三十而立

前言

轉眼間一下子就三十歲了，雖然以前就知道人生要找尋自己的目標，但是到現在還是沒找到😛。

當初一個起念就是想出國工作! 現在已是來日兩年目，當初的目標是想要改變生活型態，看看能不能帶來一些成長，雖然我對當時的生活型態已經很滿意了，一份穩定不加班的工作，每週下班後去辦公室旁邊的音樂教室上鋼琴課，在家的時候練練鋼琴，玩玩電動，偶爾和朋友吃個飯喝個酒，其實也沒有什麼不好。只是真的太單調了，重複做一樣的事情，只能說是無趣，像是例行公事一樣的乏味。現在回頭看看，會覺得出國這個決定真是太值得了，慶幸當初有做出這個決定，否則現在大概還是一樣渾渾噩噩的過日子吧。

工作

目前任職於 メルカリ，是一間專做日本二手拍賣的電商，說實在工作內容上沒有和以前工作差上很多，最大的差別大概就是語言和同事吧，在還沒來日本前有以遠端的部分在台灣上班，伴隨著疫情，日本國門開了又關，關了又開，在遠距半年了之後終於等到簽證開放，可以移居日本，當初組內的成員依序離開，現在只剩下我一個還留在這個組，以現在對公司的理解，大概都能理解為什麼這些人會離開，曾經一度只剩三個人，那段時間真的是蠻難熬的，需要兼on-call、顧工作上的進度、還要適應日本的生活，後後續續又補了一些人，現在就比較平衡一點，也比較有辦法把自己從工作上抽離。

生活

在日本的生活，第一件事遇到的困難就是日語，在來日以前，原本以為自己有自學日文，也上了快大概一年的線上日文課就覺得能夠應付基本生活。結果完全不夠用，還記得第一天到日本的時候，什麼都聽不懂，有夠尷尬，去餐廳支支吾吾，大部分的時候都選擇去便利商店，這樣可以盡量避免對話，前面半年的時間實在很緊湊，除了工作上的適應，在下班的時間又必須去處理生活起居等等的事情，由於自己的日文很爛，常常需要花大量的時間閱讀文件，把該辦的東西都辦一半，習慣後，後面的時間就比較有餘力去做其他的事，過了一年後，就照著原定計畫申請了永住，自己稍微讀了一下永住的申請辦法，感覺沒有很複雜，請代辦頂多是幫你跑入管局一趟，而且要是自己連這種程度的日文都無法處理，應該沒有要長久住在這裡的理由吧，那幹嘛申請永住，目前還在等永住結果中，永住算是自己來日本前就想好的一個計畫，也影響到我人生的重要決定。

理財

就目前我對經濟的理解，貨幣的價值只會一直貶值，雖然在台灣的工作就有在玩玩股票，來日本後打算重操舊業，查一查卻發現要繳 20.315% 的稅，實在是不怎麼划算，後來研究一下 NISA，覺得額度實在是有點少，房地產可能是可以考慮的方向。

買房對我來說算是一個有點突然的決定，原本的打算是，在日本待滿一年後申請永住，在等待永住的時候去看房，等到永住下來後，可以用跟日本人一樣的利率背房貸，只是後來房價實在是漲得有點誇張，跑了一下事前審查，發現利率並沒有差多少，我拿到的利率是0.375%，稍微問了一下有永住的朋友大概是0.2左右，考量到最近日本資產的漲幅，結果在還沒有永住的情況就買了。

至於要買什麼樣房子，我一開始參考這篇文章，可以大概理解一下自己想住哪種類型的房子，自己整理出來的條件是這樣

• 大きさ: 50平方メートル以上（住宅ローン減税の適用）
• 間取り: 1LDKまたは2LDK
• 建物: マンション
• 建物の年数: 新築または築20年以内
• 購入予算: 6000万円～10000万円
• アクセス: 徒歩で駅まで10分以内
• 低層階を好みますが、必須ではありません
• 治安の懸念はあまり考慮しません
• 向きはあまり考慮しません 
• 懸念
• 防音
• 新耐震基準
• 土地液状化 
• 見取り 
• 希望エリア
• 豊島区 
• 文京区 
• 中野区
• 目黒区
• 大田区
• 世田谷区
• 杉並区

至於建商，我選擇的是大手公司，畢竟在日本這個國家，自己日文能力不是那麼好，而且很多枚枚尬尬又怕不知道，要是買了甚麼有紕漏的房子大概會悔後萬分，選擇大手公司的話，至少比較有保障，當初也有點半投資的打算，畢竟大手比較有品牌，所以要跌價也會跌比較少。

我自己是習慣做好準備，再去和對方對照自己的理解對不對，所以我準備去問房屋仲介的問題，我都有大概了解，果然大手的仲介就是很專業，都有很詳細的解答了我的疑問，後來朋友有跟我說一個網站可以查大手的物件 https://www.major7.net/

五年養成計畫

我現在都已經讀到大學四年級了

開始要找實習的時候才發覺到自己的履歷看起來一點都不亮眼

拜讀了這位大神的部落格後決定要開始振作

http://lucida.me/blog/on-learning-algorithms/

以前大學總是渾渾噩噩的

什麼東西都是東摸西摸

覺得拿個及格分數就很滿意了

從現在大學四年級開始到碩一再加上三年的研替

總共五年的時間能夠重整一下自己的基礎

以下是書單(會不定時的更新):

程式設計師的自我修養

http://www.books.com.tw/products/0010456858

Trace QIRA(1)-directory tree and package

Some tools

---

• sourcetree ( https://www.sourcetreeapp.com/ )
• git cola ( https://git-cola.github.io/ )

Installation

---

• Now version is v1.1
• install.sh will install qira
• qemu_build.sh will install qemu
• fetchlibs.sh will fetch the libraries for i386, armhf, armel, aarch64, mips, mipsel, and ppc
• pin_build.sh will install the QIRA PIN plugin, allowing –pin to work

Debian Packages

---

• build-essential : essential to build Debian packages
• python-dev python-pip : Python
• debootstrap : a tool which will install a Debian base system into a subdirectory of another
• debian-archive-keyring : key for GnuPG
• libjpeg-dev : C library for reading and writing JPEG images
• zlib1g-dev : zlib is a library implementing the deflate compression method found in gzip and PKZIP
• unzip : tool to decompress zip file
• wget : network utility to retrieve files from the Web using http and ftp
• graphviz : Graph visualization is a way of representing structural information as diagrams of abstract graphs and networks.
• curl : command line tool for transferring files with URL syntax
• Capstone : disassembly framework
• Virtualenv : tool to create isolated Python environments

Python Packages

---

• Six : Python 2 and 3 Compatibility Library
• html : simple, elegant HTML, XHTML and XML generation
• flask-socketio : Flask applications access to low latency bi-directional communications between the clients and the server
• pillow : Python Imaging Library
• pyelftools : Library for analyzing ELF files and DWARF debugging information
• socketIO-client : socket.io client library for Python
• Pydot : full interface to create handle modify and process graphs in Graphviz’s dot language
• Ipaddr : library for working with IP addresses
• Capstone : disassembly framework
• Hexdump : view/edit your binary with any text editor
• Nose : nose extends unittest to make testing easier
• ./qiradb : geohot’s python module

Language used

---

I use cloc to calculate code.

http://cloc.sourceforge.net/

• Mainly use C, Python, Javascript
• C is used to qemu and disassemble
• Python is for the website
• Web framework use flask
• Flask is a microframework for Python based on Werkzeug, Jinja 2 and good intentions

http://flask.pocoo.org/

• Website use Flask-SocketIO to communicate
• Flask-SocketIO gives Flask applications access to low latency bi-directional communications between the clients and the server.
• Client-side application can use javascript library to establish a permanet connection to the server

http://flask-socketio.readthedocs.org/en/latest/

Directory Tree

---

• extra
  
  • qiradb
  • website(qira.me)
• ida
  
  • Ida plugin
• middleware
  
  • 主要放置.py
• qiradb
  
  • 以C++寫成的資料結構
• qira_tests
  
  • Test case
• releases
  
  • qira各版本
• static2
  
  • recovering static structure
• tests_auto
  
  • auto tests
• tests_manual
  
  • tests manual
• tracers
  
  • pin
  • angr
  • qemu
• web
  
  • Web application client
  • Css js

QIRA introduction

---

• QIRA is timeless debugger
• Fullname is QEMU Interactive Runtime Analyser
• QIRA was initially developed at Google by George Hotz. Work continues at CMU.

QIRA website :

http://qira.me/

QIRA github :

https://github.com/BinaryAnalysisPlatform/qira

Usage

How to make ida plugin work

• Testing environment is on Windows 10 enterprise with Vmware workstation Pro 12
• Install qira 1.1 on Ubuntu 15.10 and port-forwarding 3002 port
• Quick install qira and google-chrome can by following script

- git clone https://github.com/bananaappletw/Ubuntu
cd Ubuntu/
./install.sh

• And copy two files qira_ida66_windows.p64, qira_ida66_windows.plw from qira/ida/bin/ to ida pro plugins/
• Open Chrome and IDA PRO on windows 10
• It should work like this

CTF For Beginner

HITCON Community 2015演講的投影片

主題 : CTF For Beginner

要是有興趣的歡迎加入Bamboofox喔

Bamboofox網站

網路安全策進會

Ctf For Beginner from 威伯 陳

Ubuntu-For-CTF

My config

---

https://github.com/bananaappletw/Ubuntu

---

Update everything

sudo apt-get update
sudo apt-get -y upgrade

Install google-chrome

wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google-chrome.list'
sudo apt-get update
sudo apt-get install -y google-chrome-stable

Install multi architecture

dpkg --add-architecture i386
sudo apt-get update
sudo apt-get install -y gcc-multilib

Install strace, ltrace, gdb64

sudo apt-get install -y strace
sudo apt-get install -y ltrace
sudo apt-get install -y gdb64

Install pip

sudo apt-get install python-setuptools
sudo apt-get install easy_install
sudo easy_install pip
sudo pip install pwntools
sudo pip install capstone --upgrade
sudo pip install ropgadget --upgrade

vim

sudo apt-get install -y vim
cp .vimrc ~
cp .gitconfig ~
git clone https://github.com/VundleVim/Vundle.vim.git ~/.vim/bundle/Vundle.vim
vim +PluginInstall +qall
wget https://github.com/Lokaltog/powerline/raw/develop/font/PowerlineSymbols.otf https://github.com/Lokaltog/powerline/raw/develop/font/10-powerline-symbols.conf
sudo mv PowerlineSymbols.otf /usr/share/fonts/
sudo fc-cache -vf
sudo mv 10-powerline-symbols.conf /etc/fonts/conf.d/

Install qira

cd ~/
cd ~/ && wget -qO- qira.me/dl | unxz | tar x && cd qira && ./install.sh
./fetchlibs.sh 
./pin_build.sh
./cda_build.sh

Training Website

All types

---

hackerrank

https://www.hackerrank.com/domains/shell/bash

CTF

---

Bamboofox

https://bamboofox.torchpad.com/

Secure programming

http://ctf.cs.nctu.edu.tw/

W3challs

http://w3challs.com/

pwnable.kr

http://pwnable.kr/

hackthissite

https://www.hackthissite.org/

Useful-Tools

Blogger

---

Stackedit

https://stackedit.io/editor#

Slides

---

Prezi

https://prezi.com/

Slides

http://slides.com/

Ascii graph

http://asciiflow.com/

Speak

---

sm

https://github.com/chusiang/sm

CTF

---

Convert hex string

http://www.unit-conversion.info/texttools/hexadecimal/

qira

http://qira.me/

python

---

python package

numpy

Kali2-For-CTF

---

Quick installation for CTF on Kali 64bits

• strace
• ltrace
• pwntools
• gdb64
  https://github.com/Gallopsled/pwntools
• ROPgadget
  https://github.com/JonathanSalwan/ROPgadget
• Vim
• Configuration
  
  • set encoding to UTF-8
  • syntax highlight
  • close record mode
  • replace tab to space and width is 4
• Plugin
  
  • powerline
    https://github.com/Lokaltog/vim-powerline
  • airline
    https://github.com/bling/vim-airline

Installation

git clone https://github.com/bananaappletw/Kali2-For-CTF
cd Kali2-For-CTF/
./install.sh

Learn-Python

---

Getting started with python in ten minute

http://tech.marsw.tw/blog/2014/09/03/getting-started-with-python-in-ten-minute

20 lessons to learn Python

http://www.thelearningpoint.net/computer-science/learning-python-programming-and-data-structures

Hackerrank

https://www.hackerrank.com/

Ruby on Rails on Ubuntu 15.04 Desktop

---

Update and upgrade

sudo apt-get update && apt-get upgrade -y

Follow the steps

https://gorails.com/setup/ubuntu/15.04

vmtools on Kali Linux

VMTOOL

apt-get install open-vm-tools

Run both 32-bits and 64-bits program on 64-bits Kali Linux

Add architecture

dpkg --add-architecture i386

Update repository

apt-get update

Install library

apt-get install ia32-libs
apt-get install gcc-multilib

How to install Arch Linux with BIOS boot loader and GPT partition table

We are going to install 64bit arch linux with BIOS and GPT partition table and boot loader is GRUB
Arch Linux is hard to install, because it needs a lot of basic knowledge of computer
Please read the following document carefully.
If you have any question, try to figure it out until you fully understand what you are doing now.
Simple Install guide
Detail Install guide

Partition the disks

On a BIOS/GPT configuration a BIOS boot partition is required. GRUB embeds its core.img into this partition.

Assume your disk is 20GB
our partition guide is

• BIOS 1MB
• swap 1GB
• root 19GB
  

  gdisk /dev/sda
  

BIOS

n
Enter
Enter
+1M
ef02

swap

n
Enter
Enter
+1G
8200

root

n
Enter
Enter
Enter
8300
w

fs and swap

mkfs.ex4 /dev/sda3
mkswap /dev/sda2
swapon /dev/sda2

mount

mount /dev/sda3 /mnt

Install system

pacstrap -i /mnt base base-devel

Generate the fstab

genfstab -U -p /mnt >> /mnt/etc/fstab

Chroot and cofigure base system

arch-chroot /mnt /bin/bash

Locale

vi /etc/locale.gen

en_US.UTF-8 UTF-8

locale-gen
echo LANG=en_US.UTF-8 > /etc/locale.conf
export LANG=en_US.UTF-8

Time zone

ln -s /usr/share/zoneinfo/Asia/Taipei /etc/localtime

Hardware clock

 hwclock --systohc --utc

Hostname

echo bananaapple.nctucs.net > /etc/hostname

Edit /etc/hosts and add your hostname

Configure the network

systemctl enable dhcpcd.service

Set the root password

passwd

Install GRUB

pacman -S grub
grub-install --target=i386-pc --recheck --debug /dev/sdx
grub-mkconfig -o /boot/grub/grub.cfg

Unmount the partitions and reboot

exit
reboot

Ruby on Rails on Ubuntu 14.04 with apache2 and passenger

Install curl, git, nodejs

sudo apt-get install curl
sudo apt-get install git
sudo apt-get install nodejs

Install mysql

sudo apt-get install mysql-server
sudo apt-get install mysql-client
sudo apt-get install libapache2-mod-auth-mysql 
sudo apt-get install php5-mysql
sudo mysql_install_db

Install apache2

sudo apt-get install apache2
sudo apt-get install apache2-utils

Install php

sudo apt-get install php5 
sudo apt-get install php5-mysql 

Ruby on rails on Centos 7 with apache2 and passenger

Before doing following steps, please turn off selinux

vim /etc/selinux/config
find this line SELINUX=enforcing, and change to SELINUX=disabled
and reboot

Install LAMP

yum install httpd mariadb-server mariadb php php-mbstring php-mysql php-gd mysql mysql-develStart and enable phpMyAdmin
sudo yum install epel-release
sudo yum install phpmyadmin

Install rvm

gpg –keyserver hkp://keys.gnupg.net –recv-keys D39DC0E3
\curl -sSL https://get.rvm.io | bash -s stable

Use rvm install ruby

rvm install ruby
rvm –default use 2.2.0

Install rails and bundle

gem install rails
gem install bundle

Install passenger and dependency

gem install passenger
sudo yum install libcurl-devel
sudo yum install httpd-devel
sudo yum install apr-devel
sudo yum install apr-util-devel

Install passenger with apache2

passenger-install-apache2-module
Add following lines in /etc/http/conf/httpd.conf or create file /etc/httpd/conf.d/passenger.conf

LoadModule passenger_module /home/apple/.rvm/gems/ruby-2.2.0/gems/passenger-4.0.58/buildout/apache2/mod_passenger.so

<IfModule mod_passenger.c>

PassengerRoot /home/apple/.rvm/gems/ruby-2.2.0/gems/passenger-4.0.58

PassengerDefaultRuby /home/apple/.rvm/gems/ruby-2.2.0/wrappers/ruby

</IfModule>

Create new ror project

cd /var/www/html
rails new ror -d mysql
configure /var/www/html/ror/config/database.yml file

Add following lines to /etc/httpd/conf/httpd.conf

RailsEnv development
<VirtualHost *:80>
      ServerName localhost
      # !!! Be sure to point DocumentRoot to 'public'!
      DocumentRoot /var/www/html/ror/public
      <Directory /var/www/html/ror/public>
         # This relaxes Apache security settings.
         AllowOverride all
         # MultiViews must be turned off.
         Options -MultiViews
         # Uncomment this if you're on Apache >= 2.4:
         Require all granted
      </Directory>
</VirtualHost>

sudo systemctl restart httpd.service

Trouble shooting phpmyadmin not show correctly

add lines after alias

alias /phpmyadmin /usr/share/phpMyAdmin
alias /phpMyAdmin /usr/share/phpMyAdmin

<Location /phpmyadmin>
   PassengerEnabled off
</Location>
<Location /phpMyAdmin>
   PassengerEnabled off
</Location>

mac清單

brew
iterm
welly
chrome
virtual box
sublime text
filezilla
sourcetree
moom

07.Install ssl over apache2 in Kali Linux

1.Produce the key
openssl req -new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem -keyout /etc/apache2/ssl/apache.key

2.Replace the setting in /etc/apache2/sites-available/default-ssl
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key

3.Enable ssl module
a2enmod ssl

4.Enable the site
a2ensite default-ssl

5.Restart apache2
service apache2 restart

6.Virtual Host over ssl, edit /etc/apache2/ports.conf
NameVirtualHost *:80
Listen 80
<IfModule mod_ssl.c>
# If you add NameVirtualHost *:443 here, you will also have to change
# the VirtualHost statement in /etc/apache2/sites-available/default-ssl
# to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
NameVirtualHost *:443
Listen 443
</IfModule>
<IfModule mod_gnutls.c>
NameVirtualHost *:443
Listen 443
</IfModule>



7.Create your ror-ssl-site in /etc/apache2/sites-available/yourdomain.com
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerName yourdomain.com
# !!! Be sure to point DocumentRoot to 'public'!
DocumentRoot /home/yourname/my_project/public
RailsEnv development
<Directory /home/yourname/my_project/public >
# This relaxes Apache security settings.
AllowOverride all
# MultiViews must be turned off.
Options -MultiViews
# Uncomment this if you're on Apache >= 2.4:
# Require all granted
</Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key
</VirtualHost>
</IfModule>

8.Enable the site
a2ensite yourdomain.com

06.Install Virtual Box in Kali Linux

1.Add this line to /etc/apt/sources.list

echo "deb http://download.virtualbox.org/virtualbox/debian wheezy contrib" >> /etc/apt/sources.list

2.Install the Virtual Box
sudo apt-get update sudo apt-get install virtualbox-4.3

05.Build Ruby on Rails Development Environment with Apache2 module passenger

1.Install ruby, rubygems, basic build-essential

sudo apt-get install ruby-full rubygems build-essential


2.Install apache2
sudo apt-get install apache2 apache2-mpm-prefork apache2-prefork-dev libcurl4-openssl-dev

3.Install mysql
sudo apt-get install mysql-server mysql-client 
sudo apt-get install libmysql-ruby libmysqlclient15-dev 
sudo gem install mysql
sudo apt-get install rubygems
4.Install rails use gem
sudo gem install rails

5.Install passenger use gem
sudo gem install passenger

6.build passenger module with apache2
sudo passenger-install-apache2-module
7.add following lines into /etc/apache2/apache2.conf file
LoadModule passenger_module /var/lib/gems/1.9.1/gems/passenger-4.0.56/buildout/apache2/mod_passenger.so
   <IfModule mod_passenger.c>
     PassengerRoot /var/lib/gems/1.9.1/gems/passenger-4.0.56
     PassengerRuby /usr/bin/ruby1.9.1
   </IfModule>

8.Enable the mod_rewrite
sudo a2enmod rewrite

9.start new rails project called my_project in /var/www/my_project
cd /home/your-username/
rails new my_project -d mysql

10.Create the file in /etc/apache2/sites-available/your.domain.name.com

<VirtualHost *:80>

      ServerName your.domain.name.com

      # !!! Be sure to point DocumentRoot to 'public'!

      DocumentRoot /home/your-username/my_project/public

      RailsEnv development

      <Directory /home/your-username/my_project/public >

         Allow from all

         Satisfy Any

         # This relaxes Apache security settings.

         AllowOverride all

         # MultiViews must be turned off.

         Options -MultiViews

         # Uncomment this if you're on Apache >= 2.4:

         # Require all granted

      </Directory>

</VirtualHost>

11.Enable your site, and disable the default website

sudo a2ensite your.domain.name.com

sudo service apache2 restart

12.Edit /etc/hosts

127.0.0.1 your.domain.name.com


13.Set default mysql password
service mysql stop 
mysqld_safe --skip-grant-tables 
mysql -u root 
use mysql 
update user set password=PASSWORD("NEW_ROOT_PASSWORD") where User='root';
flush privileges;
quit
service mysql restart      
14.Edit database config file in /var/www/my_project

cd /var/www/my_project/config/
vim database.yml
edit the default empty password to your new password
15.Install gemfile and database

cd /var/www/my_project/

bundle install

rake db:create db:migrate

16.Start apache2 and mysql at boot time

update-rc.d apache2 enable

update-rc.d mysql enable