Blog of James Brown

Autonomous Machines & Society.

2024-06-07
Ai Webpage Reader

use reader from jina

visit like:

1
2
3
curl https://r.jina.ai/$URL
curl https://s.jina.ai/$QUERY

Read More

2024-06-03
Route Network Interface To Specific Application

It is not advised to do so with dual WiFi connections, which is a pain in the ass in daily usage (only one of them will be used at a time).

Ethernet and WiFi dual connections seem fine with firejail but failed with dante.

Use firejail

1
2
sudo firejail --net=wlan0 --ip=dhcp --noprofile <program cmd>

Use dante and proxychains-ng

1
2
sudo apt install dante-server proxychains-ng

Now edit the dante config file at /etc/dante.conf:

1
2
3
4
5
6
7
8
9
10
11
12
13
internal: eth0 port = 1080
external: wlan0
socksmethod: username
user.privileged: root
user.unprivileged: nobody
user.libwrap: nobody
client pass {
from: 0/0 to: 0/0
}
socks pass {
from: 0/0 to: 0/0
}

Run the daemon by:

1
2
danted

Find the [ProxyList] section and add the following line in /etc/proxychains.conf:

1
2
socks5 127.0.0.1 1080 root <root_password>

Run the program with proxychains-ng:

1
2
proxychains <program cmd>

You can test your configuration like:

1
2
curl -x socks5://root:root@127.0.0.1:1080 https://www.baidu.com

If you run danted like systemctl start danted, you can configure a separate user for authentication. You have to change /etc/danted.conf and /etc/proxychains.conf accordingly.

1
2
3
sudo useradd -r -s /bin/false your_dante_user
sudo passwd your_dante_user

Read More

2024-05-29
Strange Behavior Within Docker Containers

The default directory after starting parrotsec container is the filesystem root directory, which cannot run msfconsole. Change to home directory using cd and run metasploit afterwards.

1
2
docker run --rm -it -w /root parrotsec/security

Symlinked files are not working properly from the start. Taking msfconsole for example, when running container from image parrotsec/security, it will get stuck if we immediately execute msfconsole once logged in, but we can mitigate the problem by first change into the directory where msfconsole really locates, then execute it from there.

1
2
3
4
5
6
7
8
9
10
docker run --rm -it parrotsec/security
# it will stuck
msfconsole
# note the following will also stuck
/usr/share/metasploit-framework/msfconsole
# instead let's first change directory
cd /usr/share/metasploit-framework
# then invoke the binary
./msfconsole

Read More

2024-05-27
Discord search engine and OSINT

Tutorial

https://www.authentic8.com/blog/collecting-osint-discord-guide

Google dork

1
2
3
4
5
6
“search term” site:discord.com
“search term” allinurl:discord.com
intext:"discord" intext:"Join" -site:discord.com
intext:"Discord" intext:"#community" -site:discord.com
intext:"Discord" intext:"OSINT Community" -site:discord.com

Websites

https://discordservers.com/

https://disboard.org/servers

https://discord.me/servers

https://top.gg/servers

https://discadia.com/server/furlough/

https://discordbotlist.com/

https://discordbee.com/

https://discord.center/

https://discordservers.com/browse

https://discordleaks.unicornriot.ninja/discord/

https://dht.chylex.com/

https://discord.com/servers

Read More

2024-05-27
Ip Info Collect

Tutorial:

https://stackoverflow.com/questions/24678308/how-to-find-location-with-ip-address-in-python

To obtain IP of ourselves, we can visit:

1
2
curl https://api.ipify.org

To get geo info of our IP, visit:

1
2
curl https://ipinfo.io | jq .country

TO get geo info of any IP, use:

https://pypi.org/project/IP2Location/

https://ip2location-python.readthedocs.io/en/latest/quickstart.html

Read More

2024-05-27
Anonymous Browsers

hysteria protocol is currently uncensored and undetected.

There are three kinds of anonymous browsers.

  • Container based, remote desktop connected browsers
1
2
3
4
5
6
7
8
9
10
docker pull linuxserver/firefox
# valina base image, without Unicode support
docker run -d --name firefox_browser --rm --expose 3000:3000 linuxserver/firefox
# configure `/System/Library/Fonts` to be available in Docker.app first then run this command
docker run -v /System/Library/Fonts:/usr/share/fonts:ro --name firefox_browser -d --rm -p 3000:3000 linuxserver/firefox
# Ubuntu and other Linux
docker run -v /usr/share/fonts:/usr/share/fonts:ro --name firefox_browser -d --rm -p 3000:3000 linuxserver/firefox
# official Unicode support
docker run -e DOCKER_MODS=linuxserver/mods:universal-package-install -e INSTALL_PACKAGES=font-noto-cjk -e LC_ALL=zh_CN.UTF-8 --name firefox_browser -d --rm -p 3000:3000 linuxserver/firefox

  • Container based, browser-in-browser emulation

https://github.com/titaniumnetwork-dev/Ultraviolet-App/wiki/Deploy-via-terminal

https://github.com/BrowserBox/BrowserBox

https://browse.cloudtabs.net/signupless_session

  • Builtin anonymous browser like Tor browser
Read More

2024-05-23
Mastering Cross-Browser Compatibility With Browsersync

Browser compatibility test

browsersync

Read More

2024-05-22
Hashcat And John The Ripper

Hashcat does not support yescript, which is a very slow hashing algorithm developed by some member in JtE. It can crack common password hashes quickly with GPU.

There are plenty of mask generation engines for hashcat. Find them with apt.

John the Ripper only provides few formats by default. To get more formats, install john-jumbo instead.

If the password somehow follows a pattern, use Markov chain based rainbow table generator.

Read More

2024-05-21
Gpt-4V Open Source Alternative

with llama3-v inside

https://github.com/OpenBMB/MiniCPM-V

https://github.com/mbzuai-oryx/Video-LLaVA

https://github.com/OpenGVLab/InternVL

https://github.com/THUDM/CogVLM2

PaliGemma (multimodal) from Google:

https://hf-mirror.com/google/paligemma-3b-pt-224

https://github.com/google-research/big_vision/blob/main/big_vision/configs/proj/paligemma/README.md

https://github.com/huggingface/blog/blob/main/paligemma.md

lots of open source models can be found at:

https://hf-mirror.com/google

Read More

2024-05-20
Decompiling A Jar File With Jd-Cli: Processes And Output Options

Java jar file decompiler

To decompile a single jar file we need more than just jd-core, which is a commandline tool to decompile a single class file at a time.

Use jd-cli which is downloadable at here.

Commandline usage:

1
2
3
4
5
6
# without docker
java -jar jd-cli.jar file-to-decompile.jar -ods decompiled-src
# with docker
docker run -it --rm -v `pwd`:/mnt --user $(id -u):$(id -g) \
kwart/jd-cli /mnt/file-to-decompile.jar -ods /mnt/decompiled-src

Full syntax:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
Usage: java -jar jd-cli.jar [options] [Files to decompile]
Options:
--displayLineNumbers, -n
displays line numbers in decompiled classes
Default: false
--escapeUnicodeCharacters, -eu
escape unicode characters in decompiled classes
Default: false
--help, -h
shows this help
Default: false
--logLevel, -g
takes [level] as parameter and sets it as the CLI log level. Possible
values are: ALL, TRACE, DEBUG, INFO, WARN, ERROR, OFF
Default: INFO
--outputConsole, -oc
enables output to system output stream
Default: false
--outputDir, -od
takes a [directoryPath] as a parameter and configures a flat DIR output
for this path
--outputDirStructured, -ods
takes a [directoryPath] as a parameter and configures a structured DIR
output for this path
--outputZipFile, -oz
takes a [zipFilePath] as a parameter and configures ZIP output for this
path
--pattern, -p
RegExp pattern which the to-be-decompiled file has to match. Not matching
entries are skipped.
--serialProcessing, -sp
don't use parallel processing
Default: false
--skipResources, -sr
skips processing resources
Default: false
--version, -v
shows the version
Default: false

Read More