xmas

原创 centos 网卡配置 已经各种报错解决

ifconfig -a找到对应的网卡名称 centos7默认为ens33那么在/etc/sysconfig/network-scripts/ 下vim ifcfg-ens33注意device 一定要跟ifconfig -a 查到的一样这就是linux下的设备描述符 写过内核驱动的人都应该知道 这个是唯一的标识符就也是因为systemctl status ne

原创 windows网络连接表 根据连接远程的ip端口判断本地程序

#include #include #include #include #include #include #pragma comment(lib, "ws2_32.lib")#pragma comment(lib, "iphlpapi.lib")#ifdef NTDDI_VERSION#if(NTDDI_VERSION>=0x0600)typedef en

原创 生产者消费者模式in C

#include#include#include#define bufsize 10#define produce_num 3#define consume_num 3int buffer[bufsize];int product_id=0;sem_t unused;sem_t used;pthread_mutex_t mutex;pthread_t g_thread[pro

原创 netlink+kprobe实现linux下进程监控

#include #include #include #include #include #include #include#define NETLINK_USER 31struct sock *nl_sk = NULL;struct nlmsghdr *nlh;int pid;static struct kprobe kp = { .symbol_n

原创 linux 内核进程监控 针对bash下启动的程序

转载 hello.c kernel Makefile

ifneq ($(KERNELRELEASE),) # after ifneq ,there is a space! or,will get an errorobj-m := hello.o else KERNELDIR := /lib/modules/$(shell uname -r)/build PWD := $(shell pwd) default: $(MAKE)

原创 内存中数据格式

fd fd fd fd  cd cd cd cd cd cd cd cd cd cd cd cd   //data   fd fd fd fd ab ab ab ab ab ab ab ab

原创 xss

http://www.phishtank.com/    https://developers.google.com/safe-browsing/v4/lookup-api?hl=zh-CN    safebrowsingapi[http://www.baidu.com]www.google.com\abcparse \ to

原创 bash笔记

echo ${#name}  get lengthecho ${name:1:2}   like python [1:2]echo `expr index "$name" d`  d in name indexecho ${a[1]}  get array dataecho ${a[@]}  get all data in array

原创 x86汇编

segment*16+offset   hex excursioncs ip   code segment  ip  instruct pointer  then ip+numwhen 8086 cpu start it begin excuting from base cs=FFFFH IP=0000H   the result is FFFF0H

原创 centos install nginx apache

apache2yum install httpdservice httpd startwget http://www.atomicorp.com/installers/atomic sh ./atomic yum check-update yum install nginx nginx path  /etc/nginx/conf.d/de

原创 go中引用socket库 ws2_32

#cgo windows,amd64 LDFLAGS: -lWS2_32引用的C头部添加上面这个  写个例子package main/*#cgo windows,amd64 LDFLAGS: -lWS2_32#include #include #include "define.h"#include #define host "127.0.0.1"#

转载 cve -2016-8704

import structimport socketimport sysMEMCACHED_REQUEST_MAGIC = "\x80"OPCODE_PREPEND_Q = "\x1a"key_len = struct.pack("!H",0xfa)extra_len = "\x00"data_type = "\x00"vbucket = "\x00\x00"body_len

原创 grafana弱口令检测

#-*- encoding:utf-8 -*-import urllibimport urllib2def get_plugin_info(): plugin_info = { "name": "grafana 弱口令", "info": "Administrator Access to grafana with default credentials", "level":

原创 zip解密

import zipfileimport optparsefrom threading import Threaddef extractFile(zFile,password): try: zFile.extractall(pwd=password) print '[+] Found password '+password+'\n' ex

原创 Jenkins反序列化代码执行

# -*- encoding:utf-8 -*-import socketimport base64import randomimport urllib2import timeimport binasciidef random_str(len): str1="" for i in range(len): str1+=(random.choice(

原创 mssql弱口令检测

import socketimport binasciidef check(host,port,username,password,timeout): try: socket.setdefaulttimeout(timeout) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.conne

原创 各种应用服务指纹探测

import socketdef main(host,port): socket.setdefaulttimeout(5) http="GET \r\n" smb= '\x00\x00\x00\xa4\xff\x53\x4d\x42\x72\x00\x00\x00\x00\x08\x01\x40\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0

原创 postgresql 弱口令检测

import socketimport binasciiimport hashlibdef make_response(buf,username,password,salt): pu=hashlib.md5(password+username).hexdigest() buf=hashlib.md5(pu+salt).hexdigest() return 'md5'

原创 Java RMI 反序列化代码执行

#-*- encoding:utf-8 -*-import socketimport binasciiimport timedef check(ip,port,timeout): try: address=(ip,port) socket.setdefaulttimeout(timeout) sock=socket.socket(socket.AF_IN

原创 进程监控

本来以hook方式hook系统api函数，后来发现不同的进程启动走的函数api是不同的，特别的对于父进程不是explorer的，比如在cmd下启动的exe这样hook的方式就不能够实现的。linux下有do_fork函数。win只能走内核去监控，幸好，微软为我们考虑了这层。开放了PsSetCreateProcessNotifyRoutine函数来实现进程线程的监控.{优快云:CODE:2

原创 eclipse 优化

-Xverify:none 禁掉字节码验证两种编译器选择-client -server增大新生代容量  避免频繁GC-Xmx512m-Xms512m-Xmn128m-XX:PermSize=96m-XX:MaxPermSize=96m-XX:+UseConcMarkSweepGC-XX:+useParNewGC (cms收集器作为新生代)

原创 打印GC log

-XX:+PrintGCApplicationStoppedTime -XX:+PrintGCDateStamps -Xloggc: gclog.log    具体信息-XX:+PrintReferenceGCGUI停顿 加参数  -Dsun.awt.keepWorkingSetOnMinimize=true

原创 快速排序

#includevoid test(int *a){ int pivot = 0; int key = a[pivot]; int flag = 0; int flag1 = 0; for (int i = 5; i >= 0; i--) { if (i>pivot&&a[i] < key) {

原创 C语言下读取系统文件

测试发现 python等等的脚本都是可以读取系统目录下文件的 但C却不可以 system32 syswow64下某些文件可通过例如C:\\Windows\\SysNative\\inetsrv\\config\\applicationHost.config 指定路径读取这里要提到sysnative  这是windows操作系统提供的当32位的应用程序尝试访问这个文件夹时，64位的Windo

原创 文件递归 迁移 查找指定类型的文件

# -*- coding: utf-8 -*-import osimport sysimport shutilimport subprocessimport uuidimport hashlibdefaultencoding = 'gbk's=os.seproot="D:\code\\test"dst="E:\test"list= os.listdir(root)def

原创 linux 下java环境配置

read -p "input jdk path: " jdkecho $jdkjava_config="JAVA_HOME=$jdk"echo $java_configecho $java_config>>/etc/profileecho "export JRE_HOME=$jdk/jre">>/etc/profileecho "export CLASSPATH=\$JAVA_HOM

原创 windows create service

sc create detect  binPath= ""

原创 python unicode

b=a.decode('gbk').encode('utf-8')

原创 mysql error

s blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'/usr/bin/mysqladmin flush-hosts -h 127.0.0.1  -p3306 -uroot -p123456

原创 linux socket server

#include #include #include #include #include #include #include #include #include #define  host "127.0.0.1"#define port 8119int kbhit1(void){    struct termios oldt, newt; 

原创 linux socket

#include #include #include #include #include #include #define port 8886int main(){ int sock=socket(AF_INET,SOCK_STREAM,0); struct sockaddr_in sockaddrtest; memset(&sockaddrtest,0

原创 linux socket

#include #include #include #include #include #include #include #include #define PORT 8887#define BUFFER_SIZE 1024int main(){ int sock; sock=socket(AF_INET,SOCK_STREAM,0); struc

原创 docker

docker ps -adocker start iddocker attach idsupervisorctl status

原创 kill all process by input process name

pname=$1array=(` ps aux |grep $pname |awk '{print $2} ' `)#array=(1 2 3)num=${#array[@]}#echo $numlength=` expr $num - 1 `#echo $lengthfor((i=0;i<length;i++))do kill -9 ${array[$i]}

原创 vim bundle config

git clone https://github.com/VundleVim/Vundle.vim.git ~/.vim/bundle/Vundle.vimvim .vimrc   write below code   into vimrcset nocompatible filetype off set rtp+=

原创 docker build daemon increase continuously

snding build context to Docker daemon 275.2 MBthe disk space increase   beyond  it should be  just move the Dockerfile into subdirectory  like mkdir test  then mv Dockerfile

转载 dockerinstallbashshell

#!/bin/shset -e## This script is meant for quick & easy install via:# 'curl -sSL https://get.docker.com/ | sh'# or:# 'wget -qO- https://get.docker.com/ | sh'## For test builds (ie.