Royce Williams roycewilliams

## dotslider.rule
# hashcat rule to only insert non-contiguous dots/periods
# Created 2024-04-13 by TychoTithonus (Royce Williams)
# Source:
:
i1.
i2.
i2.i1.
i3.
i3.i1.
i3.i2.

## unssz.py
#!/usr/bin/python
# -*- coding: utf-8 -*-
#
# Copyright 2017, Francesco "dfirfpi" Picasso <francesco.picasso@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0

## keytrap.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                roycewilliams
                / keytrap.md
            
            
              Last active
              February 15, 2024 23:06
            
              
                keytrap.md
              
          
    (mirror snapshot of: https://infosec.exchange/@tychotithonus/111924626712765292)
summary: new DNSSEC validation DoS vulnerabilities CVE-2023-50387 ("KeyTrap"), CVE-2023-50868 (NSEC3 vuln)
(living doc, updated regularly - if you prefer a low-edit post to boost, use https://infosec.exchange/@tychotithonus/111926621712441626)
Looks like DNS-OARC coordinated fixes in advance, but I don't see a centralized analysis, other than this announcement from the team who discovered KeyTrap:
https://www.athene-center.de/en/news/press/key-trap
... and their technical paper:
https://www.athene-center.de/fileadmin/content/PDF/Technical_Report_KeyTrap.pdf

  
## mdxfind-sha256-empty-10k.txt
# 10,000 iterations of SHA256 hash of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h '^SHA256$' -i 10000 -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/35a015f3914541ce829e2718dd4af871
SHA256x01 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855:
SHA256x02 cd372fb85148700fa88095e3492d3f9f5beb43e555e5ff26d95f5a6adc36f8e6:
SHA256x03 e67e72111b363d80c8124d28193926000980e1211c7986cacbd26aacc5528d48:
SHA256x04 f7d062d662826ed95869851db06bb539b402047baee53a00e0aa35bfbe98265d:
SHA256x05 2a132dbfe4784627b86aa3807cd19cfeff487aab3dd7a60d0ab119a72e736936:
SHA256x06 bdca9e8dbca354e824e67bfe1533fa4a238b9ea832f23fb4271ebeb3a5a8f720:

## mdxfind-sha1-empty-10k.txt
# 10,000 iterations of SHA1 hash of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h '^SHA1$' -i 10000 -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/2b071bb9f6f73d0968583de3509d9525
SHA1x01 da39a3ee5e6b4b0d3255bfef95601890afd80709:
SHA1x02 10a34637ad661d98ba3344717656fcc76209c2f8:
SHA1x03 3e6c06b1a28a035e21aa0a736ef80afadc43122c:
SHA1x04 3c7435cfd4e31b9be3991041c9a4f8292b752e5b:
SHA1x05 63027d7630360e4203c0e3f970ec2ffcfe5f8f1b:
SHA1x06 ecc1978dca2e31d10751ede8d8753f1cbded832e:

## mdxfind-md5-empty-10k.txt
# 10,000 iterations of MD5 hash of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h '^MD5$' -i 10000 -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/bcb1b6b59f107c228bd4eca72862044d
MD5x01 d41d8cd98f00b204e9800998ecf8427e:
MD5x02 74be16979710d4c4e7c6647856088456:
MD5x03 acf7ef943fdeb3cbfed8dd0d8f584731:
MD5x04 5a8dccb220de5c6775c873ead6ff2e43:
MD5x05 76682f743ae018364a082b2e87f2d2f5:
MD5x06 0f62265227df1b6d6deec36ab4bc5e76:

## mdxfind-empty.txt
# Various hashes of an "empty" password (zero-length string).
# Generated with: echo "" | mdxfind -h ALL -h '!salt' -z -f /dev/null stdin
# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
# Source: https://gist.github.com/roycewilliams/845c6105ef359976e1e884260aeda7aa
BLAKE224x01 7dc5313b1c04512a174bd6503b89607aecbee0903d40a8a569c94eed:
BLAKE256x01 716f6e863f744b9ac22c97ec7b76ea5f5908bc5b2f67c61510bfc4751384ea7a:
BLAKE384x01 c6cbd89c926ab525c242e6621f2f5fa73aa4afe3d9e24aed727faaadd6af38b620bdb623dd2b4788b1c8086984af8706:
BLAKE512x01 a8cfbbd73726062df0c6864dda65defe58ef0cc52a5625090fa17601e1eecd1b628e94f396ae402a00acc9eab77b4d4c2e852aaaa25a636d80af3fc7913ef5b8:
BMW224x01 e57c183da7e2cd3e90258ca04499b222420f9b6797bbab131b4d286e:
BMW256x01 82cac4bf6f4c2b41fbcc0e0984e9d8b76d7662f8e1789cdfbd85682acc55577a:

## tycho-mastodon-filter_temperatures.json
    {
        "_comment1": "Tycho Mastodon filter: Temperatures",
        "_comment2": "as of 2023-09-11",
        "_comment3": "https://gist.github.com/roycewilliams/86d110141d45439fa7b9da5ae2445219",
        "_comment4": "Note: leading and trailing spaces in keywords are usually deliberate",

        "context": [
            "home",
            "public"
        ],

## tycho-mastodon-filter_weather.json
    {
        "_comment1": "Tycho Mastodon filter: Weather",
        "_comment2": "as of 2023-09-11",
        "_comment3": "https://gist.github.com/roycewilliams/ca24a766bede8a185264734e99668a01",
        "_comment4": "Note: leading and trailing spaces in keywords are usually deliberate",

        "context": [
            "home",
            "public"
        ],

## tychotithonus-mastodon-follows.csv

          
            # Royce's Mastodon follows

            
              # 2023-08-24

            
              # https://gist.github.com/roycewilliams/33eeda52bce671f145967ab98b54ba54

            
              Account address
              Show boosts
              Notify on new posts
              Languages

            
              0Xiphorus@infosec.exchange
              true
              false

            
              0ddj0bb@infosec.exchange
              true
              false

            
              0ray@infosec.exchange
              true
              false

            
              0x58@infosec.exchange
              true
              false

            
              0x7eff@infosec.exchange
              true
              false

            
              0x90NOP@infosec.exchange
              true
              false
	# hashcat rule to only insert non-contiguous dots/periods
	# Created 2024-04-13 by TychoTithonus (Royce Williams)
	# Source:
	:
	i1.
	i2.
	i2.i1.
	i3.
	i3.i1.
	i3.i2.
	#!/usr/bin/python
	# -- coding: utf-8 --
	#
	# Copyright 2017, Francesco "dfirfpi" Picasso <francesco.picasso@gmail.com>
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	# 10,000 iterations of SHA256 hash of an "empty" password (zero-length string).
	# Generated with: echo "" \| mdxfind -h '^SHA256$' -i 10000 -z -f /dev/null stdin
	# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
	# Source: https://gist.github.com/roycewilliams/35a015f3914541ce829e2718dd4af871
	SHA256x01 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855:
	SHA256x02 cd372fb85148700fa88095e3492d3f9f5beb43e555e5ff26d95f5a6adc36f8e6:
	SHA256x03 e67e72111b363d80c8124d28193926000980e1211c7986cacbd26aacc5528d48:
	SHA256x04 f7d062d662826ed95869851db06bb539b402047baee53a00e0aa35bfbe98265d:
	SHA256x05 2a132dbfe4784627b86aa3807cd19cfeff487aab3dd7a60d0ab119a72e736936:
	SHA256x06 bdca9e8dbca354e824e67bfe1533fa4a238b9ea832f23fb4271ebeb3a5a8f720:
	# 10,000 iterations of SHA1 hash of an "empty" password (zero-length string).
	# Generated with: echo "" \| mdxfind -h '^SHA1$' -i 10000 -z -f /dev/null stdin
	# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
	# Source: https://gist.github.com/roycewilliams/2b071bb9f6f73d0968583de3509d9525
	SHA1x01 da39a3ee5e6b4b0d3255bfef95601890afd80709:
	SHA1x02 10a34637ad661d98ba3344717656fcc76209c2f8:
	SHA1x03 3e6c06b1a28a035e21aa0a736ef80afadc43122c:
	SHA1x04 3c7435cfd4e31b9be3991041c9a4f8292b752e5b:
	SHA1x05 63027d7630360e4203c0e3f970ec2ffcfe5f8f1b:
	SHA1x06 ecc1978dca2e31d10751ede8d8753f1cbded832e:
	# 10,000 iterations of MD5 hash of an "empty" password (zero-length string).
	# Generated with: echo "" \| mdxfind -h '^MD5$' -i 10000 -z -f /dev/null stdin
	# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
	# Source: https://gist.github.com/roycewilliams/bcb1b6b59f107c228bd4eca72862044d
	MD5x01 d41d8cd98f00b204e9800998ecf8427e:
	MD5x02 74be16979710d4c4e7c6647856088456:
	MD5x03 acf7ef943fdeb3cbfed8dd0d8f584731:
	MD5x04 5a8dccb220de5c6775c873ead6ff2e43:
	MD5x05 76682f743ae018364a082b2e87f2d2f5:
	MD5x06 0f62265227df1b6d6deec36ab4bc5e76:
	# Various hashes of an "empty" password (zero-length string).
	# Generated with: echo "" \| mdxfind -h ALL -h '!salt' -z -f /dev/null stdin
	# MDXfind version: $Header: /home/dlr/src/mdfind/RCS/mdxfind.c,v 1.120 2024/01/22 20:41:23 dlr Exp dlr $
	# Source: https://gist.github.com/roycewilliams/845c6105ef359976e1e884260aeda7aa
	BLAKE224x01 7dc5313b1c04512a174bd6503b89607aecbee0903d40a8a569c94eed:
	BLAKE256x01 716f6e863f744b9ac22c97ec7b76ea5f5908bc5b2f67c61510bfc4751384ea7a:
	BLAKE384x01 c6cbd89c926ab525c242e6621f2f5fa73aa4afe3d9e24aed727faaadd6af38b620bdb623dd2b4788b1c8086984af8706:
	BLAKE512x01 a8cfbbd73726062df0c6864dda65defe58ef0cc52a5625090fa17601e1eecd1b628e94f396ae402a00acc9eab77b4d4c2e852aaaa25a636d80af3fc7913ef5b8:
	BMW224x01 e57c183da7e2cd3e90258ca04499b222420f9b6797bbab131b4d286e:
	BMW256x01 82cac4bf6f4c2b41fbcc0e0984e9d8b76d7662f8e1789cdfbd85682acc55577a:
	{
	"_comment1": "Tycho Mastodon filter: Temperatures",
	"_comment2": "as of 2023-09-11",
	"_comment3": "https://gist.github.com/roycewilliams/86d110141d45439fa7b9da5ae2445219",
	"_comment4": "Note: leading and trailing spaces in keywords are usually deliberate",

	"context": [
	"home",
	"public"
	],
	{
	"_comment1": "Tycho Mastodon filter: Weather",
	"_comment2": "as of 2023-09-11",
	"_comment3": "https://gist.github.com/roycewilliams/ca24a766bede8a185264734e99668a01",
	"_comment4": "Note: leading and trailing spaces in keywords are usually deliberate",

	"context": [
	"home",
	"public"
	],
# Royce's Mastodon follows
# 2023-08-24
# https://gist.github.com/roycewilliams/33eeda52bce671f145967ab98b54ba54
Account address	Show boosts	Notify on new posts	Languages
0Xiphorus@infosec.exchange	true	false
0ddj0bb@infosec.exchange	true	false
0ray@infosec.exchange	true	false
0x58@infosec.exchange	true	false
0x7eff@infosec.exchange	true	false
0x90NOP@infosec.exchange	true	false