Get Root Privileges Using CVE-2017-16995

NOTE: PLEASE DO NOT USE IT TO ATTACK OTHER COMPUTERS. CVE-2017-16995 has been fixed before. But it is broken again in many kernels of Debian and Ubuntu distributions, ranging from version 4.4 to 4.14. It causes an arbitrary memory read/write access issue was found in the Linux kernel compiled with the eBPF bpf(2) system call (CONFIG_BPF_SYSCALL). The issue could occur due to calculation errors in the eBPF verifier module, triggered by user-supplied malicious BPF program. An unprivileged user could use this flaw to escalate their privileges on a system. Setting parameter "kernel.unprivileged_bpf_disabled=1" prevents such privilege escalation by restricting access to bpf(2) call. Steps to Reproduce Create a file named upstream44.c and paste following code to it. Then, compile it and make it executable:…

Continue Reading

Build PyTorch Extensions with CUDA and CFFI

Python is one of the most popular programming languages today for deep learning applications. However, as an interpreted language, it has been considered too slow for high-performance computing. Therefore, I incorporated CUDA into Python to build my own extension that accelerates the computation. In this tutorial, I give an example of CUDA extension for data augmentation in deep learning. Create Build Scripts First of all, we need to create a script for building FFI extension named build.py. Create CUDA Interface Then, we need to create an interface for CUDA which can be invoked by Python. In this tutorial, we name this file augmentation_cuda.c. Also, we need to create a header file augmentation.h and declare the corresponding prototype of the function…

Continue Reading

Getting Started with JUnit 5: Test your Spring MVC Application with it

In this post, we described how to use JUnit 5 to test your Spring MVC application with Maven. Setup Maven Dependencies We can get the required dependencies by declaring the junit-jupiter-api (version 5.x) dependency in our pom.xml file. This dependency provides the public API for writing tests and extensions. If we are using an IDE that is bundled with an older JUnit 5 version, it throws an exception when we try to run our unit tests by using our IDE. We can fix this problem by adding the following dependency to our POM file: The junit-platform-launcher provides a public API for configuring and launching tests. The API is typically used by IDEs and build tools. To test Spring application, we…

Continue Reading

Lua in a Nutshell: A Quick Tutorial for Lua

I'm reading source code written with Torch these days. Torch is a well-known deep learning framework written by Lua. So I summarize the grammar of it and provide a quick tutorial here. Run As we know, Lua is a C-like language. Therefore, it is case-sensitive. The following code outputs "Hello World" with Lua. Note that the semicolon at the end of a line is optional, like JavaScript. You can use the interrupter of Lua in the command line: Also, you can run a Lua script with a file in the command line: Grammar Comment Variables The numbers in Lua are all doubles with 64 bits. And you can use following expressions: You can use both double and single quotes for…

Continue Reading

Making Requests Non-blocking in Tornado

Tornado is one of the most popular web framework for Python, which is based on a single thread IO loop (aka event loop). You can handle high concurrency with optimal performance. However, Tornado is single threaded (in its common usage, although in supports multiple threads in advanced configurations), therefore any "blocking" task will block the whole server. This means that a blocking task will not allow the framework to pick the next task waiting to be processed. For example, this is a wrong way of using IOLoop: Note that get_complex_result() is called correctly, but it is blocked by time.sleep(5), which will prevent the execution of the following tasks (such as a second request to the same function). Only when the…

Continue Reading

Install QQ/TIM in Linux with Wine

This tutorial introduces how to install QQ/TIM in Linux with Wine, which had been tested on ArchLinux with Wine 2.4. Prerequisites Before start, you need to get the latest Wine. I'm not sure whether QQ/TIM can run on lower version of Wine. In ArchLinux, you can easily get the latest Wine using following command: However, in Debian, you need to install Wine with some more steps. You can see this tutorial. Then, you need to install a helper of Wine, Winetricks. Winetricks is a script to download and install various redistributable runtime libraries needed to run some programs in Wine. To install Winetricks, you can use following command: After that, we need to fix some problems manually caused by Winetricks. According…

Continue Reading
Contact Us
  • Room 614, Zonghe Building, Harbin Institute of Technology
  • cshzxie [at] gmail.com