目录为自动生成,可能有误。最近一次更新时间2023-12-18。
+目录为自动生成,可能有误。最近一次更新时间2024-02-11。
最近一次更新内容:
\u76ee\u5f55\u4e3a\u81ea\u52a8\u751f\u6210\uff0c\u53ef\u80fd\u6709\u8bef\u3002\u6700\u8fd1\u4e00\u6b21\u66f4\u65b0\u65f6\u95f42023-12-18\u3002
\u6b22\u8fce\u63d0issue\u4ee5\u6307\u9519\u3001\u4ea4\u6d41\uff01
\u6700\u8fd1\u4e00\u6b21\u66f4\u65b0\u5185\u5bb9\uff1a
\u52a0\u8f7d\u65f6\u9009\u62e9Processor type\uff0c\u6bd4\u5982ARM Little-endian [ARM]\uff0c\u968f\u540e\u6839\u636e\u5b9e\u9645\u52a0\u8f7d\u60c5\u51b5\u8bbe\u7f6eROM\u7684\u8d77\u59cb\u5730\u5740\u548cInput file\u5730\u5740\u3002
raw binary\u7684\u524d\u56db\u5b57\u8282\u53ef\u80fd\u662f\u521d\u59cbsp\u503c\uff0c\u968f\u540e\u56db\u5b57\u8282\u53ef\u80fd\u662f\u521d\u59cbpc\u503c\u3002\u6309G\u5e76\u8f93\u5165pc\u503c\uff0cAlt+G\u8bbe\u7f6eT\u5bc4\u5b58\u5668\u503c\u4e3a1\uff080\u8868\u793aARM\uff0c1\u8868\u793aThumb\uff09\uff0c\u7136\u540e\u9009\u4e2dpc\u53ca\u4e4b\u540e\u6240\u6709\u4ee3\u7801\uff0c\u6309C\u8fdb\u884cMakeCode\u3002
"},{"location":"autoconf/","title":"autoconf\u5b66\u4e60\u7b14\u8bb0","text":"\u81ea\u5df1\u5f00\u53d1\u8f6f\u4ef6\u65f6\uff0c\u751f\u6210\u89c4\u8303\u7684configure\u7b49\u6587\u4ef6\u3002\u53ef\u53c2\u8003https://www.cnblogs.com/klausage/p/14163844.html\u7b49
"},{"location":"autoconf/#_1","title":"\u4e0d\u5206\u76ee\u5f55\u7ed3\u6784","text":"\u7f16\u5199Makefile.am\u6587\u4ef6\uff0c\u6bd4\u5982\uff1a
bin_PROGRAMS=helloworld\nhelloworld_SOURCES=helloworld.c\nbin_PROGRAMS\u7528\u4e8e\u7ed9\u9879\u76ee\u8d77\u540d\uff0c\u6bd4\u5982X\uff0c\u90a3\u4e48\u4e4b\u540e\u7684X_SOURCES\u5219\u7528\u6765\u6307\u5b9a\u4f7f\u7528\u7684\u6e90\u6587\u4ef6\u6267\u884cautoscan\uff0c\u751f\u6210configure.scan\uff0c\u5e76\u4fee\u6539\u5176\u4e2d\u7684AC_INIT\u3001AM_INIT_AUTOMAKE\uff0c\u91cd\u547d\u540d\u6587\u4ef6\u4e3aconfigure.ac\uff0c\u6bd4\u5982\uff1a
# -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ([2.69])\nAC_INIT([FULL-PACKAGE-NAME], [VERSION], [BUG-REPORT-ADDRESS])\nAM_INIT_AUTOMAKE([foreign]) # \u5982\u679c\u4e0d\u52a0\u8fd9\u4e00\u53e5\uff0c\u9ed8\u8ba4gnu\uff0c\u5219\u4e4b\u540e\u76ee\u5f55\u91cc\u8981\u6709NEWS\u3001README\u3001AUTHORS\u3001ChangLog\u7b49\u6587\u4ef6\uff08\u9700\u81ea\u5df1\u624b\u52a8\u5efa\u7acb\uff09\nAC_CONFIG_SRCDIR([main.h])\nAC_CONFIG_HEADERS([config.h])\n# Checks for programs.\nAC_PROG_CC\n\n# Checks for libraries.\n\n# Checks for header files.\n\n# Checks for typedefs, structures, and compiler characteristics.\n\n# Checks for library functions.\n\nAC_CONFIG_FILES([Makefile])\nAC_OUTPUT\n\u6267\u884caclocal && autoheader && autoconf\uff0c\u751f\u6210aclocal.m4\u3001config.h.in\u548cconfigure
\u8fd0\u884cautomake --add-missing\uff0c\u4f1a\u6839\u636eMakefile.am\u751f\u6210Makefile.in
\u8fd0\u884c./configure\u751f\u6210makefile
\u8fd0\u884cmake\uff0c\u57fa\u4e8emakefile\u7f16\u8bd1\u4ee3\u7801
\u4e5f\u5c31\u662f\u8bf4\u6e90\u7801\u53ef\u80fd\u5728\u591a\u4e2a\u6587\u4ef6\u5939\u4e0b\uff0c\u6bd4\u5982src\u3002\u90a3\u4e48\u6bcf\u4e2a\u6587\u4ef6\u5939\u9700\u8981\u5355\u72ec\u5199Makefile.am\u6765\u6307\u5b9a\u5982\u4f55\u7f16\u8bd1\u3002
\u7f16\u5199Makefile.am\u6587\u4ef6
\u6e90\u7801\u6240\u5728\u7684\u6587\u4ef6\u5939\u7684Makefile\u6587\u4ef6\u793a\u4f8b\uff1a
bin_PROGRAMS = reverse\n\n#AM_CFLAGS= -DDEBUG -DLOG_INSTRUCTIONS -I ../include\nAM_CFLAGS= -DDEBUG -I ../include\n\nreverse_CPPFLAGS = -msse4.1\n\n# \u4f7f\u7528LDFLAG\u4f1a\u5728gcc\u4e2d\u90e8\u653e-l\uff0c\u5bfc\u81f4\u627e\u4e0d\u5230\u7b2c\u4e09\u65b9\u5e93\u3002\u7528LDADD\u53ef\u4ee5\u6dfb\u52a0\u5230\u6574\u4e2agcc\u6307\u4ee4\u7684\u6700\u540e\nreverse_LDADD = -lcapstone\n\nhandlers_FILES = handler_flag_manip.c handler_interrupt.c\n\n#handler_interrupt.c\n\nreverse_SOURCES = access_memory.c alias_manager.c $(handlers_FILES)\nAM_CFLAGS\u7528\u4e8e\u6dfb\u52a0\u7f16\u8bd1\u9009\u9879\u9879\u76ee\u6587\u4ef6\u5939\u9700\u8981\u6307\u5b9a\u6e90\u6587\u4ef6\u6240\u5728\u7684\u6587\u4ef6\u5939
POMP\u7684\u4f8b\u5b50\uff1a
SUBDIRS=src # \u6307\u5b9asrc\u6587\u4ef6\u5939\ndist_doc_DATA=README\n\nTESTSUITES_DIR = testsuites\nEXECUTABLE=$(SUBDIRS)/reverse\n\nabc2mtex:\n$(EXECUTABLE) $(TESTSUITES_DIR)/$@/core $(TESTSUITES_DIR)/library/ $(TESTSUITES_DIR)/$@/inst.reverse\n\naireplay-ng:\n$(EXECUTABLE) $(TESTSUITES_DIR)/$@/core $(TESTSUITES_DIR)/library/ $(TESTSUITES_DIR)/$@/inst.reverse\n\u6267\u884cautoscan\uff0c\u751f\u6210configure.scan\uff0c\u5e76\u4fee\u6539\u5176\u4e2d\u7684AC_INIT\u3001AM_INIT_AUTOMAKE\uff0c\u91cd\u547d\u540d\u6587\u4ef6\u4e3aconfigure.ac\uff0c\u6bd4\u5982\uff1a
# -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ([2.69])\nAC_INIT([reverse_from_coredump], [0.0.1], [mudongliangabcd@gmail.com])\nAM_INIT_AUTOMAKE([-Wall -Werror foreign])\nAC_CONFIG_HEADERS([config.h])\n\n# Checks for programs.\nAC_PROG_CC\n\n# Checks for libraries.\nAC_CHECK_LIB([disasm], [x86_init])\nAC_CHECK_LIB([elf], [gelf_getehdr])\n\n# Checks for header files.\nAC_CHECK_HEADERS([fcntl.h malloc.h stddef.h stdint.h stdlib.h string.h unistd.h])\n\n# Checks for typedefs, structures, and compiler characteristics.\nAC_CHECK_HEADER_STDBOOL\nAC_C_INLINE\nAC_TYPE_OFF_T\nAC_TYPE_SIZE_T\n\n# Checks for library functions.\nAC_FUNC_MALLOC\nAC_CHECK_FUNCS([memset strerror])\n\nAC_CONFIG_FILES([Makefile\nsrc/Makefile])\nAC_OUTPUT\n\u6267\u884caclocal && autoheader && autoconf\uff0c\u751f\u6210aclocal.m4\u3001config.h.in\u548cconfigure
\u8fd0\u884cautomake --add-missing\uff0c\u4f1a\u6839\u636eMakefile.am\u751f\u6210Makefile.in
\u8fd0\u884c./configure\u751f\u6210makefile
\u8fd0\u884cmake\uff0c\u57fa\u4e8emakefile\u7f16\u8bd1\u4ee3\u7801
member_address - &(((TYPE *)0)->member);\n\u540e\u534a\u90e8\u5206\u770b\u4f3c\u4f1a\u89e3\u5f15\u75280\u5730\u5740\u800ccrash\uff0c\u4f46\u7f16\u8bd1\u5668\u4f1a\u4f18\u5316\u4e3a\u76f4\u63a5\u8ba1\u7b97member\u7684offset\u3002\u53c2\u89c1kernel\u4ee3\u7801\u5e38\u7528\u7684container_of\u3002
"},{"location":"c/#_2","title":"\u52a8\u6001\u94fe\u63a5\u5e93","text":"\u7f16\u8bd1\u52a8\u6001\u94fe\u63a5\u5e93\u672c\u8eab
\u4f7f\u7528gcc\u7f16\u8bd1\u51fa\u52a8\u6001\u94fe\u63a5\u5e93\uff1a
gcc <source C file> -shared -fPIC -o lib<source>.so\n\u7f16\u8bd1\u539f\u9879\u76ee\u65f6\u6307\u5b9a\u52a8\u6001\u94fe\u63a5\u5e93
\u4f7f\u7528-l\u6307\u5b9a\u52a0\u8f7d\u94fe\u63a5\u5e93\uff0c\u6ce8\u610f\u53bb\u6389\u5e93\u6587\u4ef6\u7684lib\u5f00\u5934\u548c.so\u7ed3\u5c3e\u3002\u7f16\u8bd1\u65f6\uff0c\u6ce8\u610f\u628a\u5e93\u653e\u5728\u6574\u4e2a\u547d\u4ee4\u7684\u7ed3\u5c3e\uff0c\u5426\u5219\u53ef\u80fd\u63d0\u793a\u5e93\u51fd\u6570\u672a\u5b9a\u4e49\u3002
\u6bd4\u5982gcc main.c -lcapstone\u4e0d\u4f1a\u62a5\u9519\uff0cgcc -lcapstone main.c\u4f1a\u63d0\u793a\u62a5\u9519\u3002\uff08\u5047\u8bbe\u8fd9\u91ccmain.c\u8c03\u7528\u4e86capstone\u7684\u5e93\u51fd\u6570\uff09
\u5982\u679c\u52a8\u6001\u94fe\u63a5\u5e93\u4e0d\u5728\u9ed8\u8ba4\u7684\u7cfb\u7edf\u5e93\u4e2d\uff0c\u53ef\u4ee5\u6dfb\u52a0-L\u6765\u6307\u5b9a\u52a8\u6001\u94fe\u63a5\u5e93\u7684\u4fdd\u5b58\u4f4d\u7f6e\u3002
\u8fd0\u884c\u9879\u76ee\u65f6\u52a0\u8f7d\u52a8\u6001\u94fe\u63a5\u5e93
\u5373\u4fbf\u7f16\u8bd1\u6210\u529f\uff0c\u8fd0\u884c\u53ef\u80fd\u62a5\u9519\u3002\u641c\u7d22\u987a\u5e8f\u4e3a\uff1a
-Wl,-rpath=xxx\u6765\u6307\u5b9a\u8fd0\u884c\u65f6\u6240\u9700\u7684\u52a8\u6001\u5e93\u6587\u4ef6LD_LIBRARY_PATH\u6307\u5b9a\u7684\u76ee\u5f55\u4e2d\u641c\u7d22/etc/ld.so.conf\u7ed9\u51fa\u7684\u76ee\u5f55\u4e2d\u641c\u7d22/lib\u3001/lib64\u3001/usrlib\u3001/usrlib64\u7b49\u641c\u7d22\u4f18\u5316\u9700\u8981\u901a\u8fc7\u5927\u91cf\u6d4b\u8bd5\u6765\u9a8c\u8bc1\u4e00\u81f4\u6027\u3001\u6027\u80fd\uff0c\u56e0\u4e3a\u5e76\u975e\u6240\u6709\u4f18\u5316\u90fd\u662f\u6b63\u786e\u6216\u5fc5\u8981\u7684\u3002\u4ece\u91cd\u6784\u7a0b\u5e8f\u6267\u884c\u6d41\u7684\u89d2\u5ea6\u6765\u8bb2\uff0c\u4f18\u5316\u5e76\u4e0d\u662f\u7075\u4e39\u5999\u836f\uff0c\u5e76\u5728\u4e0d\u540c\u8bed\u8a00\u3001\u4e0d\u540c\u7f16\u8bd1\u5668\u3001\u4e0d\u540c\u73af\u5883\u3001\u4e0d\u540c\u4efb\u52a1\u4e2d\u8868\u73b0\u51fa\u5de8\u5927\u7684\u5dee\u5f02\u3002\u4ee5\u4e0b\u7684\u4f18\u5316\u65b9\u6cd5\u5747\u4ec5\u4f9b\u53c2\u8003\u3002
"},{"location":"code-gracely/#_4","title":"\u5229\u7528\u77ed\u8def\u4e0e\u54e8\u5175","text":"\u4f7f\u7528\u5927\u91cfif-else\u7684\u574f\u5904\uff1a
\u4f7f\u7528\u67e5\u8868\u6cd5\u7684\u597d\u5904\uff1a
\u7528\u6cd5\uff1a\u5c06\u8981\u5224\u65ad\u7684\u5404\u4e2a\u53c2\u6570\u4f5c\u4e3a\u8868\u7684\u7ef4\u5ea6\uff0c\u5c06\u5224\u65ad\u7ed3\u679c\u4f5c\u4e3a\u8868\u7d22\u5f15\u540e\u7684\u7ed3\u679c\u3002
"},{"location":"code-gracely/#_10","title":"\u7528\u7d22\u5f15\u8868\u66ff\u6362\u6570\u636e\u8868","text":"\u7a00\u758f\u7684\u6570\u636e\u8868\u5728\u5b58\u50a8\u5bf9\u9f50\u7684\u60c5\u51b5\u4e0b\u4f1a\u6d6a\u8d39\u5927\u91cf\u7a7a\u95f4\u3002\u4e0e\u4e4b\u76f8\u6bd4\uff0c\u91c7\u7528\u7d22\u5f15\u8868\u53ef\u4ee5\u964d\u4f4e\u7a7a\u95f4\u6d6a\u8d39\u91cf\uff08\u4ecd\u7136\u4f1a\u4ea7\u751f\u6d6a\u8d39\uff09\u3002\u4e3a\u4e86\u8fdb\u4e00\u6b65\u51cf\u5c11\u7d22\u5f15\u8868\u7a7a\u95f4\uff0c\u53ef\u4ee5\u4f7f\u7528\u9636\u68af\u7d22\u5f15\u8868\uff0c\u6839\u636e\u6570\u636e\u7684\u8303\u56f4\uff08\u800c\u4e0d\u662f\u5177\u4f53\u7684\u6570\u636e\u503c\uff09\u8fdb\u884c\u5efa\u7d22\u5f15\uff0c\u6bd4\u5982\u6839\u636e\u767e\u5206\u5236\u6210\u7ee9\u8ba1\u7b97\u7ee9\u70b9\uff0c\u5efa\u7acb\u76f8\u5e94\u7684data-to-key\u51fd\u6570\uff0c\u653e\u5728\u6570\u7ec4\u4e2d\u3002
"},{"location":"code-gracely/#_11","title":"\u7528\u7ed3\u679c\u8868\u66ff\u6362\u6570\u5b66\u8ba1\u7b97\u7ed3\u679c","text":"\u8003\u8651\u5230\u7cfb\u7edf\u51fd\u6570\u7684\u7cbe\u786e\u6027\uff0c\u8ba1\u7b97\u901f\u5ea6\u53ef\u80fd\u8f83\u6162\u3002\u53ef\u4ee5\u9884\u5148\u624b\u52a8\u7b97\u51fa\u4e00\u4e9b\u6570\u636e\u5e76\u5efa\u8868\uff0c\u8ba1\u7b97\u65f6\u76f4\u63a5\u67e5\u8868\u5373\u53ef\uff0c\u5927\u5927\u63d0\u9ad8\u7a0b\u5e8f\u6027\u80fd\u3002
"},{"location":"code-gracely/#_12","title":"\u4e00\u4e9b\u5c0f\u5c0f\u7684\u8bed\u6cd5\u7279\u6027","text":""},{"location":"code-gracely/#c","title":"C","text":"\u521d\u59cb\u5316\u6570\u7ec4\uff0c\u53ef\u4ee5\u8fde\u7eed\u8d4b\u503c
int arr[10] = {\n[0] = 1,\n[1 ... 4] = 2,\n[5 ... 7] = 4,\n};\n\u521d\u59cb\u5316\u7ed3\u6784\u4f53\u6216\u8054\u5408\uff0c\u53ef\u4ee5\u4e00\u8d77\u8d4b\u503c
struct test {\nint a;\nint b;\nint c;\nint d;\n};\n\nint main(\nint argc, char const *argv[]\n)\n{\nstruct test t = {\n.a = 1,\n.b = 2,\n.c = 3,\n.d = 4,\n};\n\nreturn 0;\n}\n\u4e5f\u53ef\u4ee5\u770b\u8fd9\u91cc\u7684\u4ecb\u7ecd
"},{"location":"crawler/#_2","title":"\u52a0\u56fd\u5185\u4ee3\u7406","text":"\u9488\u5bf9\u4e2a\u522b\u7f51\u7ad9\u9501ip\uff0c\u53ef\u4ee5\u8003\u8651\u6574\u4e2a\u4ee3\u7406
import base64\nusername = 'xxxxx'\npasswd = 'xxxxx'\nproxy_ip = 'xxxx.kdltps.com'\nproxy_port = '15818'\n\nmeta = {'proxy': f'http://{proxy_ip}:{proxy_port}'}\ncode = base64.b64encode(f'{username}:{passwd}'.encode()).decode()\n\nheaders = {\n \"Proxy-Authorization\": f\"Basic {code}\", # \u5728headers\u91cc\u8bbe\u7f6e\u4e0b\u4ee3\u7406token\n}\n\ndef start_requests(self):\n yield scrapy.Request(\n headers = headers, # \u8bbe\u7f6e\u4f7f\u7528headers\uff0c\u5305\u542btoken\n meta = meta, # \u8bbe\u7f6e\u4f7f\u7528\u4ee3\u7406\n )\n\u9488\u5bf9\u8bf7\u6c42\u5934Content-Type\u4e3aapplication/json\u7c7b\u578b\uff0cstart_requests\u91cc\u7528Request\uff0c\u6ce8\u660emethod\u548cbody\uff1a
import json\nheaders = {\n \"Content-Type\": \"application/json\",\n \"User-Agent\": \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36\",\n}\n\ndata = json.dumps({\"key\":\"value\"})\n\n# \u7701\u7565\u65e0\u5173\u4fe1\u606f\n\nyield scrapy.Request(\n url=url, \n method='POST', \n headers=headers, \n body=data,\n callback=self.parse, \n meta={'period': t}, \n errback=self.err,\n cb_kwargs={'period': t,'page':0}\n)\n\u9488\u5bf9\u8bf7\u6c42\u5934Content-Type\u4e3aapplication/x-www-form-urlencoded\u7c7b\u578b\uff0cstart_requests\u91cc\u7528FormRequest\uff0c\u6ce8\u660eformdata\uff1a
post_data = {\"key\":\"value\"}\n\n# \u7701\u7565\u65e0\u5173\u4fe1\u606f\n\nyield scrapy.FormRequest(\n url=url,\n formdata=post_data,\n errback=self.err,\n callback = self.parse,\n cookies = cookies,\n cb_kwargs = {'id':'shixian','page':str(page)},\n )\n\u666e\u901a\u8bf7\u6c42\u7528scrapy.Request\u5373\u53ef\u3002
"},{"location":"crawler/#selenium","title":"Selenium","text":"\u722c\u4e45\u4e86\u603b\u4f1a\u7206\u5185\u5b58\uff0c\u4e0d\u77e5\u9053\u5185\u5b58\u6cc4\u9732\u7684bug\u6709\u6ca1\u6709\u4fee\u590d\u3002\u4ee5\u4e0b\u7528\u7684\u662fchrome\u6d4f\u89c8\u5668\uff0c\u9700\u8981\u9884\u5148\u4e0b\u8f7d\u4e0b\u9a71\u52a8
from selenium import webdriver\nfrom selenium.webdriver.common.by import By\nfrom selenium.webdriver.chrome.service import Service\nfrom pathlib import Path\nimport time\nimport json\nimport ast \nimport re\nimport os\nimport yaml\nimport shutil\n\noptions = webdriver.ChromeOptions()\n# options.add_argument('--headless')\n# https://chromedriver.chromium.org/downloads\ns = Service('S:/chromedriver.exe')\noptions.add_experimental_option('excludeSwitches', ['enable-logging'])\ndriver = webdriver.Chrome(service=s,options=options)\ndriver.get('http://www.baidu.com')\ntime.sleep(1)\n\ndef get_current_and_final_page_of_one_book():\n cur = -1\n final = -1\n try:\n pages = driver.find_elements(By.XPATH,'//ul[@class=\"t-pager\"]/li')\n except:\n print('Current page is not found')\n return cur,final\n\n for page in pages:\n if 'active' in page.get_attribute('class'):\n cur = int(page.text)\n if 'number' in page.get_attribute('class'):\n final = int(page.text)\n return cur,final\n\ndef download_one_page_of_a_book(skip,config):\n\"\"\"\u4e00\u9875\u6240\u6709\u6587\u6863\u5168\u90e8\u4e0b\u8f7d\u6210\u529f\u5219\u8fd4\u56deTrue,OK\n \"\"\"\n global CURRENT_PAGE\n global CURRENT_TITLE\n titles = driver.find_elements(By.XPATH,'//div[@class=\"container\"]/div[1]/div[2]/div[2]/table/tbody/tr/td[1]')\n icons = driver.find_elements(By.XPATH,'//div[@class=\"container\"]/div[1]/div[2]/div[2]/table/tbody/tr/td[4]')\n jscode = 'document.location = '+'\"'+config['url']+'\"'\n driver.execute_script(jscode)\n for title,svgs in zip(titles,icons):\n svgs = svgs.find_elements(By.XPATH,'.//*[name()=\"svg\"]')\n print(f'Current title: {title.text}, skip: {skip}, CURRENT_TITLE: {CURRENT_TITLE}')\n if CURRENT_TITLE is not None and skip and title.text != CURRENT_TITLE:\n continue\n skip = False\n for svg in svgs:\n # if visible \n if svg.get_attribute('style') == 'display: inline-block;':\n svg.click()\n time.sleep(7)\n cls = driver.window_handles\n if len(cls) > 1:\n time.sleep(20)\n ok = archive_file(title.text,config)\n if not ok:\n print(f'Failed to download {title.text}')\n while len(cls) > 1:\n driver.switch_to.window(cls[1])\n driver.close()\n driver.switch_to.window(cls[0])\n cls = driver.window_handles\n return (False, title.text)\n cls = driver.window_handles\n driver.switch_to.window(cls[0])\n CURRENT_TITLE = None\n CURRENT_PAGE += 1\n return (True, 'OK')\n\n# load yaml\nwith open(target_yml,'r',encoding='utf8') as f:\n SETTINGS = yaml.load(f,Loader=yaml.FullLoader)\n# dump yaml\nwith open(target_yml,'w',encoding='utf8') as f:\n yaml.dump(SETTINGS,f,allow_unicode=True)\n\ndriver.close()\ndriver.quit()\n\u6216\u8005\u8bbe\u7f6e\u4e00\u4e2ahelper\u7a0b\u5e8f\uff0c\u53cd\u590d\u542f\u52a8selenium\uff1a
import subprocess\nimport time\nimport datetime\nimport sys\ncmd = 'python ./main.py'\nop = 0\nwhile True:\n if op >= 200:\n print('failed 200 times!')\n break\n p = subprocess.Popen(cmd.split(), stdout=sys.stdout, stderr=sys.stderr)\n print('new round at', datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'),f'op = {op}')\n op += 1\n\n time.sleep(30)\n if p.poll() == 0:\n break\n p.wait()\n\u6309\u7167https://docs.docker.com/engine/install/ubuntu/\u7684\u8bf4\u660e\u5b89\u88c5\u5373\u53ef
"},{"location":"docker/#_1","title":"\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e","text":"\u9ed8\u8ba4\u4f7f\u7528\u7684\u4f4d\u7f6e\u662f/var/lib/docker\uff0c\u5728\u6839\u76ee\u5f55\u4e0b\u5bb9\u6613\u5360\u6ee1\u3002\u53ef\u4ee5\u901a\u8fc7\u4fee\u6539\u914d\u7f6e\u6587\u4ef6/lib/systemd/system/docker.service\u7684-g\u53c2\u6570\u6765\u6307\u5b9a\u4f4d\u7f6e\u3002\u53ef\u4ee5\u901a\u8fc7docker info\u67e5\u770b\u4fdd\u5b58\u7684\u4f4d\u7f6eDocker Root Dir\u3002
\u914d\u7f6e\u6587\u4ef6\u53ef\u4ee5\u901a\u8fc7systemctl status docker\u5e76\u67e5\u770bLoad\u4f7f\u7528\u7684\u914d\u7f6e\u6587\u4ef6\u662f\u54ea\u4e2a\u3002
\u53e6\u4e00\u79cd\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e\u7684\u65b9\u6cd5\uff1a\u4fee\u6539/etc/docker/daemon.json\uff0c\u8bbe\u7f6e\u4e3a
{\n\"data-root\": \"/home/docker\"\n}\n\u968f\u540e\u91cd\u8f7d\u4e00\u4e0b\u914d\u7f6e\uff1a
sudo cp -r /var/lib/docker /home/docker\nsudo systemctl daemon-reload\nsudo systemctl restart docker\nsudo systemctl status docker\n\u4f1a\u5728\u5bb9\u5668\u4e2d\u521b\u5efa\u76ee\u5f55\uff0c\u6620\u5c04\u5bbf\u4e3b\u673a\u76ee\u5f55\u3002\u5bbf\u4e3b\u673a\u7684\u76ee\u5f55\u548c\u5bb9\u5668\u76ee\u5f55\u5185\u5bb9\u662f\u4e00\u6837\u7684\uff0c\u4fee\u6539\u4e00\u65b9\uff0c\u53e6\u4e00\u65b9\u968f\u4e4b\u6539\u53d8
docker run -it --name=<container_name> --user=<user_id>:<group_id> --hostname=xxxx --workdir=xxxx -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro --mount type=bind,source=<\u5bbf\u4e3b\u673a\u76ee\u5f55>,target=<\u5bb9\u5668\u76ee\u5f55> <\u955c\u50cf\u540d>:<tag> /bin/bash\n\u6ce8\u610f\u8fd9\u6837\u521b\u5efa\u7684\u7528\u6237\u6ca1\u6709root\u6743\u9650\u3002\u5982\u679c\u9700\u8981\uff0c\u5219\u4e0d\u4f7f\u7528user\u53c2\u6570\uff0c\u4f46\u5b58\u5728\u5bb9\u5668\u521b\u5efa\u6587\u4ef6\u662froot\uff0c\u5bbf\u4e3b\u673a\u65e0\u6cd5\u4fee\u6539\u7684\u95ee\u9898\u3002
\u4e00\u4e2a\u4e0d\u592a\u806a\u660e\u7684\u89e3\u51b3\u65b9\u6cd5\u662fuser_id\u8bbe\u6210root\u76840\uff0cgroup_id\u8bbe\u6210\u666e\u901a\u7528\u6237\uff0c\u7136\u540e\u5728\u5bb9\u5668\u91cc\u7ed9root\u7684.bashrc\u52a0\u4e00\u884cumask 0002\u3002\u5c31\u662f\u8bf4\u8ba9\u7528\u6237\u7ec4\u4e5f\u80fd\u4fee\u6539\u6587\u4ef6\u4e86\u3002
\u4e00\u4e9b\u5176\u4ed6\u7684\u529e\u6cd5\uff1adocker exec -u\u597d\u50cf\u53ef\u4ee5\u6307\u5b9a\u542f\u52a8\u5bb9\u5668\u65f6\u7684\u7528\u6237\uff0c\u4e0d\u77e5\u9053\u6709\u4ec0\u4e48\u7528\uff0c\u53ef\u4ee5\u8bd5\u8bd5\uff1b\u6216\u8005root\u8fdb\u53bb\u4ee5\u540e\u628a\u666e\u901a\u7528\u6237\u52a0\u5230sudoers\u91cc
apt-get update\u66f4\u65b0\u4e00\u4e0blist\uff0c\u7136\u540e\u624d\u80fd\u4f7f\u7528apt-get\u4e0b\u8f7d\u5176\u4ed6\u5305\u3002\u4e00\u4e9b\u5e38\u7528\u7684\u5305\uff1aapt-get install build-essential
\u8fde\u6309Ctrl+P\u3001Ctrl+Q\u9000\u51fa\u5bb9\u5668\u3002\u5426\u5219\u7b80\u5355\u9000\u51fa\u540e\u5bb9\u5668\u5c31stop\u4e86\uff0c\u4e0b\u6b21exec\u7684\u65f6\u5019\u8fd8\u8981restart\uff0c\u751a\u81f3\u8fd8\u4f1a\u51fa\u73b0restart\u81ea\u52a8\u53c8stop\u7684\u60c5\u51b5
"},{"location":"docker/#_5","title":"\u8fdb\u5165\u5df2\u6709\u7684\u5bb9\u5668","text":"docker exec -it <\u5bb9\u5668id> /bin/bash\n\u53ef\u4ee5Ctrl+D\u9000\u51fa
"},{"location":"envs/","title":"\u73af\u5883\u914d\u7f6e","text":""},{"location":"envs/#_2","title":"\u66f4\u65b0\u57fa\u672c\u73af\u5883","text":"sudo apt update\nsudo apt install curl build-essential gcc make -y\ncurl --proto '=https' --tlsv1.3 -sSf https://sh.rustup.rs | sh\nrustup update\n\u56fd\u5185\u4f7f\u7528\u65f6crates.io\u53ef\u80fd\u767b\u4e0d\u4e0a\uff0c\u8bd5\u8bd5\u4fee\u6539\u5b89\u88c5\u76ee\u5f55\u4e0b\u7684config\u6587\u4ef6(\u6bd4\u5982$HOME/.cargo/config)
[source.crates-io]\nregistry = \"https://github.com/rust-lang/crates.io-index\"\n\n# \u66ff\u6362\u6210\u4f60\u504f\u597d\u7684\u955c\u50cf\u6e90\n#replace-with = 'sjtu'\n#replace-with = 'ustc'\n#replace-with = 'tuna'\n#replace-with = 'rustcc'\n\n# \u6e05\u534e\u5927\u5b66\n[source.tuna]\nregistry = \"https://mirrors.tuna.tsinghua.edu.cn/git/crates.io-index.git\"\n\n# \u4e2d\u56fd\u79d1\u5b66\u6280\u672f\u5927\u5b66\n[source.ustc]\nregistry = \"git://mirrors.ustc.edu.cn/crates.io-index\"\n\n# \u4e0a\u6d77\u4ea4\u901a\u5927\u5b66\n[source.sjtu]\nregistry = \"https://mirrors.sjtug.sjtu.edu.cn/git/crates.io-index\"\n\n# rustcc\u793e\u533a\n[source.rustcc]\nregistry = \"git://crates.rustcc.cn/crates.io-index\"\n\n[source.rustcchttp]\nregistry = \"https://code.aliyun.com/rustcc/crates.io-index.git\"\ngo env -w GOPROXY=https://goproxy.cn\nsudo apt install zsh\ncurl\u548cwget\u4e8c\u9009\u4e00
sh -c \"$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)\"\nsh -c \"$(wget https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh -O -)\"\n\u9700\u8981\u6839\u636e\u672c\u5730\u5b9e\u9645\u7684\u60c5\u51b5\u4fee\u6539\u76ee\u6807ip\u548c\u7aef\u53e3
git config --global http.https://github.com.proxy http://xxx.xxx.xxx.xxx:xxx\nsudo apt-get install linux-tools-`uname -r`\nevel `ssh-agent`\nssh-add <\u79c1\u94a5\u6587\u4ef6>\n\u4f7f\u7528chocolatey\u5305\u7ba1\u7406\u5668\u3002\u6309https://chocolatey.org/install#individual\u7684\u8bf4\u660e\u5373\u53ef\uff0c\u6700\u540echoco install make
\u8986\u76d6\u7387\u6307\u5f15\u7684\u6a21\u7cca\u6d4b\u8bd5\u65b9\u6cd5\u83b7\u5f97\u8986\u76d6\u7387\u7684\u56db\u79cd\u8ffd\u8e2a\u65b9\u5f0f[^1]\uff1a
\u4fb5\u5165\u5f0f\u4e0e\u975e\u4fb5\u5165\u5f0f\u8ffd\u8e2a[^2]\uff1a
Traces can be generated by trace code that is executed within tasks and/or interrupt service routines, just like application code that is executed on the same CPU. This is the most flexible approach, as both the content and the amount of trace information output can be defined in software. However, this tracing method comes with a significant drawback: It uses resources that are shared with the application software, hence tracing may significantly reduce the amount of memory available for the applications, increase the gross execution times of the applications and, in the case of real-time systems, impair functionality. This is why it is called intrusive tracing.
The most common case is that adding trace code is detrimental to the functionality of the applications in real-time systems because the resource requirements for intrusive tracing have been underestimated in the early stages of the project, such that tracing would eventually eat up resources that are required by the application. Therefore, the resource requirements for tracing must be properly considered throughout the whole development lifecycle. Removing trace code from real-time systems may also cause functional issues, typically just before the final production software release. This is the worst case, as trace information is no longer available in this scenario.
Non-intrusive tracing does not change the intrinsic timing behavior of the system under test. This approach simplifies the software development process a lot and requires dedicated hardware support for tracing. External trace probes connected to the target system, in conjunction with on-chip debug modules, capture code execution on instruction level, memory accesses and other events on the target processor. This approach is the best option when it comes to debugging the code execution down to the instruction level. The PCB design of the device under test must provide the connectors required by the external probe.
Another option for non-intrusive tracing is on-chip tracing, where most of the trace hardware is packed into the same chip that also contains the CPU that executes the application code. Non-intrusive tracing can, however, be restricted by limitations of the respective trace module or probe, such as buffer sizes, bus bandwidth or the size of an external probe.
Due to cost savings (no expensive third-party trace hardware required), reduced footprint (very small connectors instead of larger probe connectors), and limited trace bandwidth requirements, the on-chip tracing method is the preferred approach for generating the trace data required for in-depth timing analysis on task, runnable and ISR level. On-chip tracing is a suitable tracing method for devices under test with form factors very close to the final volume production devices.
"},{"location":"fuzzing/#_2","title":"\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5","text":"\u7f51\u7edc\u534f\u8bae\u7684\u7279\u70b9\u662f\u4e00\u822c\u6709\u660e\u786e\u7684\u72b6\u6001\u4fe1\u606f\uff0c\u76f8\u540c\u7684input\u5728\u4e0d\u540c\u7684\u72b6\u6001\u53ef\u80fd\u5f97\u5230\u4e0d\u540c\u7684output\u3002\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5\u4e00\u822c\u5177\u6709stateful\u7684\u7279\u70b9\u3002\u8fd9\u7c7b\u6a21\u7cca\u6d4b\u8bd5\u6709\u51e0\u4e2a\u96be\u70b9\uff1a 1. \u751f\u6210\u683c\u5f0f\u6b63\u786e\u7684\u4fe1\u606f\uff0c\u6ee1\u8db3\u5bf9\u7279\u5b9a\u72b6\u6001\u7684fuzz 2. \u6269\u5c55\u5230\u4e0d\u540c\u7684\u534f\u8bae\u4e2d 3. \u6d4b\u8bd5\u6837\u4f8b\u6709\u6548\u6027\uff0c\u9700\u8981\u901a\u8fc7\u683c\u5f0f\u6821\u9a8c\u6bd4\u5982\u957f\u5ea6\u3001\u534f\u8bae\u8ba4\u8bc1\u3001\u6821\u9a8c\u548c\u7b49
"},{"location":"fuzzing/#aflnet","title":"AFLNET","text":"\u9996\u6b21\u63d0\u51fa\u9488\u5bf9\u6709\u72b6\u6001\u534f\u8bae\u7684\u7070\u76d2\u6a21\u7cca\u6d4b\u8bd5\u3002AFLNET\u4ece\u54cd\u5e94\u4fe1\u606f\u4e2d\u63d0\u53d6\u54cd\u5e94\u7801\u6765\u8868\u793a\u72b6\u6001\u4fe1\u606f\uff0c\u5e76\u7528\u54cd\u5e94\u7801\u5e8f\u5217\u6765\u63a8\u65ad\u534f\u8bae\u5b9e\u73b0\u7684\u72b6\u6001\u6a21\u578b\uff0c\u5e76\u8fdb\u4e00\u6b65\u4f7f\u7528\u8fd9\u4e00\u6a21\u578b\u6765\u6307\u5bfcfuzz\u3002
\u4e00\u4e9b\u4e0d\u8db3\uff1a 1. \u72b6\u6001\u8868\u793a\u80fd\u529b\uff1aAFLNET\u8981\u6c42\u54cd\u5e94\u4fe1\u606f\u4e2d\u5305\u542b\u72b6\u6001\u7801\uff0c\u8fd9\u5e76\u4e0d\u662f\u534f\u8bae\u5fc5\u987b\u5b9e\u73b0\u7684\u3002\u800c\u4e14\u72b6\u6001\u7801\u8868\u793a\u80fd\u529b\u6709\u9650\uff0c\u4e14\u53ef\u80fd\u4ea7\u751f\u5197\u4f59\u72b6\u6001\u3002 2. \u6d4b\u8bd5\u6548\u7387\uff1a\u6ca1\u6709\u660e\u786e\u7684\u4fe1\u53f7\u53cd\u6620\u5f85\u6d4b\u7a0b\u5e8f\u662f\u5426\u5904\u7406\u5b8c\u6d88\u606f\uff0c\u56e0\u6b64\u8bbe\u7f6e\u56fa\u5b9a\u7684\u8ba1\u65f6\u5668\u6765\u63a7\u5236\u6d88\u606f\u53d1\u9001\uff0c\u65f6\u95f4\u7a97\u53e3\u53ef\u80fd\u8fc7\u5c0f\u6216\u8fc7\u5927\u3002
"},{"location":"fuzzing/#stateafl","title":"STATEAFL","text":"\u4f7f\u7528\u7a0b\u5e8f\u5185\u5b58\u72b6\u6001\u6765\u8868\u793a\u670d\u52a1\u72b6\u6001\uff0c\u901a\u8fc7\u5bf9\u88ab\u6d4b\u7a0b\u5e8f\u63d2\u6869\u6765\u6536\u96c6\u72b6\u6001\u4fe1\u606f\u5e76\u63a8\u6d4b\u72b6\u6001\u6a21\u578b\u3002\u5728\u6bcf\u4e00\u8f6e\u7f51\u7edc\u4ea4\u4e92\u4e2d\uff0cSTATEAFL\u5c06\u7a0b\u5e8f\u53d8\u91cf\u503c\u8f6c\u50a8\u7ed9\u5206\u6790\u961f\u5217\uff0c\u5e76\u8fdb\u884cpost-execution\u7684\u5206\u6790\uff0c\u6765\u66f4\u65b0\u72b6\u6001\u6a21\u578b\u3002
\u4e00\u4e9b\u4e0d\u8db3\uff1a 1. \u9762\u5bf9\u548cAFLNET\u76f8\u540c\u7684\u6d4b\u8bd5\u6548\u7387\u95ee\u9898\uff0c\u800c\u4e14\u56e0\u4e3a\u540e\u6267\u884c\u5206\u6790\uff0c\u4ea7\u751f\u989d\u5916\u7684\u5f00\u9500\uff0c\u4f1a\u964d\u4f4e\u6d4b\u8bd5\u541e\u5410\u91cf\u3002
"},{"location":"fuzzing/#nsfuzz","title":"NSFuzz","text":"\u4f7f\u7528\u57fa\u4e8e\u53d8\u91cf\u7684\u72b6\u6001\u8868\u793a\u65b9\u6cd5\u63a8\u65ad\u72b6\u6001\u6a21\u578b\u6765\u6307\u5bfc\u6a21\u7cca\u6d4b\u8bd5\uff0c\u4f7f\u7528\u57fa\u4e8e\u7f51\u7edc\u4e8b\u4ef6\u5faa\u73af\u7684\u540c\u6b65\u673a\u5236\u6765\u63d0\u9ad8\u541e\u5410\u91cf\u3002
\u542f\u53d1\u5f0f\u7684\u53d8\u91cf\u5224\u65ad\u65b9\u6cd5\uff1a\u9759\u6001\u5206\u6790\u4e2d\u53ea\u5728\u4e8b\u4ef6\u5faa\u73af\u4ee3\u7801\u4e2d\u5206\u8fa8\u72b6\u6001\u53d8\u91cf\uff0c\u4e14\u5173\u6ce8\u88ab\u8bfb\u4e0e\u5199\u3001\u88ab\u8d4b\u4e88\u679a\u4e3e\u7c7b\u578b\u7684\u6570\u636e\u6216\u662f\u6570\u636e\u7ed3\u6784\u4f53\u91cc\u7684\u6574\u578b\u6210\u5458\u3002
\u8868\u793a\u72b6\u6001\u7684\u65b9\u6cd5\uff1a\u4f7f\u7528\u4e24\u6761\u8bed\u53e5\u7ef4\u62a4shared_state\u6570\u7ec4\uff0c\u5f53\u72b6\u6001\u53d8\u91cf\u503c\u88ab\u66f4\u65b0\u65f6\u540c\u6b65\u66f4\u65b0shared_state\uff1b\u5f53fuzzer\u5728\u901a\u4fe1\u7ba1\u9053\u6536\u5230\u6d88\u606f\u5904\u7406\u7ed3\u679c\u65f6\uff0c\u5bf9\u8fd9\u4e2a\u6570\u7ec4\u8fdb\u884chash\uff0c\u4f5c\u4e3a\u5f53\u524d\u7a0b\u5e8f\u6240\u5904\u7684state\u3002
shared_state[hash(var_id) ^ cur_store_val] = 1;\nshared_state[hash(var_id) ^ pre_store_val] = 0;\n\u63d0\u51fa\u591a\u9636\u6bb5\u4fe1\u606f\u751f\u6210\u65b9\u6cd5\u6765\u5bf9IoT\u56fa\u4ef6\u4e2d\u7684\u6709\u72b6\u6001\u7f51\u7edc\u534f\u8bae\u8fdb\u884cfuzz\u3002\u5206\u4e3a\u5bf9\u5df2\u77e5\u72b6\u6001\u7684\u6a21\u7cca\u6d4b\u8bd5\u4e0e\u672a\u77e5\u72b6\u6001\u7684\u63a2\u7d22\u3002\u57fa\u4e8e\u6574\u6570\u53d8\u5f02\u7684\u65b9\u6cd5\u6539\u53d8\u5305\u7c7b\u578b\uff0c\u5e76\u5bf9\u5305\u683c\u5f0f\uff08\u6bd4\u5982\u957f\u5ea6\u3001\u6821\u9a8c\u548c\uff09\u505a\u68c0\u67e5\u7b49\u3002
"},{"location":"fuzzing/#_3","title":"\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5","text":"\u63a7\u5236\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5\u4fa7\u91cd\u7a0b\u5e8f\u64cd\u4f5c\u7684\u6267\u884c\u987a\u5e8f\uff08\u6bd4\u5982\u5206\u652f\u4e0e\u5faa\u73af\uff09\uff0c\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5\u4fa7\u91cd\u53d8\u91cf\u5982\u4f55\u5b9a\u4e49\u4e0e\u4f7f\u7528\u3002\u53d8\u91cf\u7684\u5b9a\u4e49\u4e0e\u4f7f\u7528\u4f4d\u7f6e\u53ef\u4ee5\u4e0d\u5b58\u5728\u63a7\u5236\u4e0a\u7684\u4f9d\u8d56\u5173\u7cfb\u3002\u5728\u6a21\u7cca\u6d4b\u8bd5\u4e2d\uff0c\u6570\u636e\u6d41\u4e3b\u8981\u4f7f\u7528\u52a8\u6001\u6c61\u70b9\u5206\u6790\uff08DTA\uff09\u6280\u672f\uff0c\u5373\u5c06\u76ee\u6807\u7a0b\u5e8f\u7684\u8f93\u5165\u6570\u636e\u5728\u5b9a\u4e49\u5904\u89c6\u4e3a\u6c61\u70b9\uff0c\u5e76\u5728\u8fd0\u884c\u65f6\u8ffd\u8e2a\u5b83\u662f\u5982\u4f55\u88ab\u8bbf\u95ee\u4e0e\u4f7f\u7528\u7684\u3002
\u5728\u5b9e\u8df5\u4e2d\uff0c\u96be\u4ee5\u505a\u5230\u51c6\u786e\u7684DTA\uff0c\u5f00\u9500\u4f1a\u5f88\u5927\u3002\u5e76\u4e14\u90e8\u5206\u771f\u5b9e\u7a0b\u5e8f\u65e0\u6cd5\u5728\u5e94\u7528DTA\u6280\u672f\u7684\u60c5\u51b5\u4e0b\u6210\u529f\u7f16\u8bd1\u3002\u56e0\u6b64\u5927\u90e8\u5206\u7070\u76d2\u6a21\u7cca\u6d4b\u8bd5\u4e0d\u4f7f\u7528DTA\uff0c\u4ee5\u671f\u83b7\u5f97\u66f4\u9ad8\u7684\u541e\u5410\u91cf\u3002
\u6709\u4e00\u4e9b\u8f7b\u91cf\u7ea7\u7684DTA\u4ee3\u66ff\u65b9\u6848\uff08\u6bd4\u5982REDQUEUE\u3001GREYONE\uff09\uff0c\u800c\u57fa\u4e8e\u63a7\u5236\u6d41\u4e0e\u6570\u636e\u6d41\u7684\u6a21\u7cca\u6d4b\u8bd5\u5668\u7684\u8986\u76d6\u7387\u6307\u6807\u8fd8\u6ca1\u6709\u88ab\u5b8c\u5168\u63a2\u7d22\u3002
"},{"location":"fuzzing/#dataflow","title":"DATAFLOW","text":"\u6e90\u7801
\u5728\u7a0b\u5e8f\u6267\u884c\u65f6\u5e76\u884c\u4f7f\u7528\u6570\u636e\u6d41\u5206\u6790\u6765\u6307\u5bfc\u6a21\u7cca\u6d4b\u8bd5\uff0c\u4f7f\u7528\u4e0d\u7cbe\u786e\u7684\u63a8\u65ad\u6765\u964d\u4f4e\u5f00\u9500\u5e76\u63d0\u9ad8\u541e\u5410\u91cf\u3002\u5bf9\u6570\u636e\u6d41\u6709\u6548\u6027\u8fdb\u884c\u4e86\u7b80\u5355\u7684\u8bc4\u4f30\uff0c\u8ba4\u4e3a\u5bf9\u5927\u90e8\u5206\u6d4b\u8bd5\u76ee\u6807\u800c\u8a00\uff0c\u6570\u636e\u6d41\u5e76\u4e0d\u6bd4\u63a7\u5236\u6d41\u4f18\u8d8a\uff0c\u4f46\u662f\u5728\u90e8\u5206\u7279\u5b9a\u573a\u666f\uff08\u6bd4\u5982\u63a7\u5236\u6d41\u548c\u8bed\u4e49\u89e3\u8026\uff0c\u5982parser\uff09\u4e0b\uff0c\u6570\u636e\u6d41\u53ef\u80fd\u4f1a\u6709\u7528\u3002
[^1]: FUZZING WITH PERFORMANCE MONITORING AND TRACING HARDWARE [^2]: Intrusive v.s. non-intrusive tracing
"},{"location":"git/","title":"Git\u5b66\u4e60\u7b14\u8bb0","text":""},{"location":"git/#github","title":"\u5c06\u672c\u5730\u5df2\u6709\u4ed3\u5e93\u63a8\u9001\u81f3Github\u7684\u65b0\u5efa\u4ed3\u5e93\u4e2d","text":"\u9ed8\u8ba4\u4ee5\u4e0b\u6761\u4ef6\u5747\u6210\u7acb\uff1a
git init +git add . +git commit -m \"comments\")\u672c\u5730\u4ed3\u5e93\u4e3aclean\u72b6\u6001\uff08\u4f7f\u7528git status\u67e5\u770b\uff09
\u8fdb\u5165\u672c\u5730git\u4ed3\u5e93\uff0c\u4f7f\u7528git remote add origin git@github.com:xxx(\u4ed3\u5e93\u7f51\u7ad9\u6bd4\u5982github\u63d0\u4f9b\u7684ssh\u5730\u5740)
git push -u origin master\u5411\u8fdc\u7a0b\u4ed3\u5e93\u63d0\u4ea4\u4ee3\u7801\uff08\u540e\u6765\u542c\u8bf4github\u9ed8\u8ba4\u540d\u6539\u6210main\u4e86\uff1f\uff09\u5f3a\u5236\u63a8\u9001\u53ef\u4ee5\u518d\u52a0\u4e2a--force\u53c2\u6570
\u521d\u6b21\u5411github\u63d0\u4ea4\u4ee3\u7801\u524d\uff0c\u5728\u672c\u5730\u5de5\u4f5c\u76ee\u5f55\u4e0b\u521b\u5efa.gitignore\u6587\u4ef6\uff0c\u91cc\u9762\u76f4\u63a5\u5199\u4e0a\u4e0d\u60f3\u8ffd\u8e2a\u7684\u6587\u4ef6\u540d\u548c\u6587\u4ef6\u5939\u540d\u5373\u53ef\u3002\uff08\u6587\u4ef6\u540d\u4e0d\u9700\u8981\u8865\u5168\u8def\u5f84\uff09
"},{"location":"git/#add","title":"\u64a4\u56deadd","text":"\u4f7f\u7528git add .\u53ef\u4ee5\u76f4\u63a5\u628a\u5f53\u524d\u76ee\u5f55\u90fdadd\u8fdb\u6682\u5b58\u533a\uff0c\u5bf9\u4e8e\u4e0d\u614e\u6dfb\u52a0\u7684\u5185\u5bb9\u53ef\u4ee5\u4f7f\u7528git rm --cached <file>\u6765\u64a4\u56deadd\u3002\u53ef\u4ee5\u4f7f\u7528git rm -r --cached .\u6765\u64a4\u56degit add . \u3002\uff08\u4f7f\u7528git status\u53ef\u4ee5\u67e5\u770b\u6682\u5b58\u533a\uff0c\u91cc\u9762\u4e5f\u6709\u63d0\u793a\u600e\u4e48\u64a4\u56de\uff09
git config --global user.name \"<yourname>\"\u8bbe\u7f6e\u7528\u6237\u540dgit config --global user.email \"<email>\"\u8bbe\u7f6e\u90ae\u7bb1ssh-keygen -t rsa -C \"<comments>\"\u751f\u6210\u5bc6\u94a5\u5bf9\uff0c\u7136\u540e\u4e00\u8def\u56de\u8f66\u76f4\u5230\u751f\u6210\u7ed3\u675f\uff08\u4e5f\u53ef\u4ee5\u63d0\u793a\u6dfb\u52a0passwd phrase\uff0c\u8fd9\u6837\u7684\u8bdd\u5982\u679c\u4f7f\u7528ssh-add\u6dfb\u52a0\u65f6\u4f1a\u8981\u6c42\u8f93\u5165\u8fd9\u4e2a\u5bc6\u7801\u9632\u6b62\u88ab\u522b\u4eba\u6ee5\u7528\u3002\u6ce8\u610f\u76f8\u540c\u7684passwd phrase\u4e0d\u4f1a\u751f\u6210\u76f8\u540c\u7684\u5bc6\u94a5\u5bf9\uff09ed25519\u4f3c\u4e4e\u6bd4\u9ed8\u8ba4\u7684rsa\u66f4\u5b89\u5168\u3001\u8ba1\u7b97\u66f4\u5feb\u3001\u5bc6\u94a5\u66f4\u77ed\uff0c\u53ef\u4ee5\u4f7f\u7528
\u6709\u65f6\u9700\u8981\u6307\u5b9a\u5bc6\u94a5\uff0c\u6bd4\u5982\u4e0d\u4f7f\u7528\u9ed8\u8ba4\u7684\u5bc6\u94a5\u6587\u4ef6\u540d\u3002\u6b64\u65f6\u53ef\u4ee5\u5148eval $(ssh-agent -s)\u542f\u7528agent\uff0c\u7136\u540essh-add <private keyfile> \u6765\u6dfb\u52a0\u5bc6\u94a5\u3002ssh-add -l\u53ef\u4ee5\u67e5\u770b\u6dfb\u52a0\u7684\u5bc6\u94a5\u3002
\u6216\u8005\u53ef\u4ee5\u628a\u5bc6\u94a5\u5728~/.ssh/config\u6587\u4ef6\u91cc\u6307\u5b9a\u4e00\u4e0b\uff0c\u5c31\u53ef\u4ee5\u7701\u53bbssh-agent\u7684\u64cd\u4f5c\uff0c\u6bd4\u5982
Host github.com\n HostName github.com\n IdentityFile ~/.ssh/id_ed25519_user_github\n\u6709\u7684\u65f6\u5019git\u8fdb\u884cpush\u5230\u79c1\u4ed3\u65f6\u4f1a\u51fa\u73b0\u5361\u673a\u7684\u95ee\u9898\uff0c\u4e0d\u786e\u5b9a\u662f\u4ec0\u4e48\u539f\u56e0\uff0c\u5982\u679cremote repo\u4f7f\u7528\u7684\u662fgit@xxx\u7684url\u7684\u8bdd\uff0c\u53ef\u4ee5\u8bd5\u8bd5\u6539\u6210https\u7684\u94fe\u63a5\uff1b\u8fd8\u4e0d\u884c\u7684\u8bdd\u53ef\u4ee5\u8bd5\u8bd5git config\u7684proxy\uff0c\u8bbe\u7f6e\u6216\u6e05\u7a7a\u3002
"},{"location":"git/#_1","title":"\u653e\u5f03\u5bf9\u6587\u4ef6\u7684\u8ddf\u8e2a","text":"\u4e0e\u4ed6\u4eba\u5408\u4f5c\u9879\u76ee\u65f6\uff0c\u6709\u65f6\u9700\u8981\u505a\u4e00\u4e9b\u672c\u5730\u9002\u914d\uff0c\u4f46\u662f\u4e0d\u60f3\u59a8\u788d\u5176\u4ed6\u4eba\uff0c\u53ef\u4ee5\u6dfb\u52a0\u5230.gitignore\u3002\u4f46\u5bf9\u4e8e\u5df2\u7ecf\u5904\u4e8e\u8ddf\u8e2a\u72b6\u6001\u7684\u6587\u4ef6\u6765\u8bf4\u540e\u6dfb\u8fdb.gitignore\u662f\u65e0\u6548\u7684\u3002\u56e0\u6b64\u53ef\u4ee5\u5148\u5c06\u6587\u4ef6\u79fb\u51fa\u8ddf\u8e2a\u6001\uff0c\u7136\u540e\u518d\u52a0\u8fdb.gitignore\u91cc\u3002\u5982\u4e0b\uff1agit rm -r --cached <file/dir>\u5176\u4e2d-r\u8868\u793a\u9012\u5f52\u3002\u4e5f\u53ef\u4ee5\u52a0-n\u8868\u793a\u4f2a\u653e\u5f03\u8ddf\u8e2a\uff08\u7528\u4e8e\u9884\u89c8\u4f1a\u653e\u5f03\u5bf9\u54ea\u4e9b\u6587\u4ef6\u7684\u8ffd\u8e2a\uff09
\u6709\u7684\u65f6\u5019\u4ece\u5b98\u65b9\u4ed3\u5e93git clone\u4e0b\u4ee3\u7801\uff0c\u672c\u5730\u62f7\u8d1d\u4e00\u4efd\u3001\u5404\u79cd\u9b54\u6539\u5e76\u4e0a\u4f20\u5230\u81ea\u5df1\u7684\u79c1\u4ed3\u3002\u53c8\u7531\u4e8ewindows\u3001linux\u73af\u5883\u4e0d\u540c\uff0c\u60f3\u628a\u539f\u6765\u7684\u4ee3\u7801\u66f4\u65b0\u6210\u81ea\u5df1\u7684\u79c1\u4ed3\uff0c\u6240\u4ee5\u9700\u8981\u6362\u4e00\u4e0b\u8fdc\u7a0b\u4ed3\u5e93\u3002
git remote rm <remote repo name>git remote add <remote repo name> <repo url>\u597d\u50cf\u4e5f\u53ef\u4ee5\u76f4\u63a5\u66f4\u6362\u8fdc\u7a0b\u4ed3\u5e93\uff1agit remote set-url <remote repro name> <repo url>
\u8fd9\u91cc\u7684<remote repo name>\u662f\u81ea\u5df1\u53d6\u7684\u4ed3\u5e93\u540d\uff0c\u4e4b\u540e\u7684\u64cd\u4f5c\u53ef\u4ee5\u7528\u5b83\u6765\u6307\u5b9a\u5bf9\u8c61\u3002\u53ef\u4ee5\u968f\u4fbf\u53d6\uff0c\u6bd4\u5982\u5e38\u89c1\u7684origin\u3002
\u6709\u7684\u65f6\u5019\u4e00\u4e2a\u4ee3\u7801\u4ed3\u5e93\u62ff\u5176\u4ed6\u4ed3\u5e93\u6765\u5f53\u505a\u5b50\u6a21\u5757\uff0c\u5728github\u4e0a\u8fd9\u4e9b\u6a21\u5757\u662f\u56fe\u4e2d\u7684\u8868\u793a\u5f62\u5f0f\u3002git\u4ed3\u5e93\u91cc\u4e5f\u4f1a\u6709.gitmodules\u6587\u4ef6\u6765\u8bf4\u660e\u8fd9\u4e9b\u5b50\u6a21\u5757\u3002\u5f53clone\u4e3b\u4ed3\u5e93\u65f6\uff0c\u8fd9\u4e9b\u5b50\u6a21\u5757\u4e0d\u4f1a\u8ddf\u7740\u4e0b\u8f7d\u4e0b\u6765\u3002
\u521d\u6b21\u90e8\u7f72\u65f6\uff0c\u5728\u4e3b\u4ed3\u5e93\u76ee\u5f55\u4e0b\u91cc\u4f7f\u7528git submodule update --init --recursive\u6765\u4ece.gitmodules\u5b57clone\u5b50\u6a21\u5757\u3002
\u5982\u679c\u5b50\u6a21\u5757\u88ab\u522b\u7684\u5f00\u53d1\u8005\u66f4\u65b0\u4e86\uff0c\u53ef\u4ee5\u8fdb\u5230\u5b50\u6a21\u5757\u4e2d\u7136\u540egit pull\u3002
\u5982\u679c\u5e0c\u671b\u6dfb\u52a0\u67d0\u4e2a\u4ed3\u5e93\u4f5c\u4e3a\u5b50\u6a21\u5757\uff0c\u4f7f\u7528git submodule add <repo url>\u6765\u4e0b\u8f7d\u5b50\u6a21\u5757\u5e76\u66f4\u65b0.gitmodules\u6587\u4ef6
\u5982\u679c\u81ea\u5df1\u7684\u9879\u76ee\u7528\u5230\u522b\u7684\u9879\u76ee\uff0c\u9700\u8981\u5bf9\u5176\u4e2d\u4e00\u4e9b\u4ee3\u7801\u8fdb\u884c\u4fee\u6539\uff0c\u800c\u4e0d\u9700\u8981\u628a\u5728\u4e0a\u4f20github\u65f6\u628a\u6574\u4e2a\u9879\u76ee\u5168\u90e8\u653e\u5230\u81ea\u5df1\u7684\u9879\u76ee\u4e0b\uff0c\u53ef\u4ee5\u5148\u7528submodule\u6dfb\u52a0\u5b50\u6a21\u5757\uff0c\u7136\u540e\u76f4\u63a5\u4fee\u6539\u4ee3\u7801\uff0c\u5e76\u5728\u5176\u9879\u76ee\u4e0b\u7528git diff <commit id> > <file.patch>\u751f\u6210\u4e00\u4e2adiff\u6587\u4ef6\u3002\u628adiff\u6587\u4ef6\u653e\u5230\u81ea\u5df1\u7684\u9879\u76ee\u91cc\uff0c\u518d\u4e0a\u4f20\u5230github\u4e0a\u3002\u5176\u4e2dcommit id\u662f\u7b2c\u4e09\u65b9\u9879\u76ee\u7684commit\uff0c\u4e5f\u5c31\u662f\u8fd9\u4e2asubmodule\u4e0b\u8f7d\u65f6\u7684commit id\uff0c\u53ef\u4ee5\u901a\u8fc7git log\u627e\u5230\u3002
\u5982\u679c\u76f4\u63a5\u7528git diff > <file.patch>\uff0c\u4f1a\u8f93\u51fa\u672a\u52a0\u5165\u6682\u5b58\u7684\u4fee\u6539\u548c\u6700\u8fd1\u4e00\u6b21\u6682\u5b58/commit\u7684diff\u6587\u4ef6\u3002
\u5176\u4ed6\u4eba\u4f7f\u7528\u65f6\uff0c\u5c31\u5148\u628a\u7b2c\u4e09\u65b9\u9879\u76ee\u83b7\u53d6\u4e0b\u6765\uff0c\u7136\u540egit apply <file.patch>\u5373\u53ef\u3002\u64a4\u56de\u8865\u4e01\u4f7f\u7528git apply -R <file.patch>
\u6700\u8fd1\u5728\u8dd1fuzzer\uff0c\u5408\u4f5c\u65f6\u6709\u65f6\u9700\u8981\u5207\u6362\u4e0d\u540c\u7684\u6d4b\u8bd5\u76ee\u6807\uff0c\u6bcf\u4e2a\u6d4b\u8bd5\u76ee\u6807\u90fd\u6709\u81ea\u5df1\u7684\u4e00\u5927\u5806\u914d\u5957\u8bbe\u7f6e\u3002\u5927\u5bb6\u90fd\u5728\u4e3b\u5206\u652f\u5220\u6539\u592a\u9ebb\u70e6\u800c\u4e14\u5f88\u4e71\uff0c\u6240\u4ee5\u9700\u8981\u9488\u5bf9\u6bcf\u4e2a\u6d4b\u8bd5\u76ee\u6807\u8bbe\u7f6e\u4e0d\u540c\u7684branch\u3002
\u53ef\u4ee5\u4f7f\u7528git branch -a\u67e5\u770b\u6240\u6709\u5206\u652f\u3002\u5176\u4e2d\u524d\u9762\u5e26*\u7684\u662f\u5f53\u524dbranch\u3002
\u65b0\u5efa\u5206\u652f\u65f6\u4f7f\u7528 git checkout -b <branch name> \u76f8\u5f53\u4e8e\u5148git branch <branch name> \u521b\u5efa\u4e86\u4e00\u4e2a\u65b0\u7684\u5206\u652f\uff0c\u7136\u540egit checkout <branch name>\u5207\u6362\u5230\u90a3\u4e2a\u5206\u652f\u3002
\u5728\u65b0\u7684\u5206\u652fcommit\u540e\uff0c\u4f7f\u7528git push -u <remote repo name> <local branch name>:<remote branch name>\u53ef\u4ee5\u5c06\u81ea\u5df1\u7684\u8fd9\u4e2a\u5206\u652f\u63a8\u9001\u5230\u8fdc\u7a0b\u4ed3\u5e93\u3002\u5176\u4e2d\uff1a
-u\u8868\u793a\u8bb0\u4f4f\u5f53\u524d\u8bbe\u5b9a\uff0c\u4e4b\u540e\u5728\u8fd9\u4e00\u5206\u652f\u4e0apush\u65f6\uff0c\u7b80\u5355\u4f7f\u7528git push\u5c31\u4f1a\u63a8\u9001\uff0c\u4e0d\u9700\u8981\u518d\u6572\u8fd9\u4e48\u957f\u4e86\u3002git remote add origin \u8bbe\u5b9a\u7684\u8fdc\u7a0b\u4e3b\u673a\u540d\u79f0\uff0c\u9700\u8981\u548c\u5b9e\u9645\u8bbe\u5b9a\u4e00\u6837\u3002\u56e0\u4e3a\u5927\u5bb6\u4f7f\u7528origin\u662f\u5728\u592a\u666e\u904d\u4e86\uff0c\u6240\u4ee5\u8fd9\u91cc\u6ca1\u6709\u7528<remote host name>\u6765\u8868\u793a\uff0c\u610f\u4f1a\u5373\u53ef\u3002\u5982\u679c\u9700\u8981\u5220\u9664\u8fdc\u7a0b\u5206\u652f\uff0c\u53ef\u4ee5\u7b80\u5355\u5730\u63a8\u9001\u7a7a\u5206\u652f\uff1agit push origin :<remote branch name>\u3002\u8fd9\u91cc\u672c\u5730\u5206\u652f\u540d\u7559\u7a7a\u4e86\u3002\u4e5f\u53ef\u4ee5\u4f7f\u7528\u4e13\u95e8\u7684\u5220\u9664\u65b9\u5f0f\uff1agit push origin --delete <remote branch name>
\u5982\u679c\u9700\u8981\u5220\u9664\u672c\u5730\u5206\u652f\uff0c\u4f7f\u7528git branch -d <local branch name>
\u5408\u5e76\u5206\u652f\u65f6\uff0c\u5148\u5207\u6362\u5230\u9700\u8981\u63a5\u6536\u6539\u52a8\u7684\u5206\u652f\u4e0a\uff0c\u7136\u540egit merge <new branch name>\uff0c\u5373\u53ef\u5c06new branch\u7684\u6539\u52a8\u66f4\u65b0\u5230\u5f53\u524d\u5206\u652f\u4e0a\u3002new branch\u7684\u5185\u5bb9\u662f\u4e0d\u53d8\u7684\u3002
\u62c9\u53d6\u8fdc\u7a0b\u5206\u652f\u5230\u672c\u5730\uff0c\u800c\u4e0d\u5f71\u54cd\u672c\u5730\u5206\u652f\uff1agit fetch <remote repo name> <remote branch name>:<local branch name>\u4f1a\u5c06\u8fdc\u7a0b\u4ed3\u5e93\u7684\u5206\u652f\u4fdd\u5b58\u5728\u672c\u5730\u5bf9\u5e94\u5206\u652f\u4e0b\u3002
\u53ef\u4ee5\u7528git fetch --all\u62c9\u53d6\u6240\u6709\u8fdc\u7a0b\u5206\u652f\uff0c\u5982\u679c\u6ca1\u6709\u6548\u679c\uff0c\u6ce8\u610f\u68c0\u67e5remote.origin.fetch\u7684\u8bbe\u7f6e\uff1agit config --get remote.origin.fetch\uff0c\u5982\u679c\u662f+refs/heads/master:refs/remotes/origin/master\uff0c\u5219\u8868\u793a\u53ea\u62c9master\u5206\u652f\u3002\u53ef\u4ee5\u4fee\u6539\u6210\u62c9\u53d6\u6240\u6709\u5206\u652f\uff1agit config remote.origin.fetch \"+refs/heads/*:refs/remotes/origin/*\"\u3002
\u67d0\u79cd\u4e1c\u897f\u771f\u7684\u795e\u70e6\uff0c\u79d1\u7814\u9700\u8981\u4e0b\u8f7d\u7684\u4ed3\u5e93\u4ee3\u7801\u7ecf\u5e38\u83ab\u540d\u5176\u5999\u4e0b\u8f7d\u4e0d\u4e86\uff0c\u5199\u7684\u4ee3\u7801\u4e0a\u4f20\u8865\u4e0a\u53bb\uff0cbuild\u4e2adocker\u6162\u7684\u8981\u6b7b\uff0c\u7b2c\u4e09\u65b9\u5305\u62c9\u53d6\u4e0d\u5230\u2026\u2026\u6d6a\u8d39\u5f88\u591a\u65f6\u95f4\u5728\u56e0\u4e3a\u7f51\u7edc\u8fde\u63a5\u4e0d\u4e86\u5bfc\u81f4\u7684\u5404\u79cdbug\u4e0a\uff0c\u6709\u6548\u79d1\u7814\u65f6\u95f4\u767d\u767d\u88ab\u6d88\u8017\uff0c\u771f\u7684\u5f88xx\u3002
"},{"location":"git/#git-clonegnutls_handshake-failed-the-tls-connection-was-non-properly-terminated","title":"Git clone\u62a5\u9519gnutls_handshake() failed: The TLS connection was non-properly terminated.","text":"\u4e00\u79cd\u505a\u6cd5\u662f\u8bbe\u7f6e\u6216\u8005\u53d6\u6d88\u8bbe\u7f6ehttp.proxy\u548chttps.proxy
\u53e6\u4e00\u79cd\u505a\u6cd5\u662f\u76f4\u63a5\u53d6\u6d88SSL\u6821\u9a8c\uff0c\u867d\u7136\u7c97\u66b4\u4e86\u70b9\uff1agit config http.sslVerify false
go env -w GO111MODULE=on\ngo env -w GOPROXY=https://goproxy.cn\n\u5de5\u7a0b\u4fdd\u5b58\u5728xxx/go/src/xxx\u4e0b\uff0c\u5e76\u5c06GOPATH=xxx/go\u52a0\u5230\u73af\u5883\u53d8\u91cf\u4e2d
"},{"location":"go/#_2","title":"\u5feb\u901f\u5165\u95e8","text":"package main\nimport (\n\"fmt\"\n)\n\nfunc main() {\n//\u5faa\u73af\u8f93\u51fa\nfor i:=0; i<10; i++{\nfmt.Println(i)\n}\n}\n\u5728https://www.oracle.com/java/technologies/downloads/\u4e0b\u8f7d\u5bf9\u5e94\u7cfb\u7edf\u7684\u5305\u3002Linux\u9009\u62e9Compressed Archive\uff0c\u89e3\u538b\u7f29\u4ee5\u540e\u914d\u7f6e\u4e0bpath\uff1bWindows\u53ef\u4ee5\u7528MSI Installer\u3002\u5bf9\u5e94\u7684\u6e90\u7801\u5728lib/src.zip\u4e2d\u3002
"},{"location":"java/#java_2","title":"Java\u6e90\u7801\u67b6\u6784\u7406\u89e3","text":"\u6838\u5fc3\u4ee3\u7801\u3001\u4e3b\u8981\u529f\u80fd\u5728java.base/java\u76ee\u5f55\u4e0b\uff0c\u5176\u4e2d\u5305\u542b\u4e86io\u3001lang\u3001util\u7b49\u591a\u4e2a\u5173\u952e\u6a21\u5757\u3002
"},{"location":"java/#java_3","title":"Java\u91cc\u6709\u54ea\u4e9b\u6570\u636e\u7ed3\u6784\u7c7b\u578b\uff1f\u5982\u4f55\u5b9e\u73b0\u7684\uff1f","text":"Java\u4e2d\u5e38\u89c1\u7684\u6570\u636e\u7c7b\u578b\u6bd4\u5982Set\u3001Array\u3001
"},{"location":"latex/","title":"latex\u57fa\u7840","text":""},{"location":"latex/#_1","title":"\u63a8\u8350\u5de5\u5177","text":"\u4f7f\u7528Table Generator\u7ed8\u5236\u8868\u683c
"},{"location":"latex/#latex_1","title":"\u82f1\u6587latex","text":"\\documentclass[conference,11pt]{IEEEtran}\n\\IEEEoverridecommandlockouts\n% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please comment it out.\n\\usepackage{cite}\n\\usepackage{amsmath,amssymb,amsfonts}\n\\usepackage{algorithmic}\n\\usepackage{graphicx}\n\\usepackage{textcomp}\n\\usepackage{xcolor}\n\\usepackage{caption}\n\\usepackage{url}\n\\def\\UrlBreaks{\\do\\A\\do\\B\\do\\C\\do\\D\\do\\E\\do\\F\\do\\G\\do\\H\\do\\I\\do\\J\n\\do\\K\\do\\L\\do\\M\\do\\N\\do\\O\\do\\P\\do\\Q\\do\\R\\do\\S\\do\\T\\do\\U\\do\\V\n\\do\\W\\do\\X\\do\\Y\\do\\Z\\do\\[\\do\\\\\\do\\]\\do\\^\\do\\_\\do\\`\\do\\a\\do\\b\n\\do\\c\\do\\d\\do\\e\\do\\f\\do\\g\\do\\h\\do\\i\\do\\j\\do\\k\\do\\l\\do\\m\\do\\n\n\\do\\o\\do\\p\\do\\q\\do\\r\\do\\s\\do\\t\\do\\u\\do\\v\\do\\w\\do\\x\\do\\y\\do\\z\n\\do\\.\\do\\@\\do\\\\\\do\\/\\do\\!\\do\\_\\do\\|\\do\\;\\do\\>\\do\\]\\do\\)\\do\\,\n\\do\\?\\do\\'\\do+\\do\\=\\do\\#}\n\\def\\BibTeX{{\\rm B\\kern-.05em{\\sc i\\kern-.025em b}\\kern-.08em\n T\\kern-.1667em\\lower.7ex\\hbox{E}\\kern-.125emX}}\n\\usepackage{lscape, latexsym, amssymb, algorithmic, multirow}\n\\usepackage[linesnumbered, vlined, ruled]{algorithm2e}\n\\usepackage{mathtools, bbm, color}\n\\usepackage{booktabs}\n\\usepackage{amsthm,mathrsfs,amsfonts,dsfont}\n\\usepackage{listings}\n\\definecolor{codegreen}{rgb}{0,0.6,0}\n\\definecolor{codegray}{rgb}{0.5,0.5,0.5}\n\\definecolor{codepurple}{rgb}{0.58,0,0.82}\n\\definecolor{backcolour}{rgb}{0.95,0.95,0.95}\n\\lstdefinestyle{mystyle}{\n % backgroundcolor=\\color{backcolour}, \n commentstyle=\\color{codegreen},\n keywordstyle=\\color{magenta},\n numberstyle=\\tiny\\color{codegray},\n stringstyle=\\color{codepurple},\n % basicstyle=\\footnotesize\\ttfamily,\n basicstyle=\\footnotesize\\scriptsize,\n breakatwhitespace=false, \n breaklines=true, \n captionpos=b, \n keepspaces=true,\n numbers=left, %% \u884c\u53f7 \n % numbersep=2pt, \n showspaces=false, \n showstringspaces=false,\n showtabs=false, \n tabsize=1,\n xleftmargin=\\parindent,\n}\n\\lstset{style=mystyle}\n\\begin{document}\n\n\\title{xxxx}\n\n\\author{xxxx}\n\n\\maketitle\n\n\\begin{abstract}\n\\end{abstract}\n\n\n\\begin{IEEEkeywords}\nxxx,xxx\n\\end{IEEEkeywords}\n\n\\bibliographystyle{IEEEtran}\n{\n\\begingroup\n\\bibliography{ref}\n\\endgroup\n}\n\n\\end{document}\n\\documentclass[12pt]{article}\n\n\\usepackage{cite} % \u5f15\u7528\u53c2\u8003\u6587\u732e\n\\usepackage{ctex} % \u4e2d\u6587\u652f\u6301\n\\usepackage{times}% \u82f1\u6587\u4f7f\u7528Times New Roman\n\\usepackage{url,hyperref} % \u8d85\u94fe\u63a5\n\\usepackage{xspace} % \u65e0\u6807\u70b9\u81ea\u52a8\u7a7a\u683c\n\\usepackage{graphicx} % \u63d2\u5165\u56fe\u7247\u7528\n\\usepackage{geometry} % \u8bbe\u7f6e\u9875\u8fb9\u8ddd\n\\usepackage{listings} % \u63d2\u5165\u4ee3\u7801\u5757\n\\usepackage{color} % \u5b9a\u4e49\u989c\u8272\uff0c\u7528\u4e8e\u63a7\u5236\u4ee3\u7801\u9ad8\u4eae\n\\usepackage{subcaption} % \u753b\u5b50\u56fe\n\\usepackage{tikz} % \u540e\u7eed\u753b\u5706\u5708\n\\usepackage{multirow} % \u8868\u683c\u591a\u884c\u6587\u672c\n% \\usepackage{tabu}\n\\usepackage{longtable}\n\\usepackage{float}\n\\usepackage{tabu}\n\\usepackage{booktabs} % \u753b\u8868\u683c\n\n\\usepackage[linesnumbered, vlined, ruled]{algorithm2e} % \u7b97\u6cd5\u5217\u8868\n\n% \u4f7f\u7528 ctex \u5b8f\u5305\u8bbe\u7f6e\u4e2d\u6587\u56fe\u9898\n\\renewcommand{\\figurename}{\u56fe}\n\\renewcommand{\\tablename}{\u8868}\n\n% \u8bbe\u7f6e\u9875\u8fb9\u8ddd\n\\geometry{a4paper,left=2cm,right=2cm,top=2cm,bottom=3cm} \n\n\n% \u8bbe\u7f6e\u5b57\u4f53\n\\newcommand{\\song}{\\CJKfamily{song}} % \u5b8b\u4f53\n\\newcommand{\\fs}{\\CJKfamily{fs}} % \u4eff\u5b8b\u4f53\n\\newcommand{\\kai}{\\CJKfamily{kai}} % \u6977\u4f53\n\\newcommand{\\hei}{\\CJKfamily{hei}} % \u9ed1\u4f53\n\\newcommand{\\li}{\\CJKfamily{li}} % \u96b6\u4e66\n\n% \u8bbe\u7f6e\u5b57\u53f7\n\\newcommand{\\yihao}{\\fontsize{26pt}{36pt}\\selectfont} % \u4e00\u53f7, 1.4 \u500d\u884c\u8ddd\n\\newcommand{\\erhao}{\\fontsize{22pt}{28pt}\\selectfont} % \u4e8c\u53f7, 1.25\u500d\u884c\u8ddd\n\\newcommand{\\xiaoer}{\\fontsize{18pt}{18pt}\\selectfont} % \u5c0f\u4e8c, \u5355\u500d\u884c\u8ddd\n\\newcommand{\\sanhao}{\\fontsize{16pt}{24pt}\\selectfont} % \u4e09\u53f7, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\xiaosan}{\\fontsize{15pt}{22pt}\\selectfont} % \u5c0f\u4e09, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\sihao}{\\fontsize{14pt}{21pt}\\selectfont} % \u56db\u53f7, 1.5 \u500d\u884c\u8ddd\n\\newcommand{\\banxiaosi}{\\fontsize{13pt}{19.5pt}\\selectfont} % \u534a\u5c0f\u56db, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\xiaosi}{\\fontsize{12pt}{18pt}\\selectfont} % \u5c0f\u56db, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\dawuhao}{\\fontsize{11pt}{11pt}\\selectfont} % \u5927\u4e94\u53f7, \u5355\u500d\u884c\u8ddd\n\\newcommand{\\wuhao}{\\fontsize{10.5pt}{15.75pt}\\selectfont} % \u4e94\u53f7, \u5355\u500d\u884c\u8ddd\n\n% \u5b9a\u4e49\u4ee3\u7801\u6837\u5f0f\n\\definecolor{codegreen}{rgb}{0,0.6,0}\n\\definecolor{codegray}{rgb}{0.5,0.5,0.5}\n\\definecolor{codepurple}{rgb}{0.58,0,0.82}\n\\definecolor{backcolour}{rgb}{0.95,0.95,0.95}\n\\lstdefinestyle{mystyle}{\n % backgroundcolor=\\color{backcolour}, \n commentstyle=\\color{codegreen},\n keywordstyle=\\color{magenta},\n numberstyle=\\tiny\\color{codegray},\n stringstyle=\\color{codepurple},\n % basicstyle=\\footnotesize\\ttfamily,\n basicstyle=\\footnotesize\\scriptsize,\n breakatwhitespace=false, \n breaklines=true, \n captionpos=b, \n keepspaces=true,\n numbers=left, %% \u884c\u53f7 \n % numbersep=2pt, \n showspaces=false, \n showstringspaces=false,\n showtabs=false, \n tabsize=1,\n xleftmargin=\\parindent,\n}\n\\lstset{style=mystyle}\n\n\\renewcommand{\\abstractname}{\\textbf{\u6458\\quad \u8981}} % \u66f4\u6539\u6458\u8981\u4e8c\u5b57\u7684\u6837\u5f0f\n\n% use these commands to consistently refer to stuff\n\n\\newcommand{\\bugCount}{xx} \n\n\\newcommand{\\tabincell}[2]{\\begin{tabular}{@{}#1@{}}#2\\end{tabular}}\n\n\\newcommand*\\emptcirc[1][1ex]{\\tikz\\draw (0,0) circle (#1);} \n\\newcommand*\\halfcirc[1][1ex]{%\n \\begin{tikzpicture}\n \\draw[fill] (0,0)-- (90:#1) arc (90:270:#1) -- cycle ;\n \\draw (0,0) circle (#1);\n \\end{tikzpicture}}\n\\newcommand*\\fullcirc[1][1ex]{\\tikz\\fill (0,0) circle (#1);} \n\n\\def\\BibTeX{{\\rm B\\kern-.05em{\\sc i\\kern-.025em b}\\kern-.08em\n T\\kern-.1667em\\lower.7ex\\hbox{E}\\kern-.125emX}}\n\n\\title{\\fontsize{18pt}{27pt}\\selectfont \\textbf{xxxx}}\n\\author{\\fontsize{14pt}{21pt}\\selectfont \\textbf{xxxx}}\n\\date{}\n\n\\begin{document}\n\\begin{sloppypar} % \u9632\u6b62\u957f\u5355\u8bcd\u51fa\u754c\n\\maketitle\n\n\\begin{abstract}\n\\end{abstract}\n\n\\section{\u80cc\u666f}\n\n\\subsection{\u53ef\u4fe1\u6267\u884c\u73af\u5883}\n\\bibliographystyle{plain}\n\\bibliography{Ref}\n\n\\end{sloppypar}\n\\end{document}\nsudo ls -lah /proc/<pid>\n# \u8f93\u5165raw bytes\necho -e '\\x31\\x32' | program\n\n# \u4e0d\u5e26echo\u81ea\u52a8\u52a0\u7684\u6362\u884c\necho -en '\\x31\\x32' | program\n\n# \u8f93\u5165raw binary\necho -e '\\x31\\x32' | xxd -r -p | program \u67e5\u8be2\u7269\u7406\u69fd\u663e\u5361\u8fde\u63a5
lspci | grep VGA\n\u67e5\u8be2\u6d3b\u8dc3\u60c5\u51b5\uff08\u9700\u8981\u5b89\u88c5\u663e\u5361\u9a71\u52a8\uff0c\u53ef\u4ee5\u76f4\u63a5\u5b89\u88c5CUDA runfile\uff0c\u81ea\u5e26\u9a71\u52a8\uff09
nvidia-smi\nhtop # \u89c2\u5bdf\u5185\u5b58\u3001\u5404\u8fdb\u7a0b\u3001CPU\u5360\u7528\nsudo ls -lah /proc/<pid>/cwd # \u89c2\u5bdf\u8fd0\u884c\u7684\u547d\u4ee4\uff0c\u5224\u65ad\u8c01\u7684\u7a0b\u5e8f\nncdu # \u7edf\u8ba1\u5f53\u524d\u76ee\u5f55\u4e0b\u5404\u4e2a\u6587\u4ef6\u5939\u5360\u7528\uff0c\u53ef\u4ee5\u8fdb\u5165\u3001\u5220\u9664\u6587\u4ef6\u5939\u6216\u76ee\u5f55\n\u6709\u65f6\u5019\u8fde\u4e0d\u4e0a\u7f51\u662f\u56e0\u4e3aDNS\u7684\u95ee\u9898\uff0c\u4fee\u6539/etc/resolve.conf\u5373\u53ef\u3002\u4e0d\u8fc7\u8fd9\u4e2a\u8f6f\u8fde\u63a5\u4fee\u6539\u5b8c\u4e86\u4ee5\u540e\u53ef\u80fd\u4f1a\u88ab\u7cfb\u7edf\u6539\u6389\uff0c\u53ef\u4ee5\u8bd5\u8bd5\u5220\u6389\u4ee5\u540e\u76f4\u63a5\u521b\u5efa\u4e2a/etc/resolve.conf\u6587\u4ef6\uff0c\u518dchattr +i /etc/resovle.conf\u9632\u6b62\u4fee\u6539\u3002
systemctl status xxx\u68c0\u67e5\u67d0\u4e9b\u670d\u52a1\u8fd0\u884c\u72b6\u6001\uff0c\u53ef\u4ee5ls -lah /etc/systemd/system\u3001ls -lah /lib/systemd/system\u67e5\u8be2\u6709\u54ea\u4e9b\u670d\u52a1\u3002\u8b66\u60d5\u5947\u602a\u7684\u6570\u5b57service\uff0c\u53ef\u80fd\u662f\u75c5\u6bd2\u3002
\u6dfb\u52a0\u7cfb\u7edf\u670d\u52a1\u65f6\uff0c\u521b\u5efa/etc/systemd/system/xxx.service\u6587\u4ef6\uff0c\u7136\u540e\u7f16\u8f91\u5185\u5bb9\uff0c\u6bd4\u5982\u4e0b\u9762\u7684socat.service\uff1a
[Unit]\nDescription=port forward 4320\n# \u542f\u52a8\u987a\u5e8f\uff08\u591a\u4e2a\u670d\u52a1\u4e2d\u95f4\u7528\u7a7a\u683c\u9694\u5f00\uff09\nAfter=network.target[\u5f53\u524d\u670d\u52a1\u5728\u6307\u5b9a\u670d\u52a1\u4e4b\u540e\u542f\u52a8]\nBefore=[\u5f53\u524d\u670d\u52a1\u5728\u6307\u5b9a\u670d\u52a1\u4e4b\u524d\u542f\u52a8]\n\n# \u4f9d\u8d56\u5173\u7cfb\nWants=[\u5f31\u4f9d\u8d56\u5173\u7cfb\u670d\u52a1\uff0c\u6307\u5b9a\u670d\u52a1\u53d1\u751f\u5f02\u5e38\u4e0d\u5f71\u54cd\u5f53\u524d\u670d\u52a1]\nRequires=[\u5f3a\u4f9d\u8d56\u5173\u7cfb\u670d\u52a1\uff0c\u6307\u5b9a\u670d\u52a1\u53d1\u751f\u5f02\u5e38\uff0c\u5f53\u524d\u670d\u52a1\u5fc5\u987b\u9000\u51fa]\n\n[Service]\nUser=nobody\nExecStart=/usr/bin/socat TCP4-LISTEN:4320,fork TCP4:10.244.55.25:80\nExecReload=[\u91cd\u542f\u670d\u52a1\u65f6\u6267\u884c\u7684\u547d\u4ee4]\nExecStop=[\u505c\u6b62\u670d\u52a1\u65f6\u6267\u884c\u7684\u547d\u4ee4]\nExecStartPre=[\u542f\u52a8\u670d\u52a1\u4e4b\u524d\u6267\u884c\u7684\u547d\u4ee4]\nExecStartPost=[\u542f\u52a8\u670d\u52a1\u4e4b\u540e\u6267\u884c\u7684\u547d\u4ee4]\nExecStopPost=[\u505c\u6b62\u670d\u52a1\u4e4b\u540e\u6267\u884c\u7684\u547d\u4ee4]\n\n# \u542f\u52a8\u7c7b\u578b\n# simple\uff08\u9ed8\u8ba4\u503c\uff09\uff1aExecStart\u5b57\u6bb5\u542f\u52a8\u7684\u8fdb\u7a0b\u4e3a\u4e3b\u8fdb\u7a0b\n# forking\uff1aExecStart\u5b57\u6bb5\u5c06\u4ee5fork()\u65b9\u5f0f\u542f\u52a8\uff0c\u6b64\u65f6\u7236\u8fdb\u7a0b\u5c06\u4f1a\u9000\u51fa\uff0c\u5b50\u8fdb\u7a0b\u5c06\u6210\u4e3a\u4e3b\u8fdb\u7a0b\n# oneshot\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u53ea\u6267\u884c\u4e00\u6b21\uff0cSystemd \u4f1a\u7b49\u5b83\u6267\u884c\u5b8c\uff0c\u624d\u542f\u52a8\u5176\u4ed6\u670d\u52a1\n# dbus\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u4f1a\u7b49\u5f85 D-Bus \u4fe1\u53f7\u540e\u542f\u52a8\n# notify\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u542f\u52a8\u7ed3\u675f\u540e\u4f1a\u53d1\u51fa\u901a\u77e5\u4fe1\u53f7\uff0c\u7136\u540e Systemd \u518d\u542f\u52a8\u5176\u4ed6\u670d\u52a1\n# idle\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u662f\u8981\u7b49\u5230\u5176\u4ed6\u4efb\u52a1\u90fd\u6267\u884c\u5b8c\uff0c\u624d\u4f1a\u542f\u52a8\u8be5\u670d\u52a1\u3002\u4e00\u79cd\u4f7f\u7528\u573a\u5408\u662f\u4e3a\u8ba9\u8be5\u670d\u52a1\u7684\u8f93\u51fa\uff0c\u4e0d\u4e0e\u5176\u4ed6\u670d\u52a1\u7684\u8f93\u51fa\u76f8\u6df7\u5408\nType=[\u542f\u52a8\u7c7b\u578b]\n\n# \u5982\u4f55\u505c\u6b62\u670d\u52a1\n# control-group\uff08\u9ed8\u8ba4\u503c\uff09\uff1a\u5f53\u524d\u63a7\u5236\u7ec4\u91cc\u9762\u7684\u6240\u6709\u5b50\u8fdb\u7a0b\uff0c\u90fd\u4f1a\u88ab\u6740\u6389\n# process\uff1a\u53ea\u6740\u4e3b\u8fdb\u7a0b\n# mixed\uff1a\u4e3b\u8fdb\u7a0b\u5c06\u6536\u5230 SIGTERM \u4fe1\u53f7\uff0c\u5b50\u8fdb\u7a0b\u6536\u5230 SIGKILL \u4fe1\u53f7\n# none\uff1a\u6ca1\u6709\u8fdb\u7a0b\u4f1a\u88ab\u6740\u6389\uff0c\u53ea\u662f\u6267\u884c\u670d\u52a1\u7684 stop \u547d\u4ee4\u3002\nKillMode=[\u5982\u4f55\u505c\u6b62\u670d\u52a1]\n\n# \u91cd\u542f\u65b9\u5f0f\n# no\uff08\u9ed8\u8ba4\u503c\uff09\uff1a\u9000\u51fa\u540e\u4e0d\u4f1a\u91cd\u542f\n# on-success\uff1a\u53ea\u6709\u6b63\u5e38\u9000\u51fa\u65f6\uff08\u9000\u51fa\u72b6\u6001\u7801\u4e3a0\uff09\uff0c\u624d\u4f1a\u91cd\u542f\n# on-failure\uff1a\u975e\u6b63\u5e38\u9000\u51fa\u65f6\uff08\u9000\u51fa\u72b6\u6001\u7801\u975e0\uff09\uff0c\u5305\u62ec\u88ab\u4fe1\u53f7\u7ec8\u6b62\u548c\u8d85\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-abnormal\uff1a\u53ea\u6709\u88ab\u4fe1\u53f7\u7ec8\u6b62\u548c\u8d85\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-abort\uff1a\u53ea\u6709\u5728\u6536\u5230\u6ca1\u6709\u6355\u6349\u5230\u7684\u4fe1\u53f7\u7ec8\u6b62\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-watchdog\uff1a\u8d85\u65f6\u9000\u51fa\uff0c\u624d\u4f1a\u91cd\u542f\n# always\uff1a\u4e0d\u7ba1\u662f\u4ec0\u4e48\u9000\u51fa\u539f\u56e0\uff0c\u603b\u662f\u91cd\u542f\nRestart=[\u670d\u52a1\u9000\u51fa\u540e\uff0cSystemd \u7684\u91cd\u542f\u65b9\u5f0f]\n\nRestartSec=[\u8868\u793a Systemd \u91cd\u542f\u670d\u52a1\u4e4b\u524d\uff0c\u9700\u8981\u7b49\u5f85\u7684\u79d2\u6570]\n\n[Install]\nWantedBy=multi-user.target\n# \u6267\u884c sytemctl enable **.service\u547d\u4ee4\u65f6\uff0c**.service\u7684\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\uff0c\u5c31\u4f1a\u653e\u5728/etc/systemd/system/multi-user.target.wants\u5b50\u76ee\u5f55\u4e2d\n# \u6267\u884csystemctl get-default\u547d\u4ee4\uff0c\u83b7\u53d6\u9ed8\u8ba4\u542f\u52a8Target\n# multi-user.target\u7ec4\u4e2d\u7684\u670d\u52a1\u90fd\u5c06\u5f00\u673a\u542f\u52a8\n# \u5e38\u7528Target\uff0c1. multi-user.target-\u591a\u7528\u6237\u547d\u4ee4\u884c\uff1b2. graphical.target-\u56fe\u5f62\u754c\u9762\u6a21\u5f0f\nWantedBy=[\u8868\u793a\u8be5\u670d\u52a1\u6240\u5728\u7684Target]\nsystemctl start **systemctl stop **systemctl restart **systemctl status **systemctl enable ** enable\u547d\u4ee4\u76f8\u5f53\u4e8e\u5728\u76ee\u5f55\u91cc\u6dfb\u52a0\u4e86\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\u3002\u5f00\u673a\u65f6\uff0cSystemd\u4f1a\u6267\u884c/etc/systemd/system/\u76ee\u5f55\u91cc\u9762\u7684\u914d\u7f6e\u6587\u4ef6systemctl kill **systemctl cat **systemctl list-dependencies multi-user.targetsystemctl isolate graphical.targetsystemctl daemon-reload\u5b9a\u65f6\u7a0b\u5e8f\u6267\u884c\u5931\u8d25\u7684\u539f\u56e0\u662f\u591a\u6837\u7684\uff0c\u53ef\u80fd\u662f\u56e0\u4e3a\u5b9a\u65f6\u670d\u52a1\u6ca1\u542f\u52a8\uff0c\u9700\u8981systemctl restart cron.service\uff0c\u6216\u8005\u662fcron\u670d\u52a1\u574f\u6389\u4e86\uff0c\u5148apt install cron --reinstall\u5f3a\u5236\u91cd\u65b0\u5b89\u88c5\u4e0b\uff0c\u518d\u91cd\u542f\u670d\u52a1\uff0c\u6216\u8005\u662f\u5b89\u88c5\u4e86\u522b\u7684\u4f9d\u8d56\u5e93\u4f46\u662f\u6ca1\u6709\u91cd\u542fcron\u5bfc\u81f4\u8fd0\u884c\u5931\u8d25\uff0c\u8bd5\u8bd5/etc/init.d/cron restart\u3002
https://www.baeldung.com/linux/list-open-file-descriptors
Linux\u9ed8\u8ba4\u6700\u591a\u540c\u65f6\u6253\u5f001024\u4e2a\u6587\u4ef6\uff0c\u53ef\u4ee5\u901a\u8fc7ulimit -n\u67e5\u770b\u3002fuzzing\u7b49\u8981\u6ce8\u610f\u5173\u95ed\u6587\u4ef6\u63cf\u8ff0\u7b26\uff0c\u5426\u5219\u53ef\u80fd\u5bfc\u81f4\u670d\u52a1\u5668\u6545\u969c\uff08\u6bd4\u5982ssh\u8fde\u4e0d\u4e0a\uff09\u3002/proc//fd\u91cc\u5217\u51fa\u4e86pid\u9501\u6253\u5f00\u7684\u6587\u4ef6\u3002"},{"location":"linux-server/#_8","title":"\u53c2\u8003\u8d44\u6599","text":"
(\u4ee5\u4e0b\u5747\u5728wsl\u7684root\u7528\u6237) ubuntu\u7cfb\u7edf\uff0c\u5148\u9884\u88c5\u4e0b\u73af\u5883\uff1a
apt install build-essential autoconf zlib1g-dev libssl-dev\n\u4e0b\u8f7d\u6e90\u7801\uff0c\u76f4\u63a5\u4eceGithub\u94fe\u63a5\u4e0b\u8f7dzip\u5230\u672c\u5730\u89e3\u538b\uff0c\u4e5f\u53ef\u4ee5\u7528git clone\uff1a
git clone --depth 1 https://github.com/openssh/openssh-portable.git\n\u4e3a\u4e86\u9632\u6b62\u4e4b\u540emake install\u51fa\u7684\u6587\u4ef6\u8986\u76d6\u7cfb\u7edf\u81ea\u5df1\u7684ssh\uff0c\u8fd9\u91cc\u6307\u5b9aconfigure\u5c06\u4e4b\u540e\u7f16\u8bd1\u51fa\u7684\u6587\u4ef6\u653e\u5230\u9879\u76ee\u7684/output\u6587\u4ef6\u5939\u4e0b\u3002\u6309readme\u7684Building from git\u7684\u65b9\u6cd5\uff0c\u8fdb\u5165openssh\u6240\u5728\u76ee\u5f55\u540e\uff0c\u8fd0\u884c\uff1a
autoreconf\n./configure --prefix=`pwd`/output\nmake\n\u6b64\u65f6\u76f8\u5173\u53ef\u6267\u884c\u6587\u4ef6\u5df2\u7ecf\u7f16\u8bd1\u5b8c\u6bd5\u3002\u4e3a\u4e86\u8fdb\u4e00\u6b65\u6e05\u6670\u663e\u793a\uff0c\u53ef\u4ee5\u8fd0\u884cmake install\uff0c\u5219\u5728\u5f53\u524d\u76ee\u5f55\u7684output\u6587\u4ef6\u5939\u4e0b\u4f1a\u751f\u6210\u5bf9\u5e94\u7684\u7ed3\u6784\u3002
Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features (ISSTA 2023)
RR: A Fault Model for Efficient TEE Replication (NDSS 2023)
No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions (NDSS 2023)
FUZZUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks (Oakland 2022)
Registered Report: DATAFLOW Towards a Data-Flow-Guided Fuzzer
A Survey on Adversarial Attacks for Malware Analysis
Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land (Oakland 2021)
A Systematical and longitudinal study of evasive behaviors in windows malware (Computers & Security 2021)
Structural Attack against Graph Based Android Malware Detection (CCS 2021)
Deep Learning for Android Malware Defenses: a Systematic Literature Review (ACM Survey 2021)
Intriguing Properties of Adversarial ML Attacks in the Problem Space (Oakland 2020)
P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling (USENIX SECURITY 2020)
Toward the Analysis of Embedded Firmware through Automated Re-hosting (RAID 2019)
REPT: Reverse Debugging of Failures in Deployed Software (USENIX SECURITY 2018)
What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (NDSS 2018)
Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts (USENIX SECURITY 2017)
POMP++: Facilitating Postmortem Program Diagnosis with Value-Set Analysis
A Survey on Software Fault Localization (TSE 2016)
\u7531\u4e8e\u670d\u52a1\u5668\u5b89\u5168\u8bbe\u5b9a\uff0c\u53ea\u5bf9\u5916\u5f00\u653e\u4e00\u4e2a22\u7aef\u53e3\u63d0\u4f9bssh\u8fde\u63a5\u3002\u90a3\u4e48\u5728\u6b64\u57fa\u7840\u4e0a\u5982\u4f55\u63d0\u4f9bhttp\u3001https\u7b49\u591a\u79cd\u670d\u52a1\uff1f\u641c\u7d22\u4e86\u4e0b\u53ef\u4ee5\u6839\u636e\u6d41\u91cf\u7279\u5f81\u7528sslh\u7b80\u5355\u8f6c\u53d1\u4e00\u4e0b\u6570\u636e\u5305\u5230\u4e0d\u540c\u7684\u5185\u90e8\u7aef\u53e3\u3002
"},{"location":"porting/#sslh","title":"sslh\uff1a\u6839\u636e\u6d41\u91cf\u7279\u5f81\u8f6c\u53d1\u6570\u636e\u5305","text":"\u5728root\u4e0bapt install sslh\u540e\u4fee\u6539\u914d\u7f6e\u6587\u4ef6/etc/default/sslh\uff1a
# Default options for sslh initscript\n# sourced by /etc/init.d/sslh\n\n# binary to use: forked (sslh) or single-thread (sslh-select) version\n# systemd users: don't forget to modify /lib/systemd/system/sslh.service\nDAEMON=/usr/sbin/sslh\nRun=yes\nDAEMON_OPTS=\"--user sslh --listen 0.0.0.0:4684 --ssh 127.0.0.1:5752 --tls 127.0.0.1:443 --http 127.0.0.1:1284 --anyprot 127.0.0.1:2008 -F /etc/sslh/sslh.cfg --pidfile /var/run/sslh/sslh.pid\"\n\u8fd9\u91cc\u4e5f\u53ef\u4ee5cat /lib/systemd/system/sslh.service\u770b\u4e00\u4e0bservice\u6587\u4ef6\uff0c\u5176\u4e2d\u6709\u4e00\u884cExecStart=/usr/sbin/sslh --foreground $DAEMON_OPTS\uff0c\u53ef\u4ee5\u770b\u5230\u5728\u542f\u52a8sslh\u65f6\u53c2\u6570\u662fDAEMON_OPTS\u3002\u6240\u4ee5\u91cd\u70b9\u5c31\u5728\u4e8e\u914d\u7f6e\u597dDAEMON_OPTS\u3002
\u89e3\u91ca\u4e00\u4e0b\u51e0\u4e2a\u53c2\u6570\u7684\u610f\u601d\uff1a
--listen 0.0.0.0:4684 \u8868\u793asslh\u8fd0\u884c\u57284684\u7aef\u53e3\uff0c\u5c06\u8fd9\u4e2a\u7aef\u53e3\u6536\u5230\u7684\u6570\u636e\u5305\u6309\u89c4\u5219\u8f6c\u53d1\u5230\u5176\u4ed6\u7aef\u53e3\u4e0a--ssh 127.0.0.1:5752 \u8868\u793a\u5c06\u6536\u5230\u7684ssh\u6570\u636e\u5305\u8f6c\u53d1\u5230\u672c\u57305752\u7aef\u53e3--tls 127.0.0.1:443 \u8868\u793a\u5c06\u6536\u5230\u7684tls\u6570\u636e\u5305\u8f6c\u53d1\u5230\u672c\u5730443\u7aef\u53e3--http 127.0.0.1:1284 \u8868\u793a\u5c06\u6536\u5230\u7684http\u8bf7\u6c42\u8f6c\u53d1\u5230\u672c\u57301284\u7aef\u53e3--anyprot 127.0.0.1:2008 \u8868\u793a\u5c06\u5339\u914d\u90fd\u4e0d\u7b26\u5408\u7684\u5305\u53d1\u9001\u5230\u672c\u57302008\u7aef\u53e3-F /etc/sslh/sslh.cfg \u8868\u793a\u4f7f\u7528sslh.cfg\u8fd9\u4e2a\u6587\u4ef6\u4e2d\u7684\u8bbe\u5b9a\u8fdb\u884c\u66f4\u4e30\u5bcc\u7684\u914d\u7f6e\u7136\u540esystemctl enable sslh\u3001systemctl start sslh\u542f\u52a8sslh\uff0c\u5c06\u672c\u57304684\u7aef\u53e3\u6536\u5230\u7684\u6d41\u91cf\u6839\u636essh\u3001ssl\u3001http\u7684\u7279\u5f81\u5206\u522b\u8fdb\u884c\u7aef\u53e3\u8f6c\u53d1\u3002
\u6bd4\u8f83\u6709\u610f\u601d\u7684\u662f\u53ef\u4ee5\u7528--anyprot\u6765\u8bbe\u7f6e\u9ed8\u8ba4\u7684\u8f6c\u53d1\u7b56\u7565\uff0c\u914d\u5408nc -lk\u53ef\u4ee5\u770b\u81ea\u5b9a\u4e49\u7684\u6570\u636e\u5305\u683c\u5f0f\uff0c\u518d\u901a\u8fc7-F\uff08\u6216--config\uff09\u6307\u5b9aconfig\u6587\u4ef6\uff08\u6bd4\u5982/etc/sslh/sslh.cfg\uff09\uff0c\u5b9e\u73b0\u5229\u7528\u6b63\u5219\u8868\u8fbe\u5f0f\u5bf9\u6570\u636e\u5305\u8fdb\u884c\u81ea\u5b9a\u4e49\u8f6c\u53d1\u3002
\u6ce8\u610f\uff0c\u5982\u679c\u4f7f\u7528config\u6587\u4ef6\uff0c\u90a3\u4e48\u6587\u4ef6\u7684\u5185\u5bb9\u4e0d\u8981\u548c\u547d\u4ee4\u884c\u5df2\u6709\u7684\u5185\u5bb9\u91cd\u590d\u3002\u6bd4\u5982\u547d\u4ee4\u884c\u5df2\u7ecf\u6307\u5b9a\u4e86\u76d1\u542c127.0.0.1\u7aef\u53e3\u76844684\uff0c\u90a3config\u6587\u4ef6\u91cc\u5c31\u4e0d\u8981\u518d\u52a0\u4e0alisten:(xxx)\u4e86\u3002
config\u6587\u4ef6\u6307\u5b9a\u5339\u914d\u89c4\u5219\u7684\u4f8b\u5b50\u5982\u4e0b\u6240\u793a\uff08\u7247\u6bb5\uff09
protocols:\n(\n{ name: \"http\"; host: \"127.0.0.1\"; port: \"808\"; },\n{ name: \"tls\"; host: \"127.0.0.1\"; port: \"443\"; sni_hostnames: [ \"remote.c01dkit.com\" ]; tfo_ok: true },\n{ name: \"tls\"; host: \"127.0.0.1\"; port: \"7000\"; sni_hostnames: [ \"project-frp\" ]; tfo_ok: true },\n{ name: \"regex\"; host: \"127.0.0.1\"; port: \"60000\"; regex_patterns: [ \"^SSH-2.0-Go\\x0d$\", \"^SSH-2.0-OpenSSH\\x0d$\" ]; },\n);\n\u7531\u4e8e\u539f\u672c\u5bf9\u5916\u5f00\u653e\u768422\u7aef\u53e3\u53ea\u7528\u4e8e\u63a5\u6536ssh\u8bf7\u6c42\uff0c\u5982\u679c\u60f3\u8981\u63d0\u4f9b\u66f4\u591a\u670d\u52a1\uff0c\u9700\u8981\u5148\u628a22\u7aef\u53e3\u7684\u63a5\u6536\u7684\u6570\u636e\u90fd\u8f6c\u53d1\u7ed9sslh\uff0c\u8ba9\u5b83\u6765\u8fdb\u884c\u5206\u7c7b\u3002\u90a3\u4e48ssh\u8bf7\u6c42\u5e94\u8be5\u5c31\u4e0d\u80fd\u518d\u8fd8\u7ed922\u7aef\u53e3\u4e86\uff08\u4e0d\u7136\u53ef\u80fd\u53c8\u88ab\u8f6c\u53d1\u7ed9sslh\uff1f\u4e0d\u786e\u5b9a\uff09\uff0c\u53ef\u4ee5\u8003\u8651\u518d\u5f00\u4e00\u4e2a\u7aef\u53e3\u76d1\u542cssh\u8bf7\u6c42\u3002\u8fd9\u91ccssh\u7684\u8bbe\u5b9a\u5f00\u4e86\u672c\u573022\u548c5752\u7aef\u53e3\uff0c\u914d\u7f6e\u65f6\u4fee\u6539/etc/ssh/sshd_config\u6587\u4ef6\uff0c\u52a0\u4e00\u884cPort 5752\u5373\u53ef\u3002\u540c\u65f6\u8bb0\u5f97\u4f7f\u7528\u516c\u94a5\u8ba4\u8bc1\u767b\u5f55\uff0c\u7981\u7528\u5bc6\u7801\u767b\u5f55\u3002
Port 22\nPort 5752\nPubkeyAuthentication yes\nPasswordAuthentication no\n\u5728nginx\u5b98\u7f51\u4e0b\u8f7d\u6e90\u7801\u5e76\u6309\u8bf4\u660e\u7f16\u8bd1\u3002nginx\uff081.22\u7248\u672c\uff09\u7684\u914d\u7f6e\u5982\u4e0b\uff1a
user c01dkit;\nworker_processes 1;\n\nevents {\n worker_connections 1024;\n}\n\nhttp {\n include mime.types;\n default_type application/octet-stream;\n sendfile on;\n keepalive_timeout 65;\n server_tokens off;\n server {\n listen 1284;\n listen 127.0.0.1:1284;\n charset utf-8;\n server_name xxxx.c01dkit.com;\n if ($scheme = http ) {\n return 301 https://$host:xxxx$request_uri; \n }\n error_page 404 /404.html;\n }\n\n server {\n listen 127.0.0.1:443 ssl ;\n listen 443 ssl ;\n listen [::]:443 ssl ;\n server_name xxxx.c01dkit.com;\n charset utf-8;\n ssl_certificate xxxx/fullchain.pem;\n ssl_certificate_key xxxx/privkey.pem;\n\n ssl_session_cache shared:SSL:1m;\n ssl_session_timeout 5m;\n\n ssl_ciphers HIGH:!aNULL:!MD5;\n ssl_prefer_server_ciphers on;\n\n location / {\n root xxxxx;\n index index.html index.htm;\n error_page 404 /404.html;\n\n }\n location ~ \\.php$ {\n fastcgi_pass unix:/run/php/php8.1-fpm.sock;\n fastcgi_index index.php;\n fastcgi_param SCRIPT_FILENAME xxxx/www$fastcgi_script_name;\n include fastcgi_params;\n error_page 404 /404.html;\n }\n }\n\n}\n\u8fd9\u91cc\u914d\u7f6e\u4e86nginx\u76d1\u542c\u672c\u57301284\u7aef\u53e3\u6765\u5904\u7406http\u8bbf\u95ee\uff0c\u5c06https\u8bf7\u6c42\u8f6c\u53d1\u5230443\u7aef\u53e3\uff0c\u4e5f\u8bbe\u7f6e\u4e86ssl\u7684\u8bc1\u4e66\u3002\u8bc1\u4e66\u7684\u914d\u7f6e\u65b9\u6cd5\u53ef\u4ee5\u89c1\u540e\u6587\u7684https\u8bc1\u4e66\u7ae0\u8282\u3002
\u5173\u4e8enginx\uff0c\u53ef\u4ee5nginx -V\u67e5\u770b\u7f16\u8bd1\u9009\u9879\uff0c\u7136\u540e\u81ea\u5df1\u4ece\u6e90\u7801\u7f16\u8bd1\u4e0b\u3002\u5e38\u89c1\u7684-V\u8f93\u51fa\u6709\uff1a
nginx version: nginx/1.22.1\nbuilt by gcc 11.3.0 (Ubuntu 11.3.0-1ubuntu1~22.04) \nbuilt with OpenSSL 3.0.2 15 Mar 2022\nTLS SNI support enabled\nconfigure arguments: --user=c01dkit --group=c01dkit --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-compat --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_sub_module\n\u8fd9\u91cc\u6307\u5b9auser\u4e3ac01dkit\uff0c\u7136\u540e\u7f51\u7ad9\u4e5f\u90fd\u653e\u5728c01dkit\u7684\u5bb6\u76ee\u5f55\u91cc\u9762\uff0c\u4ee5\u9632\u7f51\u7ad9\u9875\u9762\u56e0\u4e3a\u6743\u9650\u95ee\u9898\u6253\u4e0d\u5f00\uff08\u597d\u50cf\u9ed8\u8ba4\u662fwww-data\uff09\uff0c\u53ef\u80fd\u662f\u87f9\u811a\u6539\u6cd5\u25cb( \uff3e\u76bf\uff3e)\u3063
"},{"location":"porting/#iptablessslh","title":"iptables\uff1a\u8f6c\u53d1\u5916\u90e8\u8bbf\u95ee\u5230sslh","text":"\u6700\u540e\u63a5\u7740\u8bbe\u7f6e\u9632\u706b\u5899\u5c06\u6240\u6709\u5916\u90e8\u6d41\u91cf\u4ece\u5f00\u653e\u7684\u552f\u4e00\u7aef\u53e3\u8f6c\u53d1\u52304684\u7aef\u53e3\u5373\u53ef\u3002
iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n\u8fd9\u91cc\u5047\u5b9a\u5916\u90e8\u7aef\u53e3\u5f00\u653e\u7684\u7aef\u53e3\u6620\u5c04\u5230\u672c\u573022\u7aef\u53e3\u3002\u8fd9\u91cc22\u7aef\u53e3\u4e5f\u662f\u6709ssh\u670d\u52a1\u5728\u76d1\u542c\u3002
\u6709\u65f6\u62c5\u5fc3sslh\u670d\u52a1\u6302\u6389\u5bfc\u81f44684\u6ca1\u6709ssh\u670d\u52a1\u3001ssh\u8fde\u4e0d\u4e0a\uff0c\u8bbe\u7f6e\u4e86\u5b9a\u65f6\u4efb\u52a1\u6765\u5173\u6389\u3001\u6253\u5f00\u9632\u706b\u5899\uff08\u6b64\u65f6\u53ea\u80fdssh\u8fde\u63a5\uff0c\u63d0\u4f9b\u8fd0\u7ef4\u7a97\u53e3\u671f\uff09\uff0c\u6bd4\u5982\u6bcf\u5468\u4e094\u70b9\u52306\u70b9\u53ea\u63d0\u4f9b22\u7aef\u53e3\u7684ssh\u670d\u52a1\uff1a
# Edit this file to introduce tasks to be run by cron.\n# \n# Each task to run has to be defined through a single line\n# indicating with different fields when the task will be run\n# and what command to run for the task\n# \n# To define the time you can provide concrete values for\n# minute (m), hour (h), day of month (dom), month (mon),\n# and day of week (dow) or use '*' in these fields (for 'any').\n# \n# Notice that tasks will be started based on the cron's system\n# daemon's notion of time and timezones.\n# \n# Output of the crontab jobs (including errors) is sent through\n# email to the user the crontab file belongs to (unless redirected).\n# \n# For example, you can run a backup of all your user accounts\n# at 5 a.m every week with:\n# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/\n# \n# For more information see the manual pages of crontab(5) and cron(8)\n# \n# m h dom mon dow command\n0 4 * * 3 iptables -t nat -D PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n0 6 * * 3 iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n\u7531\u4e8e\u8fd9\u6837\u8bbe\u7f6eiptables\u4f1a\u5728\u670d\u52a1\u5668\u91cd\u542f\u540e\u5931\u6548\uff0c\u6240\u4ee5\u670d\u52a1\u5668\u610f\u5916\u91cd\u542f\u7684\u8bdd\u53ea\u4e0d\u8fc7\u662f\u6062\u590d\u5230\u6700\u57fa\u7840\u768422\u7aef\u53e3ssh\u800c\u5df2\u3002
"},{"location":"porting/#https","title":"https\u8bc1\u4e66","text":"\u5173\u4e8ehttps\u8bc1\u4e66\uff0c\u53ef\u4ee5\u6309\u8fd9\u91cc\u7684\u65b9\u6cd5\uff0c\u5148snap install --classic certbot\u5b89\u88c5certbot\uff0c\uff08\u4e0d\u77e5\u9053\u4e3a\u5565\u5f53\u65f6\u8bbe\u7f6e\u4e86\u4e00\u4e0bcertbot\u8def\u5f84sudo ln -s /snap/bin/certbot /usr/bin/certbot\uff09\u3002\u5982\u679c80\u7aef\u53e3\u5df2\u7ecf\u5bf9\u5916\u5f00\u653e\uff0c\u53ef\u4ee5\u7b80\u5355\u5730certbot --nginx\u81ea\u52a8\u5e2e\u5fd9\u8ba4\u8bc1\uff08\u5373certbot\u521b\u5efa\u8ba4\u8bc1\u6587\u4ef6\u7136\u540e\u5728\u516c\u7f51\u8bbf\u95ee\uff09\u3002\u5982\u679c80\u7aef\u53e3\u4e0d\u5bf9\u5916\u5f00\u653e\uff0c\u53ef\u4ee5\u81ea\u9009dns\u8ba4\u8bc1\uff1acertbot certonly --manual --preferred-challenges=dns\u7136\u540e\u5728\u57df\u540d\u7ba1\u7406\u90a3\u8fb9\u6dfb\u52a0\u4e00\u4e0b\u8bb0\u5f55\u5373\u53ef\uff0c\u6bd4\u5982\u521b\u5efa\u4e00\u4e2a_acme-challenge.remote\u7684TXT\u8bb0\u5f55\u3002\u7136\u540e\u5728nginx\u7684conf\u90a3\u91cc\u8bbe\u7f6e\u597d\u8bc1\u4e66\u8def\u5f84\uff0c\u8bbf\u95ee\u5c31\u6709https\u8ba4\u8bc1\u4e86\uff01\u5bf9\u4e8ehttp\u8bbf\u95ee\uff0c\u53ef\u4ee5\u7528301\u8df3\u8f6c\u3002
\u4e00\u6b21\u8ba4\u8bc1\u662f90\u5929\u6709\u6548\u671f\uff0c\u5230\u671f\u4e4b\u524d\u4f1a\u53d1\u90ae\u4ef6\uff0c\u66f4\u65b0\u8bc1\u4e66\u65f6\u9700\u8981\u8fd0\u884ccertbot renew --manual-auth-hook=xxx.sh \u5176\u4e2dsh\u811a\u672c\u662f\u81ea\u5df1\u7f16\u5199\u7684\u4e00\u4e2a\u81ea\u52a8\u5316\u5b8c\u6210DNS\u8bb0\u5f55\u66f4\u65b0\u3002\u4e3a\u4e86\u61d2\u7701\u4e8b\uff0c\u53ef\u4ee5\u8fd9\u4e48\u5199\uff1a
echo ${CERTBOT_VALIDATION} >> xxx.txt\necho ${CERTBOT_DOMAIN} >> xxx.txt\nsleep 120\nexit 0\n\u7136\u540e\u5728\u4e24\u5206\u949f\u4e4b\u5185\uff0c\u628axxx.txt\u91ccCERTBOT_VALIDATION\u5bf9\u5e94\u7684\u54c8\u5e0c\u503c\u624b\u52a8\u66f4\u65b0\u5728DNS\u8bb0\u5f55\u91cc\u5373\u53ef\u3002
\u6b64\u5916\uff0c\u65b0\u627e\u5230\u4e00\u4e2a\u53ef\u4ee5\u65b9\u4fbf\u5730\u5728web\u7aef\u914d\u7f6e\u65b0\u8bc1\u4e66\u7684\u7f51\u7ad9\uff1ahttps://xiangyuecn.github.io/ACME-HTML-Web-Browser-Client/ACME-HTML-Web-Browser-Client.html
"},{"location":"proxy/","title":"\u4ee3\u7406\u8f6c\u53d1","text":""},{"location":"proxy/#_2","title":"\u591a\u53f0\u7535\u8111\u7ec4\u5c40\u57df\u7f51","text":"\u53ef\u4ee5\u4f7f\u7528zerotier\uff0c\u767b\u5f55\u4ee5\u540e\u521b\u5efa\u4e00\u4e2a\u7f51\u7edc\u3002\u7136\u540e\u9700\u8981\u7ec4\u5c40\u57df\u7f51\u7684\u8bbe\u5907\u4e0b\u8f7dzerotier\u4ee5\u540ejoin\u4e0a\u5c31\u884c\u4e86\u3002
"},{"location":"proxy/#_3","title":"\u5185\u7f51\u7a7f\u900f","text":"\u9700\u8981\u516c\u7f51\u670d\u52a1\u5668\uff0c\u53ef\u4ee5\u5728\u963f\u91cc\u4e91\u79df\u4e00\u4e2a
\u4e00\u79cd\u65b9\u6cd5\u662ffrp
\u53e6\u4e00\u79cd\u65b9\u6cd5\u662fssh\u6b63\u5411\u8fde\u63a5\u914d\u5408\u53cd\u5411\u8fde\u63a5\uff1a
\u9996\u5148\u5185\u7f51\u670d\u52a1\u5668\u5f00\u4e2ascreen\u8fd0\u884cssh -R 127.0.0.1:1234:127.0.0.1:22 user@ip -p port\u8fde\u63a5\u5230\u4e91\u670d\u52a1\u5668\u4e0a\u3002\u8fd9\u6837\u7684\u8bdd\u670d\u52a1\u5668\u8bbf\u95ee127.0.0.1:1234\u5c31\u76f8\u5f53\u4e8e\u8bbf\u95ee\u5185\u7f51\u7684127.0.0.1:22\u3002\u7136\u540e\u9700\u8981\u8fde\u63a5\u5185\u7f51\u7684\u4e3b\u673a\u4e5f\u5f00\u4e2ascreen\u8fd0\u884cssh -L 127.0.0.1:2345:127.0.0.1:1234 user@ip -p port\uff0c\u8fd9\u6837\u7684\u8bdd\u8be5\u4e3b\u673a\u8bbf\u95ee\u81ea\u5df1127.0.0.1:2345\u5c31\u76f8\u5f53\u4e8e\u8bbf\u95ee\u4e91\u670d\u52a1\u5668\u7684127.0.0.1:1234\u3002\u7136\u540e\u8be5\u4e3b\u673a\u518d\u5f00\u4e00\u4e2a\u7ec8\u7aef\uff0cssh user@127.0.0.1 -p 2345\u5373\u53ef\u3002
\u5e0c\u671b\u5c06\u67d0\u7aef\u53e3\u6536\u5230\u7684\u6d88\u606f\u8f6c\u53d1\u5230\u5176\u4ed6\u4e3b\u673a\u7684\u67d0\u4e00\u7aef\u53e3\uff0c\u53ef\u4ee5\u8bd5\u8bd5socat\uff0c\u6bd4\u5982socat TCP4-LISTEN:4320,fork TCP4:10.244.55.25:80\uff0c\u53ef\u4ee5\u628a4320\u7aef\u53e3\u6536\u5230\u7684TCP4\u6570\u636e\u5305\u8f6c\u53d1\u5230\u5b50\u7f5110.244.55.25\u768480\u7aef\u53e3\uff0c\u914d\u5408zerotier\u53ef\u4ee5\u5b9e\u73b0\u5185\u7f51\u5bf9\u5916\u5f00\u653e\u7aef\u53e3\u3002
\u5728\u7ec8\u7aef\u8fde\u63a5pwn-college\u65f6\uff0c\u5148\u5728\u7f51\u9875\u7aef\u914d\u7f6e\u4e0b\u516c\u94a5\uff0c\u7136\u540essh -i \u79c1\u94a5 hacker@dojo.pwn.college\u5373\u53ef\u3002\u7f51\u9875\u7aef\u542f\u52a8\u4e00\u4e2a\u5b9e\u4f8b\u540e\uff0c\u8fdc\u7a0b\u4e5f\u4f1a\u81ea\u52a8\u542f\u52a8\u5bf9\u5e94\u7684\u73af\u5883\u3002\u95ee\u9898\u4e00\u822c\u653e\u5728\u6839\u76ee\u5f55\u7684challenge\u6587\u4ef6\u5939\u4e0b
\u8bf7\u6c42\u7b2c\u4e00\u884cRequest line\uff1a\u8bf7\u6c42\u65b9\u6cd5 URI \u534f\u8bae\u7248\u672c CRLF
\u54cd\u5e94\u7b2c\u4e00\u884cStatus line\uff1a\u534f\u8bae\u7248\u672c \u72b6\u6001\u7801 \u89e3\u91ca CRLF
\u5e38\u89c1\u7684\u8bf7\u6c42\u65b9\u6cd5\uff1a
HTTP URL Scheme\uff1ascheme://host:port/path?query#fragment
\u8bf7\u6c42\u7684\u8d44\u6e90\u542b\u6709\u4e00\u4e9b\u7279\u6b8a\u7b26\u53f7\u6bd4\u5982?,/,&,#\u7b49\u7b49\u65f6\uff0c\u4f7f\u7528%xx\u8fdb\u884c\u7f16\u7801\uff0c\u5176\u4e2dxx\u662fASCII\u7801\u3002\u8fd9\u79cd\u505a\u6cd5\u79f0\u4e3aurlencoding
POST\u8bf7\u6c42\u65f6\uff0c\u9700\u8981\u5e26\u4e0aContent-Type
\u524d\u8005body\u91cc\u5199a=xx\uff0c\u540e\u8005\u5199{\"a\":\"xx\"}\u3002json\u53ef\u4ee5\u6784\u9020\u66f4\u590d\u6742\u7684blob
RFC 1945 HTTP\u534f\u8bae\u662f\u65e0\u72b6\u6001\u7684\uff0c\u4f46\u662f\u7f51\u7edc\u5e94\u7528\u662f\u6709\u72b6\u6001\u7684\u3002\u4f7f\u7528cookie\u6765\u4fdd\u6301\u72b6\u6001\u3002
"},{"location":"pwn-college-cse365-spring2023/#assembly-crash-course","title":"Assembly Crash Course \u5b66\u4e60\u7b14\u8bb0","text":""},{"location":"pwn-college-cse365-spring2023/#building-a-web-server","title":"Building a Web Server \u5b66\u4e60\u7b14\u8bb0","text":"\u4f7f\u7528socket\u521b\u5efa\u4e00\u4e2aA-B\u7684\u7f51\u7edc\u6587\u4ef6\uff0c\u7136\u540e\u4f7f\u7528bind\u5c06socket\u4e0e\u5177\u4f53\u7684ip\u7ed1\u5b9a\u3002\u4f7f\u7528listen\u6765\u88ab\u52a8\u4fa6\u542csockfd\u3002\u4f7f\u7528accept\u63a5\u53d7\u5916\u90e8\u8fde\u63a5\u3002
\u4f7f\u7528TCP/IP\u8fdb\u884c\u7f51\u7edc\u901a\u8baf\uff0c\u670d\u52a1\u5668\u7aef\u7684\u4f8b\u5b50\u5982\uff1a
// int socket(int domain, int type, int protocol)\nsocket_fd = socket(AF_INET, SOCK_STREAM, IPPROTO_IP)\n\n// int bind(int sockfd, struct sockaddr* addr, socklen_t addrlen)\n/*\n * struct sockaddr {\n * uint16_t sa_family;\n * uint8_t sa_data[14]; \n * }\n * \n * struct sockaddr_in {\n * uint16_t sin_family;\n * uint16_t sin_port;\n * uint32_t sin_addr;\n * uint8_t __pad[8];\n * }\n*/\nbind(socket_fd, {sa_family=AF_INET, sin_port=htons(port), sin_addr=inet_addr(\"0.0.0.0\")}, 16)\n\n// int listen(int sock fd, int backlog);\nlisten(socket_fd, 0)\n\n// int accept(int sockfd, struct sockaddr* addr, socklen_t* addrlen);\ntunnel = accept(socket_fd, NULL, NULL)\n\n// revceive http request: GET / HTTP/1.0\nread(tunnel, \"GET / HTTP/1.0\",19)\n\n// response\nwrite(tunnel, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19)\n\n// receive http request: GET /flag HTTP/1.0\nread(tunnel, \"GET /flag HTTP/1.0\\r\\n\\r\\n\",256)\n\n// open and read file\nfilefd = open(\"/flag\",O_RDDONLY)\nread(filefd, \"FLAG\", 256)\n\n//response\nwrite(tunnel, \"HTTP/1.0 200 OK\\r\\n\\r\\nFLAG\", 27)\n\nclose(tunnel)\nstart\u5728main\u51fd\u6570\u6253\u65ad\u70b9\u5e76\u8fd0\u884cstarti\u5728_start\u51fd\u6570\u6253\u65ad\u70b9\u5e76\u8fd0\u884crun\u4e0d\u6253\u65ad\u70b9\uff0c\u76f4\u63a5\u8fd0\u884cattach <PID>\u5c06gdb\u9644\u7740\u5230\u4e00\u4e2a\u6b63\u5728\u8fd0\u884c\u7684\u8fdb\u7a0bcore <PATH>\u5206\u6790\u4e00\u4e2a\u7a0b\u5e8f\u8fd0\u884c\u540e\u4ea7\u751f\u7684coredump\u6587\u4ef6start <ARG1> <ARG2> < <STDIN_PATH>\u8fd0\u884c\u5e26\u6709\u53c2\u6570\u7684\u7a0b\u5e8f\uff0c\u548cshell\u91cc\u8f93\u547d\u4ee4\u4e00\u6837info registers\u53ef\u4ee5\u67e5\u770b\u5bc4\u5b58\u5668\u7684\u503c\uff08\u6216\u8005\u7b80\u5355\u7684i r\uff09print\u7528\u6765\u6253\u5370\u53d8\u91cf\u6216\u8005\u5bc4\u5b58\u5668\u7684\u503c\uff0c\u6bd4\u5982p/x $rdi\u4ee516\u8fdb\u5236\u6253\u5370rdi\u5bc4\u5b58\u5668\u7684\u503cx/<n><u><f> <address>\u7528\u6765\u6253\u5370\u53d8\u91cf\u6216\u7edd\u5bf9\u5730\u5740\u7684\u5185\u5bb9\u3002n\u8868\u793anumber\uff0c\u4e5f\u5c31\u662f\u8bf4\u8981\u6253\u5370\u51e0\u4e2a\u5355\u5143\uff1bu\u8868\u793aunit size\uff0c\u6bcf\u4e2a\u5355\u5143\u7684\u5b57\u8282\u957f\u5ea6\uff0c\u53ef\u53d6b/h/w/g\uff0c\u5206\u522b\u8868\u793a1\uff0c2\uff0c4\uff0c8\u5b57\u8282\uff1bf\u8868\u793a\u8f93\u51fa\u683c\u5f0f\uff0c\u53ef\u53d6d/x/s/i\uff0c\u5206\u522b\u8868\u793a\u5341\u8fdb\u5236\u3001\u5341\u516d\u8fdb\u5236\u3001\u5b57\u7b26\u4e32\u3001\u6c47\u7f16\u6307\u4ee4\u3002address\u8868\u793a\u8981\u6253\u5370\u7684\u5730\u5740\uff0c\u53ef\u4ee5\u5199\u6210\u6570\u5b66\u8868\u8fbe\u5f0f\u3002set disassembly-flavor intel\u7528\u6765\u4fee\u6539\u6c47\u7f16\u6307\u4ee4\u7684\u8868\u793a\u5f62\u5f0f\uff0c\u8fd9\u91cc\u662fintel\u6307\u4ee4\u3002stepi <n>\u6b65\u5165n\u6761\u6c47\u7f16\u6307\u4ee4\uff0cnexti <n>\u6b65\u8fc7n\u6761\u6c47\u7f16\u6307\u4ee4\uff1b\u5206\u522b\u7b80\u5199\u4e3asi\u4e0enifinish\u6267\u884c\u5230\u5f53\u524d\u51fd\u6570\u7ed3\u675f\u5e76\u8fd4\u56debreak *<addres>\u5728address\u5904\u6253\u65ad\u70b9\uff0c\u53ef\u4ee5\u7b80\u5199\u4e3ab *<address>display/<n><u><f>\u6765\u5728\u6bcf\u4e00\u6761\u64cd\u4f5c\u7ed3\u675f\u540e\u663e\u793a\u67d0\u4e9b\u6570\u503c\u3002nuf\u7684\u7528\u6cd5\u548cx\u6253\u5370\u5185\u5b58\u5730\u5740\u4e00\u6837-x xxx.gdb\uff0c\u5c31\u53ef\u4ee5\u5728gdb\u542f\u52a8\u540e\u81ea\u52a8\u5316\u8fd0\u884c\u811a\u672c~/.gdbinit\u5728\u521d\u59cb\u5316gdb\u4f1a\u8bdd\u65f6\u81ea\u52a8\u8fd0\u884ccall\u76f4\u63a5\u8c03\u7528\u51fd\u6570\uff0c\u6bd4\u5982call (void)win()set pagination off\u5173\u95ed\u5206\u9875\u786e\u8ba4 \u4ee5\u4e0b\u662f\u4e2agdb\u811a\u672c\u7684\u4f8b\u5b50\uff0csilent\u7528\u4e8e\u5728\u9047\u5230\u65ad\u70b9\u65f6\u51cf\u5c11\u8f93\u51fa\u4fe1\u606f\uff0c\u4ee5\u53ca\u4f7f\u7528set\u548cprintf\u8bbe\u7f6e\u53d8\u91cf\u3001\u6253\u5370\u503c\u3002start\nbreak *main+42\ncommands\n silent\n set $local_variable = *(unsigned long long*)($rbp-0x32)\nprintf \"Current value: %llx\\n\", $local_variable\ncontinue\nend\ncontinue\nif\u3001catch\u6765\u52ab\u6301systemcall\uff0c\u6bd4\u5982\uff1astart\ncatch syscall read\ncommands\n silent\n if ($rdi == 42)\nset $rdi = 0\nend\n continue\nend\ncontinue\n\u8fd9\u4e2a\u7ae0\u8282\u7684\u9898\u76ee\u662f\u7528curl\u3001python\u548cnc\u6765\u5b9e\u73b0\u53d1\u9001\u5404\u79cdhttp\u8bf7\u6c42\uff0c\u5148\u8fd0\u884c/challenge/run\u542f\u52a8flask\u670d\u52a1\u5668\uff0c\u7136\u540e\u65b0\u5f00\u4e2a\u7ec8\u7aef\u7528\u5404\u79cd\u59ff\u52bf\u8fde\u63a5\u672c\u5730127.0.0.1\u5373\u53ef\u3002
\u8fd9\u4e09\u79cd\u5de5\u5177\u7684\u5927\u81f4\u601d\u8def\uff1a
\u9700\u8981\u5148\u7b80\u5355\u5730\u8fde\u63a5127.0.0.1\u7136\u540e\u6839\u636e\u62a5\u9519\u63d0\u793a\u6765\u4fee\u6539\u8bf7\u6c42\u3002
Level 1
Send an HTTP request using curl
curl http://127.0.0.1\nLevel 2
Send an HTTP request using nc
nc 127.0.0.1 80\nGET / HTTP/1.1\nLevel 3
Send an HTTP request using python
import requests as r\nr.get(\"http://127.0.0.1\").text\nLevel 4
Set the host header in an HTTP request using curl
curl -H 'host:xxxxx' http://127.0.0.1\nLevel 5
Set the host header in an HTTP request using nc
nc 127.0.0.1 80\nGET / HTTP/1.1\nhost:xxxxx\nLevel 6
Set the host header in an HTTP request using python
import requests as r\nr.get(\"http://127.0.0.1\", headers={\"host\":\"xxx\"}).text\nLevel 7
Set the path in an HTTP request using curl
curl http://127.0.0.1/xxxxx\nLevel 8
Set the path in an HTTP request using nc
nc 127.0.0.1 80\nGET /xxxx HTTP/1.1\nLevel 9
Set the path in an HTTP request using python
import requests as r\nr.get(\"http://127.0.0.1/xxx\").text\nLevel 10~12
URL encode a path in an HTTP request using curl/nc/python
\u7528%20\u66ff\u6362\u6389\u7a7a\u683c\u5373\u53ef
Level 13~15
Specify an argument in an HTTP request using curl/nc/python
GET\u52a0\u53c2\u6570\uff0c\u5728\u8def\u5f84\u540e\u9762\u8ffd\u52a0?a=xxx\u5373\u53ef
nc\u65f6\u52a0\u5230nc\u8fde\u63a5\u4ee5\u540e\u7684GET\u540e\u9762
Level 16~18
Specify multiple arguments in an HTTP request using curl/nc/python
\u7ed3\u540810~15\u9898\uff0c\u7a7a\u683c\u7528%20\u6362\u6389\uff0c\u4e0e\u53f7\u7528%26\u6362\u6389\uff0c\u4e95\u53f7\u7528%23\u6362\u6389
Level 19~21
Include form data in an HTTP request using curl/nc/python
#curl\ncurl http://127.0.0.1 -F a=xxx\n\n#nc\nPOST / HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nContent-Length:34\n\na=xxx\n\n#python\nimport requests as r\nr.post(\"http://127.0.0.1\",data={'a':'xxx'}).text\nLevel 22~24
Include form data with multiple fields in an HTTP request using curl/nc/python
#curl\ncurl http://127.0.0.1 -F a=xxx -F b='xxxx'\n\n#nc\nPOST / HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nContent-Length: 78\n\na=xxx&b=xxx\n\n#python\nimport requests as r\nr.post(\"http://127.0.0.1\",data={'a':'xxx','b':'xxx'}).text\nLevel 25~27
Include json data in an HTTP request using curl/nc/python
#curl\ncurl -X POST -H 'Content-Type:application/json' -d '{\"a\":\"xxx\"}' http://127.0.0.1\n\n#nc\necho -ne 'POST / HTTP/1.1\\r\\nContent-Type: application/json\\r\\nContent-Length:40\\r\\n\\r\\n{\"a\":\"xxx\"}' | nc 127.0.0.1 80\n\n#python\nimport requests as r\nimport json\nr.post(\"http://127.0.0.1\",headers={\"Content-Type\":\"application/json\"},data=json.dumps({\"a\":\"xxx\"})).text\nLevel 28~30
Include complex json data in an HTTP request using curl/nc/python
#curl\ncurl -X POST -H 'Content-Type: application/json' -H 'Content-Length: 121' -d '{\"a\":\"xxx\", \"b\":{\"c\": \"xxxx\", \"d\": [\"xxx\", \"xxx\"]}}' http://127.0.0.1\n\n#nc\necho -ne 'POST / HTTP/1.1\\r\\nContent-Type: application/json\\r\\nContent-Length: 121\\r\\n\\r\\n{\"a\":\"xxx\", \"b\":{\"c\": \"xxx\", \"d\": [\"xxx\", \"xxx\"]}}' | nc 127.0.0.1 80\n\n#python\nimport requests as r\nimport json\nr.post(\"http://127.0.0.1\",headers={\"Content-Type\":\"application/json\"},data=json.dumps({\"a\":\"xxx\",\"b\":{'c': 'xxx', 'd': ['xxx', 'xxx']}})).text\nLevel 31~33
Follow an HTTP redirect from HTTP response using curl/nc/python
#curl\ncurl -L http://127.0.0.1\n\n#nc\necho -ne \"GET /xxx HTTP/1.1\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python\n#python\u9ed8\u8ba4\u8ddf\u968f\u8df3\u8f6c\nimport requests as r\nr.get(\"http://127.0.0.1\").text\nLevel 34~36
Include a cookie from HTTP response using curl/nc/python
#curl\ncurl http://127.0.0.1 -v\ncurl -b \"cookie=xxx\" http://127.0.0.1\n\n#nc\necho -ne \"GET / HTTP/1.1\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:cookie=xxxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python \u9ed8\u8ba4\u81ea\u52a8\u63a5\u53d7cookie\nimport requests as r\nr.get(\"http://127.0.0.1\").text\nLevel 37~39
Make multiple requests in response to stateful HTTP responses using curl/nc/python
#curl \u5b8c\u62103\u6b21\u4ea4\u4e92\u5373\u53ef\ncurl -b \"session=xxx\" http://127.0.0.1 -v \ncurl -b \"session=xxx\" http://127.0.0.1 -v \ncurl -b \"session=xxx\" http://127.0.0.1 -v #nc\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python\nimport requests as r\nr.get(\"http://127.0.0.1\").text\n\u8fd9\u4e2a\u7ae0\u8282\u7684\u9898\u9700\u8981\u628a\u6c47\u7f16\u53d8\u6210raw bytes\uff0c\u7136\u540e\u5582\u7ed9/challenge/run\u3002\u9700\u8981\u5148\u8fd0\u884c\u8fd9\u4e2arun\uff0c\u7136\u540e\u6839\u636e\u8981\u6c42\u5b8c\u6210\u3002\u6bd4\u5982\u53ef\u4ee5\u7528pwntools\u7684asm\u6a21\u5757\u751f\u6210\u6c47\u7f16\uff0c\u7136\u540eecho\u8fdbrun\u91cc\u3002
Level 1
In this level you will work with registers_use! Please set the following: rdi = 0x1337
from pwn import *\ncontext.arch='amd64'\nasm('mov rdi,0x1337')\n\n#b'H\\xc7\\xc77\\x13\\x00\\x00'\necho -ne 'H\\xc7\\xc77\\x13\\x00\\x00' | /challenge/run\u5373\u53ef\u3002 Level 2
asm('add rdi,0x331337')\nLevel 3
asm('imul rdi,rsi; add rdi,rdx; mov rax,rdi')\nLevel 4
\u5b66\u4e60div\u9664\u6cd5\uff0cdiv reg\u4f1a\u4f7f\u7528rax\u4f5c\u4e3a\u88ab\u9664\u6570\uff0creg\u4f5c\u4e3a\u9664\u6570\uff0c\u7136\u540e\u81ea\u52a8\u4f7f\u7528rax\u5b58\u653e\u5546\uff0crdx\u5b58\u653e\u4f59\u6570\u3002
asm('mov rax, rdi;div rsi')\nLevel 5
asm('mov rax, rdi;div rsi;mov rax, rdx')\nLevel 6
\u9664\u6570\u4e3a2\u7684\u5e42\u6b21\u65f6\uff0c\u76f4\u63a5\u4f7f\u7528mov\u4fdd\u7559\u5bc4\u5b58\u5668\u7684\u4e00\u90e8\u5206\u5373\u53ef\u3002\u6ce8\u610fmov\u4e24\u4e2a\u5bc4\u5b58\u5668\u957f\u5ea6\u8981\u4e00\u81f4\u3002
asm('mov al, dil;mov bx, si')\nLevel 7
shl\u5de6\u79fb\uff0cshr\u53f3\u79fb\uff08\u9ad8\u4f4d\u88650\uff09
asm('shl rdi, 59; shr rdi, 63; mov rax, rdi')\nLevel 8
and reg1, reg2\u4f1a\u628areg1\u548creg2\u8fdb\u884c\u903b\u8f91\u4e0e\u7684\u7ed3\u679c\u4fdd\u5b58\u5728reg1\u91cc\u3002\u9898\u76ee\u4e0d\u8ba9\u7528mov\uff0c\u90a3\u53ef\u4ee5\u91c7\u7528\u7f6e0\u51cf1\u7684\u65b9\u5f0f\u83b7\u5f972^65-1\uff0c\u7136\u540eand\u5373\u53ef\u3002
asm('xor rax, rax; sub rax, 1; and rax, rdi; and rax, rsi')\nLevel 9
\u9898\u76ee\u8981\u6c42\u53ea\u7528and\uff0cor\uff0cxor\u5b9e\u73b0\u4e00\u4e2a\u5947\u5076\u5224\u65ad\u7684\u529f\u80fd\u3002\u6574\u4f53\u601d\u8def\u662fxor\u53cd\u8f6c\u6bd4\u7279\u3001\u6e05\u7a7a\u503c\uff0cor\u505a\u52a0\u6cd5\uff0cand\u53d6\u6700\u4f4e\u4f4d\u3002
asm('xor rax, rax; or rax, 1; and rax, rdi; xor rax, 1')\nLevel 10
\u6709\u5173\u8bbf\u95ee\u5185\u5b58\u7684\u64cd\u4f5c\u3002mov reg, [address]\u7528\u4e8e\u628aaddress\u5730\u5740\u5904\u7684\u503c\u8d4b\u7ed9reg\uff0c\u5f53\u7136\u4e5f\u53ef\u4ee5mov [address], reg\u628areg\u7684\u503c\u4fdd\u5b58\u5728address\u5730\u5740\u3002\u52a0\u4e00\u5c42\u65b9\u62ec\u53f7\u53ea\u662f\u8868\u793a\u5f53\u4f5c\u5730\u5740\u3002\u4e0d\u8981\u4e0b\u610f\u8bc6\u8fdb\u884c\u66f4\u591a\u6b21\u6570\u7684\u89e3\u5f15\u7528\u3002
asm('mov rbx, [0x404000]; mov rax, rbx; add rbx, 0x1337; mov [0x404000], rbx')\nLevel 11
\u5982\u679cmov\u4e00\u65b9\u4e3a\u5bc4\u5b58\u5668\uff0c\u4e00\u65b9\u4e3a\u5730\u5740\uff0c\u4f1a\u6839\u636e\u5bc4\u5b58\u5668\u7684\u5927\u5c0f\u81ea\u52a8\u63a8\u65ad\u4ece\u5730\u5740\u4e2dload\u591a\u5c11\u5b57\u8282\u3002
asm('mov al, [0x404000]; mov bx, [0x404000]; mov ecx, [0x404000]; mov rdx, [0x404000];')\nLevel 12
\u5bf9\u4e8e\u6bd4\u8f83\u5927\u7684\u7acb\u5373\u6570\uff0c\u53ef\u4ee5\u5148\u653e\u5728\u5bc4\u5b58\u5668\uff0c\u7136\u540e\u518dmov\u5230\u6307\u5b9a\u4f4d\u7f6e\u3002
asm('mov rax, 0xdeadbeef00001337; mov [rdi], rax; mov rax, 0xc0ffee0000; mov [rsi], rax')\nLevel 13
asm('mov rax, [rdi]; add rax, [rdi+8]; mov [rsi], rax')\nLevel 14
asm('pop rax;sub rax,rdi; push rax')\nLevel 15
\u4f7f\u7528\u6808\u53ef\u4ee5\u7b80\u5355\u5730\u4ea4\u6362\u5bc4\u5b58\u5668
asm('push rdi; push rsi; pop rdi; pop rsi')\nLevel 16
\u5b9e\u73b0\u6808\u4e0a\u7684\u6570\u636e\u53d6\u5e73\u5747\uff0c\u7528[rsp+X]\u6765\u53d6\u503c\uff08\u4e00\u822c\u7528rbp\u6765\u53d6\u5427\uff1f\uff09
asm('mov rax, [rsp]; add rax, [rsp+8]; add rax, [rsp+16]; add rax, [rsp+24]; mov rbx, 4; div rbx; push rax')\nLevel 17
\u4f7f\u7528label\u8bbe\u7f6e\u76f8\u5bf9\u8df3\u8f6c\u5730\u5740\uff0c\u4f7f\u7528\u5355\u5b57\u8282\u7684nop\u586b\u5145\u3002\u4e0d\u8fc7\u9898\u76ee\u8981\u6c42\u7684\u201c\u4ecejmp\u504f\u79fb0x51\u7684\u5730\u5740\u201d\u6709\u70b9\u8ff7\u60d1\uff0c\u770b\u7ed3\u679c\u7684\u8bdd\u4f3c\u4e4e\u9ed8\u8ba4\u662fjmp\u6267\u884c\u540e\u7684\u5730\u5740\u518d\u504f\u79fb0x51\uff0c\u800c\u4e0d\u662fjmp\u6307\u4ee4\u672c\u8eab\u7684\u5730\u5740\u504f\u79fb0x51\uff0c\u6240\u4ee5\u4e0d\u9700\u8981\u77e5\u9053jmp\u6307\u4ee4\u672c\u8eab\u7684\u957f\u5ea6\u3002
asm('jmp lab;'+'nop;'*0x51+'lab: mov rdi, [rsp]; mov rax, 0x403000; jmp rax')\nLevel 18
\u5b9e\u73b0if-else\u8df3\u8f6c\u3002\u6ce8\u610f\u5185\u5b58\u8ba1\u7b97\u4f7f\u7528dword\u768432\u4f4d\u6570\u636e\uff0c\u7528eax\u800c\u4e0d\u662frax\u3002
from pwn import *\ncontext.arch='amd64'\npayload=\"\"\"mov eax, [rdi+4]\nmov ebx, 0x7f454c46\ncmp ebx, [rdi]\nje case1\nmov ebx, 0x5a4d\ncmp ebx, [rdi]\nje case2\nimul eax, [rdi+8]\nimul eax, [rdi+12]\njmp done\ncase1:\n add eax, [rdi+8]\n add eax, [rdi+12]\n jmp done\ncase2:\n sub eax, [rdi+8]\n sub eax, [rdi+12]\n jmp done\ndone:\n nop\n\"\"\"\n\nprint(asm(payload))\nLevel 19
jmp [reg + offset]\u95f4\u63a5\u8df3\u8f6c\uff0c\u4f7f\u7528rsi\u4fdd\u5b58\u8df3\u8f6c\u8868\u7684\u57fa\u5730\u5740\uff0c\u7528\u4e8e\u5b9e\u73b0switch\u3002\u8fd9\u91cc\u597d\u50cf\u662fjnz\u4e0d\u652f\u6301\u95f4\u63a5\u8df3\u8f6c\u3002
asm('mov rax, rdi; shr rax, 2; jnz final; jmp [rsi + rdi * 8]; final: jmp [rsi + 32]')\nLevel 20
\u5b9e\u73b0\u4e00\u4e2a\u7b80\u5355\u7684\u6c42\u5e73\u5747\u51fd\u6570
from pwn import *\ncontext.arch='amd64'\npayload=\"\"\"xor rax, rax\nxor rcx, rcx\nloop:\n cmp rcx, rsi\n je done\n add rax, [rdi + 8 * rcx]\n add rcx, 1\n jmp loop\ndone:\n div rsi\n\"\"\"\n\nprint(asm(payload))\nLevel 21
\u5b9e\u73b0\u4e00\u4e2astrlen\u51fd\u6570\uff0c\u9010byte\u68c0\u67e5\u662f\u5426\u4e3a0\u3002\u6ce8\u610fmov\u4e0d\u4f1a\u6539\u53d8EFLAGS\u3002
from pwn import *\ncontext.arch='amd64'\npayload = \"\"\"\nxor rax, rax\ntest rdi, rdi\njz done\nloop: mov bl, [rdi + rax]\ntest bl,bl\njz done\nadd rax, 1\njmp loop\ndone:\n nop\n\"\"\"\n\nprint(asm(payload))\nLevel 22
\u8fd9\u9053\u9898\u7ed9\u7684\u89e3\u91ca\u4e0d\u662f\u5f88\u6e05\u695a\uff0c\u5c3d\u7ba1\u662f\u7b2c\u4e00\u6b21\u63d0\u5230\u4f7f\u7528call\u8fdb\u884c\u51fd\u6570\u8c03\u7528\uff0c\u4f46\u662f\u6ca1\u6709\u8bf464\u4f4d\u7a0b\u5e8f\u4f9d\u6b21\u4f7f\u7528rdi,rsi,rdx,rcd,r8,r9\u8fdb\u884c\u4f20\u53c2\u3001rax\u4fdd\u5b58\u51fd\u6570\u8fd4\u56de\u7ed3\u679c\uff0c\u4e5f\u6ca1\u6709\u8bf4\u662f\u7531\u4e3b\u8c03\u51fd\u6570\u8fd8\u662f\u88ab\u8c03\u51fd\u6570\u6765\u4fdd\u5b58\u5bc4\u5b58\u5668\u3002\u66f4\u5947\u602a\u7684\u662f\u867d\u7136\u8ba9\u5b9e\u73b0\u4e00\u4e2astr_lower\u51fd\u6570\uff0c\u4f46\u662f\u6ca1\u6709\u6309\u51fd\u6570\u5b9e\u73b0\u7684\u6807\u51c6\u5199PROG\uff0c\u751a\u81f3\u6700\u540e\u8fd8\u7528ret\u6765\u7ed3\u675f\u3002
from pwn import *\ncontext.arch='amd64'\npayload = \"\"\"\nmov rdx, rdi\nxor rax, rax\nxor rcx, rcx\ntest rdx, rdx\njz done\nloop:\n mov bl, [rdx]\n test bl,bl\n jz done\n cmp bl, 0x5a\n jg notif\n mov rax, 0x403000\n xor rdi, rdi\n mov dil, bl\n call rax\n mov [rdx], al\n add rcx, 1\nnotif:\n add rdx, 1\n jmp loop\ndone:\n mov rax, rcx\n ret\n\"\"\"\n\nprint(asm(payload))\nLevel 23
\u5b9e\u73b0\u4e00\u4e2a\u67e5\u8be2\u5b57\u7b26\u4e32\u4e2d\u54ea\u4e2a\u5b57\u7b26\u6700\u591a\u7684\u51fd\u6570\u3002\u6bcf\u4e2a\u5b57\u7b26\u4e0d\u8d85\u8fc70xffff\u4e2a\uff0c\u6240\u4ee5\u8981\u75284\u5b57\u8282\u7684\u5bc4\u5b58\u5668\u6765\u8fdb\u884c\u5b58\u653e\u3002\u8fd9\u91cc\u4f3c\u4e4e\u4e0d\u652f\u6301\u76f4\u63a5mov rbx, [ebp - rcx * 4]\u4e4b\u7c7b\u7684\u65b9\u6cd5\uff0c\u5c31\u7528r8\u548cr9\u4e34\u65f6\u5b58\u653e\u4e00\u4e0b\u4e86\u3002
from pwn import *\n\ncontext.arch = 'amd64'\n\npayload = \"\"\"\npush rbp\nmov rbp, rsp\nsub rsp, 0x400\nxor rax, rax\nxor rcx, rcx\nmov rdx, rsi\nsub rdx, 0x1\nloop1: \n cmp rcx, rdx\n jg loop1_end\n mov al, [rdi + rcx]\n mov r8, rbp\n mov r9, rax\n imul r9, 4\n sub r8, r9\n mov ebx, [r8]\n add ebx, 1\n mov [r8], ebx\n add rcx, 1\n jmp loop1\nloop1_end:\nxor rax, rax\nxor rbx, rbx\nxor rcx, rcx\nloop2:\n cmp rcx, 0xff\n jg loop2_end\n mov r8, rbp\n mov r9, rcx\n imul r9, 4\n sub r8, r9\n mov edx, [r8]\n cmp edx, ebx\n jle loop2_conti\n mov rbx, rdx\n mov rax, rcx\nloop2_conti:\n add rcx, 1\n jmp loop2\nloop2_end:\nmov rsp, rbp\npop rbp\nret\n\"\"\"\n\nprint(asm(payload))\n\u4e0d\u5f97\u4e0d\u5410\u69fdpwn-college\u6709\u4e00\u70b9\u4e0d\u597d\uff0c\u6bcf\u4e2a\u6a21\u5757\u7b2c\u4e00\u4e2achallenge\u8bf4\u660e\u592a\u5c11\u4e86\uff0c\u5b8c\u5168\u4e0d\u77e5\u9053\u4ece\u54ea\u5f00\u59cb\u4e0b\u624b\u3002\u5728challenge 1\u7684wp\u91cc\u8be6\u7ec6\u8bb2\u4e00\u4e0b\u8fd9\u4e2a\u6a21\u5757\u600e\u4e48\u5f00\u59cb\u505a\uff0c\u7136\u540e\u540e\u7eed\u5c31\u7701\u7565\u4e86\u3002
\u7528\u6c47\u7f16\u5199server\uff0c\u53ef\u4ee5\u67e5\u886864\u4f4dsyscall\u624b\u518c
Level 1
\u9996\u5148\u8fd8\u662f\u8fd0\u884c/challeng/run\uff0c\u5f97\u5230\u4e00\u6bb5\u8f93\u51fa\uff1a
===== Welcome to Building a Web Server! =====\nIn this series of challenges, you will be writing assembly to interact with your environment, and ultimately build a web server\nIn this challenge you will exit a program.\n\nUsage: `/challenge/run <path_to_web_server>`\n\n$ cat server.s\n.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n mov rdi, 0\n mov rax, 60 # SYS_exit\n syscall\n\n.section .data\n\n$ as -o server.o server.s && ld -o server server.o\n\n$ strace ./server\nexecve(\"./server\", [\"./server\"], 0x7ffccb8c6480 /* 17 vars */) = 0\nexit(0) = ?\n+++ exited with 0 +++\n\u8fd9\u9053\u9898\u7684\u610f\u601d\u662f\u8ba9\u7528\u6c47\u7f16\u5199\u4e00\u4e2a\u670d\u52a1\u7aef\u3002\u5728\u8fd0\u884c/challenge/run server\u7684\u65f6\u5019\uff0c\u5224\u9898\u7a0b\u5e8f\u4f1a\u542f\u52a8\u7528\u6237\u6307\u5b9a\u7684\u8fd9\u4e2aserver\uff0c\u7136\u540e\u68c0\u67e5\u8fd9\u4e2aserver\u7a0b\u5e8f\u662f\u4e0d\u662f\u76f4\u63a5exit(0)\u4e86\u3002\u6240\u4ee5\u53ea\u9700\u8981\u7f16\u8bd1\u4e00\u4e2aexit(0)\u7684server\u5373\u53ef\u3002
\u9898\u76ee\u91cc\u5176\u5b9e\u5df2\u7ecf\u7ed9\u51fa\u4e86server.s\u7684\u6a21\u677f\uff08cat server.s\u7684\u8f93\u51fa\uff09\u548c\u7f16\u8bd1\u65b9\u5f0f\uff08as -o server.o server.s && ld -o server server.o\uff09\u3002\u6240\u4ee5\u8fd9\u9053\u9898\u53ea\u9700\u8981\u628acat server.s\u7684\u8f93\u51fa\u4fdd\u5b58\u5230server.s\u6587\u4ef6\uff0c\u7136\u540e\u76f4\u63a5\u8fd0\u884cas -o server.o server.s && ld -o server server.o\u7f16\u8bd1\u51fa\u4e00\u4e2aserver\u7684\u53ef\u6267\u884c\u7a0b\u5e8f\uff0c\u6700\u540e\u8fd0\u884c/challenge/run ./server\u5373\u53ef\u3002
\u6a21\u677f\u91cc\u53ea\u6267\u884c\u4e86\u4e00\u4e2a\u9000\u51fa\u7684syscall\uff0c\u6b63\u597d\u662f\u8fd9\u4e00\u9898\u7684\u8981\u6c42\u3002\u672c\u6765\u4ee5\u4e3a\u8fd9\u9053\u9898\u610f\u601d\u662f\u81ea\u5df1\u5199\u4e00\u4e2aserver\u7684\u6c47\u7f16\u6587\u4ef6\uff0c\u7136\u540erun\u7684\u65f6\u5019\u6307\u5b9a\u6e90\u6587\u4ef6\uff0c\u7531\u5224\u9898\u7a0b\u5e8f\u7f16\u8bd1\u7684\u5462\uff0c\u7ed3\u679c\u53d1\u73b0run\u7684\u65f6\u5019\u662f\u9700\u8981\u6307\u5b9a\u4e00\u4e2a\u7f16\u8bd1\u597d\u7684\u53ef\u6267\u884c\u7a0b\u5e8fhh\u3002
\u5b8c\u6574\u89e3\u9898\u6b65\u9aa4\u5982\u4e0b\uff1a
hacker@building-a-web-server-level-1:~$ echo \".intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n mov rdi, 0\n mov rax, 60 # SYS_exit\n syscall\n\n.section .data\" > ./server.s\n\nhacker@building-a-web-server-level-1:~$ as -o server.o server.s && ld -o server server.o\n\nhacker@building-a-web-server-level-1:~$ /challenge/run ./server\n===== Welcome to Building a Web Server! =====\nIn this series of challenges, you will be writing assembly to interact with your environment, and ultimately build a web server\nIn this challenge you will exit a program.\n\n\n===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] exit(0) = ?\n\n===== Trace: Parent Process =====\n[\u2713] execve(\"/proc/self/fd/3\", [\"/proc/self/fd/3\"], 0x7f07cf7959a0 /* 0 vars */) = 0\n[\u2713] exit(0) = ?\n[?] +++ exited with 0 +++\n\n===== Result =====\n[\u2713] Success\n\npwn.college{xxxx}\n\u4ee5\u4e0b\u7684\u5404\u4e2a\u9898\u76ee\u5c31\u53ea\u5199server.s\u7684\u5185\u5bb9\u4e86
Level 2
In this challenge you will create a socket.
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n # create a socket\n mov rdi, 2 # AF_INET\n mov rsi, 1 # SOCK_STREAM\n mov rdx, 0 # IPPROTO_IP\n mov rax, 41 # sys_socket\n syscall\n\n push rax\n mov rdi, 0\n mov rax, 60 # SYS_exit\n syscall\n\n.section .data\nLevel 3
In this challenge you will bind an address to a socket.
\u5728Level2\u521b\u5efasocket\u7684\u57fa\u7840\u4e0a\uff0c\u5c06\u5176\u7ed1\u5b9a\u52300.0.0.0:80\u4e0a\u3002\uff08\u53ef\u4ee5\u8fd0\u884cLevel1\u521b\u5efa\u7684server\u6765\u5148\u9605\u8bfb\u4e0b\u9898\u76ee\u8981\u6c42\uff0c\u5982\u4e0b\u6240\u793a\uff09
===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[ ] bind(3, {sa_family=AF_INET, sin_port=htons(<bind_port>), sin_addr=inet_addr(\"<bind_address>\")}, 16) = 0\n - Bind to port 80\n - Bind to address 0.0.0.0\n[ ] exit(0) = ?\n\u6700\u7ec8\u89e3\u5982\u4e0b\u3002\u8fd9\u91cc\u76f4\u63a5\u7528\u6808\u6765\u4fdd\u5b58sockaddr_in\u7ed3\u6784\u4f53\u4e86\uff0c\u6bd4\u8f83\u7c97\u66b4\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\npush rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, rax # socket_fd\npush 0x50000002 # AF_INET(2) and PORT(80) in big endian\nmov rsi, rsp # sockaddr_in\npush 0x0 # IP(0.0.0.0)\npush 0x0 # padding\npush 0x0 # padding\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\nLevel 4
In this challenge you will listen on a socket.
\u4f7f\u7528listen\u76d1\u542c\u8fd9\u4e2asocket\u3002\u7531\u4e8e\u8fd9\u91cclisten\u4e5f\u8981\u7528\u5230\u4e4b\u524dsocket\u521b\u5efa\u7684\u6587\u4ef6\u63cf\u8ff0\u7b26\uff0c\u6ce8\u610f\u5230\u6837\u4f8b\u7684\u6c47\u7f16\u6587\u4ef6\u6700\u540e\u63d0\u793a\u7528data\u4e86\uff0c\u6240\u4ee5\u5e72\u8106\u6362\u7528\u6570\u636e\u533a\u6765\u4fdd\u5b58\u5404\u79cd\u7ed3\u6784\u4f53\uff0c\u4e5f\u5f03\u7528Level3\u91cc\u5bf9\u6808\u505a\u7684\u90a3\u4e9b\u4fee\u6539\u4e86\u3002\u8fd9\u91ccsockfd\u548csockaddr\u90fd\u662f\u5730\u5740\uff0c\u6240\u4ee5mov\u7684\u65f6\u5019\u4f1a\u81ea\u52a8\u89e3\u5f15\u7528\uff0c\u7528lea\u6307\u4ee4\u6765\u83b7\u5f97\u5730\u5740\u672c\u8eab\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\n\nsockfd: .quad 0\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 5
In this challenge you will accept a connection.
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL)\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\n\nsockfd: .quad 0\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 6
In this challenge you will respond to an http request.
\u8fd9\u4e2a\u9898\u7684\u610f\u601d\u662f\u5e0c\u671b\u5b9e\u73b0\u4e00\u4e2a\u9759\u6001\u7684\u7ad9\u70b9\uff0c\u63a5\u6536\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u8bf7\u6c42\u540e\uff0c\u59cb\u7ec8\u56de\u590dHTTP/1.0 200 OK\u3002\u9700\u8981\u521b\u5efa\u4e00\u4e2a\u7f13\u51b2\u533a\u4fdd\u5b58\u8bf7\u6c42\uff0c\u8fd9\u91cc\u5f00\u4e86\u4e2a256\u5b57\u8282\u7684\u5185\u5b58\uff08\u5b9e\u9645\u4e0a\u6709140\u5b57\u8282\uff09\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1\nsyscall\n\n# close(4)\nmov rdi, tunnel\nmov rax, 3\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\nrequest: .space 256\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 7
In this challenge you will respond to a GET request for the contents of a specified file.
\u5b9e\u73b0\u4e00\u4e2a\u52a8\u6001\u4e00\u70b9\u7684\u670d\u52a1\u5668\u3002\u8fd9\u9898\u4e2d\uff0c\u5ba2\u6237\u7aef\u4f1a\u8bf7\u6c42\u670d\u52a1\u5668\u7aef\u8bfb\u53d6\u4e00\u4e2a\u6587\u4ef6\u5e76\u8fd4\u56de\u7ed3\u679c\u3002\u6587\u4ef6\u662f\u5224\u9898\u7a0b\u5e8f\u968f\u673a\u751f\u6210\u5728/tmp\u4e0b\u7684\uff0c\u5185\u5bb9\u957f\u5ea6\u4e5f\u662f\u968f\u673a\u7684\u3002\u6240\u4ee5\u5199\u4ee3\u7801\u7684\u65f6\u5019\u8981\u591a\u9884\u7559\u70b9\u7f13\u51b2\u533a\u6765\u4fdd\u5b58\u6587\u4ef6\u5185\u5bb9\u3002
open\u6587\u4ef6\u65f6\uff0c\u6587\u4ef6\u540d\u8981\u4ecerequest\u8bf7\u6c42\u91cc\u63d0\u53d6\u3002\u56e0\u4e3a\u751f\u6210\u7684\u6587\u4ef6\u540d\u957f\u5ea6\u662f\u56fa\u5b9a\u7684\uff0c\u6240\u4ee5\u61d2\u7701\u4e8b\u76f4\u63a5\u5728request\u7f13\u51b2\u533a\u91cc\u6539\u4e86\uff08\u5b57\u7b26\u4e32\u672b\u5c3e\\0\uff09\u3002
===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[ ] bind(3, {sa_family=AF_INET, sin_port=htons(<bind_port>), sin_addr=inet_addr(\"<bind_address>\")}, 16) = 0\n - Bind to port 80\n - Bind to address 0.0.0.0\n[ ] listen(3, 0) = 0\n[ ] accept(3, NULL, NULL) = 4\n[ ] read(4, <read_request>, <read_request_count>) = <read_request_result>\n[ ] open(\"<open_path>\", O_RDONLY) = 5\n[ ] read(5, <read_file>, <read_file_count>) = <read_file_result>\n[ ] close(5) = 0\n[ ] write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n[ ] write(4, <write_file>, <write_file_count>) = <write_file_result>\n[ ] close(4) = 0\n[ ] exit(0) = ?\n\n===== Trace: Parent Process =====\n[\u2713] execve(\"/proc/self/fd/3\", [\"/proc/self/fd/3\"], 0x7ffacc256990 /* 0 vars */) = 0\n[\u2713] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[\u2713] bind(3, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr(\"0.0.0.0\")}, 16) = 0\n[\u2713] listen(3, 0) = 0\n[\u2713] accept(3, NULL, NULL) = 4\n[\u2713] read(4, \"GET /tmp/tmpungh1ajd HTTP/1.1\\r\\nHost: localhost\\r\\nUser-Agent: python-requests/2.31.0\\r\\nAccept-Encoding: gzip, deflate\\r\\nAccept: */*\\r\\nConnection: keep-alive\\r\\n\\r\\n\", 256) = 155\n[\u2713] open(\"/tmp/tmpungh1ajd\", O_RDONLY) = 5\n[\u2713] read(5, \"3Hy3xnjNjQIBfP6QDUW4ekuQtBwdXQPbhtPFxawXzQ6LXVQDgs8ZlslYncY9DMQohXFVHFyMPnOI6kaGqURTh2fXHuKe2oqjntry7Pt5QQP0148CyzGKtmOigovhOHobD2zujqgJIRXxjny3UVL9\", 1024) = 148\n[\u2713] close(5) = 0\n[\u2713] write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n[\u2713] write(4, \"3Hy3xnjNjQIBfP6QDUW4ekuQtBwdXQPbhtPFxawXzQ6LXVQDgs8ZlslYncY9DMQohXFVHFyMPnOI6kaGqURTh2fXHuKe2oqjntry7Pt5QQP0148CyzGKtmOigovhOHobD2zujqgJIRXxjny3UVL9\", 148) = 148\n[\u2713] close(4) = 0\n[\u2713] exit(0) = ?\n[?] +++ exited with 0 +++\n\n===== Result =====\n[\u2713] Success\n\u4f7f\u7528\u7684\u6c47\u7f16\u4ee3\u7801\u5982\u4e0b\uff1a
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0 # sys_read\nsyscall\n\n# open(\"<open_path>\", O_RDONLY) = 5\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(5, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n\n# close(5)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\n# close(4)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequest: .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 8
In this challenge you will accept multiple requests.
\u4f7f\u7528\u4e00\u4e2a\u7a0b\u5e8f\u63a5\u53d7\u591a\u4e2a\u8bf7\u6c42\u3002\u7531\u4e8esocket\u6ca1\u6709\u5173\uff0c\u5728\u6700\u540e\u52a0\u4e00\u4e2aaccept\u5373\u53ef\u3002\u7a0b\u5e8f\u6700\u540eaccept\u8d85\u65f6sigkill\u9000\u51fa\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0 # sys_read\nsyscall\n\n# open(\"<open_path>\", O_RDONLY) = 5\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(5, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n\n# close(5)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\n# close(4)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\n\n# accept(3, NULL, NULL)\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequest: .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 9
In this challenge you will concurrently accept multiple requests.
\u8fd9\u9053\u9898\u662f\u8ba9\u505a\u4e00\u4e2a\u591a\u8fdb\u7a0b\uff0c\u7236\u8fdb\u7a0b\u8d1f\u8d23\u5faa\u73afaccept\uff0c\u5b50\u8fdb\u7a0b\u7528\u4e8e\u52a8\u6001\u5904\u7406\u6587\u4ef6\u8bfb\u5199\u3002\u6839\u636efork\u8fd4\u56de\u503c\u6765\u5224\u65ad\u7236\u8fdb\u7a0b\uff08\u8fd4\u56de\u503c\u4e3a\u5b50\u8fdb\u7a0bpid\uff09\u8fd8\u662f\u5b50\u8fdb\u7a0b\uff08\u8fd4\u56de\u503c\u4e3a0\uff09\u3002\u7236\u8fdb\u7a0b\u4e2d\uff0c\u5173\u95edtunnel\uff1b\u5b50\u8fdb\u7a0b\u4e2d\uff0c\u5173\u95edsockfd\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nparent_process_1:\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# fork() = <fork_result>\nmov rax, 57 # sys_fork\nsyscall\n\ntest rax, rax\njnz parent_process_2\njz child_process\n\nparent_process_2:\n\n# close(3)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\njmp parent_process_1\n\nchild_process:\n\n# close(3)\nmov rdi, sockfd\nmov rax, 3 # sys_close\nsyscall\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0 # sys_read\nsyscall\n\n# open(\"<open_path>\", O_RDONLY) = 3\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(3, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n\n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequest: .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 10
In this challenge you will respond to a POST request with a specified file and update its contents.
\u8fd9\u9053\u9898\u662f\u7528POST\u8bf7\u6c42\uff0c\u8981\u6c42\u7528\u591a\u8fdb\u7a0b\u5904\u7406\uff0c\u5728\u5b50\u8fdb\u7a0b\u4e2d\u628aPOST\u7684\u8bf7\u6c42\u4f53\u4fdd\u5b58\u5728\u4e34\u65f6\u6587\u4ef6\uff0c\u5e76\u8fd4\u56de200 OK\u3002\u8003\u8651\u5230\u6587\u4ef6\u540d\u662f\u5b9a\u957f\u7684\uff0c\u6240\u4ee5\u6cbf\u7528\u4e4b\u524d\u7684\u65b9\u6cd5\u5f97\u5230\u6587\u4ef6\u540d\u3002\u8fd9\u91cc\u7528\u7684\u4e00\u4e2atrick\u662f\u7528\"\\r\\n\\r\\n\"\u6765\u4ece\u8bf7\u6c42\u4e2d\u5206\u5272\u8bf7\u6c42\u4f53\uff0c\u5e76\u4e14\u5185\u5bb9\u7684\u8ba1\u7b97\u662f\u7528read\u7684\u8fd4\u56de\u503c\u51cf\u53bb\u504f\u79fb\u91cf\u7b97\u7684\u3002\u8fd9\u662f\u5077\u61d2\u6ca1\u6709\u5b9e\u73b0\u89e3\u6790Content-Length\u7684\u529f\u80fdhhh
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nparent_process_1:\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# fork() = <fork_result>\nmov rax, 57 # sys_fork\nsyscall\n\ntest rax, rax\njnz parent_process_2\njz child_process\n\nparent_process_2:\n\n# close(3)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\njmp parent_process_1\n\nchild_process:\n\n# close(3)\nmov rdi, sockfd\nmov rax, 3 # sys_close\nsyscall\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov requestlen, rax\n\n# open(\"<open_path>\", O_WRONLY|O_CREAT, 0777) = 3\nlea rdi, [request+5] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0x41 # O_WRONLY | O_CREAT\nmov rdx, 0777\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# locate POST body\nmov rcx, 0\nmov ebx, separate\nlocate_body:\nmov eax, [request+rcx]\nadd rcx, 1\ncmp eax, ebx\njne locate_body\n# extrace POST body\nadd rcx, 3\nmov rdi, txtfile\nlea rsi, [request+rcx]\nmov rdx, requestlen\nsub rdx, rcx\nmov rax, 1 # sys_write\nsyscall\n\n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequestlen: .quad 0\nrequest: .space 1024\nfilecontent: .space 1024\nseparate: .ascii \"\\r\\n\\r\\n\"\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 11
In this challenge you will respond to multiple concurrent GET and POST requests.
\u76f4\u63a5\u53d1\u4e86\u4e00\u5806GET\u548cPOST\u6df7\u5408\u8bf7\u6c42\u3002\u4e0d\u8fc7\u597d\u50cf\u6ca1\u8bf4\u6bcf\u4e2a\u8bf7\u6c42\u8981\u5e72\u561b\uff0c\u5c31\u76f4\u63a5\u7ed3\u5408\u4e0blevel9\u548clevel10\u7684\u7ed3\u679c\uff0c\u6bd4\u8f83request\u662f\u4ee5POST\u5f00\u5934\u8fd8\u662fGET\u5f00\u5934\uff0c\u5206\u522b\u8df3\u8f6c\u5230\u5bf9\u5e94\u7684\u903b\u8f91\u5c31\u884c\u4e86\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nparent_process_1:\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# fork() = <fork_result>\nmov rax, 57 # sys_fork\nsyscall\n\ntest rax, rax\njnz parent_process_2\njz child_process\n\nparent_process_2:\n\n# close(3)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\njmp parent_process_1\n\nchild_process:\n\n# close(3)\nmov rdi, sockfd\nmov rax, 3 # sys_close\nsyscall\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov requestlen, rax\n\n# check GET or POST\nmov eax, request\nmov ebx, requestget\ncmp eax, ebx\nje handle_get\nmov ebx, requestpost\ncmp eax, ebx\nje handle_post\n\njmp program_exit\n\nhandle_get:\n# open(\"<open_path>\", O_RDONLY) = 3\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(3, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\njmp program_exit\n\nhandle_post:\n# open(\"<open_path>\", O_WRONLY|O_CREAT, 0777) = 3\nlea rdi, [request+5] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0x41 # O_WRONLY | O_CREAT\nmov rdx, 0777\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# locate POST body\nmov rcx, 0\nmov ebx, separate\nlocate_body:\nmov eax, [request+rcx]\nadd rcx, 1\ncmp eax, ebx\njne locate_body\n# extrace POST body\nadd rcx, 3\nmov rdi, txtfile\nlea rsi, [request+rcx]\nmov rdx, requestlen\nsub rdx, rcx\nmov rax, 1 # sys_write\nsyscall\n\n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\nprogram_exit:\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequestlen: .quad 0\nrequest: .space 1024\nfilecontent: .space 1024\nrequestget: .ascii \"GET \"\nrequestpost: .ascii \"POST\"\nseparate: .ascii \"\\r\\n\\r\\n\"\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 1
\u8fd0\u884c/challenge\u4e0b\u7684\u6587\u4ef6\uff0c\u4f1a\u81ea\u52a8\u6253\u5f00gdb\uff0c\u8f93\u5165run\u542f\u52a8\u7a0b\u5e8f\uff0c\u8fdb\u5165\u7b2c\u4e00\u5173\u3002\u7b2c\u4e00\u5173\u4e3b\u8981\u662f\u8bb2\u4e0b\u5927\u81f4\u7684\u9898\u76ee\u8981\u6c42\uff0c\u5728\u8fd9\u91cc\u6309C\u7ee7\u7eed\u8fd0\u884c\u4f1a\u76f4\u63a5\u7ed9\u51faflag\u3002
Level 2
\u672c\u5173run\u4ee5\u540ep/x $r12\u7136\u540e\u6309C\uff0c\u628a\u7ed3\u679c\u8f93\u5165\u5c31\u884c\u3002
Level 3
\u8fd9\u4e00\u5173\u4e3b\u8981\u662f\u719f\u6089\u6253\u5370\u5185\u5b58\u6570\u636e\uff0c\u53ef\u4ee5\u5728\u6309C\u8fdb\u5165\u7a0b\u5e8f\u524d\u540e\u7528x/20gx $rsp\u5bf9\u6bd4\u4e00\u4e0b\u6808\u4e0a\u4ec0\u4e48\u6570\u636e\u6539\u53d8\u4e86\u3002\u7b97\u662f\u4e0d\u770b\u6c47\u7f16\u7684\u4e00\u70b9\u5c0ftrick\u3002
Level 4
\u8fd9\u5173\u7684\u6ca1\u7528\u6b63\u5e38\u89e3\u6cd5\u3002\u6709\u4e00\u70b9\u5c0ftrick\uff1a\u4f7f\u7528disas $pc\u67e5\u770b\u53d1\u73b0\u6709\u4e2awin\u51fd\u6570\uff0c\u53c2\u6570\u7528\u76840\u3002\u76f4\u63a5set $rax=0\uff0cset $pc=xxx\u8df3\u8f6c\u5230win\u7684\u51fd\u6570\u5c31\u884c\u4e86\u3002
Level 5
\u8fd9\u9898\u63d0\u793a\u53ef\u4ee5\u7f16\u5199gdb\u811a\u672c\uff0c\u52a0\u8f7d\u540e\u4f1a\u81ea\u52a8\u6267\u884c\u3002\u8fd9\u9053\u9898\u76ee\u4f1a\u5728\u5faa\u73af\u4e2d\u591a\u6b21\u8bbe\u7f6e\u968f\u673a\u6570\uff0c\u6240\u4ee5\u9700\u8981\u81ea\u52a8\u5316\u89e3\u51b3\u3002
run\u540e\u5148disas $pc\u770b\u4e00\u770bmain\u51fd\u6570\u7684\u5173\u952e\u903b\u8f91\uff1a
0x000055981a8ccd40 <+666>: mov esi,0x0\n0x000055981a8ccd45 <+671>: lea rdi,[rip+0xd5e] # 0x55981a8cdaaa\n0x000055981a8ccd4c <+678>: mov eax,0x0\n0x000055981a8ccd51 <+683>: call 0x55981a8cc250 <open@plt>\n0x000055981a8ccd56 <+688>: mov ecx,eax\n0x000055981a8ccd58 <+690>: lea rax,[rbp-0x18]\n0x000055981a8ccd5c <+694>: mov edx,0x8\n0x000055981a8ccd61 <+699>: mov rsi,rax\n0x000055981a8ccd64 <+702>: mov edi,ecx\n0x000055981a8ccd66 <+704>: call 0x55981a8cc210 <read@plt>\n0x000055981a8ccd6b <+709>: lea rdi,[rip+0xd46] # 0x55981a8cdab8\n0x000055981a8ccd72 <+716>: call 0x55981a8cc190 <puts@plt>\n0x000055981a8ccd77 <+721>: lea rdi,[rip+0xd5a] # 0x55981a8cdad8\n0x000055981a8ccd7e <+728>: mov eax,0x0\n0x000055981a8ccd83 <+733>: call 0x55981a8cc1d0 <printf@plt>\n0x000055981a8ccd88 <+738>: lea rax,[rbp-0x10]\n0x000055981a8ccd8c <+742>: mov rsi,rax\n0x000055981a8ccd8f <+745>: lea rdi,[rip+0xd51] # 0x55981a8cdae7\n0x000055981a8ccd96 <+752>: mov eax,0x0\n0x000055981a8ccd9b <+757>: call 0x55981a8cc260 <__isoc99_scanf@plt>\n\u731c\u6d4b\u57280x000055981a8ccd51\u5904\u7684open\u662f\u6253\u5f00\u4e86\u968f\u673a\u6570\u53d1\u751f\u5668\uff08\u6bd4\u5982/dev/urandom\uff09\uff0c\u7136\u540e0x000055981a8ccd66\u5904\u7684read\u662f\u8bfb8\u4e2a\u5b57\u8282\uff0c\u5373\u6700\u7ec8\u7684\u968f\u673a\u6570\uff0c\u4fdd\u5b58\u5728rsi\u5bc4\u5b58\u5668\u6307\u5411\u7684\u4f4d\u7f6e\uff0c\u5373rbp-0x18\u5904\u3002\u6240\u4ee5\u81ea\u52a8\u5316\u811a\u672c\u53ef\u4ee5\u57280x000055981a8ccd72\u5904\uff08\u5373*main+716\uff09\u6253\u4e2a\u65ad\u70b9\uff0c\u6253\u5370\u6b64\u65f6rbp-0x18\u7684\u503c\u3002
\u5373\u5148\u7f16\u5199\u4e0b\u8ff0\u811a\u672c\uff0c\u7136\u540e\u542f\u52a8\u7a0b\u5e8f\u65f6-x\u8ffd\u52a0\u811a\u672c\u5373\u53ef\u3002
start\nbreak *main+716\ncommands\n silent\n set $local_variable = *(unsigned long long*)($rbp-0x18)\nprintf \"Current value: %llx\\n\", $local_variable\ncontinue\nend\ncontinue\n\u5f53\u7136\u89e3\u6cd5\u6709\u5f88\u591a\uff0c\u770bdisas\u540e\u7684\u7ed3\u679c\uff0c\u8f93\u5165\u7684\u6570\u636e\u88abscanf\u4fdd\u5b58\u5230rbp-0x10\u5904\uff0c\u4e0erbp-0x18\u6bd4\u8f83\u3002\u4e5f\u53ef\u4ee5\u5728\u6bd4\u8f83\u524d\u76f4\u63a5\u4fee\u6539\u5bc4\u5b58\u5668\u8ba9\u503c\u76f8\u7b49\u3002
Level 6
\u8fd9\u4e00\u5173\u624d\u6559\u600e\u4e48\u7528set\u6539\u5bc4\u5b58\u5668\uff0c\u4ece\u800c\u4fee\u6539\u7a0b\u5e8f\u6267\u884c\u903b\u8f91\u3002\u662f\u4e0d\u662f\u53ef\u4ee5\u6697\u793a\u76f4\u63a5\u62ffflag\uff1frun\u540eset $rip=*main+715\uff0c\u7136\u540e\u7ee7\u7eed\u8fd0\u884c\u7a0b\u5e8f\u3002
Level 7
\uff1f\uff1f\uff1f\u539f\u6765\u8fd8\u53ef\u4ee5\u8fd9\u4e48\u73a9\uff1f\uff1f
Level 8
\u76f4\u63a5\u8c03\u7528call (void)win()\uff0c\u53ef\u4ee5disas *win\u770b\u4e00\u4e0bwin\u51fd\u6570\u3002
0x0000556609b49951 <+0>: endbr64\n0x0000556609b49955 <+4>: push rbp\n0x0000556609b49956 <+5>: mov rbp,rsp\n0x0000556609b49959 <+8>: sub rsp,0x10\n0x0000556609b4995d <+12>: mov QWORD PTR [rbp-0x8],0x0\n0x0000556609b49965 <+20>: mov rax,QWORD PTR [rbp-0x8]\n0x0000556609b49969 <+24>: mov eax,DWORD PTR [rax]\n0x0000556609b4996b <+26>: lea edx,[rax+0x1]\n0x0000556609b4996e <+29>: mov rax,QWORD PTR [rbp-0x8]\n0x0000556609b49972 <+33>: mov DWORD PTR [rax],edx\n0x0000556609b49974 <+35>: lea rdi,[rip+0x73e] # 0x556609b4a0b9\n0x0000556609b4997b <+42>: call 0x556609b49180 <puts@plt>\n\u53ef\u89c1\u57280x0000556609b49969\u5904\uff0c\u4ecerax\u6307\u5411\u7684\u5730\u5740\u8bfb\u53d64\u5b57\u8282\u3002\u4f46\u662f\u6b64\u65f6rax\u5728\u524d\u4e24\u6761\u8bed\u53e5\u5df2\u7ecf\u88ab\u4fee\u6539\u4e3a0\u4e86\uff0c\u6240\u4ee5\u89e6\u53d1NULL\u6307\u9488\u89e3\u5f15\u7528\uff0c\u5f15\u8d77SIGSEGV\u9000\u51fa\u3002\u6240\u4ee5\u8bd5\u8bd5\u76f4\u63a5\u8df3\u8fc7\u8fd9\u6bb5\uff0c\u8fdb\u5165win\u65f6\u4fee\u6539rip\u5bc4\u5b58\u5668\u5373\u53ef\u3002
\u4f9d\u6b21\u6267\u884c\uff1abreak *win\uff0ccall (void)win()\uff0cset $rip=*win+35\uff0cc\u5373\u53ef\u3002
Level 1.0
Reverse engineer this challenge to find the correct license key.
\u4ece\u6b64\u5f00\u59cb\u662f\u4e00\u4e2a\u8bc1\u4e66\u9a8c\u8bc1\u7a0b\u5e8f\uff0c\u8981\u6c42\u8f93\u5165key\u6765\u83b7\u53d6flag\u3002\u7b2c\u4e00\u9898\u76f4\u63a5enter\u8fd0\u884c\uff0c\u4f1a\u8f93\u51fa\u539f\u59cb\u8f93\u5165\u3001\u5904\u7406\u540e\u7684\u8f93\u5165\u4ee5\u53ca\u6b63\u786e\u7b54\u6848\u3002\u8fd0\u884c\u4e24\u6b21\u4ee5\u540e\u53d1\u73b0\u5904\u7406\u540e\u7684\u8f93\u5165\u548c\u539f\u59cb\u8f93\u5165\u662f\u4e00\u6837\u7684\uff0c\u5e76\u4e14\u6b63\u786e\u7b54\u6848\u662f\u56fa\u5b9a\u7684\u3002
\u76f4\u63a5python\u91cc\u8fd0\u884c\u4e0b[chr(i) for i in [0x75,0x62,0x61,0x6a,0x68]]\uff08\u53ef\u80fd\u9700\u8981\u4fee\u65390xXX\u7684\u503c\uff09\uff0c\u7136\u540e\u5c31\u5f97\u5230key\u4e86\u3002
Level 1.1
Reverse engineer this challenge to find the correct license key.
\u8fd9\u4e00\u9898\u6ca1\u6709\u76f4\u63a5\u628a\u6b63\u786e\u7b54\u6848\u5217\u51fa\u6765\u3002\u4e00\u79cd\u65b9\u6848\u662f\u5148gdb\u542f\u52a8\u7a0b\u5e8f\uff0c\u7136\u540e\u5728\u8981\u6c42\u8f93\u5165\u5bc6\u94a5\u7684\u65f6\u5019ctrl+c\u6682\u505c\u7a0b\u5e8f\uff0c\u7528bt\u67e5\u770b\u8c03\u7528\u6808\uff0c\u53ef\u4ee5\u770b\u5230__libc_start_main (main=0xXXXXX, argc=1, ....)\u3002\u7136\u540e\u67e5\u770bmain\u51fd\u6570\u7684\u6c47\u7f16\u6307\u4ee4x/80i 0xXXXX\uff0c\u53ef\u4ee5\u770b\u5230\u5176\u4e2d\u7684memcmp@plt\u51fd\u6570\u6240\u4f7f\u7528\u7684\u7684rsi\u6765\u81ea[rip+0x2abf]\u3002\u6307\u4ee4\u540e\u9762\u7684#\u6ce8\u91ca\u63d0\u793a\u4e86\u5bf9\u5e94\u7684\u5730\u5740\uff0c\u76f4\u63a5\u7528x/5c <address>\u67e5\u770b\u5bc6\u94a5\u5373\u53ef\u3002
\u6ce8\u610f\u6700\u540e\u8f93\u5165\u5bc6\u94a5\u65f6\u8981\u76f4\u63a5\u8fd0\u884c\u7a0b\u5e8f\uff0c\u4e0d\u8981\u5728gdb\u91cc\u9762\u8f93\uff0c\u4f1a\u63d0\u793a\u6743\u9650\u4e0d\u591f\u3002
Level 2.0
Reverse engineer this challenge to find the correct license key, but your input will be modified somehow before being compared to the correct key.
\u8fd9\u9053\u9898\u76ee\u4ea4\u6362\u4e86\u8f93\u5165\u5b57\u7b26\u4e32\u7684index 1\u548cindex 4\u7684\u5b57\u7b26\u3002
Level 2.1
\u8fd9\u9053\u9898\u76ee\u57282.0\u7684\u57fa\u7840\u4e0a\u9690\u53bb\u4e86\u8f93\u5165\u8f93\u51fa\u7ed3\u679c\u7684\u663e\u793a\uff0c\u56e0\u6b64\u9700\u8981gdb\u770b\u4e00\u4e0b\u505a\u4e86\u4ec0\u4e48\u64cd\u4f5c\u3002\u6309\u71671.1\u7684\u65b9\u6cd5\u67e5\u770bmemcmp\u9644\u8fd1\u7684\u51fd\u6570\uff0c\u53ef\u89c1\uff1a
0x5584f463251f: lea rax,[rbp-0xe]\n0x5584f4632523: mov edx,0x5\n0x5584f4632528: mov rsi,rax\n0x5584f463252b: mov edi,0x0\n0x5584f4632530: call 0x5584f46321a0 <read@plt>\n0x5584f4632535: movzx eax,BYTE PTR [rbp-0xe]\n0x5584f4632539: mov BYTE PTR [rbp-0x10],al\n0x5584f463253c: movzx eax,BYTE PTR [rbp-0xd]\n0x5584f4632540: mov BYTE PTR [rbp-0xf],al\n0x5584f4632543: movzx eax,BYTE PTR [rbp-0xf]\n0x5584f4632547: mov BYTE PTR [rbp-0xe],al\n0x5584f463254a: movzx eax,BYTE PTR [rbp-0x10]\n0x5584f463254e: mov BYTE PTR [rbp-0xd],al\n0x5584f4632551: lea rdi,[rip+0xdb0] # 0x5584f4633308\n0x5584f4632558: call 0x5584f4632140 <puts@plt>\n0x5584f463255d: lea rax,[rbp-0xe]\n0x5584f4632561: mov edx,0x5\n0x5584f4632566: lea rsi,[rip+0x2aa3] # 0x5584f4635010\n0x5584f463256d: mov rdi,rax\n0x5584f4632570: call 0x5584f46321b0 <memcmp@plt>\n\u8f93\u5165\u7684\u5b57\u7b26\u4e32\u88ab\u4fdd\u5b58\u5728[rbp-0xe]\u5904\uff0c\u4e14\u8fdb\u884c\u4e86[rbp-0xe]\u548c[rbp-0xd]\u7684\u4ea4\u6362\u3002\u4e5f\u5c31\u662f\u8bf4\u8f93\u5165\u5b57\u7b26\u4e32\u7684\u524d\u4e24\u4e2a\u5b57\u7b26\u88ab\u4ea4\u6362\u4e86\u3002\u67e5\u770bmemcmp\u52a0\u8f7d\u5230rsi\u7684\u5730\u5740\u5185\u5bb9x/5c 0x5584f4635010\u5f97\u5230\u5bf9\u5e94\u7684\u7b54\u6848\uff0c\u4ea4\u6362\u524d\u4e24\u4e2a\u5b57\u7b26\u5373\u53ef\u3002
Level 3.0-3.1
\u8fd0\u884c\u7a0b\u5e8f\uff0c\u968f\u4fbf\u8f93\u51e0\u4e2a\u6570\u3002\u663e\u5f0f\u544a\u8bc9\u4e86\u89c4\u5219\u662f\u9006\u5e8f\uff0c\u53c8\u628a\u6b63\u786e\u7b54\u6848\u6253\u5370\u51fa\u6765\u4e86\u3002
3.1\u731c\u6d4b\u548c3.0\u4e00\u6837\u4e5f\u662f\u9006\u5e8f\u3002\u76f4\u63a5\u63092.1\u7684\u65b9\u6cd5\u770b\u4e00\u4e0b[rbp-0xe]\u5904\u7684\u503c\u7136\u540e\u9006\u5e8f\u8f93\u5165\u5c31\u884c\u3002
Level 4.0-4.1
\u89c4\u5219\u662f\u8fdb\u884c\u9012\u589e\u6392\u5e8f\u3002\u8fd9\u4e0b\u53ea\u9700\u8981\u5305\u542b\u8fd9\u4e9b\u5b57\u6bcd\u5c31\u884c\u3002\uff08\u8fd9\u4e0d\u662f\u66f4\u7b80\u5355\u4e86\u2026\u2026\uff09
Level 5.0-5.1
\u8fd9\u9053\u9898\u662f\u5bf9\u8f93\u5165\u5b57\u7b26\u8fdb\u884c\u5f02\u6216\u3002\u7b80\u5355\u5199\u4e86\u4e2apython\uff0c\u5728\u63a7\u5236\u53f0\u4ea4\u4e92\u65f6\u8fd0\u884c\u4e0b\uff1a
tx = lambda x:int(x,16)\n''.join([chr(i^0xb8) for i in [tx(a) for a in 'd6 d5 d6 cf da'.split() ]])\n5.1\u548c5.0\u7c7b\u4f3c\uff0c\u4eff\u7167\u4e4b\u524d\u7684\u65b9\u6cd5\u53ef\u4ee5\u770b\u5230\u5f02\u6216\u7528\u7684\u662f0x1c\u3002
Level 6.0
\u8fd9\u9053\u9898\u7ed3\u5408\u4e86\u4ea4\u6362\u3001\u5f02\u6216\u3001\u9006\u5e8f\u4e09\u79cd\u64cd\u4f5c\uff0c\u5e72\u8106\u5199\u4e2a\u811a\u672c\u5904\u7406\u4e0b\u5427\u3002
def do_reverse(li):\n return li[::-1]\n\ndef do_swap(li, idx1, idx2):\n li[idx1], li[idx2] = li[idx2], li[idx1]\n return li\n\ndef do_xor(li, key):\n xor_li = []\n while key > 0:\n xor_li.insert(0, key & 0xff)\n key >>= 8\n for i in range(len(li)):\n li[i] ^= xor_li[i % len(xor_li)]\n return li\n\ndef do_sort(li):\n li.sort()\n return li\n\ndef sanitize(s):\n if type(s) is str:\n f = lambda tx: int(tx,16)\n return [f(i) for i in s.split()]\n if type(s) is list:\n return ''.join([chr(i) for i in s])\n\nprint(sanitize(do_swap(do_xor(do_reverse(sanitize('51 90 52 86 58 98 4d 81 4b 84 4f 9a 57 8c 51 91 56')),0x3ef5),5,6)))\n6.1\u6709\u70b9\u5947\u602a\uff0c\u770b\u6c47\u7f16\u597d\u50cf\u662f\u5148\u9006\u5e8f\u4e00\u904d\uff0c\u518d\u9006\u5e8f\u4e00\u904d\uff0c\u518d\u9010\u5b57\u8282\u4e0e0xbb\u5f02\u6216\u3002\u597d\u50cf\u548c5.0\u7684\u7f6e\u6362-\u5f02\u6216-\u9006\u5e8f\u4e0d\u4e00\u6837\u7684\uff1f\u53ef\u80fd\u662f\u968f\u673a\u9009\u62e9\u7b56\u7565\u5427\u3002
Level 7.0-7.1
7.0\u7528\u4e0a\u4e00\u4e2a\u811a\u672c\u5373\u53ef\u3002
print(sanitize(do_swap(do_sort(do_xor(do_swap(do_xor(sanitize(' 16 34 42 00 13 31 46 0d 1c 3b 4e 15 05 22 52 10 04 22 54 1c 0f 2e 59 1d 0e 2f 5b'),0x85a4d396),13,16),0xf2)),7,10)))\n7.1\u662f\u5148\u548c0x15ca\u5f02\u6216\uff0c\u7136\u540e\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9012\u589e\u6392\u5e8f
print(sanitize(do_xor(sanitize('60 61 64 66 67 6c 70 70 71 74 77 7c 7c 7d 7f a5 a5 a5 a8 ab ab af b0 b3 b8 b9 ba bb'),0x15ca)))\nprint(sanitize(do_xor(sanitize('60 61 64 66 67 6c 70 70 71 74 77 7c 7c 7d 7f a5 a5 a5 a8 ab ab af b0 b3 b8 b9 ba bb'),0xca15)))\n\n#u\u00abq\u00acr\u00a6e\u00bad\u00beb\u00b6i\u00b7jo\u00b0o\u00bda\u00bee\u00a5y\u00ads\u00afq\n#\u00aat\u00aes\u00ady\u00bae\u00bba\u00bdi\u00b6h\u00b5\u00b0o\u00b0b\u00bea\u00baz\u00a6r\u00acp\u00ae\n#\u7136\u540e\u628a\u4e24\u4e2a\u7ed3\u679c\u4e2d\u5b57\u6bcd\u6392\u8d77\u6765\n#utqsryeedabiihjooobaaezyrspq\nCSE 365\u8fd8\u662f\u5c5e\u4e8e\u6bd4\u8f83\u5165\u95e8\u7684\u7c7b\u578b\uff0c\u6253\u597d\u57fa\u7840\uff01
"},{"location":"python/","title":"Python","text":""},{"location":"python/#_1","title":"\u4e00\u4e9b\u5c0f\u70b9","text":"obj.__dir__() \u6216\u8005dir(obj)
\u6839\u636e\u7528\u6237\u4f20\u53c2\u800c\u6267\u884c\u4e0d\u540c\u7684\u529f\u80fd\uff0c\u53c8\u5206\u591a\u4e2a\u5c42\u6b21\u3002\u6bd4\u5982pip3\u547d\u4ee4\uff0c\u53ef\u4ee5\u6709pip3 install\u548cpip3 freeze\u7b49\u7b49\uff0c\u5bf9\u4e8e\u6bcf\u4e00\u4e2a\u5b50\u89e3\u6790\u53c8\u6709\u8fdb\u4e00\u6b65\u7684\u53c2\u6570\uff0c\u6bd4\u5982pip3 install --upgrade, pip3 install --force-reinstall\u7b49\u7b49\u3002
import argparse\n\ndef populate_parser(parser):\n parser.add_argument('input_file', type=str, help=\"Path to the file containing the mutated input to load\")\n parser.add_argument('--prefix-input', dest='prefix_input_path', type=str, help=\"(Optional) Path to the file containing a constant input to load\")\n parser.add_argument('-c', '--config', default=\"config.yml\", help=\"The emulator configuration to use. Defaults to 'config.yml'\")\n\n # Verbosity switches\n parser.add_argument('-v', '--print-exit-info', default=False, action=\"store_true\", help=\"Print some information about the exit reason.\")\n parser.add_argument('-t', '--trace-funcs', dest='trace_funcs', default=False, action='store_true')\nparser = argparse.ArgumentParser(description=\"Fuzzware\")\nsubparsers = parser.add_subparsers(title=\"Fuzzware Components\", help='Fuzzware utilities:', description=\"Fuzzware supports its different functions using a set of utilities.\\n\\nUse 'fuzzware <util_name> -h' for more details.\")\nparser_pipeline = subparsers.add_parser(MODE_PIPELINE, help=\"Running the full pipeline. Fuzzware's main utility.\")\nparser_pipeline.set_defaults(func=do_pipeline)\n# Pipeline command-line arguments\nparser_pipeline.add_argument('target_dir', nargs=\"?\", type=os.path.abspath, default=os.curdir, help=\"Directory containing the main config. Defaults to the current working dir.\")\n\n\nparser = argparse.ArgumentParser(description=\"Fuzzware emulation harness\")\npopulate_parser(parser)\n\u9664\u4e86argparse\u4ee5\u5916\uff0c\u53ef\u4ee5\u628a\u4e00\u4e9b\u5f88\u957f\u7684\u914d\u7f6e\u6570\u636e\uff08\u6bd4\u5982\u591a\u5230\u547d\u4ee4\u884c\u6572\u662f\u4e0d\u73b0\u5b9e\u7684\uff09\u653e\u5230yml\u91cc\uff0c\u7136\u540e\u7528yaml\u8bfb\u53d6\uff0c\u5f97\u5230\uff08\u5d4c\u5957\u7684\uff09\u5b57\u5178\uff0c\u7136\u540e\u518d\u53d6\u5185\u5bb9\u5c31\u5f88\u65b9\u4fbf\u4e86\u3002\u9700\u8981pip\u5b89\u88c5pyyaml\u8fd9\u4e2a\u5305
import yaml\n\nwith open('config.yml', 'rb') as f:\n data = yaml.load(f, Loader=yaml.FullLoader)\n print(data)\n\u90a3\u4e48data\u5c31\u662f\u4e00\u4e2a\u5b57\u5178\uff0c\u6839\u636eyml\u91cc\u7684\u5185\u5bb9\u53ef\u80fd\u6210\u4e3a\u5d4c\u5957\u5173\u7cfb\u3002\u5b57\u5178\u91cc\u4e3a\u7a7a\u7684\u503c\u4f1a\u53d8\u6210None\uff0ctrue\u6216True\u6216TRUE\u90fd\u4f1a\u53d8\u6210True\uff0c\u6570\u5b57\u4f1a\u88ab\u8bc6\u522b\u6210\u6574\u6570\u6216\u6d6e\u70b9\u6570\uff0c\u5b57\u7b26\u4e32\u4f1a\u88ab\u8bc6\u522b\u6210\u5b57\u7b26\u4e32\uff08\u542b\u7a7a\u683c\uff09
\u6bd4\u5982\u4e0b\u9762\u7684yml\u6587\u4ef6
item:\ntest1: 1\ntest2: 2\ntest2.1: TRUE\ntest2.2: true\ntest2.3: True\nmatters:\ntest3: 3\n3: 333\ntest4: 4\ntest5: ${item.test1}\ntest6: a b c d\ntest7: \u4f1a\u88ab\u8bc6\u522b\u4e3a
{'item': {'test1': 1, 'test2': 2, 'test2.1': True, 'test2.2': True, 'test2.3': True}, 'matters': {'test3': 3, 3: 333, 'test4': 4, 'test5': '${item.test1}', 'test6': 'a b c d', 'test7': None}}\n\u5728\u5f00\u53d1\u7a0b\u5e8f\u7684\u65f6\u5019\uff0c\u9047\u5230bug\u6216\u8005\u60f3\u5f04\u6e05\u695a\u4e34\u65f6\u7ed3\u679c\u3001\u63a7\u5236\u6d41\u8d70\u5411\u7684\u65f6\u5019\uff0c\u91c7\u7528print\u7684\u4f20\u7edf\u65b9\u6cd5\u6765\u6253\u5370\u53d8\u91cf\u6709\u70b9\u8fc7\u4e8e\u8822\u7b28\u4e86\u3002\u800c\u4f7f\u7528logging\u53ef\u4ee5\u968f\u65f6\u6253\u5370\u6570\u636e\u5230\u63a7\u5236\u53f0\u6216\u6587\u4ef6\uff0c\u53ef\u4ee5\u81ea\u5b9a\u4e49\u6253\u5370\u8303\u56f4\uff0c\u800c\u4e14\u6613\u4e8e\u8c03\u8bd5\u3002
import logging\n\nlogging.basicConfig(format='[%(levelname)s %(filename)s:%(lineno)d]: %(message)s', stream=sys.stdout, level=logging.DEBUG)\nlogger = logging.getLogger('TEST')\n\nlogger.debug('here is a test!')\nlogger.info('info level')\n\u5f53\u7136\u4e5f\u53ef\u4ee5\u5168\u9762\u4e86\u89e3\u4e0blogging\uff0c\u63a8\u8350\u9605\u8bfb\u8fd9\u4e2a\u77e5\u4e4e\u4e13\u680f
import logging\n\n# 1\u3001\u521b\u5efa\u4e00\u4e2alogger\nlogger = logging.getLogger('mylogger')\nlogger.setLevel(logging.DEBUG)\n\n# 2\u3001\u521b\u5efa\u4e00\u4e2ahandler\uff0c\u7528\u4e8e\u5199\u5165\u65e5\u5fd7\u6587\u4ef6\nfh = logging.FileHandler('test.log')\nfh.setLevel(logging.DEBUG)\n\n# \u518d\u521b\u5efa\u4e00\u4e2ahandler\uff0c\u7528\u4e8e\u8f93\u51fa\u5230\u63a7\u5236\u53f0\nch = logging.StreamHandler()\nch.setLevel(logging.DEBUG)\n\n# 3\u3001\u5b9a\u4e49handler\u7684\u8f93\u51fa\u683c\u5f0f\uff08formatter\uff09\nformatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')\n\n# 4\u3001\u7ed9handler\u6dfb\u52a0formatter\nfh.setFormatter(formatter)\nch.setFormatter(formatter)\n\n# 5\u3001\u7ed9logger\u6dfb\u52a0handler\nlogger.addHandler(fh)\nlogger.addHandler(ch)\n\u4ee5\u53ca\u4fee\u6539log\u7684\u989c\u8272(\u4e0d\u8fc7\u6ca1\u6709\u8bd5\u8fc7\uff0c\u4e0d\u77e5\u9053\u662f\u5426\u53ef\u7528)
"},{"location":"python/#_3","title":"\u63a5\u53e3\u8bbe\u8ba1","text":"\u4e00\u7cfb\u5217\u76f8\u4f3c\u7684\u51fd\u6570\u5b8c\u6210\u76f8\u4f3c\u7684\u529f\u80fd\uff08\u6bd4\u5982\u4e0d\u540c\u89e3\u6790\u51fd\u6570\u89e3\u6790\u4e0d\u540c\u79cd\u7c7b\u7684\u65e5\u5fd7\uff0c\u90fd\u5b8c\u6210\u201c\u6570\u636e\u5904\u7406\u201d\u8fd9\u4e00\u529f\u80fd\uff09\u65f6\uff0c\u53ef\u4ee5\u5c06\u51fd\u6570\u540d\u4f5c\u4e3a\u53c2\u6570\u4f20\u5165\u516c\u5171\u5904\u7406\u51fd\u6570\uff0c\u8bbe\u8ba1\u66f4\u6e05\u6670\u3002
import re\n\n# 0000 11c4 0\nbb_regex = re.compile(r\"([0-9a-f]+) ([0-9a-f]+) ([0-9]+)\")\ndef parse_bb_line(line):\n event_id, pc, cnt = bb_regex.match(line).groups()\n\n event_id = int(event_id, 16)\n pc = int(pc, 16)\n cnt = int(cnt)\n\n return event_id, pc, cnt\n\ndef parse_mmio_set_line(line):\n pc, addr, mode = line.split(\" \")\n return (int(pc, 16), int(addr, 16), mode[0])\n\ndef _parse_file(filename, line_parser):\n try:\n with open(filename, \"r\") as f:\n return [line_parser(line) for line in f.readlines() if line]\n except FileNotFoundError:\n return []\n\ndef parse_bbl_trace(filename):\n return _parse_file(filename, parse_bb_line)\n\ndef parse_mmio_set(filename):\n return _parse_file(filename, parse_mmio_set_line)\nCap'n Proto\u597d\u50cf\u662f\u4e00\u79cd\u5e2e\u52a9\u5feb\u901f\u5e8f\u5217\u5316/\u53cd\u5e8f\u5217\u5316\u7684\u5de5\u5177\uff0cpython\u8fd9\u8fb9\u5c01\u88c5\u4e86C++\u7684\u5b9e\u73b0\uff0c\u9700\u8981pip\u5b89\u88c5pycapnp\u8fd9\u4e2a\u5305\u3002\u4f7f\u7528\u65f6\u9700\u8981\u9996\u5148\u5b9a\u4e49\u6570\u636e\u7ed3\u6784\uff0c\u6bd4\u5982\uff1a
// test.capnp\nstruct TraceEvent {\nunion {\nbasicBlock @0 :BasicBlock;\naccess @1 :Access;\n}\n}\n\nstruct BasicBlock {\npc @0 :UInt32;\nlr @1 :UInt32;\n}\n\nstruct Access {\ntarget @0 :AccessTarget;\ntype @1 :AccessType;\nsize @2 :UInt8;\npc @3 :UInt32;\n}\n\nenum AccessTarget {\nram @0;\nmmio @1;\n}\nenum AccessType {\nread @0;\nwrite @1;\n}\nimport capnp\nimport test_capnp\n\n# \u8fde\u7eed\u5199\u5165\u6587\u4ef6\uff0c\u5bf9union\u521d\u59cb\u5316\ntrace_file = open('test.bin','wb')\nevent = test_capnp.TraceEvent.new_message()\nbasicBlock = event.init('basicBlock')\nbasicBlock.pc = uc.reg_read(UC_ARM_REG_PC)\nbasicBlock.lr = uc.reg_read(UC_ARM_REG_LR)\nevent.write(trace_file)\nevent.write(trace_file)\ntrace_file.close()\n\n# \u4ece\u6587\u4ef6\u4e2d\u8fde\u7eed\u8bfb\u53d6\uff0c\u89e3\u6790union\ntrace_file = open('test.bin','rb')\nfor event in test_capnp.TraceEvent.read_multiple(f):\n if event.which() == 'basicBlock':\n print(event.basicBlock.pc)\ntrace_file.close()\n\u5982\u679c\u9700\u8981\u8ba9\u7a0b\u5e8f\u5728\u8fd0\u884c\u4e00\u6bb5\u65f6\u95f4\u540e\u7ec8\u6b62\uff0c\u5728\u7a0b\u5e8f\u5185\u90e8\u8fdb\u884c\u65f6\u95f4\u68c0\u67e5\u5e76\u4e0d\u4f18\u96c5\uff08\u56e0\u4e3a\u662f\u65e0\u5173\u903b\u8f91\u7684\uff09\uff1b\u53ef\u4ee5\u4e3a\u8fd9\u4e2a\u5b50\u7a0b\u5e8f\u8bbe\u8ba1signal
pipeline = Pipeline(args.target_dir, args.project_name, args.base_inputs, args.num_local_fuzzer_instances, args.disable_modeling, write_worker_logs=not args.silent_workers, do_full_tracing=args.full_traces, config_name=args.runtime_config_name, timeout_seconds=timeout_seconds, use_aflpp=args.aflpp)\n\ntry:\n if timeout_seconds != 0:\n def handler(signal_no, stack_frame):\n pipeline.request_shutdown()\n\n # spin up an alarm for the time\n signal.signal(signal.SIGALRM, handler)\n signal.alarm(timeout_seconds)\n\n pipeline.start()\nexcept Exception as e:\n logger.error(f\"Got exception, shutting down pipeline: {e}\")\n import traceback\n traceback.print_exc()\n status = 1\nfuzzware\u91cc\u6dfb\u52a0\u9000\u51fahandler\u6253\u5370state\uff08\u5373\u6a21\u62dfcoredump\uff09\u65f6\uff0c\u4f7f\u7528\u4e86IntelHex\u6765\u4fdd\u5b58\u4e2d\u95f4\u7ed3\u679c\u3002\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u4f8b\u5b50\uff0c\u8fdb\u884c\u76f8\u4e92\u8f6c\u5316\u3002IntelHex\u6587\u4ef6\u672c\u8eab\u7684\u683c\u5f0f\uff0c\u53ef\u4ee5\u53c2\u8003\u8fd9\u91cc
from intelhex import IntelHex\nih = IntelHex()\n\ndata = {\n 0x30000000: b'\\x00\\x01\\x02\\x03\\x04',\n 0x20002000: b'\\x04\\x05\\x06\\x07'\n}\n\nfor base_addr, contents in data.items():\n ih.puts(base_addr, contents)\n\nwith open('test.hex', 'w') as f:\n ih.write_hex_file(f)\n\n\n# \u4ece\u5df2\u6709\u7684hex\u6587\u4ef6\u4e2d\u8bfb\u53d6\u6570\u636e\nih = IntelHex()\nih.fromfile('test.hex', format='hex')\n\n\"\"\"test.hex\n:020000042000DA\n:0420000004050607C6\n:020000043000CA\n:050000000001020304F1\n:00000001FF\n\nhex\u683c\u5f0f\u4ee5\u5192\u53f7\u5f00\u5934\uff0c\u968f\u540e1\u5b57\u8282\u8868\u793a\u6570\u636e\u957f\u5ea6\uff0c\u7d27\u63a54\u5b57\u8282\u8868\u793a\u5730\u5740\uff0c\u968f\u540e1\u5b57\u8282\u4e3a\u8bb0\u5f55\u7c7b\u578b\uff1a\n00\uff1a\u8868\u793a\u6570\u636e\n01\uff1a\u8868\u793a\u6587\u4ef6\u7ed3\u675f\n02\uff1a\u8868\u793a\u6269\u5c55\u6bb5\u5730\u5740\u3002\u968f\u540e\u76842\u5b57\u8282\u5de6\u79fb4\u4f4d\uff0c\u4f5c\u4e3a\u6bb5\u5730\u5740\uff0c\u5728\u4e4b\u540e\u7684\u8ba1\u7b97\u4e2d\u548c\u5730\u5740\u76f8\u52a0\u4f5c\u4e3a\u6700\u540e\u5730\u5740\n03\uff1a\u8868\u793a\u8d77\u59cb\u6bb5\u5730\u5740\u3002\u968f\u540e\u76844\u5b57\u8282\u4e2d\uff0c\u524d\u3001\u540e2\u5b57\u8282\u5206\u522b\u8868\u793aCS\u3001IP\n04\uff1a\u8868\u793a\u6269\u5c55\u7ebf\u6027\u5730\u5740\u3002\u968f\u540e\u76842\u5b57\u8282\u6307\u5b9a32\u5730\u5740\u7684\u9ad816\u4f4d\n05\uff1a\u8868\u793a\u8d77\u59cb\u7ebf\u6027\u5730\u5740\u3002\u968f\u540e\u76844\u5b57\u8282\u6307\u5b9a\u6307\u4ee4\u6267\u884c\u8d77\u59cb\u5730\u5740\n\u6700\u540e\u4e00\u5b57\u8282\u8868\u793a\u6821\u9a8c\u7801\n\n\u6bd4\u5982:020000042000DA\uff0c\u5206\u4e3a:02 0000 04 2000 DA\n\"\"\"\n\n# \u83b7\u53d6\u89e3\u6790\u540e\u7684\u6570\u636e\uff0c\u5e76\u5408\u5e76\u8fde\u7eed\u7684\u5730\u5740\nrestored_data = {}\ncurrent_address = None\ncurrent_data = b''\n\nfor address in ih.addresses():\n # Check if the address is consecutive with the current data\n if current_address is None or address == current_address + len(current_data):\n if current_address is None:\n current_address = address\n current_data += bytes([ih[address]])\n else:\n # Save the previous data and start a new block\n restored_data[current_address] = current_data\n current_address = address\n current_data = bytes([ih[address]])\n\n# Save the last block of data\nif current_address is not None:\n restored_data[current_address] = current_data\n\n# \u8f93\u51fa\u8fd8\u539f\u540e\u7684data\u5b57\u5178\nprint(restored_data)\n# {536879104: b'\\x04\\x05\\x06\\x07', 805306368: b'\\x00\\x01\\x02\\x03\\x04'}\n\u4ec0\u4e48\u662f\u6839\u56e0\u5206\u6790\uff1f \u6839\u56e0\u5206\u6790(Root Cause Analysis)\u6216\u8005\u8bf4\u7f3a\u9677\u5b9a\u4f4d(Fault Localization)\u662f\u7a0b\u5e8f\u5f00\u53d1\u4eba\u5458\u6216\u5b89\u5168\u5206\u6790\u4eba\u5458\u5728\u786e\u8ba4\u7a0b\u5e8f\u5b58\u5728\u5f02\u5e38\u884c\u4e3a\u540e\uff0c\u901a\u8fc7\u624b\u52a8\u6216\u81ea\u52a8\u7684\u65b9\u6cd5\u6765\u5b9a\u4f4d\u5f02\u5e38\u884c\u4e3a\u7684\u6839\u672c\u539f\u56e0\u7684\u8fc7\u7a0b\u3002\u6839\u56e0\u5206\u6790\u662f\u7a0b\u5e8f\u5b89\u5168\u5206\u6790\u6d41\u7a0b\u4e2d\u6bd4\u8f83\u91cd\u8981\u7684\u4e00\u73af\u3002
\u4e3a\u4ec0\u4e48\u9700\u8981\u8bbe\u8ba1\u4e00\u4e9b\u6839\u56e0\u5206\u6790\u65b9\u6cd5\uff1f \u5728\u5f53\u4e0b\u5404\u7c7b\u81ea\u52a8\u5316\u6f0f\u6d1e\u6316\u6398\u5de5\u5177(\u6bd4\u5982\u5404\u7c7bfuzzer)\u7684\u8f85\u52a9\u4e0b\uff0c\u6bcf\u65e5\u53d1\u73b0\u7684bug\u6570\u91cf\u5df2\u7ecf\u8fdc\u8d85\u5f00\u53d1\u4eba\u5458\u786e\u8ba4\u5e76\u4fee\u590d\u7684\u6570\u91cf\u3002\u8bbe\u8ba1\u4e00\u79cd\u81ea\u52a8\u5316\u53d1\u73b0\u6f0f\u6d1e\u7684\u5de5\u5177\u5e76\u4e0d\u96be\uff0c\u96be\u5728\u5982\u4f55\u6839\u636e\u8fd9\u4e9b\u5de5\u5177\u62a5\u51fa\u7684crash\u4fe1\u606f\u6765\u51c6\u786e\u5730\u5206\u6790\u51fa\u6f0f\u6d1e\u7684\u6839\u672c\u539f\u56e0\u3002\u5bf9\u4e8e\u5927\u578b\u7a0b\u5e8f\u800c\u8a00\uff0c\u5d29\u6e83\u6d4b\u8bd5\u6837\u4f8b(crashing testcase)\u6267\u884c\u4e0b\u6765\u53ef\u80fd\u7ecf\u5386\u4e86\u51e0\u767e\u4e07\u6761\u6c47\u7f16\u6307\u4ee4\uff0c\u624b\u5de5\u786e\u8ba4\u7a0d\u5fae\u6709\u70b9\u4e0d\u73b0\u5b9e\u4e86\u3002\u56e0\u6b64\u9700\u8981\u8bbe\u8ba1\u4e00\u4e9b(\u81ea\u52a8\u5316)\u7684\u6839\u56e0\u5206\u6790\u5de5\u5177\u3002
\u600e\u4e48\u8fdb\u884c\u6839\u56e0\u5206\u6790\uff1f\u76ee\u524d\u6709\u54ea\u4e9b\u5de5\u4f5c\uff1f \u6700\u6734\u7d20\u800c\u76f4\u89c2\u7684\u601d\u60f3\u5c31\u662f\u6d88\u8017\u5b89\u5168\u5206\u6790\u4eba\u5458\u7684\u7cbe\u529b\uff0c\u4ece\u7a0b\u5e8f\u7684\u5165\u53e3\u70b9(entry)\u6216\u8005\u5d29\u6e83\u70b9(crash site)\u51fa\u53d1\uff0c\u770b\u770b\u7a0b\u5e8f\u662f\u600e\u4e48\u6267\u884c\u7684\uff0c\u54ea\u4e9b\u5143\u7d20(program entity)\u4f1a\u5bfc\u81f4\u6700\u540e\u7684crash\uff0c\u7136\u540e\u518d\u8fdb\u884c\u5bf9\u5e94\u7684\u4fee\u590d\u3002\u6839\u636e\u5b9a\u4f4d\u5143\u7d20\u7684\u7c92\u5ea6\u4e0d\u540c\uff0c\u6839\u56e0\u5206\u6790\u53ef\u4ee5\u5b9a\u4f4d\u5230\u51fd\u6570\u7ea7(function level)\u3001\u8bed\u53e5\u7ea7(statement level)\u3001\u6c47\u7f16\u6307\u4ee4\u7ea7(instruction level)\u3002\u7531\u4e8e\u5728\u6c47\u7f16\u6307\u4ee4\u4e0a\u8fdb\u884c\u5206\u6790\u53ef\u4ee5\u66f4\u666e\u9002\u5730\u9002\u5e94\u591a\u79cd\u7f16\u7a0b\u8bed\u8a00\u3001\u4e0d\u9700\u8981\u83b7\u53d6\u6e90\u7801\uff0c\u6240\u4ee5\u4e0b\u6587\u7684\u8ba8\u8bba\u90fd\u662f\u56f4\u7ed5\u6c47\u7f16\u6307\u4ee4\u7ea7\u5c55\u5f00\u3002
\u76ee\u524d\u4e00\u4e9b\u81ea\u52a8\u5316\u6839\u56e0\u5206\u6790\u7814\u7a76\u601d\u8def\u6709\uff1a
\u8fd9\u4e9b\u7814\u7a76\u601d\u8def\u90fd\u89e3\u51b3\u4e86\u4ec0\u4e48\u95ee\u9898\uff1f\u6709\u4ec0\u4e48\u72ec\u7279\u7684\u4f18\u70b9\uff1f\u5b58\u5728\u54ea\u4e9b\u72ec\u6709\u7684\u4e0d\u8db3\uff1f \u57fa\u4e8e\u7a0b\u5e8f\u8c31\u7684\u5206\u6790\u65b9\u6cd5\u76f4\u89c2\u4e0a\u4f3c\u4e4e\u6709\u70b9\u9053\u7406\u3002\u5b83\u4ec5\u8003\u8651\u6c47\u7f16\u6307\u4ee4\u672c\u8eab\uff0c\u800c\u4f46\u4ec5\u4ec5\u4ece\u7edf\u8ba1\u7ed3\u679c\u4e0a\u53bb\u5206\u6790\uff0c\u53ef\u80fd\u5e76\u4e0d\u80fd\u51c6\u786e\u5206\u6790\u51fa\u903b\u8f91\u4e0a\u7684root cause\u3002\u8fd9\u7c7b\u65b9\u6cd5\u4e00\u822c\u4f1a\u8bbe\u8ba1\u4e00\u79cd\u6392\u540d\u7b56\u7565(ranking)\uff0c\u5bf9\u9009\u62e9\u51fa\u7684\u53ef\u7591\u6307\u4ee4\u8fdb\u884ctop1-topn\u7684\u6392\u540d\uff0c\u6765\u8bd5\u56fe\u63d0\u9ad8\u51c6\u786e\u6027\u3002\u8fd9\u7c7b\u65b9\u6cd5\u4e00\u822c\u9700\u8981\u6839\u636e\u4e00\u4e2a\u5d29\u6e83\u6837\u4f8b\u4ee5\u53ca\u548c\u5b83\u76f8\u4f3c\u7684\u5d29\u6e83\u6837\u4f8b\u548c\u975e\u5d29\u6e83\u6837\u4f8b\u8fdb\u884c\u5206\u6790\uff0c\u56e0\u6b64\u65f6\u7a7a\u5f00\u9500\u90fd\u6bd4\u8f83\u5927\u3002
\u4e8b\u540e\u5206\u6790\u65b9\u6cd5\u76f8\u6bd4\u7a0b\u5e8f\u8c31\u5206\u6790\u65b9\u6cd5\u8003\u8651\u4e86\u6307\u4ee4\u8bed\u4e49\uff0c\u6bd4\u5982\u5728\u9006\u5411\u6267\u884c\u7684\u65f6\u5019\u4f1a\u8bbe\u8ba1\u4e00\u4e9b\u6c47\u7f16\u6307\u4ee4handler\uff0c\u5bf9\u4e8e\u5185\u5b58\u7684\u5206\u6790\u4e5f\u4f1a\u66f4\u7cbe\u786e\u4e9b\u3002\u4f46\u6c61\u70b9\u5206\u6790\u65b9\u6cd5\u6bd5\u7adf\u5b58\u5728\u8fc7\u5ea6\u6c61\u67d3(over-tainting)\u7684\u95ee\u9898\uff0c\u5bfc\u81f4\u7ed3\u679c\u5197\u4f59\u6bd4\u8f83\u4e25\u91cd\u3002
\u57fa\u4e8e\u6a21\u578b\u7684\u5206\u6790\u65b9\u6cd5\u5229\u7528AI\u7684\u4f18\u52bf\uff0c\u53ef\u4ee5\u7ed9\u51fa\u66f4\u6709\u8bed\u4e49\u4fe1\u606f\u7684root cause\uff0c\u5728\u4e00\u5b9a\u7a0b\u5ea6\u4e0a\u5e2e\u52a9\u5f00\u53d1\u4eba\u5458\u53bb\u5206\u6790\u3002\u4e0d\u8fc7\u6a21\u578b\u7684\u8bad\u7ec3\u4f9d\u8d56\u8bad\u7ec3\u96c6\u7684\u8d28\u91cf\uff0c\u5e76\u4e14\u53d7\u7a0b\u5e8f\u8bed\u4e49\u5f71\u54cd\u5f88\u5927\u3002\u5728\u4e0d\u540c\u9886\u57df\u4e4b\u95f4\u53ef\u80fd\u8fc1\u79fb\u6027\u4e0d\u662f\u5f88\u597d\uff0c\u6bd4\u5982\u6ca1\u6cd5\u5904\u7406\u4e00\u4e9b\u7279\u5b9a\u7684\u5bc6\u7801\u5b66\u51fd\u6570\u3002\u4e14\u4e3a\u5f85\u6d4b\u7a0b\u5e8f\u5efa\u7acb\u6a21\u578b\u6765\u63cf\u8ff0\u5176\u7ed3\u6784\u4e0e\u884c\u4e3a\u662f\u975e\u5e38\u590d\u6742\u3001\u8017\u65f6\u7684\u4e8b\u60c5
\u73b0\u6709\u7684\u8fd9\u4e9b\u65b9\u6cd5\u6709\u6ca1\u6709\u4ec0\u4e48\u666e\u904d\u5b58\u5728\u7684\u95ee\u9898\uff1f \u5728\u6700\u540e\u8bc4\u4f30\u9636\u6bb5(evaluation)\uff0c\u4e00\u822c\u5148\u901a\u8fc7\u624b\u5de5\u5206\u6790\u786e\u5b9a\u54ea\u4e9b\u6c47\u7f16\u6307\u4ee4\uff0c\u5982\u679c\u65b9\u6cd5\u8f93\u51fa\u7684\u6c47\u7f16\u6307\u4ee4\u96c6\u5408\u91cc\u5305\u542b\u8fd9\u4e9b\u6307\u4ee4\uff0c\u90a3\u4e48\u5c31\u8ba4\u4e3a\u662f\u53d1\u73b0\u4e86root cause\u3002\u4f46\u81ea\u52a8\u5316\u65b9\u6cd5\u6bd5\u7adf\u7f3a\u5c11\u4eba\u5de5\u53c2\u4e0e\uff0c\u7ed9\u51fa\u7684\u7ed3\u679c\u4e00\u5b9a\u662f\u4e0d\u51c6\u786e\u7684\u3002\u73b0\u6709\u7684\u5de5\u4f5c\u7684\u4e00\u4e2a\u4e3b\u6d41\u601d\u60f3\u5728\u4e8e\u201c\u65b9\u6cd5\u7ed9\u51fa\u7684\u96c6\u5408\u53ef\u4ee5\u5305\u542b\u65e0\u5173\u6307\u4ee4\uff0c\u4f46\u4e0d\u80fd\u7f3a\u5c11\u76f8\u5173\u6307\u4ee4\u201d\uff0c\u65e8\u5728\u63d0\u9ad8\u53ec\u56de\u7387(recall)\u3002\u56e0\u6b64\u5f80\u5f80\u7ed9\u51fa\u4e0eroot cause\u4e0d\u76f8\u5173\u7684\u6307\u4ee4\u3002\u4f46\u5b9e\u9645\u4e0a\uff0c\u5728\u6700\u540e\u7684\u4fee\u590d\u7aef\uff0c\u5982\u679c\u7ed9\u51fa\u4e0d\u76f8\u5173\u6307\u4ee4\u8fc7\u591a\uff0c\u90a3\u4e48\u4ecd\u7136\u9700\u8981\u5f00\u53d1\u8005\u53bb\u5206\u6790\uff0c\u4f9d\u65e7\u8017\u65f6\u8017\u529b\u3002
\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c9.43%\u5e0c\u671broot cause\u5728\u5206\u6790\u7ed3\u679c\u7684Top1\uff0c73.58%\u5bb9\u8bb8\u5728Top5\uff0c15.09%\u5bb9\u8bb8\u5728Top10\u3002\u6240\u4ee5\u7ea698%\u7684\u60c5\u51b5\u4e0b\u9700\u8981\u5728Top10\u5185\u7ed9\u51fa\u7ed3\u679c\u3002\u5c31\u5206\u6790\u51c6\u786e\u5ea6\u4e0e\u5f00\u53d1\u4eba\u5458\u6ee1\u610f\u5ea6\u800c\u8a00\uff0c\u5982\u679cRCA\u5de5\u5177\u51c6\u786e\u5ea6\u8fbe90%\uff0c\u6ee1\u610f\u5ea6\u51e0\u4e4e\u8fbe\u5230100%\u4e86\u3002\u51c6\u786e\u5ea6\u4f4e\u4e8e20%\u65f6\u53ea\u670912%\u63a5\u53d7\uff0c\u5982\u679c\u6ee1\u610f\u5ea6\u8fbe50%\u300175%\u300190%\uff0c\u51c6\u786e\u5ea6\u9700\u8981\u5206\u522b\u8fbe\u523050%\u300175%\u300185%\uff08\u4f46\u662f\u539f\u6587\u8bf490%\uff09\u3002
\u76ee\u524d\u7684\u7edd\u5927\u90e8\u5206RCA\u5206\u6790\u7684\u5de5\u4f5c\u7684\u8f93\u51fa\u662f\u4e24\u7c7b\uff1aranked list\u548csuspicious set\u3002\u4f46\u4e24\u8005\u90fd\u5b58\u5728\u7684\u95ee\u9898\u662f\u4ec5\u4ec5\u9ad8\u4eae\u4e86\u53ef\u80fd\u5b58\u5728bug\u7684\u5143\u7d20\uff0c\u800c\u7f3a\u4e4f\u4e00\u4e9brational\u7684\u5206\u6790\u3002
"},{"location":"rca/#_2","title":"\u4e0d\u540c\u7684\u5206\u6790\u7c92\u5ea6\u7684\u4f18\u52bf","text":"\u57fa\u4e8e\u6587\u4ef6\u7c92\u5ea6\u7684RCA\u5de5\u4f5c\uff08\u6bd4\u5982Scaffle\uff09\u5e0c\u671b\u627e\u5230\u5305\u542b\u767e\u4e07\u7ea7\u540c\u8d28\u4ee3\u7801\u5e93\u4e2d\u54ea\u4e9b\u6587\u4ef6\u548ccrash\u6709\u5173\u3002\u5728\u6b64\u57fa\u7840\u4e0a\u8ba9\u5bf9\u5e94\u7684\u5de5\u7a0b\u5e08\u56e2\u961f\u53bb\u5904\u7406bug\uff0c\u6709\u5229\u4e8e\u5927\u578b\u7ec4\u7ec7\u7ba1\u7406\u3002
\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c\u5f00\u53d1\u8005\u5bf9\u7c92\u5ea6\u7684top3\u671f\u671b\u4f9d\u6b21\u662f\u65b9\u6cd5\u7ea7\u522b\u3001\u8bed\u53e5\u7ea7\u522b\u3001\u57fa\u672c\u5757\u7ea7\u522b\uff0c\u4e0d\u8fc7\u5bf9\u8fd9\u4e09\u79cd\u7c92\u5ea6\u7684\u503e\u5411\u4e4b\u95f4\u6ca1\u6709\u660e\u663e\u5dee\u5f02\u3002\u800c\u5f53\u65f6\u6bd4\u8f83\u591a\u7684\u65b9\u6cd5\u662f\u8bed\u53e5\u7ea7\u522b\u7684
"},{"location":"rca/#_3","title":"\u5206\u6790\u65f6\u95f4\u5f00\u9500","text":"\u6839\u636e\u91c7\u7528\u7684\u7b56\u7565\u4e0d\u540c\uff0cRCA\u4e4b\u95f4\u7684\u65f6\u95f4\u5f00\u9500\u5dee\u5f02\u53ef\u80fd\u8fbe\u4e24\u4e2a\u6570\u91cf\u7ea7\u3002\uff08\u79d2\u7ea7-\u5206\u949f\u7ea7-\u5c0f\u65f6\u7ea7\uff09\u3002
\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c90%\u5f00\u53d1\u8005\u63a5\u53d71min\u4ee5\u5185\u7684\u5206\u6790\uff0c\u4e0d\u52309%\u5f00\u53d1\u8005\u63a5\u53d7\u8d85\u8fc71h\u7684\u5206\u6790\u300250%\u5f00\u53d1\u8005\u5927\u6982\u572830min\u4ee5\u5185\u3002
"},{"location":"rca/#_4","title":"\u4e00\u4e9b\u60f3\u6cd5","text":"\u4ee5\u4e0a\u5185\u5bb9\u4ec5\u4ee3\u8868\u4e2a\u4eba\u89c2\u70b9\uff0c\u4e0d\u5b9a\u671f\u66f4\u65b0\uff0c\u6b22\u8fce\u8ba8\u8bba
"},{"location":"readings/","title":"\u6587\u7ae0\u9605\u8bfb","text":""},{"location":"readings/#_2","title":"\u7efc\u5408\u6027\u77e5\u8bc6\u5b66\u4e60","text":"DLL\u6ce8\u5165\uff0cWindows\u6d88\u606f\u94a9\u53d6\uff0cDLL\u5378\u8f7d\uff0c\u4ee3\u7801\u6ce8\u5165\uff0cAPI\u94a9\u53d6\uff0c\u8fdb\u7a0b\u9690\u85cf\uff0cIE\u8fde\u63a5\u63a7\u5236\uff0cTLS\u56de\u8c03\u51fd\u6570\uff0cTEB\uff0cPEB\uff0cSEH\uff0cIA-32\uff0c\u53cd\u8c03\u8bd5\uff08\u9759\u6001\u3001\u52a8\u6001\uff09\uff0cPE\u955c\u50cf\uff0cDebug Blocker
"},{"location":"reverse-basic/","title":"\u9006\u5411\u57fa\u7840","text":"\u9006\u5411\u51fd\u6570\u65f6\uff0c\u8981\u63d0\u524d\u9884\u6d4b\u4e0b\u51fd\u6570\u5b9e\u73b0\u673a\u5236\uff0c\u4ee5\u8282\u7701\u65f6\u95f4\u3002\u8981\u660e\u767d\u54ea\u4e9b\u90e8\u5206\u5c5e\u4e8e\u7a0b\u5e8f\u7279\u6709\u7684\u5b9e\u73b0\uff0c\u54ea\u4e9b\u90e8\u5206\u5c5e\u4e8e\u7b2c\u4e09\u65b9\u7684\u5e93\uff0c\u4e0d\u8981\u968f\u4fbf\u8fdb\u5230\u7b2c\u4e09\u65b9\u5e93\u6216\u8005\u5e95\u5c42API\u91cc\u9762\u5206\u6790\u3002
"},{"location":"reverse-basic/#_2","title":"\u8c03\u7528\u7ea6\u5b9a","text":"cdecl\uff08C\u9ed8\u8ba4\uff09\u7531caller\u8d1f\u8d23\u6e05\u7406\u6808\u4e0a\u4f20\u5165\u53c2\u6570\u3002
stdcall\u7531callee\u8d1f\u8d23\u6e05\u7406\u6808\u4e0a\u4f20\u5165\u53c2\u6570\uff08Win32API\uff09\uff0c\u88ab\u8c03\u51fd\u6570\u8fd4\u56de\u65f6\u4f7f\u7528RETN X\u6765\u9000\u51fa\uff0c\u76f8\u5f53\u4e8eRETN\u3001POP X\u3002\u6bd4\u5982\u9000\u4e24\u4e2a\u53c2\u6570\uff0c\u5c31RETN 8\u3002
fastcall\u4e3a\u4e86\u63d0\u9ad8\u901f\u5ea6\uff0c\u5206\u522b\u4f7f\u7528ECX\u3001EDX\u4f20\u9012\u524d\u4e24\u4e2a\u53c2\u6570\uff0c\u66f4\u591a\u53c2\u6570\u8fd8\u662f\u4f7f\u7528\u5185\u5b58\u3002 \u4f20\u53c2\u65f6\u90fd\u662f\u4ece\u53f3\u5411\u5de6\u4ee5\u6b64\u538b\u5165\u6808\u4e2d\u3002
"},{"location":"reverse-basic/#_3","title":"\u4e00\u4e9b\u5e38\u89c1\u6c47\u7f16\u64cd\u4f5c\u7b26","text":"call \u5305\u62ec\u4fdd\u5b58\u8fd4\u56de\u5730\u5740\u3001IP\u8df3\u8f6c
retn \u5373pop EIP
test \u76f8\u5f53\u4e8eAND\uff0c\u4f46\u662f\u4e0d\u6539\u53d8\u666e\u901a\u5bc4\u5b58\u5668\u7684\u503c\uff0c\u53ea\u4fee\u6539EFLAGS\u5bc4\u5b58\u5668
NOP\u6307\u4ee4\u901a\u5e38\u7528\u4e8e\u63a7\u5236\u65f6\u5e8f\u7684\u76ee\u7684\uff0c\u5f3a\u5236\u5185\u5b58\u5bf9\u9f50\uff0c\u9632\u6b62\u6d41\u6c34\u7ebf\u707e\u96be\uff0c\u5360\u636e\u5206\u652f\u6307\u4ee4\u5ef6\u8fdf\uff0c\u6216\u662f\u4f5c\u4e3a\u5360\u4f4d\u7b26\u4ee5\u4f9b\u7a0b\u5e8f\u7684\u6539\u5584\uff08\u6216\u66ff\u4ee3\u88ab\u79fb\u9664\u7684\u6307\u4ee4\uff09\u3002
"},{"location":"reverse-basic/#_4","title":"\u51fd\u6570\u6267\u884c\u6808\u5e27\u63a8\u65ad","text":"\u51fd\u6570\u5185\u90e8\u4e00\u822c\u5148\u4f1a\u6267\u884c\u4ee5\u4e0b\u4e24\u6761\u6307\u4ee4\uff1a
push ebp\nmov ebp,esp\n\u53ef\u4ee5\u89c2\u5bdfebp\u548cesp\u7684\u4fee\u6539\u60c5\u51b5\u63a8\u65ad\u51fd\u6570\u6808\u5e27
"},{"location":"reverse-basic/#_5","title":"\u540d\u79f0\u4fee\u9970","text":"\u540d\u79f0\u4fee\u9970\uff08name mangling\uff0cname decoration\uff09\uff0c\u7528\u6765\u89e3\u51b3\u6807\u5fd7\u7b26\u7684\u552f\u4e00\u547d\u540d\u95ee\u9898\u3002\u6bd4\u5982\u5728\u4e0d\u540c\u7684\u547d\u540d\u7a7a\u95f4\u5b9e\u73b0\u76f8\u540c\u540d\u79f0\u7684\u51fd\u6570\uff0c\u8fd9\u4e2a\u51fd\u6570\u5728\u600e\u4e48\u8868\u793a\u5462\uff1f\u540d\u79f0\u4fee\u9970\u6280\u672f\u7528\u6765\u751f\u6210\u552f\u4e00\u7684\u6807\u5fd7\u7b26\uff0c\u4fdd\u7559\u547d\u540d\u7a7a\u95f4\u3001\u51fd\u6570\u540d\u3001\u7ed3\u6784\u4f53\u540d\u3001\u7c7b\u540d\u4ee5\u53ca\u53c2\u6570\u7c7b\u578b\u7b49\u7b49\u4fe1\u606f\u3002\u540d\u79f0\u4fee\u9970\u548c\u8c03\u7528\u7ea6\u5b9a\u3001\u7f16\u8bd1\u5668\u6709\u5173\uff0c\u5e94\u7528\u6700\u5e7f\u6cdb\u7684\u662fC++\u7684\u4ee3\u7801\uff08\u5c24\u5176\u662f\u6df7\u5408C\u7f16\u8bd1\u65f6\uff09\u3002\u6bd4\u5982_ZN9wikipedia7article6formatEv\u53ef\u4ee5\u7528\u6765\u8868\u793a\uff1a
namespace wikipedia\n{\nclass article\n{\npublic:\nstd::string format();\n}\n}\n\u5176\u4e2d_Z\u662f\u5f00\u5934\uff08\u4e0b\u5212\u7ebf+\u5927\u5199\u5b57\u6bcd\u5728C\u4e2d\u662f\u4fdd\u7559\u7684\u6807\u5fd7\u7b26\uff0c\u907f\u514d\u51b2\u7a81\uff09\uff0cN\u8868\u793a\u662f\u5d4c\u5957\u6709\u547d\u540d\u7a7a\u95f4\u548c\u7c7b\u540d\uff0c\u968f\u540e\u7684\u6570\u5b57+\u5b57\u6bcd\u4e2d\uff0c\u6570\u5b57\u8868\u793a\u957f\u5ea6\uff0c\u5b57\u6bcd\u8868\u793a\u540d\u79f0\uff0c\u5e76\u4ee5E\u7ed3\u675f\u3002\u4e4b\u540e\u7684\u53c2\u6570\u8868\u793a\u51fd\u6570\u7684\u53c2\u6570\u7c7b\u578b\uff0cv\u4e3avoid\u3002
PE\uff08Portable Execution\uff09\u6587\u4ef6\u662fWindows\u7cfb\u7edf\u4f7f\u7528\u7684\u53ef\u6267\u884c\u6587\u4ef6\u683c\u5f0f\u3002
#pragma data_seg()\u53ef\u4ee5\u5c06\u4ee3\u7801\u4efb\u610f\u90e8\u5206\u7f16\u8bd1\u5230PE\u6587\u4ef6\u4efb\u610f\u8282\uff0c\u8282\u540d\u4e5f\u53ef\u4ee5\u81ea\u5b9a\u4e49\u3002
"},{"location":"reverse-basic/#_6","title":"\u9759\u6001\u94fe\u63a5\u5e93\u4e0e\u52a8\u6001\u94fe\u63a5\u5e93","text":"\u9759\u6001\u5e93\u7684\u62d3\u5c55\u540d\u4e3a.a\u6216.lib\uff1b\u52a8\u6001\u5e93\u7684\u62d3\u5c55\u540d\u4e00\u822c\u4e3a.so\u6216.dll
\u9759\u6001\u5e93\u7f16\u8bd1\u65f6\u76f4\u63a5\u6574\u5408\u5230\u76ee\u6807\u7a0b\u5e8f\u4e2d\uff0c\u7f16\u8bd1\u6210\u529f\u540e\u7684\u53ef\u6267\u884c\u6587\u4ef6\u53ef\u4ee5\u72ec\u7acb\u8fd0\u884c\uff1b\u52a8\u6001\u5e93\u7f16\u8bd1\u65f6\u53ef\u6267\u884c\u7a0b\u5e8f\u65e0\u6cd5\u72ec\u7acb\u8fd0\u884c
\u9759\u6001\u5e93\u66f4\u65b0\u540e\u9700\u8981\u66f4\u65b0\u6574\u4e2a\u76ee\u6807\u7a0b\u5e8f\uff1b\u52a8\u6001\u5e93\u66f4\u65b0\u540e\u53ea\u9700\u66f4\u6362\u65b0\u7684\u52a8\u6001\u5e93\u5373\u53ef
\u9759\u6001\u5e93\u7f16\u8bd1\u547d\u4ee4\uff1agcc -c xx.c -o xx.o\uff0car crs libxx.a xx.o\uff1b\u52a8\u6001\u5e93\u7f16\u8bd1\u547d\u4ee4\uff1agcc xx.c -o libxx.so -shared -fPIC\u5176\u4e2d-fPIC\u8868\u793a\u4f7f\u7528\u76f8\u5bf9\u4f4d\u7f6e
\u6dfb\u52a0\u591a\u4e2a\u7b26\u53f7\u8868add-symbol-file xxx addr\u5176\u4e2daddr\u662f\u4ee3\u7801\u6bb5\u8d77\u59cb\u5730\u5740\uff0cxxx\u53ef\u4ee5\u4e3asym\u6587\u4ef6\uff0c\u6216elf\u6587\u4ef6\u7b49\u3002\u53d8\u5f02\u65f6\u9700\u8981\u52a0\u4e0a-g\u4fdd\u7559\u7b26\u53f7\u8868(\u6307\u5b9a\u5177\u4f53\u683c\u5f0f\u5982-g2 -gdwarf-2)\uff0c\u53ef\u4ee5\u9010\u4e2a\u4f7f\u7528add-symbol-file\uff0c\u90fd\u6dfb\u52a0\u8fdb\u53bb\u3002
\u4f7f\u7528ulimit -c unlimited\u8bbe\u7f6e\u4e0d\u9650\u5236coredump\u6587\u4ef6\u5927\u5c0f\uff0c\u7136\u540eroot\u7528\u6237echo \"core-%e-%p\" > /proc/sys/kernel/core_pattern\u8bbe\u7f6e\u4fdd\u7559\u7a0b\u5e8f\u540d\u3001pid\uff0c\u5219\u5bf9\u4e8e\u7f16\u8bd1\u65f6\u6dfb\u52a0\u4e86-g\u9009\u9879\u7684\u7a0b\u5e8f\uff0c\u5176\u5d29\u6e83\u4ea7\u751f\u7684coredump\u6587\u4ef6\u53ef\u4ee5\u4f7f\u7528gdb <\u7a0b\u5e8f\u540d> <coredump\u6587\u4ef6\u540d>\u6765\u5bfb\u627eroot cause\u3002gdb\u5185\u7528where\u67e5\u770b\u8c03\u7528\u6808\u3002
Linux \u9759\u6001\u5e93 \u7f16\u8bd1\u548c\u4f7f\u7528 Linux \u52a8\u6001\u5e93 \u7f16\u8bd1\u548c\u4f7f\u7528 Makefile\u5165\u95e8 Makefile\u5b98\u65b9\u6587\u6863 coredump\u6587\u4ef6\u57fa\u7840\u7528\u6cd5
"},{"location":"sci-thoughts/","title":"\u79d1\u7814\u5fc3\u5f97","text":""},{"location":"sci-thoughts/#_2","title":"\u517b\u6210\u4e60\u60ef","text":"\u65f6\u95f4\u8fc7\u5f97\u603b\u662f\u975e\u5e38\u5feb\u7684\u3002\u5fd9\u7740\u505a\u4e00\u4e2a\u8bfe\u9898\uff0c\u53ef\u80fd\u6bcf\u5929\u611f\u89c9\u4e0d\u5230\u6709\u4ec0\u4e48\u8fdb\u5c55\u5462\uff0c\u534a\u5e74\u4e00\u5e74\u5c31\u8fc7\u53bb\u4e86\u3002\u5982\u679c\u6709\u8fd9\u79cd\u60f3\u6cd5\uff0c\u591a\u534a\u662f\u6ca1\u505a\u597d\u89c4\u5212\uff0c\u50cf\u4e2a\u65e0\u5934\u82cd\u8747\u4e00\u6837\u4e1c\u95ef\u897f\u649e\u3002
\u611f\u89c9\u6709\u4e24\u4e2a\u4e60\u60ef\u662f\u5fc5\u987b\u517b\u6210\u7684\uff0c\u4e00\u662f\u8bfb\u8bba\u6587\u8981\u601d\u8003\u95ee\u9898\u4e0e\u610f\u4e49\uff1a\u770b\u5230\u9898\u76ee\u548c\u6458\u8981\uff0c\u601d\u8003\u8fd9\u7bc7\u6587\u7ae0\u5e0c\u671b\u89e3\u51b3\u4ec0\u4e48\u95ee\u9898\u3001\u8fd9\u4e2a\u95ee\u9898\u6709\u4ec0\u4e48\u4ef7\u503c\u3001\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\u6709\u4ec0\u4e48\u601d\u8def\u3001\u4f1a\u9047\u5230\u54ea\u4e9b\u666e\u904d\u4e0e\u7279\u6b8a\u7684\u6311\u6218\uff0c\u4ee5\u53ca\u6587\u7ae0\u57fa\u4e8e\u54ea\u4e9b\u5047\u8bbe\u5e76\u4e14\u4f1a\u8bd5\u56fe\u907f\u800c\u4e0d\u8c08\u7684\u7f3a\u9677\uff1b\u4e8c\u662f\u6bcf\u5929\u8fdb\u884c\u603b\u7ed3\u4e0e\u5f52\u7eb3\uff0c\u601d\u8003\u4e00\u5929\u5230\u5e95\u6709\u4ec0\u4e48\u8fdb\u5c55\uff0c\u51dd\u7ec3\u603b\u7ed3\u6210\u6587\u5b57\u6216ppt\u8bb2\u7a3f\u3002\u6bcf\u5929\u5149\u770b\u4e0d\u603b\u7ed3\uff0c\u7b49\u4e8e\u767d\u770b\uff01\u5e73\u65f6\u5bf9\u5404\u79cd\u95ee\u9898\u5c31\u8981\u6709\u6240\u51c6\u5907\u4e0e\u601d\u8003\uff0c\u4e0d\u8981\u522b\u4eba\u95ee\u8d77\u7684\u65f6\u5019\u5c31\u6577\u884d\u5730\u7ed9\u4e00\u4e2a\u56de\u7b54\uff0c\u6ca1\u6709\u610f\u4e49\u3002
\u65e9\u4e0a\u5199todo list\uff0c\u665a\u4e0a\u5199done list\uff0c\u770b\u770b\u8fd9\u4e00\u5929\u8fdb\u5c55\u5982\u4f55\u3002\u662f\u5426\u6709\u6ca1\u505a\u5b8c\u7684\u4e8b\u60c5\uff0c\u662f\u5426\u6709\u5206\u5fc3\u505a\u4e86\u522b\u7684\u4e8b\u60c5\uff0c\u660e\u5929\u5982\u4f55\u89c4\u5212\u65f6\u95f4\u2026\u2026\u5bf9\u81ea\u5df1\u6bcf\u5929\u3001\u6bcf\u5468\u3001\u6bcf\u6708\u80fd\u505a\u7684\u4e8b\u60c5\u6709\u6e05\u695a\u7684\u8ba4\u8bc6\uff0c\u4e0d\u76f2\u76ee\u81ea\u5927\u4e5f\u4e0d\u5984\u81ea\u83f2\u8584\u3002
\u505a\u4efb\u4f55\u4e8b\u90fd\u8981\u7ed9\u4e00\u4e2a\u6e05\u6670\u7684ddl\uff0c\u7763\u4fc3\u5c3d\u5feb\u5b8c\u6210\u4e0d\u8981\u62d6\u6c93\u3002\u53e6\u4e00\u65b9\u9762\u662f\u4e3a\u4e86\u9650\u5236\u601d\u8003\uff0c\u8981\u96c6\u4e2d\u3001\u5feb\u901f\uff0c\u4e0d\u8981\u6f2b\u65e0\u76ee\u7684\u5730\u53d1\u6563\u3002\u6bd4\u5982\u8bfb\u8bba\u6587\u524d\u601d\u8003\u8fd9\u7bc7\u6587\u7ae0\u9700\u8981\u89e3\u51b3\u7684\u6311\u6218\u65f6\uff0c\u9650\u5b9a\u57283min\u4e4b\u5185\uff0c\u8d85\u65f6\u4ee5\u540e\u65e0\u8bba\u662f\u5426\u60f3\u5230\u591a\u5c11\u90fd\u8981\u505c\u4e0b\u6765\u3002\u4e5f\u53ef\u4ee5\u6709\u6548\u907f\u514d\u5206\u5fc3\u3002
"},{"location":"sci-thoughts/#_3","title":"\u79d1\u7814\u5199\u4f5c","text":"\u79d1\u7814\u5199\u4f5c\u9700\u8981\u7cfb\u7edf\u7684\u8bad\u7ec3\u3002\u6bcf\u5929\u6109\u5feb\u5730\u8bfb\u3001\u5199\u4e00\u5c0f\u65f6\uff0c\u957f\u671f\u575a\u6301\uff0c\u53eb\u505a\u201cread and write\u201d\u3002
\u5199\u6587\u7ae0\u8981\u5f04\u6e05\u695a\u8bfb\u8005\u90fd\u662f\u540c\u4e13\u4e1a\u7684\u4eba\uff0c\u56e0\u6b64\u8981\u4f53\u73b0\u51fa\u4e13\u4e1a\u6027\u4e0e\u79d1\u5b66\u6027\u3001\u7cbe\u786e\u6027\u3001\u7b80\u6d01\u6027\u3001\u903b\u8f91\u6027\u3002
"},{"location":"sentence-templates/","title":"\u60c5\u666f\u6a21\u677f","text":"\u63d0\u51fa\u672c\u6587\u5de5\u4f5c\uff1a
\u4ecb\u7ecd\u67d0\u4e00\u6d41\u7a0b\u5728\u6574\u4f53\u7cfb\u7edf\u4e2d\u7684\u4f5c\u7528\uff1a
\u8bf4\u660e\u67d0\u4e00\u6b65\u9aa4\u5e76\u975e\u7b80\u5355\u7684\uff1a
\u51dd\u7ec3\u672c\u6587\u5b9e\u9a8c\u6548\u679c\uff1a
\u63d0\u51fa\u672c\u6587novelty\uff1a
\u63d0\u51fa\u672c\u6587insight\uff1a
\u51c6\u5907\u5f00\u59cb\u4ecb\u7ecd\u6280\u672f\u7ec6\u8282\uff1a
\u8bf4\u76ee\u524d\u7684\u5de5\u4f5c\u7814\u7a76\u7684\u4e3b\u8981\u5185\u5bb9\u53d7\u9650\u3001\u522b\u7684\u65b9\u6cd5\u5b58\u5728\u95ee\u9898\uff1a
\u4e00\u4e9b\u5de5\u4f5c\u7ec6\u8282\uff1a
\u6700\u8fd1\u5728\u8bfbsslh\u7684\u6e90\u7801\uff0c\u611f\u89c9\u8fd8\u662f\u6bd4\u8f83\u6709\u610f\u601d\u7684\u3002\u4e4b\u524d\u5728\u7aef\u53e3\u590d\u7528\u91cc\u9762\u7b80\u5355\u63d0\u4e86\u4e0bsslh\u7684\u7528\u6cd5\uff0c\u4f46\u662f\u5728\u5b9e\u8df5\u4e2d\u8e29\u4e86\u4e0d\u5c11\u5751\uff0c\u6240\u4ee5\u628a\u6e90\u7801\u62ff\u6765\u8bfb\u4e00\u8bfb\uff0c\u770b\u770b\u5185\u90e8\u7684\u7ed3\u6784\u3002
sslh\u4f3c\u4e4e\u662f\u4f7f\u7528\u7b2c\u4e00\u4e2a\u6570\u636e\u5305\u4fdd\u5b58\u7684\u534f\u8bae\u4fe1\u606f\uff0c\u4e3a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u5bf9\u5e94\u670d\u52a1\u5efa\u7acb\u8fde\u63a5\u3002\u540e\u7eed\u6570\u636e\u5305\u4e0d\u518d\u9700\u8981\u68c0\u67e5\u534f\u8bae\u4e86\u3002
"},{"location":"tech-sslh/#_1","title":"\u4fbf\u6377\u4e0a\u624b","text":"apt install sslh # \u4f46\u6700\u597d\u8fd8\u662f\u4ece\u6e90\u7801make install\uff0c\u7528\u6700\u65b0\u7248\u672c\uff1b\u53c2\u8003\u4ed3\u5e93\u7684INSTALL\u5b89\u88c5\u5bf9\u5e94\u7684C\u5e93\nvi /etc/default/sslh\nsystemctl start sslh\n\u4f3c\u4e4ecfg\u6587\u4ef6\u91cc\u548ccommand line\u4f1a\u6709\u51b2\u7a81\u3002\u6240\u4ee5commandline\u7528-F /etc/sslh/sslh.cfg\uff08\u6ca1\u6709\u5219\u65b0\u5efa\u4e00\u4e2a\uff09\u6307\u5b9a\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u4e0d\u8981\u6709\u548ccommand\u91cd\u590d\u7684\u5185\u5bb9\u3002\u53ea\u653eprotocols\u5dee\u4e0d\u591a\u5c31\u5f97\u4e86\u3002\u6bd4\u8f83\u597d\u7528\u7684\u662f\u6b63\u5219\u548ctls\u4e2d\u6839\u636ealpn\u548csni\u6765\u5339\u914d\u3002
\u4e0b\u9762\u662f\u5b8c\u6574\u7684\u914d\u7f6e\u6587\u4ef6\u7684\u4e00\u4e2a\u4f8b\u5b50\uff0c\u5982\u679c\u6570\u636e\u5305\u5305\u542b\"OK1\"\u6216\u8005\"OK2\"\uff0c\u5219\u4f1a\u88ab\u8f6c\u53d1\u5230127.0.0.1:1234\u3002\u5176\u4e2d\u7684name\u5b57\u6bb5\u8868\u793a\u8fd9\u6761\u534f\u8bae\u5728sslh\u542f\u52a8\u540e\u600e\u4e48\u914d\u7f6e\uff0c\u5e38\u89c1\u7684\u6bd4\u5982regex\u3001ssh\u3001tls\u3001http\u3002
\u6ce8\u610f\uff0c\u6700\u540e\u4e00\u6761\u534f\u8bae\u7684\u5206\u53f7\u540e\u9762\u4e0d\u52a0\u9017\u53f7\u3002
protocols:\n(\n{ name: \"regex\"; host: \"127.0.0.1\"; port: \"1234\"; regex_patterns: [ \"OK1\", \"OK2\" ]; }\n);\n\u9ed8\u8ba4\u6700\u7b80\u5355\u7684\u542f\u52a8\u65b9\u5f0f\u7684\u5165\u53e3\u5728sslh-main.c\u7684main\u51fd\u6570\uff0c\u4e5f\u5373\u7a0b\u5e8f\u7684\u4e3b\u4f53\u903b\u8f91\u3002\u4e00\u4e9b\u5173\u952e\u6b65\u9aa4\uff1a
sslhcfg_cl_parse\u51fd\u6570\uff0c\u6839\u636e\u547d\u4ee4\u884c\u53c2\u6570\u548c\u914d\u7f6e\u6587\u4ef6\uff0c\u505a\u4e00\u4e2a\u7f13\u51b2config_protocols\u5b8c\u6210\u8f6c\u53d1\u89c4\u5219\u7684\u521d\u59cb\u5316\uff0c\u5185\u90e8\u8c03\u7528\u7684get_probe\u662f\u7ed9\u52a0\u8f7d\u4e86\u534f\u8bae\u7684\u914d\u7f6e\u89c4\u5219start_listen_sockets\u5f00\u59cb\u76d1\u542csocketsmain_loop\u8fdb\u5165\u4e3b\u5faa\u73af\uff0c\u9ed8\u8ba4\u4e3asslh-fork\u7684main_loop\u51fd\u6570\u9ed8\u8ba4\u4f7f\u7528tcp\u3002main_loop\u51fd\u6570\u4e2d\uff0c\u5bf9\u76d1\u542c\u7684\u6bcf\u4e2asockets\u8fdb\u884cfork\uff0c\u6bcf\u4e2a\u5b50\u8fdb\u7a0b\u6267\u884ctcp_listener\uff0c\u5728\u8fd9\u4e9b\u5b50\u8fdb\u7a0b\u4e2daccept\u5bf9\u5e94\u7684\u8fde\u63a5\u3002\u8fd9\u4e9b\u5b50\u8fdb\u7a0b\u5c06\u7ee7\u7eedfork\u51fa\u5b50\u8fdb\u7a0b\uff0c\u6267\u884cstart_shoveler\uff0c\u5b9e\u73b0\u771f\u6b63\u7684\u529f\u80fd\u3002
\u5b50\u8fdb\u7a0b\u901a\u8fc7probe_client_protocol\u6765\u786e\u5b9a\u6570\u636e\u5305\u662f\u4ec0\u4e48\u534f\u8bae\uff0c\u5e76\u6839\u636e\u5bf9\u5e94\u7684\u89c4\u5219\u5b9e\u73b0\u7aef\u53e3\u8f6c\u53d1\u3002\u8fd9\u4e00\u51fd\u6570\u4e0d\u65ad\u8fdb\u884c\u8c03\u7528\uff0c\u6700\u540e\u5728probe_buffer\u51fd\u6570\u4e2d\u904d\u5386\u4e4b\u524d\u914d\u7f6e\u7684\u6bcf\u4e2a\u534f\u8bae\u89c4\u8303\uff08\u627e\u5230\u5339\u914d\u5219\u505c\u6b62\uff0c\u6240\u4ee5\u914d\u7f6e\u987a\u5e8f\u4e5f\u86ee\u5173\u952e\u7684\uff09\uff0c\u901a\u8fc7p->probe(buf, len, p)\u8fd9\u4e2a\u51fd\u6570\u6307\u9488\u6765\u95f4\u63a5\u8c03\u7528\u8bc6\u522b\u534f\u8bae\u7684\u76f8\u5173\u51fd\u6570\u3002
\u8fd9\u91cc\u7684\u534f\u8bae\u5305\u62ec\u4ee5\u4e0b\u5185\u7f6e\u534f\u8bae\uff1a
/* Table of protocols that have a built-in probe\n */\nstatic struct protocol_probe_desc builtins[] = {\n/* description probe */\n{ \"ssh\", is_ssh_protocol},\n{ \"openvpn\", is_openvpn_protocol },\n{ \"wireguard\", is_wireguard_protocol },\n{ \"tinc\", is_tinc_protocol },\n{ \"xmpp\", is_xmpp_protocol },\n{ \"http\", is_http_protocol },\n{ \"tls\", is_tls_protocol },\n{ \"adb\", is_adb_protocol },\n{ \"socks5\", is_socks5_protocol },\n{ \"syslog\", is_syslog_protocol },\n{ \"teamspeak\", is_teamspeak_protocol },\n{ \"msrdp\", is_msrdp_protocol },\n{ \"anyprot\", is_true }\n};\n\u5185\u7f6e\u534f\u8bae\u5185\u7f6e\u4e86\u4e00\u4e9b\u5339\u914d\u89c4\u5219\uff0c\u5373\u4e0a\u9762\u63d0\u5230\u7684is_ssh_protocol\u3001is_http_protocol\u7b49\u7b49\u3002\u53ef\u4ee5\u770b\u4e00\u4e2assh\u89c4\u5219\u7684\u4f8b\u5b50\uff1a
/* Is the buffer the beginning of an SSH connection? */\nstatic int is_ssh_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)\n{\nif (len < 4)\nreturn PROBE_AGAIN;\n\nreturn !strncmp(p, \"SSH-\", 4);\n}\n\u53ef\u89c1\uff0c\u5982\u679c\u7b2c\u4e00\u4e2a\u6570\u636e\u5305\u957f\u5ea6\u4e0d\u4f4e\u4e8e4\u4e14\u4ee5\"SSH-\"\u5f00\u5934\uff0c\u5219\u4f1a\u88ab\u8ba4\u4e3a\u662fssh\u8bf7\u6c42\u3002
/* Is the buffer the beginning of an HTTP connection? */\nstatic int is_http_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)\n{\nint res;\n/* If it's got HTTP in the request (HTTP/1.1) then it's HTTP */\nif (memmem(p, len, \"HTTP\", 4))\nreturn PROBE_MATCH;\n\n#define PROBE_HTTP_METHOD(opt) if ((res = probe_http_method(p, len, opt)) != PROBE_NEXT) return res\n\n/* Otherwise it could be HTTP/1.0 without version: check if it's got an\n * HTTP method (RFC2616 5.1.1) */\nPROBE_HTTP_METHOD(\"OPTIONS\");\nPROBE_HTTP_METHOD(\"GET\");\nPROBE_HTTP_METHOD(\"HEAD\");\nPROBE_HTTP_METHOD(\"POST\");\nPROBE_HTTP_METHOD(\"PUT\");\nPROBE_HTTP_METHOD(\"DELETE\");\nPROBE_HTTP_METHOD(\"TRACE\");\nPROBE_HTTP_METHOD(\"CONNECT\");\n\n#undef PROBE_HTTP_METHOD\n\nreturn PROBE_NEXT;\n}\nhttp\u4e5f\u6bd4\u8f83\u7b80\u5355\uff0c\u68c0\u67e5\"HTTP\"\u5b57\u7b26\u4e32\u3002
\u53e6\u5916\u6709\u4e24\u79cd\u7279\u6b8a\u7684\u534f\u8bae\uff0ctimeout\u9ed8\u8ba4\u4f1a\u9009\u62e9\u521d\u59cb\u5316\u540e\u7684\u7b2c\u4e00\u4e2a\u534f\u8bae\uff08\u5373ssh\uff09\uff0cregex\u652f\u6301\u6b63\u5219\u5339\u914d\u6570\u636e\u5305\u7684\u56fa\u6709\u5b57\u7b26\u4e32\uff0c\u5c31\u8fde\u521d\u59cb\u5316\u65f6\u90fd\u662f\u5355\u72ec\u521d\u59cb\u5316\u7684\uff1a
/* Returns the probe for specified protocol:\n * parameter is the description in builtins[], or \"regex\" \n * */\nT_PROBE* get_probe(const char* description) {\nint i;\n\nfor (i = 0; i < ARRAY_SIZE(builtins); i++) {\nif (!strcmp(builtins[i].name, description)) {\nreturn builtins[i].probe;\n}\n}\n\n/* Special case of \"regex\" probe (we don't want to set it in builtins\n * because builtins is also used to build the command-line options and\n * regexp is not legal on the command line)*/\nif (!strcmp(description, \"regex\"))\nreturn regex_probe;\n\n/* Special case of \"timeout\" is allowed as a probe name in the\n * configuration file even though it's not really a probe */\nif (!strcmp(description, \"timeout\"))\nreturn is_true;\n\nreturn NULL;\n}\nis_true\u59cb\u7ec8\u8fd4\u56detrue\uff0c\u4e0d\u8fdb\u884c\u522b\u7684\u5224\u65ad\u4e86\u3002
regex_probe\u5185\u90e8\u7528pre2\u5b9e\u73b0\u4e86\u4e00\u5957\u6b63\u5219\u5339\u914d\u7684\u673a\u5236\u3002\u914d\u7f6econfig\u7684\u65b9\u6cd5\u53ef\u4ee5\u89c1\u4e0a\u6587\u3002
tls\u4e3atcp\u63d0\u4f9b\u4e86\u52a0\u5bc6\u670d\u52a1\uff0c\u662f\u5f88\u591a\u670d\u52a1\u4e0d\u53ef\u6216\u7f3a\u7684\u4e00\u73af\u3002\u7531\u4e8e\u6570\u636e\u5305\u662f\u52a0\u5bc6\u7684\u3001\u5f88\u591a\u670d\u52a1\u90fd\u4f7f\u7528tls\uff08\u6bd4\u5982https\uff09\uff0c\u6240\u4ee5\u6ca1\u6cd5\u901a\u8fc7regex\u7684\u65b9\u6cd5\u6765\u533a\u5206\u4e0d\u540c\u7684\u670d\u52a1\u3002\u597d\u5728sslh\u4e3atls\u63d0\u4f9b\u4e86\u4e24\u79cd\u5206\u8fa8\u65b9\u6cd5\uff0c\u5373sni_hostnames\u4e0ealpn_protocols\u3002\u5728config\u91cc\u5199\u7684\u4e00\u6761\u89c4\u5219\u5982\u679c\u4e24\u8005\u90fd\u7528\u4e86\uff0c\u5219\u53ea\u6709\u540c\u65f6\u6ee1\u8db3\u4e24\u8005\u7684tls\u6570\u636e\u5305\u624d\u5339\u914d\u5f97\u4e0a\u5bf9\u5e94\u7684\u89c4\u5219\u3002
\u6bd4\u5982example.cfg\u7ed9\u51fa\u7684\u4f8b\u5b50\uff1a
# match BOTH ALPN/SNI\n{ name: \"tls\"; host: \"localhost\"; port: \"5223\"; alpn_protocols: [ \"xmpp-client\" ]; sni_hostnames: [ \"im.somethingelse.net\" ]; log_level: 0; tfo_ok: true },\n\n# just match ALPN\n{ name: \"tls\"; host: \"localhost\"; port: \"443\"; alpn_protocols: [ \"h2\", \"http/1.1\", \"spdy/1\", \"spdy/2\", \"spdy/3\" ]; log_level: 0; tfo_ok: true },\n { name: \"tls\"; host: \"localhost\"; port: \"xmpp-client\"; alpn_protocols: [ \"xmpp-client\" ]; log_level: 0; tfo_ok: true },\n\n# just match SNI\n{ name: \"tls\"; host: \"localhost\"; port: \"993\"; sni_hostnames: [ \"mail.rutschle.net\", \"mail.englishintoulouse.com\" ]; log_level: 0; tfo_ok: true },\n { name: \"tls\"; host: \"localhost\"; port: \"xmpp-client\"; sni_hostnames: [ \"im.rutschle.net\", \"im.englishintoulouse.com\" ]; log_level: 0; tfo_ok: true },\n\n# Let's Encrypt (tls-alpn-* challenges)\n{ name: \"tls\"; host: \"localhost\"; port: \"letsencrypt-client\"; alpn_protocols: [ \"acme-tls/1\" ]; log_level: 0;},\n\n# catch anything else TLS\n{ name: \"tls\"; host: \"localhost\"; port: \"443\"; tfo_ok: true },\nalpn_protocols\u5373\u4f7f\u7528\u5e94\u7528\u5c42\u534f\u8bae\u534f\u5546\u7f16\u53f7\uff1aTLS Application-Layer Protocol Negotiation (ALPN) Protocol ID\u3002\u53ef\u4ee5\u5728\u8fd9\u91cc\u770b\u5230\u5b8c\u6574\u7684\u683c\u5f0f\u3002\u6253\u4e2a\u6bd4\u65b9\uff0c\u5982\u679c\u8bf4\u6570\u636e\u5305\u662f\u997a\u5b50\uff0ctls\u662f\u997a\u5b50\u76ae\uff0cALPN\u5c31\u662f\u8868\u793a\u91cc\u9762\u662f\u4ec0\u4e48\u9985\u7684\u3002
sni_hostnames\u5373\u4f7f\u7528\u670d\u52a1\u5668\u540d\u79f0\u6307\u793a\uff1aServer Name Indication\uff08SNI\uff09\uff0c\u7c7b\u4f3c\u4e8e\u670d\u52a1\u5668\u7aef\u7684\u57df\u540d\u3002\u6253\u4e2a\u6bd4\u65b9\uff0c\u867d\u7136\u5728\u5b66\u6821\u5feb\u9012\uff08\u6570\u636e\u5305\uff09\u90fd\u4f1a\u9001\u5230\u83dc\u9e1f\u9a7f\u7ad9\uff08\u670d\u52a1\u5668\uff09\uff0c\u4f46\u8fd9\u4e9b\u5305\u88f9\u6700\u7ec8\u662f\u6d41\u5411\u4e0d\u540c\u7684\u5bbf\u820d\u7684\uff08SNI\uff09\u3002SNI\u5e2e\u52a9\u5728tls\u63e1\u624b\u671f\u95f4\u5c31\u786e\u5b9assl\u8bc1\u4e66\uff0c\u800c\u4e0d\u662f\u5728http\u5efa\u7acb\u8fde\u63a5\u540e\u3002FQDN\u6307\u7684\u662fFully Qualified Domain Name\uff0c\u5373\u5b8c\u6574\u57df\u540d\uff0c\u53ef\u4ee5\u770b\u8fd9\u91cc\u7684\u4ecb\u7ecd\u3002
sni_hostname\u548calpn_protocols\uff0c\u5c5e\u4e8etls\u6269\u5c55\u5185\u5bb9\uff0c\u5e76\u975e\u5f3a\u5236\u4fdd\u7559\u5176\u4e2d\u3002\u53d1\u5305\u7684\u65f6\u5019\u6ce8\u610f\u6dfb\u52a0\uff0c\u4e0d\u7136sslh\u53ef\u80fd\u8bc6\u522b\u4e0d\u5230\u3002
"},{"location":"try-chatgpt/","title":"ChatGPT\u6765\u5e2e\u5fd9","text":""},{"location":"try-chatgpt/#_1","title":"\u7f51\u7edc\u7ad9\u70b9\u6253\u5305\u4e0b\u8f7d","text":"linux\u7528\u54ea\u4e2a\u547d\u4ee4\u53ef\u4ee5\u628a\u4e00\u4e2a\u7f51\u5740\u4ee5\u53ca\u5176\u6240\u4f9d\u8d56\u7684js\u548ccss\u7b49\u7b49\u6587\u4ef6\u81ea\u52a8\u4e0b\u8f7d\u4e0b\u6765\uff1f
\u5728Linux\u4e2d\uff0c\u4f60\u53ef\u4ee5\u4f7f\u7528 wget \u547d\u4ee4\u6765\u81ea\u52a8\u4e0b\u8f7d\u4e00\u4e2a\u7f51\u7ad9\u53ca\u5176\u4f9d\u8d56\u7684\u8d44\u6e90\u6587\u4ef6\uff08\u5982JS\u548cCSS\u7b49\uff09\u3002
\u4e0b\u9762\u662f\u4e00\u4e2a\u793a\u4f8b\u547d\u4ee4\uff1a
wget --recursive --no-clobber --page-requisites --html-extension --convert-links --restrict-file-names=windows --domains website.com --no-parent http://website.com\n--recursive: \u4e0b\u8f7d\u7f51\u7ad9\u7684\u6240\u6709\u94fe\u63a5\u3002 --no-clobber: \u4e0d\u4f1a\u91cd\u590d\u4e0b\u8f7d\u5df2\u7ecf\u5b58\u5728\u7684\u6587\u4ef6\u3002 --page-requisites: \u4e0b\u8f7d\u6240\u6709\u9875\u9762\u7684\u8d44\u6e90\uff08\u5982\u56fe\u50cf\uff0c\u97f3\u9891\u548c\u89c6\u9891\uff09\u3002 --html-extension: \u5c06\u6240\u6709HTML\u6587\u4ef6\u6269\u5c55\u540d\u6dfb\u52a0\u4e3a .html\u3002 --convert-links: \u5c06\u6240\u6709\u94fe\u63a5\u8f6c\u6362\u4e3a\u672c\u5730\u94fe\u63a5\u3002 --restrict-file-names=windows: \u907f\u514d\u4f7f\u7528 Linux \u4e0d\u652f\u6301\u7684\u6587\u4ef6\u540d\u5b57\u7b26\u3002 --domains website.com: \u9650\u5236\u4e0b\u8f7d\u7684\u57df\u540d\u8303\u56f4\u3002 --no-parent: \u4e0d\u4f1a\u4e0b\u8f7d\u7236\u7ea7\u94fe\u63a5\uff08\u6709\u52a9\u4e8e\u9632\u6b62\u65e0\u9650\u9012\u5f52\uff09\u3002
\u4f60\u53ef\u4ee5\u6839\u636e\u81ea\u5df1\u7684\u9700\u8981\u4fee\u6539\u8fd9\u4e9b\u9009\u9879\u4ee5\u6ee1\u8db3\u7279\u5b9a\u7684\u8981\u6c42\u3002
\u7528\u8fd9\u6761\u547d\u4ee4\u88ab\u670d\u52a1\u5668\u53d1\u73b0\u6076\u610f\u4e0b\u8f7d\uff0c\u88ab\u7ed9403 forbidden\u4e86\u600e\u4e48\u529e\uff1f
\u5982\u679c\u4f60\u4f7f\u7528\u7684\u547d\u4ee4\u88ab\u670d\u52a1\u5668\u8ba4\u4e3a\u662f\u6076\u610f\u4e0b\u8f7d\uff0c\u5e76\u4e14\u88ab\u670d\u52a1\u5668\u62d2\u7edd\u8bbf\u95ee\uff0c\u90a3\u4e48\u4f60\u53ef\u4ee5\u8003\u8651\u4ee5\u4e0b\u4e00\u4e9b\u65b9\u6cd5\u6765\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff1a
\u4fee\u6539\u4e0b\u8f7d\u901f\u5ea6\uff1a\u6709\u4e9b\u670d\u52a1\u5668\u53ef\u80fd\u4f1a\u9650\u5236\u4e0b\u8f7d\u901f\u5ea6\uff0c\u5982\u679c\u4f60\u4e0b\u8f7d\u7684\u592a\u5feb\uff0c\u5c31\u4f1a\u88ab\u8ba4\u4e3a\u662f\u653b\u51fb\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 --limit-rate \u9009\u9879\u6765\u9650\u5236\u4e0b\u8f7d\u901f\u5ea6\uff0c\u4f8b\u5982\uff1a
wget --limit-rate=200k http://example.com\n\u4fee\u6539\u4e0b\u8f7d\u5e76\u53d1\u6570\uff1a\u7c7b\u4f3c\u4e8e\u901f\u5ea6\u9650\u5236\uff0c\u4e00\u4e9b\u670d\u52a1\u5668\u4e5f\u4f1a\u9650\u5236\u540c\u65f6\u8fdb\u884c\u7684\u4e0b\u8f7d\u6570\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 --tries \u548c --wait \u9009\u9879\u6765\u9650\u5236\u5e76\u53d1\u4e0b\u8f7d\u6570\uff0c\u4f8b\u5982\uff1a
wget --tries=10 --wait=5 http://example.com\nwget --user-agent=\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3\" http://example.com\n\u4e0e\u670d\u52a1\u5668\u7ba1\u7406\u5458\u8054\u7cfb\uff1a\u5982\u679c\u4ee5\u4e0a\u65b9\u6cd5\u90fd\u4e0d\u80fd\u89e3\u51b3\u95ee\u9898\uff0c\u4f60\u53ef\u4ee5\u8054\u7cfb\u670d\u52a1\u5668\u7ba1\u7406\u5458\uff0c\u8bf4\u660e\u4f60\u7684\u4e0b\u8f7d\u8bf7\u6c42\u662f\u5408\u6cd5\u7684\uff0c\u8bf7\u6c42\u4ed6\u4eec\u653e\u884c\u4f60\u7684\u8bf7\u6c42\u3002 \u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u4e0d\u8981\u4f7f\u7528\u975e\u6cd5\u7684\u65b9\u5f0f\u4e0b\u8f7d\u6587\u4ef6\uff0c\u4ee5\u514d\u4fb5\u72af\u4ed6\u4eba\u7684\u5408\u6cd5\u6743\u76ca\uff0c\u5e76\u6709\u53ef\u80fd\u5bfc\u81f4\u6cd5\u5f8b\u7ea0\u7eb7\u3002
"},{"location":"try-chatgpt/#gopythonrust","title":"\u6bd4\u8f83Go\u3001Python\u3001Rust\u7684\u5173\u7cfb","text":"go\u3001rust\u3001python\u4e09\u79cd\u7f16\u7a0b\u8bed\u8a00\u5728\u8bed\u8a00\u7279\u6027\u65b9\u9762\u6709\u4ec0\u4e48\u533a\u522b\uff1f\u5404\u81ea\u6709\u4ec0\u4e48\u4f18\u52bf\uff1f\u9002\u7528\u573a\u666f\u6709\u4ec0\u4e48\u533a\u522b\uff1f
\u8fd9\u4e09\u79cd\u7f16\u7a0b\u8bed\u8a00\u5404\u6709\u4e0d\u540c\u7684\u7279\u70b9\u548c\u4f18\u52bf\uff0c\u4ee5\u4e0b\u662f\u5b83\u4eec\u7684\u4e3b\u8981\u533a\u522b\u548c\u9002\u7528\u573a\u666f\uff1a
Python Python \u662f\u4e00\u79cd\u9ad8\u7ea7\u7684\u52a8\u6001\u89e3\u91ca\u578b\u8bed\u8a00\uff0c\u5177\u6709\u7b80\u5355\u6613\u5b66\u3001\u6613\u8bfb\u6613\u5199\u7684\u7279\u70b9\u3002\u5b83\u7684\u8bed\u6cd5\u7b80\u5355\u3001\u4ee3\u7801\u53ef\u8bfb\u6027\u9ad8\u3001\u652f\u6301\u591a\u79cd\u7f16\u7a0b\u8303\u5f0f\u548c\u4e30\u5bcc\u7684\u7b2c\u4e09\u65b9\u5e93\uff0c\u9002\u7528\u4e8e\u5404\u79cd\u7c7b\u578b\u7684\u5e94\u7528\u7a0b\u5e8f\u5f00\u53d1\uff0c\u5c24\u5176\u64c5\u957f\u6570\u636e\u5206\u6790\u3001\u4eba\u5de5\u667a\u80fd\u548c\u79d1\u5b66\u8ba1\u7b97\u9886\u57df\u3002\u7531\u4e8e\u5b83\u7684\u5f00\u53d1\u6548\u7387\u9ad8\uff0c\u5e38\u88ab\u7528\u4e8e\u5feb\u901f\u539f\u578b\u8bbe\u8ba1\u548c\u654f\u6377\u5f00\u53d1\u3002
Go Go \u662f\u4e00\u79cd\u5f00\u6e90\u7684\u7f16\u8bd1\u578b\u8bed\u8a00\uff0c\u7531 Google \u5f00\u53d1\u3002\u5b83\u7684\u8bbe\u8ba1\u76ee\u6807\u662f\u4e3a\u4e86\u89e3\u51b3\u591a\u6838\u3001\u7f51\u7edc\u3001\u5927\u89c4\u6a21\u7a0b\u5e8f\u5f00\u53d1\u7b49\u95ee\u9898\uff0c\u5177\u6709\u9ad8\u6548\u3001\u53ef\u9760\u3001\u7b80\u6d01\u7b49\u7279\u70b9\u3002Go \u8bed\u8a00\u5728\u5e76\u53d1\u7f16\u7a0b\u548c\u7f51\u7edc\u7f16\u7a0b\u65b9\u9762\u8868\u73b0\u7a81\u51fa\uff0c\u6709\u7740\u975e\u5e38\u9ad8\u6548\u7684 Goroutine \u548c Channel \u673a\u5236\uff0c\u9002\u5408\u4e8e\u9ad8\u5e76\u53d1\u3001\u5206\u5e03\u5f0f\u7cfb\u7edf\u3001\u4e91\u8ba1\u7b97\u7b49\u9886\u57df\u7684\u5f00\u53d1\u3002
Rust Rust \u662f\u4e00\u79cd\u7cfb\u7edf\u7ea7\u7684\u7f16\u7a0b\u8bed\u8a00\uff0c\u7531 Mozilla \u5f00\u53d1\u3002\u5b83\u7ed3\u5408\u4e86\u9ad8\u6548\u6027\u80fd\u3001\u5185\u5b58\u5b89\u5168\u548c\u5e76\u53d1\u5b89\u5168\uff0c\u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u9760\u548c\u5b89\u5168\u7684\u7f16\u7a0b\u73af\u5883\u3002Rust \u7684\u4e3b\u8981\u4f18\u52bf\u5728\u4e8e\u5176\u5185\u5b58\u5b89\u5168\u6027\u548c\u5e76\u53d1\u6027\uff0c\u5b83\u5177\u6709\u9ad8\u6548\u7684\u7f16\u8bd1\u5668\u3001\u4e30\u5bcc\u7684\u7c7b\u578b\u7cfb\u7edf\u548c\u9ad8\u7ea7\u7684\u6a21\u5f0f\u5339\u914d\u529f\u80fd\uff0c\u9002\u7528\u4e8e\u9700\u8981\u9ad8\u6027\u80fd\u548c\u5b89\u5168\u6027\u7684\u7cfb\u7edf\u7ea7\u7f16\u7a0b\u3001\u7f51\u7edc\u7f16\u7a0b\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u5d4c\u5165\u5f0f\u5f00\u53d1\u7b49\u9886\u57df\u3002
\u603b\u7684\u6765\u8bf4\uff0cPython \u9002\u5408\u5feb\u901f\u539f\u578b\u8bbe\u8ba1\u548c\u654f\u6377\u5f00\u53d1\uff0cGo \u9002\u5408\u9ad8\u5e76\u53d1\u3001\u5206\u5e03\u5f0f\u7cfb\u7edf\u548c\u4e91\u8ba1\u7b97\uff0cRust \u9002\u5408\u9700\u8981\u9ad8\u6027\u80fd\u548c\u5b89\u5168\u6027\u7684\u7cfb\u7edf\u7ea7\u7f16\u7a0b\u3001\u7f51\u7edc\u7f16\u7a0b\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u5d4c\u5165\u5f0f\u5f00\u53d1\u3002\u9009\u62e9\u54ea\u79cd\u7f16\u7a0b\u8bed\u8a00\u53d6\u51b3\u4e8e\u5177\u4f53\u7684\u5e94\u7528\u573a\u666f\u548c\u9700\u6c42\u3002
"},{"location":"try-chatgpt/#_2","title":"\u8ba1\u7b97\u673a\u5b89\u5168\u8d44\u6e90\u5b66\u4e60","text":"\u6211\u60f3\u5b66\u4e60\u5de5\u4e1a\u754c\u5b9e\u7528\u7684\u8ba1\u7b97\u673a\u5b89\u5168\u9886\u57df\u7684\u77e5\u8bc6\uff0c\u8bf7\u63a8\u8350\u4e00\u4e9b\u7f51\u7ad9
\u4ee5\u4e0b\u662f\u4e00\u4e9b\u53ef\u4ee5\u5e2e\u52a9\u60a8\u5b66\u4e60\u5de5\u4e1a\u754c\u5b9e\u7528\u7684\u8ba1\u7b97\u673a\u5b89\u5168\u9886\u57df\u7684\u77e5\u8bc6\u7684\u7f51\u7ad9\uff1a
OWASP (\u5f00\u653e\u5f0f\u7f51\u7edc\u5b89\u5168\u9879\u76ee)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u63d0\u4f9b\u4e86\u5927\u91cf\u6709\u5173\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7684\u8d44\u6599\u548c\u5de5\u5177\u3002\u60a8\u53ef\u4ee5\u5728\u8fd9\u91cc\u627e\u5230\u5b89\u5168\u6807\u51c6\u3001\u6f0f\u6d1e\u68c0\u6d4b\u5de5\u5177\u3001\u653b\u51fb\u6a21\u62df\u5668\u7b49\u7b49\u3002
NIST (\u7f8e\u56fd\u56fd\u5bb6\u6807\u51c6\u4e0e\u6280\u672f\u7814\u7a76\u6240)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u4e3a\u8ba1\u7b97\u673a\u5b89\u5168\u548c\u4fe1\u606f\u6280\u672f\u63d0\u4f9b\u6807\u51c6\u548c\u6307\u5357\u3002\u60a8\u53ef\u4ee5\u5728\u8fd9\u91cc\u627e\u5230\u6709\u5173\u5b89\u5168\u63a7\u5236\u3001\u5bc6\u7801\u5b66\u3001\u98ce\u9669\u8bc4\u4f30\u7b49\u65b9\u9762\u7684\u8d44\u6599\u3002
SANS (\u5b89\u5168\u57f9\u8bad\u548c\u8ba4\u8bc1\u673a\u6784)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u63d0\u4f9b\u6709\u5173\u5404\u79cd\u8ba1\u7b97\u673a\u5b89\u5168\u4e3b\u9898\u7684\u57f9\u8bad\u548c\u8bfe\u7a0b\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u4e00\u4e2a\u535a\u5ba2\uff0c\u5176\u4e2d\u5305\u542b\u5404\u79cd\u6709\u5173\u7f51\u7edc\u5b89\u5168\u7684\u6587\u7ae0\u548c\u63d0\u793a\u3002
Dark Reading\uff1a\u8fd9\u662f\u4e00\u5bb6\u5728\u7ebf\u51fa\u7248\u5546\uff0c\u63d0\u4f9b\u4e86\u6709\u5173\u7f51\u7edc\u5b89\u5168\u7684\u6700\u65b0\u65b0\u95fb\u3001\u5206\u6790\u548c\u8bc4\u8bba\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u5404\u79cd\u8d44\u6e90\uff0c\u5305\u62ec\u7f51\u7edc\u5b89\u5168\u767d\u76ae\u4e66\u3001\u7814\u7a76\u62a5\u544a\u548c\u6f14\u793a\u6587\u7a3f\u3002
SecurityFocus\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u662f\u4e00\u4e2a\u5b89\u5168\u65b0\u95fb\u805a\u5408\u7ad9\u70b9\uff0c\u6536\u96c6\u4e86\u6765\u81ea\u5404\u79cd\u6765\u6e90\u7684\u5b89\u5168\u65b0\u95fb\u548c\u6f0f\u6d1e\u62a5\u544a\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u5b89\u5168\u8bba\u575b\u3001\u5b89\u5168\u5de5\u5177\u7b49\u3002
Reddit\uff1aReddit\u4e0a\u6709\u8bb8\u591a\u4e0e\u8ba1\u7b97\u673a\u5b89\u5168\u76f8\u5173\u7684\u793e\u533a\uff0c\u5982r/netsec\u3001r/hacking\u3001r/AskNetsec\u7b49\u3002\u8fd9\u4e9b\u793e\u533a\u53ef\u4ee5\u8ba9\u60a8\u5411\u5176\u4ed6\u5b89\u5168\u4e13\u4e1a\u4eba\u5458\u63d0\u95ee\uff0c\u5e76\u4e0e\u4ed6\u4eec\u5206\u4eab\u6709\u7528\u7684\u8d44\u6e90\u548c\u5de5\u5177\u3002
GitHub\uff1aGitHub\u662f\u4e00\u4e2a\u8f6f\u4ef6\u5f00\u53d1\u5e73\u53f0\uff0c\u4e5f\u662f\u8bb8\u591a\u5b89\u5168\u5de5\u5177\u548c\u811a\u672c\u7684\u6765\u6e90\u3002\u901a\u8fc7\u641c\u7d22GitHub\uff0c\u60a8\u53ef\u4ee5\u627e\u5230\u5f88\u591a\u6709\u7528\u7684\u5de5\u5177\uff0c\u5982\u6e17\u900f\u6d4b\u8bd5\u5de5\u5177\u3001\u6f0f\u6d1e\u626b\u63cf\u5668\u7b49\u7b49\u3002
\u5e0c\u671b\u8fd9\u4e9b\u7f51\u7ad9\u80fd\u5bf9\u60a8\u6709\u6240\u5e2e\u52a9\uff01
"},{"location":"word-learning/","title":"\u8bcd\u6c47\u5b66\u4e60","text":"\u76ee\u5f55\u4e3a\u81ea\u52a8\u751f\u6210\uff0c\u53ef\u80fd\u6709\u8bef\u3002\u6700\u8fd1\u4e00\u6b21\u66f4\u65b0\u65f6\u95f42024-02-11\u3002
\u6b22\u8fce\u63d0issue\u4ee5\u6307\u9519\u3001\u4ea4\u6d41\uff01
\u6700\u8fd1\u4e00\u6b21\u66f4\u65b0\u5185\u5bb9\uff1a
\u52a0\u8f7d\u65f6\u9009\u62e9Processor type\uff0c\u6bd4\u5982ARM Little-endian [ARM]\uff0c\u968f\u540e\u6839\u636e\u5b9e\u9645\u52a0\u8f7d\u60c5\u51b5\u8bbe\u7f6eROM\u7684\u8d77\u59cb\u5730\u5740\u548cInput file\u5730\u5740\u3002
raw binary\u7684\u524d\u56db\u5b57\u8282\u53ef\u80fd\u662f\u521d\u59cbsp\u503c\uff0c\u968f\u540e\u56db\u5b57\u8282\u53ef\u80fd\u662f\u521d\u59cbpc\u503c\u3002\u6309G\u5e76\u8f93\u5165pc\u503c\uff0cAlt+G\u8bbe\u7f6eT\u5bc4\u5b58\u5668\u503c\u4e3a1\uff080\u8868\u793aARM\uff0c1\u8868\u793aThumb\uff09\uff0c\u7136\u540e\u9009\u4e2dpc\u53ca\u4e4b\u540e\u6240\u6709\u4ee3\u7801\uff0c\u6309C\u8fdb\u884cMakeCode\u3002
"},{"location":"autoconf/","title":"autoconf\u5b66\u4e60\u7b14\u8bb0","text":"\u81ea\u5df1\u5f00\u53d1\u8f6f\u4ef6\u65f6\uff0c\u751f\u6210\u89c4\u8303\u7684configure\u7b49\u6587\u4ef6\u3002\u53ef\u53c2\u8003https://www.cnblogs.com/klausage/p/14163844.html\u7b49
"},{"location":"autoconf/#_1","title":"\u4e0d\u5206\u76ee\u5f55\u7ed3\u6784","text":"\u7f16\u5199Makefile.am\u6587\u4ef6\uff0c\u6bd4\u5982\uff1a
bin_PROGRAMS=helloworld\nhelloworld_SOURCES=helloworld.c\nbin_PROGRAMS\u7528\u4e8e\u7ed9\u9879\u76ee\u8d77\u540d\uff0c\u6bd4\u5982X\uff0c\u90a3\u4e48\u4e4b\u540e\u7684X_SOURCES\u5219\u7528\u6765\u6307\u5b9a\u4f7f\u7528\u7684\u6e90\u6587\u4ef6\u6267\u884cautoscan\uff0c\u751f\u6210configure.scan\uff0c\u5e76\u4fee\u6539\u5176\u4e2d\u7684AC_INIT\u3001AM_INIT_AUTOMAKE\uff0c\u91cd\u547d\u540d\u6587\u4ef6\u4e3aconfigure.ac\uff0c\u6bd4\u5982\uff1a
# -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ([2.69])\nAC_INIT([FULL-PACKAGE-NAME], [VERSION], [BUG-REPORT-ADDRESS])\nAM_INIT_AUTOMAKE([foreign]) # \u5982\u679c\u4e0d\u52a0\u8fd9\u4e00\u53e5\uff0c\u9ed8\u8ba4gnu\uff0c\u5219\u4e4b\u540e\u76ee\u5f55\u91cc\u8981\u6709NEWS\u3001README\u3001AUTHORS\u3001ChangLog\u7b49\u6587\u4ef6\uff08\u9700\u81ea\u5df1\u624b\u52a8\u5efa\u7acb\uff09\nAC_CONFIG_SRCDIR([main.h])\nAC_CONFIG_HEADERS([config.h])\n# Checks for programs.\nAC_PROG_CC\n\n# Checks for libraries.\n\n# Checks for header files.\n\n# Checks for typedefs, structures, and compiler characteristics.\n\n# Checks for library functions.\n\nAC_CONFIG_FILES([Makefile])\nAC_OUTPUT\n\u6267\u884caclocal && autoheader && autoconf\uff0c\u751f\u6210aclocal.m4\u3001config.h.in\u548cconfigure
\u8fd0\u884cautomake --add-missing\uff0c\u4f1a\u6839\u636eMakefile.am\u751f\u6210Makefile.in
\u8fd0\u884c./configure\u751f\u6210makefile
\u8fd0\u884cmake\uff0c\u57fa\u4e8emakefile\u7f16\u8bd1\u4ee3\u7801
\u4e5f\u5c31\u662f\u8bf4\u6e90\u7801\u53ef\u80fd\u5728\u591a\u4e2a\u6587\u4ef6\u5939\u4e0b\uff0c\u6bd4\u5982src\u3002\u90a3\u4e48\u6bcf\u4e2a\u6587\u4ef6\u5939\u9700\u8981\u5355\u72ec\u5199Makefile.am\u6765\u6307\u5b9a\u5982\u4f55\u7f16\u8bd1\u3002
\u7f16\u5199Makefile.am\u6587\u4ef6
\u6e90\u7801\u6240\u5728\u7684\u6587\u4ef6\u5939\u7684Makefile\u6587\u4ef6\u793a\u4f8b\uff1a
bin_PROGRAMS = reverse\n\n#AM_CFLAGS= -DDEBUG -DLOG_INSTRUCTIONS -I ../include\nAM_CFLAGS= -DDEBUG -I ../include\n\nreverse_CPPFLAGS = -msse4.1\n\n# \u4f7f\u7528LDFLAG\u4f1a\u5728gcc\u4e2d\u90e8\u653e-l\uff0c\u5bfc\u81f4\u627e\u4e0d\u5230\u7b2c\u4e09\u65b9\u5e93\u3002\u7528LDADD\u53ef\u4ee5\u6dfb\u52a0\u5230\u6574\u4e2agcc\u6307\u4ee4\u7684\u6700\u540e\nreverse_LDADD = -lcapstone\n\nhandlers_FILES = handler_flag_manip.c handler_interrupt.c\n\n#handler_interrupt.c\n\nreverse_SOURCES = access_memory.c alias_manager.c $(handlers_FILES)\nAM_CFLAGS\u7528\u4e8e\u6dfb\u52a0\u7f16\u8bd1\u9009\u9879\u9879\u76ee\u6587\u4ef6\u5939\u9700\u8981\u6307\u5b9a\u6e90\u6587\u4ef6\u6240\u5728\u7684\u6587\u4ef6\u5939
POMP\u7684\u4f8b\u5b50\uff1a
SUBDIRS=src # \u6307\u5b9asrc\u6587\u4ef6\u5939\ndist_doc_DATA=README\n\nTESTSUITES_DIR = testsuites\nEXECUTABLE=$(SUBDIRS)/reverse\n\nabc2mtex:\n$(EXECUTABLE) $(TESTSUITES_DIR)/$@/core $(TESTSUITES_DIR)/library/ $(TESTSUITES_DIR)/$@/inst.reverse\n\naireplay-ng:\n$(EXECUTABLE) $(TESTSUITES_DIR)/$@/core $(TESTSUITES_DIR)/library/ $(TESTSUITES_DIR)/$@/inst.reverse\n\u6267\u884cautoscan\uff0c\u751f\u6210configure.scan\uff0c\u5e76\u4fee\u6539\u5176\u4e2d\u7684AC_INIT\u3001AM_INIT_AUTOMAKE\uff0c\u91cd\u547d\u540d\u6587\u4ef6\u4e3aconfigure.ac\uff0c\u6bd4\u5982\uff1a
# -*- Autoconf -*-\n# Process this file with autoconf to produce a configure script.\n\nAC_PREREQ([2.69])\nAC_INIT([reverse_from_coredump], [0.0.1], [mudongliangabcd@gmail.com])\nAM_INIT_AUTOMAKE([-Wall -Werror foreign])\nAC_CONFIG_HEADERS([config.h])\n\n# Checks for programs.\nAC_PROG_CC\n\n# Checks for libraries.\nAC_CHECK_LIB([disasm], [x86_init])\nAC_CHECK_LIB([elf], [gelf_getehdr])\n\n# Checks for header files.\nAC_CHECK_HEADERS([fcntl.h malloc.h stddef.h stdint.h stdlib.h string.h unistd.h])\n\n# Checks for typedefs, structures, and compiler characteristics.\nAC_CHECK_HEADER_STDBOOL\nAC_C_INLINE\nAC_TYPE_OFF_T\nAC_TYPE_SIZE_T\n\n# Checks for library functions.\nAC_FUNC_MALLOC\nAC_CHECK_FUNCS([memset strerror])\n\nAC_CONFIG_FILES([Makefile\nsrc/Makefile])\nAC_OUTPUT\n\u6267\u884caclocal && autoheader && autoconf\uff0c\u751f\u6210aclocal.m4\u3001config.h.in\u548cconfigure
\u8fd0\u884cautomake --add-missing\uff0c\u4f1a\u6839\u636eMakefile.am\u751f\u6210Makefile.in
\u8fd0\u884c./configure\u751f\u6210makefile
\u8fd0\u884cmake\uff0c\u57fa\u4e8emakefile\u7f16\u8bd1\u4ee3\u7801
member_address - &(((TYPE *)0)->member);\n\u540e\u534a\u90e8\u5206\u770b\u4f3c\u4f1a\u89e3\u5f15\u75280\u5730\u5740\u800ccrash\uff0c\u4f46\u7f16\u8bd1\u5668\u4f1a\u4f18\u5316\u4e3a\u76f4\u63a5\u8ba1\u7b97member\u7684offset\u3002\u53c2\u89c1kernel\u4ee3\u7801\u5e38\u7528\u7684container_of\u3002
"},{"location":"c/#_2","title":"\u52a8\u6001\u94fe\u63a5\u5e93","text":"\u7f16\u8bd1\u52a8\u6001\u94fe\u63a5\u5e93\u672c\u8eab
\u4f7f\u7528gcc\u7f16\u8bd1\u51fa\u52a8\u6001\u94fe\u63a5\u5e93\uff1a
gcc <source C file> -shared -fPIC -o lib<source>.so\n\u7f16\u8bd1\u539f\u9879\u76ee\u65f6\u6307\u5b9a\u52a8\u6001\u94fe\u63a5\u5e93
\u4f7f\u7528-l\u6307\u5b9a\u52a0\u8f7d\u94fe\u63a5\u5e93\uff0c\u6ce8\u610f\u53bb\u6389\u5e93\u6587\u4ef6\u7684lib\u5f00\u5934\u548c.so\u7ed3\u5c3e\u3002\u7f16\u8bd1\u65f6\uff0c\u6ce8\u610f\u628a\u5e93\u653e\u5728\u6574\u4e2a\u547d\u4ee4\u7684\u7ed3\u5c3e\uff0c\u5426\u5219\u53ef\u80fd\u63d0\u793a\u5e93\u51fd\u6570\u672a\u5b9a\u4e49\u3002
\u6bd4\u5982gcc main.c -lcapstone\u4e0d\u4f1a\u62a5\u9519\uff0cgcc -lcapstone main.c\u4f1a\u63d0\u793a\u62a5\u9519\u3002\uff08\u5047\u8bbe\u8fd9\u91ccmain.c\u8c03\u7528\u4e86capstone\u7684\u5e93\u51fd\u6570\uff09
\u5982\u679c\u52a8\u6001\u94fe\u63a5\u5e93\u4e0d\u5728\u9ed8\u8ba4\u7684\u7cfb\u7edf\u5e93\u4e2d\uff0c\u53ef\u4ee5\u6dfb\u52a0-L\u6765\u6307\u5b9a\u52a8\u6001\u94fe\u63a5\u5e93\u7684\u4fdd\u5b58\u4f4d\u7f6e\u3002
\u8fd0\u884c\u9879\u76ee\u65f6\u52a0\u8f7d\u52a8\u6001\u94fe\u63a5\u5e93
\u5373\u4fbf\u7f16\u8bd1\u6210\u529f\uff0c\u8fd0\u884c\u53ef\u80fd\u62a5\u9519\u3002\u641c\u7d22\u987a\u5e8f\u4e3a\uff1a
-Wl,-rpath=xxx\u6765\u6307\u5b9a\u8fd0\u884c\u65f6\u6240\u9700\u7684\u52a8\u6001\u5e93\u6587\u4ef6LD_LIBRARY_PATH\u6307\u5b9a\u7684\u76ee\u5f55\u4e2d\u641c\u7d22/etc/ld.so.conf\u7ed9\u51fa\u7684\u76ee\u5f55\u4e2d\u641c\u7d22/lib\u3001/lib64\u3001/usrlib\u3001/usrlib64\u7b49\u641c\u7d22\u4f18\u5316\u9700\u8981\u901a\u8fc7\u5927\u91cf\u6d4b\u8bd5\u6765\u9a8c\u8bc1\u4e00\u81f4\u6027\u3001\u6027\u80fd\uff0c\u56e0\u4e3a\u5e76\u975e\u6240\u6709\u4f18\u5316\u90fd\u662f\u6b63\u786e\u6216\u5fc5\u8981\u7684\u3002\u4ece\u91cd\u6784\u7a0b\u5e8f\u6267\u884c\u6d41\u7684\u89d2\u5ea6\u6765\u8bb2\uff0c\u4f18\u5316\u5e76\u4e0d\u662f\u7075\u4e39\u5999\u836f\uff0c\u5e76\u5728\u4e0d\u540c\u8bed\u8a00\u3001\u4e0d\u540c\u7f16\u8bd1\u5668\u3001\u4e0d\u540c\u73af\u5883\u3001\u4e0d\u540c\u4efb\u52a1\u4e2d\u8868\u73b0\u51fa\u5de8\u5927\u7684\u5dee\u5f02\u3002\u4ee5\u4e0b\u7684\u4f18\u5316\u65b9\u6cd5\u5747\u4ec5\u4f9b\u53c2\u8003\u3002
"},{"location":"code-gracely/#_4","title":"\u5229\u7528\u77ed\u8def\u4e0e\u54e8\u5175","text":"\u4f7f\u7528\u5927\u91cfif-else\u7684\u574f\u5904\uff1a
\u4f7f\u7528\u67e5\u8868\u6cd5\u7684\u597d\u5904\uff1a
\u7528\u6cd5\uff1a\u5c06\u8981\u5224\u65ad\u7684\u5404\u4e2a\u53c2\u6570\u4f5c\u4e3a\u8868\u7684\u7ef4\u5ea6\uff0c\u5c06\u5224\u65ad\u7ed3\u679c\u4f5c\u4e3a\u8868\u7d22\u5f15\u540e\u7684\u7ed3\u679c\u3002
"},{"location":"code-gracely/#_10","title":"\u7528\u7d22\u5f15\u8868\u66ff\u6362\u6570\u636e\u8868","text":"\u7a00\u758f\u7684\u6570\u636e\u8868\u5728\u5b58\u50a8\u5bf9\u9f50\u7684\u60c5\u51b5\u4e0b\u4f1a\u6d6a\u8d39\u5927\u91cf\u7a7a\u95f4\u3002\u4e0e\u4e4b\u76f8\u6bd4\uff0c\u91c7\u7528\u7d22\u5f15\u8868\u53ef\u4ee5\u964d\u4f4e\u7a7a\u95f4\u6d6a\u8d39\u91cf\uff08\u4ecd\u7136\u4f1a\u4ea7\u751f\u6d6a\u8d39\uff09\u3002\u4e3a\u4e86\u8fdb\u4e00\u6b65\u51cf\u5c11\u7d22\u5f15\u8868\u7a7a\u95f4\uff0c\u53ef\u4ee5\u4f7f\u7528\u9636\u68af\u7d22\u5f15\u8868\uff0c\u6839\u636e\u6570\u636e\u7684\u8303\u56f4\uff08\u800c\u4e0d\u662f\u5177\u4f53\u7684\u6570\u636e\u503c\uff09\u8fdb\u884c\u5efa\u7d22\u5f15\uff0c\u6bd4\u5982\u6839\u636e\u767e\u5206\u5236\u6210\u7ee9\u8ba1\u7b97\u7ee9\u70b9\uff0c\u5efa\u7acb\u76f8\u5e94\u7684data-to-key\u51fd\u6570\uff0c\u653e\u5728\u6570\u7ec4\u4e2d\u3002
"},{"location":"code-gracely/#_11","title":"\u7528\u7ed3\u679c\u8868\u66ff\u6362\u6570\u5b66\u8ba1\u7b97\u7ed3\u679c","text":"\u8003\u8651\u5230\u7cfb\u7edf\u51fd\u6570\u7684\u7cbe\u786e\u6027\uff0c\u8ba1\u7b97\u901f\u5ea6\u53ef\u80fd\u8f83\u6162\u3002\u53ef\u4ee5\u9884\u5148\u624b\u52a8\u7b97\u51fa\u4e00\u4e9b\u6570\u636e\u5e76\u5efa\u8868\uff0c\u8ba1\u7b97\u65f6\u76f4\u63a5\u67e5\u8868\u5373\u53ef\uff0c\u5927\u5927\u63d0\u9ad8\u7a0b\u5e8f\u6027\u80fd\u3002
"},{"location":"code-gracely/#_12","title":"\u4e00\u4e9b\u5c0f\u5c0f\u7684\u8bed\u6cd5\u7279\u6027","text":""},{"location":"code-gracely/#c","title":"C","text":"\u521d\u59cb\u5316\u6570\u7ec4\uff0c\u53ef\u4ee5\u8fde\u7eed\u8d4b\u503c
int arr[10] = {\n[0] = 1,\n[1 ... 4] = 2,\n[5 ... 7] = 4,\n};\n\u521d\u59cb\u5316\u7ed3\u6784\u4f53\u6216\u8054\u5408\uff0c\u53ef\u4ee5\u4e00\u8d77\u8d4b\u503c
struct test {\nint a;\nint b;\nint c;\nint d;\n};\n\nint main(\nint argc, char const *argv[]\n)\n{\nstruct test t = {\n.a = 1,\n.b = 2,\n.c = 3,\n.d = 4,\n};\n\nreturn 0;\n}\n\u4e5f\u53ef\u4ee5\u770b\u8fd9\u91cc\u7684\u4ecb\u7ecd
"},{"location":"crawler/#_2","title":"\u52a0\u56fd\u5185\u4ee3\u7406","text":"\u9488\u5bf9\u4e2a\u522b\u7f51\u7ad9\u9501ip\uff0c\u53ef\u4ee5\u8003\u8651\u6574\u4e2a\u4ee3\u7406
import base64\nusername = 'xxxxx'\npasswd = 'xxxxx'\nproxy_ip = 'xxxx.kdltps.com'\nproxy_port = '15818'\n\nmeta = {'proxy': f'http://{proxy_ip}:{proxy_port}'}\ncode = base64.b64encode(f'{username}:{passwd}'.encode()).decode()\n\nheaders = {\n \"Proxy-Authorization\": f\"Basic {code}\", # \u5728headers\u91cc\u8bbe\u7f6e\u4e0b\u4ee3\u7406token\n}\n\ndef start_requests(self):\n yield scrapy.Request(\n headers = headers, # \u8bbe\u7f6e\u4f7f\u7528headers\uff0c\u5305\u542btoken\n meta = meta, # \u8bbe\u7f6e\u4f7f\u7528\u4ee3\u7406\n )\n\u9488\u5bf9\u8bf7\u6c42\u5934Content-Type\u4e3aapplication/json\u7c7b\u578b\uff0cstart_requests\u91cc\u7528Request\uff0c\u6ce8\u660emethod\u548cbody\uff1a
import json\nheaders = {\n \"Content-Type\": \"application/json\",\n \"User-Agent\": \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36\",\n}\n\ndata = json.dumps({\"key\":\"value\"})\n\n# \u7701\u7565\u65e0\u5173\u4fe1\u606f\n\nyield scrapy.Request(\n url=url, \n method='POST', \n headers=headers, \n body=data,\n callback=self.parse, \n meta={'period': t}, \n errback=self.err,\n cb_kwargs={'period': t,'page':0}\n)\n\u9488\u5bf9\u8bf7\u6c42\u5934Content-Type\u4e3aapplication/x-www-form-urlencoded\u7c7b\u578b\uff0cstart_requests\u91cc\u7528FormRequest\uff0c\u6ce8\u660eformdata\uff1a
post_data = {\"key\":\"value\"}\n\n# \u7701\u7565\u65e0\u5173\u4fe1\u606f\n\nyield scrapy.FormRequest(\n url=url,\n formdata=post_data,\n errback=self.err,\n callback = self.parse,\n cookies = cookies,\n cb_kwargs = {'id':'shixian','page':str(page)},\n )\n\u666e\u901a\u8bf7\u6c42\u7528scrapy.Request\u5373\u53ef\u3002
"},{"location":"crawler/#selenium","title":"Selenium","text":"\u722c\u4e45\u4e86\u603b\u4f1a\u7206\u5185\u5b58\uff0c\u4e0d\u77e5\u9053\u5185\u5b58\u6cc4\u9732\u7684bug\u6709\u6ca1\u6709\u4fee\u590d\u3002\u4ee5\u4e0b\u7528\u7684\u662fchrome\u6d4f\u89c8\u5668\uff0c\u9700\u8981\u9884\u5148\u4e0b\u8f7d\u4e0b\u9a71\u52a8
from selenium import webdriver\nfrom selenium.webdriver.common.by import By\nfrom selenium.webdriver.chrome.service import Service\nfrom pathlib import Path\nimport time\nimport json\nimport ast \nimport re\nimport os\nimport yaml\nimport shutil\n\noptions = webdriver.ChromeOptions()\n# options.add_argument('--headless')\n# https://chromedriver.chromium.org/downloads\ns = Service('S:/chromedriver.exe')\noptions.add_experimental_option('excludeSwitches', ['enable-logging'])\ndriver = webdriver.Chrome(service=s,options=options)\ndriver.get('http://www.baidu.com')\ntime.sleep(1)\n\ndef get_current_and_final_page_of_one_book():\n cur = -1\n final = -1\n try:\n pages = driver.find_elements(By.XPATH,'//ul[@class=\"t-pager\"]/li')\n except:\n print('Current page is not found')\n return cur,final\n\n for page in pages:\n if 'active' in page.get_attribute('class'):\n cur = int(page.text)\n if 'number' in page.get_attribute('class'):\n final = int(page.text)\n return cur,final\n\ndef download_one_page_of_a_book(skip,config):\n\"\"\"\u4e00\u9875\u6240\u6709\u6587\u6863\u5168\u90e8\u4e0b\u8f7d\u6210\u529f\u5219\u8fd4\u56deTrue,OK\n \"\"\"\n global CURRENT_PAGE\n global CURRENT_TITLE\n titles = driver.find_elements(By.XPATH,'//div[@class=\"container\"]/div[1]/div[2]/div[2]/table/tbody/tr/td[1]')\n icons = driver.find_elements(By.XPATH,'//div[@class=\"container\"]/div[1]/div[2]/div[2]/table/tbody/tr/td[4]')\n jscode = 'document.location = '+'\"'+config['url']+'\"'\n driver.execute_script(jscode)\n for title,svgs in zip(titles,icons):\n svgs = svgs.find_elements(By.XPATH,'.//*[name()=\"svg\"]')\n print(f'Current title: {title.text}, skip: {skip}, CURRENT_TITLE: {CURRENT_TITLE}')\n if CURRENT_TITLE is not None and skip and title.text != CURRENT_TITLE:\n continue\n skip = False\n for svg in svgs:\n # if visible \n if svg.get_attribute('style') == 'display: inline-block;':\n svg.click()\n time.sleep(7)\n cls = driver.window_handles\n if len(cls) > 1:\n time.sleep(20)\n ok = archive_file(title.text,config)\n if not ok:\n print(f'Failed to download {title.text}')\n while len(cls) > 1:\n driver.switch_to.window(cls[1])\n driver.close()\n driver.switch_to.window(cls[0])\n cls = driver.window_handles\n return (False, title.text)\n cls = driver.window_handles\n driver.switch_to.window(cls[0])\n CURRENT_TITLE = None\n CURRENT_PAGE += 1\n return (True, 'OK')\n\n# load yaml\nwith open(target_yml,'r',encoding='utf8') as f:\n SETTINGS = yaml.load(f,Loader=yaml.FullLoader)\n# dump yaml\nwith open(target_yml,'w',encoding='utf8') as f:\n yaml.dump(SETTINGS,f,allow_unicode=True)\n\ndriver.close()\ndriver.quit()\n\u6216\u8005\u8bbe\u7f6e\u4e00\u4e2ahelper\u7a0b\u5e8f\uff0c\u53cd\u590d\u542f\u52a8selenium\uff1a
import subprocess\nimport time\nimport datetime\nimport sys\ncmd = 'python ./main.py'\nop = 0\nwhile True:\n if op >= 200:\n print('failed 200 times!')\n break\n p = subprocess.Popen(cmd.split(), stdout=sys.stdout, stderr=sys.stderr)\n print('new round at', datetime.datetime.now().strftime('%Y-%m-%d %H:%M:%S'),f'op = {op}')\n op += 1\n\n time.sleep(30)\n if p.poll() == 0:\n break\n p.wait()\n\u6309\u7167https://docs.docker.com/engine/install/ubuntu/\u7684\u8bf4\u660e\u5b89\u88c5\u5373\u53ef
"},{"location":"docker/#_1","title":"\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e","text":"\u9ed8\u8ba4\u4f7f\u7528\u7684\u4f4d\u7f6e\u662f/var/lib/docker\uff0c\u5728\u6839\u76ee\u5f55\u4e0b\u5bb9\u6613\u5360\u6ee1\u3002\u53ef\u4ee5\u901a\u8fc7\u4fee\u6539\u914d\u7f6e\u6587\u4ef6/lib/systemd/system/docker.service\u7684-g\u53c2\u6570\u6765\u6307\u5b9a\u4f4d\u7f6e\u3002\u53ef\u4ee5\u901a\u8fc7docker info\u67e5\u770b\u4fdd\u5b58\u7684\u4f4d\u7f6eDocker Root Dir\u3002
\u914d\u7f6e\u6587\u4ef6\u53ef\u4ee5\u901a\u8fc7systemctl status docker\u5e76\u67e5\u770bLoad\u4f7f\u7528\u7684\u914d\u7f6e\u6587\u4ef6\u662f\u54ea\u4e2a\u3002
\u53e6\u4e00\u79cd\u6307\u5b9a\u955c\u50cf\u4fdd\u5b58\u4f4d\u7f6e\u7684\u65b9\u6cd5\uff1a\u4fee\u6539/etc/docker/daemon.json\uff0c\u8bbe\u7f6e\u4e3a
{\n\"data-root\": \"/home/docker\"\n}\n\u968f\u540e\u91cd\u8f7d\u4e00\u4e0b\u914d\u7f6e\uff1a
sudo cp -r /var/lib/docker /home/docker\nsudo systemctl daemon-reload\nsudo systemctl restart docker\nsudo systemctl status docker\n\u4f1a\u5728\u5bb9\u5668\u4e2d\u521b\u5efa\u76ee\u5f55\uff0c\u6620\u5c04\u5bbf\u4e3b\u673a\u76ee\u5f55\u3002\u5bbf\u4e3b\u673a\u7684\u76ee\u5f55\u548c\u5bb9\u5668\u76ee\u5f55\u5185\u5bb9\u662f\u4e00\u6837\u7684\uff0c\u4fee\u6539\u4e00\u65b9\uff0c\u53e6\u4e00\u65b9\u968f\u4e4b\u6539\u53d8
docker run -it --name=<container_name> --user=<user_id>:<group_id> --hostname=xxxx --workdir=xxxx -v /etc/passwd:/etc/passwd:ro -v /etc/group:/etc/group:ro --mount type=bind,source=<\u5bbf\u4e3b\u673a\u76ee\u5f55>,target=<\u5bb9\u5668\u76ee\u5f55> <\u955c\u50cf\u540d>:<tag> /bin/bash\n\u6ce8\u610f\u8fd9\u6837\u521b\u5efa\u7684\u7528\u6237\u6ca1\u6709root\u6743\u9650\u3002\u5982\u679c\u9700\u8981\uff0c\u5219\u4e0d\u4f7f\u7528user\u53c2\u6570\uff0c\u4f46\u5b58\u5728\u5bb9\u5668\u521b\u5efa\u6587\u4ef6\u662froot\uff0c\u5bbf\u4e3b\u673a\u65e0\u6cd5\u4fee\u6539\u7684\u95ee\u9898\u3002
\u4e00\u4e2a\u4e0d\u592a\u806a\u660e\u7684\u89e3\u51b3\u65b9\u6cd5\u662fuser_id\u8bbe\u6210root\u76840\uff0cgroup_id\u8bbe\u6210\u666e\u901a\u7528\u6237\uff0c\u7136\u540e\u5728\u5bb9\u5668\u91cc\u7ed9root\u7684.bashrc\u52a0\u4e00\u884cumask 0002\u3002\u5c31\u662f\u8bf4\u8ba9\u7528\u6237\u7ec4\u4e5f\u80fd\u4fee\u6539\u6587\u4ef6\u4e86\u3002
\u4e00\u4e9b\u5176\u4ed6\u7684\u529e\u6cd5\uff1adocker exec -u\u597d\u50cf\u53ef\u4ee5\u6307\u5b9a\u542f\u52a8\u5bb9\u5668\u65f6\u7684\u7528\u6237\uff0c\u4e0d\u77e5\u9053\u6709\u4ec0\u4e48\u7528\uff0c\u53ef\u4ee5\u8bd5\u8bd5\uff1b\u6216\u8005root\u8fdb\u53bb\u4ee5\u540e\u628a\u666e\u901a\u7528\u6237\u52a0\u5230sudoers\u91cc
apt-get update\u66f4\u65b0\u4e00\u4e0blist\uff0c\u7136\u540e\u624d\u80fd\u4f7f\u7528apt-get\u4e0b\u8f7d\u5176\u4ed6\u5305\u3002\u4e00\u4e9b\u5e38\u7528\u7684\u5305\uff1aapt-get install build-essential
\u8fde\u6309Ctrl+P\u3001Ctrl+Q\u9000\u51fa\u5bb9\u5668\u3002\u5426\u5219\u7b80\u5355\u9000\u51fa\u540e\u5bb9\u5668\u5c31stop\u4e86\uff0c\u4e0b\u6b21exec\u7684\u65f6\u5019\u8fd8\u8981restart\uff0c\u751a\u81f3\u8fd8\u4f1a\u51fa\u73b0restart\u81ea\u52a8\u53c8stop\u7684\u60c5\u51b5
"},{"location":"docker/#_5","title":"\u8fdb\u5165\u5df2\u6709\u7684\u5bb9\u5668","text":"docker exec -it <\u5bb9\u5668id> /bin/bash\n\u53ef\u4ee5Ctrl+D\u9000\u51fa
"},{"location":"envs/","title":"\u73af\u5883\u914d\u7f6e","text":""},{"location":"envs/#_2","title":"\u66f4\u65b0\u57fa\u672c\u73af\u5883","text":"sudo apt update\nsudo apt install curl build-essential gcc make -y\ncurl --proto '=https' --tlsv1.3 -sSf https://sh.rustup.rs | sh\nrustup update\n\u56fd\u5185\u4f7f\u7528\u65f6crates.io\u53ef\u80fd\u767b\u4e0d\u4e0a\uff0c\u8bd5\u8bd5\u4fee\u6539\u5b89\u88c5\u76ee\u5f55\u4e0b\u7684config\u6587\u4ef6(\u6bd4\u5982$HOME/.cargo/config)
[source.crates-io]\nregistry = \"https://github.com/rust-lang/crates.io-index\"\n\n# \u66ff\u6362\u6210\u4f60\u504f\u597d\u7684\u955c\u50cf\u6e90\n#replace-with = 'sjtu'\n#replace-with = 'ustc'\n#replace-with = 'tuna'\n#replace-with = 'rustcc'\n\n# \u6e05\u534e\u5927\u5b66\n[source.tuna]\nregistry = \"https://mirrors.tuna.tsinghua.edu.cn/git/crates.io-index.git\"\n\n# \u4e2d\u56fd\u79d1\u5b66\u6280\u672f\u5927\u5b66\n[source.ustc]\nregistry = \"git://mirrors.ustc.edu.cn/crates.io-index\"\n\n# \u4e0a\u6d77\u4ea4\u901a\u5927\u5b66\n[source.sjtu]\nregistry = \"https://mirrors.sjtug.sjtu.edu.cn/git/crates.io-index\"\n\n# rustcc\u793e\u533a\n[source.rustcc]\nregistry = \"git://crates.rustcc.cn/crates.io-index\"\n\n[source.rustcchttp]\nregistry = \"https://code.aliyun.com/rustcc/crates.io-index.git\"\ngo env -w GOPROXY=https://goproxy.cn\nsudo apt install zsh\ncurl\u548cwget\u4e8c\u9009\u4e00
sh -c \"$(curl -fsSL https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh)\"\nsh -c \"$(wget https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh -O -)\"\n\u9700\u8981\u6839\u636e\u672c\u5730\u5b9e\u9645\u7684\u60c5\u51b5\u4fee\u6539\u76ee\u6807ip\u548c\u7aef\u53e3
git config --global http.https://github.com.proxy http://xxx.xxx.xxx.xxx:xxx\nsudo apt-get install linux-tools-`uname -r`\nevel `ssh-agent`\nssh-add <\u79c1\u94a5\u6587\u4ef6>\n\u4f7f\u7528chocolatey\u5305\u7ba1\u7406\u5668\u3002\u6309https://chocolatey.org/install#individual\u7684\u8bf4\u660e\u5373\u53ef\uff0c\u6700\u540echoco install make
\u8986\u76d6\u7387\u6307\u5f15\u7684\u6a21\u7cca\u6d4b\u8bd5\u65b9\u6cd5\u83b7\u5f97\u8986\u76d6\u7387\u7684\u56db\u79cd\u8ffd\u8e2a\u65b9\u5f0f[^1]\uff1a
\u4fb5\u5165\u5f0f\u4e0e\u975e\u4fb5\u5165\u5f0f\u8ffd\u8e2a[^2]\uff1a
Traces can be generated by trace code that is executed within tasks and/or interrupt service routines, just like application code that is executed on the same CPU. This is the most flexible approach, as both the content and the amount of trace information output can be defined in software. However, this tracing method comes with a significant drawback: It uses resources that are shared with the application software, hence tracing may significantly reduce the amount of memory available for the applications, increase the gross execution times of the applications and, in the case of real-time systems, impair functionality. This is why it is called intrusive tracing.
The most common case is that adding trace code is detrimental to the functionality of the applications in real-time systems because the resource requirements for intrusive tracing have been underestimated in the early stages of the project, such that tracing would eventually eat up resources that are required by the application. Therefore, the resource requirements for tracing must be properly considered throughout the whole development lifecycle. Removing trace code from real-time systems may also cause functional issues, typically just before the final production software release. This is the worst case, as trace information is no longer available in this scenario.
Non-intrusive tracing does not change the intrinsic timing behavior of the system under test. This approach simplifies the software development process a lot and requires dedicated hardware support for tracing. External trace probes connected to the target system, in conjunction with on-chip debug modules, capture code execution on instruction level, memory accesses and other events on the target processor. This approach is the best option when it comes to debugging the code execution down to the instruction level. The PCB design of the device under test must provide the connectors required by the external probe.
Another option for non-intrusive tracing is on-chip tracing, where most of the trace hardware is packed into the same chip that also contains the CPU that executes the application code. Non-intrusive tracing can, however, be restricted by limitations of the respective trace module or probe, such as buffer sizes, bus bandwidth or the size of an external probe.
Due to cost savings (no expensive third-party trace hardware required), reduced footprint (very small connectors instead of larger probe connectors), and limited trace bandwidth requirements, the on-chip tracing method is the preferred approach for generating the trace data required for in-depth timing analysis on task, runnable and ISR level. On-chip tracing is a suitable tracing method for devices under test with form factors very close to the final volume production devices.
"},{"location":"fuzzing/#_2","title":"\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5","text":"\u7f51\u7edc\u534f\u8bae\u7684\u7279\u70b9\u662f\u4e00\u822c\u6709\u660e\u786e\u7684\u72b6\u6001\u4fe1\u606f\uff0c\u76f8\u540c\u7684input\u5728\u4e0d\u540c\u7684\u72b6\u6001\u53ef\u80fd\u5f97\u5230\u4e0d\u540c\u7684output\u3002\u9488\u5bf9\u7f51\u7edc\u534f\u8bae\u7684\u6a21\u7cca\u6d4b\u8bd5\u4e00\u822c\u5177\u6709stateful\u7684\u7279\u70b9\u3002\u8fd9\u7c7b\u6a21\u7cca\u6d4b\u8bd5\u6709\u51e0\u4e2a\u96be\u70b9\uff1a 1. \u751f\u6210\u683c\u5f0f\u6b63\u786e\u7684\u4fe1\u606f\uff0c\u6ee1\u8db3\u5bf9\u7279\u5b9a\u72b6\u6001\u7684fuzz 2. \u6269\u5c55\u5230\u4e0d\u540c\u7684\u534f\u8bae\u4e2d 3. \u6d4b\u8bd5\u6837\u4f8b\u6709\u6548\u6027\uff0c\u9700\u8981\u901a\u8fc7\u683c\u5f0f\u6821\u9a8c\u6bd4\u5982\u957f\u5ea6\u3001\u534f\u8bae\u8ba4\u8bc1\u3001\u6821\u9a8c\u548c\u7b49
"},{"location":"fuzzing/#aflnet","title":"AFLNET","text":"\u9996\u6b21\u63d0\u51fa\u9488\u5bf9\u6709\u72b6\u6001\u534f\u8bae\u7684\u7070\u76d2\u6a21\u7cca\u6d4b\u8bd5\u3002AFLNET\u4ece\u54cd\u5e94\u4fe1\u606f\u4e2d\u63d0\u53d6\u54cd\u5e94\u7801\u6765\u8868\u793a\u72b6\u6001\u4fe1\u606f\uff0c\u5e76\u7528\u54cd\u5e94\u7801\u5e8f\u5217\u6765\u63a8\u65ad\u534f\u8bae\u5b9e\u73b0\u7684\u72b6\u6001\u6a21\u578b\uff0c\u5e76\u8fdb\u4e00\u6b65\u4f7f\u7528\u8fd9\u4e00\u6a21\u578b\u6765\u6307\u5bfcfuzz\u3002
\u4e00\u4e9b\u4e0d\u8db3\uff1a 1. \u72b6\u6001\u8868\u793a\u80fd\u529b\uff1aAFLNET\u8981\u6c42\u54cd\u5e94\u4fe1\u606f\u4e2d\u5305\u542b\u72b6\u6001\u7801\uff0c\u8fd9\u5e76\u4e0d\u662f\u534f\u8bae\u5fc5\u987b\u5b9e\u73b0\u7684\u3002\u800c\u4e14\u72b6\u6001\u7801\u8868\u793a\u80fd\u529b\u6709\u9650\uff0c\u4e14\u53ef\u80fd\u4ea7\u751f\u5197\u4f59\u72b6\u6001\u3002 2. \u6d4b\u8bd5\u6548\u7387\uff1a\u6ca1\u6709\u660e\u786e\u7684\u4fe1\u53f7\u53cd\u6620\u5f85\u6d4b\u7a0b\u5e8f\u662f\u5426\u5904\u7406\u5b8c\u6d88\u606f\uff0c\u56e0\u6b64\u8bbe\u7f6e\u56fa\u5b9a\u7684\u8ba1\u65f6\u5668\u6765\u63a7\u5236\u6d88\u606f\u53d1\u9001\uff0c\u65f6\u95f4\u7a97\u53e3\u53ef\u80fd\u8fc7\u5c0f\u6216\u8fc7\u5927\u3002
"},{"location":"fuzzing/#stateafl","title":"STATEAFL","text":"\u4f7f\u7528\u7a0b\u5e8f\u5185\u5b58\u72b6\u6001\u6765\u8868\u793a\u670d\u52a1\u72b6\u6001\uff0c\u901a\u8fc7\u5bf9\u88ab\u6d4b\u7a0b\u5e8f\u63d2\u6869\u6765\u6536\u96c6\u72b6\u6001\u4fe1\u606f\u5e76\u63a8\u6d4b\u72b6\u6001\u6a21\u578b\u3002\u5728\u6bcf\u4e00\u8f6e\u7f51\u7edc\u4ea4\u4e92\u4e2d\uff0cSTATEAFL\u5c06\u7a0b\u5e8f\u53d8\u91cf\u503c\u8f6c\u50a8\u7ed9\u5206\u6790\u961f\u5217\uff0c\u5e76\u8fdb\u884cpost-execution\u7684\u5206\u6790\uff0c\u6765\u66f4\u65b0\u72b6\u6001\u6a21\u578b\u3002
\u4e00\u4e9b\u4e0d\u8db3\uff1a 1. \u9762\u5bf9\u548cAFLNET\u76f8\u540c\u7684\u6d4b\u8bd5\u6548\u7387\u95ee\u9898\uff0c\u800c\u4e14\u56e0\u4e3a\u540e\u6267\u884c\u5206\u6790\uff0c\u4ea7\u751f\u989d\u5916\u7684\u5f00\u9500\uff0c\u4f1a\u964d\u4f4e\u6d4b\u8bd5\u541e\u5410\u91cf\u3002
"},{"location":"fuzzing/#nsfuzz","title":"NSFuzz","text":"\u4f7f\u7528\u57fa\u4e8e\u53d8\u91cf\u7684\u72b6\u6001\u8868\u793a\u65b9\u6cd5\u63a8\u65ad\u72b6\u6001\u6a21\u578b\u6765\u6307\u5bfc\u6a21\u7cca\u6d4b\u8bd5\uff0c\u4f7f\u7528\u57fa\u4e8e\u7f51\u7edc\u4e8b\u4ef6\u5faa\u73af\u7684\u540c\u6b65\u673a\u5236\u6765\u63d0\u9ad8\u541e\u5410\u91cf\u3002
\u542f\u53d1\u5f0f\u7684\u53d8\u91cf\u5224\u65ad\u65b9\u6cd5\uff1a\u9759\u6001\u5206\u6790\u4e2d\u53ea\u5728\u4e8b\u4ef6\u5faa\u73af\u4ee3\u7801\u4e2d\u5206\u8fa8\u72b6\u6001\u53d8\u91cf\uff0c\u4e14\u5173\u6ce8\u88ab\u8bfb\u4e0e\u5199\u3001\u88ab\u8d4b\u4e88\u679a\u4e3e\u7c7b\u578b\u7684\u6570\u636e\u6216\u662f\u6570\u636e\u7ed3\u6784\u4f53\u91cc\u7684\u6574\u578b\u6210\u5458\u3002
\u8868\u793a\u72b6\u6001\u7684\u65b9\u6cd5\uff1a\u4f7f\u7528\u4e24\u6761\u8bed\u53e5\u7ef4\u62a4shared_state\u6570\u7ec4\uff0c\u5f53\u72b6\u6001\u53d8\u91cf\u503c\u88ab\u66f4\u65b0\u65f6\u540c\u6b65\u66f4\u65b0shared_state\uff1b\u5f53fuzzer\u5728\u901a\u4fe1\u7ba1\u9053\u6536\u5230\u6d88\u606f\u5904\u7406\u7ed3\u679c\u65f6\uff0c\u5bf9\u8fd9\u4e2a\u6570\u7ec4\u8fdb\u884chash\uff0c\u4f5c\u4e3a\u5f53\u524d\u7a0b\u5e8f\u6240\u5904\u7684state\u3002
shared_state[hash(var_id) ^ cur_store_val] = 1;\nshared_state[hash(var_id) ^ pre_store_val] = 0;\n\u63d0\u51fa\u591a\u9636\u6bb5\u4fe1\u606f\u751f\u6210\u65b9\u6cd5\u6765\u5bf9IoT\u56fa\u4ef6\u4e2d\u7684\u6709\u72b6\u6001\u7f51\u7edc\u534f\u8bae\u8fdb\u884cfuzz\u3002\u5206\u4e3a\u5bf9\u5df2\u77e5\u72b6\u6001\u7684\u6a21\u7cca\u6d4b\u8bd5\u4e0e\u672a\u77e5\u72b6\u6001\u7684\u63a2\u7d22\u3002\u57fa\u4e8e\u6574\u6570\u53d8\u5f02\u7684\u65b9\u6cd5\u6539\u53d8\u5305\u7c7b\u578b\uff0c\u5e76\u5bf9\u5305\u683c\u5f0f\uff08\u6bd4\u5982\u957f\u5ea6\u3001\u6821\u9a8c\u548c\uff09\u505a\u68c0\u67e5\u7b49\u3002
"},{"location":"fuzzing/#_3","title":"\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5","text":"\u63a7\u5236\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5\u4fa7\u91cd\u7a0b\u5e8f\u64cd\u4f5c\u7684\u6267\u884c\u987a\u5e8f\uff08\u6bd4\u5982\u5206\u652f\u4e0e\u5faa\u73af\uff09\uff0c\u6570\u636e\u6d41\u6307\u5bfc\u7684\u6a21\u7cca\u6d4b\u8bd5\u4fa7\u91cd\u53d8\u91cf\u5982\u4f55\u5b9a\u4e49\u4e0e\u4f7f\u7528\u3002\u53d8\u91cf\u7684\u5b9a\u4e49\u4e0e\u4f7f\u7528\u4f4d\u7f6e\u53ef\u4ee5\u4e0d\u5b58\u5728\u63a7\u5236\u4e0a\u7684\u4f9d\u8d56\u5173\u7cfb\u3002\u5728\u6a21\u7cca\u6d4b\u8bd5\u4e2d\uff0c\u6570\u636e\u6d41\u4e3b\u8981\u4f7f\u7528\u52a8\u6001\u6c61\u70b9\u5206\u6790\uff08DTA\uff09\u6280\u672f\uff0c\u5373\u5c06\u76ee\u6807\u7a0b\u5e8f\u7684\u8f93\u5165\u6570\u636e\u5728\u5b9a\u4e49\u5904\u89c6\u4e3a\u6c61\u70b9\uff0c\u5e76\u5728\u8fd0\u884c\u65f6\u8ffd\u8e2a\u5b83\u662f\u5982\u4f55\u88ab\u8bbf\u95ee\u4e0e\u4f7f\u7528\u7684\u3002
\u5728\u5b9e\u8df5\u4e2d\uff0c\u96be\u4ee5\u505a\u5230\u51c6\u786e\u7684DTA\uff0c\u5f00\u9500\u4f1a\u5f88\u5927\u3002\u5e76\u4e14\u90e8\u5206\u771f\u5b9e\u7a0b\u5e8f\u65e0\u6cd5\u5728\u5e94\u7528DTA\u6280\u672f\u7684\u60c5\u51b5\u4e0b\u6210\u529f\u7f16\u8bd1\u3002\u56e0\u6b64\u5927\u90e8\u5206\u7070\u76d2\u6a21\u7cca\u6d4b\u8bd5\u4e0d\u4f7f\u7528DTA\uff0c\u4ee5\u671f\u83b7\u5f97\u66f4\u9ad8\u7684\u541e\u5410\u91cf\u3002
\u6709\u4e00\u4e9b\u8f7b\u91cf\u7ea7\u7684DTA\u4ee3\u66ff\u65b9\u6848\uff08\u6bd4\u5982REDQUEUE\u3001GREYONE\uff09\uff0c\u800c\u57fa\u4e8e\u63a7\u5236\u6d41\u4e0e\u6570\u636e\u6d41\u7684\u6a21\u7cca\u6d4b\u8bd5\u5668\u7684\u8986\u76d6\u7387\u6307\u6807\u8fd8\u6ca1\u6709\u88ab\u5b8c\u5168\u63a2\u7d22\u3002
"},{"location":"fuzzing/#dataflow","title":"DATAFLOW","text":"\u6e90\u7801
\u5728\u7a0b\u5e8f\u6267\u884c\u65f6\u5e76\u884c\u4f7f\u7528\u6570\u636e\u6d41\u5206\u6790\u6765\u6307\u5bfc\u6a21\u7cca\u6d4b\u8bd5\uff0c\u4f7f\u7528\u4e0d\u7cbe\u786e\u7684\u63a8\u65ad\u6765\u964d\u4f4e\u5f00\u9500\u5e76\u63d0\u9ad8\u541e\u5410\u91cf\u3002\u5bf9\u6570\u636e\u6d41\u6709\u6548\u6027\u8fdb\u884c\u4e86\u7b80\u5355\u7684\u8bc4\u4f30\uff0c\u8ba4\u4e3a\u5bf9\u5927\u90e8\u5206\u6d4b\u8bd5\u76ee\u6807\u800c\u8a00\uff0c\u6570\u636e\u6d41\u5e76\u4e0d\u6bd4\u63a7\u5236\u6d41\u4f18\u8d8a\uff0c\u4f46\u662f\u5728\u90e8\u5206\u7279\u5b9a\u573a\u666f\uff08\u6bd4\u5982\u63a7\u5236\u6d41\u548c\u8bed\u4e49\u89e3\u8026\uff0c\u5982parser\uff09\u4e0b\uff0c\u6570\u636e\u6d41\u53ef\u80fd\u4f1a\u6709\u7528\u3002
[^1]: FUZZING WITH PERFORMANCE MONITORING AND TRACING HARDWARE [^2]: Intrusive v.s. non-intrusive tracing
"},{"location":"git/","title":"Git\u5b66\u4e60\u7b14\u8bb0","text":""},{"location":"git/#github","title":"\u5c06\u672c\u5730\u5df2\u6709\u4ed3\u5e93\u63a8\u9001\u81f3Github\u7684\u65b0\u5efa\u4ed3\u5e93\u4e2d","text":"\u9ed8\u8ba4\u4ee5\u4e0b\u6761\u4ef6\u5747\u6210\u7acb\uff1a
git init +git add . +git commit -m \"comments\")\u672c\u5730\u4ed3\u5e93\u4e3aclean\u72b6\u6001\uff08\u4f7f\u7528git status\u67e5\u770b\uff09
\u8fdb\u5165\u672c\u5730git\u4ed3\u5e93\uff0c\u4f7f\u7528git remote add origin git@github.com:xxx(\u4ed3\u5e93\u7f51\u7ad9\u6bd4\u5982github\u63d0\u4f9b\u7684ssh\u5730\u5740)
git push -u origin master\u5411\u8fdc\u7a0b\u4ed3\u5e93\u63d0\u4ea4\u4ee3\u7801\uff08\u540e\u6765\u542c\u8bf4github\u9ed8\u8ba4\u540d\u6539\u6210main\u4e86\uff1f\uff09\u5f3a\u5236\u63a8\u9001\u53ef\u4ee5\u518d\u52a0\u4e2a--force\u53c2\u6570
\u521d\u6b21\u5411github\u63d0\u4ea4\u4ee3\u7801\u524d\uff0c\u5728\u672c\u5730\u5de5\u4f5c\u76ee\u5f55\u4e0b\u521b\u5efa.gitignore\u6587\u4ef6\uff0c\u91cc\u9762\u76f4\u63a5\u5199\u4e0a\u4e0d\u60f3\u8ffd\u8e2a\u7684\u6587\u4ef6\u540d\u548c\u6587\u4ef6\u5939\u540d\u5373\u53ef\u3002\uff08\u6587\u4ef6\u540d\u4e0d\u9700\u8981\u8865\u5168\u8def\u5f84\uff09
"},{"location":"git/#add","title":"\u64a4\u56deadd","text":"\u4f7f\u7528git add .\u53ef\u4ee5\u76f4\u63a5\u628a\u5f53\u524d\u76ee\u5f55\u90fdadd\u8fdb\u6682\u5b58\u533a\uff0c\u5bf9\u4e8e\u4e0d\u614e\u6dfb\u52a0\u7684\u5185\u5bb9\u53ef\u4ee5\u4f7f\u7528git rm --cached <file>\u6765\u64a4\u56deadd\u3002\u53ef\u4ee5\u4f7f\u7528git rm -r --cached .\u6765\u64a4\u56degit add . \u3002\uff08\u4f7f\u7528git status\u53ef\u4ee5\u67e5\u770b\u6682\u5b58\u533a\uff0c\u91cc\u9762\u4e5f\u6709\u63d0\u793a\u600e\u4e48\u64a4\u56de\uff09
git config --global user.name \"<yourname>\"\u8bbe\u7f6e\u7528\u6237\u540dgit config --global user.email \"<email>\"\u8bbe\u7f6e\u90ae\u7bb1ssh-keygen -t rsa -C \"<comments>\"\u751f\u6210\u5bc6\u94a5\u5bf9\uff0c\u7136\u540e\u4e00\u8def\u56de\u8f66\u76f4\u5230\u751f\u6210\u7ed3\u675f\uff08\u4e5f\u53ef\u4ee5\u63d0\u793a\u6dfb\u52a0passwd phrase\uff0c\u8fd9\u6837\u7684\u8bdd\u5982\u679c\u4f7f\u7528ssh-add\u6dfb\u52a0\u65f6\u4f1a\u8981\u6c42\u8f93\u5165\u8fd9\u4e2a\u5bc6\u7801\u9632\u6b62\u88ab\u522b\u4eba\u6ee5\u7528\u3002\u6ce8\u610f\u76f8\u540c\u7684passwd phrase\u4e0d\u4f1a\u751f\u6210\u76f8\u540c\u7684\u5bc6\u94a5\u5bf9\uff09ed25519\u4f3c\u4e4e\u6bd4\u9ed8\u8ba4\u7684rsa\u66f4\u5b89\u5168\u3001\u8ba1\u7b97\u66f4\u5feb\u3001\u5bc6\u94a5\u66f4\u77ed\uff0c\u53ef\u4ee5\u4f7f\u7528
\u6709\u65f6\u9700\u8981\u6307\u5b9a\u5bc6\u94a5\uff0c\u6bd4\u5982\u4e0d\u4f7f\u7528\u9ed8\u8ba4\u7684\u5bc6\u94a5\u6587\u4ef6\u540d\u3002\u6b64\u65f6\u53ef\u4ee5\u5148eval $(ssh-agent -s)\u542f\u7528agent\uff0c\u7136\u540essh-add <private keyfile> \u6765\u6dfb\u52a0\u5bc6\u94a5\u3002ssh-add -l\u53ef\u4ee5\u67e5\u770b\u6dfb\u52a0\u7684\u5bc6\u94a5\u3002
\u6216\u8005\u53ef\u4ee5\u628a\u5bc6\u94a5\u5728~/.ssh/config\u6587\u4ef6\u91cc\u6307\u5b9a\u4e00\u4e0b\uff0c\u5c31\u53ef\u4ee5\u7701\u53bbssh-agent\u7684\u64cd\u4f5c\uff0c\u6bd4\u5982
Host github.com\n HostName github.com\n IdentityFile ~/.ssh/id_ed25519_user_github\n\u6709\u7684\u65f6\u5019git\u8fdb\u884cpush\u5230\u79c1\u4ed3\u65f6\u4f1a\u51fa\u73b0\u5361\u673a\u7684\u95ee\u9898\uff0c\u4e0d\u786e\u5b9a\u662f\u4ec0\u4e48\u539f\u56e0\uff0c\u5982\u679cremote repo\u4f7f\u7528\u7684\u662fgit@xxx\u7684url\u7684\u8bdd\uff0c\u53ef\u4ee5\u8bd5\u8bd5\u6539\u6210https\u7684\u94fe\u63a5\uff1b\u8fd8\u4e0d\u884c\u7684\u8bdd\u53ef\u4ee5\u8bd5\u8bd5git config\u7684proxy\uff0c\u8bbe\u7f6e\u6216\u6e05\u7a7a\u3002
"},{"location":"git/#_1","title":"\u653e\u5f03\u5bf9\u6587\u4ef6\u7684\u8ddf\u8e2a","text":"\u4e0e\u4ed6\u4eba\u5408\u4f5c\u9879\u76ee\u65f6\uff0c\u6709\u65f6\u9700\u8981\u505a\u4e00\u4e9b\u672c\u5730\u9002\u914d\uff0c\u4f46\u662f\u4e0d\u60f3\u59a8\u788d\u5176\u4ed6\u4eba\uff0c\u53ef\u4ee5\u6dfb\u52a0\u5230.gitignore\u3002\u4f46\u5bf9\u4e8e\u5df2\u7ecf\u5904\u4e8e\u8ddf\u8e2a\u72b6\u6001\u7684\u6587\u4ef6\u6765\u8bf4\u540e\u6dfb\u8fdb.gitignore\u662f\u65e0\u6548\u7684\u3002\u56e0\u6b64\u53ef\u4ee5\u5148\u5c06\u6587\u4ef6\u79fb\u51fa\u8ddf\u8e2a\u6001\uff0c\u7136\u540e\u518d\u52a0\u8fdb.gitignore\u91cc\u3002\u5982\u4e0b\uff1agit rm -r --cached <file/dir>\u5176\u4e2d-r\u8868\u793a\u9012\u5f52\u3002\u4e5f\u53ef\u4ee5\u52a0-n\u8868\u793a\u4f2a\u653e\u5f03\u8ddf\u8e2a\uff08\u7528\u4e8e\u9884\u89c8\u4f1a\u653e\u5f03\u5bf9\u54ea\u4e9b\u6587\u4ef6\u7684\u8ffd\u8e2a\uff09
\u6709\u7684\u65f6\u5019\u4ece\u5b98\u65b9\u4ed3\u5e93git clone\u4e0b\u4ee3\u7801\uff0c\u672c\u5730\u62f7\u8d1d\u4e00\u4efd\u3001\u5404\u79cd\u9b54\u6539\u5e76\u4e0a\u4f20\u5230\u81ea\u5df1\u7684\u79c1\u4ed3\u3002\u53c8\u7531\u4e8ewindows\u3001linux\u73af\u5883\u4e0d\u540c\uff0c\u60f3\u628a\u539f\u6765\u7684\u4ee3\u7801\u66f4\u65b0\u6210\u81ea\u5df1\u7684\u79c1\u4ed3\uff0c\u6240\u4ee5\u9700\u8981\u6362\u4e00\u4e0b\u8fdc\u7a0b\u4ed3\u5e93\u3002
git remote rm <remote repo name>git remote add <remote repo name> <repo url>\u597d\u50cf\u4e5f\u53ef\u4ee5\u76f4\u63a5\u66f4\u6362\u8fdc\u7a0b\u4ed3\u5e93\uff1agit remote set-url <remote repro name> <repo url>
\u8fd9\u91cc\u7684<remote repo name>\u662f\u81ea\u5df1\u53d6\u7684\u4ed3\u5e93\u540d\uff0c\u4e4b\u540e\u7684\u64cd\u4f5c\u53ef\u4ee5\u7528\u5b83\u6765\u6307\u5b9a\u5bf9\u8c61\u3002\u53ef\u4ee5\u968f\u4fbf\u53d6\uff0c\u6bd4\u5982\u5e38\u89c1\u7684origin\u3002
\u6709\u7684\u65f6\u5019\u4e00\u4e2a\u4ee3\u7801\u4ed3\u5e93\u62ff\u5176\u4ed6\u4ed3\u5e93\u6765\u5f53\u505a\u5b50\u6a21\u5757\uff0c\u5728github\u4e0a\u8fd9\u4e9b\u6a21\u5757\u662f\u56fe\u4e2d\u7684\u8868\u793a\u5f62\u5f0f\u3002git\u4ed3\u5e93\u91cc\u4e5f\u4f1a\u6709.gitmodules\u6587\u4ef6\u6765\u8bf4\u660e\u8fd9\u4e9b\u5b50\u6a21\u5757\u3002\u5f53clone\u4e3b\u4ed3\u5e93\u65f6\uff0c\u8fd9\u4e9b\u5b50\u6a21\u5757\u4e0d\u4f1a\u8ddf\u7740\u4e0b\u8f7d\u4e0b\u6765\u3002
\u521d\u6b21\u90e8\u7f72\u65f6\uff0c\u5728\u4e3b\u4ed3\u5e93\u76ee\u5f55\u4e0b\u91cc\u4f7f\u7528git submodule update --init --recursive\u6765\u4ece.gitmodules\u5b57clone\u5b50\u6a21\u5757\u3002
\u5982\u679c\u5b50\u6a21\u5757\u88ab\u522b\u7684\u5f00\u53d1\u8005\u66f4\u65b0\u4e86\uff0c\u53ef\u4ee5\u8fdb\u5230\u5b50\u6a21\u5757\u4e2d\u7136\u540egit pull\u3002
\u5982\u679c\u5e0c\u671b\u6dfb\u52a0\u67d0\u4e2a\u4ed3\u5e93\u4f5c\u4e3a\u5b50\u6a21\u5757\uff0c\u4f7f\u7528git submodule add <repo url>\u6765\u4e0b\u8f7d\u5b50\u6a21\u5757\u5e76\u66f4\u65b0.gitmodules\u6587\u4ef6
\u5982\u679c\u81ea\u5df1\u7684\u9879\u76ee\u7528\u5230\u522b\u7684\u9879\u76ee\uff0c\u9700\u8981\u5bf9\u5176\u4e2d\u4e00\u4e9b\u4ee3\u7801\u8fdb\u884c\u4fee\u6539\uff0c\u800c\u4e0d\u9700\u8981\u628a\u5728\u4e0a\u4f20github\u65f6\u628a\u6574\u4e2a\u9879\u76ee\u5168\u90e8\u653e\u5230\u81ea\u5df1\u7684\u9879\u76ee\u4e0b\uff0c\u53ef\u4ee5\u5148\u7528submodule\u6dfb\u52a0\u5b50\u6a21\u5757\uff0c\u7136\u540e\u76f4\u63a5\u4fee\u6539\u4ee3\u7801\uff0c\u5e76\u5728\u5176\u9879\u76ee\u4e0b\u7528git diff <commit id> > <file.patch>\u751f\u6210\u4e00\u4e2adiff\u6587\u4ef6\u3002\u628adiff\u6587\u4ef6\u653e\u5230\u81ea\u5df1\u7684\u9879\u76ee\u91cc\uff0c\u518d\u4e0a\u4f20\u5230github\u4e0a\u3002\u5176\u4e2dcommit id\u662f\u7b2c\u4e09\u65b9\u9879\u76ee\u7684commit\uff0c\u4e5f\u5c31\u662f\u8fd9\u4e2asubmodule\u4e0b\u8f7d\u65f6\u7684commit id\uff0c\u53ef\u4ee5\u901a\u8fc7git log\u627e\u5230\u3002
\u5982\u679c\u76f4\u63a5\u7528git diff > <file.patch>\uff0c\u4f1a\u8f93\u51fa\u672a\u52a0\u5165\u6682\u5b58\u7684\u4fee\u6539\u548c\u6700\u8fd1\u4e00\u6b21\u6682\u5b58/commit\u7684diff\u6587\u4ef6\u3002
\u5176\u4ed6\u4eba\u4f7f\u7528\u65f6\uff0c\u5c31\u5148\u628a\u7b2c\u4e09\u65b9\u9879\u76ee\u83b7\u53d6\u4e0b\u6765\uff0c\u7136\u540egit apply <file.patch>\u5373\u53ef\u3002\u64a4\u56de\u8865\u4e01\u4f7f\u7528git apply -R <file.patch>
\u6700\u8fd1\u5728\u8dd1fuzzer\uff0c\u5408\u4f5c\u65f6\u6709\u65f6\u9700\u8981\u5207\u6362\u4e0d\u540c\u7684\u6d4b\u8bd5\u76ee\u6807\uff0c\u6bcf\u4e2a\u6d4b\u8bd5\u76ee\u6807\u90fd\u6709\u81ea\u5df1\u7684\u4e00\u5927\u5806\u914d\u5957\u8bbe\u7f6e\u3002\u5927\u5bb6\u90fd\u5728\u4e3b\u5206\u652f\u5220\u6539\u592a\u9ebb\u70e6\u800c\u4e14\u5f88\u4e71\uff0c\u6240\u4ee5\u9700\u8981\u9488\u5bf9\u6bcf\u4e2a\u6d4b\u8bd5\u76ee\u6807\u8bbe\u7f6e\u4e0d\u540c\u7684branch\u3002
\u53ef\u4ee5\u4f7f\u7528git branch -a\u67e5\u770b\u6240\u6709\u5206\u652f\u3002\u5176\u4e2d\u524d\u9762\u5e26*\u7684\u662f\u5f53\u524dbranch\u3002
\u65b0\u5efa\u5206\u652f\u65f6\u4f7f\u7528 git checkout -b <branch name> \u76f8\u5f53\u4e8e\u5148git branch <branch name> \u521b\u5efa\u4e86\u4e00\u4e2a\u65b0\u7684\u5206\u652f\uff0c\u7136\u540egit checkout <branch name>\u5207\u6362\u5230\u90a3\u4e2a\u5206\u652f\u3002
\u5728\u65b0\u7684\u5206\u652fcommit\u540e\uff0c\u4f7f\u7528git push -u <remote repo name> <local branch name>:<remote branch name>\u53ef\u4ee5\u5c06\u81ea\u5df1\u7684\u8fd9\u4e2a\u5206\u652f\u63a8\u9001\u5230\u8fdc\u7a0b\u4ed3\u5e93\u3002\u5176\u4e2d\uff1a
-u\u8868\u793a\u8bb0\u4f4f\u5f53\u524d\u8bbe\u5b9a\uff0c\u4e4b\u540e\u5728\u8fd9\u4e00\u5206\u652f\u4e0apush\u65f6\uff0c\u7b80\u5355\u4f7f\u7528git push\u5c31\u4f1a\u63a8\u9001\uff0c\u4e0d\u9700\u8981\u518d\u6572\u8fd9\u4e48\u957f\u4e86\u3002git remote add origin \u8bbe\u5b9a\u7684\u8fdc\u7a0b\u4e3b\u673a\u540d\u79f0\uff0c\u9700\u8981\u548c\u5b9e\u9645\u8bbe\u5b9a\u4e00\u6837\u3002\u56e0\u4e3a\u5927\u5bb6\u4f7f\u7528origin\u662f\u5728\u592a\u666e\u904d\u4e86\uff0c\u6240\u4ee5\u8fd9\u91cc\u6ca1\u6709\u7528<remote host name>\u6765\u8868\u793a\uff0c\u610f\u4f1a\u5373\u53ef\u3002\u5982\u679c\u9700\u8981\u5220\u9664\u8fdc\u7a0b\u5206\u652f\uff0c\u53ef\u4ee5\u7b80\u5355\u5730\u63a8\u9001\u7a7a\u5206\u652f\uff1agit push origin :<remote branch name>\u3002\u8fd9\u91cc\u672c\u5730\u5206\u652f\u540d\u7559\u7a7a\u4e86\u3002\u4e5f\u53ef\u4ee5\u4f7f\u7528\u4e13\u95e8\u7684\u5220\u9664\u65b9\u5f0f\uff1agit push origin --delete <remote branch name>
\u5982\u679c\u9700\u8981\u5220\u9664\u672c\u5730\u5206\u652f\uff0c\u4f7f\u7528git branch -d <local branch name>
\u5408\u5e76\u5206\u652f\u65f6\uff0c\u5148\u5207\u6362\u5230\u9700\u8981\u63a5\u6536\u6539\u52a8\u7684\u5206\u652f\u4e0a\uff0c\u7136\u540egit merge <new branch name>\uff0c\u5373\u53ef\u5c06new branch\u7684\u6539\u52a8\u66f4\u65b0\u5230\u5f53\u524d\u5206\u652f\u4e0a\u3002new branch\u7684\u5185\u5bb9\u662f\u4e0d\u53d8\u7684\u3002
\u62c9\u53d6\u8fdc\u7a0b\u5206\u652f\u5230\u672c\u5730\uff0c\u800c\u4e0d\u5f71\u54cd\u672c\u5730\u5206\u652f\uff1agit fetch <remote repo name> <remote branch name>:<local branch name>\u4f1a\u5c06\u8fdc\u7a0b\u4ed3\u5e93\u7684\u5206\u652f\u4fdd\u5b58\u5728\u672c\u5730\u5bf9\u5e94\u5206\u652f\u4e0b\u3002
\u53ef\u4ee5\u7528git fetch --all\u62c9\u53d6\u6240\u6709\u8fdc\u7a0b\u5206\u652f\uff0c\u5982\u679c\u6ca1\u6709\u6548\u679c\uff0c\u6ce8\u610f\u68c0\u67e5remote.origin.fetch\u7684\u8bbe\u7f6e\uff1agit config --get remote.origin.fetch\uff0c\u5982\u679c\u662f+refs/heads/master:refs/remotes/origin/master\uff0c\u5219\u8868\u793a\u53ea\u62c9master\u5206\u652f\u3002\u53ef\u4ee5\u4fee\u6539\u6210\u62c9\u53d6\u6240\u6709\u5206\u652f\uff1agit config remote.origin.fetch \"+refs/heads/*:refs/remotes/origin/*\"\u3002
\u67d0\u79cd\u4e1c\u897f\u771f\u7684\u795e\u70e6\uff0c\u79d1\u7814\u9700\u8981\u4e0b\u8f7d\u7684\u4ed3\u5e93\u4ee3\u7801\u7ecf\u5e38\u83ab\u540d\u5176\u5999\u4e0b\u8f7d\u4e0d\u4e86\uff0c\u5199\u7684\u4ee3\u7801\u4e0a\u4f20\u8865\u4e0a\u53bb\uff0cbuild\u4e2adocker\u6162\u7684\u8981\u6b7b\uff0c\u7b2c\u4e09\u65b9\u5305\u62c9\u53d6\u4e0d\u5230\u2026\u2026\u6d6a\u8d39\u5f88\u591a\u65f6\u95f4\u5728\u56e0\u4e3a\u7f51\u7edc\u8fde\u63a5\u4e0d\u4e86\u5bfc\u81f4\u7684\u5404\u79cdbug\u4e0a\uff0c\u6709\u6548\u79d1\u7814\u65f6\u95f4\u767d\u767d\u88ab\u6d88\u8017\uff0c\u771f\u7684\u5f88xx\u3002
"},{"location":"git/#git-clonegnutls_handshake-failed-the-tls-connection-was-non-properly-terminated","title":"Git clone\u62a5\u9519gnutls_handshake() failed: The TLS connection was non-properly terminated.","text":"\u4e00\u79cd\u505a\u6cd5\u662f\u8bbe\u7f6e\u6216\u8005\u53d6\u6d88\u8bbe\u7f6ehttp.proxy\u548chttps.proxy
\u53e6\u4e00\u79cd\u505a\u6cd5\u662f\u76f4\u63a5\u53d6\u6d88SSL\u6821\u9a8c\uff0c\u867d\u7136\u7c97\u66b4\u4e86\u70b9\uff1agit config http.sslVerify false
go env -w GO111MODULE=on\ngo env -w GOPROXY=https://goproxy.cn\n\u5de5\u7a0b\u4fdd\u5b58\u5728xxx/go/src/xxx\u4e0b\uff0c\u5e76\u5c06GOPATH=xxx/go\u52a0\u5230\u73af\u5883\u53d8\u91cf\u4e2d
"},{"location":"go/#_2","title":"\u5feb\u901f\u5165\u95e8","text":"package main\nimport (\n\"fmt\"\n)\n\nfunc main() {\n//\u5faa\u73af\u8f93\u51fa\nfor i:=0; i<10; i++{\nfmt.Println(i)\n}\n}\n\u5728https://www.oracle.com/java/technologies/downloads/\u4e0b\u8f7d\u5bf9\u5e94\u7cfb\u7edf\u7684\u5305\u3002Linux\u9009\u62e9Compressed Archive\uff0c\u89e3\u538b\u7f29\u4ee5\u540e\u914d\u7f6e\u4e0bpath\uff1bWindows\u53ef\u4ee5\u7528MSI Installer\u3002\u5bf9\u5e94\u7684\u6e90\u7801\u5728lib/src.zip\u4e2d\u3002
"},{"location":"java/#java_2","title":"Java\u6e90\u7801\u67b6\u6784\u7406\u89e3","text":"\u6838\u5fc3\u4ee3\u7801\u3001\u4e3b\u8981\u529f\u80fd\u5728java.base/java\u76ee\u5f55\u4e0b\uff0c\u5176\u4e2d\u5305\u542b\u4e86io\u3001lang\u3001util\u7b49\u591a\u4e2a\u5173\u952e\u6a21\u5757\u3002
"},{"location":"java/#java_3","title":"Java\u91cc\u6709\u54ea\u4e9b\u6570\u636e\u7ed3\u6784\u7c7b\u578b\uff1f\u5982\u4f55\u5b9e\u73b0\u7684\uff1f","text":"Java\u4e2d\u5e38\u89c1\u7684\u6570\u636e\u7c7b\u578b\u6bd4\u5982Set\u3001Array\u3001
"},{"location":"latex/","title":"latex\u57fa\u7840","text":""},{"location":"latex/#_1","title":"\u63a8\u8350\u5de5\u5177","text":"\u4f7f\u7528Table Generator\u7ed8\u5236\u8868\u683c
"},{"location":"latex/#latex_1","title":"\u82f1\u6587latex","text":"\\documentclass[conference,11pt]{IEEEtran}\n\\IEEEoverridecommandlockouts\n% The preceding line is only needed to identify funding in the first footnote. If that is unneeded, please comment it out.\n\\usepackage{cite}\n\\usepackage{amsmath,amssymb,amsfonts}\n\\usepackage{algorithmic}\n\\usepackage{graphicx}\n\\usepackage{textcomp}\n\\usepackage{xcolor}\n\\usepackage{caption}\n\\usepackage{url}\n\\def\\UrlBreaks{\\do\\A\\do\\B\\do\\C\\do\\D\\do\\E\\do\\F\\do\\G\\do\\H\\do\\I\\do\\J\n\\do\\K\\do\\L\\do\\M\\do\\N\\do\\O\\do\\P\\do\\Q\\do\\R\\do\\S\\do\\T\\do\\U\\do\\V\n\\do\\W\\do\\X\\do\\Y\\do\\Z\\do\\[\\do\\\\\\do\\]\\do\\^\\do\\_\\do\\`\\do\\a\\do\\b\n\\do\\c\\do\\d\\do\\e\\do\\f\\do\\g\\do\\h\\do\\i\\do\\j\\do\\k\\do\\l\\do\\m\\do\\n\n\\do\\o\\do\\p\\do\\q\\do\\r\\do\\s\\do\\t\\do\\u\\do\\v\\do\\w\\do\\x\\do\\y\\do\\z\n\\do\\.\\do\\@\\do\\\\\\do\\/\\do\\!\\do\\_\\do\\|\\do\\;\\do\\>\\do\\]\\do\\)\\do\\,\n\\do\\?\\do\\'\\do+\\do\\=\\do\\#}\n\\def\\BibTeX{{\\rm B\\kern-.05em{\\sc i\\kern-.025em b}\\kern-.08em\n T\\kern-.1667em\\lower.7ex\\hbox{E}\\kern-.125emX}}\n\\usepackage{lscape, latexsym, amssymb, algorithmic, multirow}\n\\usepackage[linesnumbered, vlined, ruled]{algorithm2e}\n\\usepackage{mathtools, bbm, color}\n\\usepackage{booktabs}\n\\usepackage{amsthm,mathrsfs,amsfonts,dsfont}\n\\usepackage{listings}\n\\definecolor{codegreen}{rgb}{0,0.6,0}\n\\definecolor{codegray}{rgb}{0.5,0.5,0.5}\n\\definecolor{codepurple}{rgb}{0.58,0,0.82}\n\\definecolor{backcolour}{rgb}{0.95,0.95,0.95}\n\\lstdefinestyle{mystyle}{\n % backgroundcolor=\\color{backcolour}, \n commentstyle=\\color{codegreen},\n keywordstyle=\\color{magenta},\n numberstyle=\\tiny\\color{codegray},\n stringstyle=\\color{codepurple},\n % basicstyle=\\footnotesize\\ttfamily,\n basicstyle=\\footnotesize\\scriptsize,\n breakatwhitespace=false, \n breaklines=true, \n captionpos=b, \n keepspaces=true,\n numbers=left, %% \u884c\u53f7 \n % numbersep=2pt, \n showspaces=false, \n showstringspaces=false,\n showtabs=false, \n tabsize=1,\n xleftmargin=\\parindent,\n}\n\\lstset{style=mystyle}\n\\begin{document}\n\n\\title{xxxx}\n\n\\author{xxxx}\n\n\\maketitle\n\n\\begin{abstract}\n\\end{abstract}\n\n\n\\begin{IEEEkeywords}\nxxx,xxx\n\\end{IEEEkeywords}\n\n\\bibliographystyle{IEEEtran}\n{\n\\begingroup\n\\bibliography{ref}\n\\endgroup\n}\n\n\\end{document}\n\\documentclass[12pt]{article}\n\n\\usepackage{cite} % \u5f15\u7528\u53c2\u8003\u6587\u732e\n\\usepackage{ctex} % \u4e2d\u6587\u652f\u6301\n\\usepackage{times}% \u82f1\u6587\u4f7f\u7528Times New Roman\n\\usepackage{url,hyperref} % \u8d85\u94fe\u63a5\n\\usepackage{xspace} % \u65e0\u6807\u70b9\u81ea\u52a8\u7a7a\u683c\n\\usepackage{graphicx} % \u63d2\u5165\u56fe\u7247\u7528\n\\usepackage{geometry} % \u8bbe\u7f6e\u9875\u8fb9\u8ddd\n\\usepackage{listings} % \u63d2\u5165\u4ee3\u7801\u5757\n\\usepackage{color} % \u5b9a\u4e49\u989c\u8272\uff0c\u7528\u4e8e\u63a7\u5236\u4ee3\u7801\u9ad8\u4eae\n\\usepackage{subcaption} % \u753b\u5b50\u56fe\n\\usepackage{tikz} % \u540e\u7eed\u753b\u5706\u5708\n\\usepackage{multirow} % \u8868\u683c\u591a\u884c\u6587\u672c\n% \\usepackage{tabu}\n\\usepackage{longtable}\n\\usepackage{float}\n\\usepackage{tabu}\n\\usepackage{booktabs} % \u753b\u8868\u683c\n\n\\usepackage[linesnumbered, vlined, ruled]{algorithm2e} % \u7b97\u6cd5\u5217\u8868\n\n% \u4f7f\u7528 ctex \u5b8f\u5305\u8bbe\u7f6e\u4e2d\u6587\u56fe\u9898\n\\renewcommand{\\figurename}{\u56fe}\n\\renewcommand{\\tablename}{\u8868}\n\n% \u8bbe\u7f6e\u9875\u8fb9\u8ddd\n\\geometry{a4paper,left=2cm,right=2cm,top=2cm,bottom=3cm} \n\n\n% \u8bbe\u7f6e\u5b57\u4f53\n\\newcommand{\\song}{\\CJKfamily{song}} % \u5b8b\u4f53\n\\newcommand{\\fs}{\\CJKfamily{fs}} % \u4eff\u5b8b\u4f53\n\\newcommand{\\kai}{\\CJKfamily{kai}} % \u6977\u4f53\n\\newcommand{\\hei}{\\CJKfamily{hei}} % \u9ed1\u4f53\n\\newcommand{\\li}{\\CJKfamily{li}} % \u96b6\u4e66\n\n% \u8bbe\u7f6e\u5b57\u53f7\n\\newcommand{\\yihao}{\\fontsize{26pt}{36pt}\\selectfont} % \u4e00\u53f7, 1.4 \u500d\u884c\u8ddd\n\\newcommand{\\erhao}{\\fontsize{22pt}{28pt}\\selectfont} % \u4e8c\u53f7, 1.25\u500d\u884c\u8ddd\n\\newcommand{\\xiaoer}{\\fontsize{18pt}{18pt}\\selectfont} % \u5c0f\u4e8c, \u5355\u500d\u884c\u8ddd\n\\newcommand{\\sanhao}{\\fontsize{16pt}{24pt}\\selectfont} % \u4e09\u53f7, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\xiaosan}{\\fontsize{15pt}{22pt}\\selectfont} % \u5c0f\u4e09, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\sihao}{\\fontsize{14pt}{21pt}\\selectfont} % \u56db\u53f7, 1.5 \u500d\u884c\u8ddd\n\\newcommand{\\banxiaosi}{\\fontsize{13pt}{19.5pt}\\selectfont} % \u534a\u5c0f\u56db, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\xiaosi}{\\fontsize{12pt}{18pt}\\selectfont} % \u5c0f\u56db, 1.5\u500d\u884c\u8ddd\n\\newcommand{\\dawuhao}{\\fontsize{11pt}{11pt}\\selectfont} % \u5927\u4e94\u53f7, \u5355\u500d\u884c\u8ddd\n\\newcommand{\\wuhao}{\\fontsize{10.5pt}{15.75pt}\\selectfont} % \u4e94\u53f7, \u5355\u500d\u884c\u8ddd\n\n% \u5b9a\u4e49\u4ee3\u7801\u6837\u5f0f\n\\definecolor{codegreen}{rgb}{0,0.6,0}\n\\definecolor{codegray}{rgb}{0.5,0.5,0.5}\n\\definecolor{codepurple}{rgb}{0.58,0,0.82}\n\\definecolor{backcolour}{rgb}{0.95,0.95,0.95}\n\\lstdefinestyle{mystyle}{\n % backgroundcolor=\\color{backcolour}, \n commentstyle=\\color{codegreen},\n keywordstyle=\\color{magenta},\n numberstyle=\\tiny\\color{codegray},\n stringstyle=\\color{codepurple},\n % basicstyle=\\footnotesize\\ttfamily,\n basicstyle=\\footnotesize\\scriptsize,\n breakatwhitespace=false, \n breaklines=true, \n captionpos=b, \n keepspaces=true,\n numbers=left, %% \u884c\u53f7 \n % numbersep=2pt, \n showspaces=false, \n showstringspaces=false,\n showtabs=false, \n tabsize=1,\n xleftmargin=\\parindent,\n}\n\\lstset{style=mystyle}\n\n\\renewcommand{\\abstractname}{\\textbf{\u6458\\quad \u8981}} % \u66f4\u6539\u6458\u8981\u4e8c\u5b57\u7684\u6837\u5f0f\n\n% use these commands to consistently refer to stuff\n\n\\newcommand{\\bugCount}{xx} \n\n\\newcommand{\\tabincell}[2]{\\begin{tabular}{@{}#1@{}}#2\\end{tabular}}\n\n\\newcommand*\\emptcirc[1][1ex]{\\tikz\\draw (0,0) circle (#1);} \n\\newcommand*\\halfcirc[1][1ex]{%\n \\begin{tikzpicture}\n \\draw[fill] (0,0)-- (90:#1) arc (90:270:#1) -- cycle ;\n \\draw (0,0) circle (#1);\n \\end{tikzpicture}}\n\\newcommand*\\fullcirc[1][1ex]{\\tikz\\fill (0,0) circle (#1);} \n\n\\def\\BibTeX{{\\rm B\\kern-.05em{\\sc i\\kern-.025em b}\\kern-.08em\n T\\kern-.1667em\\lower.7ex\\hbox{E}\\kern-.125emX}}\n\n\\title{\\fontsize{18pt}{27pt}\\selectfont \\textbf{xxxx}}\n\\author{\\fontsize{14pt}{21pt}\\selectfont \\textbf{xxxx}}\n\\date{}\n\n\\begin{document}\n\\begin{sloppypar} % \u9632\u6b62\u957f\u5355\u8bcd\u51fa\u754c\n\\maketitle\n\n\\begin{abstract}\n\\end{abstract}\n\n\\section{\u80cc\u666f}\n\n\\subsection{\u53ef\u4fe1\u6267\u884c\u73af\u5883}\n\\bibliographystyle{plain}\n\\bibliography{Ref}\n\n\\end{sloppypar}\n\\end{document}\nsudo ls -lah /proc/<pid>\n# \u8f93\u5165raw bytes\necho -e '\\x31\\x32' | program\n\n# \u4e0d\u5e26echo\u81ea\u52a8\u52a0\u7684\u6362\u884c\necho -en '\\x31\\x32' | program\n\n# \u8f93\u5165raw binary\necho -e '\\x31\\x32' | xxd -r -p | program \u67e5\u8be2\u7269\u7406\u69fd\u663e\u5361\u8fde\u63a5
lspci | grep VGA\n\u67e5\u8be2\u6d3b\u8dc3\u60c5\u51b5\uff08\u9700\u8981\u5b89\u88c5\u663e\u5361\u9a71\u52a8\uff0c\u53ef\u4ee5\u76f4\u63a5\u5b89\u88c5CUDA runfile\uff0c\u81ea\u5e26\u9a71\u52a8\uff09
nvidia-smi\nhtop # \u89c2\u5bdf\u5185\u5b58\u3001\u5404\u8fdb\u7a0b\u3001CPU\u5360\u7528\nsudo ls -lah /proc/<pid>/cwd # \u89c2\u5bdf\u8fd0\u884c\u7684\u547d\u4ee4\uff0c\u5224\u65ad\u8c01\u7684\u7a0b\u5e8f\nncdu # \u7edf\u8ba1\u5f53\u524d\u76ee\u5f55\u4e0b\u5404\u4e2a\u6587\u4ef6\u5939\u5360\u7528\uff0c\u53ef\u4ee5\u8fdb\u5165\u3001\u5220\u9664\u6587\u4ef6\u5939\u6216\u76ee\u5f55\n\u6709\u65f6\u5019\u8fde\u4e0d\u4e0a\u7f51\u662f\u56e0\u4e3aDNS\u7684\u95ee\u9898\uff0c\u4fee\u6539/etc/resolve.conf\u5373\u53ef\u3002\u4e0d\u8fc7\u8fd9\u4e2a\u8f6f\u8fde\u63a5\u4fee\u6539\u5b8c\u4e86\u4ee5\u540e\u53ef\u80fd\u4f1a\u88ab\u7cfb\u7edf\u6539\u6389\uff0c\u53ef\u4ee5\u8bd5\u8bd5\u5220\u6389\u4ee5\u540e\u76f4\u63a5\u521b\u5efa\u4e2a/etc/resolve.conf\u6587\u4ef6\uff0c\u518dchattr +i /etc/resovle.conf\u9632\u6b62\u4fee\u6539\u3002
systemctl status xxx\u68c0\u67e5\u67d0\u4e9b\u670d\u52a1\u8fd0\u884c\u72b6\u6001\uff0c\u53ef\u4ee5ls -lah /etc/systemd/system\u3001ls -lah /lib/systemd/system\u67e5\u8be2\u6709\u54ea\u4e9b\u670d\u52a1\u3002\u8b66\u60d5\u5947\u602a\u7684\u6570\u5b57service\uff0c\u53ef\u80fd\u662f\u75c5\u6bd2\u3002
\u6dfb\u52a0\u7cfb\u7edf\u670d\u52a1\u65f6\uff0c\u521b\u5efa/etc/systemd/system/xxx.service\u6587\u4ef6\uff0c\u7136\u540e\u7f16\u8f91\u5185\u5bb9\uff0c\u6bd4\u5982\u4e0b\u9762\u7684socat.service\uff1a
[Unit]\nDescription=port forward 4320\n# \u542f\u52a8\u987a\u5e8f\uff08\u591a\u4e2a\u670d\u52a1\u4e2d\u95f4\u7528\u7a7a\u683c\u9694\u5f00\uff09\nAfter=network.target[\u5f53\u524d\u670d\u52a1\u5728\u6307\u5b9a\u670d\u52a1\u4e4b\u540e\u542f\u52a8]\nBefore=[\u5f53\u524d\u670d\u52a1\u5728\u6307\u5b9a\u670d\u52a1\u4e4b\u524d\u542f\u52a8]\n\n# \u4f9d\u8d56\u5173\u7cfb\nWants=[\u5f31\u4f9d\u8d56\u5173\u7cfb\u670d\u52a1\uff0c\u6307\u5b9a\u670d\u52a1\u53d1\u751f\u5f02\u5e38\u4e0d\u5f71\u54cd\u5f53\u524d\u670d\u52a1]\nRequires=[\u5f3a\u4f9d\u8d56\u5173\u7cfb\u670d\u52a1\uff0c\u6307\u5b9a\u670d\u52a1\u53d1\u751f\u5f02\u5e38\uff0c\u5f53\u524d\u670d\u52a1\u5fc5\u987b\u9000\u51fa]\n\n[Service]\nUser=nobody\nExecStart=/usr/bin/socat TCP4-LISTEN:4320,fork TCP4:10.244.55.25:80\nExecReload=[\u91cd\u542f\u670d\u52a1\u65f6\u6267\u884c\u7684\u547d\u4ee4]\nExecStop=[\u505c\u6b62\u670d\u52a1\u65f6\u6267\u884c\u7684\u547d\u4ee4]\nExecStartPre=[\u542f\u52a8\u670d\u52a1\u4e4b\u524d\u6267\u884c\u7684\u547d\u4ee4]\nExecStartPost=[\u542f\u52a8\u670d\u52a1\u4e4b\u540e\u6267\u884c\u7684\u547d\u4ee4]\nExecStopPost=[\u505c\u6b62\u670d\u52a1\u4e4b\u540e\u6267\u884c\u7684\u547d\u4ee4]\n\n# \u542f\u52a8\u7c7b\u578b\n# simple\uff08\u9ed8\u8ba4\u503c\uff09\uff1aExecStart\u5b57\u6bb5\u542f\u52a8\u7684\u8fdb\u7a0b\u4e3a\u4e3b\u8fdb\u7a0b\n# forking\uff1aExecStart\u5b57\u6bb5\u5c06\u4ee5fork()\u65b9\u5f0f\u542f\u52a8\uff0c\u6b64\u65f6\u7236\u8fdb\u7a0b\u5c06\u4f1a\u9000\u51fa\uff0c\u5b50\u8fdb\u7a0b\u5c06\u6210\u4e3a\u4e3b\u8fdb\u7a0b\n# oneshot\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u53ea\u6267\u884c\u4e00\u6b21\uff0cSystemd \u4f1a\u7b49\u5b83\u6267\u884c\u5b8c\uff0c\u624d\u542f\u52a8\u5176\u4ed6\u670d\u52a1\n# dbus\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u4f1a\u7b49\u5f85 D-Bus \u4fe1\u53f7\u540e\u542f\u52a8\n# notify\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u542f\u52a8\u7ed3\u675f\u540e\u4f1a\u53d1\u51fa\u901a\u77e5\u4fe1\u53f7\uff0c\u7136\u540e Systemd \u518d\u542f\u52a8\u5176\u4ed6\u670d\u52a1\n# idle\uff1a\u7c7b\u4f3c\u4e8esimple\uff0c\u4f46\u662f\u8981\u7b49\u5230\u5176\u4ed6\u4efb\u52a1\u90fd\u6267\u884c\u5b8c\uff0c\u624d\u4f1a\u542f\u52a8\u8be5\u670d\u52a1\u3002\u4e00\u79cd\u4f7f\u7528\u573a\u5408\u662f\u4e3a\u8ba9\u8be5\u670d\u52a1\u7684\u8f93\u51fa\uff0c\u4e0d\u4e0e\u5176\u4ed6\u670d\u52a1\u7684\u8f93\u51fa\u76f8\u6df7\u5408\nType=[\u542f\u52a8\u7c7b\u578b]\n\n# \u5982\u4f55\u505c\u6b62\u670d\u52a1\n# control-group\uff08\u9ed8\u8ba4\u503c\uff09\uff1a\u5f53\u524d\u63a7\u5236\u7ec4\u91cc\u9762\u7684\u6240\u6709\u5b50\u8fdb\u7a0b\uff0c\u90fd\u4f1a\u88ab\u6740\u6389\n# process\uff1a\u53ea\u6740\u4e3b\u8fdb\u7a0b\n# mixed\uff1a\u4e3b\u8fdb\u7a0b\u5c06\u6536\u5230 SIGTERM \u4fe1\u53f7\uff0c\u5b50\u8fdb\u7a0b\u6536\u5230 SIGKILL \u4fe1\u53f7\n# none\uff1a\u6ca1\u6709\u8fdb\u7a0b\u4f1a\u88ab\u6740\u6389\uff0c\u53ea\u662f\u6267\u884c\u670d\u52a1\u7684 stop \u547d\u4ee4\u3002\nKillMode=[\u5982\u4f55\u505c\u6b62\u670d\u52a1]\n\n# \u91cd\u542f\u65b9\u5f0f\n# no\uff08\u9ed8\u8ba4\u503c\uff09\uff1a\u9000\u51fa\u540e\u4e0d\u4f1a\u91cd\u542f\n# on-success\uff1a\u53ea\u6709\u6b63\u5e38\u9000\u51fa\u65f6\uff08\u9000\u51fa\u72b6\u6001\u7801\u4e3a0\uff09\uff0c\u624d\u4f1a\u91cd\u542f\n# on-failure\uff1a\u975e\u6b63\u5e38\u9000\u51fa\u65f6\uff08\u9000\u51fa\u72b6\u6001\u7801\u975e0\uff09\uff0c\u5305\u62ec\u88ab\u4fe1\u53f7\u7ec8\u6b62\u548c\u8d85\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-abnormal\uff1a\u53ea\u6709\u88ab\u4fe1\u53f7\u7ec8\u6b62\u548c\u8d85\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-abort\uff1a\u53ea\u6709\u5728\u6536\u5230\u6ca1\u6709\u6355\u6349\u5230\u7684\u4fe1\u53f7\u7ec8\u6b62\u65f6\uff0c\u624d\u4f1a\u91cd\u542f\n# on-watchdog\uff1a\u8d85\u65f6\u9000\u51fa\uff0c\u624d\u4f1a\u91cd\u542f\n# always\uff1a\u4e0d\u7ba1\u662f\u4ec0\u4e48\u9000\u51fa\u539f\u56e0\uff0c\u603b\u662f\u91cd\u542f\nRestart=[\u670d\u52a1\u9000\u51fa\u540e\uff0cSystemd \u7684\u91cd\u542f\u65b9\u5f0f]\n\nRestartSec=[\u8868\u793a Systemd \u91cd\u542f\u670d\u52a1\u4e4b\u524d\uff0c\u9700\u8981\u7b49\u5f85\u7684\u79d2\u6570]\n\n[Install]\nWantedBy=multi-user.target\n# \u6267\u884c sytemctl enable **.service\u547d\u4ee4\u65f6\uff0c**.service\u7684\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\uff0c\u5c31\u4f1a\u653e\u5728/etc/systemd/system/multi-user.target.wants\u5b50\u76ee\u5f55\u4e2d\n# \u6267\u884csystemctl get-default\u547d\u4ee4\uff0c\u83b7\u53d6\u9ed8\u8ba4\u542f\u52a8Target\n# multi-user.target\u7ec4\u4e2d\u7684\u670d\u52a1\u90fd\u5c06\u5f00\u673a\u542f\u52a8\n# \u5e38\u7528Target\uff0c1. multi-user.target-\u591a\u7528\u6237\u547d\u4ee4\u884c\uff1b2. graphical.target-\u56fe\u5f62\u754c\u9762\u6a21\u5f0f\nWantedBy=[\u8868\u793a\u8be5\u670d\u52a1\u6240\u5728\u7684Target]\nsystemctl start **systemctl stop **systemctl restart **systemctl status **systemctl enable ** enable\u547d\u4ee4\u76f8\u5f53\u4e8e\u5728\u76ee\u5f55\u91cc\u6dfb\u52a0\u4e86\u4e00\u4e2a\u7b26\u53f7\u94fe\u63a5\u3002\u5f00\u673a\u65f6\uff0cSystemd\u4f1a\u6267\u884c/etc/systemd/system/\u76ee\u5f55\u91cc\u9762\u7684\u914d\u7f6e\u6587\u4ef6systemctl kill **systemctl cat **systemctl list-dependencies multi-user.targetsystemctl isolate graphical.targetsystemctl daemon-reload\u5b9a\u65f6\u7a0b\u5e8f\u6267\u884c\u5931\u8d25\u7684\u539f\u56e0\u662f\u591a\u6837\u7684\uff0c\u53ef\u80fd\u662f\u56e0\u4e3a\u5b9a\u65f6\u670d\u52a1\u6ca1\u542f\u52a8\uff0c\u9700\u8981systemctl restart cron.service\uff0c\u6216\u8005\u662fcron\u670d\u52a1\u574f\u6389\u4e86\uff0c\u5148apt install cron --reinstall\u5f3a\u5236\u91cd\u65b0\u5b89\u88c5\u4e0b\uff0c\u518d\u91cd\u542f\u670d\u52a1\uff0c\u6216\u8005\u662f\u5b89\u88c5\u4e86\u522b\u7684\u4f9d\u8d56\u5e93\u4f46\u662f\u6ca1\u6709\u91cd\u542fcron\u5bfc\u81f4\u8fd0\u884c\u5931\u8d25\uff0c\u8bd5\u8bd5/etc/init.d/cron restart\u3002
https://www.baeldung.com/linux/list-open-file-descriptors
Linux\u9ed8\u8ba4\u6700\u591a\u540c\u65f6\u6253\u5f001024\u4e2a\u6587\u4ef6\uff0c\u53ef\u4ee5\u901a\u8fc7ulimit -n\u67e5\u770b\u3002fuzzing\u7b49\u8981\u6ce8\u610f\u5173\u95ed\u6587\u4ef6\u63cf\u8ff0\u7b26\uff0c\u5426\u5219\u53ef\u80fd\u5bfc\u81f4\u670d\u52a1\u5668\u6545\u969c\uff08\u6bd4\u5982ssh\u8fde\u4e0d\u4e0a\uff09\u3002/proc//fd\u91cc\u5217\u51fa\u4e86pid\u9501\u6253\u5f00\u7684\u6587\u4ef6\u3002"},{"location":"linux-server/#_8","title":"\u53c2\u8003\u8d44\u6599","text":"
(\u4ee5\u4e0b\u5747\u5728wsl\u7684root\u7528\u6237) ubuntu\u7cfb\u7edf\uff0c\u5148\u9884\u88c5\u4e0b\u73af\u5883\uff1a
apt install build-essential autoconf zlib1g-dev libssl-dev\n\u4e0b\u8f7d\u6e90\u7801\uff0c\u76f4\u63a5\u4eceGithub\u94fe\u63a5\u4e0b\u8f7dzip\u5230\u672c\u5730\u89e3\u538b\uff0c\u4e5f\u53ef\u4ee5\u7528git clone\uff1a
git clone --depth 1 https://github.com/openssh/openssh-portable.git\n\u4e3a\u4e86\u9632\u6b62\u4e4b\u540emake install\u51fa\u7684\u6587\u4ef6\u8986\u76d6\u7cfb\u7edf\u81ea\u5df1\u7684ssh\uff0c\u8fd9\u91cc\u6307\u5b9aconfigure\u5c06\u4e4b\u540e\u7f16\u8bd1\u51fa\u7684\u6587\u4ef6\u653e\u5230\u9879\u76ee\u7684/output\u6587\u4ef6\u5939\u4e0b\u3002\u6309readme\u7684Building from git\u7684\u65b9\u6cd5\uff0c\u8fdb\u5165openssh\u6240\u5728\u76ee\u5f55\u540e\uff0c\u8fd0\u884c\uff1a
autoreconf\n./configure --prefix=`pwd`/output\nmake\n\u6b64\u65f6\u76f8\u5173\u53ef\u6267\u884c\u6587\u4ef6\u5df2\u7ecf\u7f16\u8bd1\u5b8c\u6bd5\u3002\u4e3a\u4e86\u8fdb\u4e00\u6b65\u6e05\u6670\u663e\u793a\uff0c\u53ef\u4ee5\u8fd0\u884cmake install\uff0c\u5219\u5728\u5f53\u524d\u76ee\u5f55\u7684output\u6587\u4ef6\u5939\u4e0b\u4f1a\u751f\u6210\u5bf9\u5e94\u7684\u7ed3\u6784\u3002
Alligator in Vest: A Practical Failure-Diagnosis Framework via Arm Hardware Features (ISSTA 2023)
RR: A Fault Model for Efficient TEE Replication (NDSS 2023)
No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions (NDSS 2023)
FUZZUSB: Hybrid Stateful Fuzzing of USB Gadget Stacks (Oakland 2022)
Registered Report: DATAFLOW Towards a Data-Flow-Guided Fuzzer
A Survey on Adversarial Attacks for Malware Analysis
Survivalism: Systematic Analysis of Windows Malware Living-Off-The-Land (Oakland 2021)
A Systematical and longitudinal study of evasive behaviors in windows malware (Computers & Security 2021)
Structural Attack against Graph Based Android Malware Detection (CCS 2021)
Deep Learning for Android Malware Defenses: a Systematic Literature Review (ACM Survey 2021)
Intriguing Properties of Adversarial ML Attacks in the Problem Space (Oakland 2020)
P2IM: Scalable and Hardware-independent Firmware Testing via Automatic Peripheral Interface Modeling (USENIX SECURITY 2020)
Toward the Analysis of Embedded Firmware through Automated Re-hosting (RAID 2019)
REPT: Reverse Debugging of Failures in Deployed Software (USENIX SECURITY 2018)
What You Corrupt Is Not What You Crash: Challenges in Fuzzing Embedded Devices (NDSS 2018)
Postmortem Program Analysis with Hardware-Enhanced Post-Crash Artifacts (USENIX SECURITY 2017)
POMP++: Facilitating Postmortem Program Diagnosis with Value-Set Analysis
A Survey on Software Fault Localization (TSE 2016)
\u7531\u4e8e\u670d\u52a1\u5668\u5b89\u5168\u8bbe\u5b9a\uff0c\u53ea\u5bf9\u5916\u5f00\u653e\u4e00\u4e2a22\u7aef\u53e3\u63d0\u4f9bssh\u8fde\u63a5\u3002\u90a3\u4e48\u5728\u6b64\u57fa\u7840\u4e0a\u5982\u4f55\u63d0\u4f9bhttp\u3001https\u7b49\u591a\u79cd\u670d\u52a1\uff1f\u641c\u7d22\u4e86\u4e0b\u53ef\u4ee5\u6839\u636e\u6d41\u91cf\u7279\u5f81\u7528sslh\u7b80\u5355\u8f6c\u53d1\u4e00\u4e0b\u6570\u636e\u5305\u5230\u4e0d\u540c\u7684\u5185\u90e8\u7aef\u53e3\u3002
"},{"location":"porting/#sslh","title":"sslh\uff1a\u6839\u636e\u6d41\u91cf\u7279\u5f81\u8f6c\u53d1\u6570\u636e\u5305","text":"\u5728root\u4e0bapt install sslh\u540e\u4fee\u6539\u914d\u7f6e\u6587\u4ef6/etc/default/sslh\uff1a
# Default options for sslh initscript\n# sourced by /etc/init.d/sslh\n\n# binary to use: forked (sslh) or single-thread (sslh-select) version\n# systemd users: don't forget to modify /lib/systemd/system/sslh.service\nDAEMON=/usr/sbin/sslh\nRun=yes\nDAEMON_OPTS=\"--user sslh --listen 0.0.0.0:4684 --ssh 127.0.0.1:5752 --tls 127.0.0.1:443 --http 127.0.0.1:1284 --anyprot 127.0.0.1:2008 -F /etc/sslh/sslh.cfg --pidfile /var/run/sslh/sslh.pid\"\n\u8fd9\u91cc\u4e5f\u53ef\u4ee5cat /lib/systemd/system/sslh.service\u770b\u4e00\u4e0bservice\u6587\u4ef6\uff0c\u5176\u4e2d\u6709\u4e00\u884cExecStart=/usr/sbin/sslh --foreground $DAEMON_OPTS\uff0c\u53ef\u4ee5\u770b\u5230\u5728\u542f\u52a8sslh\u65f6\u53c2\u6570\u662fDAEMON_OPTS\u3002\u6240\u4ee5\u91cd\u70b9\u5c31\u5728\u4e8e\u914d\u7f6e\u597dDAEMON_OPTS\u3002
\u89e3\u91ca\u4e00\u4e0b\u51e0\u4e2a\u53c2\u6570\u7684\u610f\u601d\uff1a
--listen 0.0.0.0:4684 \u8868\u793asslh\u8fd0\u884c\u57284684\u7aef\u53e3\uff0c\u5c06\u8fd9\u4e2a\u7aef\u53e3\u6536\u5230\u7684\u6570\u636e\u5305\u6309\u89c4\u5219\u8f6c\u53d1\u5230\u5176\u4ed6\u7aef\u53e3\u4e0a--ssh 127.0.0.1:5752 \u8868\u793a\u5c06\u6536\u5230\u7684ssh\u6570\u636e\u5305\u8f6c\u53d1\u5230\u672c\u57305752\u7aef\u53e3--tls 127.0.0.1:443 \u8868\u793a\u5c06\u6536\u5230\u7684tls\u6570\u636e\u5305\u8f6c\u53d1\u5230\u672c\u5730443\u7aef\u53e3--http 127.0.0.1:1284 \u8868\u793a\u5c06\u6536\u5230\u7684http\u8bf7\u6c42\u8f6c\u53d1\u5230\u672c\u57301284\u7aef\u53e3--anyprot 127.0.0.1:2008 \u8868\u793a\u5c06\u5339\u914d\u90fd\u4e0d\u7b26\u5408\u7684\u5305\u53d1\u9001\u5230\u672c\u57302008\u7aef\u53e3-F /etc/sslh/sslh.cfg \u8868\u793a\u4f7f\u7528sslh.cfg\u8fd9\u4e2a\u6587\u4ef6\u4e2d\u7684\u8bbe\u5b9a\u8fdb\u884c\u66f4\u4e30\u5bcc\u7684\u914d\u7f6e\u7136\u540esystemctl enable sslh\u3001systemctl start sslh\u542f\u52a8sslh\uff0c\u5c06\u672c\u57304684\u7aef\u53e3\u6536\u5230\u7684\u6d41\u91cf\u6839\u636essh\u3001ssl\u3001http\u7684\u7279\u5f81\u5206\u522b\u8fdb\u884c\u7aef\u53e3\u8f6c\u53d1\u3002
\u6bd4\u8f83\u6709\u610f\u601d\u7684\u662f\u53ef\u4ee5\u7528--anyprot\u6765\u8bbe\u7f6e\u9ed8\u8ba4\u7684\u8f6c\u53d1\u7b56\u7565\uff0c\u914d\u5408nc -lk\u53ef\u4ee5\u770b\u81ea\u5b9a\u4e49\u7684\u6570\u636e\u5305\u683c\u5f0f\uff0c\u518d\u901a\u8fc7-F\uff08\u6216--config\uff09\u6307\u5b9aconfig\u6587\u4ef6\uff08\u6bd4\u5982/etc/sslh/sslh.cfg\uff09\uff0c\u5b9e\u73b0\u5229\u7528\u6b63\u5219\u8868\u8fbe\u5f0f\u5bf9\u6570\u636e\u5305\u8fdb\u884c\u81ea\u5b9a\u4e49\u8f6c\u53d1\u3002
\u6ce8\u610f\uff0c\u5982\u679c\u4f7f\u7528config\u6587\u4ef6\uff0c\u90a3\u4e48\u6587\u4ef6\u7684\u5185\u5bb9\u4e0d\u8981\u548c\u547d\u4ee4\u884c\u5df2\u6709\u7684\u5185\u5bb9\u91cd\u590d\u3002\u6bd4\u5982\u547d\u4ee4\u884c\u5df2\u7ecf\u6307\u5b9a\u4e86\u76d1\u542c127.0.0.1\u7aef\u53e3\u76844684\uff0c\u90a3config\u6587\u4ef6\u91cc\u5c31\u4e0d\u8981\u518d\u52a0\u4e0alisten:(xxx)\u4e86\u3002
config\u6587\u4ef6\u6307\u5b9a\u5339\u914d\u89c4\u5219\u7684\u4f8b\u5b50\u5982\u4e0b\u6240\u793a\uff08\u7247\u6bb5\uff09
protocols:\n(\n{ name: \"http\"; host: \"127.0.0.1\"; port: \"808\"; },\n{ name: \"tls\"; host: \"127.0.0.1\"; port: \"443\"; sni_hostnames: [ \"remote.c01dkit.com\" ]; tfo_ok: true },\n{ name: \"tls\"; host: \"127.0.0.1\"; port: \"7000\"; sni_hostnames: [ \"project-frp\" ]; tfo_ok: true },\n{ name: \"regex\"; host: \"127.0.0.1\"; port: \"60000\"; regex_patterns: [ \"^SSH-2.0-Go\\x0d$\", \"^SSH-2.0-OpenSSH\\x0d$\" ]; },\n);\n\u7531\u4e8e\u539f\u672c\u5bf9\u5916\u5f00\u653e\u768422\u7aef\u53e3\u53ea\u7528\u4e8e\u63a5\u6536ssh\u8bf7\u6c42\uff0c\u5982\u679c\u60f3\u8981\u63d0\u4f9b\u66f4\u591a\u670d\u52a1\uff0c\u9700\u8981\u5148\u628a22\u7aef\u53e3\u7684\u63a5\u6536\u7684\u6570\u636e\u90fd\u8f6c\u53d1\u7ed9sslh\uff0c\u8ba9\u5b83\u6765\u8fdb\u884c\u5206\u7c7b\u3002\u90a3\u4e48ssh\u8bf7\u6c42\u5e94\u8be5\u5c31\u4e0d\u80fd\u518d\u8fd8\u7ed922\u7aef\u53e3\u4e86\uff08\u4e0d\u7136\u53ef\u80fd\u53c8\u88ab\u8f6c\u53d1\u7ed9sslh\uff1f\u4e0d\u786e\u5b9a\uff09\uff0c\u53ef\u4ee5\u8003\u8651\u518d\u5f00\u4e00\u4e2a\u7aef\u53e3\u76d1\u542cssh\u8bf7\u6c42\u3002\u8fd9\u91ccssh\u7684\u8bbe\u5b9a\u5f00\u4e86\u672c\u573022\u548c5752\u7aef\u53e3\uff0c\u914d\u7f6e\u65f6\u4fee\u6539/etc/ssh/sshd_config\u6587\u4ef6\uff0c\u52a0\u4e00\u884cPort 5752\u5373\u53ef\u3002\u540c\u65f6\u8bb0\u5f97\u4f7f\u7528\u516c\u94a5\u8ba4\u8bc1\u767b\u5f55\uff0c\u7981\u7528\u5bc6\u7801\u767b\u5f55\u3002
Port 22\nPort 5752\nPubkeyAuthentication yes\nPasswordAuthentication no\n\u5728nginx\u5b98\u7f51\u4e0b\u8f7d\u6e90\u7801\u5e76\u6309\u8bf4\u660e\u7f16\u8bd1\u3002nginx\uff081.22\u7248\u672c\uff09\u7684\u914d\u7f6e\u5982\u4e0b\uff1a
user c01dkit;\nworker_processes 1;\n\nevents {\n worker_connections 1024;\n}\n\nhttp {\n include mime.types;\n default_type application/octet-stream;\n sendfile on;\n keepalive_timeout 65;\n server_tokens off;\n server {\n listen 1284;\n listen 127.0.0.1:1284;\n charset utf-8;\n server_name xxxx.c01dkit.com;\n if ($scheme = http ) {\n return 301 https://$host:xxxx$request_uri; \n }\n error_page 404 /404.html;\n }\n\n server {\n listen 127.0.0.1:443 ssl ;\n listen 443 ssl ;\n listen [::]:443 ssl ;\n server_name xxxx.c01dkit.com;\n charset utf-8;\n ssl_certificate xxxx/fullchain.pem;\n ssl_certificate_key xxxx/privkey.pem;\n\n ssl_session_cache shared:SSL:1m;\n ssl_session_timeout 5m;\n\n ssl_ciphers HIGH:!aNULL:!MD5;\n ssl_prefer_server_ciphers on;\n\n location / {\n root xxxxx;\n index index.html index.htm;\n error_page 404 /404.html;\n\n }\n location ~ \\.php$ {\n fastcgi_pass unix:/run/php/php8.1-fpm.sock;\n fastcgi_index index.php;\n fastcgi_param SCRIPT_FILENAME xxxx/www$fastcgi_script_name;\n include fastcgi_params;\n error_page 404 /404.html;\n }\n }\n\n}\n\u8fd9\u91cc\u914d\u7f6e\u4e86nginx\u76d1\u542c\u672c\u57301284\u7aef\u53e3\u6765\u5904\u7406http\u8bbf\u95ee\uff0c\u5c06https\u8bf7\u6c42\u8f6c\u53d1\u5230443\u7aef\u53e3\uff0c\u4e5f\u8bbe\u7f6e\u4e86ssl\u7684\u8bc1\u4e66\u3002\u8bc1\u4e66\u7684\u914d\u7f6e\u65b9\u6cd5\u53ef\u4ee5\u89c1\u540e\u6587\u7684https\u8bc1\u4e66\u7ae0\u8282\u3002
\u5173\u4e8enginx\uff0c\u53ef\u4ee5nginx -V\u67e5\u770b\u7f16\u8bd1\u9009\u9879\uff0c\u7136\u540e\u81ea\u5df1\u4ece\u6e90\u7801\u7f16\u8bd1\u4e0b\u3002\u5e38\u89c1\u7684-V\u8f93\u51fa\u6709\uff1a
nginx version: nginx/1.22.1\nbuilt by gcc 11.3.0 (Ubuntu 11.3.0-1ubuntu1~22.04) \nbuilt with OpenSSL 3.0.2 15 Mar 2022\nTLS SNI support enabled\nconfigure arguments: --user=c01dkit --group=c01dkit --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-compat --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_sub_module\n\u8fd9\u91cc\u6307\u5b9auser\u4e3ac01dkit\uff0c\u7136\u540e\u7f51\u7ad9\u4e5f\u90fd\u653e\u5728c01dkit\u7684\u5bb6\u76ee\u5f55\u91cc\u9762\uff0c\u4ee5\u9632\u7f51\u7ad9\u9875\u9762\u56e0\u4e3a\u6743\u9650\u95ee\u9898\u6253\u4e0d\u5f00\uff08\u597d\u50cf\u9ed8\u8ba4\u662fwww-data\uff09\uff0c\u53ef\u80fd\u662f\u87f9\u811a\u6539\u6cd5\u25cb( \uff3e\u76bf\uff3e)\u3063
"},{"location":"porting/#iptablessslh","title":"iptables\uff1a\u8f6c\u53d1\u5916\u90e8\u8bbf\u95ee\u5230sslh","text":"\u6700\u540e\u63a5\u7740\u8bbe\u7f6e\u9632\u706b\u5899\u5c06\u6240\u6709\u5916\u90e8\u6d41\u91cf\u4ece\u5f00\u653e\u7684\u552f\u4e00\u7aef\u53e3\u8f6c\u53d1\u52304684\u7aef\u53e3\u5373\u53ef\u3002
iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n\u8fd9\u91cc\u5047\u5b9a\u5916\u90e8\u7aef\u53e3\u5f00\u653e\u7684\u7aef\u53e3\u6620\u5c04\u5230\u672c\u573022\u7aef\u53e3\u3002\u8fd9\u91cc22\u7aef\u53e3\u4e5f\u662f\u6709ssh\u670d\u52a1\u5728\u76d1\u542c\u3002
\u6709\u65f6\u62c5\u5fc3sslh\u670d\u52a1\u6302\u6389\u5bfc\u81f44684\u6ca1\u6709ssh\u670d\u52a1\u3001ssh\u8fde\u4e0d\u4e0a\uff0c\u8bbe\u7f6e\u4e86\u5b9a\u65f6\u4efb\u52a1\u6765\u5173\u6389\u3001\u6253\u5f00\u9632\u706b\u5899\uff08\u6b64\u65f6\u53ea\u80fdssh\u8fde\u63a5\uff0c\u63d0\u4f9b\u8fd0\u7ef4\u7a97\u53e3\u671f\uff09\uff0c\u6bd4\u5982\u6bcf\u5468\u4e094\u70b9\u52306\u70b9\u53ea\u63d0\u4f9b22\u7aef\u53e3\u7684ssh\u670d\u52a1\uff1a
# Edit this file to introduce tasks to be run by cron.\n# \n# Each task to run has to be defined through a single line\n# indicating with different fields when the task will be run\n# and what command to run for the task\n# \n# To define the time you can provide concrete values for\n# minute (m), hour (h), day of month (dom), month (mon),\n# and day of week (dow) or use '*' in these fields (for 'any').\n# \n# Notice that tasks will be started based on the cron's system\n# daemon's notion of time and timezones.\n# \n# Output of the crontab jobs (including errors) is sent through\n# email to the user the crontab file belongs to (unless redirected).\n# \n# For example, you can run a backup of all your user accounts\n# at 5 a.m every week with:\n# 0 5 * * 1 tar -zcf /var/backups/home.tgz /home/\n# \n# For more information see the manual pages of crontab(5) and cron(8)\n# \n# m h dom mon dow command\n0 4 * * 3 iptables -t nat -D PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n0 6 * * 3 iptables -t nat -A PREROUTING -p tcp --dport 22 -j REDIRECT --to-port 4684\n\u7531\u4e8e\u8fd9\u6837\u8bbe\u7f6eiptables\u4f1a\u5728\u670d\u52a1\u5668\u91cd\u542f\u540e\u5931\u6548\uff0c\u6240\u4ee5\u670d\u52a1\u5668\u610f\u5916\u91cd\u542f\u7684\u8bdd\u53ea\u4e0d\u8fc7\u662f\u6062\u590d\u5230\u6700\u57fa\u7840\u768422\u7aef\u53e3ssh\u800c\u5df2\u3002
"},{"location":"porting/#https","title":"https\u8bc1\u4e66","text":"\u5173\u4e8ehttps\u8bc1\u4e66\uff0c\u53ef\u4ee5\u6309\u8fd9\u91cc\u7684\u65b9\u6cd5\uff0c\u5148snap install --classic certbot\u5b89\u88c5certbot\uff0c\uff08\u4e0d\u77e5\u9053\u4e3a\u5565\u5f53\u65f6\u8bbe\u7f6e\u4e86\u4e00\u4e0bcertbot\u8def\u5f84sudo ln -s /snap/bin/certbot /usr/bin/certbot\uff09\u3002\u5982\u679c80\u7aef\u53e3\u5df2\u7ecf\u5bf9\u5916\u5f00\u653e\uff0c\u53ef\u4ee5\u7b80\u5355\u5730certbot --nginx\u81ea\u52a8\u5e2e\u5fd9\u8ba4\u8bc1\uff08\u5373certbot\u521b\u5efa\u8ba4\u8bc1\u6587\u4ef6\u7136\u540e\u5728\u516c\u7f51\u8bbf\u95ee\uff09\u3002\u5982\u679c80\u7aef\u53e3\u4e0d\u5bf9\u5916\u5f00\u653e\uff0c\u53ef\u4ee5\u81ea\u9009dns\u8ba4\u8bc1\uff1acertbot certonly --manual --preferred-challenges=dns\u7136\u540e\u5728\u57df\u540d\u7ba1\u7406\u90a3\u8fb9\u6dfb\u52a0\u4e00\u4e0b\u8bb0\u5f55\u5373\u53ef\uff0c\u6bd4\u5982\u521b\u5efa\u4e00\u4e2a_acme-challenge.remote\u7684TXT\u8bb0\u5f55\u3002\u7136\u540e\u5728nginx\u7684conf\u90a3\u91cc\u8bbe\u7f6e\u597d\u8bc1\u4e66\u8def\u5f84\uff0c\u8bbf\u95ee\u5c31\u6709https\u8ba4\u8bc1\u4e86\uff01\u5bf9\u4e8ehttp\u8bbf\u95ee\uff0c\u53ef\u4ee5\u7528301\u8df3\u8f6c\u3002
\u4e00\u6b21\u8ba4\u8bc1\u662f90\u5929\u6709\u6548\u671f\uff0c\u5230\u671f\u4e4b\u524d\u4f1a\u53d1\u90ae\u4ef6\uff0c\u66f4\u65b0\u8bc1\u4e66\u65f6\u9700\u8981\u8fd0\u884ccertbot renew --manual-auth-hook=xxx.sh \u5176\u4e2dsh\u811a\u672c\u662f\u81ea\u5df1\u7f16\u5199\u7684\u4e00\u4e2a\u81ea\u52a8\u5316\u5b8c\u6210DNS\u8bb0\u5f55\u66f4\u65b0\u3002\u4e3a\u4e86\u61d2\u7701\u4e8b\uff0c\u53ef\u4ee5\u8fd9\u4e48\u5199\uff1a
echo ${CERTBOT_VALIDATION} >> xxx.txt\necho ${CERTBOT_DOMAIN} >> xxx.txt\nsleep 120\nexit 0\n\u7136\u540e\u5728\u4e24\u5206\u949f\u4e4b\u5185\uff0c\u628axxx.txt\u91ccCERTBOT_VALIDATION\u5bf9\u5e94\u7684\u54c8\u5e0c\u503c\u624b\u52a8\u66f4\u65b0\u5728DNS\u8bb0\u5f55\u91cc\u5373\u53ef\u3002
\u6b64\u5916\uff0c\u65b0\u627e\u5230\u4e00\u4e2a\u53ef\u4ee5\u65b9\u4fbf\u5730\u5728web\u7aef\u914d\u7f6e\u65b0\u8bc1\u4e66\u7684\u7f51\u7ad9\uff1ahttps://xiangyuecn.github.io/ACME-HTML-Web-Browser-Client/ACME-HTML-Web-Browser-Client.html
"},{"location":"proxy/","title":"\u4ee3\u7406\u8f6c\u53d1","text":""},{"location":"proxy/#_2","title":"\u591a\u53f0\u7535\u8111\u7ec4\u5c40\u57df\u7f51","text":"\u53ef\u4ee5\u4f7f\u7528zerotier\uff0c\u767b\u5f55\u4ee5\u540e\u521b\u5efa\u4e00\u4e2a\u7f51\u7edc\u3002\u7136\u540e\u9700\u8981\u7ec4\u5c40\u57df\u7f51\u7684\u8bbe\u5907\u4e0b\u8f7dzerotier\u4ee5\u540ejoin\u4e0a\u5c31\u884c\u4e86\u3002
"},{"location":"proxy/#_3","title":"\u5185\u7f51\u7a7f\u900f","text":"\u9700\u8981\u516c\u7f51\u670d\u52a1\u5668\uff0c\u53ef\u4ee5\u5728\u963f\u91cc\u4e91\u79df\u4e00\u4e2a
\u4e00\u79cd\u65b9\u6cd5\u662ffrp
\u53e6\u4e00\u79cd\u65b9\u6cd5\u662fssh\u6b63\u5411\u8fde\u63a5\u914d\u5408\u53cd\u5411\u8fde\u63a5\uff1a
\u9996\u5148\u5185\u7f51\u670d\u52a1\u5668\u5f00\u4e2ascreen\u8fd0\u884cssh -R 127.0.0.1:1234:127.0.0.1:22 user@ip -p port\u8fde\u63a5\u5230\u4e91\u670d\u52a1\u5668\u4e0a\u3002\u8fd9\u6837\u7684\u8bdd\u670d\u52a1\u5668\u8bbf\u95ee127.0.0.1:1234\u5c31\u76f8\u5f53\u4e8e\u8bbf\u95ee\u5185\u7f51\u7684127.0.0.1:22\u3002\u7136\u540e\u9700\u8981\u8fde\u63a5\u5185\u7f51\u7684\u4e3b\u673a\u4e5f\u5f00\u4e2ascreen\u8fd0\u884cssh -L 127.0.0.1:2345:127.0.0.1:1234 user@ip -p port\uff0c\u8fd9\u6837\u7684\u8bdd\u8be5\u4e3b\u673a\u8bbf\u95ee\u81ea\u5df1127.0.0.1:2345\u5c31\u76f8\u5f53\u4e8e\u8bbf\u95ee\u4e91\u670d\u52a1\u5668\u7684127.0.0.1:1234\u3002\u7136\u540e\u8be5\u4e3b\u673a\u518d\u5f00\u4e00\u4e2a\u7ec8\u7aef\uff0cssh user@127.0.0.1 -p 2345\u5373\u53ef\u3002
\u5e0c\u671b\u5c06\u67d0\u7aef\u53e3\u6536\u5230\u7684\u6d88\u606f\u8f6c\u53d1\u5230\u5176\u4ed6\u4e3b\u673a\u7684\u67d0\u4e00\u7aef\u53e3\uff0c\u53ef\u4ee5\u8bd5\u8bd5socat\uff0c\u6bd4\u5982socat TCP4-LISTEN:4320,fork TCP4:10.244.55.25:80\uff0c\u53ef\u4ee5\u628a4320\u7aef\u53e3\u6536\u5230\u7684TCP4\u6570\u636e\u5305\u8f6c\u53d1\u5230\u5b50\u7f5110.244.55.25\u768480\u7aef\u53e3\uff0c\u914d\u5408zerotier\u53ef\u4ee5\u5b9e\u73b0\u5185\u7f51\u5bf9\u5916\u5f00\u653e\u7aef\u53e3\u3002
\u5728\u7ec8\u7aef\u8fde\u63a5pwn-college\u65f6\uff0c\u5148\u5728\u7f51\u9875\u7aef\u914d\u7f6e\u4e0b\u516c\u94a5\uff0c\u7136\u540essh -i \u79c1\u94a5 hacker@dojo.pwn.college\u5373\u53ef\u3002\u7f51\u9875\u7aef\u542f\u52a8\u4e00\u4e2a\u5b9e\u4f8b\u540e\uff0c\u8fdc\u7a0b\u4e5f\u4f1a\u81ea\u52a8\u542f\u52a8\u5bf9\u5e94\u7684\u73af\u5883\u3002\u95ee\u9898\u4e00\u822c\u653e\u5728\u6839\u76ee\u5f55\u7684challenge\u6587\u4ef6\u5939\u4e0b
\u8bf7\u6c42\u7b2c\u4e00\u884cRequest line\uff1a\u8bf7\u6c42\u65b9\u6cd5 URI \u534f\u8bae\u7248\u672c CRLF
\u54cd\u5e94\u7b2c\u4e00\u884cStatus line\uff1a\u534f\u8bae\u7248\u672c \u72b6\u6001\u7801 \u89e3\u91ca CRLF
\u5e38\u89c1\u7684\u8bf7\u6c42\u65b9\u6cd5\uff1a
HTTP URL Scheme\uff1ascheme://host:port/path?query#fragment
\u8bf7\u6c42\u7684\u8d44\u6e90\u542b\u6709\u4e00\u4e9b\u7279\u6b8a\u7b26\u53f7\u6bd4\u5982?,/,&,#\u7b49\u7b49\u65f6\uff0c\u4f7f\u7528%xx\u8fdb\u884c\u7f16\u7801\uff0c\u5176\u4e2dxx\u662fASCII\u7801\u3002\u8fd9\u79cd\u505a\u6cd5\u79f0\u4e3aurlencoding
POST\u8bf7\u6c42\u65f6\uff0c\u9700\u8981\u5e26\u4e0aContent-Type
\u524d\u8005body\u91cc\u5199a=xx\uff0c\u540e\u8005\u5199{\"a\":\"xx\"}\u3002json\u53ef\u4ee5\u6784\u9020\u66f4\u590d\u6742\u7684blob
RFC 1945 HTTP\u534f\u8bae\u662f\u65e0\u72b6\u6001\u7684\uff0c\u4f46\u662f\u7f51\u7edc\u5e94\u7528\u662f\u6709\u72b6\u6001\u7684\u3002\u4f7f\u7528cookie\u6765\u4fdd\u6301\u72b6\u6001\u3002
"},{"location":"pwn-college-cse365-spring2023/#assembly-crash-course","title":"Assembly Crash Course \u5b66\u4e60\u7b14\u8bb0","text":""},{"location":"pwn-college-cse365-spring2023/#building-a-web-server","title":"Building a Web Server \u5b66\u4e60\u7b14\u8bb0","text":"\u4f7f\u7528socket\u521b\u5efa\u4e00\u4e2aA-B\u7684\u7f51\u7edc\u6587\u4ef6\uff0c\u7136\u540e\u4f7f\u7528bind\u5c06socket\u4e0e\u5177\u4f53\u7684ip\u7ed1\u5b9a\u3002\u4f7f\u7528listen\u6765\u88ab\u52a8\u4fa6\u542csockfd\u3002\u4f7f\u7528accept\u63a5\u53d7\u5916\u90e8\u8fde\u63a5\u3002
\u4f7f\u7528TCP/IP\u8fdb\u884c\u7f51\u7edc\u901a\u8baf\uff0c\u670d\u52a1\u5668\u7aef\u7684\u4f8b\u5b50\u5982\uff1a
// int socket(int domain, int type, int protocol)\nsocket_fd = socket(AF_INET, SOCK_STREAM, IPPROTO_IP)\n\n// int bind(int sockfd, struct sockaddr* addr, socklen_t addrlen)\n/*\n * struct sockaddr {\n * uint16_t sa_family;\n * uint8_t sa_data[14]; \n * }\n * \n * struct sockaddr_in {\n * uint16_t sin_family;\n * uint16_t sin_port;\n * uint32_t sin_addr;\n * uint8_t __pad[8];\n * }\n*/\nbind(socket_fd, {sa_family=AF_INET, sin_port=htons(port), sin_addr=inet_addr(\"0.0.0.0\")}, 16)\n\n// int listen(int sock fd, int backlog);\nlisten(socket_fd, 0)\n\n// int accept(int sockfd, struct sockaddr* addr, socklen_t* addrlen);\ntunnel = accept(socket_fd, NULL, NULL)\n\n// revceive http request: GET / HTTP/1.0\nread(tunnel, \"GET / HTTP/1.0\",19)\n\n// response\nwrite(tunnel, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19)\n\n// receive http request: GET /flag HTTP/1.0\nread(tunnel, \"GET /flag HTTP/1.0\\r\\n\\r\\n\",256)\n\n// open and read file\nfilefd = open(\"/flag\",O_RDDONLY)\nread(filefd, \"FLAG\", 256)\n\n//response\nwrite(tunnel, \"HTTP/1.0 200 OK\\r\\n\\r\\nFLAG\", 27)\n\nclose(tunnel)\nstart\u5728main\u51fd\u6570\u6253\u65ad\u70b9\u5e76\u8fd0\u884cstarti\u5728_start\u51fd\u6570\u6253\u65ad\u70b9\u5e76\u8fd0\u884crun\u4e0d\u6253\u65ad\u70b9\uff0c\u76f4\u63a5\u8fd0\u884cattach <PID>\u5c06gdb\u9644\u7740\u5230\u4e00\u4e2a\u6b63\u5728\u8fd0\u884c\u7684\u8fdb\u7a0bcore <PATH>\u5206\u6790\u4e00\u4e2a\u7a0b\u5e8f\u8fd0\u884c\u540e\u4ea7\u751f\u7684coredump\u6587\u4ef6start <ARG1> <ARG2> < <STDIN_PATH>\u8fd0\u884c\u5e26\u6709\u53c2\u6570\u7684\u7a0b\u5e8f\uff0c\u548cshell\u91cc\u8f93\u547d\u4ee4\u4e00\u6837info registers\u53ef\u4ee5\u67e5\u770b\u5bc4\u5b58\u5668\u7684\u503c\uff08\u6216\u8005\u7b80\u5355\u7684i r\uff09print\u7528\u6765\u6253\u5370\u53d8\u91cf\u6216\u8005\u5bc4\u5b58\u5668\u7684\u503c\uff0c\u6bd4\u5982p/x $rdi\u4ee516\u8fdb\u5236\u6253\u5370rdi\u5bc4\u5b58\u5668\u7684\u503cx/<n><u><f> <address>\u7528\u6765\u6253\u5370\u53d8\u91cf\u6216\u7edd\u5bf9\u5730\u5740\u7684\u5185\u5bb9\u3002n\u8868\u793anumber\uff0c\u4e5f\u5c31\u662f\u8bf4\u8981\u6253\u5370\u51e0\u4e2a\u5355\u5143\uff1bu\u8868\u793aunit size\uff0c\u6bcf\u4e2a\u5355\u5143\u7684\u5b57\u8282\u957f\u5ea6\uff0c\u53ef\u53d6b/h/w/g\uff0c\u5206\u522b\u8868\u793a1\uff0c2\uff0c4\uff0c8\u5b57\u8282\uff1bf\u8868\u793a\u8f93\u51fa\u683c\u5f0f\uff0c\u53ef\u53d6d/x/s/i\uff0c\u5206\u522b\u8868\u793a\u5341\u8fdb\u5236\u3001\u5341\u516d\u8fdb\u5236\u3001\u5b57\u7b26\u4e32\u3001\u6c47\u7f16\u6307\u4ee4\u3002address\u8868\u793a\u8981\u6253\u5370\u7684\u5730\u5740\uff0c\u53ef\u4ee5\u5199\u6210\u6570\u5b66\u8868\u8fbe\u5f0f\u3002set disassembly-flavor intel\u7528\u6765\u4fee\u6539\u6c47\u7f16\u6307\u4ee4\u7684\u8868\u793a\u5f62\u5f0f\uff0c\u8fd9\u91cc\u662fintel\u6307\u4ee4\u3002stepi <n>\u6b65\u5165n\u6761\u6c47\u7f16\u6307\u4ee4\uff0cnexti <n>\u6b65\u8fc7n\u6761\u6c47\u7f16\u6307\u4ee4\uff1b\u5206\u522b\u7b80\u5199\u4e3asi\u4e0enifinish\u6267\u884c\u5230\u5f53\u524d\u51fd\u6570\u7ed3\u675f\u5e76\u8fd4\u56debreak *<addres>\u5728address\u5904\u6253\u65ad\u70b9\uff0c\u53ef\u4ee5\u7b80\u5199\u4e3ab *<address>display/<n><u><f>\u6765\u5728\u6bcf\u4e00\u6761\u64cd\u4f5c\u7ed3\u675f\u540e\u663e\u793a\u67d0\u4e9b\u6570\u503c\u3002nuf\u7684\u7528\u6cd5\u548cx\u6253\u5370\u5185\u5b58\u5730\u5740\u4e00\u6837-x xxx.gdb\uff0c\u5c31\u53ef\u4ee5\u5728gdb\u542f\u52a8\u540e\u81ea\u52a8\u5316\u8fd0\u884c\u811a\u672c~/.gdbinit\u5728\u521d\u59cb\u5316gdb\u4f1a\u8bdd\u65f6\u81ea\u52a8\u8fd0\u884ccall\u76f4\u63a5\u8c03\u7528\u51fd\u6570\uff0c\u6bd4\u5982call (void)win()set pagination off\u5173\u95ed\u5206\u9875\u786e\u8ba4 \u4ee5\u4e0b\u662f\u4e2agdb\u811a\u672c\u7684\u4f8b\u5b50\uff0csilent\u7528\u4e8e\u5728\u9047\u5230\u65ad\u70b9\u65f6\u51cf\u5c11\u8f93\u51fa\u4fe1\u606f\uff0c\u4ee5\u53ca\u4f7f\u7528set\u548cprintf\u8bbe\u7f6e\u53d8\u91cf\u3001\u6253\u5370\u503c\u3002start\nbreak *main+42\ncommands\n silent\n set $local_variable = *(unsigned long long*)($rbp-0x32)\nprintf \"Current value: %llx\\n\", $local_variable\ncontinue\nend\ncontinue\nif\u3001catch\u6765\u52ab\u6301systemcall\uff0c\u6bd4\u5982\uff1astart\ncatch syscall read\ncommands\n silent\n if ($rdi == 42)\nset $rdi = 0\nend\n continue\nend\ncontinue\n\u8fd9\u4e2a\u7ae0\u8282\u7684\u9898\u76ee\u662f\u7528curl\u3001python\u548cnc\u6765\u5b9e\u73b0\u53d1\u9001\u5404\u79cdhttp\u8bf7\u6c42\uff0c\u5148\u8fd0\u884c/challenge/run\u542f\u52a8flask\u670d\u52a1\u5668\uff0c\u7136\u540e\u65b0\u5f00\u4e2a\u7ec8\u7aef\u7528\u5404\u79cd\u59ff\u52bf\u8fde\u63a5\u672c\u5730127.0.0.1\u5373\u53ef\u3002
\u8fd9\u4e09\u79cd\u5de5\u5177\u7684\u5927\u81f4\u601d\u8def\uff1a
\u9700\u8981\u5148\u7b80\u5355\u5730\u8fde\u63a5127.0.0.1\u7136\u540e\u6839\u636e\u62a5\u9519\u63d0\u793a\u6765\u4fee\u6539\u8bf7\u6c42\u3002
Level 1
Send an HTTP request using curl
curl http://127.0.0.1\nLevel 2
Send an HTTP request using nc
nc 127.0.0.1 80\nGET / HTTP/1.1\nLevel 3
Send an HTTP request using python
import requests as r\nr.get(\"http://127.0.0.1\").text\nLevel 4
Set the host header in an HTTP request using curl
curl -H 'host:xxxxx' http://127.0.0.1\nLevel 5
Set the host header in an HTTP request using nc
nc 127.0.0.1 80\nGET / HTTP/1.1\nhost:xxxxx\nLevel 6
Set the host header in an HTTP request using python
import requests as r\nr.get(\"http://127.0.0.1\", headers={\"host\":\"xxx\"}).text\nLevel 7
Set the path in an HTTP request using curl
curl http://127.0.0.1/xxxxx\nLevel 8
Set the path in an HTTP request using nc
nc 127.0.0.1 80\nGET /xxxx HTTP/1.1\nLevel 9
Set the path in an HTTP request using python
import requests as r\nr.get(\"http://127.0.0.1/xxx\").text\nLevel 10~12
URL encode a path in an HTTP request using curl/nc/python
\u7528%20\u66ff\u6362\u6389\u7a7a\u683c\u5373\u53ef
Level 13~15
Specify an argument in an HTTP request using curl/nc/python
GET\u52a0\u53c2\u6570\uff0c\u5728\u8def\u5f84\u540e\u9762\u8ffd\u52a0?a=xxx\u5373\u53ef
nc\u65f6\u52a0\u5230nc\u8fde\u63a5\u4ee5\u540e\u7684GET\u540e\u9762
Level 16~18
Specify multiple arguments in an HTTP request using curl/nc/python
\u7ed3\u540810~15\u9898\uff0c\u7a7a\u683c\u7528%20\u6362\u6389\uff0c\u4e0e\u53f7\u7528%26\u6362\u6389\uff0c\u4e95\u53f7\u7528%23\u6362\u6389
Level 19~21
Include form data in an HTTP request using curl/nc/python
#curl\ncurl http://127.0.0.1 -F a=xxx\n\n#nc\nPOST / HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nContent-Length:34\n\na=xxx\n\n#python\nimport requests as r\nr.post(\"http://127.0.0.1\",data={'a':'xxx'}).text\nLevel 22~24
Include form data with multiple fields in an HTTP request using curl/nc/python
#curl\ncurl http://127.0.0.1 -F a=xxx -F b='xxxx'\n\n#nc\nPOST / HTTP/1.1\nContent-Type: application/x-www-form-urlencoded\nContent-Length: 78\n\na=xxx&b=xxx\n\n#python\nimport requests as r\nr.post(\"http://127.0.0.1\",data={'a':'xxx','b':'xxx'}).text\nLevel 25~27
Include json data in an HTTP request using curl/nc/python
#curl\ncurl -X POST -H 'Content-Type:application/json' -d '{\"a\":\"xxx\"}' http://127.0.0.1\n\n#nc\necho -ne 'POST / HTTP/1.1\\r\\nContent-Type: application/json\\r\\nContent-Length:40\\r\\n\\r\\n{\"a\":\"xxx\"}' | nc 127.0.0.1 80\n\n#python\nimport requests as r\nimport json\nr.post(\"http://127.0.0.1\",headers={\"Content-Type\":\"application/json\"},data=json.dumps({\"a\":\"xxx\"})).text\nLevel 28~30
Include complex json data in an HTTP request using curl/nc/python
#curl\ncurl -X POST -H 'Content-Type: application/json' -H 'Content-Length: 121' -d '{\"a\":\"xxx\", \"b\":{\"c\": \"xxxx\", \"d\": [\"xxx\", \"xxx\"]}}' http://127.0.0.1\n\n#nc\necho -ne 'POST / HTTP/1.1\\r\\nContent-Type: application/json\\r\\nContent-Length: 121\\r\\n\\r\\n{\"a\":\"xxx\", \"b\":{\"c\": \"xxx\", \"d\": [\"xxx\", \"xxx\"]}}' | nc 127.0.0.1 80\n\n#python\nimport requests as r\nimport json\nr.post(\"http://127.0.0.1\",headers={\"Content-Type\":\"application/json\"},data=json.dumps({\"a\":\"xxx\",\"b\":{'c': 'xxx', 'd': ['xxx', 'xxx']}})).text\nLevel 31~33
Follow an HTTP redirect from HTTP response using curl/nc/python
#curl\ncurl -L http://127.0.0.1\n\n#nc\necho -ne \"GET /xxx HTTP/1.1\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python\n#python\u9ed8\u8ba4\u8ddf\u968f\u8df3\u8f6c\nimport requests as r\nr.get(\"http://127.0.0.1\").text\nLevel 34~36
Include a cookie from HTTP response using curl/nc/python
#curl\ncurl http://127.0.0.1 -v\ncurl -b \"cookie=xxx\" http://127.0.0.1\n\n#nc\necho -ne \"GET / HTTP/1.1\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:cookie=xxxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python \u9ed8\u8ba4\u81ea\u52a8\u63a5\u53d7cookie\nimport requests as r\nr.get(\"http://127.0.0.1\").text\nLevel 37~39
Make multiple requests in response to stateful HTTP responses using curl/nc/python
#curl \u5b8c\u62103\u6b21\u4ea4\u4e92\u5373\u53ef\ncurl -b \"session=xxx\" http://127.0.0.1 -v \ncurl -b \"session=xxx\" http://127.0.0.1 -v \ncurl -b \"session=xxx\" http://127.0.0.1 -v #nc\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\necho -ne \"GET / HTTP/1.1\\r\\nCookie:session=xxx\\r\\n\\r\\n\" | nc 127.0.0.1 80\n\n#python\nimport requests as r\nr.get(\"http://127.0.0.1\").text\n\u8fd9\u4e2a\u7ae0\u8282\u7684\u9898\u9700\u8981\u628a\u6c47\u7f16\u53d8\u6210raw bytes\uff0c\u7136\u540e\u5582\u7ed9/challenge/run\u3002\u9700\u8981\u5148\u8fd0\u884c\u8fd9\u4e2arun\uff0c\u7136\u540e\u6839\u636e\u8981\u6c42\u5b8c\u6210\u3002\u6bd4\u5982\u53ef\u4ee5\u7528pwntools\u7684asm\u6a21\u5757\u751f\u6210\u6c47\u7f16\uff0c\u7136\u540eecho\u8fdbrun\u91cc\u3002
Level 1
In this level you will work with registers_use! Please set the following: rdi = 0x1337
from pwn import *\ncontext.arch='amd64'\nasm('mov rdi,0x1337')\n\n#b'H\\xc7\\xc77\\x13\\x00\\x00'\necho -ne 'H\\xc7\\xc77\\x13\\x00\\x00' | /challenge/run\u5373\u53ef\u3002 Level 2
asm('add rdi,0x331337')\nLevel 3
asm('imul rdi,rsi; add rdi,rdx; mov rax,rdi')\nLevel 4
\u5b66\u4e60div\u9664\u6cd5\uff0cdiv reg\u4f1a\u4f7f\u7528rax\u4f5c\u4e3a\u88ab\u9664\u6570\uff0creg\u4f5c\u4e3a\u9664\u6570\uff0c\u7136\u540e\u81ea\u52a8\u4f7f\u7528rax\u5b58\u653e\u5546\uff0crdx\u5b58\u653e\u4f59\u6570\u3002
asm('mov rax, rdi;div rsi')\nLevel 5
asm('mov rax, rdi;div rsi;mov rax, rdx')\nLevel 6
\u9664\u6570\u4e3a2\u7684\u5e42\u6b21\u65f6\uff0c\u76f4\u63a5\u4f7f\u7528mov\u4fdd\u7559\u5bc4\u5b58\u5668\u7684\u4e00\u90e8\u5206\u5373\u53ef\u3002\u6ce8\u610fmov\u4e24\u4e2a\u5bc4\u5b58\u5668\u957f\u5ea6\u8981\u4e00\u81f4\u3002
asm('mov al, dil;mov bx, si')\nLevel 7
shl\u5de6\u79fb\uff0cshr\u53f3\u79fb\uff08\u9ad8\u4f4d\u88650\uff09
asm('shl rdi, 59; shr rdi, 63; mov rax, rdi')\nLevel 8
and reg1, reg2\u4f1a\u628areg1\u548creg2\u8fdb\u884c\u903b\u8f91\u4e0e\u7684\u7ed3\u679c\u4fdd\u5b58\u5728reg1\u91cc\u3002\u9898\u76ee\u4e0d\u8ba9\u7528mov\uff0c\u90a3\u53ef\u4ee5\u91c7\u7528\u7f6e0\u51cf1\u7684\u65b9\u5f0f\u83b7\u5f972^65-1\uff0c\u7136\u540eand\u5373\u53ef\u3002
asm('xor rax, rax; sub rax, 1; and rax, rdi; and rax, rsi')\nLevel 9
\u9898\u76ee\u8981\u6c42\u53ea\u7528and\uff0cor\uff0cxor\u5b9e\u73b0\u4e00\u4e2a\u5947\u5076\u5224\u65ad\u7684\u529f\u80fd\u3002\u6574\u4f53\u601d\u8def\u662fxor\u53cd\u8f6c\u6bd4\u7279\u3001\u6e05\u7a7a\u503c\uff0cor\u505a\u52a0\u6cd5\uff0cand\u53d6\u6700\u4f4e\u4f4d\u3002
asm('xor rax, rax; or rax, 1; and rax, rdi; xor rax, 1')\nLevel 10
\u6709\u5173\u8bbf\u95ee\u5185\u5b58\u7684\u64cd\u4f5c\u3002mov reg, [address]\u7528\u4e8e\u628aaddress\u5730\u5740\u5904\u7684\u503c\u8d4b\u7ed9reg\uff0c\u5f53\u7136\u4e5f\u53ef\u4ee5mov [address], reg\u628areg\u7684\u503c\u4fdd\u5b58\u5728address\u5730\u5740\u3002\u52a0\u4e00\u5c42\u65b9\u62ec\u53f7\u53ea\u662f\u8868\u793a\u5f53\u4f5c\u5730\u5740\u3002\u4e0d\u8981\u4e0b\u610f\u8bc6\u8fdb\u884c\u66f4\u591a\u6b21\u6570\u7684\u89e3\u5f15\u7528\u3002
asm('mov rbx, [0x404000]; mov rax, rbx; add rbx, 0x1337; mov [0x404000], rbx')\nLevel 11
\u5982\u679cmov\u4e00\u65b9\u4e3a\u5bc4\u5b58\u5668\uff0c\u4e00\u65b9\u4e3a\u5730\u5740\uff0c\u4f1a\u6839\u636e\u5bc4\u5b58\u5668\u7684\u5927\u5c0f\u81ea\u52a8\u63a8\u65ad\u4ece\u5730\u5740\u4e2dload\u591a\u5c11\u5b57\u8282\u3002
asm('mov al, [0x404000]; mov bx, [0x404000]; mov ecx, [0x404000]; mov rdx, [0x404000];')\nLevel 12
\u5bf9\u4e8e\u6bd4\u8f83\u5927\u7684\u7acb\u5373\u6570\uff0c\u53ef\u4ee5\u5148\u653e\u5728\u5bc4\u5b58\u5668\uff0c\u7136\u540e\u518dmov\u5230\u6307\u5b9a\u4f4d\u7f6e\u3002
asm('mov rax, 0xdeadbeef00001337; mov [rdi], rax; mov rax, 0xc0ffee0000; mov [rsi], rax')\nLevel 13
asm('mov rax, [rdi]; add rax, [rdi+8]; mov [rsi], rax')\nLevel 14
asm('pop rax;sub rax,rdi; push rax')\nLevel 15
\u4f7f\u7528\u6808\u53ef\u4ee5\u7b80\u5355\u5730\u4ea4\u6362\u5bc4\u5b58\u5668
asm('push rdi; push rsi; pop rdi; pop rsi')\nLevel 16
\u5b9e\u73b0\u6808\u4e0a\u7684\u6570\u636e\u53d6\u5e73\u5747\uff0c\u7528[rsp+X]\u6765\u53d6\u503c\uff08\u4e00\u822c\u7528rbp\u6765\u53d6\u5427\uff1f\uff09
asm('mov rax, [rsp]; add rax, [rsp+8]; add rax, [rsp+16]; add rax, [rsp+24]; mov rbx, 4; div rbx; push rax')\nLevel 17
\u4f7f\u7528label\u8bbe\u7f6e\u76f8\u5bf9\u8df3\u8f6c\u5730\u5740\uff0c\u4f7f\u7528\u5355\u5b57\u8282\u7684nop\u586b\u5145\u3002\u4e0d\u8fc7\u9898\u76ee\u8981\u6c42\u7684\u201c\u4ecejmp\u504f\u79fb0x51\u7684\u5730\u5740\u201d\u6709\u70b9\u8ff7\u60d1\uff0c\u770b\u7ed3\u679c\u7684\u8bdd\u4f3c\u4e4e\u9ed8\u8ba4\u662fjmp\u6267\u884c\u540e\u7684\u5730\u5740\u518d\u504f\u79fb0x51\uff0c\u800c\u4e0d\u662fjmp\u6307\u4ee4\u672c\u8eab\u7684\u5730\u5740\u504f\u79fb0x51\uff0c\u6240\u4ee5\u4e0d\u9700\u8981\u77e5\u9053jmp\u6307\u4ee4\u672c\u8eab\u7684\u957f\u5ea6\u3002
asm('jmp lab;'+'nop;'*0x51+'lab: mov rdi, [rsp]; mov rax, 0x403000; jmp rax')\nLevel 18
\u5b9e\u73b0if-else\u8df3\u8f6c\u3002\u6ce8\u610f\u5185\u5b58\u8ba1\u7b97\u4f7f\u7528dword\u768432\u4f4d\u6570\u636e\uff0c\u7528eax\u800c\u4e0d\u662frax\u3002
from pwn import *\ncontext.arch='amd64'\npayload=\"\"\"mov eax, [rdi+4]\nmov ebx, 0x7f454c46\ncmp ebx, [rdi]\nje case1\nmov ebx, 0x5a4d\ncmp ebx, [rdi]\nje case2\nimul eax, [rdi+8]\nimul eax, [rdi+12]\njmp done\ncase1:\n add eax, [rdi+8]\n add eax, [rdi+12]\n jmp done\ncase2:\n sub eax, [rdi+8]\n sub eax, [rdi+12]\n jmp done\ndone:\n nop\n\"\"\"\n\nprint(asm(payload))\nLevel 19
jmp [reg + offset]\u95f4\u63a5\u8df3\u8f6c\uff0c\u4f7f\u7528rsi\u4fdd\u5b58\u8df3\u8f6c\u8868\u7684\u57fa\u5730\u5740\uff0c\u7528\u4e8e\u5b9e\u73b0switch\u3002\u8fd9\u91cc\u597d\u50cf\u662fjnz\u4e0d\u652f\u6301\u95f4\u63a5\u8df3\u8f6c\u3002
asm('mov rax, rdi; shr rax, 2; jnz final; jmp [rsi + rdi * 8]; final: jmp [rsi + 32]')\nLevel 20
\u5b9e\u73b0\u4e00\u4e2a\u7b80\u5355\u7684\u6c42\u5e73\u5747\u51fd\u6570
from pwn import *\ncontext.arch='amd64'\npayload=\"\"\"xor rax, rax\nxor rcx, rcx\nloop:\n cmp rcx, rsi\n je done\n add rax, [rdi + 8 * rcx]\n add rcx, 1\n jmp loop\ndone:\n div rsi\n\"\"\"\n\nprint(asm(payload))\nLevel 21
\u5b9e\u73b0\u4e00\u4e2astrlen\u51fd\u6570\uff0c\u9010byte\u68c0\u67e5\u662f\u5426\u4e3a0\u3002\u6ce8\u610fmov\u4e0d\u4f1a\u6539\u53d8EFLAGS\u3002
from pwn import *\ncontext.arch='amd64'\npayload = \"\"\"\nxor rax, rax\ntest rdi, rdi\njz done\nloop: mov bl, [rdi + rax]\ntest bl,bl\njz done\nadd rax, 1\njmp loop\ndone:\n nop\n\"\"\"\n\nprint(asm(payload))\nLevel 22
\u8fd9\u9053\u9898\u7ed9\u7684\u89e3\u91ca\u4e0d\u662f\u5f88\u6e05\u695a\uff0c\u5c3d\u7ba1\u662f\u7b2c\u4e00\u6b21\u63d0\u5230\u4f7f\u7528call\u8fdb\u884c\u51fd\u6570\u8c03\u7528\uff0c\u4f46\u662f\u6ca1\u6709\u8bf464\u4f4d\u7a0b\u5e8f\u4f9d\u6b21\u4f7f\u7528rdi,rsi,rdx,rcd,r8,r9\u8fdb\u884c\u4f20\u53c2\u3001rax\u4fdd\u5b58\u51fd\u6570\u8fd4\u56de\u7ed3\u679c\uff0c\u4e5f\u6ca1\u6709\u8bf4\u662f\u7531\u4e3b\u8c03\u51fd\u6570\u8fd8\u662f\u88ab\u8c03\u51fd\u6570\u6765\u4fdd\u5b58\u5bc4\u5b58\u5668\u3002\u66f4\u5947\u602a\u7684\u662f\u867d\u7136\u8ba9\u5b9e\u73b0\u4e00\u4e2astr_lower\u51fd\u6570\uff0c\u4f46\u662f\u6ca1\u6709\u6309\u51fd\u6570\u5b9e\u73b0\u7684\u6807\u51c6\u5199PROG\uff0c\u751a\u81f3\u6700\u540e\u8fd8\u7528ret\u6765\u7ed3\u675f\u3002
from pwn import *\ncontext.arch='amd64'\npayload = \"\"\"\nmov rdx, rdi\nxor rax, rax\nxor rcx, rcx\ntest rdx, rdx\njz done\nloop:\n mov bl, [rdx]\n test bl,bl\n jz done\n cmp bl, 0x5a\n jg notif\n mov rax, 0x403000\n xor rdi, rdi\n mov dil, bl\n call rax\n mov [rdx], al\n add rcx, 1\nnotif:\n add rdx, 1\n jmp loop\ndone:\n mov rax, rcx\n ret\n\"\"\"\n\nprint(asm(payload))\nLevel 23
\u5b9e\u73b0\u4e00\u4e2a\u67e5\u8be2\u5b57\u7b26\u4e32\u4e2d\u54ea\u4e2a\u5b57\u7b26\u6700\u591a\u7684\u51fd\u6570\u3002\u6bcf\u4e2a\u5b57\u7b26\u4e0d\u8d85\u8fc70xffff\u4e2a\uff0c\u6240\u4ee5\u8981\u75284\u5b57\u8282\u7684\u5bc4\u5b58\u5668\u6765\u8fdb\u884c\u5b58\u653e\u3002\u8fd9\u91cc\u4f3c\u4e4e\u4e0d\u652f\u6301\u76f4\u63a5mov rbx, [ebp - rcx * 4]\u4e4b\u7c7b\u7684\u65b9\u6cd5\uff0c\u5c31\u7528r8\u548cr9\u4e34\u65f6\u5b58\u653e\u4e00\u4e0b\u4e86\u3002
from pwn import *\n\ncontext.arch = 'amd64'\n\npayload = \"\"\"\npush rbp\nmov rbp, rsp\nsub rsp, 0x400\nxor rax, rax\nxor rcx, rcx\nmov rdx, rsi\nsub rdx, 0x1\nloop1: \n cmp rcx, rdx\n jg loop1_end\n mov al, [rdi + rcx]\n mov r8, rbp\n mov r9, rax\n imul r9, 4\n sub r8, r9\n mov ebx, [r8]\n add ebx, 1\n mov [r8], ebx\n add rcx, 1\n jmp loop1\nloop1_end:\nxor rax, rax\nxor rbx, rbx\nxor rcx, rcx\nloop2:\n cmp rcx, 0xff\n jg loop2_end\n mov r8, rbp\n mov r9, rcx\n imul r9, 4\n sub r8, r9\n mov edx, [r8]\n cmp edx, ebx\n jle loop2_conti\n mov rbx, rdx\n mov rax, rcx\nloop2_conti:\n add rcx, 1\n jmp loop2\nloop2_end:\nmov rsp, rbp\npop rbp\nret\n\"\"\"\n\nprint(asm(payload))\n\u4e0d\u5f97\u4e0d\u5410\u69fdpwn-college\u6709\u4e00\u70b9\u4e0d\u597d\uff0c\u6bcf\u4e2a\u6a21\u5757\u7b2c\u4e00\u4e2achallenge\u8bf4\u660e\u592a\u5c11\u4e86\uff0c\u5b8c\u5168\u4e0d\u77e5\u9053\u4ece\u54ea\u5f00\u59cb\u4e0b\u624b\u3002\u5728challenge 1\u7684wp\u91cc\u8be6\u7ec6\u8bb2\u4e00\u4e0b\u8fd9\u4e2a\u6a21\u5757\u600e\u4e48\u5f00\u59cb\u505a\uff0c\u7136\u540e\u540e\u7eed\u5c31\u7701\u7565\u4e86\u3002
\u7528\u6c47\u7f16\u5199server\uff0c\u53ef\u4ee5\u67e5\u886864\u4f4dsyscall\u624b\u518c
Level 1
\u9996\u5148\u8fd8\u662f\u8fd0\u884c/challeng/run\uff0c\u5f97\u5230\u4e00\u6bb5\u8f93\u51fa\uff1a
===== Welcome to Building a Web Server! =====\nIn this series of challenges, you will be writing assembly to interact with your environment, and ultimately build a web server\nIn this challenge you will exit a program.\n\nUsage: `/challenge/run <path_to_web_server>`\n\n$ cat server.s\n.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n mov rdi, 0\n mov rax, 60 # SYS_exit\n syscall\n\n.section .data\n\n$ as -o server.o server.s && ld -o server server.o\n\n$ strace ./server\nexecve(\"./server\", [\"./server\"], 0x7ffccb8c6480 /* 17 vars */) = 0\nexit(0) = ?\n+++ exited with 0 +++\n\u8fd9\u9053\u9898\u7684\u610f\u601d\u662f\u8ba9\u7528\u6c47\u7f16\u5199\u4e00\u4e2a\u670d\u52a1\u7aef\u3002\u5728\u8fd0\u884c/challenge/run server\u7684\u65f6\u5019\uff0c\u5224\u9898\u7a0b\u5e8f\u4f1a\u542f\u52a8\u7528\u6237\u6307\u5b9a\u7684\u8fd9\u4e2aserver\uff0c\u7136\u540e\u68c0\u67e5\u8fd9\u4e2aserver\u7a0b\u5e8f\u662f\u4e0d\u662f\u76f4\u63a5exit(0)\u4e86\u3002\u6240\u4ee5\u53ea\u9700\u8981\u7f16\u8bd1\u4e00\u4e2aexit(0)\u7684server\u5373\u53ef\u3002
\u9898\u76ee\u91cc\u5176\u5b9e\u5df2\u7ecf\u7ed9\u51fa\u4e86server.s\u7684\u6a21\u677f\uff08cat server.s\u7684\u8f93\u51fa\uff09\u548c\u7f16\u8bd1\u65b9\u5f0f\uff08as -o server.o server.s && ld -o server server.o\uff09\u3002\u6240\u4ee5\u8fd9\u9053\u9898\u53ea\u9700\u8981\u628acat server.s\u7684\u8f93\u51fa\u4fdd\u5b58\u5230server.s\u6587\u4ef6\uff0c\u7136\u540e\u76f4\u63a5\u8fd0\u884cas -o server.o server.s && ld -o server server.o\u7f16\u8bd1\u51fa\u4e00\u4e2aserver\u7684\u53ef\u6267\u884c\u7a0b\u5e8f\uff0c\u6700\u540e\u8fd0\u884c/challenge/run ./server\u5373\u53ef\u3002
\u6a21\u677f\u91cc\u53ea\u6267\u884c\u4e86\u4e00\u4e2a\u9000\u51fa\u7684syscall\uff0c\u6b63\u597d\u662f\u8fd9\u4e00\u9898\u7684\u8981\u6c42\u3002\u672c\u6765\u4ee5\u4e3a\u8fd9\u9053\u9898\u610f\u601d\u662f\u81ea\u5df1\u5199\u4e00\u4e2aserver\u7684\u6c47\u7f16\u6587\u4ef6\uff0c\u7136\u540erun\u7684\u65f6\u5019\u6307\u5b9a\u6e90\u6587\u4ef6\uff0c\u7531\u5224\u9898\u7a0b\u5e8f\u7f16\u8bd1\u7684\u5462\uff0c\u7ed3\u679c\u53d1\u73b0run\u7684\u65f6\u5019\u662f\u9700\u8981\u6307\u5b9a\u4e00\u4e2a\u7f16\u8bd1\u597d\u7684\u53ef\u6267\u884c\u7a0b\u5e8fhh\u3002
\u5b8c\u6574\u89e3\u9898\u6b65\u9aa4\u5982\u4e0b\uff1a
hacker@building-a-web-server-level-1:~$ echo \".intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n mov rdi, 0\n mov rax, 60 # SYS_exit\n syscall\n\n.section .data\" > ./server.s\n\nhacker@building-a-web-server-level-1:~$ as -o server.o server.s && ld -o server server.o\n\nhacker@building-a-web-server-level-1:~$ /challenge/run ./server\n===== Welcome to Building a Web Server! =====\nIn this series of challenges, you will be writing assembly to interact with your environment, and ultimately build a web server\nIn this challenge you will exit a program.\n\n\n===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] exit(0) = ?\n\n===== Trace: Parent Process =====\n[\u2713] execve(\"/proc/self/fd/3\", [\"/proc/self/fd/3\"], 0x7f07cf7959a0 /* 0 vars */) = 0\n[\u2713] exit(0) = ?\n[?] +++ exited with 0 +++\n\n===== Result =====\n[\u2713] Success\n\npwn.college{xxxx}\n\u4ee5\u4e0b\u7684\u5404\u4e2a\u9898\u76ee\u5c31\u53ea\u5199server.s\u7684\u5185\u5bb9\u4e86
Level 2
In this challenge you will create a socket.
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n # create a socket\n mov rdi, 2 # AF_INET\n mov rsi, 1 # SOCK_STREAM\n mov rdx, 0 # IPPROTO_IP\n mov rax, 41 # sys_socket\n syscall\n\n push rax\n mov rdi, 0\n mov rax, 60 # SYS_exit\n syscall\n\n.section .data\nLevel 3
In this challenge you will bind an address to a socket.
\u5728Level2\u521b\u5efasocket\u7684\u57fa\u7840\u4e0a\uff0c\u5c06\u5176\u7ed1\u5b9a\u52300.0.0.0:80\u4e0a\u3002\uff08\u53ef\u4ee5\u8fd0\u884cLevel1\u521b\u5efa\u7684server\u6765\u5148\u9605\u8bfb\u4e0b\u9898\u76ee\u8981\u6c42\uff0c\u5982\u4e0b\u6240\u793a\uff09
===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[ ] bind(3, {sa_family=AF_INET, sin_port=htons(<bind_port>), sin_addr=inet_addr(\"<bind_address>\")}, 16) = 0\n - Bind to port 80\n - Bind to address 0.0.0.0\n[ ] exit(0) = ?\n\u6700\u7ec8\u89e3\u5982\u4e0b\u3002\u8fd9\u91cc\u76f4\u63a5\u7528\u6808\u6765\u4fdd\u5b58sockaddr_in\u7ed3\u6784\u4f53\u4e86\uff0c\u6bd4\u8f83\u7c97\u66b4\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\npush rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, rax # socket_fd\npush 0x50000002 # AF_INET(2) and PORT(80) in big endian\nmov rsi, rsp # sockaddr_in\npush 0x0 # IP(0.0.0.0)\npush 0x0 # padding\npush 0x0 # padding\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\nLevel 4
In this challenge you will listen on a socket.
\u4f7f\u7528listen\u76d1\u542c\u8fd9\u4e2asocket\u3002\u7531\u4e8e\u8fd9\u91cclisten\u4e5f\u8981\u7528\u5230\u4e4b\u524dsocket\u521b\u5efa\u7684\u6587\u4ef6\u63cf\u8ff0\u7b26\uff0c\u6ce8\u610f\u5230\u6837\u4f8b\u7684\u6c47\u7f16\u6587\u4ef6\u6700\u540e\u63d0\u793a\u7528data\u4e86\uff0c\u6240\u4ee5\u5e72\u8106\u6362\u7528\u6570\u636e\u533a\u6765\u4fdd\u5b58\u5404\u79cd\u7ed3\u6784\u4f53\uff0c\u4e5f\u5f03\u7528Level3\u91cc\u5bf9\u6808\u505a\u7684\u90a3\u4e9b\u4fee\u6539\u4e86\u3002\u8fd9\u91ccsockfd\u548csockaddr\u90fd\u662f\u5730\u5740\uff0c\u6240\u4ee5mov\u7684\u65f6\u5019\u4f1a\u81ea\u52a8\u89e3\u5f15\u7528\uff0c\u7528lea\u6307\u4ee4\u6765\u83b7\u5f97\u5730\u5740\u672c\u8eab\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\n\nsockfd: .quad 0\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 5
In this challenge you will accept a connection.
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL)\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\n\nsockfd: .quad 0\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 6
In this challenge you will respond to an http request.
\u8fd9\u4e2a\u9898\u7684\u610f\u601d\u662f\u5e0c\u671b\u5b9e\u73b0\u4e00\u4e2a\u9759\u6001\u7684\u7ad9\u70b9\uff0c\u63a5\u6536\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u8bf7\u6c42\u540e\uff0c\u59cb\u7ec8\u56de\u590dHTTP/1.0 200 OK\u3002\u9700\u8981\u521b\u5efa\u4e00\u4e2a\u7f13\u51b2\u533a\u4fdd\u5b58\u8bf7\u6c42\uff0c\u8fd9\u91cc\u5f00\u4e86\u4e2a256\u5b57\u8282\u7684\u5185\u5b58\uff08\u5b9e\u9645\u4e0a\u6709140\u5b57\u8282\uff09\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1\nsyscall\n\n# close(4)\nmov rdi, tunnel\nmov rax, 3\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\nrequest: .space 256\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 7
In this challenge you will respond to a GET request for the contents of a specified file.
\u5b9e\u73b0\u4e00\u4e2a\u52a8\u6001\u4e00\u70b9\u7684\u670d\u52a1\u5668\u3002\u8fd9\u9898\u4e2d\uff0c\u5ba2\u6237\u7aef\u4f1a\u8bf7\u6c42\u670d\u52a1\u5668\u7aef\u8bfb\u53d6\u4e00\u4e2a\u6587\u4ef6\u5e76\u8fd4\u56de\u7ed3\u679c\u3002\u6587\u4ef6\u662f\u5224\u9898\u7a0b\u5e8f\u968f\u673a\u751f\u6210\u5728/tmp\u4e0b\u7684\uff0c\u5185\u5bb9\u957f\u5ea6\u4e5f\u662f\u968f\u673a\u7684\u3002\u6240\u4ee5\u5199\u4ee3\u7801\u7684\u65f6\u5019\u8981\u591a\u9884\u7559\u70b9\u7f13\u51b2\u533a\u6765\u4fdd\u5b58\u6587\u4ef6\u5185\u5bb9\u3002
open\u6587\u4ef6\u65f6\uff0c\u6587\u4ef6\u540d\u8981\u4ecerequest\u8bf7\u6c42\u91cc\u63d0\u53d6\u3002\u56e0\u4e3a\u751f\u6210\u7684\u6587\u4ef6\u540d\u957f\u5ea6\u662f\u56fa\u5b9a\u7684\uff0c\u6240\u4ee5\u61d2\u7701\u4e8b\u76f4\u63a5\u5728request\u7f13\u51b2\u533a\u91cc\u6539\u4e86\uff08\u5b57\u7b26\u4e32\u672b\u5c3e\\0\uff09\u3002
===== Expected: Parent Process =====\n[ ] execve(<execve_args>) = 0\n[ ] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[ ] bind(3, {sa_family=AF_INET, sin_port=htons(<bind_port>), sin_addr=inet_addr(\"<bind_address>\")}, 16) = 0\n - Bind to port 80\n - Bind to address 0.0.0.0\n[ ] listen(3, 0) = 0\n[ ] accept(3, NULL, NULL) = 4\n[ ] read(4, <read_request>, <read_request_count>) = <read_request_result>\n[ ] open(\"<open_path>\", O_RDONLY) = 5\n[ ] read(5, <read_file>, <read_file_count>) = <read_file_result>\n[ ] close(5) = 0\n[ ] write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n[ ] write(4, <write_file>, <write_file_count>) = <write_file_result>\n[ ] close(4) = 0\n[ ] exit(0) = ?\n\n===== Trace: Parent Process =====\n[\u2713] execve(\"/proc/self/fd/3\", [\"/proc/self/fd/3\"], 0x7ffacc256990 /* 0 vars */) = 0\n[\u2713] socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3\n[\u2713] bind(3, {sa_family=AF_INET, sin_port=htons(80), sin_addr=inet_addr(\"0.0.0.0\")}, 16) = 0\n[\u2713] listen(3, 0) = 0\n[\u2713] accept(3, NULL, NULL) = 4\n[\u2713] read(4, \"GET /tmp/tmpungh1ajd HTTP/1.1\\r\\nHost: localhost\\r\\nUser-Agent: python-requests/2.31.0\\r\\nAccept-Encoding: gzip, deflate\\r\\nAccept: */*\\r\\nConnection: keep-alive\\r\\n\\r\\n\", 256) = 155\n[\u2713] open(\"/tmp/tmpungh1ajd\", O_RDONLY) = 5\n[\u2713] read(5, \"3Hy3xnjNjQIBfP6QDUW4ekuQtBwdXQPbhtPFxawXzQ6LXVQDgs8ZlslYncY9DMQohXFVHFyMPnOI6kaGqURTh2fXHuKe2oqjntry7Pt5QQP0148CyzGKtmOigovhOHobD2zujqgJIRXxjny3UVL9\", 1024) = 148\n[\u2713] close(5) = 0\n[\u2713] write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\n[\u2713] write(4, \"3Hy3xnjNjQIBfP6QDUW4ekuQtBwdXQPbhtPFxawXzQ6LXVQDgs8ZlslYncY9DMQohXFVHFyMPnOI6kaGqURTh2fXHuKe2oqjntry7Pt5QQP0148CyzGKtmOigovhOHobD2zujqgJIRXxjny3UVL9\", 148) = 148\n[\u2713] close(4) = 0\n[\u2713] exit(0) = ?\n[?] +++ exited with 0 +++\n\n===== Result =====\n[\u2713] Success\n\u4f7f\u7528\u7684\u6c47\u7f16\u4ee3\u7801\u5982\u4e0b\uff1a
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0 # sys_read\nsyscall\n\n# open(\"<open_path>\", O_RDONLY) = 5\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(5, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n\n# close(5)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\n# close(4)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\n\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequest: .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 8
In this challenge you will accept multiple requests.
\u4f7f\u7528\u4e00\u4e2a\u7a0b\u5e8f\u63a5\u53d7\u591a\u4e2a\u8bf7\u6c42\u3002\u7531\u4e8esocket\u6ca1\u6709\u5173\uff0c\u5728\u6700\u540e\u52a0\u4e00\u4e2aaccept\u5373\u53ef\u3002\u7a0b\u5e8f\u6700\u540eaccept\u8d85\u65f6sigkill\u9000\u51fa\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0 # sys_read\nsyscall\n\n# open(\"<open_path>\", O_RDONLY) = 5\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(5, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n\n# close(5)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\n# close(4)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\n\n# accept(3, NULL, NULL)\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequest: .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 9
In this challenge you will concurrently accept multiple requests.
\u8fd9\u9053\u9898\u662f\u8ba9\u505a\u4e00\u4e2a\u591a\u8fdb\u7a0b\uff0c\u7236\u8fdb\u7a0b\u8d1f\u8d23\u5faa\u73afaccept\uff0c\u5b50\u8fdb\u7a0b\u7528\u4e8e\u52a8\u6001\u5904\u7406\u6587\u4ef6\u8bfb\u5199\u3002\u6839\u636efork\u8fd4\u56de\u503c\u6765\u5224\u65ad\u7236\u8fdb\u7a0b\uff08\u8fd4\u56de\u503c\u4e3a\u5b50\u8fdb\u7a0bpid\uff09\u8fd8\u662f\u5b50\u8fdb\u7a0b\uff08\u8fd4\u56de\u503c\u4e3a0\uff09\u3002\u7236\u8fdb\u7a0b\u4e2d\uff0c\u5173\u95edtunnel\uff1b\u5b50\u8fdb\u7a0b\u4e2d\uff0c\u5173\u95edsockfd\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nparent_process_1:\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# fork() = <fork_result>\nmov rax, 57 # sys_fork\nsyscall\n\ntest rax, rax\njnz parent_process_2\njz child_process\n\nparent_process_2:\n\n# close(3)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\njmp parent_process_1\n\nchild_process:\n\n# close(3)\nmov rdi, sockfd\nmov rax, 3 # sys_close\nsyscall\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 256\nmov rax, 0 # sys_read\nsyscall\n\n# open(\"<open_path>\", O_RDONLY) = 3\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(3, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n\n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequest: .space 256\nfilecontent: .space 1024\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 10
In this challenge you will respond to a POST request with a specified file and update its contents.
\u8fd9\u9053\u9898\u662f\u7528POST\u8bf7\u6c42\uff0c\u8981\u6c42\u7528\u591a\u8fdb\u7a0b\u5904\u7406\uff0c\u5728\u5b50\u8fdb\u7a0b\u4e2d\u628aPOST\u7684\u8bf7\u6c42\u4f53\u4fdd\u5b58\u5728\u4e34\u65f6\u6587\u4ef6\uff0c\u5e76\u8fd4\u56de200 OK\u3002\u8003\u8651\u5230\u6587\u4ef6\u540d\u662f\u5b9a\u957f\u7684\uff0c\u6240\u4ee5\u6cbf\u7528\u4e4b\u524d\u7684\u65b9\u6cd5\u5f97\u5230\u6587\u4ef6\u540d\u3002\u8fd9\u91cc\u7528\u7684\u4e00\u4e2atrick\u662f\u7528\"\\r\\n\\r\\n\"\u6765\u4ece\u8bf7\u6c42\u4e2d\u5206\u5272\u8bf7\u6c42\u4f53\uff0c\u5e76\u4e14\u5185\u5bb9\u7684\u8ba1\u7b97\u662f\u7528read\u7684\u8fd4\u56de\u503c\u51cf\u53bb\u504f\u79fb\u91cf\u7b97\u7684\u3002\u8fd9\u662f\u5077\u61d2\u6ca1\u6709\u5b9e\u73b0\u89e3\u6790Content-Length\u7684\u529f\u80fdhhh
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nparent_process_1:\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# fork() = <fork_result>\nmov rax, 57 # sys_fork\nsyscall\n\ntest rax, rax\njnz parent_process_2\njz child_process\n\nparent_process_2:\n\n# close(3)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\njmp parent_process_1\n\nchild_process:\n\n# close(3)\nmov rdi, sockfd\nmov rax, 3 # sys_close\nsyscall\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov requestlen, rax\n\n# open(\"<open_path>\", O_WRONLY|O_CREAT, 0777) = 3\nlea rdi, [request+5] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0x41 # O_WRONLY | O_CREAT\nmov rdx, 0777\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# locate POST body\nmov rcx, 0\nmov ebx, separate\nlocate_body:\nmov eax, [request+rcx]\nadd rcx, 1\ncmp eax, ebx\njne locate_body\n# extrace POST body\nadd rcx, 3\nmov rdi, txtfile\nlea rsi, [request+rcx]\nmov rdx, requestlen\nsub rdx, rcx\nmov rax, 1 # sys_write\nsyscall\n\n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequestlen: .quad 0\nrequest: .space 1024\nfilecontent: .space 1024\nseparate: .ascii \"\\r\\n\\r\\n\"\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 11
In this challenge you will respond to multiple concurrent GET and POST requests.
\u76f4\u63a5\u53d1\u4e86\u4e00\u5806GET\u548cPOST\u6df7\u5408\u8bf7\u6c42\u3002\u4e0d\u8fc7\u597d\u50cf\u6ca1\u8bf4\u6bcf\u4e2a\u8bf7\u6c42\u8981\u5e72\u561b\uff0c\u5c31\u76f4\u63a5\u7ed3\u5408\u4e0blevel9\u548clevel10\u7684\u7ed3\u679c\uff0c\u6bd4\u8f83request\u662f\u4ee5POST\u5f00\u5934\u8fd8\u662fGET\u5f00\u5934\uff0c\u5206\u522b\u8df3\u8f6c\u5230\u5bf9\u5e94\u7684\u903b\u8f91\u5c31\u884c\u4e86\u3002
.intel_syntax noprefix\n.globl _start\n\n.section .text\n\n_start:\n# create a socket\nmov rdi, 2 # AF_INET\nmov rsi, 1 # SOCK_STREAM\nmov rdx, 0 # IPPROTO_IP\nmov rax, 41 # sys_socket\nsyscall\nmov sockfd, rax\n\n# bind the socket to 0.0.0.0:80\nmov rdi, sockfd # socket_fd\nlea rsi, sockaddr # sockaddr\nmov rdx, 16 # addrlen\nmov rax, 49 # sys_bind\nsyscall\n\n# listen(3, 0)\nmov rdi, sockfd\nmov rsi, 0\nmov rax, 50 # sys_listen\nsyscall\n\nparent_process_1:\n# accept(3, NULL, NULL) = 4\nmov rdi, sockfd\nmov rsi, 0\nmov rdx, 0\nmov rax, 43 # sys_accept\nsyscall\nmov tunnel, rax\n\n# fork() = <fork_result>\nmov rax, 57 # sys_fork\nsyscall\n\ntest rax, rax\njnz parent_process_2\njz child_process\n\nparent_process_2:\n\n# close(3)\nmov rdi, tunnel\nmov rax, 3 # sys_close\nsyscall\njmp parent_process_1\n\nchild_process:\n\n# close(3)\nmov rdi, sockfd\nmov rax, 3 # sys_close\nsyscall\n\n# read(4, <read_request>, <read_request_count>) = <read_request_result>\nmov rdi, tunnel\nlea rsi, request\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov requestlen, rax\n\n# check GET or POST\nmov eax, request\nmov ebx, requestget\ncmp eax, ebx\nje handle_get\nmov ebx, requestpost\ncmp eax, ebx\nje handle_post\n\njmp program_exit\n\nhandle_get:\n# open(\"<open_path>\", O_RDONLY) = 3\nlea rdi, [request+4] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0 # O_RDONLY\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# read(3, <read_file>, <read_file_count>) = <read_file_result>\nmov rdi, txtfile\nlea rsi, filecontent\nmov rdx, 1024\nmov rax, 0 # sys_read\nsyscall\nmov filecnt, rax # \n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\n# write(4, <write_file>, <write_file_count>) = <write_file_result>\nmov rdi, tunnel\nlea rsi, filecontent\nmov rdx, filecnt\nmov rax, 1 # sys_write\nsyscall\n\njmp program_exit\n\nhandle_post:\n# open(\"<open_path>\", O_WRONLY|O_CREAT, 0777) = 3\nlea rdi, [request+5] # extract file name\nmovb [rdi+16], 0\nmov rsi, 0x41 # O_WRONLY | O_CREAT\nmov rdx, 0777\nmov rax, 2 # sys_open\nsyscall\nmov txtfile, rax\n\n# locate POST body\nmov rcx, 0\nmov ebx, separate\nlocate_body:\nmov eax, [request+rcx]\nadd rcx, 1\ncmp eax, ebx\njne locate_body\n# extrace POST body\nadd rcx, 3\nmov rdi, txtfile\nlea rsi, [request+rcx]\nmov rdx, requestlen\nsub rdx, rcx\nmov rax, 1 # sys_write\nsyscall\n\n# close(3)\nmov rdi, txtfile\nmov rax, 3 # sys_close\nsyscall\n\n# write(4, \"HTTP/1.0 200 OK\\r\\n\\r\\n\", 19) = 19\nmov rdi, tunnel\nlea rsi, response\nmov rdx, 19\nmov rax, 1 # sys_write\nsyscall\n\nprogram_exit:\n# exit\nmov rdi, 0\nmov rax, 60 # SYS_exit\nsyscall\n\n.section .data\n\nsockfd: .quad 0\ntunnel: .quad 0\ntxtfile: .quad 0\nfilecnt: .quad 0\nrequestlen: .quad 0\nrequest: .space 1024\nfilecontent: .space 1024\nrequestget: .ascii \"GET \"\nrequestpost: .ascii \"POST\"\nseparate: .ascii \"\\r\\n\\r\\n\"\nresponse: .ascii \"HTTP/1.0 200 OK\\r\\n\\r\\n\"\nsockaddr: .quad 0x50000002 # AF_INET(2) and PORT(80) in big endian\n.quad 0x0 # IP(0.0.0.0)\n.quad 0x0 # padding\n.quad 0x0 # padding\nLevel 1
\u8fd0\u884c/challenge\u4e0b\u7684\u6587\u4ef6\uff0c\u4f1a\u81ea\u52a8\u6253\u5f00gdb\uff0c\u8f93\u5165run\u542f\u52a8\u7a0b\u5e8f\uff0c\u8fdb\u5165\u7b2c\u4e00\u5173\u3002\u7b2c\u4e00\u5173\u4e3b\u8981\u662f\u8bb2\u4e0b\u5927\u81f4\u7684\u9898\u76ee\u8981\u6c42\uff0c\u5728\u8fd9\u91cc\u6309C\u7ee7\u7eed\u8fd0\u884c\u4f1a\u76f4\u63a5\u7ed9\u51faflag\u3002
Level 2
\u672c\u5173run\u4ee5\u540ep/x $r12\u7136\u540e\u6309C\uff0c\u628a\u7ed3\u679c\u8f93\u5165\u5c31\u884c\u3002
Level 3
\u8fd9\u4e00\u5173\u4e3b\u8981\u662f\u719f\u6089\u6253\u5370\u5185\u5b58\u6570\u636e\uff0c\u53ef\u4ee5\u5728\u6309C\u8fdb\u5165\u7a0b\u5e8f\u524d\u540e\u7528x/20gx $rsp\u5bf9\u6bd4\u4e00\u4e0b\u6808\u4e0a\u4ec0\u4e48\u6570\u636e\u6539\u53d8\u4e86\u3002\u7b97\u662f\u4e0d\u770b\u6c47\u7f16\u7684\u4e00\u70b9\u5c0ftrick\u3002
Level 4
\u8fd9\u5173\u7684\u6ca1\u7528\u6b63\u5e38\u89e3\u6cd5\u3002\u6709\u4e00\u70b9\u5c0ftrick\uff1a\u4f7f\u7528disas $pc\u67e5\u770b\u53d1\u73b0\u6709\u4e2awin\u51fd\u6570\uff0c\u53c2\u6570\u7528\u76840\u3002\u76f4\u63a5set $rax=0\uff0cset $pc=xxx\u8df3\u8f6c\u5230win\u7684\u51fd\u6570\u5c31\u884c\u4e86\u3002
Level 5
\u8fd9\u9898\u63d0\u793a\u53ef\u4ee5\u7f16\u5199gdb\u811a\u672c\uff0c\u52a0\u8f7d\u540e\u4f1a\u81ea\u52a8\u6267\u884c\u3002\u8fd9\u9053\u9898\u76ee\u4f1a\u5728\u5faa\u73af\u4e2d\u591a\u6b21\u8bbe\u7f6e\u968f\u673a\u6570\uff0c\u6240\u4ee5\u9700\u8981\u81ea\u52a8\u5316\u89e3\u51b3\u3002
run\u540e\u5148disas $pc\u770b\u4e00\u770bmain\u51fd\u6570\u7684\u5173\u952e\u903b\u8f91\uff1a
0x000055981a8ccd40 <+666>: mov esi,0x0\n0x000055981a8ccd45 <+671>: lea rdi,[rip+0xd5e] # 0x55981a8cdaaa\n0x000055981a8ccd4c <+678>: mov eax,0x0\n0x000055981a8ccd51 <+683>: call 0x55981a8cc250 <open@plt>\n0x000055981a8ccd56 <+688>: mov ecx,eax\n0x000055981a8ccd58 <+690>: lea rax,[rbp-0x18]\n0x000055981a8ccd5c <+694>: mov edx,0x8\n0x000055981a8ccd61 <+699>: mov rsi,rax\n0x000055981a8ccd64 <+702>: mov edi,ecx\n0x000055981a8ccd66 <+704>: call 0x55981a8cc210 <read@plt>\n0x000055981a8ccd6b <+709>: lea rdi,[rip+0xd46] # 0x55981a8cdab8\n0x000055981a8ccd72 <+716>: call 0x55981a8cc190 <puts@plt>\n0x000055981a8ccd77 <+721>: lea rdi,[rip+0xd5a] # 0x55981a8cdad8\n0x000055981a8ccd7e <+728>: mov eax,0x0\n0x000055981a8ccd83 <+733>: call 0x55981a8cc1d0 <printf@plt>\n0x000055981a8ccd88 <+738>: lea rax,[rbp-0x10]\n0x000055981a8ccd8c <+742>: mov rsi,rax\n0x000055981a8ccd8f <+745>: lea rdi,[rip+0xd51] # 0x55981a8cdae7\n0x000055981a8ccd96 <+752>: mov eax,0x0\n0x000055981a8ccd9b <+757>: call 0x55981a8cc260 <__isoc99_scanf@plt>\n\u731c\u6d4b\u57280x000055981a8ccd51\u5904\u7684open\u662f\u6253\u5f00\u4e86\u968f\u673a\u6570\u53d1\u751f\u5668\uff08\u6bd4\u5982/dev/urandom\uff09\uff0c\u7136\u540e0x000055981a8ccd66\u5904\u7684read\u662f\u8bfb8\u4e2a\u5b57\u8282\uff0c\u5373\u6700\u7ec8\u7684\u968f\u673a\u6570\uff0c\u4fdd\u5b58\u5728rsi\u5bc4\u5b58\u5668\u6307\u5411\u7684\u4f4d\u7f6e\uff0c\u5373rbp-0x18\u5904\u3002\u6240\u4ee5\u81ea\u52a8\u5316\u811a\u672c\u53ef\u4ee5\u57280x000055981a8ccd72\u5904\uff08\u5373*main+716\uff09\u6253\u4e2a\u65ad\u70b9\uff0c\u6253\u5370\u6b64\u65f6rbp-0x18\u7684\u503c\u3002
\u5373\u5148\u7f16\u5199\u4e0b\u8ff0\u811a\u672c\uff0c\u7136\u540e\u542f\u52a8\u7a0b\u5e8f\u65f6-x\u8ffd\u52a0\u811a\u672c\u5373\u53ef\u3002
start\nbreak *main+716\ncommands\n silent\n set $local_variable = *(unsigned long long*)($rbp-0x18)\nprintf \"Current value: %llx\\n\", $local_variable\ncontinue\nend\ncontinue\n\u5f53\u7136\u89e3\u6cd5\u6709\u5f88\u591a\uff0c\u770bdisas\u540e\u7684\u7ed3\u679c\uff0c\u8f93\u5165\u7684\u6570\u636e\u88abscanf\u4fdd\u5b58\u5230rbp-0x10\u5904\uff0c\u4e0erbp-0x18\u6bd4\u8f83\u3002\u4e5f\u53ef\u4ee5\u5728\u6bd4\u8f83\u524d\u76f4\u63a5\u4fee\u6539\u5bc4\u5b58\u5668\u8ba9\u503c\u76f8\u7b49\u3002
Level 6
\u8fd9\u4e00\u5173\u624d\u6559\u600e\u4e48\u7528set\u6539\u5bc4\u5b58\u5668\uff0c\u4ece\u800c\u4fee\u6539\u7a0b\u5e8f\u6267\u884c\u903b\u8f91\u3002\u662f\u4e0d\u662f\u53ef\u4ee5\u6697\u793a\u76f4\u63a5\u62ffflag\uff1frun\u540eset $rip=*main+715\uff0c\u7136\u540e\u7ee7\u7eed\u8fd0\u884c\u7a0b\u5e8f\u3002
Level 7
\uff1f\uff1f\uff1f\u539f\u6765\u8fd8\u53ef\u4ee5\u8fd9\u4e48\u73a9\uff1f\uff1f
Level 8
\u76f4\u63a5\u8c03\u7528call (void)win()\uff0c\u53ef\u4ee5disas *win\u770b\u4e00\u4e0bwin\u51fd\u6570\u3002
0x0000556609b49951 <+0>: endbr64\n0x0000556609b49955 <+4>: push rbp\n0x0000556609b49956 <+5>: mov rbp,rsp\n0x0000556609b49959 <+8>: sub rsp,0x10\n0x0000556609b4995d <+12>: mov QWORD PTR [rbp-0x8],0x0\n0x0000556609b49965 <+20>: mov rax,QWORD PTR [rbp-0x8]\n0x0000556609b49969 <+24>: mov eax,DWORD PTR [rax]\n0x0000556609b4996b <+26>: lea edx,[rax+0x1]\n0x0000556609b4996e <+29>: mov rax,QWORD PTR [rbp-0x8]\n0x0000556609b49972 <+33>: mov DWORD PTR [rax],edx\n0x0000556609b49974 <+35>: lea rdi,[rip+0x73e] # 0x556609b4a0b9\n0x0000556609b4997b <+42>: call 0x556609b49180 <puts@plt>\n\u53ef\u89c1\u57280x0000556609b49969\u5904\uff0c\u4ecerax\u6307\u5411\u7684\u5730\u5740\u8bfb\u53d64\u5b57\u8282\u3002\u4f46\u662f\u6b64\u65f6rax\u5728\u524d\u4e24\u6761\u8bed\u53e5\u5df2\u7ecf\u88ab\u4fee\u6539\u4e3a0\u4e86\uff0c\u6240\u4ee5\u89e6\u53d1NULL\u6307\u9488\u89e3\u5f15\u7528\uff0c\u5f15\u8d77SIGSEGV\u9000\u51fa\u3002\u6240\u4ee5\u8bd5\u8bd5\u76f4\u63a5\u8df3\u8fc7\u8fd9\u6bb5\uff0c\u8fdb\u5165win\u65f6\u4fee\u6539rip\u5bc4\u5b58\u5668\u5373\u53ef\u3002
\u4f9d\u6b21\u6267\u884c\uff1abreak *win\uff0ccall (void)win()\uff0cset $rip=*win+35\uff0cc\u5373\u53ef\u3002
Level 1.0
Reverse engineer this challenge to find the correct license key.
\u4ece\u6b64\u5f00\u59cb\u662f\u4e00\u4e2a\u8bc1\u4e66\u9a8c\u8bc1\u7a0b\u5e8f\uff0c\u8981\u6c42\u8f93\u5165key\u6765\u83b7\u53d6flag\u3002\u7b2c\u4e00\u9898\u76f4\u63a5enter\u8fd0\u884c\uff0c\u4f1a\u8f93\u51fa\u539f\u59cb\u8f93\u5165\u3001\u5904\u7406\u540e\u7684\u8f93\u5165\u4ee5\u53ca\u6b63\u786e\u7b54\u6848\u3002\u8fd0\u884c\u4e24\u6b21\u4ee5\u540e\u53d1\u73b0\u5904\u7406\u540e\u7684\u8f93\u5165\u548c\u539f\u59cb\u8f93\u5165\u662f\u4e00\u6837\u7684\uff0c\u5e76\u4e14\u6b63\u786e\u7b54\u6848\u662f\u56fa\u5b9a\u7684\u3002
\u76f4\u63a5python\u91cc\u8fd0\u884c\u4e0b[chr(i) for i in [0x75,0x62,0x61,0x6a,0x68]]\uff08\u53ef\u80fd\u9700\u8981\u4fee\u65390xXX\u7684\u503c\uff09\uff0c\u7136\u540e\u5c31\u5f97\u5230key\u4e86\u3002
Level 1.1
Reverse engineer this challenge to find the correct license key.
\u8fd9\u4e00\u9898\u6ca1\u6709\u76f4\u63a5\u628a\u6b63\u786e\u7b54\u6848\u5217\u51fa\u6765\u3002\u4e00\u79cd\u65b9\u6848\u662f\u5148gdb\u542f\u52a8\u7a0b\u5e8f\uff0c\u7136\u540e\u5728\u8981\u6c42\u8f93\u5165\u5bc6\u94a5\u7684\u65f6\u5019ctrl+c\u6682\u505c\u7a0b\u5e8f\uff0c\u7528bt\u67e5\u770b\u8c03\u7528\u6808\uff0c\u53ef\u4ee5\u770b\u5230__libc_start_main (main=0xXXXXX, argc=1, ....)\u3002\u7136\u540e\u67e5\u770bmain\u51fd\u6570\u7684\u6c47\u7f16\u6307\u4ee4x/80i 0xXXXX\uff0c\u53ef\u4ee5\u770b\u5230\u5176\u4e2d\u7684memcmp@plt\u51fd\u6570\u6240\u4f7f\u7528\u7684\u7684rsi\u6765\u81ea[rip+0x2abf]\u3002\u6307\u4ee4\u540e\u9762\u7684#\u6ce8\u91ca\u63d0\u793a\u4e86\u5bf9\u5e94\u7684\u5730\u5740\uff0c\u76f4\u63a5\u7528x/5c <address>\u67e5\u770b\u5bc6\u94a5\u5373\u53ef\u3002
\u6ce8\u610f\u6700\u540e\u8f93\u5165\u5bc6\u94a5\u65f6\u8981\u76f4\u63a5\u8fd0\u884c\u7a0b\u5e8f\uff0c\u4e0d\u8981\u5728gdb\u91cc\u9762\u8f93\uff0c\u4f1a\u63d0\u793a\u6743\u9650\u4e0d\u591f\u3002
Level 2.0
Reverse engineer this challenge to find the correct license key, but your input will be modified somehow before being compared to the correct key.
\u8fd9\u9053\u9898\u76ee\u4ea4\u6362\u4e86\u8f93\u5165\u5b57\u7b26\u4e32\u7684index 1\u548cindex 4\u7684\u5b57\u7b26\u3002
Level 2.1
\u8fd9\u9053\u9898\u76ee\u57282.0\u7684\u57fa\u7840\u4e0a\u9690\u53bb\u4e86\u8f93\u5165\u8f93\u51fa\u7ed3\u679c\u7684\u663e\u793a\uff0c\u56e0\u6b64\u9700\u8981gdb\u770b\u4e00\u4e0b\u505a\u4e86\u4ec0\u4e48\u64cd\u4f5c\u3002\u6309\u71671.1\u7684\u65b9\u6cd5\u67e5\u770bmemcmp\u9644\u8fd1\u7684\u51fd\u6570\uff0c\u53ef\u89c1\uff1a
0x5584f463251f: lea rax,[rbp-0xe]\n0x5584f4632523: mov edx,0x5\n0x5584f4632528: mov rsi,rax\n0x5584f463252b: mov edi,0x0\n0x5584f4632530: call 0x5584f46321a0 <read@plt>\n0x5584f4632535: movzx eax,BYTE PTR [rbp-0xe]\n0x5584f4632539: mov BYTE PTR [rbp-0x10],al\n0x5584f463253c: movzx eax,BYTE PTR [rbp-0xd]\n0x5584f4632540: mov BYTE PTR [rbp-0xf],al\n0x5584f4632543: movzx eax,BYTE PTR [rbp-0xf]\n0x5584f4632547: mov BYTE PTR [rbp-0xe],al\n0x5584f463254a: movzx eax,BYTE PTR [rbp-0x10]\n0x5584f463254e: mov BYTE PTR [rbp-0xd],al\n0x5584f4632551: lea rdi,[rip+0xdb0] # 0x5584f4633308\n0x5584f4632558: call 0x5584f4632140 <puts@plt>\n0x5584f463255d: lea rax,[rbp-0xe]\n0x5584f4632561: mov edx,0x5\n0x5584f4632566: lea rsi,[rip+0x2aa3] # 0x5584f4635010\n0x5584f463256d: mov rdi,rax\n0x5584f4632570: call 0x5584f46321b0 <memcmp@plt>\n\u8f93\u5165\u7684\u5b57\u7b26\u4e32\u88ab\u4fdd\u5b58\u5728[rbp-0xe]\u5904\uff0c\u4e14\u8fdb\u884c\u4e86[rbp-0xe]\u548c[rbp-0xd]\u7684\u4ea4\u6362\u3002\u4e5f\u5c31\u662f\u8bf4\u8f93\u5165\u5b57\u7b26\u4e32\u7684\u524d\u4e24\u4e2a\u5b57\u7b26\u88ab\u4ea4\u6362\u4e86\u3002\u67e5\u770bmemcmp\u52a0\u8f7d\u5230rsi\u7684\u5730\u5740\u5185\u5bb9x/5c 0x5584f4635010\u5f97\u5230\u5bf9\u5e94\u7684\u7b54\u6848\uff0c\u4ea4\u6362\u524d\u4e24\u4e2a\u5b57\u7b26\u5373\u53ef\u3002
Level 3.0-3.1
\u8fd0\u884c\u7a0b\u5e8f\uff0c\u968f\u4fbf\u8f93\u51e0\u4e2a\u6570\u3002\u663e\u5f0f\u544a\u8bc9\u4e86\u89c4\u5219\u662f\u9006\u5e8f\uff0c\u53c8\u628a\u6b63\u786e\u7b54\u6848\u6253\u5370\u51fa\u6765\u4e86\u3002
3.1\u731c\u6d4b\u548c3.0\u4e00\u6837\u4e5f\u662f\u9006\u5e8f\u3002\u76f4\u63a5\u63092.1\u7684\u65b9\u6cd5\u770b\u4e00\u4e0b[rbp-0xe]\u5904\u7684\u503c\u7136\u540e\u9006\u5e8f\u8f93\u5165\u5c31\u884c\u3002
Level 4.0-4.1
\u89c4\u5219\u662f\u8fdb\u884c\u9012\u589e\u6392\u5e8f\u3002\u8fd9\u4e0b\u53ea\u9700\u8981\u5305\u542b\u8fd9\u4e9b\u5b57\u6bcd\u5c31\u884c\u3002\uff08\u8fd9\u4e0d\u662f\u66f4\u7b80\u5355\u4e86\u2026\u2026\uff09
Level 5.0-5.1
\u8fd9\u9053\u9898\u662f\u5bf9\u8f93\u5165\u5b57\u7b26\u8fdb\u884c\u5f02\u6216\u3002\u7b80\u5355\u5199\u4e86\u4e2apython\uff0c\u5728\u63a7\u5236\u53f0\u4ea4\u4e92\u65f6\u8fd0\u884c\u4e0b\uff1a
tx = lambda x:int(x,16)\n''.join([chr(i^0xb8) for i in [tx(a) for a in 'd6 d5 d6 cf da'.split() ]])\n5.1\u548c5.0\u7c7b\u4f3c\uff0c\u4eff\u7167\u4e4b\u524d\u7684\u65b9\u6cd5\u53ef\u4ee5\u770b\u5230\u5f02\u6216\u7528\u7684\u662f0x1c\u3002
Level 6.0
\u8fd9\u9053\u9898\u7ed3\u5408\u4e86\u4ea4\u6362\u3001\u5f02\u6216\u3001\u9006\u5e8f\u4e09\u79cd\u64cd\u4f5c\uff0c\u5e72\u8106\u5199\u4e2a\u811a\u672c\u5904\u7406\u4e0b\u5427\u3002
def do_reverse(li):\n return li[::-1]\n\ndef do_swap(li, idx1, idx2):\n li[idx1], li[idx2] = li[idx2], li[idx1]\n return li\n\ndef do_xor(li, key):\n xor_li = []\n while key > 0:\n xor_li.insert(0, key & 0xff)\n key >>= 8\n for i in range(len(li)):\n li[i] ^= xor_li[i % len(xor_li)]\n return li\n\ndef do_sort(li):\n li.sort()\n return li\n\ndef sanitize(s):\n if type(s) is str:\n f = lambda tx: int(tx,16)\n return [f(i) for i in s.split()]\n if type(s) is list:\n return ''.join([chr(i) for i in s])\n\nprint(sanitize(do_swap(do_xor(do_reverse(sanitize('51 90 52 86 58 98 4d 81 4b 84 4f 9a 57 8c 51 91 56')),0x3ef5),5,6)))\n6.1\u6709\u70b9\u5947\u602a\uff0c\u770b\u6c47\u7f16\u597d\u50cf\u662f\u5148\u9006\u5e8f\u4e00\u904d\uff0c\u518d\u9006\u5e8f\u4e00\u904d\uff0c\u518d\u9010\u5b57\u8282\u4e0e0xbb\u5f02\u6216\u3002\u597d\u50cf\u548c5.0\u7684\u7f6e\u6362-\u5f02\u6216-\u9006\u5e8f\u4e0d\u4e00\u6837\u7684\uff1f\u53ef\u80fd\u662f\u968f\u673a\u9009\u62e9\u7b56\u7565\u5427\u3002
Level 7.0-7.1
7.0\u7528\u4e0a\u4e00\u4e2a\u811a\u672c\u5373\u53ef\u3002
print(sanitize(do_swap(do_sort(do_xor(do_swap(do_xor(sanitize(' 16 34 42 00 13 31 46 0d 1c 3b 4e 15 05 22 52 10 04 22 54 1c 0f 2e 59 1d 0e 2f 5b'),0x85a4d396),13,16),0xf2)),7,10)))\n7.1\u662f\u5148\u548c0x15ca\u5f02\u6216\uff0c\u7136\u540e\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9006\u5e8f\uff0c\u7136\u540e\u518d\u9012\u589e\u6392\u5e8f
print(sanitize(do_xor(sanitize('60 61 64 66 67 6c 70 70 71 74 77 7c 7c 7d 7f a5 a5 a5 a8 ab ab af b0 b3 b8 b9 ba bb'),0x15ca)))\nprint(sanitize(do_xor(sanitize('60 61 64 66 67 6c 70 70 71 74 77 7c 7c 7d 7f a5 a5 a5 a8 ab ab af b0 b3 b8 b9 ba bb'),0xca15)))\n\n#u\u00abq\u00acr\u00a6e\u00bad\u00beb\u00b6i\u00b7jo\u00b0o\u00bda\u00bee\u00a5y\u00ads\u00afq\n#\u00aat\u00aes\u00ady\u00bae\u00bba\u00bdi\u00b6h\u00b5\u00b0o\u00b0b\u00bea\u00baz\u00a6r\u00acp\u00ae\n#\u7136\u540e\u628a\u4e24\u4e2a\u7ed3\u679c\u4e2d\u5b57\u6bcd\u6392\u8d77\u6765\n#utqsryeedabiihjooobaaezyrspq\nCSE 365\u8fd8\u662f\u5c5e\u4e8e\u6bd4\u8f83\u5165\u95e8\u7684\u7c7b\u578b\uff0c\u6253\u597d\u57fa\u7840\uff01
"},{"location":"python/","title":"Python","text":""},{"location":"python/#_1","title":"\u4e00\u4e9b\u5c0f\u70b9","text":"obj.__dir__() \u6216\u8005dir(obj)
\u6839\u636e\u7528\u6237\u4f20\u53c2\u800c\u6267\u884c\u4e0d\u540c\u7684\u529f\u80fd\uff0c\u53c8\u5206\u591a\u4e2a\u5c42\u6b21\u3002\u6bd4\u5982pip3\u547d\u4ee4\uff0c\u53ef\u4ee5\u6709pip3 install\u548cpip3 freeze\u7b49\u7b49\uff0c\u5bf9\u4e8e\u6bcf\u4e00\u4e2a\u5b50\u89e3\u6790\u53c8\u6709\u8fdb\u4e00\u6b65\u7684\u53c2\u6570\uff0c\u6bd4\u5982pip3 install --upgrade, pip3 install --force-reinstall\u7b49\u7b49\u3002
import argparse\n\ndef populate_parser(parser):\n parser.add_argument('input_file', type=str, help=\"Path to the file containing the mutated input to load\")\n parser.add_argument('--prefix-input', dest='prefix_input_path', type=str, help=\"(Optional) Path to the file containing a constant input to load\")\n parser.add_argument('-c', '--config', default=\"config.yml\", help=\"The emulator configuration to use. Defaults to 'config.yml'\")\n\n # Verbosity switches\n parser.add_argument('-v', '--print-exit-info', default=False, action=\"store_true\", help=\"Print some information about the exit reason.\")\n parser.add_argument('-t', '--trace-funcs', dest='trace_funcs', default=False, action='store_true')\nparser = argparse.ArgumentParser(description=\"Fuzzware\")\nsubparsers = parser.add_subparsers(title=\"Fuzzware Components\", help='Fuzzware utilities:', description=\"Fuzzware supports its different functions using a set of utilities.\\n\\nUse 'fuzzware <util_name> -h' for more details.\")\nparser_pipeline = subparsers.add_parser(MODE_PIPELINE, help=\"Running the full pipeline. Fuzzware's main utility.\")\nparser_pipeline.set_defaults(func=do_pipeline)\n# Pipeline command-line arguments\nparser_pipeline.add_argument('target_dir', nargs=\"?\", type=os.path.abspath, default=os.curdir, help=\"Directory containing the main config. Defaults to the current working dir.\")\n\n\nparser = argparse.ArgumentParser(description=\"Fuzzware emulation harness\")\npopulate_parser(parser)\n\u9664\u4e86argparse\u4ee5\u5916\uff0c\u53ef\u4ee5\u628a\u4e00\u4e9b\u5f88\u957f\u7684\u914d\u7f6e\u6570\u636e\uff08\u6bd4\u5982\u591a\u5230\u547d\u4ee4\u884c\u6572\u662f\u4e0d\u73b0\u5b9e\u7684\uff09\u653e\u5230yml\u91cc\uff0c\u7136\u540e\u7528yaml\u8bfb\u53d6\uff0c\u5f97\u5230\uff08\u5d4c\u5957\u7684\uff09\u5b57\u5178\uff0c\u7136\u540e\u518d\u53d6\u5185\u5bb9\u5c31\u5f88\u65b9\u4fbf\u4e86\u3002\u9700\u8981pip\u5b89\u88c5pyyaml\u8fd9\u4e2a\u5305
import yaml\n\nwith open('config.yml', 'rb') as f:\n data = yaml.load(f, Loader=yaml.FullLoader)\n print(data)\n\u90a3\u4e48data\u5c31\u662f\u4e00\u4e2a\u5b57\u5178\uff0c\u6839\u636eyml\u91cc\u7684\u5185\u5bb9\u53ef\u80fd\u6210\u4e3a\u5d4c\u5957\u5173\u7cfb\u3002\u5b57\u5178\u91cc\u4e3a\u7a7a\u7684\u503c\u4f1a\u53d8\u6210None\uff0ctrue\u6216True\u6216TRUE\u90fd\u4f1a\u53d8\u6210True\uff0c\u6570\u5b57\u4f1a\u88ab\u8bc6\u522b\u6210\u6574\u6570\u6216\u6d6e\u70b9\u6570\uff0c\u5b57\u7b26\u4e32\u4f1a\u88ab\u8bc6\u522b\u6210\u5b57\u7b26\u4e32\uff08\u542b\u7a7a\u683c\uff09
\u6bd4\u5982\u4e0b\u9762\u7684yml\u6587\u4ef6
item:\ntest1: 1\ntest2: 2\ntest2.1: TRUE\ntest2.2: true\ntest2.3: True\nmatters:\ntest3: 3\n3: 333\ntest4: 4\ntest5: ${item.test1}\ntest6: a b c d\ntest7: \u4f1a\u88ab\u8bc6\u522b\u4e3a
{'item': {'test1': 1, 'test2': 2, 'test2.1': True, 'test2.2': True, 'test2.3': True}, 'matters': {'test3': 3, 3: 333, 'test4': 4, 'test5': '${item.test1}', 'test6': 'a b c d', 'test7': None}}\n\u5728\u5f00\u53d1\u7a0b\u5e8f\u7684\u65f6\u5019\uff0c\u9047\u5230bug\u6216\u8005\u60f3\u5f04\u6e05\u695a\u4e34\u65f6\u7ed3\u679c\u3001\u63a7\u5236\u6d41\u8d70\u5411\u7684\u65f6\u5019\uff0c\u91c7\u7528print\u7684\u4f20\u7edf\u65b9\u6cd5\u6765\u6253\u5370\u53d8\u91cf\u6709\u70b9\u8fc7\u4e8e\u8822\u7b28\u4e86\u3002\u800c\u4f7f\u7528logging\u53ef\u4ee5\u968f\u65f6\u6253\u5370\u6570\u636e\u5230\u63a7\u5236\u53f0\u6216\u6587\u4ef6\uff0c\u53ef\u4ee5\u81ea\u5b9a\u4e49\u6253\u5370\u8303\u56f4\uff0c\u800c\u4e14\u6613\u4e8e\u8c03\u8bd5\u3002
import logging\n\nlogging.basicConfig(format='[%(levelname)s %(filename)s:%(lineno)d]: %(message)s', stream=sys.stdout, level=logging.DEBUG)\nlogger = logging.getLogger('TEST')\n\nlogger.debug('here is a test!')\nlogger.info('info level')\n\u5f53\u7136\u4e5f\u53ef\u4ee5\u5168\u9762\u4e86\u89e3\u4e0blogging\uff0c\u63a8\u8350\u9605\u8bfb\u8fd9\u4e2a\u77e5\u4e4e\u4e13\u680f
import logging\n\n# 1\u3001\u521b\u5efa\u4e00\u4e2alogger\nlogger = logging.getLogger('mylogger')\nlogger.setLevel(logging.DEBUG)\n\n# 2\u3001\u521b\u5efa\u4e00\u4e2ahandler\uff0c\u7528\u4e8e\u5199\u5165\u65e5\u5fd7\u6587\u4ef6\nfh = logging.FileHandler('test.log')\nfh.setLevel(logging.DEBUG)\n\n# \u518d\u521b\u5efa\u4e00\u4e2ahandler\uff0c\u7528\u4e8e\u8f93\u51fa\u5230\u63a7\u5236\u53f0\nch = logging.StreamHandler()\nch.setLevel(logging.DEBUG)\n\n# 3\u3001\u5b9a\u4e49handler\u7684\u8f93\u51fa\u683c\u5f0f\uff08formatter\uff09\nformatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')\n\n# 4\u3001\u7ed9handler\u6dfb\u52a0formatter\nfh.setFormatter(formatter)\nch.setFormatter(formatter)\n\n# 5\u3001\u7ed9logger\u6dfb\u52a0handler\nlogger.addHandler(fh)\nlogger.addHandler(ch)\n\u4ee5\u53ca\u4fee\u6539log\u7684\u989c\u8272(\u4e0d\u8fc7\u6ca1\u6709\u8bd5\u8fc7\uff0c\u4e0d\u77e5\u9053\u662f\u5426\u53ef\u7528)
"},{"location":"python/#_3","title":"\u63a5\u53e3\u8bbe\u8ba1","text":"\u4e00\u7cfb\u5217\u76f8\u4f3c\u7684\u51fd\u6570\u5b8c\u6210\u76f8\u4f3c\u7684\u529f\u80fd\uff08\u6bd4\u5982\u4e0d\u540c\u89e3\u6790\u51fd\u6570\u89e3\u6790\u4e0d\u540c\u79cd\u7c7b\u7684\u65e5\u5fd7\uff0c\u90fd\u5b8c\u6210\u201c\u6570\u636e\u5904\u7406\u201d\u8fd9\u4e00\u529f\u80fd\uff09\u65f6\uff0c\u53ef\u4ee5\u5c06\u51fd\u6570\u540d\u4f5c\u4e3a\u53c2\u6570\u4f20\u5165\u516c\u5171\u5904\u7406\u51fd\u6570\uff0c\u8bbe\u8ba1\u66f4\u6e05\u6670\u3002
import re\n\n# 0000 11c4 0\nbb_regex = re.compile(r\"([0-9a-f]+) ([0-9a-f]+) ([0-9]+)\")\ndef parse_bb_line(line):\n event_id, pc, cnt = bb_regex.match(line).groups()\n\n event_id = int(event_id, 16)\n pc = int(pc, 16)\n cnt = int(cnt)\n\n return event_id, pc, cnt\n\ndef parse_mmio_set_line(line):\n pc, addr, mode = line.split(\" \")\n return (int(pc, 16), int(addr, 16), mode[0])\n\ndef _parse_file(filename, line_parser):\n try:\n with open(filename, \"r\") as f:\n return [line_parser(line) for line in f.readlines() if line]\n except FileNotFoundError:\n return []\n\ndef parse_bbl_trace(filename):\n return _parse_file(filename, parse_bb_line)\n\ndef parse_mmio_set(filename):\n return _parse_file(filename, parse_mmio_set_line)\nCap'n Proto\u597d\u50cf\u662f\u4e00\u79cd\u5e2e\u52a9\u5feb\u901f\u5e8f\u5217\u5316/\u53cd\u5e8f\u5217\u5316\u7684\u5de5\u5177\uff0cpython\u8fd9\u8fb9\u5c01\u88c5\u4e86C++\u7684\u5b9e\u73b0\uff0c\u9700\u8981pip\u5b89\u88c5pycapnp\u8fd9\u4e2a\u5305\u3002\u4f7f\u7528\u65f6\u9700\u8981\u9996\u5148\u5b9a\u4e49\u6570\u636e\u7ed3\u6784\uff0c\u6bd4\u5982\uff1a
// test.capnp\nstruct TraceEvent {\nunion {\nbasicBlock @0 :BasicBlock;\naccess @1 :Access;\n}\n}\n\nstruct BasicBlock {\npc @0 :UInt32;\nlr @1 :UInt32;\n}\n\nstruct Access {\ntarget @0 :AccessTarget;\ntype @1 :AccessType;\nsize @2 :UInt8;\npc @3 :UInt32;\n}\n\nenum AccessTarget {\nram @0;\nmmio @1;\n}\nenum AccessType {\nread @0;\nwrite @1;\n}\nimport capnp\nimport test_capnp\n\n# \u8fde\u7eed\u5199\u5165\u6587\u4ef6\uff0c\u5bf9union\u521d\u59cb\u5316\ntrace_file = open('test.bin','wb')\nevent = test_capnp.TraceEvent.new_message()\nbasicBlock = event.init('basicBlock')\nbasicBlock.pc = uc.reg_read(UC_ARM_REG_PC)\nbasicBlock.lr = uc.reg_read(UC_ARM_REG_LR)\nevent.write(trace_file)\nevent.write(trace_file)\ntrace_file.close()\n\n# \u4ece\u6587\u4ef6\u4e2d\u8fde\u7eed\u8bfb\u53d6\uff0c\u89e3\u6790union\ntrace_file = open('test.bin','rb')\nfor event in test_capnp.TraceEvent.read_multiple(f):\n if event.which() == 'basicBlock':\n print(event.basicBlock.pc)\ntrace_file.close()\n\u5982\u679c\u9700\u8981\u8ba9\u7a0b\u5e8f\u5728\u8fd0\u884c\u4e00\u6bb5\u65f6\u95f4\u540e\u7ec8\u6b62\uff0c\u5728\u7a0b\u5e8f\u5185\u90e8\u8fdb\u884c\u65f6\u95f4\u68c0\u67e5\u5e76\u4e0d\u4f18\u96c5\uff08\u56e0\u4e3a\u662f\u65e0\u5173\u903b\u8f91\u7684\uff09\uff1b\u53ef\u4ee5\u4e3a\u8fd9\u4e2a\u5b50\u7a0b\u5e8f\u8bbe\u8ba1signal
pipeline = Pipeline(args.target_dir, args.project_name, args.base_inputs, args.num_local_fuzzer_instances, args.disable_modeling, write_worker_logs=not args.silent_workers, do_full_tracing=args.full_traces, config_name=args.runtime_config_name, timeout_seconds=timeout_seconds, use_aflpp=args.aflpp)\n\ntry:\n if timeout_seconds != 0:\n def handler(signal_no, stack_frame):\n pipeline.request_shutdown()\n\n # spin up an alarm for the time\n signal.signal(signal.SIGALRM, handler)\n signal.alarm(timeout_seconds)\n\n pipeline.start()\nexcept Exception as e:\n logger.error(f\"Got exception, shutting down pipeline: {e}\")\n import traceback\n traceback.print_exc()\n status = 1\nfuzzware\u91cc\u6dfb\u52a0\u9000\u51fahandler\u6253\u5370state\uff08\u5373\u6a21\u62dfcoredump\uff09\u65f6\uff0c\u4f7f\u7528\u4e86IntelHex\u6765\u4fdd\u5b58\u4e2d\u95f4\u7ed3\u679c\u3002\u53ef\u4ee5\u53c2\u8003\u4e0b\u9762\u7684\u4f8b\u5b50\uff0c\u8fdb\u884c\u76f8\u4e92\u8f6c\u5316\u3002IntelHex\u6587\u4ef6\u672c\u8eab\u7684\u683c\u5f0f\uff0c\u53ef\u4ee5\u53c2\u8003\u8fd9\u91cc
from intelhex import IntelHex\nih = IntelHex()\n\ndata = {\n 0x30000000: b'\\x00\\x01\\x02\\x03\\x04',\n 0x20002000: b'\\x04\\x05\\x06\\x07'\n}\n\nfor base_addr, contents in data.items():\n ih.puts(base_addr, contents)\n\nwith open('test.hex', 'w') as f:\n ih.write_hex_file(f)\n\n\n# \u4ece\u5df2\u6709\u7684hex\u6587\u4ef6\u4e2d\u8bfb\u53d6\u6570\u636e\nih = IntelHex()\nih.fromfile('test.hex', format='hex')\n\n\"\"\"test.hex\n:020000042000DA\n:0420000004050607C6\n:020000043000CA\n:050000000001020304F1\n:00000001FF\n\nhex\u683c\u5f0f\u4ee5\u5192\u53f7\u5f00\u5934\uff0c\u968f\u540e1\u5b57\u8282\u8868\u793a\u6570\u636e\u957f\u5ea6\uff0c\u7d27\u63a54\u5b57\u8282\u8868\u793a\u5730\u5740\uff0c\u968f\u540e1\u5b57\u8282\u4e3a\u8bb0\u5f55\u7c7b\u578b\uff1a\n00\uff1a\u8868\u793a\u6570\u636e\n01\uff1a\u8868\u793a\u6587\u4ef6\u7ed3\u675f\n02\uff1a\u8868\u793a\u6269\u5c55\u6bb5\u5730\u5740\u3002\u968f\u540e\u76842\u5b57\u8282\u5de6\u79fb4\u4f4d\uff0c\u4f5c\u4e3a\u6bb5\u5730\u5740\uff0c\u5728\u4e4b\u540e\u7684\u8ba1\u7b97\u4e2d\u548c\u5730\u5740\u76f8\u52a0\u4f5c\u4e3a\u6700\u540e\u5730\u5740\n03\uff1a\u8868\u793a\u8d77\u59cb\u6bb5\u5730\u5740\u3002\u968f\u540e\u76844\u5b57\u8282\u4e2d\uff0c\u524d\u3001\u540e2\u5b57\u8282\u5206\u522b\u8868\u793aCS\u3001IP\n04\uff1a\u8868\u793a\u6269\u5c55\u7ebf\u6027\u5730\u5740\u3002\u968f\u540e\u76842\u5b57\u8282\u6307\u5b9a32\u5730\u5740\u7684\u9ad816\u4f4d\n05\uff1a\u8868\u793a\u8d77\u59cb\u7ebf\u6027\u5730\u5740\u3002\u968f\u540e\u76844\u5b57\u8282\u6307\u5b9a\u6307\u4ee4\u6267\u884c\u8d77\u59cb\u5730\u5740\n\u6700\u540e\u4e00\u5b57\u8282\u8868\u793a\u6821\u9a8c\u7801\n\n\u6bd4\u5982:020000042000DA\uff0c\u5206\u4e3a:02 0000 04 2000 DA\n\"\"\"\n\n# \u83b7\u53d6\u89e3\u6790\u540e\u7684\u6570\u636e\uff0c\u5e76\u5408\u5e76\u8fde\u7eed\u7684\u5730\u5740\nrestored_data = {}\ncurrent_address = None\ncurrent_data = b''\n\nfor address in ih.addresses():\n # Check if the address is consecutive with the current data\n if current_address is None or address == current_address + len(current_data):\n if current_address is None:\n current_address = address\n current_data += bytes([ih[address]])\n else:\n # Save the previous data and start a new block\n restored_data[current_address] = current_data\n current_address = address\n current_data = bytes([ih[address]])\n\n# Save the last block of data\nif current_address is not None:\n restored_data[current_address] = current_data\n\n# \u8f93\u51fa\u8fd8\u539f\u540e\u7684data\u5b57\u5178\nprint(restored_data)\n# {536879104: b'\\x04\\x05\\x06\\x07', 805306368: b'\\x00\\x01\\x02\\x03\\x04'}\n\u4ec0\u4e48\u662f\u6839\u56e0\u5206\u6790\uff1f \u6839\u56e0\u5206\u6790(Root Cause Analysis)\u6216\u8005\u8bf4\u7f3a\u9677\u5b9a\u4f4d(Fault Localization)\u662f\u7a0b\u5e8f\u5f00\u53d1\u4eba\u5458\u6216\u5b89\u5168\u5206\u6790\u4eba\u5458\u5728\u786e\u8ba4\u7a0b\u5e8f\u5b58\u5728\u5f02\u5e38\u884c\u4e3a\u540e\uff0c\u901a\u8fc7\u624b\u52a8\u6216\u81ea\u52a8\u7684\u65b9\u6cd5\u6765\u5b9a\u4f4d\u5f02\u5e38\u884c\u4e3a\u7684\u6839\u672c\u539f\u56e0\u7684\u8fc7\u7a0b\u3002\u6839\u56e0\u5206\u6790\u662f\u7a0b\u5e8f\u5b89\u5168\u5206\u6790\u6d41\u7a0b\u4e2d\u6bd4\u8f83\u91cd\u8981\u7684\u4e00\u73af\u3002
\u4e3a\u4ec0\u4e48\u9700\u8981\u8bbe\u8ba1\u4e00\u4e9b\u6839\u56e0\u5206\u6790\u65b9\u6cd5\uff1f \u5728\u5f53\u4e0b\u5404\u7c7b\u81ea\u52a8\u5316\u6f0f\u6d1e\u6316\u6398\u5de5\u5177(\u6bd4\u5982\u5404\u7c7bfuzzer)\u7684\u8f85\u52a9\u4e0b\uff0c\u6bcf\u65e5\u53d1\u73b0\u7684bug\u6570\u91cf\u5df2\u7ecf\u8fdc\u8d85\u5f00\u53d1\u4eba\u5458\u786e\u8ba4\u5e76\u4fee\u590d\u7684\u6570\u91cf\u3002\u8bbe\u8ba1\u4e00\u79cd\u81ea\u52a8\u5316\u53d1\u73b0\u6f0f\u6d1e\u7684\u5de5\u5177\u5e76\u4e0d\u96be\uff0c\u96be\u5728\u5982\u4f55\u6839\u636e\u8fd9\u4e9b\u5de5\u5177\u62a5\u51fa\u7684crash\u4fe1\u606f\u6765\u51c6\u786e\u5730\u5206\u6790\u51fa\u6f0f\u6d1e\u7684\u6839\u672c\u539f\u56e0\u3002\u5bf9\u4e8e\u5927\u578b\u7a0b\u5e8f\u800c\u8a00\uff0c\u5d29\u6e83\u6d4b\u8bd5\u6837\u4f8b(crashing testcase)\u6267\u884c\u4e0b\u6765\u53ef\u80fd\u7ecf\u5386\u4e86\u51e0\u767e\u4e07\u6761\u6c47\u7f16\u6307\u4ee4\uff0c\u624b\u5de5\u786e\u8ba4\u7a0d\u5fae\u6709\u70b9\u4e0d\u73b0\u5b9e\u4e86\u3002\u56e0\u6b64\u9700\u8981\u8bbe\u8ba1\u4e00\u4e9b(\u81ea\u52a8\u5316)\u7684\u6839\u56e0\u5206\u6790\u5de5\u5177\u3002
\u600e\u4e48\u8fdb\u884c\u6839\u56e0\u5206\u6790\uff1f\u76ee\u524d\u6709\u54ea\u4e9b\u5de5\u4f5c\uff1f \u6700\u6734\u7d20\u800c\u76f4\u89c2\u7684\u601d\u60f3\u5c31\u662f\u6d88\u8017\u5b89\u5168\u5206\u6790\u4eba\u5458\u7684\u7cbe\u529b\uff0c\u4ece\u7a0b\u5e8f\u7684\u5165\u53e3\u70b9(entry)\u6216\u8005\u5d29\u6e83\u70b9(crash site)\u51fa\u53d1\uff0c\u770b\u770b\u7a0b\u5e8f\u662f\u600e\u4e48\u6267\u884c\u7684\uff0c\u54ea\u4e9b\u5143\u7d20(program entity)\u4f1a\u5bfc\u81f4\u6700\u540e\u7684crash\uff0c\u7136\u540e\u518d\u8fdb\u884c\u5bf9\u5e94\u7684\u4fee\u590d\u3002\u6839\u636e\u5b9a\u4f4d\u5143\u7d20\u7684\u7c92\u5ea6\u4e0d\u540c\uff0c\u6839\u56e0\u5206\u6790\u53ef\u4ee5\u5b9a\u4f4d\u5230\u51fd\u6570\u7ea7(function level)\u3001\u8bed\u53e5\u7ea7(statement level)\u3001\u6c47\u7f16\u6307\u4ee4\u7ea7(instruction level)\u3002\u7531\u4e8e\u5728\u6c47\u7f16\u6307\u4ee4\u4e0a\u8fdb\u884c\u5206\u6790\u53ef\u4ee5\u66f4\u666e\u9002\u5730\u9002\u5e94\u591a\u79cd\u7f16\u7a0b\u8bed\u8a00\u3001\u4e0d\u9700\u8981\u83b7\u53d6\u6e90\u7801\uff0c\u6240\u4ee5\u4e0b\u6587\u7684\u8ba8\u8bba\u90fd\u662f\u56f4\u7ed5\u6c47\u7f16\u6307\u4ee4\u7ea7\u5c55\u5f00\u3002
\u76ee\u524d\u4e00\u4e9b\u81ea\u52a8\u5316\u6839\u56e0\u5206\u6790\u7814\u7a76\u601d\u8def\u6709\uff1a
\u8fd9\u4e9b\u7814\u7a76\u601d\u8def\u90fd\u89e3\u51b3\u4e86\u4ec0\u4e48\u95ee\u9898\uff1f\u6709\u4ec0\u4e48\u72ec\u7279\u7684\u4f18\u70b9\uff1f\u5b58\u5728\u54ea\u4e9b\u72ec\u6709\u7684\u4e0d\u8db3\uff1f \u57fa\u4e8e\u7a0b\u5e8f\u8c31\u7684\u5206\u6790\u65b9\u6cd5\u76f4\u89c2\u4e0a\u4f3c\u4e4e\u6709\u70b9\u9053\u7406\u3002\u5b83\u4ec5\u8003\u8651\u6c47\u7f16\u6307\u4ee4\u672c\u8eab\uff0c\u800c\u4f46\u4ec5\u4ec5\u4ece\u7edf\u8ba1\u7ed3\u679c\u4e0a\u53bb\u5206\u6790\uff0c\u53ef\u80fd\u5e76\u4e0d\u80fd\u51c6\u786e\u5206\u6790\u51fa\u903b\u8f91\u4e0a\u7684root cause\u3002\u8fd9\u7c7b\u65b9\u6cd5\u4e00\u822c\u4f1a\u8bbe\u8ba1\u4e00\u79cd\u6392\u540d\u7b56\u7565(ranking)\uff0c\u5bf9\u9009\u62e9\u51fa\u7684\u53ef\u7591\u6307\u4ee4\u8fdb\u884ctop1-topn\u7684\u6392\u540d\uff0c\u6765\u8bd5\u56fe\u63d0\u9ad8\u51c6\u786e\u6027\u3002\u8fd9\u7c7b\u65b9\u6cd5\u4e00\u822c\u9700\u8981\u6839\u636e\u4e00\u4e2a\u5d29\u6e83\u6837\u4f8b\u4ee5\u53ca\u548c\u5b83\u76f8\u4f3c\u7684\u5d29\u6e83\u6837\u4f8b\u548c\u975e\u5d29\u6e83\u6837\u4f8b\u8fdb\u884c\u5206\u6790\uff0c\u56e0\u6b64\u65f6\u7a7a\u5f00\u9500\u90fd\u6bd4\u8f83\u5927\u3002
\u4e8b\u540e\u5206\u6790\u65b9\u6cd5\u76f8\u6bd4\u7a0b\u5e8f\u8c31\u5206\u6790\u65b9\u6cd5\u8003\u8651\u4e86\u6307\u4ee4\u8bed\u4e49\uff0c\u6bd4\u5982\u5728\u9006\u5411\u6267\u884c\u7684\u65f6\u5019\u4f1a\u8bbe\u8ba1\u4e00\u4e9b\u6c47\u7f16\u6307\u4ee4handler\uff0c\u5bf9\u4e8e\u5185\u5b58\u7684\u5206\u6790\u4e5f\u4f1a\u66f4\u7cbe\u786e\u4e9b\u3002\u4f46\u6c61\u70b9\u5206\u6790\u65b9\u6cd5\u6bd5\u7adf\u5b58\u5728\u8fc7\u5ea6\u6c61\u67d3(over-tainting)\u7684\u95ee\u9898\uff0c\u5bfc\u81f4\u7ed3\u679c\u5197\u4f59\u6bd4\u8f83\u4e25\u91cd\u3002
\u57fa\u4e8e\u6a21\u578b\u7684\u5206\u6790\u65b9\u6cd5\u5229\u7528AI\u7684\u4f18\u52bf\uff0c\u53ef\u4ee5\u7ed9\u51fa\u66f4\u6709\u8bed\u4e49\u4fe1\u606f\u7684root cause\uff0c\u5728\u4e00\u5b9a\u7a0b\u5ea6\u4e0a\u5e2e\u52a9\u5f00\u53d1\u4eba\u5458\u53bb\u5206\u6790\u3002\u4e0d\u8fc7\u6a21\u578b\u7684\u8bad\u7ec3\u4f9d\u8d56\u8bad\u7ec3\u96c6\u7684\u8d28\u91cf\uff0c\u5e76\u4e14\u53d7\u7a0b\u5e8f\u8bed\u4e49\u5f71\u54cd\u5f88\u5927\u3002\u5728\u4e0d\u540c\u9886\u57df\u4e4b\u95f4\u53ef\u80fd\u8fc1\u79fb\u6027\u4e0d\u662f\u5f88\u597d\uff0c\u6bd4\u5982\u6ca1\u6cd5\u5904\u7406\u4e00\u4e9b\u7279\u5b9a\u7684\u5bc6\u7801\u5b66\u51fd\u6570\u3002\u4e14\u4e3a\u5f85\u6d4b\u7a0b\u5e8f\u5efa\u7acb\u6a21\u578b\u6765\u63cf\u8ff0\u5176\u7ed3\u6784\u4e0e\u884c\u4e3a\u662f\u975e\u5e38\u590d\u6742\u3001\u8017\u65f6\u7684\u4e8b\u60c5
\u73b0\u6709\u7684\u8fd9\u4e9b\u65b9\u6cd5\u6709\u6ca1\u6709\u4ec0\u4e48\u666e\u904d\u5b58\u5728\u7684\u95ee\u9898\uff1f \u5728\u6700\u540e\u8bc4\u4f30\u9636\u6bb5(evaluation)\uff0c\u4e00\u822c\u5148\u901a\u8fc7\u624b\u5de5\u5206\u6790\u786e\u5b9a\u54ea\u4e9b\u6c47\u7f16\u6307\u4ee4\uff0c\u5982\u679c\u65b9\u6cd5\u8f93\u51fa\u7684\u6c47\u7f16\u6307\u4ee4\u96c6\u5408\u91cc\u5305\u542b\u8fd9\u4e9b\u6307\u4ee4\uff0c\u90a3\u4e48\u5c31\u8ba4\u4e3a\u662f\u53d1\u73b0\u4e86root cause\u3002\u4f46\u81ea\u52a8\u5316\u65b9\u6cd5\u6bd5\u7adf\u7f3a\u5c11\u4eba\u5de5\u53c2\u4e0e\uff0c\u7ed9\u51fa\u7684\u7ed3\u679c\u4e00\u5b9a\u662f\u4e0d\u51c6\u786e\u7684\u3002\u73b0\u6709\u7684\u5de5\u4f5c\u7684\u4e00\u4e2a\u4e3b\u6d41\u601d\u60f3\u5728\u4e8e\u201c\u65b9\u6cd5\u7ed9\u51fa\u7684\u96c6\u5408\u53ef\u4ee5\u5305\u542b\u65e0\u5173\u6307\u4ee4\uff0c\u4f46\u4e0d\u80fd\u7f3a\u5c11\u76f8\u5173\u6307\u4ee4\u201d\uff0c\u65e8\u5728\u63d0\u9ad8\u53ec\u56de\u7387(recall)\u3002\u56e0\u6b64\u5f80\u5f80\u7ed9\u51fa\u4e0eroot cause\u4e0d\u76f8\u5173\u7684\u6307\u4ee4\u3002\u4f46\u5b9e\u9645\u4e0a\uff0c\u5728\u6700\u540e\u7684\u4fee\u590d\u7aef\uff0c\u5982\u679c\u7ed9\u51fa\u4e0d\u76f8\u5173\u6307\u4ee4\u8fc7\u591a\uff0c\u90a3\u4e48\u4ecd\u7136\u9700\u8981\u5f00\u53d1\u8005\u53bb\u5206\u6790\uff0c\u4f9d\u65e7\u8017\u65f6\u8017\u529b\u3002
\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c9.43%\u5e0c\u671broot cause\u5728\u5206\u6790\u7ed3\u679c\u7684Top1\uff0c73.58%\u5bb9\u8bb8\u5728Top5\uff0c15.09%\u5bb9\u8bb8\u5728Top10\u3002\u6240\u4ee5\u7ea698%\u7684\u60c5\u51b5\u4e0b\u9700\u8981\u5728Top10\u5185\u7ed9\u51fa\u7ed3\u679c\u3002\u5c31\u5206\u6790\u51c6\u786e\u5ea6\u4e0e\u5f00\u53d1\u4eba\u5458\u6ee1\u610f\u5ea6\u800c\u8a00\uff0c\u5982\u679cRCA\u5de5\u5177\u51c6\u786e\u5ea6\u8fbe90%\uff0c\u6ee1\u610f\u5ea6\u51e0\u4e4e\u8fbe\u5230100%\u4e86\u3002\u51c6\u786e\u5ea6\u4f4e\u4e8e20%\u65f6\u53ea\u670912%\u63a5\u53d7\uff0c\u5982\u679c\u6ee1\u610f\u5ea6\u8fbe50%\u300175%\u300190%\uff0c\u51c6\u786e\u5ea6\u9700\u8981\u5206\u522b\u8fbe\u523050%\u300175%\u300185%\uff08\u4f46\u662f\u539f\u6587\u8bf490%\uff09\u3002
\u76ee\u524d\u7684\u7edd\u5927\u90e8\u5206RCA\u5206\u6790\u7684\u5de5\u4f5c\u7684\u8f93\u51fa\u662f\u4e24\u7c7b\uff1aranked list\u548csuspicious set\u3002\u4f46\u4e24\u8005\u90fd\u5b58\u5728\u7684\u95ee\u9898\u662f\u4ec5\u4ec5\u9ad8\u4eae\u4e86\u53ef\u80fd\u5b58\u5728bug\u7684\u5143\u7d20\uff0c\u800c\u7f3a\u4e4f\u4e00\u4e9brational\u7684\u5206\u6790\u3002
"},{"location":"rca/#_2","title":"\u4e0d\u540c\u7684\u5206\u6790\u7c92\u5ea6\u7684\u4f18\u52bf","text":"\u57fa\u4e8e\u6587\u4ef6\u7c92\u5ea6\u7684RCA\u5de5\u4f5c\uff08\u6bd4\u5982Scaffle\uff09\u5e0c\u671b\u627e\u5230\u5305\u542b\u767e\u4e07\u7ea7\u540c\u8d28\u4ee3\u7801\u5e93\u4e2d\u54ea\u4e9b\u6587\u4ef6\u548ccrash\u6709\u5173\u3002\u5728\u6b64\u57fa\u7840\u4e0a\u8ba9\u5bf9\u5e94\u7684\u5de5\u7a0b\u5e08\u56e2\u961f\u53bb\u5904\u7406bug\uff0c\u6709\u5229\u4e8e\u5927\u578b\u7ec4\u7ec7\u7ba1\u7406\u3002
\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c\u5f00\u53d1\u8005\u5bf9\u7c92\u5ea6\u7684top3\u671f\u671b\u4f9d\u6b21\u662f\u65b9\u6cd5\u7ea7\u522b\u3001\u8bed\u53e5\u7ea7\u522b\u3001\u57fa\u672c\u5757\u7ea7\u522b\uff0c\u4e0d\u8fc7\u5bf9\u8fd9\u4e09\u79cd\u7c92\u5ea6\u7684\u503e\u5411\u4e4b\u95f4\u6ca1\u6709\u660e\u663e\u5dee\u5f02\u3002\u800c\u5f53\u65f6\u6bd4\u8f83\u591a\u7684\u65b9\u6cd5\u662f\u8bed\u53e5\u7ea7\u522b\u7684
"},{"location":"rca/#_3","title":"\u5206\u6790\u65f6\u95f4\u5f00\u9500","text":"\u6839\u636e\u91c7\u7528\u7684\u7b56\u7565\u4e0d\u540c\uff0cRCA\u4e4b\u95f4\u7684\u65f6\u95f4\u5f00\u9500\u5dee\u5f02\u53ef\u80fd\u8fbe\u4e24\u4e2a\u6570\u91cf\u7ea7\u3002\uff08\u79d2\u7ea7-\u5206\u949f\u7ea7-\u5c0f\u65f6\u7ea7\uff09\u3002
\u636eISSTA 2016\u4e00\u7bc7\u8c03\u7814\uff08Practitioners\u2019 expectations on automated fault localization\uff09\uff0c90%\u5f00\u53d1\u8005\u63a5\u53d71min\u4ee5\u5185\u7684\u5206\u6790\uff0c\u4e0d\u52309%\u5f00\u53d1\u8005\u63a5\u53d7\u8d85\u8fc71h\u7684\u5206\u6790\u300250%\u5f00\u53d1\u8005\u5927\u6982\u572830min\u4ee5\u5185\u3002
"},{"location":"rca/#_4","title":"\u4e00\u4e9b\u60f3\u6cd5","text":"\u4ee5\u4e0a\u5185\u5bb9\u4ec5\u4ee3\u8868\u4e2a\u4eba\u89c2\u70b9\uff0c\u4e0d\u5b9a\u671f\u66f4\u65b0\uff0c\u6b22\u8fce\u8ba8\u8bba
"},{"location":"readings/","title":"\u6587\u7ae0\u9605\u8bfb","text":""},{"location":"readings/#_2","title":"\u7efc\u5408\u6027\u77e5\u8bc6\u5b66\u4e60","text":"DLL\u6ce8\u5165\uff0cWindows\u6d88\u606f\u94a9\u53d6\uff0cDLL\u5378\u8f7d\uff0c\u4ee3\u7801\u6ce8\u5165\uff0cAPI\u94a9\u53d6\uff0c\u8fdb\u7a0b\u9690\u85cf\uff0cIE\u8fde\u63a5\u63a7\u5236\uff0cTLS\u56de\u8c03\u51fd\u6570\uff0cTEB\uff0cPEB\uff0cSEH\uff0cIA-32\uff0c\u53cd\u8c03\u8bd5\uff08\u9759\u6001\u3001\u52a8\u6001\uff09\uff0cPE\u955c\u50cf\uff0cDebug Blocker
"},{"location":"reverse-basic/","title":"\u9006\u5411\u57fa\u7840","text":"\u9006\u5411\u51fd\u6570\u65f6\uff0c\u8981\u63d0\u524d\u9884\u6d4b\u4e0b\u51fd\u6570\u5b9e\u73b0\u673a\u5236\uff0c\u4ee5\u8282\u7701\u65f6\u95f4\u3002\u8981\u660e\u767d\u54ea\u4e9b\u90e8\u5206\u5c5e\u4e8e\u7a0b\u5e8f\u7279\u6709\u7684\u5b9e\u73b0\uff0c\u54ea\u4e9b\u90e8\u5206\u5c5e\u4e8e\u7b2c\u4e09\u65b9\u7684\u5e93\uff0c\u4e0d\u8981\u968f\u4fbf\u8fdb\u5230\u7b2c\u4e09\u65b9\u5e93\u6216\u8005\u5e95\u5c42API\u91cc\u9762\u5206\u6790\u3002
"},{"location":"reverse-basic/#_2","title":"\u8c03\u7528\u7ea6\u5b9a","text":"cdecl\uff08C\u9ed8\u8ba4\uff09\u7531caller\u8d1f\u8d23\u6e05\u7406\u6808\u4e0a\u4f20\u5165\u53c2\u6570\u3002
stdcall\u7531callee\u8d1f\u8d23\u6e05\u7406\u6808\u4e0a\u4f20\u5165\u53c2\u6570\uff08Win32API\uff09\uff0c\u88ab\u8c03\u51fd\u6570\u8fd4\u56de\u65f6\u4f7f\u7528RETN X\u6765\u9000\u51fa\uff0c\u76f8\u5f53\u4e8eRETN\u3001POP X\u3002\u6bd4\u5982\u9000\u4e24\u4e2a\u53c2\u6570\uff0c\u5c31RETN 8\u3002
fastcall\u4e3a\u4e86\u63d0\u9ad8\u901f\u5ea6\uff0c\u5206\u522b\u4f7f\u7528ECX\u3001EDX\u4f20\u9012\u524d\u4e24\u4e2a\u53c2\u6570\uff0c\u66f4\u591a\u53c2\u6570\u8fd8\u662f\u4f7f\u7528\u5185\u5b58\u3002 \u4f20\u53c2\u65f6\u90fd\u662f\u4ece\u53f3\u5411\u5de6\u4ee5\u6b64\u538b\u5165\u6808\u4e2d\u3002
"},{"location":"reverse-basic/#_3","title":"\u4e00\u4e9b\u5e38\u89c1\u6c47\u7f16\u64cd\u4f5c\u7b26","text":"call \u5305\u62ec\u4fdd\u5b58\u8fd4\u56de\u5730\u5740\u3001IP\u8df3\u8f6c
retn \u5373pop EIP
test \u76f8\u5f53\u4e8eAND\uff0c\u4f46\u662f\u4e0d\u6539\u53d8\u666e\u901a\u5bc4\u5b58\u5668\u7684\u503c\uff0c\u53ea\u4fee\u6539EFLAGS\u5bc4\u5b58\u5668
NOP\u6307\u4ee4\u901a\u5e38\u7528\u4e8e\u63a7\u5236\u65f6\u5e8f\u7684\u76ee\u7684\uff0c\u5f3a\u5236\u5185\u5b58\u5bf9\u9f50\uff0c\u9632\u6b62\u6d41\u6c34\u7ebf\u707e\u96be\uff0c\u5360\u636e\u5206\u652f\u6307\u4ee4\u5ef6\u8fdf\uff0c\u6216\u662f\u4f5c\u4e3a\u5360\u4f4d\u7b26\u4ee5\u4f9b\u7a0b\u5e8f\u7684\u6539\u5584\uff08\u6216\u66ff\u4ee3\u88ab\u79fb\u9664\u7684\u6307\u4ee4\uff09\u3002
"},{"location":"reverse-basic/#_4","title":"\u51fd\u6570\u6267\u884c\u6808\u5e27\u63a8\u65ad","text":"\u51fd\u6570\u5185\u90e8\u4e00\u822c\u5148\u4f1a\u6267\u884c\u4ee5\u4e0b\u4e24\u6761\u6307\u4ee4\uff1a
push ebp\nmov ebp,esp\n\u53ef\u4ee5\u89c2\u5bdfebp\u548cesp\u7684\u4fee\u6539\u60c5\u51b5\u63a8\u65ad\u51fd\u6570\u6808\u5e27
"},{"location":"reverse-basic/#_5","title":"\u540d\u79f0\u4fee\u9970","text":"\u540d\u79f0\u4fee\u9970\uff08name mangling\uff0cname decoration\uff09\uff0c\u7528\u6765\u89e3\u51b3\u6807\u5fd7\u7b26\u7684\u552f\u4e00\u547d\u540d\u95ee\u9898\u3002\u6bd4\u5982\u5728\u4e0d\u540c\u7684\u547d\u540d\u7a7a\u95f4\u5b9e\u73b0\u76f8\u540c\u540d\u79f0\u7684\u51fd\u6570\uff0c\u8fd9\u4e2a\u51fd\u6570\u5728\u600e\u4e48\u8868\u793a\u5462\uff1f\u540d\u79f0\u4fee\u9970\u6280\u672f\u7528\u6765\u751f\u6210\u552f\u4e00\u7684\u6807\u5fd7\u7b26\uff0c\u4fdd\u7559\u547d\u540d\u7a7a\u95f4\u3001\u51fd\u6570\u540d\u3001\u7ed3\u6784\u4f53\u540d\u3001\u7c7b\u540d\u4ee5\u53ca\u53c2\u6570\u7c7b\u578b\u7b49\u7b49\u4fe1\u606f\u3002\u540d\u79f0\u4fee\u9970\u548c\u8c03\u7528\u7ea6\u5b9a\u3001\u7f16\u8bd1\u5668\u6709\u5173\uff0c\u5e94\u7528\u6700\u5e7f\u6cdb\u7684\u662fC++\u7684\u4ee3\u7801\uff08\u5c24\u5176\u662f\u6df7\u5408C\u7f16\u8bd1\u65f6\uff09\u3002\u6bd4\u5982_ZN9wikipedia7article6formatEv\u53ef\u4ee5\u7528\u6765\u8868\u793a\uff1a
namespace wikipedia\n{\nclass article\n{\npublic:\nstd::string format();\n}\n}\n\u5176\u4e2d_Z\u662f\u5f00\u5934\uff08\u4e0b\u5212\u7ebf+\u5927\u5199\u5b57\u6bcd\u5728C\u4e2d\u662f\u4fdd\u7559\u7684\u6807\u5fd7\u7b26\uff0c\u907f\u514d\u51b2\u7a81\uff09\uff0cN\u8868\u793a\u662f\u5d4c\u5957\u6709\u547d\u540d\u7a7a\u95f4\u548c\u7c7b\u540d\uff0c\u968f\u540e\u7684\u6570\u5b57+\u5b57\u6bcd\u4e2d\uff0c\u6570\u5b57\u8868\u793a\u957f\u5ea6\uff0c\u5b57\u6bcd\u8868\u793a\u540d\u79f0\uff0c\u5e76\u4ee5E\u7ed3\u675f\u3002\u4e4b\u540e\u7684\u53c2\u6570\u8868\u793a\u51fd\u6570\u7684\u53c2\u6570\u7c7b\u578b\uff0cv\u4e3avoid\u3002
PE\uff08Portable Execution\uff09\u6587\u4ef6\u662fWindows\u7cfb\u7edf\u4f7f\u7528\u7684\u53ef\u6267\u884c\u6587\u4ef6\u683c\u5f0f\u3002
#pragma data_seg()\u53ef\u4ee5\u5c06\u4ee3\u7801\u4efb\u610f\u90e8\u5206\u7f16\u8bd1\u5230PE\u6587\u4ef6\u4efb\u610f\u8282\uff0c\u8282\u540d\u4e5f\u53ef\u4ee5\u81ea\u5b9a\u4e49\u3002
"},{"location":"reverse-basic/#_6","title":"\u9759\u6001\u94fe\u63a5\u5e93\u4e0e\u52a8\u6001\u94fe\u63a5\u5e93","text":"\u9759\u6001\u5e93\u7684\u62d3\u5c55\u540d\u4e3a.a\u6216.lib\uff1b\u52a8\u6001\u5e93\u7684\u62d3\u5c55\u540d\u4e00\u822c\u4e3a.so\u6216.dll
\u9759\u6001\u5e93\u7f16\u8bd1\u65f6\u76f4\u63a5\u6574\u5408\u5230\u76ee\u6807\u7a0b\u5e8f\u4e2d\uff0c\u7f16\u8bd1\u6210\u529f\u540e\u7684\u53ef\u6267\u884c\u6587\u4ef6\u53ef\u4ee5\u72ec\u7acb\u8fd0\u884c\uff1b\u52a8\u6001\u5e93\u7f16\u8bd1\u65f6\u53ef\u6267\u884c\u7a0b\u5e8f\u65e0\u6cd5\u72ec\u7acb\u8fd0\u884c
\u9759\u6001\u5e93\u66f4\u65b0\u540e\u9700\u8981\u66f4\u65b0\u6574\u4e2a\u76ee\u6807\u7a0b\u5e8f\uff1b\u52a8\u6001\u5e93\u66f4\u65b0\u540e\u53ea\u9700\u66f4\u6362\u65b0\u7684\u52a8\u6001\u5e93\u5373\u53ef
\u9759\u6001\u5e93\u7f16\u8bd1\u547d\u4ee4\uff1agcc -c xx.c -o xx.o\uff0car crs libxx.a xx.o\uff1b\u52a8\u6001\u5e93\u7f16\u8bd1\u547d\u4ee4\uff1agcc xx.c -o libxx.so -shared -fPIC\u5176\u4e2d-fPIC\u8868\u793a\u4f7f\u7528\u76f8\u5bf9\u4f4d\u7f6e
\u6dfb\u52a0\u591a\u4e2a\u7b26\u53f7\u8868add-symbol-file xxx addr\u5176\u4e2daddr\u662f\u4ee3\u7801\u6bb5\u8d77\u59cb\u5730\u5740\uff0cxxx\u53ef\u4ee5\u4e3asym\u6587\u4ef6\uff0c\u6216elf\u6587\u4ef6\u7b49\u3002\u53d8\u5f02\u65f6\u9700\u8981\u52a0\u4e0a-g\u4fdd\u7559\u7b26\u53f7\u8868(\u6307\u5b9a\u5177\u4f53\u683c\u5f0f\u5982-g2 -gdwarf-2)\uff0c\u53ef\u4ee5\u9010\u4e2a\u4f7f\u7528add-symbol-file\uff0c\u90fd\u6dfb\u52a0\u8fdb\u53bb\u3002
\u4f7f\u7528ulimit -c unlimited\u8bbe\u7f6e\u4e0d\u9650\u5236coredump\u6587\u4ef6\u5927\u5c0f\uff0c\u7136\u540eroot\u7528\u6237echo \"core-%e-%p\" > /proc/sys/kernel/core_pattern\u8bbe\u7f6e\u4fdd\u7559\u7a0b\u5e8f\u540d\u3001pid\uff0c\u5219\u5bf9\u4e8e\u7f16\u8bd1\u65f6\u6dfb\u52a0\u4e86-g\u9009\u9879\u7684\u7a0b\u5e8f\uff0c\u5176\u5d29\u6e83\u4ea7\u751f\u7684coredump\u6587\u4ef6\u53ef\u4ee5\u4f7f\u7528gdb <\u7a0b\u5e8f\u540d> <coredump\u6587\u4ef6\u540d>\u6765\u5bfb\u627eroot cause\u3002gdb\u5185\u7528where\u67e5\u770b\u8c03\u7528\u6808\u3002
Linux \u9759\u6001\u5e93 \u7f16\u8bd1\u548c\u4f7f\u7528 Linux \u52a8\u6001\u5e93 \u7f16\u8bd1\u548c\u4f7f\u7528 Makefile\u5165\u95e8 Makefile\u5b98\u65b9\u6587\u6863 coredump\u6587\u4ef6\u57fa\u7840\u7528\u6cd5
"},{"location":"sci-thoughts/","title":"\u79d1\u7814\u5fc3\u5f97","text":""},{"location":"sci-thoughts/#_2","title":"\u517b\u6210\u4e60\u60ef","text":"\u65f6\u95f4\u8fc7\u5f97\u603b\u662f\u975e\u5e38\u5feb\u7684\u3002\u5fd9\u7740\u505a\u4e00\u4e2a\u8bfe\u9898\uff0c\u53ef\u80fd\u6bcf\u5929\u611f\u89c9\u4e0d\u5230\u6709\u4ec0\u4e48\u8fdb\u5c55\u5462\uff0c\u534a\u5e74\u4e00\u5e74\u5c31\u8fc7\u53bb\u4e86\u3002\u5982\u679c\u6709\u8fd9\u79cd\u60f3\u6cd5\uff0c\u591a\u534a\u662f\u6ca1\u505a\u597d\u89c4\u5212\uff0c\u50cf\u4e2a\u65e0\u5934\u82cd\u8747\u4e00\u6837\u4e1c\u95ef\u897f\u649e\u3002
\u611f\u89c9\u6709\u4e24\u4e2a\u4e60\u60ef\u662f\u5fc5\u987b\u517b\u6210\u7684\uff0c\u4e00\u662f\u8bfb\u8bba\u6587\u8981\u601d\u8003\u95ee\u9898\u4e0e\u610f\u4e49\uff1a\u770b\u5230\u9898\u76ee\u548c\u6458\u8981\uff0c\u601d\u8003\u8fd9\u7bc7\u6587\u7ae0\u5e0c\u671b\u89e3\u51b3\u4ec0\u4e48\u95ee\u9898\u3001\u8fd9\u4e2a\u95ee\u9898\u6709\u4ec0\u4e48\u4ef7\u503c\u3001\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\u6709\u4ec0\u4e48\u601d\u8def\u3001\u4f1a\u9047\u5230\u54ea\u4e9b\u666e\u904d\u4e0e\u7279\u6b8a\u7684\u6311\u6218\uff0c\u4ee5\u53ca\u6587\u7ae0\u57fa\u4e8e\u54ea\u4e9b\u5047\u8bbe\u5e76\u4e14\u4f1a\u8bd5\u56fe\u907f\u800c\u4e0d\u8c08\u7684\u7f3a\u9677\uff1b\u4e8c\u662f\u6bcf\u5929\u8fdb\u884c\u603b\u7ed3\u4e0e\u5f52\u7eb3\uff0c\u601d\u8003\u4e00\u5929\u5230\u5e95\u6709\u4ec0\u4e48\u8fdb\u5c55\uff0c\u51dd\u7ec3\u603b\u7ed3\u6210\u6587\u5b57\u6216ppt\u8bb2\u7a3f\u3002\u6bcf\u5929\u5149\u770b\u4e0d\u603b\u7ed3\uff0c\u7b49\u4e8e\u767d\u770b\uff01\u5e73\u65f6\u5bf9\u5404\u79cd\u95ee\u9898\u5c31\u8981\u6709\u6240\u51c6\u5907\u4e0e\u601d\u8003\uff0c\u4e0d\u8981\u522b\u4eba\u95ee\u8d77\u7684\u65f6\u5019\u5c31\u6577\u884d\u5730\u7ed9\u4e00\u4e2a\u56de\u7b54\uff0c\u6ca1\u6709\u610f\u4e49\u3002
\u65e9\u4e0a\u5199todo list\uff0c\u665a\u4e0a\u5199done list\uff0c\u770b\u770b\u8fd9\u4e00\u5929\u8fdb\u5c55\u5982\u4f55\u3002\u662f\u5426\u6709\u6ca1\u505a\u5b8c\u7684\u4e8b\u60c5\uff0c\u662f\u5426\u6709\u5206\u5fc3\u505a\u4e86\u522b\u7684\u4e8b\u60c5\uff0c\u660e\u5929\u5982\u4f55\u89c4\u5212\u65f6\u95f4\u2026\u2026\u5bf9\u81ea\u5df1\u6bcf\u5929\u3001\u6bcf\u5468\u3001\u6bcf\u6708\u80fd\u505a\u7684\u4e8b\u60c5\u6709\u6e05\u695a\u7684\u8ba4\u8bc6\uff0c\u4e0d\u76f2\u76ee\u81ea\u5927\u4e5f\u4e0d\u5984\u81ea\u83f2\u8584\u3002
\u505a\u4efb\u4f55\u4e8b\u90fd\u8981\u7ed9\u4e00\u4e2a\u6e05\u6670\u7684ddl\uff0c\u7763\u4fc3\u5c3d\u5feb\u5b8c\u6210\u4e0d\u8981\u62d6\u6c93\u3002\u53e6\u4e00\u65b9\u9762\u662f\u4e3a\u4e86\u9650\u5236\u601d\u8003\uff0c\u8981\u96c6\u4e2d\u3001\u5feb\u901f\uff0c\u4e0d\u8981\u6f2b\u65e0\u76ee\u7684\u5730\u53d1\u6563\u3002\u6bd4\u5982\u8bfb\u8bba\u6587\u524d\u601d\u8003\u8fd9\u7bc7\u6587\u7ae0\u9700\u8981\u89e3\u51b3\u7684\u6311\u6218\u65f6\uff0c\u9650\u5b9a\u57283min\u4e4b\u5185\uff0c\u8d85\u65f6\u4ee5\u540e\u65e0\u8bba\u662f\u5426\u60f3\u5230\u591a\u5c11\u90fd\u8981\u505c\u4e0b\u6765\u3002\u4e5f\u53ef\u4ee5\u6709\u6548\u907f\u514d\u5206\u5fc3\u3002
"},{"location":"sci-thoughts/#_3","title":"\u79d1\u7814\u5199\u4f5c","text":"\u79d1\u7814\u5199\u4f5c\u9700\u8981\u7cfb\u7edf\u7684\u8bad\u7ec3\u3002\u6bcf\u5929\u6109\u5feb\u5730\u8bfb\u3001\u5199\u4e00\u5c0f\u65f6\uff0c\u957f\u671f\u575a\u6301\uff0c\u53eb\u505a\u201cread and write\u201d\u3002
\u5199\u6587\u7ae0\u8981\u5f04\u6e05\u695a\u8bfb\u8005\u90fd\u662f\u540c\u4e13\u4e1a\u7684\u4eba\uff0c\u56e0\u6b64\u8981\u4f53\u73b0\u51fa\u4e13\u4e1a\u6027\u4e0e\u79d1\u5b66\u6027\u3001\u7cbe\u786e\u6027\u3001\u7b80\u6d01\u6027\u3001\u903b\u8f91\u6027\u3002
"},{"location":"sentence-templates/","title":"\u60c5\u666f\u6a21\u677f","text":"\u63d0\u51fa\u672c\u6587\u5de5\u4f5c\uff1a
\u4ecb\u7ecd\u67d0\u4e00\u6d41\u7a0b\u5728\u6574\u4f53\u7cfb\u7edf\u4e2d\u7684\u4f5c\u7528\uff1a
\u8bf4\u660e\u67d0\u4e00\u6b65\u9aa4\u5e76\u975e\u7b80\u5355\u7684\uff1a
\u51dd\u7ec3\u672c\u6587\u5b9e\u9a8c\u6548\u679c\uff1a
\u63d0\u51fa\u672c\u6587novelty\uff1a
\u63d0\u51fa\u672c\u6587insight\uff1a
\u51c6\u5907\u5f00\u59cb\u4ecb\u7ecd\u6280\u672f\u7ec6\u8282\uff1a
\u8bf4\u76ee\u524d\u7684\u5de5\u4f5c\u7814\u7a76\u7684\u4e3b\u8981\u5185\u5bb9\u53d7\u9650\u3001\u522b\u7684\u65b9\u6cd5\u5b58\u5728\u95ee\u9898\uff1a
\u4e00\u4e9b\u5de5\u4f5c\u7ec6\u8282\uff1a
\u6700\u8fd1\u5728\u8bfbsslh\u7684\u6e90\u7801\uff0c\u611f\u89c9\u8fd8\u662f\u6bd4\u8f83\u6709\u610f\u601d\u7684\u3002\u4e4b\u524d\u5728\u7aef\u53e3\u590d\u7528\u91cc\u9762\u7b80\u5355\u63d0\u4e86\u4e0bsslh\u7684\u7528\u6cd5\uff0c\u4f46\u662f\u5728\u5b9e\u8df5\u4e2d\u8e29\u4e86\u4e0d\u5c11\u5751\uff0c\u6240\u4ee5\u628a\u6e90\u7801\u62ff\u6765\u8bfb\u4e00\u8bfb\uff0c\u770b\u770b\u5185\u90e8\u7684\u7ed3\u6784\u3002
sslh\u4f3c\u4e4e\u662f\u4f7f\u7528\u7b2c\u4e00\u4e2a\u6570\u636e\u5305\u4fdd\u5b58\u7684\u534f\u8bae\u4fe1\u606f\uff0c\u4e3a\u5ba2\u6237\u7aef\u4e0e\u670d\u52a1\u5668\u5bf9\u5e94\u670d\u52a1\u5efa\u7acb\u8fde\u63a5\u3002\u540e\u7eed\u6570\u636e\u5305\u4e0d\u518d\u9700\u8981\u68c0\u67e5\u534f\u8bae\u4e86\u3002
"},{"location":"tech-sslh/#_1","title":"\u4fbf\u6377\u4e0a\u624b","text":"apt install sslh # \u4f46\u6700\u597d\u8fd8\u662f\u4ece\u6e90\u7801make install\uff0c\u7528\u6700\u65b0\u7248\u672c\uff1b\u53c2\u8003\u4ed3\u5e93\u7684INSTALL\u5b89\u88c5\u5bf9\u5e94\u7684C\u5e93\nvi /etc/default/sslh\nsystemctl start sslh\n\u4f3c\u4e4ecfg\u6587\u4ef6\u91cc\u548ccommand line\u4f1a\u6709\u51b2\u7a81\u3002\u6240\u4ee5commandline\u7528-F /etc/sslh/sslh.cfg\uff08\u6ca1\u6709\u5219\u65b0\u5efa\u4e00\u4e2a\uff09\u6307\u5b9a\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u4e0d\u8981\u6709\u548ccommand\u91cd\u590d\u7684\u5185\u5bb9\u3002\u53ea\u653eprotocols\u5dee\u4e0d\u591a\u5c31\u5f97\u4e86\u3002\u6bd4\u8f83\u597d\u7528\u7684\u662f\u6b63\u5219\u548ctls\u4e2d\u6839\u636ealpn\u548csni\u6765\u5339\u914d\u3002
\u4e0b\u9762\u662f\u5b8c\u6574\u7684\u914d\u7f6e\u6587\u4ef6\u7684\u4e00\u4e2a\u4f8b\u5b50\uff0c\u5982\u679c\u6570\u636e\u5305\u5305\u542b\"OK1\"\u6216\u8005\"OK2\"\uff0c\u5219\u4f1a\u88ab\u8f6c\u53d1\u5230127.0.0.1:1234\u3002\u5176\u4e2d\u7684name\u5b57\u6bb5\u8868\u793a\u8fd9\u6761\u534f\u8bae\u5728sslh\u542f\u52a8\u540e\u600e\u4e48\u914d\u7f6e\uff0c\u5e38\u89c1\u7684\u6bd4\u5982regex\u3001ssh\u3001tls\u3001http\u3002
\u6ce8\u610f\uff0c\u6700\u540e\u4e00\u6761\u534f\u8bae\u7684\u5206\u53f7\u540e\u9762\u4e0d\u52a0\u9017\u53f7\u3002
protocols:\n(\n{ name: \"regex\"; host: \"127.0.0.1\"; port: \"1234\"; regex_patterns: [ \"OK1\", \"OK2\" ]; }\n);\n\u9ed8\u8ba4\u6700\u7b80\u5355\u7684\u542f\u52a8\u65b9\u5f0f\u7684\u5165\u53e3\u5728sslh-main.c\u7684main\u51fd\u6570\uff0c\u4e5f\u5373\u7a0b\u5e8f\u7684\u4e3b\u4f53\u903b\u8f91\u3002\u4e00\u4e9b\u5173\u952e\u6b65\u9aa4\uff1a
sslhcfg_cl_parse\u51fd\u6570\uff0c\u6839\u636e\u547d\u4ee4\u884c\u53c2\u6570\u548c\u914d\u7f6e\u6587\u4ef6\uff0c\u505a\u4e00\u4e2a\u7f13\u51b2config_protocols\u5b8c\u6210\u8f6c\u53d1\u89c4\u5219\u7684\u521d\u59cb\u5316\uff0c\u5185\u90e8\u8c03\u7528\u7684get_probe\u662f\u7ed9\u52a0\u8f7d\u4e86\u534f\u8bae\u7684\u914d\u7f6e\u89c4\u5219start_listen_sockets\u5f00\u59cb\u76d1\u542csocketsmain_loop\u8fdb\u5165\u4e3b\u5faa\u73af\uff0c\u9ed8\u8ba4\u4e3asslh-fork\u7684main_loop\u51fd\u6570\u9ed8\u8ba4\u4f7f\u7528tcp\u3002main_loop\u51fd\u6570\u4e2d\uff0c\u5bf9\u76d1\u542c\u7684\u6bcf\u4e2asockets\u8fdb\u884cfork\uff0c\u6bcf\u4e2a\u5b50\u8fdb\u7a0b\u6267\u884ctcp_listener\uff0c\u5728\u8fd9\u4e9b\u5b50\u8fdb\u7a0b\u4e2daccept\u5bf9\u5e94\u7684\u8fde\u63a5\u3002\u8fd9\u4e9b\u5b50\u8fdb\u7a0b\u5c06\u7ee7\u7eedfork\u51fa\u5b50\u8fdb\u7a0b\uff0c\u6267\u884cstart_shoveler\uff0c\u5b9e\u73b0\u771f\u6b63\u7684\u529f\u80fd\u3002
\u5b50\u8fdb\u7a0b\u901a\u8fc7probe_client_protocol\u6765\u786e\u5b9a\u6570\u636e\u5305\u662f\u4ec0\u4e48\u534f\u8bae\uff0c\u5e76\u6839\u636e\u5bf9\u5e94\u7684\u89c4\u5219\u5b9e\u73b0\u7aef\u53e3\u8f6c\u53d1\u3002\u8fd9\u4e00\u51fd\u6570\u4e0d\u65ad\u8fdb\u884c\u8c03\u7528\uff0c\u6700\u540e\u5728probe_buffer\u51fd\u6570\u4e2d\u904d\u5386\u4e4b\u524d\u914d\u7f6e\u7684\u6bcf\u4e2a\u534f\u8bae\u89c4\u8303\uff08\u627e\u5230\u5339\u914d\u5219\u505c\u6b62\uff0c\u6240\u4ee5\u914d\u7f6e\u987a\u5e8f\u4e5f\u86ee\u5173\u952e\u7684\uff09\uff0c\u901a\u8fc7p->probe(buf, len, p)\u8fd9\u4e2a\u51fd\u6570\u6307\u9488\u6765\u95f4\u63a5\u8c03\u7528\u8bc6\u522b\u534f\u8bae\u7684\u76f8\u5173\u51fd\u6570\u3002
\u8fd9\u91cc\u7684\u534f\u8bae\u5305\u62ec\u4ee5\u4e0b\u5185\u7f6e\u534f\u8bae\uff1a
/* Table of protocols that have a built-in probe\n */\nstatic struct protocol_probe_desc builtins[] = {\n/* description probe */\n{ \"ssh\", is_ssh_protocol},\n{ \"openvpn\", is_openvpn_protocol },\n{ \"wireguard\", is_wireguard_protocol },\n{ \"tinc\", is_tinc_protocol },\n{ \"xmpp\", is_xmpp_protocol },\n{ \"http\", is_http_protocol },\n{ \"tls\", is_tls_protocol },\n{ \"adb\", is_adb_protocol },\n{ \"socks5\", is_socks5_protocol },\n{ \"syslog\", is_syslog_protocol },\n{ \"teamspeak\", is_teamspeak_protocol },\n{ \"msrdp\", is_msrdp_protocol },\n{ \"anyprot\", is_true }\n};\n\u5185\u7f6e\u534f\u8bae\u5185\u7f6e\u4e86\u4e00\u4e9b\u5339\u914d\u89c4\u5219\uff0c\u5373\u4e0a\u9762\u63d0\u5230\u7684is_ssh_protocol\u3001is_http_protocol\u7b49\u7b49\u3002\u53ef\u4ee5\u770b\u4e00\u4e2assh\u89c4\u5219\u7684\u4f8b\u5b50\uff1a
/* Is the buffer the beginning of an SSH connection? */\nstatic int is_ssh_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)\n{\nif (len < 4)\nreturn PROBE_AGAIN;\n\nreturn !strncmp(p, \"SSH-\", 4);\n}\n\u53ef\u89c1\uff0c\u5982\u679c\u7b2c\u4e00\u4e2a\u6570\u636e\u5305\u957f\u5ea6\u4e0d\u4f4e\u4e8e4\u4e14\u4ee5\"SSH-\"\u5f00\u5934\uff0c\u5219\u4f1a\u88ab\u8ba4\u4e3a\u662fssh\u8bf7\u6c42\u3002
/* Is the buffer the beginning of an HTTP connection? */\nstatic int is_http_protocol(const char *p, ssize_t len, struct sslhcfg_protocols_item* proto)\n{\nint res;\n/* If it's got HTTP in the request (HTTP/1.1) then it's HTTP */\nif (memmem(p, len, \"HTTP\", 4))\nreturn PROBE_MATCH;\n\n#define PROBE_HTTP_METHOD(opt) if ((res = probe_http_method(p, len, opt)) != PROBE_NEXT) return res\n\n/* Otherwise it could be HTTP/1.0 without version: check if it's got an\n * HTTP method (RFC2616 5.1.1) */\nPROBE_HTTP_METHOD(\"OPTIONS\");\nPROBE_HTTP_METHOD(\"GET\");\nPROBE_HTTP_METHOD(\"HEAD\");\nPROBE_HTTP_METHOD(\"POST\");\nPROBE_HTTP_METHOD(\"PUT\");\nPROBE_HTTP_METHOD(\"DELETE\");\nPROBE_HTTP_METHOD(\"TRACE\");\nPROBE_HTTP_METHOD(\"CONNECT\");\n\n#undef PROBE_HTTP_METHOD\n\nreturn PROBE_NEXT;\n}\nhttp\u4e5f\u6bd4\u8f83\u7b80\u5355\uff0c\u68c0\u67e5\"HTTP\"\u5b57\u7b26\u4e32\u3002
\u53e6\u5916\u6709\u4e24\u79cd\u7279\u6b8a\u7684\u534f\u8bae\uff0ctimeout\u9ed8\u8ba4\u4f1a\u9009\u62e9\u521d\u59cb\u5316\u540e\u7684\u7b2c\u4e00\u4e2a\u534f\u8bae\uff08\u5373ssh\uff09\uff0cregex\u652f\u6301\u6b63\u5219\u5339\u914d\u6570\u636e\u5305\u7684\u56fa\u6709\u5b57\u7b26\u4e32\uff0c\u5c31\u8fde\u521d\u59cb\u5316\u65f6\u90fd\u662f\u5355\u72ec\u521d\u59cb\u5316\u7684\uff1a
/* Returns the probe for specified protocol:\n * parameter is the description in builtins[], or \"regex\" \n * */\nT_PROBE* get_probe(const char* description) {\nint i;\n\nfor (i = 0; i < ARRAY_SIZE(builtins); i++) {\nif (!strcmp(builtins[i].name, description)) {\nreturn builtins[i].probe;\n}\n}\n\n/* Special case of \"regex\" probe (we don't want to set it in builtins\n * because builtins is also used to build the command-line options and\n * regexp is not legal on the command line)*/\nif (!strcmp(description, \"regex\"))\nreturn regex_probe;\n\n/* Special case of \"timeout\" is allowed as a probe name in the\n * configuration file even though it's not really a probe */\nif (!strcmp(description, \"timeout\"))\nreturn is_true;\n\nreturn NULL;\n}\nis_true\u59cb\u7ec8\u8fd4\u56detrue\uff0c\u4e0d\u8fdb\u884c\u522b\u7684\u5224\u65ad\u4e86\u3002
regex_probe\u5185\u90e8\u7528pre2\u5b9e\u73b0\u4e86\u4e00\u5957\u6b63\u5219\u5339\u914d\u7684\u673a\u5236\u3002\u914d\u7f6econfig\u7684\u65b9\u6cd5\u53ef\u4ee5\u89c1\u4e0a\u6587\u3002
tls\u4e3atcp\u63d0\u4f9b\u4e86\u52a0\u5bc6\u670d\u52a1\uff0c\u662f\u5f88\u591a\u670d\u52a1\u4e0d\u53ef\u6216\u7f3a\u7684\u4e00\u73af\u3002\u7531\u4e8e\u6570\u636e\u5305\u662f\u52a0\u5bc6\u7684\u3001\u5f88\u591a\u670d\u52a1\u90fd\u4f7f\u7528tls\uff08\u6bd4\u5982https\uff09\uff0c\u6240\u4ee5\u6ca1\u6cd5\u901a\u8fc7regex\u7684\u65b9\u6cd5\u6765\u533a\u5206\u4e0d\u540c\u7684\u670d\u52a1\u3002\u597d\u5728sslh\u4e3atls\u63d0\u4f9b\u4e86\u4e24\u79cd\u5206\u8fa8\u65b9\u6cd5\uff0c\u5373sni_hostnames\u4e0ealpn_protocols\u3002\u5728config\u91cc\u5199\u7684\u4e00\u6761\u89c4\u5219\u5982\u679c\u4e24\u8005\u90fd\u7528\u4e86\uff0c\u5219\u53ea\u6709\u540c\u65f6\u6ee1\u8db3\u4e24\u8005\u7684tls\u6570\u636e\u5305\u624d\u5339\u914d\u5f97\u4e0a\u5bf9\u5e94\u7684\u89c4\u5219\u3002
\u6bd4\u5982example.cfg\u7ed9\u51fa\u7684\u4f8b\u5b50\uff1a
# match BOTH ALPN/SNI\n{ name: \"tls\"; host: \"localhost\"; port: \"5223\"; alpn_protocols: [ \"xmpp-client\" ]; sni_hostnames: [ \"im.somethingelse.net\" ]; log_level: 0; tfo_ok: true },\n\n# just match ALPN\n{ name: \"tls\"; host: \"localhost\"; port: \"443\"; alpn_protocols: [ \"h2\", \"http/1.1\", \"spdy/1\", \"spdy/2\", \"spdy/3\" ]; log_level: 0; tfo_ok: true },\n { name: \"tls\"; host: \"localhost\"; port: \"xmpp-client\"; alpn_protocols: [ \"xmpp-client\" ]; log_level: 0; tfo_ok: true },\n\n# just match SNI\n{ name: \"tls\"; host: \"localhost\"; port: \"993\"; sni_hostnames: [ \"mail.rutschle.net\", \"mail.englishintoulouse.com\" ]; log_level: 0; tfo_ok: true },\n { name: \"tls\"; host: \"localhost\"; port: \"xmpp-client\"; sni_hostnames: [ \"im.rutschle.net\", \"im.englishintoulouse.com\" ]; log_level: 0; tfo_ok: true },\n\n# Let's Encrypt (tls-alpn-* challenges)\n{ name: \"tls\"; host: \"localhost\"; port: \"letsencrypt-client\"; alpn_protocols: [ \"acme-tls/1\" ]; log_level: 0;},\n\n# catch anything else TLS\n{ name: \"tls\"; host: \"localhost\"; port: \"443\"; tfo_ok: true },\nalpn_protocols\u5373\u4f7f\u7528\u5e94\u7528\u5c42\u534f\u8bae\u534f\u5546\u7f16\u53f7\uff1aTLS Application-Layer Protocol Negotiation (ALPN) Protocol ID\u3002\u53ef\u4ee5\u5728\u8fd9\u91cc\u770b\u5230\u5b8c\u6574\u7684\u683c\u5f0f\u3002\u6253\u4e2a\u6bd4\u65b9\uff0c\u5982\u679c\u8bf4\u6570\u636e\u5305\u662f\u997a\u5b50\uff0ctls\u662f\u997a\u5b50\u76ae\uff0cALPN\u5c31\u662f\u8868\u793a\u91cc\u9762\u662f\u4ec0\u4e48\u9985\u7684\u3002
sni_hostnames\u5373\u4f7f\u7528\u670d\u52a1\u5668\u540d\u79f0\u6307\u793a\uff1aServer Name Indication\uff08SNI\uff09\uff0c\u7c7b\u4f3c\u4e8e\u670d\u52a1\u5668\u7aef\u7684\u57df\u540d\u3002\u6253\u4e2a\u6bd4\u65b9\uff0c\u867d\u7136\u5728\u5b66\u6821\u5feb\u9012\uff08\u6570\u636e\u5305\uff09\u90fd\u4f1a\u9001\u5230\u83dc\u9e1f\u9a7f\u7ad9\uff08\u670d\u52a1\u5668\uff09\uff0c\u4f46\u8fd9\u4e9b\u5305\u88f9\u6700\u7ec8\u662f\u6d41\u5411\u4e0d\u540c\u7684\u5bbf\u820d\u7684\uff08SNI\uff09\u3002SNI\u5e2e\u52a9\u5728tls\u63e1\u624b\u671f\u95f4\u5c31\u786e\u5b9assl\u8bc1\u4e66\uff0c\u800c\u4e0d\u662f\u5728http\u5efa\u7acb\u8fde\u63a5\u540e\u3002FQDN\u6307\u7684\u662fFully Qualified Domain Name\uff0c\u5373\u5b8c\u6574\u57df\u540d\uff0c\u53ef\u4ee5\u770b\u8fd9\u91cc\u7684\u4ecb\u7ecd\u3002
sni_hostname\u548calpn_protocols\uff0c\u5c5e\u4e8etls\u6269\u5c55\u5185\u5bb9\uff0c\u5e76\u975e\u5f3a\u5236\u4fdd\u7559\u5176\u4e2d\u3002\u53d1\u5305\u7684\u65f6\u5019\u6ce8\u610f\u6dfb\u52a0\uff0c\u4e0d\u7136sslh\u53ef\u80fd\u8bc6\u522b\u4e0d\u5230\u3002
"},{"location":"try-chatgpt/","title":"ChatGPT\u6765\u5e2e\u5fd9","text":""},{"location":"try-chatgpt/#_1","title":"\u7f51\u7edc\u7ad9\u70b9\u6253\u5305\u4e0b\u8f7d","text":"linux\u7528\u54ea\u4e2a\u547d\u4ee4\u53ef\u4ee5\u628a\u4e00\u4e2a\u7f51\u5740\u4ee5\u53ca\u5176\u6240\u4f9d\u8d56\u7684js\u548ccss\u7b49\u7b49\u6587\u4ef6\u81ea\u52a8\u4e0b\u8f7d\u4e0b\u6765\uff1f
\u5728Linux\u4e2d\uff0c\u4f60\u53ef\u4ee5\u4f7f\u7528 wget \u547d\u4ee4\u6765\u81ea\u52a8\u4e0b\u8f7d\u4e00\u4e2a\u7f51\u7ad9\u53ca\u5176\u4f9d\u8d56\u7684\u8d44\u6e90\u6587\u4ef6\uff08\u5982JS\u548cCSS\u7b49\uff09\u3002
\u4e0b\u9762\u662f\u4e00\u4e2a\u793a\u4f8b\u547d\u4ee4\uff1a
wget --recursive --no-clobber --page-requisites --html-extension --convert-links --restrict-file-names=windows --domains website.com --no-parent http://website.com\n--recursive: \u4e0b\u8f7d\u7f51\u7ad9\u7684\u6240\u6709\u94fe\u63a5\u3002 --no-clobber: \u4e0d\u4f1a\u91cd\u590d\u4e0b\u8f7d\u5df2\u7ecf\u5b58\u5728\u7684\u6587\u4ef6\u3002 --page-requisites: \u4e0b\u8f7d\u6240\u6709\u9875\u9762\u7684\u8d44\u6e90\uff08\u5982\u56fe\u50cf\uff0c\u97f3\u9891\u548c\u89c6\u9891\uff09\u3002 --html-extension: \u5c06\u6240\u6709HTML\u6587\u4ef6\u6269\u5c55\u540d\u6dfb\u52a0\u4e3a .html\u3002 --convert-links: \u5c06\u6240\u6709\u94fe\u63a5\u8f6c\u6362\u4e3a\u672c\u5730\u94fe\u63a5\u3002 --restrict-file-names=windows: \u907f\u514d\u4f7f\u7528 Linux \u4e0d\u652f\u6301\u7684\u6587\u4ef6\u540d\u5b57\u7b26\u3002 --domains website.com: \u9650\u5236\u4e0b\u8f7d\u7684\u57df\u540d\u8303\u56f4\u3002 --no-parent: \u4e0d\u4f1a\u4e0b\u8f7d\u7236\u7ea7\u94fe\u63a5\uff08\u6709\u52a9\u4e8e\u9632\u6b62\u65e0\u9650\u9012\u5f52\uff09\u3002
\u4f60\u53ef\u4ee5\u6839\u636e\u81ea\u5df1\u7684\u9700\u8981\u4fee\u6539\u8fd9\u4e9b\u9009\u9879\u4ee5\u6ee1\u8db3\u7279\u5b9a\u7684\u8981\u6c42\u3002
\u7528\u8fd9\u6761\u547d\u4ee4\u88ab\u670d\u52a1\u5668\u53d1\u73b0\u6076\u610f\u4e0b\u8f7d\uff0c\u88ab\u7ed9403 forbidden\u4e86\u600e\u4e48\u529e\uff1f
\u5982\u679c\u4f60\u4f7f\u7528\u7684\u547d\u4ee4\u88ab\u670d\u52a1\u5668\u8ba4\u4e3a\u662f\u6076\u610f\u4e0b\u8f7d\uff0c\u5e76\u4e14\u88ab\u670d\u52a1\u5668\u62d2\u7edd\u8bbf\u95ee\uff0c\u90a3\u4e48\u4f60\u53ef\u4ee5\u8003\u8651\u4ee5\u4e0b\u4e00\u4e9b\u65b9\u6cd5\u6765\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff1a
\u4fee\u6539\u4e0b\u8f7d\u901f\u5ea6\uff1a\u6709\u4e9b\u670d\u52a1\u5668\u53ef\u80fd\u4f1a\u9650\u5236\u4e0b\u8f7d\u901f\u5ea6\uff0c\u5982\u679c\u4f60\u4e0b\u8f7d\u7684\u592a\u5feb\uff0c\u5c31\u4f1a\u88ab\u8ba4\u4e3a\u662f\u653b\u51fb\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 --limit-rate \u9009\u9879\u6765\u9650\u5236\u4e0b\u8f7d\u901f\u5ea6\uff0c\u4f8b\u5982\uff1a
wget --limit-rate=200k http://example.com\n\u4fee\u6539\u4e0b\u8f7d\u5e76\u53d1\u6570\uff1a\u7c7b\u4f3c\u4e8e\u901f\u5ea6\u9650\u5236\uff0c\u4e00\u4e9b\u670d\u52a1\u5668\u4e5f\u4f1a\u9650\u5236\u540c\u65f6\u8fdb\u884c\u7684\u4e0b\u8f7d\u6570\u3002\u4f60\u53ef\u4ee5\u5c1d\u8bd5\u4f7f\u7528 --tries \u548c --wait \u9009\u9879\u6765\u9650\u5236\u5e76\u53d1\u4e0b\u8f7d\u6570\uff0c\u4f8b\u5982\uff1a
wget --tries=10 --wait=5 http://example.com\nwget --user-agent=\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3\" http://example.com\n\u4e0e\u670d\u52a1\u5668\u7ba1\u7406\u5458\u8054\u7cfb\uff1a\u5982\u679c\u4ee5\u4e0a\u65b9\u6cd5\u90fd\u4e0d\u80fd\u89e3\u51b3\u95ee\u9898\uff0c\u4f60\u53ef\u4ee5\u8054\u7cfb\u670d\u52a1\u5668\u7ba1\u7406\u5458\uff0c\u8bf4\u660e\u4f60\u7684\u4e0b\u8f7d\u8bf7\u6c42\u662f\u5408\u6cd5\u7684\uff0c\u8bf7\u6c42\u4ed6\u4eec\u653e\u884c\u4f60\u7684\u8bf7\u6c42\u3002 \u9700\u8981\u6ce8\u610f\u7684\u662f\uff0c\u4e0d\u8981\u4f7f\u7528\u975e\u6cd5\u7684\u65b9\u5f0f\u4e0b\u8f7d\u6587\u4ef6\uff0c\u4ee5\u514d\u4fb5\u72af\u4ed6\u4eba\u7684\u5408\u6cd5\u6743\u76ca\uff0c\u5e76\u6709\u53ef\u80fd\u5bfc\u81f4\u6cd5\u5f8b\u7ea0\u7eb7\u3002
"},{"location":"try-chatgpt/#gopythonrust","title":"\u6bd4\u8f83Go\u3001Python\u3001Rust\u7684\u5173\u7cfb","text":"go\u3001rust\u3001python\u4e09\u79cd\u7f16\u7a0b\u8bed\u8a00\u5728\u8bed\u8a00\u7279\u6027\u65b9\u9762\u6709\u4ec0\u4e48\u533a\u522b\uff1f\u5404\u81ea\u6709\u4ec0\u4e48\u4f18\u52bf\uff1f\u9002\u7528\u573a\u666f\u6709\u4ec0\u4e48\u533a\u522b\uff1f
\u8fd9\u4e09\u79cd\u7f16\u7a0b\u8bed\u8a00\u5404\u6709\u4e0d\u540c\u7684\u7279\u70b9\u548c\u4f18\u52bf\uff0c\u4ee5\u4e0b\u662f\u5b83\u4eec\u7684\u4e3b\u8981\u533a\u522b\u548c\u9002\u7528\u573a\u666f\uff1a
Python Python \u662f\u4e00\u79cd\u9ad8\u7ea7\u7684\u52a8\u6001\u89e3\u91ca\u578b\u8bed\u8a00\uff0c\u5177\u6709\u7b80\u5355\u6613\u5b66\u3001\u6613\u8bfb\u6613\u5199\u7684\u7279\u70b9\u3002\u5b83\u7684\u8bed\u6cd5\u7b80\u5355\u3001\u4ee3\u7801\u53ef\u8bfb\u6027\u9ad8\u3001\u652f\u6301\u591a\u79cd\u7f16\u7a0b\u8303\u5f0f\u548c\u4e30\u5bcc\u7684\u7b2c\u4e09\u65b9\u5e93\uff0c\u9002\u7528\u4e8e\u5404\u79cd\u7c7b\u578b\u7684\u5e94\u7528\u7a0b\u5e8f\u5f00\u53d1\uff0c\u5c24\u5176\u64c5\u957f\u6570\u636e\u5206\u6790\u3001\u4eba\u5de5\u667a\u80fd\u548c\u79d1\u5b66\u8ba1\u7b97\u9886\u57df\u3002\u7531\u4e8e\u5b83\u7684\u5f00\u53d1\u6548\u7387\u9ad8\uff0c\u5e38\u88ab\u7528\u4e8e\u5feb\u901f\u539f\u578b\u8bbe\u8ba1\u548c\u654f\u6377\u5f00\u53d1\u3002
Go Go \u662f\u4e00\u79cd\u5f00\u6e90\u7684\u7f16\u8bd1\u578b\u8bed\u8a00\uff0c\u7531 Google \u5f00\u53d1\u3002\u5b83\u7684\u8bbe\u8ba1\u76ee\u6807\u662f\u4e3a\u4e86\u89e3\u51b3\u591a\u6838\u3001\u7f51\u7edc\u3001\u5927\u89c4\u6a21\u7a0b\u5e8f\u5f00\u53d1\u7b49\u95ee\u9898\uff0c\u5177\u6709\u9ad8\u6548\u3001\u53ef\u9760\u3001\u7b80\u6d01\u7b49\u7279\u70b9\u3002Go \u8bed\u8a00\u5728\u5e76\u53d1\u7f16\u7a0b\u548c\u7f51\u7edc\u7f16\u7a0b\u65b9\u9762\u8868\u73b0\u7a81\u51fa\uff0c\u6709\u7740\u975e\u5e38\u9ad8\u6548\u7684 Goroutine \u548c Channel \u673a\u5236\uff0c\u9002\u5408\u4e8e\u9ad8\u5e76\u53d1\u3001\u5206\u5e03\u5f0f\u7cfb\u7edf\u3001\u4e91\u8ba1\u7b97\u7b49\u9886\u57df\u7684\u5f00\u53d1\u3002
Rust Rust \u662f\u4e00\u79cd\u7cfb\u7edf\u7ea7\u7684\u7f16\u7a0b\u8bed\u8a00\uff0c\u7531 Mozilla \u5f00\u53d1\u3002\u5b83\u7ed3\u5408\u4e86\u9ad8\u6548\u6027\u80fd\u3001\u5185\u5b58\u5b89\u5168\u548c\u5e76\u53d1\u5b89\u5168\uff0c\u63d0\u4f9b\u4e86\u4e00\u4e2a\u53ef\u9760\u548c\u5b89\u5168\u7684\u7f16\u7a0b\u73af\u5883\u3002Rust \u7684\u4e3b\u8981\u4f18\u52bf\u5728\u4e8e\u5176\u5185\u5b58\u5b89\u5168\u6027\u548c\u5e76\u53d1\u6027\uff0c\u5b83\u5177\u6709\u9ad8\u6548\u7684\u7f16\u8bd1\u5668\u3001\u4e30\u5bcc\u7684\u7c7b\u578b\u7cfb\u7edf\u548c\u9ad8\u7ea7\u7684\u6a21\u5f0f\u5339\u914d\u529f\u80fd\uff0c\u9002\u7528\u4e8e\u9700\u8981\u9ad8\u6027\u80fd\u548c\u5b89\u5168\u6027\u7684\u7cfb\u7edf\u7ea7\u7f16\u7a0b\u3001\u7f51\u7edc\u7f16\u7a0b\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u5d4c\u5165\u5f0f\u5f00\u53d1\u7b49\u9886\u57df\u3002
\u603b\u7684\u6765\u8bf4\uff0cPython \u9002\u5408\u5feb\u901f\u539f\u578b\u8bbe\u8ba1\u548c\u654f\u6377\u5f00\u53d1\uff0cGo \u9002\u5408\u9ad8\u5e76\u53d1\u3001\u5206\u5e03\u5f0f\u7cfb\u7edf\u548c\u4e91\u8ba1\u7b97\uff0cRust \u9002\u5408\u9700\u8981\u9ad8\u6027\u80fd\u548c\u5b89\u5168\u6027\u7684\u7cfb\u7edf\u7ea7\u7f16\u7a0b\u3001\u7f51\u7edc\u7f16\u7a0b\u3001\u64cd\u4f5c\u7cfb\u7edf\u548c\u5d4c\u5165\u5f0f\u5f00\u53d1\u3002\u9009\u62e9\u54ea\u79cd\u7f16\u7a0b\u8bed\u8a00\u53d6\u51b3\u4e8e\u5177\u4f53\u7684\u5e94\u7528\u573a\u666f\u548c\u9700\u6c42\u3002
"},{"location":"try-chatgpt/#_2","title":"\u8ba1\u7b97\u673a\u5b89\u5168\u8d44\u6e90\u5b66\u4e60","text":"\u6211\u60f3\u5b66\u4e60\u5de5\u4e1a\u754c\u5b9e\u7528\u7684\u8ba1\u7b97\u673a\u5b89\u5168\u9886\u57df\u7684\u77e5\u8bc6\uff0c\u8bf7\u63a8\u8350\u4e00\u4e9b\u7f51\u7ad9
\u4ee5\u4e0b\u662f\u4e00\u4e9b\u53ef\u4ee5\u5e2e\u52a9\u60a8\u5b66\u4e60\u5de5\u4e1a\u754c\u5b9e\u7528\u7684\u8ba1\u7b97\u673a\u5b89\u5168\u9886\u57df\u7684\u77e5\u8bc6\u7684\u7f51\u7ad9\uff1a
OWASP (\u5f00\u653e\u5f0f\u7f51\u7edc\u5b89\u5168\u9879\u76ee)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u63d0\u4f9b\u4e86\u5927\u91cf\u6709\u5173\u7f51\u7edc\u5e94\u7528\u7a0b\u5e8f\u5b89\u5168\u7684\u8d44\u6599\u548c\u5de5\u5177\u3002\u60a8\u53ef\u4ee5\u5728\u8fd9\u91cc\u627e\u5230\u5b89\u5168\u6807\u51c6\u3001\u6f0f\u6d1e\u68c0\u6d4b\u5de5\u5177\u3001\u653b\u51fb\u6a21\u62df\u5668\u7b49\u7b49\u3002
NIST (\u7f8e\u56fd\u56fd\u5bb6\u6807\u51c6\u4e0e\u6280\u672f\u7814\u7a76\u6240)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u4e3a\u8ba1\u7b97\u673a\u5b89\u5168\u548c\u4fe1\u606f\u6280\u672f\u63d0\u4f9b\u6807\u51c6\u548c\u6307\u5357\u3002\u60a8\u53ef\u4ee5\u5728\u8fd9\u91cc\u627e\u5230\u6709\u5173\u5b89\u5168\u63a7\u5236\u3001\u5bc6\u7801\u5b66\u3001\u98ce\u9669\u8bc4\u4f30\u7b49\u65b9\u9762\u7684\u8d44\u6599\u3002
SANS (\u5b89\u5168\u57f9\u8bad\u548c\u8ba4\u8bc1\u673a\u6784)\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u63d0\u4f9b\u6709\u5173\u5404\u79cd\u8ba1\u7b97\u673a\u5b89\u5168\u4e3b\u9898\u7684\u57f9\u8bad\u548c\u8bfe\u7a0b\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u4e00\u4e2a\u535a\u5ba2\uff0c\u5176\u4e2d\u5305\u542b\u5404\u79cd\u6709\u5173\u7f51\u7edc\u5b89\u5168\u7684\u6587\u7ae0\u548c\u63d0\u793a\u3002
Dark Reading\uff1a\u8fd9\u662f\u4e00\u5bb6\u5728\u7ebf\u51fa\u7248\u5546\uff0c\u63d0\u4f9b\u4e86\u6709\u5173\u7f51\u7edc\u5b89\u5168\u7684\u6700\u65b0\u65b0\u95fb\u3001\u5206\u6790\u548c\u8bc4\u8bba\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u5404\u79cd\u8d44\u6e90\uff0c\u5305\u62ec\u7f51\u7edc\u5b89\u5168\u767d\u76ae\u4e66\u3001\u7814\u7a76\u62a5\u544a\u548c\u6f14\u793a\u6587\u7a3f\u3002
SecurityFocus\uff1a\u8fd9\u4e2a\u7f51\u7ad9\u662f\u4e00\u4e2a\u5b89\u5168\u65b0\u95fb\u805a\u5408\u7ad9\u70b9\uff0c\u6536\u96c6\u4e86\u6765\u81ea\u5404\u79cd\u6765\u6e90\u7684\u5b89\u5168\u65b0\u95fb\u548c\u6f0f\u6d1e\u62a5\u544a\u3002\u5b83\u8fd8\u63d0\u4f9b\u4e86\u5b89\u5168\u8bba\u575b\u3001\u5b89\u5168\u5de5\u5177\u7b49\u3002
Reddit\uff1aReddit\u4e0a\u6709\u8bb8\u591a\u4e0e\u8ba1\u7b97\u673a\u5b89\u5168\u76f8\u5173\u7684\u793e\u533a\uff0c\u5982r/netsec\u3001r/hacking\u3001r/AskNetsec\u7b49\u3002\u8fd9\u4e9b\u793e\u533a\u53ef\u4ee5\u8ba9\u60a8\u5411\u5176\u4ed6\u5b89\u5168\u4e13\u4e1a\u4eba\u5458\u63d0\u95ee\uff0c\u5e76\u4e0e\u4ed6\u4eec\u5206\u4eab\u6709\u7528\u7684\u8d44\u6e90\u548c\u5de5\u5177\u3002
GitHub\uff1aGitHub\u662f\u4e00\u4e2a\u8f6f\u4ef6\u5f00\u53d1\u5e73\u53f0\uff0c\u4e5f\u662f\u8bb8\u591a\u5b89\u5168\u5de5\u5177\u548c\u811a\u672c\u7684\u6765\u6e90\u3002\u901a\u8fc7\u641c\u7d22GitHub\uff0c\u60a8\u53ef\u4ee5\u627e\u5230\u5f88\u591a\u6709\u7528\u7684\u5de5\u5177\uff0c\u5982\u6e17\u900f\u6d4b\u8bd5\u5de5\u5177\u3001\u6f0f\u6d1e\u626b\u63cf\u5668\u7b49\u7b49\u3002
\u5e0c\u671b\u8fd9\u4e9b\u7f51\u7ad9\u80fd\u5bf9\u60a8\u6709\u6240\u5e2e\u52a9\uff01
"},{"location":"word-learning/","title":"\u8bcd\u6c47\u5b66\u4e60","text":"