#general

is there anyone who knows fortresses very well
what should i do after akerva, they said akerva is easiest.

is this still active or nope

i don't think any track is active

I thought I was gonna get something

i know the game fortress S on playstation

other than that i can build fortresses with pillows

what did u get whern u clicked that button

same thing when solved a machine

for some reason i understood C language very easily

It's like blocks are clicking together in my brain

this is my reward

🎉

do they give any candy?

hell yeah

Where in the world do i do this

I want candy too

you can not do this

probably not i click on phishing links and end up putting my credentials if it looks legit enough

i gave my info to some nigerian prince

and now i'm logged out of my instagram account

Very random question - what do you guys use in place of fzf ( just the “select from list spit back to stdout”, not the live filtering ) on remote environments where ur restricted to basic gnu

maybe like

Can I run the hard labs without a sub?

use dialog

or whiptail

if u have TUI

Yeah

The free version gets almost everything the paid version gets

But the free version is limited to active ones

And shared instances

I think vulnlab is the only thing we don't get to taste at all

the GSkill TridentZ RAM I bought were the biggest mistake I ever made why the hell did my peanut brain thing having lights on my RAM was a good idea

Why have I never seen this before lol, Ty

There is a solution for the 'You have used your allowed Pwnbox time' issue?

no worries

Don't use pwnbox

Run your own VM and connect via VPN

I understand, but I prefer to use SSH

Idk what that has to do with anything

I’m just saying I like using SSH, that’s all

he/she likes SSH, what is so confusing???

Was talking about pwnbox

So in that context it makes no sense

yeah tried some sarcasm

Hehe

https://tenor.com/view/anchorman-steve-carell-brick-lamp-gif-5715014

Ahh

The update I’ve been waiting for

I'm late to the party as usual but HTB gives you the ability to SSH into pwnbox
Though as you said VM is way better in the long run 💯

ass ass dev?

Lmao that's an easy roast

I made a bad opsec mistake and used my surname for this 💀

we all do some silly mistakes like that

Indeed lol

The funny thing Apple flagged my surname for that spelling when I signed up for the forums lmao

I had to use 3 s for that

jkass

Jackass pls

Yeeee

no

Wsg shadow

wainitng for s9

3 hours if I'm counting well

Meanwhile I'm in a dilemma whether to start with dfir or pentesting..

yeah keep thinking and do none

Ye the thing is I don't wanna do that 🥀

I need your valuable opinion

i forgot what dfir was again

Digital forensic

And incident response

ok

do both

Yo i need to hire some kind of FBI agent. Anyone here will help me figure out if i found hidden camera inside my airbnb apartament?

double the effort

Yes but where should I start

Which one

lol
lemme call FBI

lol

I have photos but can’t figure out on my own

do i send it to your airbnb directly?

Bro is wanted

Fr tho

Is this normal motion sensor

are u getting any job right away?
pentested job as fresher is almost zero

idk about dfir

youll end up staring at screen and catching events

no thats a camera 😭

Nah I'll get one after 2 years prolly

But it's gonna be software engineering

so do whatever interests you

whatever makes u hard

Pentesting is triple the effort damn it.. 🥲

take pics
call cops?

Anyway alright guess I'll do Pentesting

Cya people

When im flashing light directly on it i can see red dot appear

https://tenor.com/view/in-disguise-this-is-happening-lamb-migrate-tallest-in-the-group-gif-18029104

goon infront of the camera to show dominance

(or just put a piece of tape over it)

also look for other cameras

Already did it - I contacted host but she told me its just motion sensor and to tape it if I feel uncomfortable

well can u show better pic?

did u stick that thing on it?

the bottom bit looks like the motion sensy bit

Sure did

hehe it does look like one lmao
try google lens or someshit

considering its covered i think ur fine to chill just make sure there arent any other cameras

if the owner was a creep they would prolly hide the camera in a better place

says motion sensor lmao

the bottom white square is the motion detector but the top bit defo gotta be a camera

yeah that's a trail camera

welp, wait for the cops

Here’s better one

infrared movement sensor, infrared light for illumination, infrared camera

the good news it's not CIA, they wouldn't use chinese trash hardware

Chatgpt is saying its a motion sensor

when did u notice it?

I'm pretty sure CIA is classy and chooses top shelf Chinese hardware instead

or they pick this so yall think its not CiA

yes they are sly like that

Right after I enter airbnb

Its pointing on bedroom

And it was actually partially covered but the bottom was exposed a little

So not right after you enter

Still better than worse case scenario if it's an actual camera

I just said right after I enter

take out the memory card and fill it with funky stuff

Blue Archive for example 🔥

https://academy.hackthebox.com/module/18/section/79

Is this crucial?

Because why tf is this so tough

Huh

I love embed failure

Embed fail

It's a linux fundamental

to be exact

the one with the stdin, stdout, stderr

https://tenor.com/view/epic-embed-fail-ryan-gosling-cereal-embed-failure-laugh-at-this-user-gif-20627924

And which part is tough

The whole page kinda

which is File Descriptors and Redirections

Things

File descriptors describe files and redirections redirect you

woah

describe 1

Ikr

wait until you discover awk and sed

🤯

One is the second Arabian numeral (after 0)

stdout

the output

right?

describe 3

it dont exist..

bro needs peano axioms for that shi

It does on my pc 😢

3?

tf?

I have premium pc

I thought it was only
0 stdin
1 stdout
2 stderr

Three is the fourth Arabian numeral, while also representing a literary tool in which grouping of three are used to determine importance

But shit those commands are very hard to memorise

Is this super necessary?

like sos?

Yep

Yeah

shit..

alright then

What's sos

Especially if you don’t know it super well

Like crucial

important

which commands you on abt

The more u know

find /etc/ -name shadow 2>/dev/null
find /etc/ -name shadow 2>/dev/null > results.txt
find /etc/ -name shadow 2> stderr.txt 1> stdout.txt
etc etc

the more you don't know

what the fuck is that 😭

i never learnt any of that

You're telling me? 💀

Standard input (STDIN) - this is the file handle that your process reads to get information from the user.
Standard output (STDOUT) - your process writes conventional output to this file handle.
Standard error (STDERR) - your process writes diagnostic output to this file handle.

Stack overflow ^

i can barely use the find command

Don't memorize
Understand

Well shit

Alright then bet

Heading back

How much

cya bros

0

lel

Good luck

ohhh so does 2> pipe out errors, 1> pipe out output, and 0> pipe out input?

thats cool

Overcomplicated stuff

Gonna learn them anyway

Alright enough talking

yay i learnt a thing

Im out

have fun guys

Go do that module
It's literally free

is it like useful

Pay 10 get 10 + knowledge

Yep

looks quite boring

but wtf is even shadow?

Nah it's barely 30m module iirc

not @devout sail but /etc/shadow

I used to live there

stores usernames and password hashes

Get out of my mf computer cuh 💀

That's /etc/passwd + hashes I guess

Alright I'm late again

Ahhh

Alright I get it

Thanks guys

also

if you dont get a thing

just google it lol

Well... 🥲

Yee you right

Anyway

Im out

Im done with my questions

the most important thing ever is knowking how to find information yourself when you dont know something

Yes searching weird word is fun too

aw man my charging cable broke :<

Mine working from last 4y

i think ive had this one for like 6 or 7 years and its broke just now

I got the protection for the ends on cable
It's some ➿ rubber thingy

cool charger condom

Yep

My charger port has been broken for years

Wireless only

google chrome why are you taking up 6GB of ram with a whole 3 tabs open

Talk about a first world problem

im switching to firefox bruh

No not you

Come to edge

I was saying that to my message about only being able to charge wirelessly

yeah i know

https://tenor.com/view/rumpelstiltskin-shrek-edging-anita-max-wynn-gif-1738291366090069732

Micro Soft Edging

im on microsoft edge so i'm a professional at this

Ok

google chrome has been deleted rahhhh

Alright back to hacking

Use brave

is brave better?

I think so

Probably

I think it’s time for me to learn tmux

goodluck with that

i hope you're ready to fry the hell out of your brain

Nah I’ll be fine

Just gonna pull up a cheat sheet next to my terminal

lpkrow is in the Retired Content VC for over a day lol

Easy squeeze

😂

Very smart

@devout sail can you stop saying non sense stuff please?

hey

When you start paying for everyone's internet.. maybe
Otherwise you can just sit in the corner or something

Don’t all the commands are like, configurable?

No sir, hacking on the weekend is illegal

Weekends are for touching grass and not looking at the computer

hacking is illegal everytime

thats why people perform pentests instead

but you are paid sir

https://cdn.discordapp.com/attachments/965845971038773279/1407603991398842488/attachment.gif

https://cdn.discordapp.com/attachments/965845971038773279/1407603991398842488/attachment.gif

https://tenor.com/view/silly-gif-3397568161154480277

https://tenor.com/view/cat-gif-27161863

https://tenor.com/view/cat-meow-silly-cat-cat-explode-yellow-cat-gif-12654556298327310612

yeah we know

💪 💪 💪 💪

https://tenor.com/view/haan-haan-han-han-hn-hn-ok-ok-g-g-gif-8099610421992027573

lmao this guys backstory is tragic

i wonder what he is doing nowadays

who dat

Samay Rana 🙂

only guy in india who does podcasts

is there a way to buy a voucher for students from hackthebox academy like I give them a redeem code that they redeem it

is there a way to do that?

only support would know

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

afaik student sub is only available monthly anything outside doesnt have student benefits

https://tenor.com/view/cat-chat-cat-fall-hello-chat-cat-gif-24961178

any hacking today?

No. Touch grass day

No computers on weekends

Hello

good morning everyone how's it going?

only phones and tabs

I hope you guys are doing really well today

👋

How’re you?

how r u

Elo

I woke up a few hours ago, setup emacs, watched some chris greer videos on wireshark masterclass

WHY are you

I just saw a video by greer where they are now offering a wireshark certification

Why am I what

Training material is like 300$ USD

thats shit

yes.

What kind of materials do they use?

dont get the cert

I am because I am

I don't know. I don't have the funds to buy it.

https://www.wireshark.org/certifications

https://www.wireshark.org/pdf/wca-objectives.pdf

that'd be an ok april's fools

the coveted Certified Impetor Analyst (CIA) is a must have certificate on the cyber security field

2hres

for 1/3rd the price of ceh get it now

Can I buy please

Send flags

Hi

average red teamer doing sherelocks 😩

Congrats on becoming green

HTB{LIGMA_BALLS} 😊

https://tenor.com/view/crushed-it-gif-18087987023179949748

https://tenor.com/view/monkey-monkey-dancing-orangutan-monkey-dance-happy-monkey-gif-12702179649294906179

In my way to become (next color above)

Purple is easy

Gm

Just send in content

https://tenor.com/view/monkey-dance-gif-18491588

https://mozilla.modular.im/_matrix/media/v3/download/mozilla.org/75ce63bac90f4eec3147a0044740db1833f02ecc1969444958754570240?allow_redirect=true I wonder if this shot shows up rendered or as a link. My emacs setup. Doom.

oh purple just requires you not to ADD for a few days

Meh

Wdym

Your clock is off by 12 hours

it says auth is required

step 1) think of a content 2) ... 3) profit!

It’s 7am

I just got the choose your path thingy what do i choose? sherlock thingy or start hacking

one day, I'm going to create training material and a cert, then I'm gonna market the cert for $5 per

Nice rice

with legit material

Didn’t know NL shifted timelines

and exam

??? Profit

Thank you

u wont make any money tho

needs to be atleast 100

My favorite background. My desktop wallpaper hasn't changed sine 2015

10 years now

$5 for 2 exam attempts

I usually just have the OS default wallpaper

People still select wallpapers?

Same

Yeah of course

hello i didn't recieve my credits yet from season 8, is it only for me or?

Anyone here temporarily impacted by the H1B thing?

What backstory
Tell in 3.word

Contact support

Classic Hood Certified

But it should be automatic applied in your account

Xcfe

I'll call it CIH, certified instagram hacker. I'd get massive buys

long story shot public backlash and he leave

xfce

True

KDE 🔥

the 100 grand subscription fee to enter the US servers?

try hack me

Windows?

Plasma 6.2

I have KDE plasma

Just make an exe that opens 100 Rick Ashley’s

It’s a great default wallpaper

I love KDE plasma

hyprland ftw

I use KDE + Xmonad.

you guys blocked the word r0blox?

KDEWM=xmonad

I have Mac

I don't blame ya

nothing beats win 7 and xp wall tho

Yes

Windows on Arm

I wish Kwin was a tiling manager

KDE didn't disappoint me yet, and that is all I want

KDE > *

Fight me!

Okay

i assume too many scams around it

https://tenor.com/view/benjammins-holiday-vacation-summer-vacation-holiday-disaster-gif-17760097722938992890

Mac > all

Mac < all

NO!

erm actually

i use arch btw

Now I know sparkles is trolling 😄

Windows on Arm with WSL > *

AHAHAHA

templeos

Im a Mac boy

It never let me down

Oh alright

KDE is functional, and when you set up virtual desktops and the hotkeys it's fast to work with

I gotcha

Yeah but you have it on wsl2

Fake

My wholel family uses Apple products. I'm the only android guy

no lol baremetal

i use my mac daily and I highly disagree

true, maybe I'll make a blog post which demonstrates a dll side load to open a YT link and then name it "How to Rickroll ANYONE in 10 seconds" and see how viewership goes up 😆

I use arch (not in any wsl btw)

who tf uses wsl

@scenic maple

we should give up microsoft

https://tenor.com/view/demon-slayer-muzan-aura-1000000-walking-gif-9606080743563222570

there are masochists

who tf uses windows anyway

I do. I use WSL inside a windows 10 VM. Makes life easy.

People that are forced to use windows

Mac is perfect for me

everyone uses windows

Or braindead

i havent used windows since 2014s

Windows ftw

Surprisingly, WSL doesn't work under windows 11 for me in VM. Says virt is not enabled in bios, but it is.

Im on a call on my phone, I can hand it off to my iPad or Mac

Linux > Mac > Windows Change my mind

10 supports it, 11 doesn't, in virtualbox vms

I do htb machines straight from powershell

average mac user getting vendor locked in

I am a call on my phone I never needed to forward my call to eny other device

but you dont do htb machines

In my entire existence

Oh sorry pooping grounds

I do

With clients a lot

https://cdn.discordapp.com/attachments/1318720547693133890/1416119284110852267/Gubarz_in_Botnetbuddies.gif

yeah but what do you mean i need to reboot into recovery to edit this one file like what

Or use my iPhone for camera

at work you don't get to choose.. but at home I haven't used Windows since '98 for anything else besides gaming

Offsec machines are boring imo

But I gotta do em

it's rare I get calls, even when I do they're spam calls

Sometimes you gotta flip some stuff via command prompt
The virtual and all

who tf has answered a phone since 2005

if you call me, I will figure out who called, and contact you with something else if I deem you worthy of comms

I like my ringtone
I let phone ring

ikr they should just text

lookie

That corner is wrong

and if I can't figure out who called then sorry

cloudflare was way ahead of its time

I have got quite a few excotic calls lately though.. from places like Afghanistan... almost tempting to answer to listen what's their grift

Hahah all the eyes

give me ur phone number i will call

Mi phone number is 16

altho i will be probably be broke after one call

you are poor

Galaxy 16

Bond, James bond

are you rich tho

\o/

golam, golam71

no, but one phone call wouldn't kill me

Windows 10 works with WSL in a VM

11 gives this error

i mean it woudlnt kill me either

No no no 71, golam 71

i see very important detail

i am limited by the htb username technology of my time

<tony stark dad image insert here>

How is it going chat

U solved clock skew error in docker?

I installed malware in my machine by accident instead and proceeded to format it

Lost my docker instance and fell asleep

all clock skew is solvable with faketime

Ye the solution was easy

Some of the Linux fundamentals pages were literally impossible without youtube.. 🥲

But I tried to install a video editing software in linux

I can't find anything decent for linux

Have you have of kdenlive or kino or whatever it was called

KDE has a pretty good video editing app

Did you guys finish it without YouTube at all..?

https://kdenlive.org/

Something like this ig
Enable-WindowsOptionalFeature -Online -FeatureName VirtualMachinePlatform

Yes I was going to try kdenlive next

Is it good?

@worthy cargo

Like?

No luck

Need reboot

Like module 18 section 80

Literally impossible without youtube

Actually tho

I just bought a crazy good snack do i wait until lunch or do i devour all of it

Not even overreacting

I had exactly same problem after i updated to win11
I don't remember exact steps, but after bios I had to fw commands

Looks like vbox 7 fixes this issue, but I have vbox6

Oh well

I'm on an older version of Ubuntu

22.04

It's a pain in the ass to upgrade so I just never did.

pain in the ass to upgrade? you literally run 3 commands

Hello guys! It's me, the Nigerian prince!

I am currently transferring my wealth to Luxembourg, but I have to pay a transaction fee of 500 dollars.
If you pay me now, I will share with you 10% of my wealth, which is a whopping 10k dollars!

Please ping a random person in chat for the details.

Yours sincerely,

The Nigerian Prince.

1st and 3rd ones were a pain because of the RegEx, you had to add weird symbols and stuff, 2nd was easy as cake.

No the thing is I didn't even learn this in the whole fundamental

Please dm me your creditcard information together with your social security details so I can transfer the money to you as soon as I get your 500 dollars. Also send me proof of the transaction you send to NIGERIAN-PRINCE@TotallyNotAScam .com.

How about you send me the 500 dollars to open the account and then send me the rest afterwards.

I can not, I'm afraid, for all my money is being held up by the bank! Please help me out brother and I promise you plenty of riches!

It was a bit hard yeah, you had to specfiy "LISTEN" even after putting netstat tu"l"n for some reason

No because what the hell man 💀

Shi man tuff times

No, it's a lot of different issues I have to resolve. It's not just three commands. The do release upgrade always fails, since I customized my distro a bit myself with custom packages and repos. Even turning them off and removing all third party packages doesn't resolve package dependencies. Plus, I have a wifi NIC I always need to build drivers for, and I don't have a wired connection in order to download the drivers. It's a brothersoft NIC, and their install script downloads drivers so a wired connection is required.

Real

https://tenor.com/view/its-worth-a-try-gill-engvid-its-worth-a-shot-its-worth-the-risk-gif-2305536135982804414

Look at the length

I'll eventually get around to reinstalling a new distro and I may go witha rolling relesae this time.

LTS gets to be a problem with upgrading.

Now tell me how the fuck would someone who just touched this advanced level of Linux would figure it out on his own..

I was on debian testing/sid for 15 years, then i n2016 I switfhed to ubuntu

I'm talking about myself ofc 💀

Manually counting them would've been easier.

For crying out loud..

borkkersoft

https://tenor.com/view/swedish-chef-muppets-the-muppet-show-gif-4425691893626684012

I customized mine too. The pipewire is mine, not Ubuntu's. I added AAC support into the bluetooth. but, I packaged mine properly so in version upgrade everything goes just fine.

this is my doing. not available in standard ubuntu. also packaged it properly.

I know how to package 🙂

I'll upgrade someday soon. When I am mentally ready to go through it.

Ubuntu still won't allow patented stuff on base. They do on what's it called, multiverse. However, pipewire doesn't have a plugin architecture. So a multiverse package can't add AAC. You have to roll your own and overwrite the pipewire from base. Which is kind of ass, but it works.

I am thinking of switching to a different distro maybe.

Something rolling. But still somewhat 'stable'.

Maybe OpenSuse tumbleweed

Gentoo or Arch then

opensuse has absolutely horrible community. you have an issue with a new release, they will most likely just scold you for being a moron installing newest release and suggest you run an older one. no one cares about fixing the actual issues there.

🙁

I figure, 26.04 is on the verge of being released in 8 months or so

I might as well just wait til then and upgrade manually

I also have my / on BTRFS because ZFS on root is a PITA so I use BTRFS for snapshotting my system

if you have a funky device, you would want a kernel that doesn't change all the time

I always buy the hardware so that everything works out of the box (no exceptions) because 3rd party drivers suck so much on linux

zfs list
NAME                          USED  AVAIL     REFER  MOUNTPOINT
dmt                           630G   269G      630G  /dmt
home                         1.53T   152G       26K  /home
home/stoned                  1.53T   152G      320G  /home/stoned
home/stoned/Games             688G   152G      688G  /home/stoned/Games
home/stoned/VirtualMachines   561G   152G      561G  /home/stoned/VirtualMachines
shiva                        1.34T   427G     1.34T  /shiva

/dev/nvme0n1p3 on / type btrfs (rw,noatime,compress=zstd:3,ssd,space_cache=v2,autodefrag,subvolid=277,subvol=/@)

Same, but the Wifi NIC I got required that fucking wired connection to download drivers.

I'm going to hack their install script and download the packages or files needed offline, and tell the install script to use those instead of downloading nlive

Hopefully GPT can help with that. Then test the script

The way to peace of mind: ```$ lspci
00:00.0 Host bridge: Intel Corporation Device 7d20 (rev 05)
00:01.0 PCI bridge: Intel Corporation Device 7ecc (rev 10)
00:02.0 VGA compatible controller: Intel Corporation Arrow Lake-P [Intel Graphics] (rev 03)
00:04.0 Signal processing controller: Intel Corporation Meteor Lake-P Dynamic Tuning Technology (rev 05)
00:07.0 PCI bridge: Intel Corporation Meteor Lake-P Thunderbolt 4 PCI Express Root Port #0 (rev 10)
00:07.2 PCI bridge: Intel Corporation Meteor Lake-P Thunderbolt 4 PCI Express Root Port #2 (rev 10)
00:08.0 System peripheral: Intel Corporation Device 774c
00:0a.0 Signal processing controller: Intel Corporation Meteor Lake-P Platform Monitoring Technology (rev 01)
00:0b.0 Processing accelerators: Intel Corporation Meteor Lake NPU (rev 05)
00:0d.0 USB controller: Intel Corporation Meteor Lake-P Thunderbolt 4 USB Controller (rev 10)
00:0d.2 USB controller: Intel Corporation Meteor Lake-P Thunderbolt 4 NHI #0 (rev 10)
00:0d.3 USB controller: Intel Corporation Meteor Lake-P Thunderbolt 4 NHI #1 (rev 10)
00:12.0 Serial controller: Intel Corporation Device 7745
00:14.0 USB controller: Intel Corporation Device 777d
00:14.2 RAM memory: Intel Corporation Device 777f
00:14.3 Network controller: Intel Corporation Device 7740
00:16.0 Communication controller: Intel Corporation Device 7770
00:1c.0 PCI bridge: Intel Corporation Device 773c
00:1f.0 ISA bridge: Intel Corporation Device 7702
00:1f.3 Multimedia audio controller: Intel Corporation Device 7728
00:1f.4 SMBus: Intel Corporation Device 7722
00:1f.5 Serial bus controller: Intel Corporation Device 7723
01:00.0 Non-Volatile memory controller: Sandisk Corp WD Black SN850X NVMe SSD (rev 01)
56:00.0 Ethernet controller: Intel Corporation Ethernet Controller I226-V (rev 04)

Nice

My motherboard puts both GPUs on the same IOMMU group so I can't even do pci passthu

I'm all AMD, other than NVIDIA

IOMMU sometimes lies though, and even though something is in its own group passthrough doesn't work.

I found out at least the Neural Processing unit, while on its own IOMMU group, will NOT work with pci passthrough. It passes through alright, but it will NOT initialize since it's somehow tied to the GPU which is not pass-through.

5800X CPU, 64GB DDR4, RTX 3060 12GB, ASROCK Phantom Gaming 4 Motherboard

That doesn't look so bad, only the wifi is trash lol

And a shitty NVME with SLC cache instead of DRAM cache so it craps out on sustained writes

Although; some moron put the antenna of the wifi on my box inside the enclosure. Which is a faraday cage. So it has like 2 meters of range after all the attenuation.

Someone recommended it and I bought it without looking up the cache type of the NVME

That was my mistake. Never again

I chose wd black because I thought black is a nice color

Black is a nice color

I have two WD 1001FALS black drives from 2010. they are still operational!

No bad sectors nothing.

I'm shocked

You wouldn't know if some cells were broken because they are partially self healing nowadays

There should be couple extra cells to replace the worn out ones

They used to make good stuff. Now they cut corners on HDDs so much, things are round.

 20:55:15 up 48 days, 16 min,  2 users,  load average: 0,60, 0,93, 1,54 ```

we don't talk about what happened 48 days ago

Arch

Give it a try it is delightful

LMAO

Maybe one day

Sure

I wanted to play with nix one day

see what that is all about

New machine in 1 hour

I was tempted to try first blood

Until I got my computer formatted

I would had first blood in the last linux machine by 2 hours margin

I am going to have one for sure 💪

I almost once had the first blood, but I took a nap. After the nap I realized I had the flag

I do not even think about blood

Seems right given your profile pic

yes

Getting <#100 is enough

Sometimes I open my vm and set hosts just to see blood notifications

Closest i had was #2

I thought #2 was reserved for creator 💀

No

They don't get rank then i assume
I know they get solve, so just assumed they get solve assigned the moment it gets pwned

I don't really feel the quickest to do things
I like to enjoy and finish and that's all i can do for now 💀

But yeah ranking does affect most of the time

nmap -p- --min-rate=10000 -> nmap -sV -sC -p open ports

season 9 starting lets goooooo!!

45m

cant wait

same

this time im actually gonna be there from the beginning

sudo nmap -p- -sS -sV -T4 -A -v --min-rate=5000 --stats-every=2s <ip>

better imo

i started htb when season 8 was halfway

stealthy scan and good results

Do a box right now

when u start nmap with sudo, it starts a stealth scan (-sS) i guess no need to specify it, -A combines (-sV, sC and os detection)

Holo 🔥

I’m gonna get Holo this season

whats holo

Metoo

Season rank

ohhh

You get by all solved in the same week of release

I guess you can miss 1

im going for holo too then!

https://www.youtube.com/watch?v=KxGRhd_iWuE

I really need to work on pwning windows machines but I will try my best (:

It's for those days when you feel like bich and wants to sleep

I'm gonna try this season on the debian I setup, gonna have a lot of issues installing stuffs while solving

I’m going to have to solve 1 box a week anyway for my silver DofE(school thing where you build on skills, volunteering and physical by doing 1 activity of each category for 1h a wk, then you go camping :D)

How long y'all think the blood gonna take for #1419019213179326626

It's season + easy + linux

Could be less than 10m

I think 37 minutes

Yeah depends

Rabbit holes

Let's do ±10m

Guys do you encounter problems when decompiling python exe files?
Yesterday I spent like 1.5 hour just trying to decompile pyinstaller binary because it was built with lower version of python and all of the depenedcies were quiet hard to fit

No holes in difficulty below insane

No not really

But from last week's box
It feels like htb bumping up the difficulty

Maybe I was doing wrong? which tools do you use?

yeah real

It could be medium level as easy

I mean I recommend opening a virtual env or like reinstalling python

For venv:

python3 -m venv venv
source venv/bin/activate

And then check:

which python3
which pip

And if it shows venv your good

yep yep of course.

I got stuck at decompiling the actual Python bytecode (.pyc)

ohh

Im not good with that stuff

ehehe

oh it's fine

I don't even know that shit

yeah fr

im confused lol

you will learn those in the future for sure

Or now

Sounds complicated

Haha

Im currently still working towards being eJPT certified lolh

Welcome to the most stupid certifications in the world

eJPT was quiet fine

Hey hey chill out

but then came the eCCPT they have

Im working my way up lol

no no it's not you

just hate their company

Ohhhh

stupid labs and stupid certifications

Yeah the course material is shit

I cannot share details of the exam but the eCPPT (after eJPT) was the most broken and stupid exam I have never seen.

I am active directory pentester for like 2 years from now

and couldn't even get a foothold on those machines they were fucking broken

Oh damn thats sick

thats crazy

oh really? how old are you?

just enjoying pwning htb machines and doing certs on the side

im not diclosing my age buddy

btw, it's your first certification?

Im new born

No I did Security+

I actullay took it also at 16

the Sec+

Niceee

damn alright unc

I think I will do ejpt in like 2 months

im not diclosing my age buddy
that didnt last long xd

fair xd

check dms i have a vital piece of information to share

tell me when you got to the eCPPT how it was

I still have nightmares me fighting with stupid labs

sure ig

and then my co-worker asks me in the next day how was the exam

and I told him I couldn't even get a foothold :_

https://tenor.com/view/miss-mario-party-miss-bad-take-gif-9219336389564949495

I just read some. Stuff
Doesn't seem that complex, from theory obviously.

Is that a practice thing you were doing or work?

chat is writing challenges hard

Making?

Wdym

yeah meant that

like challenges on htb

Obviously

It Depends

like how hard

It depends, what kind of challenge

Making things are harder than breaking

Depends of your background

making challenges isn't harder....making worthy challenges is

Same thing to be in htb platform

you have to have enough familiarity to know what exists, know what people can handle, accurately label it, then build it

I don't think they take every challenge that gets submitted

like....imagine you have a great idea..but there is a box from 4y ago that did it....now you've been rejected and wasted however long

I think if it's 4y it might pass 💀

Not even the content manager or tester would notice

HTB needs the money after the buyout 😉

Hehe

Why are you runnin

I think about thm every night

That's how i sleep

Why? 💀

someone asked

and deleted

Yea he probably is

no

i meant in the other way

htb is down?

really slow tho

what page?

acad/labs?

labs

absurdly slow, my internet is fine

Yeah its sloooow

I got a bug in facebook . I reported it to meta. The replied me that a security engineer had seen my report and performed initial evaluation. It has been 10 days since I haven't heard back from them

thanks, informing team

It is my first time reporting a bug

john is p2w

10 days is normal tbh

give it a hot minute

I see

is it also acad for you too?

and or account

Someone already got first blood

dayuumm, and i cant even spawn

ah the ol ddos htb and get first blood trick

we've seen that in last year's season

LOL, is that a thing

you fr?

lol

damn...

there was someone who somehow got root in 10 minutes without ever getting the user flag

i forgot what box it was, but it wasn't an easy one

it was extremely suspicious because the same thing happened

vpn was really slow

couldn't use the website

then magically someone solved it? lol

I have nothing of value to add to the ongoing discussion, but I just wanted to share this.

https://www.youtube.com/watch?v=bu6HJDYWf68&list=RDbu6HJDYWf68&start_radio=1

ahhaan... I see..

the hell is this?

XD

idk Im doing the new machine

It's Weird Al!

I am asking you once again, to reset bravo lab

I ran an nmap.... just an ssh...?

Am i allowed to discuss here?

💀

seeing someone unjoin the dc from the domain was the most ridiculous and dumbest thing I've ever seen

how do you even do that

Imagine if someone actually let that buffoon loose in a real corporate network

Last time I did a shared pro lab some guy and I were leaving notepad notes for each other

"Please allow me to introduce myself! I'm a man of wealth and taste!" - The Rolling Stone

I've been around for a long long time

stole many a man's soul and faith

https://tenor.com/view/groovy-gif-6236096

i have a problem with my account. who can i ask?!

Inus

Support

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

so the season 9 machines are like private , meaning no one should share writeups or talk about them here ?

Hey all, new member (previously on THM but making the move to HTB) any tips or tricks?

Ask chatgpt to generate you a top 10 list of security tools to know and post it in #general constantly

more related to the platform than tools

Serious answer welcome i started on thm also. Youll find the stuff here a bit harder and a bit less guided

But you get used to it and itll make you better for it

Good luck dont be afraid to ask for help

is it allowed to discuss about season9 machines on this channel?

yeah just getting my head around the website currently. just one query, does upgrading to vip offer anything other than access to rooms etc and any certs are paid for separately?

How tf does people get flags in 7 minutes

Its that easy?

Or do they run a bunch of scripts

I think it has access to more vip servers and more pwnbox time. Certs are a seperate thing but if you get a yearly academy sub that comes with a cert attempt and a retake of your choice

Nah, they DOS

thanks

Those also have student discounts

What

How does that help to get the flag fast

Autopwn scripts

Slows down others

Damn you griffith

I am trying to pwn this season 9 machine, let's collab - if anyone interested

Yeah probably true also if i were going for bloods i would DOS the entry point

I just need ONE flag to rank up

ONE

UDP ports are often overlooked 😉

Just bruteforce the flag

-p- would take a lifetime, server slow as an old grandma

I see

started the scan, hope it works

guys

check it out

im a lemon

BROOOOOOOOOOOOOO

I MISSED YOUUUUU

SLIMSHADDYYYYYYYYYYYYYYYYY

Does VIP access cover both HTB and the Academy or are they completely separate?

Seperate

It’s been so long since a boxes entry point was UDP port

pepperidge farm remembers

It would be cool to have a pro labs discussion for Enterprise only pro labs

My team doesnt do anything except me 🐊

This kind of machine is very new for me

Gotta learn this one from scratch

any directions? anyome?

And just another doubt, this expressWay machine would be active for one day right?

yh

I just want resources to learn

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

Soon

I searched it on there, but there is no module about that

My man

Bruh..

C'mon

ykw- ill figure it out

good evening

when do exams get graded?

https://tenor.com/view/tyler1-loltyler1-screaming-dead-wtf-gif-17500255

I know you, you're like this
When shit don't go your way, you needed me to fix it
And like me, I did
But I ran out of every reason
Now suddenly, you're asking for it back
And could you tell me, where'd you get the nerve?
Yeah, you could say you miss all that we had
But I don't really care how bad it hurts
When you broke me first
You broke me first!!!

https://tenor.com/view/dance-fangirl-yaas-yas-yes-gif-4946458

Guys I’m trying to get through the starting point and you all are ruining my connection

Clearly no one is thinking about the priorities here

i feel like 90% of you guys who come in here are incapable of reading let alone enumerating information

you will not make it as hackers.

https://tenor.com/view/emotional-damage-gif-hurt-feelings-gif-24558392

I’ll tell you what though, sometimes I look straight at that contact info email domain and go “yeah, definitely won’t need that”

me defo not reading this and saying.....my challenges...my poor challenges