summaryrefslogtreecommitdiff
path: root/md
diff options
context:
space:
mode:
Diffstat (limited to 'md')
-rw-r--r--md/notes/undefined_c/tutorial.md4
-rw-r--r--md/writeup/arm64_assembly_crc32.md14
-rw-r--r--md/writeup/arm64_assembly_hello_world.md12
-rw-r--r--md/writeup/basic_http_server.md6
-rw-r--r--md/writeup/bladerf_quick_guide.md1
-rw-r--r--md/writeup/building_openwrt_for_rtl8196c.md12
-rw-r--r--md/writeup/c_bin2hex.md2
-rw-r--r--md/writeup/c_macro_tricks.md37
-rw-r--r--md/writeup/calculate_fir_coefficients_with_c.md4
-rw-r--r--md/writeup/compile_linux_kernel.md22
-rw-r--r--md/writeup/compile_python.md23
-rw-r--r--md/writeup/cve_2010_1160_exploiting_nano.md8
-rw-r--r--md/writeup/datamatch.md10
-rw-r--r--md/writeup/devices/samsung_xe303c12.md24
-rw-r--r--md/writeup/dsp_lp_filter.md10
-rw-r--r--md/writeup/elf_rewrite_function.md16
-rw-r--r--md/writeup/elf_text_section.md4
-rw-r--r--md/writeup/embedding_lua_in_c.md2
-rw-r--r--md/writeup/fpu_catch_division_by_zero.md2
-rw-r--r--md/writeup/gcc_inline_assembly.md16
-rw-r--r--md/writeup/h64e.md14
-rw-r--r--md/writeup/hooking_interrupt_descriptor_table.md7
-rw-r--r--md/writeup/ihe.md2
-rw-r--r--md/writeup/kconf2h.md6
-rw-r--r--md/writeup/kconfig2h_utility.md2
-rw-r--r--md/writeup/kernel_debug_messages.md12
-rw-r--r--md/writeup/kernel_dev_hwrng.md30
-rw-r--r--md/writeup/kernel_hello_world.md8
-rw-r--r--md/writeup/linux_antidebug_5.md2
-rw-r--r--md/writeup/linux_format_string_attack.md24
-rw-r--r--md/writeup/linux_local_descriptor_table.md8
-rw-r--r--md/writeup/linux_shellcode.md8
-rw-r--r--md/writeup/makefile_tips.md16
-rw-r--r--md/writeup/making_c_executables_smaller.md10
-rw-r--r--md/writeup/multiboot_usb_drive.md14
-rw-r--r--md/writeup/openwrt_dependency_graph_drawing.md12
-rw-r--r--md/writeup/qemu_usage.md6
-rw-r--r--md/writeup/radiola.md8
-rw-r--r--md/writeup/rtlsdr_usage.md41
-rw-r--r--md/writeup/running_disk_images_in_qemu.md22
-rw-r--r--md/writeup/scan_memory_for_variable.md18
-rw-r--r--md/writeup/serial_gps_data_reading_utility.md14
-rw-r--r--md/writeup/swift_ocr_example.md2
-rw-r--r--md/writeup/using_iptables.md48
-rw-r--r--md/writeup/wasm_fractal.md4
-rw-r--r--md/writeup/web_assembly_audio_with_fir_filter.md12
-rw-r--r--md/writeup/webusb_example.md20
47 files changed, 300 insertions, 299 deletions
diff --git a/md/notes/undefined_c/tutorial.md b/md/notes/undefined_c/tutorial.md
index 731d42c..3369f6f 100644
--- a/md/notes/undefined_c/tutorial.md
+++ b/md/notes/undefined_c/tutorial.md
@@ -1637,8 +1637,6 @@ rustc main.rs -l lib -L . -o hello -C link-arg="-Wl,-rpath=./"
-```c
-```
### AArch64
@@ -1652,7 +1650,7 @@ Add bin directory location to env variable PATH
export PATH=$PATH:`pwd`
```
-___main.c__
+__main.c__
```c
#include <stdio.h>
diff --git a/md/writeup/arm64_assembly_crc32.md b/md/writeup/arm64_assembly_crc32.md
index 48ffd21..f177f3b 100644
--- a/md/writeup/arm64_assembly_crc32.md
+++ b/md/writeup/arm64_assembly_crc32.md
@@ -18,14 +18,16 @@ With Raspberry Pi 4 need to run it with 64bit linux.
### Raspberry Pi 4
Run command
-```
+
+```bash
uname -a
Linux raspberrypi 5.4.42-v8+ #1319 SMP PREEMPT Wed May 20 14:18:56 BST 2020 aarch64 GNU/Linux
```
There is substring "aarch64" that indicates that os supports 64 bits
To check if CPU supports crc32 instructions run
-```
+
+```bash
cat /proc/cpuinfo | grep crc
```
search for "crc32" substring
@@ -34,12 +36,12 @@ search for "crc32" substring
If you have Apple M1 then you already know it. If not sure run one of those commands to verify archirecture
-```
+```bash
uname -a
```
or
-```
+```bash
arch
```
@@ -228,13 +230,13 @@ int main() {
### Raspbery Pi 4
Need to set extra *-march* option to enable architecture variant that supports crc.
-```
+```bash
gcc asm_crc32.c -o asm_crc32 -march=armv8.1-a
```
### Apple M1
Works without extra options
-```
+```bash
gcc asm_crc32.c -o asm_crc32
```
diff --git a/md/writeup/arm64_assembly_hello_world.md b/md/writeup/arm64_assembly_hello_world.md
index 118e7b6..c4685f1 100644
--- a/md/writeup/arm64_assembly_hello_world.md
+++ b/md/writeup/arm64_assembly_hello_world.md
@@ -25,12 +25,12 @@ int main() {
Running 64bit linux. To detect with architecture and what bitness of
os run command
-```
+```bash
uname
```
Architecture shown as aarch64 enoughs to indicate that os ir 64bit
-```
+```bash
Linux raspberrypi 5.4.42-v8+ #1319 SMP PREEMPT Wed May 20 14:18:56 BST 2020 aarch64 GNU/Linux
```
@@ -65,9 +65,9 @@ _start:
Too compile check if you have installed gnu gcc, other compilers such as clang also
should work perfectly fine.
-```makefile
- as hello.s -o hello.o
- gcc hello.o -o hello
+```bash
+as hello.s -o hello.o
+gcc hello.o -o hello
```
## Apple M1
@@ -97,7 +97,7 @@ helloworld_len = . - helloworld
Install xcode tools before compilation
-```makefile
+```bash
as -o hello.o hello.s
ld -macosx_version_min 11.0.0 -o hello hello.o -lSystem -syslibroot `xcrun -sdk macosx --show-sdk-path` -e _start -arch arm64
```
diff --git a/md/writeup/basic_http_server.md b/md/writeup/basic_http_server.md
index cd1b4de..249c390 100644
--- a/md/writeup/basic_http_server.md
+++ b/md/writeup/basic_http_server.md
@@ -4,17 +4,17 @@ keywords:c,http,server
# Basic HTTP server
Basic HTTP server. When you type url it shows listing of your local directory. If you tipe with path to file name noting hapens
Use:
-```
+```sh
http://*.*.*.*:<port>/ -> disk start directory
http://*.*.*.*:<port>/home/ -> home directory
```
Run:
-```
+```sh
./server [port]
```
Compile:
-```
+```sh
gcc server.c -o server
```
diff --git a/md/writeup/bladerf_quick_guide.md b/md/writeup/bladerf_quick_guide.md
index 1ece22e..dec8ef7 100644
--- a/md/writeup/bladerf_quick_guide.md
+++ b/md/writeup/bladerf_quick_guide.md
@@ -104,7 +104,6 @@ create FM radio listening design and as result you can hear to your local radio
![BladerRF fm radio block diagram](/img/gnuradio/bladerf_fm_radio.png)
-
## Links
[https://www.nuand.com/bladerf-2-0-micro/](https://www.nuand.com/bladerf-2-0-micro/)
diff --git a/md/writeup/building_openwrt_for_rtl8196c.md b/md/writeup/building_openwrt_for_rtl8196c.md
index e3825d7..284b025 100644
--- a/md/writeup/building_openwrt_for_rtl8196c.md
+++ b/md/writeup/building_openwrt_for_rtl8196c.md
@@ -16,7 +16,7 @@ Fits of all need to get sources from git server.
There is some branches in git. But only one of them intended to
be used for non development purposes its "realtek-unstable"
-```
+```sh
git clone http://git.advem.lv/rtl819xx
cd ./rtl819xx/
git branch -a
@@ -28,7 +28,7 @@ git checkout realtek-unstable
There is supported only compilation with binutils 2.21.1 and
gcc-4.6.x-linaro. Now you should setup that options with menuconfig.
-```
+```sh
make menuconfig
```
@@ -45,7 +45,7 @@ __Binutils Version__ as (binutils 2.21.1)
__GCC compiler Version__ as (gcc 4.6.x with Linaro enhancements)
Last option to switch of is in main menu __Network__
-```
+```text
firewall3
odhcp6c
```
@@ -56,17 +56,17 @@ odhcp6c
It could take some time to compile image.
With some compiling output
-```
+```sh
make V=s
```
Without extra output
-```
+```sh
make
```
Compile in many threads
-```
+```sh
make -j8
```
diff --git a/md/writeup/c_bin2hex.md b/md/writeup/c_bin2hex.md
index 441a115..2d6f4b5 100644
--- a/md/writeup/c_bin2hex.md
+++ b/md/writeup/c_bin2hex.md
@@ -5,7 +5,7 @@ keywords:c,binary,hex
Converts binary file to hex file.
Use:
-```
+```sh
./bin2hex [bin_file] - for local output
./bin2hex [bin_file] [hex_text_file] - for file output
diff --git a/md/writeup/c_macro_tricks.md b/md/writeup/c_macro_tricks.md
index 4068272..e9f9d0f 100644
--- a/md/writeup/c_macro_tricks.md
+++ b/md/writeup/c_macro_tricks.md
@@ -15,10 +15,10 @@ this allows to see resulting source that going to be compiled, macro errors
could be hard to debug, but this is first thing, test them before and then
be sure that everything works. Lets continue with some more deep stuff.
-<!-- ####################################################################### -->
+
## __VA_ARGS__ keyword
-<!-- ####################################################################### -->
+
### Single argument macros
Writting macros with single argument
@@ -42,14 +42,14 @@ F(})
any kind of argument can be passed to macro, and that allows to make some tricks
#### Result
-```
+```c
int main
(){
printf("hello world\n");
}
```
-<!-- ####################################################################### -->
+
### Multi argument macro
writting macro with multiple unamed arguments
@@ -74,7 +74,7 @@ Previouse example works just fine, but if add multiple arguments the __VA_ARGS__
just prints them as a whole string
#### Result
-```
+```c
int main
(){
printf("hello world\n");
@@ -84,7 +84,7 @@ printf("hello world\n");
```
-<!-- ####################################################################### -->
+
### Mixing named arguments and unamed arguments
Mixing together named and unnamed arguments
@@ -108,7 +108,7 @@ F2(int main,{my code},{more code})
#### Result
-```
+```c
2,3,4,5
1
@@ -116,7 +116,7 @@ F2(int main,{my code},{more code})
int main
```
-<!-- ####################################################################### -->
+
## Define struct with macros
Lets move to some more practical example lets just define macro that going to
@@ -172,7 +172,6 @@ struct add {int a; int b;};;
struct dirst {int c; ;};;
```
-<!-- ####################################################################### -->
## Detect number of arguments
There is one trick that can be used to detect number of arguments passed to
@@ -222,12 +221,12 @@ F(1,2,3,4,5)
5
```
-<!-- ####################################################################### -->
+
## Variable argument macro match macro according number of arguments
Detect number of arguments and match macro according to number of arguments
-```
+```c
#define FUN3(X1,X2,X3,...) "there is 3"
#define FUN2(X1,X2,...) "there is 2"
#define FUN1(X1,...) "there is 1"
@@ -237,14 +236,14 @@ Detect number of arguments and match macro according to number of arguments
```
#### Source
-```
+```c
FUN(add,int a,int b);
FUN(mul,int a,int b,int c);
FUN(div,int a);
```
#### Result
-```
+```c
void add ( "there is 2");
void mul ( "there is 3");
void div ( "there is 1");
@@ -257,7 +256,7 @@ void div ( "there is 1");
Best part of it that it can match also typdefed structures. So now macroses
can contain typechecking
-```
+```c
#define type_str(T) _Generic( (T), int: "int",\
long: "long",\
A: "A",\
@@ -287,7 +286,7 @@ int main()
#### Result
-```
+```block
long
int
A
@@ -305,7 +304,7 @@ default: "UNK UNK" )
```
#### Source
-```
+```c
typedef struct A
{
@@ -336,7 +335,7 @@ int int
A A
```
### Generic printf
-```
+```c
#define FF "%f "
#define FS "%s "
#define FD "%d "
@@ -355,7 +354,7 @@ A A
```
#### Source
-```
+```c
int main()
{
A a;
@@ -372,7 +371,7 @@ int main()
#### Result
-```
+```bash
1 2.000000
3 4
big float 0.010000
diff --git a/md/writeup/calculate_fir_coefficients_with_c.md b/md/writeup/calculate_fir_coefficients_with_c.md
index 5e643a6..8d31cb0 100644
--- a/md/writeup/calculate_fir_coefficients_with_c.md
+++ b/md/writeup/calculate_fir_coefficients_with_c.md
@@ -292,14 +292,14 @@ title("my coef freqz");
Snippet code is located at [http://git.main.lv/cgit.cgi/code-snippets.git/tree/fir1](http://git.main.lv/cgit.cgi/code-snippets.git/tree/fir1)
to compile get and compile code run
-```
+```bash
git clone http://git.main.lv/cgit.cgi/code-snippets.git
cd code-snippets/fir1
make
```
run program
-```
+```bash
./simple_fir
```
diff --git a/md/writeup/compile_linux_kernel.md b/md/writeup/compile_linux_kernel.md
index a373caf..2724736 100644
--- a/md/writeup/compile_linux_kernel.md
+++ b/md/writeup/compile_linux_kernel.md
@@ -8,7 +8,7 @@ To get main repo kernel
Default kernel is located here
-```
+```sh
git clone git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
```
@@ -34,7 +34,7 @@ Easyes way startup config is just to get whatever you running now. If you hw wor
with current distro then use current kernel config its is stored in procfs _/proc/config.gz_.
Lets go to our kernel repo and do
-```
+```sh
zcat /proc/config.gz > .config
```
now you are ready to compile kernel that will work at begining
@@ -51,19 +51,19 @@ And you will able to run your stuff only with staticly compiled kernel without l
List all loaded modules
-```
+```sh
lsmod
```
See all conntected USB devices
-```
+```sh
lsusb
```
See all PCI devices and modules that they are using
-```
+```sh
lspci -k
```
@@ -72,14 +72,14 @@ This bare minimum of command that you whant to run to start modifing your kernel
## Compiling
Run to configure kernel
-```
+```sh
make menuconfig
```
config is saved in _.config_ file. And now we are ready to
compile our first kernel
-```
+```sh
make
```
@@ -91,19 +91,19 @@ It depends from distro to distro expected way how to install new/fresh/clean ker
Install modules. They all will go /lib/modules/`your kernel version`
-```
+```sh
make modules_install
```
Compy compiled kernel to boot directory
-```
+```sh
cp -v arch/x86_64/boot/bzImage /boot/vmlinuz-linux318
```
Create initram image
-```
+```sh
mkinitcpio -k <kernelversion> -g /boot/initramfs-<file name>.img
```
@@ -125,7 +125,7 @@ https://grsecurity.net/
Latest patches could be downloaded from https://grsecurity.net/download.php#test
Apply patch
-```
+```sh
cd linux-4.7.10
patch -p1 < ../grsecurity-3.1-4.7.10-201610222037.patch
```
diff --git a/md/writeup/compile_python.md b/md/writeup/compile_python.md
index 2acbb1e..13b6446 100644
--- a/md/writeup/compile_python.md
+++ b/md/writeup/compile_python.md
@@ -20,7 +20,7 @@ admin permissions then its probably one way to go.
### Download
-```
+```bash
wget -c https://www.python.org/ftp/python/$(VERSION)/Python-$(VERSION).tgz
tar -xvf Python-$(VERSION).tgz
```
@@ -29,7 +29,7 @@ tar -xvf Python-$(VERSION).tgz
Set flags to make python compiled as static
-```
+```bash
./configure LDFLAGS="-static -static-libgcc" CPPFLAGS="-fPIC -static" --disable-shared --prefix=/custom/install/path
```
@@ -46,7 +46,7 @@ Here example file used
### Compile
-```
+```bash
make
```
@@ -57,14 +57,14 @@ configured installed path.
-```
+```bash
make install
```
Later on set env variables to point to correct location of custom installed python
so can import all modules from correct location
-```
+```bash
PYTHONPATH=/custom/output/lib
PYTHONHOME=/custom/output
```
@@ -76,7 +76,7 @@ PYTHONHOME=/custom/output
### Configure
Set flags to make python compiled as static
-```
+```bash
./configure LDFLAGS="-static -static-libgcc" CPPFLAGS="-fPIC -static" --disable-shared --prefix=/custom/install/path
```
@@ -106,7 +106,7 @@ Did work by default without any changes
Disabled this modules to make it compile
-```
+```bash
_socket
_posix
pwd
@@ -116,13 +116,14 @@ dl
Got alot of linking warnings but did worked and installed at the end.
Selftest failed on:
-```
+```bash
0:01:10 load avg: 0.85 [119/404/14] test_email
make: *** [Makefile:884: test] Segmentation fault
```
### Centos6
Needed to disable modules in Modules/Setup to make it compile
+
```
_socket
_posix
@@ -131,7 +132,7 @@ dl
```
Gcc suggested to use this options
-```
+```bash
-pie -fPIC
```
@@ -147,7 +148,7 @@ Here is located compilation snippet that used to test static compilation
Clone it, goto python directory
#### Python2
-```
+```bash
make download
cp py2/Setup Python-2.X.X/Modules/Setup
make configure
@@ -158,7 +159,7 @@ make install
Output is in **output** directory
#### Python3
-```
+```bash
make download3
cp py3/Setup Python-3.X.X/Modules/Setup
make configure3
diff --git a/md/writeup/cve_2010_1160_exploiting_nano.md b/md/writeup/cve_2010_1160_exploiting_nano.md
index fa27c0b..9124aab 100644
--- a/md/writeup/cve_2010_1160_exploiting_nano.md
+++ b/md/writeup/cve_2010_1160_exploiting_nano.md
@@ -15,7 +15,7 @@ this bug works on < 2.1.7 versions now on my system is latest nano
version and I have compiled many < 2.1.7 versions to test this bug.
To get your nano version run:
-```
+```sh
$ nano -V
```
@@ -31,13 +31,13 @@ How to use it in real life:
4) See result in symlinked file
Everything looks like
-```
+```sh
$nano text.txt
``
Now some one do:
-```
+```sh
$ls -s empty.txt text.txt
```
@@ -70,7 +70,7 @@ Script is only for user and dont work if you try to symlink root
opened nano. It makes all steps as described above. Change script
variables for your tests:
-```
+```text
debug = True
nano = "nano-2.0.9"
user = "user"
diff --git a/md/writeup/datamatch.md b/md/writeup/datamatch.md
index 3d0d9e9..874db87 100644
--- a/md/writeup/datamatch.md
+++ b/md/writeup/datamatch.md
@@ -11,7 +11,7 @@ about that
### Print about position in file
Here how looks scripts to bookmark some position
-```
+```text
0x01 "byte one"
0x02 "byte two"
```
@@ -22,7 +22,7 @@ This could be used to bookmark stuff in files
Here is example where output will tell if its 32/64bit file and with kind of
file type it is relocatable/executable/shared/core elf.
-```
+```text
0x0-0x3
"magic number"
0x4
@@ -43,7 +43,7 @@ file type it is relocatable/executable/shared/core elf.
just make should work
-```
+```sh
make
```
@@ -52,13 +52,13 @@ should work fine as ragel generated *.c file is allready included
## Source
-```
+```sh
git clone http://git.main.lv/cgit.cgi/dm.git
```
or
-```
+```sh
git clone https://github.com/FreeArtMan/dm.git
```
diff --git a/md/writeup/devices/samsung_xe303c12.md b/md/writeup/devices/samsung_xe303c12.md
index 12d260e..c61147c 100644
--- a/md/writeup/devices/samsung_xe303c12.md
+++ b/md/writeup/devices/samsung_xe303c12.md
@@ -41,7 +41,7 @@ you boot, or wait 30 seconds to continue booting.
2. Type shell to get into a bash shell.
3. Type sudo su to become root.
4. Then type this to enable USB booting:
-```
+```text
crossystem dev_boot_usb=1 dev_boot_signed_only=0
```
5. Reboot the system to allow the change to take effect.
@@ -52,11 +52,11 @@ These instructions are written for installing to a USB drive with the sda device
1. Get a root shell as described in the previous section.
2. Since ChromeOS will automatically mount any partitions it finds, unmount everything now:
-```
+```sh
umount /dev/sda*
```
3. Start fdisk to create a GPT partition table:
-```
+```sh
fdisk /dev/sda
```
4. At the fdisk prompt:
@@ -64,12 +64,12 @@ fdisk /dev/sda
4.2. Write the partition table and exit by typing w.
5. Partition the micro SD card:
-```
+```sh
cgpt create /dev/sda
cgpt add -i 1 -t kernel -b 8192 -s 32768 -l Kernel -S 1 -T 5 -P 10 /dev/sda
```
6. To create the rootfs partition, we first need to calculate how big to make the partition using information from cgpt show. Look for the number under the start column for Sec GPT table which is 15633375 in this example:
-```
+```text
localhost / # cgpt show /dev/sda
start size part contents
0 1 PMBR
@@ -83,19 +83,19 @@ cgpt add -i 1 -t kernel -b 8192 -s 32768 -l Kernel -S 1 -T 5 -P 10 /dev/sda
15633407 1 Sec GPT header
```
7. Replace the xxxxx string in the following command with that number to create the root partition:
-```
+```sh
cgpt add -i 2 -t data -b 40960 -s `expr xxxxx - 40960` -l Root /dev/sda
```
8. Tell the system to refresh what it knows about the disk partitions:
-```
+```sh
sfdisk -R /dev/sda
```
9. Format the root partition:
-```
+```sh
mkfs.ext4 /dev/sda2
```
10. Download and extract rootfs tarball:
-```
+```sh
cd /tmp
wget http://archlinuxarm.org/os/ArchLinuxARM-peach-latest.tar.gz
mkdir root
@@ -103,18 +103,18 @@ mount /dev/sda2 root
tar -xf ArchLinuxARM-peach-latest.tar.gz -C root
```
11. Flash the kernel to the kernel partition:
-```
+```sh
dd if=root/boot/vmlinux.kpart of=/dev/sda1
```
12. Unmount the root partition:
-```
+```sh
umount root
sync
```
13. Reboot the computer.
14. At the splash screen, instead of pressing Ctrl-D to go to CromeOS, press Ctrl-U to boot to the external drive.
15. After logging in as root (password is "root"), you can connect to a wireless network by running:
-```
+```sh
wifi-menu
```
diff --git a/md/writeup/dsp_lp_filter.md b/md/writeup/dsp_lp_filter.md
index 856c44b..e54b73a 100644
--- a/md/writeup/dsp_lp_filter.md
+++ b/md/writeup/dsp_lp_filter.md
@@ -17,13 +17,13 @@ If you just use filter as a function then main params is how good are your filte
### Draw first filter characteristics
-```
+```matlab
fir1([filter order],[cutoff freq])
```
Draw in Octave simple 40th order filter, as in Octave example
-```
+```matlab
freqz (fir1 (40, 0.3));
```
@@ -48,7 +48,7 @@ Let's create some signal from couple of frequencies, like
![source signal fft](/img/dsp_lp_filter/signal_pre_fft.png)
__Programm__
-```
+```matlab
Fs = 2000;
t = 0:1/Fs:1-1/Fs;
@@ -77,7 +77,7 @@ Lets filter out with cut-off frequency 1000kHz. Should get rid of
![output signal fft](/img/dsp_lp_filter/signal_post_fft.png)
-```
+```matlab
%filter
%sampling frequency
Fs = length(x);
@@ -222,7 +222,7 @@ int main(int argc, char **argv)
## Using program
-```
+```bash
./lpf1 1.0 0.0 0.0 0.0 0.0
-0.004438 -0.004184 0.013018 0.074663 0.172021
```
diff --git a/md/writeup/elf_rewrite_function.md b/md/writeup/elf_rewrite_function.md
index b507213..9cc29c1 100644
--- a/md/writeup/elf_rewrite_function.md
+++ b/md/writeup/elf_rewrite_function.md
@@ -31,7 +31,7 @@ position detection function. If there would be data that will used
in replaced function than need detect position of that data. For
example we will use
-```
+```asm
mov eax, sys_call ;we will use SYS_WRITE = 5
mov ebx, output_id ; output on terminal is STDOUT 1
mov ecx, pointer_to_msg
@@ -41,14 +41,14 @@ int 80h
if this was ordinary situation then define:
-```
+```asm
msg db "Hello",10
msg_size = $-msg
```
and our code becomes
-```
+```asm
mov eax, SYS_WRITE
mov ebx, STDOUT
mov ecx, msg
@@ -60,13 +60,13 @@ but how to know position of msg if you dont know position where
function will placed?Use function get_it and you will know current
instruction position. And it will next instruction after
-```
+```asm
call get_ip
```
Our code becomes
-```
+```asm
call get_ip ;calling and detecting eip
saved_ip: ;position that will be saved
jmp get_ip_end ;jump over function
@@ -93,7 +93,7 @@ hex 0x90 translates in nop instruction.
nop is No OPeration instruction.
And function does nothing.Function fun() contains
-```
+```asm
push ebp
mov ebp, esp
start_overwrite_here:
@@ -113,7 +113,7 @@ on function size that way when overwriting can be problems if binary
code size is larger then function size.Start function overwriting at
position (&fun+3) with memcpy()
-```
+```asm
push ebp
mov ebp, esp
start_overwrite_here:
@@ -129,7 +129,7 @@ ret
Wuala function after enabling segment can be overwritten. Here is
used previous experienced we have mega trick with function replacement.
Compile:
-```
+```sh
make
```
diff --git a/md/writeup/elf_text_section.md b/md/writeup/elf_text_section.md
index 60b8d58..a35c423 100644
--- a/md/writeup/elf_text_section.md
+++ b/md/writeup/elf_text_section.md
@@ -23,11 +23,11 @@ Code:
Source includes two tests for both functions.I have not tested both
functions very whell. That whay there can be some error.I have used
used that for proving concept. And have checked result with
-```
+```sh
test1
```
and
-```
+```sh
readelf -l simple
```
diff --git a/md/writeup/embedding_lua_in_c.md b/md/writeup/embedding_lua_in_c.md
index ee875ae..7dea533 100644
--- a/md/writeup/embedding_lua_in_c.md
+++ b/md/writeup/embedding_lua_in_c.md
@@ -58,7 +58,7 @@ int module_getone(lua_State *L)
and easy to compile if needed.
-```
+```sh
gcc -c module.c
gcc module.o main.c -o main -llua
```
diff --git a/md/writeup/fpu_catch_division_by_zero.md b/md/writeup/fpu_catch_division_by_zero.md
index a27cd75..417abc2 100644
--- a/md/writeup/fpu_catch_division_by_zero.md
+++ b/md/writeup/fpu_catch_division_by_zero.md
@@ -44,7 +44,7 @@ void exception_handler(int i, siginfo_t *s, void *v )
```
Compilation is easy:
-```
+```sh
gcc sigfpe.c -o sigfpe -lm
```
Now it will no so big problem when some error occur to properly exit
diff --git a/md/writeup/gcc_inline_assembly.md b/md/writeup/gcc_inline_assembly.md
index 06db7dd..808268c 100644
--- a/md/writeup/gcc_inline_assembly.md
+++ b/md/writeup/gcc_inline_assembly.md
@@ -8,7 +8,7 @@ it lets do it here for wisdom of internet.
## Inline assembly syntax
-```
+```c
asm [volatile] (
AssemblerTemplate
: OutputOperands
@@ -101,7 +101,7 @@ Table of AMD64 register names
### AMD64 Add two numbers
-```
+```c
int32_t a=1,b=2,c=-1;
asm(
"movl %1, %0\n\t"
@@ -114,12 +114,12 @@ __a__,__b__ - use regisers and save result __c__ to register,
make to use for __c__ same register by mentioning "0" in clobber register
__Output__
-```
+```text
movl %edx, %edx
addl %ecx, %edx
```
-```
+```c
int32_t a=1,b=2,c=-1;
asm(
"movl %1, %0\n\t"
@@ -130,14 +130,14 @@ asm(
```
__Output__
-```
+```text
movl -4(%rbp), %edx
addl -8(%rbp), %edx
```
### AMD64 Call linux syscall mmap with inline asm
-```
+```c
long sys_mmap(unsigned long addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long fd, unsigned long off)
{
long ret;
@@ -159,7 +159,7 @@ Put result of execution to __ret__, all paramters in memory
### Intel random number with RDRAND
-```
+```c
uint64_t get_hw_rand()
{
uint64_t ret;
@@ -189,7 +189,7 @@ uint64_t get_hw_rand()
Inline assembler for GCC by default uses AT&T syntax. There is possible to turn on/off intel syntax.
-```
+```c
asm(".intel_syntax noprefix");
asm("mov eax, 1");
asm(".att_syntax prefix");
diff --git a/md/writeup/h64e.md b/md/writeup/h64e.md
index 6b6c320..a74a132 100644
--- a/md/writeup/h64e.md
+++ b/md/writeup/h64e.md
@@ -22,7 +22,7 @@ more stuff will be added if there will be some nice use cases.
### Usual dump
-```
+```sh
./h64d -l 16 /dev/urandom
```
<pre>
@@ -31,7 +31,7 @@ a8af99260cce4d51e725b0471b7f3766
### Ascii and hexdata
-```
+```text
./h64d -l 128 -a /dev/urandom
```
<pre>
@@ -47,7 +47,7 @@ fd9d74b944c885ac5c3b5f7df9320d83..t.D...\;_}.2..
### Hex seperated
-```
+```sh
./h64d -l 128 -i /dev/urandom
```
@@ -64,7 +64,7 @@ c5 79 fc 96 d0 41 f9 4c 00 18 1b ea 5a a6 2f 1c
### Seperated hex and characters
-```
+```sh
./h64d -l 128 -a -i /dev/urandom
```
<pre>
@@ -80,7 +80,7 @@ db cb 4d 17 a6 16 99 a7 51 b2 b8 3d 14 c7 aa 71 ..M.....Q..=...q
### Offset,hex,ascii output
-```
+```sh
./h64d -l 128 -b -i -a /dev/urandom
```
<pre>
@@ -103,7 +103,7 @@ db cb 4d 17 a6 16 99 a7 51 b2 b8 3d 14 c7 aa 71 ..M.....Q..=...q
## Source
-```
+```sh
git clone http://git.main.lv/cgit.cgi/h64.git
```
@@ -111,7 +111,7 @@ git clone http://git.main.lv/cgit.cgi/h64.git
just
-```
+```sh
make
```
diff --git a/md/writeup/hooking_interrupt_descriptor_table.md b/md/writeup/hooking_interrupt_descriptor_table.md
index a1c8349..0704da2 100644
--- a/md/writeup/hooking_interrupt_descriptor_table.md
+++ b/md/writeup/hooking_interrupt_descriptor_table.md
@@ -1,8 +1,7 @@
title:X11 prototype GUI
keywords:x11,gui
-Hooking interrupt descriptor table
-Hook interrupt descriptor table
+# Hooking interrupt descriptor table
Hooking interrupt table is very interesting thing
with it you can dissallow some operations to be made or watch what
@@ -104,8 +103,8 @@ This is tested with kernel version 2.6.38
## Links
-http://codenull.net/articles/kmh_en.html
-http://www.gadgetweb.de/linux/40-how-to-hijacking-the-syscall-table-on-latest-26x-kernel-systems.html
+1. http://codenull.net/articles/kmh_en.html
+2. http://www.gadgetweb.de/linux/40-how-to-hijacking-the-syscall-table-on-latest-26x-kernel-systems.html
## Downloads
hook_idt.zip -
diff --git a/md/writeup/ihe.md b/md/writeup/ihe.md
index 1bce43f..fa647f5 100644
--- a/md/writeup/ihe.md
+++ b/md/writeup/ihe.md
@@ -27,6 +27,8 @@ Should be easy to use in practice. But not yet.
| *pwd* | like pwd |
| *cd* | like cd |
| *help* | show avaliable commands |
+| *pageup* | move one file block up |
+| *pagedown* | move one file block down |
## Features
diff --git a/md/writeup/kconf2h.md b/md/writeup/kconf2h.md
index a90ee04..d8ae040 100644
--- a/md/writeup/kconf2h.md
+++ b/md/writeup/kconf2h.md
@@ -50,13 +50,13 @@ doesnt support anything else except yes/no
## Source
-```
+```sh
git clone http://git.main.lv/cgit.cgi/kconfig2h.git
```
or
-```
+```sh
git clone https://github.com/FreeArtMan/kconfig2h.git
```
@@ -64,7 +64,7 @@ git clone https://github.com/FreeArtMan/kconfig2h.git
just
-```
+```sh
make
```
diff --git a/md/writeup/kconfig2h_utility.md b/md/writeup/kconfig2h_utility.md
index 11db1fe..b637670 100644
--- a/md/writeup/kconfig2h_utility.md
+++ b/md/writeup/kconfig2h_utility.md
@@ -8,7 +8,7 @@ with kconfig utility mconf. Developed to use "make menuconfig" with home
projects. Using ragel to generate parser of Kconfig file.
## USE:
-```
+```sh
./kconfig .config config.h
```
diff --git a/md/writeup/kernel_debug_messages.md b/md/writeup/kernel_debug_messages.md
index 02b6fe8..1ff8854 100644
--- a/md/writeup/kernel_debug_messages.md
+++ b/md/writeup/kernel_debug_messages.md
@@ -30,7 +30,7 @@ Here is defintions of log levels from __include/linux/kern_levels.h__
As we can see kernel printk level is detemined from first bytes from begining of
printed string. Basic usage of log level
-```
+```c
printk(KERN_ERR"Error division by 0\n");
```
@@ -40,11 +40,11 @@ No need to write comma after log level as it will just concatenated with string.
## Set loging level
To see messages in userspace you can use
-```
+```sh
dmesg
```
Loged messages you can see in __/proc/sys/kernel/printk__
-```
+```sh
$ cat /proc/sys/kernel/printk
7 4 1 7
```
@@ -56,7 +56,7 @@ Column values are
If one does not specify the log level then the default log level of KERN_WARNING is used. For example, enable all levels of console message:
-```
+```sh
echo 7 > /proc/sys/kernel/printk
```
@@ -70,13 +70,13 @@ Timing information could be added to printk messages you need to enable in
menuconfig
__Kernel Hacking > printk and dmesg options >__
-```
+```sh
CONFIG_PRINTK_TIME=y
```
### Loglevel at kernel boot
There is possible to set loglevel at bootup as kernel parametr
-```
+```sh
loglevel=
```
| Value | Name | Desc |
diff --git a/md/writeup/kernel_dev_hwrng.md b/md/writeup/kernel_dev_hwrng.md
index d632652..5c43b92 100644
--- a/md/writeup/kernel_dev_hwrng.md
+++ b/md/writeup/kernel_dev_hwrng.md
@@ -24,20 +24,20 @@ builtin random generator and instruction __rdrand__.
Hardware random generator have own entry inside sysfs lets check
_/sys/class/misc/hw_random/
-```
+```bash
$ls /sys/class/misc/hw_random/
dev power rng_available rng_current subsystem uevent
```
Check available hwrng modules
-```
+```bash
$cat /sys/class/misc/hw_random/rng_available
zero-rng
```
Check currently running hwrng module
-```
+```bash
$cat /sys/class/misc/hw_random/rng_current
zero-rng
```
@@ -56,7 +56,7 @@ $cat /dev/urandom | rngtest -t 5
```
_Program output_
-```
+```sh
rngtest: starting FIPS tests...
rngtest: bits received from input: 462500032
rngtest: FIPS 140-2 successes: 23108
@@ -161,19 +161,19 @@ MODULE_AUTHOR("Internet User");
Rng module depends on rng-core module
-```
+```sh
modprobe rng-core
```
then load our module
-```
+```sh
insmode zero_rng.ko
```
check if everything is properly loaded
-```
+```sh
$lsmod | grep rng
zero_hwrng 16384 0
rng_core 16384 1 zero_hwrng
@@ -183,7 +183,7 @@ rng_core 16384 1 zero_hwrng
Lets test how our stuff works
-```
+```sh
$ dd if=/dev/hwrng of=/tmp/random bs=1024 count=32
32+0 records in
32+0 records out
@@ -195,7 +195,7 @@ $ hexdump /tmp/random
```
As we can see all data that we get is just zeros lets check it with rng-tools
-```
+```sh
$ cat /tmp/random | rngtest -t 5
rngtest 5
Copyright (c) 2004 by Henrique de Moraes Holschuh
@@ -224,7 +224,7 @@ Lets assume that we are running this code on Intel arch and it supports
_rdrand_ instruction for random generation.
-```
+```c
void get_hw_rand2(uint8_t *mem)
{
int i=0;
@@ -237,7 +237,7 @@ void get_hw_rand2(uint8_t *mem)
Lets replace intel_rng_read function with our naive implementation of _rdrand_
-```
+```c
static int intel_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
{
int i;
@@ -264,27 +264,27 @@ static int intel_rng_read(struct hwrng *rng, void *data, size_t max, bool wait)
Verify that our module loaded
-```
+```sh
$ cat /sys/class/misc/hw_random/rng_available
zero-rng intel-rng
```
Check with module are currently used
-```
+```sh
$ cat /sys/class/misc/hw_random/rng_current
zero-rng
```
if not our module set lets set it
-```
+```sh
$ echo "intel-rng" > /sys/class/misc/hw_random/rng_current
```
check if its current module used
-```
+```sh
$ cat /sys/class/misc/hw_random/rng_current
intel-rng
```
diff --git a/md/writeup/kernel_hello_world.md b/md/writeup/kernel_hello_world.md
index f85af45..5f1e7e6 100644
--- a/md/writeup/kernel_hello_world.md
+++ b/md/writeup/kernel_hello_world.md
@@ -8,7 +8,7 @@ Compile minimal linux kernel module.
You need to create to files __Makefile__ and __hello_world.c__.
__Makefile__
-```
+```Makefile
obj-m += hello_world.o
KDIR ?= /lib/modules/$(shell uname -r)/build
@@ -22,7 +22,7 @@ clean:
__hello_world.c__
-```
+```c
//http://www.tldp.org/LDP/lkmpg/2.4/html/c147.htm
#include <linux/module.h> /* Needed by all modules */
#include <linux/kernel.h>
@@ -46,10 +46,10 @@ MODULE_LICENSE("GPL");
-##Compile
+## Compile
Now if you havent done so ... install kernel headers of kernel that your system have now. And everything should be there.
-```
+```sh
make
```
diff --git a/md/writeup/linux_antidebug_5.md b/md/writeup/linux_antidebug_5.md
index fc71e6e..f4007ac 100644
--- a/md/writeup/linux_antidebug_5.md
+++ b/md/writeup/linux_antidebug_5.md
@@ -46,7 +46,7 @@ twice of average 120000 if execution time is larger then
probably it is debuged.
## Compile
-```
+```sh
make
```
diff --git a/md/writeup/linux_format_string_attack.md b/md/writeup/linux_format_string_attack.md
index cbffe87..2a289e1 100644
--- a/md/writeup/linux_format_string_attack.md
+++ b/md/writeup/linux_format_string_attack.md
@@ -6,7 +6,7 @@ Format string attack is attack for C formated strings. Format string
function is prinrf() there are other functions that
support format string.C code for bad used printf():
-```
+```c
int main( int argc, char **argv )
{
static int i = 0;
@@ -26,12 +26,12 @@ then watching value if i
Run:
-```
+```sh
./e1 'Halolo'
```
Output:
-```
+```text
08049674
No way it never will works because value of i=0
Halolo
@@ -39,7 +39,7 @@ Value of i=0
```
Run:
-```
+```sh
./e1 'Halolo%s'
```
@@ -51,12 +51,12 @@ Value of i=0
```
Run:
-```
+```sh
./e1 $'\x74\x96\x04\x08_%x'
```
Output:
-```
+```text
08049674
No way it never will works because value of i=0
t?_0
@@ -66,13 +66,13 @@ Value of i=0
Read about %n in format string:
Run:
-```
+```sh
./e1 $'\x74\x96\x04\x08_%x_%n'
```
Output:
-```
+```text
08049674
No way it never will works because value of i=0
Segmentation fault
@@ -80,12 +80,12 @@ Segmentation fault
Run:
-```
+```sh
./e1 $'\x74\x96\x04\x08_%x_%x_%x_%x_%x_%n'
```
Output:
-```
+```text
08049674
No way it never will works because value of i=0
t?_0_8_40_4_4_
@@ -94,12 +94,12 @@ Value of i=16
Run:
-```
+```sh
./e1 $'\x74\x96\x04\x08_%x_%x_%x_%x_%.1201x_%n'
```
Output:
-```
+```text
08049674
No way it never will works because value of i=0
t?_0_8_40_4_000000000000000000000000000000000000000000000000000000000000000000000000000000
diff --git a/md/writeup/linux_local_descriptor_table.md b/md/writeup/linux_local_descriptor_table.md
index 5a8c571..b3dc8f1 100644
--- a/md/writeup/linux_local_descriptor_table.md
+++ b/md/writeup/linux_local_descriptor_table.md
@@ -6,7 +6,7 @@ Is 32bit Intel ELF 0x80**** adreeses is default? nope. You can setup
your own. Compiler will not see thembut you can do it.
Setup LDT and you will see it.
-```
+```asm
use32
mov dword [0] ,"Hall"
mov dword [4] ,"Ball"
@@ -16,7 +16,7 @@ mov dword [12],0x00000000
yes everything starts from 0x0
-```
+```c
#include <stdlib.h>
#include <stdio.h>
@@ -70,12 +70,12 @@ int main()
}
```
-```
+```c
asm(".byte ... ") // is code.bin
```
Compile:
-```
+```sh
fasm code.asm code.bin
gcc main.c -o main
diff --git a/md/writeup/linux_shellcode.md b/md/writeup/linux_shellcode.md
index 083a817..ee582f0 100644
--- a/md/writeup/linux_shellcode.md
+++ b/md/writeup/linux_shellcode.md
@@ -13,12 +13,12 @@ xor ebx, ebx
int 80h
```
-```
+```sh
fasm code.asm code.bin
```
bin2hex output:
-```
+```text
\x31\xc0\x40\x31\xdb\xcd\x80
```
@@ -34,11 +34,11 @@ int main()
printf("Nope it not working\n");
}
```
-```
+```sh
gcc main.c -o main
```
run
-```
+```sh
./main
```
nothing happens. That exactly that code do exits from programm
diff --git a/md/writeup/makefile_tips.md b/md/writeup/makefile_tips.md
index eee99a1..e9c8077 100644
--- a/md/writeup/makefile_tips.md
+++ b/md/writeup/makefile_tips.md
@@ -5,7 +5,7 @@ keywords:makefile
Makefile working tips. Usual simple makefile
looks like this:
-```
+```Makefile
make:
gcc main.c -o main
```
@@ -13,7 +13,7 @@ make:
but when your project grows and you use more files it becomes
like this:
-```
+```Makefile
make:
gcc -O2 -c file1.c
gcc -O2 -c file2.c
@@ -31,7 +31,7 @@ makefile and it works.
Usually everyone prefer one compiler. And time to time only
check if code compiles with other compilers.
-```
+```Makefile
CC=gcc
make:
$(CC) -O2 -c file1.c
@@ -44,7 +44,7 @@ make:
Every project have unique name and you also would like
to change it if there is need.
-```
+```Makefile
PROJECT=project
CC=gcc
make:
@@ -58,7 +58,7 @@ make:
Usual problem is when some compiling flags causes problems
and you need to change every single entry in file.
-```
+```Makefile
PROJECT=project
CC=gcc
CFLAGS=-O2
@@ -81,7 +81,7 @@ at least 2 lined in makefile.
One of they ways how to reduce number of files edited is to add
new variable where all files is listed:
-```
+```Makefile
PROJECT=project
CC=gcc
CFLAGS=-O2
@@ -103,7 +103,7 @@ Here was added file auto-matching for *.c files to make them *.o
Last thing to add is auto match all *.c in directory.
-```
+```Makefile
PROJECT=project
CC=gcc
CFLAGS=-O2
@@ -123,7 +123,7 @@ Now project makefile can be easily copied and with
changing only one variable value everything should be OK
To run any makefile:
-```
+```sh
make -f makefile_name.mk
```
diff --git a/md/writeup/making_c_executables_smaller.md b/md/writeup/making_c_executables_smaller.md
index 1fb5341..6b50516 100644
--- a/md/writeup/making_c_executables_smaller.md
+++ b/md/writeup/making_c_executables_smaller.md
@@ -27,13 +27,13 @@ int main()
```
Compile:
-```
+```sh
gcc main.c -o main -lSDL
```
Size before: 5326 bytes
Execute command:
-```
+```sh
strip main
```
@@ -50,7 +50,7 @@ ELF kickers[2] webpage.
Execute command:
-```
+```bash
sstrip main
```
@@ -62,7 +62,7 @@ GC Masher[3] Allows to
brute force gcc options for smaller executable size.
I where using this options for gcsmaher
-```
+```text
-O -O0 -O1 -O2 -O3 -Os
-ffast-math
-fomit-frame-pointer
@@ -96,7 +96,7 @@ a=/tmp/I;tail -n+2 $0|zcat>$a;chmod +x $a;$a;rm $a;exit
Best options and smallest size now is 563 byte. Nope this is not smallest size try to rename executable name to one symbol and you will get 4 extra bytes.
-```
+```bash
gcc -Os -ffast-math -fomit-frame-pointer
-fauto-inc-dec -mpush-args -mno-red-zone -c small.c;
ld -dynamic-linker /lib/ld-linux.so.2 small.o /usr/lib/libSDL.so -o small;
diff --git a/md/writeup/multiboot_usb_drive.md b/md/writeup/multiboot_usb_drive.md
index 9d0cb2e..9fa82bc 100644
--- a/md/writeup/multiboot_usb_drive.md
+++ b/md/writeup/multiboot_usb_drive.md
@@ -11,31 +11,31 @@ run any you need it will save you some time.
Using _fdisk_ to delete/create new partitions on USB drive
-```
+```sh
mkfs.vfat /dev/sdb1
```
mount drivet to current pc
-```
+```sh
mount /dev/sdb1 /mnt/flash0
```
create dire where will be grub files and grub menu config file
-```
+```sh
mkdir /mnt/flash0/boot
```
install grub, but you can install also 64bit grub if there is need
-```
+```sh
grub-install --target=i386-pc --recheck --boot-directory=/mnt/flash0/boot /dev/sdb
```
check with id have usb drive
-```
+```sh
blkid /dev/sdb1
/dev/sdb1: UUID="D49E-18CC" TYPE="vfat" PARTUUID="5f55bd3d-01"
```
@@ -45,7 +45,7 @@ blkid /dev/sdb1
Some manuals have outdatet filesystem layouts and there is need to investigate
current layout by hand. And you need to mount ISO files.
-```
+```sh
mount -o loop /home/fam/downloads/iso/ubuntu-14.04.3-desktop-i386.iso /mnt/flash0
```
@@ -60,7 +60,7 @@ your own compiled kernel
*boot/grub/grub.cfg*
-```
+```sh
## Begin /boot/grub/grub.cfg
set default=1
set timeout=5
diff --git a/md/writeup/openwrt_dependency_graph_drawing.md b/md/writeup/openwrt_dependency_graph_drawing.md
index 49a5b80..f36e418 100644
--- a/md/writeup/openwrt_dependency_graph_drawing.md
+++ b/md/writeup/openwrt_dependency_graph_drawing.md
@@ -15,7 +15,7 @@ system design.
*.ipk files are tar.gz archives and can be renamed as *.tar.gz and
opened with GUI or in terminal:
-```
+```sh
tar -xvf package.ipg
```
@@ -32,7 +32,7 @@ Here tree based on OpenWRT git commit of 24 May 2013
How to use script, first parametr of script is directory where is all
OpenWrt package files usualy it is under
-```
+```text
openwrt-trunk/
bin/
platform-name/
@@ -42,7 +42,7 @@ openwrt-trunk/
To use type
-```
+```sh
deptree.py system-path/openwrt-trunk/bin/platform-name/packages
```
@@ -50,14 +50,14 @@ deptree.py system-path/openwrt-trunk/bin/platform-name/packages
Output files comes in same directory where script where lunched
generated file name is:
-```
+```text
deptree.dot
```
now convert dot file to pdf, psd, png:
-```
+```sh
dot -Tps $(NAME).dot -o graph1.ps
dot -Tpdf $(NAME).dot -o graph1.pdf
dot -Tpng $(NAME).dot -o graph1.png
@@ -75,7 +75,7 @@ image is little bit cleaner
Rules with dependecies where removed:
-```
+```text
if (A depends on [B,C] and B depends on [C]) and
there is (edges A->B->C and A->C) then
dependency C can be removed from A
diff --git a/md/writeup/qemu_usage.md b/md/writeup/qemu_usage.md
index 97dbc09..3280cd2 100644
--- a/md/writeup/qemu_usage.md
+++ b/md/writeup/qemu_usage.md
@@ -16,19 +16,19 @@ qemu-system-i386 -cdrom _iso_image_ -boot order=d _qemu_image_
### Setting up memory
-```
+```bash
-m 512
```
### Setting up network card
-```
+```bash
-net nic
```
### Setting up tun device
-```
+```bash
brctl addbr tun0
iw dev wlp3s0 set 4addr on
brctl addif tun0 wlp3s0
diff --git a/md/writeup/radiola.md b/md/writeup/radiola.md
index 065f117..b0edc61 100644
--- a/md/writeup/radiola.md
+++ b/md/writeup/radiola.md
@@ -16,13 +16,13 @@ is possible to demodulate wbfm and listen to radio stations.
## Source
-```
+```sh
git clone http://git.main.lv/cgit.cgi/radiola.git
```
or
-```
+```sh
https://github.com/FreeArtMan/radiola.git
```
@@ -30,12 +30,12 @@ https://github.com/FreeArtMan/radiola.git
For Linux should work out of the box with NetBSD needed some small tweaks.
-```
+```sh
make
```
for NetBSD (or any other *BSD, MacOS could work as well) just try
-```
+```sh
make bsd
``` \ No newline at end of file
diff --git a/md/writeup/rtlsdr_usage.md b/md/writeup/rtlsdr_usage.md
index b6e0eed..70f00f7 100644
--- a/md/writeup/rtlsdr_usage.md
+++ b/md/writeup/rtlsdr_usage.md
@@ -2,6 +2,7 @@ title:Using RTLSDR
keywords:linux,rtlsdr,gqrx
# RTLSDR usage
+
## Setup rtlsdr
@@ -9,10 +10,10 @@ By rtlsdr usually call RTL2832U chip based tv-tunners which
can be used for not just receiving DVB-T frequencies but much more
and yes price is ~$10 it mean that anyone can just buy and try
without "loosing" money. None of examples below requires any modifications
-or extra hardware to run.
+or extra hardware to run.
-As of 2022 the version r820t2 that is commonly available.
+As of 2022 the version r820t2 that is commonly available.
### Get sources
@@ -22,27 +23,27 @@ on github you can find more repos with experimental
features (https://github.com/keenerd/rtl-sdr).
Getting sources from git:
-```
+```sh
git clone git://git.osmocom.org/rtl-sdr.git
```
I prefer using plain binaries without any kind of installation. Just
compile and use binary without any troubles.
Build:
```bash
- cmake .
- make
+cmake .
+make
```
All binaries is in src dir.
-Util | Desc
---- | ---
-_rtl_adsb_ | recieve plain ADSB plain packets
-_rtl_eeprom_ | read |
-_rtl_power_ | log power over frequency range
-_rtl_fm_ | demodulate signals
-_rtl_sdr_ | output raw rtlsdr data
-_rtl_tcp_ | remote rtlsdr server
-_rtl_test_ | test rtlsdr
+| Util | Desc |
+| --- | --- |
+| _rtl_adsb_ | recieve plain ADSB plain packets |
+| _rtl_eeprom_ | read |
+| _rtl_power_ | log power over frequency range |
+| _rtl_fm_ | demodulate signals |
+| _rtl_sdr_ | output raw rtlsdr data |
+| _rtl_tcp_ | remote rtlsdr server |
+| _rtl_test_ | test rtlsdr |
### Drivers
@@ -58,12 +59,12 @@ Check if rtlsdr related drivers is loaded:
```
If there is some drivers then blacklist driver by creating file
in */etc/modprobe.d/* with content:
-```
+```bash
blacklist dvb_usb_rtl28xxu
```
Next thing that could appear is permissions on rtlsdr usage when its plugged in.
To allow everyone to use create file in */etc/udev/rules.d/* with content:
-```
+```bash
SUBSYSTEM=="usb", ATTRS{idVendor}=="0bda", ATTRS{idProduct}=="2838", \
GROUP="adm", MODE="0666", SYMLINK+="rtl_sdr"
```
@@ -71,12 +72,12 @@ To allow everyone to use create file in */etc/udev/rules.d/* with content:
### Check if works
How to test if rtlsdr works? Run one of commands:
-```
+```sh
rtl_test
```
I like to run rtl_adsb as you can see there that something is received and
you see that everything "works":
-```
+```sh
rtl_adsb
```
@@ -135,7 +136,7 @@ Using in interactive mode with height in meters:
```
Output:
-```
+```text
Hex Flight Altitude Speed Lat Lon Track Messages Seen .
------------------------------------------------------------------------------
71be01 10052 1009 36.434 33.544 45 9 1 sec
@@ -185,7 +186,7 @@ other devices.
https://github.com/merbanan/rtl_433
-```
+```sh
rtl_433
```
diff --git a/md/writeup/running_disk_images_in_qemu.md b/md/writeup/running_disk_images_in_qemu.md
index 3a7c4ea..998ec33 100644
--- a/md/writeup/running_disk_images_in_qemu.md
+++ b/md/writeup/running_disk_images_in_qemu.md
@@ -16,28 +16,28 @@ are missing and if needed test your software.
### Download image
Download raspi debian kernel
-```
+```bash
wget -c https://github.com/dhruvvyas90/qemu-rpi-kernel/raw/master/kernel-qemu-4.4.34-jessie
```
Download image
-```
+```bash
wget -c https://downloads.raspberrypi.org/raspbian_lite/images/raspbian_lite-2017-08-17/2017-08-16-raspbian-stretch-lite.zip
unzip 2017-08-16-raspbian-stretch-lite.zip
```
QEMU is using their own file image format lets concert img to qcow2
-```
+```bash
qemu-img convert -f raw -O qcow2 2017-08-16-raspbian-stretch-lite.img raspbian-stretch-lite.qcow
```
Set network on local machine tun0 that will used by qemu to
-```
+```bash
brctl addbr tun0
brctl addif tun0 enp0s25
```
Start qemu with raspi4 image
-````
+```bash
qemu-system-arm \
-kernel ./kernel-qemu-4.4.34-jessie \
-append "root=/dev/sda2 panic=1 rootfstype=ext4 rw" \
@@ -51,13 +51,13 @@ qemu-system-arm \
Login to raspi prompt
-```
+```bash
Username: pi
Password: raspberry
```
Getting cursor back
-```
+```bash
Ctrl+Alt+g
```
@@ -70,7 +70,7 @@ Be careful its your responsibility what you type in terminal.
Create image 128MB in size, with 2 partitions ext2 and ext4, install grub2.
-```
+```bash
dd if=/dev/zero of=disk.img bs=1048576 count=128
parted --script disk.img mklabel msdos mkpart p ext2 1 64 mkpart p ext4 64 128 set 1 boot on
@@ -93,7 +93,7 @@ kpartx -d disk.img
Installing grub
-```
+```bash
grub-install --target=i386-pc --recheck --no-floppy --root-directory=/mnt/disk0 --modules="biosdisk part_msdos ext2 configfile normal multiboot" /dev/loop0
```
@@ -158,12 +158,12 @@ Here is example how to resize image to bigger size and still be able to run it o
qemu.
Main step that is may harm is fdisk, save disk layout with
-```
+```bash
fdisk -l of=raspbian-stretch-lite-20gb.img
```
and use it for later reference when partition will be resized.
-```
+```bash
dd if=2017-08-16-raspbian-stretch-lite.img of=raspbian-stretch-lite-20gb.img seek=0 conv=notrunc
fdisk -l raspbian-stretch-lite-20gb.img
#use here fdisk to resize partiions
diff --git a/md/writeup/scan_memory_for_variable.md b/md/writeup/scan_memory_for_variable.md
index c3903db..f50c229 100644
--- a/md/writeup/scan_memory_for_variable.md
+++ b/md/writeup/scan_memory_for_variable.md
@@ -43,18 +43,18 @@ find tmp and secret_dw.
compile example with
-``
+```bash
make
-``
+```
and run
-```
+```bash
./example
```
And in parallel run
-```
+```bash
$ scanmem `pidof example`
scanmem version 0.11
Copyright (C) 2009,2010 Tavis Ormandy, Eli Dupree, WANG Lu
@@ -74,12 +74,12 @@ As we searching 4 byte value of uint we defining it by setting up option
Now we ready to start our game. At beginning we know our secret_dw value it is 1000 but we will not use it.
Type 1 in example
-```
+```text
secret_dw was 1000
```
in scanmem
-```
+```text
0> 1
info: 01/05 searching 0x8049000 - 0x804a000...........ok
info: 02/05 searching 0xb763d000 - 0xb763e000...........ok
@@ -96,7 +96,7 @@ secret_dw was 1
in scanmem
-```
+```text
58> 1000
..........info: we currently have 2 matches.
```
@@ -105,7 +105,7 @@ only 2 now
scanmem has also many built in commands you can see them when type help.
One of them is 'list'. Use it.
-```
+```text
2> list
[ 0] 0x8049680, 1000, [I32 ]
[ 1] 0xbf9f2dd8, 1000, [I32 ]
@@ -114,7 +114,7 @@ One of them is 'list'. Use it.
Here is list of matched variables. Number,address,value,size. By address we see that
our variable is with number 0.
-```
+```text
2> set 0=999
info: setting *0x8049680 to 0x3e7...
2> list
diff --git a/md/writeup/serial_gps_data_reading_utility.md b/md/writeup/serial_gps_data_reading_utility.md
index b3d233f..289c610 100644
--- a/md/writeup/serial_gps_data_reading_utility.md
+++ b/md/writeup/serial_gps_data_reading_utility.md
@@ -11,20 +11,20 @@ and outputs line by line recieved data.
When device connected ther could be that is not in NMEA mode
it could be switched with:
-```
+```sh
gpsctl -n /dev/ttyUSB0
```
Then you can connect with it with some serial terminal(dont forget baudrate
could be 4800 or 9600):
-```
+```sh
minicom -D /dev/ttyUSB0
```
Now we can use our gpsr utility
-```
+```sh
./gpsr -d /dev/ttyUSB0 -c 0
./gpsr -d /dev/ttyACM0 -c 1
```
@@ -32,7 +32,7 @@ Now we can use our gpsr utility
NMEA format is csv like and it easyly can be used from shell. Here is
exmple how it looks:
-```
+```text
$GPRMC,123519,A,4807.038,N,01131.000,E,022.4,084.4,230394,003.1,W*6A
```
@@ -50,7 +50,7 @@ A Status A=active or V=Void.
Get time from GPS
-```
+```sh
./gpsr -d /dev/ttyUSB0 -c 100 | stdbuf -o0 grep -w "GPRMC" | cut -d',' -f2
```
@@ -62,9 +62,9 @@ I have tested everything with GPS devices BU-353 and with
some device that havenot any visual marks but have chip
from u-blox manufacturer.
-## COMPILE:
+## COMPILE
-```
+```sh
gcc buf.c -c
gcc serial_tty.c -c
gcc serial_tty.o buf.o gpsr.c -o gpsr
diff --git a/md/writeup/swift_ocr_example.md b/md/writeup/swift_ocr_example.md
index ba45828..0e49164 100644
--- a/md/writeup/swift_ocr_example.md
+++ b/md/writeup/swift_ocr_example.md
@@ -16,7 +16,7 @@ The whole working prototype can fit just in few lines of code. All you need to c
is text recognition requester and handle that collect results. There is few example on
apple doc page.
-```siwft
+```swift
func recognizeImageUrl(_ url:URL, _ error: Error?) {
var pieces:[TextPiece] = []
var err:NSError?
diff --git a/md/writeup/using_iptables.md b/md/writeup/using_iptables.md
index 74b073b..9185354 100644
--- a/md/writeup/using_iptables.md
+++ b/md/writeup/using_iptables.md
@@ -114,13 +114,13 @@ the __PREROUTING__ and __OUTPUT__ chains of the nat table.
### List all rulles
-```
+```sh
iptables -L
```
List iptables rulles with extra output that could be usefull
-```
+```sh
iptables -nL -v --line-numbers
```
@@ -128,12 +128,12 @@ iptables -nL -v --line-numbers
To delete specific rulle run
-```
+```sh
iptables -nL -v --line-numbers
```
search for chain and rulle number and delete it with next line
-```
+```sh
iptables -D [chain_name] [line_number]
```
@@ -141,19 +141,19 @@ iptables -D [chain_name] [line_number]
Save iptable rulles to file
-```
+```sh
iptables-save > /tmp/cool.rulles
```
Load rulles from file
-```
+```sh
iptables-restore < /tmp/cool.rules
```
### Remove chain
-```
+```sh
iptales -X chain_name
```
@@ -161,7 +161,7 @@ iptales -X chain_name
Createing chain where ping related rules will be located
-```
+```sh
iptables -N ping_in
iptables -t filter -A INPUT -j ping_in
iptables -N ping_out
@@ -170,7 +170,7 @@ iptables -t filter -A OUTPUT -j ping_out
After creating chains output looks like
-```
+```sh
Chain INPUT (policy ACCEPT)
target prot opt source destination
ping_in all -- anywhere anywhere
@@ -194,7 +194,7 @@ target prot opt source destination
Lets block if someone tryes to ping us, juct block usual ping echo request,
not blocking ICMP protocol as such.
-```
+```sh
iptables -A ping_in -p icmp --icmp-type echo-request -j REJECT
iptables -A ping_out -p icmp --icmp-type echo-reply -j DROP
```
@@ -203,7 +203,7 @@ iptables -A ping_out -p icmp --icmp-type echo-reply -j DROP
If dont whant to use ping, or dont whant that other use pinging
-```
+```sh
iptables -A ping_out -p icmp --icmp-type echo-request -j DROP
iptables -A ping_in -p icmp --icmp-type echo-reply -j DROP
```
@@ -212,13 +212,13 @@ iptables -A ping_in -p icmp --icmp-type echo-reply -j DROP
Forward ports
-```
+```sh
iptables -t nat -A PREROUTING -p tcp --dport <incoming-port> -j REDIRECT --to-port <destination-port>
```
Forward port to different ip
-```
+```sh
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.0.5:8080
```
@@ -227,17 +227,17 @@ iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168
Check if ip forwarding is set
-```
+```sh
cat /proc/sys/net/ipv4/ip_forward
```
if _0_ then not, set to _1_
-```
+```sh
echo 1 > /proc/sys/net/ipv4/ip_forward
```
-```
+```sh
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 216.58.213.174:80
iptables -t nat -A POSTROUTING -j MASQUERADE
```
@@ -246,7 +246,7 @@ iptables -t nat -A POSTROUTING -j MASQUERADE
Usefull command to see with ports are used and programm that are using
-```
+```sh
netstat -tulpn
```
@@ -268,7 +268,7 @@ If there is some unwanted service running, or you dont whant in future that
it trying to make some connection without your allowance. Lets block port as
such.
-```
+```sh
iptables -A INPUT -p tcp --dport 25 -j DROP
iptables -A INPUT -p udp --dport 25 -j DROP
```
@@ -278,7 +278,7 @@ iptables -A INPUT -p udp --dport 25 -j DROP
#### Incoming ip
Lets block just incoming ip
-```
+```sh
iptables -A INPUT -s 8.8.8.8 -j DROP
```
@@ -286,7 +286,7 @@ iptables -A INPUT -s 8.8.8.8 -j DROP
Block ip to access specific port
-```
+```sh
iptables -A INPUT -s 8.8.8.8 -p tcp --destination-port 25 -j DROP
```
@@ -294,14 +294,14 @@ iptables -A INPUT -s 8.8.8.8 -p tcp --destination-port 25 -j DROP
There is possble to make iptables basing on user id
-```
+```sh
iptables -A OUTPUT -m owner --uid-owner {USERNAME} -j DROP
```
### Block by state
You can block some ports, but if you whant that ESTABLISHED connections are still
there. Then there is possible to match specific connection state
-```
+```sh
iptables -A INPUT -m state --state NEW -j DROP -s 86.159.18.180
```
@@ -310,7 +310,7 @@ iptables -A INPUT -m state --state NEW -j DROP -s 86.159.18.180
There is quite common that ANNONYMOUSE users have higher chance to abuse services.
Also some website provides list of exit nodes. Here we going to add to new
iptables chai list of IPs gathered from public source
-```
+```sh
wget -c https://www.dan.me.uk/torlist/ > tor.list
iptables -N TOR
iptables -t filter -A INPUT -j TOR
@@ -321,7 +321,7 @@ cat /tmp/tor.list | uniq | sort | xargs iptables -A TOR -j DROP -s
Log droppend packages
-```
+```sh
iptables -A INPUT -m limit --limit 2/min -j LOG --log-level 4 --log-prefix 'In2/m '
```
diff --git a/md/writeup/wasm_fractal.md b/md/writeup/wasm_fractal.md
index 205d22e..62ce8c8 100644
--- a/md/writeup/wasm_fractal.md
+++ b/md/writeup/wasm_fractal.md
@@ -108,12 +108,12 @@ wasm need to search for available options inside emscripten sdk js-configuration
Compile on linux
-```
+```sh
-lSDL2 -lSDL2_ttf -lGLESv2 -lGL
```
Compile with emscripten
-```
+```sh
-s USE_SDL=2 -s MAX_WEBGL_VERSION=2 -s MIN_WEBGL_VERSION=2 -s LLD_REPORT_UNDEFINED -s USE_GLFW=3
```
diff --git a/md/writeup/web_assembly_audio_with_fir_filter.md b/md/writeup/web_assembly_audio_with_fir_filter.md
index e732a62..654f51e 100644
--- a/md/writeup/web_assembly_audio_with_fir_filter.md
+++ b/md/writeup/web_assembly_audio_with_fir_filter.md
@@ -30,13 +30,13 @@ is passed as callback, while running main loop just on pc is no issue. But this
change logic how main loop is invocated to make it compatible between platforms
for emscripten main loop is passed as callback
-```
+```c
emscripten_set_main_loop(main_tick, 25, 1);
```
in usual case its can be run as
-```
+```c
while (quit = 0) {
main_tick();
}
@@ -47,7 +47,7 @@ while (quit = 0) {
Event handler in emscripten part are passing all events to SDL, and if there is text boxes they cannot be filled in,
as main loop is handling events.
-```
+```c
//all events are handled and passed to this routine
while (SDL_PollEvent(&event) != 0)
{
@@ -103,13 +103,13 @@ http://git.main.lv/cgit.cgi/WasmAudio.git
### Get source
-```
+```bash
git clone http://git.main.lv/cgit.cgi/WasmAudio.git/
```
### Build Linux
-```
+```bash
cd Build
make
```
@@ -120,7 +120,7 @@ Open with XCode
### Build Web assembly
-```
+```bash
cd Build
make emcc
```
diff --git a/md/writeup/webusb_example.md b/md/writeup/webusb_example.md
index 3787ab9..dd5e59d 100644
--- a/md/writeup/webusb_example.md
+++ b/md/writeup/webusb_example.md
@@ -22,7 +22,7 @@ Source is located in [http://git.main.lv/cgit.cgi/webusb.git/tree/](http://git.m
There is 2 files *index.html* and *webusb.js* both with messy code inside.
To run exmaple download files or clone git repository
-```
+```bash
git clone http://git.main.lv/cgit.cgi/webusb.git
```
@@ -46,7 +46,7 @@ recieve results from other device and save it to inputbox.
Linux provides utilities to list all usb device connections.
-```
+```bash
lsusb
```
@@ -62,12 +62,12 @@ Our PL2303 device is connected and is on a bus 2.0
When USB device is connected to bus linux logs some information. When USB
device is there in dmesg you can find out some info.
-```
+```bash
dmesg | tail
```
Most important part is to find device bus id in our case it is "2-1:1.0"
-```
+```bash
[190298.876894] usb 2-1: USB disconnect, device number 26
[190298.877195] pl2303 ttyUSB0: pl2303 converter now disconnected from ttyUSB0
[190298.877245] pl2303 2-1:1.0: device disconnected
@@ -86,7 +86,7 @@ Use usb bus id to unbind driver. If its not done there will be no permission
error, or device busy error. Use one of lines to unbind device driver by usb
bus id.
-```
+```bash
echo "2-2:1.0" > /sys/bus/usb/drivers/pl2303/unbind
echo "2-2:1.0" > /sys/bus/usb/drivers/ch341/unbind
```
@@ -99,7 +99,7 @@ permsision. Add file to udev rules in /etc/udev/rules.d directory
/etc/udev/rules.d/88-hello-usb.rules
Here is examples of USB ids for PL2303 and CH341
-```
+```bash
SUBSYSTEMS=="usb", ATTR{idVendor}=="067b", ATTR{idProduct}=="2303", MODE:="0666"
SUBSYSTEMS=="usb", ATTR{idVendor}=="1a86", ATTR{idProduct}=="7523", MODE:="0666"
```
@@ -107,7 +107,7 @@ SUBSYSTEMS=="usb", ATTR{idVendor}=="1a86", ATTR{idProduct}=="7523", MODE:="0666"
As rulles is not loaded after file are created or new entries are added.
Need to restart udev daemon so new rulles are added to current running rulles.
-```
+```bash
udevadm control --reload-rules && udevadm trigger
```
@@ -254,14 +254,14 @@ by seeing sequenc of commands sent to USB interface.
### Setting usbmon
-```
+```bash
mount -t debugfs none_debugs /sys/kernel/debug
modprobe usbmon
ls /sys/kernel/debug/usb/usbmon
```
To see all usb interfaces with detailed info
-```
+```bash
cat /sys/kernel/debug/usb/devices
```
Here is quick look whant kind of interfaces device have, endpoint numner,
@@ -279,7 +279,7 @@ E: Ad=02(O) Atr=02(Bulk) MxPS= 32 Ivl=0ms
E: Ad=81(I) Atr=03(Int.) MxPS= 8 Ivl=1ms
```
-```
+```bash
cat /sys/kernel/debug/usb/usbmon/1u > /tmp/1.mon.out
```