leeguoo
Search
EN 中文 日本語

Hi, I'm leeguoo (Guo Li)

· Guo Li · full-stack developer ·

❯ Start Reading ❯ Membership
★ FEATURED posts/chatgpt-imagegen-web-backend.md + 1 min read
@leeguoo · Jun 22, 2026 · Article · public

Let Claude Code Automatically Generate Images with Your ChatGPT Subscription: No API Key, and How It Gets Around Turnstile

Let agents like Claude Code and Cursor generate images along the way when writing docs or READMEs, without an OPENAI_API_KEY, without paying extra, and using the ChatGPT subscription you already have. This article dissects the most interesting implementation path behind it: the web backend. Why you can’t just POST directly, why the real wall among the three layers of anti-scraping is the single-use Turnstile token, and the complete flow for driving your already-logged-in Chrome to generate images.
Reverse Engineering & Security

Reverse Engineering & Security

Reverse Engineering & Security

All →

Reversing a Continuously Hardened Target: Why Version Adaptation Is Getting Harder

With the same macOS IM client, each upgrade makes reverse engineering more costly. This is a record of the step up from a “hot update” to a “minor version,” and why the old path of purely scanning memory has collectively failed in newer versions: what can be reused across versions is never hardcoded coordinates, but structural invariants and dynamic observation.

Racing Against WeChat Versions: The Adaptation History of a Local Tool

Turning WeChat on macOS into a local interface for AI agents is not hardest the first time it works; the hard part is keeping it alive after WeChat updates again and again. This covers three generations of methods for obtaining the database key, how background message sending changed its routing approach, and why what truly carries across versions is the method for finding things, not any specific address.

From Soft Methods to Hard Patches — A Methodological Review of a macOS Mach-O Reverse Engineering Session

Methodological notes from an 8-hour macOS binary reverse engineering session — why soft methods fail, when you have to switch to hex patching, how Ghidra/lldb/llvm-objdump work together, and how a “killer patch” mindset can be used in offensive and defensive drills. No specific target is disclosed; this only covers methods, tools, and troubleshooting techniques.

Facing AI Audits: How Can You “Legalize” Your Reverse Engineering Project?

Examines a practical approach to handling decompilation projects by combining Claude Code and Gemini CLI, focusing on the challenge of ownership verification and resolving it through an automated sanitization process.

AI & Agent

AI & Agent

AI & Agents

All →

Letting an Agent Click Into Cross-Origin Iframes: How chrome-use Took On This Hard Problem

When connecting an AI agent to a browser, the hardest part isn’t opening pages. It’s the forms hidden inside cross-origin iframes: the agent can read them and fill them in, but it just can’t click “Save.” Here’s the story of how we tackled that hard problem.

iphone-use — Computer-use, but for the iPhone

An open-source agent control layer for a real iPhone: live browser remote + a see/act HTTP API for AI agents. Three input layers (Shortcut verbs / element tree / pixel fallback), clean CJK input, hardware-validated.

Is the `cache 4m23s` Line in the Status Bar Actually Accurate?

There’s a prompt-cache countdown line in the status bar I wrote for Claude Code. Where it anchors, how the formula works, and when it lies to you — let’s pull apart the source code alongside a real transcript.

Dissecting the Implementation of the /goal Command

Based on the Claude Code 2.1.139 headless source code, this breaks down how the /goal command drives the Agent to keep working until a condition is met through a session-level Stop hook.

$ ls -lh ./posts/ | head -4
Jun 18, 2026
-rw-r--r--
1 min read
Let Claude Code Draw the Image Itself: The Original Intention and Principles Behind chatgpt-imagegen
When an AI agent needs an image while working, the traditional path either requires an API key and money, or a human has to go to ChatGPT, generate the image, and paste it back—the agent can only get stuck waiting. chatgpt-imagegen lets the agent generate images itself using your existing ChatGPT subscription: no API key required, no Codex quota consumed by default, and support for image-to-image generation. This article explains its original intention, how its two backends work, and why it is designed for agents.
Jun 17, 2026
-rw-r--r--
1 min read
Letting an Agent Click Into Cross-Origin Iframes: How chrome-use Took On This Hard Problem
When connecting an AI agent to a browser, the hardest part isn’t opening pages. It’s the forms hidden inside cross-origin iframes: the agent can read them and fill them in, but it just can’t click “Save.” Here’s the story of how we tackled that hard problem.
Jun 16, 2026
-rw-r--r--
1 min read
Reversing a Continuously Hardened Target: Why Version Adaptation Is Getting Harder
With the same macOS IM client, each upgrade makes reverse engineering more costly. This is a record of the step up from a “hot update” to a “minor version,” and why the old path of purely scanning memory has collectively failed in newer versions: what can be reused across versions is never hardcoded coordinates, but structural invariants and dynamic observation.
Jun 12, 2026
-rw-r--r--
1 min read
Racing Against WeChat Versions: The Adaptation History of a Local Tool
Turning WeChat on macOS into a local interface for AI agents is not hardest the first time it works; the hard part is keeping it alive after WeChat updates again and again. This covers three generations of methods for obtaining the database key, how background message sending changed its routing approach, and why what truly carries across versions is the method for finding things, not any specific address.
 $ ls ./archives/ · 8+ entries →