#general

anybody got that lazy chud hacking tutorial

I don't wanna learn too much

Hello... People from the underground

I've finally.. found a way to contiune on my hacking journey

😭

good this was a joke

i was shareing tools sumn said

Nihilistic mystics
Apostolic alcoholics
Messianic manics
Cataclysmic and prolific
In the age of super-boredom
Hype and mediocrity
Celebrate relentlessness
Menace to society

i saw thes in the hidden wiki

This is counter-culture from the underground
Eternal revolution, this is our sound
KMFDM, better than the best
Megalomaniacal and harder than the rest

if i were to suggest any computer to anyone it'd be a macbook pro

unless ur doing sensitive work

Hm

https://www.youtube.com/watch?v=A_DhCglA72o

but even then it depends on ur threat model so

One of the best songs by KMFDM

really judging the entire system here over the ram itself

i dont think x220 or x230 suppport nvme i could be mistaken

lotta factors

This is counter-culture from the underground
Eternal revolution, this is our sound
KMFDM, better than the best
Megalomaniacal and harder than the rest

Man this song kicks so much ass

i think my next system finna be gentoo instead of arch

Ew

Gentoo

https://ircbots.debian.net/factoids/search.php?q=gentoo&term=key

compiling might be an issue

i just want to customize as much as possible

spends (5|6|7|8|9) (days|weeks) recompiling $1, and when it's all done, $1 runs ((1|2|3|4|5|6|7|8|9|10)% slower|no faster|0.(1|2|3|4|5|6|7|8|9)% faster) than previously

Customize deez

<reply>the uninformed desire to compile everything for your particular chip "for performance reasons" despite no good reason to believe that there will be any gain in performance.

it's really stupid to spend hours recompiling everything to gain nanoseconds in execution, especially given that the pace of development in most linux programs means that you need a new version about every 6 months to a year. Can you compare the number of hours in a year to the number of nanoseconds in an hour? recompiling to save cycles is just not worth it.

Still bloats with fancy aah shit to balance it up anyways

It;s like suckless

It doesn't suck less

It sucks. period

Until you patch shit up and add features

I know I know, I use suckless tools

switched to what

it was a very stupid decision

but a purism librem 14

theyre not for sale anymore

i just thought it was cool

and why stupid

the company isn't great support-wise, i could have gone with system76, and it was a premium price for the brand

i mean the switches are cool, but that's about it

hardware switches

ig it wasn't "stupid" per se, but not my proudest decision

compiling for improved performance is about economies of scale. if it's just a userspace application for a desktop computer then yeah generally the gains are negligible.
When it's for software intended to run on hundreds, or thousands of instances simultaneously through containerized orchestration then those performance gains quickly multiply into non-negligible numbers.

As for suckless, the general principle of making a tiny module which is both easily maintainable, extensible and non-monolithic is valuable I think

they got pureboot when u could use system76 which i think uses coreboot, which is just better supported let me check

i mean pureboot has tamper resistant features

which i dont use

what specs?

didnt buy the librem key

32 gb ddr4, let me check their latest cpu

i mean yours

ye, mine has 32gb ddr4

i should have gotten 64

Intel Core i7-10710U (10th gen Comet Lake, 6 cores / 12 threads)

for cpu

i have 2 tb nvme ssd

i dont use that computer anymore

i use a system76 thelio rn

and a macbook pro m1

if you wanna do something good, gift it to me 😄

i install qubes

haha maybe bc i dont think it'd sell

i will install and use qubes there with proud

i wish i had a decent amount of money ill try to get there in the near future

can i have it then (hehe)

mickhat asked first

damnit

beat yo

@iron galleon check DM

there wont be a next time

👁️

Yo yo yo

i was first so xD

true true

Yo yo yo

Check dis out

Eggzy is in da house

my best top

Do a rebirth back to noob

Like me

what up fam?

How was the interview?

It went okay

Thanks for asking

They said they will let me know on Tuesday as he has two more interviews to do

That's good. At least letting you know something is a win.

Yeah, I'll have to go around and get leads and close sales

I don't know if I want to do it

Let's find out

I just got back from my "errands". Coffee for me. Pup cup for my dog, Kali. Gassed up the ride. Car wash. Went to Tractor Supply and took Kali in to pick out treats. She got a beef knuckle. a split elk antler and some freeze dried salmon cubes.

you are a hacker

I'm about to go to the guitar shop and pick up my telecaster clone that was getting worked on. New strings, setup and a little adjustment to hopefully keep the high E string from slipping off the fretboard.

Nice

Productive day

I have a Xiphos XPT 707 FX

Necrophagists guitarists guitar

cost me $1400

I wanna sell that

You wanna buy?

https://ibanez.fandom.com/wiki/XPT707FX

I've got Ubuntu on a 17" i7 w/ 16gb of ram to play with now

7 string

sick nasty

I play 7 strings

That's cool. I was just looking at a 7 string. I want to convert a 6 string into a .60 gauge C-tuned sludge monster

Check this out

I played guitar over a psychedelic trance song

I love the melody of it

So beautiful and serene

I'm just learning. I've been in lessons for 2 months. I had some leftover guitar skill from being a teenager but I'm trying to be more disciplined. I actually am learning bluegrass songs primarily. I have an Alvarez MD60BG that's my main rig.

Oh word

I love bluegrass

Alvarez is sweet

They make some sick guitars

I had a 12 string accoustic by them

I gave it to my roommate

The tele is one from a kit my dad made for me. I have an Ibanez Gio with dual humbuckers and a single center pickup.

Those are my main 3 guitars.

Nice

I got a Ibanez RG Series 7 string

I only have two guitars now

I used to have like 5-6

yeah, I actually decided to just practice some drop tuning and put the C-tuned one the backburner for now. Gear lust is real

Here's a pic of my dog and my ibanez and amp/pedals from earlier today.

oh it's over in #htb-pets actually if you want to see

I just got the Orange micro dark amp head w/ the 8" cab

I have a Big Muff pedal there, a Blue Driver, an analog delay and a Noise reducer

the Noise reducer is so clutch

I got a bees box

BOSS ME-50 multi fx board

and a small Marshall 15W amp

https://www.boss.info/us/products/me-50/

that looks cool!

a lot cleaner than a pedal board and simpler

do any of the machines need a bruteforce dictionary

This is reverse spoiler if i answer

finnaly did a htb box after a long time

feels good

time to sleep

( @devout sail u hear tht )

time to learn something from me

🗿

Wow! I just got a friend request from Hackthebox0405… I can’t believe we’re finally going to be friends

let me guess he is gonna send u a gambling sites link after some time

talk to him casually and thts wht awaits u(most prob)

has happened quite a few times already now

This guy is you?

dt770 pros are peak

Yes

Cool bald head team let's go

Now I know ur face , it's only a matter of time till I find ur house and then steal all ur ice creams

does microsoft rpd rate limit?

u must be lucky

I’m going to inherit millions! This prince in Nigeria just told me

buy me dinner

https://tenor.com/view/hello-chat-cat-couch-crawling-crawl-gif-27214040

https://tenor.com/view/cat-lurking-gif-22179921

same i just came home

gonna sleep

I meant to take an hour nap but fell asleep for 3 hours

Based

Make surf n' turf while bangin' Fat boy slim. This is your life's mission

You could go with this

Or you can go with that

https://www.youtube.com/watch?v=XQ7z57qrZU8

guys how to participate for giveaway?

?

they're giving away stuff?

this platform is free as it is

no i just checked lol

subscriptiom

n*

well they sometimes do but none are active

its just in the giveaway channel they will post

I'll kill for htb staff

and u react to the post

lmao

last giveaway was 2 weeks ago tho

u just answered ur question then

https://tenor.com/view/kermit-jumping-off-gif-2840901526967396529

It's joever

i mean how to participate

so they announce and we react on the message or how is it?

yes

ah aight

ty

Go get a set of goodwill speakers and a bottle of hennessy and solder a bluetooth module to it. Deep fry 20lbs of chicken wings tell me how your night went

tf

u postin' in offtopic my guy

https://tenor.com/view/super-hot-uploading-mind-freeing-your-mind-gif-14512660182813696837

Gonna make Chicago style deep dish pizza tonight

Deep dish is the best pizza chat

https://tenor.com/view/anakin-liar-star-wars-lying-gif-8634649

It only ranks slightly above Rhode Island pizza

Which is the worst pizza ever created by mankind

That and a old style huh?

Just made a new GitHub for write-ups 🙂

Eh? What did i do?

The name checks out.

heyo everyone

burp suite merch good?

I’ve never heard of burp suite merch

me 5 min ago

Buy the hat

So everyone knows what you are.

cant use hats in class

You can if youre in college

im not

Bro one

Guy I remember brought some chinese food

To my Music 101 class

Just to annoy us

i can bring food

just not hats

im also not a hat guy, i have awsome hair

Well you are dumb

debatable

Because i said so

@frail turtle i didnt mean to be mean

sorry

i js deadass dont remember

im soryyyyyy

Have to go to dinner in 45 minutes

Sorry gor what

For

about 20 min away to a restaurant

I don't know what kind of food

Quit being a sorry sod!

Hallicon leave the poor guy alone

😄

Are you in high school

System76 merch is pretty cool too.

yes

How old are you two?

I think if he was only two he wouldn't be able to type

Huh?

No I'm asking both of them

They both said they were in HS

That means they're probably under 18

Which means they need a parental consent form to be here

I’m 18

Just finished HS

@austere sinew night ping

Im a big fan, but the hardware is too steep for me at the moment. I want one though

I'm so excited to be getting one in a couple months 🤗

Oh nice!

Is it the top choice for each or just the basic laptop?

I have a dream bucket list for some expensive things and I chose the huge/extra hard drives, biggest/best gpu/cpu, etc.

I could prob get the basic setup, but I want to go for broke xD

U can buy a $70k machine from them lol

https://tenor.com/view/really-gif-16462970074420267735

I thought the 4k was steep lol

Added a z-test vs. t-test logic and hypothesis testing to my GRC auditing script.

That picture uploaded like shit.

Python is

😄

That one did too

Is it just my phone that can't render it lol

Yeah, that shit bugs me because it's crystal clear in my photos.

Its all good. Its discernible for the most part

Bro. PHP is fire

I like PHP

Python is ... blah

I like my curly braces

@worthy cargo Got my tele from the luthier. Just fired up the Billy Strings livestream. They started earlier than I expected so I'm watching the backed up footage so the show just started for me. 🙂

Nice Dan

wyd?

I gotta need a Luther too. Get my 7 string restrung and intonated

I'm omw to dinner and it's raining a lot

yeah. That's my 3rd guitar so I'm finally all setup and g2g. It's supposed to rain here later. I had bbq ribs and fried catfish for dinner. Kali is having a split elk antler.

It's got Floyd rose

Fuck yeah

I don't use a tremolo so I had the luthier block my bridge to make it like a hard tail.

I'm going to an Arabic hooka lounge restaurant

fun

i recommend the kebob

Yeah some folks invited us

I love kabab

I also love Khabib

Lol

Mma

enjoy dinner

ttyl

Later bud

Here's a better photo. Google photos compressed the image or something originally

It uses pandas, numpy, matplotlib, seaborn, and scipy.

Deep dish goin into the oven 🔥

Waiting on some rice and meat stuffed peppers

We're at the restaurant

Nice

don't forget your purse

I'm gonna smoke hooka and eat Arabic food tonight's

Enjoy brother!

Ive been smashing some pizza for the last couple hours myself

every pizza is a personal pizza if you try hard enough

lol

I give the crust to my dog.

That is some Mitch Hedburg right there

Mitch Hedberg was the GOAT

Anywhere is walking distance, if you’ve got the time

Lol

I used to do drugs. I still do but I used to too.

lol

His smacky the frog skit is the one that got me hooked.

Rice is great when you’re so hungry, you want to eat a thousand of something

Lmao

I haven't slept for 10 days, because that would be too long.

You can't be awake that long

lol

Read the joke again.

No

https://tenor.com/view/joke-missed-over-your-head-gif-8604199

Do it

No

The nerve

Kids these days

https://tenor.com/view/napoleon-dynamite-wave-bye-gif-5121301879489036543

And I must say, I would like to challenge your 10 days awake belief. You ever heard of amphetamines? Extremely dangerous but people have done it.

https://tenor.com/view/cat-fall-epic-embed-fail-fail-funny-gif-21341768

https://tenor.com/view/embed-no-no-embed-megamind-megamind-meme-gif-25261934

https://tenor.com/view/embed-fail-gif-23637150

hello everyone

Hello

Heya

https://tenor.com/view/jesus-ballin-mars-bars-gif-19910027

Hey there 👋🏽

ozymandias

Ozymanreviews?

think i might have a memory leak.

Yeah that's a thing too

anyone having this problem where like half the time the machines arent replying back to attempts to ping or nmap them?

its been happening all day to me

have to keep resetting them

is it on and off

Only half of the time machines?

yes

i moved to tcp vpn and that fixed my issue

thanks

https://tenor.com/view/back-to-the-future-doc-brown-smile-hey-christopher-lloyd-gif-4584331

https://tenor.com/view/bookio-gif-13932157847762104386

I wanna get to omniscient but I just can't

Bc I don't wanna do challenges

That attitude is why.

Challenges are boring

Make them fun

Have you tried applying more jigawatts to your flux capicitors?

Backspace can we make a deal?

No

https://tenor.com/view/deal-no-gif-9429617

*Yes

You spelled yes wrong

Your powers of negotiation are too powerful

https://tenor.com/view/rule-121-everything-is-for-sale-even-fr-iendship-star-trek-ferengi-gif-14617843925530401624

Anyways the deal is, when the new windows box comes out, you do it and then give me a step by step writeup. In exchange I will give you 30 gold.

https://tenor.com/view/negotiate-5th-element-bruce-willis-gif-24816366

https://tenor.com/view/hey-gurl-you-wanna-lets-do-this-lets-do-it-star-trek-gif-15443817

30 of these

For a writeup

40 of these for writeup and a Facebook zero day

You don't write your own zero days?

You drive a hard bargain, but, I’m going with no

Why do you keep spelling yes wrong

No

^ again smh

https://tenor.com/view/tough-crowd-toughcrowd-rodney-dangerfield-gif-22093859

Take my wife, please

https://tenor.com/view/ill-never-get-married-doc-shaw-malik-payne-house-of-payne-never-gonna-get-married-gif-18558336

I don't want children

https://tenor.com/view/prenup-marraige-love-gif-4986030

My laptops battery charging light started blinking In amber all of a sudden

https://tenor.com/view/monkey-working-computer-fire-burning-work-pressure-gif-797541937587978407

Apparently it means catastrophic/fatal battery faliure

Uh oh

I don't care 💅

https://tenor.com/view/nicholas-cage-you-pointing-smoke-gif-5426646165088032025

https://tenor.com/view/michael-scott-the-office-no-respect-gif-13432188

work at facebook, distract zuck with beetles, put backdoor in

Put a backdoor in zuck?

Facebook is the backdoor.

nmap is taking forever what do i do

pinging works

regular nmap works

wtf

What's non regular nmap?

-min-rate=5000

flags like -sV and -sC

What box are you on

For first scan

Go YOLO mode

sequel

Then use those ports for deep scan

Don't do -p-

Like ever

use rustscan

its good sometimes

Useless for HTB

it was necessary to find something once

Like someone else said, do min-rate and probably scan a smaller range of ports

i know exactly what port it is

rustscan -a 10.129.12.202 --ulimit 5000 -b 2000 -- -A -Pn

No, use -p- with --min-rate

i just need the version

Then use deep scan on those poets

rust scan then have nmap scan the ports that are open

...ports.

nvm it finished

I want to do a deep poet scan

That's 2 steps

didnt even know nmap has an argument for deep scanning of specific ports

2 steps is guud

What

-p <port>

yes i see it here now

thank you

prob should do some academy before sending boxes if u dont have the basics of nmap yet lol

i wasnt fucking around with it because its been slow all day

the boxes have been iffy

i had to switch my vpn

-sCV -O, or just -A has a lot

Have you finished starting point?

yeah

He didn't know you could enter a specific port number and scan that

O.o

Or numbers

no i knew you could do it i just forgot how

-p22,33,44

You could always do the top 1000 first and then go from there

Its all good

I forget lots

it still takes fucking forever regardless of whether i specify a specific port

even though i have decently fast internet

It's not just the internet factor bro

Wrong.

yeah ive got a good pc as well

Sometimes boxes can be a bit slow… could be a variety of factors

Bad scan. Use a simple -p- with --min-rate

If it's a Linux box, while nmap is scanning, put the IP address in the hosts file and navigate to the BoxName.htb in the web browser

The targets configuration matters too

I guarantee you there's a website

Then enumerate from there

You don't have to wait around for nmap to move on enumeration

If you've already scanned and have ports to enumerate, those are likely it. You need to dig into them.

I don't know how deep into depth HTB goes but you can block ICMP

this is a mysql with no http

Oh

Well 99% of Linux boxes I've done has port 80 open

this one has one port open

its 3306

and it has mysql

https://tenor.com/view/ريال-مدريد-gif-9964137448935000493

Yes

I know

Bc I haven't done that

What box is this?

sequel

its one of the earlier ones

i started yesterday so

Easy?

very easy

im just doing them in order

of however it shows them to me

my first time ever doing an sql hack with no website

is it really hacking if theres no password

If you're on sequel, -sV -sC should work fine. You have another issue.

it worked now but it took like a good 2-3 mins

which is very annoying

Run it again with -n and see what that does for speed

Try to connect with admin/admin there's a good chance you'll get in

-sCV

theres no password requirement

Well then you just connect

why are there squares

correct

A bit of a failed attempt

Whats inside?

4 databases

put cheese on that and i bet it still tastes good

they all look boring

but one has the flag im assuming

You using the writeups?

What are their names?

It's under the sauce

got the flag

oooo

htb, information_schema, mysql, performance_schema

the flag is in htb then table config

looks exactly the same

The pepperoni is also under the sauce

Starting point has write-ups available. Use those while you're learning but make sure you read them and try to understand the "why" behind it all.

Well the only two you should be focusing on is HTB

The other 2 are default databases

yeah i look at those if im unfamiliar with how it works

kinda the only way to know what to do

if you dont already know

Nothing wrong with using them when you're learning. Thats what they are for.

i also have hacktricks and i used that once without looking at the walkthrough

If you have the time, re-write the write-up and break it down from your own understanding. It will help you learn.

i dont think thats necessary

Suit yourself.

it will be

It is

pentesting is like 90% reporting

95%*

90 lol

i just do this for fun though

word

also these kinds of skills are helpful if you ever need them

1/4 of it is 700kcal 💀

i doubt i will though

Ran a command? Document it. Discovered a vuln? Document it. Made a system change? Document it.

In cybersecurity, you document everything. Furthermore, you have to understand chain of Custody.

You can do bug bounty and like earn money

are you like a cybersecurity professional

Thought this box was called sequel?

One of my teammates gets bugs all the time. Reports are important.

im not that big into coding

Undergraduate almost finished with a B.S. in cybersecurity. So, you could say that. I've got thousands of hours under my belt doing labs, learning NIST, ISO/IEC, etc.

thats great

You should see my cybersecurity playbook lol

I need to be able to consistently find them tbh

The job market is fucked. It's my only hope

Job market is shifting. Learn GRC.

What's that

They aren't looking for just blue team and red team anymore. Market is shifting to purple team.

Governance, risk, and compliance.

you know i watched pen testers hired by the us department of energy successfully get far enough into the energy grid to be able to shut it down for i think was most of the U.S (its been a while since i saw the video)

they mostly just wore high vis vests and pretended to be people

then plugged in whatever they wanted into servers and shit

Question for you guys, I was about 45% through CPTS and had to take a break for my MS for a couple of months. I took pretty detailed notes but not sure if I should just start over and read or pick up where I left off / fill in gaps. Anyone went through the same situation?

people had passwords written on sticky notes

A lot of pen testing involves social engineering.

Can I complete an entire certification path just from cubes earned through seasonal rewards?

Tf is GRC. Im so out of it recently and hacking is becoming doctor school with all the acronyms.

Skim through your work and decide from there. It's your call on how well you feel you remember it.

social engineering is the easiest exploit. People are the weakest link in cybersecurity.

Finding an actual vuln is hard. Pressuring someone into sharing their MFA is much easier.

Governance, risk, and compliance. Learn the NIST RMF

Okay. Am I unable to see this? Where is sequel?

Can't find tjis machine

Starting point

Maybe you should move on to newer easy machines, they'd teach you stuff

Unlike logging into an open MySQL server and getting a flag

Bruh

What? Lol

I just spent 15 mins opening my VM thinking this box was misbehaving and wanting to check and its got all the steps listed.

Lmao

To the homie. USE GOOGLE

Everything in hacking is about learning what, how, why.

can i use bing

Straight to jail

I don't want to give up my personal GitHub with my real name on it so I had AI summarize my hierarchy structure. Warning: wall of text incoming for those interested in GRC.

Smoking hooka at the Arab Lounge

To excel in Governance, Risk, and Compliance (GRC), professionals must master the NIST Risk Management Framework (RMF) and its associated documentation lifecycle. The journey begins with the Prepare and Categorize phases, where you must develop Roles and Responsibilities (PM-16) matrices, comprehensive Asset Inventories (CM-8), and Network Diagrams (SC-7) to define the system boundary, followed by a Business Impact Analysis (BIA) and Security Categorization (FIPS 199) to determine the system's criticality. Moving into the Select and Implement phases, you are responsible for authoring the System Security Plan (SSP), which outlines a tailored baseline of NIST 800-53 controls, along with detailed Implementation Statements and Technical Configuration rulesets that document how those controls are physically engineered. The high-stakes Assess and Authorize phases require proficiency in generating Security Assessment Reports (SAR), conducting Vulnerability Scans (RA-5), and developing Risk Heatmaps and Plans of Action and Milestones (POA&M) to manage residual risks, ultimately leading to the Authorization to Operate (ATO). Finally, for the Monitor phase, practitioners must maintain Continuous Monitoring Strategies (CA-7) and Incident Response Testing Logs (IR-3) to ensure the system’s defensive posture remains resilient against evolving threats. Master these artifacts, and you transition from a "technical" user to a "strategic" asset that organizations are eager to hire.

https://tenor.com/view/wesker-albert-albert-wesker-resident-evil-resident-evil-4-gif-5143688443782660001

https://tenor.com/view/druski-shrug-hands-up-druski-shrug-druski-idk-meme-gif-7093177929627107381

Thats like trying to learn grammar before the alphabet. I swear. Mfkers in charge dont want professionals. They want drones who were able to be beaten into submission....

It's a dance. You learn both at once (technical aspects and governance).

wtf?

no

I wanna speak to your manager.

Yes

Game challenges

when my friend asked me when I was sick today

What my friend said : You sick

What I heard : You Six

And I replied to my friend: Yea, im seven

https://tenor.com/view/bosnov-67-bosnov-67-67-meme-gif-16727368109953357722

https://media.discordapp.net/attachments/872924113725956106/1213894709169356850/fatseal.gif

Ive had 6 or 7 cigarettes fretting about this nonsense.

Fretting about what

The box I thought was broken.

I think I need vacation from work.

Well, is it broken?

No.

Then let it go and move on 🙂

I noticed a similarity in your username to a food item

marcescence

just started my path today.

Regular Sherlock Holmes

Ah okay, I just found out😅

https://youtu.be/DZySt3i2qm4

good luck and have fun

is the best way to get to pro hacker doing challenges?

im tryna calculate how much it takes to get there and it's like all the boxes or something

obviously not all but let me see how many more id need

i have like a week

10 more machine roots

so basically a full page and like a few more

Its any active content. Whatever you can make decent progress in

damn man

this is gonna suck ass

ill learn i guess though

Try not to measure your progress on ranks.

Hacker rank is still pretty impressive.

The content shifts constantly. If you get a good window you can go high on easy content.

Its all about what you can do. Some guys never go past newb and are really, really talented.

I only got to pro bc I had a few months off work to hack often. If I didn't Id still be at hacker.

im trying to rank up plus the cpts curriculum im almost done the latter

like 68% done

im just left on the advanced shit

im one box away from hacker and i dont know shit still

from my perspective, at least, at the moment

next season box is gonna be the box Pog

good luck getting that 1 box

could do it rn

imma get back to the grind in a few

aint no way im rooting garfield

Man, I'm exhausted. I'm trying to juggle college, NCL, and HTB.

Gn

I have to do a statistical analysis project tonight.

Imagine taking rest

I practically don't lol.

imma try garfield next actually

i did overwatch and that shit was hard i can't lie

idk if i can say which part

i wont

but still

COAE is an April fools joke right

I tried to jump into active boxes and I don't think I was ready. I have a very solid foundation when it comes to networking, OSes, hardware, and legal. But I am fresh on the scene for proof of concept penetration testing. Definitely shows me I need to step my red teaming game up to strengthen my purple teaming angle of expertise.

id say it's a matter of pattern recognition yeah

i've done something like 40 boxes so far

of retired content

iirc

let me check

ye 41

how u check that

htb profile

in labs

Yeah, a lot goes into it. Helps to understand multiple protocols, scripting, pen testing tools, etc.

Damn

36 im catchin up

I tell people its an oral tradition; you learn by seeing others do it. Watch the videos of someone like ippsec or alh4zr3d doing a box and follow along

I think the web server boxes are my biggest weakness rn.

when i first started pwning boxes that shit hurt my brain

i can't lie

even with the writeups

Web Servers are fucking though.

Use write-ups when you're starting eventually you won't need them. There is no shame in using the help around you

this

Yeah, I decided I gotta walk before I can run. Im going to capture as many retired machines as possible after I finish up tier 2 starting point. Already did tier 0 and tier 1.

Idk, I learned a lot from raw dogging it. I started some years ago tho. I needed this discord to find nudges.

https://tenor.com/view/hot-dog-girl-gif-12001974846064297556

Sometimes banging your head against the wall is the best way.

hello

https://tenor.com/view/gay-d-gay-gif-26897914

I'm about to install kali linux as dual boot I have nvidia gpu and intel cpu is there anything I need to know before installing it?

I haven't finished starting point even IMO some of the tier 2 are too annoying to set up

Yeah, look up how to configure your machine to use your GPU. It's pretty easy, though. Assuming you already know how to properly configure a dual boot.

The writeups are a bit old. Some of the Code and commands have to be re-worked.

noted, I appreciate it. First and last time I installed it was few days ago but the OS itself lasted few minutes, it broke down right after I installed graphic drivers for gpu with nouveau command. Thanks again.

@glad crystal https://docs.google.com/spreadsheets/u/1/d/1dwSMIAPIam0PuRBkCiDI88pU3yzrqqHkDtBngUHNCw8/htmlview
This is the tj null curated list of htb machines you can do to study for the oscp. If you want a sense of progression in your studies try some of these and see how far you get

Lol

use a virtual machine for isolation since ur doing hacking

Are u new to Linux btw?

You don't use nouveau when you configure GPU setup. You're supposed to disable it or whatever. It should do it automatically.

In fact, you might try live booting first before you try a dual boot.

I am actually, I have one and been using it for a year I think and I will keep using it for some malware analysis tho

IMO its a lot more structured than doing random boxes unless you are doing academy for cpts

Idk why you'd move away from using a VM

Nope, I was on linux for a year (maybe a little bit more than a year)

Because GPU pass through on a VM is a pain in the ass.

laggy, doesn't fit me for hacking any machine from HTB

even tho I set 8GB Ram and gave it 500GB

and idk about processor

Nice

real

I'll try it thanks

just fielded a call from my bff's wife. She was all concerned she done been hecked because she was getting a scary message when trying to go to google....It was a date/time mismatch on her macbook air. Crisis averted.

If you're gonna dual boot be aware windows uses local time and Linux uses UTC and periodically windows will change your hardware clock because it wants to be the only OS on your system. You have to change your registry if you want to avoid that

😄

Fasho. Live booting is way safer tbh

weird ya'll are talking about clock issues here at the same time though lmao

sure, I'll keep it in mind, thanks

That and you can't use full disk encryption on both windows and Linux and expect your boot loader to work. I've never gotten veracrypt chainloading to work its too sweaty for me

https://tenor.com/view/planets-070shake-guilty-conscience-outer-space-aligned-gif-18502145

i can go back to watching Billy Strings shred on the livestream 🙂

I am procrastinating on this project ngl.

would it work if I install it on HDD and windows on SSD

Got the first section done but I'm just chillin lol

Windows tends to delete other boot entries of other drives on the system even if you installed it first and then installed the other system on another drive. It'll just randomly overwrite your master boot record one day in the background

Idk if registry edits will fix that behaviour

https://tenor.com/view/fuckthis-ron-swanson-dumpster-trash-nickofferman-gif-4679104

Usually if you have another install of grub it'll get overwritten

Kinda sucky its why I don't dualboot anymore

oh so that might be the problem I had when I installed it first time cause I am sure I did everything right and still it got broken, it launched linux only in TTY Terminal

I just use Kali and a windows vm

Should I say it?

I think I'm going to say.

that's better tbh

real

Just be like me and go bare metal because you've finally had enough of being treated like a guest in your own house.

If you need a VM for engagements you can use Kali VM in Kali

https://tenor.com/view/shrek-farquaad-its-a-sacrifice-i-am-willing-to-make-its-a-sacrifice-but-its-a-sacrifice-i-am-willing-to-make-gif-2046508029570999696

It may sound silly but I do it

Roast me

Kali vm in kali?

5 minutes in, I got a "Your device ran into a problem a d couldn't be repaired" just for trying to go in BIOS, didn't even start an installation 💀💀💀🥀

What

I use kubuntu and vbox as my hypervisor

I use a kali vm

Explain this in more detail?

I managed to fix it but what happened was when I tried to go in bios, after pressing del few times I got the message: Diagnosing your PC, connecting to network and finally a black screen came up with text: "Your device ran into a problem and couldn't be repaired.
Click or press Enter to see other recovery options.
Log file: C:WINDOWS\System32\Logfiles\Srt\SrtTrail.brt" and I pressed enter, got in the kind od recovery mode I forgot what's the name of it and I pressed exit and continue so it loaded windows

But still, small problem is that I yet cannot enter bios with pressing DEL so I had to go to recovery in settings and advanced reset and thru that I went in UEFI Firmware and entered BIOS

Try running these in order from CMD as administrator to make sure everything is repaired.

sfc /scannow

dism /online /cleanup-image /restorehealth

bootrec /fixmbr

bootrec /fixboot

bootrec /rebuildbcd

Once you do that, make sure you are pressing the right key to get into BIOS. Its normally like F12.

Sure, I'll try, as for BIOS it's del but I tried f12 too, I'll try f11 too but I'm sure last time I went in bios was with del button, that even says at the bottom of the screen when logo of my motherboard or whatever it is appears, I just broke something

Thanks

Those won't fix a BIOS issue but doesn't hurt to make sure all of your system files are fine.

And BIOS is either F10 or F2, my bad.

https://github.com/shuvonsec/claude-bug-bounty

Yepp I got it thanks man, I turned off fast boot and now it works when I press few times F11 for boot options

For Lenovo sometimes its Fn + F2

Nice

You turning off secure boot?

I turned that off too

If you're trying a dual boot, make sure you don't wipe your recovery partitions or anything.

Yes, now the only thing I gotta fix is USB on which is kali installed and it's not being recognized in boot options

Small problem I hope

Usually is. You have to flash the correct file. Try flashing with raspberry pi imager. Usually have problems with the other imager programs.

Also, you mentioned having two drives. You might run a RAID configuration incase a drive fails or has problems.

Noted, I'll do that, thanks man❤️

No problem, man. Raspberry pi imager is my favorite flashing tool. I've never had issues with it.

So my laptops battery led went from flashing amber to flashing red and has cut power to and from the battery and the bios is asking me to take the battery out immediately

So dramatic smh

WOOHOOHEHEWAHA

rip laptop

what happened to my garden 😭

i mowed that shit down

😭

lawn mower sounds brrr

Any backend developers here?

https://tenor.com/vUqdAPxaHpe.gif

Im doing an internship developer internship and my job is basically using claude to generate codes. And just fixes or implement features in lovable/manus

Is this real or what

Have not written a single line of code.

They also be having me learning n8n

i just ate a bunny's ears off

like a chooclate bunny

Welcome to the age of slop

It feels hmm

Not real work?

none of this is real

you should wake up soon

i'm applying for jobs as a sleep paralysis demon

So, a therapist

found out what your worst fear is and im a red teamer

anyways sleep paralysis demon got to sleep too

im finna sleep

dont wake up

Hey 👋🏻

hi

Wasup

This data analysis project for applied statistics is going to end up turning me into a sports gambler. 😂

phone shots of code is wild work

Ask ur friendly llm how to take a screenshot

Morning hackers

Morning guys. I'm the newbie

Nice to meet you guys

UwU

I am doing Way of Thinking section in htb and found this discord

Kewl

How does it look?
Is it he or she

Morning and good to see you here

I hope that u will find this server useful

how to heck

Yes, I'll try my best and I think I'll ask a lot here

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

@stuck cliff ^

yes bro @lime trout

above link

man htb is annoying as hell

Has good info getting started 🙂

i needa pay for the good stuff

does discord block vpn users universally?

what doin

every time I connect to a VPN discord stops letting me send or receive messages

why

this is with mullvad

I would try on riseup or proton but don't see the point

Not for me, however some addresses via proton have been blacklisted by discord

for me mullvad has been blocked at the very least

I am gonna try riseup and see if that works too or what about proton

Yeah, mullvad gets blocked by everything. They just don't have enough vpn servers to bypass certain blacklists

gotcha

Proton works just fine, not sure about the free subscription

however some ips I've come across have been blocked by discord

hi testing to see if I can connect from protonvpn

yay it works

ok cool

let me try something else

ok it won't let me go from mullvad > proton but proton is a good backup for discord

hold on a sec

hecking is cool

Why does bro need mullvad?

because its the best privacy of any vpn

its not like I'm using tor

lmao

why vpn for discord?

Most tor nodes are owned by governments

I use it for everything

privacy

I know what I said is I'm not using that

chill tf out

I was just saying a fun fact

ok

rlly wt is privacy if u r using a public platform?

I'm connecting to other stuff besides discord

but whatever

I know discord knows who I am that's not my issue

why would discord know who you are, unless you have had bad opsec

well, they know because I'm not hiding my identity from discord

also privacy and anonymity aren't the same thing

I'm doing privacy not anonymity

anonymity is about hiding your identity

privacy is about something else

you just aren't familiar with the difference between the two

Morning ping @sturdy thistle

@supple plume could you invite me to our ctf discord server? I'll explain what happened

woloooooooooo health check

t

Heyooo we doin better hru donut

Explain in dm please

I can see 2 donutmasters

apparently wolo is an air tank

WHAT

NO

BLASPHEMY

@static pasture CAN CONFIRM IT IS AN AGE OF EMPIRES REFERENCE

but I trust Google implicitly

glad to hear! (I'll send a fr and explain some things in DM)

heh, u want me to tell u too?

shoot a dm

https://tenor.com/view/hackers-penn-teller-gibson-technoweenie-we-got-a-hacker-gif-17879803

Hey donut. What did you submit recently, type i mean.

https://www.youtube.com/shorts/5xXKHmL7fY0

hi

why would we put air in a tank while its available everywhere

Like its not even a special air

https://giphy.com/gifs/AoE-Community-PfU0R7E4hhWBhZAhJ9

how to send text messages to urself from phone to linux pc:

1. install termux on phone
   2.connect with wifi and check ur local ip "ifconfig" or "ip route"
2. type the command "nc -l 4444" the -l means Listen
3. open terminal on linux pc and connect with ur phone ip "nc 192.168.1.6 4444"
   where 4444 is the port number and 192.... should be ur own local ip from phone, or do it the other way around find pc local ip and switch the steps

i installed f-droid via apk for my blackberry key2, got termux and nethunter kex via f-droid, now i can run linux kali pc on my phone

🫃

yessss

When you get doxxed and try to take your pain out on others but have to clue what the fuck you are talking about.

That is almost the equivelant of "your IP is 192.168.1.1" but somehow also astronomically worse at the same time.

And what's with the pedophile? There's way too much happening here. I've had enough internet for the day.

This screams "victim to offender overlap" from both parties.

https://tenor.com/view/horse-what-dog-what-cat-what-horse-dog-gif-12922782066956089731

time for whey shake

166.321.990.249🔥 🔥 🔥 🗣️ 🗣️ 🗣️ 🗣️

That's the joke?

Ah got doxxed

990 cant fit in an IPv4 octet 💀

😔

Like 321 does

lol

It's IPv4-ng

didnt see that

IPv5 even

ipv3 does

Nah IPv4-ng but all goes to 999

my vpn says im in mexico but im in europe x) am i a hacker now ?

They should have asked me when creating IP

yes

😄

i use protonvpn, what do u guys use, or recommend, i want free not paid

Give me a sec and I'll tell you my entire network infrastructure.

xD

u use proxychains tor and ur own vpn

Nah, but anything Swiss is cool. They have the strictest data privacy laws in the entire world. I like to use Quad9 for my DNS too.

nice

I kind of half-ass when it comes to my own security. All I do on my PC is school and CTF shit. All my MFA, emails, and banking shit is segmented too. I don't use any of those on my PC.

true

And I use FIDO2 keys

I guess that's not really half-ass... what am I saying

IPvDeez

fast identity online

you don’t understand hes just using IPv999

My identity was comprised in a breach recently 🙁

Stupid hospitals keep getting fucking hacked.

😦

I use incognito 🥸

thanks for the terms ive never heard be4, i'll try quad9 swiss country and fido2

i only know protonvpn

VPN is handy but if you're really worried about security you should strictly enforce HTTPS and take other measures. The biggest one being not to click dumb shit.