Skip to content

Instantly share code, notes, and snippets.

View kohnakagawa's full-sized avatar
🌴
On vacation

tsunekoh kohnakagawa

🌴
On vacation
127 followers · 18 following
View GitHub Profile
@kohnakagawa
kohnakagawa / llvm_build.md
Created October 1, 2019 07:59

llvm for riscv のビルド試行

$ cmake -DLLVM_ENABLE_PROJECTS=clang -G Ninja ../llvm -DCMAKE_BUILD_TYPE="Release" \
  -DBUILD_SHARED_LIBS=True -DLLVM_USE_SPLIT_DWARF=True \
  -DLLVM_OPTIMIZED_TABLEGEN=True -DLLVM_BUILD_TESTS=False \
  -DDEFAULT_SYSROOT="/etc/path/to/riscv64-unknown-elf" \
  -DLLVM_DEFAULT_TARGET_TRIPLE="riscv64-unknown-elf" \
  -DLLVM_TARGETS_TO_BUILD="RISCV"
$ cmake --build .
@kohnakagawa
kohnakagawa / check_entropy.py
Created August 11, 2019 04:49
r2pipe を使ってセクションのエントロピーを計算し、パックされているものがあった場合には表示する
import r2pipe
import glob
import os
target_path = "data/malware"
def is_packed(entropy):
return any(filter(lambda x: x > 6.8, entropy))
cnt = 0
@kohnakagawa
kohnakagawa / byte_histogram_classify.ipynb
Created August 11, 2019 03:28
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@kohnakagawa
kohnakagawa / ember_classify.ipynb
Created August 11, 2019 02:45
Malware Data Science chapter 8の内容をEmberで使われている特徴量で実施した場合の結果
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@kohnakagawa
kohnakagawa / dbg.c
Created July 27, 2019 02:23
#define _GNU_SOURCE
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <linux/elf.h>
#include <sys/ptrace.h>
#include <linux/ptrace.h>
#include <sys/types.h>
@kohnakagawa
kohnakagawa / get_pc.c
Created July 25, 2019 06:39
RISC-Vでprogram counte を取得するためのコード
#include <stdio.h>
#define GET_PC ({ register long tmp asm("a0");\
__asm__ __volatile__ ("auipc %0, 0\n\t": "=r"(tmp));\
tmp; })
int main() {
const int pc = GET_PC;
printf("%x\n", pc);
}
@kohnakagawa
kohnakagawa / output.asm
Created April 14, 2019 01:29
Rustの最適化の強力さ
example::sum:
xor eax, eax
cmp edi, 2
jl .LBB0_2
lea eax, [rdi - 2]
lea ecx, [rdi - 3]
imul rcx, rax
shr rcx
lea eax, [rcx + 2*rdi]
add eax, -3
@kohnakagawa
kohnakagawa / sort.c
Created April 6, 2019 07:03
2分くらいで書いたsort関数
#include <stdio.h>
#include <string.h>
void bubble(char* p) {
const size_t len = strlen(p);
for (size_t i = 0; i < len; i++) {
for (size_t j = i+1; j < len; j++) {
const char tmp0 = p[i];
const char tmp1 = p[j];
if (tmp0 > tmp1) {
@kohnakagawa
kohnakagawa / pre-push
Created April 6, 2019 05:37
git の pre-push スクリプト
#!/usr/bin/env bash
# An example hook script to verify what is about to be pushed. Called by "git
# push" after it has checked the remote status, but before anything has been
# pushed. If this script exits with a non-zero status nothing will be pushed.
#
# This hook is called with the following parameters:
#
# $1 -- Name of the remote to which the push is being done
# $2 -- URL to which the push is being done
@kohnakagawa
kohnakagawa / snip.asm
Created February 23, 2019 15:41
Goにおいて「構造体を参照渡しするか・値渡しするか」「戻り値を参照渡しにするか・値渡しにするか」の議論をはっきりさせるためのコード
00000000010922e0 <main.norm2AsRef>:
10922e0: 48 8b 44 24 08 mov rax,QWORD PTR [rsp+0x8]
10922e5: f2 0f 10 00 movsd xmm0,QWORD PTR [rax]
10922e9: f2 0f 10 48 08 movsd xmm1,QWORD PTR [rax+0x8]
10922ee: f2 0f 10 50 10 movsd xmm2,QWORD PTR [rax+0x10]
10922f3: f2 0f 59 c0 mulsd xmm0,xmm0
10922f7: f2 0f 59 c9 mulsd xmm1,xmm1
10922fb: f2 0f 58 c1 addsd xmm0,xmm1
10922ff: f2 0f 59 d2 mulsd xmm2,xmm2
1092303: f2 0f 58 c2 addsd xmm0,xmm2