the touch command under is useful, but not found under windows system. So just write one by hand:
The critical API is SetFileTime.
SetFileTime(h, file_time, file_time, file_time);
This touchall script find all dirs and files under specify path recursively. and change all file-time (ctime/mtime/atime) to now.
Sources …..
Continue readingThe default value of Heap and Stack in STM32CubeMX is 0x200 bytes Heap and 0x400 bytes Stack.
Which is work fine in most situation.
BUT the middleware of USBStack use malloc! for TX and RX buffer!!!
That will make the USB enumerate process fail (some yellow exclamation point).
At that time, system still recognize that device, so I can’t get the point, waste much time to debug and tracing.
It is better to increase this automatically when user enable USB stack?
After change heap to 0x800, everything fine.
For the old chrome version, goto chrome://plugin and disable it. But when I upgrade to 62, missing this.
And I found chrome://settings/content/pdfDocuments
Or find by click
I found https://superuser.com/questions/30850/stop-pdfs-from-displaying-inside-google-chrome finally:)
This is collection I got.
and compare with PCN-8363-2014.03.31.pdf PCN-8390-2014.05.07.pdf PCN-9484-2015.12.17.pdf PCN-9511-2016.04.22.pdf PCN-9685-2016.04.19.pdf
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
+-----------+-----------+ |STM32F |STM32F | |103CBU6 |103CBU6 | |9HA10 9U |99DBX 9U | |MYS 342 |MYS 314 | |ST (e4) 1 |ST (e3) 2 | +-----------+-----------+-----------+ |STM32 |STM32 |STM32 | |F103C8T6 |F103C8T6 |F103C8T6 | |99026 93 |GH21Y 93 |GH265 9U | |MYS 346 |CHN 611 |CHN 712 | |ST (e4) X |ST (e3) X |ST (e3) | +-----------+-----------+-----------+ |STM32F103 |STM32F103 |STM32F103 | |RCT6 |RCT6 |RET6 | |GH22H 93 |GH20W 9U |GH22R 9U | |CHN GH 609 |CHN GH 117 |CHN GH 220 | | ST (?) | ST (?) | ST (?) | +-----------+-----------+-----------+ |STM32F107 | |VCT6 Z | |991KG 93 | |MYS 99 544 | | ST (e4)ARM| +-----------+-----------+-----------+ |STM32F103 |STM32F103 |STM32F103 | |VCT6 X |VET6 Y |VET6 Y | |HPABN 93 |HPABV 93 |HPAAP 93 | |KOR HP 421 |KOR HP 229 |KOR HP 324 | |ST (e4)ARM |ST (e4)ARM |ST (e4)ARM | +-----------+-----------+-----------+ |
|
1 2 3 4 5 6 7 8 9 10 |
|9HA10 9U |99DBX 9U |GH22H 93 | ^^ ^^ ^^ - HP: Korea - GH: STATS ChipPAC Shanghai China - 9H: ST Muar Malaysia - 7B: Amkor Philippines - 99: ST Muar Malaysia |
|
1 2 3 4 5 6 7 8 9 |
|MYS 342 |MYS 314 |CHN GH 609 | ^^^ ^^^ ^^^ - KOR: Korea - CHN: STATS ChipPAC Shanghai China - MYS: ST Muar Malaysia - PHL: Amkor Philippines |
The problem is, howto identify 2003 or 2013?
|
1 2 3 4 5 6 7 |
|MYS 342 |MYS 314 |CHN GH 609 | ^-- ^-- ^-- - `^`: year last digit - `__`: week |
|
1 2 3 4 5 6 7 |
|ST (e4) 1 |ST (e3) 2 | ST (.) | ^ ^ - e4: Rough Ni Pd AgAu - e3: Pure Tin |
|
1 2 3 4 5 |
|ST (e4) 1 |ST (e3) 2 | ST (.) | ^ ^ A,B,Z,1,2,3,X,Y |
Python36 is compiled by Visual Studio 2015 or MSBuild tools 2015, which included Compiler v19.00 (MSC_VER 1600). But “C:\Python36\Lib\distutils\cygwinccompiler.py” can’t handle it…
I modify it simply like this:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
elif msc_ver == '1500': # VS2008 / MSVC 9.0 return ['msvcr90'] elif msc_ver == '1600': # VS2010 / MSVC 14.0 --- it is MSVC 10.0 not 14! return ['msvcr100'] //I added it elif msc_ver == '1900': # VS2015 / MSVC 14.0 return [] |
I bought some USB3.0 hub, and look inside:)
Unitek Y-3043CBK, RTS5411, transfer stable and look pretty. This chip have EFuse ROM, so external SPI Flash is useless.
I found the release date of some XC3S50AN is 2014 or 2016! and Impact can’t download to In-System Flash, show me “SPI not found”…
But the older 2010’s IC is OK. After some searching…
Xilinx manufacturing Spartan3AN devices, not discontinued! And the flash density is changed.
https://www.xilinx.com/support/answers/59572.html
http://www.xilinx.com/support/documentation/customer_notices/xcn14003.pdf
I am using some tool to check a PE file (dll or exe) depends, most free tool support 32bits file.
So I decided to write an tool support 32bits and 64bits PE file.
The PE struct is defined in MinGW’s headers. So What I need to do is write a parser and make some test.
|
1 2 3 4 5 6 7 8 9 10 11 12 |
typedef struct pedump_t { IMAGE_DOS_HEADER DosHeader; DWORD Signature; IMAGE_FILE_HEADER FileHeader; union { IMAGE_OPTIONAL_HEADER32 Header32; IMAGE_OPTIONAL_HEADER64 Header64; } OptionalHeader; PIMAGE_SECTION_HEADER sections; }pedump_t; |
the PE file is like this
|
1 2 3 4 5 6 7 8 |
| EXE/DLL | |:-------------:| | DOS Header | | NT Magic | | NT Header | | Data | |
An example PE header is
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000000 4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 MZ.............. 00000010 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 ................ 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +-----------+ 00000030 00 00 00 00 00 00 00 00 00 00 00 00|80 00 00 00| ................ +-----------+ 00000040 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 ..............Th 00000050 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F is program canno 00000060 74 20 62 65 20 72 75 6E 20 69 6E 20 44 4F 53 20 t be run in DOS 00000070 6D 6F 64 65 2E 0D 0D 0A 24 00 00 00 00 00 00 00 mode............ |
Both EXE and DLL file, the first 128 bytes is the same. This a DOS program, which print that message above. The MAGIC is “MZ”
Then is `e_lfanew`, which is `80 00 00 00`, point to new NT header.
|
1 2 3 4 5 6 |
Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F 00000080 50 45 00 00 64 86 10 00 C1 E9 C7 57 00 5A 00 00 PE.............. 00000090 DC 03 00 00 F0 26 20 .... |
the NT header is:
|
1 2 3 4 5 6 7 8 9 |
| PE File | |:--------------:| | NT Magic | | NT Header | | NT Opt Header | | Sections Table| | Sections Data | |
The Opt Header is difference between 32bits and 64bits!
The first WORD of Opt header is magic, for 32bits is 0x010B, 64bits is 0x020B.
So we can write a script to show PE type
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
if (pe->OptionalHeader.Header32.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) { printf("PE32 "); } else if (pe->OptionalHeader.Header64.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) { printf("PE32+ "); } if (pe->FileHeader.Characteristics & IMAGE_FILE_EXECUTABLE_IMAGE) { printf("executable "); } if (pe->FileHeader.Characteristics & IMAGE_FILE_DLL) { printf("(DLL) "); } if (pe->FileHeader.Characteristics & IMAGE_FILE_32BIT_MACHINE) { printf("(32bits) "); } if (pe->FileHeader.Machine == IMAGE_FILE_MACHINE_I386) { if (pe->OptionalHeader.Header32.Subsystem == IMAGE_SUBSYSTEM_WINDOWS_CUI) { printf("(console) "); } else if (pe->OptionalHeader.Header32.Subsystem == IMAGE_SUBSYSTEM_WINDOWS_GUI) { printf("(GUI) "); } else { printf("(Subsystem:0x%04x) ", pe->OptionalHeader.Header32.Subsystem); } } else { if (pe->OptionalHeader.Header64.Subsystem == IMAGE_SUBSYSTEM_WINDOWS_CUI) { printf("(console) "); } else if (pe->OptionalHeader.Header64.Subsystem == IMAGE_SUBSYSTEM_WINDOWS_GUI) { printf("(GUI) "); } else { printf("(Subsystem:0x%04x) ", pe->OptionalHeader.Header64.Subsystem); } } switch (pe->FileHeader.Machine) { case IMAGE_FILE_MACHINE_I386: printf("i386"); break; case IMAGE_FILE_MACHINE_AMD64: printf("x86_64"); break; default: printf(" Machine:0x%04x", pe->FileHeader.Machine); } |
which will output like `file` command:
|
1 2 3 4 |
demo-x86.exe: PE32 executable (32bits) (console) i386 (Thu Sep 22 16:07:15 2016) demo-x64.exe: PE32+ executable (console) x86_64 (Thu Sep 22 16:26:42 2016) |
For more details, see the source code
https://github.com/buaabyl/pedump
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License
When I analysis web server log file, I found this
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
xxx.xxx.xxx.xxx ...... GET /wp-config ...... xxx.xxx.xxx.xxx ...... GET /wp-config.phpOLD ...... xxx.xxx.xxx.xxx ...... GET /wp-config.txt ...... xxx.xxx.xxx.xxx ...... GET /wp-config.old ...... xxx.xxx.xxx.xxx ...... GET /wp-config.php~ ...... xxx.xxx.xxx.xxx ...... GET /wp-config.php~~ ...... xxx.xxx.xxx.xxx ...... GET /wp-config.php~~~ ...... xxx.xxx.xxx.xxx ...... GET /wp-config-backup.txt ...... xxx.xxx.xxx.xxx ...... GET /config.old ...... xxx.xxx.xxx.xxx ...... GET /wp-config.phpb ...... xxx.xxx.xxx.xxx ...... GET /wp-config.phpc ...... |
That means someone checking my files, and want to get the MySQL password?
It is better to prevent this location in web server!
The openssh public key is like this :
|
1 2 3 |
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAACEAqkhDARXD9+4Gx+FezTAtOEjNDaYWCTdoeMuPFultmos= rsa-key-20161218 |
using openssl to decode it:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
$ openssl rsa -in _rsa_256bits -text -noout Private-Key: (256 bit) modulus: 00:aa:48:43:01:15:c3:f7:ee:06:c7:e1:5e:cd:30: 2d:38:48:cd:0d:a6:16:09:37:68:78:cb:8f:16:e9: 6d:9a:8b publicExponent: 37 (0x25) privateExponent: 00:9c:79:c1:07:ea:7c:ba:50:59:42:0d:5e:08:a8: cf:9a:01:6b:c0:c2:02:77:4b:75:c6:00:b5:d1:a8: ba:9a:2d prime1: 00:d3:68:1b:a7:2a:31:bc:60:67:ff:5e:36:b6:5a: aa:ab prime2: 00:ce:33:73:0d:ac:ec:3f:80:5e:f8:98:30:bf:38: cf:a1 exponent1: 00:bc:8d:49:18:8d:6a:a1:17:b6:b3:54:07:48:b1: ba:cf exponent2: 00:96:78:92:3a:69:6e:20:80:45:4d:9f:7d:84:9f: 14:0d coefficient: 00:be:63:49:6d:c0:ff:1d:4a:04:2c:ac:b7:73:04: 47:4e |
And I write a python script to decode it, and found the format like this:
|
1 2 3 4 5 |
|uint32_t nr_bytes|uint8_t name| |uint32_t nr_bytes|uint8_t n| |uint32_t nr_bytes|uint8_t e| |
The sample python code:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
#!/usr/bin/env python # -*- coding:utf-8 -*- # # GNU GENERAL PUBLIC LICENSE # Version 2, June 1991 # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; see the file COPYING. If not, write to # the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA. # # import sys import os import re import getopt import glob import base64 import codecs import hashlib def file_get_contents(fn): f = open(fn, encoding='UTF-8') d = f.read() f.close() return d def bin2hex(raw): hexval = codecs.encode(raw, 'hex') l = [] for i in range(0, len(hexval), 2): l.append(hexval[i:i+2].decode('UTF-8')) return ':'.join(l) def bin2b64(raw): s = base64.b64encode(raw) s = s.decode('UTF-8').replace('=','') return s def parse_pubkey(raw): l = [] n = len(raw) offs = 0 while offs < n: nr_chars = (raw[offs+0] << 24) | \ (raw[offs+1] << 16) | \ (raw[offs+2] << 8) | \ raw[offs+3] offs = offs + 4 l.append(raw[offs:offs+nr_chars]) offs = offs + nr_chars return l if __name__ == '__main__': fn = sys.argv[1] text = file_get_contents(fn) records = re.split(r'\s+', text.splitlines()[0]) if records[0] != 'ssh-rsa': print('Error: not openssh public key, which startswith "ssh-key"') print(text) sys.exit(-1) pubkey = base64.b64decode(records[1]) l = parse_pubkey(pubkey) bits = (len(l[2]) - 1) * 8 print('# %s:' % fn) print('string:', l[0]) print('e(hex):', bin2hex(l[1])) print('n(hex):', bin2hex(l[2])) print('$ ssh-keygen -l -E md5 -f %s' % fn) print('$ head -n 1 %s | gawk "{print $2}" | base64 -d | md5sum' % fn) print('%d MD5:%s' % (bits, bin2hex(hashlib.md5(pubkey).digest()))) print('') print('$ ssh-keygen -l -E sha1 -f %s' % fn) print('$ head -n 1 %s | gawk "{print $2}" | base64 -d | sha1sum' % fn) print('%d SHA1:%s' % (bits, bin2b64(hashlib.sha1(pubkey).digest()))) print('') print('$ ssh-keygen -l -E sha256 -f %s' % fn) print('$ head -n 1 %s | gawk "{print $2}" | base64 -d | sha256sum' % fn) print('%d SHA256:%s' % (bits, bin2b64(hashlib.sha256(pubkey).digest()))) print('') |
