大文件去重5种方法

v1

cat * | sort | uniq > out.txt

v2

cat * | awk '{ if (!seen[$0]++) { print $0; } }' > out.txt


阅读全部

nginx部署HTTPS、HTTP/2

下载:

wget -c https://www.openssl.org/source/openssl-1.1.0.tar.gz 
wget -c https://nginx.org/download/nginx-1.11.3.tar.gz

 编译、升级:

./configure --prefix=/usr/local/nginx --user=www --group=www --with-http_ssl_module --with-http_gzip_static_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_slice_module --with-http_v2_module --with-openssl=../openssl-1.1.0
make
mv /usr/local/nginx/sbin/nginx{,.old}
cp objs/nginx /usr/local/nginx/sbin/nginx

编译时如果提示变量SSL_R_NO_CIPHERS_PASSED未定义,可以打开src/event/ngx_event_openssl.c文件,删除以下这行

|| n == SSL_R_NO_CIPHERS_PASSED

说明:

安装最新版openssl支持ALPN,用于浏览器协商HTTP/2。系统默认openssl比较旧,从1.0.2版本以上才开始支持ALPN。

如果ssl_prefer_server_ciphers设置为on,可能HTTP/2不一定工作,降级为HTTP1.1,可尝试注释,这里的Caveats小节有相关说明。


获取证书:

使用https://www.startssl.com/的免费证书,使用 OpenSSL 或网站提供的工具生成 SSL Key 和 CSR 文件,用 CSR 文件提交签署得到 CRT 证书。


优化过的nginx配置文件:

http节加入:

#配置共享会话缓存大小
    ssl_session_cache   shared:SSL:10m;
#配置会话超时时间
    ssl_session_timeout 10m;

HTTP跳转HTTPS:

server {
  listen 80;
  server_name feiworks.com www.feiworks.com;
  return 301 https://www.feiworks.com$request_uri;
}

HTTPS及HTTP/2配置:

server
{
        listen        443 ssl http2;
        ssl_certificate     /usr/local/nginx/conf/1_feiworks.com_bundle.crt;
        ssl_certificate_key /usr/local/nginx/conf/feiworks.key;
        keepalive_timeout   70;
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
        ssl_prefer_server_ciphers on;
        ssl_dhparam /etc/ssl/certs/dhparam.pem;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        #定义算法
        ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
        #减少点击劫持
        add_header X-Frame-Options SAMEORIGIN;
        #禁止服务器自动解析资源类型
        add_header X-Content-Type-Options nosniff;
        #防XSS攻击
        add_header X-Xss-Protection 1;
......

上述dhparam.pem文件的生成:

cd /etc/ssl/certs
openssl dhparam -out dhparam.pem 2048

在线测试是否支持HTTP/2、ALPN

https://tools.keycdn.com/http2-test

在线测试SSL Server安全性

https://www.ssllabs.com/ssltest/index.html

参考

http://gold.xitu.io/entry/57ba9a6b2e958a006939083c


阅读全部

linux远程图形界面转发本地

安装xmanager

yum install Xvfb
yum install xorg-x11-xauth
vi /etc/ssh/sshd_config
X11Forwarding yes
iptables -A INPUT -P udp --dport 177 -j ACCEPT

设置连接属性,在 SSH --> tunneling 选项下勾选 Forward X11 connections to: Xmanager


阅读全部

windbg调试

符号配置

SRV*d:\Symbols*http://msdl.microsoft.com/download/symbols


启动自动附加

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\calc.exe]

"Debugger"="\"D:\\WinDbg(x64)\\windbg.exe\""


加载模块断点:

sxe ld:[dll name]

所有模块:sxe ld:*

卸载模块断点:

sxe ud:[dll name]

所有模块:sxe ud:*


阅读全部

2013 later rmbp 13' 4k@51Hz

SwitchResX_Preferences.png


适用于osx及windows系统。

阅读全部

py2exe打包的程序解包

1. 二进制搜索12 34 56 78,往后偏移8字节后开始的4字节是code_bytes长度,之后是库文件名,以00结尾,之后就是code_bytes。

si = struct.pack("iiii",
    0x78563412, # a magic value,
    self.optimize,
    self.unbuffered,
    len(code_bytes),
) + relative_arcname + "\000"
script_bytes = si + code_bytes + '\000\000'

2.把code_bytes拿出来,在python中反序列化后找到需要code obj的再序列化。code obj可能嵌套code obj,用inspect.getmembers(code_obj)去找到list中的code obj位置,再dump出来。

>>>import marshal
>>>mylist=marshal.load(open("dumpfile", "r"))
>>>marshal.dump(mylist[1], open("main.pyo","w"))

3.pyo文件加上8字节header就可以反编译了。前 4 个字节代表 Python 版本号,后 4 个字节是 timestamp。文件头可以是:03 F3 0D 0A 37 77 83 56 。


阅读全部

JTAG header pinout

Pinouts

  • ARM-20 (used with almost all ARM-based microcontrollers)

  • ARM-14 (used as a lower pin-count version of ARM-20)

  • MIPS EJTAG used with all MIPS microcontrollers (mostly embedded devices, can be found on many WiFi devices)

  • Toshiba MIPS

  • Philips MIPS

  • AVR JTAG Compatible with AVR, Altera JTAG, ... (widely used)

  • Altera ByteBlaster Compatible with AVR, Altera JTAG, ... (widely used)

  • Maxim MAXQ JTAG Partially compatible with AVR JTAG

  • Actel FlashPro3 JTAG

  • PLD-JTAG

  • Cypress Ultra-isr

  • Lattice JTAG ispDOWNLOAD 2x5pin

  • Lattice JTAG ispDOWNLOAD 9pin

  • TI MSP430

  • Xilinx JTAG

  • Xilinx JTAG 9pin

Non-standard manufacturer-specific pinouts

  • Linksys WRT54G(S) - used as EJTAG

  • Bosch EDC16/MED9 car ECU

  • Motorola PowerPC BDM port

阅读全部

USB HID usage table

This usage table lets usbhidctl decode the HID data correctly for the APC RS/XS1000's.

This work was obtained from riccardo@torrini.org.

Note that the default /usr/share/misc/usb_hid_usages already contains entries for these a Power Device (132 or 0x84) and a Battery System (133 or 0x85).  It is interesting that usbhidctl shows the APC as using 0xff84 and 0xff84 for their values.  The HID Power Devices specification indicates 0x84 and 0x85.  There is at least one macro in /usr/include/dev/usb/usbhid.h which removes the high order bits.  Perhaps we need to do that when using the values.  Perhaps this macro:

#define HID_USAGE2(p,u) (((p) << 16) | u)
阅读全部

Linux/i386 system calls

List of Linux/i386 system calls

Copyright (C) 1999-2000 by Konstantin Boldyshev

This list is NOT READY and is under heavy construction, a lot of entries are missing, and some may be incorrect. This is more a template than a real document. Meanwhile, I suggest you to examinethis listby H-Peter Recktenwald.


阅读全部

Dalvik opcodes

Dalvik opcodes

Author:Gabor Paller


Vx values in the table denote a Dalvik register. Depending on the instruction, 16, 256 or 64k registers can be accessed. Operations on long and double values use two registers, e.g. a double value addressed in the V0 register occupies the V0 and V1 registers.

Boolean values are stored as 1 for true and 0 for false. Operations on booleans are translated into integer operations.

All the examples are in hig-endian format, e.g. 0F00 0A00 is coded as
0F, 00, 0A, 00 sequence.

Note there are no explanation/example at some instructions. This means that I have not seen that instruction "in the wild" and its presence/name is only known from Android opcode constant list.

阅读全部