Generic Random Notes

This page is an anthology of random and generally short notes that do not fit in any other post.

Index

To make it esier to navigate the issues, take a look at the index:

• Note #1: Unbound DNSSEC failed to parse trust anchor file
• Note #2: Enable DbgPrint output
• Note #3: UNC vs DOS vs Device vs NT object path
• Note #4: System Error VCRUNTIME140.dll runtime depedencies
• Note #5: Unbound settings to override internet zones
• Note #6: Static DNS Debian Linux
• Note #7: Python environment
• Note #8: Python OpenSSL package breaks pip
• Note #9: Python script for brute forcing hashes on custom alphabet
• Note #10: Hunting for secrets on Github
• Note #11: HTML template Bootstrap center align
• Note #12: Parse PHP in HTML files

Unbound DNSSEC failed to parse trust anchor file

While configuring Unbound to use DNSSEC you may get the error message:

“error: could not parse auto-trust-anchor-file”

After searching the web, the link https://github.com/NLnetLabs/unbound/issues/160 and more specifically comment https://github.com/NLnetLabs/unbound/issues/160#issuecomment-770402282 gave the answer!

You need to comment out the line:

include:” /etc/unbound/unbound.conf.d/*.conf

This line is locate at the file /etc/unbound/unbound.conf. Then, the unbound service must be restarted.

Enable DbgPrint output

DebugView (tool from SysInternals) doesn’t show output from DbgPrint on certain Windows versions. The issue is described in detail in this OSR post.

The workaround is to create the registry key listed below with the DWORD value 0xf

HKLM\SYSTEM\CCS\Control\Session Manager\Debug Print Filter\DEFAULT

UNC vs DOS vs Device vs NT object path

Quick notes on what path is what:

• DOS: C:\Windows\System32\cmd.exe
• DOS Device: \.\ or \?\
• UNC: \127.0.0.1\C$\Windows\System32\cmd.exe
• NT object: \??\C:\Windows\

Ref: https://docs.microsoft.com/en-us/dotnet/standard/io/file-path-formats

System Error VCRUNTIME140.dll runtime dependencies

When dynamically linking C/C++ applications on Windows and the target system doesn’t have the appropriate libraries installed, the following error comes up:

The code execution cannot proceed because VCRUNTIME140.dll was not found. Reinstalling the program may fix this problem.

To get rid of this message and run the application, go to the project settings on Visual Studio, select C/C++ -> Code Generation and set Runtime Library to Multi-threaded DLL (/MT) if compiling in Release mode or Multi-threaded DLL (/MTd) if compiling in Debug mode.

Unbound settings to override internet zones

Configuration settings to override internet zones.

/etc/unbound/unbound.conf

# server tag is required
server:
	local-zone: "example.org" redirect
	local-data: "example.org. IN A 127.0.0.1"

Result:

dig a example.org +short
127.0.0.1

Static DNS Debian Linux

For interfaces that are managed by Network Manager edit the configuration file /etc/NetworkManager/

dns=<DNS_IP>
ignore-auto-dns=true

Python environment

To create a Python environment in the current directory:

python -m venv .

This command creates the following files:

bin		(directory)
include		(directory)
lib		(directory)
lib64		(link)
pyvenv.cfg	(file)
share		(directory)

Python OpenSSL package breaks pip

Recently I tried to install a Python package which had some dependencies. One of the dependencies was pyopenssl. While installing with pip I received the following error:

pyopenssl 23.0 has requirement cryptography>=38, but you’ll have cryptography 2.6.1 which is incompatible.

After that anything I was trying to do with pip was failing with the following error:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/pip/_vendor/__init__.py", line 33, in vendored
    __import__(vendored_name, globals(), locals(), level=0)
ModuleNotFoundError: No module named 'pip._vendor.cachecontrol'

During handling of the above exception, another exception occurred:

At the bottom of each error message, I could see:

  File "/usr/local/lib/python3.7/dist-packages/OpenSSL/__init__.py", line 8, in <module>
    from OpenSSL import SSL, crypto
  File "/usr/local/lib/python3.7/dist-packages/OpenSSL/SSL.py", line 19, in <module>
    from OpenSSL.crypto import (
  File "/usr/local/lib/python3.7/dist-packages/OpenSSL/crypto.py", line 3261, in <module>
    name="load_pkcs7_data",
TypeError: deprecated() got an unexpected keyword argument 'name'

To resolve this, I had to remove the OpenSSL package:

rm -rf /usr/local/lib/python3.7/dist-packages/OpenSSL

On the same note, if upon removal of OpenSSL from the package directory some dependencies break (this is on a Debian environment), you may have to install python3-openssl package which is a Python3 wrapper around the OpenSSL library.

Python script for brute forcing hashes on custom alphabet

Use case:

• Provided a hash digest, brute force the plain text

Custom configuration:

• Provide hash algorithm
• Provide alphabet

import string
import hashlib
import re
import math

def numbertostring(num):
        alphabet = string.ascii_lowercase + string.ascii_uppercase + string.digits
        lenalpha = len(alphabet)
        outstr = ''

        # baseline number of digits
        iter = 1
        # number of digits required
        if (num > 0):
                iter = math.ceil(math.log(num, lenalpha))

        while (iter > 0):
                mul = num // pow(lenalpha, iter-1)
                num = num - (mul * pow(lenalpha, iter-1))
                outstr = outstr + alphabet[mul - 1]
                iter = iter - 1

        return outstr

def main():
        print('[+] Start')

	# hash to match/brute force
        pattern = re.compile(r'')
        hashhex = ''
        counter = 0

        while True:
                hash = hashlib.md5(numbertostring(counter).encode('ascii'))
                hashhex = hash.hexdigest()
                if pattern.fullmatch(hashhex):
                        print(numbertostring(counter),' : ', hash.hexdigest())
                        break
                counter = counter + 1

        print('[+] End')
        return True

if __name__ == '__main__':
        main()

Hunting for secrets on Github

Developers, system administrators or any individual that is involved in infrastructure management or development operations, may use Github to host code. For many different reasons, secrets may be present in code within a Github repository.

The following search filters, can be used for hunting secrets in repositories:

HTML template Bootstrap center align

<!DOCTYPE html>
<html>
	<head>
		<link href="https://cdn.jsdelivr.net/npm/bootstrap@X.X.X/dist/css/bootstrap.min.css" rel="stylesheet" type="text/plain">
		<title>HTML Template</title>
	</head>
	<body style="margin: 0">
		<div class="d-flex justify-content-center align-items-center" style="height: 100vh;">
			<div class="d-flex flex-grow-1">
				<div class="col">column1</div>
				<div class="col align-center">column2</div>
				<div class="col">column3</div>
			</div>
		</div>
	</body>
</html>

Parse PHP in HTML files

This note is to document the required configuration to parse PHP code in HTML files (.html file extension) on an Apache2 web server.

Firstly, identify the version of PHP installed on the host with the command:

php -v

Secondly, locate the PHP module configuration within /etc/apache2/mods-available/. For example, if the PHP version is 7.4, the configuration should be located in /etc/apache2/mods-available/php7.4.conf.

Lastly, set the relevant handler that will handle the HTML files:

<FilesMatch ".+\.html$">
    SetHandler application/x-httpd-php
</FilesMatch>

Restart the Apache2 daemon using the command line systemctl restart apache2 and the PHP code within HTML should now be parsed.

Example code within an .html file:

<html>
        <head></head>
        <body>
                <?php echo 'hello'; ?>
        </body>
</html>