Generic Random Notes
This page is an anthology of random and generally short notes that do not fit in any other post.
To make it esier to navigate the issues, take a look at the index:
- Note #1: Unbound DNSSEC failed to parse trust anchor file
- Note #2: Enable DbgPrint output
- Note #3: UNC vs DOS vs Device vs NT object path
- Note #4: System Error VCRUNTIME140.dll runtime depedencies
- Note #5: Unbound settings to override internet zones
- Note #6: Static DNS Debian Linux
- Note #7: Python environment
- Note #8: Python OpenSSL package breaks pip
- Note #9: Python script for brute forcing hashes on custom alphabet
- Note #10: Hunting for secrets on Github
Unbound DNSSEC failed to parse trust anchor file
While configuring Unbound to use DNSSEC you may get the error message:
“error: could not parse auto-trust-anchor-file”
After searching the web, the link https://github.com/NLnetLabs/unbound/issues/160 and more specifically comment https://github.com/NLnetLabs/unbound/issues/160#issuecomment-770402282 gave the answer!
You need to comment out the line:
This line is locate at the file
/etc/unbound/unbound.conf. Then, the unbound service must be restarted.
Enable DbgPrint output
DebugView (tool from SysInternals) doesn’t show output from DbgPrint on certain Windows versions. The issue is described in detail in this OSR post.
The workaround is to create the registry key listed below with the DWORD value 0xf
HKLM\SYSTEM\CCS\Control\Session Manager\Debug Print Filter\DEFAULT
UNC vs DOS vs Device vs NT object path
Quick notes on what path is what:
- DOS: C:\Windows\System32\cmd.exe
- DOS Device: \.\ or \?\
- UNC: \127.0.0.1\C$\Windows\System32\cmd.exe
- NT object: \??\C:\Windows\
System Error VCRUNTIME140.dll runtime dependencies
When dynamically linking C/C++ applications on Windows and the target system doesn’t have the appropriate libraries installed, the following error comes up:
The code execution cannot proceed because VCRUNTIME140.dll was not found. Reinstalling the program may fix this problem.
To get rid of this message and run the application, go to the project settings on Visual Studio, select C/C++ -> Code Generation and set Runtime Library to Multi-threaded DLL (/MT) if compiling in Release mode or Multi-threaded DLL (/MTd) if compiling in Debug mode.
Unbound settings to override internet zones
Configuration settings to override internet zones.
# server tag is required server: local-zone: "example.org" redirect local-data: "example.org. IN A 127.0.0.1"
dig a example.org +short 127.0.0.1
Static DNS Debian Linux
For interfaces that are managed by Network Manager edit the configuration file /etc/NetworkManager/
To create a Python environment in the current directory:
python -m venv .
This command creates the following files:
bin (directory) include (directory) lib (directory) lib64 (link) pyvenv.cfg (file) share (directory)
Python OpenSSL package breaks pip
Recently I tried to install a Python package which had some dependencies. One of the dependencies was pyopenssl. While installing with pip I received the following error:
pyopenssl 23.0 has requirement cryptography>=38, but you’ll have cryptography 2.6.1 which is incompatible.
After that anything I was trying to do with pip was failing with the following error:
Traceback (most recent call last): File "/usr/lib/python3/dist-packages/pip/_vendor/__init__.py", line 33, in vendored __import__(vendored_name, globals(), locals(), level=0) ModuleNotFoundError: No module named 'pip._vendor.cachecontrol' During handling of the above exception, another exception occurred:
At the bottom of each error message, I could see:
File "/usr/local/lib/python3.7/dist-packages/OpenSSL/__init__.py", line 8, in <module> from OpenSSL import SSL, crypto File "/usr/local/lib/python3.7/dist-packages/OpenSSL/SSL.py", line 19, in <module> from OpenSSL.crypto import ( File "/usr/local/lib/python3.7/dist-packages/OpenSSL/crypto.py", line 3261, in <module> name="load_pkcs7_data", TypeError: deprecated() got an unexpected keyword argument 'name'
To resolve this, I had to remove the OpenSSL package:
rm -rf /usr/local/lib/python3.7/dist-packages/OpenSSL
On the same note, if upon removal of OpenSSL from the package directory some dependencies break (this is on a Debian environment), you may have to install python3-openssl package which is a Python3 wrapper around the OpenSSL library.
Python script for brute forcing hashes on custom alphabet
- Provided a hash digest, brute force the plain text
- Provide hash algorithm
- Provide alphabet
import string import hashlib import re import math def numbertostring(num): alphabet = string.ascii_lowercase + string.ascii_uppercase + string.digits lenalpha = len(alphabet) outstr = '' # baseline number of digits iter = 1 # number of digits required if (num > 0): iter = math.ceil(math.log(num, lenalpha)) while (iter > 0): mul = num // pow(lenalpha, iter-1) num = num - (mul * pow(lenalpha, iter-1)) outstr = outstr + alphabet[mul - 1] iter = iter - 1 return outstr def main(): print('[+] Start') # hash to match/brute force pattern = re.compile(r'') hashhex = '' counter = 0 while True: hash = hashlib.md5(numbertostring(counter).encode('ascii')) hashhex = hash.hexdigest() if pattern.fullmatch(hashhex): print(numbertostring(counter),' : ', hash.hexdigest()) break counter = counter + 1 print('[+] End') return True if __name__ == '__main__': main()
Hunting for secrets on Github
Developers, system administrators or any individual that is involved in infrastructure management or development operations, may use Github to host code. For many different reasons, secrets may be present in code within a Github repository.
The following search filters, can be used for hunting secrets in repositories:
|“cmdkey /add”||identify Azure storage account credentials|
|/^SMTP_PASSWORD/||smtp account credentials|