they require consistant maintenance 
#general
proper dragon
molten bobcat
Cell posting
main halo
typically, do ppl learn both when getting into cs as a career
bronze lion
they require consistant maintenance <:troll:824339247959113728>
most of them dont require consistent maintenance and tht doesnt mean they are re-building it
molten bobcat
Gotta find a role that speaks to you
sweet lintel
typically, do ppl learn both when getting into cs as a career
Depends on what branch of CS they want to go into
high cobalt
Yeah. I can do Web Stuff and Web Hacking, but low level things are like "WTF?" for me haha xD
main halo
Depends on what branch of CS they want to go into
what do u recomend @molten bobcat
sweet lintel
Yeah. I can do Web Stuff and Web Hacking, but low level things are like "WTF?" f...
You think you're semi decent, then you see someone use something to flip a bit in a circuit to just change how stuff works , and you're like o_O
bronze lion
You think you're semi decent, then you see someone use something to flip a bit i...
will the outcome be predictable tho?
sweet lintel
"Oh - If we wobble the electricity enough when it's booting, it skips that function" - Like... WTF
bronze lion
i mean flipping the bit is not hard
but to know the exact outcome
shouldnt he be a nerd who speaks and eats binary?
high cobalt
You think you're semi decent, then you see someone use something to flip a bit i...
Hahaha, electrical wizardry. Like I even forgot how elecricity works because as an admin and webdev I don't care too much to keep knowledge about the magic behind the hardware we are programming ๐คฃ
molten bobcat
what do u recomend <@169987831278600194>
I recommend finding your own passion
Instead of just going after what people tell you
remote bolt
this chat is 24/7
main halo
i see
sweet lintel
but to know the exact outcome
That's when you're dealing with oscilloscopes and altering in millivolts
proper dragon
most of them dont require consistent maintenance and tht doesnt mean they are re...
today I learned about denominalization and nominalozation
bronze lion
today I learned about denominalization and nominalozation
great
proper dragon
thx m8
sweet lintel
this chat is 24/7
Timezones combined with varying activity levels
remote bolt
xD
molten bobcat
I like blue teaming and DFIR work a lot. Other folks hate it with a passion
main halo
Instead of just going after what people tell you
i find hacking cool, but i also like to build shit from scratch
remote bolt
its 5:30 pm here
molten bobcat
It's all about finding what you like the best
bronze lion
That's when you're dealing with oscilloscopes and altering in millivolts
sounds interesting, first time hearing abt oscilloscopes
sweet lintel
I like blue teaming and DFIR work a lot. Other folks hate it with a passion
I would be one of those folks who hate it with a passion. If I had a Blue teaming job, I'd be bored to death
bronze lion
same
molten bobcat
Someone's gotta do it
rare monolith
i find hacking cool, but i also like to build shit from scratch
the more you fuck around the more you find out
jagged storm
main halo
It's all about finding what you like the best
which takes longer to โmasterโ and get decent at
sweet lintel
When your remaining boxes start to look like this ._.
molten bobcat
which takes longer to โmasterโ and get decent at
This is a life long journey homie
bronze lion
When your remaining boxes start to look like this ._.
ez ones. i could do these in like 5 sec
main halo
im so inexperienced on this topic. i feel like every question i ask is dumb
molten bobcat
It's okay
sweet lintel
which takes longer to โmasterโ and get decent at
The more you know, the more you realise you don't - You can do it for 50 years and still not consider yourself a master :p
rare monolith
When your remaining boxes start to look like this ._.
when you are geniuelly cooked
molten bobcat
I was dumb and clueless years ago
bronze lion
im so inexperienced on this topic. i feel like every question i ask is dumb
humans are dumb, dont wry
molten bobcat
Now I'm just dumb
high cobalt
When your remaining boxes start to look like this ._.
May I ask you for a tipp about learning blue teaming?
bronze lion
May I ask you for a tipp about learning blue teaming?
ask C1oud
molten bobcat
Why them, I'm the blue teamer lol
sweet lintel
May I ask you for a tipp about learning blue teaming?
You're very much asking the wrong person
molten bobcat
It's me hi 
high cobalt
Why them, I'm the blue teamer lol
Oh shit marked the wrong message ahahaha ๐
molten bobcat
sweet lintel
Yup
molten bobcat
Cuz people like to complain yeh
rare monolith
why do ppl say โmuh cs jobs are being taken over by aiโ
here we go again
worthy cargo
I'm finishing up the Linux boxes first.
sweet lintel
AI can help - It's very bad at doing complete jobs.
molten bobcat
Every single use I've seen of AI in my own cybersecurity workspace is meh at best lol
sweet lintel
Every single use I've seen of AI in my own cybersecurity workspace is meh at bes...
The Burp AI has a drop table fetish :p
main halo
I'm finishing up the Linux boxes first.
how long does it take for you to complete a decently hard box
worthy cargo
how long does it take for you to complete a decently hard box
I take my time, many breaks, so it depends.
bronze lion
also depends on ur current skill
sweet lintel
Somewhere between several days and never :p
rare monolith
how long does it take for you to complete a decently hard box
1 minute work 2 hour break & repeat
main halo
whats more valued, cybersecurity or programming
bronze lion
I just know how to
can u help me hack my dishwasher plssss
worthy cargo
I just do pentesting to be able to think like an attacker. I actually do enjoy cybersecurity engineering, and architecting/building secure systems/solutions.
molten bobcat
whats more valued, cybersecurity or programming
They're both important?
worthy cargo
I love forensics and DFIR
main halo
Every single use I've seen of AI in my own cybersecurity workspace is meh at bes...
i see
bronze lion
I love forensics and DFIR
nerd
molten bobcat
Those two are just intertwined lol
worthy cargo
but I haven't been able to get into the forensics field yet
sweet lintel
whats more valued, cybersecurity or programming
To be very good at cybersecurity you need to learn how to program, and to be very good at programming you need to learn cybersecurity - So - Both.
bronze lion
a very good way to put is honestly
rare monolith
main halo
To be very good at cybersecurity you need to learn how to program, and to be ver...
does it even matter which i start with first
molten bobcat
I like forensics
warm ravine
I'm finishing up the Linux boxes first.
Is this how ppl get roles with hacking these
If yes
molten bobcat
does it even matter which i start with first
The important thing is just to start homie
warm ravine
main halo
The important thing is just to start homie
ONG
west lynxBOT
Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible
bronze lion
Is this how ppl get roles with hacking these
u do more active boxes/challenges to rank up
molten bobcat
Like I said I've been doing this for years I didn't start until I was 24 or so
warm ravine
u do more active boxes/challenges to rank up
Yeah right uh.. how can I find the active boxes if I may ask
worthy cargo
I'm gonna go get some bbq chicken tenders, some corn on the cob, and some potato salad.
sweet lintel
does it even matter which i start with first
Programming may help to start with, but not necessary. Think of it like driving. You can drive really far without knowing how an engine works, but it may cause a problem if the car breaks down. The trick is to drive along, and deal with it when it happens ๐
rare monolith
I'm gonna go get some bbq chicken tenders, some corn on the cob, and some potato...
yummy
๐คค
warm ravine
Programming may help to start with, but not necessary. Think of it like driving....
That's called problem solving
main halo
Like I said I've been doing this for years I didn't start until I was 24 or so
oh yeah? im 17 rn. i hope i can get consistent with this
bronze lion
Yeah right uh.. how can I find the active boxes if I may ask
go to htb labs and do the boxes (filter out the retired ones which u dont have to wry cuz all shown when u press machines tab is active)
as far as i can recall
lol
warm ravine
go to htb labs and do the boxes (filter out the retired ones which u dont have t...
Alright thanks
molten bobcat
oh yeah? im 17 rn. i hope i can get consistent with this
You have plenty of time
Just take your time to understand things and follow what you have passion for
rare monolith
oh yeah? im 17 rn. i hope i can get consistent with this
and then you realize in 10 years that gardening is your passion
molten bobcat
People who care about their work produce immaculate quality work
Or at the very least better than most
main halo
People who care about their work produce immaculate quality work
good point
sweet lintel
and then you realize in 10 years that gardening is your passion
I've heard of people leaving cyber and going into farming. Like - Going into farming would be a nightmare for me :p
high cobalt
It's me hi <a:catwave:881909807190269973>
Got a tipp on how to learn a bit more about blue teaming topics? My workplace is currently in the dilemma of building at least a basic SOC which would be able to detect when our most critical systems get attacked/ransomwared (again). Not sure where I could start and help out as a Linux sysadmin with detections bc. we know a bit of Theory behind MITRE ATTACK etc. but applying it practically and building Use Cases feels a lot more overwhelming and harder. Do you know any good learning resources? Would you recommend digging deeper into red teaming to learn more?
molten bobcat
Hi!
Sherlocks are great practice
The DFIR challenges remind me of my actual work
rare monolith
I've heard of people leaving cyber and going into farming. Like - Going into far...
i cant imagine doing that ๐ but some people might want a break from all the computering around
main halo
You have plenty of time
i learned about strings,bolean, integrrs last night. whyd that shit feel boring. ig everything boring at first, ill keep at it for a while
molten bobcat
It's only boring because of how it was explained to you
sweet lintel
Well, I managed to finish the Overwatch box today, and made some changes to my script, so that's enough for one day :p
molten bobcat
I find that a lot of education in the field is unfortunately.. real dry
So if you're expecting it to be a thrill ride I'm very sorry lmao
sweet lintel
Programming theory is ass :p
jagged storm
It's only boring because of how it was explained to you
It could also just end up being boring to them. Some people like the 'idea' of programming/hacking/etc more than they like actually doing it.
molten bobcat
This is true as well
high cobalt
The DFIR challenges remind me of my actual work
How do you decide what is actually usefull in real life? Or is it just experience you get with real world incidents and patterns you see in threat actors?
molten bobcat
How do you decide what is actually usefull in real life? Or is it just experienc...
It's a combination of experience and things I've seen before
molten bobcat
You never really know what'll end up being useful until.. the moment it occurs
high cobalt
It's a combination of experience and things I've seen before
Ah I see ... thanks though for the Tipp ๐
main halo
Well, I managed to finish the Overwatch box today, and made some changes to my s...
did u learn from hackthebox beginners guide when starting out
worthy cargo
30 years ago i was the best hacker. Everything was in clear text. There was assumed trust. there wasn't a lot of security. then I got into different things in life and 30 years later the whole landscape is different.
I did my MCSE in NT4
sweet lintel
did u learn from hackthebox beginners guide when starting out
I started long before HackTheBox existed ๐
rare monolith
imagine that you are hacking insane boxes at night and then working as a farmer at day
worthy cargo
Back then active directory didn't exist
molten bobcat
I know about common methods for piracy, and I can spot them in use in real life environments and it's really funny removing malware from a host because someone wanted to play Sniper Elite: Resistance on their work pc
rare monolith
I know about common methods for piracy, and I can spot them in use in real life ...
lol
high cobalt
Haha
molten bobcat
I've also seen people making local firewall exclusions for StarCraft 2 lmao
warm ravine
I know about common methods for piracy, and I can spot them in use in real life ...
Literally antivirus'ing a torrent
Or smth
sweet lintel
When you get things like this
high cobalt
Well me and my colleagues already told the higher ups that it would be better to get consulting for our SIEM use cases ... xD Well money is a problem though ...
warm ravine
Get teh etherned adapter
When I get my first bank card, I'll buy myself a cool hacking laptop
molten bobcat
I can use both elastic and slack and I hate both
warm ravine
With some good statistics and other things
high cobalt
I can use both elastic and slack and I hate both
Why do you hate Elastic?
scenic maple
When you get things like this
since new ui rework?
sweet lintel
I can use both elastic and slack and I hate both
ELK stack - Nightmare 101
molten bobcat
I just dislike it lol
rare monolith
When I get my first bank card, I'll buy myself a cool hacking laptop
make your own laptop ๐ฅ ๐ฅ
warm ravine
make your own laptop ๐ฅ ๐ฅ
sweet lintel
since new ui rework?
warm ravine
Damn, 8 years of hacking
high cobalt
Kss. We honestly love it
rare monolith
<:sadglas:751888349136027678>
i think you should make a small raspberry pi project with a little keyboard, screens and stuff for the fun of it lol
sweet lintel
And I've been in this Discord server since 2019 ;D
rare monolith
if im gonna be running 30 enumeration tools at once should i get active cooling on my pi 5 
scenic maple
I suppose it kept out super new people
how i see it is that it kept people out who didnt try
maybe rude
sweet lintel
;D
scenic maple
but its not a hard gatekeep it would point you to academy if u couldnt
it wasnt like u cant get in haha get lost here is a rickroll
sweet lintel
if im gonna be running 30 enumeration tools at once should i get active cooling ...
At once? Sounds like you need to upgrade to a new system :p
warm ravine
Hey uh, what is gatekeeping if I may ask
rose onyx
Hey uh, what is gatekeeping if I may ask
Don't tell him
sweet lintel
Hey uh, what is gatekeeping if I may ask
"I won't talk to you because you're not good enough"
jagged storm
Don't tell him
gatekeeping inception
molten bobcat
Oh I don't believe in gatekeeping
high cobalt
Don't tell him
Prime example lmao
molten bobcat
The only time it should be gatekept is when someone wants to use the knowledge for stupid/illegal shit
scenic maple
"I won't talk to you because you're not good enough"
thats not how it works lol
rare monolith
At once? Sounds like you need to upgrade to a new system :p
lol prolly , but the fact that i can have a mini computer with a 1% keyboard , wifi card and every port imaginable for a portable mini pentester is so god damn cool
molten bobcat
thats not how it works lol
Nah it is
Gatekeeping is the concept of "you can't sit with us"
You're not allowed in the special club, gates closed
sweet lintel
lol prolly , but the fact that i can have a mini computer with a 1% keyboard , w...
I do also question why you're running 30 simultaenously :p
scenic maple
it works like this
hey u wanna know x study y and u will find out instead of spoonfeeding or how i see it i guess
rare monolith
I do also question why you're running 30 simultaenously :p
im toolmaxing
sweet lintel
im toolmaxing
Pi5 Local DoS - CVE-2026-1338 - Run 30 tools at once
jagged storm
golam can't sit with the gatekeepers
high cobalt
Oh lol I couldn't even write a fake hacking request ...
rose onyx
golam can't sit with the gatekeepers
Yeah who else is going to gatekeep the gatekeepers?
scenic maple
golam can't sit with the gatekeepers
they kicked me out
scenic maple
Yeah who else is going to gatekeep the gatekeepers?
@vocal fog is this u bro
rose onyx
<@791696650866655264> is this u bro
He's bad at it
jagged storm
no true gatekeeper
rose onyx
how abt spoonblocking
Uhm... About that one...
scenic maple
abt wat
jagged storm
warm ravine
"I won't talk to you because you're not good enough"
Oh why man
Im curious
Learning things
scenic maple
Oh why man
u r ok we will sit with u
jagged storm
u r ok we will sit with u
what is this 'we' nonsense
You're already out of the circle of trust, golam
pearl kernel
missing her snores
iron galleon
scenic maple
maybe now we 2 sit outside
sweet lintel
When you follow an LDAP side escalation path 4 levels deep and wonder if it actually helped...
jagged storm
You are now the last to be picked at flag football
rose onyx
I feel like a peasant over here
Why?
high cobalt
You guys know what's weird and a dilemma about gatekeeping and making fun of cringe stuff? You know r/Masterhacker and r/FakeDisorderCringe? The thing is, every time someone is starting to make fun of such things it kinda becomes "50% really is cringe ... but the other 50% is probably legit and really someone learning hacking and having a real disorder and making self ironic jokes about it"
sweet lintel
Look at me, very little knowledge
We all have very little knowledge in some aspect or another ๐
crimson elbow
memory isnt inherently unstable, though, it just needs continous power to hold data. its not a nature of memory
warm ravine
We all have very little knowledge in some aspect or another ๐
I mean I usually get shy when I talk with people that knows much better than me
jagged storm
You guys know what's weird and a dilemma about gatekeeping and making fun of cri...
No, places like that are now 90% fake content, made for upvotes/etc..
high cobalt
I suck at everything except IT
rose onyx
I mean I usually get shy when I talk with people that knows much better than me
They're people too
warm ravine
They're people too
ยฏ_(ใ)_/ยฏ
high cobalt
No, places like that are now 90% fake content, made for upvotes/etc..
Okay yeah karma farming is also a problem ...
iron galleon
bring back Vine
sweet lintel
I mean I usually get shy when I talk with people that knows much better than me
For every challenge on HTB you've done, there are a milllion people who have no idea how to do it :p
warm ravine
For every challenge on HTB you've done, there are a milllion people who have no ...
I mean, I love hacking and naturally.. I'm a fast learner
So uh
I dont think it'll be a problem for me to learn hacking
west venture
โ ๏ธโ ๏ธSTEP BACK THIS IS A CRIME SCENE โ ๏ธโ ๏ธ
warm ravine
Just gonna take some guts and time
sweet lintel
A little bit a day and you'll be good in no time ๐
rose onyx
Just gonna take some guts and time
Well what are you waiting for, permission?
warm ravine
Well what are you waiting for, permission?
Well
My ethernet adapter got broken
Without it, I cant do hacking
And hacking with wifi is too slow
rose onyx
๐ค
warm ravine
And I need speed
west venture
Youre not the police
Says who...?
warm ravine
Says who...?
Me
candid drum
how do yall deal with being burnt out? or preventing it?
sweet lintel
And hacking with wifi is too slow
Spin up a free Oracle box, SSH to it, and hack from there - 2,000Mbps Up / Down :p
jagged storm
how do yall deal with being burnt out? or preventing it?
take breaks
high cobalt
I dont think it'll be a problem for me to learn hacking
I think you don't even have to be the best hacker. You can even find fulfillment and get and advantage if you are just a bit better and more passionate at it than most of your coworkers even if you are a noob compared to a chad hackerman ;)
warm ravine
Spin up a free Oracle box, SSH to it, and hack from there - 2,000Mbps Up / Down ...
But like, doing nmapping with wifi takes hours
candid drum
take breaks
thats what i do, but i end up taking longer and longer breaks. maybe im just lazy
sweet lintel
how do yall deal with being burnt out? or preventing it?
Sleep for 7 hours a night
sweet oak
anyone here ever faces issue with the vpn , espacially the MTU of the vpn , what's the perfect value for this
warm ravine
But look, I feel like I can do this
west venture
Spin up a free Oracle box, SSH to it, and hack from there - 2,000Mbps Up / Down ...
Oracle stole my money
warm ravine
I literally can do hacking
molten bobcat
I've never once touched my VPN settings
rose onyx
thats what i do, but i end up taking longer and longer breaks. maybe im just laz...
Have related adjacent projects that pull up back in
limber arch
how do yall deal with being burnt out? or preventing it?
if your stuck on something for awhile dont continue to burn your brain trying to figure it out, take a step outside for a bit and come back to it
sweet lintel
Oracle stole my money
Need to look into the specs of their AlwaysFree tier. I switched off of GCP since they charged me $0.02 for some international traffic :p
west venture
I literally can do hacking
ยกWhat are you on!
high cobalt
# I HAVE EVERYTHING
Thats the right spirit
warm ravine
Thats the right spirit
Hell fucking yeah
jagged storm
thats what i do, but i end up taking longer and longer breaks. maybe im just laz...
If you have to force yourself to do content, maybe the subject matter isn't for you. You need to consider if you like doing this, or if you just like the idea of doing it.
warm ravine
sweet oak
I've never once touched my VPN settings
same neve, but am having an issue i can't get a server response it just hangs , and when i changed the MTU it workked
molten bobcat
same neve, but am having an issue i can't get a server response it just hangs , ...
When troubleshooting it's best to change one thing at a time, could it be that your old VPN file just needed changed out?
west venture
Need to look into the specs of their AlwaysFree tier. I switched off of GCP sinc...
No I mean to register for free teir. They said they need to charge $1 and they will refund it back, but they said the registration failed, and never refunded my $1 either
candid drum
If you have to force yourself to do content, maybe the subject matter isn't for ...
wow, never really thought of it like that. i dont really force myself, but rather when i get stuck, i force myself to stay until i figure it out
sweet lintel
No I mean to register for free teir. They said they need to charge $1 and they w...
RIP
jagged storm
wow, never really thought of it like that. i dont really force myself, but rathe...
It's okay if it's not for you, but if you're struggling with growing burnout, you should wonder if there's a real passion there. Try to find what makes you passionate about the subject, if anything does.
west venture
I ended up in the ER for some reason
warm ravine
sounds like beer
Ugh
west venture
Mmmmmm
warm ravine
I hate beer
high cobalt
Hell fucking yeah
Personally I think, even if you decide you don't want to do it as a day to day job, you can still learn it if you want. Like I am more of a DevOps Engineer and really a script kiddie compared to professionals. But I feel like it is still good for my career to know about hacking and doing it on a side :)
warm ravine
๐ฅ
jagged storm
I ended up in the ER for some reason
it might be a tumor
west venture
it might be a tumor
You need to chill with diagnosing me with cancer
warm ravine
Personally I think, even if you decide you don't want to do it as a day to day j...
I mean, I'm naturally onto hacking and coding
I'm a technologist guy. I'll learn when I have the time
west venture
I mean, I'm naturally onto hacking and coding
I'm a technologist guy. I'll learn...
Have you done CTFs?
austere lynx
hi guys, i saw that some time ago you could see any country in leaderboard, but now only top100, can i still see a country outside top100?
west venture
Yes
warm ravine
Have you done CTFs?
I'm gonna learn it one day
sweet oak
When troubleshooting it's best to change one thing at a time, could it be that y...
idk , i lost interest in troubleshooting ,i just switched to TCP , i think it works fine now with no tweaking
west venture
Why
west venture
Is it something like 2 hackers trying to find a flag on a machine?
One
Also we are not hackers
worthy cargo
it goes with everything
candid drum
It's okay if it's not for you, but if you're struggling with growing burnout, yo...
i see, thank you for the insight. i do have passion for programming, but there is so much stuff u can do its almost overwhelming.
high cobalt
I havent tried it
Do you habe some basic IT knowledge? Linux? Windows? Programming? I mean like how programming and operating systems work? :) even if its basic understanding about Filesystems etc
jagged storm
<@729546976718487612>
azure remnant
The most fun ive had is back when
I was creating hacking scripts
For Roblo*
Good times
warm ravine
Do you habe some basic IT knowledge? Linux? Windows? Programming? I mean like ho...
I have some info about programming but.. dont know much about how OS works
Like I'm still a beginner
west venture
Have you ever tried to hack activisions anticheat system?
sweet lintel
For Roblo*
https://app.hackthebox.com/challenges?tab=active - There's a GamePwn section there :p
west venture
casual discussion of felonies
What's the felony?
quasi ridge
it might be a tumor
jagged storm
https://tenor.com/view/kindergarten-cop-tumor-arnold-schwarzenegger-gif-5168776
THANK you
worthy cargo
I'm a tumor, I'm a tumor, I'm a tumor. Oh oh oh
worthy cargo
Peter Griffin
jagged storm
God, it's like nobody has seen the movie
quasi ridge
God, it's like nobody has seen the movie
or we're old
worthy cargo
azure remnant
https://app.hackthebox.com/challenges?tab=active - There's a `GamePwn` section t...
Hmm cant see it maybe cuz im on mobile
west venture
https://tenor.com/view/federal-investigation-gif-22271245
Bro bypassing Activision's anticheat isn't a felony
limber arch
Have the boxes the past few seasons been any good?
sweet lintel
Mostly - I'd say so
high cobalt
I have some info about programming but.. dont know much about how OS works
Hm, I mean I don't know where you are from so I can't really give a good advice on how you might get a bit of education about it. Really depends on the country. I am from germany so I had the luck to get an apprenticeship as an application developer. Here it is basically 3 years working with going to a school if you don't want to study it. Sadly other countries only have colleges/universities or self learning :/
rose onyx
Have the boxes the past few seasons been any good?
Past few seasons, some of the hard and insane were okay. There were a couple medium/easy worth checking out too.
limber arch
Past few seasons, some of the hard and insane were okay. There were a couple med...
mmh ok good to know
sweet lintel
I want to get back into the seasons lol
It's 1 box a week - Keeps you fresh ๐
sweet lintel
I got lost in the realms of the Garfield privesc...
limber arch
yeah after user I got a bit lost lol
west venture
Hm, I mean I don't know where you are from so I can't really give a good advice ...
Just install Linux and windows in VMs and mess around with them. Ask anything questions you get from chatgpt
sweet lintel
That silly box - There's like a dozen paths you can go down, and at the end you wonder if you've accomplished anything at all :p
And silly Bloodhound doesn't detect the thing you need >_>
sweet lintel
Bloodhound: You can't do a thing - Not one thing - Not at all.
bloodyAD: Yea - You have full access to these things.
Me: ._.
austere lynx
how can i earn general points?
worthy cargo
Use bloodhound-ce instead
molten bobcat
Active boxes and challenges
austere lynx
not seasonal ones
limber arch
bloodhound is so dumb
high cobalt
Just install Linux and windows in VMs and mess around with them. Ask anything qu...
Yeah playing around is reall good advice! Always!
warm ravine
Hm, I mean I don't know where you are from so I can't really give a good advice ...
I'm from eh..
Turkiye
sweet lintel
not seasonal ones
https://app.hackthebox.com/machines / https://app.hackthebox.com/challenges
Finish the ones marked "Active"
limber arch
I've never had it fully ingest all ACEs that I actually care about
austere lynx
https://app.hackthebox.com/machines / https://app.hackthebox.com/challenges
Fin...
got it thx
are these points 4ever with you?
or only as long as the machines are active
sweet lintel
are these points 4ever with you?
Until the box / challenge retires.
austere lynx
oh ok got it
sweet lintel
It's possible to drop all the way back down to 0 if you're away long enough
It's why I've had this color name on Discord for years ;D
Do box - Do challenge - Box retires - Challenge retires - Loop :p
The thing with seasonal boxes is that they're the boxes that will stay active the longest, so will give you points for the longest time
devout sail
Yappers
austere lynx
so, if it some point i complete all active labs ill get the highest rank?
sweet lintel
so, if it some point i complete all active labs ill get the highest rank?
Omni - Yes
vocal fog
random aurora
not seasonal ones
Go to machines retired one
devout sail
so, if it some point i complete all active labs ill get the highest rank?
Nop
Have to do the challenges too
random aurora
Okay good luck everyone๐ค
devout sail
<:pointing:1098677014375968778>
Shhhhhhhhtfu
sweet lintel
Well, "Labs" do rather include challenges - It's all active everything :p
But as long as you can complete them faster than they retire, you'll eventually hit Omni
devout sail
But challenges are hard and boring
mystic harbor
But challenges are hard and boring
They aren't
austere lynx
what if i have 64 points, but i did only seasonal machines and 1 active chal for 20 points, how i got other 44?
molten bobcat
Don't worry about the points
devout sail
Eh nah i think the current logic on HTB rank is like this
If they didn't release new content and retire active, and have only 1 machine
It's insta peak
molten bobcat
Rank is determined by percentage of the platform completed
austere lynx
Don't worry about the points
im not worried, im just curious how they work
stable tiger
@obtuse fern whered yo mod go
sweet lintel
That Pirate box and that post-shell Garfield knocked me down ๐
devout sail
Do it tonight
limber arch
that points thing is new right
devout sail
<@134323136853311488> whered yo mod go
I was hungry
devout sail
that points thing is new right
Nah
limber arch
I don't recall seeing that a few months ago
mhm, maybe it wasn't displayed in the column or smth
devout sail
But seasonal ranking is broken too
limber arch
so i didnt notice
sweet lintel
But seasonal ranking is broken too
Yea - I'm sure I should be Ruby by now...
devout sail
Not that
sweet lintel
2/7 into plat at the end is weird ._.
devout sail
2/7 into plat at the end is weird ._.
This is discord bot issue
Just reverify
Like how I'm always holo
sweet lintel
It's on the site as well.
I need 5 more seasonal flags to hit Ruby, I've missed 3 flags this entire season, and there are 2 boxes left.
devout sail
Oh well
devout sail
:")
devout sail
Isn't platinum more expensive than ruby?
austere lynx
i am ruby and i got much less than you bro
past acorn
hello
devout sail
They starred with mats like silver gold ruby plat
Then put random holo?
Why not holmium
๐
sweet lintel
I may have pushed Holo harder if it wasn't for that stupid Pirate box that knocked me down hard
devout sail
Ahaha next season
austere lynx
no insane machines?
nova summit
Can someone explain to me how the season thingy works
devout sail
no insane machines?
Final one will be
past acorn
@burnt bloom youre getting opal twmrr, nice
devout sail
Can someone explain to me how the season thingy works
Vague question
burnt bloom
devout sail
U do seasonal machine within week
Get points, seasonal rank, seasonal rewards
sweet lintel
Can someone explain to me how the season thingy works
There's a bunch of boxes every now and then that you get a ranking for :p
nova summit
There's a bunch of boxes every now and then that you get a ranking for :p
ic ic tysm!
im trying to save up for the yearly subscription
sweet lintel
I posted my seasonal reward discount code in this Discord once since I wasn't planning on using it - Mods were not happy with me ._.
devout sail
But credits can't be shared
sinful mesa
Can someone explain to me how the season thingy works
You pwn the weekly seasonal box and you get points. With enough points you increase your rank.
sweet lintel
Fellow Purple! How's your progress going?
summer urchin
purpel
devout sail
I realised they didn't give me orev season rewards
Atleast credits I'm still at 25$
Even tho I've been holo for 2 seasons
sweet lintel
You get credits?
glad needle
Didnt they only give a discount code last season and not credit?
sweet lintel
At what rank? :p
sinful mesa
Fellow Purple! How's your progress going?
It's going pretty well. I'm learning a lot.
devout sail
At what rank? :p
Every rank
This time holo gives 45 iirc
S8 I got 25
S9 idk how much it was supposed to give
sweet lintel
You sure about that? I got cubes in the past - Never credits
devout sail
Just check season page
Rewards
And send screenshot while u are at it
See if u find s9 rewards too
sweet lintel
Yea - Only cubes and discount codes
sweet lintel
People spend credits - They don't spend discount codes
signal mica
Instagram Reelix
devout sail
But credits were nice
sweet lintel
I suppose it was also an anti-RMT thing - People getting holo on 100k accounts and so on
devout sail
I suppose it was also an anti-RMT thing - People getting holo on 100k accounts a...
So what, can't share it
Tied to account
sweet lintel
Instagram Reelix
I don't use Instagram so someone else snagged my alias there
devout sail
I suppose it was also an anti-RMT thing - People getting holo on 100k accounts a...
I don't think we even got 100k active players lmao ๐
devout sail
I don't use Instagram so someone else snagged my alias there
The joke was reel
Stupid pokemon
mystic harbor
But credits were nice
no more stacking HTB's money
signal mica
I don't think we even got 100k active players lmao ๐
We dont, the new biznis model is not working
austere sigil
biznis
devout sail
I wanted to stack for 10y and have alot of fake money ๐
Well as long as we can stack it
It's good
Otherwise gotta just use it once per subs
Pretty sure the stacking is no no ๐
sweet lintel
The joke was reel
There was an ongoing thing a few years back where some fishing company released the 9th brand of their fishing reel, used roman numerals, and it ended off as Reelix half the time which got me spammed to death :p
meager kernel
wassup
sweet lintel
And there was some theme person who used a placeholder gmail address on their "Reel-IX" site which got scraped and I got spammed, so that was fun
signal mica
Haha get reeled in
sweet lintel
And now there's some random Spanish thing using Reelix to promote their image-based AI, so I'm getting spammed for that as well.
The wonders of a 6 character alias :p
scenic maple
thats why u add random shit at the end of ur username
devout sail
I once joined a server with sado as invite
It was random russian server
Funny to find random stuff on your name
sweet lintel
thats why u add random shit at the end of ur username
I created this username almost 40 years ago - There were 0 search results for it at the time :p
devout sail
thats why u add random shit at the end of ur username
And yet there's a Chinese guy with my exact name
He could have been 20A but nah
sweet lintel
Ya young whippersnappers...
scenic maple
He could have been 20A but nah
what if his 21A actually means something
devout sail
I created this username almost 40 years ago - There were 0 search results for it...
Y'all ride dinosaur 40y ago?
devout sail
what if his 21A actually means something
It could
I just hope he gets banned from X
So i can take it
sweet lintel
Y'all ride dinosaur 40y ago?
I watched them build the pyramids when I walked over to Egypt the one day, so that was nice :p
sweet lintel
Rolling blocks of stone on sticks
signal mica
Rolling blocks
devout sail
Sounds like rolbox
signal mica
devout sail
waz
sweet lintel
That reminds me - Watch that movie The Man from Earth - Fascinating movie. There's a sequel, but it's not that great - Original is very thought provoking
sweet lintel
It's about a guy from earth :p
sweet lintel
And it's less than 90 minutes long
scenic maple
Can't focus for 3h
just watch 7 hour of reels and duplicate shorts to watch a 3 hour moive its that easy
devout sail
Well you underestimated me
But sure I'll keep it in mind
devout sail
just watch 7 hour of reels and duplicate shorts to watch a 3 hour moive its that...
Make it into feels
Rells
Reelix
scenic maple
some lifeless guy has already done it
sweet lintel
just watch 7 hour of reels and duplicate shorts to watch a 3 hour moive its that...
Until you've chained all 3 LotR Extended editions in a row ;D
scenic maple
it doesnt take much
devout sail
Add unique subway surfers gameplay on each reel
And a greenscreen guy who does nothing
scenic maple
i saw a guys pipeline who makes 10k from shorts
sweet lintel
Add unique subway surfers gameplay on each reel
I do wonder how that became the defacto alternate-stream slop game...
devout sail
10k per year? Day?
sweet lintel
Eh - Many people using AI to pump out shorts on a hundred different channels earning fortunes
signal mica
i saw a guys pipeline who makes 10k from shorts
Dont do this to me
devout sail
I do wonder how that became the defacto alternate-stream slop game...
Idk but it kinda works
scenic maple
he gets it transcribed as in the whole movie
timestapms based on text and speech and feeds into ai and asks for timestamps
then he splits using ffmpeg and uses code to put subtitiles and based on color and stuff uses ai to apply color grading to pop up
and releases to shorts using yt api
proper dragon
i saw a guys pipeline who makes 10k from shorts
is this the guy who has phones pointed at monitors
scenic maple
10k per year? Day?
per week
scenic maple
is this the guy who has phones pointed at monitors
no thats rookie
he has a factory
devout sail
๐
sweet lintel
Make him me
Run a local LLM - Set up a script to generate a 15 second short - Upload it to 75 channels under 75 different names - Repeat
Now, spin up a hundred of those LLM's.
scenic maple
I want 10k per week
#learnToCode
devout sail
#learnToCode
Any channel which teaches this in reel?
Like Peter Griffin and Donald trump
Oh btw
devout sail
I saw some guy selling course
Which is slop but for competitive exams
signal mica
i would say some words rn
Allow me
scenic maple
exytemely low tier ragebait
devout sail
And it's actually selling lmao
sweet lintel
There are people "selling" HTB flags for boxes half a week before the box releases :p
devout sail
Like u guys must have seen the ones with cats ?
Similar but with elements or history ๐
proper dragon
does every mod have an inner troll struggling to break free
scenic maple
does every mod have an inner troll struggling to break free
i dont speak for all the mods but i was indeed a big troll back in the days
devout sail
does every mod have an inner troll struggling to break free
Perks of being a member is you can say whatever shit u want
scenic maple
you could see me from space back in the days
proper dragon
gonna go discover the esoteric ritual to help all mods' inner trolls escape and wreak havoc
signal mica
[redacted]
I saw
scenic maple
access to everything htb has to offer in simple terms
sweet lintel
you could see me from space back in the days
In the 10 years I've been on Discord, I think you were one of the <10 people I had blocked who was actually active
devout sail
Golam has 4 girlfriends
He just said that
scenic maple
In the 10 years I've been on Discord, I think you were one of the <10 people I h...
what did i do
signal mica
In the 10 years I've been on Discord, I think you were one of the <10 people I h...
Who tf blocks golam
devout sail
access to everything htb has to offer in simple terms
Well tbh the only thing I care about is active machines
Maybe retired sometimes
Not missing out much
scenic maple
well i guess works out for u
sweet lintel
Mass trolling many a year ago
scenic maple
i wonder what i did lol must have been peak
devout sail
well i guess works out for u
Alright I'm kicking you too
It works for me
proper dragon
id have sent you a friend request
scenic maple
you see the thing with trolling is
as long as it doesnt harm anyone and its not bullying
its not that bad
heady sage
Who blocks Golam? Honestly kind of weird behavior if you ask me.
scenic maple
i had quite the mastery of it
devout sail
[redacted]
This comment hurt me in my heart
scenic maple
This comment hurt me in my heart
devout sail
https://tenor.com/view/pat-good-job-patpat-gif-25554349
And this image hurts my eyes
scenic maple
And this image hurts my eyes
should have posted the anime one but u would have posted something weird like feet
sweet lintel
as long as it doesnt harm anyone and its not bullying
If you find someone who rides the line between bullying and not bullying day in and day out for months on end, that's probably someone you want to distance yourself from :p
scenic maple
If you find someone who rides the line between bullying and not bullying day in ...
absolutely agree
i never support bullying
now that i remember the old times
proper dragon
so long as i use the internet, I will troll 
devout sail
I remember at every point of my discord time
I hated atleast 1 mod ๐
scenic maple
from what server
devout sail
I started with solo leveling server
heady sage
I didnโt hate any of the mods here
proper dragon
htb mods are super chill
scenic maple
I started with solo leveling server
i want to know what happens with that anime
like whats the end
devout sail
My fault tbh
I exploited their bot and generated too much coins
scenic maple
tbh i want to know every animes end and the whole lore without spending too much time
devout sail
i want to know what happens with that anime
Well he does time magic and fix everything and shit
scenic maple
and its too cringe to watch recap vids
frigid mountain
tbh i want to know every animes end and the whole lore without spending too much...
heady sage
heady sage
@Grokinator
scenic maple
but not every anime has plot listed
proper dragon
tbh i want to know every animes end and the whole lore without spending too much...
make an llm do this
turn it into a youtube series
signal mica
Gitara
heady sage
Huh
scenic maple
tbh at that point in time you could watch the series
heady sage
Guess they left
devout sail
but not every anime has plot listed
Get weeb gf and let her yap
heady sage
@Gronkulator
scenic maple
massive larp specialist
heady sage
Get weeb gf and let her yap
Gng I am not a weeb ๐ญ
devout sail
I thought that was real sloth ๐
devout sail
Gng I am not a weeb ๐ญ
Are u his gf ๐๏ธ๐๏ธ
scenic maple
nah thats a dawg
quasi ridge
massive larp specialist
one way of reading this is physically large larp specialist...
heady sage
Are u his gf ๐๏ธ๐๏ธ
No! I have a boyfriend
jagged storm
devout sail
Look at the lamp pole
heady sage
He doesnโt do hacking
heady sage
Heโs a nursing assistant
scenic maple
so larp means belly?
sweet lintel
i want to know what happens with that anime
Spoiler: ||Nm - I need more sleep.||
quasi ridge
so larp means belly?
Live Action Role Play. L.A.R.P
devout sail
And his kid does stuff
proper dragon
Spoiler: ||Nm - I need more sleep.||
wait wut
quasi ridge
aka D&D but you swing your foam or wood sword around
devout sail
The only thing i like from solo leveling is
high cobalt
I'm from eh..
Turkiye
Oh okay. As 0daykitty said, playing around with VMs etc is a good start though. And there are a few good resources online. Even free ones.
scenic maple
Spoiler: ||Nm - I need more sleep.||
average anime with a good animation budget
devout sail
Cha hae in
warm ravine
Oh okay. As 0daykitty said, playing around with VMs etc is a good start though. ...
I love messin around and learning anyway
devout sail
average anime with a good animation budget
That plus lockdown
Perfect timing
proper dragon
isnt solo leveling a bit different than t.o.g.
sweet lintel
isnt solo leveling a bit different than t.o.g.
Oh wait... Nevermind :p
devout sail
Ah i haven't finished tog
I dropped almost all of them
I only read skeleton knight couldn't protect the dungeon
But slow release
proper dragon
tog fell off so hard
devout sail
Might have to pick up ln
sweet lintel
I've watched so many Isekai's, I think my brain has been hit by Truck-kun.
devout sail
I've watched so many Isekai's, I think my brain has been hit by Truck-kun.
Only fun for first 10 chapters tbh
And most dies by 30
I have probably read almost all Isekai (started 10 chaps) 3y ago
sweet lintel
It's why you stick to the Anime and binge the entire season / series in a day :p
devout sail
Just for seeing how they die and what they get
devout sail
It's why you stick to the Anime and binge the entire season / series in a day :p
I like reading light novels now
sweet lintel
You saw the recent one where the guy got temporarily reincarnated as the hero who saves the day with a massive harem....'s rib?
devout sail
I've been trying to finish all of ergen novels
From last 1.5y
devout sail
You saw the recent one where the guy got temporarily reincarnated as the hero wh...
Haven't after that time period xD
proper dragon
have you guys read dark gathering
devout sail
None to invalidate
sweet lintel
Haven't after that time period xD
https://en.wikipedia.org/wiki/My_Ribdiculous_Reincarnation - One of the stranger things I've seen :p
devout sail
Funny name
I'll check it out rn
You should check this out
It's nice
If u enjoy this type of genre
Pretty unique too
Im saying unique on this status
Haven't seen many doing such stuff
Anyways time to check this rib reincarnation
sweet lintel
You were warned :p
muted olive
Yeah this was assigned CVE-2020-something right?
I think they disputed this and tried to have it remove but to no effect :p
high cobalt
Yeah this was assigned CVE-2020-something right?
Yeah linked it later. CVE 2020 19909
scenic maple
turns out reelix is a weeb
scenic maple
give CVE when
p1 wont fix
high cobalt
Look, I found a critical SQLi in PHP. If I pass an arbitrary Text to PDO::exec I get SQLi
sweet lintel
turns out reelix is a weeb
Always have been :p
scenic maple
Look, I found a critical SQLi in PHP. If I pass an arbitrary Text to PDO::exec I...
this is exactly how i keep finding 0 days in my code
devout sail
While trying to find it
Graphql broke ๐
sweet lintel
While trying to find it
Graphql broke ๐
You were warned :p
devout sail
Nice to find random errors tho
sweet lintel
Fix fix ๐
Reminds me - What's that anime where the episode titles are effectively a synopsis for the entire episode...
high cobalt
this is exactly how i keep finding 0 days in my code
How? are you doing exec($_GET["query"])
scenic maple
i am doing worse things
so back in the days i was making a discord bot so i thought dang my bot has so many features
what wold be a unique feature
high cobalt
i am doing worse things <:waz:1424888525202915403>
scenic maple
so i added code execution like literally passing it to os.system lol
high cobalt
๐ญ๐ญ๐ญ
scenic maple
i thought man its just replit server whats the worse that could happen
cause its not my server idgaf if it gets hacked
so it turns out
you could leak the token when you get rce
and then its basically the attackers bot
with access to the servers its inside
sweet lintel
I did one in C# awhile back. Added a tonne of protections.
I stopped when some guy in a programming channel used like 5 layers of reflection to execute the code, and it took me the rest of the week trying to figure out what the code actually did
high cobalt
with access to the servers its inside
Lemme guess ...
scenic maple
remember guys its called best practices because you should follow them
high cobalt
Server went rogue after this
scenic maple
bad things happen when you dont
undone fossil
molten bobcat
Yooo
scenic maple
Server went rogue after this
thanfully enough i was the bad guy who found it
muted olive
The funny thing is even by NVD's logic, CVE-2020-19909 would not lead to even a DoS because a DoS implies that there's an asymmetric amplification of otherwise normal traffic in a way that overloads the server's bandwidth / available memory. 0 secs between retries and calling it a DoS on a single threaded client is insane.
Therefore my theory is that the reporter was high on ketamine, and so was NVD when they assigned the CVE.
scenic maple
i wasnt bad enough
sweet lintel
remember guys its called best practices because you should follow them
If people can run code using your program, they can run bad code - No exceptions.
frigid mountain
i can't run code using my program
scenic maple
now that i am mega big brain cause i learned from my mistakes the legit way to do it is to spin up a container and run it there and return
also make sure it doesnt have internet access
or it could dos
high cobalt
The funny thing is even by NVD's logic, CVE-2020-19909 would not lead to even a ...
My theory is om NVD side it was just an intern checking checkboxes or something
scenic maple
i can't run code using my program
feel free to use mine
devout sail
Reminds me - What's that anime where the episode titles are effectively a synops...
So it doesn't have manga, either anime or ln
I was looking for manga lmao
Might just watch it
Looks fun from description
sweet lintel
now that i am mega big brain cause i learned from my mistakes the legit way to d...
Reminds me of when I was bored and used the Github runner to get a temporary shell on the builder box. Not much there, and it shut down after 30 seconds :p
devout sail
Reminds me - What's that anime where the episode titles are effectively a synops...
Yeah Goddess: โWhat Do You Want to Turn Into When Youโre Reincarnated in Another World?โ Me: โInto a Heroโs Ribโ
high cobalt
now that i am mega big brain cause i learned from my mistakes the legit way to d...
I mean in very rare cases you need exec.
edgy jetty
golam
scenic maple
if you are hitting those very rare edge cases then you are doing things wrong
edgy jetty
selem akhy u can check ur dms ?
scenic maple
and you should do it differently
scenic maple
selem akhy u can check ur dms ?
aight
sweet lintel
Yeah Goddess: โWhat Do You Want to Turn Into When Youโre Reincarnated in Another...
It's the way it's described though is hilarious.
"I want to be turned into A hero who goes on amazing adventures, and has a massive harem who constantly swoons over him and he does awesome stuff's rib."
devout sail
Reminds me of when I was bored and used the Github runner to get a temporary she...
You can make it last longer no?
Im pretty sure it's easy to make it last for 10m
muted olive
My theory is om NVD side it was just an intern checking checkboxes or something ...
now for a real 10 CVE: all of earth's 32 bit systems will overflow on February 7, 2036 at 06:28:16 UTC
high cobalt
While I did an epprenticeship I should program a test runner so a prof could run submissions from his students. Tried to secure it with a second process and user, firewall etc though
scenic maple
ok now i have
west venture
now for a real 10 CVE: all of earth's 32 bit systems will overflow on February 7...
But we'll all be dead by then
high cobalt
Still not 100% comfortable if this was a good idea but not my responsibility any more I mean to be fair it does not get library and Java patches anyways so thats probably a bigger issue lmao ...
devout sail
What's gonna happen on Feb 6 2036
sweet lintel
now for a real 10 CVE: all of earth's 32 bit systems will overflow on February 7...
2036?
azure remnant
A lot
sweet lintel
You sure it wasn't the 19th of Jan 2038?
high cobalt
now for a real 10 CVE: all of earth's 32 bit systems will overflow on February 7...
Didn't they change some impls to use 64 bit or more though?
sweet lintel
muted olive
You sure it wasn't the 19th of Jan 2038?
Nope
muted olive
Didn't they change some impls to use 64 bit or more though?
Yup
azure remnant
Im still on 4 bits minecraft computer
high cobalt
Although, I still wonder what stuff will break then ... probably more than people now worry and think about ...
sweet lintel
except everyone uses 64 bit anyway
If only :p
muted olive
Bruh this is real
well.. yes
azure remnant
Its all games and fun until 32 bits aint enough ๐ฃ๏ธ ๐ฃ๏ธ ๐ฅ ๐ฅ ๐ฅ
quasi ridge
the thing is..you can just push the bits to mean something else...the starting point for time stuff is 1970 iirc
high cobalt
Just 10 years guys ... 10 years until IT is in "Oh shit we didn't think about that until now" mode ... again
quasi ridge
so bumping it to 2000 buys at least 30+ years
edgy jetty
yo Have any guys already hunted on Bugcrowd?
sweet lintel
Or in this case - 10
high cobalt
Seems like every IT Generation needs to experience a global scale fuck up once
muted olive
the thing is..you can just push the bits to mean something else...the starting p...
yes, itll reset to jan 1st 1970
muted olive
Seems like every IT Generation needs to experience a global scale fuck up once
crowdstriiike
why a generation when you can have one every year
sweet lintel
When you're at this stage and haven't even gotten User
muted olive
yo Have any guys already hunted on Bugcrowd?
yes
high cobalt
crowdstriiike
Nah not everyone uses them so not that big (even though big enough). Well I just have trauma from a near ransomware attack.
rancid snow
yo Have any guys already hunted on Bugcrowd?
also yes
azure remnant
When you're at this stage and haven't even gotten User
Shouts skill issue ๐ฃ๏ธ ๐ฃ๏ธ ๐ฅ ๐ฅ ๐ฅ
silver forge
When you're at this stage and haven't even gotten User
looks like extremely easy task to me
azure remnant
"i can do it in seconds" ahh moment ๐ฅ
@supple plume can root it for ya with 1 move
muted olive
Nah not everyone uses them so not that big (even though big enough). Well I just...
TeamPCP have been providing everyone with enough to go around with
plus the claude code thing
high cobalt
TeamPCP have been providing everyone with enough to go around with
Who or what is TeamPCP?
muted olive
Who or what is TeamPCP?
A threat actor who has been indulging in supply chain attacks
Axios and something else were compromised in the last month
LiteLLM, thats the one
sweet lintel
The amount of NPM compromises that have made major news that were literally "Email dev a phishing page - Dev goes to phishing page - Steal creds - Dev has no 2FA" is too damn high
high cobalt
A threat actor who has been indulging in supply chain attacks
Oh goood, okay Supply Chain attacks really scare me. I kinda guess the next big incodent at work will be Supply Chain related ...
muted olive
Oh goood, okay Supply Chain attacks really scare me. I kinda guess the next big ...
Was really big too. Those packages were very popular. So just update your dependencies or install anything which uses them and boom, you're compromised.
high cobalt
The amount of NPM compromises that have made major news that were literally "Ema...
Don't they force 2FA now?
sweet lintel
Don't they force 2FA now?
You'd freaking think...
edgy jetty
also yes
Those we've already hunted on Bugcrowd are still being sought. I'm considering picking up some programs again, so if you're smart, please send me a private message
high cobalt
Was really big too. Those packages were very popular. So just update your depend...
Yeah I know. Was hunting for IoCs ... and scaring the Security Officer because my Laptop did logs to the C2 IP ... sorry I was just dumb and didn't think other people will look at it a day later and tried out if the firewall blocks the C2 IP already ๐คฃ
high cobalt
You'd freaking think...
Bruh. That's scary, bc at least GitHub does now ... remembered getting an EMail
sweet lintel
Bruh. That's scary, bc at least GitHub does now ... remembered getting an EMail
Yea - Github are secure - That's why all the compromises are all npm
high cobalt
Yea - Github are secure - That's why all the compromises are all npm
Weird thing is ... ITS MICROSOFT, WHYYY MICROSOFT ARE YOU LIKE THIS?!
sweet lintel
Weird thing is ... ITS MICROSOFT, WHYYY MICROSOFT ARE YOU LIKE THIS?!
That's the thing - It's "minimal effort" secure.
AND THAT'S ALL YOU NEED!
muted olive
Weird thing is ... ITS MICROSOFT, WHYYY MICROSOFT ARE YOU LIKE THIS?!
They couldve hidden behind their Copilot shield
high cobalt
They couldve hidden behind their Copilot shield
Another thing I don't know haha
molten bobcat
Had to tell a client today to narrow down their request because they have over 50 firewalls 
"please provide firewall data for this timeframe"
Sure here's your 4 terabyte.csv
high cobalt
50 ... firewalls??? That sounds wild
molten bobcat
rancid snow
Those we've already hunted on Bugcrowd are still being sought. I'm considering p...
huh
sweet lintel
Like you know BlueSky? Major social media platform? They allow the literal word password as your actual password! They have ZERO checks!
high cobalt
Had to tell a client today to narrow down their request because they have over 5...
Like are they running firewalls for different regions or how do you get 50?
hoary dawn
Wassup peepz ๐ฅ Gonna grind some HTB today been inactive af on there
rancid snow
https://tenor.com/view/melvin-meme-cat-cat-meme-melvin-meme-meme-melvin-gif-5576...
I dont think your message translated well
molten bobcat
They were all labeled like they have different locations lol
hoary dawn
The knowledge is remembered though 
green kite
They were all labeled like they have different locations lol
Congrats on cdsa
molten bobcat
Ty ty
green kite
Heya eggzy
worthy cargo
Where you been?
high cobalt
Like you know BlueSky? Major social media platform? They allow the literal word ...
I mean technically Password123! is a strong password per policy ...
molten bobcat
Sure but
green kite
Iโve been busy with work, had an upgrade I needed to do. Took a hit mentally
molten bobcat
It's a weak password still
green kite
Howโre you?
sweet lintel
I mean technically Password123! is a strong password per policy ...
Yes - Sure - But the literal word password ?
molten bobcat
Cuz commonly used phrases are a no go
Like password, or the current season and the year.
Winter2022
sweet lintel
Like password, or the current season and the year.
The social media platform Bluesky quite literally allows you to change your password to password
molten bobcat
I'm aware
zealous charm
hunter2 is safe tho
molten bobcat
You've said this already
sweet lintel
No capital P - No 123 - No exclamation mark - No checks at all ._.
high cobalt
Yes but ... how do you keep user experience while forcing customers/students/employees to use strong password ...
green kite
hunter2 is safe tho
Please donโt share my discord password
zealous charm
I set all my passwords to P@ssword1
sweet lintel
Please donโt share my discord password
All I see is ******** - You're good.
green kite
All I see is \*\*\*\*\*\*\*\* - You're good.
That my bank account password
high cobalt
I wanted to implement at least a visual indicator for entropy ... the other devs didn't like it
zealous charm
Weak passwords donโt really matter if you have MFA
sweet lintel
At least NIST eventually updated their guidelines from 8 to 15
green kite
I wanted to change my password somewhere recently, threw an error because it was longer than 12 char
hoary dawn
I just opened my laptop and I freaking noticed I have a Beats by Dre collab laptop
sweet lintel
Reminds me of those "Your password cannot contain the following characters:...."
green kite
Reminds me of those "Your password cannot contain the following characters:...."
Oh yes, that was an issue too
hoary dawn
Got the lil b on it ๐
sweet lintel
I just opened my laptop and I freaking noticed I have a Beats by Dre collab lapt...
I'm sorry for your loss.
hoary dawn
Thrift store cop for $30 ๐โ๏ธ
hoary dawn
Thought it was a sticker tho tbh had to search it up then found out hp did collab with Beats by Dre ๐
sweet lintel
Huh - Offsec just implemented account XP / levels
frigid mountain
I just opened my laptop and I freaking noticed I have a Beats by Dre collab lapt...
rip beats
icy viper
Very random question but once I move to IT, how important is a smartphone?
zealous charm
Reminds me of those "Your password cannot contain the following characters:...."
You cannot set your password to โP@ssword1โ as a other user already has this password
limber arch
Huh - Offsec just implemented account XP / levels
i bet they start selling xp multiplers
green kite
Very random question but once I move to IT, how important is a smartphone?
As long as the user is smart, youโre good
molten bobcat
Very random question but once I move to IT, how important is a smartphone?
Uhh
green kite
The phone canโt really make you smarter
molten bobcat
Most workplaces will need you to have MFA
frigid mountain
Very random question but once I move to IT, how important is a smartphone?
MFA
molten bobcat
And this is accomplished most commonly
high cobalt
You guys know how many Tickets we have to answer where applicants for a university place need to get their password reset ... guess what, half of them already even has a new mail adress ... a few weeks later ... xD
molten bobcat
Through an app
sweet lintel
Very random question but once I move to IT, how important is a smartphone?
Needs to be able to use 2FA apps - Okta and Microsoft / Google Auth and so on.
icy viper
Thinking of buying a button phone instead of using smartphone
green kite
Most workplaces will need you to have MFA
Thatโs what recovery codes are for
zealous charm
Show them how serious you are and use hardware tokens
limber arch
I mean if your in gov they might not allow a phone in the office lol
frigid mountain
lol "button phone"
molten bobcat
Thatโs what recovery codes are for
Sms methods aren't as safe
icy viper
lol "button phone"
Yes an old school phone
green kite
Sms methods aren't as safe
Iโm talking about a randomised word list generated that the website wants you to save somewhere
frigid mountain
oh I know what you mean just never in my life heard button phone
sweet lintel
Sms methods aren't as safe
Not many people use SMS (The term - Not the format) :p
frigid mountain
I use MMS for security
icy viper
oh I know what you mean just never in my life heard button phone
What else do you call it? Dumb phone?
molten bobcat
Not many people use SMS (The term - Not the format) :p
This is a cybersecurity discord
high cobalt
Thatโs what recovery codes are for
Oh boy ... do I have stories about trying to push recovery codes ...
sweet lintel
This is a cybersecurity discord
Most use text / text message
molten bobcat
Most use text / text message
I'm aware
green kite
I once had a customer share me one of their recovery codes so I could log in under their account t when they were on a holiday. As their account had MFA and it cost them money to give me a separate account
icy viper
So button/dumb phone for personal and smartphone for work?
sweet lintel
If you want
frigid mountain
I once had a customer share me one of their recovery codes so I could log in und...
bro I swear I'm from IT. just this one time bro
sweet lintel
So button/dumb phone for personal and smartphone for work?
If your work needs you to have a smart phone, your work can provide you with a smart phone - But that's strictly for work. What your own phone is is up to you.
green kite
True story. I needed them to change something for me. But they were on a holiday, so thatโs the way we did it
icy viper
Got a smartphone for personal use now in fact using discord on it now. Just want less distractions in personal life.
molten bobcat
I don't have multiple phones and I've been a successful cybersecurity person for years
green kite
I don't have multiple phones and I've been a successful cybersecurity person for...
iPhone with eSIM ftw
molten bobcat
If you want less distractions it's a discipline thing
I use my phone for music a lot so it helps me focus lol
frigid mountain
I've been struggling to transition to using a flip phone more but so far...it just sits on charging cradle. I've used it to text loved ones the number
icy viper
I don't have multiple phones and I've been a successful cybersecurity person for...
If I could use button phone for both I'd be happy lol but I also know modern world isn't equipped for button phones
molten bobcat
It sure ain't. The future be here brother
sweet lintel
I use my phone for music a lot so it helps me focus lol
Mobile Firefox + uBlock Origin + Spotify Website \o/
icy viper
If you want less distractions it's a discipline thing
Yeah I understand that lol
obtuse fern
<@134323136853311488> whered yo mod go
i was too mean; conveniently it was after i banned a transphobe
icy viper
I miss the dumb phones though
molten bobcat
One of the fun thoughts I've been having lately about cybersecurity is thinking about the context behind it all
frigid mountain
i was too mean; conveniently it was after i banned a transphobe
you'll always be my favorite mod
sorry C1oud. you're #2
obtuse fern
i'm not joking btw, that's the stated reason as to why they stripped mod -- I was too mean
sweet lintel
Gotta switch your courses to THM now - RIP
frigid mountain
y u so mean marcie?
molten bobcat
Ya big meanie
worthy cargo
You are too mean.
obtuse fern
y u so mean marcie?
your mother
icy viper
i was too mean; conveniently it was after i banned a transphobe
Doesn't that make it political tho
frigid mountain
your mother
molten bobcat
Doesn't that make it political tho
Trans people are not politics haha
Emma herself is trans
icy viper
But people have different opinions
molten bobcat
And she works for the place
worthy cargo
Did you merely just ban the transphobe or did you say something mean to them?
sweet lintel
Trans people are not politics haha
5 years ago I'd have agreed with you. These days? I'm not so sure.
obtuse fern
Doesn't that make it political tho
coincidence, allegedly, Khaotic was on vacay and it happened after he came back
frigid mountain
But people have different opinions
that makes literally anything political
obtuse fern
But people have different opinions
different opinions doesn't make it political
worthy cargo
Opinions are like assholes. Everyone's got one.
obtuse fern
i.e. liking waffles or liking pancakes. the difference of opinion does not make it political
molten bobcat
5 years ago I'd have agreed with you. These days? I'm not so sure.
What I mostly mean is that if you think someone's right to live and breathe on this planet is a "political argument" I need you to sniff the bottom of the nearest trash can until you think differently
worthy cargo
Facts on the other hand...
icy viper
Maybe not politics but if someone gets banned because of their opinion where does it end
obtuse fern
Maybe not politics but if someone gets banned because of their opinion where doe...
they were banned because they weren't being respectful
frigid mountain
Facts on the other hand...
icy viper
they were banned because they weren't being respectful
Okay I understand my bad
high cobalt
i.e. liking waffles or liking pancakes. the difference of opinion does not make ...
It does because I will go to a holy war for one of them (/j)
molten bobcat
This server and htb by extension is available for all and cybersecurity is not limited to straight people or people more comfortable with their gender. It's very silly lmao.
sweet lintel
What I mostly mean is that if you think someone's right to live and breathe on t...
Did you miss a recent large-scale attack? It seems that a hundred odd millions right to live and breathe on this planet WAS a political argument ._.
worthy cargo
I made a joke about Israel and I got a warning, level 0.
frigid mountain
It does because I will go to a holy war for one of them <:kek:889992816296595456...
which?
molten bobcat
Did you miss a recent large-scale attack? It seems that a hundred odd millions r...
I can't exactly influence geopolitics to be more friendly now can I?
As much as I'd love to hold my hand up and stop the wars I can't
obtuse fern
point is it shouldn't be political
icy viper
I'm religious will I get attacked?
sweet lintel
Just saying - Almost anything is political these days
molten bobcat
I'm religious will I get attacked?
No
obtuse fern
I'm religious will I get attacked?
only if you try and use your religion to excuse your ignorance
molten bobcat
Your faith is your own and no one can take this from you. And it's not going to be a matter of much importance here lol
frigid mountain
worthy cargo
Knowledge is the cure for ignorance.
high cobalt
which? <:hmmmHug:912983918087663706>
Chokolate ... idk if I like pencakes or waffless more
rancid snow
Your faith is your own and no one can take this from you. And it's not going to ...
me being a card carrying satanist almost never comes up
icy viper
Knowledge is the cure for ignorance.
Is faith ignorance?
worthy cargo
Faith is believing without evidence.
obtuse fern
me being a card carrying satanist almost never comes up
and when it does, it's usually REALLY funny
frigid mountain
me being a card carrying satanist almost never comes up
Does the card get you into Satanic Blockbuster?
molten bobcat
me being a card carrying satanist almost never comes up
Because it only has relevance to you and your own spiritual journey
Which is big fat Okay with me
icy viper
Faith is believing without evidence.
Sure but it's still something
rancid snow
but its also dirty and faded, I need a new one
high cobalt
Because it only has relevance to you and your own spiritual journey
You sir ... I like your thinking
frigid mountain
I wish
is it the old school velvet one? I know Church of Satan used to have them like that.
worthy cargo
Believing things without evidence is still ignorant. You don't have evidence, so that's a lack of knowledge, meaning ignorance.
icy viper
only if you try and use your religion to excuse your ignorance
I know LGBT all exist and I respect them as long as they respect me.
frigid mountain
I use my ignorance to excuse my religion
icy viper
I work retail and a trans woman comes into my work as a half regular customer.
rancid snow
is it the old school velvet one? I know Church of Satan used to have them like ...
its VERY faded
Ive had it for quite a few years
acoustic wagon
What websites do you guys use to stay update to date on the different exploits and infected software
rancid snow
the tenets on the back
obtuse fern
What websites do you guys use to stay update to date on the different exploits a...
discord /s
worthy cargo
I have trans people in my family. I grew up with them. I know this space intimately. I support and love trans people so long as they're not individually assholes. I don't like assholes of any kind.
frigid mountain
I have trans people in my family. I grew up with them. I know this space intimat...
None?
sweet lintel
Chokolate ... idk if I like pencakes or waffless more
There were a fascinating amount of typo's in that single short sentence
frigid mountain
I have trans people in my family. I grew up with them. I know this space intimat...
icy viper
I mean I believe trans is the gender they were born as not as they identify as but I won't treat them any different if that makes sense?
frigid mountain
rancid snow
I mean that just means you dont understand what gender is
worthy cargo
Treat people how you want to be treated. Treat people how they treat you. Which one to go with?
icy viper
I fully understand ones biological and ones social.
high cobalt
There were a fascinating amount of typo's in that single short sentence
Urgh being non native english speaker plus typos are the worst ...
icy viper
Treat people how you want to be treated. Treat people how they treat you. Which ...
Literally both.
rancid snow
gender is the social construct of roles we assign to people. Sex is the biological assignment
worthy cargo
It doesn't cost anything to smile. ๐
So love and respect people
PLUR
Peace. Love. Unity. Respect
rancid snow
and even the biological bit gets pretty wonky once you go beyond biology 101