@sskaje

Hijack DnsPod HttpDNS

By @sskaje
Link: https://sskaje.me/2019/04/hijack-dnspod-httpdns/

劫持DNS是个很简单的工作，家用路由器基本都自带dnsmasq，直接加解析就行。

之前某次尝试劫持某视频App的广告接口解析到一个空的本地服务器上，发现该App使用了DnsPod的HttpDNS服务，所以传统的DNS劫持方案不好用。而EdgeRouter的DPI功能也没有对外开放墙一般的高级接口，所以这次用NAT来实现。

Continue reading “Hijack DnsPod HttpDNS” »

Hijack DnsPod HttpDNS by @sskaje: https://sskaje.me/2019/04/hijack-dnspod-httpdns/

Asus Merlin Policy Based Routing

By @sskaje
Link: https://sskaje.me/2019/02/asus-merlin-policy-based-routing/

之前写过一个版本，基于380.x的，一开始好用，最近过来发现不好使了。索性把家里路由升级到384.9，重新配置。

拓扑结构基本不变，增加了需求让两边家里能互通，所以把NAT关了。

这回直接简化，搞了个github的repo，https://github.com/sskaje/merlin-pbr，把jffs的配置脚本放进去了，依旧是 dnsmasq + ipset，但是openvpn-event脚本也可以手工维护路由列表，自动走openvpn的网卡。

Asus Merlin Policy Based Routing by @sskaje: https://sskaje.me/2019/02/asus-merlin-policy-based-routing/

北京联通IPv6 DNS

By @sskaje
Link: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/

2408:8000:1010:1::8
2408:8000:1010:2::8

1 2	2408:8000:1010:1::8 2408:8000:1010:2::8

之前google搜的时候，看到有人说一个好像是 dnslab.net 的，千万别用！！！

北京联通IPv6 DNS by @sskaje: https://sskaje.me/2018/12/beijing-china-unicom-ipv6-dns/

北京联通EdgeRouter开启IPv6

By @sskaje
Link: https://sskaje.me/2018/12/china-unicom-beijing-edgerouter-enable-ipv6-pppoe/

看到说北京联通的pppoe也开始启用ipv6了，在EdgeRouter Lite上开了一下设置。

联通给了个 /56 的prefix。

我的eth1接了上行，pppoe拨号，eth0是lan。

set interfaces ethernet eth1 pppoe 0 ipv6 address autoconf
set interfaces ethernet eth1 pppoe 0 ipv6 enable
set interfaces ethernet eth1 pppoe 0 ipv6 dup-addr-detect-transmits 1 

set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 interface eth0 service slaac
set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 prefix-length /56

set interfaces ethernet eth1 pppoe 0 ipv6 address autoconf

set interfaces ethernet eth1 pppoe 0 ipv6 enable

set interfaces ethernet eth1 pppoe 0 ipv6 dup-addr-detect-transmits 1

set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 interface eth0 service slaac

set interfaces ethernet eth1 pppoe 0 dhcpv6-pd pd 0 prefix-length /56

lan

interface {
  ethernet eth0 {
    ipv6 {
      router-advert {
          cur-hop-limit 64
          link-mtu 0
          managed-flag false
          max-interval 600
          other-config-flag false
          prefix ::/64 {
              autonomous-flag true
              on-link-flag true
              valid-lifetime 2592000
          }
          reachable-time 0
          retrans-timer 0
          send-advert false
      }
    }
  }
}

interface {

ethernet eth0 {

ipv6 {

router-advert {

cur-hop-limit 64

link-mtu 0

managed-flag false

max-interval 600

other-config-flag false

prefix ::/64 {

autonomous-flag true

on-link-flag true

valid-lifetime 2592000

}

reachable-time 0

retrans-timer 0

send-advert false

}

记住配置防火墙

北京联通EdgeRouter开启IPv6 by @sskaje: https://sskaje.me/2018/12/china-unicom-beijing-edgerouter-enable-ipv6-pppoe/

Recover RSA Private Key from N E D

By @sskaje
Link: https://sskaje.me/2018/11/recover-rsa-private-key-from-n-e-d/

N: Public Modulus
E: Public Exponent
D: Private Exponent

from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization

n = xxxxxx
e = 65537
d = yyyyyy

(p, q) = rsa.rsa_recover_prime_factors(n, e, d)

dmp1 = d % (p - 1)
dmq1 = d % (q - 1)
iqmp = q ^ (-1) % p

print("p=" + str(p))
print("q=" + str(q))
print("dmp1=" + str(dmp1))
print("dmq1=" + str(dmq1))
print("iqmp=" + str(iqmp))

print("pq=" + str(p * q))

private_numbers = rsa.RSAPrivateNumbers(
    p=p,
    q=q,
    d=d,
    dmp1=dmp1,
    dmq1=dmq1,
    iqmp=iqmp,
    public_numbers=rsa.RSAPublicNumbers(
        e=e,
        n=n,
    )
)

pk = private_numbers.private_key(backend=default_backend())

pem = pk.private_bytes(
    encoding=serialization.Encoding.PEM,
    format=serialization.PrivateFormat.TraditionalOpenSSL,
    encryption_algorithm=serialization.NoEncryption()
)

print(str(pem, "utf-8"))

from cryptography.hazmat.primitives.asymmetric import rsa, padding

from cryptography.hazmat.primitives import hashes

from cryptography.hazmat.backends import default_backend

from cryptography.hazmat.primitives import serialization

n = xxxxxx

e = 65537

d = yyyyyy

(p, q) = rsa.rsa_recover_prime_factors(n, e, d)

dmp1 = d % (p - 1)

dmq1 = d % (q - 1)

iqmp = q ^ (-1) % p

print("p=" + str(p))

print("q=" + str(q))

print("dmp1=" + str(dmp1))

print("dmq1=" + str(dmq1))

print("iqmp=" + str(iqmp))

print("pq=" + str(p * q))

private_numbers = rsa.RSAPrivateNumbers(

p=p,

q=q,

d=d,

dmp1=dmp1,

dmq1=dmq1,

iqmp=iqmp,

public_numbers=rsa.RSAPublicNumbers(

e=e,

n=n,

)

pk = private_numbers.private_key(backend=default_backend())

pem = pk.private_bytes(

encoding=serialization.Encoding.PEM,

format=serialization.PrivateFormat.TraditionalOpenSSL,

encryption_algorithm=serialization.NoEncryption()

)

print(str(pem, "utf-8"))

Recover RSA Private Key from N E D by @sskaje: https://sskaje.me/2018/11/recover-rsa-private-key-from-n-e-d/