Unix GDB Cheat Sheet

After reading “Debugging with GDB” by RMS I’ve made this reference sheet, since I rarely program in Linux I’ve excluded everything Linux specific:

General Usage

file a.out – Load the program a.out
symbol-file symbol – Load symbol file symbol
run – Run program
continue – Execute program until the next breakpoint
print i – Print variable i
print i=3 – Change variable i to 3
x 0x200 – Print value at 0x200
break printf – Set breakpoint at function printf
info breakpoints – List breakpoints
delete 2 – Delete breakpoint 2
delete – Delete all breakpoints
info locals – Show variables in stack
backtrace – Show stack
info frame – stack info
list + – Show sourcecode before last printed
list – – Show sourcecode before last printed
list func – Show sourcecode around function name func
list 30 – Show sourcecode around line 30
info line func – Get start and end memory addresses of function func
info line 30 – Get start and end memory addresses of section around line 30
disassemble 0x300 0x400 – Disassemble between memory addresses 0x300 and 0x400
info registers – Display registers
info all-registers – Display all registers
set $rax = 0x5 – Set register rax to 0x5
info symbol printf – shows memory location of printf Continue reading “Unix GDB Cheat Sheet”

2018 Goals

This year I have a number of personal projects to complete and textbooks to read so I’m using this post to keep track of them.  If I stick with this then by the end of this year I should be a stronger developer with a  lot more knowledge of operating system design, implementation, and troubleshooting.

Programming

☐ Write an assembler
☐ Write a file (de)compressor
☐ Find a kernel bug
☐ Find an application bug

Web

☐ Create 3 websites and compromise them
☑ 1
☐ 2
☐ 3
☐ Send and detect a Christmas tree packet

Reading List

Debugging with GDB – Richard Stallman
Assemblers and Loaders – David Salomon
Expert C Programming: Deep C Secrets – Peter van der Linden
Operating Systems: Design and Implementation – Andrew S Tanenbaum
Designing BSD Rootkits – Joseph Kong
Practical File-system Design – Dominic Giampaolo
Continue reading “2018 Goals”

Working with XPath

Recently I’ve been re-writing my web scrapers after a senior dev advised  that using regex to parse HTML is just a terrible way to do it and I should really be using the language made for parsing XML that is XPath, so I’ve been busy with this and using what I’ve learnt written some C subroutines to easily parse web pages as it takes an awful lot of code to just download a web page to a string and run an XPath query on it. These subroutines are now working in my Arbitrage betting software.

To get the XPath queries the the easiest way I’ve found is to right click the bit of the web page I’m interested in grabbing in Chrome or Firefox then “Inspect element”,  just below the source code in the new window it has the node we selected which we can then turn into a query.

The highlighted section can be grabbed using XPath with /html/body/div/h1

I’ve also been working with the Perl module HTML::TreeBuilder::XPath for parsing web pages, in contrast to libxml this only requires 5 lines of code to return the results to an array from a web page.  I’ve increased the storage for the server this website is hosted on and written a script using this module to automatically download  videos from TempleOS.org and upload them here because Terry regularly deletes the videos and the Youtube re-uploaders have all stopped.

Another small script I originally wrote in C but then ported to Perl scrapes the website allkeyshop.com according to a config file and sends an email for any games which are selling for below a set price threshold.

I imagine these examples will help anyone getting started with XPath, lets just hope Microsoft doesn’t make it illegal for us to scrape publicly available content. Continue reading “Working with XPath”

Hacking the OpenReach Eci modem b-focus v-2fub/r rev b

Using the router I configured in https://jonrob.net/2017/02/05/openbsd-6-0-home-router/ I found the connection to be stable until I moved house where I’ve been getting frequent disconnects, whenever this happens /var/log/messages on the router shows:

Jun  3 22:42:27 Xavier /bsd: pppoe0: LCP keepalive timeout
Jun  3 22:48:16 Xavier /bsd: pppoe0: LCP keepalive timeout
Jun  3 22:54:04 Xavier /bsd: pppoe0: LCP keepalive timeout
Jun  3 22:59:52 Xavier /bsd: pppoe0: LCP keepalive timeout

Swapping this out for a different modem resolves the issue so it’s clearly an issue with the OpenReach modem, now lets see if we can fix it.

Connecting my laptop to Lan1 on the modem and restarting the network interface with

doas sh /etc/netstart em0

shows that it is not running dhcp, and

arp -a

shows nothing in the arp table so it doesn’t look like this has an IP address meaning we can’t telnet/ssh in or access any web interface. Apart from maybe looking into the BTAgent I don’t see any attack vectors here.

The case can be opened without causing any damage by removing the two foam feet and unscrewing with a 00# phillips screwdriver, then shimming the clips  using a loyalty card and the screwdriver, it’s best to start at the side opposite the lights and work around as that side has three clips. Continue reading “Hacking the OpenReach Eci modem b-focus v-2fub/r rev b”

Analysis of Rule4 for arbitrage betting

When looking into racing arbitrage I came across one condition that worried me in which bookmakers will decimate the odds. Tattersalls Rule 4 (c) to give it it’s full title is applied when a horse is removed from the race after bets have been placed and ensures the bookies are still in pocket after refunding everyone who backed the non-runner. So how does this affect someone who backed all of the outcomes? I don’t see a quick way of doing this and I couldn’t find any tools online so I’m going to have to analyse a lot of horse races.

For the first example I will use today’s 14:50 @ Wincanton,  we are betting on all outcomes with a total stake of £100, here are the best odds for the race today and the required stakes to get the same 95.24% (£4.76 loss) return regardless of the outcome:

OddsStake (£)
3.527.21
423.81
4.3322
519.05
127.94

Using this chart from Ladbrokes in which we are given the deductions with the odds in decimals I’ve written a script that is available on Github to create tables showing all of the resultant odds. The top row holds the odds of the horse which has dropped out and the left column holds the odds for the horses still running.

Odds3.544.33512
3.5X2.875333.375
43.25X3.43.43.85
4.333.49753.4975X3.6644.1635
5444.2X4.8
129.259.259.89.8X

Continue reading “Analysis of Rule4 for arbitrage betting”

OpenBSD – Hello World in x64 Assembly

This past week I’ve been learning x86 assembly language on an old laptop, purely because I couldn’t get anything running on my x64 OpenBSD machine. My 64 bit helloworld.s was as follows:

section .data

 msg db "Hello world!", 10
 len equ $-msg

;syscalls
 %define SYS_exit 1
 %define SYS_write 4

section .text

global _start
_start:

 mov rax, SYS_write
 mov rdi, 1 ;stdout
 mov rsi, msg
 mov rdx, len

 syscall

 mov rax, SYS_exit
 xor rdi, rdi

 syscall

Giving the errors:

jon@OpenBsD:~/dev/asm;$ nasm -f elf64 -o helloworld.o helloworld.s
jon@OpenBsD:~/dev/asm;$ ld -o helloworld helloworld.o
ld: warning: creating a DT_TEXTREL in a shared object.
jon@OpenBsD:~/dev/asm;$ yasm -f elf64 -o helloworld.o helloworld.s
jon@OpenBsD:~/dev/asm;$ ld -o helloworld helloworld.o 
ld: helloworld.o: relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC
helloworld.o: could not read symbols: Bad value

I did search /usr/src for any assembly files I could straight up copy and test, but I didn’t find anything suitable, however the code looks fine and as the assembler didn’t throw out any errors I’m thinking this to be an issue with the linker.

Running ld with the verbose flag we are shown the options for available architectures:

jon@OpenBsD:~>$ ld -V
GNU ld version 2.17
  Supported emulations:
   elf_x86_64_obsd
   elf_i386_obsd
   elf_i386

Continue reading “OpenBSD – Hello World in x64 Assembly”

OpenBSD (6.0) Home Router

Something about using the black box my ISP provided to control my whole network just didn’t sit right with me, so I decided to ditch it and make my own using the  industrie’s go-to firewall operating system: OpenBSD.

I started with an Alix2d2, a single board x86 machine with low power consumption, and a BT OpenReach modem. Both pre-owned and picked up on Ebay for very reasonable prices, I also had to buy a null modem cable to connect to the Alix, a Ralink RT2561T MiniPCI WLAN module and antenna  for wireless connectivity.

The only way to  install the operating system onto the Alix (apart from copying a snapshot onto the memory card) is a network install, so we will need to setup tftpd and dhcpd.

TFTPD Setup

38400 in the default baud rate for the alix2d2 so I’ve set that in the boot.conf

# mkdir -p /tftpboot/etc
# cd /tftpdboot
# wget http://mirror.bytemark.co.uk/pub/OpenBSD/6.0/i386/bsd.rd
# wget http://mirror.bytemark.co.uk/pub/OpenBSD/6.0/i386/pxeboot
# echo "stty com0 38400
set tty com0
boot tftp:/bsd.rd" >> etc/boot.conf
# tftpd /tftpboot

/etc/dhcpd.conf

The box we’re installing from is 192.168.1.10.

 option domain-name-servers 192.168.1.1;
subnet 192.168.1.0 netmask 255.255.255.0 {
 filename "pxeboot";
 range 192.168.1.8 192.168.1.254;
 option routers 192.168.1.10;
 option broadcast-address 192.168.1.10;
 option subnet-mask 255.255.255.0;

After restarting  dhcpd we are ready to start installing, connect the Alix to the box you’re installing from, connect the null modem cable and boot it up.

Continue reading “OpenBSD (6.0) Home Router”