This talk was presented on 24 September 2024 as part of the 2024 Aratu Week, a small online conference by Brazilian hacker interest group Boitatech.
How to contact me: Section "How to contact Ciro Santilli"
Links to this talk:
Inspecting the Reuters article HTML source code
. 
2010 Wayback Machine archive of starwarsweb.net
. The Star Wars one.
2010 Wayback Machine archive of noticiasmusica.net
. The Brazilian one.
2010 Wayback Machine archive of dedrickonline.com
. The German one.
2010 Wayback Machine archive of lesummumdelafinance.com
. A French one.
2011 Wayback Machine archive of attivitaestremi.com
. An Italian one about extreme sports.
DNS Census 2013 website
. Source. This source provided valuable historical domain to IP data.amazon.com,2012-02-01T21:33:36,72.21.194.1
amazon.com,2012-02-01T21:33:36,72.21.211.176
amazon.com,2013-10-02T19:03:39,72.21.194.212
amazon.com,2013-10-02T19:03:39,72.21.215.232
amazon.com.au,2012-02-10T08:03:38,207.171.166.22
amazon.com.au,2012-02-10T08:03:38,72.21.206.80
google.com,2012-01-28T05:33:40,74.125.159.103
google.com,2012-01-28T05:33:40,74.125.159.104
google.com,2013-10-02T19:02:35,74.125.239.41
google.com,2013-10-02T19:02:35,74.125.239.46
com,capture-nature)/robots.txt 20211229130524 https://www.capture-nature.com/robots.txt warc/revisit - XWX2XVEZVSVIUKYXF3AJUYIRDOLOXLTO 1213
com,capture-nature)/robots.txt 20211230151913 http://capture-nature.com/robots.txt warc/revisit - XWX2XVEZVSVIUKYXF3AJUYIRDOLOXLTO 1186
com,capture-nature)/robots.txt 20220419233721 https://www.capture-nature.com/robots.txt warc/revisit - XWX2XVEZVSVIUKYXF3AJUYIRDOLOXLTO 1075
com,capture-nature)/scenes.jar 20110201104851 http://capture-nature.com/Scenes.jar application/java-archive 200 U3GPB3SPISZKLFGUJFD34C5GXWAAC2GJ 287887
com,capture-nature)/scenes.jar 20110224193204 http://capture-nature.com/Scenes.jar application/java-archive 200 U3GPB3SPISZKLFGUJFD34C5GXWAAC2GJ 287890
com,capture-nature)/scenes.jar 20130903003254 http://capture-nature.com/Scenes.jar application/x-java-archive 200 U3GPB3SPISZKLFGUJFD34C5GXWAAC2GJ 287898
com,capture-nature)/trees-and-details 20200928184446 https://www.capture-nature.com/trees-and-details text/html 200 NO6J7567VFWZLRSKBJ5HVXGT27MX2A4K 30902
com,capture-nature)/trees-and-details 20210127132910 https://www.capture-nature.com/trees-and-details text/html 200 SI73WNJUBGTOXSTRK4IRU4D4AJ637F6A 31041
com,capture-nature)/trees-and-details 20210419062751 https://www.capture-nature.com/trees-and-details text/html 200 K4Q444QJ243HW3ECXNNOBNUFMXWAPVFD 31464
Tor automation at: github.com/cirosantilli/cirosantilli.github.io/blob/f45d859d4f9350e4a3deffdbb8acd86584d60f2c/cia-2010-covert-communication-websites/cdx-tor.sh
They really screwed up there:
$ jq <hits.json '.[].host' | wc
361 361 7777
$ jq <hits.json '.[].host' | grep news | wc
129 129 2809More than 1/3 of my hits found contain the word "news" in the title!!! E.g.:
global-view-news.com
firstnewssource.com
theworldnewsfeeds.com
pars-technews.com
newdaynewsonline.com
sportsnewsfinder.com
newsworldsite.com
todaysnewsreports.net
hassannews.net
weblognewsinfo.com
newsincirculation.com0000o.com
001cssf.com
001techan.com
0061hs-0351xc-g305h.net
006979.com
006h4g-054hs-6504ga.net
_Britons_(Kitchener)_wants_you_(Briten_Kitchener_braucht_Euch)._1914_(Nachdruck)%2C_74_x_50_cm._(Slg.Nr._552).jpg/401px-thumbnail.jpg)
One time setup:
git clone https://github.com/cirosantilli/linux-kernel-module-cheat
cd linux-kernel-module-cheat
sudo apt install docker
python3 -m venv .venv
. .venv/bin/activate
./setup
./run-docker create
./run-docker shYou are now in Docker.
Build everything from source inside docker:
./build --download-dependencies qemu-buildrootBoot Linux and get a userland shell:
./runOutcome:
<6>[ 1.383114] NET: Registered protocol family 17
<6>[ 1.383682] 9pnet: Installing 9P2000 support
<6>[ 1.385473] IPI shorthand broadcast: enabled
<6>[ 1.385701] sched_clock: Marking stable (1355697980, 27047205)->(1385555667, -2810482)
<6>[ 1.387744] ALSA device list:
<6>[ 1.387843] No soundcards found.
<6>[ 1.535981] ata2.00: ATAPI: QEMU DVD-ROM, 2.5+, max UDMA/100
<5>[ 1.543470] scsi 1:0:0:0: CD-ROM QEMU QEMU DVD-ROM 2.5+ PQ: 0 ANSI: 5
<6>[ 1.548952] EXT4-fs (vda): mounting ext2 file system using the ext4 subsystem
<6>[ 1.555909] EXT4-fs (vda): mounted filesystem without journal. Opts: (null)
<6>[ 1.556145] VFS: Mounted root (ext2 filesystem) on device 254:0.
<6>[ 1.557451] devtmpfs: mounted
<6>[ 1.605639] Freeing unused kernel image (initmem) memory: 1248K
<6>[ 1.605875] Write protecting the kernel read-only data: 16384k
<6>[ 1.607977] Freeing unused kernel image (text/rodata gap) memory: 2044K
<6>[ 1.610190] Freeing unused kernel image (rodata/data gap) memory: 1012K
<6>[ 1.610495] Run /sbin/init as init process
<6>[ 1.683311] tsc: Refined TSC clocksource calibration: 3293.671 MHz
<6>[ 1.683618] clocksource: tsc: mask: 0xffffffffffffffff max_cycles: 0x2f79f177aae, max_idle_ns: 440795226653 ns
<6>[ 1.683849] clocksource: Switched to clocksource tsc
<3>[ 1.694241] 9pnet_virtio: no channels available for device host_data
mount: mounting host_data on /mnt/9p/data failed: No such file or directory
qemu-system-x86_64: warning: 9p: degraded performance: a reasonable high msize should be chosen on client/guest side (chosen msize is <= 8192). See https://wiki.qemu.org/Documentation/9pset.
<3>[ 1.712287] overlayfs: overlapping upperdir path
mount: mounting overlay on /mnt/overlay failed: Too many levels of symbolic links
hello S98
hello .profile
/lkmc
root@buildroot# pwd
/lkmc
/lkmc
root@buildroot#
The following are stored in submodules:
submodules/binutils-gdb/
submodules/buildroot/
submodules/gcc/
submodules/glibc/
submodules/linux/
submodules/qemu/So you can modify source, rebuild and that's it, its in the VM.
E.g., let's hack the linux kernel:
asmlinkage __visible void __init __no_sanitize_address start_kernel(void)
{
pr_info("I'VE HACKED THE LINUX KERNEL!!!");Rebuild Linux:
./build-linuxRerun:
./runAnd after boot we see:
<6>[ 0.000000] I'VE HACKED THE LINUX KERNEL!!!Start QEMU and wait for GDB:
./run --gdb-waitOn another shell, connect GDB to QEMU and run up to a symbol that shows up at boot:
./run-gdb start_kernelOutcome: we are GDB step debugging the Linux Kernel:
Breakpoint 1, start_kernel () at /root/lkmc/submodules/linux/init/main.c:837
837 {
loading vmlinux
(gdb) n
841 set_task_stack_end_magic(&init_task);
(gdb) l
836 asmlinkage __visible void __init __no_sanitize_address start_kernel(void)
837 {
838 char *command_line;
839 char *after_dashes;
840
841 set_task_stack_end_magic(&init_task);
842 smp_setup_processor_id();
843 debug_objects_early_init();
844
845 cgroup_init_early();
(gdb) p &init_task
$1 = (struct task_struct *) 0xffffffff82012840 <init_task>
(gdb) bt
#0 start_kernel () at /root/lkmc/submodules/linux/init/main.c:841
#1 0xffffffff8215145c in x86_64_start_reservations (real_mode_data=<optimized out>) at /root/lkmc/submodules/linux/arch/x86/kernel/head64.c:490
#2 0xffffffff821514e3 in x86_64_start_kernel (real_mode_data=0x138d0 <bts_ctx+2256> <error: Cannot access memory at address 0x138d0>) at /root/lkmc/submodules/linux/arch/x86/kernel/head64.c:471
#3 0xffffffff810000e6 in secondary_startup_64 () at /root/lkmc/submodules/linux/arch/x86/kernel/head_64.S:243
#4 0x0000000000000000 in ?? ()
(gdb) up
#1 0xffffffff8215145c in x86_64_start_reservations (real_mode_data=<optimized out>) at /root/lkmc/submodules/linux/arch/x86/kernel/head64.c:490
490 start_kernel();
(gdb) l
485 break;
486 default:
487 break;
488 }
489
490 start_kernel();
491 }E.g., if you want aarch64 instead of the default x86_64:
./build -aA
./run -aAThat's it.
#include <linux/module.h>
#include <linux/kernel.h>
static int myinit(void)
{
pr_info("hello init\n");
/* 0 for success, any negative value means failure,
* E* consts if you want to specify failure cause.
* https://www.linux.com/learn/kernel-newbie-corner-loadable-kernel-modules-coming-and-going */
return 0;
}
static void myexit(void)
{
pr_info("hello exit\n");
}
module_init(myinit)
module_exit(myexit)
MODULE_LICENSE("GPL");Assertions! The best way to learn assembly.
#include <lkmc.h>
LKMC_PROLOGUE
/* Register immediate. */
mov $1, %rax
add $2, %rax
LKMC_ASSERT_EQ(%rax, $3)
LKMC_EPILOGUEPowered by crosstool-NG:
.global main
main:
/* 0x20026 == ADP_Stopped_ApplicationExit */
mov x1, 0x26
movk x1, 2, lsl 16
str x1, [sp, 0]
/* Exit status code. Host QEMU process exits with that status. */
mov x0, 0
str x0, [sp, 8]
/* x1 contains the address of parameter block.
* Any memory address could be used.
*/
mov x1, sp
/* SYS_EXIT */
mov w0, 0x18
/* Do the semihosting call on A64. */
hlt 0xf000What I'm doing for 1 year now!
Logo of the OurBigBook Project
. 
Intro to the OurBigBook Project
. Source. 
Screenshot of Ciro Santilli's Monero wallet with 1000 Monero in it just after the donation
. 
Still of the reaction video after finding out about the big donation around about midnight
. Source. 
It's a role given to me by the Internet people
. The ultimate goal: create an university:
- without entry exams
- without course requirements
- where all material is free and available online: lecture notes, problem sheets, past exam papers
- where you only pay to take certification exams for the courses that you care about
The technical goal:
Get university students to write what they learn. All university material should be amazing and free!
The how:
Create the ultimate personal knowledge base software with multi-user mind-melding features.
User home page on OurBigBook.com
. Live URL: ourbigbook.com/cirosantilli
Dynamic article tree with infinitely deep table of contents
. Live URL: ourbigbook.com/cirosantilli/chordate
Descendant pages can also show up as toplevel e.g.: ourbigbook.com/cirosantilli/chordate-subclade
The topics feature allows you to find the best version of a subject written by other users user
. Live demo: derivative.
- cirosantilli.com (static)
- ourbigbook.com/cirosantilli (dynamic)
Visual Studio Code extension installation
. 
Visual Studio Code extension tree navigation
. 
Wikipedia:
- notability guidelines too stringent
- Encyclopedic content requirements too stringent, we need tutorials
- contributors get no clear indication of their contribution
- your changes can be reverted at any time losing you hours of work
Stack Exchange: can't write a book/have table of contents, only Q&A
Other personal knowledge bases (Obsidian, static site generators, etc.), blogs, PDFs:
- no way to merge brains of multiple users
- some of them are not focused on publishing, only personal/internal company usage
Physics package of a nuclear weapon design documents?
Source. 
Ordinal #0
. 
-------------------------------------
| Force of Will 3 U U |
| --------------------------------- |
| | //////////// | |
| | ////() ()\////\ | |
| | ///_\ (--) \///\ | |
| | ) //// \_____///\\ | |
| | ) \ / / / / | |
| | ) / \ | | / _/ | |
| | ) \ ( ( / / / / \ | |
| | / ) ( ) / ( )/( ) \ | |
| | \(_)/(_)/ /UUUU \ \\\/ | | |
| .---------------------------------. |
| Interrupt |
| ,---------------------------------, |
| | You may pay 1 life and remove a | |
| | blue card in your hand from the | |
| | game instead of paying Force of | |
| | Will's casting cost. Effects | |
| | that prevent or redirect damage | |
| | cannot be used to counter this | |
| | loss of life. | |
| | Counter target spell. | |
| `---------------------------------` |
| l
| Illus. Terese Nelsen |
-------------------------------------Code 1. .
WeAreStarStuff.jpg
YellowRobot.jpg
Water Deer
. 2016 from badtaxidermy.com Visible at: web.archive.org/web/20200527070011/http://www.badtaxidermy.com/?page=3. Uploaded with: cryptograffiti.info.
Chinese wedding (2016)
Free GrrCon ticket (2018):
@@@@@@@@@@@@@@@@@@@@@@@@YOUR@FREE@GRRCON@TICKET@CODE@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@, *@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@% @@@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@ .@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@ *@@@@@@@@@@@@@@@@@@@, @@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@ @@@@( %@@@@ @@@@@@@@@@@@@@@
@@@@@@@@@@@@@@ @@@@ @@@& @@@@@@@@@@@@@
@@@@@@@@@@@@ @@@ @@@@@@@@@@@@@,@. @@@ @@@@@@@@@@@
@@@@@@@@@@ %@@ .&@@@@@@&%@@@@@&&&@@@@@# @@/ /@@@@@@@@@
@@@@@@@@@ @@ @@@&@@O@@@@@@@@@@@@@@@@(@@@@& @@ @@@@@@@@
@@@@@@@@ @@. .@@@,%&@@P@@@@@(,*&*@@@@@@@@#(#.@ (@@ @@@@@@@
@@@@@@* @@ @@(@%@@@@@&R@@@@&@@@@@@@&@@@@@@/ @@@ @@ @@@@@@
@@@@@# @@ @@@@@@@@,,@%@E@%@@@@@@@@@@@%@@@@@.@@@@ @@ @@@@@
@@@@@ @@ @.@@@@@,@@@(@,T@@@@@@@@@@@@@@@@@@@@@@@@ @@ @@@@
@@@@ @@ @&@@@@@@/@#@(@&@U@@@@@@@@(@@@@@@., #@@@@@ @@ @@@
@@@* @@ @@@@&@@&@ #@@@R@.@@@@@.@@@@@@@%@@(@@@@@ @@ @@@
@@@ @@ /@@*@@ @@@/N/@,@@@@@@@@@ @@@@@@, @@ @@
@@@ @@ @@@@@ @@.@I@@,@@@@@@@@ @@@@&@@ @@ @@
@@/ @@ @@@, (#@/S@@@@@@.,@ **@@&,@ @@ @@
@@ @@ %(( @#@@@@M@@@@@&@ #./%&@@* @@ %@
@@ @@ #&&@ @@@@&@@Y@@@@@ &@,@@@.( @@ %@
@@, @@ @@@@@@ *(@@%@@@F&@. @@&%@@ @@ @@
@@@ @@ @#@%@/@ @@@*@@@R( @@@&@ @@ @@
@@@ @@ @@@@@@@@@%@@@%%@@@@@@@%%/I@ @@@@, @ @@ @@
@@@. @@ @@@@@@@*@&@@@@# @(@@@@@@@@E@@@@@@@& @@ @@@
@@@@ @@ @@@@&@@(@@@@@@.@# @@@ @@@@N@@@@,@( @@ @@@
@@@@@ @@ @@@*@@&@@*(@ @@@&@@&@@D@@@@& @@ @@@@
@@@@@. @@ @/@,@@@@@@@@@@@@@@% @@ @@@@@
@@@@@@ @@ @@@@@@@@@@@@@,@@@@ @@ %@@@@@
@@@@@@@, @@/ @&@@(@@@@ @@@@@@@@@ &@@ @@@@@@@
@@@@@@@@@ @@ #%@(,&,@@@@ @(& @/,@ @@ @@@@@@@@
@@@@@@@@@@ /@@ @@&@@@@@,* @@& @@@@@@ .@@. @@@@@@@@@
@@@@@@@@@@@@ @@@ @(@@@@@@ @@@ .@(@@, @@@ @@@@@@@@@@@
@@@@@@@@@@@@@@ &@@@ @@@# @@@@@@@@@@@@@
@@@@@@@@@@@@@@@@ @@@@@ @@@@@ @@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@# .@@@@@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@ @ , . @ @@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@ @ @ @# @ *, @ @@@@@@@@@@@@@@@@@@@@@@@@@
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@& @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@Removing the
@ signs: YOUR FREE GRRCON TICKET CODE
, *
%
.
* ,
( %
&
, .
% .& &% &&& # / /
& O ( &
. . ,%& P (,*&* #(#. (
* ( % &R & & /
# ,, % E % % .
. , ( ,T
& / # ( & U ( ., #
* & & # R . . % (
/ * /N/ , ,
. I , &
/ , (# /S ., ** &,
%(( # M & #./%& * %
#&& & Y & , .( %
, *( % F& . &%
# % / * R( &
% %% %%/I ,
. * & # ( E &
& ( . # N , (
* & *( & & D &
. / , %
, %
, / & ( &
#% (,&, (& /,
/ & ,* & . .
( . ( ,
& #
# .
, .
# *,
&
Xi Jinping, ruler of China
. 
Xi Jinping, ruler of China, wearing leather sadomasochist outfit
. 
More info: Section "All GitHub Commit Emails"
Articles by others on the same topic
There are currently no matching articles.