vmware mac big sur has no boot.efi in recovery selection

Make a bootable disk.

  1. create a vmdk with enough capacity, like 40G, add it to the guest vm.
  2. start up the vm, format the vmdk to HFS+(MAC OS扩展 日志式), name as MyVolume.
  3. download macos from app store, when installing dialog appears, leave it.
  4. open a terminal, type command below:
1
sudo /Applications/Install\ macOS\ Big\ Sur.app/Contents/Resources/createinstallmedia --volume /Volumes/MyVolume

Reboot the guest vm from this bootable disk.

1
BIOS -> EFI VMware Virtual SATA Hard Drive (2.0)

In recovery mode, we can switch off virtual memory.

1
2
3
4
5
csrutil disable
#after reboot
cd /System/Volumes/VM/
sudo mkdir swapfile0 swapfile1 swapfile2 swapfile3 swapfile4 swapfile5
sysctl vm.swapusage

refer to:
chrisleat
https://communities.vmware.com/t5/VMware-Fusion-Discussions/Can-t-boot-into-recovery-partition-on-macOS-11-Big-Sur/m-p/2298420#M139994
https://support.apple.com/en-us/HT201372
https://www.dazhuanlan.com/cossacks/topics/1189622

tmux config

Choose tmux because screen cmd has no function like C-b + z.

First, ensure tmux server is down by cmd

1
tmux ls

~/.tmux.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
#for copying to sys clipboard
bind -T copy-mode-vi Enter send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard"
bind -T copy-mode-vi MouseDragEnd1Pane send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard"
bind -T copy-mode-vi C-j send-keys -X copy-pipe-and-cancel "xclip -i -f -selection primary | xclip -i -selection clipboard"
 
bind h select-pane -L
bind j select-pane -D
bind k select-pane -U
bind l select-pane -R
 
#general other stuff
set -g default-terminal "xterm-256color"
set-window-option -g mode-keys vi
#set -g mouse on

install xclip

1
apt install xclip

common commands

1
2
3
4
5
6
c	open new window
w	window list
"	split window up and down
%	split window left and right
[	copy mode, 'q' to exit
d	hang up tmux, 'tmux attach' to return

refer to:
https://unix.stackexchange.com/questions/131011/use-system-clipboard-in-vi-copy-mode-in-tmux
https://jdhao.github.io/2018/09/30/tmux_settings_for_vim_users/

How to capture full content of a web page

When a web page content is very long, using "Capture node screenshot" menu function of F12 tools in Chrome or FireFox will lost the bottom part of its image. Who knows why? maybe it's a memory reservation technology!

Well, follow these steps to save the entire content as an image:

  1. Open Firefox.
  2. Click "Addon" menu item, search "screen".
  3. Install "Full Web Page Screenshots" tool made by susbox whose app name is "FireShot" and icon is a big S.
  4. Use FireShot to capture the whole web page content.

suricata备忘录

keywords

1
2
3
4
5
6
7
8
spm: single pattern match
mpm: multi pattern matcher
bm: boyer moore
hs: hyperscan
ppt: packet processing thread
cidr: classless inter-domain routing, such as a.b.c.d/x
tsap: transport service access point
scada: supervisory control and data acquisition

protocols

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
opc: ole for process control/Microsoft
	opcua/tcp/started bytes/
	opcda/dcerpc/started bytes/
modbus: /port 502/Schneider
	rtu: remote terminal unit
	ascii
	tcp
s7comm: /port 102/*(base + 7) == 0x32/Siemens
	tpkt:
	cotp: connection-oriented transport protocol
		ed: 0x1, expedited data
		ea: 0x2, expedited data acknowledgement
		ud: 0x4, user data
		rj: 0x5, reject
		dr: 0x8, disconnect request
		dc: 0xC, disconnect confirm
		cc: 0xD, connect confirm
		cr: 0xE, connect request
		dt: 0xF, data
	rosctr: remote operating service control
bacnet/ip: building automation and control networks/udp/port 47808/ISO standards
	bvlc: bacnet virtual link control
	npdu: bacnet network layer
	apdu: bacnet application layer
	bbmd: bacnet/ip broadcast management device
ethernet-ip: /ODVA
	cip: common industrial protocol/tcp/port 44818
	cip i/o: /udp/port 2222
iec: International Electrotechnical Commission
	iec60870-5:
		101: basic telecontrol tasks
		104: network access for iec60870-5-101
			iec104: /tcp/port 2404/*base == 0x68/
				apdu: application protocol data unit
					apci: application protocol control information
						cf1: first control field
						i-format: information transfer format/cf1 == 0/variable length
						s-format: numbered supervisory functions/cf1 == 01/fixed length
						u-format: unnumbered control functions/cf1 == 11/fixed length
					asdu: application service data unit
						sq: structure qualifier
						cot: cause of transmission
						oa: originator address
						ioa: information object address
						siq: single point of information
						diq: double point information
						sco: single command
						dco: double command
						rco: regulating step command
						vti: value with transient state indication
						sva: scaled value
				coa: common address of asdu
		102/电量
		103/保护
	iec61850:
		smv: iec61850-9-2
		goose: 通用变电站事件
		sntp: 时间同步
		acsi: abstract service communication interface
			mms: manufacturing message specification/port 102/
				tpkt
				cotp
				vmd: virtual manufacturing device
		gsse: 通用变站状态事件
dnp3: distributed network protocol/port 20000/resembles iec60870-5 FT3
	rtu: remote terminal unit
	ied: intelligent electronic device
	iccp: inter-control center communications protocol
	data link layer
		prm: primary
		fcb: frame count bit
		fcv: frame count valid bit
		dfc: data flow control bit
	application layer
		apci: application protocol control information
		fir: first fragment
		fin: final fragment
		con: expect a confirmation
fins: /tcp/port 9600/

suricata分析pcap文件

1
2
#--runmode single
suricata -c /path/to/suricata.yaml -r /path/to/sample.pcap --runmode autofp

plc protocol in https://github.com/wireshark/wireshark/tree/master

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
Siemens S7	/epan/dissectors/packet-s7comm.c	西门子PLC支持的通讯协议
MMS(IEC61850)	/asn1/mms				输配电通讯协议
GOOSE(IEC61850)	/asn1/goose				输配电通讯协议
SV(IEC61850)	/asn1/sv				输配电通讯协议
Modbus		/epan/dissectors/packet-mbtcp.c		工控标准协议
OPC DA		/epan/dissectors/packet-dcom.c		工控标准协议
FF HSE		/epan/dissectors/packet-ff.c		基金会现场总线以太网通信协定
IEC 104		/epan/dissectors/packet-iec104.c	输配电通讯协议
Ethernet POWERLINK	/epan/dissectors/packet-epl.c	开放式实时以太网通信
OPC UA		/plugins/opcua/opcua.c			OPC新一代标准
HART-IP		/epan/dissectors/packet-hartip.c	高速可寻址远程传感器协议
CoAP		/epan/dissectors/packet-coap.c		轻量应用层协议
Omron FINS	/epan/dissectors/packet-omron-fins.c	欧姆龙PLC支持的通讯协定
openSAFETY	/epan/dissectors/packet-opensafety.c	开源安全应用协议
EGD(Ethernet Global Data)	/epan/dissectors/packet-egd.c	GE Fanuc为PLC开发的通讯协定
DNP3		/epan/dissectors/packet-dnp.c		分布式网络协议,主要用于电力行业
Sinec H1	/epan/dissectors/packet-h1.c		西门子PLC支持的通讯协议
Profinet	/plugins/profinet/			开放式的工业以太网通讯协定
EtherCAT	/plugins/ethercat/			德国Beckhoff公司推动的开放式实时以太网通讯协定
SERCOS III	/epan/dissectors/packet-sercosiii.c	实时以太网通讯协定
RTPS		/epan/dissectors/packet-rtps.c		实时流传输协议
TTEthernet	/epan/dissectors/packet-tte.c		实时以太网通讯协定
CDT		/dissectors/packet-cdt.c		远动规约
EtherNet/IP	/epan/dissectors/packet-etherip.c	工业通讯协定(Industrial Protocol),是一种CIP的实现方式,由罗克韦尔自动化公司所设计
CIP		/epan/dissectors/packet-cip.c		通用工业协定
CIP Safety	/epan/dissectors/packet-cipsafety.c	安全通用工业协定
DeviceNet	/epan/dissectors/ packet-devicenet.c	一种CIP的实现方式,由Allen-Bradley公司所设计
BACnet		/epan/dissectors/packet-bacnet.c	楼宇自动控制网络数据通讯协议
KNXnet/IP	/epan/dissectors/packet-knxnetip.c	住宅和楼宇控制标准
Lontalk		/epan/dissectors/packet-lon.c		埃施朗公司的LonWorks技术所使用的通讯协议
CANopen		/epan/dissectors/packet-canopen.c	控制局域网通讯协定
SAE J1939	/epan/dissectors/packet-j1939.c		一种CAN的变种,适用在农业车辆及商用车辆
USITT DMX512-A	/epan/dissectors/packet-dmx.c		灯光控制数据传输协议
BSSAP/BSAP	/epan/dissectors/packet-bssap.c		由Bristol Babcock Inc发展的通讯协定
Gryphon		/plugins/gryphon			车用通讯协定
ZigBee		/epan/dissectors/packet-zbee.h		开放式的无线通讯协定

refer to:
https://reference.opcfoundation.org/v104/Core/docs/Part6/7.1.2/
https://plcscan.org/
https://www.fit.vut.cz/research/publication-file/11570/TR-IEC104.pdf
https://suricata.readthedocs.io/en/suricata-5.0.6/configuration/suricata-yaml.html

bash从字符串中解析出带引号的变量

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#!/bin/bash
#shebang must be bash.
 
print_args()
{
	echo "1st is [$1]"
	echo "2nd is [$2]"
	echo "3rd is [$3]"
	echo "4th is [$4]"
	echo "5th is [$5]"
	echo "6th is [$6]"
	echo "7th is [$7]"
	echo "8th is [$8]"
}
 
VAR1=(1 2 "3 4" 5)
print_args "${VAR1[@]}"
 
VAR2="11 22 \"33 44\" 55"
#eval "VAR2=($VAR2)"
declare -a "VAR2=($(echo $VAR2 | tr '`$<>' '????'))"
print_args "${VAR2[@]}"

refer to:
https://superuser.com/questions/1066455/how-to-split-a-string-with-quotes-like-command-arguments-in-bash

拉丁语的格

名词

1
2
3
4
Nominative: 主格,Genitive: 属格,Dative: 与格,Accusative: 宾格
Ablative: 离格、夺格,Locative: 位格,Vocative: 呼格
 
-ere = to do = -en, -ern, -eln in German

https://www.online-latin-dictionary.com/

singular plural
1ST DECLENSION
aqua, -ae, f. water
nom aqua aquae
gen aquae aquārum
dat aquae aquīs
acc aquam aquās
abl aquā aquīs
2ND DECLENSION
servus, -ī, m. slave
nom servus servī
gen servī servōrum
dat servō servīs
acc servum servōs
abl servō servīs
dōnum, -ī, n. gift
nom dōnum dōna
gen dōnī dōnōrum
dat dōnō dōnīs
acc dōnum dōna
abl dōnō dōnīs
3RD DECLENSION
rēx, rēgis, m. king
nom rēx rēgēs
gen rēgis rēgum
dat rēgī rēgibus
acc rēgem rēgēs
abl rēge rēgibus
corpus, corporis, n. body
nom corpus corpora
gen corporis corporum
dat corporī corporibus
acc corpus corpora
abl corpore corporibus
3RD DECLENSION I-STEM
cīvis, -is, m. citizen
nom cīvis cīvēs
gen cīvis cīvium
dat cīvī cīvibus
acc cīvem cīvēs
abl cīve cīvibus
mare, -is, n. sea
nom mare maria
gen maris marium
dat marī maribus
acc mare maria
abl marī maribus
4TH DECLENSION
frūctus, -ūs, m. fruit
nom frūctus frūctūs
gen frūctūs frūctuum
dat frūctuī frūctibus
acc frūctum frūctūs
abl frūctū frūctibus
cornū, -ūs, n. horn
nom cornū cornua
gen cornūs cornuum
dat cornū cornibus
acc cornū cornua
abl cornū cornibus
5TH DECLENSION
rēs, reī, f. thing
nom rēs rēs
gen reī rērum
dat reī rēbus
acc rem rēs
abl rēbus
diēs, diēī, m. day
nom diēs diēs
gen diēī diērum
dat diēī diēbus
acc diem diēs
abl diē diēbus
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
go	to go		went		gone
ago	agere		egi		actum		actus		III 做
amo	amare		avi		atum		amatus		I 爱
audio	audire		audivi		auditum		auditus		IV 听
capio	capere		cepi		captum		captus		III 拿,夺取
deleo	delere		delevi		deletum		deletus		II 毁坏,摧毁
dico	dicere		dixi		dictum		dictus		III 说
do	dare		dedi		datum		datus		I 给
duco	ducere		duxi		ductum		ductus		III 引领,领导
facio	facere		feci		factum		factus		III 做,制作,使成为
finio	finire		finivi		finitum		finitus		IV 结束
habeo	habere		habui		habitum		habitus		II 有
laboro	laborare	laboravi	laboratum	laboratus	I 劳动
laudo	laudare		laudavi		laudatum	laudatus	I 表扬
lego	legere		legi		lectum		lectus		III 读
maneo	manere		mansi		mansum		mansus		II 留下,逗留
mitto	mittere		misi		missum		missus		III 派遣,寄,送
moneo	monere		monui		monitum		monitus		II 劝告
opto	optare		optavi		optatum		optatus		I 希望
rego	regere		rexi		rectum		rectus		III 管理
scribo	scribere	scripsi		scriptum	scriptus	III 写
sentio	sentire		sensi		sensum		sensus		IV 感觉,感知
venio	venire		veni		ventum		ventus		IV 来
video	videre		vidi		visum		visus		II 看见
vinco	vincere		vici		victum		victus		III 战胜
vivo	vivere		vixi		victum		victus		III 生活

refer to:
https://www.zhihu.com/people/calvinx-28
https://www.thoughtco.com/endings-of-latin-nouns-third-declension-117591
https://www.zhihu.com/question/32303392?sort=created
https://wenku.baidu.com/view/20e6b28ccd7931b765ce0508763231126fdb776d.html
https://www.zhihu.com/question/28861260