by ·0评论

一、各个版本号对比

Linux内核版本 Android系统版本号 API版本号 版本代号 发布日期
/ Android-1.0 1 / 2008-09-23
/ Android-1.1 2 / 2009-02-02
2.6.27 Android-1.5 3 Cupcake / 纸杯蛋糕 2009-04-30
2.6.29 Android-1.6 4 Donut / 甜甜圈 2009-09-15
Android-2.0 5 Eclair / 闪电泡芙 2009-10-26
Android-2.0.1 6 2009-12-03
Android-2.1 7 2010-01-12
2.6.32 Android-2.2 8 Froyo / 冻酸奶 2010-05-20
Android-2.2.1 2011-01-18
Android-2.2.2 2011-01-22
Android-2.2.3 2011-11-21
2.6.35 Android-2.3 9 Gingerbread / 姜饼 2010-12-07
Android-2.3.1 2010-12
Android-2.3.2 2011-01
Android-2.3.3 10 2011-02-09
Android-2.3.4 /
Android-2.3.5 2011-07-25
Android-2.3.6 2011-09-02
Android-2.3.7 /
2.6.36 Android-3.0 11 Honeycomb / 蜂巢 2011-02-02
Android-3.1 12 2011-05-10
Android-3.2 13 2011-07-15
Android-3.2.1 2011-09-20
Android-3.2.2 2011-08-30
3.0.1 Android-4.0 14 Ice Cream Sandwich / 冰淇淋三明治 2011-10-19
Android-4.0.1 2011-10
Android-4.0.2 2011-11-28
Android-4.0.3 15 2011-12-16
Android-4.0.4 2012-02-06
3.0.31 Android-4.1 16 Jelly Bean / 果冻豆 2012-06-28
Android-4.1.1 2012-07-23
Android-4.1.2 2012-10-09
3.4.0 Android-4.2 17 2012-10-30
Android-4.2.1 2012-11
Android-4.2.2 2013-02-11
3.4.39 Android-4.3 18 2013-07-25
Android-4.3.1 2013-10-05
3.10 Android-4.4 19 KitKat / 奇巧巧克力棒 2013-10-31
Android-4.4.1 2013-12-05
Android-4.4.2 2013-12-09
Android-4.4.3 2014-06-02
Android-4.4.4 2014-06-20
Android-4.4W 20 2014-06
3.16.1 Android-5.0 21 Lollipop / 棒棒糖 2014-06-25
Android-5.0.1 2014-12-04
Android-5.0.2 2014-12-21
Android-5.1 22 2015-03-10
Android-5.1.1 2015-04-22
3.18.10 Android-6.0 23 Marshmallow / 棉花糖 2015-10-05
Android-6.0.1 2015-12-07
4.4.1 Android-7.0 24 Nougat / 牛轧糖 2016-08-22
Android-7.1 25 2016-10-21
Android-7.1.1 2016-12-05
Android-7.1.2 2017-04-04
4.9 Android-8.0 26 Oreo / 奥利奥 2017-08-21
Android-8.1 27 2017-12-06
4.14 Android-9.0 28 Pie / 馅饼 2018-08-06
/ Android-10 29 Q 2019-09-03
/ Android-11 30 Red Velvet Cake / 红色天鹅绒蛋糕 2020-09-08
5.10 Android-12 31 Snow cone / 杯套装碎冰 2021-10-04
/ Android-12L 32 2022-03-08
5.15 Android-13 33 Tiramisu / 提拉米苏 2022-05-12
6.1 Android-14 34 Upside Down Cake / 翻转蛋糕 2023-10-04
6.6 Android-15 35 Vanilla Ice Cream / 香草冰淇淋 (AOSP 实验版)(2024)

二、特殊部分说明

1、Android系统在1.0发版前,有两个内测版本,代号分别是:铁臂阿童木(Astro)和机器人班亭(Bender)
2、Android系统1.0和1.1版本并没有特殊的名称代号,因此没有名字
3、Android-1.5开始采用正式代号名称,以甜品命名,首字母从C开始依次递增
4、Android-4.4W是单独的一个版本,主要是用于穿戴设备
5、Android-12L也是一个单独的版本,主要是用于折叠式设备和大屏幕设备
6、Android-10的代号不是甜点,是字母Q,可能是找不到甜点名称了
7、发布日期均指正式版发行日期,部分版本发行日期只能追溯到月,无法追溯到具体时间了

文章摘抄至 https://security.blog.csdn.net/article/details/125295711 , https://apilevels.com/

by ·0评论

全新安装的在Windows 7 SP1系统中,自动更新功能是保持系统安全性和稳定性的关键。然而,许多用户在尝试更新时可能会遇到错误代码80072EFE,这通常意味着更新过程中出现了网络通信问题。实际上,这一错误往往与系统缺少必要的补丁或更新机制遇到障碍有关。

先手动下载KB3020369,KB3125574这两个补丁:
KB3020369补丁 64位
https://www.microsoft.com/zh-CN/download/details.aspx?id=46817
 KB3020369补丁 32位
https://www.microsoft.com/zh-CN/download/details.aspx?id=46827
KB3125574补丁 64位
https://download.windowsupdate.com/d/msdownload/update/software/updt/2016/05/windows6.1-kb3125574-v4-x64_2dafb1d203c8964239af3048b5dd4b1264cd93b9.msu
KB3125574补丁 32位
https://download.windowsupdate.com/d/msdownload/update/software/updt/2016/05/windows6.1-kb3125574-v4-x86_ba1ff5537312561795cc04db0b02fbb0a74b2cbd.msu

或者直接从Update服务器搜索下载
https://www.catalog.update.microsoft.com/Search.aspx?q=KB3020369
https://www.catalog.update.microsoft.com/Search.aspx?q=KB3125574

先安装KB3020369重启后在安装KB3125574继续重启,然后再开始菜单点Windows Update,检查更新

一切多么美好, 完结.

by ·0评论

    1. 进入 docker 容器

    $ docker exec -it 4a21b5ee9275 /bin/bash

    2. 查看debian系统版本

    # cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"

    3. 确认版本后配置国内镜像源(本例版本代号为bullseye)

    # echo "deb http://mirrors.aliyun.com/debian bullseye main" >/etc/apt/sources.list
# echo "deb http://mirrors.aliyun.com/debian-security bullseye-security main" >>/etc/apt/sources.list
# echo "deb http://mirrors.aliyun.com/debian bullseye-updates main" >>/etc/apt/sources.list

    by ·0评论

    1. 查找Docker Hub上的mysql镜像

    $ sudo docker search mysql
NAME                              DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED
mysql                             MySQL is a widely used, open-source relation…   8922                [OK]
mariadb                           MariaDB is a community-developed fork of MyS…   3135                [OK]
mysql/mysql-server                Optimized MySQL Server Docker images. Create…   659                                     [OK]
percona                           Percona Server is a fork of the MySQL relati…   462                 [OK]
centos/mysql-57-centos7           MySQL 5.7 SQL database server                   65
centurylink/mysql                 Image containing mysql. Optimized to be link…   61                                      [OK]
mysql/mysql-cluster               Experimental MySQL Cluster Docker images. Cr…   59
deitch/mysql-backup               REPLACED! Please use http://hub.docker.com/r…   41                                      [OK]
bitnami/mysql                     Bitnami MySQL Docker Image                      35                                      [OK]
tutum/mysql                       Base docker image to run a MySQL database se…   34
schickling/mysql-backup-s3        Backup MySQL to S3 (supports periodic backup…   28                                      [OK]
prom/mysqld-exporter                                                              23                                      [OK]
linuxserver/mysql                 A Mysql container, brought to you by LinuxSe…   22
centos/mysql-56-centos7           MySQL 5.6 SQL database server                   17
circleci/mysql                    MySQL is a widely used, open-source relation…   16
mysql/mysql-router                MySQL Router provides transparent routing be…   14
arey/mysql-client                 Run a MySQL client from a docker container      13                                      [OK]
openshift/mysql-55-centos7        DEPRECATED: A Centos7 based MySQL v5.5 image…   6
fradelg/mysql-cron-backup         MySQL/MariaDB database backup using cron tas…   4                                       [OK]
genschsa/mysql-employees          MySQL Employee Sample Database                  3                                       [OK]
devilbox/mysql                    Retagged MySQL, MariaDB and PerconaDB offici…   2
ansibleplaybookbundle/mysql-apb   An APB which deploys RHSCL MySQL                2                                       [OK]
jelastic/mysql                    An image of the MySQL database server mainta…   1
monasca/mysql-init                A minimal decoupled init container for mysql    0
widdpim/mysql-client              Dockerized MySQL Client (5.7) including Curl…   0                                       [OK]

    2. 选择centos 7下的 mysql-57

    $ sudo docker pull centos/mysql-57-centos7

    3. 创建mysql数据库目录

    $ sudo mkdir /data/mysql57
$ sudo chown mysql:mysql /data/mysql57
$ sudo chcon system_u:object_r:mysqld_db_t:s0 /data/mysql57

    4. 使用mysql镜像

    $ sudo docker run -p 3306:3306 --name mysql57 \
--volume=/data/mysql57/:/var/lib/mysql/data/ \
--restart=always \
-e MYSQL_ROOT_PASSWORD=123456 -d centos/mysql-57-centos7

    5. 连接docker mysql

    $ sudo docker exec -ti -u root mysql57 bash

    by ·0评论

      在RHEL 8/CentOS 8上安装Docker和Docker Compose的文章已经很多了, 不过都是要求禁用firewalld, 因为默认安装的 firewalld 会导致Docker容器DNS解析失败, 其实只需要修改一下 firewalld 的配置就可以正常工作的.

      在CentOS 8上安装Docker CE的步骤如下:

      1. 准备工作,CentOS 8的工作实例和具有sudo特权的用户

      2. 添加必要的Docker存储库

      我们将使用dnf config-manager实用程序添加Docker存储库。

    $ sudo dnf config-manager --add-repo=https://download.docker.com/linux/centos/docker-ce.repo

      3. 直接安装Docker CE会失败, 因为其要求 containerd.io 版本比较高, 然后会CentOS 8默认安装冲突, 所以需要手动安装 containerd.io 。

    $ sudo dnf install https://download.docker.com/linux/centos/7/x86_64/stable/Packages/containerd.io-1.2.10-3.2.el7.x86_64.rpm

      4. 这时候就可以直接安装Docker CE了。

    $ sudo dnf install docker-ce

      5. 为了强制DNS解析在Docker容器中起作用,必须禁用firewalld。

    $ sudo systemctl disable firewalld

      6. 启用docker守护进程

    $ sudo systemctl enable --now docker

      7. 为了无需使用 sudo 来启动 docker 我们需要把当前用户加入 docker 组.

    $ sudo usermod -aG docker $USER

      以上就是CentOS 8上安装Docker CE的方法,不过这里面有个步骤就是要禁用firewalld,但是这个在生产环境下是绝对不可以的, 经查资料发现只需要开启伪装IP的功能就可以, 无需禁用firewalld。

    $ sudo firewall-cmd --zone=public --add-masquerade --permanent
$ sudo firewall-cmd --reload
$ sudo systemctl restart docker

      正常安装未禁用firewalld下在Docker容器中无法解析域名.

    $ docker run -it  --rm centos

[root@7ec3691c37d7 /]# ping 192.168.0.5
PING 192.168.0.5 (192.168.0.5) 56(84) bytes of data.
64 bytes from 192.168.0.5: icmp_seq=1 ttl=63 time=0.283 ms
^C
--- 192.168.0.5 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.283/0.283/0.283/0.000 ms

[root@7ec3691c37d7 /]# ping www.baidu.com
ping: www.baidu.com: Name or service not known

      启用伪装IP后即可正常访问.

    $ docker run -it  --rm centos
[root@7ec3691c37d7 /]# ping www.baidu.com
PING www.a.shifen.com (14.215.177.38) 56(84) bytes of data.
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=1 ttl=54 time=22.3 ms
64 bytes from 14.215.177.38 (14.215.177.38): icmp_seq=2 ttl=54 time=21.9 ms
^C
--- www.a.shifen.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 2ms
rtt min/avg/max/mdev = 21.915/22.122/22.330/0.255 ms

    by ·0评论

      最近爆发Windows远程桌面服务漏洞(CVE-2019-0708)需要更新系统, 但是使用Windows Update更新补丁一直失败.

      为了查找问题所在, 开启了Windows Update详细日志, 不过在WindowsUpdate.log中只看到了失败报告, 具体原因不明, 在网上搜索时突然发现有CBS.log日志有详细 WU 安装相关记录, 果然在里面看到有错误报告

    2019-05-18 19:07:10, Info                  CSI    0000005f Begin executing advanced installer phase 38 (0x00000026) index 41 (0x0000000000000029) (sequence 80)
    Old component: [ml:360{180},l:358{179}]"Microsoft-Windows-BootEnvironment-Core-MemoryDiagnostic, Culture=neutral, Version=6.1.7601.23471, PublicKeyToken=31bf3856ad364e35, ProcessorArchitecture=amd64, versionScope=NonSxS"
    New component: [ml:360{180},l:358{179}]"Microsoft-Windows-BootEnvironment-Core-MemoryDiagnostic, Culture=neutral, Version=6.1.7601.24382, PublicKeyToken=31bf3856ad364e35, ProcessorArchitecture=amd64, versionScope=NonSxS"
    Install mode: install
    Installer ID: {81a34a10-4256-436a-89d6-794b97ca407c}
    Installer name: [15]"Generic Command"
2019-05-18 19:07:10, Info                  CSI    00000060 Performing 1 operations; 1 are not lock/unlock and follow:
  LockComponentPath (10): flags: 0 comp: {l:16 b:5102f8d6690dd5012400000098056806} pathid: {l:16 b:5102f8d6690dd5012500000098056806} path: [l:238{119}]"\SystemRoot\WinSxS\amd64_microsoft-windows-b..re-memorydiagnostic_31bf3856ad364e35_6.1.7601.23471_none_36a0dee2348e195e" pid: 598 starttime: 132026512097178219 (0x01d50d69ca7c726b)
2019-05-18 19:07:10, Info                  CSI    00000061 Performing 1 operations; 1 are not lock/unlock and follow:
  LockComponentPath (10): flags: 0 comp: {l:16 b:5102f8d6690dd5012600000098056806} pathid: {l:16 b:5102f8d6690dd5012700000098056806} path: [l:238{119}]"\SystemRoot\WinSxS\amd64_microsoft-windows-b..re-memorydiagnostic_31bf3856ad364e35_6.1.7601.24382_none_3696f69234956b20" pid: 598 starttime: 132026512097178219 (0x01d50d69ca7c726b)
2019-05-18 19:07:10, Info                  CSI    00000062 Calling generic command executable (sequence 5): [20]"C:\Windows\bfsvc.exe"
    CmdLine: [47]""C:\Windows\bfsvc.exe" C:\Windows\boot /nofonts"
2019-05-18 19:07:10, Error      [0x018009] CSI    00000063 (F) Done with generic command 5; CreateProcess returned 0, CPAW returned S_OK
    Process exit code 15299 (0x00003bc3) resulted in success? FALSE
    Process output: [l:60 [60]"BFSVC: Failed to get system partition! Last Error = 0x3bc3

"][gle=0x80004005]
2019-05-18 19:07:10, Info                  CSI    00000064 Calling generic command executable (sequence 6): [24]"C:\Windows\fveupdate.exe"
    CmdLine: [35]""C:\Windows\fveupdate.exe" /memtest"
2019-05-18 19:07:10, Info                  CSI    00000065 Done with generic command 6; CreateProcess returned 0, CPAW returned S_OK
    Process exit code 0 resulted in success? TRUE
    Process output: [l:248 [248]"BitLockerUpdate: Running.

BitLockerUpdate: Service request is for memtest.exe.

BitLockerUpdate: BitLocker Drive Encryption is not turned ON on the OS volume.

BitLockerUpdate: No servicing was performed on the OS volume.

BitLockerUpdate: Done.

      其报告 “BFSVC: Failed to get system partition! Last Error = 0x3bc3” 错误, 具体是无法找到系统分区, 虽然是使用UEFI+GPT启动, 但是一直启动正常很是奇怪,使用PE对UEFI启动修复后重新安装补丁还是失败.

      后来想到之前是普通SATA3 M.2 SSD更换成NVMe SSD时, 由于主板只有一个M.2插槽, 使用了一块普通硬盘做中转, 即先是用GHOST把整个SSD克隆到普通SATA硬盘上, 关机后把NVMe SSD替换上M.2槽, 重新开机后把NVMe驱动装上, 再把普通SATA硬盘克隆回NVMe SSD并用PE UEFI修复启动后一直使用至今.

      现在虽然启动一切正常, 但是由于GPT的分区GUID未设置正确导致bfsvc.exe无法识别分区, 至此已经明白Windows Update为什么会更新失败了, 使用DiskPart重新设置回EFI启动ID.

    DEFINE_GUID (PARTITION_SYSTEM_GUID, 0xC12A7328L, 0xF81F, 0x11D2, 0xBA, 0x4B, 0x00, 0xA0, 0xC9, 0x3E, 0xC9, 0x3B)
EFI: c12a7328-f81f-11d2-ba4b-00a0c93ec93b


1. 先在管理员CMD下启动 diskpart .
2. 使用 list disk 列出磁盘列表.
3. 根据具体硬盘使用 select disk 选中磁盘.
4. 再用 list partition 列出分区列表>
5. 根据具体启动分区使用 select partition 选中分区.
6. 最后使用 set id=c12a7328-f81f-11d2-ba4b-00a0c93ec93b 设置正确的EFI ID.

      最后再打上Windows Update更新补丁, 一切Ok.

    ps1: Windows Update日志说明[https://docs.microsoft.com/zh-cn/windows/deployment/update/windows-update-logs]
    ps2: 如何打开Windows Update详细日志[https://support.microsoft.com/en-us/help/2545723/how-to-enable-microsoft-installer-logging-and-verbose-logging-to-gathe]

    by ·0评论

      最近入手一X11SCZ-F主板, 在其 Miscellaneous -> Activate License 需要输入 License ,搜索网上得知这个key在去年(2018年)被Peter Kleissner公开了生成算法twitter,用来方便用户更新BIOS。详细的文章在这里.

      就是使用MAC-SHA1-96 算法,对BMC的MAC码和 SECRET KEY: 85 44 E3 B4 7E CA 58 F9 58 30 43 F8 计算生成密码. MAC-SHA1-96表示利用MAC-SHA1计算,然后截取前96Bit。MAC- SHA1 的网站点这里.

      在linux下并安装了openssl, 可以直接计算:

    echo -n 'bmc-mac' | xxd -r -p | openssl dgst -sha1 -mac HMAC -macopt hexkey:8544E3B47ECA58F9583043F8 | awk '{print $2}' | cut -c 1-24

    ps: bmc-mac 即IPMI BMC的MAC地址.

      详细文章如下: [来源: https://peterkleissner.com/2018/05/27/reverse-engineering-supermicro-ipmi/ ],来源网络 如有侵权 请联系删除.

    Reverse Engineering Supermicro IPMI

    May 27, 2018 | by Kleissner

    Supermicro enforces a vendor-lock in on BIOS updates via IPMI, even though they publish the update files for free here. The only free alternative is to time-travel to 1995 and boot from a DOS disk to supply the update. All other options (including the Supermicro Server Manager) require a license.

    They published BIOS updates to address Spectre and Meltdown vulnerabilities, yet make it almost impossible to actually perform the update. Even if you go their suggested way, buying a key from an authorized Supermicro reseller people on the internet report it’s difficult and time consuming getting them. I was quoted 25 EUR and an estimated 2 weeks delivery time.

    You buy a brand new product, it has a known vulnerability and you should pay for the update?! This is simply NOT acceptable. As the owner of my device I shall be free to update it. Therefore, I spent exactly 1 night reverse engineering this thing to figure out the license key algorithm. tl;dr here is the algorithm to generate those license keys:

    MAC-SHA1-96(INPUT: MAC address of BMC, SECRET KEY: 85 44 E3 B4 7E CA 58 F9 58 30 43 F8)

    Anybody can create the license key on https://cryptii.com/ by typing on the left side (select Bytes) the MAC address of the IPMI (the BMC), select in the middle HMAC and SHA-1, enter the secret key and on the right side the License Key will appear!

    This was successfully tested with Supermicro mainboards from 2013-2018. It appears they have not changed the algorithm and use the same “secret”. The first 6 groups go in here:

    Update 1/14/2019: The Twitter user @astraleureka posted this code perl code which is generating the license key:

    #!/usr/bin/perl
use strict;
use Digest::HMAC_SHA1 'hmac_sha1';
my $key  = "\x85\x44\xe3\xb4\x7e\xca\x58\xf9\x58\x30\x43\xf8";
my $mac  = shift || die 'args: mac-addr (i.e. 00:25:90:cd:26:da)';
my $data = join '', map { chr hex $_ } split ':', $mac;
my $raw  = hmac_sha1($data, $key);
printf "%02lX%02lX-%02lX%02lX-%02lX%02lX-%02lX%02lX-%02lX%02lX-%02lX%02lX\n", (map { ord $_ } split '', $raw);

    Update 3/27/2019: There is also Linux shell version that uses openssl:

    echo -n 'bmc-mac' | xxd -r -p | openssl dgst -sha1 -mac HMAC -macopt hexkey:8544E3B47ECA58F9583043F8 | awk '{print $2}' | cut -c 1-24
    Information about IPMI (skip this if you’re an expert)

    The IPMI is a remote management mechanism of servers, embedded in a chip that is separated from the typical resources accessible by the operating system. It allows remote management of servers even when it’s turned off. It’s really useful when your server is not responding and you don’t to want or can’t physically go there to troubleshoot. You can even install an OS via IPMI, start the server & even go into the BIOS. Thanks to HTML5 Supermicro switched away from those old Java applets (anyone developing anything in Java should be banned to a far, far remote island; Java should die in a fire, it’s slow and has 9999 vulnerabilities and on top of that Oracle will go after you for trademark and patent troll reasons even though it’s open source).

    References that helped

    I want to point out previous research work which helped me a lot.

    Step 1: Download & Extract the Firmware

    Supermicro offers the IPMI update files for free on their website. You need to select your mainboard and download the IPMI update file. Among other files it will contain 1 large firmware blob, in this case “REDFISH_X10_366.bin”.

    The tool binwalk will scan the binary and look for signatures of known formats:

    HEXADECIMAL DESCRIPTION
--------------------------------------------------------------------
0x19300 CRC32 polynomial table, little endian
0x400000 CramFS filesystem, little endian, size: 14254080, version 2, sorted_dirs, CRC 0xF105D0D5, edition 0, 8088 blocks, 1086 files
0x1400000 uImage header, header size: 64 bytes, header CRC: 0x8290B85A, created: 2017-06-09 12:33:02, image size: 1537474 bytes, Data Address: 0x40008000, Entry Point: 0x40008000, AA328F72, OS: Linux, CPU: ARM, image type: OS Kernel Image, compression type: gzip, image name: "21400000"
0x1400040 gzip compressed data, maximum compression, has original file name: "linux.bin", from Unix, last modified: 2017-06-09 12:01:11
0x1700000 CramFS filesystem, little endian, size: 7507968, version 2, sorted_dirs, CRC 0x19806BFF, edition 0, 2973 blocks, 407 files

    Use a hex editor (such as HxD) to extract the CramFS binaries and store them to new files. It is an embedded compressed Linux file system that contains the files that we are interested in.

    Next get a Linux system and mount both files each with this command and then dump all files into a tar file:

    mount -o loop -t cramfs extracted.bin mnt1
tar -czf mnt1.tar.gz mnt1

    Congrats! You now have the actual files of the IPMI system.

    Step 2: Reverse engineer the interesting files on the IPMI file system

    Finding the HTML/JS code that provides the user interface for activation was easy: Use the browser’s built-in developer tools (F12) to look at the code, then look for the same code on the extracted IPMI file system.

    As you can see below, the IPMI website (that you visit as system administrator) calls “/cgi/ipmi.cgi” with certain parameters for checking if the key is valid.

    Here are the breadcrumbs I followed from the website part:

    The response is XML with check set to 0 if invalid and 1 if valid (it’s weird that they do not use JSON instead):

    Next, we need to use IDA Pro and open the file “ipmi.cgi” that is stored on the IPMI file system and that we extracted in the previous step. Below you can see the code that handles the license check. By reading this code, you can see how the license is supposed to look like. The first loop is hex-decoding the input, i.e. The text key “1234-00FF-0000-0000-0000-0000” becomes binary (12 bytes) 12 34 00 FF 00 00 00 00 00 00 00 00.

    The actual check of the license is done in another file “libipmi.so” which implements the referenced function oob_format_license_activate:

    You can see here already the actual license key algorithm referenced – HMAC_SHA1. It is important to notice the 12 in the function call, which means 96 bits. The 96 bits is exactly the length of the key, represented in hex to the end-user.

    Interestingly there is a function “oob_format_license_create” which creates the license and is even easier to read. You can see directly the reference to the private keys. “oob” means out-of-band which is OEM talk meaning here remotely purchased license key (though there’s nothing remote about this function).

    The Supermicro keys are:

    HSDC Private Key: 39 CB 2A 1A 3D 74 8F F1 DE E4 6B 87

    OOB Private Key: 85 44 E3 B4 7E CA 58 F9 58 30 43 F8

    At the beginning of this blog post it is explained how you can easily use this to create your own Supermicro License Key.

    by ·2条评论

    首先看一下升级后的机器配置:

    最近将X51的显卡升级成MSI GTX 1070 Ti AERO公版显卡, 1070Ti的TDP达到180W, 抱着7天试用不行退货的想法直接买回来升级, 装上去后烤机啥的都是正常的,就是显卡温度高, 玩古墓10可以达到91度,吓人。

     

    烤机1个半小时不黑屏,不死机,

    开机后单桌面约40W,玩古墓丽影10最大达到了275.5w

    安装后的效果

    1070Ti拆箱图

     

    PS: 补去年刚拼装R2机器的图片.

    原装R3的水冷风扇.

    R1的前置控制板, 已换成R2的USB3.0, 另外电源DC2DC板也换成了R2版本, 前置风扇换成了薄4Pin风扇.

    将电源板的4PIN口转接出给SSD的5V和给电源板自身风扇的12V

    先是4790的U,后来升级成4790K

    配置情况:

    C P U: Intel® Core™ i7-4790 Processor
    散热器: Alienware X51 R3水冷扇热器
    主 板: Alienware 0PGRP5(英特尔 Haswell)
    内 存: 16G(金士顿 DDR3 8G * 2)
    显 卡: BIOSTAR/映泰 GTX1060 6G D5 公版
    硬盘1: SanDisk SDSSDA 120G
    硬盘2: 希捷3T硬盘(ST3000DM008-2D)
    光 驱: HL-DT-ST DVD刻录机
    机 箱: Alienware X51 R1

    最终效果

    4970K集成显卡情况下烤机8小时

    可惜国货精品BIOSTAR不给力, 用不到3个月就黑屏GG了.

    最终乱糟糟的戴尔27寸显示器效果图…