The DNS service is providing different IPs is due to the load balancing algorithm used by the provider (in this case Akamai). Even with a script that would query the DNS for A records periodically, they can pop in/out IPs that might not be covered by current resolution. One approach would be to pin (in /etc/hosts, or dnsmasq) that host to one of the resolved ip addresses, and clear clients DNS cache. This too has its downsides, as they can exclude that ip from serving DNS requests for the intended domain....but chances are, your test time, is covered.
Thanks for another awesome video Matt! I'm excited to see the Discord community :) As you might already know, Netgear has a public bug bounty program for their Nighthawk line of routers via Bugcrowd. If you do find a vulnerability worth reporting to them, it'd be really cool to see what a writeup for something like that looks like. I don't believe I've seen any other IoT pentesters go over how things like that work. Thanks for the video, best regards.
Really looking forward to the discord server. I believe it will be fun for you and others. While you were hovering over the bash script you wrote I noticed that I don't have enough knowledge about linux network controls. Do you suggest any reading content(books, blog, etc.) about those or archwiki is enough ? :D
I do love the arch wiki :D I make my setup from a combination of this stuff: wiki.archlinux.org/title/Internet_sharing wiki.archlinux.org/title/Software_access_point wiki.archlinux.org/title/Dnsmasq
Thanks for the video. I have the Netgear Nighthawk 7000, Installed Fresh Tomato. Would installing Fresh Tomato improve the over all security of the system? A follow up video where you install Fresh Tomato and test again would be interesting.
You should do some vids on a surfboard cable modem with forceware installed, i used to get free internet some years ago. Ill send it to you if you got a po box
The DNS service is providing different IPs is due to the load balancing algorithm used by the provider (in this case Akamai). Even with a script that would query the DNS for A records periodically, they can pop in/out IPs that might not be covered by current resolution. One approach would be to pin (in /etc/hosts, or dnsmasq) that host to one of the resolved ip addresses, and clear clients DNS cache. This too has its downsides, as they can exclude that ip from serving DNS requests for the intended domain....but chances are, your test time, is covered.
ok this makes sense :D
Use dig command to query list of the ips from dns
I'm a new subscriber and i like the consistency you're putting in, loving the contents
Thanks for another awesome video Matt! I'm excited to see the Discord community :)
As you might already know, Netgear has a public bug bounty program for their Nighthawk line of routers via Bugcrowd. If you do find a vulnerability worth reporting to them, it'd be really cool to see what a writeup for something like that looks like. I don't believe I've seen any other IoT pentesters go over how things like that work. Thanks for the video, best regards.
Cant wait for the in depth Mitm video
Great repo Matt. Looking forward to check it out.
Good to see some genuine content. I'm definitely still learning this stuff, so really appreciate the explanation and detail. Keep 'em comming!
Another Amazing Video Matt, thanks for sharing your process and making the repo public. Will definitely be using this tool in the future. Discord!
This is the good stuff!
Great video thx
Really looking forward to the discord server. I believe it will be fun for you and others. While you were hovering over the bash script you wrote I noticed that I don't have enough knowledge about linux network controls. Do you suggest any reading content(books, blog, etc.) about those or archwiki is enough ? :D
I do love the arch wiki :D
I make my setup from a combination of this stuff:
wiki.archlinux.org/title/Internet_sharing
wiki.archlinux.org/title/Software_access_point
wiki.archlinux.org/title/Dnsmasq
@@mattbrwn Thanks for the titles!
Thanks for the video.
I have the Netgear Nighthawk 7000, Installed Fresh Tomato. Would installing Fresh Tomato improve the over all security of the system?
A follow up video where you install Fresh Tomato and test again would be interesting.
I love this idea. Will give it a shot!
Awesome content brother keep it up
Awesome! I didn't know about this "--bind" option from mount command. In time, what is the name of the text http debbuger that you have used?
mitmproxy
hello Matt, do you use qemu to emu some hardware ? or you just buy and debug on the real device ? Thanks
I usually prefer the real device. Getting firmware to emulate correctly takes a lot of work most of the time.
do you make a video about WAN interface testing?
what do you mean by WAN interface testing?
@@mattbrwn testing of those network services that are available via the WAN interface. And the necessary setup for this.
15:00 perfect live example of why terminal throughput actually matters. Casey Muratori was right
I know right? certainly with today's HW we can run faster than 115200 :D
I have this exact router collecting dust, about to hack into it! Thanks for the content.
You should do some vids on a surfboard cable modem with forceware installed, i used to get free internet some years ago. Ill send it to you if you got a po box
Try using dig command instead of nslookup
dig also uses DNS so it will also show different IPs related to the server as in the case of nslookup. DNS is the real cause, not the command.
Baby got scroll back.. 21:26