Blog: Blog

Linux Commands

2021-11-15 by TTTThis

In Terminal:

REGULAR COMMANDS

  • paste: ctrl-shift-v
  • check disk space: df -h
  • check What is computer (64 or 32): uname -a
  • check What distro is on computer: lsb_release -a
  • view image metadata (with imagemagick):
  • sudo -i to become root (also sudo su?)
  • ls - list
  • cd D and double-tab and it will show you options starting with D
  • echo “Hi!” > text.txt
  • cp text.txt Downloads - move this file to Downloads
  • rm Downloads/test.txt - remove that file
  • mv test.txt Downloads/ - physically move it
  • cd .. cd .. locate bash but it doesn't find anything, so
  • updatedb then try again
  • passwd - to change a password
  • man ls AND ls --help give some info about the command. man is manual.
  • pwd - present working directory
  • cd / - to go to root
  • Execute several commands https://stackoverflow.com/questions/13077241/execute-combine-multiple-linux-commands-in-one-line:
  • && to execute ONLY if previous command succeeded
  • ; to execute even if previous doesn't succeed
  • You can also write a shell script
  • See list of Timezones with timedatectl list-timezones
  • Upgrade a single package/program only with apt-get install --only-upgrade

usr does not mean user, it means universal system repository (or something).

INTERESTING COMMANDS

  • killall programName ... kills that process (which you might have seen using lots of resources in Terminal)
  • identify -verbose filename.png

GET INFORMATION ABOUT COMPUTER, COMMANDS

  • Find out which desktop environment (DE, for example MATE) you are using: echo $XDG_CURRENT_DESKTOP
  • top: shows RAM usage
  • lsmem: shows how much RAM you have
  • lscpu shows computer specs
  • cat /proc/cpuinfo shows even more specs
  • free -m shows free available RAM details
  • cat /proc/meminfo also
  • sblk shows available disk space
  • df -h
  • sudo dmidecode -t system
  • sudo dmidecode -t bios
  • sudo dmidecode -t processor ... these show BIOS info
  • sudo dmidecode -q will show ALL system info, but a lot
  • more commands for seeing linux sysem info: https://www.how2shout.com/linux/linux-system-info-commands-using-terminal/
  • echo $XDG_SESSION_TYPE .... Check if you're using Wayland or X11.

USEFUL COMMANDS

  • How to install .sh scripts
  • sh install.sh
  • might have to:
  • chmod +x /path/to/yourscript.sh
  • list connected devices and sd cards with: lsusb or lsblk
  • Rotate screen: xrandr -o left
  • Return to normal screen rotation with: xrandr -o normal
  • Check if you have an app, and which version it is with: applicationname -v, for example pdftoppm -v

** DISABLE TOUCH SCREEN **

  • install xinput
  • type ‘xinput’
  • you'll see a list. Find the one that is your screen/finger/digitizer and do
  • xinput disable 9 (as long as the id is 9)

YouTube-dl (outdated)

* download mp3 (using youtube-dl):

youtube-dl -x --audio-format mp3 http:address

* download playlist as mp3s:

youtube-dl --ignore-errors --format bestaudio --extract-audio --audio-format mp3 --audio-quality 160K --output "%(title)s.%(ext)s" --yes-playlist https:address ```

LINUX FOR ETHICAL HACKERS (YouTube course)

chmod +rwx

or just

chmod +x

or

chmod 777 hello.txt

adduser john

cat /etc/passwd

(you will see john at bottom)

cat /etc/shadow

(you can only see hashing format - a tool like hashcat can break that down and crack passwords)

...

(su is switch user)

su john

passwd root (to change root's password, but this does not work. Neither does)

sudo passwd root

(because john is not in the sudoers file)

...

userdel john

(deletes john)

networking terms - brush up for pentesting. You'll have to navigate around networks.

ifconfig (shows different interface types and IP address associated with them)

iwconfig (only usually see if using a laptop)

ping (icmp traffic)

arp -a (show you IP address it talks to and mac address tied to it)

netstat -ano (you can see what's talking) (what that machine is associated with and if it's talking on a port)

route (print your routing table) (tells you where your traffic exits, essentially)

102:00

bulk renaming with Thunar.

Use ‘Numbering’ and do ‘Text - Number’ and add your text there too.

Make a txt file: https://www.youtube.com/watch?v=T20jXu7rDCA

Nano way:

  • cd to whatvr dir
  • touch filename.txt
  • (now, ls -l will show you have that file but no size)
  • (can see contents of file with ‘cat filename.txt’)
  • (nano by itself opens the text editor n you can tipe)
  • (ctrl-shft-V does paste)

  • Ctrl-O saves the file

  • cd to directory

  • ls to check it
  • cat > filename.txt [enter]
  • type text and then [CTRL-D to save]
  • ls to check it's there
  • cat filename.txt to read it

OR

  • touch filename.txt [enter]
  • ls to see it

WAV to MP3

  • batch convert all the files in a folder from wav to mp3 using ffmpeg
  • for i in Silver0709.wav; do ffmpeg -i "$i" "${i%.*}.mp3"; done

Get Mono sound out of speakers

  • pacmd list-sinks | grep name:
  • then
  • pacmd load-module module-remap-sink sink_name=mono master=NAME_OF_AUDIO_SINK_GIVEN_BY_PREVIOUS_COMMAND_BUT_WITHOUT_ARROW_BRACKETS channels=2 channel_map=mono,mono
  • Then if you click on your sound icon, you should have an option for ‘Remapped Built-in etc’

Convert a bunch of images into a video using ffmpeg, MP4

  • ffmpeg -loop 1 -i easywords1.jpg -i easywords1.wav -vf "crop=trunc(iw/2)2:trunc(ih/2)2" -c:v libx264 -tune stillimage -c:a aac -b:a 192k -pix_fmt yuv420p -t 1480 out-image.mp4
  • ffmpeg -loop 1 -i easywords2.png -i easywords2.wav -vf "crop=trunc(iw/2)2:trunc(ih/2)2" -c:v libx264 -tune stillimage -c:a aac -b:a 192k -pix_fmt yuv420p -t 1840 easywords2.mp4

Convert MP3 to WAV

  • install mpg321 (not 123 which is a slightly worse program because not on public licence)
  • put the to-be-created wav title first
  • mpg321 -w newFile.wav “old file.mp3"
  • mpg321 -w ZOOM0061.WAV ZOOM0061.mp3

Clean metadata

ffmpeg

  • because it does a better job of combining audio with a single image than Kdenlive (which makes big files) (it has no GUI though, so use HandBrake) (I didn't find it to be very much better on initial tests)
  • Handbrake
  • add-apt-repository sudo apt-get update
  • sudo apt-get install handbrakeppa:stebbins/handbrake-git-snapshots

Chmod execute scripts

  • change mod it with (you have to be in the directory) (otherwise it will look for a system path):
  • chmod +x myscript.sh
  • to execute it then, do
  • ./myscript.sh

PDF TO TEXT

qpdf orig.pdf --pages . 420-511 -- just-the-chapters.pdf && convert -density 288 just-the-chapters.pdf output-%02d.jpg && convert output.jpg -level 25% final-%02d.jpg && convert final.jpg vr.pdf && ocrmypdf -l spa vr.pdf bookonech11-12.pdf && pdftotext -layout bookonech11-12.pdf bookonech11-12.txt && rm output* && rm final* && rm vr.pdf && rm just-the-chapters.pdf

Batch crop images (imagemagick)

mogrify*.png -crop 1x1-100-100@ *.jpg

https://deparkes.co.uk/2015/04/30/batch-crop-images-with-imagemagick/

Do

  • mogrify -crop 300x300+150+150 -path ./cropped *.png
  • An example line which is just to illustrate:
  • convert -crop x_sizexy_size+x_offset+y_offset inputfile outputfile

convert *.png -crop 350x300+150+200 *.jpg

*Modify metadata for 'date modified' (on Linux it seems that there's no ability to modify creation date, even with filesystems that allow it ie exfat etc)**

  • go to folder and put all the files you want to modify, and open a Terminal there
  • touch *
TTTThis

deGoogled phone (Graphene, Lineage OS, AOSP)

2021-08-31 by TTTThis

DO NOT ALLOW UPDATES. These can make the internet stop working (and other problems are possible) as has happened. (Or this could just be you selected the wrong type of package, such as Data instead of All Included)

2021: Braxman says older Pixels are now being unsupported by some US carriers (Pixel 1 and 2 are spotty for this)

Difference between Graphene and LineageOS, according to people online:

(Too many to list, but shorthand overview)

Graphene focussed on real security work, so for people who care about security, but is mostly just for Google Pixel phones of a few editions. Harder to mess up the security, for the regular nontechnical user. Supports verified boot. Can relock the bootloader after installing it. 'AOSP with more hardened privacy.' Now has sandboxed GooglePlay services if you want to use Play (still unstable). Community has been said to be a bit toxic (I have no first hand with this).

Lineage designed for powerUsers who want to tweak it and have bells and whistles, and is available for lots of phones. Targets support. Is effectively the same as flashing AOSP on an out-of-support ROM but less breakage. 'AOSP without Google.'

Calyx, a third OS people online recommend sometimes. Is fully deGoogled. 'AOSP with some additional privacy features.' Works only on Pixels (like Graphene).

If you want to use any of these, before you buy a phone make sure it has an unlocked OEM. Go to Phone and make yourself Developer, then go to settings and unlock OEM. If you can't unlock OEM, you can't install any of these.

Check if an app will work on a deGoogled device with https://plexus.techlore.tech/ On left is Graphene and on right is Calyx and Lineage. It is color coded for if it works.

CONSIDERATIONS:

These limit Google's ability to spy, and that ability for the companies who own any apps you might want to install. These still leave hardware vulnerabilities. You're still vulnerable to tracking by the carrier and government creeping. But you can remove or turn off physically the SIM modem.

Some have noted that tracking is so offensive to people because it's become so precise (6 feet). But if tracking is made less precise it offends people less, while allowing them to use geolocation for convenience (maps, finding locations near them). So if they can be located within a block or two, for example, it's less offensive than 6 feet.

Advantages of using a deGoogled phone over a LinuxPhone: Can use newer, faster phones. Can use all apps (compromising to various levels on your security/privacy).

The reason using a deGoogled phone is better even if you want some apps. Using the PlayStore means the apps use Google's code (connects to Google, even to get notifications for the apps I've heard, but also databases I've heard). A deGoogled phone, even if it connects to Google to use PlayStore, doesn't usually have an id (has a spoofed id), ie the owner doesn't sign in (it does get a device fingerprint and will know what apps the phone has installed from Play, but it won't have access to users financial records), and wifi scanning is disabled, limiting a main tracking means. Some deGoogled phone users uninstall PlayStore after then install their apps.

DeGoogled phones use apps from Fdroid, which are opensource. But for many commonly uses apps which are considered spyware but are used by everyone, people compromise and install them to varying degrees. They use Aurora Store to use apps from the Play store but logs in with a spoofed ID. Or users can download apps from other stores online and install them.

When not using GooglePlay services (which handle notifications for apps on the phones most people are familiar with), deGoogled phones use MicroG (a Google service emulator, simulates Google so apps think they're talking to Google, and it communicates with Google to get notifications but Google doesn't actually see the phone because MicroG is in the middle handling the interaction).

Paid apps don't work on deGoogled phones people say, because you need the PlayStore for that.

People say in the future security people will possibly just switch from phones to computers.

APPS LIST:

  • CNBC
  • Spanish Verbs
  • Bank App
  • Authenticator
  • Music
  • Wire
  • Signal
  • Notepad Free
  • Facebook
  • Messenger
  • Currency Plus
  • Easy Voice Recorder
  • Firefox, Falcon, Chromium

APP LIST 2 (F-Droid which you get from their website, internet apks)

  • ImagePipe
  • Track & Graph
  • MoneyWallet
  • Voice Recorder
  • Markor (text)
  • Jitsi Meet (video meetings)
  • Wire, Briar
  • NewPipe (view YouTube)
  • Currencies
  • Aurora Store
  • CalyxVPN
  • Shelter (blocks app permissions for whatever apps)
  • Termux (terminal)

GRAPHENE

  • SDK Platform tools
  • open that
  • identify device
  • unlock flashing
  • get factory images (from graphene releases pages)
  • copy stuff into platform tools
  • click 'flash-all'

Steps:

sdk tools didn't work, so I went to https://developer.android.com/studio/releases/platform-tools and downloaded the file

sudo thunar to move the file into the usr/local/bin

plug in, boot into fastboot (with down button and power)

sudo fastboot flashing unlocked, and then selected unlock on my phone

download os from https://grapheneos.org/releases#blueline-stable

extract and open terminal in that folder

sudo ./flash-all.sh

check connecting cable

dont touch, it will reboot some times and stuff

TTTThis

If I could pick one thing for people this year, it'd be for them to learn how to make up with friends

2021-01-01 by TTTThis

It's New Years Day 2021.

If I could teach people one thing this year it'd be how to make up with friends or relations after they have a falling out or a bump in the road.

How to do it is so simple. You have to summon a bit of courage and go up to them and say you're sorry and that the thing you did was stupid or wrong or a mistake, show them you don't want harm to come to them, and sometimes do something nice for them to make up for the harmful thing you did, like give them a gift you know they'd value or make a scene to show them you care about them. This way of doing things is shown in every kids drama TV show, yet no one seems to do it.

But what happens in life is that the person who did the harmful or stupid thing feels bad and doesn't want to face their friend or relation afterwards. Part of this might be the feel bad for the harm the other person felt, part might be they don't want to face a conversation where they have to admit they did harm to a friend, and part might be they don't want to think about themselves in the light that facts would force them to, that all the posts they repost on Facebook every day about how they can't trust anyone or friends are all selfish and that's why everything's impossible describes them, too. It does at least if you don't make amends after you make a mistake.

Over the years I've lost endless friends this way. What usually happens follows a basic pattern. We become friends, we go along and really get along, we treat each other with generosity, usually I'm more generous and look out for their interests more, which is my own problem I need to work on since the results of treating anyone well or considerately seem to indicate that's almost certainly a negative strategy, we become better and better friends and have good times and get closer and closer with the things we talk about and be open about, and then they do something selfish or petty that they feel bad about and then avoid me from then on. I guess because they don't want to face themselves or me. It does take a bit of mustering up a bit of courage to make amends and tell the other person you're sorry and regret something, but there's no way to carry on forward without doing that. Over the years I've lost friends continuously in this way so it's become an obvious pattern. I expect it and see it developing. Usually the day they say, 'You're a real friend,' or something along those lines is the day before it happens, and when I hear start to say something like this I try to cut them off and when I hear it I hear 'This friendship is going to end soon.'

It's tiring and saddening losing friends almost every time you meet them because they just do something wrong and then avoid you. And I see them breaking off their friendships with eachother continuously too. I see one of a pair of inseparable best friends and ask what happened and they had a fight, or the other person did something shitty or stole something, some small and petty thing usually or sometimes something bigger. But the next friend they make has the same thing coming to them because without a way to resolve problems, and since we're going to continuously make mistakes even with important people until we die, it's just going to be a series of starts that have a failed end built into them.

TTTThis

How many enemies can China and YouTube make?

2019-10-08 by TTTThis

This is a question about threshold, I think. Let's take China, first. China has always made people extremely unhappy, alienating some, outraging others. Throughout the 90s, Hollywood stars and pop musicians were banned from China for being in movies or making songs or statements the Chinese State didn't like. At that time, most of these had to do with Tibet. Brad Pitt was banned for Seven Years in Tibet. Others: Richard Gere, Harrison Ford, Sharon Stone, Martin Scorsese, Bjork, Oasis, Bob Dylan. China also banned most social networks. But this happened one at a time, and to a relatively small amount of people. At this point, China's enemies (in this limited sense of the word) is a small group, not posing a real problem for China.

China currently has a strong control over it's citizens and significant control over foreign businesses and governments, but so far there hasn't been much opposition. At some point, a threshold would have to be met where China had so many enemies this group would form a conglomerate and cause real problems for China.

This week, China banned South Park and the the NBA's preseason games following statements by the TV show and a few Rockets players in favor of the rights of Hong Kongers (Hong Kong 2019 click here: http://tttthis.com/edit/blog/hong-kong-2019 ). South Park and the NBA are entities with huge, established viewer demand in China, who are going to miss them when they're gone, and who are going to try to find out what South Park and the NBA have to say back to China. China's huge market caused the NBA to initially make some movements toward appeasement, but by the end of the day (in which the story went huge and the NBA faced a ton of criticism for bowing down to China and disregarding human rights) the NBA commissioner came out and made a statement in support of free speech which didn't attempt to appease China further.

There must be some point at which China will find itself not controlling the situation through it's familiar economic coercion, but will be out-forced by it's enemies.

Another case of threshold of enemies might be YouTube. YouTube has over the past year come out against free speech in favor of censorship (as have most social media giants), but it has also recently been demonetizing popular YouTubers, removing content, and outraging a lot of people. I think this number is still small and won't cause YouTube a huge problem. It also helps YouTube that they've done this slowly, so that a great number of new enemies aren't made at one time; Instead, they outrage one person here, another there, a few there. Many of these upset creators want to leave YouTube, and a small but significant userbase voice is making protests in YouTube comments (and other discussions), but still YouTube has massive support and popularity, as well as being a monopoly so creators can't migrate comfortably to a competing platform and impel both platoforms to respect them.

An interesting thing to note here is that in the case of China the main cause of their current problems is one specific object (in this case, an event) people just can't ignore. Hong Kong and the demands of people there, who have shown their sincerity with mass, continued efforts respected by people around the world, as well as huge news coverage (huge is important because any less than huge and a story will not make it into the consciousness of most of any population). Everyone believes Hong Kongers are right, that China is the oppressor in this situation, and, unlike Tibet, they're being shown this every day on all of the news stations.

Whereas with Tibet, which most people would never be conscious of because Tibetans, although just as sincere as Hong Kongers or more so, had no power to make their plight known to a large enough audience, news stations didn't cover it and Western governments and news bowed to China and just let it happen, and so Western public figures were not impelled to make public statements about it, the case with Hong Kong basically forces public figures to comment. They can't publicly support China or oppose human rights without losing probably all of their credibility, so they speak honestly in support of Hong Kong. Even those celebrities who don't have political personalities, who would never make a first comment, are impelled to comments when other public figures do so.

This raises the question of willingness to oppose wrongs at a cost. For example, while Canada has traditionally bowed to China and done things not in the interest of people or human rights, it has never been forced publicly to chose. However, any public event large enough to cause Canadian politicians and public figures to make a public statement will create a situation in which they must publicly chose. It would be essentially impossible for them to publicly chose otherwise than against China's human rights abuses, as much as they might privately prefer it or fear they would be the only one to support human rights and would therefore waste their opportunities as a failed martyr.

On an international level, hypothetically, if Canada took the initiative to make a public stand, in spite of the economic consequences of losing one of the most important world markets, other countries would be forced to come out for or against Canada. Would the U.S. side with China against Canada? Would it be even possible for politicians in the U.S. to do so when questions were asked about their reasoning? It was not possible for the NBA to side with China, which some might guess it would have preferred to do if it would not have meant outraging NBA fans (and Americans generally).

I put this as a question here because I don't know. Also, if anyone has a scientific paper that explores thresholds for this sort of dynamic, please link to them in the comments.

A futher point of interest is the formation of alternatives. For the past decades, China has increasingly tightened it's grip on it's citizens, committing uncountable abuses against them with impunity, removing the tools of the people (press, democratic representation, free trials, communication, assembly) while outraging human rights. The amount of Chinese willing to stand up against this is understandably small given their likely failed-martry outcome. The amount of Chinese using VPNs is bigger but still not overwhelming, because normal Chinese can still get enough content and communication. As more content falls outside of the ambit of compliant Chinese, it stands to reason the balance will move further away from the State there. As tools like VPNs, which are not universally known or valued, and whose costs don't have the full benefit of scale pricing or use comfort, would probably become more used alternatives. There would be a sort of slow exodus, sloughing off the previous system, not really opposing the State blatantly, but making their control efforts untenable through scale and complication. This model could also be applied to YouTube (or other social media channels whose policy and behaviour changes alienate users).

I put this as a question, too, because I don't know. Is this something that can be treated by statisticians, and what kind of formula would describe this phenomena?

TTTThis

Ballads

2019-09-17 by TTTThis

River of Deceit, by Mad Season, 1994

My pain is self-chosen
At least, so the prophet says
I could either burn
Or cut off my pride and buy some time
A head full of lies is the weight, tied to my waist

The river of deceit pulls down, oh oh
The only direction we flow is down
Down, oh down
Down, oh down
Down, oh down
Down, oh down

My pain is self-chosen
At least I believe it to be
I could either drown
Or pull off my skin and swim to shore
Now I can grow a beautiful shell for all to see

The music for "River of Deceit" came out of rehearsals that the group had before vocalist Layne Staley joined the band. Much of "River of Deceit", lyrically, was inspired by The Prophet by Khalil Gibran, which Staley read during the making of the album. Drummer Barrett Martin said, "Layne Staley felt as though he was on a spiritual mission through his music. Not a rock mission, a spiritual mission." Staley also wrote the song partially about his drug addiction which would eventually lead to his death in 2002.

Chloe Dancer/Crown of Thorns, from Mother Love Bone's 1989 "Shine"

Chloe don't know better
Chloe just like me, only beautiful
A couple of years of difference
But those lessons never learned
Chloe danced the tables in the french quarter
She always been given so I can't always make her laugh
But I'm proud to say
And I won't forget
Time spent laying by her side
Time spent laying by her side
And dreams like this must die
And dreams like this must die
And dreams like this must
You ever heard the story of Mr.Faded Glory?
Say he who rides a pony must someday fall
Been talkin' to my alter
Say life is what you make it
And if you make it death well then rest your soul away
Away away yeah child
It's a broken kind of feeling
She'd have to tie me to the ceiling
A bad moon's a comin' better say your prayers, child
I want to tell her that I love you
But does it really matter?
I just can't stand to see you dragging down Again
Again
My baby again, oh, yeah
So I'm singing
And this is my kinda love
It's the kind that moves on
It's unkind and leaves me alone
Yes it does
And this is my kinda love
It's the kind that moves on
It's unkind that leaves me alone
I uses to treat you like a lady
Now you're a substitute teacher
This bottle's not a pretty, not a pretty sight
I owe the man some money so I'm turnin' over honey
You see Mr.Faded Glory is once again doin' time, oh yeah
And this is my kinda love
It's the kind that moves on
It's the kind the leaves me alone
Yes, it does
And this is my kinda love
It's the kind that moves on
It's the kind that, it's the kind that
It leaves me alone, yeah
Like a crown of thorns
It's all who you know, yeah
So don't burn your bridges woman
'Cause someday, yeah
Kick it, oh yeah
And this is my kinda love
It's the kind that moves on
It's the kind that leaves me alone, yeah
This is my kinda love
It's the kind that moves on
It's the kind that, it's the kind that, yeah, yeah
Baby
I said com' on, com' on, com' on com' on yeah
I said baby
Don't burn your bridges, woman
Don't come back here
I said good times, tu tu tu
Tu tu tu
I said tu tu tu

"Chloe Dancer" is about lead singer Andy Wood's muse/fiancee, Xana La Fuente, who had planned to be a stripper to support the pair, but left the club after one hour. "Crown of Thorns" was written about their nasty breakup over his on and-off-again dabbling in heroin and alcohol. "This song is about a relationship ruined by drugs," she explains. "He wrote it about our near breakup, and how I tried to control him and the drugs--hence his allusion to being tied to the ceiling."

Wilma's Rainbow, from Helmet's 1994 "Betty"

You heard about, 'be your own man'
You talk a lot and loud
Illustrate the obvious boy
You're mentally endowed
Watershed year comes
You're flush with fever
The richest junk dealer
Honestly, a book you read once let you
Think in rhyme. the old extreme sits
Pale and molds now for the
Millionth time
Wilma's rainbow of peaceful colors
The richest junk dealer

Björk - Hyperballad

We live on a mountain
Right at the top
There's a beautiful view
From the top of the mountain
Every morning I walk towards the edge
And throw little things off
Like car-parts, bottles and cutlery
Or whatever I find lying around
It's become a habit
A way to start the day

I go through all this
Before you wake up
So I can feel happier
To be safe up here with you

It's real early morning
No-one is awake
I'm back at my cliff
Still throwing things off
I listen to the sounds they make
On their way down
I follow with my eyes 'til they crash
Imagine what my body would sound like
Slamming against those rocks
When it lands
Will my eyes
Be closed or open?
TTTThis