.data:080CBB40 daemonname db '!#Ff3VE.-7',17h,'V[_ 0',0 ; DATA XREF: main+31Eo .data:080CBB40 ; main+4AEo ... .data:080CBB40 ; cat resolv.conf .data:080CBB51 align 4 .data:080CBB54 a12 db '1*2',0 ; sh .data:080CBB58 db 0 .data:080CBB59 db 0 .data:080CBB5A db 0 .data:080CBB5B db 0 .data:080CBB5C db 0 .data:080CBB5D db 0 .data:080CBB5E db 0 .data:080CBB5F db 0 .data:080CBB60 db 0 .data:080CBB61 db 0 .data:080CBB62 db 0 .data:080CBB63 db 0 .data:080CBB64 db 0 .data:080CBB65 db 0 .data:080CBB66 db 0 .data:080CBB67 db 0 .data:080CBB68 db 20h ; bash .data:080CBB69 db 23h ; # .data:080CBB6A db 41h ; A .data:080CBB6B db 2Eh ; . .data:080CBB6C db 41h ; A .data:080CBB6D db 0 .data:080CBB6E db 0 .data:080CBB6F db 0 .data:080CBB70 db 0 .data:080CBB71 db 0
...
.data:080CBBB8 db 2Eh ; . ; ls -la .data:080CBBB9 db 31h ; 1 .data:080CBBBA db 12h .data:080CBBBB db 6Bh ; k .data:080CBBBC db 2Dh ; - .data:080CBBBD db 52h ; R .data:080CBBBE db 36h ; 6 .data:080CBBBF db 0 .data:080CBBC0 db 0 .data:080CBBC1 db 0 .data:080CBBC2 db 0 .data:080CBBC3 db 0 .data:080CBBC4 db 0 .data:080CBBC5 db 0 .data:080CBBC6 db 0 .data:080CBBC7 db 0 .data:080CBBC8 db 0 .data:080CBBC9 db 0 .data:080CBBCA db 0 .data:080CBBCB db 0 .data:080CBBCC db 36h ; 6 ; top .data:080CBBCD db 2Dh ; - .data:080CBBCE db 42h ; B .data:080CBBCF db 46h ; F .data:080CBBD0 db 0 .data:080CBBD1 db 0 .data:080CBBD2 db 0
...
呵呵,已经看到 top, ls -al 等信息了,查看daemonname 的交叉引用,发现在main函数 中,到main里看看。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
.text:0804AC30 ; int __cdecl main(int argc, const char **argv, const char **envp) .text:0804AC30 public main .text:0804AC30 main proc near ; DATA XREF: _start+17o
An application has made an attempt to load the C runtime library without using a manifest. This is an unsupported way to load Visual C++ DLLs. You need to modify your application to build with a manifest. For more information, see the "Visual C++ Libraries as Shared Side-by-Side Assemblies" topic in the product documentation.
微软的链接中也提到了解决的方法
1 2 3 4 5 6
Rebuild your application to include a manifest. Building an application with Visual Studio automatically puts the manifest into the resulting .exe or .dll file. If you are building at the command line, use the mt.exe tool to add the manifest as a resource. Use resource ID 1 if you build an .exe, and resource ID 2 if you build a .dll. For more information, see How to: Embed a Manifest Inside a C/C++ Application.
还是先看看manifest的作用,在msdn网站搜索相关内容,根据《Understanding Manifest Generation for C/C++ Programs》中的内容,manfest.xml可以是一个外部的XML文件也可以是嵌入在程序的资源文件中。manifest.xml用于管理程序在运行时需要的共享程序集的名字和版本。如果程序只依赖 VisualC++ 的程序集(CRT,MFC,ATL等),manifest会被链接器自动生成。Manifest的Sxs指定了其依赖的清单名称,版本,资源,和其他组件。Sxs是Windows XP引入的新技术,vs 2005 开始使用,全名叫Side by Side assembly,主要还是为了解决兼容性问题,这样同一个系统可以存在不同版本的同名文件而互相不影响各自的运行。
Desktop applications can control the location from which a DLL is loaded by specifying a full path, using DLL redirection, or by using a manifest. If none of these methods are used, the system searches for the DLL at load time as described in this section.
public void addJavascriptInterface (Object object, String name) Added in API level 1
Injects the supplied Java object into this WebView. The object is injected into the JavaScript context of the main frame, using the supplied name. This allows the Java object's methods to be accessed from JavaScript. For applications targeted to API level JELLY_BEAN_MR1 and above, only public methods that are annotated with JavascriptInterface can be accessed from JavaScript. For applications targeted to API level JELLY_BEAN or below, all public methods (including the inherited ones) can be accessed, see the important security note below for implications.
Note that injected objects will not appear in JavaScript until the page is next (re)loaded. For example:
1 2 3 4 5 6 7 8 9
classJsObject { @JavascriptInterface public String toString() { return"injectedObject"; } }
This method can be used to allow JavaScript to control the host application. This is a powerful feature, but also presents a security risk for apps targeting JELLY_BEAN or earlier. Apps that target a version later than JELLY_BEAN are still vulnerable if the app runs on a device running Android earlier than 4.2. The most secure way to use this method is to target JELLY_BEAN_MR1 and to ensure the method is called only when running on Android 4.2 or later. With these older versions, JavaScript could use reflection to access an injected object's public fields. Use of this method in a WebView containing untrusted content could allow an attacker to manipulate the host application in unintended ways, executing Java code with the permissions of the host application. Use extreme care when using this method in a WebView which could contain untrusted content. JavaScript interacts with Java object on a private, background thread of this WebView. Care is therefore required to maintain thread safety.
The Java object's fields are not accessible. For applications targeted to API level LOLLIPOP and above, methods of injected Java objects are enumerable from JavaScript. Parameters object the Java object to inject into this WebView's JavaScript context. Null values are ignored. name the name used to expose the object in JavaScript
Give the host application a chance to take over the control when a new url is about to be loaded in the current WebView. If WebViewClient is not provided, by default WebView will ask Activity Manager to choose the proper handler for the url. If WebViewClient is provided, return true means the host application handles the url, while return false means the current WebView handles the url. This method is not called for requests using the POST "method".
Ubuntu Linux 最大的问题就是不太稳定,基本每次大版本升级显示都要挂,弄得我都有点心理阴影了,原来 周围还挺多同学使用 Linux,最终放弃了,一个直接用 Windows 了,还有一个 Windows 上跑一个 Linux 虚拟机。 Ubuntu 还有个坏习惯喜欢乱改,upstart,Unity等,后面都没有成为主流,bug 就更不用说了,经常挺闹心的。
I think this could be due to the minimum version of TLS supported by TB 78. The release notes state that versions lower than 1.2 are disabled, so if your server only supports v. 1.1, you might be able to fix sending by changing the preference security.tls.version.min to 2 from the default 3, in Config. editor.
How to enable outdated security protocols TLS 1.0 and 1.1
Open Config Editor (about:config) ≡ > Preferences > Find in Preferences In the searchbox, type: about:config, then press Enter. Click on the button Config Editor… in the search result. In the about:config dialog, search for: security.tls.version.min Double-click on the found preference security.tls.version.min and change its value to 1, then press Enter. Restart Thunderbird and try to download your messages. If you can receive and/or send your messages after changing this preference:
Please inform your email provider to upgrade the security protocols on the server to support TLS 1.2. Revert the preference security.tls.version.min to its original value as soon as possible by repeating the above procedure, then right-click on the preference and choose Reset from the context menu.