You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/posts/tuxedos.md
+129-1Lines changed: 129 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,135 @@ hideComments = false
15
15
16
16
# Background
17
17
18
-
First windows now it's time for the penguin! Unlike windows, Linux has a more direct approach for doing things like manipulating memory or linking libraries or you don't need to call 3+ api functions to do something like process injection.
18
+
First windows now it's time for the penguin! Unlike windows, Linux has a more direct approach for doing things like manipulating memory or linking libraries or you don't need to call 3+ API functions to do something like process injection.
19
+
20
+
# Fundamentals
21
+
22
+
## Memory
23
+
24
+
Everyone knows things like RAM but what about the other memory in the system?
25
+
26
+
### Primary
27
+
28
+
* Your RAM and ROM (read only memory)
29
+
* Disposable/wiped after a reboot.
30
+
* Fast readily available for programs
31
+
32
+
#### ROM
33
+
34
+
* Read only.
35
+
* BIOS level.
36
+
* Smaller chip.
37
+
* Provides all boot instructions and firmware.
38
+
39
+
----------------------
40
+
41
+
#### Register memory
42
+
43
+
* storage locations on the CPU that store temporary data.
44
+
* Faster than RAM.
45
+
* Important instructions
46
+
* each register typically holds between 32 and 64 bits of data.
47
+
* THIS IS NOT CACHE MEMORY!!
48
+
49
+
##### Data Register
50
+
51
+
* 16 bit register that holds variables.
52
+
* Temporary holding place for data.
53
+
54
+
##### Program Counter Register (PC Register)
55
+
56
+
* Memory address for next set of instructions in the program.
57
+
* Keeps proper sequence in the program.
58
+
59
+
##### Instruction Register
60
+
61
+
* 16 bit register that contains the current instruction code from the main memory (RAM).
62
+
* This is what the CPU actually executes.
63
+
64
+
##### Address Register
65
+
66
+
* 12 bit register for address location.
67
+
* CPU fetches and handles instructions from this.
68
+
69
+
##### I/O Address Register
70
+
71
+
* unique address with an input or output device like a keyboard or audio.
72
+
* CPU uses this to interact with other devices.
73
+
74
+
##### I/O Buffer Register
75
+
76
+
* temporary buffer for the I/O Address Register to exchange and hold data.
77
+
* Deals with before and after processing.
78
+
79
+
----------------------
80
+
81
+
#### Cache Memory
82
+
83
+
* Fast but small.
84
+
* Typically old memory.
85
+
* CPU checks the cache first (a cache hit) before reading the RAM (a cache miss if not in cache).
86
+
87
+
##### L1 (Level 1 Cache)
88
+
89
+
* First level in the CPU.
90
+
* Ranges from 2KB to 64KB in size.
91
+
* Every core has this.
92
+
93
+
##### L2 (Level 2 Cache)
94
+
95
+
* Might not be present in the CPU.
96
+
* 2 cores may share it.
97
+
* 256KB to 512KB in size.
98
+
99
+
##### L3 (Level 3 Cache)
100
+
101
+
* Shared by all cores and present outside of the CPU.
Copy file name to clipboardExpand all lines: public/index.xml
+1-1Lines changed: 1 addition & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -13,7 +13,7 @@
13
13
<link>//localhost:1313/posts/tuxedos/</link>
14
14
<pubDate>Sat, 24 Jan 2026 00:08:40 -0700</pubDate>
15
15
<guid>//localhost:1313/posts/tuxedos/</guid>
16
-
<description><h1 id="background">Background</h1>
<p>First windows now it&rsquo;s time for the penguin! Unlike windows, Linux has a more direct approach for doing things like manipulating memory or linking libraries or you don&rsquo;t need to call 3+ api functions to do something like process injection.</p>
<h1 id="process-injection">Process Injection</h1>
<h2 id="background-and-important">Background and important</h2>
<p>In Linux there&rsquo;s no possible way to allocate more memory to a process meaning if the original process isn&rsquo;t restored it&rsquo;ll crash.</p>
<h2 id="system-calls-and-methods">System Calls and Methods</h2>
<ul>
<li><code>ptrace</code>: debugs a remote process meaning memory on that process can be changed and inspected.</li>
<li><code>procfs</code>: a filesystem that shows the interfaces for running processes (literally in <code>/proc</code> on Linux).
<ul>
<li>Processes are typically directories represented by their PIDs.</li>
<li>Inside of the PIDs is the mem file that shows the memory address and space for that process.</li>
</ul>
</li>
<li><code>process_vm_writev</code>: allows for modifying data space of the remote process.
<ul>
<li>This syscall receives a pointer and copies it to the specified location in the remote process.</li>
</ul>
</li>
</ul>
<h3 id="the-elephant-in-the-room">The Elephant In The Room</h3>
<p>All this is neat and all but how do things like the <code>ps</code> command get all of the processes and memory in Linux? Well it actually reads them from the <code>/proc</code> directory on the Linux filesystem!</p></description>
16
+
<description><h1 id="background">Background</h1>
<p>First windows now it&rsquo;s time for the penguin! Unlike windows, Linux has a more direct approach for doing things like manipulating memory or linking libraries or you don&rsquo;t need to call 3+ API functions to do something like process injection.</p>
<h1 id="fundamentals">Fundamentals</h1>
<h2 id="memory">Memory</h2>
<p>Everyone knows things like RAM but what about the other memory in the system?</p>
<h3 id="primary">Primary</h3>
<ul>
<li>Your RAM and ROM (read only memory)</li>
<li>Disposable/wiped after a reboot.</li>
<li>Fast readily available for programs</li>
</ul>
<h4 id="rom">ROM</h4>
<ul>
<li>Read only.</li>
<li>BIOS level.</li>
<li>Smaller chip.</li>
<li>Provides all boot instructions and firmware.</li>
</ul>
<hr>
<h4 id="register-memory">Register memory</h4>
<ul>
<li>storage locations on the CPU that store temporary data.</li>
<li>Faster than RAM.</li>
<li>Important instructions</li>
<li>each register typically holds between 32 and 64 bits of data.</li>
<li>THIS IS NOT CACHE MEMORY!!</li>
</ul>
<h5 id="data-register">Data Register</h5>
<ul>
<li>16 bit register that holds variables.</li>
<li>Temporary holding place for data.</li>
</ul>
<h5 id="program-counter-register-pc-register">Program Counter Register (PC Register)</h5>
<ul>
<li>Memory address for next set of instructions in the program.</li>
<li>Keeps proper sequence in the program.</li>
</ul>
<h5 id="instruction-register">Instruction Register</h5>
<ul>
<li>16 bit register that contains the current instruction code from the main memory (RAM).</li>
<li>This is what the CPU actually executes.</li>
</ul>
<h5 id="address-register">Address Register</h5>
<ul>
<li>12 bit register for address location.</li>
<li>CPU fetches and handles instructions from this.</li>
</ul>
<h5 id="io-address-register">I/O Address Register</h5>
<ul>
<li>unique address with an input or output device like a keyboard or audio.</li>
<li>CPU uses this to interact with other devices.</li>
</ul>
<h5 id="io-buffer-register">I/O Buffer Register</h5>
<ul>
<li>temporary buffer for the I/O Address Register to exchange and hold data.</li>
<li>Deals with before and after processing.</li>
</ul>
<hr>
<h4 id="cache-memory">Cache Memory</h4>
<ul>
<li>Fast but small.</li>
<li>Typically old memory.</li>
<li>CPU checks the cache first (a cache hit) before reading the RAM (a cache miss if not in cache).</li>
</ul>
<h5 id="l1-level-1-cache">L1 (Level 1 Cache)</h5>
<ul>
<li>First level in the CPU.</li>
<li>Ranges from 2KB to 64KB in size.</li>
<li>Every core has this.</li>
</ul>
<h5 id="l2-level-2-cache">L2 (Level 2 Cache)</h5>
<ul>
<li>Might not be present in the CPU.</li>
<li>2 cores may share it.</li>
<li>256KB to 512KB in size.</li>
</ul>
<h5 id="l3-level-3-cache">L3 (Level 3 Cache)</h5>
<ul>
<li>Shared by all cores and present outside of the CPU.</li>
<li>Ranges from 1MB to 8MB in size.</li>
</ul>
<hr>
<h3 id="secondary">Secondary</h3>
<ul>
<li>Optical Disks</li>
<li>Flash memory</li>
<li>Slower than primary</li>
<li>Persistent</li>
</ul>
<h3 id="sources">Sources</h3>
<ul>
<li><a href="https://www.geeksforgeeks.org/computer-organization-architecture/introduction-to-memory-and-memory-units/">https://www.geeksforgeeks.org/computer-organization-architecture/introduction-to-memory-and-memory-units/</a></li>
<li><a href="https://www.geeksforgeeks.org/computer-organization-architecture/memory-hierarchy-design-and-its-characteristics/">https://www.geeksforgeeks.org/computer-organization-architecture/memory-hierarchy-design-and-its-characteristics/</a></li>
<li><a href="https://www.geeksforgeeks.org/computer-science-fundamentals/cache-memory/">https://www.geeksforgeeks.org/computer-science-fundamentals/cache-memory/</a></li>
</ul>
<h2 id="assembly">Assembly</h2>
<p>Just kidding lol, I won&rsquo;t have notes on assembly, resources bellow already did it.</p></description>
0 commit comments