My name is Endwall and I develop software for anonymity, privacy and computer security on the internet called The Endware Suite.
This software may be found here gitgud.io/Endwall/ , and also found here github.com/endwall2/ The Endware Suite is also hosted on this hidden service and is located here:
Endware is a suite of programs geared towards internet privacy, security, and anonymity.
Endwall: endwall.sh is an iptables based firewall script designed to be implemented on any linux distribution shipped with iptables. endwall.sh is based on default drop policies, coupled with a novel strategy of passing packets on local host ports only for those enabled by the enduser. It comes with a variety of well used ports enabled with several additional port passing configurations available by uncommenting the script. It provides essential security to a new user.
Endsets: endsets.sh is a script that adds blacklisting and whitelisting functionality to endwall.sh. It depends on the program ipset. It is persistent on reboot if you enable ipset as a service. This is the recommended blacklisting tool for endwall if you are running a server or planning on opening up ports and services to the public and will require daily blacklisting of new incomming IPs.
Endlists: endlists.sh is a traditional text file list based blacklisting and whitelisting script. It has slow performance, and can't be updated on the fly. Good for
######################## HEADER FILES acknowledge.txt - This is the current version of the acknowledgements that is pinned to the header of endware software products. eula.txt - The current version of the Endware Development Team software license. LICENSE - same file as eula.txt, comes from the git repo. endware.txt - A catalogue of the endware suite with descriptions grouped by functionality. ######################## ENDWALL FIREWALL endwall.sh - An iptables based firewall script. endlists.sh - An iptables text list based firewall blacklisting and whitelisting script. For use with endwall. Useful for workstation ip blacklisting. endsets.sh - An ipset hash set based blacklisting and whitelisting script. For use with endwall. Recomended for a mail and web server. ########################LOG READING alogz.sh - A script for reading the log output of an apache or nginx http server. mlogz.sh - A script for reading the log output of a postfix mail server. spamlogz.sh - A script for reading access attempts of banned ip addresses flagged in endwall.sh, endlists.sh and endsets.sh . ######################## GEOIPLOOKUP iplookup.py - A python based geoiplookup script that uses maxmind *.dat files and python-geoip. check16.sh - A script that sequentially outputs the geoip lookup output for a /16 range. Uses iplookup.py or geoiplookup. check8.sh - A script that sequentially outputs the geoip lookup output for a /8 range. Uses iplookup.py or geoiplookup. cidr.txt - A helpful list of the CIDR block ranges to assist with bans in endsets/endlists after consulting the log readers and iplookup scripts. ######################## CONFIGURATION FILES endtorrc - A torrc-defaults file for use with tor. country_codes.txt - A list of country codes to grep for country codes to use with endtorrc. ######################## TOR ANONYMIZED DOWNLOADERS endcurl.sh - A user agent randomizer for curl, using torsocks. endget.sh - A user agent randomizer for wget, using torsocks. endnode.sh - Check your exit node in the command line wiht torsocks, curl and a random user agent. ######################## TOR ANONYMIZED DOWNLOAD MANAGER endloads.sh - An anonymized text file list based command line download manager for internet files in a list. Random download timing, download order, user agent, with torsocks and wget. endtube.sh - An anonymized text file list based command line download manager for video content using youtube-dl and randomization. Random download timing, download order, user agent, with torsocks and wget and proxies. ######################## HTTPS/SOCKS5 PROXIES proxyload.sh - Get a list of http and socks5 proxies. Hard coded to a specific website. proxycheck.sh - Scrape the proxies in a list to test to see if they're working. ######################## TOR ANONYMIZED EMAIL endfix.cf - A postfix configuration file for hosting a smtp hidden service. endmail.sh - A command line email sender to tor hidden service smtp servers. ######################## FILE OPERATIONS pdfclean.sh - Sanitize a pdf by removing exif tag data, and java script, using qpdf,ghostscript and exiftool.
safedown.sh - downloads a file using torsocks, wget into /dev/shm/ using firejail, and randomized user-agent. safemode.sh - spawn a firejail shell and cd into /dev/shm to deal with hostile downloads/files.
passgen.sh - Generate a random character password using /dev/urandom and base64. Use as inspiration for a random password.
renum.sh - rename the files in a directory sequentially or randomly by number and file extention. rmdupes.sh - check the files in a directory for duplicates by file size and md5 cheksum and remove them. ################################
Angel Allen
HEADER FILES acknowledge.txt - This is the current version of the acknowledgements that is pinned to the header of endware software products. eula.txt - The current version of the Endware Development Team software license. LICENSE - same file as eula.txt, comes from the git repo. endware.txt - A catalogue of the endware suite with descriptions grouped by functionality. ENDWALL FIREWALL endwall.sh - An iptables based firewall script. endlists.sh - An iptables text list based firewall blacklisting and whitelisting script. For use with endwall. Useful for workstation ip blacklisting. endsets.sh - An ipset hash set based blacklisting and whitelisting script. For use with endwall. Recomended for a mail and web server. LOG READING alogz.sh - A script for reading the log output of an apache or nginx http server. mlogz.sh - A script for reading the log output of a postfix mail server. spamlogz.sh - A script for reading access attempts of banned ip addresses flagged in endwall.sh, endlists.sh and endsets.sh . GEOIPLOOKUP iplookup.py - A python based geoiplookup script that uses maxmind *.dat files and python-geoip. check16.sh - A script that sequentially outputs the geoip lookup output for a /16 range. Uses iplookup.py or geoiplookup. check8.sh - A script that sequentially outputs the geoip lookup output for a /8 range. Uses iplookup.py or geoiplookup. cidr.txt - A helpful list of the CIDR block ranges to assist with bans in endsets/endlists after consulting the log readers and iplookup scripts. CONFIGURATION FILES endtorrc - A torrc-defaults file for use with tor. country_codes.txt - A list of country codes to grep for country codes to use with endtorrc. TOR ANONYMIZED DOWNLOADERS endcurl.sh - A user agent randomizer for curl, using torsocks. endget.sh - A user agent randomizer for wget, using torsocks. endnode.sh - Check your exit node in the command line wiht torsocks, curl and a random user agent. TOR ANONYMIZED DOWNLOAD MANAGER endloads.sh - An anonymized text file list based command line download manager for internet files in a list. Random download timing, download order, user agent, with torsocks and wget. endtube.sh - An anonymized text file list based command line download manager for video content using youtube-dl and randomization. Random download timing, download order, user agent, with torsocks and wget and proxies. HTTPS/SOCKS5 PROXIES proxyload.sh - Get a list of http and socks5 proxies. Hard coded to a specific website. proxycheck.sh - Scrape the proxies in a list to test to see if they're working. TOR ANONYMIZED EMAIL endfix.cf - A postfix configuration file for hosting a smtp hidden service. endmail.sh - A command line email sender to tor hidden service smtp servers. FILE OPERATIONS pdfclean.sh - Sanitize a pdf by removing exif tag data, and java script, using qpdf,ghostscript and exiftool.
safedown.sh - downloads a file using torsocks, wget into /dev/shm/ using firejail, and randomized user-agent. safemode.sh - spawn a firejail shell and cd into /dev/shm to deal with hostile downloads/files.
passgen.sh - Generate a random character password using /dev/urandom and base64. Use as inspiration for a random password.
renum.sh - rename the files in a directory sequentially or randomly by number and file extention. rmdupes.sh - check the files in a directory for duplicates by file size and md5 cheksum and remove them.
Colton Morris
Hi Endwall.
You're missing scripts to deal with user-level site compromises (spam, injected files, modified files, modified databases), anything related to preventing that (a "web application firewall", custom modsec rules), and tools for dealing with minor DOS attacks, stuff that kills a site or your server, but which isn't a networking issue. An obvious example of the last would be a script that adds rules to the firewall to auto-blacklist IPs based on multiple string filters. And any tools to aid investigation. A few scripts that are just ngrep or tcpdump oneliners can really help.
What's with your "anonymity and privacy" tagline? No tor, no crypto. Probably the first privacy script anyone should want is something to track unencrypted HTTP requests and public networking.
Asher Torres
Files that use tor, torsocks:
endtorrc - A torrc-defaults file for use with tor. endcurl.sh - A user agent randomizer for curl, using torsocks. endget.sh - A user agent randomizer for wget, using torsocks. endnode.sh - Check your exit node in the command line wiht torsocks, curl and a random user agent. endloads.sh - An anonymized text file list based command line download manager for internet files in a list.Random download timing, download order, user agent, with torsocks and wget.
endtube.sh - An anonymized text file list based command line download manager for video content using youtube-dl and randomization. Random download timing, download order, user agent, with torsocks and wget and proxies.
safedown.sh - downloads a file using torsocks, wget into /dev/shm/ using firejail, and randomized user-agent.
Thanks for the advice and ideas. If anyone has ideas comments, or suggestions please post below. Thanks.
Michael Turner
TOR ANONYMIZED EMAIL endfix.cf - A postfix configuration file for hosting a smtp hidden service. endmail.sh - A command line email sender to tor hidden service smtp servers.
Thanks.
Zachary Morales
Thank you for sharing with us, Endwall. I will check this stuff out, and maybe learn some things.
Luke Young
Didn't see the newer posts before submitting that. I'll check your stuff out, thanks.
Aaron Davis
Yeah no problem. If you find any errors in my code, or have some good ideas for new products, please post below.
Why? Have you heard about me? Does my reputation precede me? What have you heard? Please share.
Do you like the software?
Ryan Harris
I noticed in endtorrc ExcludeNodes and ExcludeExitNodes contain some of the same country codes, but shouldn't they be in either one or the other? I believe ExcludeNodes excludes them from any position in the circuits, so ExcludeExitNodes will have no effect on them.
Carter Fisher
Oops, I read it wrong, it's up to the user to choose since it's under "Variable configuration".
Caleb Rogers
...
Gavin Rivera
Endyourself, you autistic narcissist
Austin Sullivan
No, I don't think I'll be doing that, but thanks for the advice though.
Why would you need tor and torsocks to strip javascript from a PDF? I don't trust this one bit.
Robert Gonzalez
tor and torsocks are not used in the main script, I put it in the dependency list because of the instructions section where you have to go collect some of the scripts and programs used from the internet.
I hope that helps.
Isaac Murphy
Read the main script, no calls to tor or the internet. The method is as follows:
filename commit date commit message ----------------------- ----------------- -------------------- endwall_v120.sh 4 months ago c03 17/04/2016 endwall_v121.sh 4 months ago c03 17/04/2016 endwall_v122.sh 4 months ago c02 04/05/2016 endwall_v123.sh 4 months ago c03 17/04/2016 endwall_v124.sh 4 months ago c03 17/04/2016
are you not familiar with git/versioning control? tag releases and only keep the "endwall.sh" file.
P.S. the dates are automatically tracked
Jeremiah Martinez
# 1) g) This program may be used by any human being of any sexual orientation, including heterosexual, homosexual, bisexual, asexual, or any other sexual orientation not mentioned. # 1) h) This program may be used by anyone. # WHERE MAY A USER USE THIS PROGRAM ? # 2) a) This program may be used in any country, in any geographic location of the planet Earth, in any marine or maritime environment, at sea, sub-sea, in a submarine, underground, # in the air, in an airplane, dirigible, blimp, or balloon, and at any distance from the surface of the planet Earth, including in orbit about the Earth or the Moon, # on a satellite orbiting about the Earth, the Moon, about any Solar System planet and its moons, on any space transport vehicle, and anywhere in the Solar System including the Moon, Mars, and all other Solar System planets not listed. # 2) b) This program may be used in any residential, commercial, business, and governmental property or location and in all public and private spaces. # 2) c) This program may be used anywhere.
Couldn't you just say "This program can be used by whomever, wherever, however?"
Mason James
TELEPORTS BEHIND U
Jaxson Murphy
Hey thanks for the info. This is my first git project. I'm learning as I go. I'll git rm the other files and tag the commits with a version # and letter. Thanks.
Yeah this could be simplfied, but I like it as it is right now. I was writing it and it got a little SJW, so I don't know... I'm gonna keep it with the enumeration for now. I might fork a simpler license for my next project.
Any ideas to help with security,privacy and anonymity are welcome.
endwall.sh autoconfigures your interfaces and ip address, so posting the file is specific to a particular computer, eth0? eth1? p3p1? wan0 , ip addresses differ depending on your network.
I just tried endwall.sh on debian and it failed. The problem is fixed if you change the "she-bang" from #!/bin/sh to #/bin/bash
I used sh to be as general as possible. Debian links sh to dash which doesn't like my script or rather has a different logic evaluation structure for if statements.
I have made some updates to the endwall.sh firewall to include wlan0 , which requires a more permisive rule. Seems like a reasonable update to auto detect wifi and add it. I'll update the files tomorrow or on Monday.
Thanks for the feedback.
Jason Nguyen
Anybody who can use iptables already knows that. I'm saying I'd rather see the raw iptables to know exactly what you're doing rather than relying on or reverse-engineering some script, and then adapt it to my own iptables as needed.
You have to understand the security conscious people don't usually like the idea of running random scripts they downloaded from the internet.
William Moore
To extend upon this: I'm not saying what you're doing is either good or bad, because I don't KNOW what you're doing exactly. It may very well be that you've got a fantastic setup that does everything you say it does, but as a "customer" I'd rather have that thing as an "Endwall Method" rather than an "Endwall Suite".
Ryder Edwards
That's understandable, but I'm not posting my network details.
Endware suite.
My recommendation is to read the file, and then run it in a vm and then do the following:
Anyone still using iptables this side of 2014 is showing their ignorance.
Lincoln Perez
What are you using? What should I be using? Pf? Windows Advanced Firewall? Hardware Firewall?
You have the knowledge, so give it to us.
Wyatt Turner
Fuck off nigger, I'm not spoonfeeding your narcissist ass
Austin Gray
Then what good are you? Totally useless.
firewalld, shorewall, pgl all use iptables.
What is the replacement firewall system for linux?
Make unsubstantiated claim, while claiming to be a computer god.
Go look up the definition of narcisist, it matches your profile.
Can anyone else other than this "computer wiz" add some clarity?
Dylan Ramirez
Care to explain why?
Sure theres the new, in development nftables but why go away from iptables? It does its job perfectly fine still, it hooks into the same constantly updated netfilter in the kernel
I have tested these scripts on OpenBSD 6.0 on a DEC AlphaServer 1.0Ghz Alpha. I will also test these on my Sunblade 2500 UltraSparc IIIi systems, using OpenBSD 6.0.
Cooper Reed
Wow, nice. After doing this what're your thoughts on doing this scripting in sh on BSD?
I've used FreeBSD a bit, never used it enough to start scripting on it though since I'm focusing on Linux and I commonly write for BASH
Nolan Ramirez
It's a work in progress. I just kept trying to run the original scripts which were broken on OpenBSD, and reading the error messages then going and modifying the problem code, took about 5 tries for endtube.
There are several command differences even with some of the more common commands. No shuff, changed this to sort -R | head n 1, changed my random number scheme to using just $RANDOM. So some stuff is forcing me to do things more efficiently or differently at least. But some of my other scripts will require substantial reworkings. changing sha256 to shash etc...
I'm new at BSD, but I like it. I have to turn my computers on every day to work with them. I'll get the hang of it eventually. I want to re-write everythign to run with the default BSD ecosystem + some pkg_add ports packages. I'm going to test some more of them on Friday and try to fix them. I'll also have to write a new firewall in pf that approximates endwall.sh for iptables. I should have something internally by January and probably release it in March/April. I'm getting busy though so it might take longer, we'll see.
I have an installation of FreeBSD on a Sun Ultra60 ultrasparc II, but I need to put it on a more modern computer for testing. I'm planning on putting FreeBSD on a mac G5 I have for testing and programming. I'll get around to it all eventually.
Let me know if they work on FreeBSD, or if there are any problems. Thanks for the feedback.
Tyler Torres
Oh god, how did I miss this shit for a month? This is the best thing I have seen all week, thanks OP.
Christopher Miller
By the way, note the -n — the length of the password is actually random, and in 1 out of 256 cases, the password will be Cg==. All these details actually make me suspect it's extremely elaborate trolling, but I'm having a laugh regardless.
There is nothing wrong with urandom. Or at least there wouldn't be if Linux wasn't retarded and would adopt OpenBSD's urandom behavior, oh well. In the cases where such a program would ever be used, a machine will already have enough entropy.
Jordan Anderson
Usually I just run passgen a couple of times and dart my eyes around the screen and start writing down blocks of 4-5 characters from different parts of the screen output into a password log book. I stop writing when the password gets too long.
You can now control the output length by changing the number of bytes it reads $ passgen --bytes 18
outputs a 24 character random password. I've also added the flags --help, --version, --bytes, --outfile
Let me know if you see any other problems, or have any comments, suggestions or product ideas. Thanks.
Matthew Powell
You also know you're dealing with a retard when you torify/torsocks programs that already support using a SOCKS proxy, like curl.
Luis Murphy
What you mentioned about curl has merit, however i'm using torsocks -i which opens a new circuit (seperate and isolated from any circuit in use for something else like web browsing) for the tcp connection.
Also you can then chain a socks5 proxy to the endcurl call using the usual curl flag --socks5 . So this is an advantage. Otherwise I'd agree with your observation. I'll add a --native flag to make it do it with it's own socks compatibility. Thanks for the idea.
Oliver Gomez
Someone go compile screenshots of the other ENTERPRISE JAVA BEAN BOURN[sic] SHELL retardation this lolcow wrote, we can dump this hilarity in the tech cringe thread
No wonder they're trying to stay anonymous at all costs
Parker Scott
I just added the --native flag, and a --version flag it works good. I'll add this option to endtube as well next weekend.
Hey thanks for catching that typographic error on Bourne Shell. I fixed it. Thanks!
William Edwards
The tech cringe thread? Where is that?
I just added the --native, and --version flags to endtube.sh as well as --url and allowing for the last input to be a url and to use additional youtube-dl options.
You keep proving how retarded you are, curl by itself is able to use different circuits. I'll give you a hint: IsolateSOCKSAuth is a thing and is enabled by default.
Juan Rogers
So is this just inefficient or is there also danger factor to doing this way?
In any event i've added the option --native to use the socks connector directly for both endtube and endcurl. The user can now choose. So this is now solved. Thanks for your input.