Jim Shu cwshu

## tmp.py
import subprocess as sub
out = sub.check_output("diff NEWS NEWS.old || true", shell=True)

## netconfig_by_cli.rst

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                cwshu
                / netconfig_by_cli.rst
            
            
              Last active
              August 29, 2015 14:04
            
          
    ethernet


ifconfig eth0 <IP> netmask <netmask>
route add default gw <gateway>

edit /etc/resolv.conf

nameserver <DNS>


variable example

<IP> = 192.168.1.10
<netmask> = 255.255.255.128


## path
m_main.c:1832:VG_(split_up_argv)
m_commandline.c:258:VG_(RR_ClientCmdLine)
m_recordreplay.c:244:PROCESS_LOGENTRY
m_coregrind/m_recordreplay/priv_recordreplay.h:132:ML_(readFromLog)
replay.c:164:VG_(malloc)(NULL, len+1)

## gist:2c849985b18d7f7182d6
- sudo useradd testing -m -s /bin/bash
  - 建立帳號, username 為 testing
- sudo passwd testing
  - 給 testing 密碼

## gist:3f6c25647a4a30e08195
ghost: glibc 的 gethostbyname(解 domain name 的 function) 出現 buffer overflow 的 bug，可以讓 attacker 完整控制這支程式

補救方法是 update glibc，而且將所有有用到 glibc 的 process 重新啟動。

update patch guide [centos]: https://www.centosblog.com/critical-glibc-remote-vulnerability-exploit-ghost-patch-glibc-now/
centos6 的 glibc patch 版本號: http://lists.centos.org/pipermail/centos-announce/2015-January/020907.html
centos7 的 glibc patch 版本號: http://lists.centos.org/pipermail/centos-announce/2015-January/020908.html

## overload.cpp
#include <iostream>
using namespace std;

int f(int a=10);

int main(){
    cout << f() << endl;
    cout << f(100) << endl;
}

## hypervisor_BYOD_resource.rst

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                cwshu
                / hypervisor_BYOD_resource.rst
            
            
              Last active
              August 29, 2015 14:18
            
          
current solution/implementation
hypervisor based implementation
GreenHill Multivisor [proprietary hypervisor: Multivisor], little technical detail!
document: http://www.ghs.com/products/rtos/integrity_virtualization.html
video: https://www.youtube.com/watch?v=9nDBpRGazRU


two Android VMs running on top of Xen on a Nexus 10 with PV GPU [Xen]


## diff_stat.py
#!/usr/bin/env python3
"""
transform the diff program output format to "git diff --stat" style.
./diff_stat.py [diff_file]
"""

import sys

def get_fname(diff_data):
    """

## web_shell.py
#!/usr/local/bin/python2

import cgi
import subprocess as sp

html_template = """<html>
<head>
    <title> Web Shell </title>
</head>
<body>

## linux_kvm_armv8.md

      
              1 file
            
          
              1 fork
            
          
              0 comments
            
          
              0 stars
            
          
                cwshu
                / linux_kvm_armv8.md
            
            
              Created
              May 13, 2015 06:38
            
          
    linux guest on linux-kvm-arm host on armv8 FoundationModel

all you need


FoundationModel armv8 simulator
linux-kvm-arm kernel (including dtb(device tree blob))

kernel config


linux root file system: host.img && guest.img
userspace virtualization tool: qemu/kvm-tool
FoundationModel boot wrapper
	import subprocess as sub
	out = sub.check_output("diff NEWS NEWS.old \|\| true", shell=True)
	m_main.c:1832:VG_(split_up_argv)
	m_commandline.c:258:VG_(RR_ClientCmdLine)
	m_recordreplay.c:244:PROCESS_LOGENTRY
	m_coregrind/m_recordreplay/priv_recordreplay.h:132:ML_(readFromLog)
	replay.c:164:VG_(malloc)(NULL, len+1)
	- sudo useradd testing -m -s /bin/bash
	- 建立帳號, username 為 testing
	- sudo passwd testing
	- 給 testing 密碼
	ghost: glibc 的 gethostbyname(解 domain name 的 function) 出現 buffer overflow 的 bug，可以讓 attacker 完整控制這支程式

	補救方法是 update glibc，而且將所有有用到 glibc 的 process 重新啟動。

	update patch guide [centos]: https://www.centosblog.com/critical-glibc-remote-vulnerability-exploit-ghost-patch-glibc-now/
	centos6 的 glibc patch 版本號: http://lists.centos.org/pipermail/centos-announce/2015-January/020907.html
	centos7 的 glibc patch 版本號: http://lists.centos.org/pipermail/centos-announce/2015-January/020908.html
	#include <iostream>
	using namespace std;

	int f(int a=10);

	int main(){
	cout << f() << endl;
	cout << f(100) << endl;
	}
	#!/usr/bin/env python3
	"""
	transform the diff program output format to "git diff --stat" style.
	./diff_stat.py [diff_file]
	"""

	import sys

	def get_fname(diff_data):
	"""
	#!/usr/local/bin/python2

	import cgi
	import subprocess as sp

	html_template = """<html>
	<head>
	<title> Web Shell </title>
	</head>
	<body>