Hello World !!!

1970-01-01 Thursday     misc

Hi, the world, I’m coooooooooming.

Oooops, just examples, ignore me, darling.

hello world logo

配色

静思

HEX
#81C2D6
RGB
129.194.214
CMYK
10.9.0.16
HEX
#8192D6
RGB
129.146.214
CMYK
40.32.0.16
HEX
#D9B3E6
RGB
217.179.230
CMYK
6.22.0.10
HEX
#DCF7A1
RGB
220.247.161
CMYK
11.0.35.3
HEX
#83FCD8
RGB
131.152.216
CMYK
48.0.14.1

Heading 2,目录 2

Heading 3, 目录 3

Heading 4,目录 4

Heading 5,目录 5
Heading 6, 目录 6

MISC

Separator,分割线

下面的效果是相同的。






The Fonts, 字体设置

This is emphasized 斜体. This is also emphasized 还是斜体.

Strong font 粗体 Also strong font 还是粗体

Water is H2O. 42=16. 上标、下标测试。

Code Use the printf() function,代码模块。

Code Use the printf() function,与上面功能一样。

There is a literal backtick (`) here.,额,还是代码模块。

The New York Times (That’s a citation). 引用测试,和斜体相似。

This is Underline. 下划线。

Code Snippets,代码高亮显示

Syntax highlighting via Pygments. css java sh c gas asm cpp c++

1
2
3
4
5
6
7
8
9
10
#container {
  float: left;
  margin: 0 -240px 0 0;
  width: 100%;
}
#container {
  float: left;
  margin: 0 -240px 0 0;
  width: 100%;
}
int main ()
{
   return 0;
}

Non Pygments code example

<div id="awesome">
    <p>This is great isn't it?</p>
</div>

Block Quote, 段引用

下面时关于段引用的测试。

单段的引用。Just one paragraph.

My conclusion after the trip was “well, now I know that there’s at least one company in the world that can succeed with the waterfall model” and I decided to stop bashing the waterfall model as hard as I usually do. Now, however, with all the problems Toyota are having, I’m starting to reconsider.q q q q q q q q q q q q q q qkkkkk

多段的引用,one more paragraphs.

My conclusion after the trip was “well, now I know that there’s at least one company in the world that can succeed with the waterfall model” and I decided to stop bashing the waterfall model as hard as I usually do. Now, however, with all the problems Toyota are having, I’m starting to reconsider.

My conclusion after the trip was “well, now I know that there’s at least one company in the world that can succeed with the waterfall model” and I decided to stop bashing the waterfall model as hard as I usually do. Now, however, with all the problems Toyota are having, I’m starting to .q q q q q

单段,但较为复杂的引用。

My conclusion after the trip was “well, now I know that there’s at least one company in the world that can succeed with the waterfall model” and I decided to stop bashing the waterfall model as hard as I usually do. Now, however, with all the problems Toyota are having, I’m starting to reconsider.

嵌套引用。

My conclusion after the trip was “well, now I know that there’s at least one company in the world

that can succeed with the waterfall model” and I decided to stop bashing the waterfall model as hard as I usually do. Now, how ever, with all the problems Toyota are having, I’m starting to re consider.

Unordered Lists,无序列表

如下是三种不同的表达方式。

Unordered Lists 1

  • Item one
  • Item two
  • Item three

Unordered Lists 2

  • Item one
  • Item two
  • Item three

Unordered Lists 3

  • Item one
  • Item two
  • Item three

其它

如下的各个列表项中,各个项之间表示为段落,而之前的不是,也就是说添加了 <p></p> ,所以现在看起来各个段之间空隙有点大。

  • Item one

  • Item two

  • Item three

Ordered Lists,有序列表

有序表的表达方式,只与顺序相关,而与列表前的数字无关。

Ordered Lists 1

  1. Item one
    1. sub item one
    2. sub item two
    3. sub item three
  2. Item two

Ordered Lists 2

  1. Item one
  2. Item two
  3. Item three

Ordered Lists 3

  1. Item one
  2. Item two
  3. Item three

Lists Tips,列表补记

列表项目标记通常是放在最左边,但是其实也可以缩进,最多 3 个空格,项目标记后面则一定要接着至少一个空格或制表符。

  • Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aliquam hendrerit mi posuere lectus. Vestibulum enim wisi, viverra nec, fringilla in, laoreet vitae, risus.
  • Donec sit amet nisl. Aliquam semper ipsum sit amet velit. Suspendisse id sem consectetuer libero luctus adipiscing.

如下显示相同。

  • Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aliquam hendrerit mi posuere lectus. Vestibulum enim wisi, viverra nec, fringilla in, laoreet vitae, risus.
  • Donec sit amet nisl. Aliquam semper ipsum sit amet velit. Suspendisse id sem consectetuer libero luctus adipiscing.

如下是在同一列表中,显示两个段落。

  1. This is a list item with two paragraphs. Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Aliquam hendrerit mi posuere lectus.

    Vestibulum enim wisi, viverra nec, fringilla in, laoreet vitae, risus. Donec sit amet nisl. Aliquam semper ipsum sit amet velit.

  2. Suspendisse id sem consectetuer libero luctus adipiscing.

    This is the second paragraph in the list item. You’re only required to indent the first line. Lorem ipsum dolor sit amet, consectetuer adipiscing elit.

Tables, 表格

kramdown 默认支持表格,只需要设置好 table thead tbody th tr td 对应的属性即可。

head1 head1 head1 head2 head2 head2 head3 head3 head3 head4 head4 head4
row1text1 row1text3 row1text3 row1text4
row2text1 row2text3 row2text3 row2text4

MathJax, 数学表达式

如下是一个数学表达式。

段内插入LaTeX代码是这样的:$\exp(-\frac{x^2}{2})$,试试看看吧

Pictures,图片显示

If the picture doesnt exist

aaaaa

Reference,引用

如下是一个简单的链接 an example,当然也可以使用网站的相对路径 About Me

也可以将网站的引用与 URL 分别区分开,如下是其中的示例,而且不区分大小写,RTEMSLinuxGUNGUN

这里的关键是 User 的 Notify() 方法实现的是 Pointer Receiver ,而实际需要的是 Value Receiver 。

在官方文档 golang.org/doc 中有相关的介绍。

The rule about pointers vs. values for receivers is that value methods can be invoked on pointers and values, but pointer methods can only be invoked on pointers.

This rule arises because pointer methods can modify the receiver; invoking them on a value would cause the method to receive a copy of the value, so any modifications would be discarded. The language therefore disallows this mistake.

通过 Pointer Method 可以直接修改对象的值,而 Value Method 在执行前会复制一份对应的对象,并在复制后的对象上执行相关操作,而不会修改原对象的值。

原则上来说,这样定义也正常,但是很容易误用而且很难发现,所以 GoLang 放弃了这一特性。

使用

接口对于 GoLang 来说关键是其实现了泛型,类似于 C++ 中的多态特性,对于函数可以根据不同类型的入参生成不同的对象。

注意,GoLang 是静态编程语言,会在编译过程中检查对应的类型,包括了函数、变量等,同时又有一定的灵活性。实际上处于纯动态语言 (例如 Python) 以及静态语言之间 (例如 C),可以在一定程度上进行语法检查,同时又提供了高阶功能。

通过 Go 的接口,可以使用 Duck Typing 方式编程。

Duck typing in computer programming is an application of the duck test—”If it walks like a duck and it quacks like a duck, then it must be a duck”—to determine if an object can be used for a particular purpose. With normal typing, suitability is determined by an object’s type. In duck typing, an object’s suitability is determined by the presence of certain methods and properties, rather than the type of the object itself.

标准库

比较典型的示例可以参考 io/io.go 中的读写接口。

type Reader interface { Read(p []byte) (n int, err error) }

type Writer interface { Write(p []byte) (n int, err error) }

很多的标准库会使用这一接口,包括了网络、编码等类型,这里简单介绍 encoding/binary 的使用,其中 Read() 函数的声明为。

func Read(r io.Reader, order ByteOrder, data interface{}) error

其中的 r 参数可以是任意一个支持 type Reader interface 的实现,例如,使用示例如下。

package main

import ( “bytes” “encoding/binary” “log” )

func main() { var pi float64

    buff := bytes.NewBuffer([]byte{0x18, 0x2d, 0x44, 0x54, 0xfb, 0x21, 0x09, 0x40})
    if err := binary.Read(buff, binary.LittleEndian, &pi); err != nil {
            log.Fatalln("binary.Read failed:", err)
    }
    log.Println(pi) }

如上,从新建的一个内存缓存中读取,并格式化,也可以是文件或者网络。也就是说,只要支持 Read() 函数即可 (包括入参等,一般称为签名 Signature ) ,对于 Python 来说编译阶段就会报错。

源码解析

runtime/runtime2.go 文件中定义了 type iface struct 以及 type eface struct 两个结构体。

type iface struct { tab *itab data unsafe.Pointer }

type eface struct { _type *_type data unsafe.Pointer }

分别表示包含方法以及不包含方法的接口。

// iface 含方法的接口 type Person interface { Print() }

// eface 不含方法的接口 type Person interface {} var person interface{} = xxxx实体

https://segmentfault.com/a/1190000017389782

eface

由两个属性组成:_type 类型信息;data 数据信息。

type eface struct { _type *_type data unsafe.Pointer }

其中 _type 是所有类型的公共描述,几乎所有的数据都可以抽象成 _type

iface

type iface struct { tab *itab data unsafe.Pointer }

https://draveness.me/golang/docs/part2-foundation/ch04-basic/golang-reflect/

SetDeadline SetReadDeadline SetWriteDeadline

在 GoLang 提供的 net.Conn 结构中,提供了 Deadline 方法,包括了

其中 Deadline是一个绝对时间值,当到达这个时间的时候,所有的 I/O 操作都会失败,返回超时(timeout)错误。

https://colobu.com/2016/07/01/the-complete-guide-to-golang-net-http-timeouts/

Answer to the Ultimate Question of Life, The Universe, and Everything. 42

Reference

  • miniz Single C source file zlib-replacement library.

malloc产生SEGV问题排查方法 https://blog.csdn.net/win_lin/article/details/7822762

https://eklitzke.org/memory-protection-and-aslr

TIME_WAIT和端口复用 https://www.cnblogs.com/kex1n/p/7437290.html https://blog.csdn.net/u010585120/article/details/80826999

内存数据提取 https://github.com/rek7/mXtract https://github.com/hephaest0s/usbkill

查找敏感信息 https://www.freebuf.com/articles/system/23993.html c++ pitfall

指针

数组指针

int (*arr)[3] 这定义了一个指向数组的指针,数组的元素必须是 3 。

#include

int main(void) { int (*ptr)[3], i, *data; int array[3] = {1, 2, 3}; // size MUSTBE 3.

    ptr = &array; // ptr is a pointer to array.
    for (i = 0; i < 3; i++)
            printf("%d\n", (*ptr)[i]); // got the array first

    data = array;
    for (i = 0; i < 3; i++)
            printf("%d\n", data[i]);

    return 0; }

如上是容易出错的三个点:

  1. 数组的大小必须与声明的数组指针变量大小相同;
  2. 因为ptr是一个数组指针,所以必须对数组取地址;
  3. 由于ptr是数组指针,那么在获取数组中的元素时,需要先取地址,而且要加括号保证优先级。

后面是比较常用的使用方法,如果要传递给一个函数,那么数组的大小同样需要传递。

https://stackoverflow.com/questions/11167907/compression-in-openssl https://blog.csdn.net/liujiayu2/article/details/51860184

SSH-Key的选择 https://medium.com/@honglong/%E9%81%B8%E6%93%87-ssh-key-%E7%9A%84%E5%8A%A0%E5%AF%86%E6%BC%94%E7%AE%97%E6%B3%95-70ca45c94d8e

很多不错的网络开发介绍 http://www.52im.net/thread-50-1-1.html

文件格式

假设下载的是一个 CentOS 8 的镜像,可以直接下载。

协议简介,官方以及非官方 https://wiki.theory.org/index.php/Main_Page http://bittorrent.org/beps/bep_0003.html

https://github.com/skeeto/bencode-c https://github.com/amwales-888/ambencode https://github.com/janneku/bencode-tools https://github.com/willemt/heapless-bencode https://github.com/somemetricprefix/tbl https://segmentfault.com/a/1190000000681331 https://github.com/Rudde/mktorrent

其中比较关键的是 announce URL 以及 info 字典,

MP3格式解析 https://github.com/lieff/minimp3 https://blog.csdn.net/u010650845/article/details/53520426 https://www.cnblogs.com/ranson7zop/p/7655474.html

GO客户端 https://github.com/anacrolix/torrent Tracker https://github.com/chihaya/chihaya https://github.com/masroore/opentracker https://github.com/xaiki/opentracker https://github.com/danielfm/bttracker https://github.com/willemt/tracker-client http://erdgeist.org/arts/software/opentracker/ https://github.com/crosbymichael/tracker

http://www.kristenwidman.com/blog/33/how-to-write-a-bittorrent-client-part-1/ https://www.cnblogs.com/hnrainll/archive/2011/07/26/2117423.html

https://blog.jse.li/posts/torrent/ https://www.jianshu.com/p/22205fa24c9b https://skerritt.blog/bit-torrent/ µTorrent Vuze Deluge Transmission

DFS非stack模式 https://segmentfault.com/a/1190000010632749 安全编译选项 https://firmianay.gitbooks.io/ctf-all-in-one/doc/4.4_gcc_sec.html https://blog.lao-yuan.com/2018/06/09/Linux-GCC%E5%AE%89%E5%85%A8%E4%BF%9D%E6%8A%A4%E6%9C%BA%E5%88%B6.html https://blog.lao-yuan.com/2018/05/29/Linux%E4%B8%8B%E5%A0%86%E6%A0%88%E7%BB%93%E6%9E%84%E5%88%86%E6%9E%90.html

  • 不会存在环,即使存在不能存在总和为负值的环;
  • 对于有 V 的节点的图,最多经过 V - 1 个边,此时退化成了链表;
  • 最短路径上的较小段 (subpath) 也是最短路径。

/post/program-c-gcc-security-options.html VSDO随机化 https://zhuanlan.zhihu.com/p/58419878

为了方便调试,GDB 会自动关闭随机选项,可以通过 set disable-randomization off 打开该选项。

https://blog.csdn.net/Plus_RE/article/details/79199772 https://yifengyou.gitbooks.io/learn-linux_exploit/

反ptrace http://eternalsakura13.com/2018/02/01/ptrace/ /proc//environ

/post/kernel-memory-virtual-physical-map /post/kernel-memory-management-from-userspace-view

文件 /proc/<PID>/maps 显示了进程映射的内存区域和访问权限,通过 proc_pid_maps_op 实现,对应的函数为 show_map() ,对应内核中的 task->mm->mmap 链表。

https://blog.csdn.net/lijzheng/article/details/23618365

/post/charsets-encoding.html https://upload.wikimedia.org/wikipedia/commons/d/dd/ASCII-Table.svg

#include #include #include #include #include

#include <sys/ptrace.h>

int strsplit(char *string, char **fields, size_t size) { size_t i = 0; char *ptr = string, *saveptr = NULL;

    while ((fields[i] = strtok_r(ptr, ", \t\r\n", &saveptr)) != NULL) {
            ptr = NULL;
            i++;

            if (i >= size)
                    break;
    }

    return ((int)i); }

static void *read_data_range(int pid, void *start, void *end) { long word; void *data; size_t len, offset;

    len = end - start;
    if ((len % sizeof(void *)) != 0) {
            fprintf(stderr, "malformed memory address, length %d.", len);
            return NULL;
    }
    if (len > 1024 * 1024)
            return NULL;
    //fprintf(stdout, "read data from %p to %p, length %ld.\n", start, end, len);

    data = malloc(len);
    if (data == NULL) {
            fprintf(stderr, "malformed memory address, length %d.", len);
            return NULL;
    }

    errno = 0;
    for (offset = 0; offset < len; offset += sizeof(long)) {
            word = ptrace(PTRACE_PEEKTEXT, pid, start + offset, NULL);
            if (word < 0 && errno != 0) {
                    fprintf(stderr, "peek text from %p failed, %d:%s.",
                            start + offset, errno, strerror(errno));
                    free(data);
                    return NULL;
            }
            memcpy((uint8_t *)data + offset, &word, sizeof(word));
    }

    return data; } int main(void) {
    FILE *maps;
    int pid = 27898, rc, idx, len, i;
    char path[128], line[1024], *fields[32], *end, *ptr, *data;
    unsigned long long addr_start, addr_end;

    if (geteuid() != 0) {
            fprintf(stdout, "Running as root is recommended.");
            return -1;
    }

    rc = snprintf(path, sizeof(path), "/proc/%d/maps", pid);
    if (rc < 0 || rc >= (int)sizeof(path)) {
            fprintf(stderr, "format maps filepath failed, rc %d.", rc);
            return -1;
    }

    maps = fopen(path, "r");
    if (maps == NULL) {
            fprintf(stderr, "open map file '%s' failed, %d:%s.", path, errno, strerror(errno));
            return -1;
    }

    // /proc/<PID>/environ
    if (ptrace(PTRACE_ATTACH, pid, NULL, NULL) < 0) {
            fprintf(stderr, "Attach to PID %d failed, %d:%s.", pid, errno, strerror(errno));
            fclose(maps);
            return -1;
    }
    wait(NULL);

    while (feof(maps) == 0) {
            if (fgets(line, sizeof(line), maps) == NULL)
                    break;

            rc = strsplit(line, fields, (sizeof(fields)/sizeof(fields[0])));
            if (rc < 2) {
                    fprintf(stderr, "invalid line '%s', at least 2 fields expect.", line);
                    break;
            }

            if (strchr(fields[1], 'r') == 0)
                    continue;
            fprintf(stderr, "======= %s\n", line);

            end = strchr(fields[0], '-');
            if (end == NULL)
                    continue;
            *end = 0;
            end++;

            errno = 0;
            addr_start = strtoull(line, &ptr, 16);
            if (line == ptr || errno != 0) {
                    fprintf(stderr, "convert start address '%s' failed, %d:%s.\n",
                                    line, errno, strerror(errno));
                    continue;
            }
            addr_end = strtoull(end, &ptr, 16);
            if (end == ptr || errno != 0) {
                    fprintf(stderr, "convert end address '%s' failed, %d:%s.\n",
                                    end, errno, strerror(errno));
                    continue;
            }

            data = read_data_range(pid, (void *)addr_start, (void *)addr_end);
            if (data == NULL)
                    continue;

            len = addr_end - addr_start;
            for (idx = 0, i = 0; i < len; i++) {
                    if (data[i] < ' ' || data[i] > '~')
                            continue;
                    data[idx++] = data[i];
            }
            data[idx] = 0;
            fprintf(stdout, "got data: %s\n", data);

            free(data);
            //fprintf(stderr, "%p %p 0x%llx   0x%llx\n", line, ptr, addr_start, addr_end);
    }

    fclose(maps);

    if (ptrace(PTRACE_DETACH, pid, NULL, NULL) < 0) {
            fprintf(stderr, "Attach to PID %d failed, %d:%s.", pid, errno, strerror(errno));
            return -1;
    }

    return 0; }

内存保护

简单来说,就是针对不同的场景设置内存的读写权限。

https://www.gnu.org/software/libc/manual/html_node/Memory-Protection.html https://www.informit.com/articles/article.aspx?p=23618&seqNum=10 https://www.cnblogs.com/rim99/p/5523289.html https://unix.stackexchange.com/questions/211951/how-does-the-kernel-prevent-a-malicious-program-from-reading-all-of-physical-ram

ASLR实现以及漏洞分析 https://www.cnblogs.com/wangaohui/p/7122653.html https://www.freebuf.com/articles/system/228731.html

参考

检测在什么样的虚拟机里的脚本 https://www.freebuf.com/articles/network/229040.html

Non-Deterministic Polynomial Complete Problem, NPC 问题 Non-Deterministic Polynomially, NP 是指一个问题不能确定是否在多项式时间内找到答案,但是可以在多项式时间内验证答案是否正确,如完全子图问题、图着色问题、旅行商(TSP)问题等。

之所以要定义 NP 问题,是因为通常只有 NP 问题才可能找到多项式的算法,不能指望一个连多项式验证一个解都不行的问题存在一个解决它的多项式级的算法。

http://halobates.de/memorywaste.pdf –>



如果喜欢这里的文章,而且又不差钱的话,欢迎打赏个早餐 ^_^


About This Blog

Recent Posts

Categories

Related Links

  • RTEMS
    RTEMS
  • GNU
  • Linux Kernel
  • Arduino

Search


This Site was built by Jin Yang, generated with Jekyll, and hosted on GitHub Pages
©2013-2019 – Jin Yang