I posted recently about calculating subnets and CIDR notation quickly, but I didn’t mention in that post host to quickly get the Network ID, first host and Broadcast address for a subnet given an awkward address. This is another easy trick that covers that!

If it’s a simple, classful, address then it’s really easy because your dividing line is at the break between octets. So to determine the details for 192.168.4.0/24 is really simple. The previous post tells us that the the mask is 255.255.255.0 and we have no difficult octets so we break between the 255 and 0, which in this example is the third and fourth octet. Then we just use the values 0, 1 and 255 – to give:

```
Network ID: 192.168.4.0
First host 192.168.4.1
Broadcast: 192.168.4.255
```

However if the address you’re trying to calculate is something a little trickier, like the details for: 192.168.25.45/21 you can use the following trick:

First of all work out the subnet mask using the previous post. Take a look at the mask and determine which is the interesting octet (that’s the one which isn’t either 255 or 0). The first step is to work out the “multiplier” for the interesting octet. Do this by working out 256 – the value of that octet.

So for the example 192.168.25.45/21 this has a mask of 255.255.248.0 making the third octet the interesting one. 256 – 248 is 8. So the multiplier is 8. Now you need to work out the “magic number”, this is the highest multiple of the multiplier which isn’t bigger than the octet itself. The octet is 25 so the highest multiple smaller than 25 is 24. Place this value in the position of the interesting octet and you’ve got yourself the first two details!

```
Network ID: 192.168.24.0
First Host: 192.168.24.1
```

Now, to get the final detail, the broadcast ID, simply add the multiplier to the Network ID and go one address down. So here we’d get 24 + 8, or 32, giving us 192.168.32.0 and one address less than that is 192.168.31.255!

So the details for 192.168.25.45/21 are:

```
Network ID: 192.168.24.0
First Host: 192.168.24.1
Broadcast: 192.168.31.255
```

Since computing and networking exams seem to love questions about subnetting – it’s good to practice!

That’s it!

Previous
### PrivEsc: Unquoted Service Path

One method for escalating permission from Local/Domain User to Local Administrator, is “Unquoted Service paths”. In my experience finding unquoted service paths is a common occurrence, however actually being able to exploit them is not. In this article we’ll explore how to find these issues and how to quickly determine [...]

Play | Cover | Release Label |
Track Title Track Authors |
---|