I recently happened upon a very interesting implementation of popen() (different API, same idea) called popen-noshell using clone(2), and so I opened an issue requesting use of vfork(2) or posix_spawn() for portability. It turns out that on Linux there's an important advantage to using clone(2). I think I should capture the things I wrote there in a better place. A gist, a blog, whatever.
This is not a paper. I assume reader familiarity with
fork()in particular and Unix in general, though, of course, I link to relevant wiki pages, so if the unfamiliar reader is willing to go down the rabbit hole, they should be able to come ou
| # LVDB - LLOOGG Memory DB | |
| # Copyriht (C) 2009 Salvatore Sanfilippo <[email protected]> | |
| # All Rights Reserved | |
| # TODO | |
| # - cron with cleanup of timedout clients, automatic dump | |
| # - the dump should use array startsearch to write it line by line | |
| # and may just use gets to read element by element and load the whole state. | |
| # - 'help','stopserver','saveandstopserver','save','load','reset','keys' commands. | |
| # - ttl with milliseconds resolution 'ttl a 1000'. Check ttl in dump! |
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
| Name : Finding vulnerabilities in PHP scripts FULL ( with examples ) | |
| Author : SirGod | |
| Email : [email protected] | |
| Contents : | |
| 1) About | |
| 2) Some stuff | |
| 3) Remote File Inclusion | |
| 3.0 - Basic example | |
| 3.1 - Simple example |
| #include <time.h> // Robert Nystrom | |
| #include <stdio.h> // @munificentbob | |
| #include <stdlib.h> // for Ginny | |
| #define r return // 2008-2019 | |
| #define l(a, b, c, d) for (i y=a;y\ | |
| <b; y++) for (int x = c; x < d; x++) | |
| typedef int i;const i H=40;const i W | |
| =80;i m[40][80];i g(i x){r rand()%x; | |
| }void cave(i s){i w=g(10)+5;i h=g(6) | |
| +3;i t=g(W-w-2)+1;i u=g(H-h-2)+1;l(u |
This document was originally written several years ago. At the time I was working as an execution core verification engineer at Arm. The following points are coloured heavily by working in and around the execution cores of various processors. Apply a pinch of salt; points contain varying degrees of opinion.
It is still my opinion that RISC-V could be much better designed; though I will also say that if I was building a 32 or 64-bit CPU today I'd likely implement the architecture to benefit from the existing tooling.
Mostly based upon the RISC-V ISA spec v2.0. Some updates have been made for v2.2
The RISC-V ISA has pursued minimalism to a fault. There is a large emphasis on minimizing instruction count, normalizing encoding, etc. This pursuit of minimalism has resulted in false orthogonalities (such as reusing the same instruction for branches, calls and returns) and a requirement for superfluous instructions which impacts code density both in terms of size and
| --- | |
| source: https://www.google.com/maps/d/viewer?mid=1Z1dI8hoBZSJNWFx2xr_MMxSxSxY&&ll=54.784654126394415%2C-8.91870626273581&z=3 | |
| last_update: Jul 23, 2019 | |
| contribute: http://bit.ly/2d13csJ | |
| ios: http://apple.co/2b7BatI | |
| android: http://bit.ly/2dDeaaN | |
| how_to_update: 1. open the source in a browser | |
| 2. open browser console and type in `_pageData` to print the content of the variable | |
| 3. copy-paste all the content in a file | |
| 4. keep interesting lines with: `grep -e "name" -e "description" > new_file` |