#general

is there infra issues?

I hate popos

“gamer” distros are just cringe

never tried it.

i thought it was a windows refugee distro

The only “gamer” distro with validity to the claim is cachy for its clear Linux optimisations but that distro is shit

aere you on a windows lab/pwnbox ?

Precisely why I hate it

no openvpn

that shouldnt be your terminal per se then.

latency with ssh?

its latency for sure

its genuinely like 5 minutes per command

do academy with pwnbox

as much as I dislike pwnbox

do academy with it

And then there's always that One guy doing academy from MacOS

I use pwnbox at college if I finish my shit early and we have a 3 hour lecture I’ve got two hours remaining of

macOS is valid as fuck for offensive security

Yes, put Exegol in it and be done

Id get an Intel Mac

Not the arm shit

but you guys were discussing Windows so thought I may add that

...

https://tenor.com/view/renoir-clair-obscur-renoir-clair-obscur-expedition-33-clair-obscur-expedition-33-gif-11749681276431506896

steamos cringe?

As someone who has more than 200+ hours studying low-level stuff/computer engineering/assembly

We discussing everything dw

I don’t mean steamOS

I mean shit like popos and cachy

I don't see why someone would prefer intel anything over ARM

SteamOS actually innovated Linux gaming

for MacOS that is

I don’t like writing arm assembly

oh well

https://tenor.com/view/bob-ross-painter-painting-beauty-is-everywhere-gif-17574935

All this kitchen work

Me back hurt

i do think arm is objectively better for laptops long term tho

for battery etc

touche 🤺

ChatGPT please clean my Kitchen step by step

It's already clean because I cleaned it

it’s okay cloud

it can always be worse

https://tenor.com/view/omni-man-invincible-look-what-they-need-to-mimic-a-fraction-of-our-power-gif-25672186

I wonder how long I can go before my girlfriend makes me shave

my beards back and she hates that shit

https://tenor.com/view/choso-flowing-red-scale-jujutsu-kaisen-blood-blood-manipulation-gif-7885502556821358602

Chat let’s play

dump her find a girl who loves you for you

Awe what do you mean I shouldn't lick beryllium

I lick Neodimium everyday and I am ok

so this chart is accurate

for now

nah i get to pick her hair when she dyes it its a valid tradeoff

wait I also lick Iron quite frequently

😮

neodeez

Carbon is pretty common to lick

the next booking she’s going for black to purple ombre which I fw

https://tenor.com/view/cigar-barish-image-gif-26607457

Why is neon under probably fine

Noble gases are mostly inert

yes but that’s my point

how do you lick a gas

Stick tongue out in room full of it

Anyone know a fix for this?

https://tenor.com/view/air-licking-jack-russell-moona-silly-dog-gif-27082165

Like that yeah

been stuck trying to solve the kerberos problem

either ntpdate or faketime

even though i've updated time etc

yeah faketime did the same thing to me

The expression "taste the air"

what is your OS?

@remote iris

kali

time issue

yeah i tried a lot

kali on a vm?

because...

bro 😭

you have to be within 5 minutes

ntptime, faketime, etc

he's on a VM y'all

and keep timezones into account

yeah ?

That reminds me I forgot to ask froj question

I’d hope it’s kali on a vm if it’s kali@kali

check if time sync is on

it is yes

and if it's on you gotta disable it

How often is timestomping employed as a technique scale of 1/10

I figured don’t worry lmao

ntpdate* rather

linux, often, windows, little

That's what I figured

Cuz windows has multiple aspects of a files time

And one isn't userland callable

gonna try faketime again rq

Iirc

faketime "$(rdate -n $DC_IP -p | awk '{print $2, $3, $4}' | date -f - "+%Y-%m-%d %H:%M:%S")" zsh

🤷‍♂️

it will open a faketime-ed shell on top of your shell

well on windows its usually pointless because km logging but

day 10 of hunting for vulnerable enclaves I can use for an lsass dumper

That's what I referred to yeh

https://tenor.com/view/squidward-meme-brain-smooth-chatbubble-gif-16562439958126711181

Try this @remote iris

ntfs attributes are the common way

cloud that was intended for my message

if this don't work have Hope

yeah 1 moment

Thank you for the insight it confirmed my response I gave to a coworker the other day

Yay

np

Always good to double check

p != np ?

is that what you are saying?

bor?

For that you can have some of the tasty chicken I'm making

you gotta prove it

sure lemme go collect my millennium prize rq

also be sure to timedatectl set-ntp off if you on kali, and also check if the vm configs have time sync on (it should be off for this context)

yay

Nailed the broccoli this time I think

I can eat broccoli without chewing

it's an art

worked

Although I require

it saved ticket

Honey and red pepper flakes

thanks bro i will keep this in my notes

cool

😄

Please I need admin not godaddy

you're welcome

😮

That's what the "hot honey" topping is

And I enjoy it over chicken

https://tenor.com/view/dante-gif-4304066611813875779

One of these chicken breasts is weird lookin

i took a bite of the 2nd closest

But

Ah thanks

I did offer

So that's on me

I would prefer it not be the nanosecond it came out of the oven lmao

they are all weird looking

Chicken does that when cooked

And no only the bottom one is

They're getting chopped up anyway so it ain't too much of a concern

baked chicken breast >

mb i was hungry so i took a bite

how is everyone this evening

whad up Froj

Can I get a number?

whats this

Hey guys, anyone using CherryTree for his notes? I have a big problem and can't fix it I'm scared to loose my notes

0

it's a program

is it some injection text to run code

to sync the clock skew

it's a one liner in an attempt to match the time against the dc so the command works

i'm bored

i'ma code something

Id kill for it rn

So bad Lucky that I only lost my notes from a little module;...

I made dashimaki tamago tonight

Or at least attemptrd

IT was good though it looked a bit off

Finished product

Looks good, i had some leftover curry from katsu from yday so for dinner i just added rice and made kind of a risotto from it

I got so full i had to take a nap for it to digest

Nice nice

I made enough to have 3 days worth of lunch for the week ahead

https://tenor.com/view/ff8-squall-seifer-leon-squall-leonheart-gif-20770508

Just look after rice, cuz it can run bad pretty quickly

I did some reading into that beforehand

The issue arises when cooked rice is allowed to reach room temp and sit there

So it's already in the fridge right out of the rice cooker

hey everyone

<@&861185840277487616>

wtf was that.

idfk

now that you both are here

do you guys think doing a obsidian extension for gaining experience and stuff can help get a job (like indirectly) (what i mean is that could it show experience and stuff)

a.k.a good idea or waste of time

for what?

as a dev role, fuck yea

i mean im in HS so idk yet

but like in general

if you want exp, go build a homelab

i dont have a use for it yet

and i may not be 100% cybersec

like if i do the extension, 1 year from now abandon it is it still a good thing to like mencion it in a job and such?

or like maybe to get to a good college

fuck no xD

First soc gig, I mentioned homelab and the dude interviewing me was like "yep, this cunt is good. I want him"

i dont have the use for a homelab yet

A script/bot that spams.

If you bring up a extension for a application, how does that bring value to you?

it shows i started young? idk i might be wrong

Yea nah dude. If you build an extension that takes #1 in a market place, I might consider it but, again you have no exp

i mean it wouldnt be the only thing

but theres not much i can do rn

i got my hands on a turing pi 2 and i'm deploying k3s on this bitch

I purely wouldn't unless it fits to the job desc.

im not looking for a job rn

Obsidian extensions are mostly fancy css scripts from what I understand

i mean i legally couldnt

it's gonna be awesome

I got a mild concussion today resting in bed

im speculating what i could do to up my chances of getting into a good college

wtf. just by resting?

like maybe a good project

idk what thou

There may be some other stuff, or i just primarily use css/decorative ones

theres typescript

Those beds are killer. Nah it was cane fighting i got hit in the noggin

As Marciee said, it's just simple CSS and shit. Not impressive imo

Typescript is Javascript for cowards

mb

Im just joking around, mostly

ik

im just stumpted

unless you built out a decked out application to solve current issues or build out solutions

but what if no one uses it thou, is it still on a college aplication?

My gf is checking up on me and making food for me i feel so loved you guys

"but what if no one uses it thou" -- that is the issue right there.

How will you get people to use it to make that impact

"I built out this cool extension that helps people with X Y Z issues and currently has over 10,000 downloads, etc"

yeah

this

i mean i could do the extension and put it on obsidian marketplace

If you have something crazy in mind, then fucking go for it.

its not crazy, just to convert obsidian to a notetaking app for school

umm I should not be able to ping a machine if not connected to the vpn right ? because I can after reboot

but i can make it, right?

but if it is just another extension on the market, I wouldn't do it. Time is money

Ohh nice, should be fine then

Can Cook it evrn in sauce

I want to make some noodles tmrw, prolly with chicken and black bean paste and miso paste

i mean i have to start somewhere dont i?

if you wanna do it mate, go for it.

btw for context, im in first year of HS, im really new at this and just want to get ahead

but ty for the feedback, it really helps to have experience pple to talk to

@cosmic cradle please don't reveal pro-lab details also simply make a post in #1263635449335910531, this is not the right channel for it

Ok.. Sorry

wait is someone from europe?

ye me, Romania

Why isnt there a feature, where I can clear a answer from a practice module. Just to come back later and test myself again

Pretty annoying

/feedback though it's probably been asked for for a while now

They dont read feedback at all.........

Im begging for it

someone made a browser extension for it but I can't remember who

WAIT HUH?

PLZZZZ

Who made it

https://github.com/Berkanktk/HTBAcademyHider

I FOUND IT

GOATED

I don't think that's it

its not?

yeah that just hides completed modules it looks like

OOO

there's this though: https://www.reddit.com/r/hackthebox/comments/1pmcnvk/hiding_answers_on_academy/

Wait

PPL BEEN REQUESTING THIS FEATURE FOR 2 YEARS NOW??!

Why havent they done it now

Why do they seem opposed 💀

idk cos they seem to do just fine hiding answers for adventure mode

the devs prob lazy then

🤷

anyone have recommendations for books about C?

my assumption is because once you complete the module it unlocks on your account forever, so it probably is coded in such a way where if you wipe out the answers it may not be unlocked anymore

https://www.amazon.com/C-Programming-Modern-Approach-2nd/dp/0393979504

or just https://learncpp.com/ actually nm sorry this is c++ not c

lol thanks what happeend to the embed

Major design flaw

it showed up and disappeared

holy cheesebaLLs 80 bucks

864 pages

Its low on the priority list

....

Isnt there a C Documentation online?

yes

Programming books are the biggest scam imo

yeah bit the programming books teach you better. maybe try this, its free https://beej.us/guide/bgc/

yea you know what imma ask my 4b LLM 😭

Thats a better site u recommended

wow its updated recently

yeah but it's c++ not c. https://beej.us/guide/bgc/ this is another great free book.

@sage halo why do u wanna learn C?

it says C?

Why not C++?

Low assembly?

it is. i was talking about the other link learncpp.com

oh mb

learncpp is a really good site

yes it is

well mainly because ive used C++ and wanted to see whats on the other side, but also if I learn this I would be able to maybe even get a job using it

what up party people?

oh okay

just for fun

The script is reallly goooood

thank u

I got a mild concussion today, resting in bed

partied too hard bro

get well soon

we like to party

Bro do it if it make you happy and you want to do it, like basically do it for yourself

Im doing a script to change my cursor mouse right now xD

Im not going to put that on my CV

But i have a lot of cute assets for the cursor they are asking me to do it

dawg i just spend 4 hours on a htb machine just to not think to go to the ip and find an exploit from the literal html

just stick a fork in me

Well I agree, somewhat yes, but as adults we have a burden of performance and nothing ever is enough to make us feel accomplished

that's part of the reason we can learn smarter than kids

true agreed, we don't have egos like the old times, when we were young

https://tenor.com/view/disney-pixar-toy-story-forky-trash-gif-14352954

life humbled us, now we are not afraid to try new things not giving two fucks about the embarrassment it'll bring

https://tenor.com/view/epic-embed-fail-ryan-gosling-cereal-embed-failure-laugh-at-this-user-gif-20627924

I will die with 70 years old learning to skate

indeed, at least i did it in the end. thats all that matters, using your brain instead of chatgpt

i just got some new inline skates for the first time in nearly 30 years...

I have full protective gear

yeah you are right i change that right now
hey chat gpt how not to use chat gpt
XD

and I'm still going to spend like a month on carpet

lol hahah

I will wear a nirvana cap

do you guys also use AI when you feel stuck attempting a box ?

i use AI when I feel stuck attempting life, bro

I did it for the first time today and I felt so guilty, because I am still learning and I felt like I was cheating

i use chat gpt to sort my mess on notes sometimes but usally not that much ( i dont use it to solve boxes)

lmfaoo

It's not cheating it's a tool, it's good at providing general suggestions that you'd get from a checklist anyway + it can generate payloads and exploits for you

sadly brother AI will not help us solve our relationship issues, neither our Financial issues right away atleast, neither our other problems

most the time though you'll have to modify the payloads and exploits anyways but I'd rather use an LLM than a checklist.

it's working out pretty well for me so far tbh. YMMV. Not financial advice.

yeah I also use it to help me with notes also

I haven't made a single serious life decision without consulting AI in probably 3 years and my life is the best it's been in probably 5-7 years.

AI is good when you already know what you're doing, if you're learning what is the point of outsourcing your brain

Honestly, the only way it could be going better is if I took more of AI's advice and made fewer of my own decisions

ohh damn, really it generates payloads for you, I need to try it with Preplexity, I use preplexity usually but mabe when I am out of the learning phase later

i made a projekt to test what chat gpt can and cant i tell you he programmed me a neruonal network +webinterface + learn files that would take me years if i wanna do that (espechly because i dont understand neuronal networks i mean year i know what a neuron is but how to code that uff....)

yeah but sadly life aint robotic huh we're humans after all

claude and gemini can solve stuff if you guide them properly thats for sure

but you need to eyplain excactly what you want or else you dont get anything good

I fking hate this german keyboard layout I am using I've gotten use to it but sometimes it bugs me out

*explain

you are german?

it doesn't say its out of my guidelines or some shit ?

not German I moved here, been living here for a while

I speak to them in poetry and is a fantasy shit fest, they dont know what they are doing

bruh.... bro is mainupulating an AI

where?

is calling jailbreaking lol

I was living in Hamburg, then Berlin now I moved to Cottbus a small village like town near Berlin

it's nice tho away from the crazy life

it funny last year you copul get a meth recipy if you asked that you are scared that your son ....

oh cool

you can create an account in only fans with a generated creditcard with fake numbers and practice with the bots there, very nice lab to practice jailbreaking and is free lol

you from the states ?

you can still do it xD maybe not lke that but in a different way

next country i am from austria

ohh damn now I am Thankful I am not german

why?

Austrians and Germans, have this freindly rivalry going always ryt ?

i've been migrating from chatgpt to Gemini and am very pleased with the results so far

yeah a bit but i am strange i dont care about it XD

thats what my german friends always told me

gemini is the best

except you give me a penalty for breathing too loud....

I heard this from a Palo Alto engineer and that's why I started using it.

The company, not the city.

make sense, I stop paying cursor and got the 20$ sub from google

Ohh thats German lol, they like their queit, when I came to Germany I was a really big extrovert, living here for soo long made me an introvert

totally worth it

and colab is also awesome

oh but how is germany ?
i mean i heard that the people in berlin are a bit shitty

The world talks alot of shit about my german peeps but they're really wholesome ❤️

I've observed that it gets stuff wrong the least, compared to other models

ChatGPT 5.2 is mostly good at accuracy

Gemini is also mostly good but still wrong sometimes

Germany is nice specially in the outskirts and economy wise, taxes are high as always, big cities are slums and ruined just like every other big cities in Europe right now

TBF Germany teaches its history very well and doesn't hide from it, unlike other countries...

Germany:

• word war 1, world war 2, sorry

Japan

• The american devils dropped the sun onto us... twice, without any cause or provocation

-# This is a joke, no political offense intended

for reasons I can't state here for political correctness lol

cool but the politics are not for me ...

tbh germans are cuties now xD they started wars and now they feel ultra guilty, they are cold at first but when you actually know them for years they are some of the best friends I've ever had

but ONLY Freinds tho, I stopped dating German women nothing against them tho

why stopped?

they don't talk about their wars

uhhhh some do some not

without any cause or provocation

it depence where ou live or ? germany is big

I don't know tbh as I said nothing against them, it's just their Culture which is hard to build upon, I am more use to the bubbly and overly emotional (toxic) latinas xD; I'm a stick to that.

I've never been there, have some German friends and some family living there though. They say that the Germans don't like to talk about Hitler or their previous wars or whatever since they consider it to be an insult to their history even if they weren't involved in it.

btw a fun fact Germans make way too much fun of America, they have a very odd perception of how an average american is xD they call Americans fake

even tho I love Americans xD

fun fact HT was an austrian

but you are right germans and austrian don like to talk about ht

every one knows that here ig xD

Japanese, just like Germans, became a lot nicer and kinder after the wars, yes they have some cultural practice that are rather strange (||like the pen15 festival||) but that's what happens when you nuke a country... twice.

Germans gave HT to Austria and kept Arnold

Weidl said he was communist soooooo idk what you know sorry XD

Germany is big but most of the population and young people are situated near the big cities, country side and small towns are full of old people

I met a Japanese woman once whose fingers were all of uneven lengths
(one of her parents used to live in Hiroshima in 1945, and was carrying during the attack, and survived)

oh

well sadly germans feel super guilty and are even afraid to show a little bit of patriotism, which is sad, because they are labeled you know, not very kind words

I mean germany is pretty cool now I'd be a patriot fs

Just give me a smart and kind Australian lady with a lisp and big boobs and I will be the happiest man in earth

ok good nights

I went to visit some friends in Paderborn its a really small town in Germany, and I know you guys will think I am making this shit up but during my 5 days of stay the only young people I met or saw were my friends and some of their freinds, outside it's old person's NPC simulator

and an low Pension simmulator

Heidi simulator

🤣

thanks i got an earworm now XD

what do you Austrians think about the Swiss people ?

Germans get along with them really well, me too

Idk exactly i am a person who dont talk to much people if i dont need to 😅

Germans

haha Understandable

where are you from ?

Dark coop is a name of a machine on HTB right ?

Really?

yeah its an insane diff machine

i wanted to attempt it

but I am not worthy enough or skilled enough to do machines like that

its an active directory machine

Darkcorp, yeah

cool

yeah bro got it

You don't lose anything by attempting it
If anything, you learn something new

i know what i wanna do later if i understand all tool

tools by heart

Your mental sanity

Well, except that 🤣

let me attempt the hard ones first atleast

then I'll do it

you can do it trust me :)

Thanks for the Motivation ❤️ btw I am getting late

Cya guys will be seeing you here

take care

is time for hackingggg

:aaaaaaaaa:

nanocorp priv esc is hurting my head

You can ask for a hint without giving away box details in #boxes

but ngl I hate the privesc of that box

yeah same

my eyes r closing up

could u nuidge me? it's killing my braincewlls

DM me
-# Anyone else who DMs will be sent middle finger

https://tenor.com/view/spongebob-squidward-krabby-patty-smug-spongebob-squarepants-gif-9547716225990610286

I had to dumb down the damn disclaimer cos apparently not everyone knows what unsolicited means and have lost the ability to google

XD

One of these days I will not be able to resist the urge of sending you an unsolicited dm.

😂

I can send one, right?

what for?

idk

Then no

My teeth hurt

Do you have dental insurance? If yes: go to a dentist, if no: get dental insurance

I do

Just running out of shit to tell yall

lets gooo

got a good clasroom RNG

Hi

wsg

Good man and you.
Just joining

im pretty good, and glad to have you here

What's up

pple here are awsome

its very late here, heading to bed soon

Thanks

wbu?

Oh, 5:48am here 🤣

damn, its 10:48pm here

but i have school tmr (unfortunately)

😂
I see 🙈

are you new to the aspect of cybersec?

Oh

No but just join Hack the box

thats cool

HTB is fun, im sure you'll fit right in

Hopefully 🤞
From the class so far, I hope for the best

So, how long have you been in the system?

2 years (i think) but really on and off

high school/ life events have been a bit of higher priority (which is fair)

but i always, at the end of the day, come back here

I understand man.
Seems frustrating at times 😞

yeah, but i really like it

the community here always remembers you, pretty awsome

😂
And make some crushed 🤣

Yeah but I really want to know and get sounds in it.

im sure you will get to do that :)

Tho mostly working in crypto projects

Thank gee

oh thats awsome, i think theres a special path for blockchain/encryption

Yeah,
Man, no lie do get confused at some point 😂

yeah 100%, i mean i have not done blockchain but even the easiest thing of HTB is hard, but its fun

i mean that just means you are learning IMO

oh man its getting late, ima head off to bed

nice talking to you :)

Yeah, I learnt how to deploy blockchain with solidity,

Alright take care
See you tomorrow

yo guys i wanted to apply for my country's team for ecsc2026 but i have no idea what to pick as secondary categories.
all i know is some stuff about web and can solve easy and maybe medium rooms. what do yall suggest i pick as secondary/wanna learn categories in the application: pwn, crypto, hardware security, reverse engineering, misc.

so like would it be realistic for me to harden my web knowledge and learn re and pwn just enough so i can pass the final picks?

i mean ive watched multiple videos on re but have never really tried to learn it.

heelloo

i have like 4-6 months time before the final picks

rust guy

hello

yo wsg

just woke up

Hi guys, anyone know when season 10 gonna come out?

alright man thanks for the advice

Who thinks the HTB Academy password is too strong?? "HTB_@cademy_stdnt!"

It takes me like 3 times to type in terminal sometimes.

That's smart contracts not block chain

Emma, I'm removing 3 proxmox nodes from our cluster to turn them into kubernetes nodes tomorrow

emma would be so proud

We're going to use Ubuntu because I have too many skill issues with talos

go for alpine if you can choose

its the place you volunteer right

or is that work

Yeah

I have no j*b anymore

me2 bro

Grant renewal got rejected back in October

the startup i used to work at got sold

bro this cyber security shit gets deep asf holy shit fam

and i’ve barely touched the surface, there’s so much fucked up shit going on an fraud like goddamn

cuh i feel dumber than i thought i know barely anything

u have to start somewhere

bro

theres so much shit to down pack

like fam, how tf is even half this shit going own

sex trafficking, ordering hitman, tapping into phones shutting servers down, pulling info like there’s so fucking much💀

and there jits doing this starting at 13 💀

bro kids getting sold for for $1200 like how tf is the nsa and cia not on top of this more

jesus christ like the news be focusing the wrong shit fr

you got mfs funding wars, committing war crimes, and so much more and these mfs don’t get looked at an roam free

bro cloning, pulling your spirit out your body, soul transfer souls ml ultra all that is fucking nuts

bro i’m js 22 trynna be a successful entrepreneur but fuck there’s so much fucking eveil going on wtf😭

it’s so hard to focus on shit when this shit is actively happening

bruvvv i need da nsa cia or feds to hire me or sum ik ima drop out but fawk ik im smart enough to help fix this shit

ima smoke rq goddamn i wish i had irl friends to talk to bout this😟

i’ve known bout all that for a min but i’m finding more shit out and i’m js here speechless

we live ina fucking illusion everything’s damn near fake an to keep use distracted, unhealthy, an away from evolving spiritual

this shit deeep

https://tenor.com/view/rock-the-rock-the-rock-meme-gif-17292235874282951085

that’s how i’m feeling rn😂

i needa be friends wit ryan fr

how tf do ppl not loose there minds knowing this shit going on

Drake "Drake Maye" Maye

There's good types of evil like Jeff Bezos (machivellianism) and there's the bad type, the ones that break laws.

ion even know wut to say

ima listen to music rq smoke and try an processes this

i wouldn’t even know where to begin helping but hitting a studio up rq😭

Your in the wrong place if you want to be an entrepreneur.

bro no shit prolly the worst😂

i came here to learn and network with ppl but you deadass gotta move cautiously out here

Feel free to PM me your wisdom.

that's a lot of swearing and bro for me in the morning

🙂

mybad bro i just been going down the rabbit hole lately and the more i go down it the more f*cked i feel an dumb an hopeless 💀

that was ONE

am i old or young wut does PM mean😑

private message

In Discord it's called Direct Message.

I used the wrong terminology by habit.

all good em, yeah i don’t mind adding you. lemme do my thing rq and ill hyu if idk i got questions or wanna talk idk😅

The problem is you're in the early bubble of learning, seeing how much there is to learn and not sure how deep down the rabbit hole to go in certain directions. And not even convinced there IS a rabbit.

Trick question! There's a spoon but it's actually a spork and purple because aliens don't wear hats

It's a spin off the phrases 'Going down the rabbit hole' and 'i'm so deep in the rabbit hole, i found the fuckin rabbit'

A majority of the stuff you interact with on the surface you'll NEVER see the dark shit that goes on. Plenty of people go day to day not worrying about it because it's not their job. There's people that get paid to do the job of finding and hunting these sites down. And these sites rarely operate over the clearnet (aka the internet that you and I are communicating on)

and anything operating on clearnet, if they're smart, use coded language. Language that only those that know know, and signals that they know what they're talking about.

Good Morning

morning tejas

Oh. I thought you were talking about learning about cyber security. My bad

kinda a mix of things based off what they were rambling about LOL

sir this is a wendy's

nvm wrong chat 😂

lol ik wrong chat LOL just pokin fun

Coffeeeeee time

Hi people

I'm new here

https://tenor.com/bmojj.gif

I am quite surprised that HTB has a job role path for AI while there is none for mobile app testing, AI is a comparatively new trend.

HTB staff heard the "Don't you guys have phones" world of warcraft guy and thought... hmm... if we create a mobile path, we will get hated and thrown oranges.

how are you feeling? better?

I think they might add it later. They do have some mobile modules rn in academy but maybe a job role path later

same for wireless

https://tenor.com/view/happy-cute-penguin-plants-sweat-gif-12515788970635352045

ye a lot

Good 💚

Mobile apps are shite man

Its all microtransaction hell, buggy and broken that never gets fixed. Can barely use a functional parking app here in Sweden

Well, in that terms I have to laugh at what mobile app my municipal corporation has.

lol

blame the dev, not the system

helloo

ngl didnt realise how much is actually exposed that shouldnt be untill i started automating things

gets kinda wild

very quickly

hey @green kite
What's up

Morning chat

not much 🙂 what about you?

is that ai pic of ur actual dog?

yep thats my dog

let me get the original pic

one moment

Companies and government pay top dollar for halfassed production mobile apps in Sweden.

😮

cool
say hi to dog

So, if you are more skilled at mobile apps, i think should be easy to take jobs

@warm dome

Wow, he is a good poser.

thats actually an amazing pic ngl

thanks 🙂

he's a good doggo

makes me wanna get a border collie lol

border collies are fun

they will do anything for fun

lol

sidenote any reliable sources to get local copies of exploitdb entries?

my other one does scent detection to keep her mentally happy

she needs to work, if she does, she's more relaxed haha

https://tenor.com/view/raphinha-raphinha-barcelona-gif-6218803190568249142

me when I finally get a job

zeropwn fan?

https://tenor.com/view/nub-cat-nub-silly-cat-depressed-smoke-gif-3629985485049762088

https://tenor.com/view/nub-cat-nub-silly-cat-depressed-smoke-gif-3629985485049762088

My gif now

Merged your pull request @supple plume

I haven't tested it yet. Instead I spent the day complaining about how bad the cyber range's network and servers are and tried to install talos on my pi 4

And I also made a few additions to purrimeter

Rules now can be updated through the database

nah

I need to make it so it doesn't panic when there isn't a database to update from altho I think it should be fine with flipping out if it can't write to the database then it can't put in new alerts

My edr and SIEM is pretty gud so far I like to think

Learned a lot about concurrency in go 😄

I would love to benchmark it once it's done

UwU.

welcome back

HIII! THANK YOUU!!! 🫂

Guys does anyone know how to hack the box?

🥹✌️

I like this guy.

He's got my humour.

#justsignedoffallmyweekends

Last performance benchmark I did #general message

HackTheBank instead of HackTheBox.

@undone fossil whatcha think about my performance benchmark on my edr and SIEM API?

It's in golang btw and I have it running in docker when I test it

Profound intelligence

If I gave you $100 every day like it says, what would you do with your $1m+ at the end of the year?

Surrealdb is my database instead of elasticshit or opensearch btw

Looks solid tbh. Interested to see it under heavier data load

Like? 👀

so for example, what if you were to try and push say 100m logs

I'd buy myself a girlfriend.

Very professional architecture diagram

those lines 😭

Hmmm I'll have to test that out next!

Yesyes

Requests-wise which i can see from the benchmark, seems neat :)

Especially given I'd imagine this is just a single instance of the server and not something load balanced or anything

(I havent benchmarked other SIEMs so I dont know if its top tier or average but either way seems solid)

https://tenor.com/view/lean-mean-meme-machine-funny-sarcastic-text-gif-11605730

Nothing is load balanced right now. The only thing that you need to scale manually is your alerts services

gave me a flashback to this

You can probably scale it to hundreds tbh if surrealdb can handle it. The alerts are completely stateless or they're just a go script running forever

THEY HACKED THE BOX!

Alright, enough sh-posting for now, take care and love y'all!

I'll send you 100m requests if you'd like (not dos attack 💯 )
starting up loic

And it's relatively schemaless so you don't need to import any weird json or any templates, the alerts will automatically find the fields that you specified in the rules and enrichment will be based on a pipeline like how it handles rules

I love LOIC, but the websites seem to never be down so it feels like a fake.

@undone fossil do you do appsec/0day research stuff by any chance?
I've got an interesting scenario but idk who to ask

And once the alerts "sync" or reach the end of the database it'll wait for live queries/updates

So you can get near real time alerts

make your own http server and test

I also plan on making it as extendable as possible and modular as possible

https://tenor.com/view/cliphy-good-vibes-about-life-gif-13264276

Amd.

😩

sup baby

I am good how about you baby

My attempt at something "professional". Still trying to learn to make better diagrams so if anyone thinks this has mistakes lmk

how about something less professional

thank you mr ai

crayon diagram goes hard

or even worse

enrichid logs

ajent

epic

"some"

it only spelled log correct

oh and alerts

and api

true

ok goated

man has tokens to burn

if you arent spending your money on silly things, is life being lived to the fullest?

🎫

@undone fossil

usually you dont have to ask it to misspell stuff

he's already 0dayed your walls

but nano banana is bananaing

Make it so the person who made IT doesnt know how to write/read

Gemini is Geminiing

as hobbyist yep

Can I dm you something I found? It looks interesting but I have no idea about whether it crosses any meaningful security boundary or not

oh you don't have the secret NSA win12 build?

https://tenor.com/okXhBcNILCa.gif

On my way to retrieve it from area 51

Sure yeah

@undone fossil MessageBox API call from linux LMAO

very cursed

🍷

forgive me master but i could not resist

i hope this doesn't go against the Code of The Frogawan

this is some cursed C

@proud moth now make it leak the ntlm hash from linux

specifically this bit

everything is in the VOID

the void shall consume...

the compiler will have just removed that line

master you are indeed correct

i am sorry to have doubted you

I shall now commence the self-fustigation

need a quick poll of opinion:
potato vs burrito

please vote

obviously burrito

yum

close enough burrito wins

First time playing chess in months didn't expect a brilliant

damn that looks like a blunder for the queen

No

what a good question:

what an unbelievably beautiful move

care to share the game link??

@west venture

fun fact this is still an open question in philosophy of science

so that question is probably one of the hardest ones as well 😄

yeah this isn't a philo course so it's not that deep

yes until you find a problem in statistics which the answer depends on this matter

for example, what's the probability that a random cord on a circle is longer than the side of a equilateral triangle inscribed in it?

there is unfortunately still no answer to this question

I saw HTB Silver Annual plan benefits stated step-by-step module solutions. Is there mean monthly subscription don't have this?

@obtuse fern what uni course is that? data science?

Going for a cybersec bachelor's; this is just a statistics class i gotta take. So far just reading, no math. I am thoroughly disappointed

can't you already work in cybersec?

i remember you had a lot of experience in CTFs

you might get bored AF in a bachelor's

Gemini has the Microsoft files

dunno how tho cuz Gemini is owned by Google not Microsoft

glad you liked it mickey eheh

yeah

so i copied your code 😄

been trying to use the WINAPI on linux to build some malware stuff to practice but i don't know how far I can take "wine" to work like I want lmao

It would be impressive if you could run wine in-memory on the target machine and do weird windows shit

i'll try today and let you know, i hate visual studio to compile malware so i've been trying to avoid it dunno how yet

I would like visual studio if it didn't eat up my RAM

I need to setup a vm

i am very comfortable with linux makefiles and C structure there, i hate windows in general to code

so been looking into cross-compilation a bit

Go is good for cross compilation

just use javascript

C is my lord and saviour unfortunately

but Go is also good btw lmao

same

malware++

Malware™️.

howdy chat

https://tenor.com/view/go-golang-my-beloved-mybeloved-gopher-meme-gif-3557932171434243883

Go is life

@muted olive RSRC payload loading from linux eheh

ayooooo @undone fossil cover your eyes bro

i saw this

lol

Howdy @heady sage

Nice pfp btw

Thanks

You cracked CPTS, congo

show c

#include <windows.h>
#include <stdio.h>

int main() {
    HRSRC hRsrc = NULL;
    HGLOBAL hGlobal = NULL;
    PVOID pPayloadAddress = NULL;
    SIZE_T sPayloadSize = 0;

    hRsrc = FindResourceW(NULL, MAKEINTRESOURCEW(101), (LPCWSTR)RT_ICON);
    
    if (hRsrc == NULL) {
        printf("Error: Resource not found. System Error Code: %lu\n", GetLastError());
        return 1;
    }

    hGlobal = LoadResource(NULL, hRsrc);
    if (hGlobal == NULL) {
        printf("Error: LoadResource failed. Code: %lu\n", GetLastError());
        return 1;
    }

    pPayloadAddress = LockResource(hGlobal);
    sPayloadSize = SizeofResource(NULL, hRsrc);

    printf("[+] Success! Payload Address: %p\n", pPayloadAddress);
    printf("[+] Payload Size: %llu bytes\n", (unsigned long long)sPayloadSize);

    return 0;
}

hardcoded 101 for ICO spoof

honestly pretty clean, only nitpick i have is styling

hungarian notation is kinda outdated and gets painful when you have many types

needs color

Me, completely oblivious as to what hungarian notation even is

you are right, it does get kinda painful

true ```c

hungarian notation is annotating the type in the variable name

it was useful back when we used text editors that didnt show us the types at a glance

nowadays you can just hover the variable name or whatever

ah i see, i just re-used and changed a little bit the MalvDev code honestly, so this style was sort of forced in my brain from that course

🔥

when doing windows dev its technically fine just can be confusing

e.g. what if you have a copy of the PEB, you cant call it pPeb because that'd be a pointer

and peb wouldnt be annotated

This shit is not making it past ifrit elastic twin 🗣️🔥🔥🔥

yeah it would

it doesnt do anything malicious

just remove the strings on a release build with something like

bro gimme some time i'm bout to destroy that elastic type shi

@austere sinew

anyway if you're curious here's the method:

#ifndef _DEBUG
#define printf(fmt, ...) (0)
#endif

btw ifrit elastic is already broken just drop everything in C:\windows\tasks

yeah i'm stealing this

you bet i am

go for it

i have a small header file with colours and stuff somewhere

i wanna do runtime encryption on linux for windows now

its designed for visual studio though, i think to make it work with gcc you have to make a slight modification

damn bro why can't you just move in my basement and we do windows pwning all day

https://github.com/iilegacyyii/UsefulScripts/blob/main/debug.h

you can both move to my basement