff0c\u7528\u4e8e\u63a7\u5236\u4ee3\u7801\u9ad8\u4eae\n\\usepackage{subcaption} % \u753b\u5b50\u56fe\n\\usepackage{tikz} % \u540e\u7eed\u753b\u5706\u5708\n\\usepackage{multirow} % \u8868\u683c\u591a\u884c\u6587\u672c\n% \\usepackage{tabu}\n\\usepackage{longtable}\n\\usepackage{float}\n\\usepackage{tabu}\n\\usepackage{booktabs} % \u753b\u8868\u683c\n\n\\usepackage[linesnumbered, vlined, ruled]{algorithm2e} % \u7b97\u6cd5\u5217\u8868\n\n% \u4f7f\u7528 ctex \u5b8f\u5305\u8bbe\u7f6e\u4e2d\u6587\u56fe\u9898\n\\renewcommand{\\figurename}{\u56fe}\n\\renewcommand{\\tablename}{\u8868}\n\n% \u8bbe\u7f6e\u9875\u8fb9\u8ddd\n\\geometry{a4paper,left=2cm,right=2cm,top=2cm,bottom=3cm} \n\n\n% \u8bbe\u7f6e\u5b57\u4f53\n\\newcommand{\\song}{\\CJKfamily{song}}    % \u5b8b\u4f53\n\\newcommand{\\fs}{\\CJKfamily{fs}}             % \u4eff\u5b8b\u4f53\n\\newcommand{\\kai}{\\CJKfamily{kai}}          % \u6977\u4f53\n\\newcommand{\\hei}{\\CJKfamily{hei}}         % \u9ed1\u4f53\n\\newcommand{\\li}{\\CJKfamily{li}}               % \u96b6\u4e66\n\n% \u8bbe\u7f6e\u5b57\u53f7\n\\newcommand{\\yihao}{\\fontsize{26pt}{36pt}\\selectfont}           % \u4e00\u53f7, 1.4 \u500d\u884c\u8ddd\n\\newcommand{\\erhao}{\\fontsize{22pt}{28pt}\\selectfont}          % \u4e8c\u53f7, 1.25\u500d\u884c\u8ddd\n\\newcommand{\\xiaoer}{\\fontsize{18pt}{18pt}\\selectfont}          % \u5c0f\u4e8c, \u5355\u500d\u884c\u8ddd\n\\newcommand{\\sanhao}{\\fontsize{16pt}{24pt}\\selectfont}        % \u4e09\u53f7, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\xiaosan}{\\fontsize{15pt}{22pt}\\selectfont}        % \u5c0f\u4e09, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\sihao}{\\fontsize{14pt}{21pt}\\selectfont}            % \u56db\u53f7, 1.5 \u500d\u884c\u8ddd\n\\newcommand{\\banxiaosi}{\\fontsize{13pt}{19.5pt}\\selectfont}    % \u534a\u5c0f\u56db, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\xiaosi}{\\fontsize{12pt}{18pt}\\selectfont}            % \u5c0f\u56db, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\dawuhao}{\\fontsize{11pt}{11pt}\\selectfont}       % \u5927\u4e94\u53f7, \u5355\u500d\u884c\u8ddd\n\\newcommand{\\wuhao}{\\fontsize{10.5pt}{15.75pt}\\selectfont}    % \u4e94\u53f7, \u5355\u500d\u884c\u8ddd\n\n% \u5b9a\u4e49\u4ee3\u7801\u6837\u5f0f\n\\definecolor{codegreen}{rgb}{0,0.6,0}\n\\definecolor{codegray}{rgb}{0.5,0.5,0.5}\n\\definecolor{codepurple}{rgb}{0.58,0,0.82}\n\\definecolor{backcolour}{rgb}{0.95,0.95,0.95}\n\\lstdefinestyle{mystyle}{\n % backgroundcolor=\\color{backcolour},   \n commentstyle=\\color{codegreen},\n keywordstyle=\\color{magenta},\n numberstyle=\\tiny\\color{codegray},\n stringstyle=\\color{codepurple},\n % basicstyle=\\footnotesize\\ttfamily,\n basicstyle=\\footnotesize\\scriptsize,\n breakatwhitespace=false,         \n breaklines=true,                 \n captionpos=b,                    \n keepspaces=true,\n numbers=left,  %% \u884c\u53f7 \n % numbersep=2pt,                  \n showspaces=false,                \n showstringspaces=false,\n showtabs=false,                  \n tabsize=1,\n xleftmargin=\\parindent,\n}\n\\lstset{style=mystyle}\n\n\\renewcommand{\\abstractname}{\\textbf{\u6458\\quad \u8981}} % \u66f4\u6539\u6458\u8981\u4e8c\u5b57\u7684\u6837\u5f0f\n\n% use these commands to consistently refer to stuff\n\n\\newcommand{\\bugCount}{xx}  \n\n\\newcommand{\\tabincell}[2]{\\begin{tabular}{@{}#1@{}}#2\\end{tabular}}\n\n\\newcommand*\\emptcirc[1][1ex]{\\tikz\\draw (0,0) circle (#1);} \n\\newcommand*\\halfcirc[1][1ex]{%\n\t\\begin{tikzpicture}\n\t\\draw[fill] (0,0)-- (90:#1) arc (90:270:#1) -- cycle ;\n\t\\draw (0,0) circle (#1);\n\t\\end{tikzpicture}}\n\\newcommand*\\fullcirc[1][1ex]{\\tikz\\fill (0,0) circle (#1);} \n\n\\def\\BibTeX{{\\rm B\\kern-.05em{\\sc i\\kern-.025em b}\\kern-.08em\n    T\\kern-.1667em\\lower.7ex\\hbox{E}\\kern-.125emX}}\n\n\\title{\\fontsize{18pt}{27pt}\\selectfont \\textbf{xxxx}}\n\\author{\\fontsize{14pt}{21pt}\\selectfont \\textbf{xxxx}}\n\\date{}\n\n\\begin{document}\n\\begin{sloppypar} % \u9632\u6b62\u957f\u5355\u8bcd\u51fa\u754c\n\\maketitle\n\n\\begin{abstract}\n\\end{abstract}\n\n\\section{\u80cc\u666f}\n\n\\subsection{\u53ef\u4fe1\u6267\u884c\u73af\u5883}\n\\bibliographystyle{plain}\n\\bibliography{Ref}\n\n\\end{sloppypar}\n\\end{document}\n
"},{"location":"linux-kernel/","title":"linux\u5185\u6838\u5b66\u4e60","text":"

\u7ea6 164 \u4e2a\u5b57 2 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 1 \u5206\u949f

"},{"location":"linux-kernel/#\u7f16\u8bd1","title":"\u7f16\u8bd1","text":"

\u4e0b\u8f7d\u6e90\u7801\uff0c\u53ef\u4ee5\u4ece\u6e05\u534e\u6e90pull\u4e00\u4e2a\uff1agit clone https://mirrors.tuna.tsinghua.edu.cn/git/linux.git\u3002\u968f\u540e\u7f16\u8bd1\u6e90\u7801\uff0c\u53c2\u8003CSDN\u6559\u7a0b\u3002\u6838\u5fc3\u903b\u8f91\u662f\u4e0b\u8f7d\u597d\u5fc5\u8981\u7684\u4f9d\u8d56\u5305\uff08\u6bd4\u5982apt install build-essential flex bison libssl-dev libelf-dev\uff09\u4e4b\u540e\uff0c\u5728\u6839\u76ee\u5f55\u8fd0\u884cmake menuconfig\uff0c\u7136\u540eExit\u4fdd\u5b58\u6587\u4ef6\uff0c\u6700\u540e\u76f4\u63a5\u591a\u7ebf\u7a0b\u7f16\u8bd1make -j8\u3002

\u968f\u540e\u662f\u6f2b\u957f\u7684\u7f16\u8bd1\u8fc7\u7a0b\u3002\u4ee5Linux 6.12-rc6\u4e3a\u4f8b\u53ef\u80fd\u51fa\u73b0\u7684\u62a5\u9519\uff1a

\u8bc1\u4e66\u95ee\u9898\uff1a

make[3]: *** No rule to make target 'debian/canonical-certs.pem', needed by 'certs/x509_certificate_list'.  Stop.\nmake[2]: *** [scripts/Makefile.build:478: certs] Error 2\nmake[2]: *** Waiting for unfinished jobs....\n
\u53c2\u8003StackOverflow\u4e0a\u7684\u89e3\u7b54\uff0c\u53ef\u4ee5\u4fee\u6539conf\u6587\u4ef6\uff0c\u4e5f\u53ef\u4ee5\u7b80\u5355\u5730\u8fd0\u884c

scripts/config --disable SYSTEM_TRUSTED_KEYS\nscripts/config --disable SYSTEM_REVOCATION_KEYS\n
\u91cd\u65b0make\u540e\u4e00\u8def\u56de\u8f66\u3002

"},{"location":"linux-server/","title":"Ubuntu\u670d\u52a1\u5668\u8fd0\u7ef4","text":"

\u7ea6 1216 \u4e2a\u5b57 14 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 5 \u5206\u949f

"},{"location":"linux-server/#\u6839\u636epid\u67e5\u8be2\u7ec6\u8282","title":"\u6839\u636epid\u67e5\u8be2\u7ec6\u8282","text":"

sudo ls -lah /proc/<pid>\n
\u7136\u540e\u6839\u636e\u5176\u4e2d\u7684cwd\u627e\u5230\u8fd0\u884c\u76ee\u5f55\uff0cexe\u627e\u5230\u8fd0\u884c\u7a0b\u5e8f

"},{"location":"linux-server/#\u5728\u7ec8\u7aef\u5411\u7a0b\u5e8f\u8f93\u5165\u5b57\u8282","title":"\u5728\u7ec8\u7aef\u5411\u7a0b\u5e8f\u8f93\u5165\u5b57\u8282","text":"
# \u8f93\u5165raw bytes\necho -e '\\x31\\x32' | program\n\n# \u4e0d\u5e26echo\u81ea\u52a8\u52a0\u7684\u6362\u884c\necho -en '\\x31\\x32' | program\n\n# \u8f93\u5165raw binary\necho -e '\\x31\\x32' | xxd -r -p | program \n
"},{"location":"linux-server/#\u67e5\u8be2\u670d\u52a1\u5668\u663e\u5361","title":"\u67e5\u8be2\u670d\u52a1\u5668\u663e\u5361","text":"

\u67e5\u8be2\u7269\u7406\u69fd\u663e\u5361\u8fde\u63a5

lspci | grep VGA\n

\u67e5\u8be2\u6d3b\u8dc3\u60c5\u51b5\uff08\u9700\u8981\u5b89\u88c5\u663e\u5361\u9a71\u52a8\uff0c\u53ef\u4ee5\u76f4\u63a5\u5b89\u88c5CUDA runfile\uff0c\u81ea\u5e26\u9a71\u52a8\uff09

nvidia-smi\n
"},{"location":"linux-server/#\u7edf\u8ba1\u670d\u52a1\u5668\u8fdb\u7a0b\u5360\u7528","title":"\u7edf\u8ba1\u670d\u52a1\u5668\u8fdb\u7a0b\u5360\u7528","text":"
htop # \u89c2\u5bdf\u5185\u5b58\u3001\u5404\u8fdb\u7a0b\u3001CPU\u5360\u7528\nsudo ls -lah /proc/<pid>/cwd # \u89c2\u5bdf\u8fd0\u884c\u7684\u547d\u4ee4\uff0c\u5224\u65ad\u8c01\u7684\u7a0b\u5e8f\n
"},{"location":"linux-server/#\u7edf\u8ba1\u78c1\u76d8\u7528\u91cf","title":"\u7edf\u8ba1\u78c1\u76d8\u7528\u91cf","text":"
ncdu # \u7edf\u8ba1\u5f53\u524d\u76ee\u5f55\u4e0b\u5404\u4e2a\u6587\u4ef6\u5939\u5360\u7528\uff0c\u53ef\u4ee5\u8fdb\u5165\u3001\u5220\u9664\u6587\u4ef6\u5939\u6216\u76ee\u5f55\n
"},{"location":"linux-server/#\u4fee\u6539dns","title":"\u4fee\u6539DNS","text":"

\u6709\u65f6\u5019\u8fde\u4e0d\u4e0a\u7f51\u662f\u56e0\u4e3aDNS\u7684\u95ee\u9898\uff0c\u4fee\u6539/etc/resolve.conf\u5373\u53ef\u3002\u4e0d\u8fc7\u8fd9\u4e2a\u8f6f\u8fde\u63a5\u4fee\u6539\u5b8c\u4e86\u4ee5\u540e\u53ef\u80fd\u4f1a\u88ab\u7cfb\u7edf\u6539\u6389\uff0c\u53ef\u4ee5\u8bd5\u8bd5\u5220\u6389\u4ee5\u540e\u76f4\u63a5\u521b\u5efa\u4e2a/etc/resolve.conf\u6587\u4ef6\uff0c\u518dchattr +i /etc/resovle.conf\u9632\u6b62\u4fee\u6539\u3002

"},{"location":"linux-server/#\u7cfb\u7edf\u670d\u52a1","title":"\u7cfb\u7edf\u670d\u52a1","text":"

systemctl status xxx\u68c0\u67e5\u67d0\u4e9b\u670d\u52a1\u8fd0\u884c\u72b6\u6001\uff0c\u53ef\u4ee5ls -lah /etc/systemd/system\u3001ls -lah /lib/systemd/system\u67e5\u8be2\u6709\u54ea\u4e9b\u670d\u52a1\u3002\u8b66\u60d5\u5947\u602a\u7684\u6570\u5b57service\uff0c\u53ef\u80fd\u662f\u75c5\u6bd2\u3002

\u6dfb\u52a0\u7cfb\u7edf\u670d\u52a1\u65f6\uff0c\u521b\u5efa/etc/systemd/system/xxx.service\u6587\u4ef6\uff0c\u7136\u540e\u7f16\u8f91\u5185\u5bb9\uff0c\u6bd4\u5982\u4e0b\u9762\u7684socat.service\uff1a

[Unit]\nDescription=port forward 4320\n# \u542f\u52a8\u987a\u5e8f\uff08\u591a\u4e2a\u670d\u52a1\u4e2d\u95f4\u7528\u7a7a\u683c\u9694\u5f00\uff09\nAfter=network.target[\u5f53\u524d\u670d\u52a1\u5728\u6307\u5b9a\u670d\u52a1\u4e4b\u540e\u542f\u52a8]\nBefore=[\u5f53\u524d\u670d\u52a1\u5728\u6307\u5b9a\u670d\u52a1\u4e4b\u524d\u542f\u52a8]\n\n# \u4f9d\u8d56\u5173\u7cfb\nWants=[\u5f31\u4f9d\u8d56\u5173\u7cfb\u670d\u52a1\uff0c\u6307\u5b9a\u670d\u52a1\u53d1\u751f\u5f02\u5e38\u4e0d\u5f71\u54cd\u5f53\u524d\u670d\u52a1]\nRequires=[\u5f3a\u4f9d\u8d56\u5173\u7cfb\u670d\u52a1\uff0c\u6307\u5b9a\u670d\u52a1\u53d1\u751f\u5f02\u5e38\uff0c\u5f53\u524d\u670d\u52a1\u5fc5\u987b\u9000\u51fa]\n\n[Service]\nUser=nobody\nExecStart=/usr/bin/socat TCP4-LISTEN:4320,fork TCP4:10.244.55.25:80\nExecReload=[\u91cd\u542f\u670d\u52a1\u65f6\u6267\u884c\u7684\u547d\u4ee4]\nExecStop=[\u505c\u6b62\u670d\u52a1\u65f6\u6267\u884c\u7684\u547d\u4ee4]\nExecStartPre=[\u542f\u52a8\u670d\u52a1\u4e4b\u524d\u6267\u884c\u7684\u547d\u4ee4]\nExecStartPost=[\u542f\u52a8\u670d\u52a1\u4e4b\u540e\u6267\u884c\u7684\u547d\u4ee4]\nExecStopPost=[\u505c\u6b62\u670d\u52a1\u4e4b\u540e\u6267\u884c\u7684\u547d\u4ee4]\n\n# \u542f\u52a8\u7c7b\u578b\n# simple\uff08\u9ed8\u8ba4\u503c\uff09\uff1aExecStart\u5b57\u6bb5\u542f\u52a8\u7684\u8fdb\u7a0b\u4e3a\u4e3b\u8fdb\u7a0b\n# forking\uff1aExecStart\u5b57\u6bb5\u5c06\u4ee5fork()\u65b9\u5f0f\u542f\u52a8\uff0c\u6b64\u65f6\u7236\u8fdb\u7a0b\u5c06\u4f1a\u9000\u51fa\uff0c\u5b50\u8fdb\u7a0b\u5c06\u6210\u4e3a\u4e3b\u8fdb\u7a0b\n# oneshot\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u53ea\u6267\u884c\u4e00\u6b21\uff0cSystemd \u4f1a\u7b49\u5b83\u6267\u884c\u5b8c\uff0c\u624d\u542f\u52a8\u5176\u4ed6\u670d\u52a1\n# dbus\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u4f1a\u7b49\u5f85 D-Bus \u4fe1\u53f7\u540e\u542f\u52a8\n# notify\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u542f\u52a8\u7ed3\u675f\u540e\u4f1a\u53d1\u51fa\u901a\u77e5\u4fe1\u53f7\uff0c\u7136\u540e Systemd \u518d\u542f\u52a8\u5176\u4ed6\u670d\u52a1\n# idle\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u662f\u8981\u7b49\u5230\u5176\u4ed6\u4efb\u52a1\u90fd\u6267\u884c\u5b8c\uff0c\u624d\u4f1a\u542f\u52a8\u8be5\u670d\u52a1\u3002\u4e00\u79cd\u4f7f\u7528\u573a\u5408\u662f\u4e3a\u8ba9\u8be5\u670d\u52a1\u7684\u8f93\u51fa\uff0c\u4e0d\u4e0e\u5176\u4ed6\u670d\u52a1\u7684\u8f93\u51fa\u76f8\u6df7\u5408\nType=[\u542f\u52a8\u7c7b\u578b]\n\n# \u5982\u4f55\u505c\u6b62\u670d\u52a1\n# control-group\uff08\u9ed8\u8ba4\u503c\uff09\uff1a\u5f53\u524d\u63a7\u5236\u7ec4\u91cc\u9762\u7684\u6240\u6709\u5b50\u8fdb\u7a0b\uff0c\u90fd\u4f1a\u88ab\u6740\u6389\n# process\uff1a\u53ea\u6740\u4e3b\u8fdb\u7a0b\n# mixed\uff1a\u4e3b\u8fdb\u7a0b\u5c06\u6536\u5230 SIGTERM \u4fe1\u53f7\uff0c\u5b50\u8fdb\u7a0b\u6536\u5230 SIGKILL \u4fe1\u53f7\n# none\uff1a\u6ca1\u6709\u8fdb\u7a0b\u4f1a\u88ab\u6740\u6389\uff0c\u53ea\u662f\u6267\u884c\u670d\u52a1\u7684 stop \u547d\u4ee4\u3002\nKillMode=[\u5982\u4f55\u505c\u6b62\u670d\u52a1]\n\n# \u91cd\u542f\u65b9\u5f0f\n# no\uff08\u9ed8\u8ba4\u503c\uff09\uff1a\u9000\u51fa\u540e\u4e0d\u4f1a\u91cd\u542f\n# on-success\uff1a\u53ea\u6709\u6b63\u5e38\u9000\u51fa\u65f6\uff08\u9000\u51fa\u72b6\u6001\u7801\u4e3a0\uff09\uff0c\u624d\u4f1a\u91cd\u542f\n# on-failure\uff1a\u975e\u6b63\u5e38\u9000\u51fa\u65f6\uff08\u9000\u51fa\u72b6\u6001\u7801\u975e0\uff09\uff0c\u5305\u62ec\u88ab\u4fe1\u53f7\u7ec8\u6b62\u548c\u8d85\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-abnormal\uff1a\u53ea\u6709\u88ab\u4fe1\u53f7\u7ec8\u6b62\u548c\u8d85\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-abort\uff1a\u53ea\u6709\u5728\u6536\u5230\u6ca1\u6709\u6355\u6349\u5230\u7684\u4fe1\u53f7\u7ec8\u6b62\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-watchdog\uff1a\u8d85\u65f6\u9000\u51fa\uff0c\u624d\u4f1a\u91cd\u542f\n# always\uff1a\u4e0d\u7ba1\u662f\u4ec0\u4e48\u9000\u51fa\u539f\u56e0\uff0c\u603b\u662f\u91cd\u542f\nRestart=[\u670d\u52a1\u9000\u51fa\u540e\uff0cSystemd \u7684\u91cd\u542f\u65b9\u5f0f]\n\nRestartSec=[\u8868\u793a Systemd \u91cd\u542f\u670d\u52a1\u4e4b\u524d\uff0c\u9700\u8981\u7b49\u5f85\u7684\u79d2\u6570]\n\n[Install]\nWantedBy=multi-user.target\n# \u6267\u884c sytemctl enable **.service\u547d\u4ee4\u65f6\uff0c**.service\u7684\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\uff0c\u5c31\u4f1a\u653e\u5728/etc/systemd/system/multi-user.target.wants\u5b50\u76ee\u5f55\u4e2d\n# \u6267\u884csystemctl get-default\u547d\u4ee4\uff0c\u83b7\u53d6\u9ed8\u8ba4\u542f\u52a8Target\n# multi-user.target\u7ec4\u4e2d\u7684\u670d\u52a1\u90fd\u5c06\u5f00\u673a\u542f\u52a8\n# \u5e38\u7528Target\uff0c1. multi-user.target-\u591a\u7528\u6237\u547d\u4ee4\u884c\uff1b2. graphical.target-\u56fe\u5f62\u754c\u9762\u6a21\u5f0f\nWantedBy=[\u8868\u793a\u8be5\u670d\u52a1\u6240\u5728\u7684Target]\n
"},{"location":"linux-server/#\u5b9a\u65f6\u670d\u52a1","title":"\u5b9a\u65f6\u670d\u52a1","text":"

\u5b9a\u65f6\u7a0b\u5e8f\u6267\u884c\u5931\u8d25\u7684\u539f\u56e0\u662f\u591a\u6837\u7684\uff0c\u53ef\u80fd\u662f\u56e0\u4e3a\u5b9a\u65f6\u670d\u52a1\u6ca1\u542f\u52a8\uff0c\u9700\u8981systemctl restart cron.service\uff0c\u6216\u8005\u662fcron\u670d\u52a1\u574f\u6389\u4e86\uff0c\u5148apt install cron --reinstall\u5f3a\u5236\u91cd\u65b0\u5b89\u88c5\u4e0b\uff0c\u518d\u91cd\u542f\u670d\u52a1\uff0c\u6216\u8005\u662f\u5b89\u88c5\u4e86\u522b\u7684\u4f9d\u8d56\u5e93\u4f46\u662f\u6ca1\u6709\u91cd\u542fcron\u5bfc\u81f4\u8fd0\u884c\u5931\u8d25\uff0c\u8bd5\u8bd5/etc/init.d/cron restart\u3002

"},{"location":"linux-server/#\u6253\u5f00\u6587\u4ef6\u6570","title":"\u6253\u5f00\u6587\u4ef6\u6570","text":"

https://www.baeldung.com/linux/list-open-file-descriptors

Linux\u9ed8\u8ba4\u6700\u591a\u540c\u65f6\u6253\u5f001024\u4e2a\u6587\u4ef6\uff0c\u53ef\u4ee5\u901a\u8fc7ulimit -n\u67e5\u770b\u3002fuzzing\u7b49\u8981\u6ce8\u610f\u5173\u95ed\u6587\u4ef6\u63cf\u8ff0\u7b26\uff0c\u5426\u5219\u53ef\u80fd\u5bfc\u81f4\u670d\u52a1\u5668\u6545\u969c\uff08\u6bd4\u5982ssh\u8fde\u4e0d\u4e0a\uff09\u3002/proc//fd\u91cc\u5217\u51fa\u4e86pid\u9501\u6253\u5f00\u7684\u6587\u4ef6\u3002"},{"location":"linux-server/#\u53c2\u8003\u8d44\u6599","title":"\u53c2\u8003\u8d44\u6599","text":"

  1. systemd\u76f8\u5173\u8d44\u6599
"},{"location":"llvm/","title":"LLVM \u5b66\u4e60","text":"

\u7ea6 508 \u4e2a\u5b57 158 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 17 \u5206\u949f

"},{"location":"llvm/#\u5feb\u901f\u4e0a\u624b","title":"\u5feb\u901f\u4e0a\u624b","text":""},{"location":"llvm/#\u6e90\u7801\u7f16\u8bd1","title":"\u6e90\u7801\u7f16\u8bd1","text":"

\u9996\u5148\u5728https://github.com/llvm/llvm-project/releases/ \u4e0b\u8f7d\u5fc3\u4eea\u7684llvm-project-xx.x.x.src.tar.xz\uff0c\u7136\u540etar -xf llvm*\u89e3\u538b\u7f29\u540e\u6309\u5982\u4e0b\u8fdb\u884c\u7f16\u8bd1\uff1a

cd llvm-project-*\nmkdir build && cd build\ncmake -G \"Unix Makefiles\" -DLLVM_ENABLE_PROJECTS=\"clang\" -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=On -DLLVM_TARGETS_TO_BUILD=host ../llvm\ncmake --build . -j8 # make -j8  \u6839\u636e\u5b9e\u9645\u60c5\u51b5\u9009\u62e9\u591a\u7ebf\u7a0b\u7f16\u8bd1\n

\u7136\u540e\u628a\u751f\u6210\u7684build/bin\u76ee\u5f55\u52a0\u5230PATH\u91cc\uff0c\u628abuild\u76ee\u5f55\u8bbe\u4e3aLLVM_DIR\u5168\u5c40\u53d8\u91cf\u3002

export PATH=<installation/dir/of/llvm/18/bin>:/$PATH\nexport LLVM_DIR=<installation/dir/of/llvm/18>\n

<installation/dir/of/llvm/18>\u5373\u4e4b\u524d\u5728llvm-project\u6587\u4ef6\u5939\u91cc\u521b\u5efa\u7684build\u76ee\u5f55\u3002

"},{"location":"llvm/#\u591a\u7248\u672cllvm\u5207\u6362","title":"\u591a\u7248\u672cllvm\u5207\u6362","text":"

\u53c2\u8003CSDN\u535a\u5ba2

# \u9996\u5148\uff0c\u6dfb\u52a0\u6240\u6709\u53ef\u7528\u7684 llvm-config \u7248\u672c\u5230 update-alternatives\u3002\u6700\u540e\u768420\u300110\u8868\u793a\u6743\u91cd\nsudo update-alternatives --install /usr/bin/llvm-config llvm-config /usr/bin/llvm-config-15 20\nsudo update-alternatives --install /usr/bin/llvm-config llvm-config /usr/bin/llvm-config-18 10\n# \u9009\u62e9\u9ed8\u8ba4\u7248\u672c\nsudo update-alternatives --config llvm-config\n\n# \u6dfb\u52a0\u6240\u6709\u53ef\u7528\u7684 clang \u7248\u672c\u5230 update-alternatives\nsudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-15 20\nsudo update-alternatives --install /usr/bin/clang clang /usr/bin/clang-18 10\nsudo update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang-15 20\nsudo update-alternatives --install /usr/bin/clang++ clang++ /usr/bin/clang-18 10\n# \u9009\u62e9\u9ed8\u8ba4\u7248\u672c\nsudo update-alternatives --config clang\nsudo update-alternatives --config clang++\n\n# \u67e5\u770bllvm\u7248\u672c\nllvm-config --version\n# \u67e5\u770bclang\u7248\u672c\nclang --version\n
"},{"location":"llvm/#\u6559\u5b66\u9879\u76ee","title":"\u6559\u5b66\u9879\u76ee","text":"

\u63a5\u4e0b\u6765\u63a8\u8350\u8fd9\u4e2agithub\u9879\u76eehttps://github.com/banach-space/llvm-tutor\uff0c\u6309HelloWorld: Your First Pass\u7ae0\u8282\u7ee7\u7eed\u64cd\u4f5c\u5373\u53ef\u3002

# \u5728llvm-tutor/HelloWorld\u76ee\u5f55\u4e0b\uff0c\u9996\u5148\u751f\u6210Pass\u7684.so\u6587\u4ef6\n\nmkdir build\ncd build\ncmake -DLT_LLVM_INSTALL_DIR=$LLVM_DIR .. # \u7528\u4e8e\u5b9a\u4f4dLLVMConfig.cmake\u6587\u4ef6\uff0c\u4ece\u800c\u5e2e\u52a9\u8bbe\u7f6e\u5e93\u6587\u4ef6\u8def\u5f84\nmake\n\n# \u7136\u540e\u7f16\u8bd1\u9700\u8981\u63d2\u6869\u7684\u6587\u4ef6\nclang -O1 -S -emit-llvm <source/dir/llvm/tutor>/inputs/input_for_hello.c -o input_for_hello.ll\n\n# \u6700\u540e\u6267\u884c\u6587\u4ef6\nopt -load-pass-plugin ./libHelloWorld.so -passes=hello-world -disable-output input_for_hello.ll\n

opt\u662f\u4e00\u4e2a\u547d\u4ee4\u884c\u5de5\u5177\uff0c\u7528\u4e8e\u5728LLVM IR\u5c42\u9762\u4e0a\u8fdb\u884c\u4ee3\u7801\u4f18\u5316\u3002 \u5b83\u53ef\u4ee5\u5e94\u7528\u5404\u79cd\u5404\u6837\u7684\u4f18\u5316\u7b56\u7565\uff0c\u5982\u6b7b\u4ee3\u7801\u6d88\u9664\u3001\u5e38\u91cf\u6298\u53e0\u7b49\uff0c\u4ee5\u63d0\u9ad8\u751f\u6210\u4ee3\u7801\u7684\u6548\u7387\u3002

LLVM Pass\u5de5\u4f5c\u5728LLVM IR\u6587\u4ef6\u7684\u57fa\u7840\u4e4b\u4e0a\u3002IR\u5305\u62ecll\uff08\u6587\u672c\u683c\u5f0f\uff0c\u4fbf\u4e8e\u4eba\u5de5\u9605\u8bfb\uff09\u548cbc\uff08\u5b57\u8282\u7801\uff09\u4e24\u79cd\u5f62\u5f0f\u3002\u6e90\u7801\u3001IR\u3001\u6c47\u7f16\u4ee3\u7801\u7684\u4e92\u76f8\u8f6c\u5316\u65b9\u6cd5\u5982\u4e0b\u6240\u793a\uff1a

.c -> .ll: clang -emit-llvm -S a.c -o a.ll\n.c -> .bc: clang -emit-llvm -c a.c -o a.bc\n.ll -> .bc: llvm-as a.ll -o a.bc\n.bc -> .ll: llvm-dis a.bc -o a.ll\n.bc -> .s: llc a.bc -o a.s\n
"},{"location":"llvm/#\u9879\u76ee\u4f8b\u5b50","title":"\u9879\u76ee\u4f8b\u5b50","text":"

\u5229\u7528LLVM\u6784\u5efa\u9759\u6001\u5206\u6790\u6846\u67b6\u65f6\uff0c\u8003\u8651\u7528cmake\u6765\u7ec4\u7ec7\u6574\u4e2a\u9879\u76ee\u7684\u7f16\u8bd1\u3002\u5047\u8bbe\u9700\u8981\u6784\u5efa\u4e00\u4e2a\u7a0b\u5e8f\uff0c\u5b83\u63a5\u6536\u4e00\u4e2abc\u6587\u4ef6\u540d\u4f5c\u4e3a\u53c2\u6570\uff0c\u7136\u540e\u7528\u4e24\u4e2apass\u6765\u8fdb\u884c\u5904\u7406\uff0c\u6253\u5370\u51fabc\u6587\u4ef6\u6240\u5305\u542b\u7684\u51fd\u6570\u540d\uff0c\u4ee5\u53ca\u51fd\u6570\u7684\u53c2\u6570\u4e2a\u6570\uff0c\u53ef\u4ee5\u8fd9\u4e48\u6765\u7ec4\u7ec7\u9879\u76ee\uff1a

Makefilesrc/CMakeLists.txtsrc/main.cppsrc/PrintFunctionArgsPass.cppsrc/PrintFunctionArgsPass.hppsrc/PrintFunctionNamesPass.cppsrc/PrintFunctionNamesPass.hpp
LLVM_BUILD := ~/llvm-project-15.0.7.src/build\n\n# Rule to build the project\nbuild_project:\n\tmkdir -p build \\\n\t\t&& cd build \\\n\t\t&& PATH=${LLVM_BUILD}/bin:${PATH} \\\n\t\t\tCC=clang CXX=clang++ \\\n\t\t\tcmake ../src \\\n\t\t\t\t-DCMAKE_BUILD_TYPE=Release \\\n\t\t\t\t-DLLVM_ENABLE_ASSERTIONS=ON \\\n\t\t\t\t-DCMAKE_CXX_FLAGS_RELEASE=\"-std=c++17 -fno-rtti -fpic -g\" \\\n\t\t&& make\n\n# Rule to clean the build directory\nclean_project:\n\trm -rf build\n\n# Default target\nall: project\n\n# Clean target\nclean: clean_project\n\n# Project target depends on build_project\nproject: clean_project build_project\n
cmake_minimum_required(VERSION 3.13)\nproject(IPA)\n\nfind_package(LLVM REQUIRED CONFIG)\n# list(APPEND CMAKE_MODULE_PATH \"${LLVM_CMAKE_DIR}\")\nmessage(STATUS \"Found LLVM ${LLVM_PACKAGE_VERSION}\")\nmessage(STATUS \"Using LLVMConfig.cmake in: ${LLVM_DIR}\")\ninclude_directories(${LLVM_INCLUDE_DIRS})\n# add_definitions(${LLVM_DEFINITIONS})\n\nset(project\n    main.cpp\n    PrintFunctionArgsPass.cpp\n    PrintFunctionArgsPass.hpp\n    PrintFunctionNamesPass.cpp\n    PrintFunctionNamesPass.hpp\n)\nadd_executable(ipa ${project})\n\ntarget_link_libraries(\n    ipa\n    LLVMCore\n    LLVMSupport\n    LLVMIRReader\n    LLVMAnalysis\n)\n
#include \"llvm/IR/Module.h\"\n#include \"llvm/Support/CommandLine.h\"\n#include \"llvm/Support/raw_ostream.h\"\n#include \"llvm/IRReader/IRReader.h\"\n#include \"llvm/Support/SourceMgr.h\"\n#include \"llvm/Pass.h\"\n\n#include \"PrintFunctionNamesPass.hpp\"\n#include \"PrintFunctionArgsPass.hpp\"\n\nusing namespace llvm;\n\n// Command-line option to specify multiple input .bc files\nstatic cl::list<std::string> InputFilenames(cl::Positional,\n                                            cl::desc(\"<input .bc files>\"),\n                                            cl::OneOrMore);\n\nint main(int argc, char **argv) {\n  cl::ParseCommandLineOptions(argc, argv, \"Function Passes\\n\");\n\n  LLVMContext Context;\n\n  // Iterate through all input files\n  for (const auto &InputFilename : InputFilenames) {\n    SMDiagnostic Err;\n\n    // Load the bitcode file\n    std::unique_ptr<Module> Mod = parseIRFile(InputFilename, Err, Context);\n    if (!Mod) {\n      errs() << \"Error reading bitcode file: \" << InputFilename << \"\\n\";\n      Err.print(argv[0], errs());\n      continue; // Skip to the next file if there's an error\n    }\n\n    errs() << \"Analyzing file: \" << InputFilename << \"\\n\";\n\n    // Create and run the function name pass\n    PrintFunctionNamesPass NamePass;\n    NamePass.runOnModule(*Mod);\n\n    // Create and run the function argument pass\n    PrintFunctionArgsPass ArgsPass;\n    ArgsPass.runOnModule(*Mod);\n  }\n\n  return 0;\n}\n
#include \"PrintFunctionArgsPass.hpp\"\n#include \"llvm/IR/Function.h\"\n#include \"llvm/Support/raw_ostream.h\"\n\nusing namespace llvm;\n\nchar PrintFunctionArgsPass::ID = 0;\n\nPrintFunctionArgsPass::PrintFunctionArgsPass() : ModulePass(ID) {}\n\nbool PrintFunctionArgsPass::runOnModule(Module &M) {\n  // Iterate through all functions in the module and print the number of arguments\n  for (Function &F : M) {\n    if (!F.isDeclaration()) {\n      errs() << \"Function Name: \" << F.getName() \n             << \", Argument Count: \" << F.arg_size() << \"\\n\";\n    }\n  }\n  return false;\n}\n
#ifndef PRINT_FUNCTION_ARGS_PASS_HPP\n#define PRINT_FUNCTION_ARGS_PASS_HPP\n\n#include \"llvm/IR/Module.h\"\n#include \"llvm/Pass.h\"\n\nclass PrintFunctionArgsPass : public llvm::ModulePass {\npublic:\n  static char ID;\n  PrintFunctionArgsPass();\n\n  bool runOnModule(llvm::Module &M) override;\n};\n\n#endif // PRINT_FUNCTION_ARGS_PASS_HPP\n
#include \"PrintFunctionNamesPass.hpp\"\n#include \"llvm/IR/Function.h\"\n#include \"llvm/Support/raw_ostream.h\"\n\nusing namespace llvm;\n\nchar PrintFunctionNamesPass::ID = 0;\n\nPrintFunctionNamesPass::PrintFunctionNamesPass() : ModulePass(ID) {}\n\nbool PrintFunctionNamesPass::runOnModule(Module &M) {\n  // Iterate through all functions in the module and print their names\n  for (Function &F : M) {\n    if (!F.isDeclaration()) {\n      errs() << \"Function Name: \" << F.getName() << \"\\n\";\n    }\n  }\n  return false;\n}\n
#ifndef PRINT_FUNCTION_NAMES_PASS_HPP\n#define PRINT_FUNCTION_NAMES_PASS_HPP\n\n#include \"llvm/IR/Module.h\"\n#include \"llvm/Pass.h\"\n\n\nclass PrintFunctionNamesPass : public llvm::ModulePass {\npublic:\n  static char ID;\n  PrintFunctionNamesPass();\n\n  bool runOnModule(llvm::Module &M) override;\n};\n\n#endif // PRINT_FUNCTION_NAMES_PASS_HPP\n
"},{"location":"llvm/#llvm-api\u5b66\u4e60","title":"LLVM API\u5b66\u4e60","text":""},{"location":"llvm/#\u5934\u6587\u4ef6\u67b6\u6784","title":"\u5934\u6587\u4ef6\u67b6\u6784","text":"

\u5173\u6ce8\u4e4b\u524d\u4e0b\u8f7d\u7684llvm-project-xx.x.x.src\u76ee\u5f55\u4e0b\u7684llvm/include/llvm\u6587\u4ef6\u5939\uff0c\u91cc\u9762\u5305\u542bADT\u3001IR\u3001IRReader\u7b49\u5404\u79cd\u5934\u6587\u4ef6\uff0c\u4ece\u4e2d\u53ef\u4ee5\u4e86\u89e3\u5982\u4f55\u8c03API\u3002\u4ee515.0.7\u7248\u672c\u4e3a\u4f8b\uff0c\u76ee\u5f55\u67b6\u6784\u5982\u4e0b\uff1a

tree ./llvm-project-15.0.7.src/llvm/include/llvm -LF 1
./\n\u251c\u2500\u2500 ADT/\n\u251c\u2500\u2500 Analysis/\n\u251c\u2500\u2500 AsmParser/\n\u251c\u2500\u2500 BinaryFormat/\n\u251c\u2500\u2500 Bitcode/\n\u251c\u2500\u2500 Bitstream/\n\u251c\u2500\u2500 CMakeLists.txt\n\u251c\u2500\u2500 CodeGen/\n\u251c\u2500\u2500 Config/\n\u251c\u2500\u2500 DebugInfo/\n\u251c\u2500\u2500 Debuginfod/\n\u251c\u2500\u2500 Demangle/\n\u251c\u2500\u2500 DWARFLinker/\n\u251c\u2500\u2500 DWP/\n\u251c\u2500\u2500 ExecutionEngine/\n\u251c\u2500\u2500 FileCheck/\n\u251c\u2500\u2500 Frontend/\n\u251c\u2500\u2500 FuzzMutate/\n\u251c\u2500\u2500 InitializePasses.h\n\u251c\u2500\u2500 InterfaceStub/\n\u251c\u2500\u2500 IR/\n\u251c\u2500\u2500 IRReader/\n\u251c\u2500\u2500 LineEditor/\n\u251c\u2500\u2500 LinkAllIR.h\n\u251c\u2500\u2500 LinkAllPasses.h\n\u251c\u2500\u2500 Linker/\n\u251c\u2500\u2500 LTO/\n\u251c\u2500\u2500 MC/\n\u251c\u2500\u2500 MCA/\n\u251c\u2500\u2500 module.extern.modulemap\n\u251c\u2500\u2500 module.install.modulemap\n\u251c\u2500\u2500 module.modulemap\n\u251c\u2500\u2500 module.modulemap.build\n\u251c\u2500\u2500 ObjCopy/\n\u251c\u2500\u2500 Object/\n\u251c\u2500\u2500 ObjectYAML/\n\u251c\u2500\u2500 Option/\n\u251c\u2500\u2500 PassAnalysisSupport.h\n\u251c\u2500\u2500 Passes/\n\u251c\u2500\u2500 Pass.h\n\u251c\u2500\u2500 PassInfo.h\n\u251c\u2500\u2500 PassRegistry.h\n\u251c\u2500\u2500 PassSupport.h\n\u251c\u2500\u2500 ProfileData/\n\u251c\u2500\u2500 Remarks/\n\u251c\u2500\u2500 Support/\n\u251c\u2500\u2500 TableGen/\n\u251c\u2500\u2500 Target/\n\u251c\u2500\u2500 Testing/\n\u251c\u2500\u2500 TextAPI/\n\u251c\u2500\u2500 ToolDrivers/\n\u251c\u2500\u2500 Transforms/\n\u251c\u2500\u2500 WindowsDriver/\n\u251c\u2500\u2500 WindowsManifest/\n\u251c\u2500\u2500 WindowsResource/\n\u2514\u2500\u2500 XRay/\n\n43 directories, 13 files\n
"},{"location":"llvm/#passh","title":"Pass.h","text":"

LLVM Pass\u7684\u57fa\u7840\u662f\u4e00\u4e2a\u4e2apass\uff0c\u6bd4\u5982\u81ea\u5df1\u5199\u4e00\u4e2a\u7c7b\u7ee7\u627fllvm::ModulePass\uff0c\u5728\u5185\u90e8\u8986\u5199runOnModule\u51fd\u6570\u3002\u800cModulePass\u53c8\u662f\u7ee7\u627f\u81eallvm::Pass\u7684\uff0c\u4e5f\u5c31\u662f\u76f4\u63a5\u6765\u81ea\u5934\u6587\u4ef6\u76ee\u5f55\u4e0b\u7684Pass.h\u6587\u4ef6\u3002\u8fd9\u4e2a\u5934\u6587\u4ef6\u5927\u81f4\u7ed3\u6784\u5982\u4e0b\uff1a

Pass.h
#ifndef LLVM_PASS_H\n#define LLVM_PASS_H\n#include <string>\n\nnamespace llvm {\n\nclass AnalysisResolver;\nclass AnalysisUsage;\nclass Function;\n//   ...\n\n// AnalysisID - Use the PassInfo to identify a pass...\nusing AnalysisID = const void *;\n\n/// Different types of internal pass managers.\nenum PassManagerType {\n//   ...\n};\n\n// Different types of passes.\nenum PassKind {\n//   ...\n};\n\n/// This enumerates the LLVM full LTO or ThinLTO optimization phases.\nenum class ThinOrFullLTOPhase {\n//   ...\n};\n\nclass Pass {\n// ...\n};\n\nclass ModulePass : public Pass {\n// ...\n};\n\nclass ImmutablePass : public ModulePass {\n// ...\n};\n\nclass FunctionPass : public Pass {\n// ...\n};\n\n} // end namespace llvm\n\n// Include support files that contain important APIs commonly used by Passes,\n// but that we want to separate out to make it easier to read the header files.\n#include \"llvm/PassAnalysisSupport.h\"\n#include \"llvm/PassSupport.h\"\n\n#endif // LLVM_PASS_H\n

\u53ef\u89c1\uff0c\u4ecePass\u7c7b\u76f4\u63a5\u7ee7\u627f\u4e86ModulePass\u548cFunctionPass\u4e24\u4e2a\u7c7b\u3002

"},{"location":"openssh/","title":"OpenSSH\u9605\u8bfb\u7b14\u8bb0","text":"

\u7ea6 164 \u4e2a\u5b57 5 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 1 \u5206\u949f

"},{"location":"openssh/#\u51c6\u5907\u5de5\u4f5c","title":"\u51c6\u5907\u5de5\u4f5c","text":"

(\u4ee5\u4e0b\u5747\u5728wsl\u7684root\u7528\u6237) ubuntu\u7cfb\u7edf\uff0c\u5148\u9884\u88c5\u4e0b\u73af\u5883\uff1a

apt install build-essential autoconf zlib1g-dev libssl-dev\n

\u4e0b\u8f7d\u6e90\u7801\uff0c\u76f4\u63a5\u4eceGithub\u94fe\u63a5\u4e0b\u8f7dzip\u5230\u672c\u5730\u89e3\u538b\uff0c\u4e5f\u53ef\u4ee5\u7528git clone\uff1a

git clone --depth 1 https://github.com/openssh/openssh-portable.git\n

\u4e3a\u4e86\u9632\u6b62\u4e4b\u540emake install\u51fa\u7684\u6587\u4ef6\u8986\u76d6\u7cfb\u7edf\u81ea\u5df1\u7684ssh\uff0c\u8fd9\u91cc\u6307\u5b9aconfigure\u5c06\u4e4b\u540e\u7f16\u8bd1\u51fa\u7684\u6587\u4ef6\u653e\u5230\u9879\u76ee\u7684/output\u6587\u4ef6\u5939\u4e0b\u3002\u6309readme\u7684Building from git\u7684\u65b9\u6cd5\uff0c\u8fdb\u5165openssh\u6240\u5728\u76ee\u5f55\u540e\uff0c\u8fd0\u884c\uff1a

autoreconf\n./configure --prefix=`pwd`/output\nmake\n

\u6b64\u65f6\u76f8\u5173\u53ef\u6267\u884c\u6587\u4ef6\u5df2\u7ecf\u7f16\u8bd1\u5b8c\u6bd5\u3002\u4e3a\u4e86\u8fdb\u4e00\u6b65\u6e05\u6670\u663e\u793a\uff0c\u53ef\u4ee5\u8fd0\u884cmake install\uff0c\u5219\u5728\u5f53\u524d\u76ee\u5f55\u7684output\u6587\u4ef6\u5939\u4e0b\u4f1a\u751f\u6210\u5bf9\u5e94\u7684\u7ed3\u6784\u3002

"},{"location":"picking-ups/","title":"\u6587\u53e5\u6458\u5f55","text":"

\u7ea6 1043 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 3 \u5206\u949f

Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features (ISSTA 2023)

RR: A Fault Model for Efficient TEE Replication (NDSS 2023)

No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions (NDSS 2023)

FUZZUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks (Oakland 2022)

Registered Report: DATAFLOW Towards a Data-Flow-Guided Fuzzer

A Survey on Adversarial Attacks for Malware Analysis

Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land (Oakland 2021)

A Systematical and longitudinal study of evasive behaviors in windows malware (Computers & Security 2021)

Structural Attack against Graph Based Android Malware Detection (CCS 2021)

Deep Learning for Android Malware Defenses: a Systematic Literature Review (ACM Survey 2021)

Intriguing Properties of Adversarial ML Attacks in the Problem Space (Oakland 2020)

P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling (USENIX SECURITY 2020)

Toward the Analysis of Embedded Firmware through Automated Re-hosting (RAID 2019)

REPT: Reverse Debugging of Failures in Deployed Software (USENIX SECURITY 2018)

What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (NDSS 2018)

Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts (USENIX SECURITY 2017)

POMP++: Facilitating Postmortem Program Diagnosis with Value-Set Analysis

A Survey on Software Fault Localization (TSE 2016)

"},{"location":"porting/","title":"\u6298\u817e\u7f51\u7ad9","text":"

\u7ea6 1481 \u4e2a\u5b57 49 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 10 \u5206\u949f

"},{"location":"porting/#\u7aef\u53e3\u590d\u7528\u65b9\u6cd5","title":"\u7aef\u53e3\u590d\u7528\u65b9\u6cd5","text":"

\u7531\u4e8e\u670d\u52a1\u5668\u5b89\u5168\u8bbe\u5b9a\uff0c\u53ea\u5bf9\u5916\u5f00\u653e\u4e00\u4e2a22\u7aef\u53e3\u63d0\u4f9bssh\u8fde\u63a5\u3002\u90a3\u4e48\u5728\u6b64\u57fa\u7840\u4e0a\u5982\u4f55\u63d0\u4f9bhttp\u3001https\u7b49\u591a\u79cd\u670d\u52a1\uff1f\u641c\u7d22\u4e86\u4e0b\u53ef\u4ee5\u6839\u636e\u6d41\u91cf\u7279\u5f81\u7528sslh\u7b80\u5355\u8f6c\u53d1\u4e00\u4e0b\u6570\u636e\u5305\u5230\u4e0d\u540c\u7684\u5185\u90e8\u7aef\u53e3\u3002

"},{"location":"porting/#sslh\u6839\u636e\u6d41\u91cf\u7279\u5f81\u8f6c\u53d1\u6570\u636e\u5305","title":"sslh\uff1a\u6839\u636e\u6d41\u91cf\u7279\u5f81\u8f6c\u53d1\u6570\u636e\u5305","text":"

\u5728root\u4e0bapt install sslh\u540e\u4fee\u6539\u914d\u7f6e\u6587\u4ef6/etc/default/sslh\uff1a

# Default options for sslh initscript\n# sourced by /etc/init.d/sslh\n\n# binary to use: forked (sslh) or single-thread (sslh-select) version\n# systemd users: don't forget to modify /lib/systemd/system/sslh.service\nDAEMON=/usr/sbin/sslh\nRun=yes\nDAEMON_OPTS=\"--user sslh --listen 0.0.0.0:4684 --ssh 127.0.0.1:5752 --tls 127.0.0.1:443 --http 127.0.0.1:1284 --anyprot 127.0.0.1:2008 -F /etc/sslh/sslh.cfg --pidfile /var/run/sslh/sslh.pid\"\n

\u8fd9\u91cc\u4e5f\u53ef\u4ee5cat /lib/systemd/system/sslh.service\u770b\u4e00\u4e0bservice\u6587\u4ef6\uff0c\u5176\u4e2d\u6709\u4e00\u884cExecStart=/usr/sbin/sslh --foreground $DAEMON_OPTS\uff0c\u53ef\u4ee5\u770b\u5230\u5728\u542f\u52a8sslh\u65f6\u53c2\u6570\u662fDAEMON_OPTS\u3002\u6240\u4ee5\u91cd\u70b9\u5c31\u5728\u4e8e\u914d\u7f6e\u597dDAEMON_OPTS\u3002

\u89e3\u91ca\u4e00\u4e0b\u51e0\u4e2a\u53c2\u6570\u7684\u610f\u601d\uff1a

\u7136\u540esystemctl enable sslh\u3001systemctl start sslh\u542f\u52a8sslh\uff0c\u5c06\u672c\u57304684\u7aef\u53e3\u6536\u5230\u7684\u6d41\u91cf\u6839\u636essh\u3001ssl\u3001http\u7684\u7279\u5f81\u5206\u522b\u8fdb\u884c\u7aef\u53e3\u8f6c\u53d1\u3002

\u6bd4\u8f83\u6709\u610f\u601d\u7684\u662f\u53ef\u4ee5\u7528--anyprot\u6765\u8bbe\u7f6e\u9ed8\u8ba4\u7684\u8f6c\u53d1\u7b56\u7565\uff0c\u914d\u5408nc -lk\u53ef\u4ee5\u770b\u81ea\u5b9a\u4e49\u7684\u6570\u636e\u5305\u683c\u5f0f\uff0c\u518d\u901a\u8fc7-F\uff08\u6216--config\uff09\u6307\u5b9aconfig\u6587\u4ef6\uff08\u6bd4\u5982/etc/sslh/sslh.cfg\uff09\uff0c\u5b9e\u73b0\u5229\u7528\u6b63\u5219\u8868\u8fbe\u5f0f\u5bf9\u6570\u636e\u5305\u8fdb\u884c\u81ea\u5b9a\u4e49\u8f6c\u53d1\u3002

\u6ce8\u610f\uff0c\u5982\u679c\u4f7f\u7528config\u6587\u4ef6\uff0c\u90a3\u4e48\u6587\u4ef6\u7684\u5185\u5bb9\u4e0d\u8981\u548c\u547d\u4ee4\u884c\u5df2\u6709\u7684\u5185\u5bb9\u91cd\u590d\u3002\u6bd4\u5982\u547d\u4ee4\u884c\u5df2\u7ecf\u6307\u5b9a\u4e86\u76d1\u542c127.0.0.1\u7aef\u53e3\u76844684\uff0c\u90a3config\u6587\u4ef6\u91cc\u5c31\u4e0d\u8981\u518d\u52a0\u4e0alisten:(xxx)\u4e86\u3002

config\u6587\u4ef6\u6307\u5b9a\u5339\u914d\u89c4\u5219\u7684\u4f8b\u5b50\u5982\u4e0b\u6240\u793a\uff08\u7247\u6bb5\uff09

protocols:\n(\n    { name: \"http\"; host: \"127.0.0.1\"; port: \"808\"; },\n    { name: \"tls\"; host: \"127.0.0.1\"; port: \"443\"; sni_hostnames: [ \"remote.c01dkit.com\" ]; tfo_ok: true },\n    { name: \"tls\"; host: \"127.0.0.1\"; port: \"7000\"; sni_hostnames: [ \"project-frp\" ]; tfo_ok: true },\n    { name: \"regex\"; host: \"127.0.0.1\"; port: \"60000\"; regex_patterns: [ \"^SSH-2.0-Go\\x0d$\", \"^SSH-2.0-OpenSSH\\x0d$\" ]; },\n);\n
"},{"location":"porting/#ssh\u63d0\u4f9b\u8fdc\u7a0b\u8fde\u63a5","title":"ssh\uff1a\u63d0\u4f9b\u8fdc\u7a0b\u8fde\u63a5","text":"

\u7531\u4e8e\u539f\u672c\u5bf9\u5916\u5f00\u653e\u768422\u7aef\u53e3\u53ea\u7528\u4e8e\u63a5\u6536ssh\u8bf7\u6c42\uff0c\u5982\u679c\u60f3\u8981\u63d0\u4f9b\u66f4\u591a\u670d\u52a1\uff0c\u9700\u8981\u5148\u628a22\u7aef\u53e3\u7684\u63a5\u6536\u7684\u6570\u636e\u90fd\u8f6c\u53d1\u7ed9sslh\uff0c\u8ba9\u5b83\u6765\u8fdb\u884c\u5206\u7c7b\u3002\u90a3\u4e48ssh\u8bf7\u6c42\u5e94\u8be5\u5c31\u4e0d\u80fd\u518d\u8fd8\u7ed922\u7aef\u53e3\u4e86\uff08\u4e0d\u7136\u53ef\u80fd\u53c8\u88ab\u8f6c\u53d1\u7ed9sslh\uff1f\u4e0d\u786e\u5b9a\uff09\uff0c\u53ef\u4ee5\u8003\u8651\u518d\u5f00\u4e00\u4e2a\u7aef\u53e3\u76d1\u542cssh\u8bf7\u6c42\u3002\u8fd9\u91ccssh\u7684\u8bbe\u5b9a\u5f00\u4e86\u672c\u573022\u548c5752\u7aef\u53e3\uff0c\u914d\u7f6e\u65f6\u4fee\u6539/etc/ssh/sshd_config\u6587\u4ef6\uff0c\u52a0\u4e00\u884cPort 5752\u5373\u53ef\u3002\u540c\u65f6\u8bb0\u5f97\u4f7f\u7528\u516c\u94a5\u8ba4\u8bc1\u767b\u5f55\uff0c\u7981\u7528\u5bc6\u7801\u767b\u5f55\u3002

Port 22\nPort 5752\nPubkeyAuthentication yes\nPasswordAuthentication no\n
"},{"location":"porting/#nginx\u63d0\u4f9bhttphttps\u670d\u52a1","title":"nginx\uff1a\u63d0\u4f9bhttp/https\u670d\u52a1","text":"

\u5728nginx\u5b98\u7f51\u4e0b\u8f7d\u6e90\u7801\u5e76\u6309\u8bf4\u660e\u7f16\u8bd1\u3002nginx\uff081.22\u7248\u672c\uff09\u7684\u914d\u7f6e\u5982\u4e0b\uff1a

user  c01dkit;\nworker_processes  1;\n\nevents {\n    worker_connections  1024;\n}\n\nhttp {\n    include       mime.types;\n    default_type  application/octet-stream;\n    sendfile        on;\n    keepalive_timeout  65;\n    server_tokens off;\n    server {\n        listen       1284;\n\t\tlisten       127.0.0.1:1284;\n        charset utf-8;\n        server_name  xxxx.c01dkit.com;\n\t\tif ($scheme = http ) {\n\t\t\treturn 301 https://$host:xxxx$request_uri;\t\n\t\t}\n        error_page  404              /404.html;\n    }\n\n    server {\n\t\tlisten       127.0.0.1:443 ssl ;\n        listen       443 ssl ;\n\t\tlisten       [::]:443 ssl ;\n        server_name  xxxx.c01dkit.com;\n        charset utf-8;\n        ssl_certificate      xxxx/fullchain.pem;\n        ssl_certificate_key  xxxx/privkey.pem;\n\n        ssl_session_cache    shared:SSL:1m;\n        ssl_session_timeout  5m;\n\n        ssl_ciphers  HIGH:!aNULL:!MD5;\n        ssl_prefer_server_ciphers  on;\n\n        location / {\n            root   xxxxx;\n            index  index.html index.htm;\n            error_page  404              /404.html;\n\n        }\n        location ~ \\.php$ {\n            fastcgi_pass   unix:/run/php/php8.1-fpm.sock;\n            fastcgi_index  index.php;\n            fastcgi_param  SCRIPT_FILENAME  xxxx/www$fastcgi_script_name;\n            include        fastcgi_params;\n            error_page  404              /404.html;\n        }\n    }\n\n}\n

\u8fd9\u91cc\u914d\u7f6e\u4e86nginx\u76d1\u542c\u672c\u57301284\u7aef\u53e3\u6765\u5904\u7406http\u8bbf\u95ee\uff0c\u5c06https\u8bf7\u6c42\u8f6c\u53d1\u5230443\u7aef\u53e3\uff0c\u4e5f\u8bbe\u7f6e\u4e86ssl\u7684\u8bc1\u4e66\u3002\u8bc1\u4e66\u7684\u914d\u7f6e\u65b9\u6cd5\u53ef\u4ee5\u89c1\u540e\u6587\u7684https\u8bc1\u4e66\u7ae0\u8282\u3002

\u5173\u4e8enginx\uff0c\u53ef\u4ee5nginx -V\u67e5\u770b\u7f16\u8bd1\u9009\u9879\uff0c\u7136\u540e\u81ea\u5df1\u4ece\u6e90\u7801\u7f16\u8bd1\u4e0b\u3002\u5e38\u89c1\u7684-V\u8f93\u51fa\u6709\uff1a

nginx version: nginx/1.22.1\nbuilt by gcc 11.3.0 (Ubuntu 11.3.0-1ubuntu1~22.04) \nbuilt with OpenSSL 3.0.2 15 Mar 2022\nTLS SNI support enabled\nconfigure arguments: --user=c01dkit --group=c01dkit --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-compat --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_sub_module\n

\u8fd9\u91cc\u6307\u5b9auser\u4e3ac01dkit\uff0c\u7136\u540e\u7f51\u7ad9\u4e5f\u90fd\u653e\u5728c01dkit\u7684\u5bb6\u76ee\u5f55\u91cc\u9762\uff0c\u4ee5\u9632\u7f51\u7ad9\u9875\u9762\u56e0\u4e3a\u6743\u9650\u95ee\u9898\u6253\u4e0d\u5f00\uff08\u597d\u50cf\u9ed8\u8ba4\u662fwww-data\uff09\uff0c\u53ef\u80fd\u662f\u87f9\u811a\u6539\u6cd5\u25cb( \uff3e\u76bf\uff3e)\u3063

"},{"location":"porting/#iptables\u8f6c\u53d1\u5916\u90e8\u8bbf\u95ee\u5230sslh","title":"iptables\uff1a\u8f6c\u53d1\u5916\u90e8\u8bbf\u95ee\u5230sslh","text":"

\u6700\u540e\u63a5\u7740\u8bbe\u7f6e\u9632\u706b\u5899\u5c06\u6240\u6709\u5916\u90e8\u6d41\u91cf\u4ece\u5f00\u653e\u7684\u552f\u4e00\u7aef\u53e3\u8f6c\u53d1\u52304684\u7aef\u53e3\u5373\u53ef\u3002

iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n

\u8fd9\u91cc\u5047\u5b9a\u5916\u90e8\u7aef\u53e3\u5f00\u653e\u7684\u7aef\u53e3\u6620\u5c04\u5230\u672c\u573022\u7aef\u53e3\u3002\u8fd9\u91cc22\u7aef\u53e3\u4e5f\u662f\u6709ssh\u670d\u52a1\u5728\u76d1\u542c\u3002

\u6709\u65f6\u62c5\u5fc3sslh\u670d\u52a1\u6302\u6389\u5bfc\u81f44684\u6ca1\u6709ssh\u670d\u52a1\u3001ssh\u8fde\u4e0d\u4e0a\uff0c\u8bbe\u7f6e\u4e86\u5b9a\u65f6\u4efb\u52a1\u6765\u5173\u6389\u3001\u6253\u5f00\u9632\u706b\u5899\uff08\u6b64\u65f6\u53ea\u80fdssh\u8fde\u63a5\uff0c\u63d0\u4f9b\u8fd0\u7ef4\u7a97\u53e3\u671f\uff09\uff0c\u6bd4\u5982\u6bcf\u5468\u4e094\u70b9\u52306\u70b9\u53ea\u63d0\u4f9b22\u7aef\u53e3\u7684ssh\u670d\u52a1\uff1a

# Edit this file to introduce tasks to be run by cron.\n# \n# Each task to run has to be defined through a single line\n# indicating with different fields when the task will be run\n# and what command to run for the task\n# \n# To define the time you can provide concrete values for\n# minute (m), hour (h), day of month (dom), month (mon),\n# and day of week (dow) or use '*' in these fields (for 'any').\n# \n# Notice that tasks will be started based on the cron's system\n# daemon's notion of time and timezones.\n# \n# Output of the crontab jobs (including errors) is sent through\n# email to the user the crontab file belongs to (unless redirected).\n# \n# For example, you can run a backup of all your user accounts\n# at 5 a.m every week with:\n# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/\n# \n# For more information see the manual pages of crontab(5) and cron(8)\n# \n# m h  dom mon dow   command\n0 4 * * 3 iptables -t nat -D PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n0 6 * * 3 iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n

\u7531\u4e8e\u8fd9\u6837\u8bbe\u7f6eiptables\u4f1a\u5728\u670d\u52a1\u5668\u91cd\u542f\u540e\u5931\u6548\uff0c\u6240\u4ee5\u670d\u52a1\u5668\u610f\u5916\u91cd\u542f\u7684\u8bdd\u53ea\u4e0d\u8fc7\u662f\u6062\u590d\u5230\u6700\u57fa\u7840\u768422\u7aef\u53e3ssh\u800c\u5df2\u3002

"},{"location":"porting/#https\u8bc1\u4e66","title":"https\u8bc1\u4e66","text":"

\u5173\u4e8ehttps\u8bc1\u4e66\uff0c\u53ef\u4ee5\u6309\u8fd9\u91cc\u7684\u65b9\u6cd5\uff0c\u5148snap install --classic certbot\u5b89\u88c5certbot\uff0c\uff08\u4e0d\u77e5\u9053\u4e3a\u5565\u5f53\u65f6\u8bbe\u7f6e\u4e86\u4e00\u4e0bcertbot\u8def\u5f84sudo ln -s /snap/bin/certbot /usr/bin/certbot\uff09\u3002\u5982\u679c80\u7aef\u53e3\u5df2\u7ecf\u5bf9\u5916\u5f00\u653e\uff0c\u53ef\u4ee5\u7b80\u5355\u5730certbot --nginx\u81ea\u52a8\u5e2e\u5fd9\u8ba4\u8bc1\uff08\u5373certbot\u521b\u5efa\u8ba4\u8bc1\u6587\u4ef6\u7136\u540e\u5728\u516c\u7f51\u8bbf\u95ee\uff09\u3002\u5982\u679c80\u7aef\u53e3\u4e0d\u5bf9\u5916\u5f00\u653e\uff0c\u53ef\u4ee5\u81ea\u9009dns\u8ba4\u8bc1\uff1acertbot certonly --manual --preferred-challenges=dns\u7136\u540e\u5728\u57df\u540d\u7ba1\u7406\u90a3\u8fb9\u6dfb\u52a0\u4e00\u4e0b\u8bb0\u5f55\u5373\u53ef\uff0c\u6bd4\u5982\u521b\u5efa\u4e00\u4e2a_acme-challenge.remote\u7684TXT\u8bb0\u5f55\u3002\u7136\u540e\u5728nginx\u7684conf\u90a3\u91cc\u8bbe\u7f6e\u597d\u8bc1\u4e66\u8def\u5f84\uff0c\u8bbf\u95ee\u5c31\u6709https\u8ba4\u8bc1\u4e86\uff01\u5bf9\u4e8ehttp\u8bbf\u95ee\uff0c\u53ef\u4ee5\u7528301\u8df3\u8f6c\u3002

\u4e00\u6b21\u8ba4\u8bc1\u662f90\u5929\u6709\u6548\u671f\uff0c\u5230\u671f\u4e4b\u524d\u4f1a\u53d1\u90ae\u4ef6\uff0c\u66f4\u65b0\u8bc1\u4e66\u65f6\u9700\u8981\u8fd0\u884ccertbot renew --manual-auth-hook=xxx.sh \u5176\u4e2dsh\u811a\u672c\u662f\u81ea\u5df1\u7f16\u5199\u7684\u4e00\u4e2a\u81ea\u52a8\u5316\u5b8c\u6210DNS\u8bb0\u5f55\u66f4\u65b0\u3002\u4e3a\u4e86\u61d2\u7701\u4e8b\uff0c\u53ef\u4ee5\u8fd9\u4e48\u5199\uff1a

echo ${CERTBOT_VALIDATION} >> xxx.txt\necho ${CERTBOT_DOMAIN} >> xxx.txt\nsleep 120\nexit 0\n

\u7136\u540e\u5728\u4e24\u5206\u949f\u4e4b\u5185\uff0c\u628axxx.txt\u91ccCERTBOT_VALIDATION\u5bf9\u5e94\u7684\u54c8\u5e0c\u503c\u624b\u52a8\u66f4\u65b0\u5728DNS\u8bb0\u5f55\u91cc\u5373\u53ef\u3002

\u6b64\u5916\uff0c\u65b0\u627e\u5230\u4e00\u4e2a\u53ef\u4ee5\u65b9\u4fbf\u5730\u5728web\u7aef\u914d\u7f6e\u65b0\u8bc1\u4e66\u7684\u7f51\u7ad9\uff1ahttps://xiangyuecn.github.io/ACME-HTML-Web-Browser-Client/ACME-HTML-Web-Browser-Client.html

"},{"location":"proxy/","title":"\u4ee3\u7406\u8f6c\u53d1","text":"

\u7ea6 452 \u4e2a\u5b57 9 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 2 \u5206\u949f

"},{"location":"proxy/#\u591a\u53f0\u7535\u8111\u7ec4\u5c40\u57df\u7f51","title":"\u591a\u53f0\u7535\u8111\u7ec4\u5c40\u57df\u7f51","text":"

\u53ef\u4ee5\u4f7f\u7528zerotier\uff0c\u767b\u5f55\u4ee5\u540e\u521b\u5efa\u4e00\u4e2a\u7f51\u7edc\u3002\u7136\u540e\u9700\u8981\u7ec4\u5c40\u57df\u7f51\u7684\u8bbe\u5907\u4e0b\u8f7dzerotier\u4ee5\u540ejoin\u4e0a\u5c31\u884c\u4e86\u3002

\u53ef\u4ee5\u53c2\u8003\u8fd9\u91cc\u6216\u8fd9\u91cc\uff0c\u6216\u8005\u8fd9\u91cc\u7684\u4e00\u952e\u811a\u672c\u7684\u94fe\u63a5\u914d\u7f6e\u79c1\u6709planet\uff0c\u65e2\u80fd\u63d0\u9ad8\u5b89\u5168\u6027\uff0c\u53c8\u80fd\u52a0\u5feb\u8fde\u63a5\u901f\u5ea6\u3002\u7b80\u5355\u6765\u8bf4\uff0c\u9700\u8981\u7528ZeroTier\u5b98\u65b9\u4ee3\u7801\u7f16\u8bd1\u81ea\u5df1\u7684planet\u6587\u4ef6\u5e76\u66ff\u6362\u6389zerotier\u5ba2\u6237\u7aef\u4f7f\u7528\u7684planet\uff0c\u7136\u540e\u7528ztncui\u8fd9\u4e2a\u540e\u53f0\u7ba1\u7406\u754c\u9762\u914d\u7f6ezerotier\u7684\u8bb8\u53ef\u3002

"},{"location":"proxy/#\u5185\u7f51\u7a7f\u900f","title":"\u5185\u7f51\u7a7f\u900f","text":"

\u9700\u8981\u516c\u7f51\u670d\u52a1\u5668\uff0c\u53ef\u4ee5\u5728\u963f\u91cc\u4e91\u79df\u4e00\u4e2a

\u4e00\u79cd\u65b9\u6cd5\u662ffrp

\u53e6\u4e00\u79cd\u65b9\u6cd5\u662fssh\u6b63\u5411\u8fde\u63a5\u914d\u5408\u53cd\u5411\u8fde\u63a5\uff1a

\u9996\u5148\u5185\u7f51\u670d\u52a1\u5668\u5f00\u4e2ascreen\u8fd0\u884cssh -R 127.0.0.1:1234:127.0.0.1:22 user@ip -p port\u8fde\u63a5\u5230\u4e91\u670d\u52a1\u5668\u4e0a\u3002\u8fd9\u6837\u7684\u8bdd\u4e91\u670d\u52a1\u5668\u8bbf\u95ee127.0.0.1:1234\u5c31\u76f8\u5f53\u4e8e\u8bbf\u95ee\u5185\u7f51\u7684127.0.0.1:22\u3002\u7136\u540e\u9700\u8981\u8fde\u63a5\u5185\u7f51\u7684\u4e3b\u673a\u4e5f\u5f00\u4e2ascreen\u8fd0\u884cssh -L 127.0.0.1:2345:127.0.0.1:1234 user@ip -p port\uff0c\u8fd9\u6837\u7684\u8bdd\u8be5\u4e3b\u673a\u8bbf\u95ee\u81ea\u5df1127.0.0.1:2345\u5c31\u76f8\u5f53\u4e8e\u8bbf\u95ee\u4e91\u670d\u52a1\u5668\u7684127.0.0.1:1234\u3002\u7136\u540e\u8be5\u4e3b\u673a\u518d\u5f00\u4e00\u4e2a\u7ec8\u7aef\uff0cssh user@127.0.0.1 -p 2345\u5373\u53ef\u3002

\u65b9\u4fbf\u8d77\u89c1\u4e5f\u53ef\u4ee5\u5728.ssh/config\u6587\u4ef6\u91cc\u7528RemoteForward ip1:port1 ip2:port2\u548cLocalForward ip1:port1 ip2:port2\u6765\u7b80\u5316\u6bcf\u6b21ssh\u8fde\u63a5\u90fd\u8fd9\u4e48\u641e\u3002

"},{"location":"proxy/#\u5b50\u7f51\u8f6c\u53d1","title":"\u5b50\u7f51\u8f6c\u53d1","text":"

\u5e0c\u671b\u5c06\u67d0\u7aef\u53e3\u6536\u5230\u7684\u6d88\u606f\u8f6c\u53d1\u5230\u5176\u4ed6\u4e3b\u673a\u7684\u67d0\u4e00\u7aef\u53e3\uff0c\u53ef\u4ee5\u8bd5\u8bd5socat\uff0c\u6bd4\u5982socat TCP4-LISTEN:4320,fork TCP4:10.244.55.25:80\uff0c\u53ef\u4ee5\u628a4320\u7aef\u53e3\u6536\u5230\u7684TCP4\u6570\u636e\u5305\u8f6c\u53d1\u5230\u5b50\u7f5110.244.55.25\u768480\u7aef\u53e3\uff0c\u914d\u5408zerotier\u53ef\u4ee5\u5b9e\u73b0\u5185\u7f51\u5bf9\u5916\u5f00\u653e\u7aef\u53e3\u3002

\u5373\uff0cvi /etc/systemd/system/socat.service\u7f16\u8f91\u5982\u4e0b\u7684socat\uff0c\u5e76systemctl enable socat.service\u542f\u7528\u5f00\u673a\u542f\u52a8\uff0c\u7136\u540esystemctl start socat.service\u3002\u4e3a\u4e86\u652f\u6301https\u8fde\u63a5\uff0c\u4f7f\u7528TCP-LISTEN/TCP\u3002\u9700\u8981\u76ee\u6807\u4e3b\u673a\u90a3\u8fb9\u914d\u7f6e\u597dssl\u8bc1\u4e66\u3002

[Unit]\nDescription=port forward 4320\n\n[Service]\nUser=nobody\nExecStart=/usr/bin/socat TCP-LISTEN:4320,reuseaddr,fork TCP:<\u76ee\u6807\u57df\u540d>:443\n\n[Install]\nWantedBy=multi-user.target\n
"},{"location":"pwn-college-cse365-spring2023/","title":"CSE 365 - Spring 2023","text":"

\u7ea6 4823 \u4e2a\u5b57 1287 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 145 \u5206\u949f

\u5728\u7ec8\u7aef\u8fde\u63a5pwn-college\u65f6\uff0c\u5148\u5728\u7f51\u9875\u7aef\u914d\u7f6e\u4e0b\u516c\u94a5\uff0c\u7136\u540essh -i \u79c1\u94a5 hacker@dojo.pwn.college\u5373\u53ef\u3002\u7f51\u9875\u7aef\u542f\u52a8\u4e00\u4e2a\u5b9e\u4f8b\u540e\uff0c\u8fdc\u7a0b\u4e5f\u4f1a\u81ea\u52a8\u542f\u52a8\u5bf9\u5e94\u7684\u73af\u5883\u3002\u95ee\u9898\u4e00\u822c\u653e\u5728\u6839\u76ee\u5f55\u7684challenge\u6587\u4ef6\u5939\u4e0b

"},{"location":"pwn-college-cse365-spring2023/#talking-web-\u5b66\u4e60\u7b14\u8bb0","title":"Talking Web \u5b66\u4e60\u7b14\u8bb0","text":"

\u8bf7\u6c42\u7b2c\u4e00\u884cRequest line\uff1a\u8bf7\u6c42\u65b9\u6cd5 URI \u534f\u8bae\u7248\u672c CRLF

\u54cd\u5e94\u7b2c\u4e00\u884cStatus line\uff1a\u534f\u8bae\u7248\u672c \u72b6\u6001\u7801 \u89e3\u91ca CRLF

\u5e38\u89c1\u7684\u8bf7\u6c42\u65b9\u6cd5\uff1a

HTTP URL Scheme\uff1ascheme://host:port/path?query#fragment

\u8bf7\u6c42\u7684\u8d44\u6e90\u542b\u6709\u4e00\u4e9b\u7279\u6b8a\u7b26\u53f7\u6bd4\u5982?,/,&,#\u7b49\u7b49\u65f6\uff0c\u4f7f\u7528%xx\u8fdb\u884c\u7f16\u7801\uff0c\u5176\u4e2dxx\u662fASCII\u7801\u3002\u8fd9\u79cd\u505a\u6cd5\u79f0\u4e3aurlencoding

POST\u8bf7\u6c42\u65f6\uff0c\u9700\u8981\u5e26\u4e0aContent-Type

\u524d\u8005body\u91cc\u5199a=xx\uff0c\u540e\u8005\u5199{\u201ca\u201d:\u201dxx\u201d}\u3002json\u53ef\u4ee5\u6784\u9020\u66f4\u590d\u6742\u7684blob

RFC 1945 HTTP\u534f\u8bae\u662f\u65e0\u72b6\u6001\u7684\uff0c\u4f46\u662f\u7f51\u7edc\u5e94\u7528\u662f\u6709\u72b6\u6001\u7684\u3002\u4f7f\u7528cookie\u6765\u4fdd\u6301\u72b6\u6001\u3002

"},{"location":"pwn-college-cse365-spring2023/#assembly-crash-course-\u5b66\u4e60\u7b14\u8bb0","title":"Assembly Crash Course \u5b66\u4e60\u7b14\u8bb0","text":""},{"location":"pwn-college-cse365-spring2023/#building-a-web-server-\u5b66\u4e60\u7b14\u8bb0","title":"Building a Web Server \u5b66\u4e60\u7b14\u8bb0","text":"

\u4f7f\u7528socket\u521b\u5efa\u4e00\u4e2aA-B\u7684\u7f51\u7edc\u6587\u4ef6\uff0c\u7136\u540e\u4f7f\u7528bind\u5c06socket\u4e0e\u5177\u4f53\u7684ip\u7ed1\u5b9a\u3002\u4f7f\u7528listen\u6765\u88ab\u52a8\u4fa6\u542csockfd\u3002\u4f7f\u7528accept\u63a5\u53d7\u5916\u90e8\u8fde\u63a5\u3002

\u4f7f\u7528TCP/IP\u8fdb\u884c\u7f51\u7edc\u901a\u8baf\uff0c\u670d\u52a1\u5668\u7aef\u7684\u4f8b\u5b50\u5982\uff1a

// int socket(int domain, int type, int protocol)\nsocket_fd = socket(AF_INET, SOCK_STREAM, IPPROTO_IP)\n\n// int bind(int sockfd, struct sockaddr* addr, socklen_t addrlen)\n/*\n * struct sockaddr {\n *   uint16_t sa_family;\n *   uint8_t  sa_data[14];   \n * }\n * \n * struct sockaddr_in {\n *   uint16_t sin_family;\n *   uint16_t sin_port;\n *   uint32_t sin_addr;\n *   uint8_t  __pad[8];\n * }\n*/\nbind(socket_fd, {sa_family=AF_INET, sin_port=htons(port), sin_addr=inet_addr(\"0.0.0.0\")}, 16)\n\n// int listen(int sock fd, int backlog);\nlisten(socket_fd, 0)\n\n// int accept(int sockfd, struct sockaddr* addr, socklen_t* addrlen);\ntunnel = accept(socket_fd, NULL, NULL)\n\n// revceive http request: GET / HTTP/1.0\nread(tunnel, \"GET / HTTP/1.0\",19)\n\n// response\nwrite(tunnel, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19)\n\n// receive http request: GET /flag HTTP/1.0\nread(tunnel, \"GET /flag HTTP/1.0\\r\\n\\r\\n\",256)\n\n// open and read file\nfilefd = open(\"/flag\",O_RDDONLY)\nread(filefd, \"FLAG\", 256)\n\n//response\nwrite(tunnel, \"HTTP/1.0 200 OK\\r\\n\\r\\nFLAG\", 27)\n\nclose(tunnel)\n
"},{"location":"pwn-college-cse365-spring2023/#reverse-engineering-\u5b66\u4e60\u7b14\u8bb0","title":"Reverse Engineering \u5b66\u4e60\u7b14\u8bb0","text":"
start\nbreak *main+42\ncommands\n    silent\n    set $local_variable = *(unsigned long long*)($rbp-0x32)\n    printf \"Current value: %llx\\n\", $local_variable\n    continue\nend\ncontinue\n
start\ncatch syscall read\ncommands\n    silent\n    if ($rdi == 42)\n        set $rdi = 0\n    end\n    continue\nend\ncontinue\n
"},{"location":"pwn-college-cse365-spring2023/#talking-web-writeups","title":"Talking Web WriteUps","text":"

\u8fd9\u4e2a\u7ae0\u8282\u7684\u9898\u76ee\u662f\u7528curl\u3001python\u548cnc\u6765\u5b9e\u73b0\u53d1\u9001\u5404\u79cdhttp\u8bf7\u6c42\uff0c\u5148\u8fd0\u884c/challenge/run\u542f\u52a8flask\u670d\u52a1\u5668\uff0c\u7136\u540e\u65b0\u5f00\u4e2a\u7ec8\u7aef\u7528\u5404\u79cd\u59ff\u52bf\u8fde\u63a5\u672c\u5730127.0.0.1\u5373\u53ef\u3002

\u8fd9\u4e09\u79cd\u5de5\u5177\u7684\u5927\u81f4\u601d\u8def\uff1a

\u9700\u8981\u5148\u7b80\u5355\u5730\u8fde\u63a5127.0.0.1\u7136\u540e\u6839\u636e\u62a5\u9519\u63d0\u793a\u6765\u4fee\u6539\u8bf7\u6c42\u3002

Level 1

Send an HTTP request using curl

curl http://127.0.0.1\n

Level 2

Send an HTTP request using nc

nc 127.0.0.1 80\nGET / HTTP/1.1\n

Level 3

Send an HTTP request using python

import requests as r\nr.get(\"http://127.0.0.1\").text\n

Level 4

Set the host header in an HTTP request using curl

curl -H 'host:xxxxx' http://127.0.0.1\n

Level 5

Set the host header in an HTTP request using nc

nc 127.0.0.1 80\nGET / HTTP/1.1\nhost:xxxxx\n

Level 6

Set the host header in an HTTP request using python

import requests as r\nr.get(\"http://127.0.0.1\", headers={\"host\":\"xxx\"}).text\n

Level 7

Set the path in an HTTP request using curl

curl http://127.0.0.1/xxxxx\n

Level 8

Set the path in an HTTP request using nc

nc 127.0.0.1 80\nGET /xxxx HTTP/1.1\n

Level 9

Set the path in an HTTP request using python

import requests as r\nr.get(\"http://127.0.0.1/xxx\").text\n

Level 10~12

URL encode a path in an HTTP request using curl/nc/python

\u7528%20\u66ff\u6362\u6389\u7a7a\u683c\u5373\u53ef

Level 13~15

Specify an argument in an HTTP request using curl/nc/python

GET\u52a0\u53c2\u6570\uff0c\u5728\u8def\u5f84\u540e\u9762\u8ffd\u52a0?a=xxx\u5373\u53ef

nc\u65f6\u52a0\u5230nc\u8fde\u63a5\u4ee5\u540e\u7684GET\u540e\u9762

Level 16~18

Specify multiple arguments in an HTTP request using curl/nc/python

\u7ed3\u540810~15\u9898\uff0c\u7a7a\u683c\u7528%20\u6362\u6389\uff0c\u4e0e\u53f7\u7528%26\u6362\u6389\uff0c\u4e95\u53f7\u7528%23\u6362\u6389

Level 19~21

Include form data in an HTTP request using curl/nc/python

#curl\ncurl http://127.0.0.1 -F a=xxx\n\n#nc\nPOST / HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nContent-Length:34\n\na=xxx\n\n#python\nimport requests as r\nr.post(\"http://127.0.0.1\",data={'a':'xxx'}).text\n

Level 22~24

Include form data with multiple fields in an HTTP request using curl/nc/python

#curl\ncurl http://127.0.0.1 -F a=xxx -F b='xxxx'\n\n#nc\nPOST / HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nContent-Length: 78\n\na=xxx&b=xxx\n\n#python\nimport requests as r\nr.post(\"http://127.0.0.1\",data={'a':'xxx','b':'xxx'}).text\n

Level 25~27

Include json data in an HTTP request using curl/nc/python

#curl\ncurl -X POST -H 'Content-Type:application/json' -d '{\"a\":\"xxx\"}' http://127.0.0.1\n\n#nc\necho -ne 'POST / HTTP/1.1\\r\\nContent-Type: application/json\\r\\nContent-Length:40\\r\\n\\r\\n{\"a\":\"xxx\"}' |  nc 127.0.0.1 80\n\n#python\nimport requests as r\nimport json\nr.post(\"http://127.0.0.1\",headers={\"Content-Type\":\"application/json\"},data=json.dumps({\"a\":\"xxx\"})).text\n

Level 28~30

Include complex json data in an HTTP request using curl/nc/python

#curl\ncurl -X POST -H 'Content-Type: application/json' -H 'Content-Length: 121' -d '{\"a\":\"xxx\", \"b\":{\"c\": \"xxxx\", \"d\": [\"xxx\", \"xxx\"]}}' http://127.0.0.1\n\n#nc\necho -ne 'POST / HTTP/1.1\\r\\nContent-Type: application/json\\r\\nContent-Length: 121\\r\\n\\r\\n{\"a\":\"xxx\", \"b\":{\"c\": \"xxx\", \"d\": [\"xxx\", \"xxx\"]}}' | nc 127.0.0.1 80\n\n#python\nimport requests as r\nimport json\nr.post(\"http://127.0.0.1\",headers={\"Content-Type\":\"application/json\"},data=json.dumps({\"a\":\"xxx\",\"b\":{'c': 'xxx', 'd': ['xxx', 'xxx']}})).text\n

Level 31~33

Follow an HTTP redirect from HTTP response using curl/nc/python

#curl\ncurl -L http://127.0.0.1\n\n#nc\necho -ne \"GET /xxx HTTP/1.1\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python\n#python\u9ed8\u8ba4\u8ddf\u968f\u8df3\u8f6c\nimport requests as r\nr.get(\"http://127.0.0.1\").text\n

Level 34~36

Include a cookie from HTTP response using curl/nc/python

#curl\ncurl http://127.0.0.1 -v\ncurl -b \"cookie=xxx\" http://127.0.0.1\n\n#nc\necho -ne \"GET / HTTP/1.1\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:cookie=xxxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python \u9ed8\u8ba4\u81ea\u52a8\u63a5\u53d7cookie\nimport requests as r\nr.get(\"http://127.0.0.1\").text\n

Level 37~39

Make multiple requests in response to stateful HTTP responses using curl/nc/python

#curl \u5b8c\u62103\u6b21\u4ea4\u4e92\u5373\u53ef\ncurl -b \"session=xxx\" http://127.0.0.1 -v \ncurl -b \"session=xxx\" http://127.0.0.1 -v \ncurl -b \"session=xxx\" http://127.0.0.1 -v \n\n#nc\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python\nimport requests as r\nr.get(\"http://127.0.0.1\").text\n
"},{"location":"pwn-college-cse365-spring2023/#assembly-crash-course-writeups","title":"Assembly Crash Course Writeups","text":"

\u8fd9\u4e2a\u7ae0\u8282\u7684\u9898\u9700\u8981\u628a\u6c47\u7f16\u53d8\u6210raw bytes\uff0c\u7136\u540e\u5582\u7ed9/challenge/run\u3002\u9700\u8981\u5148\u8fd0\u884c\u8fd9\u4e2arun\uff0c\u7136\u540e\u6839\u636e\u8981\u6c42\u5b8c\u6210\u3002\u6bd4\u5982\u53ef\u4ee5\u7528pwntools\u7684asm\u6a21\u5757\u751f\u6210\u6c47\u7f16\uff0c\u7136\u540eecho\u8fdbrun\u91cc\u3002

Level 1

In this level you will work with registers_use! Please set the following: rdi = 0x1337

from pwn import *\ncontext.arch='amd64'\nasm('mov rdi,0x1337')\n\n#b'H\\xc7\\xc77\\x13\\x00\\x00'\n
\u7136\u540e\u5728shell\u91ccecho -ne 'H\\xc7\\xc77\\x13\\x00\\x00' | /challenge/run\u5373\u53ef\u3002

Level 2

asm('add rdi,0x331337')\n

Level 3

asm('imul rdi,rsi; add rdi,rdx; mov rax,rdi')\n

Level 4

\u5b66\u4e60div\u9664\u6cd5\uff0cdiv reg\u4f1a\u4f7f\u7528rax\u4f5c\u4e3a\u88ab\u9664\u6570\uff0creg\u4f5c\u4e3a\u9664\u6570\uff0c\u7136\u540e\u81ea\u52a8\u4f7f\u7528rax\u5b58\u653e\u5546\uff0crdx\u5b58\u653e\u4f59\u6570\u3002

asm('mov rax, rdi;div rsi')\n

Level 5

asm('mov rax, rdi;div rsi;mov rax, rdx')\n

Level 6

\u9664\u6570\u4e3a2\u7684\u5e42\u6b21\u65f6\uff0c\u76f4\u63a5\u4f7f\u7528mov\u4fdd\u7559\u5bc4\u5b58\u5668\u7684\u4e00\u90e8\u5206\u5373\u53ef\u3002\u6ce8\u610fmov\u4e24\u4e2a\u5bc4\u5b58\u5668\u957f\u5ea6\u8981\u4e00\u81f4\u3002

asm('mov al, dil;mov bx, si')\n

Level 7

shl\u5de6\u79fb\uff0cshr\u53f3\u79fb\uff08\u9ad8\u4f4d\u88650\uff09

asm('shl rdi, 59; shr rdi, 63; mov rax, rdi')\n

Level 8

and reg1, reg2\u4f1a\u628areg1\u548creg2\u8fdb\u884c\u903b\u8f91\u4e0e\u7684\u7ed3\u679c\u4fdd\u5b58\u5728reg1\u91cc\u3002\u9898\u76ee\u4e0d\u8ba9\u7528mov\uff0c\u90a3\u53ef\u4ee5\u91c7\u7528\u7f6e0\u51cf1\u7684\u65b9\u5f0f\u83b7\u5f972^65-1\uff0c\u7136\u540eand\u5373\u53ef\u3002

asm('xor rax, rax; sub rax, 1; and rax, rdi; and rax, rsi')\n

Level 9

\u9898\u76ee\u8981\u6c42\u53ea\u7528and\uff0cor\uff0cxor\u5b9e\u73b0\u4e00\u4e2a\u5947\u5076\u5224\u65ad\u7684\u529f\u80fd\u3002\u6574\u4f53\u601d\u8def\u662fxor\u53cd\u8f6c\u6bd4\u7279\u3001\u6e05\u7a7a\u503c\uff0cor\u505a\u52a0\u6cd5\uff0cand\u53d6\u6700\u4f4e\u4f4d\u3002

asm('xor rax, rax; or rax, 1; and rax, rdi; xor rax, 1')\n

Level 10

\u6709\u5173\u8bbf\u95ee\u5185\u5b58\u7684\u64cd\u4f5c\u3002mov reg, [address]\u7528\u4e8e\u628aaddress\u5730\u5740\u5904\u7684\u503c\u8d4b\u7ed9reg\uff0c\u5f53\u7136\u4e5f\u53ef\u4ee5mov [address], reg\u628areg\u7684\u503c\u4fdd\u5b58\u5728address\u5730\u5740\u3002\u52a0\u4e00\u5c42\u65b9\u62ec\u53f7\u53ea\u662f\u8868\u793a\u5f53\u4f5c\u5730\u5740\u3002\u4e0d\u8981\u4e0b\u610f\u8bc6\u8fdb\u884c\u66f4\u591a\u6b21\u6570\u7684\u89e3\u5f15\u7528\u3002

asm('mov rbx, [0x404000]; mov rax, rbx; add rbx, 0x1337; mov [0x404000], rbx')\n

Level 11

\u5982\u679cmov\u4e00\u65b9\u4e3a\u5bc4\u5b58\u5668\uff0c\u4e00\u65b9\u4e3a\u5730\u5740\uff0c\u4f1a\u6839\u636e\u5bc4\u5b58\u5668\u7684\u5927\u5c0f\u81ea\u52a8\u63a8\u65ad\u4ece\u5730\u5740\u4e2dload\u591a\u5c11\u5b57\u8282\u3002

asm('mov al, [0x404000]; mov bx, [0x404000]; mov ecx, [0x404000]; mov rdx, [0x404000];')\n

Level 12

\u5bf9\u4e8e\u6bd4\u8f83\u5927\u7684\u7acb\u5373\u6570\uff0c\u53ef\u4ee5\u5148\u653e\u5728\u5bc4\u5b58\u5668\uff0c\u7136\u540e\u518dmov\u5230\u6307\u5b9a\u4f4d\u7f6e\u3002

asm('mov rax, 0xdeadbeef00001337; mov [rdi], rax; mov rax, 0xc0ffee0000; mov [rsi], rax')\n

Level 13

asm('mov rax, [rdi]; add rax, [rdi+8]; mov [rsi], rax')\n

Level 14

asm('pop rax;sub rax,rdi; push rax')\n

Level 15

\u4f7f\u7528\u6808\u53ef\u4ee5\u7b80\u5355\u5730\u4ea4\u6362\u5bc4\u5b58\u5668

asm('push rdi; push rsi; pop rdi; pop rsi')\n

Level 16

\u5b9e\u73b0\u6808\u4e0a\u7684\u6570\u636e\u53d6\u5e73\u5747\uff0c\u7528[rsp+X]\u6765\u53d6\u503c\uff08\u4e00\u822c\u7528rbp\u6765\u53d6\u5427\uff1f\uff09

asm('mov rax, [rsp]; add rax, [rsp+8]; add rax, [rsp+16]; add rax, [rsp+24]; mov rbx, 4; div rbx; push rax')\n

Level 17

\u4f7f\u7528label\u8bbe\u7f6e\u76f8\u5bf9\u8df3\u8f6c\u5730\u5740\uff0c\u4f7f\u7528\u5355\u5b57\u8282\u7684nop\u586b\u5145\u3002\u4e0d\u8fc7\u9898\u76ee\u8981\u6c42\u7684\u201c\u4ecejmp\u504f\u79fb0x51\u7684\u5730\u5740\u201d\u6709\u70b9\u8ff7\u60d1\uff0c\u770b\u7ed3\u679c\u7684\u8bdd\u4f3c\u4e4e\u9ed8\u8ba4\u662fjmp\u6267\u884c\u540e\u7684\u5730\u5740\u518d\u504f\u79fb0x51\uff0c\u800c\u4e0d\u662fjmp\u6307\u4ee4\u672c\u8eab\u7684\u5730\u5740\u504f\u79fb0x51\uff0c\u6240\u4ee5\u4e0d\u9700\u8981\u77e5\u9053jmp\u6307\u4ee4\u672c\u8eab\u7684\u957f\u5ea6\u3002

asm('jmp lab;'+'nop;'*0x51+'lab: mov rdi, [rsp]; mov rax, 0x403000; jmp rax')\n

Level 18

\u5b9e\u73b0if-else\u8df3\u8f6c\u3002\u6ce8\u610f\u5185\u5b58\u8ba1\u7b97\u4f7f\u7528dword\u768432\u4f4d\u6570\u636e\uff0c\u7528eax\u800c\u4e0d\u662frax\u3002

from pwn import *\ncontext.arch='amd64'\npayload=\"\"\"mov eax, [rdi+4]\nmov ebx, 0x7f454c46\ncmp ebx, [rdi]\nje case1\nmov ebx, 0x5a4d\ncmp ebx, [rdi]\nje case2\nimul eax, [rdi+8]\nimul eax, [rdi+12]\njmp done\ncase1:\n    add eax, [rdi+8]\n    add eax, [rdi+12]\n    jmp done\ncase2:\n    sub eax, [rdi+8]\n    sub eax, [rdi+12]\n    jmp done\ndone:\n    nop\n\"\"\"\n\nprint(asm(payload))\n

Level 19

jmp [reg + offset]\u95f4\u63a5\u8df3\u8f6c\uff0c\u4f7f\u7528rsi\u4fdd\u5b58\u8df3\u8f6c\u8868\u7684\u57fa\u5730\u5740\uff0c\u7528\u4e8e\u5b9e\u73b0switch\u3002\u8fd9\u91cc\u597d\u50cf\u662fjnz\u4e0d\u652f\u6301\u95f4\u63a5\u8df3\u8f6c\u3002

asm('mov rax, rdi; shr rax, 2; jnz final; jmp [rsi + rdi * 8]; final: jmp [rsi + 32]')\n

Level 20

\u5b9e\u73b0\u4e00\u4e2a\u7b80\u5355\u7684\u6c42\u5e73\u5747\u51fd\u6570

from pwn import *\ncontext.arch='amd64'\npayload=\"\"\"xor rax, rax\nxor rcx, rcx\nloop:\n    cmp rcx, rsi\n    je done\n    add rax, [rdi + 8 * rcx]\n    add rcx, 1\n    jmp loop\ndone:\n    div rsi\n\"\"\"\n\nprint(asm(payload))\n

Level 21

\u5b9e\u73b0\u4e00\u4e2astrlen\u51fd\u6570\uff0c\u9010byte\u68c0\u67e5\u662f\u5426\u4e3a0\u3002\u6ce8\u610fmov\u4e0d\u4f1a\u6539\u53d8EFLAGS\u3002

from pwn import *\ncontext.arch='amd64'\npayload = \"\"\"\nxor rax, rax\ntest rdi, rdi\njz done\nloop: mov bl, [rdi + rax]\ntest bl,bl\njz done\nadd rax, 1\njmp loop\ndone:\n    nop\n\"\"\"\n\nprint(asm(payload))\n

Level 22

\u8fd9\u9053\u9898\u7ed9\u7684\u89e3\u91ca\u4e0d\u662f\u5f88\u6e05\u695a\uff0c\u5c3d\u7ba1\u662f\u7b2c\u4e00\u6b21\u63d0\u5230\u4f7f\u7528call\u8fdb\u884c\u51fd\u6570\u8c03\u7528\uff0c\u4f46\u662f\u6ca1\u6709\u8bf464\u4f4d\u7a0b\u5e8f\u4f9d\u6b21\u4f7f\u7528rdi,rsi,rdx,rcd,r8,r9\u8fdb\u884c\u4f20\u53c2\u3001rax\u4fdd\u5b58\u51fd\u6570\u8fd4\u56de\u7ed3\u679c\uff0c\u4e5f\u6ca1\u6709\u8bf4\u662f\u7531\u4e3b\u8c03\u51fd\u6570\u8fd8\u662f\u88ab\u8c03\u51fd\u6570\u6765\u4fdd\u5b58\u5bc4\u5b58\u5668\u3002\u66f4\u5947\u602a\u7684\u662f\u867d\u7136\u8ba9\u5b9e\u73b0\u4e00\u4e2astr_lower\u51fd\u6570\uff0c\u4f46\u662f\u6ca1\u6709\u6309\u51fd\u6570\u5b9e\u73b0\u7684\u6807\u51c6\u5199PROG\uff0c\u751a\u81f3\u6700\u540e\u8fd8\u7528ret\u6765\u7ed3\u675f\u3002

from pwn import *\ncontext.arch='amd64'\npayload = \"\"\"\nmov rdx, rdi\nxor rax, rax\nxor rcx, rcx\ntest rdx, rdx\njz done\nloop:\n    mov bl, [rdx]\n    test bl,bl\n    jz done\n    cmp bl, 0x5a\n    jg notif\n    mov rax, 0x403000\n    xor rdi, rdi\n    mov dil, bl\n    call rax\n    mov [rdx], al\n    add rcx, 1\nnotif:\n    add rdx, 1\n    jmp loop\ndone:\n    mov rax, rcx\n    ret\n\"\"\"\n\nprint(asm(payload))\n

Level 23

\u5b9e\u73b0\u4e00\u4e2a\u67e5\u8be2\u5b57\u7b26\u4e32\u4e2d\u54ea\u4e2a\u5b57\u7b26\u6700\u591a\u7684\u51fd\u6570\u3002\u6bcf\u4e2a\u5b57\u7b26\u4e0d\u8d85\u8fc70xffff\u4e2a\uff0c\u6240\u4ee5\u8981\u75284\u5b57\u8282\u7684\u5bc4\u5b58\u5668\u6765\u8fdb\u884c\u5b58\u653e\u3002\u8fd9\u91cc\u4f3c\u4e4e\u4e0d\u652f\u6301\u76f4\u63a5mov rbx, [ebp - rcx * 4]\u4e4b\u7c7b\u7684\u65b9\u6cd5\uff0c\u5c31\u7528r8\u548cr9\u4e34\u65f6\u5b58\u653e\u4e00\u4e0b\u4e86\u3002

from pwn import *\n\ncontext.arch = 'amd64'\n\npayload = \"\"\"\npush rbp\nmov rbp, rsp\nsub rsp, 0x400\nxor rax, rax\nxor rcx, rcx\nmov rdx, rsi\nsub rdx, 0x1\nloop1: \n    cmp rcx, rdx\n    jg loop1_end\n    mov al, [rdi + rcx]\n    mov r8, rbp\n    mov r9, rax\n    imul r9, 4\n    sub r8, r9\n    mov ebx, [r8]\n    add ebx, 1\n    mov [r8], ebx\n    add rcx, 1\n    jmp loop1\nloop1_end:\nxor rax, rax\nxor rbx, rbx\nxor rcx, rcx\nloop2:\n    cmp rcx, 0xff\n    jg loop2_end\n    mov r8, rbp\n    mov r9, rcx\n    imul r9, 4\n    sub r8, r9\n    mov edx, [r8]\n    cmp edx, ebx\n    jle loop2_conti\n    mov rbx, rdx\n    mov rax, rcx\nloop2_conti:\n    add rcx, 1\n    jmp loop2\nloop2_end:\nmov rsp, rbp\npop rbp\nret\n\"\"\"\n\nprint(asm(payload))\n
"},{"location":"pwn-college-cse365-spring2023/#building-a-web-server-writeups","title":"Building a Web Server Writeups","text":"

\u4e0d\u5f97\u4e0d\u5410\u69fdpwn-college\u6709\u4e00\u70b9\u4e0d\u597d\uff0c\u6bcf\u4e2a\u6a21\u5757\u7b2c\u4e00\u4e2achallenge\u8bf4\u660e\u592a\u5c11\u4e86\uff0c\u5b8c\u5168\u4e0d\u77e5\u9053\u4ece\u54ea\u5f00\u59cb\u4e0b\u624b\u3002\u5728challenge 1\u7684wp\u91cc\u8be6\u7ec6\u8bb2\u4e00\u4e0b\u8fd9\u4e2a\u6a21\u5757\u600e\u4e48\u5f00\u59cb\u505a\uff0c\u7136\u540e\u540e\u7eed\u5c31\u7701\u7565\u4e86\u3002

\u7528\u6c47\u7f16\u5199server\uff0c\u53ef\u4ee5\u67e5\u886864\u4f4dsyscall\u624b\u518c

Level 1

\u9996\u5148\u8fd8\u662f\u8fd0\u884c/challeng/run\uff0c\u5f97\u5230\u4e00\u6bb5\u8f93\u51fa\uff1a

===== Welcome to Building a Web Server! =====\nIn this series of challenges, you will be writing assembly to interact with your environment, and ultimately build a web server\nIn this challenge you will exit a program.\n\nUsage: `/challenge/run <path_to_web_server>`\n\n$ cat server.s\n.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n\n$ as -o server.o server.s && ld -o server server.o\n\n$ strace ./server\nexecve(\"./server\", [\"./server\"], 0x7ffccb8c6480 /* 17 vars */) = 0\nexit(0)                                 = ?\n+++ exited with 0 +++\n

\u8fd9\u9053\u9898\u7684\u610f\u601d\u662f\u8ba9\u7528\u6c47\u7f16\u5199\u4e00\u4e2a\u670d\u52a1\u7aef\u3002\u5728\u8fd0\u884c/challenge/run server\u7684\u65f6\u5019\uff0c\u5224\u9898\u7a0b\u5e8f\u4f1a\u542f\u52a8\u7528\u6237\u6307\u5b9a\u7684\u8fd9\u4e2aserver\uff0c\u7136\u540e\u68c0\u67e5\u8fd9\u4e2aserver\u7a0b\u5e8f\u662f\u4e0d\u662f\u76f4\u63a5exit(0)\u4e86\u3002\u6240\u4ee5\u53ea\u9700\u8981\u7f16\u8bd1\u4e00\u4e2aexit(0)\u7684server\u5373\u53ef\u3002

\u9898\u76ee\u91cc\u5176\u5b9e\u5df2\u7ecf\u7ed9\u51fa\u4e86server.s\u7684\u6a21\u677f\uff08cat server.s\u7684\u8f93\u51fa\uff09\u548c\u7f16\u8bd1\u65b9\u5f0f\uff08as -o server.o server.s && ld -o server server.o\uff09\u3002\u6240\u4ee5\u8fd9\u9053\u9898\u53ea\u9700\u8981\u628acat server.s\u7684\u8f93\u51fa\u4fdd\u5b58\u5230server.s\u6587\u4ef6\uff0c\u7136\u540e\u76f4\u63a5\u8fd0\u884cas -o server.o server.s && ld -o server server.o\u7f16\u8bd1\u51fa\u4e00\u4e2aserver\u7684\u53ef\u6267\u884c\u7a0b\u5e8f\uff0c\u6700\u540e\u8fd0\u884c/challenge/run ./server\u5373\u53ef\u3002

\u6a21\u677f\u91cc\u53ea\u6267\u884c\u4e86\u4e00\u4e2a\u9000\u51fa\u7684syscall\uff0c\u6b63\u597d\u662f\u8fd9\u4e00\u9898\u7684\u8981\u6c42\u3002\u672c\u6765\u4ee5\u4e3a\u8fd9\u9053\u9898\u610f\u601d\u662f\u81ea\u5df1\u5199\u4e00\u4e2aserver\u7684\u6c47\u7f16\u6587\u4ef6\uff0c\u7136\u540erun\u7684\u65f6\u5019\u6307\u5b9a\u6e90\u6587\u4ef6\uff0c\u7531\u5224\u9898\u7a0b\u5e8f\u7f16\u8bd1\u7684\u5462\uff0c\u7ed3\u679c\u53d1\u73b0run\u7684\u65f6\u5019\u662f\u9700\u8981\u6307\u5b9a\u4e00\u4e2a\u7f16\u8bd1\u597d\u7684\u53ef\u6267\u884c\u7a0b\u5e8fhh\u3002

\u5b8c\u6574\u89e3\u9898\u6b65\u9aa4\u5982\u4e0b\uff1a

hacker@building-a-web-server-level-1:~$ echo \".intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\" > ./server.s\n\nhacker@building-a-web-server-level-1:~$ as -o server.o server.s && ld -o server server.o\n\nhacker@building-a-web-server-level-1:~$ /challenge/run ./server\n===== Welcome to Building a Web Server! =====\nIn this series of challenges, you will be writing assembly to interact with your environment, and ultimately build a web server\nIn this challenge you will exit a program.\n\n\n===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] exit(0) = ?\n\n===== Trace: Parent Process =====\n[\u2713] execve(\"/proc/self/fd/3\", [\"/proc/self/fd/3\"], 0x7f07cf7959a0 /* 0 vars */) = 0\n[\u2713] exit(0)                                 = ?\n[?] +++ exited with 0 +++\n\n===== Result =====\n[\u2713] Success\n\npwn.college{xxxx}\n

\u4ee5\u4e0b\u7684\u5404\u4e2a\u9898\u76ee\u5c31\u53ea\u5199server.s\u7684\u5185\u5bb9\u4e86

Level 2

In this challenge you will create a socket.

.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n\n    push rax\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n

Level 3

In this challenge you will bind an address to a socket.

\u5728Level2\u521b\u5efasocket\u7684\u57fa\u7840\u4e0a\uff0c\u5c06\u5176\u7ed1\u5b9a\u52300.0.0.0:80\u4e0a\u3002\uff08\u53ef\u4ee5\u8fd0\u884cLevel1\u521b\u5efa\u7684server\u6765\u5148\u9605\u8bfb\u4e0b\u9898\u76ee\u8981\u6c42\uff0c\u5982\u4e0b\u6240\u793a\uff09

===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[ ] bind(3, {sa_family=AF_INET, sin_port=htons(<bind_port>), sin_addr=inet_addr(\"<bind_address>\")}, 16) = 0\n    - Bind to port 80\n    - Bind to address 0.0.0.0\n[ ] exit(0) = ?\n

\u6700\u7ec8\u89e3\u5982\u4e0b\u3002\u8fd9\u91cc\u76f4\u63a5\u7528\u6808\u6765\u4fdd\u5b58sockaddr_in\u7ed3\u6784\u4f53\u4e86\uff0c\u6bd4\u8f83\u7c97\u66b4\u3002

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    push rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, rax # socket_fd\n    push 0x50000002 # AF_INET(2) and PORT(80) in big endian\n    mov rsi, rsp # sockaddr_in\n    push 0x0 # IP(0.0.0.0)\n    push 0x0 # padding\n    push 0x0 # padding\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n\n.section .data\n

Level 4

In this challenge you will listen on a socket.

\u4f7f\u7528listen\u76d1\u542c\u8fd9\u4e2asocket\u3002\u7531\u4e8e\u8fd9\u91cclisten\u4e5f\u8981\u7528\u5230\u4e4b\u524dsocket\u521b\u5efa\u7684\u6587\u4ef6\u63cf\u8ff0\u7b26\uff0c\u6ce8\u610f\u5230\u6837\u4f8b\u7684\u6c47\u7f16\u6587\u4ef6\u6700\u540e\u63d0\u793a\u7528data\u4e86\uff0c\u6240\u4ee5\u5e72\u8106\u6362\u7528\u6570\u636e\u533a\u6765\u4fdd\u5b58\u5404\u79cd\u7ed3\u6784\u4f53\uff0c\u4e5f\u5f03\u7528Level3\u91cc\u5bf9\u6808\u505a\u7684\u90a3\u4e9b\u4fee\u6539\u4e86\u3002\u8fd9\u91ccsockfd\u548csockaddr\u90fd\u662f\u5730\u5740\uff0c\u6240\u4ee5mov\u7684\u65f6\u5019\u4f1a\u81ea\u52a8\u89e3\u5f15\u7528\uff0c\u7528lea\u6307\u4ee4\u6765\u83b7\u5f97\u5730\u5740\u672c\u8eab\u3002

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n    \n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n\n.section .data\n\nsockfd:   .quad 0\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 5

In this challenge you will accept a connection.

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n    \n    # accept(3, NULL, NULL)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    \n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n\n.section .data\n\nsockfd:   .quad 0\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 6

In this challenge you will respond to an http request.

\u8fd9\u4e2a\u9898\u7684\u610f\u601d\u662f\u5e0c\u671b\u5b9e\u73b0\u4e00\u4e2a\u9759\u6001\u7684\u7ad9\u70b9\uff0c\u63a5\u6536\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u8bf7\u6c42\u540e\uff0c\u59cb\u7ec8\u56de\u590dHTTP/1.0 200 OK\u3002\u9700\u8981\u521b\u5efa\u4e00\u4e2a\u7f13\u51b2\u533a\u4fdd\u5b58\u8bf7\u6c42\uff0c\u8fd9\u91cc\u5f00\u4e86\u4e2a256\u5b57\u8282\u7684\u5185\u5b58\uff08\u5b9e\u9645\u4e0a\u6709140\u5b57\u8282\uff09\u3002

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n    \n    # accept(3, NULL, NULL) = 4\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n\n    # read(4, <read_request>, <read_request_count>) = <read_request_result>\n    mov rdi, tunnel\n    lea rsi, request\n    mov rdx, 256\n    mov rax, 0\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1\n    syscall\n\n    # close(4)\n    mov rdi, tunnel\n    mov rax, 3\n    syscall\n    \n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n\n.section .data\n\nsockfd:   .quad 0\ntunnel:   .quad 0\nrequest:  .space 256\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 7

In this challenge you will respond to a GET request for the contents of a specified file.

\u5b9e\u73b0\u4e00\u4e2a\u52a8\u6001\u4e00\u70b9\u7684\u670d\u52a1\u5668\u3002\u8fd9\u9898\u4e2d\uff0c\u5ba2\u6237\u7aef\u4f1a\u8bf7\u6c42\u670d\u52a1\u5668\u7aef\u8bfb\u53d6\u4e00\u4e2a\u6587\u4ef6\u5e76\u8fd4\u56de\u7ed3\u679c\u3002\u6587\u4ef6\u662f\u5224\u9898\u7a0b\u5e8f\u968f\u673a\u751f\u6210\u5728/tmp\u4e0b\u7684\uff0c\u5185\u5bb9\u957f\u5ea6\u4e5f\u662f\u968f\u673a\u7684\u3002\u6240\u4ee5\u5199\u4ee3\u7801\u7684\u65f6\u5019\u8981\u591a\u9884\u7559\u70b9\u7f13\u51b2\u533a\u6765\u4fdd\u5b58\u6587\u4ef6\u5185\u5bb9\u3002

open\u6587\u4ef6\u65f6\uff0c\u6587\u4ef6\u540d\u8981\u4ecerequest\u8bf7\u6c42\u91cc\u63d0\u53d6\u3002\u56e0\u4e3a\u751f\u6210\u7684\u6587\u4ef6\u540d\u957f\u5ea6\u662f\u56fa\u5b9a\u7684\uff0c\u6240\u4ee5\u61d2\u7701\u4e8b\u76f4\u63a5\u5728request\u7f13\u51b2\u533a\u91cc\u6539\u4e86\uff08\u5b57\u7b26\u4e32\u672b\u5c3e0\uff09\u3002

===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[ ] bind(3, {sa_family=AF_INET, sin_port=htons(<bind_port>), sin_addr=inet_addr(\"<bind_address>\")}, 16) = 0\n    - Bind to port 80\n    - Bind to address 0.0.0.0\n[ ] listen(3, 0) = 0\n[ ] accept(3, NULL, NULL) = 4\n[ ] read(4, <read_request>, <read_request_count>) = <read_request_result>\n[ ] open(\"<open_path>\", O_RDONLY) = 5\n[ ] read(5, <read_file>, <read_file_count>) = <read_file_result>\n[ ] close(5) = 0\n[ ] write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n[ ] write(4, <write_file>, <write_file_count>) = <write_file_result>\n[ ] close(4) = 0\n[ ] exit(0) = ?\n\n===== Trace: Parent Process =====\n[\u2713] execve(\"/proc/self/fd/3\", [\"/proc/self/fd/3\"], 0x7ffacc256990 /* 0 vars */) = 0\n[\u2713] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[\u2713] bind(3, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr(\"0.0.0.0\")}, 16) = 0\n[\u2713] listen(3, 0)                            = 0\n[\u2713] accept(3, NULL, NULL)                   = 4\n[\u2713] read(4, \"GET /tmp/tmpungh1ajd HTTP/1.1\\r\\nHost: localhost\\r\\nUser-Agent: python-requests/2.31.0\\r\\nAccept-Encoding: gzip, deflate\\r\\nAccept: */*\\r\\nConnection: keep-alive\\r\\n\\r\\n\", 256) = 155\n[\u2713] open(\"/tmp/tmpungh1ajd\", O_RDONLY)      = 5\n[\u2713] read(5, \"3Hy3xnjNjQIBfP6QDUW4ekuQtBwdXQPbhtPFxawXzQ6LXVQDgs8ZlslYncY9DMQohXFVHFyMPnOI6kaGqURTh2fXHuKe2oqjntry7Pt5QQP0148CyzGKtmOigovhOHobD2zujqgJIRXxjny3UVL9\", 1024) = 148\n[\u2713] close(5)                                = 0\n[\u2713] write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n[\u2713] write(4, \"3Hy3xnjNjQIBfP6QDUW4ekuQtBwdXQPbhtPFxawXzQ6LXVQDgs8ZlslYncY9DMQohXFVHFyMPnOI6kaGqURTh2fXHuKe2oqjntry7Pt5QQP0148CyzGKtmOigovhOHobD2zujqgJIRXxjny3UVL9\", 148) = 148\n[\u2713] close(4)                                = 0\n[\u2713] exit(0)                                 = ?\n[?] +++ exited with 0 +++\n\n===== Result =====\n[\u2713] Success\n

\u4f7f\u7528\u7684\u6c47\u7f16\u4ee3\u7801\u5982\u4e0b\uff1a

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n    \n    # accept(3, NULL, NULL) = 4\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n\n    # read(4, <read_request>, <read_request_count>) = <read_request_result>\n    mov rdi, tunnel\n    lea rsi, request\n    mov rdx, 256\n    mov rax, 0 # sys_read\n    syscall\n\n    # open(\"<open_path>\", O_RDONLY) = 5\n    lea rdi, [request+4] # extract file name\n    movb [rdi+16], 0\n    mov rsi, 0 # O_RDONLY\n    mov rax, 2 # sys_open\n    syscall\n    mov txtfile, rax\n\n    # read(5, <read_file>, <read_file_count>) = <read_file_result>\n    mov rdi, txtfile\n    lea rsi, filecontent\n    mov rdx, 1024\n    mov rax, 0 # sys_read\n    syscall\n    mov filecnt, rax # \n\n    # close(5)\n    mov rdi, txtfile\n    mov rax, 3 # sys_close\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1 # sys_write\n    syscall\n\n    # write(4, <write_file>, <write_file_count>) = <write_file_result>\n    mov rdi, tunnel\n    lea rsi, filecontent\n    mov rdx, filecnt\n    mov rax, 1 # sys_write\n    syscall\n\n    # close(4)\n    mov rdi, tunnel\n    mov rax, 3 # sys_close\n    syscall\n\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n\nsockfd:   .quad 0\ntunnel:   .quad 0\ntxtfile:  .quad 0\nfilecnt:  .quad 0\nrequest:  .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 8

In this challenge you will accept multiple requests.

\u4f7f\u7528\u4e00\u4e2a\u7a0b\u5e8f\u63a5\u53d7\u591a\u4e2a\u8bf7\u6c42\u3002\u7531\u4e8esocket\u6ca1\u6709\u5173\uff0c\u5728\u6700\u540e\u52a0\u4e00\u4e2aaccept\u5373\u53ef\u3002\u7a0b\u5e8f\u6700\u540eaccept\u8d85\u65f6sigkill\u9000\u51fa\u3002

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n    \n    # accept(3, NULL, NULL) = 4\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n\n    # read(4, <read_request>, <read_request_count>) = <read_request_result>\n    mov rdi, tunnel\n    lea rsi, request\n    mov rdx, 256\n    mov rax, 0 # sys_read\n    syscall\n\n    # open(\"<open_path>\", O_RDONLY) = 5\n    lea rdi, [request+4] # extract file name\n    movb [rdi+16], 0\n    mov rsi, 0 # O_RDONLY\n    mov rax, 2 # sys_open\n    syscall\n    mov txtfile, rax\n\n    # read(5, <read_file>, <read_file_count>) = <read_file_result>\n    mov rdi, txtfile\n    lea rsi, filecontent\n    mov rdx, 1024\n    mov rax, 0 # sys_read\n    syscall\n    mov filecnt, rax # \n\n    # close(5)\n    mov rdi, txtfile\n    mov rax, 3 # sys_close\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1 # sys_write\n    syscall\n\n    # write(4, <write_file>, <write_file_count>) = <write_file_result>\n    mov rdi, tunnel\n    lea rsi, filecontent\n    mov rdx, filecnt\n    mov rax, 1 # sys_write\n    syscall\n\n    # close(4)\n    mov rdi, tunnel\n    mov rax, 3 # sys_close\n    syscall\n\n    # accept(3, NULL, NULL)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n    \n    # exit\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n\nsockfd:   .quad 0\ntunnel:   .quad 0\ntxtfile:  .quad 0\nfilecnt:  .quad 0\nrequest:  .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 9

In this challenge you will concurrently accept multiple requests.

\u8fd9\u9053\u9898\u662f\u8ba9\u505a\u4e00\u4e2a\u591a\u8fdb\u7a0b\uff0c\u7236\u8fdb\u7a0b\u8d1f\u8d23\u5faa\u73afaccept\uff0c\u5b50\u8fdb\u7a0b\u7528\u4e8e\u52a8\u6001\u5904\u7406\u6587\u4ef6\u8bfb\u5199\u3002\u6839\u636efork\u8fd4\u56de\u503c\u6765\u5224\u65ad\u7236\u8fdb\u7a0b\uff08\u8fd4\u56de\u503c\u4e3a\u5b50\u8fdb\u7a0bpid\uff09\u8fd8\u662f\u5b50\u8fdb\u7a0b\uff08\u8fd4\u56de\u503c\u4e3a0\uff09\u3002\u7236\u8fdb\u7a0b\u4e2d\uff0c\u5173\u95edtunnel\uff1b\u5b50\u8fdb\u7a0b\u4e2d\uff0c\u5173\u95edsockfd\u3002

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n\nparent_process_1:\n    # accept(3, NULL, NULL) = 4\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n\n    # fork() = <fork_result>\n    mov rax, 57 # sys_fork\n    syscall\n    \n    test rax, rax\n    jnz parent_process_2\n    jz child_process\n\nparent_process_2:\n\n    # close(3)\n    mov rdi, tunnel\n    mov rax, 3 # sys_close\n    syscall\n    jmp parent_process_1\n\nchild_process:\n\n    # close(3)\n    mov rdi, sockfd\n    mov rax, 3 # sys_close\n    syscall\n\n    # read(4, <read_request>, <read_request_count>) = <read_request_result>\n    mov rdi, tunnel\n    lea rsi, request\n    mov rdx, 256\n    mov rax, 0 # sys_read\n    syscall\n\n    # open(\"<open_path>\", O_RDONLY) = 3\n    lea rdi, [request+4] # extract file name\n    movb [rdi+16], 0\n    mov rsi, 0 # O_RDONLY\n    mov rax, 2 # sys_open\n    syscall\n    mov txtfile, rax\n\n    # read(3, <read_file>, <read_file_count>) = <read_file_result>\n    mov rdi, txtfile\n    lea rsi, filecontent\n    mov rdx, 1024\n    mov rax, 0 # sys_read\n    syscall\n    mov filecnt, rax # \n\n    # close(3)\n    mov rdi, txtfile\n    mov rax, 3 # sys_close\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1 # sys_write\n    syscall\n\n    # write(4, <write_file>, <write_file_count>) = <write_file_result>\n    mov rdi, tunnel\n    lea rsi, filecontent\n    mov rdx, filecnt\n    mov rax, 1 # sys_write\n    syscall\n\n    # exit\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n\nsockfd:   .quad 0\ntunnel:   .quad 0\ntxtfile:  .quad 0\nfilecnt:  .quad 0\nrequest:  .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 10

In this challenge you will respond to a POST request with a specified file and update its contents.

\u8fd9\u9053\u9898\u662f\u7528POST\u8bf7\u6c42\uff0c\u8981\u6c42\u7528\u591a\u8fdb\u7a0b\u5904\u7406\uff0c\u5728\u5b50\u8fdb\u7a0b\u4e2d\u628aPOST\u7684\u8bf7\u6c42\u4f53\u4fdd\u5b58\u5728\u4e34\u65f6\u6587\u4ef6\uff0c\u5e76\u8fd4\u56de200 OK\u3002\u8003\u8651\u5230\u6587\u4ef6\u540d\u662f\u5b9a\u957f\u7684\uff0c\u6240\u4ee5\u6cbf\u7528\u4e4b\u524d\u7684\u65b9\u6cd5\u5f97\u5230\u6587\u4ef6\u540d\u3002\u8fd9\u91cc\u7528\u7684\u4e00\u4e2atrick\u662f\u7528\u201drnrn\u201c\u6765\u4ece\u8bf7\u6c42\u4e2d\u5206\u5272\u8bf7\u6c42\u4f53\uff0c\u5e76\u4e14\u5185\u5bb9\u7684\u8ba1\u7b97\u662f\u7528read\u7684\u8fd4\u56de\u503c\u51cf\u53bb\u504f\u79fb\u91cf\u7b97\u7684\u3002\u8fd9\u662f\u5077\u61d2\u6ca1\u6709\u5b9e\u73b0\u89e3\u6790Content-Length\u7684\u529f\u80fdhhh

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n\nparent_process_1:\n    # accept(3, NULL, NULL) = 4\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n\n    # fork() = <fork_result>\n    mov rax, 57 # sys_fork\n    syscall\n    \n    test rax, rax\n    jnz parent_process_2\n    jz child_process\n\nparent_process_2:\n\n    # close(3)\n    mov rdi, tunnel\n    mov rax, 3 # sys_close\n    syscall\n    jmp parent_process_1\n\nchild_process:\n\n    # close(3)\n    mov rdi, sockfd\n    mov rax, 3 # sys_close\n    syscall\n\n    # read(4, <read_request>, <read_request_count>) = <read_request_result>\n    mov rdi, tunnel\n    lea rsi, request\n    mov rdx, 1024\n    mov rax, 0 # sys_read\n    syscall\n    mov requestlen, rax\n\n    # open(\"<open_path>\", O_WRONLY|O_CREAT, 0777) = 3\n    lea rdi, [request+5] # extract file name\n    movb [rdi+16], 0\n    mov rsi, 0x41 # O_WRONLY | O_CREAT\n    mov rdx, 0777\n    mov rax, 2 # sys_open\n    syscall\n    mov txtfile, rax\n    \n    # locate POST body\n    mov rcx, 0\n    mov ebx, separate\nlocate_body:\n    mov eax, [request+rcx]\n    add rcx, 1\n    cmp eax, ebx\n    jne locate_body\n    # extrace POST body\n    add rcx, 3\n    mov rdi, txtfile\n    lea rsi, [request+rcx]\n    mov rdx, requestlen\n    sub rdx, rcx\n    mov rax, 1 # sys_write\n    syscall\n\n    # close(3)\n    mov rdi, txtfile\n    mov rax, 3 # sys_close\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1 # sys_write\n    syscall\n\n    # exit\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n\nsockfd:   .quad 0\ntunnel:   .quad 0\ntxtfile:  .quad 0\nfilecnt:  .quad 0\nrequestlen: .quad 0\nrequest:  .space 1024\nfilecontent: .space 1024\nseparate: .ascii \"\\r\\n\\r\\n\"\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n

Level 11

In this challenge you will respond to multiple concurrent GET and POST requests.

\u76f4\u63a5\u53d1\u4e86\u4e00\u5806GET\u548cPOST\u6df7\u5408\u8bf7\u6c42\u3002\u4e0d\u8fc7\u597d\u50cf\u6ca1\u8bf4\u6bcf\u4e2a\u8bf7\u6c42\u8981\u5e72\u561b\uff0c\u5c31\u76f4\u63a5\u7ed3\u5408\u4e0blevel9\u548clevel10\u7684\u7ed3\u679c\uff0c\u6bd4\u8f83request\u662f\u4ee5POST\u5f00\u5934\u8fd8\u662fGET\u5f00\u5934\uff0c\u5206\u522b\u8df3\u8f6c\u5230\u5bf9\u5e94\u7684\u903b\u8f91\u5c31\u884c\u4e86\u3002

.intel_syntax noprefix\n.globl _start\n\n.section .text\n    \n_start:\n    # create a socket\n    mov rdi, 2 # AF_INET\n    mov rsi, 1 # SOCK_STREAM\n    mov rdx, 0 # IPPROTO_IP\n    mov rax, 41 # sys_socket\n    syscall\n    mov sockfd, rax\n\n    # bind the socket to 0.0.0.0:80\n    mov rdi, sockfd   # socket_fd\n    lea rsi, sockaddr # sockaddr\n    mov rdx, 16 # addrlen\n    mov rax, 49 # sys_bind\n    syscall\n    \n    # listen(3, 0)\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rax, 50 # sys_listen\n    syscall\n\nparent_process_1:\n    # accept(3, NULL, NULL) = 4\n    mov rdi, sockfd\n    mov rsi, 0\n    mov rdx, 0\n    mov rax, 43 # sys_accept\n    syscall\n    mov tunnel, rax\n\n    # fork() = <fork_result>\n    mov rax, 57 # sys_fork\n    syscall\n    \n    test rax, rax\n    jnz parent_process_2\n    jz child_process\n\nparent_process_2:\n\n    # close(3)\n    mov rdi, tunnel\n    mov rax, 3 # sys_close\n    syscall\n    jmp parent_process_1\n\nchild_process:\n\n    # close(3)\n    mov rdi, sockfd\n    mov rax, 3 # sys_close\n    syscall\n\n    # read(4, <read_request>, <read_request_count>) = <read_request_result>\n    mov rdi, tunnel\n    lea rsi, request\n    mov rdx, 1024\n    mov rax, 0 # sys_read\n    syscall\n    mov requestlen, rax\n\n    # check GET or POST\n    mov eax, request\n    mov ebx, requestget\n    cmp eax, ebx\n    je handle_get\n    mov ebx, requestpost\n    cmp eax, ebx\n    je handle_post\n\n    jmp program_exit\n\nhandle_get:\n    # open(\"<open_path>\", O_RDONLY) = 3\n    lea rdi, [request+4] # extract file name\n    movb [rdi+16], 0\n    mov rsi, 0 # O_RDONLY\n    mov rax, 2 # sys_open\n    syscall\n    mov txtfile, rax\n\n    # read(3, <read_file>, <read_file_count>) = <read_file_result>\n    mov rdi, txtfile\n    lea rsi, filecontent\n    mov rdx, 1024\n    mov rax, 0 # sys_read\n    syscall\n    mov filecnt, rax # \n    # close(3)\n    mov rdi, txtfile\n    mov rax, 3 # sys_close\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1 # sys_write\n    syscall\n\n    # write(4, <write_file>, <write_file_count>) = <write_file_result>\n    mov rdi, tunnel\n    lea rsi, filecontent\n    mov rdx, filecnt\n    mov rax, 1 # sys_write\n    syscall\n\n    jmp program_exit\n\nhandle_post:\n    # open(\"<open_path>\", O_WRONLY|O_CREAT, 0777) = 3\n    lea rdi, [request+5] # extract file name\n    movb [rdi+16], 0\n    mov rsi, 0x41 # O_WRONLY | O_CREAT\n    mov rdx, 0777\n    mov rax, 2 # sys_open\n    syscall\n    mov txtfile, rax\n    \n    # locate POST body\n    mov rcx, 0\n    mov ebx, separate\nlocate_body:\n    mov eax, [request+rcx]\n    add rcx, 1\n    cmp eax, ebx\n    jne locate_body\n    # extrace POST body\n    add rcx, 3\n    mov rdi, txtfile\n    lea rsi, [request+rcx]\n    mov rdx, requestlen\n    sub rdx, rcx\n    mov rax, 1 # sys_write\n    syscall\n\n    # close(3)\n    mov rdi, txtfile\n    mov rax, 3 # sys_close\n    syscall\n\n    # write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n    mov rdi, tunnel\n    lea rsi, response\n    mov rdx, 19\n    mov rax, 1 # sys_write\n    syscall\n\nprogram_exit:\n    # exit\n    mov rdi, 0\n    mov rax, 60     # SYS_exit\n    syscall\n\n.section .data\n\nsockfd:   .quad 0\ntunnel:   .quad 0\ntxtfile:  .quad 0\nfilecnt:  .quad 0\nrequestlen: .quad 0\nrequest:  .space 1024\nfilecontent: .space 1024\nrequestget: .ascii \"GET \"\nrequestpost: .ascii \"POST\"\nseparate: .ascii \"\\r\\n\\r\\n\"\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n          .quad 0x0 # IP(0.0.0.0)\n          .quad 0x0 # padding\n          .quad 0x0 # padding\n
"},{"location":"pwn-college-cse365-spring2023/#reverse-engineering-writeups","title":"Reverse Engineering Writeups","text":"

Level 1

\u8fd0\u884c/challenge\u4e0b\u7684\u6587\u4ef6\uff0c\u4f1a\u81ea\u52a8\u6253\u5f00gdb\uff0c\u8f93\u5165run\u542f\u52a8\u7a0b\u5e8f\uff0c\u8fdb\u5165\u7b2c\u4e00\u5173\u3002\u7b2c\u4e00\u5173\u4e3b\u8981\u662f\u8bb2\u4e0b\u5927\u81f4\u7684\u9898\u76ee\u8981\u6c42\uff0c\u5728\u8fd9\u91cc\u6309C\u7ee7\u7eed\u8fd0\u884c\u4f1a\u76f4\u63a5\u7ed9\u51faflag\u3002

Level 2

\u672c\u5173run\u4ee5\u540ep/x $r12\u7136\u540e\u6309C\uff0c\u628a\u7ed3\u679c\u8f93\u5165\u5c31\u884c\u3002

Level 3

\u8fd9\u4e00\u5173\u4e3b\u8981\u662f\u719f\u6089\u6253\u5370\u5185\u5b58\u6570\u636e\uff0c\u53ef\u4ee5\u5728\u6309C\u8fdb\u5165\u7a0b\u5e8f\u524d\u540e\u7528x/20gx $rsp\u5bf9\u6bd4\u4e00\u4e0b\u6808\u4e0a\u4ec0\u4e48\u6570\u636e\u6539\u53d8\u4e86\u3002\u7b97\u662f\u4e0d\u770b\u6c47\u7f16\u7684\u4e00\u70b9\u5c0ftrick\u3002

Level 4

\u8fd9\u5173\u7684\u6ca1\u7528\u6b63\u5e38\u89e3\u6cd5\u3002\u6709\u4e00\u70b9\u5c0ftrick\uff1a\u4f7f\u7528disas $pc\u67e5\u770b\u53d1\u73b0\u6709\u4e2awin\u51fd\u6570\uff0c\u53c2\u6570\u7528\u76840\u3002\u76f4\u63a5set $rax=0\uff0cset $pc=xxx\u8df3\u8f6c\u5230win\u7684\u51fd\u6570\u5c31\u884c\u4e86\u3002

Level 5

\u8fd9\u9898\u63d0\u793a\u53ef\u4ee5\u7f16\u5199gdb\u811a\u672c\uff0c\u52a0\u8f7d\u540e\u4f1a\u81ea\u52a8\u6267\u884c\u3002\u8fd9\u9053\u9898\u76ee\u4f1a\u5728\u5faa\u73af\u4e2d\u591a\u6b21\u8bbe\u7f6e\u968f\u673a\u6570\uff0c\u6240\u4ee5\u9700\u8981\u81ea\u52a8\u5316\u89e3\u51b3\u3002

run\u540e\u5148disas $pc\u770b\u4e00\u770bmain\u51fd\u6570\u7684\u5173\u952e\u903b\u8f91\uff1a

0x000055981a8ccd40 <+666>:   mov    esi,0x0\n0x000055981a8ccd45 <+671>:   lea    rdi,[rip+0xd5e]        # 0x55981a8cdaaa\n0x000055981a8ccd4c <+678>:   mov    eax,0x0\n0x000055981a8ccd51 <+683>:   call   0x55981a8cc250 <open@plt>\n0x000055981a8ccd56 <+688>:   mov    ecx,eax\n0x000055981a8ccd58 <+690>:   lea    rax,[rbp-0x18]\n0x000055981a8ccd5c <+694>:   mov    edx,0x8\n0x000055981a8ccd61 <+699>:   mov    rsi,rax\n0x000055981a8ccd64 <+702>:   mov    edi,ecx\n0x000055981a8ccd66 <+704>:   call   0x55981a8cc210 <read@plt>\n0x000055981a8ccd6b <+709>:   lea    rdi,[rip+0xd46]        # 0x55981a8cdab8\n0x000055981a8ccd72 <+716>:   call   0x55981a8cc190 <puts@plt>\n0x000055981a8ccd77 <+721>:   lea    rdi,[rip+0xd5a]        # 0x55981a8cdad8\n0x000055981a8ccd7e <+728>:   mov    eax,0x0\n0x000055981a8ccd83 <+733>:   call   0x55981a8cc1d0 <printf@plt>\n0x000055981a8ccd88 <+738>:   lea    rax,[rbp-0x10]\n0x000055981a8ccd8c <+742>:   mov    rsi,rax\n0x000055981a8ccd8f <+745>:   lea    rdi,[rip+0xd51]        # 0x55981a8cdae7\n0x000055981a8ccd96 <+752>:   mov    eax,0x0\n0x000055981a8ccd9b <+757>:   call   0x55981a8cc260 <__isoc99_scanf@plt>\n

\u731c\u6d4b\u57280x000055981a8ccd51\u5904\u7684open\u662f\u6253\u5f00\u4e86\u968f\u673a\u6570\u53d1\u751f\u5668\uff08\u6bd4\u5982/dev/urandom\uff09\uff0c\u7136\u540e0x000055981a8ccd66\u5904\u7684read\u662f\u8bfb8\u4e2a\u5b57\u8282\uff0c\u5373\u6700\u7ec8\u7684\u968f\u673a\u6570\uff0c\u4fdd\u5b58\u5728rsi\u5bc4\u5b58\u5668\u6307\u5411\u7684\u4f4d\u7f6e\uff0c\u5373rbp-0x18\u5904\u3002\u6240\u4ee5\u81ea\u52a8\u5316\u811a\u672c\u53ef\u4ee5\u57280x000055981a8ccd72\u5904\uff08\u5373*main+716\uff09\u6253\u4e2a\u65ad\u70b9\uff0c\u6253\u5370\u6b64\u65f6rbp-0x18\u7684\u503c\u3002

\u5373\u5148\u7f16\u5199\u4e0b\u8ff0\u811a\u672c\uff0c\u7136\u540e\u542f\u52a8\u7a0b\u5e8f\u65f6-x\u8ffd\u52a0\u811a\u672c\u5373\u53ef\u3002

start\nbreak *main+716\ncommands\n    silent\n    set $local_variable = *(unsigned long long*)($rbp-0x18)\n    printf \"Current value: %llx\\n\", $local_variable\n    continue\nend\ncontinue\n

\u5f53\u7136\u89e3\u6cd5\u6709\u5f88\u591a\uff0c\u770bdisas\u540e\u7684\u7ed3\u679c\uff0c\u8f93\u5165\u7684\u6570\u636e\u88abscanf\u4fdd\u5b58\u5230rbp-0x10\u5904\uff0c\u4e0erbp-0x18\u6bd4\u8f83\u3002\u4e5f\u53ef\u4ee5\u5728\u6bd4\u8f83\u524d\u76f4\u63a5\u4fee\u6539\u5bc4\u5b58\u5668\u8ba9\u503c\u76f8\u7b49\u3002

Level 6

\u8fd9\u4e00\u5173\u624d\u6559\u600e\u4e48\u7528set\u6539\u5bc4\u5b58\u5668\uff0c\u4ece\u800c\u4fee\u6539\u7a0b\u5e8f\u6267\u884c\u903b\u8f91\u3002\u662f\u4e0d\u662f\u53ef\u4ee5\u6697\u793a\u76f4\u63a5\u62ffflag\uff1frun\u540eset $rip=*main+715\uff0c\u7136\u540e\u7ee7\u7eed\u8fd0\u884c\u7a0b\u5e8f\u3002

Level 7

\uff1f\uff1f\uff1f\u539f\u6765\u8fd8\u53ef\u4ee5\u8fd9\u4e48\u73a9\uff1f\uff1f

Level 8

\u76f4\u63a5\u8c03\u7528call (void)win()\uff0c\u53ef\u4ee5disas *win\u770b\u4e00\u4e0bwin\u51fd\u6570\u3002

0x0000556609b49951 <+0>:     endbr64\n0x0000556609b49955 <+4>:     push   rbp\n0x0000556609b49956 <+5>:     mov    rbp,rsp\n0x0000556609b49959 <+8>:     sub    rsp,0x10\n0x0000556609b4995d <+12>:    mov    QWORD PTR [rbp-0x8],0x0\n0x0000556609b49965 <+20>:    mov    rax,QWORD PTR [rbp-0x8]\n0x0000556609b49969 <+24>:    mov    eax,DWORD PTR [rax]\n0x0000556609b4996b <+26>:    lea    edx,[rax+0x1]\n0x0000556609b4996e <+29>:    mov    rax,QWORD PTR [rbp-0x8]\n0x0000556609b49972 <+33>:    mov    DWORD PTR [rax],edx\n0x0000556609b49974 <+35>:    lea    rdi,[rip+0x73e]        # 0x556609b4a0b9\n0x0000556609b4997b <+42>:    call   0x556609b49180 <puts@plt>\n

\u53ef\u89c1\u57280x0000556609b49969\u5904\uff0c\u4ecerax\u6307\u5411\u7684\u5730\u5740\u8bfb\u53d64\u5b57\u8282\u3002\u4f46\u662f\u6b64\u65f6rax\u5728\u524d\u4e24\u6761\u8bed\u53e5\u5df2\u7ecf\u88ab\u4fee\u6539\u4e3a0\u4e86\uff0c\u6240\u4ee5\u89e6\u53d1NULL\u6307\u9488\u89e3\u5f15\u7528\uff0c\u5f15\u8d77SIGSEGV\u9000\u51fa\u3002\u6240\u4ee5\u8bd5\u8bd5\u76f4\u63a5\u8df3\u8fc7\u8fd9\u6bb5\uff0c\u8fdb\u5165win\u65f6\u4fee\u6539rip\u5bc4\u5b58\u5668\u5373\u53ef\u3002

\u4f9d\u6b21\u6267\u884c\uff1abreak *win\uff0ccall (void)win()\uff0cset $rip=*win+35\uff0cc\u5373\u53ef\u3002

Level 1.0

Reverse engineer this challenge to find the correct license key.

\u4ece\u6b64\u5f00\u59cb\u662f\u4e00\u4e2a\u8bc1\u4e66\u9a8c\u8bc1\u7a0b\u5e8f\uff0c\u8981\u6c42\u8f93\u5165key\u6765\u83b7\u53d6flag\u3002\u7b2c\u4e00\u9898\u76f4\u63a5enter\u8fd0\u884c\uff0c\u4f1a\u8f93\u51fa\u539f\u59cb\u8f93\u5165\u3001\u5904\u7406\u540e\u7684\u8f93\u5165\u4ee5\u53ca\u6b63\u786e\u7b54\u6848\u3002\u8fd0\u884c\u4e24\u6b21\u4ee5\u540e\u53d1\u73b0\u5904\u7406\u540e\u7684\u8f93\u5165\u548c\u539f\u59cb\u8f93\u5165\u662f\u4e00\u6837\u7684\uff0c\u5e76\u4e14\u6b63\u786e\u7b54\u6848\u662f\u56fa\u5b9a\u7684\u3002

\u76f4\u63a5python\u91cc\u8fd0\u884c\u4e0b[chr(i) for i in [0x75,0x62,0x61,0x6a,0x68]]\uff08\u53ef\u80fd\u9700\u8981\u4fee\u65390xXX\u7684\u503c\uff09\uff0c\u7136\u540e\u5c31\u5f97\u5230key\u4e86\u3002

Level 1.1

Reverse engineer this challenge to find the correct license key.

\u8fd9\u4e00\u9898\u6ca1\u6709\u76f4\u63a5\u628a\u6b63\u786e\u7b54\u6848\u5217\u51fa\u6765\u3002\u4e00\u79cd\u65b9\u6848\u662f\u5148gdb\u542f\u52a8\u7a0b\u5e8f\uff0c\u7136\u540e\u5728\u8981\u6c42\u8f93\u5165\u5bc6\u94a5\u7684\u65f6\u5019ctrl+c\u6682\u505c\u7a0b\u5e8f\uff0c\u7528bt\u67e5\u770b\u8c03\u7528\u6808\uff0c\u53ef\u4ee5\u770b\u5230__libc_start_main (main=0xXXXXX, argc=1, ....)\u3002\u7136\u540e\u67e5\u770bmain\u51fd\u6570\u7684\u6c47\u7f16\u6307\u4ee4x/80i 0xXXXX\uff0c\u53ef\u4ee5\u770b\u5230\u5176\u4e2d\u7684memcmp@plt\u51fd\u6570\u6240\u4f7f\u7528\u7684\u7684rsi\u6765\u81ea[rip+0x2abf]\u3002\u6307\u4ee4\u540e\u9762\u7684#\u6ce8\u91ca\u63d0\u793a\u4e86\u5bf9\u5e94\u7684\u5730\u5740\uff0c\u76f4\u63a5\u7528x/5c <address>\u67e5\u770b\u5bc6\u94a5\u5373\u53ef\u3002

\u6ce8\u610f\u6700\u540e\u8f93\u5165\u5bc6\u94a5\u65f6\u8981\u76f4\u63a5\u8fd0\u884c\u7a0b\u5e8f\uff0c\u4e0d\u8981\u5728gdb\u91cc\u9762\u8f93\uff0c\u4f1a\u63d0\u793a\u6743\u9650\u4e0d\u591f\u3002

Level 2.0

Reverse engineer this challenge to find the correct license key, but your input will be modified somehow before being compared to the correct key.

\u8fd9\u9053\u9898\u76ee\u4ea4\u6362\u4e86\u8f93\u5165\u5b57\u7b26\u4e32\u7684index 1\u548cindex 4\u7684\u5b57\u7b26\u3002

Level 2.1

\u8fd9\u9053\u9898\u76ee\u57282.0\u7684\u57fa\u7840\u4e0a\u9690\u53bb\u4e86\u8f93\u5165\u8f93\u51fa\u7ed3\u679c\u7684\u663e\u793a\uff0c\u56e0\u6b64\u9700\u8981gdb\u770b\u4e00\u4e0b\u505a\u4e86\u4ec0\u4e48\u64cd\u4f5c\u3002\u6309\u71671.1\u7684\u65b9\u6cd5\u67e5\u770bmemcmp\u9644\u8fd1\u7684\u51fd\u6570\uff0c\u53ef\u89c1\uff1a

0x5584f463251f:      lea    rax,[rbp-0xe]\n0x5584f4632523:      mov    edx,0x5\n0x5584f4632528:      mov    rsi,rax\n0x5584f463252b:      mov    edi,0x0\n0x5584f4632530:      call   0x5584f46321a0 <read@plt>\n0x5584f4632535:      movzx  eax,BYTE PTR [rbp-0xe]\n0x5584f4632539:      mov    BYTE PTR [rbp-0x10],al\n0x5584f463253c:      movzx  eax,BYTE PTR [rbp-0xd]\n0x5584f4632540:      mov    BYTE PTR [rbp-0xf],al\n0x5584f4632543:      movzx  eax,BYTE PTR [rbp-0xf]\n0x5584f4632547:      mov    BYTE PTR [rbp-0xe],al\n0x5584f463254a:      movzx  eax,BYTE PTR [rbp-0x10]\n0x5584f463254e:      mov    BYTE PTR [rbp-0xd],al\n0x5584f4632551:      lea    rdi,[rip+0xdb0]        # 0x5584f4633308\n0x5584f4632558:      call   0x5584f4632140 <puts@plt>\n0x5584f463255d:      lea    rax,[rbp-0xe]\n0x5584f4632561:      mov    edx,0x5\n0x5584f4632566:      lea    rsi,[rip+0x2aa3]        # 0x5584f4635010\n0x5584f463256d:      mov    rdi,rax\n0x5584f4632570:      call   0x5584f46321b0 <memcmp@plt>\n

\u8f93\u5165\u7684\u5b57\u7b26\u4e32\u88ab\u4fdd\u5b58\u5728[rbp-0xe]\u5904\uff0c\u4e14\u8fdb\u884c\u4e86[rbp-0xe]\u548c[rbp-0xd]\u7684\u4ea4\u6362\u3002\u4e5f\u5c31\u662f\u8bf4\u8f93\u5165\u5b57\u7b26\u4e32\u7684\u524d\u4e24\u4e2a\u5b57\u7b26\u88ab\u4ea4\u6362\u4e86\u3002\u67e5\u770bmemcmp\u52a0\u8f7d\u5230rsi\u7684\u5730\u5740\u5185\u5bb9x/5c 0x5584f4635010\u5f97\u5230\u5bf9\u5e94\u7684\u7b54\u6848\uff0c\u4ea4\u6362\u524d\u4e24\u4e2a\u5b57\u7b26\u5373\u53ef\u3002

Level 3.0-3.1

\u8fd0\u884c\u7a0b\u5e8f\uff0c\u968f\u4fbf\u8f93\u51e0\u4e2a\u6570\u3002\u663e\u5f0f\u544a\u8bc9\u4e86\u89c4\u5219\u662f\u9006\u5e8f\uff0c\u53c8\u628a\u6b63\u786e\u7b54\u6848\u6253\u5370\u51fa\u6765\u4e86\u3002

3.1\u731c\u6d4b\u548c3.0\u4e00\u6837\u4e5f\u662f\u9006\u5e8f\u3002\u76f4\u63a5\u63092.1\u7684\u65b9\u6cd5\u770b\u4e00\u4e0b[rbp-0xe]\u5904\u7684\u503c\u7136\u540e\u9006\u5e8f\u8f93\u5165\u5c31\u884c\u3002

Level 4.0-4.1

\u89c4\u5219\u662f\u8fdb\u884c\u9012\u589e\u6392\u5e8f\u3002\u8fd9\u4e0b\u53ea\u9700\u8981\u5305\u542b\u8fd9\u4e9b\u5b57\u6bcd\u5c31\u884c\u3002\uff08\u8fd9\u4e0d\u662f\u66f4\u7b80\u5355\u4e86\u2026\u2026\uff09

Level 5.0-5.1

\u8fd9\u9053\u9898\u662f\u5bf9\u8f93\u5165\u5b57\u7b26\u8fdb\u884c\u5f02\u6216\u3002\u7b80\u5355\u5199\u4e86\u4e2apython\uff0c\u5728\u63a7\u5236\u53f0\u4ea4\u4e92\u65f6\u8fd0\u884c\u4e0b\uff1a

tx = lambda x:int(x,16)\n''.join([chr(i^0xb8) for i in [tx(a) for a in 'd6 d5 d6 cf da'.split() ]])\n

5.1\u548c5.0\u7c7b\u4f3c\uff0c\u4eff\u7167\u4e4b\u524d\u7684\u65b9\u6cd5\u53ef\u4ee5\u770b\u5230\u5f02\u6216\u7528\u7684\u662f0x1c\u3002

Level 6.0

\u8fd9\u9053\u9898\u7ed3\u5408\u4e86\u4ea4\u6362\u3001\u5f02\u6216\u3001\u9006\u5e8f\u4e09\u79cd\u64cd\u4f5c\uff0c\u5e72\u8106\u5199\u4e2a\u811a\u672c\u5904\u7406\u4e0b\u5427\u3002

def do_reverse(li):\n    return li[::-1]\n\ndef do_swap(li, idx1, idx2):\n    li[idx1], li[idx2] = li[idx2], li[idx1]\n    return li\n\ndef do_xor(li, key):\n    xor_li = []\n    while key > 0:\n        xor_li.insert(0, key & 0xff)\n        key >>= 8\n    for i in range(len(li)):\n        li[i] ^= xor_li[i % len(xor_li)]\n    return li\n\ndef do_sort(li):\n    li.sort()\n    return li\n\ndef sanitize(s):\n    if type(s) is str:\n        f = lambda tx: int(tx,16)\n        return [f(i) for i in s.split()]\n    if type(s) is list:\n        return ''.join([chr(i) for i in s])\n\nprint(sanitize(do_swap(do_xor(do_reverse(sanitize('51 90 52 86 58 98 4d 81 4b 84 4f 9a 57 8c 51 91 56')),0x3ef5),5,6)))\n

6.1\u6709\u70b9\u5947\u602a\uff0c\u770b\u6c47\u7f16\u597d\u50cf\u662f\u5148\u9006\u5e8f\u4e00\u904d\uff0c\u518d\u9006\u5e8f\u4e00\u904d\uff0c\u518d\u9010\u5b57\u8282\u4e0e0xbb\u5f02\u6216\u3002\u597d\u50cf\u548c5.0\u7684\u7f6e\u6362-\u5f02\u6216-\u9006\u5e8f\u4e0d\u4e00\u6837\u7684\uff1f\u53ef\u80fd\u662f\u968f\u673a\u9009\u62e9\u7b56\u7565\u5427\u3002

Level 7.0-7.1

7.0\u7528\u4e0a\u4e00\u4e2a\u811a\u672c\u5373\u53ef\u3002

print(sanitize(do_swap(do_sort(do_xor(do_swap(do_xor(sanitize(' 16 34 42 00 13 31 46 0d 1c 3b 4e 15 05 22 52 10 04 22 54 1c 0f 2e 59 1d 0e 2f 5b'),0x85a4d396),13,16),0xf2)),7,10)))\n

7.1\u662f\u5148\u548c0x15ca\u5f02\u6216\uff0c\u7136\u540e\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9012\u589e\u6392\u5e8f

print(sanitize(do_xor(sanitize('60 61 64 66 67 6c 70 70 71 74 77 7c 7c 7d 7f a5 a5 a5 a8 ab ab af b0 b3 b8 b9 ba bb'),0x15ca)))\nprint(sanitize(do_xor(sanitize('60 61 64 66 67 6c 70 70 71 74 77 7c 7c 7d 7f a5 a5 a5 a8 ab ab af b0 b3 b8 b9 ba bb'),0xca15)))\n\n#u\u00abq\u00acr\u00a6e\u00bad\u00beb\u00b6i\u00b7jo\u00b0o\u00bda\u00bee\u00a5y\u00ads\u00afq\n#\u00aat\u00aes\u00ady\u00bae\u00bba\u00bdi\u00b6h\u00b5\u00b0o\u00b0b\u00bea\u00baz\u00a6r\u00acp\u00ae\n#\u7136\u540e\u628a\u4e24\u4e2a\u7ed3\u679c\u4e2d\u5b57\u6bcd\u6392\u8d77\u6765\n#utqsryeedabiihjooobaaezyrspq\n
"},{"location":"pwn-college-cse365-spring2023/#\u603b\u7ed3","title":"\u603b\u7ed3","text":"

CSE 365\u8fd8\u662f\u5c5e\u4e8e\u6bd4\u8f83\u5165\u95e8\u7684\u7c7b\u578b\uff0c\u6253\u597d\u57fa\u7840\uff01

"},{"location":"python/","title":"Python","text":"

\u7ea6 786 \u4e2a\u5b57 242 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 27 \u5206\u949f

"},{"location":"python/#\u4e00\u4e9b\u5c0f\u70b9","title":"\u4e00\u4e9b\u5c0f\u70b9","text":""},{"location":"python/#\u83b7\u53d6\u672a\u77e5\u5bf9\u8c61\u7684\u6240\u6709\u5c5e\u6027","title":"\u83b7\u53d6\u672a\u77e5\u5bf9\u8c61\u7684\u6240\u6709\u5c5e\u6027","text":"

obj.__dir__() \u6216\u8005dir(obj)

"},{"location":"python/#\u53c2\u6570\u89e3\u6790argparse","title":"\u53c2\u6570\u89e3\u6790\uff1aargparse","text":"

\u6839\u636e\u7528\u6237\u4f20\u53c2\u800c\u6267\u884c\u4e0d\u540c\u7684\u529f\u80fd\uff0c\u53c8\u5206\u591a\u4e2a\u5c42\u6b21\u3002\u6bd4\u5982pip3\u547d\u4ee4\uff0c\u53ef\u4ee5\u6709pip3 install\u548cpip3 freeze\u7b49\u7b49\uff0c\u5bf9\u4e8e\u6bcf\u4e00\u4e2a\u5b50\u89e3\u6790\u53c8\u6709\u8fdb\u4e00\u6b65\u7684\u53c2\u6570\uff0c\u6bd4\u5982pip3 install \u2013upgrade, pip3 install \u2013force-reinstall\u7b49\u7b49\u3002

import argparse\n\ndef populate_parser(parser):\n    parser.add_argument('input_file', type=str, help=\"Path to the file containing the mutated input to load\")\n    parser.add_argument('--prefix-input', dest='prefix_input_path', type=str, help=\"(Optional) Path to the file containing a constant input to load\")\n    parser.add_argument('-c', '--config', default=\"config.yml\", help=\"The emulator configuration to use. Defaults to 'config.yml'\")\n\n    # Verbosity switches\n    parser.add_argument('-v', '--print-exit-info', default=False, action=\"store_true\", help=\"Print some information about the exit reason.\")\n    parser.add_argument('-t', '--trace-funcs', dest='trace_funcs', default=False, action='store_true')\nparser = argparse.ArgumentParser(description=\"Fuzzware\")\nsubparsers = parser.add_subparsers(title=\"Fuzzware Components\", help='Fuzzware utilities:', description=\"Fuzzware supports its different functions using a set of utilities.\\n\\nUse 'fuzzware <util_name> -h' for more details.\")\nparser_pipeline = subparsers.add_parser(MODE_PIPELINE, help=\"Running the full pipeline. Fuzzware's main utility.\")\nparser_pipeline.set_defaults(func=do_pipeline)\n# Pipeline command-line arguments\nparser_pipeline.add_argument('target_dir', nargs=\"?\", type=os.path.abspath, default=os.curdir, help=\"Directory containing the main config. Defaults to the current working dir.\")\n\n\nparser = argparse.ArgumentParser(description=\"Fuzzware emulation harness\")\npopulate_parser(parser)\n
"},{"location":"python/#\u914d\u7f6e\u8bfb\u53d6yaml","title":"\u914d\u7f6e\u8bfb\u53d6\uff1ayaml","text":"

\u9664\u4e86argparse\u4ee5\u5916\uff0c\u53ef\u4ee5\u628a\u4e00\u4e9b\u5f88\u957f\u7684\u914d\u7f6e\u6570\u636e\uff08\u6bd4\u5982\u591a\u5230\u547d\u4ee4\u884c\u6572\u662f\u4e0d\u73b0\u5b9e\u7684\uff09\u653e\u5230yml\u91cc\uff0c\u7136\u540e\u7528yaml\u8bfb\u53d6\uff0c\u5f97\u5230\uff08\u5d4c\u5957\u7684\uff09\u5b57\u5178\uff0c\u7136\u540e\u518d\u53d6\u5185\u5bb9\u5c31\u5f88\u65b9\u4fbf\u4e86\u3002\u9700\u8981pip\u5b89\u88c5pyyaml\u8fd9\u4e2a\u5305

import yaml\n\nwith open('config.yml', 'rb') as f:\n    data = yaml.load(f, Loader=yaml.FullLoader)\n    print(data)\n

\u90a3\u4e48data\u5c31\u662f\u4e00\u4e2a\u5b57\u5178\uff0c\u6839\u636eyml\u91cc\u7684\u5185\u5bb9\u53ef\u80fd\u6210\u4e3a\u5d4c\u5957\u5173\u7cfb\u3002\u5b57\u5178\u91cc\u4e3a\u7a7a\u7684\u503c\u4f1a\u53d8\u6210None\uff0ctrue\u6216True\u6216TRUE\u90fd\u4f1a\u53d8\u6210True\uff0c\u6570\u5b57\u4f1a\u88ab\u8bc6\u522b\u6210\u6574\u6570\u6216\u6d6e\u70b9\u6570\uff0c\u5b57\u7b26\u4e32\u4f1a\u88ab\u8bc6\u522b\u6210\u5b57\u7b26\u4e32\uff08\u542b\u7a7a\u683c\uff09

\u6bd4\u5982\u4e0b\u9762\u7684yml\u6587\u4ef6

item:\n  test1: 1\n  test2: 2\n  test2.1: TRUE\n  test2.2: true\n  test2.3: True\nmatters:\n  test3: 3\n  3: 333\n  test4: 4\n  test5: ${item.test1}\n  test6: a b c d\n  test7: \n

\u4f1a\u88ab\u8bc6\u522b\u4e3a

{'item': {'test1': 1, 'test2': 2, 'test2.1': True, 'test2.2': True, 'test2.3': True}, 'matters': {'test3': 3, 3: 333, 'test4': 4, 'test5': '${item.test1}', 'test6': 'a b c d', 'test7': None}}\n
"},{"location":"python/#\u914d\u7f6e\u8bfb\u53d6json","title":"\u914d\u7f6e\u8bfb\u53d6\uff1ajson","text":"

\u9664\u4e86yaml\u4ee5\u5916\uff0c\u7528json\u4e5f\u53ef\u4ee5\u5f88\u65b9\u4fbf\u5730\u5904\u7406\u914d\u7f6e\u3002\u800c\u4e14\u4e0d\u9700\u8981\u989d\u5916\u4e0b\u8f7d\u4ec0\u4e48\u5305\u3002

import json\n\nconfig = json.load(open('config.json','r',encoding='utf8')) # \u76f4\u63a5\u62ff\u5230\u4e86\u5b57\u5178\u683c\u5f0f\u7684config\njson.dump(config, open('config.json', 'w',encoding='utf8'), indent=4, ensure_ascii=False)\n
"},{"location":"python/#\u8fdb\u5ea6\u6761\u8f93\u51fatqdm","title":"\u8fdb\u5ea6\u6761\u8f93\u51fa\uff1atqdm","text":"
from tqdm import tqdm  # \u7528\u4e8e\u663e\u793a\u8fdb\u5ea6\u6761\nwith tqdm(total=total_num, desc=\"Sample progress bar\", unit=\"file\") as pbar:\n    pbar.update(1)\n
"},{"location":"python/#\u8f93\u51fa\u65e5\u5fd7logging","title":"\u8f93\u51fa\u65e5\u5fd7\uff1alogging","text":"

\u5728\u5f00\u53d1\u7a0b\u5e8f\u7684\u65f6\u5019\uff0c\u9047\u5230bug\u6216\u8005\u60f3\u5f04\u6e05\u695a\u4e34\u65f6\u7ed3\u679c\u3001\u63a7\u5236\u6d41\u8d70\u5411\u7684\u65f6\u5019\uff0c\u91c7\u7528print\u7684\u4f20\u7edf\u65b9\u6cd5\u6765\u6253\u5370\u53d8\u91cf\u6709\u70b9\u8fc7\u4e8e\u8822\u7b28\u4e86\u3002\u800c\u4f7f\u7528logging\u53ef\u4ee5\u968f\u65f6\u6253\u5370\u6570\u636e\u5230\u63a7\u5236\u53f0\u6216\u6587\u4ef6\uff0c\u53ef\u4ee5\u81ea\u5b9a\u4e49\u6253\u5370\u8303\u56f4\uff0c\u800c\u4e14\u6613\u4e8e\u8c03\u8bd5\u3002

import logging\n\nlogging.basicConfig(format='[%(levelname)s %(filename)s:%(lineno)d]: %(message)s', stream=sys.stdout, level=logging.DEBUG)\nlogger = logging.getLogger('TEST')\n\nlogger.debug('here is a test!')\nlogger.info('info level')\n

\u5f53\u7136\u4e5f\u53ef\u4ee5\u5168\u9762\u4e86\u89e3\u4e0blogging\uff0c\u63a8\u8350\u9605\u8bfb\u8fd9\u4e2a\u77e5\u4e4e\u4e13\u680f

import logging\n\n# 1\u3001\u521b\u5efa\u4e00\u4e2alogger\nlogger = logging.getLogger('mylogger')\nlogger.setLevel(logging.DEBUG)\n\n# 2\u3001\u521b\u5efa\u4e00\u4e2ahandler\uff0c\u7528\u4e8e\u5199\u5165\u65e5\u5fd7\u6587\u4ef6\nfh = logging.FileHandler('test.log')\nfh.setLevel(logging.DEBUG)\n\n# \u518d\u521b\u5efa\u4e00\u4e2ahandler\uff0c\u7528\u4e8e\u8f93\u51fa\u5230\u63a7\u5236\u53f0\nch = logging.StreamHandler()\nch.setLevel(logging.DEBUG)\n\n# 3\u3001\u5b9a\u4e49handler\u7684\u8f93\u51fa\u683c\u5f0f\uff08formatter\uff09\nformatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')\n\n# 4\u3001\u7ed9handler\u6dfb\u52a0formatter\nfh.setFormatter(formatter)\nch.setFormatter(formatter)\n\n# 5\u3001\u7ed9logger\u6dfb\u52a0handler\nlogger.addHandler(fh)\nlogger.addHandler(ch)\n

\u4ee5\u53ca\u4fee\u6539log\u7684\u989c\u8272(\u4e0d\u8fc7\u6ca1\u6709\u8bd5\u8fc7\uff0c\u4e0d\u77e5\u9053\u662f\u5426\u53ef\u7528)

"},{"location":"python/#\u63a5\u53e3\u8bbe\u8ba1","title":"\u63a5\u53e3\u8bbe\u8ba1","text":"

\u4e00\u7cfb\u5217\u76f8\u4f3c\u7684\u51fd\u6570\u5b8c\u6210\u76f8\u4f3c\u7684\u529f\u80fd\uff08\u6bd4\u5982\u4e0d\u540c\u89e3\u6790\u51fd\u6570\u89e3\u6790\u4e0d\u540c\u79cd\u7c7b\u7684\u65e5\u5fd7\uff0c\u90fd\u5b8c\u6210\u201c\u6570\u636e\u5904\u7406\u201d\u8fd9\u4e00\u529f\u80fd\uff09\u65f6\uff0c\u53ef\u4ee5\u5c06\u51fd\u6570\u540d\u4f5c\u4e3a\u53c2\u6570\u4f20\u5165\u516c\u5171\u5904\u7406\u51fd\u6570\uff0c\u8bbe\u8ba1\u66f4\u6e05\u6670\u3002

import re\n\n# 0000 11c4 0\nbb_regex = re.compile(r\"([0-9a-f]+) ([0-9a-f]+) ([0-9]+)\")\ndef parse_bb_line(line):\n    event_id, pc, cnt = bb_regex.match(line).groups()\n\n    event_id = int(event_id, 16)\n    pc = int(pc, 16)\n    cnt = int(cnt)\n\n    return event_id, pc, cnt\n\ndef parse_mmio_set_line(line):\n    pc, addr, mode = line.split(\" \")\n    return (int(pc, 16), int(addr, 16), mode[0])\n\ndef _parse_file(filename, line_parser):\n    try:\n        with open(filename, \"r\") as f:\n            return [line_parser(line) for line in f.readlines() if line]\n    except FileNotFoundError:\n        return []\n\ndef parse_bbl_trace(filename):\n    return _parse_file(filename, parse_bb_line)\n\ndef parse_mmio_set(filename):\n    return _parse_file(filename, parse_mmio_set_line)\n
"},{"location":"python/#\u4e2d\u95f4\u6570\u636e\u5b58\u50a8capnp","title":"\u4e2d\u95f4\u6570\u636e\u5b58\u50a8\uff1acapnp","text":"

Cap\u2019n Proto\u597d\u50cf\u662f\u4e00\u79cd\u5e2e\u52a9\u5feb\u901f\u5e8f\u5217\u5316/\u53cd\u5e8f\u5217\u5316\u7684\u5de5\u5177\uff0cpython\u8fd9\u8fb9\u5c01\u88c5\u4e86C++\u7684\u5b9e\u73b0\uff0c\u9700\u8981pip\u5b89\u88c5pycapnp\u8fd9\u4e2a\u5305\u3002\u4f7f\u7528\u65f6\u9700\u8981\u9996\u5148\u5b9a\u4e49\u6570\u636e\u7ed3\u6784\uff0c\u6bd4\u5982\uff1a

// test.capnp\nstruct TraceEvent {\n  union {\n    basicBlock @0 :BasicBlock;\n    access @1 :Access;\n  }\n}\n\nstruct BasicBlock {\n    pc @0 :UInt32;\n    lr @1 :UInt32;\n}\n\nstruct Access {\n    target @0 :AccessTarget;\n    type @1 :AccessType;\n    size @2 :UInt8;\n    pc @3 :UInt32;\n}\n\nenum AccessTarget {\n    ram @0;\n    mmio @1;\n}\nenum AccessType {\n    read @0;\n    write @1;\n}\n
\u4f7f\u7528\u65f6\uff0cpython\u7a0b\u5e8f\u5982\u4e0b\uff1a

import capnp\nimport test_capnp\n\n# \u8fde\u7eed\u5199\u5165\u6587\u4ef6\uff0c\u5bf9union\u521d\u59cb\u5316\ntrace_file = open('test.bin','wb')\nevent = test_capnp.TraceEvent.new_message()\nbasicBlock = event.init('basicBlock')\nbasicBlock.pc = uc.reg_read(UC_ARM_REG_PC)\nbasicBlock.lr = uc.reg_read(UC_ARM_REG_LR)\nevent.write(trace_file)\nevent.write(trace_file)\ntrace_file.close()\n\n# \u4ece\u6587\u4ef6\u4e2d\u8fde\u7eed\u8bfb\u53d6\uff0c\u89e3\u6790union\ntrace_file = open('test.bin','rb')\nfor event in test_capnp.TraceEvent.read_multiple(f):\n    if event.which() == 'basicBlock':\n        print(event.basicBlock.pc)\ntrace_file.close()\n
"},{"location":"python/#\u8ba1\u65f6\u7ec8\u6b62\u7a0b\u5e8f","title":"\u8ba1\u65f6\u7ec8\u6b62\u7a0b\u5e8f","text":"

\u5982\u679c\u9700\u8981\u8ba9\u7a0b\u5e8f\u5728\u8fd0\u884c\u4e00\u6bb5\u65f6\u95f4\u540e\u7ec8\u6b62\uff0c\u5728\u7a0b\u5e8f\u5185\u90e8\u8fdb\u884c\u65f6\u95f4\u68c0\u67e5\u5e76\u4e0d\u4f18\u96c5\uff08\u56e0\u4e3a\u662f\u65e0\u5173\u903b\u8f91\u7684\uff09\uff1b\u53ef\u4ee5\u4e3a\u8fd9\u4e2a\u5b50\u7a0b\u5e8f\u8bbe\u8ba1signal

pipeline = Pipeline(args.target_dir, args.project_name, args.base_inputs, args.num_local_fuzzer_instances, args.disable_modeling, write_worker_logs=not args.silent_workers, do_full_tracing=args.full_traces, config_name=args.runtime_config_name, timeout_seconds=timeout_seconds, use_aflpp=args.aflpp)\n\ntry:\n    if timeout_seconds != 0:\n        def handler(signal_no, stack_frame):\n            pipeline.request_shutdown()\n\n        # spin up an alarm for the time\n        signal.signal(signal.SIGALRM, handler)\n        signal.alarm(timeout_seconds)\n\n    pipeline.start()\nexcept Exception as e:\n    logger.error(f\"Got exception, shutting down pipeline: {e}\")\n    import traceback\n    traceback.print_exc()\n    status = 1\n
"},{"location":"python/#\u4e8c\u8fdb\u5236\u5b57\u8282\u4e0ehex\u4e92\u76f8\u8f6c\u6362intelhex","title":"\u4e8c\u8fdb\u5236\u5b57\u8282\u4e0ehex\u4e92\u76f8\u8f6c\u6362\uff1aIntelHex","text":"

fuzzware\u91cc\u6dfb\u52a0\u9000\u51fahandler\u6253\u5370state\uff08\u5373\u6a21\u62dfcoredump\uff09\u65f6\uff0c\u4f7f\u7528\u4e86IntelHex\u6765\u4fdd\u5b58\u4e2d\u95f4\u7ed3\u679c\u3002\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u4f8b\u5b50\uff0c\u8fdb\u884c\u76f8\u4e92\u8f6c\u5316\u3002IntelHex\u6587\u4ef6\u672c\u8eab\u7684\u683c\u5f0f\uff0c\u53ef\u4ee5\u53c2\u8003\u8fd9\u91cc

from intelhex import IntelHex\nih = IntelHex()\n\ndata = {\n    0x30000000: b'\\x00\\x01\\x02\\x03\\x04',\n    0x20002000: b'\\x04\\x05\\x06\\x07'\n}\n\nfor base_addr, contents in data.items():\n    ih.puts(base_addr, contents)\n\nwith open('test.hex', 'w') as f:\n    ih.write_hex_file(f)\n\n\n# \u4ece\u5df2\u6709\u7684hex\u6587\u4ef6\u4e2d\u8bfb\u53d6\u6570\u636e\nih = IntelHex()\nih.fromfile('test.hex', format='hex')\n\n\"\"\"test.hex\n:020000042000DA\n:0420000004050607C6\n:020000043000CA\n:050000000001020304F1\n:00000001FF\n\nhex\u683c\u5f0f\u4ee5\u5192\u53f7\u5f00\u5934\uff0c\u968f\u540e1\u5b57\u8282\u8868\u793a\u6570\u636e\u957f\u5ea6\uff0c\u7d27\u63a54\u5b57\u8282\u8868\u793a\u5730\u5740\uff0c\u968f\u540e1\u5b57\u8282\u4e3a\u8bb0\u5f55\u7c7b\u578b\uff1a\n00\uff1a\u8868\u793a\u6570\u636e\n01\uff1a\u8868\u793a\u6587\u4ef6\u7ed3\u675f\n02\uff1a\u8868\u793a\u6269\u5c55\u6bb5\u5730\u5740\u3002\u968f\u540e\u76842\u5b57\u8282\u5de6\u79fb4\u4f4d\uff0c\u4f5c\u4e3a\u6bb5\u5730\u5740\uff0c\u5728\u4e4b\u540e\u7684\u8ba1\u7b97\u4e2d\u548c\u5730\u5740\u76f8\u52a0\u4f5c\u4e3a\u6700\u540e\u5730\u5740\n03\uff1a\u8868\u793a\u8d77\u59cb\u6bb5\u5730\u5740\u3002\u968f\u540e\u76844\u5b57\u8282\u4e2d\uff0c\u524d\u3001\u540e2\u5b57\u8282\u5206\u522b\u8868\u793aCS\u3001IP\n04\uff1a\u8868\u793a\u6269\u5c55\u7ebf\u6027\u5730\u5740\u3002\u968f\u540e\u76842\u5b57\u8282\u6307\u5b9a32\u5730\u5740\u7684\u9ad816\u4f4d\n05\uff1a\u8868\u793a\u8d77\u59cb\u7ebf\u6027\u5730\u5740\u3002\u968f\u540e\u76844\u5b57\u8282\u6307\u5b9a\u6307\u4ee4\u6267\u884c\u8d77\u59cb\u5730\u5740\n\u6700\u540e\u4e00\u5b57\u8282\u8868\u793a\u6821\u9a8c\u7801\n\n\u6bd4\u5982:020000042000DA\uff0c\u5206\u4e3a:02 0000 04 2000 DA\n\"\"\"\n\n# \u83b7\u53d6\u89e3\u6790\u540e\u7684\u6570\u636e\uff0c\u5e76\u5408\u5e76\u8fde\u7eed\u7684\u5730\u5740\nrestored_data = {}\ncurrent_address = None\ncurrent_data = b''\n\nfor address in ih.addresses():\n    # Check if the address is consecutive with the current data\n    if current_address is None or address == current_address + len(current_data):\n        if current_address is None:\n            current_address = address\n        current_data += bytes([ih[address]])\n    else:\n        # Save the previous data and start a new block\n        restored_data[current_address] = current_data\n        current_address = address\n        current_data = bytes([ih[address]])\n\n# Save the last block of data\nif current_address is not None:\n    restored_data[current_address] = current_data\n\n# \u8f93\u51fa\u8fd8\u539f\u540e\u7684data\u5b57\u5178\nprint(restored_data)\n# {536879104: b'\\x04\\x05\\x06\\x07', 805306368: b'\\x00\\x01\\x02\\x03\\x04'}\n
"},{"location":"python/#\u53c2\u8003\u8d44\u6599","title":"\u53c2\u8003\u8d44\u6599","text":""},{"location":"rca/","title":"\u6839\u56e0\u5206\u6790","text":"

\u7ea6 2291 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 8 \u5206\u949f

\u4ec0\u4e48\u662f\u6839\u56e0\u5206\u6790\uff1f \u6839\u56e0\u5206\u6790(Root Cause Analysis)\u6216\u8005\u8bf4\u7f3a\u9677\u5b9a\u4f4d(Fault Localization)\u662f\u7a0b\u5e8f\u5f00\u53d1\u4eba\u5458\u6216\u5b89\u5168\u5206\u6790\u4eba\u5458\u5728\u786e\u8ba4\u7a0b\u5e8f\u5b58\u5728\u5f02\u5e38\u884c\u4e3a\u540e\uff0c\u901a\u8fc7\u624b\u52a8\u6216\u81ea\u52a8\u7684\u65b9\u6cd5\u6765\u5b9a\u4f4d\u5f02\u5e38\u884c\u4e3a\u7684\u6839\u672c\u539f\u56e0\u7684\u8fc7\u7a0b\u3002\u6839\u56e0\u5206\u6790\u662f\u7a0b\u5e8f\u5b89\u5168\u5206\u6790\u6d41\u7a0b\u4e2d\u6bd4\u8f83\u91cd\u8981\u7684\u4e00\u73af\u3002

\u4e3a\u4ec0\u4e48\u9700\u8981\u8bbe\u8ba1\u4e00\u4e9b\u6839\u56e0\u5206\u6790\u65b9\u6cd5\uff1f \u5728\u5f53\u4e0b\u5404\u7c7b\u81ea\u52a8\u5316\u6f0f\u6d1e\u6316\u6398\u5de5\u5177(\u6bd4\u5982\u5404\u7c7bfuzzer)\u7684\u8f85\u52a9\u4e0b\uff0c\u6bcf\u65e5\u53d1\u73b0\u7684bug\u6570\u91cf\u5df2\u7ecf\u8fdc\u8d85\u5f00\u53d1\u4eba\u5458\u786e\u8ba4\u5e76\u4fee\u590d\u7684\u6570\u91cf\u3002\u8bbe\u8ba1\u4e00\u79cd\u81ea\u52a8\u5316\u53d1\u73b0\u6f0f\u6d1e\u7684\u5de5\u5177\u5e76\u4e0d\u96be\uff0c\u96be\u5728\u5982\u4f55\u6839\u636e\u8fd9\u4e9b\u5de5\u5177\u62a5\u51fa\u7684crash\u4fe1\u606f\u6765\u51c6\u786e\u5730\u5206\u6790\u51fa\u6f0f\u6d1e\u7684\u6839\u672c\u539f\u56e0\u3002\u5bf9\u4e8e\u5927\u578b\u7a0b\u5e8f\u800c\u8a00\uff0c\u5d29\u6e83\u6d4b\u8bd5\u6837\u4f8b(crashing testcase)\u6267\u884c\u4e0b\u6765\u53ef\u80fd\u7ecf\u5386\u4e86\u51e0\u767e\u4e07\u6761\u6c47\u7f16\u6307\u4ee4\uff0c\u624b\u5de5\u786e\u8ba4\u7a0d\u5fae\u6709\u70b9\u4e0d\u73b0\u5b9e\u4e86\u3002\u56e0\u6b64\u9700\u8981\u8bbe\u8ba1\u4e00\u4e9b(\u81ea\u52a8\u5316)\u7684\u6839\u56e0\u5206\u6790\u5de5\u5177\u3002

\u600e\u4e48\u8fdb\u884c\u6839\u56e0\u5206\u6790\uff1f\u76ee\u524d\u6709\u54ea\u4e9b\u5de5\u4f5c\uff1f \u6700\u6734\u7d20\u800c\u76f4\u89c2\u7684\u601d\u60f3\u5c31\u662f\u6d88\u8017\u5b89\u5168\u5206\u6790\u4eba\u5458\u7684\u7cbe\u529b\uff0c\u4ece\u7a0b\u5e8f\u7684\u5165\u53e3\u70b9(entry)\u6216\u8005\u5d29\u6e83\u70b9(crash site)\u51fa\u53d1\uff0c\u770b\u770b\u7a0b\u5e8f\u662f\u600e\u4e48\u6267\u884c\u7684\uff0c\u54ea\u4e9b\u5143\u7d20(program entity)\u4f1a\u5bfc\u81f4\u6700\u540e\u7684crash\uff0c\u7136\u540e\u518d\u8fdb\u884c\u5bf9\u5e94\u7684\u4fee\u590d\u3002\u6839\u636e\u5b9a\u4f4d\u5143\u7d20\u7684\u7c92\u5ea6\u4e0d\u540c\uff0c\u6839\u56e0\u5206\u6790\u53ef\u4ee5\u5b9a\u4f4d\u5230\u51fd\u6570\u7ea7(function level)\u3001\u8bed\u53e5\u7ea7(statement level)\u3001\u6c47\u7f16\u6307\u4ee4\u7ea7(instruction level)\u3002\u7531\u4e8e\u5728\u6c47\u7f16\u6307\u4ee4\u4e0a\u8fdb\u884c\u5206\u6790\u53ef\u4ee5\u66f4\u666e\u9002\u5730\u9002\u5e94\u591a\u79cd\u7f16\u7a0b\u8bed\u8a00\u3001\u4e0d\u9700\u8981\u83b7\u53d6\u6e90\u7801\uff0c\u6240\u4ee5\u4e0b\u6587\u7684\u8ba8\u8bba\u90fd\u662f\u56f4\u7ed5\u6c47\u7f16\u6307\u4ee4\u7ea7\u5c55\u5f00\u3002

\u76ee\u524d\u4e00\u4e9b\u81ea\u52a8\u5316\u6839\u56e0\u5206\u6790\u7814\u7a76\u601d\u8def\u6709\uff1a

  1. \u57fa\u4e8e\u7a0b\u5e8f\u8c31\u7684\u5206\u6790\u65b9\u6cd5(Spectrum-based)\u3002\u5927\u6982\u601d\u8def\u662f\u4e0d\u9700\u8981\u8003\u8651\u6c47\u7f16\u6307\u4ee4\u7684\u8bed\u4e49\u4fe1\u606f\uff0c\u5229\u7528\u4e00\u4e9b\u7edf\u8ba1\u5b66\u7684\u65b9\u6cd5\u6765\u5206\u6790\u54ea\u4e9b\u6307\u4ee4\u6709\u95ee\u9898\u3002\u8fd9\u7c7b\u65b9\u6cd5\u57fa\u4e8e\u8fd9\u6837\u4e00\u4e2a\u573a\u666f\uff1a\u5047\u8bbe\u6211\u4eec\u6709\u4e00\u5927\u6279\u76f8\u4f3c\u7684\u6d4b\u8bd5\u6837\u4f8b\uff0c\u5176\u4e2d\u6709\u4e9b\u4f1a\u5bfc\u81f4\u7a0b\u5e8f\u5d29\u6e83\uff0c\u6709\u4e9b\u4e0d\u4f1a\uff0c\u90a3\u4e48\u8fd9\u4e24\u7c7b\u6d4b\u8bd5\u6837\u4f8b\u7684\u6267\u884c\u8def\u5f84\u53ef\u80fd\u6709\u4e0d\u540c\u7684\u504f\u597d\u3002\u90a3\u4e48\u90a3\u4e9b\u66f4\u503e\u5411\u4e8e\u5728\u5d29\u6e83\u6d4b\u8bd5\u6837\u4f8b\u4e2d\u6267\u884c\u7684\u6307\u4ee4\u66f4\u6709\u53ef\u80fd\u662froot cause\u3002
  2. \u4e8b\u540e\u5206\u6790\u65b9\u6cd5(Postmortem-based)\u3002\u76f4\u8bd1\u5c38\u68c0\u5206\u6790\uff0c\u5f62\u8c61\u7406\u89e3\u4e3a\u4ece\u7a0b\u5e8f\u5d29\u6e83\u540e\u7559\u4e0b\u7684\u201c\u5c38\u4f53\u201d\u5f00\u59cb\u5206\u6790\u3002\u5b83\u5047\u5b9a\u7a0b\u5e8f\u5d29\u6e83\u540e\u4f1a\u4ea7\u751f\u4e00\u4e2acoredump(\u6838\u5fc3\u8f6c\u50a8)\u6587\u4ef6\uff0c\u5305\u542b\u4e86\u5d29\u6e83\u70b9\u7684\u5185\u5b58\u5feb\u7167(memory snapshot)\uff0c\u4ee5\u53ca\u8fd9\u4e2a\u6d4b\u8bd5\u6837\u4f8b\u7684\u6267\u884c\u8def\u5f84(execution trace)\u3002\u524d\u8005\u7528\u4e8e\u63d0\u4f9b\u6570\u636e\u6d41\u4fe1\u606f(\u6bd4\u5982\u5185\u5b58\u503c\u3001\u5bc4\u5b58\u5668\u503c)\uff0c\u540e\u8005\u7528\u4e8e\u63d0\u4f9b\u63a7\u5236\u6d41\u4fe1\u606f(\u6c47\u7f16\u6307\u4ee4\u6267\u884c\u4e0e\u8df3\u8f6c)\u3002\u5728\u6b64\u57fa\u7840\u4e0a\uff0c\u7ed3\u5408\u4e00\u4e9b\u9006\u5411\u6267\u884c(reverse execution)\u548c\u540e\u5411\u6c61\u70b9\u5206\u6790(backward taint analysis)\u7684\u65b9\u6cd5\uff0c\u5b9a\u4f4d\u53ef\u80fd\u7684root cause\u3002
  3. \u57fa\u4e8e\u6a21\u578b\u7684\u5206\u6790\u65b9\u6cd5(Model-based)\u3002\u8fd9\u4e00\u7c7b\u65b9\u6cd5\u662f\u8fd1\u4e9b\u5e74\u63d0\u51fa\u7684\uff0c\u5b83\u901a\u8fc7\u5b9a\u4e49\u8bed\u4e49\u76f8\u5173\u7684\u6a21\u578b\uff0c\u5229\u7528\u673a\u5668\u5b66\u4e60\u6216\u6df1\u5ea6\u5b66\u4e60\u7684\u601d\u60f3\uff0c\u627e\u5230\u8bed\u4e49\u4e0a\u5bfc\u81f4\u5d29\u6e83\u7684root cause\u3002

\u8fd9\u4e9b\u7814\u7a76\u601d\u8def\u90fd\u89e3\u51b3\u4e86\u4ec0\u4e48\u95ee\u9898\uff1f\u6709\u4ec0\u4e48\u72ec\u7279\u7684\u4f18\u70b9\uff1f\u5b58\u5728\u54ea\u4e9b\u72ec\u6709\u7684\u4e0d\u8db3\uff1f \u57fa\u4e8e\u7a0b\u5e8f\u8c31\u7684\u5206\u6790\u65b9\u6cd5\u76f4\u89c2\u4e0a\u4f3c\u4e4e\u6709\u70b9\u9053\u7406\u3002\u5b83\u4ec5\u8003\u8651\u6c47\u7f16\u6307\u4ee4\u672c\u8eab\uff0c\u800c\u4f46\u4ec5\u4ec5\u4ece\u7edf\u8ba1\u7ed3\u679c\u4e0a\u53bb\u5206\u6790\uff0c\u53ef\u80fd\u5e76\u4e0d\u80fd\u51c6\u786e\u5206\u6790\u51fa\u903b\u8f91\u4e0a\u7684root cause\u3002\u8fd9\u7c7b\u65b9\u6cd5\u4e00\u822c\u4f1a\u8bbe\u8ba1\u4e00\u79cd\u6392\u540d\u7b56\u7565(ranking)\uff0c\u5bf9\u9009\u62e9\u51fa\u7684\u53ef\u7591\u6307\u4ee4\u8fdb\u884ctop1-topn\u7684\u6392\u540d\uff0c\u6765\u8bd5\u56fe\u63d0\u9ad8\u51c6\u786e\u6027\u3002\u8fd9\u7c7b\u65b9\u6cd5\u4e00\u822c\u9700\u8981\u6839\u636e\u4e00\u4e2a\u5d29\u6e83\u6837\u4f8b\u4ee5\u53ca\u548c\u5b83\u76f8\u4f3c\u7684\u5d29\u6e83\u6837\u4f8b\u548c\u975e\u5d29\u6e83\u6837\u4f8b\u8fdb\u884c\u5206\u6790\uff0c\u56e0\u6b64\u65f6\u7a7a\u5f00\u9500\u90fd\u6bd4\u8f83\u5927\u3002

\u4e8b\u540e\u5206\u6790\u65b9\u6cd5\u76f8\u6bd4\u7a0b\u5e8f\u8c31\u5206\u6790\u65b9\u6cd5\u8003\u8651\u4e86\u6307\u4ee4\u8bed\u4e49\uff0c\u6bd4\u5982\u5728\u9006\u5411\u6267\u884c\u7684\u65f6\u5019\u4f1a\u8bbe\u8ba1\u4e00\u4e9b\u6c47\u7f16\u6307\u4ee4handler\uff0c\u5bf9\u4e8e\u5185\u5b58\u7684\u5206\u6790\u4e5f\u4f1a\u66f4\u7cbe\u786e\u4e9b\u3002\u4f46\u6c61\u70b9\u5206\u6790\u65b9\u6cd5\u6bd5\u7adf\u5b58\u5728\u8fc7\u5ea6\u6c61\u67d3(over-tainting)\u7684\u95ee\u9898\uff0c\u5bfc\u81f4\u7ed3\u679c\u5197\u4f59\u6bd4\u8f83\u4e25\u91cd\u3002

\u57fa\u4e8e\u6a21\u578b\u7684\u5206\u6790\u65b9\u6cd5\u5229\u7528AI\u7684\u4f18\u52bf\uff0c\u53ef\u4ee5\u7ed9\u51fa\u66f4\u6709\u8bed\u4e49\u4fe1\u606f\u7684root cause\uff0c\u5728\u4e00\u5b9a\u7a0b\u5ea6\u4e0a\u5e2e\u52a9\u5f00\u53d1\u4eba\u5458\u53bb\u5206\u6790\u3002\u4e0d\u8fc7\u6a21\u578b\u7684\u8bad\u7ec3\u4f9d\u8d56\u8bad\u7ec3\u96c6\u7684\u8d28\u91cf\uff0c\u5e76\u4e14\u53d7\u7a0b\u5e8f\u8bed\u4e49\u5f71\u54cd\u5f88\u5927\u3002\u5728\u4e0d\u540c\u9886\u57df\u4e4b\u95f4\u53ef\u80fd\u8fc1\u79fb\u6027\u4e0d\u662f\u5f88\u597d\uff0c\u6bd4\u5982\u6ca1\u6cd5\u5904\u7406\u4e00\u4e9b\u7279\u5b9a\u7684\u5bc6\u7801\u5b66\u51fd\u6570\u3002\u4e14\u4e3a\u5f85\u6d4b\u7a0b\u5e8f\u5efa\u7acb\u6a21\u578b\u6765\u63cf\u8ff0\u5176\u7ed3\u6784\u4e0e\u884c\u4e3a\u662f\u975e\u5e38\u590d\u6742\u3001\u8017\u65f6\u7684\u4e8b\u60c5

\u73b0\u6709\u7684\u8fd9\u4e9b\u65b9\u6cd5\u6709\u6ca1\u6709\u4ec0\u4e48\u666e\u904d\u5b58\u5728\u7684\u95ee\u9898\uff1f \u5728\u6700\u540e\u8bc4\u4f30\u9636\u6bb5(evaluation)\uff0c\u4e00\u822c\u5148\u901a\u8fc7\u624b\u5de5\u5206\u6790\u786e\u5b9a\u54ea\u4e9b\u6c47\u7f16\u6307\u4ee4\uff0c\u5982\u679c\u65b9\u6cd5\u8f93\u51fa\u7684\u6c47\u7f16\u6307\u4ee4\u96c6\u5408\u91cc\u5305\u542b\u8fd9\u4e9b\u6307\u4ee4\uff0c\u90a3\u4e48\u5c31\u8ba4\u4e3a\u662f\u53d1\u73b0\u4e86root cause\u3002\u4f46\u81ea\u52a8\u5316\u65b9\u6cd5\u6bd5\u7adf\u7f3a\u5c11\u4eba\u5de5\u53c2\u4e0e\uff0c\u7ed9\u51fa\u7684\u7ed3\u679c\u4e00\u5b9a\u662f\u4e0d\u51c6\u786e\u7684\u3002\u73b0\u6709\u7684\u5de5\u4f5c\u7684\u4e00\u4e2a\u4e3b\u6d41\u601d\u60f3\u5728\u4e8e\u201c\u65b9\u6cd5\u7ed9\u51fa\u7684\u96c6\u5408\u53ef\u4ee5\u5305\u542b\u65e0\u5173\u6307\u4ee4\uff0c\u4f46\u4e0d\u80fd\u7f3a\u5c11\u76f8\u5173\u6307\u4ee4\u201d\uff0c\u65e8\u5728\u63d0\u9ad8\u53ec\u56de\u7387(recall)\u3002\u56e0\u6b64\u5f80\u5f80\u7ed9\u51fa\u4e0eroot cause\u4e0d\u76f8\u5173\u7684\u6307\u4ee4\u3002\u4f46\u5b9e\u9645\u4e0a\uff0c\u5728\u6700\u540e\u7684\u4fee\u590d\u7aef\uff0c\u5982\u679c\u7ed9\u51fa\u4e0d\u76f8\u5173\u6307\u4ee4\u8fc7\u591a\uff0c\u90a3\u4e48\u4ecd\u7136\u9700\u8981\u5f00\u53d1\u8005\u53bb\u5206\u6790\uff0c\u4f9d\u65e7\u8017\u65f6\u8017\u529b\u3002

\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c9.43%\u5e0c\u671broot cause\u5728\u5206\u6790\u7ed3\u679c\u7684Top1\uff0c73.58%\u5bb9\u8bb8\u5728Top5\uff0c15.09%\u5bb9\u8bb8\u5728Top10\u3002\u6240\u4ee5\u7ea698%\u7684\u60c5\u51b5\u4e0b\u9700\u8981\u5728Top10\u5185\u7ed9\u51fa\u7ed3\u679c\u3002\u5c31\u5206\u6790\u51c6\u786e\u5ea6\u4e0e\u5f00\u53d1\u4eba\u5458\u6ee1\u610f\u5ea6\u800c\u8a00\uff0c\u5982\u679cRCA\u5de5\u5177\u51c6\u786e\u5ea6\u8fbe90%\uff0c\u6ee1\u610f\u5ea6\u51e0\u4e4e\u8fbe\u5230100%\u4e86\u3002\u51c6\u786e\u5ea6\u4f4e\u4e8e20%\u65f6\u53ea\u670912%\u63a5\u53d7\uff0c\u5982\u679c\u6ee1\u610f\u5ea6\u8fbe50%\u300175%\u300190%\uff0c\u51c6\u786e\u5ea6\u9700\u8981\u5206\u522b\u8fbe\u523050%\u300175%\u300185%\uff08\u4f46\u662f\u539f\u6587\u8bf490%\uff09\u3002

\u76ee\u524d\u7684\u7edd\u5927\u90e8\u5206RCA\u5206\u6790\u7684\u5de5\u4f5c\u7684\u8f93\u51fa\u662f\u4e24\u7c7b\uff1aranked list\u548csuspicious set\u3002\u4f46\u4e24\u8005\u90fd\u5b58\u5728\u7684\u95ee\u9898\u662f\u4ec5\u4ec5\u9ad8\u4eae\u4e86\u53ef\u80fd\u5b58\u5728bug\u7684\u5143\u7d20\uff0c\u800c\u7f3a\u4e4f\u4e00\u4e9brational\u7684\u5206\u6790\u3002

"},{"location":"rca/#\u4e0d\u540c\u7684\u5206\u6790\u7c92\u5ea6\u7684\u4f18\u52bf","title":"\u4e0d\u540c\u7684\u5206\u6790\u7c92\u5ea6\u7684\u4f18\u52bf","text":"

\u57fa\u4e8e\u6587\u4ef6\u7c92\u5ea6\u7684RCA\u5de5\u4f5c\uff08\u6bd4\u5982Scaffle\uff09\u5e0c\u671b\u627e\u5230\u5305\u542b\u767e\u4e07\u7ea7\u540c\u8d28\u4ee3\u7801\u5e93\u4e2d\u54ea\u4e9b\u6587\u4ef6\u548ccrash\u6709\u5173\u3002\u5728\u6b64\u57fa\u7840\u4e0a\u8ba9\u5bf9\u5e94\u7684\u5de5\u7a0b\u5e08\u56e2\u961f\u53bb\u5904\u7406bug\uff0c\u6709\u5229\u4e8e\u5927\u578b\u7ec4\u7ec7\u7ba1\u7406\u3002

\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c\u5f00\u53d1\u8005\u5bf9\u7c92\u5ea6\u7684top3\u671f\u671b\u4f9d\u6b21\u662f\u65b9\u6cd5\u7ea7\u522b\u3001\u8bed\u53e5\u7ea7\u522b\u3001\u57fa\u672c\u5757\u7ea7\u522b\uff0c\u4e0d\u8fc7\u5bf9\u8fd9\u4e09\u79cd\u7c92\u5ea6\u7684\u503e\u5411\u4e4b\u95f4\u6ca1\u6709\u660e\u663e\u5dee\u5f02\u3002\u800c\u5f53\u65f6\u6bd4\u8f83\u591a\u7684\u65b9\u6cd5\u662f\u8bed\u53e5\u7ea7\u522b\u7684

"},{"location":"rca/#\u5206\u6790\u65f6\u95f4\u5f00\u9500","title":"\u5206\u6790\u65f6\u95f4\u5f00\u9500","text":"

\u6839\u636e\u91c7\u7528\u7684\u7b56\u7565\u4e0d\u540c\uff0cRCA\u4e4b\u95f4\u7684\u65f6\u95f4\u5f00\u9500\u5dee\u5f02\u53ef\u80fd\u8fbe\u4e24\u4e2a\u6570\u91cf\u7ea7\u3002\uff08\u79d2\u7ea7-\u5206\u949f\u7ea7-\u5c0f\u65f6\u7ea7\uff09\u3002

\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c90%\u5f00\u53d1\u8005\u63a5\u53d71min\u4ee5\u5185\u7684\u5206\u6790\uff0c\u4e0d\u52309%\u5f00\u53d1\u8005\u63a5\u53d7\u8d85\u8fc71h\u7684\u5206\u6790\u300250%\u5f00\u53d1\u8005\u5927\u6982\u572830min\u4ee5\u5185\u3002

"},{"location":"rca/#\u4e00\u4e9b\u60f3\u6cd5","title":"\u4e00\u4e9b\u60f3\u6cd5","text":"
  1. \u4ec0\u4e48\u662f\u6f0f\u6d1e\u7684\u6839\u672c\u539f\u56e0\uff1f\u5047\u5982\u51fd\u6570A\u5185\u521b\u5efa\u4e34\u65f6\u53d8\u91cfx\u5e76\u8c03\u7528\u51fd\u6570B(x)\uff0c\u5728B\u5185\u5f15\u53d1crash\uff0c\u90a3\u4e48\u5e94\u8be5\u5f52\u548e\u4e3aA\u6ca1\u6709\u5904\u7406x\u5462\uff0c\u8fd8\u662fB\u6ca1\u6709\u68c0\u67e5x\u5462\uff1f\u8fd9\u662fAPI\u5b9e\u73b0\u7684\u95ee\u9898\uff0c\u8fd8\u662fAPI\u8bef\u7528\u7684\u95ee\u9898\uff1f(\u5f00\u53d1\u8005or\u7528\u6237)
  2. \u5bf9\u4e8e\u67d0\u4e00\u4e2acrash\uff0c\u5982\u679c\u5f00\u53d1\u4eba\u5458\u8fdb\u884c\u4e86\u4fee\u590d\uff0c\u90a3\u4e48\u8fd9\u4e2a\u4fee\u590d\u80fd\u62ff\u6765\u5f53root cause\u5417\uff1f\u4e0d\u540c\u5f00\u53d1\u4eba\u5458\u4fee\u590d\u7684\u98ce\u683c\u53ef\u80fd\u4e0d\u4e00\u6837\uff0c\u4fee\u590d\u4e5f\u672a\u5fc5\u662f\u5b8c\u5168\u7684\uff0croot cause\u5c31\u662f\u4e00\u4e2a\u4e3b\u89c2\u7684\u95ee\u9898\u4e86\u3002
"},{"location":"rca/#\u76f8\u5173\u8bba\u6587\u7684\u4e00\u4e9b\u53d1\u73b0\u7591\u95ee","title":"\u76f8\u5173\u8bba\u6587\u7684\u4e00\u4e9b\u53d1\u73b0\uff08\u7591\u95ee\uff09","text":""},{"location":"rca/#\u53c2\u8003\u6587\u732e","title":"\u53c2\u8003\u6587\u732e","text":"

\u4ee5\u4e0a\u5185\u5bb9\u4ec5\u4ee3\u8868\u4e2a\u4eba\u89c2\u70b9\uff0c\u4e0d\u5b9a\u671f\u66f4\u65b0\uff0c\u6b22\u8fce\u8ba8\u8bba

"},{"location":"readings/","title":"\u6587\u7ae0\u9605\u8bfb","text":"

\u7ea6 156 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 1 \u5206\u949f

"},{"location":"readings/#\u7efc\u5408\u6027\u77e5\u8bc6\u5b66\u4e60","title":"\u7efc\u5408\u6027\u77e5\u8bc6\u5b66\u4e60","text":""},{"location":"readings/#\u4f1a\u8bae\u603b\u7ed3","title":"\u4f1a\u8bae\u603b\u7ed3","text":""},{"location":"readings/#\u8f6f\u4ef6\u4f9b\u5e94\u94fe","title":"\u8f6f\u4ef6\u4f9b\u5e94\u94fe","text":""},{"location":"readings/#\u5927\u6a21\u578b","title":"\u5927\u6a21\u578b","text":""},{"location":"readings/#google","title":"Google","text":""},{"location":"readings/#\u7f16\u7a0b\u8bed\u8a00","title":"\u7f16\u7a0b\u8bed\u8a00","text":""},{"location":"readings/#\u78e8\u5200\u4e0d\u8bef\u780d\u67f4\u5de5","title":"\u78e8\u5200\u4e0d\u8bef\u780d\u67f4\u5de5","text":""},{"location":"reverse-advanced/","title":"\u9006\u5411\u9ad8\u9636","text":"

\u7ea6 59 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"reverse-advanced/#windows\u9006\u5411\u6280\u672f\u6982\u5ff5","title":"Windows\u9006\u5411\u6280\u672f\u6982\u5ff5","text":"

DLL\u6ce8\u5165\uff0cWindows\u6d88\u606f\u94a9\u53d6\uff0cDLL\u5378\u8f7d\uff0c\u4ee3\u7801\u6ce8\u5165\uff0cAPI\u94a9\u53d6\uff0c\u8fdb\u7a0b\u9690\u85cf\uff0cIE\u8fde\u63a5\u63a7\u5236\uff0cTLS\u56de\u8c03\u51fd\u6570\uff0cTEB\uff0cPEB\uff0cSEH\uff0cIA-32\uff0c\u53cd\u8c03\u8bd5\uff08\u9759\u6001\u3001\u52a8\u6001\uff09\uff0cPE\u955c\u50cf\uff0cDebug Blocker

"},{"location":"reverse-basic/","title":"\u9006\u5411\u57fa\u7840","text":"

\u7ea6 1078 \u4e2a\u5b57 10 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 5 \u5206\u949f

\u9006\u5411\u51fd\u6570\u65f6\uff0c\u8981\u63d0\u524d\u9884\u6d4b\u4e0b\u51fd\u6570\u5b9e\u73b0\u673a\u5236\uff0c\u4ee5\u8282\u7701\u65f6\u95f4\u3002\u8981\u660e\u767d\u54ea\u4e9b\u90e8\u5206\u5c5e\u4e8e\u7a0b\u5e8f\u7279\u6709\u7684\u5b9e\u73b0\uff0c\u54ea\u4e9b\u90e8\u5206\u5c5e\u4e8e\u7b2c\u4e09\u65b9\u7684\u5e93\uff0c\u4e0d\u8981\u968f\u4fbf\u8fdb\u5230\u7b2c\u4e09\u65b9\u5e93\u6216\u8005\u5e95\u5c42API\u91cc\u9762\u5206\u6790\u3002

"},{"location":"reverse-basic/#\u8c03\u7528\u7ea6\u5b9a","title":"\u8c03\u7528\u7ea6\u5b9a","text":"

cdecl\uff08C\u9ed8\u8ba4\uff09\u7531caller\u8d1f\u8d23\u6e05\u7406\u6808\u4e0a\u4f20\u5165\u53c2\u6570\u3002

stdcall\u7531callee\u8d1f\u8d23\u6e05\u7406\u6808\u4e0a\u4f20\u5165\u53c2\u6570\uff08Win32API\uff09\uff0c\u88ab\u8c03\u51fd\u6570\u8fd4\u56de\u65f6\u4f7f\u7528RETN X\u6765\u9000\u51fa\uff0c\u76f8\u5f53\u4e8eRETN\u3001POP X\u3002\u6bd4\u5982\u9000\u4e24\u4e2a\u53c2\u6570\uff0c\u5c31RETN 8\u3002

fastcall\u4e3a\u4e86\u63d0\u9ad8\u901f\u5ea6\uff0c\u5206\u522b\u4f7f\u7528ECX\u3001EDX\u4f20\u9012\u524d\u4e24\u4e2a\u53c2\u6570\uff0c\u66f4\u591a\u53c2\u6570\u8fd8\u662f\u4f7f\u7528\u5185\u5b58\u3002 \u4f20\u53c2\u65f6\u90fd\u662f\u4ece\u53f3\u5411\u5de6\u4ee5\u6b64\u538b\u5165\u6808\u4e2d\u3002

"},{"location":"reverse-basic/#\u4e00\u4e9b\u5e38\u89c1\u6c47\u7f16\u64cd\u4f5c\u7b26","title":"\u4e00\u4e9b\u5e38\u89c1\u6c47\u7f16\u64cd\u4f5c\u7b26","text":"

call \u5305\u62ec\u4fdd\u5b58\u8fd4\u56de\u5730\u5740\u3001IP\u8df3\u8f6c

retn \u5373pop EIP

test \u76f8\u5f53\u4e8eAND\uff0c\u4f46\u662f\u4e0d\u6539\u53d8\u666e\u901a\u5bc4\u5b58\u5668\u7684\u503c\uff0c\u53ea\u4fee\u6539EFLAGS\u5bc4\u5b58\u5668

"},{"location":"reverse-basic/#nop\u6307\u4ee4\u7684\u7528\u9014","title":"NOP\u6307\u4ee4\u7684\u7528\u9014","text":"

NOP\u6307\u4ee4\u901a\u5e38\u7528\u4e8e\u63a7\u5236\u65f6\u5e8f\u7684\u76ee\u7684\uff0c\u5f3a\u5236\u5185\u5b58\u5bf9\u9f50\uff0c\u9632\u6b62\u6d41\u6c34\u7ebf\u707e\u96be\uff0c\u5360\u636e\u5206\u652f\u6307\u4ee4\u5ef6\u8fdf\uff0c\u6216\u662f\u4f5c\u4e3a\u5360\u4f4d\u7b26\u4ee5\u4f9b\u7a0b\u5e8f\u7684\u6539\u5584\uff08\u6216\u66ff\u4ee3\u88ab\u79fb\u9664\u7684\u6307\u4ee4\uff09\u3002

"},{"location":"reverse-basic/#\u51fd\u6570\u6267\u884c\u6808\u5e27\u63a8\u65ad","title":"\u51fd\u6570\u6267\u884c\u6808\u5e27\u63a8\u65ad","text":"

\u51fd\u6570\u5185\u90e8\u4e00\u822c\u5148\u4f1a\u6267\u884c\u4ee5\u4e0b\u4e24\u6761\u6307\u4ee4\uff1a

push ebp\nmov ebp,esp\n

\u53ef\u4ee5\u89c2\u5bdfebp\u548cesp\u7684\u4fee\u6539\u60c5\u51b5\u63a8\u65ad\u51fd\u6570\u6808\u5e27

"},{"location":"reverse-basic/#\u540d\u79f0\u4fee\u9970","title":"\u540d\u79f0\u4fee\u9970","text":"

\u540d\u79f0\u4fee\u9970\uff08name mangling\uff0cname decoration\uff09\uff0c\u7528\u6765\u89e3\u51b3\u6807\u5fd7\u7b26\u7684\u552f\u4e00\u547d\u540d\u95ee\u9898\u3002\u6bd4\u5982\u5728\u4e0d\u540c\u7684\u547d\u540d\u7a7a\u95f4\u5b9e\u73b0\u76f8\u540c\u540d\u79f0\u7684\u51fd\u6570\uff0c\u8fd9\u4e2a\u51fd\u6570\u5728\u600e\u4e48\u8868\u793a\u5462\uff1f\u540d\u79f0\u4fee\u9970\u6280\u672f\u7528\u6765\u751f\u6210\u552f\u4e00\u7684\u6807\u5fd7\u7b26\uff0c\u4fdd\u7559\u547d\u540d\u7a7a\u95f4\u3001\u51fd\u6570\u540d\u3001\u7ed3\u6784\u4f53\u540d\u3001\u7c7b\u540d\u4ee5\u53ca\u53c2\u6570\u7c7b\u578b\u7b49\u7b49\u4fe1\u606f\u3002\u540d\u79f0\u4fee\u9970\u548c\u8c03\u7528\u7ea6\u5b9a\u3001\u7f16\u8bd1\u5668\u6709\u5173\uff0c\u5e94\u7528\u6700\u5e7f\u6cdb\u7684\u662fC++\u7684\u4ee3\u7801\uff08\u5c24\u5176\u662f\u6df7\u5408C\u7f16\u8bd1\u65f6\uff09\u3002\u6bd4\u5982_ZN9wikipedia7article6formatEv\u53ef\u4ee5\u7528\u6765\u8868\u793a\uff1a

namespace wikipedia\n{\n    class article\n    {\n        public:\n        std::string format();\n    }\n}\n

\u5176\u4e2d_Z\u662f\u5f00\u5934\uff08\u4e0b\u5212\u7ebf+\u5927\u5199\u5b57\u6bcd\u5728C\u4e2d\u662f\u4fdd\u7559\u7684\u6807\u5fd7\u7b26\uff0c\u907f\u514d\u51b2\u7a81\uff09\uff0cN\u8868\u793a\u662f\u5d4c\u5957\u6709\u547d\u540d\u7a7a\u95f4\u548c\u7c7b\u540d\uff0c\u968f\u540e\u7684\u6570\u5b57+\u5b57\u6bcd\u4e2d\uff0c\u6570\u5b57\u8868\u793a\u957f\u5ea6\uff0c\u5b57\u6bcd\u8868\u793a\u540d\u79f0\uff0c\u5e76\u4ee5E\u7ed3\u675f\u3002\u4e4b\u540e\u7684\u53c2\u6570\u8868\u793a\u51fd\u6570\u7684\u53c2\u6570\u7c7b\u578b\uff0cv\u4e3avoid\u3002

"},{"location":"reverse-basic/#pe\u6587\u4ef6","title":"PE\u6587\u4ef6","text":"

PE\uff08Portable Execution\uff09\u6587\u4ef6\u662fWindows\u7cfb\u7edf\u4f7f\u7528\u7684\u53ef\u6267\u884c\u6587\u4ef6\u683c\u5f0f\u3002

"},{"location":"reverse-basic/#pe\u6587\u4ef6\u7684\u6570\u636e\u8282","title":"PE\u6587\u4ef6\u7684\u6570\u636e\u8282","text":"

#pragma data_seg()\u53ef\u4ee5\u5c06\u4ee3\u7801\u4efb\u610f\u90e8\u5206\u7f16\u8bd1\u5230PE\u6587\u4ef6\u4efb\u610f\u8282\uff0c\u8282\u540d\u4e5f\u53ef\u4ee5\u81ea\u5b9a\u4e49\u3002

"},{"location":"reverse-basic/#\u9759\u6001\u94fe\u63a5\u5e93\u4e0e\u52a8\u6001\u94fe\u63a5\u5e93","title":"\u9759\u6001\u94fe\u63a5\u5e93\u4e0e\u52a8\u6001\u94fe\u63a5\u5e93","text":"

\u9759\u6001\u5e93\u7684\u62d3\u5c55\u540d\u4e3a.a\u6216.lib\uff1b\u52a8\u6001\u5e93\u7684\u62d3\u5c55\u540d\u4e00\u822c\u4e3a.so\u6216.dll

\u9759\u6001\u5e93\u7f16\u8bd1\u65f6\u76f4\u63a5\u6574\u5408\u5230\u76ee\u6807\u7a0b\u5e8f\u4e2d\uff0c\u7f16\u8bd1\u6210\u529f\u540e\u7684\u53ef\u6267\u884c\u6587\u4ef6\u53ef\u4ee5\u72ec\u7acb\u8fd0\u884c\uff1b\u52a8\u6001\u5e93\u7f16\u8bd1\u65f6\u53ef\u6267\u884c\u7a0b\u5e8f\u65e0\u6cd5\u72ec\u7acb\u8fd0\u884c

\u9759\u6001\u5e93\u66f4\u65b0\u540e\u9700\u8981\u66f4\u65b0\u6574\u4e2a\u76ee\u6807\u7a0b\u5e8f\uff1b\u52a8\u6001\u5e93\u66f4\u65b0\u540e\u53ea\u9700\u66f4\u6362\u65b0\u7684\u52a8\u6001\u5e93\u5373\u53ef

\u9759\u6001\u5e93\u7f16\u8bd1\u547d\u4ee4\uff1agcc -c xx.c -o xx.o\uff0car crs libxx.a xx.o\uff1b\u52a8\u6001\u5e93\u7f16\u8bd1\u547d\u4ee4\uff1agcc xx.c -o libxx.so -shared -fPIC\u5176\u4e2d-fPIC\u8868\u793a\u4f7f\u7528\u76f8\u5bf9\u4f4d\u7f6e

"},{"location":"reverse-basic/#gdb","title":"gdb","text":"

\u6dfb\u52a0\u591a\u4e2a\u7b26\u53f7\u8868add-symbol-file xxx addr\u5176\u4e2daddr\u662f\u4ee3\u7801\u6bb5\u8d77\u59cb\u5730\u5740\uff0cxxx\u53ef\u4ee5\u4e3asym\u6587\u4ef6\uff0c\u6216elf\u6587\u4ef6\u7b49\u3002\u53d8\u5f02\u65f6\u9700\u8981\u52a0\u4e0a-g\u4fdd\u7559\u7b26\u53f7\u8868(\u6307\u5b9a\u5177\u4f53\u683c\u5f0f\u5982-g2 -gdwarf-2)\uff0c\u53ef\u4ee5\u9010\u4e2a\u4f7f\u7528add-symbol-file\uff0c\u90fd\u6dfb\u52a0\u8fdb\u53bb\u3002

\u4f7f\u7528ulimit -c unlimited\u8bbe\u7f6e\u4e0d\u9650\u5236coredump\u6587\u4ef6\u5927\u5c0f\uff0c\u7136\u540eroot\u7528\u6237echo \"core-%e-%p\" > /proc/sys/kernel/core_pattern\u8bbe\u7f6e\u4fdd\u7559\u7a0b\u5e8f\u540d\u3001pid\uff0c\u5219\u5bf9\u4e8e\u7f16\u8bd1\u65f6\u6dfb\u52a0\u4e86-g\u9009\u9879\u7684\u7a0b\u5e8f\uff0c\u5176\u5d29\u6e83\u4ea7\u751f\u7684coredump\u6587\u4ef6\u53ef\u4ee5\u4f7f\u7528gdb <\u7a0b\u5e8f\u540d> <coredump\u6587\u4ef6\u540d>\u6765\u5bfb\u627eroot cause\u3002gdb\u5185\u7528where\u67e5\u770b\u8c03\u7528\u6808\u3002

"},{"location":"reverse-basic/#\u63a8\u8350\u9605\u8bfb","title":"\u63a8\u8350\u9605\u8bfb","text":"

Linux \u9759\u6001\u5e93 \u7f16\u8bd1\u548c\u4f7f\u7528 Linux \u52a8\u6001\u5e93 \u7f16\u8bd1\u548c\u4f7f\u7528 Makefile\u5165\u95e8 Makefile\u5b98\u65b9\u6587\u6863 coredump\u6587\u4ef6\u57fa\u7840\u7528\u6cd5

"},{"location":"sci-thoughts/","title":"\u79d1\u7814\u5fc3\u5f97","text":"

\u7ea6 508 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 2 \u5206\u949f

"},{"location":"sci-thoughts/#\u517b\u6210\u4e60\u60ef","title":"\u517b\u6210\u4e60\u60ef","text":"

\u65f6\u95f4\u8fc7\u5f97\u603b\u662f\u975e\u5e38\u5feb\u7684\u3002\u5fd9\u7740\u505a\u4e00\u4e2a\u8bfe\u9898\uff0c\u53ef\u80fd\u6bcf\u5929\u611f\u89c9\u4e0d\u5230\u6709\u4ec0\u4e48\u8fdb\u5c55\u5462\uff0c\u534a\u5e74\u4e00\u5e74\u5c31\u8fc7\u53bb\u4e86\u3002\u5982\u679c\u6709\u8fd9\u79cd\u60f3\u6cd5\uff0c\u591a\u534a\u662f\u6ca1\u505a\u597d\u89c4\u5212\uff0c\u50cf\u4e2a\u65e0\u5934\u82cd\u8747\u4e00\u6837\u4e1c\u95ef\u897f\u649e\u3002

\u611f\u89c9\u6709\u4e24\u4e2a\u4e60\u60ef\u662f\u5fc5\u987b\u517b\u6210\u7684\uff0c\u4e00\u662f\u8bfb\u8bba\u6587\u8981\u601d\u8003\u95ee\u9898\u4e0e\u610f\u4e49\uff1a\u770b\u5230\u9898\u76ee\u548c\u6458\u8981\uff0c\u601d\u8003\u8fd9\u7bc7\u6587\u7ae0\u5e0c\u671b\u89e3\u51b3\u4ec0\u4e48\u95ee\u9898\u3001\u8fd9\u4e2a\u95ee\u9898\u6709\u4ec0\u4e48\u4ef7\u503c\u3001\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\u6709\u4ec0\u4e48\u601d\u8def\u3001\u4f1a\u9047\u5230\u54ea\u4e9b\u666e\u904d\u4e0e\u7279\u6b8a\u7684\u6311\u6218\uff0c\u4ee5\u53ca\u6587\u7ae0\u57fa\u4e8e\u54ea\u4e9b\u5047\u8bbe\u5e76\u4e14\u4f1a\u8bd5\u56fe\u907f\u800c\u4e0d\u8c08\u7684\u7f3a\u9677\uff1b\u4e8c\u662f\u6bcf\u5929\u8fdb\u884c\u603b\u7ed3\u4e0e\u5f52\u7eb3\uff0c\u601d\u8003\u4e00\u5929\u5230\u5e95\u6709\u4ec0\u4e48\u8fdb\u5c55\uff0c\u51dd\u7ec3\u603b\u7ed3\u6210\u6587\u5b57\u6216ppt\u8bb2\u7a3f\u3002\u6bcf\u5929\u5149\u770b\u4e0d\u603b\u7ed3\uff0c\u7b49\u4e8e\u767d\u770b\uff01\u5e73\u65f6\u5bf9\u5404\u79cd\u95ee\u9898\u5c31\u8981\u6709\u6240\u51c6\u5907\u4e0e\u601d\u8003\uff0c\u4e0d\u8981\u522b\u4eba\u95ee\u8d77\u7684\u65f6\u5019\u5c31\u6577\u884d\u5730\u7ed9\u4e00\u4e2a\u56de\u7b54\uff0c\u6ca1\u6709\u610f\u4e49\u3002

\u65e9\u4e0a\u5199todo list\uff0c\u665a\u4e0a\u5199done list\uff0c\u770b\u770b\u8fd9\u4e00\u5929\u8fdb\u5c55\u5982\u4f55\u3002\u662f\u5426\u6709\u6ca1\u505a\u5b8c\u7684\u4e8b\u60c5\uff0c\u662f\u5426\u6709\u5206\u5fc3\u505a\u4e86\u522b\u7684\u4e8b\u60c5\uff0c\u660e\u5929\u5982\u4f55\u89c4\u5212\u65f6\u95f4\u2026\u2026\u5bf9\u81ea\u5df1\u6bcf\u5929\u3001\u6bcf\u5468\u3001\u6bcf\u6708\u80fd\u505a\u7684\u4e8b\u60c5\u6709\u6e05\u695a\u7684\u8ba4\u8bc6\uff0c\u4e0d\u76f2\u76ee\u81ea\u5927\u4e5f\u4e0d\u5984\u81ea\u83f2\u8584\u3002

\u505a\u4efb\u4f55\u4e8b\u90fd\u8981\u7ed9\u4e00\u4e2a\u6e05\u6670\u7684ddl\uff0c\u7763\u4fc3\u5c3d\u5feb\u5b8c\u6210\u4e0d\u8981\u62d6\u6c93\u3002\u53e6\u4e00\u65b9\u9762\u662f\u4e3a\u4e86\u9650\u5236\u601d\u8003\uff0c\u8981\u96c6\u4e2d\u3001\u5feb\u901f\uff0c\u4e0d\u8981\u6f2b\u65e0\u76ee\u7684\u5730\u53d1\u6563\u3002\u6bd4\u5982\u8bfb\u8bba\u6587\u524d\u601d\u8003\u8fd9\u7bc7\u6587\u7ae0\u9700\u8981\u89e3\u51b3\u7684\u6311\u6218\u65f6\uff0c\u9650\u5b9a\u57283min\u4e4b\u5185\uff0c\u8d85\u65f6\u4ee5\u540e\u65e0\u8bba\u662f\u5426\u60f3\u5230\u591a\u5c11\u90fd\u8981\u505c\u4e0b\u6765\u3002\u4e5f\u53ef\u4ee5\u6709\u6548\u907f\u514d\u5206\u5fc3\u3002

"},{"location":"sci-thoughts/#\u79d1\u7814\u5199\u4f5c","title":"\u79d1\u7814\u5199\u4f5c","text":"

\u79d1\u7814\u5199\u4f5c\u9700\u8981\u7cfb\u7edf\u7684\u8bad\u7ec3\u3002\u6bcf\u5929\u6109\u5feb\u5730\u8bfb\u3001\u5199\u4e00\u5c0f\u65f6\uff0c\u957f\u671f\u575a\u6301\uff0c\u53eb\u505a\u201cread and write\u201d\u3002

\u5199\u6587\u7ae0\u8981\u5f04\u6e05\u695a\u8bfb\u8005\u90fd\u662f\u540c\u4e13\u4e1a\u7684\u4eba\uff0c\u56e0\u6b64\u8981\u4f53\u73b0\u51fa\u4e13\u4e1a\u6027\u4e0e\u79d1\u5b66\u6027\u3001\u7cbe\u786e\u6027\u3001\u7b80\u6d01\u6027\u3001\u903b\u8f91\u6027\u3002

"},{"location":"sentence-templates/","title":"\u60c5\u666f\u6a21\u677f","text":"

\u7ea6 468 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 2 \u5206\u949f

\u63d0\u51fa\u672c\u6587\u5de5\u4f5c\uff1a

\u4ecb\u7ecd\u67d0\u4e00\u6d41\u7a0b\u5728\u6574\u4f53\u7cfb\u7edf\u4e2d\u7684\u4f5c\u7528\uff1a

\u8bf4\u660e\u67d0\u4e00\u6b65\u9aa4\u5e76\u975e\u7b80\u5355\u7684\uff1a

\u51dd\u7ec3\u672c\u6587\u5b9e\u9a8c\u6548\u679c\uff1a

\u63d0\u51fa\u672c\u6587novelty\uff1a

\u63d0\u51fa\u672c\u6587insight\uff1a

\u51c6\u5907\u5f00\u59cb\u4ecb\u7ecd\u6280\u672f\u7ec6\u8282\uff1a

\u8bf4\u76ee\u524d\u7684\u5de5\u4f5c\u7814\u7a76\u7684\u4e3b\u8981\u5185\u5bb9\u53d7\u9650\u3001\u522b\u7684\u65b9\u6cd5\u5b58\u5728\u95ee\u9898\uff1a

\u4e00\u4e9b\u5de5\u4f5c\u7ec6\u8282\uff1a

"},{"location":"tech-sslh/","title":"sslh \u9605\u8bfb\u7b14\u8bb0","text":"

\u7ea6 1131 \u4e2a\u5b57 99 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 14 \u5206\u949f

\u6700\u8fd1\u5728\u8bfbsslh\u7684\u6e90\u7801\uff0c\u611f\u89c9\u8fd8\u662f\u6bd4\u8f83\u6709\u610f\u601d\u7684\u3002\u4e4b\u524d\u5728\u7aef\u53e3\u590d\u7528\u91cc\u9762\u7b80\u5355\u63d0\u4e86\u4e0bsslh\u7684\u7528\u6cd5\uff0c\u4f46\u662f\u5728\u5b9e\u8df5\u4e2d\u8e29\u4e86\u4e0d\u5c11\u5751\uff0c\u6240\u4ee5\u628a\u6e90\u7801\u62ff\u6765\u8bfb\u4e00\u8bfb\uff0c\u770b\u770b\u5185\u90e8\u7684\u7ed3\u6784\u3002

sslh\u4f3c\u4e4e\u662f\u4f7f\u7528\u7b2c\u4e00\u4e2a\u6570\u636e\u5305\u4fdd\u5b58\u7684\u534f\u8bae\u4fe1\u606f\uff0c\u4e3a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u5bf9\u5e94\u670d\u52a1\u5efa\u7acb\u8fde\u63a5\u3002\u540e\u7eed\u6570\u636e\u5305\u4e0d\u518d\u9700\u8981\u68c0\u67e5\u534f\u8bae\u4e86\u3002

"},{"location":"tech-sslh/#\u4fbf\u6377\u4e0a\u624b","title":"\u4fbf\u6377\u4e0a\u624b","text":"
apt install sslh # \u4f46\u6700\u597d\u8fd8\u662f\u4ece\u6e90\u7801make install\uff0c\u7528\u6700\u65b0\u7248\u672c\uff1b\u53c2\u8003\u4ed3\u5e93\u7684INSTALL\u5b89\u88c5\u5bf9\u5e94\u7684C\u5e93\nvi /etc/default/sslh\nsystemctl start sslh\n

\u4f3c\u4e4ecfg\u6587\u4ef6\u91cc\u548ccommand line\u4f1a\u6709\u51b2\u7a81\u3002\u6240\u4ee5commandline\u7528-F /etc/sslh/sslh.cfg\uff08\u6ca1\u6709\u5219\u65b0\u5efa\u4e00\u4e2a\uff09\u6307\u5b9a\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u4e0d\u8981\u6709\u548ccommand\u91cd\u590d\u7684\u5185\u5bb9\u3002\u53ea\u653eprotocols\u5dee\u4e0d\u591a\u5c31\u5f97\u4e86\u3002\u6bd4\u8f83\u597d\u7528\u7684\u662f\u6b63\u5219\u548ctls\u4e2d\u6839\u636ealpn\u548csni\u6765\u5339\u914d\u3002

\u4e0b\u9762\u662f\u5b8c\u6574\u7684\u914d\u7f6e\u6587\u4ef6\u7684\u4e00\u4e2a\u4f8b\u5b50\uff0c\u5982\u679c\u6570\u636e\u5305\u5305\u542b\u201dOK1\u201d\u6216\u8005\u201dOK2\u201d\uff0c\u5219\u4f1a\u88ab\u8f6c\u53d1\u5230127.0.0.1:1234\u3002\u5176\u4e2d\u7684name\u5b57\u6bb5\u8868\u793a\u8fd9\u6761\u534f\u8bae\u5728sslh\u542f\u52a8\u540e\u600e\u4e48\u914d\u7f6e\uff0c\u5e38\u89c1\u7684\u6bd4\u5982regex\u3001ssh\u3001tls\u3001http\u3002

\u6ce8\u610f\uff0c\u6700\u540e\u4e00\u6761\u534f\u8bae\u7684\u5206\u53f7\u540e\u9762\u4e0d\u52a0\u9017\u53f7\u3002

protocols:\n(\n    { name: \"regex\"; host: \"127.0.0.1\"; port: \"1234\"; regex_patterns: [ \"OK1\", \"OK2\" ]; }\n);\n
"},{"location":"tech-sslh/#sslh\u7a0b\u5e8f\u542f\u52a8\u5165\u53e3\u4e0e\u521d\u59cb\u5316","title":"sslh\u7a0b\u5e8f\u542f\u52a8\u5165\u53e3\u4e0e\u521d\u59cb\u5316","text":"

\u9ed8\u8ba4\u6700\u7b80\u5355\u7684\u542f\u52a8\u65b9\u5f0f\u7684\u5165\u53e3\u5728sslh-main.c\u7684main\u51fd\u6570\uff0c\u4e5f\u5373\u7a0b\u5e8f\u7684\u4e3b\u4f53\u903b\u8f91\u3002\u4e00\u4e9b\u5173\u952e\u6b65\u9aa4\uff1a

  1. \u8c03\u7528sslhcfg_cl_parse\u51fd\u6570\uff0c\u6839\u636e\u547d\u4ee4\u884c\u53c2\u6570\u548c\u914d\u7f6e\u6587\u4ef6\uff0c\u505a\u4e00\u4e2a\u7f13\u51b2
  2. \u8c03\u7528config_protocols\u5b8c\u6210\u8f6c\u53d1\u89c4\u5219\u7684\u521d\u59cb\u5316\uff0c\u5185\u90e8\u8c03\u7528\u7684get_probe\u662f\u7ed9\u52a0\u8f7d\u4e86\u534f\u8bae\u7684\u914d\u7f6e\u89c4\u5219
  3. \u8c03\u7528start_listen_sockets\u5f00\u59cb\u76d1\u542csockets
  4. \u8c03\u7528main_loop\u8fdb\u5165\u4e3b\u5faa\u73af\uff0c\u9ed8\u8ba4\u4e3asslh-fork\u7684main_loop\u51fd\u6570

\u9ed8\u8ba4\u4f7f\u7528tcp\u3002main_loop\u51fd\u6570\u4e2d\uff0c\u5bf9\u76d1\u542c\u7684\u6bcf\u4e2asockets\u8fdb\u884cfork\uff0c\u6bcf\u4e2a\u5b50\u8fdb\u7a0b\u6267\u884ctcp_listener\uff0c\u5728\u8fd9\u4e9b\u5b50\u8fdb\u7a0b\u4e2daccept\u5bf9\u5e94\u7684\u8fde\u63a5\u3002\u8fd9\u4e9b\u5b50\u8fdb\u7a0b\u5c06\u7ee7\u7eedfork\u51fa\u5b50\u8fdb\u7a0b\uff0c\u6267\u884cstart_shoveler\uff0c\u5b9e\u73b0\u771f\u6b63\u7684\u529f\u80fd\u3002

"},{"location":"tech-sslh/#\u534f\u8bae\u8bc6\u522b","title":"\u534f\u8bae\u8bc6\u522b","text":"

\u5b50\u8fdb\u7a0b\u901a\u8fc7probe_client_protocol\u6765\u786e\u5b9a\u6570\u636e\u5305\u662f\u4ec0\u4e48\u534f\u8bae\uff0c\u5e76\u6839\u636e\u5bf9\u5e94\u7684\u89c4\u5219\u5b9e\u73b0\u7aef\u53e3\u8f6c\u53d1\u3002\u8fd9\u4e00\u51fd\u6570\u4e0d\u65ad\u8fdb\u884c\u8c03\u7528\uff0c\u6700\u540e\u5728probe_buffer\u51fd\u6570\u4e2d\u904d\u5386\u4e4b\u524d\u914d\u7f6e\u7684\u6bcf\u4e2a\u534f\u8bae\u89c4\u8303\uff08\u627e\u5230\u5339\u914d\u5219\u505c\u6b62\uff0c\u6240\u4ee5\u914d\u7f6e\u987a\u5e8f\u4e5f\u86ee\u5173\u952e\u7684\uff09\uff0c\u901a\u8fc7p->probe(buf, len, p)\u8fd9\u4e2a\u51fd\u6570\u6307\u9488\u6765\u95f4\u63a5\u8c03\u7528\u8bc6\u522b\u534f\u8bae\u7684\u76f8\u5173\u51fd\u6570\u3002

\u8fd9\u91cc\u7684\u534f\u8bae\u5305\u62ec\u4ee5\u4e0b\u5185\u7f6e\u534f\u8bae\uff1a

/* Table of protocols that have a built-in probe\n */\nstatic struct protocol_probe_desc builtins[] = {\n    /* description  probe  */\n    { \"ssh\",        is_ssh_protocol},\n    { \"openvpn\",    is_openvpn_protocol },\n    { \"wireguard\",  is_wireguard_protocol },\n    { \"tinc\",       is_tinc_protocol },\n    { \"xmpp\",       is_xmpp_protocol },\n    { \"http\",       is_http_protocol },\n    { \"tls\",        is_tls_protocol },\n    { \"adb\",        is_adb_protocol },\n    { \"socks5\",     is_socks5_protocol },\n    { \"syslog\",     is_syslog_protocol },\n    { \"teamspeak\",  is_teamspeak_protocol },\n    { \"msrdp\",      is_msrdp_protocol },\n    { \"anyprot\",    is_true }\n};\n

\u5185\u7f6e\u534f\u8bae\u5185\u7f6e\u4e86\u4e00\u4e9b\u5339\u914d\u89c4\u5219\uff0c\u5373\u4e0a\u9762\u63d0\u5230\u7684is_ssh_protocol\u3001is_http_protocol\u7b49\u7b49\u3002\u53ef\u4ee5\u770b\u4e00\u4e2assh\u89c4\u5219\u7684\u4f8b\u5b50\uff1a

/* Is the buffer the beginning of an SSH connection? */\nstatic int is_ssh_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)\n{\n    if (len < 4)\n        return PROBE_AGAIN;\n\n    return !strncmp(p, \"SSH-\", 4);\n}\n

\u53ef\u89c1\uff0c\u5982\u679c\u7b2c\u4e00\u4e2a\u6570\u636e\u5305\u957f\u5ea6\u4e0d\u4f4e\u4e8e4\u4e14\u4ee5\u201dSSH-\u201c\u5f00\u5934\uff0c\u5219\u4f1a\u88ab\u8ba4\u4e3a\u662fssh\u8bf7\u6c42\u3002

/* Is the buffer the beginning of an HTTP connection?  */\nstatic int is_http_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)\n{\n    int res;\n    /* If it's got HTTP in the request (HTTP/1.1) then it's HTTP */\n    if (memmem(p, len, \"HTTP\", 4))\n        return PROBE_MATCH;\n\n#define PROBE_HTTP_METHOD(opt) if ((res = probe_http_method(p, len, opt)) != PROBE_NEXT) return res\n\n    /* Otherwise it could be HTTP/1.0 without version: check if it's got an\n     * HTTP method (RFC2616 5.1.1) */\n    PROBE_HTTP_METHOD(\"OPTIONS\");\n    PROBE_HTTP_METHOD(\"GET\");\n    PROBE_HTTP_METHOD(\"HEAD\");\n    PROBE_HTTP_METHOD(\"POST\");\n    PROBE_HTTP_METHOD(\"PUT\");\n    PROBE_HTTP_METHOD(\"DELETE\");\n    PROBE_HTTP_METHOD(\"TRACE\");\n    PROBE_HTTP_METHOD(\"CONNECT\");\n\n#undef PROBE_HTTP_METHOD\n\n    return PROBE_NEXT;\n}\n

http\u4e5f\u6bd4\u8f83\u7b80\u5355\uff0c\u68c0\u67e5\u201dHTTP\u201d\u5b57\u7b26\u4e32\u3002

\u53e6\u5916\u6709\u4e24\u79cd\u7279\u6b8a\u7684\u534f\u8bae\uff0ctimeout\u9ed8\u8ba4\u4f1a\u9009\u62e9\u521d\u59cb\u5316\u540e\u7684\u7b2c\u4e00\u4e2a\u534f\u8bae\uff08\u5373ssh\uff09\uff0cregex\u652f\u6301\u6b63\u5219\u5339\u914d\u6570\u636e\u5305\u7684\u56fa\u6709\u5b57\u7b26\u4e32\uff0c\u5c31\u8fde\u521d\u59cb\u5316\u65f6\u90fd\u662f\u5355\u72ec\u521d\u59cb\u5316\u7684\uff1a

/* Returns the probe for specified protocol:\n * parameter is the description in builtins[], or \"regex\" \n * */\nT_PROBE* get_probe(const char* description) {\n    int i;\n\n    for (i = 0; i < ARRAY_SIZE(builtins); i++) {\n        if (!strcmp(builtins[i].name, description)) {\n            return builtins[i].probe;\n        }\n    }\n\n    /* Special case of \"regex\" probe (we don't want to set it in builtins\n     * because builtins is also used to build the command-line options and\n     * regexp is not legal on the command line)*/\n    if (!strcmp(description, \"regex\"))\n        return regex_probe;\n\n    /* Special case of \"timeout\" is allowed as a probe name in the\n     * configuration file even though it's not really a probe */\n    if (!strcmp(description, \"timeout\"))\n        return is_true;\n\n    return NULL;\n}\n

is_true\u59cb\u7ec8\u8fd4\u56detrue\uff0c\u4e0d\u8fdb\u884c\u522b\u7684\u5224\u65ad\u4e86\u3002

regex_probe\u5185\u90e8\u7528pre2\u5b9e\u73b0\u4e86\u4e00\u5957\u6b63\u5219\u5339\u914d\u7684\u673a\u5236\u3002\u914d\u7f6econfig\u7684\u65b9\u6cd5\u53ef\u4ee5\u89c1\u4e0a\u6587\u3002

"},{"location":"tech-sslh/#tls\u534f\u8bae\u4e2d\u4f7f\u7528\u7684alpnsni\u7b80\u4ecb","title":"TLS\u534f\u8bae\u4e2d\u4f7f\u7528\u7684ALPN\u3001SNI\u7b80\u4ecb","text":"

tls\u4e3atcp\u63d0\u4f9b\u4e86\u52a0\u5bc6\u670d\u52a1\uff0c\u662f\u5f88\u591a\u670d\u52a1\u4e0d\u53ef\u6216\u7f3a\u7684\u4e00\u73af\u3002\u7531\u4e8e\u6570\u636e\u5305\u662f\u52a0\u5bc6\u7684\u3001\u5f88\u591a\u670d\u52a1\u90fd\u4f7f\u7528tls\uff08\u6bd4\u5982https\uff09\uff0c\u6240\u4ee5\u6ca1\u6cd5\u901a\u8fc7regex\u7684\u65b9\u6cd5\u6765\u533a\u5206\u4e0d\u540c\u7684\u670d\u52a1\u3002\u597d\u5728sslh\u4e3atls\u63d0\u4f9b\u4e86\u4e24\u79cd\u5206\u8fa8\u65b9\u6cd5\uff0c\u5373sni_hostnames\u4e0ealpn_protocols\u3002\u5728config\u91cc\u5199\u7684\u4e00\u6761\u89c4\u5219\u5982\u679c\u4e24\u8005\u90fd\u7528\u4e86\uff0c\u5219\u53ea\u6709\u540c\u65f6\u6ee1\u8db3\u4e24\u8005\u7684tls\u6570\u636e\u5305\u624d\u5339\u914d\u5f97\u4e0a\u5bf9\u5e94\u7684\u89c4\u5219\u3002

\u6bd4\u5982example.cfg\u7ed9\u51fa\u7684\u4f8b\u5b50\uff1a

# match BOTH ALPN/SNI\n     { name: \"tls\"; host: \"localhost\"; port: \"5223\"; alpn_protocols: [ \"xmpp-client\" ]; sni_hostnames: [ \"im.somethingelse.net\" ]; log_level: 0; tfo_ok: true },\n\n# just match ALPN\n     { name: \"tls\"; host: \"localhost\"; port: \"443\"; alpn_protocols: [ \"h2\", \"http/1.1\", \"spdy/1\", \"spdy/2\", \"spdy/3\" ]; log_level: 0;  tfo_ok: true },\n     { name: \"tls\"; host: \"localhost\"; port: \"xmpp-client\"; alpn_protocols: [ \"xmpp-client\" ];  log_level: 0; tfo_ok: true },\n\n# just match SNI\n     { name: \"tls\"; host: \"localhost\"; port: \"993\"; sni_hostnames: [ \"mail.rutschle.net\", \"mail.englishintoulouse.com\" ]; log_level: 0;  tfo_ok: true },\n     { name: \"tls\"; host: \"localhost\"; port: \"xmpp-client\"; sni_hostnames: [ \"im.rutschle.net\", \"im.englishintoulouse.com\" ];  log_level: 0; tfo_ok: true },\n\n# Let's Encrypt (tls-alpn-* challenges)\n     { name: \"tls\"; host: \"localhost\"; port: \"letsencrypt-client\"; alpn_protocols: [ \"acme-tls/1\" ]; log_level: 0;},\n\n# catch anything else TLS\n     { name: \"tls\"; host: \"localhost\"; port: \"443\";  tfo_ok: true },\n

alpn_protocols\u5373\u4f7f\u7528\u5e94\u7528\u5c42\u534f\u8bae\u534f\u5546\u7f16\u53f7\uff1aTLS Application-Layer Protocol Negotiation (ALPN) Protocol ID\u3002\u53ef\u4ee5\u5728\u8fd9\u91cc\u770b\u5230\u5b8c\u6574\u7684\u683c\u5f0f\u3002\u6253\u4e2a\u6bd4\u65b9\uff0c\u5982\u679c\u8bf4\u6570\u636e\u5305\u662f\u997a\u5b50\uff0ctls\u662f\u997a\u5b50\u76ae\uff0cALPN\u5c31\u662f\u8868\u793a\u91cc\u9762\u662f\u4ec0\u4e48\u9985\u7684\u3002

sni_hostnames\u5373\u4f7f\u7528\u670d\u52a1\u5668\u540d\u79f0\u6307\u793a\uff1aServer Name Indication\uff08SNI\uff09\uff0c\u7c7b\u4f3c\u4e8e\u670d\u52a1\u5668\u7aef\u7684\u57df\u540d\u3002\u6253\u4e2a\u6bd4\u65b9\uff0c\u867d\u7136\u5728\u5b66\u6821\u5feb\u9012\uff08\u6570\u636e\u5305\uff09\u90fd\u4f1a\u9001\u5230\u83dc\u9e1f\u9a7f\u7ad9\uff08\u670d\u52a1\u5668\uff09\uff0c\u4f46\u8fd9\u4e9b\u5305\u88f9\u6700\u7ec8\u662f\u6d41\u5411\u4e0d\u540c\u7684\u5bbf\u820d\u7684\uff08SNI\uff09\u3002SNI\u5e2e\u52a9\u5728tls\u63e1\u624b\u671f\u95f4\u5c31\u786e\u5b9assl\u8bc1\u4e66\uff0c\u800c\u4e0d\u662f\u5728http\u5efa\u7acb\u8fde\u63a5\u540e\u3002FQDN\u6307\u7684\u662fFully Qualified Domain Name\uff0c\u5373\u5b8c\u6574\u57df\u540d\uff0c\u53ef\u4ee5\u770b\u8fd9\u91cc\u7684\u4ecb\u7ecd\u3002

sni_hostname\u548calpn_protocols\uff0c\u5c5e\u4e8etls\u6269\u5c55\u5185\u5bb9\uff0c\u5e76\u975e\u5f3a\u5236\u4fdd\u7559\u5176\u4e2d\u3002\u53d1\u5305\u7684\u65f6\u5019\u6ce8\u610f\u6dfb\u52a0\uff0c\u4e0d\u7136sslh\u53ef\u80fd\u8bc6\u522b\u4e0d\u5230\u3002

"},{"location":"try-chatgpt/","title":"ChatGPT\u6765\u5e2e\u5fd9","text":"

\u7ea6 1574 \u4e2a\u5b57 3 \u884c\u4ee3\u7801 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 6 \u5206\u949f

"},{"location":"try-chatgpt/#\u7f51\u7edc\u7ad9\u70b9\u6253\u5305\u4e0b\u8f7d","title":"\u7f51\u7edc\u7ad9\u70b9\u6253\u5305\u4e0b\u8f7d","text":"

linux\u7528\u54ea\u4e2a\u547d\u4ee4\u53ef\u4ee5\u628a\u4e00\u4e2a\u7f51\u5740\u4ee5\u53ca\u5176\u6240\u4f9d\u8d56\u7684js\u548ccss\u7b49\u7b49\u6587\u4ef6\u81ea\u52a8\u4e0b\u8f7d\u4e0b\u6765\uff1f

\u5728Linux\u4e2d\uff0c\u4f60\u53ef\u4ee5\u4f7f\u7528 wget \u547d\u4ee4\u6765\u81ea\u52a8\u4e0b\u8f7d\u4e00\u4e2a\u7f51\u7ad9\u53ca\u5176\u4f9d\u8d56\u7684\u8d44\u6e90\u6587\u4ef6\uff08\u5982JS\u548cCSS\u7b49\uff09\u3002

\u4e0b\u9762\u662f\u4e00\u4e2a\u793a\u4f8b\u547d\u4ee4\uff1a

wget --recursive --no-clobber --page-requisites --html-extension --convert-links --restrict-file-names=windows --domains website.com --no-parent http://website.com\n
\u8be5\u547d\u4ee4\u4f7f\u7528\u4e86\u591a\u4e2a\u9009\u9879\uff0c\u5176\u4e2d\u4e00\u4e9b\u9009\u9879\u7684\u542b\u4e49\u5982\u4e0b\uff1a

\u2013recursive: \u4e0b\u8f7d\u7f51\u7ad9\u7684\u6240\u6709\u94fe\u63a5\u3002 \u2013no-clobber: \u4e0d\u4f1a\u91cd\u590d\u4e0b\u8f7d\u5df2\u7ecf\u5b58\u5728\u7684\u6587\u4ef6\u3002 \u2013page-requisites: \u4e0b\u8f7d\u6240\u6709\u9875\u9762\u7684\u8d44\u6e90\uff08\u5982\u56fe\u50cf\uff0c\u97f3\u9891\u548c\u89c6\u9891\uff09\u3002 \u2013html-extension: \u5c06\u6240\u6709HTML\u6587\u4ef6\u6269\u5c55\u540d\u6dfb\u52a0\u4e3a .html\u3002 \u2013convert-links: \u5c06\u6240\u6709\u94fe\u63a5\u8f6c\u6362\u4e3a\u672c\u5730\u94fe\u63a5\u3002 \u2013restrict-file-names=windows: \u907f\u514d\u4f7f\u7528 Linux \u4e0d\u652f\u6301\u7684\u6587\u4ef6\u540d\u5b57\u7b26\u3002 \u2013domains website.com: \u9650\u5236\u4e0b\u8f7d\u7684\u57df\u540d\u8303\u56f4\u3002 \u2013no-parent: \u4e0d\u4f1a\u4e0b\u8f7d\u7236\u7ea7\u94fe\u63a5\uff08\u6709\u52a9\u4e8e\u9632\u6b62\u65e0\u9650\u9012\u5f52\uff09\u3002

\u4f60\u53ef\u4ee5\u6839\u636e\u81ea\u5df1\u7684\u9700\u8981\u4fee\u6539\u8fd9\u4e9b\u9009\u9879\u4ee5\u6ee1\u8db3\u7279\u5b9a\u7684\u8981\u6c42\u3002

\u7528\u8fd9\u6761\u547d\u4ee4\u88ab\u670d\u52a1\u5668\u53d1\u73b0\u6076\u610f\u4e0b\u8f7d\uff0c\u88ab\u7ed9403 forbidden\u4e86\u600e\u4e48\u529e\uff1f

\u5982\u679c\u4f60\u4f7f\u7528\u7684\u547d\u4ee4\u88ab\u670d\u52a1\u5668\u8ba4\u4e3a\u662f\u6076\u610f\u4e0b\u8f7d\uff0c\u5e76\u4e14\u88ab\u670d\u52a1\u5668\u62d2\u7edd\u8bbf\u95ee\uff0c\u90a3\u4e48\u4f60\u53ef\u4ee5\u8003\u8651\u4ee5\u4e0b\u4e00\u4e9b\u65b9\u6cd5\u6765\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff1a

\u4fee\u6539\u4e0b\u8f7d\u901f\u5ea6\uff1a\u6709\u4e9b\u670d\u52a1\u5668\u53ef\u80fd\u4f1a\u9650\u5236\u4e0b\u8f7d\u901f\u5ea6\uff0c\u5982\u679c\u4f60\u4e0b\u8f7d\u7684\u592a\u5feb\uff0c\u5c31\u4f1a\u88ab\u8ba4\u4e3a\u662f\u653b\u51fb\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 \u2013limit-rate \u9009\u9879\u6765\u9650\u5236\u4e0b\u8f7d\u901f\u5ea6\uff0c\u4f8b\u5982\uff1a

wget --limit-rate=200k http://example.com\n

\u4fee\u6539\u4e0b\u8f7d\u5e76\u53d1\u6570\uff1a\u7c7b\u4f3c\u4e8e\u901f\u5ea6\u9650\u5236\uff0c\u4e00\u4e9b\u670d\u52a1\u5668\u4e5f\u4f1a\u9650\u5236\u540c\u65f6\u8fdb\u884c\u7684\u4e0b\u8f7d\u6570\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 \u2013tries \u548c \u2013wait \u9009\u9879\u6765\u9650\u5236\u5e76\u53d1\u4e0b\u8f7d\u6570\uff0c\u4f8b\u5982\uff1a

wget --tries=10 --wait=5 http://example.com\n
\u6dfb\u52a0 User-Agent\uff1a\u6709\u4e9b\u670d\u52a1\u5668\u53ef\u80fd\u4f1a\u68c0\u67e5 User-Agent\uff0c\u5982\u679c User-Agent \u88ab\u8ba4\u4e3a\u662f\u6076\u610f\u7684\uff0c\u90a3\u4e48\u4f60\u7684\u8bf7\u6c42\u4e5f\u4f1a\u88ab\u62d2\u7edd\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 \u2013user-agent \u9009\u9879\u6765\u8bbe\u7f6e User-Agent\uff0c\u4f8b\u5982\uff1a

wget --user-agent=\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3\" http://example.com\n

\u4e0e\u670d\u52a1\u5668\u7ba1\u7406\u5458\u8054\u7cfb\uff1a\u5982\u679c\u4ee5\u4e0a\u65b9\u6cd5\u90fd\u4e0d\u80fd\u89e3\u51b3\u95ee\u9898\uff0c\u4f60\u53ef\u4ee5\u8054\u7cfb\u670d\u52a1\u5668\u7ba1\u7406\u5458\uff0c\u8bf4\u660e\u4f60\u7684\u4e0b\u8f7d\u8bf7\u6c42\u662f\u5408\u6cd5\u7684\uff0c\u8bf7\u6c42\u4ed6\u4eec\u653e\u884c\u4f60\u7684\u8bf7\u6c42\u3002 \u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u4e0d\u8981\u4f7f\u7528\u975e\u6cd5\u7684\u65b9\u5f0f\u4e0b\u8f7d\u6587\u4ef6\uff0c\u4ee5\u514d\u4fb5\u72af\u4ed6\u4eba\u7684\u5408\u6cd5\u6743\u76ca\uff0c\u5e76\u6709\u53ef\u80fd\u5bfc\u81f4\u6cd5\u5f8b\u7ea0\u7eb7\u3002

"},{"location":"try-chatgpt/#\u6bd4\u8f83gopythonrust\u7684\u5173\u7cfb","title":"\u6bd4\u8f83Go\u3001Python\u3001Rust\u7684\u5173\u7cfb","text":"

go\u3001rust\u3001python\u4e09\u79cd\u7f16\u7a0b\u8bed\u8a00\u5728\u8bed\u8a00\u7279\u6027\u65b9\u9762\u6709\u4ec0\u4e48\u533a\u522b\uff1f\u5404\u81ea\u6709\u4ec0\u4e48\u4f18\u52bf\uff1f\u9002\u7528\u573a\u666f\u6709\u4ec0\u4e48\u533a\u522b\uff1f

\u8fd9\u4e09\u79cd\u7f16\u7a0b\u8bed\u8a00\u5404\u6709\u4e0d\u540c\u7684\u7279\u70b9\u548c\u4f18\u52bf\uff0c\u4ee5\u4e0b\u662f\u5b83\u4eec\u7684\u4e3b\u8981\u533a\u522b\u548c\u9002\u7528\u573a\u666f\uff1a

Python Python \u662f\u4e00\u79cd\u9ad8\u7ea7\u7684\u52a8\u6001\u89e3\u91ca\u578b\u8bed\u8a00\uff0c\u5177\u6709\u7b80\u5355\u6613\u5b66\u3001\u6613\u8bfb\u6613\u5199\u7684\u7279\u70b9\u3002\u5b83\u7684\u8bed\u6cd5\u7b80\u5355\u3001\u4ee3\u7801\u53ef\u8bfb\u6027\u9ad8\u3001\u652f\u6301\u591a\u79cd\u7f16\u7a0b\u8303\u5f0f\u548c\u4e30\u5bcc\u7684\u7b2c\u4e09\u65b9\u5e93\uff0c\u9002\u7528\u4e8e\u5404\u79cd\u7c7b\u578b\u7684\u5e94\u7528\u7a0b\u5e8f\u5f00\u53d1\uff0c\u5c24\u5176\u64c5\u957f\u6570\u636e\u5206\u6790\u3001\u4eba\u5de5\u667a\u80fd\u548c\u79d1\u5b66\u8ba1\u7b97\u9886\u57df\u3002\u7531\u4e8e\u5b83\u7684\u5f00\u53d1\u6548\u7387\u9ad8\uff0c\u5e38\u88ab\u7528\u4e8e\u5feb\u901f\u539f\u578b\u8bbe\u8ba1\u548c\u654f\u6377\u5f00\u53d1\u3002

Go Go \u662f\u4e00\u79cd\u5f00\u6e90\u7684\u7f16\u8bd1\u578b\u8bed\u8a00\uff0c\u7531 Google \u5f00\u53d1\u3002\u5b83\u7684\u8bbe\u8ba1\u76ee\u6807\u662f\u4e3a\u4e86\u89e3\u51b3\u591a\u6838\u3001\u7f51\u7edc\u3001\u5927\u89c4\u6a21\u7a0b\u5e8f\u5f00\u53d1\u7b49\u95ee\u9898\uff0c\u5177\u6709\u9ad8\u6548\u3001\u53ef\u9760\u3001\u7b80\u6d01\u7b49\u7279\u70b9\u3002Go \u8bed\u8a00\u5728\u5e76\u53d1\u7f16\u7a0b\u548c\u7f51\u7edc\u7f16\u7a0b\u65b9\u9762\u8868\u73b0\u7a81\u51fa\uff0c\u6709\u7740\u975e\u5e38\u9ad8\u6548\u7684 Goroutine \u548c Channel \u673a\u5236\uff0c\u9002\u5408\u4e8e\u9ad8\u5e76\u53d1\u3001\u5206\u5e03\u5f0f\u7cfb\u7edf\u3001\u4e91\u8ba1\u7b97\u7b49\u9886\u57df\u7684\u5f00\u53d1\u3002

Rust Rust \u662f\u4e00\u79cd\u7cfb\u7edf\u7ea7\u7684\u7f16\u7a0b\u8bed\u8a00\uff0c\u7531 Mozilla \u5f00\u53d1\u3002\u5b83\u7ed3\u5408\u4e86\u9ad8\u6548\u6027\u80fd\u3001\u5185\u5b58\u5b89\u5168\u548c\u5e76\u53d1\u5b89\u5168\uff0c\u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u9760\u548c\u5b89\u5168\u7684\u7f16\u7a0b\u73af\u5883\u3002Rust \u7684\u4e3b\u8981\u4f18\u52bf\u5728\u4e8e\u5176\u5185\u5b58\u5b89\u5168\u6027\u548c\u5e76\u53d1\u6027\uff0c\u5b83\u5177\u6709\u9ad8\u6548\u7684\u7f16\u8bd1\u5668\u3001\u4e30\u5bcc\u7684\u7c7b\u578b\u7cfb\u7edf\u548c\u9ad8\u7ea7\u7684\u6a21\u5f0f\u5339\u914d\u529f\u80fd\uff0c\u9002\u7528\u4e8e\u9700\u8981\u9ad8\u6027\u80fd\u548c\u5b89\u5168\u6027\u7684\u7cfb\u7edf\u7ea7\u7f16\u7a0b\u3001\u7f51\u7edc\u7f16\u7a0b\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u5d4c\u5165\u5f0f\u5f00\u53d1\u7b49\u9886\u57df\u3002

\u603b\u7684\u6765\u8bf4\uff0cPython \u9002\u5408\u5feb\u901f\u539f\u578b\u8bbe\u8ba1\u548c\u654f\u6377\u5f00\u53d1\uff0cGo \u9002\u5408\u9ad8\u5e76\u53d1\u3001\u5206\u5e03\u5f0f\u7cfb\u7edf\u548c\u4e91\u8ba1\u7b97\uff0cRust \u9002\u5408\u9700\u8981\u9ad8\u6027\u80fd\u548c\u5b89\u5168\u6027\u7684\u7cfb\u7edf\u7ea7\u7f16\u7a0b\u3001\u7f51\u7edc\u7f16\u7a0b\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u5d4c\u5165\u5f0f\u5f00\u53d1\u3002\u9009\u62e9\u54ea\u79cd\u7f16\u7a0b\u8bed\u8a00\u53d6\u51b3\u4e8e\u5177\u4f53\u7684\u5e94\u7528\u573a\u666f\u548c\u9700\u6c42\u3002

"},{"location":"try-chatgpt/#\u8ba1\u7b97\u673a\u5b89\u5168\u8d44\u6e90\u5b66\u4e60","title":"\u8ba1\u7b97\u673a\u5b89\u5168\u8d44\u6e90\u5b66\u4e60","text":"

\u6211\u60f3\u5b66\u4e60\u5de5\u4e1a\u754c\u5b9e\u7528\u7684\u8ba1\u7b97\u673a\u5b89\u5168\u9886\u57df\u7684\u77e5\u8bc6\uff0c\u8bf7\u63a8\u8350\u4e00\u4e9b\u7f51\u7ad9

\u4ee5\u4e0b\u662f\u4e00\u4e9b\u53ef\u4ee5\u5e2e\u52a9\u60a8\u5b66\u4e60\u5de5\u4e1a\u754c\u5b9e\u7528\u7684\u8ba1\u7b97\u673a\u5b89\u5168\u9886\u57df\u7684\u77e5\u8bc6\u7684\u7f51\u7ad9\uff1a

OWASP (\u5f00\u653e\u5f0f\u7f51\u7edc\u5b89\u5168\u9879\u76ee)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u63d0\u4f9b\u4e86\u5927\u91cf\u6709\u5173\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7684\u8d44\u6599\u548c\u5de5\u5177\u3002\u60a8\u53ef\u4ee5\u5728\u8fd9\u91cc\u627e\u5230\u5b89\u5168\u6807\u51c6\u3001\u6f0f\u6d1e\u68c0\u6d4b\u5de5\u5177\u3001\u653b\u51fb\u6a21\u62df\u5668\u7b49\u7b49\u3002

NIST (\u7f8e\u56fd\u56fd\u5bb6\u6807\u51c6\u4e0e\u6280\u672f\u7814\u7a76\u6240)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u4e3a\u8ba1\u7b97\u673a\u5b89\u5168\u548c\u4fe1\u606f\u6280\u672f\u63d0\u4f9b\u6807\u51c6\u548c\u6307\u5357\u3002\u60a8\u53ef\u4ee5\u5728\u8fd9\u91cc\u627e\u5230\u6709\u5173\u5b89\u5168\u63a7\u5236\u3001\u5bc6\u7801\u5b66\u3001\u98ce\u9669\u8bc4\u4f30\u7b49\u65b9\u9762\u7684\u8d44\u6599\u3002

SANS (\u5b89\u5168\u57f9\u8bad\u548c\u8ba4\u8bc1\u673a\u6784)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u63d0\u4f9b\u6709\u5173\u5404\u79cd\u8ba1\u7b97\u673a\u5b89\u5168\u4e3b\u9898\u7684\u57f9\u8bad\u548c\u8bfe\u7a0b\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u4e00\u4e2a\u535a\u5ba2\uff0c\u5176\u4e2d\u5305\u542b\u5404\u79cd\u6709\u5173\u7f51\u7edc\u5b89\u5168\u7684\u6587\u7ae0\u548c\u63d0\u793a\u3002

Dark Reading\uff1a\u8fd9\u662f\u4e00\u5bb6\u5728\u7ebf\u51fa\u7248\u5546\uff0c\u63d0\u4f9b\u4e86\u6709\u5173\u7f51\u7edc\u5b89\u5168\u7684\u6700\u65b0\u65b0\u95fb\u3001\u5206\u6790\u548c\u8bc4\u8bba\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u5404\u79cd\u8d44\u6e90\uff0c\u5305\u62ec\u7f51\u7edc\u5b89\u5168\u767d\u76ae\u4e66\u3001\u7814\u7a76\u62a5\u544a\u548c\u6f14\u793a\u6587\u7a3f\u3002

SecurityFocus\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u662f\u4e00\u4e2a\u5b89\u5168\u65b0\u95fb\u805a\u5408\u7ad9\u70b9\uff0c\u6536\u96c6\u4e86\u6765\u81ea\u5404\u79cd\u6765\u6e90\u7684\u5b89\u5168\u65b0\u95fb\u548c\u6f0f\u6d1e\u62a5\u544a\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u5b89\u5168\u8bba\u575b\u3001\u5b89\u5168\u5de5\u5177\u7b49\u3002

Reddit\uff1aReddit\u4e0a\u6709\u8bb8\u591a\u4e0e\u8ba1\u7b97\u673a\u5b89\u5168\u76f8\u5173\u7684\u793e\u533a\uff0c\u5982r/netsec\u3001r/hacking\u3001r/AskNetsec\u7b49\u3002\u8fd9\u4e9b\u793e\u533a\u53ef\u4ee5\u8ba9\u60a8\u5411\u5176\u4ed6\u5b89\u5168\u4e13\u4e1a\u4eba\u5458\u63d0\u95ee\uff0c\u5e76\u4e0e\u4ed6\u4eec\u5206\u4eab\u6709\u7528\u7684\u8d44\u6e90\u548c\u5de5\u5177\u3002

GitHub\uff1aGitHub\u662f\u4e00\u4e2a\u8f6f\u4ef6\u5f00\u53d1\u5e73\u53f0\uff0c\u4e5f\u662f\u8bb8\u591a\u5b89\u5168\u5de5\u5177\u548c\u811a\u672c\u7684\u6765\u6e90\u3002\u901a\u8fc7\u641c\u7d22GitHub\uff0c\u60a8\u53ef\u4ee5\u627e\u5230\u5f88\u591a\u6709\u7528\u7684\u5de5\u5177\uff0c\u5982\u6e17\u900f\u6d4b\u8bd5\u5de5\u5177\u3001\u6f0f\u6d1e\u626b\u63cf\u5668\u7b49\u7b49\u3002

\u5e0c\u671b\u8fd9\u4e9b\u7f51\u7ad9\u80fd\u5bf9\u60a8\u6709\u6240\u5e2e\u52a9\uff01

"},{"location":"word-learning/","title":"\u8bcd\u6c47\u5b66\u4e60","text":"

\u7ea6 943 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4 3 \u5206\u949f

"},{"location":"dsa/array/","title":"\u6570\u7ec4","text":"

\u7ea6 2 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/branch-and-bound-algo/","title":"\u5206\u652f\u5b9a\u754c\u7b97\u6cd5","text":"

\u7ea6 6 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/dynamic-algo/","title":"\u52a8\u6001\u89c4\u5212\u7b97\u6cd5","text":"

\u7ea6 6 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/graph-algo/","title":"\u56fe\u7b97\u6cd5","text":"

\u7ea6 3 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/graph/","title":"\u56fe","text":"

\u7ea6 1 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/greedy-algo/","title":"\u8d2a\u5fc3\u7b97\u6cd5","text":"

\u7ea6 4 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/linkedlist/","title":"\u94fe\u8868","text":"

\u7ea6 2 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/queue/","title":"\u961f\u5217","text":"

\u7ea6 2 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/stack/","title":"\u6808","text":"

\u7ea6 1 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"},{"location":"dsa/tree/","title":"\u6811","text":"

\u7ea6 1 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

"}]} \ No newline at end of file +{"config":{"lang":["en"],"separator":"[\\s\\u200b\\u3000\\-\u3001\u3002\uff0c\uff0e\uff1f\uff01\uff1b]+","pipeline":["stemmer"]},"docs":[{"location":"","title":"\u9996\u9875","text":"

\u7ea6 100 \u4e2a\u5b57 \u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\u4e0d\u5230 1 \u5206\u949f

\u81f4\u8f9e

\u535a\u5ba2\u603b\u89c8