When running a network with its own ASN, you will likely end up spending some time working with BGP. Knowing how your peer networks connect can help with your own network planning. BGP.Tools is a service that maps out different networks and the routes between them by having networks opt to provide bgp.tools with a BGP session sharing their exportable routes. This guide will walk you through setting up a BGP....
This post outlines a security assessment of the new Sena Wifi Adapter I performed last summer for fun. With the world on lock-down due to COVID-19, I spent a lot of time last summer escaping the city going on motorcycle rides through the mountains and forests surrounding the bay area. It’s the perfect social distance activity because if you get within 6ft of someone you are likely to crash. One of my favorite motorcycle accessories is my Sena headset....
This is the blog version of my DEFCON 26 talk Lost and Found Certificates: dealing with residual certificates for pre-owned domains, which I co-presented with Dylan Ayrey. You can learn more about BygoneSSL and see a demo at insecure.design. The Problem A Certificate can outlive the ownership of a domain. If the domain is then re-registered by someone else, this leaves with the first owner with a valid SSL certificate for the domain now owned by someone else....
Certgraph is a tool I’ve been developing to scan and graph the network of SSL certificate alternative names. It can be used to find other domains that belong to an organization that may be several orders removed and not always obvious. Background The idea for this project came about after examining the SSL certificate for XKCD.com. If you look closely at the screenshot below you will see that the SSL certificate used on XKCD....
For those of you not in the know, ambergris is defined as: a wax-like substance that originates as a secretion in the intestines of the sperm whale, found floating in tropical seas and used in perfume manufacture. However, that will not be what this post is about (sorry to disappoint). Instead, I’ll present what happens when building an image on Docker that contains a reverse shell in the Dockerfile. Docker First, let me start with a very brief description of Docker....
Sonic (my home ISP) offers an IPv6 tunnel for their customers who have a service plan that does not offer native IPv6 yet. Sonic’s IPv6 tunnel operates much the same way Hurricane Electric’s Tunnel Broker does, however since the endpoint is located inside the ISP you should get better performance. Sonic even offers example configurations for configuring the IPv6 tunnel endpoint on various operating systems, but none for DD-WRT, a common aftermarket router firmware....
Have you ever wanted to give a friend access to a wireless network you are on but don’t want to go find the key? WIFI Key Recovery will find the key on your device and allow you to share it via a message or QR Code. Additionally WIFI Key Recovery will allow you to backup/restore your current WIFI configuration to your SD card! If this app does not work on your rooted phone email me I will try to add support....
PXE is a method for booting an operating system over a network, it stands for Pre-Executable environment. Here I will show you how to build a PXE server to boot and or install operating systems over your network. Installing the server OS I made this server inside VMWare, however the steps are the same if you are using a different virtual machine server or a physical machine. I used Debian 5....
This guide will tell you how to rename or switch network controller names in Linux. Often when installing Linux the installer will automatically pick the names of the network controllers. And for some reason the order it names them is almost always not the order I want them in. I usually like the primary/on-board card eth0, and all additional cards eth1-n, however the installer often has its own ideas. So this is how to correct it!...