admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-21 01:03:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

ALmost completed cbpf explantion

Browse Source
This commit is contained in:
h3xduck
2022-05-23 06:17:21 -04:00
parent 23d6bbd3ed
commit c29a99e03f
18 changed files with 385 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
docs/document.aux
View File

@@ -62,7 +62,7 @@
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {section}{\numberline {2.1}Introduction to eBPF}{5}{section.2.1}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {subsection}{\numberline {2.1.1}eBPF history}{5}{subsection.2.1.1}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {subsection}{\numberline {2.1.1}eBPF history - Classic BPF}{5}{subsection.2.1.1}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\contentsline {figure}{\numberline {2.1}{\ignorespaces Sketch of the functionality of classic BPF\relax }}{5}{figure.caption.7}\protected@file@percent }
\providecommand*\caption@xref[2]{\@setref\relax\@undefined{#1}}
\newlabel{fig:classif_bpf}{{2.1}{5}{Sketch of the functionality of classic BPF\relax }{figure.caption.7}{}}
@@ -70,17 +70,35 @@
\abx@aux@segm{0}{0}{bpf_bsd_origin_bpf_page1}
\abx@aux@cite{index_register}
\abx@aux@segm{0}{0}{index_register}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {3}Methods??}{7}{chapter.3}\protected@file@percent }
\abx@aux@cite{bpf_bsd_origin_bpf_page5}
\abx@aux@segm{0}{0}{bpf_bsd_origin_bpf_page5}
\abx@aux@cite{bpf_organicprogrammer_analysis}
\abx@aux@segm{0}{0}{bpf_organicprogrammer_analysis}
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\contentsline {figure}{\numberline {2.2}{\ignorespaces Execution of a BPF filter.\relax }}{7}{figure.caption.8}\protected@file@percent }
\newlabel{fig:cbpf_prog}{{2.2}{7}{Execution of a BPF filter.\relax }{figure.caption.8}{}}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\contentsline {table}{\numberline {2.1}{\ignorespaces Table showing BPF instruction format. It is a fixed-length 64 bit instruction, the number of bits used by each field are indicated.\relax }}{7}{table.caption.9}\protected@file@percent }
\newlabel{table:bpf_inst_format}{{2.1}{7}{Table showing BPF instruction format. It is a fixed-length 64 bit instruction, the number of bits used by each field are indicated.\relax }{table.caption.9}{}}
\abx@aux@cite{bpf_bsd_origin_bpf_page7}
\abx@aux@segm{0}{0}{bpf_bsd_origin_bpf_page7}
\abx@aux@cite{bpf_bsd_origin_bpf_page8}
\abx@aux@segm{0}{0}{bpf_bsd_origin_bpf_page8}
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\contentsline {figure}{\numberline {2.3}{\ignorespaces Table of supported classic BPF instructions, as shown by McCanne and Jacobson\cite {bpf_bsd_origin_bpf_page7}\relax }}{8}{figure.caption.10}\protected@file@percent }
\newlabel{fig:bpf_instructions}{{2.3}{8}{Table of supported classic BPF instructions, as shown by McCanne and Jacobson\cite {bpf_bsd_origin_bpf_page7}\relax }{figure.caption.10}{}}
\abx@aux@cite{bpf_bsd_origin_bpf_page8}
\abx@aux@segm{0}{0}{bpf_bsd_origin_bpf_page8}
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\contentsline {figure}{\numberline {2.4}{\ignorespaces Table explaining the column address modes in Figure\ref {fig:bpf_instructions}, as shown by McCanne and Jacobson\cite {bpf_bsd_origin_bpf_page8}\relax }}{9}{figure.caption.11}\protected@file@percent }
\newlabel{fig:bpf_address_mode}{{2.4}{9}{Table explaining the column address modes in Figure\ref {fig:bpf_instructions}, as shown by McCanne and Jacobson\cite {bpf_bsd_origin_bpf_page8}\relax }{figure.caption.11}{}}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {3}Methods??}{10}{chapter.3}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {4}Results}{8}{chapter.4}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {4}Results}{11}{chapter.4}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {5}Conclusion and future work}{9}{chapter.5}\protected@file@percent }
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{\numberline {5}Conclusion and future work}{12}{chapter.5}\protected@file@percent }
\@writefile{lof}{\defcounter {refsection}{0}\relax }\@writefile{lof}{\addvspace {10\p@ }}
\@writefile{lot}{\defcounter {refsection}{0}\relax }\@writefile{lot}{\addvspace {10\p@ }}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{Bibliography}{10}{chapter.5}\protected@file@percent }
\abx@aux@read@bbl@mdfivesum{A38CCF92715F96EEC0C0F545CC410B50}
\@writefile{toc}{\defcounter {refsection}{0}\relax }\@writefile{toc}{\contentsline {chapter}{Bibliography}{13}{chapter.5}\protected@file@percent }
\abx@aux@read@bbl@mdfivesum{87C7875B9C878945D5F672C63ACB5E95}
\abx@aux@refcontextdefaultsdone
\abx@aux@defaultrefcontext{0}{ransomware_pwc}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{rootkit_ptsecurity}{none/global//global/global}
@@ -97,5 +115,9 @@
\abx@aux@defaultrefcontext{0}{ebpf_history_opensource}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{bpf_bsd_origin_bpf_page1}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{index_register}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{bpf_bsd_origin_bpf_page5}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{bpf_organicprogrammer_analysis}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{bpf_bsd_origin_bpf_page7}{none/global//global/global}
\abx@aux@defaultrefcontext{0}{bpf_bsd_origin_bpf_page8}{none/global//global/global}
\ttl@finishall
\gdef \@abspage@last{27}
\gdef \@abspage@last{30}