admin/TripleCross
1
0
Fork 0
mirror of https://github.com/h3xduck/TripleCross.git synced 2025-12-20 08:43:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

ALmost completed cbpf explantion

Browse Source
This commit is contained in:
h3xduck
2022-05-23 06:17:21 -04:00
parent 23d6bbd3ed
commit c29a99e03f
18 changed files with 385 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
docs/document.bbl
View File

@@ -23,8 +23,8 @@
\list{institution}{1}{%
{PricewaterhouseCoopers}%
}
\field{sortinit}{1}
\field{sortinithash}{50c6687d7fc80f50136d75228e3c59ba}
\field{sortinit}{2}
\field{sortinithash}{ed39bb39cf854d5250e95b1c1f94f4ed}
\field{labeltitlesource}{title}
\field{title}{Cyber Threats 2021: A year in Retrospect}
\verb{urlraw}
@@ -38,8 +38,8 @@
\list{institution}{1}{%
{Positive Technologies}%
}
\field{sortinit}{2}
\field{sortinithash}{ed39bb39cf854d5250e95b1c1f94f4ed}
\field{sortinit}{3}
\field{sortinithash}{a37a8ef248a93c322189792c34fc68c9}
\field{labeltitlesource}{title}
\field{day}{3}
\field{month}{11}
@@ -54,8 +54,8 @@
\endverb
\endentry
\entry{ebpf_linux318}{online}{}
\field{sortinit}{3}
\field{sortinithash}{a37a8ef248a93c322189792c34fc68c9}
\field{sortinit}{4}
\field{sortinithash}{e071e0bcb44634fab398d68ad04e69f4}
\field{day}{7}
\field{indextitle}{eBPF incorporation in the Linux Kernel 3.18}
\field{month}{12}
@@ -72,8 +72,8 @@
\list{institution}{1}{%
{Pangu Lab}%
}
\field{sortinit}{4}
\field{sortinithash}{e071e0bcb44634fab398d68ad04e69f4}
\field{sortinit}{5}
\field{sortinithash}{5dd416adbafacc8226114bc0202d5fdd}
\field{labeltitlesource}{title}
\field{day}{23}
\field{month}{2}
@@ -91,8 +91,8 @@
\list{institution}{1}{%
{PricewaterhouseCoopers}%
}
\field{sortinit}{5}
\field{sortinithash}{5dd416adbafacc8226114bc0202d5fdd}
\field{sortinit}{6}
\field{sortinithash}{7851c86048328b027313775d8fbd2131}
\field{labeltitlesource}{title}
\field{title}{Cyber Threats 2021: A year in Retrospect}
\field{pages}{37}
@@ -105,8 +105,8 @@
\endverb
\endentry
\entry{ebpf_windows}{online}{}
\field{sortinit}{6}
\field{sortinithash}{7851c86048328b027313775d8fbd2131}
\field{sortinit}{7}
\field{sortinithash}{f615fb9c6fba11c6f962fb3fd599810e}
\field{labeltitlesource}{title}
\field{day}{7}
\field{month}{12}
@@ -121,8 +121,8 @@
\endverb
\endentry
\entry{ebpf_android}{online}{}
\field{sortinit}{7}
\field{sortinithash}{f615fb9c6fba11c6f962fb3fd599810e}
\field{sortinit}{8}
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
\field{labeltitlesource}{title}
\field{title}{eBPF for Windows}
\verb{urlraw}
@@ -152,8 +152,8 @@
\strng{authorbibnamehash}{5142e68c748eb70cb619b21160eb7f72}
\strng{authornamehash}{5142e68c748eb70cb619b21160eb7f72}
\strng{authorfullhash}{5142e68c748eb70cb619b21160eb7f72}
\field{sortinit}{8}
\field{sortinithash}{1b24cab5087933ef0826a7cd3b99e994}
\field{sortinit}{9}
\field{sortinithash}{54047ffb55bdefa0694bbd554c1b11a0}
\field{labelnamesource}{author}
\field{eventtitle}{Evil eBPF Practical Abuses of an In-Kernel Bytecode Runtime}
\verb{urlraw}
@@ -180,8 +180,8 @@
\strng{authorbibnamehash}{53d4d4da0d1a82f58d57d86ba9635f2c}
\strng{authornamehash}{53d4d4da0d1a82f58d57d86ba9635f2c}
\strng{authorfullhash}{53d4d4da0d1a82f58d57d86ba9635f2c}
\field{sortinit}{9}
\field{sortinithash}{54047ffb55bdefa0694bbd554c1b11a0}
\field{sortinit}{1}
\field{sortinithash}{50c6687d7fc80f50136d75228e3c59ba}
\field{labelnamesource}{author}
\field{eventtitle}{Bad BPF - Warping reality using eBPF}
\verb{urlraw}
@@ -332,6 +332,130 @@
\verb https://gunkies.org/wiki/Index_register
\endverb
\endentry
\entry{bpf_bsd_origin_bpf_page5}{article}{}
\name{author}{1}{}{%
{{hash=b74c2671072cf5a1a1400dc035240dfd}{%
family={Steven\bibnamedelima McCanne},
familyi={S\bibinitperiod\bibinitdelim M\bibinitperiod},
given={Van\bibnamedelima Jacobson},
giveni={V\bibinitperiod\bibinitdelim J\bibinitperiod}}}%
}
\list{institution}{1}{%
{Lawrence Berkeley Laboratory}%
}
\strng{namehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{fullhash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{bibnamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authorbibnamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authornamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authorfullhash}{b74c2671072cf5a1a1400dc035240dfd}
\field{extraname}{3}
\field{sortinit}{1}
\field{sortinithash}{50c6687d7fc80f50136d75228e3c59ba}
\field{labelnamesource}{author}
\field{labeltitlesource}{title}
\field{day}{19}
\field{month}{12}
\field{title}{The BSD Packet Filter: A New Architecture for User-level Packet Capture}
\field{year}{1992}
\field{dateera}{ce}
\field{pages}{5}
\range{pages}{1}
\verb{urlraw}
\verb https://www.tcpdump.org/papers/bpf-usenix93.pdf
\endverb
\verb{url}
\verb https://www.tcpdump.org/papers/bpf-usenix93.pdf
\endverb
\endentry
\entry{bpf_organicprogrammer_analysis}{online}{}
\field{sortinit}{1}
\field{sortinithash}{50c6687d7fc80f50136d75228e3c59ba}
\field{labeltitlesource}{title}
\field{day}{28}
\field{month}{3}
\field{title}{Write a Linux packet sniffer from scratch: part two- BPF}
\field{year}{2022}
\field{dateera}{ce}
\verb{urlraw}
\verb https://organicprogrammer.com/2022/03/28/how-to-implement-libpcap-on-linux-with-raw-socket-part2/
\endverb
\verb{url}
\verb https://organicprogrammer.com/2022/03/28/how-to-implement-libpcap-on-linux-with-raw-socket-part2/
\endverb
\endentry
\entry{bpf_bsd_origin_bpf_page7}{article}{}
\name{author}{1}{}{%
{{hash=b74c2671072cf5a1a1400dc035240dfd}{%
family={Steven\bibnamedelima McCanne},
familyi={S\bibinitperiod\bibinitdelim M\bibinitperiod},
given={Van\bibnamedelima Jacobson},
giveni={V\bibinitperiod\bibinitdelim J\bibinitperiod}}}%
}
\list{institution}{1}{%
{Lawrence Berkeley Laboratory}%
}
\strng{namehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{fullhash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{bibnamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authorbibnamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authornamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authorfullhash}{b74c2671072cf5a1a1400dc035240dfd}
\field{extraname}{4}
\field{sortinit}{1}
\field{sortinithash}{50c6687d7fc80f50136d75228e3c59ba}
\field{labelnamesource}{author}
\field{labeltitlesource}{title}
\field{day}{19}
\field{month}{12}
\field{title}{The BSD Packet Filter: A New Architecture for User-level Packet Capture}
\field{year}{1992}
\field{dateera}{ce}
\field{pages}{7}
\range{pages}{1}
\verb{urlraw}
\verb https://www.tcpdump.org/papers/bpf-usenix93.pdf
\endverb
\verb{url}
\verb https://www.tcpdump.org/papers/bpf-usenix93.pdf
\endverb
\endentry
\entry{bpf_bsd_origin_bpf_page8}{article}{}
\name{author}{1}{}{%
{{hash=b74c2671072cf5a1a1400dc035240dfd}{%
family={Steven\bibnamedelima McCanne},
familyi={S\bibinitperiod\bibinitdelim M\bibinitperiod},
given={Van\bibnamedelima Jacobson},
giveni={V\bibinitperiod\bibinitdelim J\bibinitperiod}}}%
}
\list{institution}{1}{%
{Lawrence Berkeley Laboratory}%
}
\strng{namehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{fullhash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{bibnamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authorbibnamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authornamehash}{b74c2671072cf5a1a1400dc035240dfd}
\strng{authorfullhash}{b74c2671072cf5a1a1400dc035240dfd}
\field{extraname}{5}
\field{sortinit}{2}
\field{sortinithash}{ed39bb39cf854d5250e95b1c1f94f4ed}
\field{labelnamesource}{author}
\field{labeltitlesource}{title}
\field{day}{19}
\field{month}{12}
\field{title}{The BSD Packet Filter: A New Architecture for User-level Packet Capture}
\field{year}{1992}
\field{dateera}{ce}
\field{pages}{8}
\range{pages}{1}
\verb{urlraw}
\verb https://www.tcpdump.org/papers/bpf-usenix93.pdf
\endverb
\verb{url}
\verb https://www.tcpdump.org/papers/bpf-usenix93.pdf
\endverb
\endentry
\enddatalist
\endrefsection
\endinput