Stuff

Lately, I've been tightening my own personal feedback loops. And working out. I've also been thinking about how sometimes it can be positive to forget things.

A Taxonomy of Communicative Modes

While lurking on the internet, I stumbled across a post from 2019 by @literalbanana on Twitter/X outlining different modes of communication.

Using Reflection in Go

Have you ever been writing Go and needed to quickly find all the possible methods or fields you can use with a particular function?

Knowledge vs Information

One way to conceptualize the difference between knowledge and information is this: knowledge involves some metric of computational difficulty to arrive at, while mere information lacks this property.

mapcidr patch

Project Discovery’s mapcidr had a bug when converting IP addresses. The “-ip-format” flag did not properly work for one of the cases. For example, echo '127.0.0.1' | mapcidr -ip-format 5 would incorrectly return the integer representation or decimal value 281472812449793, when it should have returned the decimal value 2130706433. The problem could be seen in the Go function here which uses functionality imported from the math library.

func IPToInteger(ip net.IP) (*big.Int, int, error) {
	val := &big.Int{}
	val.SetBytes([]byte(ip))

	if len(ip) == net.IPv4len {
		return val, 32, nil //nolint
	} else if len(ip) == net.IPv6len {
		return val, 128, nil //nolint
	} else {
		return nil, 0, fmt.Errorf("unsupported address length %d", len(ip))

The function was easily fixed by removing the early "setBytes" value and rewriting it to correctly set the bytes conditionally for each if-statement, depending on the IP type.

func IPToInteger(ip net.IP) (*big.Int, int, error) {

	val := new(big.Int)

	// check if the ip is v4 => convert to 4 bytes representation
	if ipv4 := ip.To4(); ipv4 != nil {
		val.SetBytes(ipv4)
		return val, 32, nil
	}

	// check if the ip is v6 => convert to 16 bytes representation
	if ipv6 := ip.To16(); ipv6 != nil {
		val.SetBytes(ipv6)
		return val, 128, nil
	}

	return nil, 0, fmt.Errorf("unsupported IP address format")
}

Pull request #258.

DMARC

Lately I've overheard some people discussing email spoofing with regard to organizations that don't implement DMARC. Namely, "APTs" taking advantage of organizations that don't utilize Domain-based Message Authentication, Reporting and Conformance.

Enumerating TLS Certificates with jq and Bash

Doubling back to share some more notes about web application security adjacent stuff. This is a bash script for reconnaissance that uses some tooling from Project Discovery - mapcidr and tlsx - in combination with jq and Bash, to enumerate TLS certificates.