lee/hpr-knowledge-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
hpr-knowledge-base/hpr_transcripts/hpr3491.txt

487 lines
26 KiB
Plaintext
Raw Permalink Normal View History

Initial commit: HPR Knowledge Base MCP Server - MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-26 10:54:13 +00:00
Episode: 3491
Title: HPR3491: My Github and flickmetrix
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3491/hpr3491.mp3
Transcribed: 2025-10-25 00:22:39
---
This is Haka Public Radio episode 3491 for Monday the 20th of December 2021.
Today's show is entitled, MyGidHub and FlickMetrics.
It is hosted operator, and is about 26 minutes long, and carries an explicit flag.
The summer is, bear with me as I go though MyGidHub over the past year some real gems
in the end.
Hello everyone, I'm Malcolm Duna, the episode of Haka Public Radio with your host operator.
Today I'll be talking about kind of going over what I've stuff I've been working on,
and FlickMetrics, which I'm going down my HPR list in order of chronological order.
I do have IT stories that I will go over eventually, but the next one on the list is been
on there for a while since August is FlickMetrics.
So while I'm doing FlickMetrics stuff, which is probably a five minute podcast, I'm going
to kind of quickly go over the stuff I've been working on, mainly Windows, Unix, Linux,
and it's all in GitHub.
So I will put the link in the show notes obviously to MyGidHub, but I'm going to kind of quickly
go over how I've been using GitHub and kind of probably incorrectly, but for the main
thing is just a lot of my stuff is in a Scripts folder.
Some of it is sort of organized, but at least this time around, instead of having a giant
Food.Tex, which is where all my kind of one liners and little small scripts are, everything
is kind of organized a little, well, let's see, we're breaking out into folders.
So I'm not sure the right way to to chop all this stuff up if each application needs
to be its own repo, I guess.
Anyways, I haven't actually studied or done any research, so I'm not looking for answers
I can Google.
But anyways, I'm using GitHub mainly just to hold some of my content because my website,
personal website has kind of been blocked and nobody really blocks GitHub.
So that has some advantages around custom binaries and code that would normally get flagged
or executables or binary packages that normally get flagged by Windows specifically.
That allows me to work around that.
So quickly, anyways, we're going to go over, I don't know how chronological order or just
just order of how I've got everything set up.
First is Bounce Scripts.
It's going to be main one's AutoHotkey.
The only one I've added here, I have plenty of AutoHotkey scripts that I don't use anymore.
This one is a toggle high contrast in Windows and I've been playing around a little bit
with high contrast mode in Windows.
I've been happy with it so far.
There have been a few times and a few sites that do not follow the rules of high contrast
mode, and that kind of tends to make things weird, specifically, usually it's like when
you're trying to select text, it doesn't follow the right logic and you'll end up not
seeing anything or buttons will essentially not be there that aren't there in non-high contrast
mode.
So, actually right now, it doesn't even look like I'm in high contrast mode.
There we go.
A lot of the websites have a dark mode or whatever, so sometimes it's hard for me to tell
until I'm actually in an application or looking at the start menu that I'm actually not
in high contrast mode.
For me, it helps visually, whatever.
Anyways, I'm, I'm, I'm rambling.
Auto-hockey, I have an executable, I have the Auto-hockey source and a little screenshot.
That's under the scripts folder, nothing to be said there.
Let's see, I've got some bass scripts, CS Badgers for CrowdStrike if you're in the CrowdStrike.
Not going to play claim to be any kind of expert in bass profile, but I was working on a
bass profile.
CSTI is a CrowdStrike script that will pull threat intelligence.
That's super useful.
Domain to IP basically will take a domain and convert that to any IP addresses that are
attached to that domain using the website CRT.SH and it will pull all the SSH certificates
that exist that it knows about and then it will pull the IPs to those and then potentially
scan them if I remember correctly.
Anyways, it's a little one-liner domain recon, it's a bass script to do a bunch of domain
recon stuff, so if you have a bunch of websites and you want to quickly tell about things
about them, that's all I think done in bass, it doesn't require anything else.
Jetsie installer for Docker, in that smart fast, I think I did a podcast on this where
it kind of semi-intelligently will scan the longer 172 to not ranges.
Umbi is a different script for updating Plex, which is a media server.
Umbi is a request system where you can request up to be downloaded, so I wrote an update
script for Umbi.
I don't even know if I've even updated that, but it's an example.
Plex cleanup script, that one's actually kind of cool.
If you want to see some kind of interesting scripting as far as rejects inside of the
fine command for Linux, there's some pretty cool things you can do.
Plex kernel panic search that was a fruitless effort trying to figure out why Plex was crashing
in whatever. Plex update script, that one's pretty cool, we'll update Plex automatically
and not run as root, it runs it in a user land, so it will put it all in its own thing.
Not necessarily jailed, obviously, but it's through updating Plex outside of the kind of
a Uper user setup.
RmMP will clean, kind of clean up your folder.
The RmMP and Plex cleanup scripts probably are the same thing, yes, they're more or less
the same thing.
One of them is slightly larger with some different rejects in it, so there are some instances
where I already knew something and then re-uploaded it, because I forgot that I uploaded it.
Stream to text, I did a podcast on that one, subsonic set new, it says default home screen.
I gave up on subsonic and switched to Plex for my streaming audio, subsonic patches,
and I remember that.
The Plex metrics, good movies, SH, so that's what I was talking about, basically this
pulls FlickSmetrics, which is a website that has rankings and stuff for websites, FlickMetrics.com
with an X.
They have an EPI that will pull back JSON and part of that JSON fairly simply, and then create
a little movies list, so I can see what good movies are out, and it works okay.
Let's pretty much it for the bash folder, let's see what else we got, and I'll go over
the rest of them quickly and let you go.
CrowdStrike thread hunting, that's self-explanatory, there's some thread hunting scripts in there,
CrowdStrike, some JavaScript stuff, and work in progress for a wish.com price filter that
will have the shipping information in there.
It looks like I hack in the box thing, some JavaScript for something, I don't remember.
Anyways, podcasts, posts, I'm not sure what that's for actually.
Universal Android, SSLPing, bypassed.
If you've ever done any stuff with Frida, or what's the other one, Frida is a tool that
you can use to inspect, basically, mobile applications, and there's another one called
Objection.
With those two tools that you can do things like bypass SSL, try to bypass SSLPing, this
will do a bunch of different SSLPing tricks, and it took me a while to find this, so that
one's actually pretty cool.
It's called Universal Android, SSLPing, bypassed with Frida.
I think I renamed it to be more friendly because it took me a lot to find that link again.
It's pretty much all the job of stuff, let's see what else we got.
Windows, Batch, PowerShell, there's a bunch of Windows, Batch stuff in here, really fun
stuff.
CS Diag, that's for Windows, that will help you like uninstall or reinstall CrowdStrike sort
of.
It's just when when LogBeat installs, this will automatically install when LogBeat and
SysMom and set it all up for help.
I took all the Android Dipload scripts that I could possibly find, all the apps that
I could possibly find that were in theory safe to disable or remove, and I wrote a script
that will automatically pull down all the stuff you need, all the binaries you need, all
the drivers you need to basically automatically deplow your phone, whether you're in Russia
with whatever providers they have, and you have a Samsung, or if you've got some other
branded phone, and you're in carriers, or carriers have their own hardware and their
own garbage, and the manufacturers have their own garbage, so I have a Samsung with Verizon.
So not only do I have a bunch of crap on there from Samsung, I have a bunch of crap on
there from Verizon, and then I also have crap on there from work.
So there's like three different things, and the problem with Android is you can't just
willingly remove stuff because you might get in a boot, loop crash, whatever, and you
won't be able to actually boot the phone into any kind of whatever.
So I haven't run this fully, I ran some pretty big ones, but I haven't run this one.
It's a combination of every single script that I could possibly find that it would remove
malware.
It's like spyware or whatever you want to call it, junk.
Well, anyways, Android Logcat will basically take the Android log file and analyze it because
their battery analyzers are all garbage and they don't actually tell you what app is
you doing, what, so this will create basically help you debug anything wrong with your phone
regardless of whether or not the apps tell you what's wrong with your phone.
They don't, the battery apps, I had some issues with my Android and I would lay it down
and it would idle hot, then I did a full reset, same thing, idle hot, I would pick up the
phone and it would be warm, and I kept using all these battery, better battery stats and
all this other stuff and it would ask for root and it would ask for like the debug command
you'd have to like allow something through like ADB and like plug in USB and do all this
crazy stuff.
And at the end of the day, it would be like Android kernel is using up 47% of your whatever
and it was just useless.
So finally, for whatever reason, I was trying to figure out not do this, which would end
it up taking me like not even 30 minutes to write this script.
Instead of doing that, I went through all these stupid battery apps scripts that would
hopefully tell me what was going on with my phone, but it was just like the CPU is back
to me on the line.
So Android Logcat, it's pretty cool.
Bleachbit quickkill will essentially take my quickkill script and combine it with Bleachbit
and Bleachbit is weird.
I don't really want to get into it, but I'll breeze over it.
Bleachbit doesn't let you easily select all the options to uninstall.
Now, if you've ever done CC Cleaner or CC Cleaner, I'm sorry, it will remove a bunch of
stuff and it's got a UI and they do have a command line thing, but it's weird that like
if you're if you haven't run it in a while, it'll be like you need to download the latest
one and we can't we can't really run this or it's obviously, you know, doesn't want
you to write it to use it or commercial or whatever.
It's it's just gotten bloated and just too corporate.
So I went to go update my own script that was called Quick Clean and I realized that, you
know, the thing was 15 years old or 10 years old and I said there's got to be something
else out there that uses these same paths, essentially, because you're all you're really
doing with these cleaners is pulling out paths, file types, file extensions and, you know,
registry keys.
So I think that's all you need is like a list.
So I found this stuff on GitHub and I started searching around and there's a couple of
cleaners out there and bleach bits seem to do have the latest and greatest and the most
complete killing apparatus of all the junk that you don't need.
Now the cool thing about this bleach bit, quick kill is it does a few extra things.
It will create or run the normal, it runs the normal cleaner, the normal windows cleaner
which is called clean manager and it does some registry key stuff to set basically all
the permissions, all of the options and the clean manager and we'll run it automatically.
Then it also does kind of deletes temporary stuff that's in temporary folders like
temporary internet files.
This is only this is per user now.
Now bleach bit from what I understand only runs on the list host that it's on or the
user name that it's under this little delete all users, which will pull every single user
and delete like the history and the temp file and the cookies and the recent and the
temporary internet files.
So it will remove all that stuff from all the users and that's kind of what I kind of
liked about my quick clean is that it would do it for all user and not just the user
that you're currently logged into.
So next thing it does is it downloads bit bitch, the latest or 4.0, we'll download that
automatically, run it and it will basically update itself, it will enable all the options
and run it.
Something about this is before it does all that, it will kill, it will download the latest
version of my quick kill script and kill everything that doesn't need to be running on the system.
Now you can customize it if you have a blue screen or want something to run, why you
wouldn't want something to run.
Anyways, if you have a blue screen after quick kill runs, then you know you need to add
some kind of item in there and actually save the log.
So if you do crash, you can see the last couple of executables that got killed before you
got a blue screen, but I've run it on, I don't know, to be different, maybe 20 different
systems and never had a problem with it.
So it kills everything that's not running.
Now the thing about Windows, unlike Linux Unix, you can delete a file while it's in use
for the most part.
Windows will lock, often lock files, even just for if they're being read.
Now if they open them up to read right, obviously they're going to be blocked too.
So when you use quick kill along with bleach bit and my cleaner scripts, it will kill everything
that's not needed and then that way it's able to clean up after all the tent files that
all these things have laid around.
I would say on a system that's never run it before, it would take about, I want to say
like 30, not 30 minutes, up to 30 minutes, maybe 5 to 10 minutes on average.
If you've never run it and I'm able to use your system before, it can take as little
as 2 or 3 minutes on a solid state drive or whatever.
Anyways, that's enough of my cool cleaner script bleach bit quick kill.
Bloodhound Portable is a script that I created to automatically run Bloodhound and collect
all the stuff for kind of blue team or Pintesty stuff.
I do have a static zip file with all the binaries in here, but I released this bad script
just to make everything less complicated because Neo4j is overly complicated to install
and or get running with this whole setup and it's really only one line of code to get it to run.
Having the right job of version and having the right one liner and including all these,
whatever, it's just silly.
The whole process that Bloodhound tells you to do is just like all this for no reason.
Anyways, it will run all this stuff and do all this cool stuff for you and it's just an example
of how to run Portable Bloodhound, which takes way too long to set up.
Blue team Portable uses Runs Lowkey and kind of an IOC and some other stuff.
That one kind of got depreciated anyways.
Runs Lowkey and it also runs something else.
I think that's pretty much it actually.
Shockley Sigmund, this is what that's a script that I run on new Windows machines.
It will first off kind of deep-loop.
It will run all the deep-loop scripts that I've been able to find for Windows,
never having issues.
It will install Shockley D and it will install a bunch of different or a few different things.
No pad plus plus, I have a view and you can customize this but everyone obviously.
And then it will download Sigmund Portable, which I use a lot too on different systems.
Shockley, PsychoVPN tunnels.
I've got my stuff coming.
I'm going to try to go through this in a few more.
But it does test tunnel.
So if you've ever had to, this is for VPN stuff and Cisco VPN and this can work for any VPN client.
In Windows, you can actually change your gateway if you have the rights to do so.
Now, strangely enough, normal users do not have network operators group for some security reasons,
which makes sense.
If you're a user and you can change the direction your packets go, that's kind of a security issue.
By the internet is now, you basically do have network operators, but not at the level that you
would want to.
Anyways, this script will back up your current gateway and set it to whatever you want your new
gateway to be.
And then when you toggle it off, it will flip back to the old gateway and there's some stuff in
there like cleaning cash and whatever.
This is basically if you're on site somewhere and they have a, you want to kind of essentially
split tunnel with a VPN, you can do that without actually having that capability.
So all of these VPN clients will tunnel all your traffic over the VPN with this particular setup.
If they allow you to basically send packets that way, then it will work.
You can, however, run this script and it won't actually do anything because the way the VPN
is set up is that it for whatever reason somehow is able to block that traffic.
So I've had, I've run it sometimes before and it doesn't actually, my current,
I think my current VPN setup, it doesn't let me actually do that.
Even though you can change the default gateway and change the default route,
it doesn't actually work for some reasons unknown.
It may be just like a metric, a metric meaning which system or which interface to use in what order.
Anyways, that doesn't seem to work all the time, but it still might be useful.
dump windows info back, that's really cool.
It will pull the x info, the xdiag info, battery info, and ms info and pull it all on one two
different files and give you some information about your system.
Jetsy client, installs Jetsy client, automatically runs it.
Process mitigation, I think I pulled this from somewhere.
This is a bunch of stuff for security, whatever, that's not super interesting.
Star pound, I've already talked about that.
This is, yeah, we'll run star pound.
So you Windows hardening Diplo is my way, my combination of three different scripts,
three or four different scripts that do Diplo and security stuff hardening.
That's a PowerShell script, so that should actually be in PowerShell scripts.
Windows packet capture is a kind of a cracker jack way to create a TCP dump,
downloading a very small, very small binary that's called the ETL to pcap bingy,
which will kind of make a uses Windows 10 or Windows default packet capture,
and then converts that to a pcap font that you can open in something like Wireshark.
Another really cool one is YouTube BL, FFNPEG, RSC2,
updated or downloaded, I bet.
It's not using YouTube BL anymore because it just recently got deferred or whatever.
So now it's ytd-something, anyways, yt-dlp instead of YouTube BL.
So it's more of that, that's a pretty cool script.
You give it a list of files or of media you want to download,
and not only will it multiply through downloading it,
it will multiply through it, download it, and download everything on the list of ones.
So YouTube BL or YouTube dash, sorry, yt-dlp will download a list,
but it won't download a list all at once.
It will only download one file, one media think type at a time.
You can tell it's a multi-thread, which means it's called swarm downloading
or multi-thread downing.
If you've ever done a torrent, that's essentially what you're doing
is you're swarm downloading something multithreaded.
So with this, you can give it a list of, say, 15 different websites
with 15 different media files on them each,
and it will download all of those essentially at once.
Not necessarily at once, it has a timer of 30 seconds
to actually wait for that file to start to download,
and then it kind of checks, and you can skip the timer or whatever.
But anyways, if you want to download lots of content extremely fast from YouTube
or wherever you can use that, it's a great script, he's a lot.
What I would say, there's also a script that's called,
or there's a plugin that's called, both media downloader and turbo download manager.
Those are actually pretty cool too.
Turbo download manager and both media downloader will kind of like a packet sniffer
for your prone browser.
And it will get you those media URLs.
You can copy and paste them into, at mass, into your downloader.
So pretty cool, there's some other things you can do
to bypass authentication based media, you can run it through a proxy,
through something like Burp Suite, and Burp Suite will keep all your cookie sessions and stuff,
and you can just feed that and say, okay, I want you to use Burp Suite.
I want you to use YouTube downloader, but I want you to proxy it through Burp Suite,
so Burp Suite can handle all the authentication for me.
So you grab your authentication cookies from Burp Suite,
and then run YouTube BL through Burp Suite, and you'll have your authentication.
So that's a fun, fun little project that I've been
poking around with a fair amount.
I think that's pretty much it for Windows, fortunately.
Clean manager, it's the same thing.
It just runs Clean Manager, it's a lighter version of,
bleach bit, quick kill again, it's quick kill,
kills a bunch of stuff.
That's it for Windows.
Thank God.
Let's see what else we got.
The batch script went over, so that was Linux stuff,
thread hunting, JavaScript that went over,
went in PowerShell.
I've got some more or less PowerShell notes.
There's not a super interesting folder.
It's not super interesting.
There's some tracking stuff I can, you can disable
with PowerShell scripts, wake on LAN,
all written in PowerShell.
That's actually kind of cool.
That allows you to turn on a computer when it's off.
Basically how TVs don't turn off now.
Computers don't really turn off either.
And then the notes is just a bunch of random notes
with my awful PowerShell.
The other one in scripts following
is just kind of closing out the scripts folder.
The rest should be down here.
Food.Text is from my actual website
and I ported it over to GitHub
so that it can be more accessible
and I can update it and put better notes in there, whatever.
So that's it for the scripts folder.
The other things in here are
cross-stake real-time response PowerShell scripts.
Actually some of these are just generic PowerShell scripts
that you can use anywhere.
Some of them are specific to different things.
Like clean all users.
There's a crowd-strike PS Falcon thing
that will run and do stuff offline.
There's a recon script
which is actually kind of useful.
There's a forced delete
which will take ownership of files
running a system
and will take ownership of them
so you can actually delete them.
There's some WebNab stuff.
There's the pcapting.
So that one's kind of cool
if you're like doing IRR incident response stuff.
These are some of these PowerShell scripts are for useful.
That's it for that folder.
You got a Python folder,
cross-strike hide, which hides systems
that haven't duplicates
and that don't kind of exist
or haven't been phoning in right.
Gone Fishing was a work in progress.
We're going to talk about that one.
I'm in the Python folder.
Minecast URL protection.
That's kind of cool.
If you're a minecast person,
if you're a minecast user at your company,
this will allow you to scan any URL
using minecast protection API.
Did I kind of handicap route?
Sweet Brown is also another project
that kind of the work in progress
that was supposed to dump a daily,
kind of a daily digest of all the chat.
Different chat clients and Twitter's and mumbles
and all that stuff into one single HTML document
and you can review every day.
That's it for Python, Xplain folders.
Got a bunch of Xplain stuff in there
that I started to go down,
a tangent with,
haven't messed with it in four months.
So there's some ideas in here
that are really cool.
If anybody wants to reach out to me
for Xplain Automations,
scripting, plugins,
let me know.
I tried to get into the vatsn scene
and I wasn't able to pass any of the tests
and I just don't have enough time for it.
And it seemed fun to do at the time,
but then anything I get obsessed
was something for about two weeks
and then I move on.
So this is a really cool links in here
about different plugins for Xplain,
which is a flight simulator.
It's been around for ages
and they had a vatsn,
which is a virtual simulator
for air traffic control.
So they're all serious about everything.
And it's fun stuff to be involved in
for however little I was.
A SIGWIN portable installer,
which is what get referenced
in the SIGWIN chocolatey script that I use,
which will automatically download SIGWIN
and install all the fun stuff,
bash func in a bunch of other cool things.
Digger was a script I originally wrote
for if you have people
that are Karma Black response,
they're Cloud APIs,
wildfire, if you've done any wildfire API key stuff.
And Karma Black response stuff,
that's under the Digger folder.
Portable blue team that kind of fell apart
because I realized that nobody uses Yara
or not Yara, nobody uses,
what's the name of this app?
It's like a recall, R-E-K-A-L.
Not a whole lot of people use it
and it's kind of getting depreciated.
So there's things like,
and I could do a podcast on this,
which is not super interesting.
There's a work in progress for a kind of
an open source Yara kind of tool.
It's called blue,
blue something, blue snarf, blue purple,
blue smurf or whatever.
That's kind of interesting.
Lane DNMAP has basically distributed DNMAP
where you can, you know,
set it as a key up on a bunch of servers
and perform scans and kind of a batch capacity
so you can scan a bunch of systems
all at once with DNMAP.
I think that's pretty much it.
Thank God for GitHub.
And I wanna say the only other really updates I have,
and this is a year's worth of stuff.
So bear with me.
It's pretty much it.
Bert Portable got updated.
That's on my actual website.
I don't put that on GitHub
because I don't necessarily,
it's not necessarily legit
per se proxy stuff.
Not really much anything useful here.
That's pretty much it.
Anyways, that's a dump of all my interesting stuff.
It looks like my movies file doesn't actually work right now.
Their API goes up and down.
So I'm gonna say,
I have accomplished this Flickch metrics task
and I'm going to let you all go and stop rambling.
I'll have a link to my GitHub.
It's pretty standard.
Just I know the script's folder should be everything
and you should be good.
You've been listening to Hecker Public Radio
at HeckerPublicRadio.org.
Today's show was contributed by an HBR listener like yourself.
If you ever thought of recording a podcast,
then click on our contribute link
to find out how easy it really is.
Hosting for HBR is kindly provided by an honesthost.com.
The internet archive and our sync.net.
Unless otherwise stated,
today's show is released under Creative Commons,
Attribution, ShareLike3.0 license.
Reference in New Issue Copy Permalink