#general

IDK

Bro explain him I didn't ask him a vip +

oops, caps

I told him I don't need it I will get myaelf

I misunderstood then ninja, sorry

Myself

anyway, gtg sleep

https://tenor.com/view/helpmepls-kuchnahiaatahelp-i-am-underwater-help-me-pls-uncle-gif-21956179

✅

Can I add u one more time if I bother u can ban me that's my word

Laters @cerulean bloom

Ur kind of a celebrity to me

We can chat here

Let's take it one step at a time hey

I won't text u just a friend request

Alright lord

Got you

if you dont talk whats the point tho

@scenic maple I don't wanna get blocked again sir

Dm him = blocked

well its the same process

@lilac cipher any hacking today?

@scenic maple

Sir tejas and golem I did fortress today I couldn't find more than 4 flags

Golan

Golanlm

Golam

Which fortress?

Am I blind I can't see it

Context

I haven't actually, will add to the list for later though 🙂 Got a call atm

Cheers!

That is hard iirc, I did Jet and Akerva

if that many tests ran without issues it means theres something wrong with the tests

Ooh I got zip but haven't got the shell yet trying for that

https://tenor.com/view/dexter-gif-1878760417600646737

I did 10 hours today

Straight

Don't make me question the AI slop

Even if I'm sick

oh no shit

lmao

U shud sleep

Yea I will sleep now

I'm getting recovered

Get well soon

i told him, Context not easily to pwn

https://tenor.com/view/cat-leaf-vibes-vibing-sleeping-cat-gif-17297041570420202318

Thank u mate

i got the first flag without even trying

I ain't writing a product for you all pesky hackers to hack. So, until then, it is fine. ||I GUESS||

He is saying context is hard

sorry

then if ound xss but it doesnt have any xss

i mean Context

Akerva has pwn right? I forgot, and man I hate that part.

@lofty warren yea it's hard im trying

remember bro its only internal if we cant reach it

no i saw u

I think there is buffer overflow

YEEAH

Yes. Idk shit

just initial access & got the first flag. Sound like dumbass asf:) I know that shit

Correct

Neither I do

so are u sure we cant reach it

Okay I'm gonna sleep chat trying to get 10 hours of sleep need to recover

Goodnight

Yes. If you can plz reach out to security@hackthebox.com.

its only the 2nd flags of fortresses that are hard

u know it would be more easy to just steal ur cookies

Bro stop joking

tbh, im really hate to be solve some fortress labs

too much rabbit hole

Fr @lofty warren u know

i mean its real world right

i used to think some htb targets are unstable but holy shit man

real world bbh targets are so unstable

When I dumped the table but also I got the hash and looked into the dB I'm so idiot

htbs labs would feel like top 1% of real world infra

I'm not processing any sensitive stuff; it is all on the internet, so it is fine.

that not a fkin hash, this is a cookie@@

Labs is really a puzzle . But fortress is real pentesting ig

anyone who complains about stuff should try stuff irl and get humbled 😩

@lofty warren noo the done in dll

Re that security query, can you DM me?

no it was a joke lol

Oh

I just saw an edited message and the email

ye if it was actually serious i wont talk abt it in discord

They were ddosing hackthebox infra

Going to

Ik u would have hacked us if you knew something

lol

Cloud has spawned

https://tenor.com/view/dexter-gif-1878760417600646737

I'm despawning

I can't see it

What did he sent

did you block him?

FBI watching you

https://tenor.com/view/it-is-totally-me-eeyore-raining-sad-gif-3569467413480535520

Who did you ask?

Noo not at all he is the lord who helped me alot

ninja

he said what did he send

@molten bobcat

Idk the gif isn't loading for me

actually you know what htb server would be the perfect place for feds

I'm on 3 % charge on my mobile

cause some of the people actually know how to attack stuff

and could be dangerous

maybe tejas is a spy we would never know

Not possible but I doubt u

AWS fortress easier than Context fortress, you should be do it first

Watch out for profiles with anime girl pics

@native plume CHOCOS

well thats the point right

you dont suspect spies of being a spy

irl easier than labs

Senpai 😩

I will do it ig

SIGAD US-984XN

some labs yeah

newest but not hard fr

What really?

where is shadow

Is this true

He's been offline for a while

https://tenor.com/view/13-карт-gif-14026559412000478194

he is with chronos doing questionable stuff

@devout sail ping sado.htb

@devout sail

learns A-Z in training...gets job in field... uses only A-D the entire time

this is my life

Goodnight chat

joke but not joke

Cya

Enjoy the night and the day

GN

well the thing is you never know which alphabets you will need

so you turn to the most effective type of method : bruteforce

i know why it makes sense, but its still funny

i think its sad 😩

Spends 24 hours hacking for a cert only to get 3-4 hours of hacking in per day between pointless meetings

https://tenor.com/view/shocked-really-bet-zoom-gif-4462610285338994291

prepared for anything but then you stay at the same job for 2+ years and forgot the rest of the alphabet

thats why you do ctfs and bbh when you get time

then your job finally wants to have you utilize the rest of the material you trained for but you need to spend a month or two refreshing

https://tenor.com/view/hecker-hecker-beluga-hacker-cat-hacker-gato-hacker-gif-25199253

guys CPTS advice

i dont do pentesting, there arent many affordable options to keep this from happening with what i do lol

Goon less read more

do the unofficial cpts prep boxes

what field do you work in

i do managed security and might move into blue team

that sounds very corporate

ive taken more interest in cryptography recently, especially after finding out i was wrong on how aes encryption worked

@native plume HELP MEE

i think you will be great at blue teaming

i manage and configure security platforms and devices like firewalls n shit

My brain is still full of pointers and ASM

remember bro you will get stuck its not a threat its a reality
then just go over the modules again

TAKINALOOOCHIA

I basically try my best to make pentesters have a harder time

Remember "Nico nico nii" when you need motivation 😩

im sure you know this but alot of businesses are allergic to best practices

im eating chocolate rn

I literally had the clip play in my mind, thanks

I think I should play it too lmao

https://tenor.com/view/cat-kitty-cute-adorable-drinking-gif-17732302

https://tenor.com/view/watermelon-cat-cat-cat-watermelon-gif-15226272342900620609

Let's spread nico nico

Never type with cold hands

aright

pizza eaten with spoon ✅

chocolate ✅

not the worst way ive heard

I wish to be water

hacking today ❌

my fiancee's best friend eats pizza one ingredient at a time starting with the crust and under side

now is the time 💪

dont ask me how that works

i dont know

wth

what are you going to hack

how do you eat the organo

idk, probably some academy but instead of using tools Ill use python

to make it more fun

import hacking

hacking.pwn()

use ruby and dont ask why

hack() // BOTONES FIJOS EN EL BOTTOM

i am dead

I saw that again today

you can never unsee it now

it's a permanent highlight in the code

Javascript is leaking into Python

Jython
Cython

PPython

no jython is something of a horrible monster

its java

Waiting for them to announce Rython too

ruby?

Hmmm I was thinking of Rust

But Ruby can fit too

But idk why

hmmm

I miss Ruby

No more hands to try stuff

free hands*

I have worked with Ruby ages ago

it was cool

ruby developers are actually one of the highest paid in the industry

well

ruby is not a toy langauge like js

I wasnt

I was learning it because there was a software that allows you to create synthesisers using Ruby

I can't remember the name of it though

I have worked in about 3 projects with it

Nice

what I liked about Ruby is RoR

more than the language

Yeah RoR is a great framework

that framework was quality

I see a lot of j*b listings in Japan that list it

can;t we say jonb?

wow a ruby j*b

job

dang

AYOOO

nothing happened

xd

Nuuuu

ARE YOU CRAZY

Save echoes

I didn't say blow before so Im safe

hopefully this will bypass the mods

Alright chat it's not cold hands it's the cold brain that's giving me these crazy typos

race condition kinda thing

Employment is a taboo

warm up your brain please

I will get brainroot

https://tenor.com/view/depressed-dark-room-sad-man-mundane-gif-27297497

average pentester

airght time to lock in

bro is doing tier II modules

100%

tier 1

I dont want to miss anything

eheh

Jython, nuclear duo

New release?

breakin news: i was ||pooped||

https://youtube.com/watch?v=95dN31Acs6I&si=nTWLCGf0XYeKeYRq

Who ||pooped|| you

https://tenor.com/view/happy-easter-easter-egg-stay-home-chick-cute-gif-16852795

“Stay home” looks suspicious

yo I wanted to ask some CTF ppl if they thought it would be of any use to take existing linpeas parsers that extract basic PEAS outputs like sudo versions into JSON files and write a script to automatically run searchsploit queries on them so you can have a printed cheat sheet of exploit DB links to cheat off of during manual enumeration or verification of the PEAS version output?

ik this would probably be redundant for a lot of people because with experience ur realistiaclly only prioritizing a few parts of the PEAS output and this would just be noisy

the type shi that will get you stuck on boxes for 2 hours

😄

I realized looking through PEAS it just says stuff like "this version probably bad" without actually basing its suggested CVEs off of that

tf

what is wrong with you man

HTB used to have 3-4 FREE retired machines. Are they discontinued?

like for sudo it just has a regex parser of versions that are bad but the CVE recommendation part isnt based on that regex output

@scenic maple I got a gift for you. Can you see this VDP? https://bugcrowd.com/engagements/usda-vdp

i saw chainsaw man's movie at the theater last week it was mind boggling

a masterpiece

where im from we typically call a chainsaw man a lumberjack

dang

331

You are right Sensei Paint

i was over half of all teh usda bugs

🙁

are these all yours??

USDA better hire you

331 of 653 bugs

is mine

are you even from planet earth my man what kind of evolutionary stage are you at

🤑 💸

For free

i just do it for fun

Oh

absolute mastery

Dont get me wrong tho, CISA sends me cool stuff

but that was just for a "thank you"

Did you try HackerOne and earned something?

aw man frosto is awesome

I do hackerone only if the program i need is on it

like Valve

I got 2 RCE on steam

and a few XSS on their sites

nah bro is a legend at this point

That’s awesome man, if me I’ll not report it tho

2 RCE on steam

Yeah incredibly

im supposed to be hunting bugs today

You have too much certs tho, but what are the actual helping ones like the ones your skill rely on it after practicing for sure.

but im too distracted

Nah i just do them for fun

you are supposed to be the president of the USA

not hunting bugs

Genius

ADD

lmao wtfff

Tired

lol

Artist for Hades drew Verso

Hello Tired, i am dabunci

same

@exotic pendant just hack the whole world at this point

start with the US

Just win the powerball

hackthebox just charged me, how can i cancel this? I dont want a subscription rirght now @alpine pumice

no ones on support

raise a ticket on support

and ask for a human to help

yeah i did

thanks man <3

but theres like no one on support

within like an hour they would appoint someone

i needed that money to travel somewhere

next week

wait for an hour my brother

okok

whats up chat

alright @mystic harbor

no

I replied to the wrong one

oh

alright

Roof

Good Night

gn

Everyone, how can I know when is a box going retired

😃

its getting old

I believe it says “retiring soon”

@austere sinew heatlh Check

we caught my cat again

hard to caught him this time

he was sleeping in the second floor of my neighbor, literraly in their bed

Stop feeding him ruffles, he hates you

he loves me

the two attacks in my legs prove it

👍

making the tool of tools 🔥

Whatcha cooking up?

gooning tool

at this moment a little helper for auto fuzzing many different ways and store the findings

but I will be more adding features to it

nice, get that bug bounty money

Sometimes there were more when machines were released as instantly retired after events. The bae count is 2 for free

2million and Cap are free retired machines

https://tenor.com/view/golgra-expedition-33-clair-obscur-super-saiyan-golgra-super-saiyan-gif-9274717243192426391

me after getting too hot after just putting my snuggie on

Super gucci

Hbu

Wi wi wi wi

https://tenor.com/view/fizzgig-dark-crystal-gif-12894776

Time for brekkie

what is the name of that thing?

same thx

cat

is that you in the picture?

ok so

2 things i realized today

they actually give you the domains list

i thought the first few domains on the scope thing above is all u get and u have find the wildcard domains via ffuf or subfinder or other methods like the cert.sh thing

anyhow

this makes things a bit less difficult

😄

i did find a html injection after cinzinga helped me out

i dont think so

i guess refresh and if it persists ask support

alright probably just me then. ill refresh everything

Someone did report a similar issue earlier, but they then switched and it was fine..

thanks guys

good luck

Curious, will check logs and highlight with the team if anything looks off

Apologies for the inconvenience

yeah it was just my browser, we are good

Score one for the "god I hope it's just some weird browser thing"..dogs

Gonna check logs all the same

the worst part about browsers is that they run javascript

if only i had the HTB TUI

there is one actually

#general message

not official tho

read the code or else ceald steals ur token

ahahaha throwing shade at our boy ceald

its his github

Oh, nvm.. guess I won't

If it happens again. please do raise it via support or /feedback

ty

I feel a little strange without log access, ngl

But it follows procedure 😅

looks really good that TUI

hi

is there an official one?

😄

At this rate we'll probably end up buying golam

🤣

But no, no official one at this point

we are bidding for golam

ill start the bidding: tree fiddy

ohh rich blood over here

https://tenor.com/view/mustard-cigarettes-five-hundred-funny-gif-1507534084112324142

Isn’t this slavery?

Ew

I wasn't expecting that

sold

if i pay you money its not slavery, its serfdom and you like serfing dont you? 🌊

WHO else

serffing golamayyyy

😩

Wait hang on

I don't have five hunned mustard

then everyone in the world is slave working for jobs

WHO GOT 499 MUSTARD?!

you are so handsome

I am proud of you

i think if we all collectively search our fridges, we can buy golam

I call your behavior cringe

me?

Yes

wonder how long will it take for you

why

you know ab7v maybe you should try tinder

You moved on from golam quickly ab7v..

Too fast

dude it is my fault to complement you

But this is not a dating server

yet....

Shhh

in this world if you say a good thing you call it cringe

may i remind you of: https://resources.hackthebox.eu/hack-the-love

I am not dating you

if I said that you look good is that dating?

yes you may try this

Chat when was the last time you told a girl she is beautiful ?

I don't remember 💀

Time to take a shower

https://open.spotify.com/track/0SnKtGI3EjgG7xJFTS5Z14?si=VmyBCTTUQWKE8OCuabf-gg

You talk to women?

right now.

you are beautiful

i remember when the opposite happened and it was today

I don't even think my code is beautiful and I really work hard on it

wait is that real

yea open it

I wish

Oh my word

you know maybe its for you

Same

htb but tinder

I would get matched with cloud

❤️

who

No, my cloud

i cant tell who

please tell me

https://tenor.com/view/cat-leaf-vibes-vibing-sleeping-cat-gif-17297041570420202318

Gdpr reasons

no way hackthelove became an actual thing

wdym became it is an actual thing

Of course it didn't 🤣

hahah

Yet

AAAAYUUUGUUUUYYYYYSSSS!

there is just a hidden login page you dont know about

https://www.youtube.com/watch?v=dQw4w9WgXcQ !!!!!!!!!!

we have to gatekeep the bad hackers

crazy world we live in

thats why we have hackthelove

why the fuck I found this everywhere!!!

send the cool gatekeep cat meme please

you guys dont need HTB Tinder when LinkedIn exists

in THM or any lab

Cold world we live in

https://tenor.com/view/made-by-clown-gif-4428586269206149108

what does that even meeaaannnnn

Very

Coffee later

lmao rauter mayhaps?

i remembering rickrolling people by saying rickroll video was taken down

Coffee now yum yum

good days

A barista visits me next week and show/teach me some cool stuff

i drawn myself in coffee when i wake up

hmm is he a discord mod by any chance

Nope

so thats not wild

An actual barista

yum

oh comeon he works at two places

Like barista barista

Not wild

he is as much as a barista as anyone can be

why is brath winking at u

Stop the winking

i wish i had a barista visiting me

Idk

lol

in germany

i hear german baristas are WILD

i would make you my trophy barista

https://tenor.com/p7gqllQ8JWy.gif

This is getting cringe here again

https://tenor.com/view/awesome-yes-no-angry-batista-gif-14996999

lmao

Whoops no, that's Batista

cringe is norm here

Almost

No

yup

see it every day

https://tenor.com/view/cat-punching-angry-mad-gif-24670332

I’m here since years

And it’s getting worse yes

it went to shit after gatekeeping was removed

we're fuzzing gng

pls bring it back

can I hack with you

No

thisty_v2

did not talk to you

v1 was bad

Still no

I wouldn't say it's getting worse

Next victim

I migrated to bun

It’s still worse

you are a bad staff btw

you can pull yor 'big brother' bud but Eurasia always had been at w.... w....

Thank you

I tried with python but I like typescript a lot

so

i think writing cli tools in js is a bad idea

you are not welcome

you should use go or rust

the point is to enjoy I guess

lol

is the CJSA voucher locked? (i didnt try to swap it yet)

as time goes they become slow

I’m here as a normal person

I'd say it's pretty typical soulless corporate chat most days... Some evenings / nights things get slightly spicy though

I don't mind, I do it for the kicks

https://tenor.com/view/monkey-dance-gif-25134657

And I recommend you to not say like “you’re not welcome here” to staff or mods or someone else

Mickhat is definitely not a "bad staff"

But you two should block each other

That’s done

what a day

👍

I did not say that you are not welcome here.. I said you are not welcome when you said thank yoy

u

https://tenor.com/view/madmax-what-a-lovely-day-valhalla-lovely-beautiful-gif-5607069

so is html injection a valid bug if it cant run js

this is not my channel to decide who is welcome here and not

Probably not

I like mickhat, plz no bully

tbh i think i can only do bold text

yeah they are using some good stuff

gotta figure out something else

Try <svg/onload>

no bully!

Maybe XSS

just distortion of reality

no chance

dom purify latest version

and even on a govt website lmao

how is this possible

we all like a little bit of sQl

who are you uakcing

hacking

gime

gov

i am uking this chat

https://tenor.com/view/monkey-skate-board-skate-orangutan-cool-gif-15021178819801542115

Hunting?

lol

no uking

yeah i found a htmli afterwards

via loc param?

https://www.instagram.com/reel/DSADf8AE4MS/

yeah

Yeah I saw that one haha

in a BB?

does that count

yeah

why would it not

see you are smart. that's why I wanted you

does anyone knows a platform where i can learn about software ingeneering???

plz gime something if you know

whats funny is i found out they give u a list of domains i think if i actually seen that before i could have found something

Oh dear, a new endpoint on uk gov for a chatbot

omg amazing

i only know web dev and can help you with that if you can call it a software

Let's see how clever it is

in the program the give domains list?

yeah its in xlsx file

wow that's cool

give me the progrM LET ME HUNT

anyone knoes resources where I could grasp some knowledge on software engineering?

bugcrowd

pick any vdp on a govt program i think

what if I told you AI found that XSS I gave you

scroll down

hmmm... let me get CWES first

I will do the exam soon

i am willing to bet it wasnt burp ai

do you think AI in the proxy tools are good?

bro posted the link as if i didnt post it

close ur eyes

yeah it was claude

same i ran it too lmao

😄

curl + u and the first js file

why u want to see senpai

the dark nights are the best

all nights are dark tho

anyone knows where to learn splunk well prefferably for free?

thank you i didn't see it there

burp is my favorite piece of software

it does everything i tell it to do

irony

How so?

😎

Amazing story, great characters, thanks bruh

you do know it is 404 what you sent me right

the scanner lmao

First step of htb grindset

Learn things on your own

https://tenor.com/view/pissed-upset-angry-kick-himym-gif-12184923

Me trying to understand how @eternal mango got that sqli on nasa

Old Cisco gear I meant to go back to

Now it's too late

nah it just says that you are an asshole

simply put

you can chnge my mind if you can

but i double doubt it

ass usualy doesn't have what it takes

We got lucky

Huh

With that null byte

WHAT DO YOU MEAN WE GOT LUCKY

If that didn't work, it woudn't have been possible

and I've NFI how that even worked

but it did 🤣 🤣

That was my first crit

Fun collab 🤘

Wish we could do more of that if im being honest

I miss the days where we would just collab

did you know that macs reserve one byte on the hard dist as a partition why i don't know

When academy says 8 hours, that just means 1 day right?

I do hop in now and again, but nothing on a schedule

it is like full work day for some ppl

I'm going over .gov.uk again right now just to pass the time before bed

it can even play doom

a pregnancy test can play doom

But yeah

Let's arrange to work together again some time on a program vader

It'll be fun

Like old times

Something like that 😅

But aye, I'm down some time

Maybe in the new year or after xmas is out of the way

Yes, it's impossible to do anything fun during xmas

I would really love to collab or at least be there to learn from the pros

😄

I ain't no pro 😅

can anyone confirm this?

8 hours = 1 day in academy?

I bet I can do better for bug bounty

mmm

it depends

oh by the way i was so so happy yesturday i was able to finaly figure out my VM on my own and i connected to it from my learning nod while vm was running on separate host

shit was so difficult but some how i did it

someitmes 1 estimated hour is a full day sometimes 8 hours are 5 minutes

felt very suttisfying

agree

alright ill just assume that 8 hours does indeed mean 1 day, so 3 days would simply translate to 24 hours

i prefer days where hours fly as minutes

The bbh lad has been challenged

yeah but wolo

if you already have part of the knowledge it doesn't take as long

nobody has challenged me, the bbl king

it depends on the user

does anyone else likes their raspPi?

I got one I hate it, it's storing mold

challange you to what?

a bbl contest (id win)

LMAO

More like 2 hours and listening to music, and jamming, but that depends on how you usually work

whats bbl

Do it 😄

gime, i would take it off yo hands master

🍑

big ones

Lemme guess, you’re a visual learner as well

Bug bounty league

thanks

When I really have to get something done, especially mental things, I stop thinking and start floating

Just dont google it

Brazilian Butt Lift?

you need some adderoll

That wasn't a joke. I have what is called an oceanic memory, and a great total sum of humanity's knowledge is already there. To reach my full potential as thinker I stop thinking.

maybe same but Butt Lick

hmm

why is there contests for that

The most novel solutions I have implemented have been done thinking nothing.

Yeah people who aritifically lift their butt

to make it appear biigger

or rounder

I got enough internet for today

then i may say with the certainty you work at the manufacturing facility

Don't do it tho, it makes it look bad

from experience

got your butt rounded?

I left for 5 minutes

haahhaha

and now butts are being rounded?

Not really, I do extremely thinking heavy stuff. It's just my brain is wired differently. I have no idea what would actually happen if I used it to full capacity. It's too scary to even attempt.

someone plz round my Butt plz

you can just go to mcdonals or smt

imagine never to be able to even say stupid shit coz your brain is actualy working and restricts you from it?

nah no McDac for me

good

I've been craving mcdonalds lately

🙁

me like healthy yumkis

I wish I could make pizza for you just to get 80$ tips

😄

Pizza sounds good

I make pizza

like fermenting the dough and all

80 tips on pizza you would have to do a little better then just pizza makinf wink wink

I want to eat pizza but I'm currently cutting weight 😔😔

compared with the best pizza I ever had it's a 8/10

more like make pizza inside of me

same

pizza TASTES good

im down 10lbs

What's 10 lbs in kgs

Getting my 6pack back before June

about 7 squirrels

since you hack smothies you could look into it

Use normal untis

making your own pizzas

4.53592

i do have pizza hack

Use kgs like a normal person

But that's still impressive

I do
Greek yogert + flour for dough

Crazy

homemade sauce + low fat mozz

I've lost 3 kgs

In 3-4 days

greek yoogurt with flour????

So good enough

what

It's not bad

does it get the right consistency?

https://www.allrecipes.com/recipe/244447/two-ingredient-pizza-dough/

amma hot blonde chick with ability to mispell evething and their mozer lol looking for hot 6 pack smart ass hacker haut bun backer at home wink

it's edible and gets the pizza craving

It's better than cauliflower

pizza is excepted to on pizza day

cauliflower is useless.

I did see a chicken crust, but havent tried it

unless it is a hemorrhoids

then does something

I'll try it one day

vro what

check the good stuff

protain pizza yay

I prefer Brotain one tho

https://www.youtube.com/shorts/oqEVqglLDO4

@exotic pendant this is how it's done

The topic was healthy pizza

@torn cedar bro is playing LoL 💔

😄

difficult to get healthier than that

I han help you to get healthy

IS friday-1

Frost did you have to learn assembly for understanding Ida

And Ghidra

I know assembly but it's not required but helps

you also got the psuedo code

i know assembly

and basic

But is pseudo code always correct though?

No its not always accurate

My back decided it was Friday

So what do you do in those cases

Do you read the assembly code too

Then I prob skip over vulns if it isnt

or

I just poke at that area and get nothing

is not a problem

Oh

Fair enough

very difficult languages

but always be needed