PEiD
https://down.52pojie.cn/Tools/PEtools/ 默认解压密码:www.52pojie.cn
read more about thunks at this StackOverflow question..
What is a ‘thunk’?
https://www.aldeid.com/wiki/Category:Digital-Forensics/Computer-Forensics/Anti-Reverse-Engineering/Packers
Manually unpack ASPack
Ollydbg手脱bass.dll(2.4.12)并修复IAT
简单脱壳教程笔记(2)—手脱UPX壳(1)
简单脱壳教程笔记(2)—手脱UPX壳(1)
精辟 利用ImportREC进行脱壳修复
ImportREC右键删除无效指针
脱壳的ESP定律法原理
unpack方法汇总
手动脱FSG壳,修复IAT。
UPX脱壳
upx3.94手动脱壳
ASPack 2.12 -> Alexey Solodovnikov [Overlay]脱壳失败过程
Aspack2.12脱壳,修改附加数据,程序不能运行问题
ASPack 2.12 -> Alexey Solodovnikov
http://x9090.blogspot.com/2009/09/ollyscript-tutorial-unpack-aspack.html

image-20200515210237211

数据转化代码 Edit->Code
代码转换为数据 Edit->Data
:<Debugging Windows Applications with IDA Windbg Plugin>。 https://www.hex-rays.com/wp-content/uploads/2019/12/debugging_windbg.pdf
IDA Tutorials: Debugging Tutorials
Overview of the IDA Debugger
windbg调试命令
Viewing import table from windbg
Windbg调试笔记
使用WinDbg调试程序
https://www.hex-rays.com/products/ida/debugger/
https://www.hex-rays.com/?s=windbg+plugin
IDA+windbg调试设置
ln (List Nearest Symbols)
kb (Display Stack Backtrace)
Windbg : Display parameters whenever specific function is called
e x (Examine Symbols)
x [Options] Module!Symbol
kd> x *!
Manually Walking a Stack
u @$exentry L10
u . L-10 显示当前EIP的前 16 行代码
http://www.bytekits.com/tsingchen/windbg/windbg-s.html
p (Step)
The pc command executes the program until a call instruction is reached.
The pct command executes the program until it reaches a call instruction or a return instruction.
Windbg调试—-Windbg入门
The t command executes a single instruction or source line and optionally displays the resulting values of all registers and flags. When subroutine calls or interrupts occur, each of their steps is also traced.
dv https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/dv--display-local-variables-
How to find out which Win API functions are called from a compiled c/c++ dll
Use the dumpbin utility with the /imports command-line option. There’s also a depends.exe utility which as a GUI.
Beware that these won’t tell you about functions which you link to use GetProcAddress, nor about interfaces which you access via COM.
Finding undocumented APIs in Windows
https://wohin.me/0dayan-quan-chapter-25-lou-dong-fen-xi-fang-fa-gai-shu/
How to set up symbols in WinDbg?
_NT_SYMBOL_PATH (需要外网)
Debugging with Symbols

跟踪指令T,TA,TB,TC,WT,P,PA,PC
T指令单步执行,在源码调试状态下,可指源码的一行,根据不同的选项也可以为一行ASM指令;
TA单步跟踪到指定地址,如果没有参数将运行到断点处。
TB执行到分支指令,分支指令包括calls, returns, jumps, counted loops, and while loops
TC执行到Call指令
WT Trace and Watch Data,一条强大指令,对执行流程做Profile,执行一下看看结果吧

k, kb, kc, kd, kp, kP, kv (Display Stack Backtrace

b
Displays the first three parameters that are passed to each function in the stack trace.

c
Displays a clean stack trace. Each display line includes only the module name and the function name.

p
Displays all of the parameters for each function that is called in the stack trace. The parameter list includes each parameter’s data type, name, and value. The p option is case sensitive. This parameter requires full symbol information.

P
Displays all of the parameters for each function that is called in the stack trace, like the p parameter. However, for P, the function parameters are printed on a second line of the display, instead of on the same line as the rest of the data.

v
Displays frame pointer omission (FPO) information. On x86-based processors, the display also includes calling convention information.

n
Displays frame numbers.

f
Displays the distance between adjacent frames. This distance is the number of bytes that separate the frames on the actual stack.

L
Hides source lines in the display. L is case sensitive.

M
Displays output using Debugger Markup Language. Each frame number in the display is a link that you can click to set the local context and display local variables. For information about the local context, see .frame.

1
2

bp kernel32!LoadLibraryW ".echo *****;du dwo(esp+4);k;g;"

WinDbg 800C2EFD(ERROR_INTERNET_CANNOT_CONNECT

set _NT_SYMBOL_PROXY=127.0.0.1:1080

https://blog.csdn.net/xiangbaohui/article/details/103832850

WinDBG View Passed Arguments to Any Function

start with kv to see raw arguments and calling convention.

You can display the resulting code (known as disassembly code) in several different ways:

  1. If you are using the command console, use the u (unassemble) command. It accept arguments. u . will print from the current EIP. u will continue the listing. uf will unassemble a function, u . l300 will unassemble from current EIP 300 assembly instructions. etc.
  1. You can open the disassemble window (View -> Disassembly).

How to set an item in CListCtrl as selected?

void __thiscall sub_45C040(void *this, char *a2, int a3, int a4)

image-20200519182856234

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
>bm CreateFileA

0 e Disable Clear x86 765887d0 0001 (0001) 0:**** KERNELBASE!CreateFileA
1 e Disable Clear x86 760a3090 0001 (0001) 0:**** KERNEL32!CreateFileA


0:000:x86> kv
# ChildEBP RetAddr Args to Child
00 0019f2a0 752cb6a1 0019f548 80000000 00000003 KERNELBASE!CreateFileA (FPO: [Non-Fpo])
01 0019f300 752cb398 0019f338 0019f39c 0019f548 msvcrt!_tsopen_nolock+0x281 (FPO: [Non-Fpo])
02 0019f354 752cb41b 0019f548 00008000 00000040 msvcrt!_sopen_helper+0x65 (FPO: [Non-Fpo])
03 0019f374 75301ea0 0019f39c 0019f548 00008000 msvcrt!_sopen_s+0x1b (FPO: [Non-Fpo])
04 0019f3b8 752f3dff 0019f548 0052ed94 00000040 msvcrt!_openfile+0x2f0 (FPO: [Non-Fpo])
05 0019f400 752f3e52 0019f548 0052ed94 00000040 msvcrt!_fsopen+0x9f (FPO: [Non-Fpo])
06 0019f414 004e69b4 0019f548 0052ed94 0101ce20 msvcrt!fopen+0x12 (FPO: [Non-Fpo])
WARNING: Stack unwind information not available. Following frames may be wrong.
07 0019f448 754646fa 70fabb00 ff0a3b98 0019f52c WinKawaks+0xe69b4
08 0019f52c 00100000 00100000 0101ce20 752f5200 USER32!UserCallWinProcCheckWow+0x33a (FPO: [SEH])
09 0019f578 752f525d 00000000 00000000 70fabb00 0x100000
0a 0019f5b8 00060e9a 0019f5e4 00100000 0045bccb msvcrt!sprintf+0x5d (FPO: [Non-Fpo])
0b 0019f5c4 0045bccb c33ed21e 00100000 00000000 0x60e9a
0c 0019f628 754646fa 00000000 ff0a3db8 0019f70c WinKawaks+0x5bccb
0d 0019f70c 75463a6d 70fabb00 0019f73c 772c52fe USER32!UserCallWinProcCheckWow+0x33a (FPO: [SEH])
0e 03741020 00000000 00000000 00000000 00000000 USER32!SendMessageWorker+0x1fd (FPO: [Non-Fpo])


0:000:x86> db 0019f548
0019f548 2e 5c 72 6f 6d 73 5c 63-70 73 32 5c 6d 61 72 75 .\roms\cps2\maru
0019f558 6b 6f 64 71 2e 7a 69 70-00 01 00 00 0c 00 00 00 kodq.zip........

[TOC]

Cross compiling Rust from Linux to macOS
linux compile Mach-O tpoechtrager/osxcross
https://github.com/karalabe/xgo
https://github.com/crosstool-ng/crosstool-ng
Cross compiling C/C++ from macOS to Raspberry Pi in 2 easy steps
https://github.com/multiarch/crossbuild

macOSX

1
2
3
4

brew install x86_64-elf-gcc
==> Installing dependencies for x86_64-elf-gcc: mpfr, libmpc and x86_64-elf-binutils
==> Installing x86_64-elf-gcc dependency: mpfr

xgo

1
2
3

~/go/src ⌚ 16:41:26
$ xgo --targets=linux/amd64 ./cloud-game/cmd/coordinator

tpoechtrager/osxcross

1
2
3
4
5
6
7
8
9
10
11
# 1st step: generate SDK package tar.xz
./tools/gen_sdk_package.sh

# 2nd step: move the packed SDK to tarballs
~/github/osxcross on  master ⌚ 21:31:21
$ mv MacOSX10.15.sdk.tar.xz tarballs
# 3rd step: ./build.sh
~/github/osxcross on  master ⌚ 21:31:36
$ ./build.sh
found SDK version 10.15 at tarballs/MacOSX10.15.sdk.tar.xz
verified at tarballs/MacOSX10.15.sdk.tar.xz
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241

~/github/osxcross on  master ⌚ 21:22:00
$ ./build.sh
no SDK found in tarballs/. please see README.md

# 1st step: generate SDK package tar.xz
./tools/gen_sdk_package.sh
found Xcode: /Applications/Xcode.app
packaging MacOSX10.15 SDK (this may take several minutes) ...

-rw-r--r-- 1 choe staff 46M May 11 21:29 MacOSX10.15.sdk.tar.xz

$ ll
total 94528
-rw-r--r-- 1 choe staff 336B May 11 21:19 AUTHORS
-rw-r--r-- 1 choe staff 6.5K May 11 21:19 CHANGELOG
-rw-r--r-- 1 choe staff 18K May 11 21:19 COPYING
-rw-r--r-- 1 choe staff 1.0K May 11 21:19 KNOWN_BUGS.md
-rw-r--r-- 1 choe staff 46M May 11 21:29 MacOSX10.15.sdk.tar.xz
-rw-r--r-- 1 choe staff 4.4K May 11 21:19 README.COMPILER-RT.md
-rw-r--r-- 1 choe staff 781B May 11 21:19 README.DEBUGGING.md
-rw-r--r-- 1 choe staff 3.5K May 11 21:19 README.MACPORTS.md
-rw-r--r-- 1 choe staff 1.2K May 11 21:19 README.PKG-CONFIG.md
-rw-r--r-- 1 choe staff 11K May 11 21:19 README.md
-rw-r--r-- 1 choe staff 281B May 11 21:19 TODO
-rwxr-xr-x 1 choe staff 9.0K May 11 21:19 build.sh
-rwxr-xr-x 1 choe staff 1.5K May 11 21:19 build_binutils.sh
-rwxr-xr-x 1 choe staff 2.7K May 11 21:19 build_clang.sh
-rwxr-xr-x 1 choe staff 6.7K May 11 21:19 build_compiler_rt.sh
-rwxr-xr-x 1 choe staff 5.6K May 11 21:19 build_gcc.sh
-rwxr-xr-x 1 choe staff 850B May 11 21:19 build_llvm_dsymutil.sh
-rwxr-xr-x 1 choe staff 71B May 11 21:19 cleanup.sh
drwxr-xr-x 6 choe staff 192B May 11 21:19 oclang
-rwxr-xr-x 1 choe staff 2.1K May 11 21:19 package.sh
drwxr-xr-x 9 choe staff 288B May 11 21:19 patches
drwxr-xr-x 3 choe staff 96B May 11 21:19 tarballs
drwxr-xr-x 16 choe staff 512B May 11 21:19 tools
drwxr-xr-x 16 choe staff 512B May 11 21:19 wrapper




# 2nd step: move the packed SDK to tarballs
~/github/osxcross on  master ⌚ 21:31:21
$ mv MacOSX10.15.sdk.tar.xz tarballs
# 3rd step: ./build.sh
~/github/osxcross on  master ⌚ 21:31:36
$ ./build.sh
found SDK version 10.15 at tarballs/MacOSX10.15.sdk.tar.xz
verified at tarballs/MacOSX10.15.sdk.tar.xz

Building OSXCross toolchain, Version: 1.2

OS X SDK Version: 10.15, Target: darwin19
Minimum targeted OS X Version: 10.9
Tarball Directory: /Users/choe/github/osxcross/tarballs
Build Directory: /Users/choe/github/osxcross/build
Install Directory: /Users/choe/github/osxcross/target
SDK Install Directory: /Users/choe/github/osxcross/target/SDK

Press enter to start building


## Building xar (master) ##

Cloning into 'xar'...
remote: Enumerating objects: 142, done.
remote: Counting objects: 100% (142/142), done.
remote: Compressing objects: 100% (117/117), done.
remote: Total 142 (delta 26), reused 110 (delta 15), pack-reused 0
Receiving objects: 100% (142/142), 251.71 KiB | 20.00 KiB/s, done.
Resolving deltas: 100% (26/26), done.
From https://github.com/tpoechtrager/xar
* branch master -> FETCH_HEAD
Already on 'master'
Your branch is up to date with 'origin/master'.
From https://github.com/tpoechtrager/xar
* branch master -> FETCH_HEAD
Already up to date.
checking for gcc... clang
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether clang accepts -g... yes
checking for clang option to accept ISO C89... none needed
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... no
checking how to run the C preprocessor... clang -E
checking for a BSD-compatible install... /usr/local/bin/ginstall -c
checking for ld... /usr/bin/ld
checking for ar... /usr/bin/ar
checking for ranlib... /usr/bin/ranlib
checking for autoconf... /usr/local/bin/autoconf
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking build system type... x86_64-apple-darwin19.4.0
checking host system type... x86_64-apple-darwin19.4.0
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for stdint.h... (cached) yes
checking ext2fs/ext2_fs.h usability... no
checking ext2fs/ext2_fs.h presence... no
checking for ext2fs/ext2_fs.h... no
checking sys/statfs.h usability... no
checking sys/statfs.h presence... no
checking for sys/statfs.h... no
checking sys/xattr.h usability... yes
checking sys/xattr.h presence... yes
checking for sys/xattr.h... yes
checking sys/param.h usability... yes
checking sys/param.h presence... yes
checking for sys/param.h... yes
checking sys/extattr.h usability... no
checking sys/extattr.h presence... no
checking for sys/extattr.h... no
checking libutil.h usability... no
checking libutil.h presence... no
checking for libutil.h... no
checking for lgetxattr... no
checking for lsetxattr... no
checking for getxattr... yes
checking for setxattr... yes
checking for getattrlist... yes
checking for setattrlist... yes
checking for lchmod... yes
checking for lchown... yes
checking for chflags... yes
checking for statvfs... yes
checking for statfs... yes
checking for strmode... yes
checking for struct statfs.f_fstypename... yes
checking for struct statvfs.f_fstypename... no
checking for struct stat.st_flags... yes
checking size of uid_t... 4
checking size of gid_t... 4
checking size of ino_t... 8
checking size of dev_t... 4
checking for acl_get_file in -lacl... no
checking for asprintf... yes
checking for xml2-config... /usr/bin/xml2-config
checking for libxml >= 2.6.11... 2.9.4
checking libxml/xmlwriter.h usability... yes
checking libxml/xmlwriter.h presence... yes
checking for libxml/xmlwriter.h... yes
checking openssl/evp.h usability... no
checking openssl/evp.h presence... no
checking for openssl/evp.h... no
checking for EVP_add_cipher in -lcrypto... no
configure: error: Cannot build without libcrypto (OpenSSL)

exiting with abnormal exit code (1)
run 'OCDEBUG=1 ./build.sh' to enable debug messages






/usr/local/Cellar/openssl@1.1/1.1.1g/include



create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-clang
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-clang
create_symlink x86_64-apple-darwin19-wrapper o64-clang
create_symlink x86_64-apple-darwin19-wrapper o64h-clang
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-clang++
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-clang++
create_symlink x86_64-apple-darwin19-wrapper o64-clang++
create_symlink x86_64-apple-darwin19-wrapper o64h-clang++
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-clang++-libc++
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-clang++-libc++
create_symlink x86_64-apple-darwin19-wrapper o64-clang++-libc++
create_symlink x86_64-apple-darwin19-wrapper o64h-clang++-libc++
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-clang++-stdc++
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-clang++-stdc++
create_symlink x86_64-apple-darwin19-wrapper o64-clang++-stdc++
create_symlink x86_64-apple-darwin19-wrapper o64h-clang++-stdc++
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-clang++-gstdc++
create_symlink x86_64-apple-darwin19-wrapper o64-clang++-gstdc++
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-cc
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-cc
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-c++
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-c++
create_symlink x86_64-apple-darwin19-wrapper osxcross
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-osxcross
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-osxcross
create_symlink x86_64-apple-darwin19-wrapper osxcross-conf
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-osxcross-conf
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-osxcross-conf
create_symlink x86_64-apple-darwin19-wrapper osxcross-env
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-osxcross-env
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-osxcross-env
create_symlink x86_64-apple-darwin19-wrapper osxcross-cmp
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-osxcross-cmp
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-osxcross-cmp
create_symlink x86_64-apple-darwin19-wrapper osxcross-man
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-osxcross-man
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-osxcross-man
create_symlink x86_64-apple-darwin19-wrapper x86_64-apple-darwin19-pkg-config
create_symlink x86_64-apple-darwin19-wrapper x86_64h-apple-darwin19-pkg-config


testing o64-clang++ -stdlib=libc++ -std=c++11 ... works

testing o64-clang ... works
testing o64-clang++ ... works

Do not forget to add

/Users/choe/github/osxcross/target/bin

to your PATH variable.

All done! Now you can use o32-clang(++) and o64-clang(++) like a normal compiler.

Example usage:

Example 1: CC=o32-clang ./configure --host=i386-apple-darwin19
Example 2: CC=i386-apple-darwin19-clang ./configure --host=i386-apple-darwin19
Example 3: o64-clang -Wall test.c -o test
Example 4: x86_64-apple-darwin19-strip -x test

Your SDK does not support i386 anymore.
Use <= 10.13 SDK if you rely on i386 support.

Your SDK does not support libstdc++ anymore.
Use <= 10.13 SDK if you rely on libstdc++ support.
How to specify include directory for configure script

http://stackoverflow.com/questions/16044020/gcc-and-linking-environment-variables-and-flags

I have also heard/read before about these other compiling flags:

  • For compiling C code: CC, CFLAGS
  • For compiling C++ code: CXX, CPPFLAGS

and linking flags:

  • For the linking stage: LDFLAGS
  • After the code is compiled: LD_LIBRARY_PATH

With this, my questions are:

  1. Why aren’t CC, CFLAGS, CXX and CPPFLAGS included in the official list of environment variables for gcc?
  2. Where can I find the official documentation for LDFLAGS, LD_LIBRARY_PATH or other linking-related environment variables?
  3. Less importantly, where can I a guide/tutorial on how to use all these variables in practice
1
To begin with, all the variables you mentioned: CC, CFLAGS, CXX, CXXFLAGS, LDFLAGS, LD_LIBRARY_PATH, are originated from Unix OS family. These variables have nothing to do with GCC in the first place, that's why you see no trace of them in the manuals.The only meaningful variable (which has no direct connection with GCC too) among these is LD_LIBRARY_PATH. You'll probably find this variable to be defined out-of-the-box on any modern Unix-like OS. Here is the the LD.SO(8) man-page from Linux Programmer's Manual which mentions LD_LIBRARY_PATH and its purpose. Here is one more extract:The LD_LIBRARY_PATH environment variable contains a colon-separated list of directories that are searched by the dynamic linker when looking for a shared library to load.The directories are searched in the order they are mentioned in.If not specified, the linker uses the default, which is /lib:/usr/lib:/usr/local/lib.As you can see LD_LIBRARY_PATH is nothing but an OS-specific environment variable for proper loading of shared libraries. Windows has similar environment variable in this regard: PATH. Windows will scan directories listed in it when searching for dynamic-link library (DLL, a counterpart of SO on Linux) too.Concerning the rest of the variables (CC, CFLAGS, CXX, CXXFLAGS, LDFLAGS), you see them so often due to the historical reasons. Since the rise of Unix era, software projects were built usingMake (scroll down and look at the examples of typical makefiles) — one of the pioneering build tools. These variables were so extensively used in makefiles that eventually they became sort of a convention (see Implicit Rules, for instance). That's why you can even see them defined out-of-the-box on, for example, Linux, and most likely pointing to GCC (as it is considered to be the native toolchain for Linux).To conclude, the point is: don't scratch your head over CC, CFLAGS, CXX, CXXFLAGS, LDFLAGS, and friends, as they are just a blast from the past. ;)BONUSUsing plain old Make directly to build complex software today quickly becomes tedious and error-prone. As a result, numerous sophisticated build system generators like GNU Automake or CMakehave been developed. In brief, their goal is to provide (arguably) more readable, easy-to-maintain, and high-level syntax to define an arbitrarily complex build system for an arbitrary software project to be built. Typically, before actually building the project, one has to generate a native build system (which could also be represented by plain old makefiles, for example, for portability reasons, but not necessarily) out of this high-level definition using the corresponding set of tools. Finally, one has to build the project with the tool(s) corresponding to the generated (native) build system (for example, Make in case of plain old makefiles, but not necessarily).Since you are asking these questions, I suspect that you are about to dive into native software development with C or C++. If so, I would strongly recommend you to pick a modern build system (CMake would be my personal recommendation) in the first place, play with it, and learn it well
1
2

./configure --prefix=/usr/local/guile-2.2.4 LDFLAGS="-L/usr/local/libtool-2.4.6/lib -L/usr/local/gmp-6.1.0/lib" CPPFLAGS="-I/usr/local/libtool-2.4.6/include -I/usr/local/gmp-6.1.0/include"

configure CFLAGS and LDFLAGS

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

CC C compiler command
CFLAGS C compiler flags
LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a
nonstandard directory <lib dir>
LIBS libraries to pass to the linker, e.g. -l<library>
CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
you have headers in a nonstandard directory <include dir>
CPP C preprocessor



export CPPFLAGS='-I/home/foo/sw/include/'
export LDFLAGS='-L/home/foo/sw/lib/'
./configure

env CPPFLAGS='-I/home/foo/sw/include/' LDFLAGS='-L/home/foo/sw/lib/' ./configure

However you can use multiple entries:

LDFLAGS="-L/home/foo/sw/lib/ -L/home/foo/bar/lib/"
What is the correct syntax to add CFLAGS and LDFLAGS to “configure”?
How to add libraries path to the ./configure command?
How to add include and lib paths to configure/make cycle?
1
2
3
4
5
6
7
8
9
10
11
12
The correct way is:
./configure CFLAGS="-I/usr/local/include" LDFLAGS="-L/usr/local/lib"


but this may not work with all configure scripts. It's probably better to set environment variables such as CPATH and LIBRARY_PATH (see gcc man page).

An example:

export CPATH=/usr/local/include
export LIBRARY_PATH=/usr/local/lib
export LD_LIBRARY_PATH=/usr/local/lib
in your .profile, for instance. The LD_LIBRARY_PATH can be needed in case of shared libraries if a run path is not used (this depends on the OS, the build tools and the options that are used, but it shouldn't hurt).

openSSL

/usr/local/opt/openssl是第三方库的最近版本的默认路径,会软连接/usr/local/Cellar的库版本

aklap/fix-missing-libcrypto-osx.md

1
2
 # pending https://gist.github.com/aklap/e885721ef15c8668ed0a1dd64d2ea1a7
PKG_CONFIG_PATH="/usr/local/opt/openssl/lib/pkgconfig" make build
1
2
3
4
5
6
7
8
9
10
11
12
13
14

$ ln -s /usr/local/Cellar/openssl/[version]/include/openssl /usr/bin/openssl
$ ln -s /usr/local/opt/openssl/lib/libssl.1.0.0.dylib /usr/local/lib/


# pass the full include/library paths to your compiler e.g.:
-I/usr/local/opt/openssl/include -L/usr/local/opt/openssl/lib

# remember to add -lssl and -lcrypto flags for your compiler.

$ ll /usr/local/opt/openssl
lrwxr-xr-x 1 choe admin 28B Apr 22 14:12 /usr/local/opt/openssl -> ../Cellar/openssl@1.1/1.1.1g

clang -x c -v -E /dev/null

check clang Search include path

1
2
3
4
5
clang -x c -v -E /dev/null

-x <language> Treat subsequent input files as having type <language>
-v Show commands to run and use verbose output
-E Only run the preprocessor

using OpenSSL with macOS

Using the OpenSSL library with macOS Sierra

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52

$ brew info openssl
openssl@1.1: stable 1.1.1g (bottled) [keg-only]
Cryptography and SSL/TLS Toolkit
https://openssl.org/
/usr/local/Cellar/openssl@1.1/1.1.1g (8,052 files, 18MB)
Built from source on 2020-04-22 at 14:12:44
From: https://github.com/Homebrew/homebrew-core/blob/master/Formula/openssl@1.1.rb
==> Caveats
A CA file has been bootstrapped using certificates from the system
keychain. To add additional certificates, place .pem files in
/usr/local/etc/openssl@1.1/certs

and run
/usr/local/opt/openssl@1.1/bin/c_rehash

openssl@1.1 is keg-only, which means it was not symlinked into /usr/local,
because macOS provides LibreSSL.

If you need to have openssl@1.1 first in your PATH run:
echo 'export PATH="/usr/local/opt/openssl@1.1/bin:$PATH"' >> ~/.zshrc

For compilers to find openssl@1.1 you may need to set:
export LDFLAGS="-L/usr/local/opt/openssl@1.1/lib"
export CPPFLAGS="-I/usr/local/opt/openssl@1.1/include"

For pkg-config to find openssl@1.1 you may need to set:
export PKG_CONFIG_PATH="/usr/local/opt/openssl@1.1/lib/pkgconfig"

==> Analytics
install: 940,473 (30 days), 2,030,752 (90 days), 5,133,947 (365 days)
install-on-request: 152,866 (30 days), 304,694 (90 days), 720,415 (365 days)
build-error: 0 (30 days)



$ ll /usr/local/opt/openssl@1.1
lrwxr-xr-x 1 choe admin 28B Apr 22 14:12 /usr/local/opt/openssl@1.1 -> ../Cellar/openssl@1.1/1.1.1g



~/github/osxcross/build on  master! ⌚ 10:26:14
$ export LIBRARY_PATH="/usr/local/opt/openssl@1.1/lib"

"/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -lto_library /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/libLTO.dylib -no_deduplicate -dynamic -arch x86_64 -platform_version macos 10.15.0 10.15.4 -syslibroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk -o a.out /var/folders/1v/12hxqhk571n7n9lc9nyb7b2r0000gn/T/test-c51029.o -lcrypto -L/usr/local/opt/openssl@1.1/lib -L/usr/local/lib -lc++ -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/11.0.3/lib/darwin/libclang_rt.osx.a

# 取消
$ unset LIBRARY_PATH

$"/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -lto_library /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/libLTO.dylib -no_deduplicate -dynamic -arch x86_64 -platform_version macos 10.15.0 10.15.4 -syslibroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk -o a.out /var/folders/1v/12hxqhk571n7n9lc9nyb7b2r0000gn/T/test-0360c1.o -lcrypto -L/usr/local/lib -lc++ -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/11.0.3/lib/darwin/libclang_rt.osx.a
ld: library not found for -lcrypto
clang: error: linker command failed with exit code 1 (use -v to see invocation)

https://github.com/giongto35/cloud-game
https://mp.weixin.qq.com/s/MOYyhDTIf-s4KFgtERQXMA

架构设计

worker:(或者是上面提到的流服务器)生成游戏、运行编码管道、并将编码的媒体流传输给用户。Worker分布在世界各地,每一个都可以同时处理多个用户会话。

Coordinator:负责将新用户与最适合的Worker配对并进行流传输,通过WebSocket与worker进行交互。

Game state storage:所有游戏状态的中央远程存储。该存储实现了一些基本功能,例如远程保存/加载。

img

用户流

当新用户在下图所示的步骤1和2中打开CloudRetro时,协调器将被要求提供前端页面以及可用Worker列表。之后,在第3步,客户端使用HTTP ping请求计算所有候选者的延迟。此延迟列表随后发送回协调器,以便它可以确定最适合为用户服务的worker。在下面的步骤4中,游戏生成。WebRTC流连接是在用户和指定worker之间建立的。

img

Inside the worker

在worker内部,游戏和流管道保持隔离状态,并通过接口交换信息。当前,该通信是通过Golang通道上的内存传输过程完成的。下一个目标是进一步隔离–即以不同的过程独立运行游戏。

img

主要部分是:

WebRTC:面向客户端的组件,用户输入进入,服务器的编码媒体输出。

游戏模拟器:游戏组件。借助Libretro库,该系统能够在同一进程内运行游戏,并在内部挂钩媒体和输入流。游戏中的帧被捕获并被发送到编码器。

图像/音频编码器:编码管道,它在其中接收媒体帧、在后台进行编码并输出编码的图像/音频。

应用

CloudRetro依靠WebRTC作为骨干,因此在详细介绍我在Golang中的实现之前,第一部分要专门介绍WebRTC技术。这是一项很棒的技术,可以极大地帮助我实现亚秒级的延迟流。

[TOC]

awesome-reverse-engineering
alphaSeclab/awesome-reverse-engineering
36hours/idaemu idaemu is an IDA Pro Plugin
iDA Pro
那些年使用IDA的事——防止F5错误优化
IDA动态调试ELF https://bbs.pediy.com/thread-247830.htm
https://upx.github.io/
https://blog.51cto.com/watertoeast/2084700
https://blog.csdn.net/yuqian123455/article/details/96889150
菜鸟KOF97单文件版本制作记 https://bbs.pediy.com/thread-39224-1.htm
https://www.cnblogs.com/KIDofot/p/8543959.html

aspack 2.12 脱壳 https://www.52pojie.cn/thread-760512-1-1.html

10.15 Catalina 终止了对 32 位可执行程序的兼容

osx-intel: Bad CPU type in executable

错误应该是程序架构( Arch )问题,发现 osx-intel 是 32 位的可执行文件:
$ file osx-intel
osx-intel: Mach-O executable i386

然后10.15 Catalina 终止了对 32 位可执行程序的兼容( https://support.apple.com/en-us/HT208436 ):

Apple’s transition to 64-bit technology is now complete. Starting with macOS Catalina, 32-bit apps are no longer compatible with macOS. If you have a 32-bit app, please check with the app developer for a 64-bit version.

安装 macos10.14 就行了

解决方案:win 电脑虚拟机安装 10.14 ,然后安装 ida7.0,拷贝过来,打上补丁

lua

how to compile Lua 5.3.5 for Windows (executable and DLL) with Microsoft Visual Studio Community Edition

Refer: https://blog.spreendigital.de/2019/06/25/how-to-compile-lua-5-3-5-for-windows/

1. install Visual Studio Community Edition 2019

2. Lua 5.3.5 source code

3. Open a x86 Native Tools Command Prompt for VS 2019 , navigate to the extracted Lua src/ folder and run inside this folder the following commands

compile.bat

1
2
3
4
5
6
7
8
9

cl /MD /O2 /c /DLUA_BUILD_AS_DLL *.c
ren lua.obj lua.o
ren luac.obj luac.o
link /DLL /IMPLIB:lua5.3.5.lib /OUT:lua5.3.5.dll *.obj
link /OUT:lua.exe lua.o lua5.3.5.lib

lib /OUT:lua5.3.5-static.lib *.obj
link /OUT:luac.exe luac.o lua5.3.5-static.lib
  1. Open a x64 Native Tools Command Prompt for VS 2019,then navigatet to the Lua src/ and run compile.bat

interpreter: lua.exe

compiler luac.exe

dll lua5.3.0.dll.

keyword: Windows containers
isolation mode
Windows and containers
Get started
https://docs.microsoft.com/zh-cn/virtualization/windowscontainers/about/

Windows container 有两种 container 类型,这两种容器都是跑到 Windows servrer 2016 的,但还有

一种容器的玩法是在 Liunx 平台跑.Net core ,这它的局限,其实只能跑到用.Net 技术开发的 Windows 的应用,

直接在 Windows server 跑容器的方案更为靠谱,该方案有两种类型, Windows server 和 hyper - v container 。

image-20200424160727748

hyper-v 有点像虚拟机,但是速度会明显比虚拟机快很多,只是在申请资源或者获取资源时,比 Windows server Container 的速度稍稍慢一点点, Windows server container 可能 3 秒,它可能 4 、 5 秒。但是资源的隔离度比较好一些,类似于虚拟机,微软公有云 Azure 的容器服务也是采取这种容器类型,他们的考虑是公有云上面部署的应用不是受信任的,相互之间有可能“打架”的情况发生,他想隔离好一些。

image-20200424160908468


[TOC]

NX nomachine
Chrome Remote Desktop
https://www.dalongyun.com/

nomachine

How to connect to NoMachine when the server is behind a NAT router or a firewall

windows 10 listen 4000 /tcp/udp

If you are using NoMachine (free), you will need to open port 4000 on the router and map it to the public IP address of your NoMachine (server ) host.

Ports to be opened on the router and mapped to the public IP address of the server host are:

4000 for connections using the NX protocol.

22 or 4022 on Windows for connections using the SSH protocol.

4080 and 4443 for web connections.

Note also that the default port values can be changed from the NoMachine User Interface for server administration. Click on the !M icon in the system tray to open the menu and choose ‘Show the service status’ (‘Connections’ or ‘ Server status’ for version 5 and 4) . Open then ‘Server preferences’ (previous called ‘Connection preferences’ for NoMachine free v. 5 and 4) and access the Services panel.

Listen 7002

1
nxnode.bi   TCP [::1]:7002 (LISTEN)

Copy and paste works out of the box, both ways.

Files can also be copied using drag and drop. When using this method, they are dropped on to the ‘other desktop’.

For file transfer see here: https://www.nomachine.com/sharing-files-between-computers

If you want to access files by being able to browse disks from the ‘other computer’, please see: https://www.nomachine.com/accessing-files-on-local-or-remote-disk-drives

plex.md jellyfin.md
Z9S+DS918+Hao4k+MT=完美
m2ts 大文件
Windows 电脑 4K 电影蓝光原盘播放器推荐**PotPlayer**
电脑上播放带有 HDR 效果的视频 如果电视或显示器并不支持 HDR,那么播出来的视频画面会显得灰蒙蒙一片,像褪色的感觉
用电脑播放BDMV 文件夹,ISO格式原盘
Macgo Windows Blu-Ray Player 这款播放器有 Win 和 macOS 平台的版本
mac 4K 蓝光原盘的方法,主要是以下两款播放器。
Macgo Mac Blu-Ray Player Pro
IINA 可谓是 Mac 平台上最值得推荐的「免费」万能播放器软件,几乎可以播放所有视频格式,不过它同样不能直接播放 bdmv,还是需要找到 .m2ts 文件进行播放。另外可选的还有 MPV。
image-20200616201138815

[TOC]

https://github.com/search?q=Interviews&type=
https://github.com/search?q=coding
https://github.com/jwasham/coding-interview-university
kdn251/interviews
gatieme/CodingInterviews

* TLS 的交互细节
* HTTP 协议的理解

  • openresty 中协程、lua 虚拟机的原理
  • nginx 源码的理解,讲讲各阶段如何处理
  • select、epoll 的区别,在使用和性能上有什么区别,当只有一个 tcp 客户端时,哪种机制效率更高,有没有看过实现的源码
  • 进程、线程区别
  • 两个进程如何共享 socket、子进程调用 execve 时如何共享 socket
  • 说说系统调用的实现原理,参数怎么传
  • 对 TCP 的了解,除了基本的建立连接、收发数据、关闭连接,说说 TCP 其他还有哪些奇奇怪怪的特性
  • 如何设计 DNS 服务器,DNS 中各记录的区别,A、AAA、NS、CNAME
  • pthread 库中各同步互斥技术的实现原理,有没有看过源码

c

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
a: int *ptr[n];   
b: int (*)ptr[n];
c: int *ptr();
d: int (*)ptr;
e: int (*((*ptr(int,int))))(int)

int (*
(
(*ptr(int,int))
)
)(int)


a: 指向 n个数组的指针
b:
c: 函数指针
d: 指针
e:函数指针 F *ptr(int, int),返回值F是一个函数指针 int (**)(int)

cplusplus

alorigthm

二进制异或方法交换两个整数

a=3 b= 2 代入法

​ a=a^b, 异或后a=11^10=01

​ b=a^b, 异或后b=01^10=11(此时b为开始a的值)

​ a=a^b 异或后a=01^11=10(此时a为开始b的值)

1
2
3
4
5
6
7
8
9
10

int Swap(int *a, int *b)
{
if (!a || !b || a==b) return -1;

*a = *a^*b;
*b = *a^*b;
*a = *a^*b;
return 0;
}

What does an object look like in memory? [duplicate]

Static class members are treated almost exactly like global variables / functions. Because they are not tied to an instance, there is nothing to discuss regarding memory layout.

Class member variables are duplicated for each instance as you can imagine, as each instance can have its own unique values for every member variable.

Class member functions only exist once in a code segment in memory. At a low level, they are just like normal global functions but they receive a pointer to this. With Visual Studio on x86, it’s via ecx register using thiscall calling convention.

When talking about virtual functions, polymorphism, then the memory layout gets more complicated, introducing a “vtable“ which is basically a bunch of function pointers that define the topography of the class instance.

1
2
3
4
5
6
7
8
9

+-----------+
| vptr | pointer to vtable which is located elsewhere
+-----------+
| fieldA | first member
| fieldB | ...
| fieldC |
| ... |
+-----------+