#general

TCG

ive definitely seen worse htb chat

I am currently working on an elimination diet and it makes my brain sad

I’m just tryna make my oversized cyberdeck over here

anyone want a mega charizard X GX to trade chat

mega mewtwo?

I want my new knife to come already

this supplier

is pissing me off

i realized i could just put my cyberdeck on my.... anyways its called a cyberdick now

everytime I glance at gen chat and its just a bunch of completely unrelated meme images that arent even funny I just sigh and do something else

Lmao

You mean THM server?

everytime i look at your nails i want you to cut me with them

What in the christ

I love custom rigs like you find on r/cyberdecks where people build in Yamaha keyboard cases shadowrun style

theyre chipping

You checked the ruski sadboy band?

i would kill for this chat to just be a stream of contextless memes right now

yikes!

slayyyy

Tell me about your build

https://tenor.com/view/cat-cattitude-chat-chattitude-chats-gif-17648759

dr lima bean

i need your guidance

https://tenor.com/view/flick-off-fingers-dont-touch-gif-14087024

When you flick do you use your middle finger or index? Asking for science.

Index

flick what

middle

middle

and i flick real hard

https://tenor.com/view/purple-gojo-gif-14056894601665632756

Like this?

brath, are you supporting my idea of me ordering a steak so I can cook it tomorrow on the bbq?

I approve in his behalf

thanks

Ring finger I am a hipster

This pic makes my nose bleed

i know, i detected it

and caused it

havana syndrome

bwe bwe bwe bwe bwe

what are you doing with all this?

https://giphy.com/gifs/anchorman-kill-12zQQNVooHEIGQ

What are these devices for

tracking drones

witch hunting

radarmaxing

Go back to your cave

oh....uhm okay

ok

Getting the best AM radio reception you've ever heard

People listen to AM radio?

https://tenor.com/view/opa-the-simpsons-simpsons-het-denken-nadenkend-gif-10187058

Wow someone who actually uses a pelicom. But isn't that just a waterproofed thinkpad?

@sharp shuttle can you spot me some coax? you know i'm good for it

lmao my broswer warning me

I thought it was a big casio watch

Me and the squad

Speaking of that I've been thinking I should get a new Casio illuminator since I lost my last one at the gym

Is pinetime good yet?

https://tenor.com/view/time-waiting-gif-9197130

This casio

The databank one in gold but yeah

I had the black plastic one

Good old days

watches are for people who believe in "time"

why would you want that ugly old thing, it looks like it came from 1980

Because it doesnt spy on me

I am spiritually from the 80s

1980 is a good vintage

I used to get comments on it at defcon

If I had to get a watch, I'd get one with protection like the Gshock models

I just don't think any smart watches work with grapheneos yet

or a smart watch too that would be good, but it needs to be durable

I don't know why, but for me when it comes to buying things, durability = quality

Random chess link the one who hits first plays against me

https://lichess.org/ca6kVCOv

if I can throw it off a building, and it's still in one piece, I will value it more

Lmao I actually just took off the top layer to my keyboard and want to do something with it to add to this custom setup I’m making (which is gonna be made out of pure steel if you haven’t seen my picture earlier 😂) I’ll show a picture of the keyboard thing too and you might probably see the vision I have, I want it to be like a interactive panel I guess

I did, was alright but I dont think my cup of tea

https://imgur.com/a/YNzfiD8

This is the keyboard thing

Looks cool I rather use it for my own thing than the keyboard it came with 😂

Like I wouldnt be unpleased if it was playing around me, but I aint adding it to my playlist

I completed another section yesterday gonna do another today. I’m gonna be a CWES at some point in the coming months. I’m psyched.

nice, good luck

I’ve been recycling a lot of technology interiors and exteriors lately

dont change your mind to do something else! stick to it!

That's a cool design a lot more serious than I usually see people do

the picture makes your hand look like that of someone with liver damage

I got access to the resources figured why not so I’m using all the scrap metal from my job to make my own pelican style case but it’s gonna be much heavier but definitely more damage proof that’s for sure 😂

Well, I went my own route it’s actually going to be nothing like a pelican case tbh

It might end up being pretty heavy if you use steel instead of aluminium

Lmfao

I’ve never welded aluminum

I have to learn that still 🤞😆

I hear it’s simple just never done it myself yet

If your hands look like that it means you're dehydrated

Drink some water

What do you mean I drank 3 monsters today

(Jokes)

I mean, the amount isn’t. But my seriousness towards it is 😂

😩

2 more on my desk right now man they callin my name

I can’t though that’s dangerous

I gotta stop buying so much at once, them deals make you wanna get 6 each time you open the damn fridge 😂

What’s yall drink of choice when computering

If I reached my monster cap for the day I’d say apple juice 🧃 😂

Water

Flavorless?!

😂😂

Or red bull if I'm crunching but I tapered off caffeine so I try not to

Team water

Alright alright

I know Poseidon sent you

Monster isn't bad, they don't put betaine in their drinks afaik

but I'm more of a Celcius guy

they just got better flavors than monster

I’m honestly obsessed with the taste

I’m mad that it’s an energy drink

Because of how good it genuinely is to me 😭

Facts I gotta venture into Celsius

I haven’t tried them yet

drinks with betaine are irritating

Actually I miss german energy drinks, 28 black is the best I've ever had

That shit sounds deadly 😂

This is my shit right here

They deadass got a drink called liquid death too I haven’t tried that drink either yet

i haven't drank energy drinks in over a month; that makes me one month sober

liquid death is amazing holy shit

It looks like u gotta be wealthy to drink that

Like they serve it by the sip at restaurants or some 😂

and there's me buying cactus tea

liquid death may be expensive but it's good selzter water i fucking love it

Makes me wanna try it ill have to get one next time I get my monsters haha

I like bluechew

the grape flavored one is the best

Bro ain’t that the god damn

😂😂

Liquid Death was originally just water marketed to look like beer so people dont hassle you at parties for not drinking

Grape is best in general omg

I think that’s the one flavor monster hasn’t tapped into yet

And I don’t even think they know tbh bc why tf not

have you tried viking berry?

I had one the other day

Voodoo Grape

it was good

They have a purple but it doesn’t taste anything like grape to me

Ohhh really

I gotta look for it

I think so

monster has a lot of flavors

I’m picky and stick to my og’s

AAT

NO WAY

its one of the juice ones

oh

Best monster is Irish cream

she tried the impossible

it tastes like cough syrup

had it yesterday

I’ve been on the orange creamsicle one ever since it came out

That’s what I had 3 of today so far 😂

I liked voodoo grape but I dont normally reach for monsters

I used to drink 3 monsters in high school

i was crazy in high school though

I have to get that one like grape is my fav flavor in the world

Usually Im a spritzer from a local coffee shop kind of person. Or a berry rockstar of some kind

My friends and I used to stay up all night drinking rockstars and playing SSBM in high school

Haven’t heard rockstar in ages

spritzer is fun to say

I haven’t heard rockstar since I was a kid and thought GTA made them

cherry watermelon lotus spritizer is the shit

Best Celsius is orange creamsicle

lol imagine being a kid and drinking rockstar

that probably tasted nasty

Isn’t it like coffee I heard someone say that once

It’s more of a coffee in a can type of thing

Idfk if that’s true

It's alcohol

Rockstar? really??

I never knew that

yes you would'nt be able to buy it as a kid

Omg

Wow

No, rockstar is not alcohol

and if you did the store owner would go to jail

Jeez

They don't allow kids to buy it because it's an energy drink

what it do friendos

Grindin
Sippin
Dabbin

Oh you wouldn’t believe it we’re just morphin arou- wait a minute you might believe it

oh rockstar is not alcohol

wait then wtf was i thinking about

4loko

I converted the github advisories dataset into a sqlite3 database then I built a microservice on top of it. then I made a runbook to use the microservice!

YEAH 4loko

Probably that haha

i swear hallicon

THINK

4loko is for savages

Like straight up savages

😂

https://tenor.com/view/four-loko-drunk-mickey-mouse-chilling-gif-16195503

They don't make 4loko like they used to

they actually do, again

for a while it was not an energy drink anymore

now its back to old recipe

of heart attack

I saw an interesting project where they watched NIST CVE and github security advisories, and there was a notable time gap of ~24 hours. SO they had ~24 hours leg up on competition to patch diff and get the first exploit out for BB farming

Oh I had this question last night

very interesting, which one was faster? 👀 i wanted to use a service like opencve but their rate limiting was really strict

thus I built my own

Do the labs usually have them cves that you gotta find to take advantage of or mostly not or never at all?

labs cannot exist without the cve published first

a lot of them do; others are not CVEs you just have to know some concepts

depends on the labs

if the player cant google the answer quickly, its bad design

its not unusual for tougher boxes to have custom apps, so no CVEs to look for

That’s what I mean, I’m just starting out so I haven’t had to really do anything that involved me searching up a cve and acting off of that but now I think I am up to that point in the most recent machine I chose

Ohh ok

its a very common workflow to get used to

start operating

at that point you are a red teamer

not just a babies first pentestwa

Ah ok I was just curious because I be searching up version numbers and finding cves for them but then I’m like I’m pretty sure the lab im doing isn’t even looking for this 🤣

Theres no really much more advanced out there. You mostly start doing your own shit.

Ive heard good things about CRTO and CRTO2 that someone might be interested in, but I wouldnt necessarily say theyre any harder.

Kinda by their very nature theres a skill ceiling to certifications that doesnt match the real world ceiling

CRTO is not hard at all

its just learning cobalt strike and C2's

the hardest part of crto is malleable profiles

its always good to verify though.

Most writeups leave out the hours of work trying shit that doesnt work or research dead ends.

Find happiness. Work for 30 more years. Etc.

30 more years?

damn bro

i give us 5

😛

My roommates are on vacation for a week and ive been just walking around naked

Its so freeing

dope

nice

Yea i think i just got ahead of myself i only have 2 flags lmao I tried the variatype machine cuz it’s seasonal I wanted to participate haha

Once you are at that level, you should start to know how to self-learn to improve

Did u root variatype?

Im gonna try it today

Somewhere along searching the page contents I saw the web server version and decided to search up cves for it and found one that stood out but been having real trouble with it since my education doesn’t go that far haha

15 if we push it to the limit and grind hard

Naw not even close I don’t think 😂😂

ohhh long johnson

some of the best ppl in the game dont have degrees and just write code and experiment 24/7

https://tenor.com/view/funny-cat-oh-don-piano-oh-long-john-talking-cat-gif-3476911

the best hacker in the world is probably working at pizza hut rn waiting for the final bankruptcy call to come in and find a new job

this is only true for ethical hackers

but it is true

Yea I be trying to think outside the box that’s why I ventured into variatype with the little education I have so far; I had some hope haha

I mean I have work to do still when I go back to it lol I just happen to open this damn site at 1-2am every damn night and can never actually do something

its good to challenge yourself with things you think youre not ready for

Gotta go through the list of subdomains and directories I found which I fell asleep while waiting for it to find em cuz of how tired I mf be 😂

no one will use it
but if anyone might will it scale?
the questions we ask everyday

Exactly gotta let things humble you every now and then or if it doesn’t humble you then it’s teaching you 😂

Which are both good and impactful 😂

it was wrote in golang so maybe it could but idk
it performs okay for me i dont want to worry about KPI's for a proxmox cluster

I give off psycho hacker vibes with my setup but I’m just working with what I got tbh and am noob

Good at programming noob at hacking 😂

https://imgur.com/a/bnzhGRo

😂😂

is that the drift missile??

this build is still going strong homie 💪

since 2017 I've only upgraded ram and the gpu

gotta yap somewhere else now bbiaf

there is something beautiful about imperfect designs

My PC usually has the side panel removed and the power supply hanging halfway out

It shows you care haha

putting this on my dating profile

It means tlc has been applied recently 😂

I read that as thc

https://tenor.com/view/thumbsup-gif-7898013112152516098

That’s being applied too as I wrote that message

Handy dandy cartridge in the hand right now

Boutta shower and get all this metal dust off me

Welding is fun but real freaking dirty

The funny thing i like to think about is how I’m going from being a welder who knows how to program to trying to learn how to hack and solder now, it’s like different variants of both of what I already did/do 😂

Not a variant for the hacking part though, that’s a WHOLE new world bro like holy

I genuinely thought I had a chance with being good off the rip being a programmer but really only the networking shit comes in handy for me since I did a lot with networking in the past with MySQL and Apache back in the day

And I mean, now that shi outdated af anyways 😂😂

https://cdn.discordapp.com/attachments/473704842104143902/1484224657950249000/20260319_214736.jpg?ex=69bd736e&is=69bc21ee&hm=635d1964c03656db5947085f64c8a104a80d062527729114cf08f3cf13520749&

What's the last icon?

Haha

Tumblr

Art stuff ic

add your THM 1% profile link here

That’s funny placement 😂

I'll add HTB and thm

Is this your site

Why would I ask what T is then 💀

The T means

echoes!!

tumblr 😄

The placement of those icons can’t be coincidental

I genuinely thought it was a meme

Thought you was just messing around on your own site 😂😂

not hard to get top 1% of THM

Yeah that was supposed to be a joke

Roger that!!

https://tenor.com/view/thats-the-joke-ranier-wolfcastle-mc-bain-the-simpsons-stand-up-comedy-gif-4372917

rat's color has changed

I am not a mod lol

top 1k of thm is a bit harder

but not terribly difficult

WHy not??

I stepped down months ago.

I see. and now it says you are new

Welcome back :D

wb rat, you were missed

Welcome back rat

GO TO BED SPARKLES!

It’s only 21:12 dad

dog pics!

Bad boy

what are their names?

Millie

You can see more of her in #htb-pets

I'm always waiting for new pics in that chat

htb drags us all back eventually

best chat ever

🙊

omgg

this is my duo

what can I do useful on cyber if I only have 30 min

could be studying or reading something

organize your notes

write a song

I dont have notes

Sell courses

that doesnt help to study cyber

can't do that in 30 min

make it about sexy robots

read an article

good, can you suggest a good one?

web related please

https://echoesofwhoami.github.io/CurlSwiggerLabs/jwt-authentication-bypass-via-unverified-signature

I like the watchtowr labs writeups on vulns

most of them are web based enterprise software

@static pasture

hahahah

what's that

do I look for watchtowr?

https://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/

Hi

thanks

https://tenor.com/view/eating-tit-robert-e-fuller-devouring-food-consuming-food-gif-1912732815565717362

If anyone is discouraged about the prospect of getting into vuln research, remember that people will find a vuln and then not bother to check if its server equivalent is also vuln for over 20 years.

"Surely someones already audited this critical piece of code in this extremely widespread tool at some point over the year???"

yeah and when everyone else also assumes that then nobody checks

oh the tool no one should have installed or enabled in the last 25+ years

legacy reasons

my point is that a lot of people discouraged by getting into vuln research are discouraged by notions that simply arent true

lots of vulns exist in placces where people just neglect to look

Gang, I'm on fone always these days.

Surely, I'll look into it.

You have been compromised Mr hunter2...

All your chats now belong to sim-- nvm that's fake token..

Hello

hey

Hello there how are u today?

I guess most of em are asleep ig

not bad wby

https://letmegooglethat.com/?q=test

Feeling confused on what to learn

Im just knowledge dumping every flavour i find into my neuron stack

What's this

The best way to unconfuse yourself is to write out what you want to learn then figure it out from there

Yo check deez

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

I want to pop shells and get paid

Got the arch burger

It's kinda mid

coulda told you that without eating it

Sauce is very unevenly spread

But when you get a bite with sauce it's good

I'm really trying to understand how I can learn better. Would you guys care to share what has helped you take bigger steps in the learning process?

Pain

Embrace it

Do more practical stuff instead of reading about theory

start practicing. see what you're doing wrong, then learn the lesson. repeat

That is what I've come to understand too. Getting stuck, confused, lost, that is all apart of it for sure. I feel like i do need more lab practice.

i feel so handicapped though

like im doing something wrong

but that doesnt make sense though because thats the learning process

what are writeups?

read the book Ultralearning to pick up on some general study habits and methodologies.

if youre not already, start using Obsidian and take notes on subjects, organize with folders.

HTB Academy is pretty good value proposition for newbies, especially the CPTS course. It does cost money however, but the student plan if youre in college is extremely cheap.

i see

i will check that out

best ui

Build your own labs. Dont just try to understand a vulnerability on its own but actually research how to download the affected version and install the software properly to actually test PoC against it

and preferably, start re-constructing the POC

Sometimes yes, im not as diehard about that as some people

not to get ahead of myself when I ask this but realistically how long does it take for the logic, just for everything to start clicking?

Some exploits require more advanced knowledge to reconstruct you might not be ready for, and just trying to understand what it does is good enough for beginners.

Lile eventually sure, but exploit dev is its own entire field and not everyone delves deeply into it

after a while you learn that there are like 4 vulnerabilities total that just take lots of different forms (information disclosure, code execution, privilege escalation, denial of service) and you just have to find the shape they take in different software/websites.

People will get mad at me for reducing it down to just 4. Maybe there's a 5th but more or less I'm right

then running the POC becomes unnecessary because you know what the result would be.

I know vuln hunters that dont actually make full exploit chains and I know exploit devs that dont do any vuln hunting at all

I don't hate this

so i'd agree with you on understanding what the CVE is, solely

I mean you gotta verify your assumptions:P

its not unusual for some PoCs to be written solely for the finders test environment and require modifications for your actual target

true

we're talking about real-world CVE examples

yes

dunno, depends how much of a computer toucher you are already

My controversial opinion is that weaknesses or bad practices arent good enough for CVEs

I saw a cve recently that was a medium for SQLi that required an admin account for a piece of software where the admin can just...download the db. I think thats an incredibly dumb thing to get a cve for and ought to have been rejected

yeah depends on dedication

too

I ate too much burger I'm ready for a nap now

@sharp shuttle have you tried the arch burger yet?

technically, yes. but CVSS score assessments are usually based on how ubiquitous the software is, which is essential for the vulnerability to be triggered in the first case.

thats... unrelated to what Im talking about lol

no i dont eat mcdonalds

i would if someone put it in front of me tho

i think you explicitly called out "medium"

but fine

which was the least important part of my example

could you give the CVE advisory link/ID?

it was a cve for a sqli where an admin could retrieve information they already had access and control over

i do think imma get some panda today

yummy

https://tenor.com/view/slippy-i-saw-what-you-deleted-slippydesnake-skyler-gif-10721741480770112366

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/community-events/community-events-158-authenticated-administrator-sql-injection-via-ce-venue-name-csv-field

Its possible Ive overlooked something but hey

I wish I could understand the point of the existence of this world but I am afraid I would just get further disappointment with that knowledge

ahh now it's clear, it probably earned a CVE because it's a post-exploitation primitive and breaks the application's intended logic

also because direct database access may trigger additional logging, but this one injects a regular CSV query which then gives arbitrary SQL SELECTs

what primitive? admins can already download the whole db.

idc if it breaks the intended logic if theres no actual impact from the vuln I just dont think it really qualifies for a cve

I toss out those kinds of findings when I'm hunting lol

pair it with a privilege escalation bug --> you gain admin on wordpress, silently exfiltrate sensitive data, but tbh your opinion is fairly reasonable, not every bug requires a CVE

has anyone taken the cwes here, if so how long did it take to grade?

if you want to match the channel topic i think there's a channel dedicated into this certificate, #cwes

maybe I should be swallowing my pride and collecting some dumb but paid cves. ¯_(ツ)_/¯

@crimson elbow thx

yeah it's not like you're not going to have a CVE issued with your name, even if it doesn't yield in a bounty

nvm its not paid lul

yikes

yeah imma just keep ignoring them lol

https://tenor.com/view/arnold-schwarzenegger-eating-noodles-dirty-nissin-cup-noodles-gif-15751892

Server is quieter than it used to be.

??

hello...I am here newbee. I want an adviser to learn ethical hacking...

Any one...to help me out?

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

Start here

I did that...then after that...?

You can find anything you want

👍 👍

show me directions

😭

Over here: https://app.hackthebox.com

But i dont get it

What don't you get?

Do i have go through all tutorials in academy?

That's too much...

I shared a labs link

Nobody is forcing you to do that

as one wise person said to me „just fucking hack bro”

This way: https://app.hackthebox.com

guys what do you think about DLSS 5

ill just come back in 10 hours when chat is alive 😔

Nah u dont gotta do all the academy tutorials. If u sit around and do nothing youll learn even more

Thanks for advicing...guys

No problem anytime bud

😊

No

Try to stay away from any sort of structured learning because it's either already out of date or doesn't fully teach you how to research on your own. HTB academy actually does a great job of not holding your hand too much tbh.

I wanna be special in one field...like defending phishing...where to start...what tutorials and labs?

I think, first I have to be a good phisher

..like purple

🧐

idk read a book

xcuse me? any bk?

no google what book u want

then read that

then why am i asking in this channel...i want better advice

You're asking in genchat, 99% shitposting. But tbh specializing in defending one type of attack isnt really all that beneficial. Defenders generally are better well rounded, attackers are more advantaged when they specialize

learn the fundamentals and then you will understand the fields better, and you'll be able to figure it out yourself at this point

if you want a real example, though: if you never want to learn programming and are just excited to click around in metasploit or something, i'd just get a comptia A+ certification and call it a day

I'd be happy to

You're a fraud

And shouldn't be here

me?

sorry ill leave

No

Crimeaflare...

That's him right there

This absolute bozo

i need help but i cant tell you, can you help me?

I'll pay you $50,000 USD to leave the server

youll pay me? I'll leave right away

😂

i got monopoly notes if u short @molten bobcat

no

can you do bitcoin?

phishing isn't hacking vro it's just being manipulative

manipulating human trust precisely

its literally just social skills

normal social skills is highly manipulative

some call it lesser magic

thats a fair synonym

it is speechcraft

you are casting a spell through uttering the right words

i wonder if theres any way a force can be done to influence a choice over another one

a force?

https://tenor.com/view/penguin-linux-gif-11642508687743950431

you mean a rubber hose attack?

idk how to word it but similar to when a force is used to force a person to pick a card during a magic trick

my gf would be an amazing social engineer if she had the interest in it

thats called engineering serendipity

you are eliciting an emotion through guiding the conversation

the cia literally calls it elicitation

and its an important skill

thats actually just called force lol

https://en.wikipedia.org/wiki/Forcing_(magic)

i know bruh lmao, i did card magic back in the day

eliciting is making them feel like it was their choice

yup thats the word

You're wrong

girls just call it rizz

the BIRD is the word

the cia has a lot of social engineering training manuals that are declassified, theyre fascinating reads

i have them all yes

https://giphy.com/gifs/family-guy-bird-is-the-word-ysnrvDaPIGXRK

in fact they are my favorite reads

I figured, I was mentioning it for the room

nah that aint rizz

yes it is

make your argument tho

i will happily break it down for you

what u defined is game

you are trapping yourself

define game

Brath wanna make a punk rock band

im a metal drummer so why not

can i be the singer

Damn i didn know u were a drummer

your lyrics better be about how legos will become food in the future

i can get mega drunk on whiskey and scream

put me in coach

rizz is essentially short for charisma

And pills

i played swing set for 4 years and metal for 3 after

it is literally short for charisma

Very cool

its the lazy mans way to say they are charismatic

No cert results today either reeee

Tomorrow is the deadline

ye so how is charisma a skill ?

no, its elicitation

S.P.E.C.I.A.L

its more of a vibe

you can manufacture rizz

game can be defined as a skill set for attracting

game is just manipulation

you do that after charisma

that part is highly practiced

do you know what peacocking is?

textbook bikeshedding

agreed

peacocking is when u try to get attention deliberaitlly by doing some dumb shit right ?

and thats why those people never have long relationships

they are extremely shallow macro game players

the sauce is in the micro

no...

what

its looking interesting

the "game" pua shit was all microgames

she does this you do that

mysterious is the right keyword you want to aim for

yes women play micro and men play macro

boys wear blue and girls wear pink

and they simply do not work when they cannot understand the other side

i specifically like to watch reality tv to view that phenomena

it does indeed fascinate me

rizz imo is just bs

whys it bs?

its fundamental to human first impression

trying to rebrand confidence

they are all their own things

I max charisma

confidence is pretty much impossible to fake

wear a toilet seat around your neck and call yourself PORK KING

you may get away with it at first

but that shit is obvious

you tell a girl "imma loooove you for hours, gurl"

lasts 4 minutes

Just cause its a modern name for an older concept doesnt make it bs

relationships are the most complex things humans partake in

new name gives additional context and liguistic style choices

the most complex things human partake in is 3D motion

if you cant fly you are pretty much positionally 2d your entire life

you cant say 'go confidence her up' that sounds awkward. But 'go rizz her up' has better linguistic flow.

Oh and your liguistic style is itself a component of itneracting with others so

sitting, standing, laying down, traversing elevation

bruh i know im not hating the word

did you recently get rejected?

im just saying they be trying too much

i just smoke weed and get money

thats enough for me in life

humans have been 'trying too much' when it comes to attracting partners for all of eternity

that literally predates humanity as a species

just learn to "hack"

buy a platinum VIP+++ ultrasubscription to HackingTheCube and the ladies will come to you my friend

i highly suggest if you are struggling with women to just talk to everybody, be that guy until you tune it into a positive experience each time

most of my buddies i see, they be dying out there for shorties only to be considered normal

then you have a framework for approaching strangers

when you realize that literally every single one of your ancenstors had more sex than you

???

i literally see her not give a fuck and this brodie is just blind to that effect

what is an ancestor

i manifested myself into being from nothing

just different i guess

its an unfair world

im being deadass im like how he just unfazed by all of this

ugly truth is 90% of lonely guys are just being stubborn and trying to date outside their league

the only true thing a red piller chud has ever said is that

women are gatekeepers of sex and men are the gatekeepers of relationships

it's all a load of twoddle

everything else is perfectly random

and the problem is they dont even are the ones who know their league, the people around them influence that

men who are obsessed with how single they are are just terrible company

agreed

also believe it or not, but most people can actually tell if youre trying to talk to them because you solely want in their pants vs actually treating them as a complete human being

^^

learn to talk to strangers just because

ye thats fucked

everybody has a cool story

Real

i never see a girl in that perspective cause its just boring dude, like u expect me to fuck u 24/7, fuck that

lurk women spaces and see how they actually talk about issues and how they deal with shitty men

Greet everyone with a pleasant countenance. Upon meeting people, be the first to extend greetings. Listen more than you speak.

ive seen people who literally are like, bro what do i even talk to her about other than "I LOVE YOU"

like its common to use more deflecting language because theres shitty dudes that will get violent if told point blank no, and its impossible to tell which dude is going to be like that in advance.

So it pays to pickup and tell when someones deflecting and knowing that it means no and its time to back off.

just be pleasant, disarming and quiet.

disarming and quiet

LMAO

some mfs dont get that, they see a shorty and forget everything else

they call me mr. charisma, actually

like u with someone for 2 years but cant even make them laugh 😂

humor is the #1 compatibility metric

its actually impossible to have a loving relationship where you dont have compatible humors. Ill die on that hill

just two npcs trying to pass their day

lmao

me and my gf can make each other laugh at a moments notice with zero effort

i got a buddy right now who literally says he loves his girl but doesnt know what else to talk about other than how much he loves her

no hate but whats the love in that i still dont get to this date

73

tldr; just manipulate yo girl happy ever after

i rather leave

people like to dance around the buzzwords

but anything but being yourself and letting everything be intuitive is just that

How long have they been together, how old are they?

people under 25 don't know what they want most of the time until after that age and realize how wrong they were about what they thought they wanted

idk how true that might be but hes 21

why is juice wrld so eclectic

Our brains are just so impressive

We store information!

Our brains are just fantastic things

The things the brain can do

yet we share 98.8% dna with chimps

so maybe not

not me

most of my dna is shared with jesus christo

pronounced "HAY-ZEUS KREES STO"

Joshua

Yeshu

https://giphy.com/gifs/television-arena-political-hzrvwvnbgIV6E

would you guys say learning tool syntax would be least prioritized? is that more of a learn as you go?

yes

Pretty much

gotcha

honestly youll see new tools/exploits for cves and u learn on the fly

really hard time bc i cant read

thats good to know

The hardest thing for me was understanding power shell syntax

what makes it difficult?

Powershell is ass

Old Billy too occupied getting the clap from ukrainian hookers to make a good OS

Or anything really

It just feels like it’s trying hard to be different lol

sounds stubborn for sure

'Rather than hand-editing 27 source blocks and 27 propagators across 6 files Ill write a script to do the additiona programmatically'

bruh even Claude gets lazy

3 years into "6 months from AGI" and already tired of this llm garbage.

Every company that boasts that their code is 80% generated is down every week and slow as shit.

Yes its easy to generate tons of garbage code.

How revolutionary

2 different prompts 2 different answers tho

Same promp diff answers.
🤡

in same model?

Yes

Do you even use this crap ?

hi guys, seems like someone pop his rev shell to me 0.0

sometimes

i was doing darkzero, and listen port 443, suddenly a rev shell was connectd

and it's solidstate box

do a wall and say "sup bro"

lol

nice bike

gsxr?

yamaha r1

thank you 👍

lol

i had a r125 and r6, love yamahas

The r1 has always been a beast. Idk how they do it.

yeah its too fast lol

Bet. I had a cbr125 and a gixxer 600 that I crashed pretty quickly lol

Luckily I crashed my ass off so many times on 50s and 125s that by the time I jumped on bigger bikes, I already knew my limits lol

sounds about right, ive been down a few times

Yea dude. Its too much. I settled on the occasional karting session to get my thrills.

no one

continuing to do this will just result in you being banned

I need a friend that can help me with world's fastest captcha solver done by AI.

That's not what this server is about, you've been told before

that dude does nothing but scam/troll and makes wild claims about fake inventions. I dont think theres been a single productive comment or even funny joke that someone else has laughed at, and they dont even have a htb account linked at all.

Basically why are they even allowed to stay here 😂

He has to be trolling at this point.

bro did nothing

angry at the world energy

Morning

I made this blog post so I'd like to hear your thoughts on it if anyone has any

https://heeeyaaaa.github.io/posts/wazuh-homelab/

He belongs in the r/masterhacker subreddit

if they dont have an htb account linked they cant talk here

they left the server

That does not exist

Well, there is "AI" captcha solvers

AI as in Actually Indians

But Gemini can actually solve captchas

LMAO

real

Artificial Indians (AI)

I've been meaning to setup something to pull feeds from BreachForums

but there's a captcha

trying to figure out how to automate that

BF doesn't exist though

Not unless you have telegram

oh it does

keeps changing onion domains every now and then

Did you know the whole breachforums site moved to telegram

Oh well

Nnnope. Didn't know that. I feel yucky being on Telegram though so I avoid it

You can just have telegram and join one of their dozen channels

Better then the site imo

Nah

Threat intel

Plus its fun to try and automate the captcha

I use it to get the latest anticheat exploits

My friend found a telegram bot which accesses leaked government data and gives you all information regarding a phone number
He used my phone number and found the name of my father, grandfather, where I live, whose the owner of my house, all that

Lol. Usually those are public record but probably not in this case

There are tons and tons of sellers on there that sell "leaked" databases but I assume most of them are malware.

How do I access those public records

Some could be legit

I use it to see if anyone is selling 0 day exploits. Then I can hit the software and find the bug myself before they get any buyers

New idea though

Still in development

No illegal discussion here plz.\

Idk, I know that usa.gov has public records

Just curious

India might have them too but idk where

Not illegal

You being able to extract my info and my family's just by phone number is not illegal?

Like all the PIIs?

Im not extracting anyone's anything 😭

I'm just saying

Just curious

not u as u

The people who claim to have these are always very very sketchy

Well unless you're accessing it by hacking anything, then no

Hi Tejas

f12 is hacking per missouri

They usually do and are north korean

And most of them who claim to sell 0 days are feds like emma

Hello Emma 👋

im gonna steal your html and css, fear me

they leaked ssns via network requests

not even special ones

backend just always sent em

lol

govt sites are usually bad

if nothing else, it gives me a motive to poke it

A question: Let us say, I hacked the government database, and have these PII, and I'm selling/sharing it for free. You consuming it makes it illegal, right?

Uhh tbh that becomes a legally messy matter whether you were in possession of stolen PII knowingly or not or buying it intentionally knowing that it was stolen or not

The guy who hacked it has committed a crime obviously, as for the customers idk

Looking at them aren't illegal. Only using them in any way shape or form is illegal

i mean the CFAA makes breaking ToS a felony

but tbh when are you ever buying PII for a legit purpose so I guess its probably illegal

lol

CFAA is stupidly broad

but you can also just buy peoples data from the DMV 🤷

How?

they sell it

Who would even get them to just take a look?

Sellers sometimes do previews lol

previews of what PII?

why?

PII and basically any sensitive info

not really

To prove what they have is legit

its not an amazon paperback book

This is the difference between the website and telegram

Eid mubrak

🤍.

For everyone

shalom

Screw hackers hacking government databases. Here, the government and other institutions are so careless that they just sell our photocopies of ID proofs, such as Aadhar, to paper recycling vendors, which then get into the possession of those who shouldn't have it in the first place.

Tejas in the houseee

Yes, in my house.

Why da go outside

They basically sell databases of PII of a vast amount of people which includes phone numbers, emails, and even more sensitive stuff. The buyer is almost always buying it for a massive phishing campaign

It is summer my friend.

friend?

i thought we were more close than that

OUCH

https://tenor.com/view/chill-baby-cat-kitten-kitty-gif-16226945

delulu u are

type fast

fast type

come on computertrash bro we are waiting

https://giphy.com/gifs/jujutsu-kaisen-jjk-hqzi6uZ3e3Q3P0JARC

Anyone who disagrees with me is a troll and should be banned

I disagree with you. Try me. Try banning me.

Promptly

dictatorship

I said 'should be'

I once found a person's ID card number, phone number, full name, address and photo of the ID when I bought some street food bc the seller wrapped my food in a ISP postpaid connection application

elden ring fan?

That is what I was saying.

someone in this chatroom bought it for me

I have got aadhar papers twice in the past

but do u like it?

i havent played it yet

AYE TF

lmao

Neither have I

tejas its ok for u mi amor ❤️

Yeah, I saw that lol

@mint raptor congrats on those 3 cloudflare CVEs, awesome stuff

thanks man, trying best to add more content on blog

sell these vuln to me next time.

unfortunately my bugs are conditional if thats not a problem i can sell some rn

wdym conditional?

how do you even get bugs in rust projects?

best I can do is look for weird OOB stuff that might cause a panic

i mainly hunt on open source right, some issues need some config / needed deployed which is not done by bounty platform, for example a bug in libmicrohttpd it needed to be deployed behind a proxy, which doesn't happen a lot right?

I see

You have to type fast

open source for life

i found same OOB in gosaml2 but single request unauth dos is still worth it

right

yeah defo

I found a unauth dos in nginx, but they said its not too amplified that they cant handle it

and said they are prepared to accept the risk

Trust me i tried its just the next step that is getting to me, but lemme try again

Breaking down what you want to its components is a good exercise.

• Web hacking
  • XSS
  • SQLI
  • NoSQL
    etc.

Then start with fundamentals

Understanding how web stuff works at a base level helps build into the logic that makes the vulns make sense

its usually the other way around

but reverse learning is good

Another fun thing is figuring out how public PoCs work

Yeah, also developing PoCs for CVEs that dont have any public PoCs yet

I did that once or twice and it was fun

Understood thanks for it

i prefer learning basic about any topic -> find unmaintained project -> try to see whats wrong with it

I know what's wrong with it, it ain't got no gass in it

I got one for you! https://github.com/Ceald1/delta2

eww active directory

im sorry im just unskilled in that

so im juust denying the existing of AD im in my denial phase

Hey, @compact acorn, can I bother you with a DM about gift card usage? I've some questions that I couldn't find in your article.

https://help.hackthebox.com/en/articles/13568942-redeem-a-gift-card-or-voucher-on-academy

AD is good stuff, join us.

I'm fixated on writing a bloodhound collector in go rn

Good morning ping @sturdy thistle @cerulean bloom

https://tenor.com/view/confused-white-persian-guardian-why-gif-10371245960573455153

because bloodhound python is too slow and there's no one else that's done it

rusthound is a thing

also sharphound is cringe because it's C# and rusthound is bad because of the rust dependencies

crates make computer sound like a jet engine