/os/ - Online Security

News, techniques and methods for computer network security.

Posting mode: Reply

Drawing x size canvas

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

Manage Board | Moderate Thread

Return | Catalog | Bottom

Welcome to Online Security the place for internet and computer security, privacy and anonymity.
If you have some helpful tips please feel free to share your ideas. Start a new thread, or contribute to an existing thread.

Expand All Images

Endware Endwall 05/03/2016 (Tue) 08:54:28 [Preview] No. 32
Endware is a suite of programs geared towards internet privacy, security, and anonymity.

Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.

Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.

Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for <1000 ip subnets, very tedious and slow to run for more than that. Blocks the IPs by adding them as individual rules to the iptables ruleset. Works but not recommended for heavy duty on a server. May be useful for workstation use to block ip ranges if you are not opening up ports and services to public clients.

Endtools: endtools are a collection of scripts including alogz.sh, mlogz.sh, spamlogz.sh and iplookup.py. These scripts will help to service an enduser of endwall in adminstering endsets/endlists.

iplookup.py is a geoiplookup script written in python and requires python and pygeoip. It has simmilar functionality to maxmind's geoiplookup program and uses the maxmind *.dat files.

spamlogz.sh is a script that searches through log files to find flagged log entries flagged in endwall.sh, endsets.sh and endlists.sh.

alogz.sh is a daily log reading script designed to read the output of an apache http server's log output.

mlogz.sh is a daily log reading script designed to read the output of a postfix smtp server's log output.

Endtube: endtube.sh is an anonymizing download manager for youtube videos. This program can use https proxies, tor, and youtube-dl to download videos from youtube or other video vendor sites by selecting a random user-agent and a random proxy, and by using random delay timing between downloads to create bursts rather than streams.

Endloads: endloads.sh is a command line interface (cli) download manager forked from endtube.sh that uses random download timing, random user-agents, wget and torsocks.

These programs may be found at gitweb:


Clearnet links to http://paste.debian.net
will be provided for ease of access to new users to linux, and for access to Endware by non tor users, on an incremental basis.

More programs will be added to the Endware program suite as their creation and customization become obvious, evident, and necessary.

All programs in the Endware suite were inspired by EndChan and were named in honor of http://www.endchan.xyz and we thank OdiliTime for his patronage and for his generous hosting of this project.

Endwall 05/03/2016 (Tue) 09:30:47 [Preview] No. 33 del
Continued from >>/tech/1725

Sticky thread.

Endwall 05/03/2016 (Tue) 09:32:45 [Preview] No. 34 del
Continued from >>>/tech/1725

Endware suite Endwall 05/05/2016 (Thu) 03:15:53 [Preview] No. 36 del
endwall.sh version 1.25
endsets.sh version 1.21
endlists.sh version 1.16
iplookup.py version 1.08
alogz.sh version 1.06
mlogz.sh version 1.06
spamlogz.sh version 1.06
endloads.sh version 0.11
endtube.sh version 0.11

gitweb Endwall 05/14/2016 (Sat) 07:52:34 [Preview] No. 46 del
Procedure for cloning directories from gitweb:

$ cd ~/
$ mkdir git
$ cd git
$ torsocks git clone http://gitweb2zl5eh7tp3.onion/git/endwall/endwall.git

repeat for other gits:


torrc-defaults Endwall 05/31/2016 (Tue) 22:20:29 [Preview] No. 49 del
I have added a torrc-defaults file to endtools.git


$ su
# cd /etc/tor/
# cd /usr/local/etc/tor
# wget http://ix.io/NjZ
# mv NjZ torrc-defaults
# systemctl start tor
# rc-service start tor
# torsocks wget http://ix.io/NjZ
# mv NjZ torrc-defaults
# systemctl restart tor
# rc-service tor restart
# exit
$ endnode

This is just a file to play with and fix. It is similar to what I am running with currently. If you have better ideas about the configuration feel free to mention them.

Also a word to the wise: compile tor from the source tarball on the torproject page.

$ cd ~/
$ mkdir tor
$ cd tor
$ torsocks wget http://torsiteyqk5ajx5o.onion/dist/tor-
$ torsocks wget http://torsiteyqk5ajx5o.onion/dist/tor-
$ torsocks wget http://torsiteyqk5ajx5o.onion/dist/tor-
$ torsocks wget http://torsiteyqk5ajx5o.onion/dist/tor-

The following onion links have been flagged as Phishing sites by http://7cbqhjnlkivmigxf.onion/:

e5qcqoax4chithot.onion (2016-02-27) (Phishing link)
zgfgvob256pffy62.onion (2014-12-29) (Phishing link)
torprowdd64ytmyk.onion (2016-05-22) (Phishing link)
gaobjvqqrlotey4d.onion (2016-07-30) (Phishing link)


$ gpg --verify tor- tor-

import the signing key if this fails, once checked, unpack, cd into directory,

$ tar -xvf tor-
$ mv tor- tor_stable
$ cd tor_stable
$ ./configure
$ make
$ cd ~/
$ mkdir ~/bin
$ cd ~/bin
$ export PATH=$PATH:~/bin
$ ln -s ~/tor/tor_stable/src/or/tor tor_stable
$ cd ~/tor/src/config
$ su
# mkdir /usr/local/etc/
# mkdir /usr/local/etc/tor
# cp torr.sample /usr/local/etc/tor/torrc
# mkdir /usr/local/share/tor
# cp geoip /usr/local/share/tor/geoip
# cp geoip6 /usr/local/share/tor/geoip6
# cd /usr/local/etc/tor/
# torsocks wget http://ix.io/NjZ
# mv NjZ torrc-defaults
# exit
$ tor_stable

repeat for tor_alpha : gpg --verify, unpack, ./configure , make, link to ~/bin/tor_alpha, run

I'll write this up again in the internet security thread.
Edited last time by Endwall on 08/14/2016 (Sun) 20:43:59.

Endwall 05/31/2016 (Tue) 23:28:27 [Preview] No. 50 del
$ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290
$ gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 0x910397D88D29319A

if this gives a problem do this

$ cd ~/.gnupg
$ rm dirmngr.conf
$ rm dirmngr_ldapservers.conf
$ echo " " >> dirmngr.conf
$ echo " " >> dirmngr_ldapservers.conf

and retry

$ cd ~/tor
$ gpg --verify tor- tor-


Updates 1 Endwall 06/01/2016 (Wed) 06:33:56 [Preview] No. 51 del
endwall.sh version 1.28
endlists.sh version 1.19
endsets.sh version 1.23

Updates 2 Endwall 06/01/2016 (Wed) 06:45:46 [Preview] No. 52 del
endnode.sh version 0.12
endnode_g.sh version 0.12
endcurl.sh version 0.11
endget.sh version 0.11
check16 version 0.02
check16g version 0.03
check8.sh version 0.02
check8g.sh version 0.03

Revisions Endwall 06/02/2016 (Thu) 20:37:49 [Preview] No. 53 del
endtube.sh version 0.12
endnode.sh version 0.13
check16.sh version 0.03
check8.sh version 0.03
endtorrc version 0.03

Revisions 2 Endwall 06/02/2016 (Thu) 20:51:31 [Preview] No. 54 del
check8.sh version 0.03

lowercase Z typo above

bug fixes Endwall 06/03/2016 (Fri) 18:23:37 [Preview] No. 55 del
check16.sh version 0.04
check8.sh version 0.04

bug fix Endwall 06/03/2016 (Fri) 18:32:53 [Preview] No. 56 del
check8.sh version 0.04a

bug fix Endwall 06/07/2016 (Tue) 21:39:12 [Preview] No. 57 del
check16.sh version 0.05
check8.sh version 0.05

Anonymous 06/07/2016 (Tue) 21:46:28 [Preview] No. 58 del
Thanks anon I am a big fan of these scripts.

Gitweb Endwall 06/07/2016 (Tue) 22:14:19 [Preview] No. 60 del
http://gitweb2zl5eh7tp3.onion seems to be inaccessible for me for the last 4 days. I wonder what is going on.

Are there any similar alternative anonymous git repos that I can upload to? Post some if you know and I'll check them out. Thanks.

Endwall 06/07/2016 (Tue) 22:57:13 [Preview] No. 61 del
You're welcome. Thanks for the feedback.

spamlogz.sh version 1.07

Endwall 06/07/2016 (Tue) 23:37:58 [Preview] No. 62 del
endtorrc version 0.04

Endwall 06/09/2016 (Thu) 03:32:55 [Preview] No. 63 del
endtorrc version 0.05

Endwall 06/09/2016 (Thu) 08:59:54 [Preview] No. 64 del
endtorrc version 0.06

Anonymous 06/09/2016 (Thu) 10:33:40 [Preview] No. 65 del
Hey OP, does your setup requires the use of a dns resolver like dnsmasq? This is important to me. Also, your torrc file mispells dependencies.

Endwall 06/09/2016 (Thu) 14:29:14 [Preview] No. 66 del
Right now I have the DNSport set to 9053
you could change this line to 53 and point to in your /etc/resolv.conf

I'm just using unbound for my dns resolving for my non tor stuff, and I think it does its own resolving when you use torsocks. What you have in mind should work though. I'm not using dnsmasq so I'm not sure, but it should work...? Try it out and post back here. I'll check it out later. Thanks for the feedback.

Endwall 06/09/2016 (Thu) 14:45:35 [Preview] No. 67 del
$ dnsmasq --port=53 --query-port=9053

Try that see if it works with endtorrc. I'm going to shut off unbound and try it out.

dnsmasq Endwall 06/09/2016 (Thu) 15:37:51 [Preview] No. 68 del
This works. Do the following:

Step 1) edit the config for dnsmasq
$ su
# nano /etc/dnsmasq.conf


^X (Ctrl + X)

STEP 2) Start tor
# systemctl start tor
# exit
$ tor_alpha

STEP 3) Start dnsmasq
$ su
# systemctl start dnsmasq
# exit

STEP 4) Resolve a domain name
$ nslookup www.google.com


Anonymous 06/09/2016 (Thu) 20:38:05 [Preview] No. 69 del
Do you use dnscrypt-proxy or do you think it's unnecessary? I don't know how to configure it with dnsmasq. I also don't know what to do with port 9040 since I'm not using the transparent torification so I commented that out in my endtorrc. Which one of your stuff requires the use of port 9040?

Endwall 06/10/2016 (Fri) 07:10:51 [Preview] No. 73 del
I'm not an expert I'm hacking it as I go.
so take my word with a grain of salt.

I have it installed, but i'm not using it currently. Anything that encrypts your dns traffic will enhance your "privacy". This helps prevent against packet inspection by say your ISP or some 3rd party monitoring it all. However since you're making calls to an external server, this server could still log your requests. Who's to say that this 3rd party doesn't have access to those servers already. Its better than DNS out in the open unencrypted but like everything if you have to do something right you have to do it yourself.

I like the dnsmasq technique to resolve the dns requests through the tor network, but this is kind of useless if you're doing things out in the open and resolving the dns for these things through tor, but you could put this on to make certain that there are no "DNS leaks" while you're using tor. I think that's a neat idea.

However from time to time I have to do stuff right out in the open, (Banking,Ebay, etc) and for that I run a caching DNS server running unbound or bind-9 and I reslove to my internal caching servers for this.

If i'm using torsocks, or links2 through tor the dns goes through tor (9050) anyways, so I don't think i'm gaining anything,other than comfort by using 9053 to resolve all dns while I'm using tor behind links...

I'm not an expert, I've probably said something contradictory or incorrect by now in these last two paragraphs.

>>Transport 9040
Plugable transports. Bridges try to hide your connections by using "unpublished" tor entry and relay nodes. This can be packet inspected to be tor traffic and banned/blocked. To get around this they do some kind of packet shaping to make this traffic look like regular https traffic or some other regular looking traffic.


I'm not using this currently, or any bridges. But I plan on testing it out at some point in time in the future. I put the lines in there for that purpose. Go ahead and comment it out if it is unused.
Right now endtorrc is just my old torrc-defaults file pumped up on steroids. It works for me it might work for you. If you want to add countries or delete them from the lists of Entry,Exit,Excluded nodes feel free to edit to your needs.

If you like it and it works for you spread the word. The more people using endware, the more people that will join our anonymity set, and the better off we all will be. Thanks.

Endwall 06/10/2016 (Fri) 07:39:14 [Preview] No. 74 del
>Transports 9040
I've also seen this used in an iptables nat forwarding setup for transparent proxying, where everything gets pushed through 9040.

check out the lines on it in

$ man tor

They also talk about using it with bridges and plugable transports in the mannual, which is what I want to investigate.

I'm not doing that (Pushing all traffic through tor/ Transparent proxy) and I don't really recommend that for the average new to intermediate linux users, which are who my files are geared towards. If you're 1337 you probably have your own stuff/preferences and don't need to use endware.


I have to get a risup account, and email them and ask for bridges...

Its a work in progress.

Endwall 06/10/2016 (Fri) 08:50:55 [Preview] No. 75 del
endtorrc version 0.07

I just added the plugable transports from the torproject page, tor starts, but these transports don't seem to work...I'll look into fixing this later. Right now its just something to play around with.

Tor Bridges Endwall 06/10/2016 (Fri) 19:50:56 [Preview] No. 76 del

Endwall 06/11/2016 (Sat) 01:19:04 [Preview] No. 77 del
endtorrc version 0.08

Endwall 06/11/2016 (Sat) 20:15:32 [Preview] No. 89 del
endtorrc version 0.09

Endwall 06/11/2016 (Sat) 23:33:30 [Preview] No. 93 del

I just wrote a bunch of non-sense in the above two posts.

Transport 9040 is for transparant proxy, where you push all the traffic through tor using nat and forwarding rules.

Leave it commented out.

This isn't the same thing as plugable transports, its a simillar idea, but I'm not sure that the traffic has to go through 9040 at all. I've been trying to get this to work all afternoon, but its a no go so far. Leave the bridge lines commented out as well unless you want to play around with it. The average user won't get anything out of using bridges, its mainly for people in countries that are under censorship, or internet filtering. Just use the entry nodes and exit nodes and exlude exit and exclude nodes sections, and modify the country lists to your liking.

If anyone knows how to make the bridges work from how i've left it in version 0.09 feel free to post the fix below. Thanks.

I'm on to other things now.

pdfclean Endwall 06/12/2016 (Sun) 08:18:24 [Preview] No. 94 del
Someone posted a pdfcleaning method last week or so. I can't find the original thread but someone mentioned making a script version of it. I have a partially working version based on the method that was presented.

Does the original poster mind if I endware their method? Let me know, thanks.

Endwall 06/12/2016 (Sun) 08:52:54 [Preview] No. 95 del
safedown.sh version 0.02
safemode.sh version 0.02

These pieces are generic, but I'll wait for approval regarding the main part before proceeding.

Anonymous 06/12/2016 (Sun) 09:37:12 [Preview] No. 96 del

Anonymous 06/15/2016 (Wed) 02:30:01 [Preview] No. 101 del
what if one guy just spams I want pdfclean 5 times? We have no IDs enabled and torposters can just post away...

I want pdfclean
I want pdfclean
I want pdfclean
I want pdfclean
I want pdfclean

Anonymous 06/15/2016 (Wed) 02:34:02 [Preview] No. 102 del

Anonymous 06/15/2016 (Wed) 02:35:19 [Preview] No. 103 del

Anonymous 06/15/2016 (Wed) 02:36:16 [Preview] No. 104 del
clean my pdfs, pajeet

Anonymous 06/15/2016 (Wed) 02:37:50 [Preview] No. 105 del

Anonymous 06/15/2016 (Wed) 02:42:51 [Preview] No. 106 del
I don't really want it, I'm not so sure if it would break some PDFs either. PDFs seems like a complicated format and I don't know if there's a cleaner, more minimalistic alternatives to PDFs or a converter to convert said PDFs to said better format.

Anonymous 06/15/2016 (Wed) 03:03:40 [Preview] No. 107 del
proxyloader so it can work for rss feeds to endtube and fix endtube it has never been able to get past dash manifest on youtube videos

if you could have a proxyloader and add lists to it like

you could have new proxies every 30 minutes

also pdfcleaner.

Anonymous 06/15/2016 (Wed) 03:09:09 [Preview] No. 108 del
mmm, that's a good idea m8

Anonymous 06/15/2016 (Wed) 03:10:08 [Preview] No. 109 del
whoops, meant to quote >>107

Endwall 06/15/2016 (Wed) 05:40:19 [Preview] No. 110 del
Good idea. Thanks for the proxies, I'll check this out. Give me some more detail on the endtube problem. I haven't been using proxies for a while but its working for me without them. What is the issue with endtube?

In the public interest I will make pdfs clean again. Just give me a minute.

Endwall 06/15/2016 (Wed) 06:34:28 [Preview] No. 111 del
Ok that's 6 requests. In the public interest:

pdfclean.sh version 0.04

If you can do it better fork it fix it and post it again.

Endwall 06/15/2016 (Wed) 07:35:47 [Preview] No. 112 del
Ok i'm going to work on a proxyloader.sh afterwards I'll get back onto finishing endwall.sh

Thanks for the idea/suggestion.

Anonymous 06/17/2016 (Fri) 02:28:11 [Preview] No. 115 del
Turns out to be a problem on my end. Thanks for considering the proxyloader I listed a bunch of links in the big internet security general thread.

proxyloader Endwall 06/20/2016 (Mon) 04:49:25 [Preview] No. 117 del
proxyloader.sh version 0.03

This could be made better, but it's working right now. Sometimes it doesn't work, keep trying it if it fails. I'll upgrade it later.

Need a proxychecker.sh to check/scrape the proxies to see if they're working.

Anonymous 06/20/2016 (Mon) 15:29:38 [Preview] No. 119 del


Endwall 06/22/2016 (Wed) 22:02:11 [Preview] No. 123 del
proxyload.sh version 0.04

Endwall 06/23/2016 (Thu) 01:26:41 [Preview] No. 124 del
proxyload.sh version 0.05

Anonymous 06/25/2016 (Sat) 15:52:30 [Preview] No. 126 del
is youtube-dl broken or is it just me

Endwall 06/25/2016 (Sat) 21:52:19 [Preview] No. 127 del
try it without endtube, I downloaded stuff last night seems fine.

I find that some of the proxies don't like to interact with youtube and stall at dash manifest as mentioned, throw those proxies out of your list. That might be the problem you're having.

Also I've found that using batch-file stalls on youtube now. Not sure what that's about.

Endtube was working for me last night.

Anonymous 06/26/2016 (Sun) 03:54:03 [Preview] No. 128 del
using proxyloader.sh twice doesn't remove the old proxies in the .txt so delete them once ever 24 hours or so before reusing them

I think it's a problem in my side, I've recently installed a bad json-c package and that install for some reason, always removes the older json-c package from the cache so I can't install the previous version. It could be a malicious package or just fucking shit. youtube-dl keeps bringing up json errors.

Anonymous 06/27/2016 (Mon) 06:49:40 [Preview] No. 129 del
Finally, Youtube-DL gets an update in my distro. disregard this.

Endwall 06/27/2016 (Mon) 15:06:03 [Preview] No. 132 del

change line 273, 292 from >> to > in proxyload to get the desired result.

Anonymous 06/27/2016 (Mon) 15:21:52 [Preview] No. 133 del
Should I dl geoiplookup or should I use your script that I forgot where to get it from?

Endwall 06/27/2016 (Mon) 15:54:53 [Preview] No. 134 del

iplookup.py version 1.08 >>36

Either or, endtube is set for geoiplookup in the script right now, but you can change that line to iplookup and use my script. The geoiplookup output is more compact. I can update my iplookup file to output the city information better/ more concisely. I'll do that later.

updates Endwall 06/29/2016 (Wed) 07:44:06 [Preview] No. 136 del
proxyload version 0.06
proxycheck version 0.06

Endwall 06/30/2016 (Thu) 23:34:29 [Preview] No. 138 del
proxycheck.sh version 0.07


Endwall 07/06/2016 (Wed) 08:17:35 [Preview] No. 144 del
endwall.sh version 1.31

Rewrote the firewall with shell functions and saved 500 lines of code. Now at 1122 lines.

Endwall 07/06/2016 (Wed) 20:05:12 [Preview] No. 146 del
passgen.sh version 0.02

Endwall 07/06/2016 (Wed) 20:20:17 [Preview] No. 147 del
passgen version 0.03

Endwall 07/07/2016 (Thu) 03:23:02 [Preview] No. 148 del
endwall.sh is 947 lines of code (without the header)

There are some touch up things to do with endwall.sh, but I'll work on this sporadically. I have some non computer related stuff to deal with for the next month or so. Any comments or suggestions about the scripts place them below.

Also gitweb disapeared. I'm looking for a new .onion git hub repository for Endware. If anyone knows of another simillar repository please post the link below, and I'll try to set it up.

The next thing for me to do is to start working on OpenBSD and PF, I have some books to read so that will take a while (no ETA). If I work on it on weekends I should have something to show by December.

Any requests,complaints, comments, or suggestions for development products for Endware, place below. Thanks again.

Hidden Service Endwall 07/09/2016 (Sat) 14:04:30 [Preview] No. 158 del
The Endware Development Team Hidden Service

Anonymous 07/09/2016 (Sat) 20:28:25 [Preview] No. 159 del
hey endude, are you odili or snake's little bother or something?

Anonymous 07/18/2016 (Mon) 01:55:34 [Preview] No. 198 del
/r/equesting a batch script of some sort (not literally .bat) that would randomly sort and rename files as numbers in a folder while keeping the file types. Ideally can at least rename up to 5 digits worth of files quickly, starting from 0.<file extension type> to 99999.<file extension type>

I'm too stupid to do this. the closest I can get is to use thunar but it doesn't randomly order them. If there's a program that does this in linux, please show me.

Endwall 07/18/2016 (Mon) 06:38:20 [Preview] No. 199 del
(EDIT:There was a link here that has been removed. This file was destructive and a mistake. Endwall)

I'm not sure if this is what you were looking for but I tested it on my chan pictures directory, and it seems to work.

If you downloaded the file filenumz.sh DELETE IT!!

Edited last time by Endwall on 07/19/2016 (Tue) 11:00:46.

Anonymous 07/19/2016 (Tue) 05:42:42 [Preview] No. 200 del
I'm sorry to say, but it had deleted my pictures. I had over 16000, now I have over 10000. Guess it's 100% my fault for not naming them with different names instead of using numbers. On the plus side, they were for the most part, filler pics that does explain some things but can be completely be mixed up because it's just a bunch of symbols and shit.

Endwall 07/19/2016 (Tue) 09:02:41 [Preview] No. 201 del
My bad. Sorry about that I'm not sure where the bug is. I'll look at this tomorrow.

Endwall 07/19/2016 (Tue) 09:06:35 [Preview] No. 202 del
Don't use this file until I figure out what's wrong with it. If someone can spot the error point it out. Sorry about your data loss...

Endwall 07/19/2016 (Tue) 09:20:34 [Preview] No. 203 del
If your file has multiple periods in the file name it would have renamed them improperly but shouldn't have deleted them... There has to be some double naming for some reason leading to the overwrite. I think this might be caused by my last elif. I should add a tar as the first move for this script to backup before renaming.

Endwall 07/19/2016 (Tue) 10:33:08 [Preview] No. 204 del
I've figured out the error. I'm really sorry about that. Basically it mv's the file to the new number regardless if the numbered file extention already exists or not...this will lead to file overwrites and incremental loss...I'll fix this. My bad, sorry about that.

Endwall 07/19/2016 (Tue) 10:52:47 [Preview] No. 205 del
renum.sh version 0.03

Try this version out instead. Test it out on a small patch of files (copy some into a directory). I changed it to copy the files into a new directory called renum, then you can delete the original files yourself. If you like how it works you can modify it from cp -n to mv -n , and it should be OK. I'm removing the bad post. My apologies for the error.
Edited last time by Endwall on 07/19/2016 (Tue) 11:03:56.

Endwall 07/20/2016 (Wed) 13:48:41 [Preview] No. 209 del
renum.sh version 0.04

Endwall 07/21/2016 (Thu) 03:14:09 [Preview] No. 210 del
renum.sh version 0.05

Endwall 07/21/2016 (Thu) 05:39:45 [Preview] No. 211 del
rmdupes.sh version 0.01

Checks filesize and md5 hash sequentially and marks and removes duplicate files.

Endwall 07/29/2016 (Fri) 02:13:36 [Preview] No. 226 del
The Endware Development Team Hidden Services:

email: endwall@tmg3kli67jlbcduh.onion

Anonymous 07/29/2016 (Fri) 03:03:10 [Preview] No. 227 del
I'm basically fucking stupid, I would like a visual representation of what all these scripts do in say a venn diagram with descriptions as an suggestion.

Endwall 07/29/2016 (Fri) 05:04:00 [Preview] No. 228 del
Yeah that's a good idea. I'll work on a description file tomorrow, the visual venn diagram will be later.

Thanks for the suggestion.

Endwall 07/29/2016 (Fri) 05:06:47 [Preview] No. 230 del
endnodes.sh and endloads.sh had problems with their user agent output. I've fixed these bugs.

Update these files if you're using them.

Endwall 07/30/2016 (Sat) 00:48:09 [Preview] No. 234 del
endtube.sh had a bug as well with the exit node pull user agent. It has been fixed.

Endwall 07/31/2016 (Sun) 09:50:07 [Preview] No. 237 del
Catalogue of files in The Endware Suite



I can make a picture file later. I'm busy for the rest of the month of August, so progress on software will be very slow. If you catch any serious bugs in endware, or if you have a better workflow or new idea for software products, post below.

Endwall 08/02/2016 (Tue) 11:17:00 [Preview] No. 244 del
endmail.sh version 0.01
- cli email sender to a hidden service mail server
endfix.cf version 0.01
- A postfix configuration for hidden service mail servers.

Available in the git repositories and on the Endware Hidden service.


Endwall 08/11/2016 (Thu) 10:27:40 [Preview] No. 271 del
I forgot to keep an eye on the Endware thread in tech >>>/tech/1725 and
it fell off of the board. It had some good advice for development on it. I should have bumped the thread. Oh well...

Is it archived anywhere? If so post below.

Also endwall.sh has been updated

./endwall.sh -o

o for Open, disables the firewall. Usefull if it screws up and doesn't work. You can re run it to open everything up/ return to default Accept policies.

I've added a for loop to loop over each interface and apply the client and server rules to them if they're non-empty. This increases robustness slightly, for getting it to run regardless of which ethernet port you're plugged into if you have 2 ports.

endwall.sh version 1.35

Endwall 08/11/2016 (Thu) 12:05:14 [Preview] No. 272 del
endlists.sh version 1.23
endsets.sh version 1.27

Also available in the git repos and on the hidden service.

These versions loop over interface as well. If you see any problems or experience any bugs comment below. Thanks.

Endware Endwall 08/13/2016 (Sat) 08:17:08 [Preview] No. 278 del
(29.28 KB 640x480 Endware_v06.png)
Endware Logo version 0.06
Edited last time by Endwall on 08/13/2016 (Sat) 08:22:08.

Endwall 08/15/2016 (Mon) 23:19:12 [Preview] No. 293 del
endtube.sh version 0.19

Anonymous 08/17/2016 (Wed) 02:35:19 [Preview] No. 308 del
(128.00 KB 345x1280 Immunity Cat.jpg)
>inb4 shitty shoop of pic related with circles

Endwall 08/19/2016 (Fri) 07:44:17 [Preview] No. 331 del
endcurl.sh version 0.13
endget.sh version 0.12
endnode.sh version 0.15
proxycheck.sh version 0.11
proxyload.sh version 0.08
safedown.sh version 0.04
endloads.sh version 0.17
endtube.sh version 0.20

Endware Endwall 08/19/2016 (Fri) 22:24:28 [Preview] No. 334 del
Endwall Firewall
endwall.sh version 1.36
endlists.sh version 1.23
endsets.sh version 1.27
Configuration Files
endtorrc version 0.11
endfix.cf version 0.02

File Operations
safemode.sh version 0.02
renum.sh version 0.05
rmdupes.sh version 0.01
Internet Downloaders
endcurl.sh version 0.13
endget.sh version 0.12
endnode.sh version 0.15
endloads.sh version 0.17
safedown.sh version 0.04
proxyload.sh version 0.08
proxycheck.sh version 0.11

File Operations
pdfclean.sh version 0.04

iplookup.py version 1.08
check16.sh version 0.04
check8.sh version 0.04

Endware Log Reading
alogz.sh version 1.07
mlogz.sh version 1.07
spamlogz.sh version 1.08

Endtube Video Downloader
endtube.sh version 0.20

Password Generator
passgen.sh version 0.03

eula.txt version 1.12

Helpful files

Endwall 08/23/2016 (Tue) 02:10:29 [Preview] No. 360 del
I have updated all of the files that use random user agents to download. I have separated the user agents into a text file called user_agents.txt. This file should go into $HOME/bin/ however you can mannually edit the files to change where this should read from. This will allow the users to quickly populate their own custom user_agents.txt list.

Also I start school again in September so I'm going to be really busy with that. I'll make software updates if they're quick to do, and post the occasional news article, but it's going to be slow around here until December. My next project is setting up openbsd on a sun ultrasparc machine and playing around with pf. This new project is postponed until December, although I might get to it sooner than that if things go smoothly with school.

If you have any project ideas for EndWare requests, or bug reports post them below, alternatively you can post requests for new software projects in the board >>>/endsoft/ , if you see something that you can do or have a new idea or project start a thread for it and start working on it in >>>/endsoft/. Start your own software project and get user feedback in >>>/endsoft/.

Endwall 08/24/2016 (Wed) 05:42:23 [Preview] No. 375 del
I've placed configuration files for unbound dns server and dovecot pop3/imap server on my hidden service.


These should be able to slot right in to the /etc/unbound/ directory and /etc/dovecot/conf.d and /etc/dovecot/ directories and start the servers. The dovecot files come from a CentOS rpm and the unbound configuration was adapted from reading online. Let me know if they aren't working.

Anonymous 08/26/2016 (Fri) 03:19:15 [Preview] No. 408 del
did you have to delete the oathbreaker? It was a joke and this is bullshit deleting it like that.

Anonymous 08/26/2016 (Fri) 03:22:25 [Preview] No. 409 del
>I was merely pretending to shitpost

Anonymous 08/26/2016 (Fri) 03:31:20 [Preview] No. 410 del
No the spoiler indicated it was something of a suprise. I am guilty of shitposting like hell and this was intentional shitposting and pretending like it didnt happen is taking it seriously. You would open the spoiled image to see that your oaths are broken and thats all there iis to it.

Endwall 08/26/2016 (Fri) 03:57:32 [Preview] No. 411 del
safedown.sh was broken, it's fixed and I've added a flag to turn on --no-check-certificates in wget, as I was downloading something that failed due to a cert from lets encrypt.

Endwall 08/26/2016 (Fri) 04:01:58 [Preview] No. 412 del

The logo issue is currently solved. I hope I'm not violating Endchan copyright by using it. If there is a problem, let me know, thanks.

Anonymous 08/26/2016 (Fri) 04:06:44 [Preview] No. 414 del
Its all good just butthurt the omega is open as far as copyright there can really not be a omega since its really old and many different frats and shit use it

Anonymous 08/26/2016 (Fri) 04:15:25 [Preview] No. 415 del
Yes, it's a joke because a picture can't void oaths or faiths anyways just because it suggests that it does.

You're no better than a Jew that does the Kol Nidre, which is an oath that nullifies oaths, therefore, the oathbreaker meme is in essense, another oath since you can't undo an oath without accepting another oath in its place. Funny how the Endwall guy deleted that pic days before the Endware logo was posted. He's just being polite.

Anonymous 08/26/2016 (Fri) 04:20:10 [Preview] No. 416 del
Null and void biff. null and void.

Anonymous 08/26/2016 (Fri) 05:00:11 [Preview] No. 417 del

Anonymous 08/31/2016 (Wed) 01:55:21 [Preview] No. 477 del
>fixing bloat with more bloat
not this shit again/constanza

Endwall 08/31/2016 (Wed) 02:06:17 [Preview] No. 478 del

Could you be a little more specific with your complaint? What is bloated? Linux?
What is the additional bloat? What is your idea? Be specific and I'll try to do something about it. Thanks.

Anonymous 08/31/2016 (Wed) 02:07:15 [Preview] No. 479 del
might want to check out hget it is supposed to be fast and it runs on go I have yet to compile it but Here it is saw it on cyberpunks

Endware Endwall 08/31/2016 (Wed) 02:10:28 [Preview] No. 480 del
Hey thanks. Any new software or software ideas help. If you see a cool piece of software let me know and I'll try to pimp it out.

Yeah that looks cool I'll have to try that out. Thanks for the lead.

Debian Endwall 09/11/2016 (Sun) 01:55:59 [Preview] No. 572 del
On Debian bourne shell sh points to dash
this causes endwall.sh not to work. Change line 1 to #!/bin/bash

I haven't tested the rest of the scripts but this might also impact the other endware scripts as well, if so change the #!/bin/sh to #!/bin/bash if you are running bash.

I spent an hour looking through my code to find the error that was messing it up. That was frustrating. I'll have to look into the syntax for dash if statements, for logic evaluation which seems to be where the problem is.

Anonymous 09/11/2016 (Sun) 13:24:40 [Preview] No. 573 del
Why have endget, endcurl, and endloads? Why even endloads?

Endwall 09/11/2016 (Sun) 18:24:47 [Preview] No. 574 del

endloads is a download manager it downloads each file at a randomly selected time, long enough to switch the tor circuit. I now use torsocks -i which should alread pick a new circuit each time, but the time interval should mask that it's the same downloader. Also the order of the downloaded files is sorted randomly, if you're downloading things from multiple sources ( unrelated servers and unrelated content) this should do two things 1) increase the time interval between related downloads (by virtue of the time it takes to download the unrelated material) 2) randomize the correlation between the downloads. Next I default to the tor browser user-agent and the tor browser extra header that was posted over in the internet security thread. This standardizes it, and should hopefully fool some analysis tools. Finally if desired you can use the --uarand flag to chose a randomly selected user agent from the list provided in user_agents.txt. you can add your own user-agents to the list, and change the default user-agent which is on line 1. So say you think that wget should be the default user agent, then change line 1 of user_agents.txt to be that user agent, insert other types in the middle or end to increase the selections.

Why would I want to randomize my user agent? It might increase anonymity by fuzzing up analytics and producing white noise, it might decrease anonymity if not enough people are doing that, however one area it is useful for is for evading string based blocks on http requests. For instance I banned requests to my hidden service from a scraper bot by putting it's unique user agent into a string blacklist in endlists.

endcurl.sh and endget.sh have the same functionality as curl and wget, but have the randomized user agent with default to tor browsesr user-agent and header string. Again these are linked to user_agents.txt which you can modify to change the default user-agent, and and more to increase your white noise attack.

endtube procedes as endloads but uses youtube-dl for the video downloading component.

Finally you can read the code and make your own customized version of these scripts if you think of something cool, or think i'm doing something wrong.

I hope that answers your question. Try it out, if it isn't what you like don't use it. Brainstorm some new ideas of how to do stuff privately/anonymously and I might work on implementing it. Thanks.

Endwall 09/11/2016 (Sun) 20:35:40 [Preview] No. 576 del
endwall_wifi.sh version 1.37

I use bash as the interpreter, and added permisive settings to pickup wifi if it is enabled. I tested this on a laptop with a fresh install of debian 8.5 last night and it worked. Let me know if there are any problems. This should work on debian, centos, arch, parabola, gentoo, etc.

Endwall 09/18/2016 (Sun) 18:56:42 [Preview] No. 581 del
I just tried some of the endtools on OpenBSD last night and they didn't work right off the bat. I made some modifications to get the following programs to work correctly.


to get these to work:

-Change the random number generation scheme to the variable $RANDOM
- Get rid of the torsocks -i flag.
- shuf doesn't exist in default install
- change shuf -n 1 to sort -R | head -n 1

I'm going to do some more fixing with these files and I'll post them as a separate branch for BSD. I'll do it this way because I want to keep the -i isolate flag for gnu/linux. But the files work on BSD.

Endware BSD Endwall 09/18/2016 (Sun) 23:51:21 [Preview] No. 582 del
Endware BSD ports

Available on the hidden service

I have tested these scripts on OpenBSD 6.0 on a DEC AlphaServer 1.0Ghz Alpha. I will also test these on my Sunblade 2500 UltraSparc IIIi systems, using OpenBSD 6.0. I'll test this on FreeBSD over Christmass. If you experience any problems comment below or email me.

Endwall 10/13/2016 (Thu) 00:34:45 [Preview] No. 605 del
I've recently made some changes to endtube.sh in order for it to download links presented in the command line.


$ endtube https://videosite.com/link
$ endtube --url https://videosite.com/link
$ endtube --list videolist.txt
$ endtube --uarand --list newslist.txt
$ endtube --version
$ endtube --help

I've modified the script so that you can add youtube-dl options before the url for a url download without the --url flag or after the --url flag,

$ endtube --url http:/videosite --option --option
$ endtube --list list.txt --option --option

So it's essentially fully functional youtube-dl with auto headers and user-agent with an option for random user agents --uarand. Let me know if it has any issues. Thanks.

Endtube Endwall 10/14/2016 (Fri) 01:50:13 [Preview] No. 606 del
endtube --native https://www.youtube.com/blah

the --native switch will use youtube-dl's native socks connector instead of torsocks to connect to tor. But if you use it this way, you can't use the --proxylist command, since the proxy spot is already taken.

endtube --native --list list.txt
endtube --native --uarand --list list.txt
endtube --native --uarand https://www.youtube.com/blah

If you want to display the exit node before every download use the --exitnode flag. I think this might be dangerous due to correlation but it was useful for debuging, i use it sometimes, to see the distribution of exitnodes that are being selected over time.

Anyways if you guys have any ideas for new products or requests, or complaints about the software, post below and I'll try to work on it on weekends. Thanks.

Headers Endwall 10/23/2016 (Sun) 23:26:42 [Preview] No. 625 del
I just made a significant bug fix to the following programs:
endcurl.sh, endget.sh, endtube.sh, endloads.sh, safedown.sh.

The extra headers for accept:, accept-language: etc. were all messed up. I did some testing with some files on apache and looked at the headers and I've got this fixed now...sort of, its still slightly messed up with endcurl, but thats the best I can do for now.

I broke the header from one big string into several sequential header calls, which is how it specifies to do it for youtube-dl, so this should be working correctly now...

I'll look at this again later. If anyone has any ideas about the headers post below. In any event get the updated versions of these files from the usual locations. Thanks.

endtorrc Endwall 10/30/2016 (Sun) 05:52:45 [Preview] No. 637 del
I just made some updates to endtorrc.
I added SocksPort 9050 and isolation flags, changed the dirguard time to 1 month (the minimum), and commented out the deprecated variables and flags. Available in all the usual locations.

endnode Endwall 11/06/2016 (Sun) 20:42:19 [Preview] No. 664 del
I just fixed the headers on endnode and switch to using wget instead of curl. Seems to be working.


I have to do the same for proxyload.sh and proxycheck.sh . I'll try that next weekend.

Endtube Endwall 11/21/2016 (Mon) 00:10:58 [Preview] No. 681 del
version 0.33
I just added a referer call on endtube.sh

it uses the base url as the referer
so https://youtube.com/watch?v=blah [Embed]

will send https://www.youtube.com as the referer. I don't know if this is a good idea or not. You can disable this with the flag --no-refer.

Edited last time by Endwall on 11/21/2016 (Mon) 00:33:31.

Anonymous 11/27/2016 (Sun) 21:09:06 [Preview] No. 693 del
how do I have endtube work with youtube playlists?

Endwall 11/27/2016 (Sun) 21:29:42 [Preview] No. 694 del
I have an idea. I can't work on this until next weekend.

For now try this:

$ youtube-dl --flat-playlist playlist.html >>list.txt

save this into a list then run
$ endtube --list list.txt

Endwall 11/27/2016 (Sun) 21:30:45 [Preview] No. 695 del
Add a torsocks there. I'll edit this later.

$ torsocks youtube-dl --flat-playlist playlist.html >> list.txt

$ endtube --list list.txt

Endwall 11/27/2016 (Sun) 21:38:33 [Preview] No. 696 del
No that seems to download the playlist. I'll work on this and get an answer next weekend. I have homework due tomorrow so I'll work on it later. Thanks for the question.

Endwall 11/27/2016 (Sun) 22:50:05 [Preview] No. 700 del


Try this out.

$ endxplist https://www.youtube.com/playlist?list=PLBEA362DAD76373B7

Then run

$ endtube --list playlist.txt

This currently only works with youtube video playlists. I'll make it more robust over time.

Endwall 11/28/2016 (Mon) 00:55:43 [Preview] No. 701 del
I might change the name of this file to endplaylist xplist was extract playlist but 2 more leters won't hurt since it makes it more clear what the file does.

Any thoughts?

Anonymous 11/28/2016 (Mon) 14:55:56 [Preview] No. 702 del
Fine by me, as long as it doesn't conflict with any existing program name.

Endtube Endwall 12/11/2016 (Sun) 06:44:49 [Preview] No. 716 del
endtube version 0.34


I've made the referer call slightly more sophisticated for youtube. I'll work on this for other sites later.

Should I add a header call for Accept-Charset?
"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7"

Where should this header go? before or after Accept: ?
does this have a default value in youtube-dl? I should look through the source code but I have to study for finals...
Post if you know or have an opinion about it. Thanks.

Anonymous 12/11/2016 (Sun) 18:08:51 [Preview] No. 717 del
A better way would be to do one of
alias torsocks='torsocks -i'

torsocks() { command torsocks -i "$@"; }
when -i is supported.

Endtube Anonymous 12/16/2016 (Fri) 05:25:24 [Preview] No. 725 del
endtube version 0.37


I've made some bug fixes. This will probably be static for the next month or two. I have a couple more ideas to try out, but I'm moving on to some other projects now. If you have any ideas for products, requests, or bug reports post below and I'll look into it...eventually.
Edited last time by Endwall on 12/16/2016 (Fri) 05:30:17.

BSD Endwall 12/16/2016 (Fri) 05:37:12 [Preview] No. 726 del

Speaking of which, I've really neglected this port. I'll have to work on this more this Christmas and port the latest versions to BSD as best I can.

Its high priority-ish.
Edited last time by Endwall on 12/16/2016 (Fri) 05:41:40.

Updates Endwall 12/20/2016 (Tue) 04:35:49 [Preview] No. 731 del
1) I have updated endtube and fixed some bugs. I will work on this incrementally as I get ideas / as I use it.

endtube.sh version 0.39

2) I fixed some bugs in endlists.sh and endsets.sh. The rule insertion was messed up, and was over indexing leading to some rules not getting added, this is fixed now. Also I added the --help and --version options.

endlists.sh version 1.24
endsets.sh version 1.29

3) I have added a new tool called rmpac-files.sh . This is specific to arch/parabola and pacman. It's a utility to remove files that "already exist in the file system" which prevents updating. This seems to be a perenial error with pacman. Be careful with this file as I have used it to mess my install up, and I required a rescue disk. I thought I'd share it anyways.

rmpac-files.sh version 0.02

My next tasks in the comptuer world are working on Endware BSD ports, working on a BSD firewall system in pf, and working on my gentoo box.

I have some IRL stuff to do this Christmas so this might get done much later than I had hoped for, probably by March/April.

If you have any ideas for products, bug reports, comments, or requests post them below. Thanks.

Endtube Endwall 12/22/2016 (Thu) 05:44:10 [Preview] No. 735 del
endtube.sh version 0.40

fixed some bugs added some options:

Default operational mode is switched back to using the site root as the referer. You can use the more modern site based pull with the flag --grab-refer

I changed this back due to my fear that there is some type of signalling that can be correlated between the url referer grab and the second download.

To use a random referer from a list place the file referers.txt into ~/bin and load it up and use the flag --rand-refer. If you use --grab-refer it will put the referer pulls into this file for later use with the flag --rand-refer.

To use a random character string as the website name use the flag --ranstr-refer

Post below if you have any problems, experience bugs, or have any suggestions for features and or new products. Thanks.

Endware fork Endwall 12/22/2016 (Thu) 05:56:51 [Preview] No. 736 del
Also someone forked endware. This is a good thing.



I hope these guys make endware great again, because I've been slowing down due to school and work commitments. I'll keep an eye out for what these guys fix / change with the code. But yeah its good that some other coders are on the case now, I can't wait to see the results. See anything else about endware out there, then post links below. Thanks.

Endwall 12/30/2016 (Fri) 12:07:27 [Preview] No. 757 del
endtube.sh version 0.41

minor bug fix. Now --referer deactivates the auto referer, I use this to put in the real referer when I'm on youtube. for instance if I go to say Russia Today and grab a video I will use the /videos as the referer by right clicking and copying the link into the terminal.

$ endtube --referer https://www.youtube.com/user/RussiaToday/videos https://youtube.com/watch?v=1IJMLfUPBug [Embed]

or if I have a list of videos from a single source channel I'll do this

$ endtube --list news.txt --referer https://www.youtube.com/user/RussiaToday/videos

where news.txt is the list of vidoes from Russia Today. Try it out.

Any bugs, comments, complaints, or requests, post below. Thanks.

Endtube Endwall 02/05/2017 (Sun) 07:57:57 [Preview] No. 811 del
endtube.sh version 0.42

Minor feature addition --ua-ranstr outputs a random string as the user agent. Also I have changed the flag names to the following:

--ua-rand ## random user agent selection from user_agents.txt
--ua-ranstr ## random string as user agent
--refer-grab ## grab referer from json data
--refer-rand ## select random referer from referers.txt
--refer-ranstr ## random string website as referer

$ endtube --help for details.

Let me know if you have any issues, or experience any bugs, or have ideas for new features. Development will be slow due to school but I'll add stuff as I get new ideas. If you have any feature requests or ideas for new products comment below. Thanks.

Anonymous 02/05/2017 (Sun) 19:59:00 [Preview] No. 812 del
Why is there a change log in each file instead of using git commit history?

The license is big.
Why does it refer to gender and homosexuals? Is there a joke I am missing?

Anonymous 02/05/2017 (Sun) 20:23:07 [Preview] No. 813 del
Random user agent and referer make you stick out. I would remove it, it is bloat.

I checked the default youtube-dl header and got:

User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:10.0) Gecko/20150101 Firefox/47.0 (Chrome)
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Use the default.

Endwall 02/06/2017 (Mon) 00:32:33 [Preview] No. 814 del

I see your point of view, but its too far gone now.

to achieve default operation with endtube you type the following:

$ endtube --no-header --no-refer --no-agent --native https://www.youtube.com/link

which selects the command

$ youtube-dl --proxy socks5:// $@ $url

or if you have a list

$ endtube --no-header --no-refer --no-agent --native --list ytlinks.txt

I know you're probably laughing at this point, I am too. I LOL'd because its faster to type the correct command.

It was a design descision early on to allow random user agents, randomized proxies, (Which requires not using the native tor socks5 and using torsocks instead to feed the socks5 or https proxy), and to default to the site root as the referer, and random delay timing between --list downloads.

I was being deanonymized using the following command:

$ torsocks -i youtube-dl https://wwww.youtube.com/link

which is why I came up with the program design to begin with, with random delay timing between downloads.

> How do you know you were being deanonymized? Don't you belong in a mental ward?

Don't ask. I know it was happening.


> What is this gay and transgender shit in your license?

I'm not really sure either, I just wrote it free form and kept adding discriminated against groups to make it more inclusive and general, and it kept getting more SJW and LGBT friendly as I kept writing. My goal was to get people to use the software, but I may have produced the opposite result. I am not gay or transgender; I am exclusively heterosexual and I identify with my birth sex.
Edited last time by Endwall on 02/06/2017 (Mon) 00:40:11.

Anonymous 02/06/2017 (Mon) 01:16:09 [Preview] No. 815 del
I think its crucial to spoof the strings that say you are using youtube-dl. This is obvious when using the --verbose flag.

Anonymous 02/06/2017 (Mon) 01:30:45 [Preview] No. 816 del
It still works with the proxies so maybe random user agent should be relegated to when the --proxylist plist.txt flag is used. Other than that the tor browser UA should work right?

Endwall 02/06/2017 (Mon) 01:48:28 [Preview] No. 817 del

You are correct. Thanks for reminding me.

The idea was to pretend to be tor browser when using tor directly, and to pretend to be another browser when downloading the video from an HTTPS or SOCKS5 proxy by spoofing the user-agent and other factors. How many people use youtube-dl? 10,000? How many in your language during day time hours corresponding to your side of the globe? so we go from 10,000 down to like 50 or so, and then they can pick you out based on the type of videos and order you download them in.

So randomize the order, bungle them all together, sort them, then take your time between downloads, the longer the better, if at least 10 people are doing this each day, it should become hard to pick it out of the crowd of torbrowser users watching videos. And for that extra controversial video use proxies to look like you aren't coming from the tor network at all. Think about how database queries work.

Show me all videos watched from tor && default user agent for youtube-dl

And all of a sudden you're not in the querry. You beat them.

Ta Da !!

Anonymous 02/06/2017 (Mon) 20:11:40 [Preview] No. 818 del
This makes you stand out, the opposite of what you want.

Doing more complicated things is not the answer to security/anonymity.

Endwall 02/07/2017 (Tue) 05:44:15 [Preview] No. 819 del

Using it the default way wasn't working, I was using it that way with the defaults for a year and being deanonymized regularly. There are other problems at work though like for instance that I'm probably being keylogged without my knowledge or ability to detect it (currently).

The only thing I'm concerned about is the download pattern or signature that youtube-dl leaves on youtube. I'm not fully aware of how its download algorithm differs from what a browser like firefox does when streaming the videos, so the peculiar way it peforms download operations might give away the fact that it is actually youtube-dl in operation not a browser.

I have the headers and user agent changed to what tor-browser is using. The headers I supply are the same as the default that was posted in >>813 except for connection: and user-agent:, however I've checked and youtube-dl overides and puts connection: closed instead of keep-alive regardless of what I've put there. So really the only thing that is different is the user-agent, which I have as the tor-browser user-agent.

Also the tool is still useful for assuming multiple identities, and for evading string bans against user-agents, should something like that occur in the future.

I still want to come from outside of the tor network using socks5 or https proxies for certain things.

If it doesn't work for you then don't use it.

Thanks for the feedback, good discussion.

Anonymous 02/08/2017 (Wed) 19:52:44 [Preview] No. 822 del
>I'm not fully aware of how its download algorithm differs from what a browser like firefox does when streaming the videos, so the peculiar way it peforms download operations might give away the fact that it is actually youtube-dl in operation not a browser.
youtube-dl does not look anything like a browser, and you made it so it does not look like youtube-dl normally does. It does not look like the large amount of people using a browser, and it does not look like the large amount of people using youtube-dl, it will stand out.

>I have the headers and user agent changed to what tor-browser is using. The headers I supply are the same as the default that was posted in >>813 except for connection: and user-agent:, however I've checked and youtube-dl overides and puts connection: closed instead of keep-alive regardless of what I've put there. So really the only thing that is different is the user-agent, which I have as the tor-browser user-agent.
Randomizing the user agent and referer is not helping to make it look like a browser, just to stand out. There is much much more to how it differs from a browser.

>Also the tool is still useful for assuming multiple identities, and for evading string bans against user-agents, should something like that occur in the future.
Do not try to solve problems you do not have.

You should capture the traffic from using firefox/torbrowser to go on youtube and watch a video, and the traffic from using youtube-dl and compare them. You will see how obvious it is that they are different.
You will not make youtube-dl look like a browser, so do not try.

Endwall 02/09/2017 (Thu) 00:29:56 [Preview] No. 823 del

youtube-dl wasn't giving me anonymity when I was using it in default, and its probably not giving me anonymity now. VLC streaming behind tor wasn't working either. I still think that randomizing the video order and using a random wait time between downloads could be helpful.

Go ahead and use endtube to pin crimes on me, since it's so unique. Watch some beastiality porns or weird shit on youtube. Download some extremist propaganda. Pin it all on me. Use endtube and you'll discover my real life identity.
However if tor really works it shouldn't divulge your identity it should just pin your video downloads onto me (in principal).

> do a packet capture
Thanks for the advice, I'll do it with tcp dump and look at it and think about what to do next.

> don't try to solve ...
I ban bots from downloading from my servers based on user-agent string matching. It might happen.
Edited last time by Endwall on 02/09/2017 (Thu) 01:38:43.

Endwall 02/11/2017 (Sat) 07:24:49 [Preview] No. 824 del
oldtube.sh version 0.01

In response to the suggestions above I have stripped out most of the peculiarities leaving only the ability to call user-agents using the flags --ua-rand --ua-ranstr --ua-tor --ua-row1, with the default being off.

The code is simplified and you can still use proxies. I've removed all the header calls and referer calls.

Let me know if you experience any bugs or see any issues. I have some more relict code to remove from this, but it should work right now. If you think of anything else let me know, or if you think of a better name for this fork post below.

Endwall 02/11/2017 (Sat) 21:00:18 [Preview] No. 826 del
endtube.sh version 0.43

I have defaulted this to having no user agent, no headers and no referer. I leave it on torsocks mode because this is simple enough to activate:

$ endtube --native --list news.txt

New flags:

--ua-tor ## use torbrowser user agent
--ua-row1 ## use user agent from row 1 of user_agents.txt
--refer-root ## use the site root as the referer

Everything else should be the same. So in summary I have deactivated the referer, user-agent, and headers as the default but left torsocks as the proxyfier.

Other changes: --list will start downloading immediately instead of first waiting by the random wait time which is a bug fix.

Any other suggestions, bug reports, comments, concerns post below and I'll try to address them. Any suggestions for new products or new features also post below. Thanks.

Anonymous 02/11/2017 (Sat) 21:37:28 [Preview] No. 827 del
can you make a batch renaming script that replaces `\|, characters into _ or - to also become an integral part of renum.sh? Some of the crappy file names that I save lots of images into tend to break renum.sh somehow. Also, if there's more than one . in the filename, it ignores any other . after the first . so I manually find that one and change it and run renum.sh again. I have so much files these days that Thunar's batch renaming function fails to work when I load it up. so I can't use search and replace to change the problematic characters myself. Also, every time I use renum.sh, I think I lose one file.

Endwall 02/11/2017 (Sat) 23:11:21 [Preview] No. 828 del
Yeah sure. I'll start working on that next friday.

I also have a script that annotates proxies with the protocol but it's not much. I'll add the headers to it and release it next week.

>>826 I also just added --headers-on flag to endtube to turn on the hardcoded headers and overide the defaults. So this in principal returns the full functionality of the previous versions, but defaults to the defaults.

Endwall 02/12/2017 (Sun) 04:57:41 [Preview] No. 829 del
proxyload.sh version 0.12

##fixed a bug where the ssl_proxies wouldn't download, added a while loop and a check to make sure that they download. Might take longer to run but should give the correct output.

protofix.sh version 0.02

## A file to append the protocol extension to the proxies for use with endtube

$ protofix https ssl_proxies_checked.txt >> plist_ssl.txt
$ protofix socks5 socks_proxies_checked.txt >> plist_socks.txt


$ proxyload
$ proxycheck ssl_proxies.txt
$ proxycheck socks_proxies.txt
$ protofix https ssl_proxies_yt.txt >> plist.txt
$ protofix socks5 socks_proxies_yt.txt >> plist.txt
$ sort -R plist.txt | sort -R >> plist_sort.txt
$ endtube --proxylist plist_sort.txt --list videos.txt

Let me know if you experience any bugs with the above workflow. Thanks.

Also I have to study for a quiz and work on an assignment, so I'm busy until next friday.
Edited last time by Endwall on 02/12/2017 (Sun) 05:04:16.

Endwall 02/14/2017 (Tue) 05:56:56 [Preview] No. 830 del
endjail.sh version 0.01

a fire jail default to apply to programs. restrict network with --no-net flag

xtrac-ytpl.sh version 0.02

Rebrand of endxtplist.sh for extracting youtube playlists into url list text file.

If you have any comments or suggestions about these files or any other files, notice any bugs, or have product requests, suggestions or ideas comment below. Thanks.
Edited last time by Endwall on 02/14/2017 (Tue) 06:04:16.

Endwall 02/23/2017 (Thu) 00:48:23 [Preview] No. 839 del
endstream.sh version 0.04

This is not a security product. It currently opperates in clearnet, but I'll advertize this here as well.

This is a live streaming application using mpv and youtube-dl but operates in the Clearnet (No Tor). This can be modified to do so if you think that streaming is fast enough behind tor, which I have found to be tedious and unuseable. You can use this on a media center computer connected to a large screen tv, or for personal desktop use. Currently it is only grabbing streams from youtube, However if you make some suggestions of other live streams that work with mpv and youtube-dl, I will add them in later releases.

I have added more channels. Some of these streams go dead after a day. But I'm sure some of these will stabalized over time. Go ahead and add your own streams from 121-140. If you know any other sources or good streams post below. Thanks.

Endwall 02/26/2017 (Sun) 01:48:06 [Preview] No. 841 del
endstream.sh version 0.09

I've made several changes to endstream.sh including requiring firejail. I've stablized the channel listing, and I'll update this maybe once a week to remove dead streams, but I'm not going channel hunting anymore. If there is something really good to add as a stream suggest it below. I've added streams from youtube, dailymotion and twitch.

There are about 175 channels hardcoded into it now. Bear in mind that using this in the open (Clearnet) will reveal your channel preferences to the surveillance agency. I only recomend using this on a segregated network on a media center computer setup, and only if you don't care if your streams or viewership is logged. It's a cheap media streaming multi-language cable package.

>>827, >>828
I'll work on that next Friday/Saturday, but I have midterms and assignments due over the next two weeks or so, so it might take longer to get to. Place Comments, Suggestions, Bug Reports, New Product Ideas below. Thanks.

Anonymous 03/06/2017 (Mon) 22:45:09 [Preview] No. 844 del
I am a near daily user of proxyload.sh and proxycheck.sh.
Now I use proxycheck to test proxiea other proxy sites. Is there a short rundown on how I can add my own rss feeds of other proxy sites to proxyload?


Anonymous 03/06/2017 (Mon) 22:48:56 [Preview] No. 845 del
full list of proxy sites I found on pastebin. The first few where the only ones I knew of I am sure there is a lot of trash in these lists but for instance http://trungvanhoang.com/socks-5-4/ is working smoothy for me.

Anonymous 03/07/2017 (Tue) 00:28:46 [Preview] No. 846 del
Found a newer list https://archive.is/Qy0NF

this is the type of feed I would like to add to proxyload. The site does not matter but I tried to do it myself and it never grabbed the sites I added.

Endwall 03/07/2017 (Tue) 03:38:56 [Preview] No. 847 del
OK thanks for the new proxy lists I'll try to incorporate them.

The process went like this. Download the webpage with curl or wget, look to see if it redirects you to a new webpage, find out where it redirects, download that webpage, find the links to the daily updates then download those webpages, then filter using awk or grep for the ip addresses and dump them into a text file. proxyloads was unique to those original sites.

I'll try to rig something up next Friday I have a quiz tomorrow a test on Friday, a midterm next Monday and next Thurday, I might have another test next week as well. I'm tied up. But thanks I'm glad someone is using it.

endstream.sh version 0.14

Also If you use endstream try to use it behind a vpn or something maybe I can call it with proxies as well that might help ( I'll work on this later).

I'm using it right out in the open, which is potentially really bad. In version 0.14 I've added a while loop to keep the menu up after each channel view, and added a bunch of asian stations. I built this to watch the news, because I don't have cable and my mom hogs the TV and watches soap operas.

Endwall:"Mom I want to watch the news".
Mom: "After I finish my soaps".

Local news is weak anyways. But yeah don't use this on the computer you hack on, build something seperate for this and use a vpn or a proxy, tor is too slow to stream over reliably unless you like skipping and jitter and long pauses. Maybe there are some buffer settings that I can try to tweek. I'm not sure. Any insight would be appreciated.

Anonymous 03/07/2017 (Tue) 06:48:41 [Preview] No. 848 del
Thank you very much I now understand the code a little bit more now hat you explained it.

Anonymous 03/07/2017 (Tue) 06:50:22 [Preview] No. 849 del

Endwall 03/12/2017 (Sun) 01:49:27 [Preview] No. 852 del

Sandbox variable is stopping tor from running, comment this out or set it to 0.

Sandbox 1 , change to
## Sandbox 0

Not sure what this is about, linux will not allow the system call that it is making with this set to 1, stopping tor from starting. I've updated the file on github and on the hidden service.

Endwall 03/19/2017 (Sun) 07:05:25 [Preview] No. 857 del
endstream.sh version 0.17

Added more channels, now I use a curl method to update dead streams from the channel directly rather than hard coding the link, I'll update the remaining transient streams as they die off.

endtv.sh version 0.01

Simillar to endstream.sh but with channels taken from filmOnTV.com . Some of these channels have a strange tendancy to drop out after around 5 mins. Not sure what's going on with that, if you have any clues on how to fix this post below.

I have tests,midterms and assignments due next week, so I'm offline. I've added some of the requests to the git file https://github.com/endwall2/endware/raw/master/TODO.txt
I'll get around to the request eventually.

Anonymous 03/19/2017 (Sun) 17:25:05 [Preview] No. 858 del
Here is a pf configuration that only allows tor.
set skip on lo

block log
pass out inet proto tcp user _tor

Top | Return | Catalog | Post a reply