This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| qemu-system-x86_64 -nographic -kernel ./linux-4.4.185/arch/x86_64/boot/bzImage -initrd ./busybox/rootfs.img -append "root=/dev/ram rdinit=/bin/sh console=ttyS0" |
epcnt19
/ 50-cloud-init.yaml
Created
June 28, 2019 08:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| network: | |
| ethernets: | |
| ens3: | |
| addresses: [192.168.122.3/24] | |
| gateway4: 192.168.122.1 | |
| dhcp4: false | |
| dhcp6: false | |
| accept-ra: false | |
| nameservers: | |
| addresses: [1.1.1.1] |
epcnt19
/ sandbox_test.c
Created
April 1, 2019 05:37
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include<stdio.h> | |
| #include<unistd.h> | |
| #include<sys/types.h> | |
| #include<sys/wait.h> | |
| #include<sys/syscall.h> | |
| #include<sys/stat.h> | |
| #define GETCWD 79 | |
| #define MKDIR 83 | |
| #define RMDIR 84 |
epcnt19
/ sandbox_result.log
Created
March 27, 2019 12:21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ 213.144561] sys_regist_pid : called | |
| [ 213.144564] search_pid : called | |
| [ 213.144566] search_pid : no hit entry_ptr | |
| [ 213.144567] sys_regist_pid : success adding pid(2195) | |
| [ 213.144569] check_sandbox : detect target pid(2195) | |
| [ 213.144570] sys_regist_syscall : called | |
| [ 213.144572] search_syscall_num : called | |
| [ 213.144573] search_syscall_num : no hit entry_ptr | |
| [ 213.144574] sys_regist_syscall : success adding syscall number(79) | |
| [ 213.144576] check_sandbox : detect target pid(2195) |
epcnt19
/ kvm_cpuid.py
Last active
December 19, 2018 13:13
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from __future__ import print_function | |
| from bcc import BPF | |
| b = BPF(text=""" | |
| #define EXIT_REASON 10 | |
| BPF_HASH(start, u8, u8); | |
| TRACEPOINT_PROBE(kvm, kvm_exit) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include<stdio.h> | |
| int eax_value = 0; | |
| void cpuid(){ | |
| __asm__ volatile ("movl eax_value,%eax \n\t" | |
| "cpuid"); | |
| } | |
epcnt19
/ node_drone.js
Created
December 9, 2018 17:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var RollingSpider = require('rolling-spider'); | |
| var temporal = require('temporal'); | |
| var keypress = require('keypress'); | |
| var record = require('node-record-lpcm16'); | |
| var Julius = require('julius-net'); | |
| var rollingSpider = new RollingSpider(); | |
| keypress(process.stdin); | |
| process.stdin.setRawMode(true); | |
| console.log("[drone event] connecting to rolling spider..."); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #coding:utf-8 | |
| import re | |
| import sys | |
| import time | |
| import argparse | |
| import subprocess | |
| import commands | |
| dname_to_id = "xl domid %s" | |
| get_pid = "vmi-process-list %s | grep %s" |
epcnt19
/ sptdump_result.txt
Created
September 13, 2018 08:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| root@ubuntu:# ../../simple-pt/sptdump | |
| cpu 0 offset 0, 0 KB, writing to ptout.0 | |
| cpu 1 offset 0, 0 KB, writing to ptout.1 | |
| cpu 2 offset 0, 0 KB, writing to ptout.2 | |
| cpu 3 offset 1904, 2048 KB, writing to ptout.3 | |
| cpu 4 offset 0, 0 KB, writing to ptout.4 | |
| cpu 5 offset 0, 0 KB, writing to ptout.5 | |
| cpu 6 offset 0, 0 KB, writing to ptout.6 | |
| cpu 7 offset 0, 0 KB, writing to ptout.7 | |
| cpu 8 offset 0, 0 KB, writing to ptout.8 |
epcnt19
/ simple-pt_dmesg.txt
Created
September 13, 2018 07:43
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ 2786.576349] start_pt_with_ioctl is called | |
| [ 2786.576353] val 0 | |
| [ 2786.576354] oldval 0 | |
| [ 2786.576404] start_pt_with_ioctl is called | |
| [ 2786.576406] start_pt_with_ioctl is called | |
| [ 2786.576408] start_pt_with_ioctl is called | |
| [ 2786.576410] start_pt_with_ioctl is called | |
| [ 2786.576411] start_pt_with_ioctl is called | |
| [ 2786.576412] start_pt_with_ioctl is called | |
| [ 2786.576413] start_pt_with_ioctl is called |
NewerOlder