Brendan Dolan-Gavitt moyix
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <string.h> | |
| #include <sys/mman.h> | |
| int main(int argc, char **argv) { | |
| unsigned char bytes[] = { | |
| 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0xf3, 0x90, // rep*14 nop | |
| 0xc3 // ret | |
| }; | |
| unsigned char *code = (unsigned char *) mmap(NULL, 0x1000, PROT_READ|PROT_WRITE|PROT_EXEC, |
moyix
/ facedata.b64
Created
March 23, 2018 02:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FpzbgAQYgAS_sZsyMDJdtTmzUyx3OM4tG7MyrNY2tSJfs-Wxei4JN_OtxbWirTKdvTDmNCEurTSKLqiyEjPxshk19jpVL9y2kan5tHcylDAgtbE2hy1SMs0nmrYas4KymDLLN_UpTjUTs_46BKwUtwE4Fy1INj4m1qj1Lpio-zKjNvmtp7inMTm3bjjrr-y4PbCRN5A2AzcsN1O0CznbrSYuXCyotDEyFi0ttKgpvqxVMn0wDDcZuDmwc7MfrXazAKhoMPG3EjYfOP-ha7GrLxc4GS7ht3WsnDE4M9Qv9bNUrRmhZC3hsDA06qyXqt2udjYlsTA1HTlDuQy4IzcHqJSp9LRtMOE4szUvNsuzN7ClNCIzz6DSthO4Ha6gt1c3RDj-KOowxbeurDy2M7ZiLNesjLneL6kfdLQQuSWvhrLHKaE41TRLNDOlmDKJMFixNLYjtUqzmrJGNrKuxTOGtxu4HiBNL0Uz0SnNOeYyyDA9NnS4Tza3qBG63TOvK06zaDMrOBs36rSWOBm1C7Mnsfg2LTbAGbEd5jXmNCaoUbVNKSKpDTSENLGzpq3dMCAw6y_Ys1w0FjRrNIk5LzObtg60dLNLMW2zvrOqrMie5jL_MnC0ubiMqwAu-TAStiIiGTQoOHCxcaAuMYKtb7b6MHAyMKyCJ9-zOiygOKOyCrRTtl25hTU8Mx3AGqBSF0AKxOigAAAAF0AJH6UgAAAAFz_6X20gAAAAFVYVpxEdwB67MB0-6r04Gf0UQIpXXECGpIZAes_IQHD-W0BqEKdAZ9U_QF3iLUBbqRNAWMSVQFYnRUBUHlFAUIU6QE4nMUBKzfhASP0pQDqtqEAydv9ALDRrQCbHxEAV0441AAjIAQdkZjMtZjE2AA |
moyix
/ klee_output.txt
Last active
March 5, 2021 16:31
Simple example where KLEE can miss a bug (due to floating point)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| klee@e7588606c9e8:~$ klee --allow-external-sym-calls --libc=uclibc --posix-runtime ./toy_156.bc --sym-files 1 88 A | |
| KLEE: NOTE: Using klee-uclibc : /home/klee/klee_build/klee/Release+Debug+Asserts/lib/klee-uclibc.bca | |
| KLEE: NOTE: Using POSIX model: /home/klee/klee_build/klee/Release+Debug+Asserts/lib/libkleeRuntimePOSIX.bca | |
| KLEE: output directory is "/home/klee/./klee-out-1" | |
| KLEE: Using STP solver backend | |
| KLEE: WARNING ONCE: calling external: syscall(16, 0, 21505, 61828272) at /home/klee/klee_src/runtime/POSIX/fd.c:980 | |
| KLEE: WARNING ONCE: calling __user_main with extra arguments. | |
| KLEE: WARNING ONCE: Alignment of memory from call "malloc" is not modelled. Using alignment of 8. | |
| KLEE: WARNING ONCE: ioctl: (TCGETS) symbolic file, incomplete model | |
| KLEE: WARNING ONCE: calling external: printf(61699472, (ReadLSB w32 12 A-data)) at [no debug info] |
moyix
/ in_asm.txt
Created
August 10, 2018 23:03
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 0xc11e3626 3239982630: add esp,0x8 | |
| 0xc11e3629 3239982633: pop ebx | |
| 0xc11e362a 3239982634: ret |
moyix
/ top10_syzkaller_patches.txt
Created
January 8, 2019 21:56
Linux kernel commits that fixed the largest number of Syzkaller-reported crashes
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # commit message | |
| 44 99ba2b5aba24e022683a7db63204f9e306fe7ab9 bpf: sockhash, disallow bpf_tcp_close and update in parallel | |
| 15 1d88ba1ebb2763aa86172cd7ca05dedbeccc0d35 sctp: not allow transport timeout value less than HZ/5 for hb_timer | |
| 15 bbeb6e4323dad9b5e0ee9f60c223dd532e2403b1 bpf, array: fix overflow in max_entries and undefined behavior in index_mask | |
| 10 66e58e0ef80a56a1d7857b6ce121141563cdd93e bpfilter: fix race in pipe access | |
| 9 3619dec5103dd999a777e3e4ea08c8f40a6ddc57 dh key: fix rounding up KDF output length | |
| 8 8e04944f0ea8b838399049bdcda920ab36ae3b04 mm,vmscan: Allow preallocating memory for register_shrinker(). | |
| 8 d76c68109f37cb85b243a1cf0f40313afd2bae68 crypto: pcrypt - fix freeing pcrypt instances | |
| 8 58990d1ff3f7896ee341030e9a7c2e4002570683 bpf: reject passing modified ctx to helper functions | |
| 7 b84bbaf7a6c8cca24f8acf25a2c8e46913a947ba packet: in packet_snd start writing at link layer allocation |
moyix
/ parse_dmesg.py
Created
February 13, 2019 04:57
Small parser using Construct for the Linux kernel log buffer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from datetime import timedelta | |
| import sys | |
| from construct import * | |
| Message = Aligned(4, Struct( | |
| "ts_nsec" / Int64ul, | |
| "length" / Int16ul, | |
| "text_len" / Int16ul, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| require ' vendor/autoload.php ' ; | |
| /** | |
| * Handles an HTTP request that contains information for registering/unregistering | |
| * a FNA application. |
moyix
/ gdbcmds.txt
Created
February 16, 2019 18:44
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| shell sleep 5 | |
| set logging file UUID.gdb.log | |
| set logging on | |
| target remote localhost:9999 | |
| file /nas/brendan/syzkaller_recordings/kernels/UUID/vmlinux | |
| break panic | |
| commands 1 | |
| break __delay | |
| c | |
| end |
moyix
/ plotframes.py
Created
March 7, 2019 20:49
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| from itertools import cycle | |
| import matplotlib.pyplot as plt | |
| import squarify | |
| import gzip | |
| import sys | |
| colormap = {} | |
| allinsns = eval(open(sys.argv[1]).read()) |
moyix
/ make_testcases_onefile.sh
Created
August 30, 2019 19:26
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| for f in "$@"; do | |
| objdump -d /bin/ls | grep -Eo '\$0x[0-9a-f]+' | cut -c 2- | sort -u | python -c 'import sys, struct; print("\n".join("\""+struct.pack("<I" if len(l) <= 11 else "<Q", int(l,0)).encode("string_escape")+"\"" for l in sys.stdin.readlines()))' | |
| strings "${f}" | python -c 'import sys; print("\n".join("\""+line.strip().encode("string_escape")+"\"" for line in sys.stdin.readlines()))' | |
| done |