I am looking into SR-IOV and am looking for certain examples that what are exactly the things that a PF can do that a VF cannot. For example one thing is that a VF can not create further VF.
There is a mention:
A PCI Function that supports the SR-IOV capabilities as defined in
SR-IOV specification. A PF contains the SR-IOV capability structure
and is used to manage the SR-IOV functionality.
So what exactly are the options available in the SR-IOV functionality that a VF does not have access to or is not capable of.
Examples would be great for clarity. And feel free to ask any questions for clarification.
The answer to this is not something hard and fast and can vary between different companies implementing it. Like for example, changing the MAC address in a VF can be something that a VF cannot do without the PF's access or changing the MTU of the VF, in that case. The VF would ping its corresponding PF via mailbox to request the change.
For example, inside the Intel 82559 SR-IOV Driver Companion Guide, it mentions which actions need access of PF to do:
Actions taken via Mailbox System - VF to PF (Link to the guide: https://www.intel.com/content/dam/doc/design-guide/82599-sr-iov-driver)
Also if you want to analyze this with the drivers code, you would be able to see clearly usage of mailbox system whenever you invoke a command inside the VF and you can maybe add prints inside the driver code to see when they get triggered, indicating you if the mailbox was used.
(Mailbox is a communication path between the PF and VF).
Related
With v1 of the measurement protocol, you could use these parameters to add custom dimensions or change medium, source or refer for a page view:
https://ssl.google-analytics.com/collect?v=1&tid=UA-xxxxxxxx&cid=[custom-id]&t=pageview&dp=[Url of pageview]&dh=[hostname of pageview]&cm=[new-medium]&cs=[new-source]&dr=[new-referer]&cd1=[custom-dimension-1]&cd2=[custom-dimension-2]
How is it done in measurement protocol v2?
I couldn't find any documentation about the page-view-event in V2 (for example it's just not mentioned here
https://developers.google.com/analytics/devguides/collection/protocol/ga4/reference/events), even the event-builder (https://ga-dev-tools.web.app/ga4/event-builder/) doesn't support a simple page-view.
So, all I got so far is this:
$data = '
{ "client_id": "'.[custom-id].'",
"events": [
{
"name": "page_view",
"params": {
"page_location": "'.[Url of pageview].'"
}
}
]
}
';
So, what are possible parameters for a page-view-event?
Ok, a few things here right away that you should know if you're playing with MP:
Measurement protocol is a poor name. It implies there's more than one protocol for data gathering. There's none. There is just only one protocol for tracking.
MP2 still largely MP1. Google tries to pose GA4 as a new product, but it's just our old good GA UA with a simplified backend and overengineered front-end that tries to deliver the level of quality Site Catalyst/Omniture/Adobe Analytics have been delivering for a decade. MP is largely the same. dr, cm, cs and a lot of other fields are still there. cds aren't there anymore cuz they're replaced with eps and ups, but more about that a bit later.
GA4 uses this big marketing claim that the new analytics is so wonderfully event-based, unlike the old one. When I dug into why they keep claiming it everywhere, I realized that the only difference is that pageviews are now events. Not much difference really. But yes, a pageview is just an event named page_view. We'll talk about it a bit more later.
Custom dimensions are no more. Now they're called event properties and user properties. The same thing really, Google just tries to make it less obvious that there are no more session level custom dimensions. Or product-level CDs. Though the product level is seemingly on their roadmap.
Make sure you're using the correct measurement id. They made it a lot harder to find it in GA4. It's no longer just the property id visible in the property list, unfortunately.
GA's real-time reports don't include all dimensions, especially if those dimensions are involved in advanced metrics/dimensions calculations. Do not use real time reports for inspecting the content of your events. It's not meant for debugging. It's a vanity report. Still helpful to check the volume of events when you're sending a bunch and expect to see them in GA. Google even has a warning here:
Like the DebugView report, the Realtime report performs limited attribution analysis to ensure responsive reporting. We recommend that you refer to the Acquisition reports for the most accurate attribution information.
Finally, what I often do instead of reading the so-still-unfinished-and-not-really-helpful documentation on MP2, is either use a library like this.
Or, since 1 is the case, I would just implement a moniker tracking in my test GTM, then see what and how it sends to where in the Network debugger and simply reimplement it on my side exactly how GTM does it. No magic involved. Here is how my GTM tag would look like:
With a trigger on any click or any page load. After all is done, I publish the lib. Then I would inject this GTM's code in a local site, or in my test site, or however else you want to test it. And trigger the tag that you need to mimic with MP.
I use this wonderful extension to show all events that fire and their details right in my console.
Now this is how the above tag looks on my test site through the extension:
It's pretty useful.
How do I know that page_referrer is used as dr instead of ep in GTM? Here is the list of the fields that will never be seen as ep. But Google doesn't care enough to map them properly to what these fields are called in MP, so you either have to test, or know, or google it elsewhere.
Finally, here is how the network request looks like:
I published the tag to prod (I keep a test site in prod), so you can go and look at it. Or just find a site that uses GA4 and see its network requests. How does google know that this is a pageview? by the event name: en=page_view
Of course, you do the same with medium and source. Judging from the documentation I've linked to above, the medium and source look like campaign_source and campaign_medium in GTM. GTM maps them accordingly to cs and cm fields. And that's how you know these are the correct mp fields. Give GA time to process these and check on them in a few days.
Good, now this is applicable to the enhanced ecommerce hits too, it's just that they have more variables and data structures in them typically.
Finally, if you want to simulate batch events, you can just make a few tags fire in rapid succession and GTM will neatly pack them in one network request if they fit. You can then digest how the packing is done through the same methods as we do here and simulate.
A little background for the question:
I recently had a near-death experience with Microsoft and socket binding. I was testing production code and one of the test PCs kept failing. I eventually suggested that there was a bug in the bind() function, one of the oldest functions out there.
I submitted the error (see CAsyncSocket Create's bind implementation has a bug in Visual Studio's Developer Community feedback forum), but got handed off to the Windows team (see "__imp_bind implementation has a long-standing situational bug in it" in their Feedback Hub), who never did anything about it.
Since I couldn't debug bind(), and Microsoft refused to assist, I eventually discovered after 2 weeks of dev work, that the test machine in question had Hyper-V enabled and my interface resolution code was picking up this spurious AF_INET address and resolving on it instead of on the real IP address.
I can't expect my customers to turn off the unwanted Hyper-V feature just to run my software, so I need to make my resolution code more granular.
My question:
What I need to do is to be able to get a particular address's verbose name, like for ipconfig /all. I can see that others have asked this question, like Ivan's how to determine interface name and tez's Linux getting all network interface names. Ivan's answer was to use getsockname() and tez's answer was to use if_nameindex(). Neither one of which returns the verbose interface name as seen in ipconfig.
So, does someone know what function call that would be?
Remy Lebeau's answer was to use GetAdaptersAddresses. The sample code for that function shows how to iterate through socket adapter interfaces and get copious amounts of interface data. To answer the question (ie, get ipconfig-like verbosity), however, you need the individual ip addresses. These are available in the LPSOCKADDR lpSockaddr members, which are outputs of the GetAdaptersAddresses call, an example of which is pUnicast->Address.lpSockaddr.
Hi everyone and sorry for my bad English.
I'm learning penetration testing.
After reconnaissance and scanning of my target, I have enough information to pass to next phase.
Some info I have is open ports with related running services, names of the services, service's versions, operative system of the device, firewalls used, etc.)
I launched the mfs console.
I should find the correct exploit and payload, based on the information collected to gain access. I've read the Metasploit Unleashed guide on offensive-security. I've learned the Metasploit Fundamentals and the use of mfs console.
But I don't understand the way to start all of this. Assuming that my target has 20 ports open, I want test the vulnerability using an exploit payload that do not require user interaction. The possibilities of which exploit and payloads to use are now reduced, but are always too. Searching and testing all exploit and payloads for each ports isn't good! So, if i don't know the vulnerability of the target, how do I proceed?
I would like to be aware of what I do. and do not try without understanding.
Couple of things:
We have a stack exchange for security! Check it out at https://security.stackexchange.com/
For an answer: you want to look for "remote exploits", as those do not require user interaction. you can find a curated list of exploits here: https://www.exploit-db.com/remote/
You can search the services on this page for something that matches the same service/version as your attack vector.
I can see from my OS the informations about my hard disk, RAM and CPU. But I've never told my OS these info.
How does my OS know it?
Is there some place in the hard disk or CPU or RAM that stores this kind of information?
Is there some standard about the format of this kind of information?
SMBIOS (formerly known as DMI) contains much of this information. SMBIOS is a a data structure/API that is part of the BIOS/UEFI firmware and contains info like brand and model of the computer, etc.
The rest is gathered by the OS querying hardware directly.
Answer grabbed from superuser by Mokubai.
You don't need to tell it because each device already knows (or has a way) to identify itself.
If you get the idea that every device is accessed via address and data lines, and in some cases only data lines then you come to the relaisation that in those data lines you need some kind of "protocol" that determines just how you talk to those devices.
In amongst that protocol you have commands that say "read this" and "send that" or "put this over there". It is also relatively easy to have a command that says "identify yourself" which, rather than reading a block of disk or memory or painting a pixel a particular colour, will return a premade string or set of strings that tell the driver or operating system what that device is. Using a series of identity commands you could discover a device type, it's capabilities and what driver might be able to work with it.
You don't need to tell a device what it is, because it already knows. And you don't need to tell the operating system what it is because it can ask the device itself.
You don't tell people what they're called and how they talk, you ask them.
Each device has it's own protocol for these messages, and they don't store the details of other devices because to do so would be insane and near useless given that you can remove any device at any time. Your hard drive doesn't need to store information about your memory or graphics card except for the driver that the operating system uses to talk to it with.
The PC UEFI specification would define a core set of system specifications that every computer has, allowing the processor to be powered up and for a program stored in an EEPROM to begin the asbolute basic system probing necessary to determine the processor, set up the RAM, find a disk and display and thus continue to boot the computer.
From there the UEFI system would hand over to the operating system which would have more detailed probing and identification procedures, but it all starts at the most basic "I have a processor, what is around me?" situation.
ARM's aarch64 has an AT (Address Translate) instruction that runs a virtual address through a stage of address translation returning a physical address in PAR_EL1, along with status to indicate whether the translation exists. See ARMv8 ARM, Section C5.5.
The question is: does x86_64 have the equivalent? Intel's System Programming Guide (Volume 3, Chapter 5) talks about pointer validation, but these methods seem to apply to segment-level protection, and there do not appear to be any page-level protection pointer validation instructions.
Is anybody aware of an ARMv8-AT-like instruction for x86_64?
No, the x86-64 instruction set does not have an instruction to perform physical-to-virtual address translation. It only has basic instructions like setting the page directory register, invalidating addresses, and enabling paging.
If you want this functionality on x86-64, I'm afraid you need to be in supervisor mode to do so. You would read the CR3 register, possibly change a few page table mappings to access the physical addresses you need, and perform the address translation by manually walking the page directory and tables.
Your question raises a question in response: For what purpose do you need to know about virtual-to-physical address translations? Paging is supposed to be transparent to application programs, and it is rare to have a good reason to know the physical memory address corresponding to a particular virtual memory address.