Generic Random Notes
This page is an anthology of random and generally short notes that do not fit in any other post.
Index
To make it esier to navigate the issues, take a look at the index:
- Note #1: Unbound DNSSEC failed to parse trust anchor file
- Note #2: Enable DbgPrint output
- Note #3: UNC vs DOS vs Device vs NT object path
- Note #4: System Error VCRUNTIME140.dll runtime depedencies
- Note #5: Unbound settings to override internet zones
- Note #6: Static DNS Debian Linux
- Note #7: Python environment
- Note #8: Python OpenSSL package breaks pip
- Note #9: Python script for brute forcing hashes on custom alphabet
- Note #10: Hunting for secrets on Github
- Note #11: HTML template Bootstrap center align
Unbound DNSSEC failed to parse trust anchor file
While configuring Unbound to use DNSSEC you may get the error message:
“error: could not parse auto-trust-anchor-file”
After searching the web, the link https://github.com/NLnetLabs/unbound/issues/160 and more specifically comment https://github.com/NLnetLabs/unbound/issues/160#issuecomment-770402282 gave the answer!
You need to comment out the line:
include:” /etc/unbound/unbound.conf.d/*.conf
This line is locate at the file /etc/unbound/unbound.conf
. Then, the unbound service must be restarted.
Enable DbgPrint output
DebugView (tool from SysInternals) doesn’t show output from DbgPrint on certain Windows versions. The issue is described in detail in this OSR post.
The workaround is to create the registry key listed below with the DWORD value 0xf
HKLM\SYSTEM\CCS\Control\Session Manager\Debug Print Filter\DEFAULT
UNC vs DOS vs Device vs NT object path
Quick notes on what path is what:
- DOS: C:\Windows\System32\cmd.exe
- DOS Device: \.\ or \?\
- UNC: \127.0.0.1\C$\Windows\System32\cmd.exe
- NT object: \??\C:\Windows\
Ref: https://docs.microsoft.com/en-us/dotnet/standard/io/file-path-formats
System Error VCRUNTIME140.dll runtime dependencies
When dynamically linking C/C++ applications on Windows and the target system doesn’t have the appropriate libraries installed, the following error comes up:
The code execution cannot proceed because VCRUNTIME140.dll was not found. Reinstalling the program may fix this problem.
To get rid of this message and run the application, go to the project settings on Visual Studio, select C/C++ -> Code Generation and set Runtime Library to Multi-threaded DLL (/MT) if compiling in Release mode or Multi-threaded DLL (/MTd) if compiling in Debug mode.
Unbound settings to override internet zones
Configuration settings to override internet zones.
/etc/unbound/unbound.conf
# server tag is required
server:
local-zone: "example.org" redirect
local-data: "example.org. IN A 127.0.0.1"
Result:
dig a example.org +short
127.0.0.1
Static DNS Debian Linux
For interfaces that are managed by Network Manager edit the configuration file /etc/NetworkManager/
dns=<DNS_IP>
ignore-auto-dns=true
Python environment
To create a Python environment in the current directory:
python -m venv .
This command creates the following files:
bin (directory)
include (directory)
lib (directory)
lib64 (link)
pyvenv.cfg (file)
share (directory)
Python OpenSSL package breaks pip
Recently I tried to install a Python package which had some dependencies. One of the dependencies was pyopenssl. While installing with pip I received the following error:
pyopenssl 23.0 has requirement cryptography>=38, but you’ll have cryptography 2.6.1 which is incompatible.
After that anything I was trying to do with pip was failing with the following error:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/pip/_vendor/__init__.py", line 33, in vendored
__import__(vendored_name, globals(), locals(), level=0)
ModuleNotFoundError: No module named 'pip._vendor.cachecontrol'
During handling of the above exception, another exception occurred:
At the bottom of each error message, I could see:
File "/usr/local/lib/python3.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
from OpenSSL import SSL, crypto
File "/usr/local/lib/python3.7/dist-packages/OpenSSL/SSL.py", line 19, in <module>
from OpenSSL.crypto import (
File "/usr/local/lib/python3.7/dist-packages/OpenSSL/crypto.py", line 3261, in <module>
name="load_pkcs7_data",
TypeError: deprecated() got an unexpected keyword argument 'name'
To resolve this, I had to remove the OpenSSL package:
rm -rf /usr/local/lib/python3.7/dist-packages/OpenSSL
On the same note, if upon removal of OpenSSL from the package directory some dependencies break (this is on a Debian environment), you may have to install python3-openssl package which is a Python3 wrapper around the OpenSSL library.
Python script for brute forcing hashes on custom alphabet
Use case:
- Provided a hash digest, brute force the plain text
Custom configuration:
- Provide hash algorithm
- Provide alphabet
import string
import hashlib
import re
import math
def numbertostring(num):
alphabet = string.ascii_lowercase + string.ascii_uppercase + string.digits
lenalpha = len(alphabet)
outstr = ''
# baseline number of digits
iter = 1
# number of digits required
if (num > 0):
iter = math.ceil(math.log(num, lenalpha))
while (iter > 0):
mul = num // pow(lenalpha, iter-1)
num = num - (mul * pow(lenalpha, iter-1))
outstr = outstr + alphabet[mul - 1]
iter = iter - 1
return outstr
def main():
print('[+] Start')
# hash to match/brute force
pattern = re.compile(r'')
hashhex = ''
counter = 0
while True:
hash = hashlib.md5(numbertostring(counter).encode('ascii'))
hashhex = hash.hexdigest()
if pattern.fullmatch(hashhex):
print(numbertostring(counter),' : ', hash.hexdigest())
break
counter = counter + 1
print('[+] End')
return True
if __name__ == '__main__':
main()
Hunting for secrets on Github
Developers, system administrators or any individual that is involved in infrastructure management or development operations, may use Github to host code. For many different reasons, secrets may be present in code within a Github repository.
The following search filters, can be used for hunting secrets in repositories:
search filter | purpose |
---|---|
“cmdkey /add” | identify Azure storage account credentials |
/^SMTP_PASSWORD/ | smtp account credentials |
HTML template Bootstrap center align
<!DOCTYPE html>
<html>
<head>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@X.X.X/dist/css/bootstrap.min.css" rel="stylesheet" type="text/plain">
<title>HTML Template</title>
</head>
<body>
<div class="d-flex justify-content-center align-items-center" style="height: 100vh;">
<div class="d-flex flex-grow-1">
<div class="col">column1</div>
<div class="col align-center">column2</div>
<div class="col">column3</div>
</div>
</div>
</body>
</html>