Monday, 22 May 2017

The Next Big Brother - Amazon

This my rant on Amazon and how it sucks big time. An interesting episode is going on between Amazon and me. I have an AWS EC2 instance and related services running with the same account that I use for purchases and Amazon Prime Video. A big mistake. Now they have locked the account. All of it is locked. No AWS, no prime video and no purchases with the account possible. Luckily I do not have any serious business in AWS. Just for personal VPN and stuffs like that. So I have this IKEv2 VPN setup at EU (London) region which I am using and I am connected to this account with IP 52.56.56.129 and made a purchase on Amazon as usual, but this time with the VPN, which I forgot to disconnect (or why should I even disconnect? Still pondering). Then, my bank called me asking that have you made a purchase using the credit card and some authorisation details and such which I confirmed. The bank authorised the payment. After a while, I got the below message from Amazon.

Hello,

We have removed your access to this account because we could not confirm your payment information. You will not be able to access your account or place orders with us until we confirm your information.

To resolve this matter, please send the information below to our secure fax line:

-- A copy of your statement for your MASTER CARD ending in 31, including the billing address
-- Your name, phone number, and the email address registered to your Amazon account

You can find our fax number on the Amazon.in Help page:
www.amazon.in/help/addressverification

We will convert your fax to a secure electronic image. To protect your information, we restrict access to your payment information to a team of account specialists.

Our Customer Service team can confirm that we sent this email, but they cannot view your fax or share more information about this matter.

You can expect a response from us within 24 hours of sending your fax.

We ask that you not open new accounts because any new order that you place may be delayed.

Sincerely,

Faizan Shariff
Account Specialist
http://www.amazon.in
=========================


What business does Amazon have to peek into my credit card transactions? Now this is what fraud looks like! So I asked what information are they not able to verify and I have no reply. Considering these drama, I have mentioned my IPs used to make purchase, sent emails during this period to them. Not sure they grok any of these. Another thing is I have yandex.ru as the mail Id and then the webmail sends mails from yandex.com an alias, which leads to another source of confusion for these idiots. It's like Russia? Oh, fraud. Suckers. Now I am like, you want to verify my identity, come to my address given in the website or send me an encrypted email using the PGP key and I am not sending my card statements, not going to happen. I am pissed and called my bank and asked to mark the transaction as invalid and block the card, which they did. But I use this as my backup card, but hey my bank is awesome! Now Amazon is obliged to refund. It is as if I have purchased the whole world from their website. If the bank, the payment gateway, the OTP from MasterCard, the phone call from banker and all passes and verifies, think about the Amazon's fraud detection algorithm in place. IP address check? Gosh! So lame. And I even have 2FA with TOTP in my account. Did not think Amazon is running on such flaky algorithm and idiots verifying these. I was considering about moving all my stuffs to AWS, which would have been a disaster, considering how they handle matters.

Updates
23.05.17
• Amount reversed by Amazon back to the card.
• Password reset mail received, but after reset, the system does not accept the login as it says wrong password and I can no longer access AWS from UI
• Account termination requested (no response, yet)

24.05.17
My main card is also linked (as a backup) with AWS billing and Amazon is not terminating my account or providing me access to my account. They are like, we won't give you access unless you give me your card statement to us. Nice! Now they can bill me, even if I stop the instance. Blocked that card as well. Now Amazon is forced to shutdown the account or else, I got free EC2 instance. Not exciting anymore for me anyway. I still have remote access to the server. Thinking what to do with it now as I assume it will be monitored after this incident.

But finally, some peace and no more business with Amazon ever again in my life.

Friday, 12 May 2017

BlackBerry Passport MicroSDXC Card Support

BlackBerry Passport supports microSD cards upto 128GB. microSDXC cards can also be used with it. However, BlackBerry 10 recognises only FAT formatted external partitions and these cards comes mostly with ExFAT. So the device will show that the media card is not supported and is downloading drivers, but it will fail with an error. To fix this, erase the card and choose FAT as the partition format. Then the OS will recognise the microSDXC card.

Monday, 8 May 2017

Get RSA PublicKey from XML Key Format

Here is a script (prototype) in Groovy to get RSA PublicKey from XML public key. You might encounter such XML keys, say during .NET interop.
import javax.xml.parsers.DocumentBuilder
import javax.xml.parsers.DocumentBuilderFactory
import org.w3c.dom.Document
import java.nio.charset.StandardCharsets
import java.security.spec.RSAPublicKeySpec
import java.security.KeyFactory
import java.security.PublicKey

def rsaPubXML = "ANxn+vSe8nIdRSy0gHkGoJQnUIIJ3WfOV7hsSk9An9LRafuZXYUMB6H5RxtWFm72f7nPKlg2N5kpqk+oEuhPx4IrnXIqnN5vwu4Sbc/w8rjE3XxcGsgXUams3wgiBJ0r1/lLCd6a61xRGtj4+Vae+Ps3mz/TdGUkDf80dVek9b9VAQAB"
def docBuilderFactory = DocumentBuilderFactory.newInstance()
def docBuilder = docBuilderFactory.newDocumentBuilder()

def b64Decode(enc) {
    Base64.getDecoder().decode(enc)
}

Document xmlDoc = docBuilder.parse(new ByteArrayInputStream(rsaPubXML.getBytes(StandardCharsets.UTF_8)))

def modulus = xmlDoc.getElementsByTagName("Modulus").item(0).textContent
def exponent = xmlDoc.getElementsByTagName("Exponent").item(0).textContent
println "modulus: ${modulus}\nexponent: ${exponent}"

RSAPublicKeySpec keySpec = new RSAPublicKeySpec(new BigInteger(b64Decode(modulus)), new BigInteger(b64Decode(exponent)));
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey key = keyFactory.generatePublic(keySpec);

println "key: ${key}"
This gives the following output.
modulus: ANxn+vSe8nIdRSy0gHkGoJQnUIIJ3WfOV7hsSk9An9LRafuZXYUMB6H5RxtWFm72f7nPKlg2N5kpqk+oEuhPx4IrnXIqnN5vwu4Sbc/w8rjE3XxcGsgXUams3wgiBJ0r1/lLCd6a61xRGtj4+Vae+Ps3mz/TdGUkDf80dVek9b9V
exponent: AQAB
key: Sun RSA public key, 1024 bits
  modulus: 154774478177095248394968828543369801032226937226535865231262824893513573019304152154974259955740337204606655133945162319470662684517274530901497375379716962851415879364453962123395223899051919634994929603613704222239797911292193776910691509004328773391280872757318122152217457361921195935350223751896771182421
  public exponent: 65537
Note that the modulus must be a positive integer. If you are working with other JVM languages and are getting a negative integer value, specify the signum as 1 in the BigInteger(1, b64Decode(modulus)) function call. The exponent must always be 65537 as of now because that is the largest Fermat's Prime known today.

Sunday, 30 April 2017

Base64 macOS App Release

Released v1.0 of Base64 macOS app. It is a simple app for encoding and decoding base64 texts. It will encode texts as we type or paste. This program does not access any files or network and works offline. It is sandboxed as well.

Encode screen

Decode screen

Source code at GitHub. For downloads, check the release folder.

Saturday, 29 April 2017

Working with AppKit Delegates

Delegates are responders that acts to events that occurs in a program. AppKit delegates often work with Cocoa UI events. Here we will see two examples of handling events, one for NSTextField and another for NSTextView in conjunction with Interface Builder, rather than programatically.

1. Create a macOS Cocoa project from Xcode which will generate an AppDelegate and a ViewController as usual.
2. We will make the ViewController as the delegate to respond to events. For that we need to declare that the ViewController adopts the formal protocol defined by the delegates.
@interface ViewController : NSViewController<NSTextViewDelegate, NSTextFieldDelegate> {
3. Choose the Main.storyboard and choose the View Controller Scene, drag and drop Text View and Text Field components.
4. Choose the Text View from the Document Outline of the View Controller Scene, option click, and in the popup, connect the delegate outlet to the View Controller. Same for Text Field.

5. Now, in the ViewController.h header, declare two IBOutlets which will connect the components in the storyboard to the code.
@interface ViewController : NSViewController<NSTextViewDelegate, NSTextFieldDelegate> {
    IBOutlet NSTextView *textView;
    IBOutlet NSTextField *textField;
}
Since these interface builder outlets are not connected yet, the radio box is in unchecked state.
6. Go back to the interface builder (the storyboard file), choose Text View, option click, drag and connect the New Referencing Outlet to View Controller which brings the above IBOutlets. Choose textView to make the connection. Do the same for Text Field, but here we should choose textField as the referencing outlet.


7. Back to code, open ViewController.m implementation file and implement any of the delegated methods.
#pragma mark - delegates

/* NSTextView */
- (void)textDidChange:(NSNotification *)notification {
    NSLog(@"text did change");
    textView = [notification object];
    NSLog(@"string: %@", [textView string]);
}

/* NSTextField */
- (void)controlTextDidChange:(NSNotification *)obj {
    NSLog(@"control text did changed");
    textField = [obj object];
    NSLog(@"text: %@", [textField stringValue]);
}
The above methods are invoked when the text in a text view or text field changes. The same concept extends to Cocoa Touch and iOS development.

The sample project can be downloaded from github.

Wednesday, 26 April 2017

Call blocking in BlackBerry 10 for a known number

We do not need fancy app to block calls. By default, BB10 has option to block all incoming calls or none. Not individually. But there is a better way. Ideally, we should not be blocking calls, because the caller can identify that a call has been blocked or not. It will ring once and then get busy or some other tones. Better way is to just disable all notifications for a number. For that, first save the annoying number to your contacts and in the "Ringtones and Notifications" option for that contact, choose "Phone Calls" and turn off "All Notifications". That is all there is. Now the call gets received, but you would not know unless you look at the phone. No disturbance.

Monday, 17 April 2017

Slack for BlackBerry 10

There is no official Slack app for BlackBerry 10. Also, if we open a slack channel on the native BlackBerry 10 browser, it just takes to the team settings page. I have figured ways to make it work though, which in fact is quite simple. Quick way is to enable desktop mode in the BB10 browser and then channels load instead of seeing the settings page for the team. But it's not at all user friendly and unsupported browser message will be shown.

Another way is to install the Slack app for Android by sideloading the apk file. This works fine when the team uses email for login. But, when it's configured for SSO only, then we have to follow additional steps. The native browser can open apps that have deep linking registered. Slack does not seem to have this. In order to make this work, we need to use a browser which also runs on the Android runtime. So get the Aurora Browser installed, open the Slack app, choose SSO sign in and this time choose Aurora browser when the dialog pops up. After authentication, a page will be shown with a Download Slack app or Open in Slack app buttons. Choose the later and the Slack app launches, and you get logged in to the team. Enjoy all the awesomeness of the Android Slack app.

I have not checked whether notifications will get received. But I doubt that. So if you don't receive it, you can choose the send email notifications when away for five minutes option from the team settings. Though there is a slight delay in you getting notified, the problem is solved.

I have tried S10 app from BlackBerry World, but for some reasons, I don't get any notifications. Plus the app is rather minimal with text only interface. Kind of have an IRC feel to it.

2FA with SAP Authenticator for BlackBerry 10

The search for a decent 2FA app for BlackBerry 10 is over. SAP Authenticator works perfectly on BlackBerry 10 devices. This is a generic 2FA app and is not tied to any service like Duo Mobile for BlackBerry 10. As in Android, this app requires Barcode Scanner to be installed as well. Instead of Google Authenticator you can use this. It can be used for any 2FA that uses TOTP (Time-based OTP). Happy camper!

Tip: When a website provides options for 2FA app, choose Android as the platform which will display the QR code. Choosing BlackBerry will give the secret key which we have to enter in manually in the SAP Authenticator app for setup rather than scanning a QR code.

Sunday, 16 April 2017

youtube-dl for Muxing Streams

Let's say we need to download videos from youtube with the highest audio and video quality. Sometimes, the combination is not available with most downloaders. But youtube-dl can download separate audio and video streams and mux them together. Here are some commands to do that.
# List all available streams for a video
➜ youtube-dl -F "https://www.youtube.com/watch?v=abcd1234"
Outputs
[youtube] abcd1234: Downloading webpage
[youtube] abcd1234: Downloading video info webpage
[youtube] abcd1234: Extracting video information
[youtube] abcd1234: Downloading js player en_US-vfl5-0t5t
[youtube] abcd1234: Downloading js player en_US-vfl5-0t5t
[info] Available formats for abcd1234:
format code  extension  resolution note
249          webm       audio only DASH audio   56k , opus @ 50k, 1.52MiB
250          webm       audio only DASH audio   84k , opus @ 70k, 2.10MiB
171          webm       audio only DASH audio  126k , vorbis@128k, 3.36MiB
140          m4a        audio only DASH audio  127k , m4a_dash container, mp4a.40.2@128k, 3.69MiB
251          webm       audio only DASH audio  161k , opus @160k, 4.03MiB
278          webm       256x144    144p  101k , webm container, vp9, 13fps, video only, 2.41MiB
160          mp4        256x144    144p  112k , avc1.4d400c, 25fps, video only, 3.19MiB
242          webm       426x240    240p  140k , vp9, 25fps, video only, 2.34MiB
243          webm       640x360    360p  234k , vp9, 25fps, video only, 3.98MiB
133          mp4        426x240    240p  248k , avc1.4d4015, 25fps, video only, 7.13MiB
134          mp4        640x360    360p  254k , avc1.4d401e, 25fps, video only, 6.49MiB
244          webm       854x480    480p  355k , vp9, 25fps, video only, 6.22MiB
135          mp4        854x480    480p  559k , avc1.4d401e, 25fps, video only, 13.74MiB
247          webm       1280x720   720p  601k , vp9, 25fps, video only, 11.70MiB
136          mp4        1280x720   720p 1171k , avc1.4d401f, 25fps, video only, 28.41MiB
248          webm       1920x1080  1080p 1220k , vp9, 25fps, video only, 23.32MiB
137          mp4        1920x1080  1080p 2258k , avc1.640028, 25fps, video only, 57.07MiB
17           3gp        176x144    small , mp4v.20.3, mp4a.40.2@ 24k
36           3gp        320x180    small , mp4v.20.3, mp4a.40.2
43           webm       640x360    medium , vp8.0, vorbis@128k
18           mp4        640x360    medium , avc1.42001E, mp4a.40.2@ 96k
22           mp4        1280x720   hd720 , avc1.64001F, mp4a.40.2@192k (best)
➜
We can see that the highest quality video is 137 with 1080p 2258k and audio is 251 with 161k. But these are video only and audio only streams. Let's combine them.
➜ youtube-dl -f 137+251 "https://www.youtube.com/watch?v=abcd1234"
It will pick a compatible format when merging. If mp4 doesn't work it gets converted into mkv mostly.

Install BlackBerry Blend/Link under macOS Sierra

The installer Install BlackBerry 10 Desktop Software.app inside the BlackBerry 10 Desktop Software_1.2.0.58_B60.dmg image for BlackBerry Link/Blend does not start the installer under macOS Sierra. Running the binary inside the installer .app directly gives the following error:
➜  ~ /Volumes/BlackBerry\ 10\ Desktop\ Software/Install\ BlackBerry\ 10\ Desktop\ Software.app/Contents/MacOS/Install\ BlackBerry\ 10\ Desktop\ Software ; exit;
/Library/LaunchAgents/com.rim.BBLaunchAgent.plist: Could not find specified service
/Library/LaunchDaemons/com.rim.BBDaemon.plist: Could not find specified service
However under the Resources folder of the package content there is BlackBerry Blend.pkg installer. Running it brings up the installer window and the installation succeeds and everything works fine ever after.

Sunday, 2 April 2017

Fun with Hopper on OS X

It has be a while that I touched any assembly code. So I thought I will refresh, and have some fun while at it. Hopper is a disassembler for macOS. It has call flow graphs and pseudo code as in IDA Pro. Another awesome thing is the themes, which adds a modern touch, and is easy to use. Btw., I don't really use IDA Pro. This is more about using Hopper for disassemble and patching Mac OS X binaries. For that I will choose a real app. There was a case where I had to downgrade iTunes once. For that I had to use AppZapper. AppZapper is a paid software. When you open it you can see the nag screen. But removing the nag is simple.



Open the app in Hopper. The AppZapper package has only one binary file AppZapper. Proceed with the default choices, i.e., for the package the loader is FAT archive x86-64 bit and for the executable it is Mach-O 64 bits. It shows the entry point procedure at address 0000000100000f60. Before proceeding, enable "Show the HEX column" to easily see the hex of the instruction set, like in OllyDbg.

Now from the left symbols panel, under Proc. choose -[AZAppController applicationDidFinishLaunching:] the idx of which is 88. Alternatively you can directly go to the address of the proc at 000000010000a250. Choose the pseudo code mode from the toolbar to get an idea of what is happening.



What it does is that it loads the AZRegistrationWindowController and calls the validateExistingRegistrationInformation method whose return value is in rax register. Then it takes the lower bytes of the ax register and performs a bitwise and (the test instruction). If the result is 0, means al is 0, then the zero flag (ZF) is set. If zero flag is not set, then do a local jump to the address at loc_10000a6ac which is at 000000010000a6ac. What we need to do is to take that branch which will then skip loading the AZRegistrationWindowController window. To do that we need to change the jne instruction to je. So the easy way is to click on the jne line and click the hex mode, which will highlight the instruction. The hex for jne/jnz instruction is 85 and hex for je/jz is 84. So double click 85 in instruction 0F 85 FC 02 00 00 and replace it with 84. Go back to asm mode and you can see the updated instruction. Only that it is shown in bytes (db).



Now we need to export the binary. From File menu choose "Produce new executable" and save as AppZapper. Go to applications, control click AppZapper and choose "Show Package Contents" and navigate to MacOS. Now replace the executable with the patched one. If you want to preserve the original then, rename that to something else and copy the patched one as AppZapper. Open the app, and we are no more greeted with the nag screen!

But hey, we still got to register and have only 5 zaps, so we will have to purchase if we need to continue using :). The register option is available from the menu.

Thursday, 9 March 2017

Cancel future With Interrupt Check in Clojure

A snippet for future-cancel with interrupt check. Call this instead of calling future directly.
(defmacro int-future
  [& body]
  `(future (when (not (Thread/interrupted)) ~@body)))

Sunday, 26 February 2017

LinkedIn Has No Proper Privacy Control for Media

If your LinkedIn profile was public before and then you disabled your public profile, your profile picture is still accessible without having to login to LinkedIn. It is not just a caching issue as it is still available from CDN for months after the profile is being made private. The images are loaded from media.licdn.com and will be indexed by Google. Even if you delete your profile picture, the previous one is still accessible from the CDN. When I contacted LinkedIn support for content removal, the person told that media.licdn.com is not associated with LinkedIn and I will have to remove it myself and from the search engine which indexed it. The funny thing being that the domain certificate shows LinkedIn Corporation as the organisation. The whois also has LinkedIn in it. 😜
Update: I had it removed from Google search using Webmasters already. LinkedIn removed the image. Yay!

Wednesday, 18 January 2017

PGP on BlackBerry 10

In BlackBerry 10, there is an option for importing PGP keys under Security & Privacy. But to import the secret keys exported by GnuPG, you need to append the public key in the exported private key armored file. Then PGP will import fine. As per the documentation, you will be able to encrypt, decrypt from hub if you have active sync or Lotus Notes. So for personal keys with IMAP account, a great alternative is to sideload OpenKeychain android app. Import your exported .asc private key. To decrpyt a received email, copy the content, tap share and choose decrypt. Similarly, you can encrypt and share. Unfortunately there is no direct hub integration. Quick UI tip for Passport, swipe down from top and tap Size. Choose Zoomed out Full Screen option (middle one) for better experience. Most android apps looks great with this option.

Tuesday, 17 January 2017

Updating Gmail Password on BlackBerry 10

To my surprise, I am not able to update the gmail account password on my BlackBerry 10 device. Figured that if you choose the default setup where the hub does all the configuration, there won't be any options to edit the server settings or passwords later on. So if you intend to change passwords later on, then you should choose the advanced option and choose IMAP account. Key in the details manually, and you will be able to update the password if required. And for the current setup, you will have to delete the account from the device and add it again using the above method.

Saturday, 7 January 2017

EBNF Grammer for Parsing Chrome Bookmarks

The bookmarks html exported by Chrome is not a valid html. It has different rules with a different DTD. Here is an ANTLR 4 grammar for parsing the bookmarks with support for unicode characters in bookmark names.
grammar Bookmarks;
 
document : prolog? misc* meta* misc* dl misc*;

prolog : DTD;

misc 
    : COMMENT 
    | S
    ;

meta 
    : '<' TEXT '>' TEXT '</' TEXT '>'
    | '<' TEXT attribute* '>'
    ;

dl : '<' TEXT '><' TEXT '>' misc* dt* misc* '</' TEXT '><' TEXT '>';

dt 
    : '<' TEXT '><' tag attribute* '>' content '</' tag '>' 
    | '<' TEXT '><' tag attribute* '></' tag '>'
    | dl
    ;

attribute 
    : attributeName '=' attributeValue 
    | S
    ;

tag 
    : H3 
    | TEXT
    ;

attributeName : TEXT;

attributeValue : VAL;

content : TEXT+;

DTD : '<!'.*?'>';

COMMENT : '<!--' .*? '-->' S;

H3 : 'H3';

VAL : '"'.*?'"';

TEXT : [A-Za-z0-9:\/\.@\-_;\s*]+ | NameChar+;

fragment
NameChar
    : NameStartChar
    | '0'..'9'
    | '_'
    | '\u00B7'
    | '\u0300'..'\u036F'
    | '\u203F'..'\u2040'
    ;

fragment
NameStartChar
    : 'A'..'Z' | 'a'..'z'
    | '\u00C0'..'\u00D6'
    | '\u00D8'..'\u00F6'
    | '\u00F8'..'\u02FF'
    | '\u0370'..'\u037D'
    | '\u037F'..'\u1FFF'
    | '\u200C'..'\u200D'
    | '\u2070'..'\u218F'
    | '\u2C00'..'\u2FEF'
    | '\u3001'..'\uD7FF'
    | '\uF900'..'\uFDCF'
    | '\uFDF0'..'\uFFFD'
    ;

S : [ \t\r\n]+ -> skip;

The exported bookmarks sample.
<!DOCTYPE NETSCAPE-Bookmark-file-1>
<!-- This is an automatically generated file.
     It will be read and overwritten.
     DO NOT EDIT! -->
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
<TITLE>Bookmarks</TITLE>
<H1>Bookmarks</H1>
<DL><p>
    <DT><H3 ADD_DATE="1481473849" LAST_MODIFIED="1481473992" PERSONAL_TOOLBAR_FOLDER="true">Bookmarks bar</H3>
    <DL><p>
        <DT><H3 ADD_DATE="1481473866" LAST_MODIFIED="1481473967">Test 1</H3>
        <DL><p>
            <DT><A HREF="https://encrypted.google.com/" ADD_DATE="1481473884" ICON="">Google</A>
            <DT><A HREF="https://yandex.ru/" ADD_DATE="1481473892" ICON="">Яндекс</A>
            <DT><A HREF="http://example.com/" ADD_DATE="1481473954">Example Domain</A>
        </DL><p>
        <DT><H3 ADD_DATE="1481473872" LAST_MODIFIED="1481473980">Test 2</H3>
        <DL><p>
            <DT><A HREF="https://duckduckgo.com/" ADD_DATE="1481473902" ICON="">DuckDuckGo</A>
            <DT><A HREF="https://clojure.news/" ADD_DATE="1481473936" ICON="">Clojure News</A>
            <DT><A HREF="http://example.com/" ADD_DATE="1481473955">Example Domain</A>
        </DL><p>
        <DT><A HREF="https://yandex.ru/" ADD_DATE="1481473893" ICON="">Яндекс</A>
        <DT><A HREF="http://www.echojs.com/" ADD_DATE="1481473986" ICON=""></A>
        <DT><A HREF="https://clojure.news/" ADD_DATE="1481473992" ICON=""></A>
        <DT><H3 ADD_DATE="1481474004" LAST_MODIFIED="1481477692">Test 3</H3>
        <DL><p>
            <DT><A HREF="https://encrypted.google.com/" ADD_DATE="1481474004" ICON="">Google</A>
            <DT><A HREF="https://duckduckgo.com/" ADD_DATE="1481474004" ICON="">DuckDuckGo</A>
            <DT><A HREF="https://clojure.news/" ADD_DATE="1481474004" ICON="">Clojure News</A>
            <DT><H3 ADD_DATE="1481477681" LAST_MODIFIED="1481477681">Test 4</H3>
            <DL><p>
                <DT><A HREF="https://clojure.news/" ADD_DATE="1481477681" ICON="">Clojure News</A>
                <DT><A HREF="https://news.ycombinator.com/" ADD_DATE="1481477681" ICON="">Hacker News</A>
                <DT><A HREF="http://example.com/" ADD_DATE="1481477681">Example Domain</A>
            </DL><p>
            <DT><A HREF="https://news.ycombinator.com/" ADD_DATE="1481474004" ICON="">Hacker News</A>
            <DT><A HREF="http://example.com/" ADD_DATE="1481474004">Example Domain</A>
        </DL><p>
    </DL><p>
</DL><p>
clj-antlr library can be used to get the parse tree out of the grammer. Snippet to get the parse tree below. Use compiled version of the grammar for better performance.
(def bm (antlr/parser "/home/kadaj/dev/clojure/bookmarks-parser/grammar/Bookmarks.g4"))
(pprint (bm (slurp "/home/kadaj/dev/clojure/bookmarks-parser/resources/bookmarks.html")))
Which produces the following parse tree.
(:document
 (:prolog "")
 (:misc
  "\n")
 (:meta
  "<"
  "META"
  (:attribute
   (:attributeName "HTTP-EQUIV")
   "="
   (:attributeValue "\"Content-Type\""))
  (:attribute
   (:attributeName "CONTENT")
   "="
   (:attributeValue "\"text/html; charset=UTF-8\""))
  ">")
 (:meta "<" "TITLE" ">" "Bookmarks" "")
 (:meta "<" "H1" ">" "Bookmarks" "")
 (:dl
  "<"
  "DL"
  "><"
  "p"
  ">"
  (:dt
   "<"
   "DT"
   "><"
   (:tag "H3")
   (:attribute
    (:attributeName "ADD_DATE")
    "="
    (:attributeValue "\"1481473849\""))
   (:attribute
    (:attributeName "LAST_MODIFIED")
    "="
    (:attributeValue "\"1481473992\""))
   (:attribute
    (:attributeName "PERSONAL_TOOLBAR_FOLDER")
    "="
    (:attributeValue "\"true\""))
   ">"
   (:content "Bookmarks" "bar")
   "")
  (:dt
   (:dl
    "<"
    "DL"
    "><"
    "p"
    ">"
    (:dt
     "<"
     "DT"
     "><"
     (:tag "H3")
     (:attribute
      (:attributeName "ADD_DATE")
      "="
      (:attributeValue "\"1481473866\""))
     (:attribute
      (:attributeName "LAST_MODIFIED")
      "="
      (:attributeValue "\"1481473967\""))
     ">"
     (:content "Test" "1")
     "")
    (:dt
     (:dl
      "<"
      "DL"
      "><"
      "p"
      ">"
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://encrypted.google.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481473884\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "Google")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://yandex.ru/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481473892\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "Яндекс")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"http://example.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481473954\""))
       ">"
       (:content "Example" "Domain")
       "")
      "<"
      "p"
      ">"))
    (:dt
     "<"
     "DT"
     "><"
     (:tag "H3")
     (:attribute
      (:attributeName "ADD_DATE")
      "="
      (:attributeValue "\"1481473872\""))
     (:attribute
      (:attributeName "LAST_MODIFIED")
      "="
      (:attributeValue "\"1481473980\""))
     ">"
     (:content "Test" "2")
     "")
    (:dt
     (:dl
      "<"
      "DL"
      "><"
      "p"
      ">"
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://duckduckgo.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481473902\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "DuckDuckGo")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://clojure.news/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481473936\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "Clojure" "News")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"http://example.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481473955\""))
       ">"
       (:content "Example" "Domain")
       "")
      "<"
      "p"
      ">"))
    (:dt
     "<"
     "DT"
     "><"
     (:tag "A")
     (:attribute
      (:attributeName "HREF")
      "="
      (:attributeValue "\"https://yandex.ru/\""))
     (:attribute
      (:attributeName "ADD_DATE")
      "="
      (:attributeValue "\"1481473893\""))
     (:attribute (:attributeName "ICON") "=" (:attributeValue "\"\""))
     ">"
     (:content "Яндекс")
     "")
    (:dt
     "<"
     "DT"
     "><"
     (:tag "A")
     (:attribute
      (:attributeName "HREF")
      "="
      (:attributeValue "\"http://www.echojs.com/\""))
     (:attribute
      (:attributeName "ADD_DATE")
      "="
      (:attributeValue "\"1481473986\""))
     (:attribute (:attributeName "ICON") "=" (:attributeValue "\"\""))
     ">")
    (:dt
     "<"
     "DT"
     "><"
     (:tag "A")
     (:attribute
      (:attributeName "HREF")
      "="
      (:attributeValue "\"https://clojure.news/\""))
     (:attribute
      (:attributeName "ADD_DATE")
      "="
      (:attributeValue "\"1481473992\""))
     (:attribute (:attributeName "ICON") "=" (:attributeValue "\"\""))
     ">")
    (:dt
     "<"
     "DT"
     "><"
     (:tag "H3")
     (:attribute
      (:attributeName "ADD_DATE")
      "="
      (:attributeValue "\"1481474004\""))
     (:attribute
      (:attributeName "LAST_MODIFIED")
      "="
      (:attributeValue "\"1481477692\""))
     ">"
     (:content "Test" "3")
     "")
    (:dt
     (:dl
      "<"
      "DL"
      "><"
      "p"
      ">"
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://encrypted.google.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481474004\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "Google")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://duckduckgo.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481474004\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "DuckDuckGo")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://clojure.news/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481474004\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "Clojure" "News")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "H3")
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481477681\""))
       (:attribute
        (:attributeName "LAST_MODIFIED")
        "="
        (:attributeValue "\"1481477681\""))
       ">"
       (:content "Test" "4")
       "")
      (:dt
       (:dl
        "<"
        "DL"
        "><"
        "p"
        ">"
        (:dt
         "<"
         "DT"
         "><"
         (:tag "A")
         (:attribute
          (:attributeName "HREF")
          "="
          (:attributeValue "\"https://clojure.news/\""))
         (:attribute
          (:attributeName "ADD_DATE")
          "="
          (:attributeValue "\"1481477681\""))
         (:attribute
          (:attributeName "ICON")
          "="
          (:attributeValue "\"\""))
         ">"
         (:content "Clojure" "News")
         "")
        (:dt
         "<"
         "DT"
         "><"
         (:tag "A")
         (:attribute
          (:attributeName "HREF")
          "="
          (:attributeValue "\"https://news.ycombinator.com/\""))
         (:attribute
          (:attributeName "ADD_DATE")
          "="
          (:attributeValue "\"1481477681\""))
         (:attribute
          (:attributeName "ICON")
          "="
          (:attributeValue "\"\""))
         ">"
         (:content "Hacker" "News")
         "")
        (:dt
         "<"
         "DT"
         "><"
         (:tag "A")
         (:attribute
          (:attributeName "HREF")
          "="
          (:attributeValue "\"http://example.com/\""))
         (:attribute
          (:attributeName "ADD_DATE")
          "="
          (:attributeValue "\"1481477681\""))
         ">"
         (:content "Example" "Domain")
         "")
        "<"
        "p"
        ">"))
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"https://news.ycombinator.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481474004\""))
       (:attribute
        (:attributeName "ICON")
        "="
        (:attributeValue "\"\""))
       ">"
       (:content "Hacker" "News")
       "")
      (:dt
       "<"
       "DT"
       "><"
       (:tag "A")
       (:attribute
        (:attributeName "HREF")
        "="
        (:attributeValue "\"http://example.com/\""))
       (:attribute
        (:attributeName "ADD_DATE")
        "="
        (:attributeValue "\"1481474004\""))
       ">"
       (:content "Example" "Domain")
       "")
      "<"
      "p"
      ">"))
    "<"
    "p"
    ">"))
  "<"
  "p"
  ">"))