Skip to content

Instantly share code, notes, and snippets.

View bortzmeyer's full-sized avatar

Stéphane Bortzmeyer bortzmeyer

277 followers · 19 following
View GitHub Profile
@bortzmeyer
bortzmeyer / ecs-doh.md
Created October 22, 2019 07:50
ECS in the responses of a DoH resolver 
% homer https://dns.hostux.net/dns-query csa.fr A       
id 0
opcode QUERY
rcode NOERROR
flags QR RD RA
edns 0
payload 4096
option ECS 2001:67c:1348::/56 scope/0
;QUESTION
@bortzmeyer
bortzmeyer / zonemaster-ipv6.md
Created September 11, 2019 07:26
zonemaster.fr reachable over IPv6 
% blaeu-reach -r 100 --by_probe 2001:67c:2218:3::1:83
99 probes reported
Test #22786080 done at 2019-09-11T07:25:01Z
Tests: 98 successful probes (99.0 %), 1 failed (1.0 %), average RTT: 70 ms
@bortzmeyer
bortzmeyer / canary.md
Created September 10, 2019 06:40
RIPE Atlas probe and Mozilla canary domain for DNS censorship 
 % blaeu-resolve -r 1000 --type A use-application-dns.net 
[ERROR: NXDOMAIN] : 5 occurrences 
[185.199.108.153 185.199.109.153 185.199.110.153 185.199.111.153] : 990 occurrences 
Test #22775161 done at 2019-09-10T06:32:14Z
@bortzmeyer
bortzmeyer / gandi-face-cachee.md
Created September 6, 2019 07:26
Problème HTTP chez Gandi 
% curl -v http://www.face-cachee-internet.fr
* Rebuilt URL to: http://www.face-cachee-internet.fr/
*   Trying 217.70.184.56...
* TCP_NODELAY set
* Connected to www.face-cachee-internet.fr (217.70.184.56) port 80 (#0)
> GET / HTTP/1.1
> Host: www.face-cachee-internet.fr
> User-Agent: curl/7.52.1
> Accept: */*
@bortzmeyer
bortzmeyer / syncthing.md
Last active August 29, 2019 09:38
Test de Syncthing

Syncthing https://syncthing.net/ est un outil de synchronisation de fichiers en pair-à-pair. J'ai testé avec deux machines, un PC Ubuntu et un ordiphone Android. Les machines se reconnaissent par leur "device ID", un condensat d'une clé cryptographique. Sur Android, on peut l'afficher avec "Afficher l'ID de l'appareil". Sur Ubuntu via l'interface Web "Show my ID". Pour accepter l'Android, j'ai utilisé la fonction qui affiche les ID des machines du même réseau local. Pour accepter le PC, j'ai utilisé le QR-code affiché dans l'interface Web. Installation sur Ubuntu : dans le magasin standard, donc apt-get install syncthing (ou bien le cliquodrome d'installation de logiciels). Aucune idée de ce qu'on doit faire après, je ne trouve pas la doc. Ah, si, le lien était discret : https://docs.syncthing.net/intro/getting-started.html On lance syncthing et il crée les clés puis vous redirige vers une interface Web Installation sur Android : via le Google Play Store. Il faut ensuite explicitement indiquer quels dossiers

@bortzmeyer
bortzmeyer / flexbalancer.md
Created July 31, 2019 10:18
Broken CDN DNS server

NXDOMAIN for an ENT (Empty Non-Terminal)

 dig @ns1.flexbalancer.net. A a7e454.flexbalancer.net 

; <<>> DiG 9.10.3-P4-Debian <<>> @ns1.flexbalancer.net. A a7e454.flexbalancer.net
; (2 servers found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 627
@bortzmeyer
bortzmeyer / context.md
Created July 31, 2019 10:01
Firefox console for Context generator 
<script> source URI is not allowed in this document: “https://browser.sentry-cdn.com/4.4.1/bundle.min.js”.
le-generateur-de-communiques-ministeriels.html:604
Loading failed for the <script> with source “https://www.googletagmanager.com/gtag/js?id=UA-15017861-10”.
index.html:4
ReferenceError: Sentry is not defined[Learn More]
le-generateur-de-communiques-ministeriels.html:606:5
Loading failed for the <script> with source “https://connect.facebook.net/en_US/fbevents.js”.
le-generateur-de-communiques-ministeriels.html:1
Loading failed for the <script> with source “https://snap.licdn.com/li.lms-analytics/insight.min.js”.
@bortzmeyer
bortzmeyer / arfinic-anycast.md
Created July 22, 2019 18:04
Afrinic anycast DNS server

Seen by the RIPE Atlas probes.

% blaeu-resolve -r 100 --nsid --nameserver 196.216.168.25 -q SOA tn
Nameserver 196.216.168.25
[NSID: b's04-ns2.jnb' ns1.ati.tn. hostmaster.ati.tn. 2019128869 21600 10800 604800 86400] : 49 occurrences 
[NSID: b's03-ns2.jnb' ns1.ati.tn. hostmaster.ati.tn. 2019128869 21600 10800 604800 86400] : 38 occurrences 
[TIMEOUT] : 6 occurrences 
[NSID: b's01-ns2.jinx' ns1.ati.tn. hostmaster.ati.tn. 2019128869 21600 10800 604800 86400] : 2 occurrences 
[NSID: b's01.ns2.tun' ns1.ati.tn. hostmaster.ati.tn. 2019128869 21600 10800 604800 86400] : 1 occurrences
@bortzmeyer
bortzmeyer / mine.md
Created June 18, 2019 08:58
Programme de minage pour l'école d'été de cybersécurité, cours Bitcoin 
#!/usr/bin/env python3

import random

def asciisum(s):
    result = 0
    for c in s:
        result += ord(c)
 return result
@bortzmeyer
bortzmeyer / cameroon.cm
Created May 23, 2019 06:47
Cameroon wrong delegation for com.cm
```
% check-soa -i cm
auth02.ns.uu.net.
198.6.1.82: ERROR: SERVFAIL (112 ms)
benoue.camnet.cm.
195.24.208.2: OK: 2019052303 (118 ms)
kim.camnet.cm.
195.24.192.35: OK: 2019052303 (114 ms)
lom.camnet.cm.
195.24.192.34: OK: 2019052307 (114 ms)