#general

omg

i have to do nothing

I had to try

potato explosion = explot

exploiting root

and potatos bro

is all connected

If u gonna use it to search u can use searchsploit btw

That's a good practice tbh

Yeah I was thinking about that

wow

potatos are

why hacking exist

Politics

@molten bobcat I performed passive DNS resolution on the malicious URL, which attributed the hosting infrastructure to a VPS provider in Eastern Europe. Through analysis of the phishing kit's source code, I identified the hardcoded exfiltration email address and pivoted to discover the attacker's Command and Control (C2) server. The SSL certificates suggest the actor is reusing infrastructure across multiple campaigns.

potatos a good name for a malware or exploit or smth

lol

yes xD

oh

what

where

using email for exfil is

so lame

oh

wow

https://github.com/ohpe/juicy-potato

wow

mimimimi

potatos

are very

powerful

indeed

🥔

fear him

i tried to buy lan turtle online but

iys sold out

everywheeeeere

i think i should shower

yes

u should

one more entry in the report and i will

okay

@austere sinew health check

ich liebe dich

❤️

merry wednesday

hi

YIPPEEEE YOU DID IT

all gucci ty 🫂

https://open.spotify.com/track/17jvzt9G2QHA8T8zPMZGiT?si=30cf18c03d624df2

what is this

what's up?

wow

this whole time

i thought 192.xxx.xx wtv

was like ur ip address that ppl would use to attack u

The opposite of down

but its the 10.xx.x.x one

That's not true either.

Wrong, technically

oh

You don't understand public and private addresses it seems

yes

id on

t

There's a networking fundamentals module 🙂

wait but

10.0.0.0/8 and 192.168.0.0/24 are both private ranges

you know how the admin thing comes up when u tpye ur ip in

that only works when ur on the network

Well, it works when you type your gateway address in

Because most routers have a web interface

yes

yuck yuck yuck

ima just

keep doing labs

Much like sittim is the opposite of standim

I got the cat

did u steal this cat

I adopted him last year

I'm so bored. I'm fully checked out of this job. Have an interview Friday. Been spending all morning applying for other jobs.

wow

we adopted our cats

too

Or did he adopt you?

from the streets

Good

I'm doing bare minimum here. Which is only slightly less than I normally do. 😂

He's the one who hung out with me first so yeah

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

prrrrrr

Comparison

meow

He's a much healthier happy buddy now

he looks like hed say arf

bro

💀

hahah

spreak poprerly if you want to be pofressional

me and who

yes sir

why is he so mean? she seems like a handsome elegant lady

fuck outta here with shit like that

zimbawearch

Guys I lowk feel stupid after failing this ctf, I learned on Udemy, money wasted?

just ordered mexican food via door dash 😋

fuckkkk 🤤

maybe but that doesnt matter, you got a taste of what this is, do you like it?

yeah let me know what i can do better (aka what can AI do better)

Idk but how do I know I’m smart

Give me a quiz rq

it doesn't matter

to overcome the lack of talent or intelligence we apply years of study

do you like it or not

would you invest years studying this? that is what matters

Idk I’ve been learning from mistakes and learning for 1 year

https://tenor.com/view/meditation-gif-19648128

I've been a dumbass all my life

azomax how is ur skills in deseralization ?

After all I can now know if someone is a skid depending if they used quasar or some random video from loi liang yang cause I was a skid 2 years ago

i identify skids by their lack of networking knowledge lmao

Idk my fav thing is deauths just a little next door prank

thats not legal

please don't do that

Ik

I do it on my own network

My friend abuses it

thats not true

You advanced? Any tips

cloud can see if you don't behave he is like santa

Most people fail CTFs before they win

uhhh develop a mental illness

Oh yeah? Well im part of anonymous

So you just gotta do more CTFs

Noob advice

Just join anonymous like me

Recently reported a xss vuln in my school’s website, feel like Elliot

i would recommend ignoring this particular moron

Kali nethunter

worse than noob advice

Android hacking 💪

anyone find any good guides for the eighteen box?

and i would love to remind you that mr robot is a drama tv show and isn't reflective of reality

which one there are many?

I like making fun of skids who send me rats from a yt tutorial

But how come the main character literally describes who i am

I am introvert autist coder guy

And i am elliot

Spiritually

i told someone yesterday id buy a android as a secondary phone and he called me poor LMAO

You are an idiot not an elliot

I learn japanese off rosetta stone

What a loser

Is python effective or c++ or c or c# or js or java

yep

i use c--

Well Python is great at anything

I know a bit of python

oh wait c-- is a real thing

So you cant go wrong with python

I ate kfc for dinner tbh that’s why my laptop ran out of charge

i use cvv+-

I use Excel

Lua

oh

sometimes i code in

In what

cybersecurity is one of those fields that looks interesting from the surface, but you decide to dive in one day and realize you can't actually see the bottom

Hey bros

There is no bottom is there, tbh everytime I code the simplest thing a random Karen thinks I’m hacking Walmart or smth

that's because they can't see past the surface

most people don't bother learning

about this stuff

Isn’t asp.net the wrong thing to use for websites

there is no "wrong thing"

I understand

there's also no "right thing" either

humans make tools that do stuff, and humans are not capable of creating perfect things

so they have flaws and fuckups

School IT of mine reveals ftp port open I reported vulns but they ignore

thats not a vuln

Not that

Xss vuln

ports have to be open in order to function

I understand I never said it’s a vuln I said , I report vulns but they ignore

unfortunately thats reality

I recently spotted idor

all you can do is ensure you do your part

whether or not people listen to you is unfortunately a coin toss

49% Microsoft secure score for my tenant

careful about what details regarding your tenant you share

loose lips sink ships after all

Its just a practice tenant. But thanks for the advice

niceu

1% a strong breeze hacked your tenant

Heyo, looking for a channel where i can ask for Android Pentest Skill Path review, where should i go? thx

Wdym "review"?

opinion on particular modules like DAST part, is it that usefull etc.

more like questions, sorry 😄

is it "modules" channel?

I mean #modules is for module questions in general. But im not quite sure what you're asking for

let me see, thanks

Its not really a place for 'opinions' moreso assistance with modules

Dude is making this impossible

Hey @compact wave , I am making an OSINT chall and I have some questions, r4sti told me to dm you about them

can I dm?

Joey has already shown up at your door with a coffee

No he haven't even accept my friend request yet + I love tea more than coffee😂

Hes on his way, thats why he hasn't responded lol /s

Lol. Cute cat!

bruh I just get it now, cuz he works with OSINT a lot you meant that right?

in anaconda

Bingo

I should study more to get this meme

Discharged a capacitor ~~= short burst of high voltage

@obtuse fern check dms

ahh, I think I got it not sure but I think

✅

He electrocuted himself.

I get that, don't know why, thanks for the explain ❤️ or making fun of my ignorance 😂

It's an explanation

thx bro

The human body does not enjoy electricity being passed through it

It forces muscles to contract super, super hard, painfully so

Says you

oh hell nah this making is definitely making fun of my ignorance

No I'm genuinely explaining how

Being electrocuted is awful

I have been electrocuted before and it's unpleasant

Let's think about it this way

Your brain communicated to your nerves with electrical impulses

That's how your body moves and does the stuff

That amount of electricity is nothing compared to what goes through devices

What happens when a very large amount of water at a stupid high pressure meets a small opening

me too, I held a Power Strip but its plastic back wasn't there so I was electrocuted hard

https://tenor.com/view/choso-piercing-blood-jujutsu-kaisen-shibuya-yuji-gif-1597000831508683617

Happy to hear that

bro I have been to the bio high school classes 😂

Volts is electrical potential, the pressure

https://cdn.discordapp.com/attachments/1440378727682015443/1458389875907625051/image0.gif

Amperage is the amount of electricity flowing

Together they determine wattage

When multiplied together

bro get a life 😂

..

a gif saying "GET OUT"

I have no idea why you're insulting me

Who knows

bro I am just trolling

I think he thinks you’re making fun of HIM

exactly

I'm not

Which he isn’t

I'm explaining the basics of electricity and why it hurts so bad

I think it’s a lapse in translation understanding

I tried to remove a fuse from a VCR that was plugged in 🙁

Why would you do that 😭

exactly you think I don't know the basics, any ways if you really was just explaining I am sorry bro❤️

I was 9

your papa should have teach you to never play with electronics thats plugged in!

Oh they did

I ignored him

You were born for this job

Ignoring the rules, exploring the unknown

Zapping myself on a VCR

Its all a part of the process

I guess not listening to people's opinions before you try have good sides and bad sides

Indeed lol

Its abit ironic tho that you are working on the defense, when you were going for offense as a kid

Eh

I practiced offensive security and decided it wasn't my favorite

Meanwhile I enjoy the investigative aspect of blue teaming a lot more

I enjoy being able to piece together "how this happened and why"

I was going to try it someday i know i said it

but ive been hooked on offense no

now

It’s addictive fs

Parts of offensive can be considered investigating too like getting information about the target and putting the pieces together

I've been preparing for CWES and was following along with a Walkthrough (swagshop) and realized I don't know at which point a pentester knows to look for CVEs. I know that a search should be done when a version is discovered. But other than that... Any help's appreciated

Only difference really is context

I mean yeah that's usually it

yeah in someway

It’s more forensics investigation after the fact

If you notice something looks misconfigured, i would start looking for CVEs

Understanding "okay this uses this technology"

Hello

And enumeration for an attacker

Misconfigs are not CVEs

maybe im mixing something up

Yehh there's a terminology soup happening no worries

CVES are weaknesses that get discovered in products

Where they have unexpected behavior occur

From specific input

For example

Papercut can have a Remote Code Execution vulnerability in a specific version

That is known as a a CVE

Because it tells everyone "hey, this version of this software has a problem with it that causes something real awful"

Yeah ok, so what i was thinking in my head is that a lot of people (including myself) can forget to update software many times, and this leaves us vulnerable to known exploits

A misconfig is where like, you give a service account too many permissions

That's exploitable still but it's human error in setup, not in product creation

Does that make sense?

for me 100%

Just because I stack all my kitchen knives on the floor, blade up, doesn't mean there's a problem with the knives

There's a problem with their configuration

For instance, the walkthrough states:

"Upon searching for the list of CVEs we find one arbitrary SQL command execution vulnerability i.e
CVE-2015-1397. The vulnerability was named "Magento Shoplift" which brings us to this page with
the PoC"

I did my own search for this and in cvedetails.com and there were what seemed like hundreds. How did they determin that CVE-2015-1397 was the one to use?

So if we break apart the cve name it helps understand a bit more

Notice how it says the year, 2015?

yep

It's a vulnerability discovered in 2015 of course

This also means that the arbitrary SQL command it's referencing

Affects a version of the target software

From 2015 as well

Or earlier

It depends

version 13.97

Sometimes older shit doesn't get spotted until later

And i would find that out by cross referencing the discovered version with that versions release date?

So yeah it's a problem with sql version 13.97 presumably

The cve usually explains the version it affects

So when you retrieve the version, you can see what CVEs affect that version

Coolest cat in the neighbourhood has arrived

azomax

Sometimes it's none sometimes it's a thousand

Depends on how old/shittily written the software is

Usually the older, the shittier

Security is an afterthought

Has been for decades haha

@molten bobcat thank you

Security costs money, thats why its an afterthought c1oud

No problem 🙂

Oh my god wahhhhhhhh

hahahah

I love this argument from dumbass middle management haha

i knew this would trigger you

If humans could survive without air conditioning they'd remove that shit in a heartbeat too.

🎯 bullseye

Hey dont give them any ideas now because i will be out of job

Chat

I am depressed now because of gen alpha/late gen z

UC San Diego did a study

Don't worry about it

What good does worrying about it do you

You will understand when i tell you

Ok lay it on us

spill the beans

UC San Diego, the top 3 public university in the US, did a study on freshman applicant math scores

IN 2020, 1/100 kids needed remedial math courses

in 2025, 1/8 did

9% of applicants couldn't solve 66+44

https://tenor.com/view/peak-mid-it's-peak-it's-peam-peam-gif-12218630663784157550

110

kkkk

25% failed 7+2=x+6

61% of applicants failed to round 364518 to the nearest hundred

Its ok, we can feed them amphetamines and send them to fight Iran

@sage epoch Now, there is a good reason for this. It has nothing to do with the younger generation being any dumber than any of the previous ones. Its just that the younger generations priorities have shifted. They no longer give a shit a bad having the best grades because it doesnt get you anywhere anyway.

UC San Diego had to make more remedial math courses for the influx of students who failed 1st grade math questions

Iunno. Back in highschool senior English my classmates struggled.. reading out loud.

This was 2015

any online math courses you'd recommend

Its majority the rise of ai, and unregulated internet usage from a young age (ipad kid) most of these kids arent going to be getting careers that dont require degrees

American Education system at its finest

I believe this is because schools just dont make kids read outloud anymore so they have a hard time connecting what they read to the verbal areas of the brain

I am a millenial, and i had unregulated internet usage from the 90s all the way up. im still doing fine

I played quake, counter strike, warcraft 3, starcraft, and all that

no lifed that shit instead of doing homework

The internet during your era was not severely brainrotted and real social media wasnt invented until the early 2000s. Social media algorithms are literally designed to get you addicted, and it destroys your brain

Playing strategizing fps games isnt going to rot your brain

Doomscrolling tiktok while it keeps you in a feedback loop that spikes your cortisol will

Your right that its different. When facebook was fairly new all i used it for was playing Mafia Wars

Studies showing that the more you use AI to replace learning, the less your brain is used during the process and the less you actually retain any information

Dont let studies dictate your life brother

yeah, indeed, this is rigth. you see what Australia did? that's probably the solution in my opinion

I know

i did not see

We are so cooked bro, social media and lazy parenting is cooking future generations to the point they cant do 1st grade math as a college freshman

American students are not dumb bc of AI. They are dumb, because schools are glorified kindergardens where sub teachers play netflix movies instead of teaching.

i think it was the Australia, but people withou 16y can't use the social media anymore.

Using AI to replace learning makes you not learn anything

While its not thje sole cause

You know Stewee, if you suck in school dont worry about it. You can always work at the local demolition company

its a key contributor

Other key contributors is lazy teaching yes

https://m.youtube.com/watch?v=M4TufsFlv_o

How do I sleep I forgot

lay down and exist

Already doing that

in order to sleep you must first pretend to sleep

Do I exist harder?

I think theres a nuance to this statement. I have used AI a lot and i do learn a lot from using it. I ask the AI to look up information for me about certain subjects for me and explain it in a simpler way

yes

fake it till u make it

Thats using it as an assistant

Dang

that doesnt hinder learning

Using ai to assist in learning is different than using it to replace it

I use AI as my assistant when hacking, and it has been amazing for me

Yes

Its an assistant

but more and more kids are using it as a replacement as teaching becomes lazier

So they learn less, teachers care less, and its just a spiral

"What is this vulnerability, and why is it a vulnerability"

yes, thats assisting

So, Stewee. Im assuming its your own generation you are worried about

Good thing is, since you are aware of the problem. You are now in a position to become a leader

You have an oppotunity in your lifetime to lead your generation in a better direction

A study had 3 groups of people write essays, one had no externa help (no internet browsing or ai), one had only internet browsing, one had ai and browsing

The group with no help had the most brain activation and learning
The group with internet browsing had a little bit less
The group with ai had very little

When they switched the no help and ai help groups, the ai group had less activation and learning even with no help, The no help group had about the same activation even with ai

The study concluded that the more you rely on external sources to do the work for you on something you havent done before (in this case writing essays about an assigned unique topic), aka using external resources to avoid learning about the thing youre doing, the less brain activation and retention you have for the task and subject

Using ai to assist you in tasks such as rephrasing things or summarizing things so you can learn it easier, is different than using ai to write your notes for you and you just skim through em

If you know what i mean

Yes ok

that makes sense

Moreso gen alpha, thousands of testimonies from teachers and child care workers state gen alpha is severely underdeveloped

The government actually changed the child development milestones alot too
Previously, a child was expected to speak 4 word sentences by 2, in 2024 they were expected to know only 2 words by 2

So your saying that because of all the brainrot on the internet, the next generations are going to become that old movie with adam sandles... what was it called again

Idiocracy

He freezes himself as an experiment into the future, and he wakes up 50 years later or something because everything is broken and the lab he was stored in had been demolished xD

People are flying around in pods with screens and eating hamburgers

and their IQ is below toddler levels

Lazy parents give kids excessive technology usage, this excess usage stunts their development, they get into school with practically zero attention span and struggle to learn because they're already years underdeveloped, they grow up and overrely on ai because its easier for their brain to find a shortcut than it is to rewire itself and repair the damage, teachers stop caring because majority of their students just dont put any effort in, students use ai more becuase their teachers care even less, cycle repeats

an exaggerated version probably

Given the path we are on, it doesnt seem that far off does it xD

you would think lmao

But you are correct, i think that the biggest problem is the tiktoks and the shorts

they teach you nothing

That's just shifting the blame away from parents that aren't even present to be able to help guide the kid; though Social Media should not be allowed for children, there's been numerous studies on this.

True, as a parent we have to lead by example

my children dont listen what i say, they do what i do

so i dont watch brainrot

and they dont either

xD

nmap making the result in an xml file is the best thing i learnd about

my eyes used to hurt trying to read the terminal

especially with the fact vmware screw everything of you try to change the resolution

Oh and also, in our local school here its banned to use mobile phones from start of school until end of school

kids shouldnt have phones to start with tbh

like if you want to get them into tech buy them a pc at home

We are all linux users here xD

Quick question. I took the OSCP course back in 2019 before they added AD and updated the course from the old material. Is the new material pretty similar to the CPTS? Wondering if its even worth it to do the new course or just grind boxes on PG/Lains list after CPTS and take the exam

lol buy them a tablet then

REAL PC not tables

yuck

a tablet not a table XD

and then they prescribe ADHD meds to kids that are not even 12, happened with a kid in my family.

Young and cranked up on amphetamines, not hungry when he's beginning his teenage years and his brain is forming.

It's very, very stupid.

Friend works as a teacher in the school system for kids, he said its so screwed up now. Kids can't read, do math or concentrate on anything. Idiocracy is already here.

yep

the ridalin epidemic especially

any free vip for a poor person with a shit job

take a crippling loan like a man

OMG MACOS DUAL BOOT ON THIS LAPTOP IS SO ANNOYING. I have to patch the kernel myself cause no one has a fix for my drivers

Does anyone has experience with hackintosch dual booting?

have*

Hi, what is the best methodology for studying HTB?? I've asked chatgpt and he said to me that after doing a module, i must do some machines for practice what i learnt. Is that a good practice or should i change??

go and say to chatgpt what you learnd and ask him to give you questions about it and ofc try HTB CTF machines its good too

What distro do you guys daily drive

Pop OS

arch and mint

the answer is don't use a Mac

Its not a mac bruh

its macos kernel

Im slowly getting there

fixed two errors

still got “failed to show boot menu”💔

yeah that thing is evil

atp im giving up on xcode

im NOT learning swift and swiftui and objective-C

"it's not a mac, it's just the kernel"... so it's a mac

like...

And Apple doesn't like you using nonproprietary software with its OS

They even detect their own cables and mess up USB-C.

https://forums.linuxmint.com/viewtopic.php?t=243197 here's a linmint forum that may be useful i found with a quick gongle of the error

exactly, I don't know how my friend who works in DFIR uses and loves MacBooks, you can't do anything it treats you like a baby

if you use it how they want you to: it's fine

Apple sucks

yeah but I should use the device the way I want not someone's else want so that's why I don't love them

but i want to learn apple developing and the ONLY way seems to either do a hackingtosch or buy a macbook

Omg it booted

never doing that again

OMFG IT BOOTED AND JUST WENT BLACK

I don't know anything about apple developing but isn't there any simulations or online systems that runs the os so you don't need to buy anything?

Nope. Apple is way too money hungry to let that happen

https://giphy.com/gifs/true-detective-Zqe1S3qNQxsuQ

i mean vm but its still hard to get an iso

of a new version of mac

cause apple hates its users

correct; Mac makes it hard on purpose

because it's proprietary, and they only want it installed on proprietary software

Yeah there a usb port limits and stuff

I just searched what is hackingtosch and it seems like what I was talking about "a non-Apple computer (PC) configured to run Apple’s macOS operating system, allowing users to experience Apple software on custom-built or third-party hardware"

You can only download pkg and dmg and no iso

this costs lots of money

even hackingtosch?

ye, those are gonna be your standard file types.

hackintosh isn't official, so you're trusting the author not to backdoor you

¯_(ツ)_/¯

To clarify its a basic windows acer swift 14 but im tryna get macos to run which should be impossible because of the integrated graphics i have

but good news

its not going into kernel panic again

😭

lmao

lul even

my main question is; why would you want a MacOS on your system

like

Idk looked fun

why

you can't just use an old or junk laptop or vm or it won't work?

xcode

would be fun

No access to wifi

i mean, you can. just saying it's a lot of trust. period

like running any third party tools

omfg i think it changed my boot order

apple

Sincerely

fuck you apple

ah xcode is an IDE

yep

why not use vscode/vscodium

No support for previews

which isn't proprietary, apple exclusive

on swift and swiftui

Bro ive tried everything😭

you also cant import packages

ah, you're trying to write apple specific things

yup

because you hate yourself

Yes

have fun with that

i cant go into bios anymore tf

makes sense

okay i think i solved it

😐

oh AND apple made sure that apple deveoper accounts cost money

imagine having to PAY to publish an app💔

yes

LOL

this is one of the main reasons there aren't a lot of games with Apple/Mac Compatibility

because it's just that much of a hassle

fun fact: mailto: works in discord

But lowk because so little devs wanna work with a shitty company like apple, its a goated job opportunity, not many ppl know how to make apps in swiftui and swift

mailto:https://google.com

you mean indie right? I think big games doesn't run there because they also run on ARM I think

fuck

brain is not brianing i forgot how to do mailto

indie, yes, but also the ARM differences which would require a bunch of low-level differences that require time and money to fix

Okay but TO BE FAIR

because of apples os gatekeeping

yeah I see

the iphone 4 is ridiculously hard to crack

Every error message... is not information disclosure?

the only ever attempt was done with a nand mirroring chip attack

At least u got a job

Okay did some minor patching

one last revoot

reboot

and imma sleep

https://tenor.com/view/rudo-ludo-gachi-akuta-anime-managa-gif-3656145919242946506

Real

took me a bit but found my focus again

Hi

I’m getting back on htb

i just saw a guy turn a discord bot in his server into a reverse shell that you can type commands into and the target just interact with it

guys I have a question if I use a splitter for my pc and laptop I turn them on both at the same time will my system work?

Hi

D u miss me

I do

Let's do something funny

whats up 👋 im new here

you can't put multiple inputs into a single monitor connection, its only one at a time

what you can do tho, is connect the splitter to the displays on a different slot than the main host

I use one for work

you just have to swap the display inputs on the monitors when you wanna use a different machine

ive seen lots of people use discord webhook c2s

its kind of cringey and larpey tbh

sorry I should have clarified my question a bit splitter for ethernet

ohhh

uh

same answer

one cable per computer

the device that connects multiple ethernet cables for networking is called a switch

actually

yes this should work for you, both devices should just get half the bandwidth they normally do

due to the connection being split

switches are the better man for the job though

full speed with multiple connections

I do not care about speed what I care about will they both work at the same time

Cloud you are a great guy, i swear every time I look here i see you helping others out

i believe so yes

and will they both have same IP

oh, no

thats not possible

how will the ip address will be configured

You know what super simple inconvenience that grinds my gears about windows 11. The fact that night light (blue light filter) wont work unless you have location services on

I am unsure, actually, when it comes to splitters

Like bro, My system time is never inaccurate, you dont need to track my location 24/7 to know when its 7pm

mostly because 1 interface = 1 IP address

ah

you need 2 splitters sir

in order for your setup to work you need a pair of them

Would getting a mesh network make my WiFi better

If i use plug in them like that it won't work?

ya

thats cuz

it turns the single cable

it needs to travel

into a cable carrying 2 signals

it needs to be split at the entrance by the hosts and split again at the router

so your router can tell the difference between the two hosts

@molten bobcat

sup

yo

https://tenor.com/view/skeleton-mad-skeleton-gif-10886506202898815019

I can hear this gif

I can hear you

I can smell you

take a shower

No water

What do

help

gin

i am kicking absolute ass rn

OFC YOU ARE CLOUD

Hehehe

Im ngl i feel dumb as hell today

Doing this box along with a write up and there’s been a couple moments today where I’m like

What the fuck is going on

⚗️

Real

https://tenor.com/view/imhere-arrived-ive-gif-17714778118192259903

I need tamil hackers to learn hacking

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

@warped plank linked this to you already, but here you go. See the link above.

There's a link in Step 6 that is 404
(can't paste screenshot), https://app.hackthebox.eu/tracks/1 - does the beginner track still exist?

is night hackinggg

Target(s) are spawning...

:evilcat:

I have been looking into Raspberry Pi's for file storage

ik I can just stick a USB into a Router

but like you can do more with the Raspberry Pi, that just gives me the urge to just buy

30
/
30 Streak pts earned

time to finish my food and pass to the next section

anyone here friends with @true pivot ?

what?

yo gurt

gurt:yo

@netprobe

yo

what

@wanton dock

sorry vader it autofilled wrong ping

i like hack the box

is very fun

fr?

Are there any plans rn to do seasons for letsdefend?

you may want to ask in the LetsDefend discord

https://tenor.com/view/quishilobie-cat-white-cat-with-cigarette-cigarrete-cat-depressed-cat-gif-1366676046942216736

Limbo emulator is safe in android install kali

Is it possible reissue htb vip+ voucher after claim?

honestly US hours in this #general chat are really shitpostey

tru, EU never shitposts 😊

As an American I'll make up the lack of EU shit posting

https://tenor.com/view/peak-mid-it's-peak-it's-peam-peam-gif-12218630663784157550

https://tenor.com/view/silly-gif-3397568161154480277

time to post favorited gifs without context

https://tenor.com/view/satan-pooh-pooh-bear-ritual-mirror-gif-12920047

https://tenor.com/view/mac-trash-gif-26503253

https://tenor.com/view/haha-so-funny-gif-22187368

Lmao this is the second time I've crashed my Linux from messing with kernel modules this probably isn't a good idea

Back in business now

💀💀

The other competitor:

Telegram

Gm

Bm

Im wake up after 5 day mute

Skill issue

Cyberbully

Good morning tho

Trashbook

Its running windows

Yeah their reviews are terrible lol

How you doing

Good hbu?

Fine

Hey guys

I'm retiring from red team

Gonna be a blue team detective

New first language is query language

Sheesh TryHackMe reviews are mixed to bad

And mostly because upper management sucks

While Hack The Box has great reviews

I suppose Hack The Box is a really great place to work at

The upper management at Hack The Box by reviews is almost great by looking and the reviews

which competitor lol

TryHackMe

thm?

Thm

Oh wait
Htb has no competition
No one comes close

apart from the working environment, yesterday i was in their discord and even the community is not really liking how they are doing

their new cert everyone said is a joke

but in my opinion, thm for starting is way better than htb, but if you want to get serious you should switch here as fast as possible

https://tenor.com/view/batman-real-true-fact-checked-fact-gif-6343207587503842551

my review at Hack The Box

5.0 ⭐️⭐️⭐️⭐️⭐️

Pros: I dont work there
Cons: I dont work there

are they stil using AI for grading reports ?

i don't know, i hope not lol

Yes

6 months back i would have said that
But now htb has introduced alot of beginner stuff and thm has degraded in terms of quality so i would not

Yes

Ngl I kinda regret for buying yearly sub at THM

I got it for cheap and i still have it

i think you are talking about the CJCA, even tho it is really easy content, it's still better than thm certs

Well I got it for 80$

you get more value from it

I got it for less than 30$ iirc

Bro how

i got monthly but i'm just wasting money atp

From what I heard HTB CJCA is harder than any THM cert

exactly

Not sure what to think

that's why you get more value

Yes, and better

and looks cooler

No offense I think Ill take CJCA only if someone is willing to buy the exam for me, cuz atm I spent a little bit money and I wanna afford the basics

Cuz atm I bought eJPT and gotta do it at this point

talking about the cjca in my opinion, only taking the path is good, buying a cert only if you have the money

all of the other certificates are always worth

Well I was planning checking the stuff again

the cjca you mean?

Ye

i also thought about taking it but it's really basic stuff, if you have already some experience you shouldn't

in fact i'm going straight to cpts even tho i'm bad asf

speaking from experience: you should go straight to CPTS

Well I dont have xp but I did finish the path

ello

I've taken CPTS and even I'm learning a lot from CJCA

yeah i thought a lot about it and in the end went with cpts

Yo Mick make a HTB employee review

go on with cpts (suggestion)

I like CDSA more

oh yeah my bad

i said cpts even tho i didn't know which you wanted to do

@sturdy thistle today's latte art

what

You work at HTB

Make a review

i do?

didn't know that

awesome

ya warm up le machine yet?

Looks like a pp

had one already

what review do you want

mine got cold cos we got really busy at the cafe

A honest one

about what lol

About your work experience at Hack The Box

if it would suck i woudln't be here since 2020

You would be surprised

My mom doesnt like the place she works at and has been there for 25+ years

that's her fault then

maybe she has issues in finding a new job

Well once you have a home in a small city its hard to find a job somewhere else

my father worked 31 years in nursing and he hated it from day 1

Peak

He is still working btw

sometimes you don't really have a choice i guess

even if you hate the job you still need the money

i hate tire changing but i gotta do it sadly

fair but work life balance is improtant fopr your health

I hate being unemployed and getting an entry-level job in IT is really hard and my mom doesnt wanna hear about me getting a job somewhere else

You barely get a job in jordan here thats enough to cover the essentials

When you have a big family, you cant risk

it's important, but sometimes you can't achieve it

exactly, imagine your father stopped working, what would you eat?

if you still live with him obviously

Food

i can

You are Mick

Where would u sleep

without money?

Under a roof

Steal

Its all games until u try it

okay @fiery copper is the goat

hoenstl,m htb is a very awesome place to work for

i'd love to work there in the future, do they have remote positions? (i'm eu based)

i work remote since 2020 🙂

what do you do?

yapping

oh nice

I'm working in Support team

and I'm EU based too

nice nice

Anyone want to solve CTF together, DM me. We will solve together.

I wanna work in the support team too

https://apply.workable.com/hack-the-box-ltd/j/F24FFE5F53

There is an open position

i applied the other day with a text file resume, they said no

not that position, was a US one

Ill save this position and apply once I come home

like if we stuck at any point then discuss on it and solve it

What you mean

i figured it was worth a shot, but my resume is all software and didnt match the position i applied for

nothin like crashing your system when doing lkm development

eat breathe, sleep segmentation faults! 🔥

https://klipy.com/gifs/computer-science-c-code

ahh now i see

Imagine getting segfaults, can't be me coding in Rust

-# still get's code that panics cos I spam unwrap cos I'm too lazy to handle errors

How is it going chat?

bad, chatgpt called my somewhat vibecoded rootkit the most unstable thing to scratch the earth

Yooo where have ya baan paint?

ya been dead

@undone fossil is it a good idea to skip the entire system call stack when doing lkm development with kprobes?

idk I haven't gotten it to work any other way

all the other ways end up crashing the system or cause unpredictable behavior

ive literally been here every day

average msfvenom binaries

@molten bobcat u up?

@austere sinew pingy

tfw when you're in the middle of a google search, get up for 5 mins, get back and completely forget what it is you were searching for

Anybody having rdp issues in academy

Wym skip the system call stack?

I’ve personally only used probes a tiny bit so I’m likely not the best person to ask

static unsigned long get_syscall_return_addr(struct pt_regs *regs) {
  unsigned long *stack = (unsigned long *)regs->sp;
  return *stack;
}

then set regs->ip to the value it returns

On my way to home, the bus broke and I have to wait 2 hours for a new one

Can I talk to anyone from HTB team?

what have you used for tracing?

havent done it myself and work has thicc ndas :/

is this for 32-bit ?

64

why are you casting the stack pointer to a 32bit type

not my code tbh I did vibe code it a bit (I'm not proud)

bruh

void*

I'm still learning C lmao I'm new

all good

unsigned long long is the 64 bit one

^

ulonglong my beloved

i think cstdint also comes with a pointer related type name, i forgor?

if you want cross platform then use some cross-platform friendly type, but yeah if just 64-bit then a size_t or unsigned long long will both work

both the same thing

return "1";

size_t is just typedef unsigned long long size_t

all things lead to ulonglong

void* is kind of a code smell because it's just a "pointer to something" type

but for this case it's fine, its understandable

here's a random example of void* usage from my old rootkit project

void* resolve_func_symbol(const char* name)
{
    struct kprobe kp = {
        .symbol_name = name
    };

    register_kprobe(&kp);
    void* addr = (void*)kp.addr;
    unregister_kprobe(&kp);
    return addr;
}

It was very primitive, just using kprobes to hook syscalls for fun

struct kprobe kprobe_pre_sys_kill = {
    .symbol_name = "__x64_sys_kill",
    .pre_handler = hook_pre_sys_kill
};

void hook_syscalls(void)
{
    register_kprobe(&kprobe_pre_sys_kill);
    LOG_INFO("Syscalls hooked");
}

void unhook_syscalls(void)
{
    unregister_kprobe(&kprobe_pre_sys_kill);
    LOG_INFO("Syscalls unhooked");
}

asmlinkage int hook_pre_sys_kill(struct kprobe *p, struct pt_regs *regs)
{
    struct pt_regs *um_regs = (struct pt_regs *)regs->di;
    // https://faculty.cs.niu.edu/~hutchins/csci480/signals.htm
    switch (um_regs->si)
    {
        case BACKDOOR_SIGNAL_TEST:
        {
            LOG_INFO("BACKDOOR_SIGNAL_TEST");
            break;
        }
        case BACKDOOR_SIGNAL_HELLO:
        {
            LOG_INFO("BACKDOOR_SIGNAL_HELLO");
            break;
        }
        case BACKDOOR_SIGNAL_ROOT:
        {
            give_caller_root();
            LOG_INFO("root granted!");
            break;
        }
    }

    return 0;
}

BACKDOOR_SIGNAL_HELLO

yup

its very good right

100%

apt frog typhoon

linux rootkits are always fun

remember when windows didn't have the driver list

good times

pointers in gen chat?

i'd be concerned if people who can hack things don't understand the concept of pointing to something

you're about to be greatly disappointed