Comments (3)
matepeter90
commented on August 11, 2024
1
I checked the code and actually, it is implemented how to fork multiple processes, but you have to provide the right parameters to the injector which is started by the sifter.py
Based on the example in the readme, the command which worked for me on 8 cores
sudo ./sifter.py --unk --dis --len --sync --tick -- -P1 -t -l 1 -j 8
Corresponding parameters from injector's help
[-j jobs] ........... number of simultaneous jobs to run (default: 1)
[-l range_bytes] .... number of base instruction bytes in each sub range (default: 0)
When the range_bytes parameter is 0 the first thread allocates the whole search range and the others just quit, but if you set it to 1 every thread can allocate their own subrange.
from sandsifter.
bdlmt
commented on August 11, 2024
Thanks for the solution. I'm still figuring out what the "number of base instruction bytes in each sub range" really means and how to optimize it, but -l4 seems to be producing good results.
from sandsifter.
matepeter90
commented on August 11, 2024
It's just about breaking the search range to smaller parts for threads to work on.
Threads allocate their own part from the whole range which is 16 bytes first being all zeroes and the last is all FF-s (000000000000000000000000000000;ffffffffffffffffffffffffffffff) and try each machine code belonging to them.
I've enabled logging and printed only the first 3 bytes because the other ones (in the beginning) are just all zeroes.
Here is the part how it allocates 'subranges' for two threads with -l 1
job: 0 // mc: 000000
job: 2 // range: 010000;020000
job: 2 // mc: 010000
job: 2 // mc: 010001
job: 0 // mc: 000100
job: 0 // mc: 000200
job: 0 // mc: 000300
job: 0 // mc: 000400
job: 0 // mc: 000500
job: 0 // mc: 000600
job: 0 // mc: 000700
job: 0 // mc: 000800
...snip...
job: 0 // mc: 00fe00
job: 2 // mc: 0100e0
job: 0 // mc: 00ff00
job: 2 // mc: 0100e1
job: 2 // mc: 0100e2
job: 0 // range: 020000;030000
job: 2 // mc: 0100e3
job: 0 // mc: 020000
job: 2 // mc: 0100e4
job: 0 // mc: 020001
job: 2 // mc: 0100e5
job: 0 // mc: 020002
job: 2 // mc: 0100e6
With -l 1 Thread 0 allocates range: 000000;010000 so it goes through from 000000 to 00ff00 and requests a new 'sub range' 020000;030000 based on the used search algorithm.
You could optimize the search algorithms or check if actually the range allocation works correctly. move_next_range() and move_next_instruction() are the interesting functions where this stuff is happening.
from sandsifter.
Related Issues (20)
- Run on 80386 Debian within emulator? HOT 13
- Feature request: Add support for GPUs HOT 1
- have some sort of versioning information
- make fails with injector.c:817:2: error: impossible constraint in ‘asm’ HOT 1
- summarize.py crashes HOT 2
- Resizing terminal window crashes summarize.py
- how to analysis the instructions from sandsifter
- compile error ubuntu 17.04 HOT 1
- I don't understand this.
- File "./sifter.py", line 817, in main arch = re.search(r".*(..)-bit.*", injector_bitness).group(1) HOT 5
- How to install this on Pentium II w/o FPU Debian without internet connection? HOT 12
- mmap_min_addr 0 instead of sudo
- Does not compile HOT 2
- File "./sifter.py", line 196 HOT 4
- injector.c:65:11: fatal error : capstone/capstone.h: No such file or directory HOT 1
- relocation R_X86_64_32S against symbol `dummy_stack' can not be used when making a PIE object... HOT 4
- Disclosure of the "halt catch fire" bug HOT 1
- Injector overflowed sigaltstack
- Make issue on ubuntu. HOT 4
- Found a fork that builds and runs on modern machines HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sandsifter.