How to bypass Microsoft Account when installing Windows 11

Microsoft has confirmed that the popular “bypassnro” command, which let users to skip connecting to the Internet and signing into a Microsoft Account, is being removed, when setting up a new Windows 11 PC.

Microsoft is now requiring every Windows 11 device be set up with an internet-connected account.

Windows 11 PCs that have already been set up without a Microsoft Account will be unaffected. This change only affects the Windows 11 install and setup experience, where the OS requires an internet connection and a Microsoft Account to progress.

There are still ways to bypass these requirements, Currently, it’s also possible to manually re-add the bypassnro command to your system by typing the following into a command prompt: “reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\OOBE /v BypassNRO /t REG_DWORD /d 1 /f shutdown /r /t 0”

However, there’s no guarantee Microsoft will allow this additional workaround for long. There are other workarounds as well, such as using the unattended.xml installation, but this requires a lot more work and includes creating a new Windows installation image from scratch.

Steps to Create an Unattended XML File for Local Account

1. Basic unattend.xml to Skip Microsoft Account:

Here’s a minimal XML file that configures a local administrator account and skips OOBE (Out-of-Box Experience) prompts:

<?xml version="1.0" encoding="utf-8"?> <unattend xmlns="urn:schemas-microsoft-com:unattend"> <settings pass="oobeSystem"> <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <OOBE> <HideEULAPage>true</HideEULAPage> <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> <HideOnlineAccountScreens>true</HideOnlineAccountScreens> <!-- Skips Microsoft account --> <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> <NetworkLocation>Work</NetworkLocation> <ProtectYourPC>1</ProtectYourPC> </OOBE> <UserAccounts> <LocalAccounts> <LocalAccount wcm:action="add"> <Password> <Value>YourPassword123</Value> <!-- Change this --> <PlainText>true</PlainText> <!-- Set to false if hashed --> </Password> <DisplayName>LocalAdmin</DisplayName> <Name>LocalAdmin</Name> <Group>Administrators</Group> </LocalAccount> </LocalAccounts> </UserAccounts> <AutoLogon> <Password> <Value>YourPassword123</Value> </Password> <Enabled>true</Enabled> <Username>LocalAdmin</Username> <LogonCount>999999</LogonCount> </AutoLogon> </component> </settings> </unattend>

2. Save the File

Save as autounattend.xml (for USB boot) or unattend.xml (for deployment tools).

Place it in the root of your Windows 11 installation USB or inject it into the ISO.

3. Use the File During Installation

Boot from the USB, and Windows Setup will automatically apply the settings.

No Microsoft account prompt will appear.

Get a Windows 11 Product key at keyingo.com for half price !

"OS Command Injection is a type of cyberattack where an attacker injects malicious commands into the operating system through vulnerabilities in software or applications. These commands are executed directly by the system, allowing the attacker to access sensitive data or take complete control of the device. The simple case refers to elementary scenarios in which basic exploit techniques are used."

CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities

Source: https://www.cisa.gov/news-events/alerts/2024/07/10/cisa-and-fbi-release-secure-design-alert-eliminating-os-command-injection-vulnerabilities

More info:

https://www.cisa.gov/resources-tools/resources/secure-design-alert-eliminating-os-command-injection-vulnerabilities

OS commands injection testing & defense

OS command injection is a technique used via a web interface in order to execute OS commands on a web server.

How to test for the issue

During code review

Check if any command execute methods are called and in unvalidated user input are taken as data for that command.

Besides, appending a semicolon to the end of a URL query parameter followed by an operating system command, will execute the command. %3B is URL encoded and decodes to semicolon. This is because the ; is interpreted as a command separator.

Example: 

http://sensitive/something.php?dir=%3Bcat%20/etc/passwd

If the application responds with the output of the /etc/passwd file then you know the attack has been successful. Many web application scanners can be used to test for this attack as they inject variations of command injections and test the response.

Equally Static Code Analysis tools check the data flow of untrusted user input into a web application and check if the data is then entered into a dangerous method which executes the user input as a command.

Remediation

If it is considered unavoidable the call to a system command incorporated with user-supplied, the following two layers of defense should be used within software in order to prevent attacks

Parameterization - If available, use structured mechanisms that automatically enforce the separation between data and command. These mechanisms can help to provide the relevant quoting, encoding.

Input validation - the values for commands and the relevant arguments should be both validated. There are different degrees of validation for the actual command and its arguments:

When it comes to the commands used, these must be validated against a list of allowed commands.

In regards to the arguments used for these commands, they should be validated using the following options:

Positive or allowlist input validation - where are the arguments allowed explicitly defined

Allow-list Regular Expression - where is explicitly defined a list of good characters allowed and the maximum length of the string. Ensure that metacharacters like & | ; $ > < \ \ !` and whitespaces are not part of the Regular Expression. For example, the following regular expression only allows lowercase letters and numbers, and does not contain metacharacters. The length is also being limited to 3-10 characters:

^[a-z0-9]{3,10}$

Example code - Java

Incorrect Usage

ProcessBuilder b = new ProcessBuilder("C:\DoStuff.exe -arg1 -arg2");

the command together with the arguments are passed as a one string, making easy to manipulate that expression and inject malicious strings.

Correct Usage

ProcessBuilder pb = new ProcessBuilder("TrustedCmd", "TrustedArg1", "TrustedArg2"); Map<String, String> env = pb.environment(); pb.directory(new File("TrustedDir")); Process p = pb.start();

starts a process with a modified working directory

The command and each of the arguments are passed separately which makes it easy to validate each term and reduces the risk to insert malicious strings

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

The Hacker News : Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity. "A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature http://dlvr.it/T5QBTY Posted by : Mohit Kumar ( Hacker )

👩🏻‍💻 𝙰𝚛𝚌𝚑𝚒𝚟𝚒𝚘 𝚍�� 𝚜𝚝𝚛𝚞𝚖𝚎𝚗𝚝𝚒 𝚙𝚎𝚛 𝚌𝚢𝚋𝚎𝚛𝚜𝚎𝚌𝚞𝚛𝚒𝚝𝚢 𝚌𝚑𝚎 𝚖𝚒 𝚟𝚎𝚗𝚐𝚘𝚗𝚘 𝚌𝚘𝚗𝚜𝚒𝚐𝚕𝚒𝚊𝚝𝚒 𝚘 𝚌𝚒𝚝𝚊𝚝𝚒 𝚗𝚎𝚕 𝚝𝚎𝚖𝚙𝚘

AnyRun: cloud-based malware analysis service (sandbox).

Burp Suite: a proprietary software tool for security assessment and penetration testing of web applications. La community edition, gratis, contiene Burp Proxy and Interceptor (intercetta le richieste effettuate dal browser, consente modifiche on-the-fly e di modificare le risposte; utile per testare applicazioni basate su javascript), Burp Site Map, Burp Logger and HTTP History, Burp Repeater (consente di replicare e modificare le richieste effettuate, aggiungere parametri, rimuoverli, ecc), Burp Decoder, Burp Sequencer, Burp Comparer, Burp Extender (estensioni delle funzionalità di burpsuite, plugin specializzati per individuare bug specifici, automatizzare parte delle attività, ecc) e Burp Intruder (consente di iterare richieste con payload differenti e automatizzare attività di injection).

CyberChef: is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression and decompression of data, calculating hashes and checksums, IPv6 and X.509 parsing, changing character encodings, and much more.

DorkSearch: an AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.

FFUF: fast web fuzzer written in Go.

GrayHatWarfare: is a search engine that indexes publicly accessible Amazon S3 buckets. It helps users identify exposed cloud storage and potential security risks.

JoeSandbox: detects and analyzes potential malicious files and URLs on Windows, Mac OS, and Linux for suspicious activities. It performs deep malware analysis and generates comprehensive and detailed analysis reports.

Nikto: is a free software command-line vulnerability scanner that scans web servers for dangerous files or CGIs, outdated server software and other problems.

Nuclei: is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Owasp Zap: Zed Attack Proxy (ZAP) by Checkmarx is a free, open-source penetration testing tool. ZAP is designed specifically for testing web applications and is both flexible and extensible. At its core, ZAP is what is known as a “manipulator-in-the-middle proxy.” It stands between the tester’s browser and the web application so that it can intercept and inspect messages sent between browser and web application, modify the contents if needed, and then forward those packets on to the destination. It can be used as a stand-alone application, and as a daemon process.

PIA: aims to help data controllers build and demonstrate compliance to the GDPR. It facilitates carrying out a data protection impact assessment.

SecLists: is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

SQLMAP: is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Subfinder: fast passive subdomain enumeration tool.

Triage: cloud-based sandbox analysis service to help cybersecurity professionals to analyse malicious files and prioritise incident alerts and accelerate alert triage. It allows for dynamic analysis of files (Windows, Linux, Mac, Android) in a secure environment, offering detailed reports on malware behavior, including malicious scoring. This service integrates with various cybersecurity tools and platforms, making it a valuable tool for incident response and threat hunting. 

VirusTotal: analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.

Wayback Machine: is a digital archive of the World Wide Web founded by Internet Archive. The service allows users to go "back in time" to see how websites looked in the past.

Wapiti: allows you to audit the security of your websites or web applications. It performs "black-box" scans of the web application by crawling the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Once it gets the list of URLs, forms and their inputs, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

WPScan: written for security professionals and blog maintainers to test the security of their WordPress websites.

✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖

👩🏻‍💻𝚂𝚒𝚝𝚒-𝚕𝚊𝚋𝚘𝚛𝚊𝚝𝚘𝚛𝚒

flAWS: through a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS).

flAWS2: this game/tutorial teaches you AWS (Amazon Web Services) security concepts. The challenges are focused on AWS specific issues. You can be an attacker or a defender.

✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖✖

👩🏻‍💻𝙱𝚛𝚎𝚟𝚎 𝚕𝚒𝚜𝚝𝚊 𝚍𝚒 𝚜𝚒𝚝𝚒 𝚊𝚙𝚙𝚘𝚜𝚒𝚝𝚊𝚖𝚎𝚗𝚝𝚎 𝚟𝚞𝚕𝚗𝚎𝚛𝚊𝚋𝚒𝚕𝚒 𝚜𝚞 𝚌𝚞𝚒 𝚏𝚊𝚛𝚎 𝚎𝚜𝚎𝚛𝚌𝚒𝚣𝚒𝚘

http://testphp.vulnweb.com

OSSツールCommixを用いたOSコマンドインジェクションの検出と攻撃手法

Commixの基本設計とアーキテクチャ Commix（Command Injection…

Commix: Open-source OS command injection exploitation tool

http://securitytc.com/TJHcSK

La gravedad de la deficiencia es menor debido a que solo funciona si el atacante remoto puede autenticarse con éxito. Sin embargo, si no se han cambiado las credenciales predeterminadas asociadas con los enrutadores, podría provocar la ejecución de comandos del sistema operativo sin autenticación.

Critical PHP Flaw CVE-2024-4577 Causes Wave of Malware: Gh0st RAT, Cryptominers, and Botnets Within Hours

The Akamai Security Intelligence Response Team (SIRT) has issued a warning about the exploitation of a critical PHP vulnerability, CVE-2024-4577. Multiple threat actors are exploiting this flaw to deliver various malware families, including Gh0st RAT, RedTail crypto miners, and XMRig.

Rapid Exploitation Timeline

Akamai researchers observed exploit attempts targeting this PHP vulnerability on their honeypot network within 24 hours of its disclosure. This rapid exploitation underscores the ongoing trend of shrinking timelines between vulnerability disclosure and active attacks.

Understanding CVE-2024-4577

CVE-2024-4577 is a PHP-CGI OS Command Injection Vulnerability with a critical CVSS score of 9.8. The flaw resides in the Best-Fit feature of encoding conversion within the Windows operating system. Attackers can exploit this vulnerability to bypass protections for a previous flaw, CVE-2012-1823, using specific character sequences. Impact and Exploitation Successful exploitation allows attackers to execute arbitrary code on remote PHP servers through an argument injection attack. This can lead to complete control of vulnerable servers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-4577 to its Known Exploited Vulnerabilities (KEV) catalog, highlighting its severity.

Observed Malware Campaigns

Gh0st RAT Akamai detected attempts to deliver Gh0st RAT, an open-source remote access tool with a history spanning over 15 years. The malware exhibits various behaviors, including drive enumeration, peripheral queries, and registry access. RedTail Cryptominer A RedTail crypto mining operation was observed exploiting CVE-2024-4577 within days of its disclosure. The attack involves downloading and executing a shell script that retrieves the RedTail crypto-mining malware. Muhstik Botnet Researchers identified threat actors behind the Muhstik DDoS botnet exploiting this vulnerability. The botnet targets IoT devices and Linux servers for crypto mining and DDoS purposes, communicating via Internet Relay Chat. XMRig Campaign Another campaign abuses the exploit to deliver XMRig, a popular cryptocurrency mining software. The attack uses PowerShell to download and execute a script that sets up XMRig from a remote mining pool, followed by cleanup procedures for obfuscation.

Mitigation Strategies

Organizations are strongly advised to apply necessary patches promptly. Akamai customers using the Adaptive Security Engine in automatic mode with the Command Injection Attack group set to Deny have mitigations automatically enabled against these types of attacks. Specific Mitigation Rules For customers using Adaptive Security Engine in manual mode, Akamai recommends validating that the following rules are in Deny mode: - 969151 v1 — PHP Injection Attack (Opening Tag) - 959977 v1 — PHP Injection Attack (Configuration Override) - 3000155 v1 — CMD Injection Attack Detected (PHP/Data Filter Detected) - 3000171 v3 — Webshell/Backdoor File Upload Attempt

Ongoing Threat Landscape

The rapid exploitation of CVE-2024-4577 highlights the critical need for swift patching and robust security measures. Threat actors increasingly leverage automation tools to exploit vulnerabilities quickly, leaving defenders with minimal time to respond. As the cybersecurity landscape evolves, organizations must prioritize vulnerability management, implement strong security controls, and maintain vigilance against emerging threats targeting critical infrastructure like PHP servers. Read the full article

Learn C and C++ after 12th

C is a high level language and structured programming language that was originally developed by Dennis M. Ritchie to develop the UNIX operating system at Bell Labs. While C++ contains object oriented concepts which has so many advantages as compared to C lang.

C is very popular because of Reliability, Portability, Flexibility, Interactivity, and Modularity. While C++ mostly focus on objects, polymorphism, programming to interfaces and dependency injection.

C is very popular because of Reliability, Portability, Flexibility, Interactivity, and Modularity.

C is a middle level programming language. Main feature of C is we can divide programme into the smaller modules which increases efficiency of programme.

C contains following topics at TCCI:

Introduction to C, Basic Syntax, Token, Data Types and Variables, Constants, Literals, Storage class, Operators, Loop Controls, For Loop, While Loop, Do-While Loop, Decision Making, Arrays, String, Function, Pointer, Structure, Union, Type Casting, Recursion, Files, Command Line Argument.

C++ is a general-purpose programming language.

C++ contains object oriented concepts which has so many advantages. It is designed in terms of System Programming and Embedded system.

You can learn languages, arrays, strings, inheritance, constructors/destructors, exception handling, files, etc. C++ is totally based on ASCII characters. It works well on different platforms such as Windows, Linux, Mac OS X, Android, iOS. So you can run your C programs wherever you live.

C++ is a high-level programming language that can be treated as both a low-level language and a high-level language, useful for developing games and desktop applications, and low-level language features useful for writing kernels and drivers.

C++ contains following topics at TCCI:

Introduction to C++, Basic Syntax, Object Oriented Concept, Data Types and Variables, Constants, Literals, Modifiers, Operators, Loop Controls, Decision Making, Class Structure with Object, Function, Arrays, String, Inheritance, Constructor-Destructor, Exception Handling, Files etc…..

TCCI Computer classes provide the best training in online computer courses through different learning methods/media located in Bopal Ahmedabad and ISCON Ambli Road in Ahmedabad.

For More Information:

Call us @ +91 98256 18292

Visit us @ http://tccicomputercoaching.com

QNAP Warns of Critical Command Injection Flaws in QTS OS, Apps

The first vulnerability, tracked as CVE-2023-23368, allows remote attackers to execute commands via a network. The second vulnerability, identified as CVE-2023-23369, can also be exploited by remote attackers.

View On WordPress

Oracle WebLogic Server OS Command Injection Flaw Under Active Attack

Source: https://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html

More info: https://www.trendmicro.com/en_us/research/24/e/decoding-8220-latest-obfuscation-tricks.html

Description

An application is vulnerable to attack when:

User-supplied data is not validated, filtered, or sanitized by the application.

Dynamic queries or non-parameterized calls without context-aware escaping are used directly in the interpreter.

Hostile data is used within object-relational mapping (ORM) search parameters to extract additional, sensitive records.

Hostile data is directly used or concatenated. The SQL or command contains the structure and malicious data in dynamic queries, commands, or stored procedures.

The concept is identical among all interpreters of injection attacks (e.g. SQL, NoSQL, OS command, Object Relational Mapping (ORM), LDAP, and Expression Language (EL) or Object Graph Navigation Library (OGNL) injection)

Strongly encouraged automated testing of:

All parameters

Headers

URL

Cookies

JSON

SOAP

XML data inputs

Organizations can include:

Static (SAST)

Dynamic (DAST)

Interactive (IAST)

application security testing tools into the CI/CD pipeline to identify introduced injection flaws before production deployment.

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

The Hacker News : Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands. Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection. "It is possible for unauthenticated, remote http://dlvr.it/TD1HfJ Posted by : Mohit Kumar ( Hacker )

happy to help! i am… not very good at explaining tech stuff, but i will do my best, assuming that if you've got it installed you can use a desktop computer well enough, and hopefully some of it makes sense…

everything i learned and am using here is from the yt-dlp github documentation here, but i know it's a beast, so if i don't cover an option you want, it might be in there. also i use it on linux where i can just run "yt-dlp" from any folder and have it do its work in there (a folder for music, for essays, for video etc), if you're on windows with an executable, i suspect you'll have to run "yt-dlp.exe" in cmd instead; i've added subfolders to my example paths under that assumption that you can obviously mess with. the basic format is "yt-dlp -options https://youtubeurl.example/change_the_whole_url_here"

i'm also assuming that you've made some unlisted playlists on youtube (not private! or the program won't be able to scrape them), because you don't wanna be downloading one video at a time, and that you've given those playlists reasonably sensible titles. note that tumblr will add linebreaks, but the command is just all one line when you run it in a terminal. that said, here's 4 basic commands i use for my own use cases:

yt-dlp -x --audio-format mp3 --audio-quality 2 -o "music/%(playlist_title)s/%(channel)s %(title)s [%(id)s].%(ext)s" --restrict-filenames https://www.youtube.com/playlist?list=PLAYLIST_ID_HERE

this one is for downloading music, because there's a lot of stuff i listen to (wierd synth jams and remixes) that just aren't uploaded elsewhere, and everybody loves a good youtube to mp3 converter, so here's one that won't inject malware!

everything in the passed playlist will be downloaded as mp3. the -x option means it'll extract to audio only, no video. the next option encodes it properly into mp3. --audio-quality is how much it will compress it (0 is best, and 10 is worst), 2 here is good enough for my ears for music. the -o option does all the work for naming the file and putting it in a folder, based on the details of the video. the "%(word)s" is just scripting code that doesn't matter, as long as it's there, the bits around and inside it are what matter. the way its set up above is just my personal preference; everything will go into a folder titled "music", then a folder based on the playlist title you setup on youtube, then the file will be named with the youtube channel, video title, and the youtube video id will be inserted in square brackets (so that you can manually find the video again based on the filename if needed), then finally ext is just the file extension, mp3. finally, --restrict-filenames just converts any unusual unicode characters down to ascii and replaces spaces with underscores, to make sure the filnames appear sane to any music or video player you might pass the files to, regardless of filesystem or OS.

if i've lost you here with the -o option, i'd suggest to try running it on a small playlist with like 3 videos, and look at how the files are named compared to what's in the quote marks and the video details. you can then play around with it to get it setup how you like; i assume many people won't want the [%(id)s] bit, or with restrict-filenames, so you can snip them out. all the possible options you might want for -o are on the github page, under "output template".

next i'm showing an almost identical command most for illutration on how you can change -o and get a differently organised folder structure as a result, i use this for listenable stuff like video essays that i listen to to fall asleep:

yt-dlp -x --audio-format mp3 --audio-quality 8 -o "essays/%(channel)s/%(upload_date)s %(title)s [%(id)s].%(ext)s" --restrict-filenames https://www.youtube.com/playlist?list=PLAYLIST_ID_HERE

first of all, audio quality is lower (0 best, 10 worst) because it doesn't matter as much for voice as music, you can tweak to taste. the major difference is that in the -o option, channel is before a slash, and therefore it will create a different folder for each youtube channel in the playlist; so there's not one big mess of files. then inside each channel folder, the file will first have the upload date in ISO format, which means that sorting by filename will put them in upload order, useful for following anything in a series. then, video title, video id, and .mp3 at the end. btw the video id is the random-looking bit at the end of the URL on youtube after "watch?v=" that points to the actual video, "dQw4w9WgXcQ" for example.

next is the generic command i use for backing up videos, sorry it's 3rd down but i wanted to cover filenames earlier on:

yt-dlp --remux-video mp4 -S "height:480" -o "video/%(channel)s/%(upload_date)s %(title)s [%(id)s].%(ext)s" --restrict-filenames https://www.youtube.com/playlist?list=PLAYLIST_ID_HERE

so first, --remux-video will put it into the mp4 file container. i couldn't properly explain the difference between remuxing and reencoding if i tried, but i have sometimes found a video player will open a remuxed mp4 but not a webm file, and this doesn't affect filesize, so i use it. then, the -S option. in implementation it's used to sort through all the different video files youtube could possibly serve to you and pick which one to download and save. all the details are on the gihub under "sorting formats", but i've found that using the height option gives a decent filter on quality. 480p is good enough for my personal taste for offline backups, but i grew up in the torrented 200mb avi full movie era, so you might want higher. you could change the 480 to 720, 1080, or 2160 (for 4K) if you want, it's all about balancing quality with filesize, and thus backing up more. again, files will be sorted into folders for each channel, then ISO date, video name, id, and .mp4.

this last command i use is just a variant of the one above, but i have a different use case for it. rather than running it on a playlist i've made myself, i run it for already existing playlists on channels i watch a lot of. for example i like some grumpy letsplayers, and rather than having all their downloaded videos jumbled together in one folder, this command will create a folder for their channel, then extra subfolders for each playlist i run it on:

yt-dlp --remux-video mp4 -S "height:720" -o "video/%(channel)s/%(playlist_title)s/%(upload_date)s %(title)s [%(id)s].%(ext)s" --restrict-filenames https://www.youtube.com/playlist?list=PLAYLIST_ID_HERE

this way it keeps all the mario maker videos seperate from the kirby's dreamcourse videos, and so on, but still under a subfolder for that channel, with the same file format. i also upped the video size here to 720p, just to demonstrate what bit needs changing.

running these over and over again as you add new videos to download is probably going to be a pain in the arse, so you'll probably want to put them into a shell script (linux) or batch file (windows), or whatever mac does for this. on linux you can just paste and edit the command in a text editor, save as "example.sh", make executable in file properties, then run "./example.sh" in the terminal in the folder you want. on windows…. uhh, it's been a while and i've forgotten how to set up batch files correctly, but that's the search term you want to find out how. sorry mac people i got nothing.

worth noting is that for repeat runs of the same command, anything you've already downloaded will be skipped over, just downloading new things added to the playlist… as long as you've kept the -o option the same, and the video/channel title hasn't changed (at one point i had 12 copies of that tom scott video that keeps changing the title to include the viewcount…)

and one last thing! if you're making playlists on youtube for huge amounts of videos (my sleepy essays playlist is approaching 2000 videos), it will get awkward and clunky fast. i highly recommend using browswer extensions to make it easier, i use a firefox addon called "multiselect for youtube" by "pollux" to make it easier to batch add videos to playlists, and if you're not using firefox you should be. we're stealing from google here, not giving them our data (and yes, brave is built on chromium too)

so that's it. hopefully it's been somewhat helpful despite my bad explaining, there are definitely other options for batch downloading available, this is just the one i settled on as smoothest at my knowledge level and scale. if anyone has noticed an error or typo, oh gods please let me know ASAP incase this spreads and i can never correct it! otherwise have fun backing up stuff and getting around adblock, fuck google and alphabet, they should have lived by "don't be evil", and never rely on streaming or cloud storage for anything you don't want to lose!

youtube/google is getting much more aggressive about trying to shut down adblockers, part of which is them taking bullying legal action against a project called "invidious.io", which is an open source free frontend that can run in a browser or app and lets you watch youtube without ads and even all the google tracking analytics, sure would be a shame if lots more learned about such an option and started using it huh