but you will probably need the pwnbox gtk theme

apply it

set the terminal

Didnt like parrot nor kali, went with something else in the end

change the icons

and you should be good to go

probably a browser theme too

pentux or whatever? pentoo?

A secret 3rd thing

yeah im just too lame i guess, im using kali.

The vet just reminded me to have my cat checked up

In.. February..?

im not gonna have the damn thing break down on my have me scratching my head in the middle of an assessment

Bro it's still December hello

I think there is a vuln in Obsidian

dont leak it

This is the part where you shhhh

And ask a close friend

Loose lips sink ships

did parrot OS remove the HTB version

i cant find it anymore

We don't have one for 7 yet

oh

Good morning Ryan

will we have in the future?

Probably

if i wanna download the old HTB version? 🥺

Man i used to have the old iso

If i still had it i would give

Hey, are you back to windows?

yes

Unfortunate

meow meow

Why?

https://archive.org/details/parrot-htb-6.0-amd-64

tyyy
would there any problems though if i download the old version?

Hello Ryan I have a very annoying project idea

youd be limited to compatibility with whatever debian version 6 was based off

i think 12

what is it

and what if i update it after downloading?

What's been stumping me at work is obfuscation.

idk

lets see

Specifically when theres 50 fucking layers

I don't think there is an upgrade path from 6 -> 7

why tf-

3 hours holyy

7 has a new version of glib, is based on a newer debian release, newer kernel, uses wayland instead of x11

why are you rate limited to 340KB/sec is the real question

Because he's downloading it from archive.org

probably cause of the website im downloading from

Correct

Skill issue

lol, and there is

The website sets the rate limit for downloads not the client

Okay hack the website

Sorted

ok i wont download it
sorry 😔

maybe try this https://linuxtracker.org/index.php?page=torrent-details&id=be366325e885a553cdd515fa9f27e222245ef04f

php still running the world

I could ask lorenzo to give me a link to the iso hosted on the parrot servers

Anyway I'm gonna work on a "de-obfuscation" tool

but I doubt he would respond quickly

Ooh funzies

de obsfucation doesnt really work if obsfucation is done right

@oblique zenith I summon you

yk what ill download the normal parrot

thanks anyway Ryan

The issue is

It's not done right in real life

Ever

😩

if theres any way of changing to HTB version later on, that'll be cool

I wanna see where cloud goes with this

It's literally nesting 500 environment variables full of nonsense

Yeah I kinda hate this new version

I hate it so much

Tbh

didnt know you used Parrot

If it still takes long you can just download it on background, or like leave it on for the night

Im downloading from the official website rn

itll be fast

they should use my tool 😩

But yeah I figured like.. okay the obfuscation is being handled programmatically

its probably gonna be a bit slow cause im also downloading a game in the background

Surely this means it can be identified and reversed

That is horrific to look at well done

It just has to use the same methods as the obfuscation

ty ty

theres an HTB theme for Vim too

damn

So I'm gonna make a tool that will hopefully cut down on my

Floundering cyberchef attempts

Speaking of chef cloud

I got good knives

I saw you got knives yes

You’ll be proud of

YES

Learn proper knife handling

just slice em

I cut my hand pretty early on learning lol

what a british thing to say

It’s

Just

Chopping

@scenic maple make a spotify HTB theme too 😂

It's not

It so is

How you cut makes a difference

Ya cut thin cut thick

Ezpz

this should be legal i think

Did the HTB themed parrot got discontinued?

No just not updated yet

ah

yea theres something called spicetify
it allows access to custom theme for spotify

use that

i will look into it

and allows no ads

make one for vencord too

yea that too

no flexbox for us

whats RISC-V

It's new apparently

google it

a cpu architecture

i see

The little description there called "promising architecture"

correction: its in a plugin. time to submit PR

Nice work brotha

dude HOW

HOW do you find them

https://tenor.com/jgfOLiCmC90.gif

we haven't made one for 7 yet

There’s arm there’s x86 then there’s risc-v

explain me your process pls

7 uses KDE plasma not xfce

He was using discord and noticed something weird lol

NOOOOOOOOOOOOo

YOU CANT DROP XFCE

Er, obsidian

AAAAAAAAAAAaa

that sucks

I'll tell you in a while. The specific thing I'm doing, its very interesting
Or actually I'll just dm you

pls do
appreciate it

Oh I haven't been on the pentest scene for years, I just remember that last time when I checked I think it was outdated then, maybe I just checked it at the wrong time

submit your feedback to parrot lol

urs already as heavy as it is

Risc-v mainly is used for embedded stuff

its gonna be heavier than kali

It way funnier bothering you guys tho

I like bothering Ryan

I made the last HTB theme, so I might end up doing this one too

we'll see

I approve of this

I approve of this heavy

why yall no reelase a design system

Here is a minimalistic opinionated DS:
$primary-color: red;

i wonder if i should just make one

But yeah if I see another powershell payload reaching out to a url with 50k lines of encoded garbage just to reach out to an additional url for 75k more lines of encoded garbage I'm gonna throw my laptop into the Sun

You could fork one

yay free labor

true but then it would look like a forked one

its not really free

considering im paid a salary

i think i should get like 10-20 and then just add the stuff i like in each

then no one would accuse me of stealing

For one that can be customized

we should fix that

hmmm

im not following the joke here

is the joke that I should be fired or

Wha

No you should charge people kek

neither do I

this was in response to how I made the HTB theme

Oh

and he was like free labor

I'm too tired to come up with something clever

Nice

So I'm just throwing stuff at the wall atp

I should get up

Yeah it’s clear out my entire ticket queue kinda day

We out here

Also a 1999 kinda day

But most days are a 1999 kinda day

It's my last day of holiday break before it's back to the grind

Anything planned?

Working on a project idea and cooking

Rad

I cooked pizza

it was

good

I need to clean a bunch

Busy cloud today

I did that too

it was

not good

Why am I here again?

This is a cybersecurity server

I enjoy it a lot, infosec that is

I did enjoy it too

Oh my baby😭😭

then realized I'm bad at it

My mcskidy😭

KDE on Parrot sucks

Parrot does look better than Kali though ngl

McSkidy looks even better

true, but I like kali better

Beep beep donut

im trying out parrot

Kratos

I have some lamb

Would you like some

no

nice

Why not

It's delicious

I've seen from others that parrot gives more errors while executing commands

Donut

@cerulean bloom

beep beep I'm a sheep

🐑

https://tenor.com/ba16p.gif

RIPP

Hello chat

Hopefully not
If it does, I'll use Kali

Just a VM in the end, there's no risk

Parrot is totally fine

I only bricked it when I tried to do really really dumb stuff on it

Dude, you gotta try exegol

Just see if you like it

I bricked

Myself

It’s recommended it’s ran on Ubuntu, but I mean YOLO

I got it setup yesterday which is super quick

I was messing up with driver stuff that's why

And it’s so fucking nice

But other than that it works just good

It's even more light weight than kali at some point

I feel like using it doesn’t interrupt my workflow at all

I think I'm having a driver error
Cause I'm bricked

Jk

All hail 22Kratos, the king who never was

Kratos one day I believe you will manage to use a pc for longer than you spend swapping OSs

Heya froj

This is crazy

Hello

can you please for the love of God just install kali and do some boxes instead

That's....
What I am installing parrot for

Hopefully

Bro is bricked

why parrot

that makes no sense

why using a derivative when kali is just more stable and more documented?

Anyone for a vc

I am sir

I shall be on soon

Same I must

Eat breakfast

finally got hercules

Proud of you

That wasn’t easy but you did it!

box is straight up torture ngl

grinding hard for that rank before work starts again haha

xd

i got 7

|| |||| |||| ||
|| |||| |||| ||
|| |||| |||| ||

sheeesh

come to realise that academy is great but learn so much off some of these labs still

landmine finder 2.0

VM is working
time to hack

noway

quick someone show him the grub menu

Mumfin and bagel

great, now install TensorRT + CUDA and brick the OS

man stfu

Kratos try my bash config

in a moment

Any1 having issues with spawing a machine? Having this issue for 2 hours already and tried multiple possible solutions..

elaborate on the issue

is the machine just not spawing on the website?

Yep.. Deleted cache and cookies already, logged in/out and tried a other browser. but didnt work 🙁

you should message support

I will, thanks

guys, does doing penetration tester module on htb and practicing rooms make me ready for OSCP?

i'm new here so excuse me if this is not the correct room

@scenic maple

https://tenor.com/view/cat-meme-gif-8306311747146329689

@scenic maple you may get another fish shell user hehe. i have a general question about using tools inside and outside of a dedicated hacking vm. is it not cumbersome changing from host os to the vm and viceversa for using tools installed on the host and the vm? dont see the benefit of it.

i dunno actually i have always used bare metal i am confident that i wont brick my system but also a vm would make it very slow for me
i guess i would run a few common tools like burp and nmap on host pc or like software that needs access to bare metal stuff like hashcat
and put all the other rarely used tools in a vm that usually break a lot

or u could go full on vm mode

i usually recommend going on full vm mode

that separates stuff which is good not just for bricking ur system accidentally but also when consulting with clients you want to make sure files dont get interchanged or you accidentally dont share something sensitive

There was a heated discussion few dsys ago about how shitty oscp is

it does tho

i think cpts makes well prepared for oscp

Thing is, is oscp worth it? Its pretty expensive last time I checked

It’s HR holy grail

yeah i know so i will stay true to the full vm mode. just wanted to ask for clarification. i am using macos with a parrot vm for now. kinda feels bloated and i hate that cause of my audhd.

if it can get you a job then its def worth it

better take oscp and get a job than do cpts and not be employed

always go for the job

Thats also true

cpts is good for skills but not there for hr

but soon

it will

I think so too

does anyone feel lost as hell when doing web bug bounty? I properly found my first CVE through code review and tracing fucntion calls. But I feel like I don't know anything about web pentest when doing bug bounty lol

have you tried hunting on platforms?

golam

like bc or h1

do you know how to enable DOM Invader on burp?

tried googling

it needs pro

afaik

seriously

nvm

ok great

https://portswigger.net/burp/documentation/desktop/tools/dom-invader/enabling

there

I suck at googling

thanks

https://tenor.com/view/cat-leaf-vibes-vibing-sleeping-cat-gif-17297041570420202318

too lazy to read

yeah i do, I look for targets on h1, maybe im overwhelmed when doing bigger targets

gork summarize this for me

@gork

try govt vdp programs on bugcrowd

once you get a few bugs then move on

I came here to hack not read ~ cinzinga

veni vidi vici

got any nasa letters yet?

nop

focusing on job

get soon

🙏

i need to do this

nasa letter goes hard

oh man my power went out once already in this crazy storm

kind of scared

https://tenor.com/7eBwa1eE14.gif

thanks, I will try that

wow after finishing that first mod and the next one is like doot da doot

do you live in a storm prone area?

for winter storms yea - state to be more exact lol

I can't afford a backup generator though

and I can tell there's some electrical that needs to be done, but I haven't like messed with that since I was way younger, so I don't really want to tbh

Try to build one yourself, perhaps

I've seen guides for DIY backup generators by reusing things like old radio parts and solar panels

I've considered that

I bet there's something on hackaday

It's weird, I asked ChatGPT how to build one just now and it started with "Since you're a minor, I'll tell you safe ways to blah blah blah", and I'm not a minor lol. It was an incognito, logged out session

whats up

https://hackaday.com/2023/09/22/thats-not-a-junker-thats-my-generator/

literally easier to just check hackaday haha

never heard of that one before

nice, car parts + arduino = pretty much anything, then 😆

that is cool

I don't have a junker, but the theory checks

Hello chat

Gm

How’s it going

heya

All good

I think the only issue with even DIY'ing it is - even for a DIY - I'm spending $$ to some degree

b/c it technically has to have the power to backup a house @muted olive

Still less than what you'd be spending for another generator, I guess

a small radio wouldn't do, but I have 4 old servers in my garage

bought a laptop for my daughter today, and the sales guy started talking about booting up the computer to activate the windows key, i just told him that we wont need any windows key. We boot straight from the linux usb

I can't get to them atm

I have a data array too

Glad to hear

don't ask

I'm not even sure if they'll run bc they've just been sitting there forever

Cool to see parents starting their kids on linux

To be honest, its completely doable if you just get the right parts. And they'll be there in items you already use everyday. You just need... idk, stuff like DC motors and basically transformer equipment

I can probably get a multimeter to check

@vivid flower well, i have been extremely transparent about how corporations sell our data and stuff like this. they know all about it, maybe to the point they get annoyed listening to the tinfoil hat father xD

I taught mine to solder and such by the time she was 12 hehe

Im trying to convince my gf about that stuff rn and i dont think she cares that much

Maybe try selling in linux on other points rather than this

People love convenince, and linux computers boots up SOOO Fast

i've tried to get my bf into stuff for like ever

he's just not into it

She spends over 50 bucks a month on streaming services and i think i just need to build a plex server

yes/no: depends on what she's streaming. if she's on 1 service for a particular show

you can always rotate subs though

I do that

True

like if i know a show I really like is gonna be on X platform - i'll sub for the duration of the show, or wait till it's over + sub a mo + watch + cancel

But the data

My wife is a specialist on rotating subs for streaming services, if you unsub for a couple of months they will remail you with a deal of lower price for the first month and stuff like this

Palantir is gonna know i watched supernatural

So you get 1 month cheap and just unsub after the first day

yep!

they charge you less

i like doing yearly subs when I can tbh

the fact that some services canceled that kind of gives me the ick

Thats a hot tip ig

If i move in with her tho i wish we could just have a huge media vault and id do private trackers

Theres so many of them now you cant sub to them all, you will go broke. so have to rotate tbh

And pay 0 dollars

literally better to just get friggin cable again

lol

Or even better, raise your sails and get out on the seven seas

Thats what im sayin i taught her how to use tribler but shes not that tech savvy

First thing i showed my daughter is how to connect to VPN nodes in wireguard

xD

using the terminal baby

no spyware or bloat like recall and copilot

go to chat gpt in the browser instead

much better

Ive been showing her a lot of old movies so maybe she will realize a lot of netflix stuff isnt good

well i realized that myself 2 days ago lol

i watch back to the future 1 and 2

Great movies

and was like... BRO these movies are sick

my kids agree

they liked them too

watch The Goonies

Watch starship troopers

O yeah your kids would love the goonies

gonna check what it is

imdb is my friend when it comes to that...

Classic

Ive been to astoria didnt see any pirate ships but it looks like the movie

Hey, where can I get a hint for "Fries" room?

Apply ketchup

What's that? 😑

Is not this an HTB channel?

#boxes

This may take some time

Helloooo

https://tenor.com/view/grogu-star-wars-mandalorian-baby-yoda-gif-9168999412781595068

wassup

in one of my favorite games you can end the story by sacrificing yourself to save the world

or

you can sacrifice the world by plundering it into total darkness

hi hi

@maiden anvil what game is this?

dark souls

Looks like my VM needs more juice

are we completely unable to send messages to support right now?

You can, on weekends the support staff is limited and additionally it is holiday season so that adds more wait time.

https://tenor.com/view/tired-groggy-sleepy-what-dazed-gif-16582493918036962522

updating kali I see 👀

If it is something urgent and not related to billing, I can assist.

yeah i wanted a little kali VM somewhere just for fun

i am really bored today and worse than usual

meds don't work anymore, oh well

it is a billing thing. I can't figure out how to send a message

that doesn't sound good

which platform?

academy

Do you already have a subscription?

yes

thiking of becoming an isolated monk in a church or something

i'm tired boss

not sure what to tell you

tired of what?

living, primarily

If you are using beta click on the question mark symbol and select contact HTB Support.

Else on bottom right there is support bubble

Is it a temporary bad day or worse?

I asked Excel what the purpose of life and it told me to create some Spreadsheets

great advice

Else if either does not work, then you should check if the ad blockers on the website is disabled

If not use email customerops@hackthebox.com

yeah i dunno i've been stuck like this for a long time now, some years maybe

Good nightz

disabling ad-blockers is not going to happen

https://tenor.com/view/white-monkey-funny-face-animal-lol-why-gif-19799376

Is it your general living situation or like work or something you can pinpoint is the root cause?

right ... unfortunately it seems the actual 'send a message' functionality is disabled currently

hmm ok, then I know why but then use the email as I suggested.

yeah who knows, it's probably a mix of things, i don't really have a good family or friends, not really happy about what I do either for work

i do have a couple of hobbies but that's about it

So, my best advice is to start making a list of things you are not satisfied with and then start thinking about which of those things you could start changing first. start with the smallest things first and go slowly

Somewhere a long the road you may feel already its feeling better so you dont need to change anymore

sometimes all you need is a direction

and not a goal

to hell on a hand basket

Nah just take more meds

I was on meds for years for adhd but they really did nothing except mask the root problem

pharma wants to sell

Most important anyway is to make peace with ourselves, and accept who we are to begin with and work from there

whatever you think its the right course of action , i wish you all the best and good fortune

thanks man

@molten bobcat is this fax?

Theres no profit in us getting off the meds xD

Wha

my reaction too

what are your thoughts on vaccines?

What do you mean?

Hi man, is there any clue on the box to guess the db-m**** vhost? I tried several wordlists and nothing worked.

I think vaccines are great, apart from a few of them which i think are redundant

Any vaccine that is related to the flu is something i personally avoid. Influensa viruses up here in sweden they mutate all the time, so then you have to go and vaccinate all the time and still get sick because now you got another version thats mutated. Its a waste

Swedes must blow western democrats minds. Both super liberal, but didnt enforce the jab on their citizens

Haha maybe

what's "the jab"?

It was indirectly enforced actually

Anyone that works for the state basically took the first shots, but they realized what i wrote and stopped

like chasing your own shadow

tetanus is a complete and total scam

the chance for infection is so astronomically rare

it's a scam invented by big steel (joke btw)

there is absolutely zero justification for it being pushed on patients with every office visit

other than to make money

in Sweden i think we get one of those tetanus when we are kids, they say it will last you for many many years

You know the one . Tested less than a car seatbelt and forced on millions.

I don't think I do

Im pretty sure there is no big conspiracy behind any of these things, usually its just monetary incentives

Ofc money makes the world go round

scrape the git repo

specially with the covid jabs, they saw a massive opportunity to make money with vaccines and cut a few corners on production to get it out much faster than it should have been

And now its a wide known fact here that they caused heart problems

for some people

i dont know in your countries but in my country its like this

why call it a "jab" and not a vaccine? A jab is a punch not a vaccine.

its just a habbit lol, during the first year it was heavy censorship on anyone questioning the narrative

so we had to say these other words to be able to discuss it

on social medias

What if it wasn't censorship but dangerous misinformation they were trying to prevent spreading?

Even doctors that were fired for asking questions that first year

Thanks. I'll do it.

what's the bar for determining what is and is not misinformation?

always wondered that

https://tenor.com/view/white-cat-burrito-gif-8889135913780057940

How can someone spread misinformaton about a new virus that nobody knows nothing about ?

Asking questions is not misinformation

@zealous charm @willow magnet any hacking this fine sunday?

You have to ask the hard questions to find the answers

it's kind of a meme word these days to scapegoat any conversation one disagrees with

pretty meaningless tbh

if no one knew anything about it then how were they able to develop tests for it and recognize the symptoms of covid?

Im asking the same question

I'm not really educated on that, personally I think that misinformation is stuff like "raw milk better than pasteurized milk" or "vaccine bad because causes autism"

I tend to agree on that

no, you're saying that no one knew anything about it and I'm asking how were they able to make tests and develop a working vaccine. Maybe it's because they actually did testing and found what worked and what didn't very quickly 😄

Maybe

you're able to lookup the studies and such on the research they did I believe.

I'd imagine something like that is public info now

I was never really interested, because its a mutation of the flu virus so i took my chances and ignored the vaccine. If i die i die, didnt really care

However, i was never sick

👀

Never used a mask, never took a vaccine, never social distanced

I saw a study recently that made the argument that giving people tick-borne alpha-gal, which can cause an extremely dangerous allergic reaction to red meat, in some bizarre justification to stop the killing of farm animals

i ignored all of it

I would kill 1000x more farm animals just in spite if I was given that

is there a mod lurking chat? 😄

you do know the flu vaccine changes year to year to keep up with mutations right?

Yes, and why would i need it?

I always social distance, I like my personal space and respect other's personal space 😄

it helps prevent getting the flu which kills many people per year, though it mostly kills babies, elderly, and at risk people

I just ate a piece of a pig, and it was tasty 😊

https://tenor.com/view/bacon-food-gif-12583283796040549115

I am chilling with my meat lover pizza

https://tenor.com/view/pete-davidson-bacon-gif-26968110

https://tenor.com/view/epic-embed-fail-ryan-gosling-cereal-embed-failure-laugh-at-this-user-gif-20627924

I understand your concern, but i dont need to vaccinate against something i never get

I am legally required to do it to everyone and can't discriminate

None from me. Going through wkl CI/CD course soon so I got up to speed on DevOps foundations last week. Gonna lab up the course tomorrow or the next day

https://onlinelibrary.wiley.com/doi/abs/10.1111/bioe.70015 oh hey look there really is a study justifying forced meat allergies, I guess that's not misinformation

published this year as well

https://tenor.com/view/rage-bait-l-rage-bait-ragebait-l-ragebait-thanos-gif-1201177070319080685

lactose intolerance is basically just skill issue with your body

people love assuming there's no conspiracies because society is morally ethical

but truth is stranger than fiction

Thats an epic line

no joke, if you just drink milk and eat cheese for a while, you'll not be lactose intolerant anymore

that kinda sounds like misinformation but imma check brb

I think what he wants to achieve is that the body will become inhabited with the bacteria that digests lactose eventually

https://www.youtube.com/watch?v=h90rEkbx95w

If that works in reality im not sure

AI says no, but a page on purdue.edu appears to insinuate otherwise

@thorny pumice poke. take req.

It's unethical to force people to stop eating meat, unless there's not enough meat to go around. Cows eat snakes, dears eat rabbits, chimps eat monkeys. It's only natural

never trust AI

cows eat grass 😐

trust sources

we also just saw a source justifying forced meat allergies, so dunno that's the way to go

no actually just bc someone said cow

doesn't mean i'm going to chat

back to my labs!

I know with other food types its possible to inject into your intestines bacteria strains that you will eliminate allergy because you can now properly digest

I think I heard squirrels are becoming cannibals now

that’s not really…….

it's a study, and people generally glorify studies as sources of truth these days for some reason

generalization that isn't universally applicable, but those are the times we live in

i mean when trying to get an answer to a question i’d generally trust reputable sources over ai

There's rare instances, but yeah it happens

i like your thought process

btw, Flukeyy, if you referred to me in this message, I use she/her pronouns please and thank you

A study is only a discussion of some idea, and maybe some tests that were done on the idea, with an explanation of why the test results show if the idea is confirmed. It takes a lot of tests, experiments, papers, etc., to make something appear like it might be legitimate

eh ok...

i had no idea that was super important to you

my uninformed hot take on animals is that the self-aware ones dont belong in zoos

it is when you refer to me as the wrong gender, cause then you don't talk about me

Nothing belongs in zoos

I tend to agree with this extreme on zoos specifically

i am releasing some happy chemicals

these cocktails be expensive AF though

Ok. i understand. Then i can tell you, you can refer to me as whatever you want. as long as you quote me i understand who you are talking to. I dont need outside validation to know my own identity

the middle one looks delicious, what's in it?

It's important to indulge, for science...

it's unreal

it's a coconut variation of the pina colada

with banana and other mexican liquors

it’s not even noon and i need some of that

fr fr cuh

well if you just say a pronouns, that isn't mine, with some context to a text in here without answering my message and/or saying my name then I wouldn't know if it's me you're referring to

today was a long day i need like three cocktails minimum

I said i understand, i am not arguing with you

You gotta drink more I drank more than u bro

any of them tequila 👀

ayo cuh

i know u a drunk ass mf

i will try to remember i promise 😛

if i succeed all the time i cant promise

on the internet its not so easy you know

So, everyone having a good day today?

https://tenor.com/view/outcome-memories-gif-17588520558985176608

Poked a little bit at a bug bounty program today. Found default creds that let me interact with an API. I could probably write it up as a P2 but want to hold onto it to try and escalate

Hbu big dawg?

mornin' fellas

https://tenor.com/view/muppets-muppet-show-helen-reddy-camel-dance-gif-27122675

This UDP scan seems to be taking a bit longer than i'd "like" is this the ideal way to scan?

sudo nmap -sU -Pn -p- 10.10.11.80 --max-retries 2 --min-rate 800

i guess i could bump min rate up to 2000 ? its a box

UDP is slow

and yes you could've bumped the min-rate

but UDP scan is way slower than TCP scan with the same min-rate

why would the TCP of the same cmd -sT instead of -sU take LONGer though when theres the handshake and setup/breakdown of the connection involved?

also -p- will take forever lol

here are my 2 go-to commands I run for TCP and UDP when first popping a box:

sudo nmap -sU --disable-arp-ping --max-retries 0 -Pn 1.2.3.4

sudo nmap -sC -sV -O -p- --min-rate 1000 --min-parallelism 50 1.2.3.4

yeah i was prepapred for a longer than usual with -p- but didnt realisze udp would actually take loonger being connectionless? that has me scratching my head now

Im vibe coding an extension for burp that will predict if the current day is good for fishing or not. gonna add in weather api's and barometric pressure and all sorts of stuff

UDP runs pretty quick too

unfamiliar with the parallelism im gonna use that

From HTB Academy nmap module:

| --min-parallelism <number> | Enforce a minimum number of parallel probe threads to increase concurrency.

Cant set too high tho it'll give inaccurate results or time out. I found 50 is perfect

very cool thx

ah , slick tip on the 50

Ugh, I think this is some fundamental misunderstanding about UDP

Sure UDP for some use cases is... "faster" - whatever that effing means, are we talking latency or throughput? - but definelty not for a scan.

A scan requires both ends to be fast, but with UDP this is guaranteed to not be the case.

Hell yeah, burp extension really do have a nice and easy GUI

If anything there will be rate-limiting by the side of the kernel itself

a -p- UDP scan will probably take like... the entire day

atleast

hey chat i saw there was a 30% off discount with a coupon just the other day

is it still available?

i don't see it anywhere

real world or scenario?

both man

The nmap will send a packet for the port and just hang there waiting, and waiting, and waiting

And chances are too much UDP packets will just trigger rate limiting

oh, you mean a straightforward one without any "control flow" for lack of a better term here? where we tell it to move on after a connection failure or timeout etc

there will always be a control flow

well i meant a basic scan without any user customized control flow... nmap -sU -p-

Still slow, but faster than --max-retries 2 for sure

Notice on r00tm3daddy is using --max-retries 0 instead

interesting i thought default, the basic scan there was 10

I think the default changes when it's UDP

or atleast I sure hope so

no kidding?

because my custom port scanner does that

and if nmap doesn't

it will be funny

right on 😛

😄

Yea I set the retries to 0, in case the port is being filtered/blocked the scan completes quickly.

you wont "miss" any that way?

i guess maybe i misunderstand the reasons a retry would be necessary i thought it had everything to do with avoiding false reports for filtered/blocked ?

Chances are high, but that's what UDP is all about you see?

It's possible you may miss some, esp. if you set then max packets high, but even setting max retries to >0 can still miss some

i’m supposed to work today

If you really can't afford to miss any UDP ports, you'll go super low and slow, and back off if there's even a hint of a stateful fw on the other end filteirng ports

This is a correct reading, it's just that if you do that for UDP you are fighting UDP's own principles.

But for HTB boxes my command is perfectly fine and I haven't had any issues

Yeah... r00tm3daddy put it better

ah ok, that puts into perspective

thank you both thats super helpful

With UDP don't do -p-, and prefer --max-retries 0.
And know that if you do need to be sure of no losses.... Then start your scan at 4am and expect results by 4pm or something, lol.

Non hollywood hacking seems to long and tedious

LoL, it's because you never watched a real good hacker doing it.

They are fast

think fast

so we need to know what ports wer'e targeting in advance sorta?

nmap has a --top-ports option

that we prefer when doing UDP

oh right , sorry stuck on stupid for ammoent

moment*(

https://cdn.discordapp.com/attachments/1288806853572296755/1445284780819091527/twitter_1995474928343072842.gif

i cant relate just yet, for me its long and tedious

does anyone know if the ranks expire?

its my first time getting a rank thats why

Progress towards next rank: Expire.
Rank that is already achievied: Do NOT Expire.

@carmine pecan do points expire?

Yes

If you don't play for like, a year or something.

You will have like... maybe 10 points when you back.

noo i dont mean it like that

That's why some people prefer Challenges, they give less points but the points will last longer (on average)

i mean like end of the season

Oh Seasonal points?

normal

like each season its new active boxes

if the get renewed or sth do these points disappear or not

you play call of duty?

nope

explain your pfp and name please

yeah the points disappear until you pwn the new box that replaced the old box

any idea about this please

https://tenor.com/view/game-club-fish-penguin-fishing-gif-18077765825755482847

its cool no?

okey thanks

reminds me of names from xbox live days on cod4 gamebattles, then i see the AR15

What time is it? Its Brathadair o'clock

i did play warzone

but i though it was a OG name back then

and kept it

So you did play call of duty...

alright then

https://tenor.com/view/lupin-iii-mst-mountain-standard-time-zenigata-jigen-gif-21159732

yep BO2 and warzone

uears ago

there's a mouth breathing homunculus DMing people and asking them to hack an instagram

you should learn to waste their time for lulz

exactly

Either you have a bot to automatic troll then

Become a part of the scam baiter community, you waste their time so they cant focus on scamming real victims

or you just engaging on caloric behaviours of complaining otherwise

your website is so cool

whenever i get the insta request i ask them who they need hacked

they send me the profile

i say "i gotchu fam"

in 5 minutes i log into my own insta, grab the home page and shop the pfp and name of the one they want

they start going crazy

thanks dawg

F12 hacker spotted

(that's hilarious 🤣)

Hnxnxnxnxnxjdjdkddo

Hnxnxnxnxnxjdjdkddo

Mt screen is lagging

I am pro butcher, don't try to challenge me.😡

wtf does that mean

you ever dress a deer?

You'll understand once you are in tryhackme server

no im a good goy i buy my meat processed

I used to send lamb tongues. Pennywise. Lamb ctf rooms

Power level: revealed

You mean a surgeon?

We don't really use the term "pro butcher" it's been some centuries now

It's bad for the business

Ask Donut or @vernal solstice . They'll explain

@young hearth Is this true?

come on Eileen

Bratha

whats up kissy boy

Is staff member in this server ? The one that posted everytime we run into error 403

Well... that's the song my brain wasn't asking to have on loop

same

In tryhackme I'm known as wisepenny or lamb

still no idea what you are talking about

Sharing is caring I guess? 😄

Are you everytime we run into error 403 we kiss?

https://tenor.com/view/confused-no-nope-gif-5413974953753901704

Frozen in a time 'nd space divide
But how?! Would the universe, surviiiiiiiiiveeeeee

https://tenor.com/view/looney-tunes-duck-dodgers-gif-26780442

Who posted the video😭😭 I want to know is the orange-haired girl in the server

No

Am I allowed to send links?

Yes

Are you the error 403 girl?

No

You are having some serious case of false memories here man

Go touch grass

or snow if you in the northern hemisphere

i could really go for a bangs rootbeer right now

https://www.instagram.com/reel/DSiQwHIjf5Q/?igsh=MXhzNmx6YjFzZXFqNw==

Bang is common in Brazil Brath

I am looking for her

i bet, you guys wouldnt be able to play cops and robbers all day without that caffeine

that's true of everything Brath

this is a sick society

Prohibit Caffeine and the goverment falls

shes not real

Or people will just switch to something str...

nvm

bye gen chat

Nooo😭😭

Go to sleep babe, it will be better when you wake up

it's all in your head babe

it's a false memory haha

Without her??

https://www.instagram.com/reel/DSiQwHIjf5Q/?igsh=MXhzNmx6YjFzZXFqNw==

babe you've always been like this!

Just sleep babe it will pass

see you tomorrow k?

😭😭ok

👍

😴

😉

alright back to cleaning

"cleaning"

😈

you caught me red handed

@molten bobcat i just realized that your voice is super similar to the ChatGPT male voice pack number 2 or something

it's a bit lower but it's sort of there

trained off months of him yapping in vc 😉

gpt is giving me some output like this when i give it a q like : how to search metasploit without opening it. is this the "best" way?

msfconsole -q -x "search xwiki; exit"

I'm looking for something quick and dirty like searchsploit xwiki that i can do to get a pulse check without actually opening the damn thing

i am yapping black belt Dan 9

monster is 152mg

fact checked by a real monster addict

monner*

thats so absurdly high

yo wtf for real? 152 mg?

zoomers gonna be suprised pikachu face when they find out to "yap" your lips actually have to move... and sounds have to come out... kinda like to touch grass you actually have to go outside.

is this what Frog drinks to become so OP in hacking?

bro is 23 and could already hack the NSA blindfolded

can confirm

in the frog temple are columns of pillars

not really, its like 1 double espresso

https://tenor.com/view/hugh-jackman-password-swordfish-pc-gif-2805395175884207697

(it is but its ok we can ignore that)

guys you cant hack the nsa unless you drink clubmate, everyone knows that

er... guess not

clubmate is overrated imo

Lore accurate Frog vs Lore accurate Frosto

not bad tho

i want to see this top 10 anime power scaling battle

i drink ice caffeine, 75mg

yo fr we could do power scaling in HTB easily

when i really need it

keeps me up til 7am

ice coffee?

yeah just double checked, 30mg/100ml

or ice caffeine?

its a brand

ice coffee is peak

oh ok

i thought we were talking about caffeine power mixed with ice+water or something

pre-workout?

oh right, ok its just soda water with caffeine

@undone fossil about to start this module, how cooked am I?

You should be hacking not leagueing