Its the first reverse shell... there is when everything starts

oh do u know why i have 21A?

prev one ot banned :D

i even lost 22A

lol

all i did was test discord API

so you were 1A, 2A, 3A, 4A.........

and they be like go away

wow

https://giphy.com/gifs/gravity-falls-tDa3HcLSWbiCY

evil

@thick forge hacking?

now genshin

you are a genius mate, its working after I change to US. ❤️

7 min left

then hacking

tell me some easy box to start hacking

machinges

I'm awake

https://cdn.discordapp.com/attachments/588029217376043023/1465803606757478493/ted-tv-show-oreos.gif

It's now everyone else's problem

are you hungry?

Aren't i 😁

Nah I had

A breakfast biscuit

And I've got my tea

https://tenor.com/view/gachiakuta-rudo-gif-9610286431824619425

hellllooo

how you doin

hey I recieved some code from a random number

can anyone tell what does it do >?

Sup

More often than not it's an MFA token

Er, MFA code not token

this is it

That's malware

what it is used for?

Please do not enter this into your terminal

Well let's read the command

It's powershell and it's using Invoke Expression to run "IRM" against a remote IP on port 5506 for a file called zz.txt

Irm is "Invoke Rest Method"

So he's fetching content via irm

The content of zz.txt probably contains more malicious powershell commands

its malware

This is a phishing exploit designed to compromise whoever runs this in their terminal

you may now admire my blinding brilliance

I deal with this exact lame shit all day long at work

I've seen it a thousand times lmao

damm

cant we track it without opening that so called file?

Throw bricks at the user who send that thing

Talk about human physiology..
Good thing he didn't activated it. It looks very suspicious at the start anyway

No

Why dont we just open it on a virtual machine?

The best way to analyze what this does is to run the command or grab the file from a sandbox

bro i asked ai to help me with pterodactyl and it js gave me the answers it dont know how to give hints

That's what I was typing haha

That's normally how I get the next stage of shit like this, I open a sandbox and start playing with it to see if I can't get the content of the file in question

Just normal curl on host wouldn't hurt tho?

Why on gods green dick would I raw dog a curl command against something I know is malicious on my own host?

do we have a program or somekind of software that detects this kind of sus codes and blocks them ?

It's better to do so in a VM always

why tf did u recieve this from a random number

VirusTotal

I use it most of the time

Windows Defender

But

It only detects

Just to see the file content 💀
Why would it execute just from getting it

But this is also "on your phone" I presume?

can i run that command

in a vm

Do not fuck with malicious indicators unless you're trained

are they free to download or else somekind of subscriptions?

Please

k ima ask ai what it does exactly

What device was it on in the first place?

I literally told you exactly what it does already

I can read powershell

laptop lenovo LOQ

How did you receive this?

Earlier you made it sound like this was texted to you

Like via a cell phone

HEY

UNLINK THAT MORON

my bad

Pipe to bash to check

Hey, make sure to log off from internet when you're gonna activate that malware.
It'll spread like a worm and kaboom. You're done for, spread to the whole wi-fi network

YOU JUST PROVIDED A HYPERLINK TO MALWARE IN CHAT

is that the virus tho?

YES

so

can i click it

What the fuck do you think I'm trying to say lmao

NO MORON

LEAVE IT ALONE

via whatsapp

ITS DESIGNED TO STEAL YOUR SHIT

Congrats on making this much more dangerous

but i wanna see the malware

Holy shit dude

I WANT TO SEE IT

You're not ready holy fuck lmao

Then go infect your computer

You about put this whole server in danger for no reason dude

no? im putting myself in danger

Why bother infecting our computers with that unknown file bruv

YOU SENT THE LINK IN THE FUCKIN PUBLIC CHAT BRAH

UNREDACTED, HYPERLINKED, READY TO GO

why are u screaming bro

Discord's moderation at it's finest

🔒 Message has been redacted.
-# You will only see it if you are a VIP+ member of HackTheBox.

i can understand u just as well not screaming

nvm deleted it

Because you're not under the gravity of the fuckin situation lmao

Anyway, if you got this via Whatsapp whoever sent it is compromised

Because he's freaking out cuz he thinks a dumbass would click it

Are you in South America?

And infect their computa

this is is a hacking server no? people know more than well not to click random links

ig its from a russian number

yea im the dumbass

There's been a large amount of this shit affecting countries in South America from Whatsapp

nop

@wicked iris can you dm me the number that sent it

Dude

You're not qualified

Knock it off lmao

-_-

more than aware of that

Anyway, this looks like ClickFix campaign to me

This normally looks like this

But it has a bunch of mutations and variants obviously

what is that

Effectively the goal is to coerce the user into copy pasting malicious powershell

not bad

And run it via the windows run dialog box, win R

thats the site?

No

is that a different virus or phishing link

This is an ongoing malware campaign that shares indicators with what was shared from etsos

oh

+7(8443).... got from this numb.. not pasting whole number since pmdev is so cooked

yea i was gonna say, cloudlfare just makes u click once

Doesnt super matter where it come from because phone numbers are easily faked

dont paste in here

not even in dm tho :}

bruh

its not even a girl's number dude

why you want it

Anyway did the message contain anything else or is it just

The powershell command

for fun

nothing else

Damn they're getting lazy as shit huh?

is there any way to inspect the link without opening it

Threat actors suck

No

i have a spammer kid's number if u want it for fun

No

Do not share scammer info please

Why this chat feels so dead rn

no tf

why would i want that

And with idiots except @molten bobcat

I mean I woke up like 45 minutes ago

Y'all making me do my job before my shift starts damn

Damn dude

Get yourself a cup o' coffee

I got some tea I'm vibin

And please, turn on Do Not Disturb

for timepass tho he tried to sell me ps5 from 7 seas away

🇺🇸 rsa 2022-08-25 13:20:38
(3 years ago)
web spam ddos

It's incredibly dangerous to attempt to do malware analysis if you don't have knowledge beforehand and an environment set up to safely handle things

Because you'll just infect yourself

Like, I can teach you how to do this analysis if you want

Always check before going dawg

But you HAVE to do shit safely

it's a web spam ddos

No it's not.

Read the powershell. That's not what it does.

not the command

The command is all that matters.

the IP is reported as a web spam ddos

That's just the host the file they need is sitting on -_- whether or not it was reported 3 years ago is not relevant information

Because IP addresses can change.

wth is going on I leave for a minute and I see ths shi

Lmao

btw is turbo vpn really safe or just something

💀

Most VPNs accomplish the same thing

I used it while logging to dark web

I can't with Huawei drivers bro. Like Why the fuck would you need to load 6 different drivers to the kernel, in the right sequence, then load some obscure firmware loader and load the firmware to the wifi chip, then load another initialization binary, and then echo a very specific code to > the wifi chip, for it to wake up and show the WLAN interface for 10 FUCKIN seconds and then dissapear again.

why are u doing that

PS.Agent.bx!crit

hey I didnt do anything

Oh hey there

It's clouds fault

wsp

just wanted to see what's on it

Why not using Samsung

I'm starting to get used on Python

nothing good

Ts really easy

Because I don't have a spare Samsung

you're using AI right?

Mah

Nah

yea just filled with .onion links and nothing's free to watch

I'm watching tutorial on YouTube
But that one is a bit different than others

try NOT to use it to write code at the beginning

and build something

wat

I don't use it at all

Because I don't care

yeah just to learn

Nah dude, I'm just writing things like
a = 1
b = 2
And you just make them +

That's all

xd

aright

I'm gonna start from the beginning

did you even use ahmia, candle, not evil?

Cloud don't you work for china?

😕

wym

donuts master you like donuts right?

tor search engines

Tor doesn't have search engines

used duck duck go

yes

Not even 10 minutes into my shift and there's impacket lateral movement

Classic.

yea you arent on the darkweb yet

bruh a chinese or japanese man sent me frnd req

lol

I use Vivaldi

I was on it :}

Chrome suck ass

someone forgot to change the default command line flags

ok

Bragging about dark web access is stupid as hell

wang_chuanfu7531 <--- wtf is this

huh whos bragging

Tor has link directories or things like Ahmia which basically have manually submitted links to websites

no no just got .onion links and visited a few sites on them like hire hackers

They're most definitely scams lol

@jovial sapphire are you even real?

https://giphy.com/gifs/scandal-box-republic-cV3tHFa69CNj2

what about torch and etc i thought they were called search engines

@cerulean bloom

Torch?

we have fake donuts in our coutry

its a search engine but i guess not

its a search engine not so safe tho

i dont think anything about the darkweb is safe

nvm i used israel;s ip

its just boring dont visit

i never go on there

If it's a "dark web" one then no. Because search engines by design work by crawling the web and onion sites, by design prevent this behavior, so people have to literally submit the onion links to these, "search engines" which is why searching something in a dark web search engine only gives you results from like 0.05% of the entire database.

why would you

darkweb is just a collection of .onion sites nothing else

So is the normal internet

its just hidden links

Just a collection of regular website

but there''s illegal stuff tho

theres illegal stuff on the regular internet too

I am thinking to order YOU from dark web XD

my infos probably on there somewhere

i wonder, how can you remove all your information from the internet

@west venture are you free at the moment?

I'm free for like 10 minutes why lol

Then I go sleep

@wicked iris

can you write a mock test?

What's that

just my clg stuff

kindof homework

You want me to do your homework?

maybe ig

echo 'surrender on Faraday for @supple plume ' 2>/dev/null
cat cur_progress.txt
1/7
cat reason.txt
user is so dumb

keep going

this fortrss is very cool

alright

echo 'd3v is motivated by @supple plume ' 2>/dev/null

What's the point of doing this?

doing what

stupidness

talking in pseudolinux?

Why you echoing shit to dev/null?

because is fun!!!

btw dc is safe right? I wont get hcked just by accepting a friend req

Im echoes and he is dev/null

xd

It is not fun it just does nothing

https://giphy.com/gifs/movie-austin-powers-international-man-of-mystery-l1KVb2dUcmuGG4tby

why not /dev/urandom??

Honey trap

mv /dev/urandom /Candy29

/deez/bowl

bruh

https://tenor.com/view/eldoggy-gif-759632917630624940

echo "lmao" > /dev/null
✨ Nothing ✨

😠

your server's chinese guy sent me frnd req and dn what to do'

SELECT * FROM DEEZ_NUTS;

echo 'welcome to the family' 2>/dev/null

https://tenor.com/view/he-made-a-statement-statement-dog-clowned-trash-opinion-your-opinion-gif-15033044919438935088

echo 0 > echoes/of/whoami/power

We know he's special
So we allow him to do anything

ERROR 1064 (42000) at line 7: You have an error in your SQL syntax;

Where

grep '29 CANDIES' Candy29 &>/dev/null

will you

sudo mv @west venture /tmp
sudo reboot

Idk will I

😂

reboot now

me when I use your website's search bar

thats like not straight farward NO

bash war 🪖

sudo cp -r /tmp/* /your/walls

rm -f /usr/bin/sudo

https://tenor.com/view/punch-in-the-face-you-gif-13111091

I can't sorry lol

alias wrap='rm -rf' && wrap Candy29 && echo 'Deez nuts' > Candy.exe

Mike Tyson called

cd /proc
sudo kill -9 *
will this give flag?

alias ls='reboot'

https://tenor.com/view/angry-angry-monkey-throw-computer-throw-laptop-laptop-gif-456530927827971825

Stepped into something sticky then?

import time
import random

def generate_melancholy(depth):
"""Recursively generates a lonely, fragmented story."""
fragments = [
"the silence", "a cold wind", "fading light",
"empty chairs", "forgotten letters", "dust"
]

if depth <= 0:
    return "..."


scenes = [f"{random.choice(fragments)} in {room}" 
          for room in ["the room", "the hallway", "the mind"]]


return f"{random.choice(scenes)} {generate_melancholy(depth-1)}"

def emotional_engine(stages):
"""Simulates a slow, emotional breakdown."""
echoes = []

for i, stage in enumerate(range(stages)):
  
    thought = f"{generate_melancholy(2)} "
    echoes.append(thought.upper() if i % 2 == 0 else thought.lower())
    
 
    time.sleep(0.3)
  
return "".join(echoes)

sadness_output = emotional_engine(4)
print("--- LOGGING EMOTIONAL STATE ---")
print(f"Memory Log: {sadness_output}")
print("--- END OF LOG ---")

no vibecoded shi

Cill bro this is programming

echo ' he uses chatgpt' 2>/dev/null

logging emotional state

send the whole gpt conversation please, freely dump it here

sudo pacman -Rns @silver sinew

Chad gpt

nah it was today's topic in CRT

echo azomax > /dev/null

Ass

Dont ask full form of CRT pls

rsync --trust-sender gpt > /dev/brain

Cathode Ray Tube

Gmorning azo

-_- nop

Then idc

/dev/ass

its campus recrument training

Helooo

https://tenor.com/view/elmo-fire-hell-gif-14872351201149645488

Imma make this directory lmao

Back in my day, CRT was cathode ray tube

its texas

I learned a wtfbin today

J

Hi

/dev/ass sounds so rad

Not allowed

Mods gonna beat u

NO PERVERSER ROOT

chat gpt write me a funny bash command so I can be cool in htb general channel

Hi Shadow

https://tenor.com/view/best-meme-slap-gif-13782248

Hi kraton

why doesnt my shell warn me about no preserve root

Long time no see

You said my name

Incorrectly said but still

🙄

I called out 0x one

Oh

Ok

I don't call u that

I AM THE MOD 😈

Unlucky

You are kreatone

Anyway gonna sleep

https://tenor.com/view/cheem1-gif-20472638

Gn

Cya

Keratin

https://tenor.com/view/long-hair-hair-fabulous-silk-smooth-silk-gif-6727254716065808112

pip install yourmum -break-system-binaries

Not enough space 💀

I told him countless times to make it super cool. I guess I need to change AI 😩

I was gonna say that broo

Goonnight

Two late

CREST registered tester

whats about trying to use your intelligence

campus recrument training

I just want my exam results

Chatgpt wouldn't give u anything dangerous tho

any cmd to delete useless files?

The one u did few weeks ago?

CDAS ?

Yeah

rm

fail

del?

Damn i thought the one you did might give instant results

I turned my exam in on January 29th

Hope you good luck, you deserve it

Apparently I swapped it for a zillion dollars so I guess the only thing working for me is AI

?

no like i dn my lap is out of storage without even downloading anything

sudo rm -rf / --no-preserve-root

is that only me or htb's vpn is very tired lately ?

yeah so delete whatever you want

😒

there are just device files nothing extra

Just in case you don't get it, don't run this command

still storage is missing ;-;

why new comers lies a lot and say no sense shit

Just go do pterodactyl

not trusting you anyway

Oh

2Gb filled again for no reason -_0

@austere sinew

@west venture should you tell him why

oi is there any way to get paid apps for free?

Obviously

As long as u don't pay it's free

Take your mom's CC

bruh

Because

I need a app named : SolidWorks

Nah my mom doesn't even have CC
I'm pretty sure no one in the family does 💀

Did u get a job?

where to type it tho?

I have so much credit card debt

3YOE of CTFs
And that specialist is your profile i assume

Fair enough, which team are u in nowadays

Namw

@vestal nimbus can you find the app solidworks ? like free download?

Oh ? No one checks that in team lmao

Trol

have to use it for designing

Yeah we are kinda active
Very busy life so we do it like in 2-3days

Not as active as used to be

but it costs a lot

Not really we have work
So priorities

All i care about rn isnto het out team back to #69

It was stuck there for long time

@cerulean bloom what do you think full set of cses covers like if you complete it what can you expect ur cf ranking to be?

Hehe some did tried prolabs
I gave up, C2 aren't my thing

echo 0 | sudo tee /proc/sys/kernel/randomize_va_space

Hmm might do that

Nowadays I am busy 7 days at work
Sometimes even upto 12h
Very hard to find time to do random stuff

Probably

I been doing weird stuff 💀
Too many stuff

damm 60 usd for the app ;-;

You sleep

@supple plume another game?

Go to sleep

Sysadmin, lone soc (have yet to understand it and setup properly), dc infra support, etc

maybe in 10 min

Another what?

Not kraton 💀💀

lol same basically u gotta do everything atp

https://tenor.com/view/otter-blanket-sleeping-covering-cold-gif-24001511

this is unfair

It is fun but tiring, I've contacted one of my friend and been asking stuff from him instead of going to academy and learning properly

https://tenor.com/view/house-of-the-dragon-rhaenyra-targaryen-emma-darcy-this-is-the-highest-of-treasons-treason-gif-26966183

yeah but its hard to learn valuable stuff because tier 1 support always send some bs to you this guy said the vpn was broken in the firewall 🥀

Hmm not really
And that's not what I do
I said lone cuz there's not really anything properly setup, so i just look at siem , find those VMs / computers, check around for stuff and fix it needed to
Watching tickets /incidents is just the part of L1 soc

bro u overused this gif

Hehe i am L1 to whatever comes at the end

imagine i rdp into the server and see there is 300 kb in the ssd and this guy told me the vpn was broken

😠

insmod yourmum.ko
insmod: error out of memory

https://tenor.com/view/house-of-the-dragon-rhaenyra-targaryen-emma-darcy-this-is-the-highest-of-treasons-treason-gif-26966183

When does cube talks happen?

Hehe i haven't had anything annoying to get it
Fortunately the whole project is internal so there's no internet traffic
Not chaotic, probably the best environment to learn

Time?

Check announcement

It's on Friday

Find the time there

Ye I remember

Yeah uhh aren't u Egyptian or greek people (idk what to call it)

Rome maybe

Tutankhamen

Have you seen Egyptian mommies

[  42.771983] Kernel panic - not syncing: Fatal exception
[  42.772104] CPU: 3 PID: 1876 Comm: kworker/u16:7 Tainted: G        W  OE     6.7.4
[  42.772268] Hardware name: Generic x86_64 (BIOS 1.16.0 12/01/2025)
[  42.772412] RIP: 0010:do_page_fault+0x2af/0x4e0
[  42.772533] Code: 48 8b 3c 24 e8 91 6a ff ff 48 85 c0 74 09 <0f> 0b 48 83 c4 28 5b 41 5c 41 5d
[  42.772811] RSP: 0018:ffffb90003c03d98 EFLAGS: 00010246
[  42.772939] RAX: 0000000000000000 RBX: ffff88810c3a4000 RCX: 0000000000000001
[  42.773112] RDX: dead000000000122 RSI: ffff88810c3a4000 RDI: ffff88810c3a4000
[  42.773319] RBP: ffffb90003c03dc8 R08: 0000000000000000 R09: 0000000000000000
[  42.773538] R10: ffff888100000000 R11: 0000000000000000 R12: ffff88810c3a4000
[  42.773765] R13: 0000000000000000 R14: ffff88810c3a4000 R15: ffff88810c3a4000
[  42.774008] FS:  0000000000000000(0000) GS:ffff88817fc00000(0000) knlGS:0000000000000000
[  42.774288] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  42.774521] CR2: 0000000000000008 CR3: 000000010c21a000 CR4: 0000000000770ee0
[  42.774795] Call Trace:
[  42.774912]  <TASK>
[  42.775028]  handle_mm_fault+0x1c7/0x3a0
[  42.775168]  exc_page_fault+0x94/0x1b0
[  42.775303]  asm_exc_page_fault+0x26/0x30
[  42.775447]  </TASK>
[  42.775578] Kernel Offset: disabled
[  42.775702] ---[ end Kernel panic - not syncing: Fatal exception ]---

nice wow amazing

Yeah

Fat exception indeed

why is kernel panicking at me

*cries*

Easy yes , but time consuming

It doesnt say time anywhere

Maybe don't threaten it

Breh message time

When it was sent?

It would be the same next week

For me it's 9.28pm

i didnt threat it!!??!! how can i threat it if its in ring 0??? >:(

Oh yeah yeah you're right

Ok perfect

Bc your in ring -1

That's what someone who threatened it would say

what how

intel SDM said there is no ring 0

???

did they lie to me again

See it's even trying to handle it's own fault
And is too nervous so making typos

https://tenor.com/view/bunnies-what-confused-meh-gif-13712192

Whenever a kernal panic happens, you should delete your init script and rewrite it from scratch

i blame the ram

im very angry at the ram now

it fed bullshit into the cpu

Fellas

Is there any youtube video you recommend for pentesting?

||@supple plume fuck u ❤️ ||

if not walkthroughs then no

check ippsec

No its not walkthrough..

Like how to think and what to do..

do academy

I feel like videos on the subject can be good entertainment but its extremely rare for it to actually be a useful learning aid

Im halfway done with CJCA

hacking is a pretty text heavy field, best to get used to text heavy sources

Bro what is this emoji 💀

”Access granted” 🥀🥀🥀 @supple plume

good book

I'll give you a broad example.. kinda
https://www.youtube.com/watch?v=oWRI6xKEZMk

Because I cant quite explain

The facs that people say "its not possible to do this in Arch use a kali Vm" and they dont even think about the existence of docker is sad

havent watched the vid

but i am pretty sure a 15 min vid wont cover how hackers get in

|| ||

|

You get what I'm talking about tho.. no?

bro 💀

i just dont recommend yt videos for pemtesting

What do you recommend?

text

and labs

Because me personally months ago I even struggled with the very easy boxes

I had to drop them to finish cjca first

uh

sup

i just started using htb

hi

bro?

@tidal musk we can play now

that's how a easy ctf goes

Fucking finally stuffy replied to my dm 💀

so who's stuffy?

How come he isnt in this server this dude is my messiah in hackthebox

This wonderful man

https://www.youtube.com/watch?v=TEI-edcEzPE&list=PLrTDbBs5YRrEb3sXDF4sRSBrHryRNecme&index=32

wdym

||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||

||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||

||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||||​||

empty

@lofty marsh you keep throwing YouTube links at us like were actually gunna watch that shit

@devout sail

can u check dm's?

https://lichess.org/Ufm6Hspj

man i cant do it

fuck

Sure

Im just giving examples vro I'm bored explaining

I cant explain who stuffy is he has to see him 💀

@lament shadow delete your message

You're not supposed to post flags from challenges

@lament shadow what cloud said

i deleted

you ask about YouTube videos, people say that nah vids arent really the way to go, you post a random vid anyways, mention a person. get asked about them, and instead of saying anything you posted another random vid.

it's not a real flag

....

it's a made up one

😭

I didnt post 3 videos first of all, I posted 2

im saying how the easy CTF's goes

And second of all why did you get pressed? 💀

because if you keep watching walkthroughs you wll never learn

anyone able to help me with the pterodactyl box

#1469754264372117698

Hey guys hope your doing well what labs should I focus on when I completed the Linux fundamentals module

Any response would be much appreciated

I didnt say you posted 3. you really do need to work on reading

Dude why are you talking to me this way?

I hate youtube 👿

And also I asked golam not you

Yeah anyway no hard feelings tho

Im just giving you some shit, dont take it hard lol

From further away your profile picture looks like a roll of toilet paper

xd

i got confused

blunder

thank god

i was running out of time

xd

🥀

gg

gg

any hacking today?

bipolar game

Is that a compliment?

yall analyze chess like it will solve world hunger

Do u in any chances love toilet papers?

the computer did

so any hacking today?

nope wbu?

I wrote a fake report about a box and finished the Faraday fortress

i mostly only do bug bounty on weekends

oh cool, did you find anything ?

last saturday i found one on crypto.com

dange really?

that one pays good

https://tenor.com/view/cat-nod-cat-nod-cat-nodding-cute-cat-gif-23793862

🔥

yes ✨

but still no severity change or bounty

Does ippsec help you guys in labs?

I can't hear you with all this grudge

😋

at least i dont think its duplicate anymore

incerdible itch to ask what it is

but i know you cant share

i can just say

didnt even need burp suite to find it

🥀

💀

lol same

i have had days like that

tbf my nasa find didnt use burp either

u got nasa?

nasa = never eat salad again 🫃 🍔

ye, nothing crazy cool but I wanted a letter

did they give u it

yup

what was it

leaked creds on one of their gitlab instances

@rancid snow twin <333

so found just by good ole reading code

i only have 3 xss and one of them is out of scope so didnt report (all combined)

P1 is rad

whats rad

I don't have any offensive accomplishments

from the git sources?

rad means cool

I was chasing down some other interesting leads but moved onto other things

isnt token leak also p1?

yeah

wasnt a token in this instance

omg

it was the git auth bypass report

i remember seeing it somewhere?

http basic auth hardcored password.

no lol

was it #community-content

what priority u got

idr let me check. I didnt even notice when it was accepted because I was ghosted gor 3 months

HTB STOP SENDING ME EMAILS THAT ARENT MY EXAM

fr they got 24b budget and sitting on bean bags

It appears I have solved

Or at least performed investigative work

On 556 cases so far

one day or day one twin?!

I'm a defensive specialist

what achievements do they get

The company doesn't get ransomwared basically

LOL

but is there like any badges or whatever

But uh, as far as achievements I guess I've caught a criminal before

P2

its blue

https://tenor.com/view/beyjira-gif-21211690

how long did it take u to find

I aint complaining. It was totally possible the creds were invalid too. I didnt check because they belonged to a specific employee and that was out of scope

whats it about

was like a weekend

poking around nasas 50k+ subdomains randomly lmao

ong i didnt even know where to start

infinity subdomains

?

Its why its a good program for real world practice

hi guys

the search space is so vast youre bound to find something if you actually try

u do hackerone too or only bugccrowd?

I dont really do much bug bounty at all tbh lol

I just specifically wanted a nasa letter for reasons

wanna collab

lol

then u tell people u got it and they think ur lying

🥀

Just share the letter lol

thats what I did

h1 in 2026?

h100

Sent to my family lmao

Hai ✨

IT SUCKSSS

I'm cold

I already reported it in the OBB; I have two bugs there.

it steals your reports

I do want a cooler bug though so I might go back for another letter. But I have toi many other projects first

not only that it makes the poc and details trash

lets get pentagon twin?

or cia

Doing a low key pentest for a friend this week for a homelab hes running

I think once I have my CDSA I'll just collapse for a while

I dont expect to find anything for him but mainly acting as sanity check

unsolicited freelance pentesting?

I'll be getting my CPTS soon.

😭

Lmao

Nah Im just not charging him

Unsolicited means no one asked for it

Yeah he approached me about it

so i went to the domain for pterodactyl box but its not connecting?

can i verify if your defending services are adequate?

Hey mad how long did it take you to get results on your exam

Do you recall

The interesting part isnthe proxy into the lab is on some AI forward hosting service that has an open but bounty. So If I find anything Im expecting it to be platform related lul

They are

like 2 days for me

Ughhhhhh

fine i believe it

Which exam?

CDSA sir

they were much faster when I did my exam

I'll tell them to fail you, so relax

I turned it in January 29th, still waiting for results

20 business days means pretty much a month

but feb 29th comes years later

Honestly if I get a failing grade y'all need your heads examined lmao

they have way more exams to grade nowadays

Wow

rejected

maybe in the future, but bug bounty isnt my forte and like I said Im busy with other projects atm lol

I don't have any risk riding on this exam it's fine

When I did the CJCA it took about 2 weeks on average.

Ive also never collabed on anything hacking before lmao

I already have a job in cybersecurity

that is what she said

Now I'm going to do the CPTS, hopefully it won't take too long.

I have with our friends, very fun and shitposty

I especially love working with lav, she's wicked Smaht

I hope I didn't go overboard with the joke/sarcam/trolling

Ive like asked for advice but thats been it

Good luck man, hopefully you ace it

Good Night

You're fine buddy

tejas

progress

I know I nailed it haha

collabing just for team experience might be good though

I'm almost finished with CWES and CPTS.

55.x % iirc

One module

lol

r u liking it?

oops

I'm a defensive fella so it's probably the only one I'll really focus on or spend resources on

good so far, file uploads killed me

The content was great, I learned a lot

SA exercise

php

Although someone needs to be telling people the CDSA exam requires your eyes to be.. at the top of their game

or was it

too many shenanigans

i remember there being one assesment where you literally have to know php

or ur fked

my cwes was 100 how come its 76% now did they change it?

I wanted to learn wireless network penetration testing and hardware penetration testing. It's a shame I don't have the money.

Understand how windows processes and process hollowing/injecting work or you're fucked lmao

They probably added modules to it

That's usually what happens

https://academy.hackthebox.com/news/the-transition-from-htb-cbbh-to-htb-cwes-has-officially-started

oh

They probably changed something in the CWES modules.

its in the blog above

You have CWES?

i never took the exam but i had the path 100% finished on academy

now its 76% tho

Nice cool