Skip to content

Instantly share code, notes, and snippets.

Brendan Dolan-Gavitt moyix

View GitHub Profile
@moyix
moyix / tree.sh
Created Dec 16, 2019
A very silly script to make a Christmas tree with 224 cores in htop
View tree.sh
# Upper
cpulimit -l 1 -- taskset -c 0 ./pct
cpulimit -l 18 -- taskset -c 1 ./pct
cpulimit -l 35 -- taskset -c 2 ./pct
cpulimit -l 52 -- taskset -c 3 ./pct
cpulimit -l 69 -- taskset -c 4 ./pct
cpulimit -l 86 -- taskset -c 5 ./pct
cpulimit -l 103 -- taskset -c 6 ./pct
cpulimit -l 1 -- taskset -c 63 ./pct
View make_testcases_onefile.sh
#!/bin/bash
for f in "$@"; do
objdump -d /bin/ls | grep -Eo '\$0x[0-9a-f]+' | cut -c 2- | sort -u | python -c 'import sys, struct; print("\n".join("\""+struct.pack("<I" if len(l) <= 11 else "<Q", int(l,0)).encode("string_escape")+"\"" for l in sys.stdin.readlines()))'
strings "${f}" | python -c 'import sys; print("\n".join("\""+line.strip().encode("string_escape")+"\"" for line in sys.stdin.readlines()))'
done
View plotframes.py
#!/usr/bin/env python
from itertools import cycle
import matplotlib.pyplot as plt
import squarify
import gzip
import sys
colormap = {}
allinsns = eval(open(sys.argv[1]).read())
View gdbcmds.txt
shell sleep 5
set logging file UUID.gdb.log
set logging on
target remote localhost:9999
file /nas/brendan/syzkaller_recordings/kernels/UUID/vmlinux
break panic
commands 1
break __delay
c
end
@moyix
moyix / aigen.php
Last active Feb 27, 2019
PHP code generated by GPT-2
View aigen.php
<?php
require ' vendor/autoload.php ' ;
/**
* Handles an HTTP request that contains information for registering/unregistering
* a FNA application.
@moyix
moyix / parse_dmesg.py
Created Feb 13, 2019
Small parser using Construct for the Linux kernel log buffer
View parse_dmesg.py
#!/usr/bin/env python
from datetime import timedelta
import sys
from construct import *
Message = Aligned(4, Struct(
"ts_nsec" / Int64ul,
"length" / Int16ul,
"text_len" / Int16ul,
@moyix
moyix / top10_syzkaller_patches.txt
Created Jan 8, 2019
Linux kernel commits that fixed the largest number of Syzkaller-reported crashes
View top10_syzkaller_patches.txt
# commit message
44 99ba2b5aba24e022683a7db63204f9e306fe7ab9 bpf: sockhash, disallow bpf_tcp_close and update in parallel
15 1d88ba1ebb2763aa86172cd7ca05dedbeccc0d35 sctp: not allow transport timeout value less than HZ/5 for hb_timer
15 bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1 bpf, array: fix overflow in max_entries and undefined behavior in index_mask
10 66e58e0ef80a56a1d7857b6ce121141563cdd93e bpfilter: fix race in pipe access
9 3619dec5103dd999a777e3e4ea08c8f40a6ddc57 dh key: fix rounding up KDF output length
8 8e04944f0ea8b838399049bdcda920ab36ae3b04 mm,vmscan: Allow preallocating memory for register_shrinker().
8 d76c68109f37cb85b243a1cf0f40313afd2bae68 crypto: pcrypt - fix freeing pcrypt instances
8 58990d1ff3f7896ee341030e9a7c2e4002570683 bpf: reject passing modified ctx to helper functions
7 b84bbaf7a6c8cca24f8acf25a2c8e46913a947ba packet: in packet_snd start writing at link layer allocation
View in_asm.txt
0xc11e3626 3239982630: add esp,0x8
0xc11e3629 3239982633: pop ebx
0xc11e362a 3239982634: ret
@moyix
moyix / klee_output.txt
Last active Jul 30, 2018
Simple example where KLEE can miss a bug (due to floating point)
View klee_output.txt
klee@e7588606c9e8:~$ klee --allow-external-sym-calls --libc=uclibc --posix-runtime ./toy_156.bc --sym-files 1 88 A
KLEE: NOTE: Using klee-uclibc : /home/klee/klee_build/klee/Release+Debug+Asserts/lib/klee-uclibc.bca
KLEE: NOTE: Using POSIX model: /home/klee/klee_build/klee/Release+Debug+Asserts/lib/libkleeRuntimePOSIX.bca
KLEE: output directory is "/home/klee/./klee-out-1"
KLEE: Using STP solver backend
KLEE: WARNING ONCE: calling external: syscall(16, 0, 21505, 61828272) at /home/klee/klee_src/runtime/POSIX/fd.c:980
KLEE: WARNING ONCE: calling __user_main with extra arguments.
KLEE: WARNING ONCE: Alignment of memory from call "malloc" is not modelled. Using alignment of 8.
KLEE: WARNING ONCE: ioctl: (TCGETS) symbolic file, incomplete model
KLEE: WARNING ONCE: calling external: printf(61699472, (ReadLSB w32 12 A-data)) at [no debug info]
View facedata.b64
FpzbgAQYgAS_sZsyMDJdtTmzUyx3OM4tG7MyrNY2tSJfs-Wxei4JN_OtxbWirTKdvTDmNCEurTSKLqiyEjPxshk19jpVL9y2kan5tHcylDAgtbE2hy1SMs0nmrYas4KymDLLN_UpTjUTs_46BKwUtwE4Fy1INj4m1qj1Lpio-zKjNvmtp7inMTm3bjjrr-y4PbCRN5A2AzcsN1O0CznbrSYuXCyotDEyFi0ttKgpvqxVMn0wDDcZuDmwc7MfrXazAKhoMPG3EjYfOP-ha7GrLxc4GS7ht3WsnDE4M9Qv9bNUrRmhZC3hsDA06qyXqt2udjYlsTA1HTlDuQy4IzcHqJSp9LRtMOE4szUvNsuzN7ClNCIzz6DSthO4Ha6gt1c3RDj-KOowxbeurDy2M7ZiLNesjLneL6kfdLQQuSWvhrLHKaE41TRLNDOlmDKJMFixNLYjtUqzmrJGNrKuxTOGtxu4HiBNL0Uz0SnNOeYyyDA9NnS4Tza3qBG63TOvK06zaDMrOBs36rSWOBm1C7Mnsfg2LTbAGbEd5jXmNCaoUbVNKSKpDTSENLGzpq3dMCAw6y_Ys1w0FjRrNIk5LzObtg60dLNLMW2zvrOqrMie5jL_MnC0ubiMqwAu-TAStiIiGTQoOHCxcaAuMYKtb7b6MHAyMKyCJ9-zOiygOKOyCrRTtl25hTU8Mx3AGqBSF0AKxOigAAAAF0AJH6UgAAAAFz_6X20gAAAAFVYVpxEdwB67MB0-6r04Gf0UQIpXXECGpIZAes_IQHD-W0BqEKdAZ9U_QF3iLUBbqRNAWMSVQFYnRUBUHlFAUIU6QE4nMUBKzfhASP0pQDqtqEAydv9ALDRrQCbHxEAV0441AAjIAQdkZjMtZjE2AA
You can’t perform that action at this time.