Hacker Public Radio Hacker Public Radio
-
- Technology
-
Hacker Public Radio is an podcast that releases shows every weekday Monday through Friday. Our shows are produced by the community (you) and can be on any topic that are of interest to hackers and hobbyists.
-
HPR4117: JAMBOREE !
https://github.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy
Java Android Magisk Burp Objection Root Emulator Easy
(JAMBOREE)
Get a working portable Python/Git/Java environment on Windows in SECONDS
without having local administrator, regardless of your broken Python or
other environment variables. Our open-source script downloads directly
from proper sources without any binaries. While the code may not be
perfect, it includes many useful PowerShell tricks.
Run Android apps and pentest without the adware and malware of
BlueStacks or NOX.
Features / Request
Core Status
RMS:Runtime Mobile Security ✔️
Brida, Burp to Frida bridge ❌
SaftyNet+ Bypass ❌
Burp Suite Pro / CloudFlare UserAgent Workaround-ish ✔️
ZAP Using Burp ✔️
Google Play ✔️
Java ✔️
Android 11 API 30 ✔️
Magisk ✔️
Burp ✔️
Objection ✔️
Root ✔️
Python ✔️
Frida ✔️
Certs ✔️
AUTOMATIC1111 ✔️
AutoGPT ✔️
Bloodhound ✔️
PyCharm ✔️
OracleLinux WSL ✔️
Ubuntu/Olamma WSL ✔️
Postgres No admin ✔️
SillyTavern ✔️
Volatility 3 ✔️
Arduino IDE / Duck2Spark ✔️
Youtube Downloader Yt-dlp ✔️
How it works:
Temporarily resets your windows $PATH environment variable to fix any
issues with existing python/java installation
Build a working Python environment in seconds using a tiny 16 meg
nuget.org Python binary and portable PortableGit. Our solution doesn't
require a package manager like Anaconda. I would like to make it even
easier to use but I don't want to spend more time developing it if
nobody is going to use it! Please let me know if you like it and open
bugs/suggestions/feature request etc! You can contact me at https://rmccurdy.com !
Installation/Requirements ( For Android AVD Emulator) :
Local admin just to install Android AVD Driver:
HAXM Intel driver ( https://github.com/intel/haxm )
OR
AMD ( https://github.com/google/android-emulator-hypervisor-driver-for-amd-processors
)
Usage:
Put ps1 file in a folder
Rightclick Run with PowerShell
OR
From command prompt
powershell -ExecutionPolicy Bypass -Command
"[scriptblock]::Create((Invoke-WebRequest "https://raw.githubusercontent.com/freeload101/Java-Android-Magisk-Burp-Objection-Root-Emulator-Easy/main/JAMBOREE.ps1").Content).Invoke();"
More infomation on bypass Root Detection and SafeNet https://www.droidwin.com/how-to-hide-root-from-apps-via-magisk-denylist/
( Watch the Video Tutorial below it's a 3-5 min process. You only
have to setup once. After that it's start burp then start AVD )
Burp/Android Emulator (Video Tutorial )
Update Video with 7minsec Podcast!
https://youtu.be/XdXleap0BiM
name
(Video Tutorial)
https://youtu.be/pYv4UwP3BaU
name
USB Rubber Ducky Scripts & Payloads Python 3 Arduino
DigiSpark
http -
HPR4116: Response to 4109: Building community without SEO
I was inspired by Knightwise's
episode
4109 on future-proofing HPR.
I agree with many of your criticisms, but I'm not sure that a marketing
strategy is the best way forward. Many of the most successful and
sustainable businesses and organizations have been built on
word-of-mouth.
For example I heard of Google, Zoom, Gmail, Facebook, Slack, Twitter,
Discord, etc from my IRL friends and coworkers rather than from a
marketing message. And most of the open source communities I'm a part of
(Linux, Python, Firefox, Hugging Face, etc) are successful precisely
because their success is not subject to a BigTech algorithm or
exploitative terms-and-conditions.
Most open source projects are able to build community much by actively
resisting the temptation to create a marketing message or social media
campaign and instead focusing on the authenticity and quality of their
"product" and catering to their contributors' and users niche needs and
sensibilities.
Points of agreement (Rapoport Rule
#2)
I share Knightwise's love and concern for the HPR community
I agree the intro theme song and voiceover could be accelerated and
improved
I whole-heartedly agree the comments interface could be made easier
to use
I agree that the HPR community feels like a monastery or convent.
Perhaps faith in FOSS is a kind of religious belief or value that
supersedes normal human instincts and drives.
I 100% support hackers that evangelize for HPR on their favorite
bigtech social media platforms.
My FOSS podcatcher Antennapod,
automatically skips the intro. I had to rewind in order to hear the
episode number and host username in order to compose my reply.
And I have trouble engaging with the comments interface on the HPR
site.
I wasn't even aware of comments on my previous episodes and once I did
learn of it I found it easier to reply on Mastodon rather than on the
HPR website.
As a community, I think we take it on faith that there is a place in the
world for people like us that just want to share ideas, unmediated by
shadow-banning, rug-pulling corporations and attention-hacking
algorithms. I want to have a conversation with thoughtful people. I
don't want to be engaged or monetized or exploited
A young person that is turned off after 3 seconds of retro-sounding
audio is likely to not enjoy the "sound of
woodwork (2442)" or "overlanding"
audio journals (4037) of semi-retired geeks.
Many of us know that what we do in life cannot be measured in
dollars or like button
clicks, but rather by the quality of our friendships and the
collective ideas that we share.
Zombies on Facebook, Twitter, Discord and Slack must eventually "see
the light" for themselves and come flocking to "the small
web" as they did during Xitter's decline.
HPR has been a significant positive force in my life and I would
hate to sully its openness and authenticity with SEO or other marketing
strategies (I know this is not what you proposed)
I think the enshittified
Discord network is the wrong business to entrust with our community, for
one thing, its app doesn't work on Linux
Marketing and SEO are effective tools for growth-seeking businesses,
but ill-suited for an open source community
Anyone interested in business str -
HPR4115: Tagging music with Beets
References
Beets documentation
Album art in Funkwhale (after recording I noticed it can also look up album art during import, using the musicbrainz ID. Not 100% sure beets adds it, but I might assume so)
Recommended opus bitrates
Pronunciation of the word "archivist"
MusicBrainz
Everything you need to know about Funkwhale -
HPR4114: Introduction to jq - part 2
Overview
In the last
episode we looked at how JSON data is structured and saw how
jq could be used to format and print this type of data.
In this episode we'll visit a few of the options to the
jq command and then start on the filters written in the
jq language.
Options used by jq
In general the jq command is invoked thus:
jq [options...] filter [files...]
It can be given data in files or sent to it via the STDIN (standard
in) channel. We saw data being sent this way in the last episode, having
been downloaded by curl.
There are many options to the command, and these are listed in the
manual page and in the online manual. We will
look at a few of them here:
--help or -h
Output the jq help and exit with zero.
-f filename or
--from-file filename
Read filter from the file rather than from a command line, like awk´s
-f option. You can also use ´#´ to make comments in the file.
--compact-output or -c
By default, jq pretty-prints JSON output. Using this
option will result in more compact output by instead putting each JSON
object on a single line.
--color-output or -C and
--monochrome-output or -M
By default, jq outputs colored JSON if writing to a
terminal. You can force it to produce color even if writing to a pipe or
a file using -C, and disable color with
-M.
--tab
Use a tab for each indentation level instead of two spaces.
--indent n
Use the given number of spaces (no more than 7) for indentation.
Notes
The -C option is useful when printing output to the
less command with the colours that jq normally
generates. Use this:
jq -C '.' file.json | less -R
The -R option to less allows colour escape sequences to
pass through.
Do not do what I did recently. Accidentally leaving the
-C option on the command caused formatted.json
to contain all the escape codes used to colour the output:
$ jq -C '.' file.json > formatted.json
This is why jq normally only generates coloured output
when writing to the terminal.
Filters in jq
As we saw in the last episode JSON can contain arrays and objects.
Arrays are enclosed in square brackets and their elements can be any of
the data types we saw last time. So, arrays of arrays, arrays of
objects, and arrays of both of these are all possible.
Objects contain collections of keyed items where the keys are strings
of various types and the values they are associated with can be any of
the data types.
JSON Examples
Simple arrays:
[1,2,3]
[1,2,3,[4,5,6]]
["Hacker","Public","Radio"]
["Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday"]
Simple object:
{ "name": "Hacker Public Radio", "type": "podcast"}
This more complex object was generated by the Random User Generator
API. -
HPR4113: Today I Learnt, sed hold/pattern space use.
Today I Learnt, sed
hold/pattern space use.
Sgoti talks
about using sed hold/pattern spaces.
Tags: TIL, sed
I
fixed the ${ls} /usr/bin to ${ls} ${bindir}
issue mentioned in the show.
#!/bin/bash
# License: GPL v3
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
#Name: grab-bin.sh
#Purpose: Link your binaries.
#Version: beta 0.07
#Author: SGOTI (Some Guy On The Internet)
#Date: 2023-12-17
#variables:
bindir=/usr/bin/
awk=${bindir}awk
cat=${bindir}cat
chmod=${bindir}chmod
date=${bindir}date
echo=${bindir}echo
find=${bindir}find
ls=${bindir}ls
mktemp=${bindir}mktemp
sed=${bindir}sed
uniq=${bindir}uniq
#start:
${echo} -e "nStep 0: $(${date} +%F), $(${date} +%T)";
# Create the /tmp/ directory to place the files.
function mkt (){
if [ -d /tmp/$(${date} +%F).* ]; then
tmpdir1=$(ls -d /tmp/$(${date} +%F).*)
${echo} -e "The directory already exists.n${tmpdir1}"
else
tmpdir0=$(${mktemp} -d /tmp/$(${date} +%F).XXXXXXXX)
tmpdir1=${tmpdir0}
${find} "${tmpdir1}" -type d -exec ${chmod} -R =700 {} +;
${echo} "Had to create ${tmpdir1}"
fi
}
mkt
${echo} -e "nStep 1: $(${date} +%F), $(${date} +%T)";
# Files created by this script.
tmpdoc0=${tmpdir1}/$(${date} +%Y%m%d)variables.txt
tmpdoc1=${tmpdir1}/$(${date} +%Y%m%d)bash.vim
tmpdoc2=${tmpdir1}/$(${date} +%Y%m%d)sed-script.sed
# Here-document to build the first document (variables.txt).
${cat} > ${tmpdoc0} > ${tmpdoc0}
${sed} -i '/[/d' ${tmpdoc0}
${echo} -e "nStep 2: $(${date} +%F), $(${date} +%T)";
# Bash.vim here-document.
${cat} > ${tmpdoc1} [yY])
${echo} 'User said, "Yes"';
;;
[nN])
${echo} 'User said, "No"';
;;
[qQ])
${echo} "Let's get outta here.";
exit
;;
*)
${echo} "Good Heavens! Someone broke the script I'm writing.";
exit
;;
esac
iabbr here; ${cat} _EOD_2k0
iabbr func function NAME () {}
iabbr if; if []; thenIelse${echo} "Good Heavens!"Ifi4k0A
iabbr ali; alias NAME=''B
iabbr ; ()
EOL1
# bash.vim body.
${ls} -1 ${bindir}
| ${sed} -n ' {
h
s/[^0-9a-zA-Z]//g
G
s/n/ /
s/(.*) (.*)/iabbr 1 ${2}/p
}
' >> ${tmpdoc1}
# Bash.vim here-document second pass.
${cat} >> ${tmpdoc1}
EOL1-5
# bash.vim body second pass.
${ls} -1 ${bindir}
| ${sed} -n ' {
h
s/[^0-9a-zA-Z]//g
G
s/n/ /
s/(.*) (.*)/1=${bindir}2/p
}
' >> ${ -
HPR4112: JSON and VENDORS and AUTH ohh my!
Some stuff I use to help make APIs
https://github.com/freeload101/Python/blob/master/Python_Includes_RMcCurdy.py
JAMBOREE.rmccurdy.com for burp suite. Have I done a podcast on
JAMBOREE? I must have... If not I will
Customer Reviews
Love this idea
Keep it up
This is real Open Source
With a different host every day, you get people's once every few month bit of tech awesomeness every day, not oh no we have to do a show, let's throw something together. Great job on this show community. Way to go open source podcasting.
Mixed bag, at best
Some of it is moderately interesting from time to time. But after just listening to a guy (probably drunkenly,) ramble about installing an SSD and 16 gigs of RAM into a decade old MacBook for 18 minutes straight, I can't recommend. (Real hacker stuff, that...) There's plenty of better podcasts that are more consistent and technology-focused out there.