RMB had been on her amazing South America trip for a few months and I wanted to see some shows in the Pop Up Globe where my friend Chantelle’s been doing some incredible work. These two things came together at the same time, so I toddled off to Auckland for a few days, then onto the cruise ship to come home via Sydney.

What a start to the trip! I misread my flight time and barely scraped into check-in by a few minutes, thankfully I’m paranoid about getting there early and had built in lee-way. Between leaving home and landing in Auckland, my iPhone decided to do a weird battery thing so I ended up with ~10% battery upon landing. That was even after plugging it in to charge through the whole flight - the weird in-seat charger kept turning it on, which didn’t help. Customs and baggage collection was a breeze, and then I tried to buy a SIM for my 3G hotspot, but tried two different company’s offerings before giving up.

Recently I was playing with date formatting in python and wrote a little script which takes a json object full of upcoming dates, then shows a count down.

Running this in the terminal is easy, but I wanted a simple way to see the information without having to do that. I could have written a macOS app to add to the UI at some point, but swift is still a mess and I’m not going to go learn ObjectiveC just for this one. I had used PIL (more specifically pillow, the working rewrite) in the past through some other work, but figured it would be handy to learn it.

I get it, I really do. Red team engagements are amazing and they’re a great way to identify problems in our environments. They’re really cool to talk about to your CEO buddies, and while you pay the bill you get to imagine a crack military-style force attacking your perimeter and attempting to breach your defences. They’re the cool thing that every security guy wants to do, because Blue’s the boring one, right?

So I kept having issues with connectivity in the docker system I run on my laptop. Couldn’t get it to pull images, build or whatever I needed to do.

$ docker build .
Sending build context to Docker daemon 13.61 MB
Step 1/9 : FROM ubuntu:latest
Get https://registry-1.docker.io/v2/: dial tcp: lookup registry-1.docker.io on 192.168.88.1:53: read udp 10.0.2.15:60485->192.168.88.1:53: i/o timeout

Turns out my docker machine was a bit special - probably because I hop between different networks fairly regularly.

While messing with a Cisco ASA, I needed to pull a certificate out of the config. While trying to parse it with openssl, it wasn’t pleased with the PKCS12 format file it claims to have exported:

139708630054816:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:\
   wrong tag:tasn_dec.c:1319:
139708630054816:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:\
   nested asn1 error:tasn_dec.c:381:Type=PKCS12

Even windows wouldn’t have a bar of it, which is unsurprising. Its certificate handling’s for shit anyway. I found the answer is here on StackOverflow (of course): OpenSSL cannot convert PKCS12 exported from Cisco ASA 55xx .

I was commenting on the seeming madness and complexity of our work firewall design recently:

We just drew a network diagram on the wall of just our firewalls, 12’ wide, 6’ tall… at the end, I jumped up and yelled “THE ARISTOCRATS”. Seemed required.

And someone asked “are you secure?”. Now, I could go with what we tell management - that we’re as secure as budgets allow - or a variety of other answers. This time, full objective honesty seemed to rule.

I learnt some new things today about how to deal with filenames in bash.

$ touch foo
$ ls foo*
foo
$ mv foo{,z}
$ ls foo*
fooz

Alternatively…

$ touch foo[1,2,3]
$ ls foo*
foo1 foo2 foo3
$ find . -name "foo*" -exec mv {}{,old} \;
$ ls foo*
foo1old	foo2old	foo3old

Silliness, I know. But handy when you want to rename a bunch of things, or just rename one without messing it up.

Setting up a loopback swap file is something I do fairly commonly on my virtual servers - RAM costs extra money - whereas SSD storage is common and included! Repartitioning’s too much messing around on DigitalOcean, so I set up a loopback file and it just works.

Here’s the commands to make a 2GB file (change count for different sizes):

yaleman@server:~# sudo dd if=/dev/zero of=/swap.img bs=1024 count=2097152
2097152+0 records in
2097152+0 records out
2147483648 bytes (2.1 GB) copied, 9.69851 s, 221 MB/s
yaleman@server:~# sudo chmod 0600 /swap.img
yaleman@server:~# sudo mkswap /swap.img
Setting up swapspace version 1, size = 2097148 KiB
no label, UUID=a78f6315-aba5-4d88-bb67-211f1a0c5e56

Edit the filesystem table:

I was asked by a friend to give a quick rundown on Mikrotik CAPSMAN configuration, so I dumped the config and added some notes. :)

Packages

I’m currently running v6.38 but was running about v6.2 only a week or so ago - make sure you have the “wireless” package enabled. Older RouterOS versions required the capsman-v2 package, which is now deprecated.

  > /sys package print
  Flags: X - disabled
   #   NAME                   VERSION
   0   routeros-mipsbe          6.38
   1   system    				6.38
   2   ipv6      				6.38
   3   wireless  6.38

If there was an X, enable it (in this example /sys package enable 3) - remember you’ll need to reboot after enabling a package.

A quick command for checking if your Active Directory servers are all listening on LDAP. Guess who had an issue with that today? :)

dig +short domainname.internal | xargs -I{} /usr/sbin/hping3 -p 389 -q -c 1 {} 2>&1 | egrep "(transmitted|hping)"

You’ll need hping3 - it’s installable from apt-get on Debian, can’t comment about any other distributions.

A quick explanation for each part:

• dig +short domainname.internal - pull the IPs of the hosts in the domain entry - they’ll be your domain controllers
• sudo is required because hping uses raw sockets
• xargs runs the next command on each input line
• hping3 -p 389 - connect on TCP to the LDAP port
• 2>&1 - redirect STDERR to STDOUT to make it more easily filtered
• egrep - filter only the required lines

This’ll hit each server once and show an output like: