HaoIne

The reverse engineering process is just the reverse process of the binary generating process. Binary FilesELF stands for Executable and Linkable Format. ELF Header ELF headers contains general information about the binary. Actually the ELF Headers are defined in /usr/include/elf.h file as ELFxx_Ehdr 12345678910111213141516171819#define EI_NIDENT (16)typedef struct{ unsigned char e_ident[EI_NIDENT]; /* Magic number and other info */ Elf64_Half e_type; /* Object file type */ ...

RFC 1945RFC 1945 is the Request for Comments: 1945.This is a document, which defines exactly what is http, and how should it look like, etc. Request-lineRequest-Line = Method SP Request-URI SP HTTP-Version CRLF example: 1GET /greet HTTP/1.0 Status-lineStatus-Line = HTTP-Version SP Status-Code SP Reason-Phrase CRLF example: 1HTTP/1.0 100 OK MethodsGetURLs and Encoding URL Encoding StateRFC said that the HTTP protocal is a stateless protocal, but sometimes we connected to a server...

BinaryThe computer actually could only process the binary, instead of decimals. One binary digit is called bit. We group up 8 bits into one byte. TextsWe want computer to store, display and process texts, so we need to give each text characters a number to ‘encode’ it. The first coding standard is ASCII, standing for American Standard Codes for Information Interchange, which encode a character to one byte, stored in computer. But the problem is it can most encodes 256 chars. Then comes...

Here are the notes I take when walking through the Bandit in OverTheWire‘s wargame. Level0 -> Level112345678bandit0@bandit:~$ cat readmeCongratulations on your first steps into the bandit game!!Please make sure you have read the rules at https://overthewire.org/rules/If you are following a course, workshop, walkthrough or other educational activity,please inform the instructor about the rules as well and encourage them tocontribute to the OverTheWire community so we can keep these games...

Documents to read GDB’s documentation gdb Debugging Full Example StartIn GDB, we could use command listed below to start a program: run (or r for short) to start a program, with no breakpoint. start to start a program, with a breakpoint set on main. starti to start a program, with a breakpoint set on _start. attach <PID> to attach to a program which is already running. core <PATH> to analyze the coredump of an already run program. continue (or c for short): continue to run the...

Symmetric-Multi-ProcessingSymmetric-Multi-Processing (SMP) is currently the most common configuration for including multiple CPUs in a single system.

Peripherals are any of the many external devices that connect to the the computer. The communication channel between the processor an the peripherals is called a bus InterruptsAn interrupt allows the device to literally interrupt the processor to flag some information. Devices are generally connected to an programmable interrupt controller (PIC), a separate chip that is part of the mother board which buffers and communicate interrupt information to the main processor. Saving stateOperating...

Memory HierarchyThere is a rule in the memory world that, the faster you could read and write on it, the smaller its volume for data would be. Cache in depthThe cache is made up of small chunks of mirrored main memory. The size of these chunks is called the line size, and is typically something like 32 or 64 bytes. So the size of a cache is a multiple of a cache line. When the processor write data in the cache, it is not instantly wrote into main memory, but suspended. And this kind of cache...

Types RepresentationStandard TypesC99 realizes that all these rules, sizes and portability concerns can be come very confusing very quickly, as the type names come much more and more. To help, it provides a series of special types which can specify the exact properties of a variable. These are defined in <stdint.h> and have the form qtypes_t where q is a qualifier, type is the base type, s is the width in bits and _t is an extension so you know you are using the C99 defined types. For...