Cloud is officially part of the No Linux movement

He's getting much more exercise now that he has places to run and jump to

Cute animal

VM more like Very Motivated

What are you doing these days?

okay

i am verify

College

Any hacking?

Ye

Hmm cool

Yes bro you are verify

I do hack on windows

i hack windows

I believe it I just couldn't do it

I hacm windows with rock

i hacked the windows

What tools for Windows ?

calc

i use my bare hands to hack

Windows copilot

calcules

Windows + WSL + Docker

Paint

how to hack windows copilot

You should not. Most of that time, I cannot distinguish reality from what is in my mind.

Hmm ask copilot

I run arch linux and I have similar problems

Meaning don't believe everything I say

Should I believe this?

Idk

Fact: ||You are in Plastic rank, so now you can't see the Noob rank||

Yesss

Yo how are u 1.81

Arent ur people short?

Three constants in life you can always rely on

1. death
2. taxes
3. @supple plume in #general

Trust me I can never rely on taxes

https://giphy.com/gifs/tractor-T8DarIbTMG3GU

Also I have an interesting fact

not actually but maybe

If you feel like I hate you, then you are wrong.

I only hate myself.

https://tenor.com/view/oh-no-cringe-mexican-cat-cringe-gif-4559101190015770860

Well change that shit

Let it be known. i love you all

About me or you @supple plume

You

Aww thats sweet

You as in @supple plume not you as in yourself

As of an echo of an echo

Echo echooo echooo.... echoooo.... echooooo

no im in substrate rank

"see the NSA release of security tools to the public"
what tools they mean?

Hahah

I remember someone posting that

Look up on this chat history

It is mostly weird shit tools

1 month ago at least

last time they did this they caused like 2 major malwares lol

@supple plume I wish you something

that something is you being happier each day

Im working on that it doesnt happen upon a wish

But thanks

Why are you so nice with me today

When you joined you treated me like trash

nub cat moment

cuz I saw you having a bad day, and I like you to be happy

Wdym

my pfp

their pfp the creator of them gave them funny personality

Idk

Wish you the best

But let's hack

Actually

Someone could recommend me a beginner retired AD box

i have question about the nmap in the firewall ivasion section they tell you you can specifiy a source ip but it seems to never work what i am messing here?

Not about CVEs

Are you connected to the vpn?

Also nmap can take like 10 minutes sometimes

yeah but like if i specifiy a source ip wouldnt that just send the result to the ip and not to me ? it just directly say the host is down

The source ip isnt the ip that youre attacking?

I cant run nmap --help rn

https://tenor.com/view/kryonax-skull-gif-26476587

Spooky

like using "-S 10.129.2.128 -e tun0" the source ip is what you want the firewall to think the packets are coming from

Oh that's cool

Unfortunately I didn't do that module yet so I can't help you...

i tried it on the nmap scanme site and the target site on the module and both showed that they are down which is weird

@real cove nice song btw 😹

who passed eJPT

dawg

its all fun and games until pseudo soldering kicks in

Send me

Read the articlr aboud evasion again

Like, slow

Im back

Eww junior pentester

I was muted 5 days

"smb null authentication" ahh cert

Hey, is there any way to filter for free machines in the HTB labs?

active machines

free

and retired there is only 2 usually

I think you can see it in a tab

goon starts at 100

and ends at 3

ok, thank you

https://tenor.com/view/jarvis-iron-man-goon-gif-5902471035652079804

Always with this guy lol

lolllllll

i got trolled by the section in the module because it show that it return a result because it say you can use it with an IP that the firewall allow

also, how's the CDSA report goin?

It would be going at all if my cat wasn't on my keyboard

any admin here ? scammer detected

the gov knows where the ufos are

FOR..

wat

Being too good in hacking

https://klipy.com/gifs/peter-griffin-family-guy-31

Oscp?

got another scammer in my DM

uhhhhhhhhhh

idk wat to do in this situation

teach me sir 🙏🏻

Okay

Step one is null auth smb rcp

I am a skid

I think you ping SeriousRuleBreak

lol no like they are from this server lol tahts why i need an admin , they usually join the server looking for "hackers"

uhhhhhhhh

https://tenor.com/view/hanna-ball-kitten-soft-fluffy-kitty-cat-paws-gif-2803341425267067710

then just report them

and leave it

Goon

Lmfao thats almost a year time of just exam days

or forstbite

Whosbite?

Dm me some screenshots

like you dont know

goat

Cape cpts cwee is a whole month of just doing exam

ill get the CAPE in someday at 2026

30dayz

Lies

done

"all 65535 tcp ports are closed" ahh cert

why there isn't a memes channel?

because thats the meme

No pls at least wait until i get the cpts

nah, it isn't

Did you know i have btw i also have:
Penetration Testing with Kali Linux (PEN-200)
Web Application Penetration Testing (WEB-200)
Advanced Web Attacks and Exploitation (WEB-300)
Exploit Development (EXP-301)
Wireless Attacks (WIFI-300)
Offensive Mobile Application Security (OSCP)
Advanced Social Engineering (SE-400)
Advanced Penetration Testing with Metasploit (MUX-400)
OffSec Certified Professional (OSCP)
OffSec Exploit Development Expert (OSEE)
OffSec macOS Researcher (OSMR)

can you believe i passed this:
CompTIA A+
CompTIA Network+
CompTIA Security+
CompTIA PenTest+
CompTIA CySA+
CompTIA Project+
CompTIA ITF+
CompTIA Server+
CompTIA Cloud+
CompTIA Linux+

Certified Ethical Hacker (CEH)
Certified Penetration Testing Professional (CPENT)
Computer Hacking Forensic Investigator (CHFI)
Certified Network Defender (CND)
Certified Cloud Security Engineer (C|CSE)
Certified DevSecOps Engineer (E|CDE)
Certified Application Security Engineer (CASE) (offered in multiple tracks, like CASE.NET and CASE.JAVA)
Blockchain Business Leader Certification (B|BLC)
Blockchain Developer Certification (B|DC)
Blockchain Fintech Certification (B|FC)

Cert collector

@mystic harbor

https://klipy.com/gifs/doubt-press-x-3

how is this even related?

but do you have +7 years experience for entry level job ?

You forgot certified liar

Bro is a certified human

it looks like a certified yapper

Uncertiedied ethical hacker

I know he's not honest because the implication is he's willing to waste his time on blockchain certs.

Bro wants a meme channel and cant get it 🥀

Why would you do that to yourself

20% of the certs i put dont even exist

no omniscient 🥀

Certified Ethical Hallucinator

I need por hacker

I can't send gifs or photos that why I am want one

My phone filled up space because of that certs message 🥀

I am sleepy man

goo night

good one

U gotta convince the mods to let u

Gotta be hacker rank

I know someone that pays 1k in cert renewals

Or mods approve you

Bye

Okay now there is a reason to learn social engineering for me😂

Or you can do that

#general message

now I really want to be hacker rank

I recommend hacking things, will get you there

Asocial engineering

It's not too hard just complete all the easy VMs.

Nah with those mods its easier to get hacker role instead

That are active

I am working on this anyways a chall "get a machine or challenge published"

didn't get it

planning to create one after feb 8th

Oh silver season rank

Is even easier

Just hack a few boxes

well

season hasn't started yet

Well I guess it might not be permanent

so

Also

While hacker rank is

I only done few boxes and im 30% away from hacker role

Ye it's really not that hard

Just complete all easy boxes and you got it

yeah, I just don't have the time I solved 2 active boxes and upgraded to the script kiddy so I think yes it isn't hard

Would have got it a long time ago if i spent time in it rather than the academy

I got mine years ago. Pro hacker is such a grind though.

learning is important

All easy all medium and 1 hard all active

indeed

I just don't have time for it

gotta do all the new machines after feb 8th

I am waiting to the new season

Like I was motivated at one point

Shut up dummy

But like now

I'm like idk

I just want to get pro hacker so my name is green, it looks amazing

Your name green now

nah it is lime I think

Pro hacker is neon green

I think

yep and it looks AMAZING

Idk it's such a grind tho

can confirm

Depends on box but you're looking at anywhere from like 2 hours for the truly easy boxes to a day for the "easy" boxes that decide to hide creds in weird places you wouldn't think of.

I am planning to get the academy student subscription in the vacation, and I will finish the CPTS path

I did it by competing in a season I think I got 11/13 or something

And then mediums are like, more of that and hards are like hard and insane boxes I hope you're just good

I thought I am bad cuz I spent 2 hours on easy boxes

I've had a couple of the really easy ones that took me like 30 minutes I mean it really depends on just how much stuff you have seen

A lot of the easy boxes have some pretty standard methods at this point imo

So many random hidden subdomains

Alongside a template website with a bunch of links that go nowhere indicating you need to look elsewhere

angrybird

@lilac cipher

I only solved 2 boxes on hackthebox so I don't think I have a saw a lot

Probably not no

Idk I'm in the like 30 range

Or so

https://tenor.com/view/gojo-screenshot-jujutsu-kaisen-gojo-satoru-gojo-nah-id-win-gif-4087154782000543513

30 years old?

30 boxes solved

I'm not 30

bruh 😂 sorry bro

great effort

I'm like 24 lol

I've been here for years tho it's nothing special.

okay you are still older than me

for htb am i installing openvpn on hyperv

oooooooh

Hi, Anyone here? Im new to HTB i need some help

Feel free to ask here

dude i cant do ts

im about to

crash out

I am getting started with HTB, as far I understood, first do Intro to InfoSec, then SOC Analyst Path, then Penetration Tester, Web Pentesting, AD, and then AI Red Teaming... All in a squence or should i only get onto a single path only... Please help me in getting the right direction

Edit:
@naive leaf

I could get you a bag of concrete

so you can harden the tf up

lol jk

Take a break and come back to it. No matter your skill level you'll always hit snags. Beginning is the hardest tho

no like

i cant find hyper v manager

and it says i need that to setup openvpn

for the htb lab

okay so there's a few things that are

needed to be understood here

Oh, my bad. Are you trying to setup a vm so you can access labs through your own vm?

yes bevause pwnlab ran out

You are able to interact with HTB via a Virtual Machine of your own. This can be anything from vmware workstation to virtualbox, etc

i dont need openvpn?

This virtual machine will likely have openvpn as a binary, preinstalled.

which means all you need is the .ovpn file provided by htb to connect

yes i have it

You do, so you can connect but you need machine to do so. It's easier to create a virtual machine and then connect through that

sounds like you're missing a virtual machine of your own

For example, I have Kali Linux in a VmWare workstation box

i have kali linux and parrot vms can i use those

yep

I use kali myself

okay ill use kali but what do i do w the file it gave me

its just preference

uh you do the intro then junior cybersecurity analyst path the SOC and penetration tester are their own field like what you want to be

the file it gave you is meant to be used in the openvpn command used to establish your vpn connection to htb

sudo openvpn /path/to/your/.ovpn

that file wont be in my vm tho its on my windows

put it in there

uh

idk how

Gotta transfer it

copy paste

oh wow

most vms nowadays support copy pasting shit between vms and the host

hi, I'm starting with MCP and I'd like to know, according to your experience, what tool is the best to learn on HTB the MCP skills: Claude Desktop, Claude Code, CLine or Cursor.

i didnt know thats

how

i made a whole mega account

to transfer files

lmao goober

not needed 😄

😭

oops

oh well

this is how we learn

Welcome to cyber security, where we all know nothing and everything is a struggle until you go research lol

https://open.spotify.com/track/7rwp86hIhD7pGcvx5fi2Uv?si=tkj9a8YRRwS3jAoudHg0pQ

okay i just dragged it in

Sometimes if that doesn't work you can right click copy right click paste

yea copy and pasting never works for me

well

ctrl v doesnt

its CTRL SHIFT V for vms

❤️

i can click to copy and past

oh

🤯

its shift ctrl v in the terminal

mind blown

we're unlocking

also just a head up if you using RDP or any form of connection it may break your system sometimes so you need to copy from the target to your vm machine and then copy again from the vm machine to your pc

alright i ran the sudo cmd

okay this is

big important

that terminal

needs to stay open

in order to the vpn connection to stay open

okay its just timestamps with stuff right now

do not close that window

thats fine 😄

okay

it just spits its logs into the terminal every now and then

whenever you wanna disconnect from htb, CTRL C that window

alright so im connected to the vpn

for now you can minimize it

oh yea it says connected on htb

if you're in kali your VPN IP address is in the top right of your screen

if you using to kali press the number 2 it switch you to another workspace or whatever it called where that termianl doesnt exist

yep thats correct

different workspaces and stuff for organization

lemme try

oh

thats rlly nice

yeah very helpful for when you have alot of things running , ofc having other monitors would be better but this work too

and Im newbie

hey Im newbie

the vpn im on has a different ip than the htb

i think i took to long it reset or something

doing htb tasks on mac os running vm is fine ?

like the target ip or what they using?

oh nvm

yea

ima try to do this lab now

im being ignore

im not the person to ask but i think it works

most of us use linux on vm for learning

thanks sorry for the rude msg before

@molten bobcat u up with jjk modulo? Spoilers included?

i am not

Or anime only

yay

Im caught up to the end of JJK

Oh, icic. I recommend to check out modulo, its insanely good

Once you finish up the cdsa report, that is

ofc ofc

I am

almost done

I should finish by today

Easy finish

WHY DID I GET PINGED SEVEN TIMES

because we care about you? hello?

duh

.

see fellas, defuse with kindness

oh we were teaching people hwo to ping you

@molten bobcat @west venture @supple plume @brittle quail

@fiery copper @cerulean bloom @sturdy thistle

my discord is set to dnd because im not a goober

so that did nothing

c'est la vie

hush

Have a nice day!

https://tenor.com/view/wololo-age-of-empires-empires-szaman-shaman-gif-21642499

I guess you have a typo in your name UndeadWolo

@static pasture @maiden anvil

👁️

what first htb you guys recommend

what

There is a Starting Point Section

@austere sinew healthcheck passed

btw are you french ?

ok I didnt see it

Nope, why?

cause the icon looks like the french flame

No, I'm just awesomely Certified as Junior

so its asking me

what the id of the pcap file is

its 2.pcap but 2 is wrong

nvm

I'm dnd forver
Yet I get pings???

Wait that's idle 💀

i cant find nathans flag

hello

How can i get invoice

Quickbooks

where is payment history

hi

hello guys how do i set up virtualbox to work as a pwn box

1. Open Google
2. Put this question in the search bar
3. Press ENTER

thanks

you need a virtual machine image to load into it

https://www.kali.org/get-kali/#kali-virtual-machines

yeah i know

i can not find

this flag bro

hi giddsec

wololo!

@maiden anvil yo

any hacking today? 👀

nothing fun

keli lenus the louder the better

wbu big dawg?

lots of stuff cant talk here tho

gotta go to the trusted hacker channels

lemme in hacker lounge

wololooooo

complete more boxes

90% of htb rank is just time invested

oh okay

what is airtouch

idk google it

the SOC team watching all the alerts i am doing with 3 vms opened doing aggressive nmap scan

Lmfao

consider it grinding game but with actual life reward as it add to your experience

something that will make you cry

dude HTB certificate art is fire af

Linor kal

No sound, more

https://tenor.com/view/go-golang-my-beloved-mybeloved-gopher-meme-gif-3557932171434243883

dude they changed metasploit art to a ninja?

Ive been testing out 1.26.
Some neat stuff https://antonz.org/go-1-26/

should I just say fuck it to learning python and learn GO

I feel like that's what I should be doing on a thursday

Yes

is there a live support for htb?

both are good

python is still nicer for super quick stuff and the truly massive library support for everything, but go just feels nicer for actually writing tools n stuff thats going to have more serious usage

sup HTB homies

hope all are keeping well

Youre also gunna encounter code bases for both. Few languages are actually worthless to learn

That interpreter promot is smart

I designed that and made it open source if you want it

Hi everyone 🙂

Wsp

Well everything is ok but the learning for cert is tough, for CISSP at least...I am preparing a lot of months.

Dayum

I know that this cert is offtopic because it is not HTB cert, but still I need it for a new job....

Well this is the offtopic channel

Looks difficult this cissp

ontopic yappin only

Well it is a leadeship, managerial and technical exam

Looks like a lot

At least to me

after that HTB...

I couldn't do it

It's usually the other way

If you do not have 5 YOE

Yeah one starts doing some htb certs to get 5 yoe some day

ok

https://tenor.com/view/pillar-men-awaken-my-masters-awaken-jojos-bizarre-adventure-jjba-gif-19344086

new cert dropped

Well I hope for the best 🙂

Is this a requirement or a recommendation?

hard requirement

Very hard

well difficulty wise it's not hard

it is requirement to have 5 YOE or 4 YOE with a degree

unless you get laid off

Well good luck tho

Thank You 🙂

Anyone here have a good TV show to recommend ?

Breaking bad

I wached that a while ago

crazy TV Show

Death note?

Never head for Death note, going to se trailer 🙂

Oh

It is anime

And a bit old

But hey one of the best things I've ever watched

It's not silly

Anime is not my cup of tea...

It wasn't mine either

But this is something else

There is a Netflix show with the same name

Mr Robot

can someone explain to me why I am paying for VIP+ on HTB? every evening the connection is so damn slow, boxes not responding, shells not usable, downloads via FTP or SMB absolutely not possible

😄

If it's not anime do not watch it

It will be very bad and spoil the real one

I've noticed this too

time to pay more

is icecream timeee lets goo

Tucced

☆

Hi Everyone, I am trying to do RDP and SOCKS Tunneling with SocksOverRDP, but I have a problem with this section, I execute the dll and it was successfull, but when I try to connect by RDP to the machine 1, I have the message "Remote Desktop cant connect to the remote computer"

I execute the dll and it was successfull, but when I try to connect by RDP to the machine I have that message.
I am in the pivote windows

kali - 10.10.14.205
pivote windows - 10.129.3.252 (I did all and was ok, but I cant connect to machine 1 by RDP)
machine 1 - 172.16.5.19 victor:pass@123
machine 2 - 172.16.6.155 jason:WellConnected123!

please ask in #modules

😄

🚬

plex confirmed my bug

You know

At this point

This is u frosto

Burns down house

ok

time for more lab

Has anyone done the Control pro lab? There's no tag for it yet in #1263635449335910531 ...

@molten bobcat qestion

whats up

so

im on my pc at home now

continuing the lab but the vpn wont connect

in kali terminal

forget it

the only thing i still dont get

is the hex code

what about it you dont get?

i donrt know how to get it

it says submit the flag located in his home directory

getting it is the entire point of the exercise

its 'proof' you completed that stage/box

Sorry, I was focusing on my exam

I'm taking a break currently for my brain

i cant find it

beent trying for a while now

right, exactly

finding it is the goal

but how do i find it

good luck!

which lab?

cap

if its smth like abc11393eed82930ae
and this is a box, I think that is the flag

Those are called "hashes"

it says its 32 hex characters

yeah lol

Yeah, so either numbers or letters

Im not gunna tell you the answer for that one as its basically cheating.

If you give up though its a retired box so you can find a walkthrough

Hex stands for Hexadecimal

arent hashes with only hex values either

smart guy

i found one earlier that was i think 32 but it didnt work

I have not done a box in 3 years

It will be inside of a file called flag.txt, user.txt, or root.txt

for htb standard boxes like cap there will always be a user.txt and root.txt that has the hash

any other hashes you may find might be important or might not be, but they wont be submission flag hashes

so i get inside those

somehow

Yes

yup

You can read them

k ill try

In the terminal

usually you can just hack into the machines and grab the files, dont have to worry about solving anything

youre doing a hacking challenge, gotta hack it

Hack n smack

yebut

idk how to hack

😭

🤣

https://klipy.com/gifs/just-do-it-shia-la-beouf-1

Welcome to the club

might want to try starting point before an easy box then

htb easy != newbie

yeah pmdev you are going to love the ride

now

Be advised

Spoilers

Even for retired content and shit

huh

Don't talk about box steps

Cuz it's a spoiler

oh sorry

All good 😄

the um

curl command

in writeup

isnt working

Are you:

• connected to the vpn
• using the target ip

wait i have to install linpeas

No you don't

oh

I hate linpeas for beginners, it throws a bunch of useless info at you that will just end up getting you more lost

im at the privelage escalation step

Also; you cant get linpeas from targets. You have to transfer it over

They are designed not to have access to the open internet

just memorize the script and type it out on the target

ez

that paint in ur banner

looks delicious

ohhhhh

now ik who ippsec is

join botnetbuddies

okay

what is that

Good evening gamers and non gamers

Hello everyone, I joined this server about 4 months ago but didn't bother registering an account until now.

I've been using thm for about 7 months and having fun there. Plan on finishing out the sub and see where I wanna go from there.

I have experience with DOS, win3.1, win95, win98, win98se, win me, win 7, win 10, win 11, red hat, centos, debian, cisco security, firewalls, dns, radius, apache, wireless, mysql, php, routing, switching, IPSEC L2L VPN, Remote Access VPN, network engineering, system admin, perl, python, BGP, EIGRP, OSPF, VoIP, Load Balancers, Infoblox and probably some other stuff that I am forgetting. Ask me anything, happy to share my knowledge.

I have been in IT as a Network Engineer for 25 years and have a dual CCNP Enterprise and Secuirty.

IPv6 killing IPv4 when?

Oh that process started 15-20 years ago

already using IPV7, catch up nerds

still waiting

I honestly think NAT is just fine and I doubt it will be widespread IPv6 any time soon

NGL with the security state of the internet thank God for NAT, idk how secure the world'd be without it.

Well IPv6 is great for hackers

lets put everyones public IP back directly on the internet!

lol

It will be like the days of IRC!! Those were the fun days

yeah so fun to get DoSed

I just locked up peopls computer

made them reboot

didnt know you could do that

yeah , win 95 was insecure and no firewall and directly on the interent

there were some exploits in c that were easily ran, just put in their IP and they get BSOD

book club

lemme in

Nice to meet you W1LD

ask the leader @spare acorn

Yeah, that stuff is useful especially if you're the one person in your family everyone relies on for IT support. I just yeet a remote desktop session to my grandparents anytime they need IT support.

Half the time it's just a hard-reboot

meanwhile I lose my connection for half a minute and want to flip the table

bro ts impossible

A friend of mine just created a ticket system for his family and friends and told them to put in a ticket if they need help

i give up

idk man my family finds it weird that I work with computers but dont know excel shortcuts

lmao

i can barely use excel tbh

lol

I'm not a big fan of excel either

What's impossible?

real, use json or for larger data sets use a database

the lab im doing

cap

I use Excel every day

This NMAP is taking forever on this THM room that has 3k open ports... maybe i should not have done -sC -sV --script vuln on 3k ports

Ohhh, yeah that's a fun lab

Easy csv parsing

Usually run 2 passes, 1 to just scan and the second to script scan the open ports the first scan found.

not fun im getting mad

isnt there an option to put more threads to it?

That's part of the fun

ahhhhh

yeah htb has that effect, you got a long way ahead

That's what I do. This box has 3k open ports lol

yea very long way

Threading an asynchronous task isn't very useful, it's just using more memory for multiple threads waiting on a network process.

I think I am wasting my time anyway. I do port scan using python socket library, then grab the banners with wget, then do the full scan, but all 3k ports respond with Dropbear

only other open port is 22

Bro found an Australian room I see

It's the looking glass room on THM

I haven't and yes I know it's not. I registered on here early.

I haven't graduated from THM yet.

Meanwhile me who's touched 1 whole THM room:

I need to do all the THM rooms and learn enough to do the hard ones on THM first, then I can have a chance at HTB rooms

Dive straight into the deep end

the water's fine...
-# with a risk of drowning

Lol imagine dragons

Nah, I've tried some deeper end ones, I need to practice enough with the basics and procedures and all that. Thanks for the tip ZumiYumi on the research for the dropbear. I'm still learning the ctf stuff

I'm sure I am exageratting. I've heard the rooms here are very hard though.

what about em?

I saw Imagine Dragons Live a couple years ago, they are awesome LIVE

https://youtu.be/laHht8kGdVU?si=9O8vcet2i9JV5gKa

I wasn't really seeking feedback as much as commenting. I'm not going to ask for help in THM rooms here.

*has done insane machines*
*still struggles with a very easy challenge*

MVP for HTB btw

Imposter Syndrome

To be fair: It was an ICS challenge and I had never touched ICS before.

And now I never will again

😄

Do secure coding @warped plank

No worries man, I understand though, people come into these servers all the time asking for dumb stuff and you've never seen me and I'm a newbie in here.

You can just....
Dive into HTB

My own code isn't secure...

Do you do Cyber as a career?

Hey Kratos, whats up man

Wassup

I'll finish my paid year of THM first

want to get as much before it runs out

Bro gets to play with planes for a living

7 months in I am ranked top 1200...... people quit that site fast

THM isn't known for its quality

you pentest the cloud for real

Did you get promoted?

Ever since they introduced that stupid clanker in their site, it went downhill

@frosty thistle Aviation Network Security talk at DefCon when?

Yeah, right after I joined that happened

Ahhh I get it, NDA and allat

i used to work for an airline, can confirm they are not secure in the slightest

I GOT THE FLAG

Good job

https://youtu.be/4O-SX_W0lrQ?si=7RAKxRlAdbU2QDwK

they're using software from like 1960's

https://tenor.com/view/hacker-hackerman-kung-fury-gif-7953536

it's secure though... it can only be accessed with punch cards

now i haev to get soem full path thing

@warped plank listen to this

https://youtu.be/zLm5oSJRxIU?si=qACYAD-1RYQLDvAC

good luck

That doesn't sound like Adam Sandler...

It actually is

Look it up

Damn he can sing... I can't stop laughing but bro can sing

You never heard Adam Sandler sing??

No I have not, but to be fair I live under a rock

-# a rock filled with korean content

Adam Sandler first performed "The Chanukah Song" on Saturday Night Live during the "Weekend Update" segment on December 3, 1994.

He can also actually act when he wants to

which is shocking

you can try one

Good song too

Fun fact, this guy went to jail

btw we don't say rooms here, we only have boxes. Unlike THM our computers don't take up a whole room.

Really?

Adam Sandler in uncut gems is such a wild difference in acting ability compared to all his other films.

But also most of his films are basically just an excuse to take his friends out on vacation for awhile.

Yuuup I dont recall the details but it was not good™

tryhackbox🫦

i got the root flag had to google some stuff

Good to know W1LD, I will take care and precautions to ensure that I attribute the appropriate nomenclature to the activities available within the site from now on.

basically 99.9% of cyber security in a sentence: I had to google some stuff

Yeah, Sandler can do a good flick. He just does slop to take his friends on vacay

it says i finished but i still havent gotten the full path of file

task 8

Where was the file

well you don't really have to submit all the tasks, but if you spawn the machine again you should be able to submit it.

Give it the path of that

no idea

Well it was probably the root home directory yknow

So like the path of fhat

When it asks for the path of something it's asking for the full written path

root@cap:/root#

this i dont know

Yea

pwd

what

Use that command

It’ll give you the absolute path of your working dir

gave me /root

Theres other ways to determine your location

Could I introduce you to: https://academy.hackthebox.com/module/details/18

Yep, /root

That’s the path

i mean it didnt work tho

/root/

Any file or location past that is /root/filename.ext/

yes introduce me to anyhting

none of em work

Ohhh it's looking for the full path of the binary with the capability

yeah you need to find the full path of what you just exploited to get root.

oh

uh

hello everyone , anyone knows where to contact support by any chance?

buffer overflow

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

@oak frigate ^

Usually its /usr/bin/somebinary

https://www.youtube.com/watch?v=koWipFDgD6c

incase anyone here is into mal analysis

and for devs, don't run on drives that arent nvme

I prefer this, chad move tbh https://www.youtube.com/watch?v=zTOKEKQ8ITA&pp=ugUHEgVlbi1VUw%3D%3D

I mean the better question is what do you want to do? Like, there's a ton of ways to go about learning security, but I can only give recommendations when you know what you want to do.

If you don't know what you want to do, then the correct thing is to try things until you have an idea of what you want to do in security.

If you want to be a pentester vs appsec engineer vs soc analyst vs whatever all the paths to those jobs are different.

Also if you edit with a ping then I won't get the ping. So just ping separately.

this ^ one of the first modules i did that was outside the pentester pathway and infosec fundamental paths was JavaScript Deobfuscation

Like if you love exploit development and vuln research then I have very very different advice for you than if you want to be a pentester with your own custom built exploit suite for what stuff you see most often, vs if you want to be a log nomad who does digital forensics or being a soc analyst.

I actually really enjoyed it, and actually feel comofortable enough to make a basic thing that replaces eval( with print(

(well not print, but you know what i mean)

damn saw this in my steam list, this takes me back;

o7 rip

arch mentioned

I love probability distributions I love probability Distributions I love probability Dis—

what are the chances you convince yourself

the more I repeat the lie, the more I believe myself

honestly though i lowkey love the Windows Reading mode stuff in win11; I can tab back to both things in reading mode instead of tab one, then tab the other

what's up folks?

ay

oh my name changed

yes; your name in this server reflects the name on your HTB account

hack inmg china numer one

let's not be overt trolls

i like being silly

is this a serious channel?

that's fine, just no need to be an overt troll

if it goes too far, you can and will get smacked with the #rules

you just dont get my swag and thats fine, but fr yeah I'll continue my module now. Nice to meet you

Generally this channel is pretty tolerant of silly

risky click?

its a gif mb

no gif perms

Seems like not, however I have no choice but to obey thy mods

@pastel smelt we do not condone or promote illegal activity here see #rules

doing the AI module I see

as the general rule, we mods have to treat most statements by default as genuine. Zero Trust principles

Nop, statistics

Oh

ick, not thanks

I need to study those but in physics lol

radial probability distribution curve :3

ok yuck that image didnt render properly

dog that image got fucked

that's why I studied music

it treated whitespace as literal WHITE space

whatever algo was used to determine that needs to be taken back to the workshop

there

not much better but itll do

ah radial

iirc I think thats default matplotlib behavior

I got a 92 in calc in high-school, then I forgot it all and never used it again

3 dimensions of fuck you

but its been awhile

probably

I just offer my condolences to whoever learns quantum physics

Once we get past the quantum entanglement stuff, my head starts to explode. I should probably try and understand more about it someday, but... other interests

At least you're not forced to learn this

There can be no worse punishment