#general

if yall ever feel like throwing away money ill be the trash can

Have you been reading my blog?

i am a furry ^^

https://cdn.discordapp.com/attachments/1431407319786328084/1503939179573153922/rat.gif

https://tenor.com/view/rat-push-workout-gymrat-gym-gif-4539764187466206815

Hey guys

Yo

How goes Astro?

Good and yourself

Killing myself with work…

im both envious and sympathetic. I broke my arm so I had to take a break from school so now i have nothing to do

Oh damn

How did break your arm

I fell outside my school and went to catch myself LOL

Ouch

aperently thats the most common reason for those types of breaks

surprised this is the first time

Spent two days straight dealing with a technical issue… every time I solved one thing, I uncovered another… it was a multi-layered thing

weird, wonder why

@latent oak red teaming ?

Furries are trash at hacking

@crude island i wish

Yes thats correct

It was a development task

Are ok

Building tools for generating SBOMs

oof

@crude island did you get a chance to try out bloodhound-tui yet?

sounds monotonous

I will be fully diving into tonight

It was frustrating, because I was sure I’d be done by this morning, kept finding errors, fixing, finding a new set

Coding in what language?

Java and Kotlin

Never even heard of Kotlin until today

Ive only heard it once lol

Anyway, languages don’t matter any more… i program with claude

Lol

https://tenor.com/gWHFFcR3xYv.gif

This is in fact factually wrong

is a double factual a negation

Really?

Huh

I honestly dont blame you, i usually use AI to make sure I didnt completely break something or if I just cant figure it out myself since im pretty new

I cant tell you how many times ive had to put out a fire that way when building a blog or something

Bloodhound ass

I really use Claude… I’m being flippant about languages

Hell yea that's cool

It seems claude is the go to for coding and other cybersec things

Claude is goated with the cyber exception

Check out https://gitlab.com/Eggzy/bloodhound-tui

Just added a custom query tab. Examples

`type:user AND admincount:true` – users with AdminCount=1.
`type:user AND hasspn:true AND enabled:true` – Kerberoastable users.
`type:user AND (dontreqpreauth:true OR passwordnotreqd:true)` – AS-REP roastable or password not required.
`type:computer AND unconstraineddelegation:true` – computers with unconstrained delegation.
`type:group AND name:"Domain Admins"` – the Domain Admins group.

edge:GenericAll -> type:group – principals that have GenericAll on any group.
edge:WriteDacl -> type:user – principals that can write DACL on any user.
type:user AND (edge:AddMember -> type:group) – users who can add members to any group.
type:computer AND haslaps:false – computers without LAPS.
type:computer AND isdc:true – domain controllers.

Next is to do some autocomplete in the custom query tab

WAWAAAAA :3

W< MEEEOWWWW ~!
MRRRP MRROW
MRROW ~! :3 >W< OwO~~~

autocompletion works when you press tab and put in a run button and paste button for pasting copied queries into the terminal

And clicking on any results loads it in the explore tab

great job dude, proud of you

100% vibe coding with me as the real human debugger

But still, thanks. It's still effort

Wasup

Tackling some coding issues with Deepseek V4

What are you up to?

hey! im quite new to this anyone able to help? :)

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

im moving into a junior role really soon but would love to also practice labs but also be taught more is there any recommendations?

Use the link you saw just now

Got EdgeType queries working as well.

indeed xD

I hate the neo4j setup

thats why i made my own now xD

it's one of the oddest technology selections around

neo4j has soul

me

Does this Attack Path display make sense? @rancid swallow and others.

no.

Junior role as?

hmmmm

SOC

put on the socks SOC

https://tenor.com/view/fox-thief-stealing-sock-clothes-gif-2820799718033015254

awww thats cute

https://tenor.com/view/dog-scroll-crying-depression-doomscrolling-gif-4138822033792608878

NO AGAIN

need to have a cert role, or be hacker rank :3
theres some more exceptions but thats the most common

I saw that @signal flame

https://tenor.com/view/epic-embed-fail-ryan-gosling-cereal-embed-failure-laugh-at-this-user-gif-20627924

I deleted the post. And I'm editing an email to bans@hackthebox.com

My "Unlisted" writeup on Medium got crawled by google

wow saw this gif after a long time

I'll check it out today but dn't put them in unlisted if the links can still be clicked on and viewed. must be removed entirely.

Yes I've removed them

Cheers ❤️

All deleted permanently

tysm

why not password protect it?

Medium doesn't like htb writeups either fwiw

is Unlisted currently active?

best thing is to make your own blog and post there

Okay thanks for the advice :3

Stop zumi

why :c

¯_(ツ)_/¯

wow this place changed so much!! tho whole HTB website UI changed!

convincing argument

Any time for you bb

^^

the 2020 UI looks so nostalgic now

dangggg

i didnt start on HTB till 2024

i started jan 2020

Yeah we missed prior version

those were the days

haha

I started HTB in 2024 too

They had a chat box

idk anything about those days

I wish I'd known about it years ago

staying up till 12:30am in my timezone on Sunday for new machine to drop

only for Xct to get user in 5mins

hahaha!!

sounds about right

we chatted in forums too

i cant find the forum

oh they closed the forum

Forum last I recall was set to read only, it should still be up unless they took it down in the past week

yea back then everyone was using forums to learn, get nudges and hints

xct got me interested in cybersecurity

dude is wicked

xct is goat

him, tjnull, ippsec... legends

Hello
GM GM
how we all doing today

hellooo im alright

i remember finishing Blackfield in september 2020

took me more than a week sheesh!

how are the machines these days?

more web focused?

idk i dont do them

oh you're interested in pwn/rev?

Poor at best with a gem every 2-4 months.

noooo im working on cape one of htb's certs

awww

machines in the past had soul

so much to learn

even from an easy box... so much to dig into.. hours after you have pwned

i only find the insane boxes to be worth time

They did, now it's 1-2 cve, with unrelated logic

so you find cve and then just get foothold?

More or less.

wow! yea im not that good haha

aw man, back then we had to poke around and discover stuff, then exploit it manually... so much excitement

you mean you dont get excited just guiding AI through the boxes?

hello, Mr Altman? I found another

you guys use AI to do machines?

i was being facetious

Most of the time I have no idea why a machine exists other than to showcase a cve and the author didn't know how to tie it together, or steps involved are just illogical.

i mean i left the security arena long ago

if I was using AI I wouldnt still be noob

ohh... wow that simply changed the vibe then. From 2020 to now

those years were wonderful times

you should check out those old beauties

wait lemme give you a list

not related but you like racing ?

YEA!!

are you ready for 24H Nurburgring

yep!

Verstappen and Haase are going to be a joy to watch

where can you see the boxes you did?

cant see them in my profile

did they take away that feature? and the skill matrix?

By the way, there's a flaw on Academy authentication logic. I'm still able to access Academy using the active session cookie created before receiving a ban

https://tenor.com/view/it-was-just-a-feature-marques-brownlee-it-was-merely-an-attribute-mkbhd-gif-18106730890474485013

Kinda and yes

If you go to machines and retired filter by completed

https://tenor.com/view/monkeyglitchin-gif-11329341034662249547

Someone pin this

what do you mean "sometimes"

@scenic maple pin this please

He's not going to pin shi tho 🥀

😩 😩 😩 😩

It is exactly what I want to say about machines but without F bombs

at least there haven't been recent clown incidents

to those who don't know, there was a web box that showed an image of a clown and played a sound of a scream every time you tried to enumerate it manually and did something it didn't like

it was possibly the most annoying box ever made

Hello

Hi

any academy modules that will prepare me for reverse engineering challenges?

maybe intro to malware analysis a little bit?

https://tenor.com/view/whats-going-on-wtf-is-gif-14892542

maybe even https://academy.hackthebox.com/app/module/313

Fog

Tier IIII 🙁

alr, I'll look at that one as well

New roman number detected

invalid roman numeral

Tier IV

thats better

0xTejas has access to all modules
me have access to <= Tier II

Yes

student sub?

yah

i did cpts with that

u guys need more mods? jk

I will too

2 months of student sub for all the modules in cpts

Mods don't have that perks

I'm an employee

Oh then just purchased da exam voucher?

yes

mods have enterprise smh

who said

a mod

gonna find that mod and terminate

nicee

I'll give you 1 cube for the info

i can do that rn but me succ at web , so i better not do it yet lol

I shall take whatever I get lol

thank you

https://tenor.com/view/agnes-tachyon-uma-musume-low-cortisol-gif-1044120754729731909

https://giphy.com/gifs/snl-saturday-night-live-season-47-QZxMkYOzRodf8dBNKp

lol

loool

https://tenor.com/view/cat-meme-get-real-punishment-punished-kill-gif-14895206443905813147

is this even a challenge tbh

goku can sneeze and destroy planets

https://tenor.com/view/cat-cat-pet-cat-pat-cat-petting-petting-cat-gif-88141326984537530

https://tenor.com/view/building-fortnite-video-game-gif-17951665

epic embed fail

https://tenor.com/view/epic-embed-fail-ryan-gosling-cereal-embed-failure-laugh-at-this-user-gif-20627924

XD

ask him not to

I raise you Superman 1 Million

guys, hop on the finals

was that the superman that spent a million years in the sun or something?

even still, dragon ball characters can just casually destroy galaxies

the powerscaling is just broken

The true superheroes are mothers 👏

Chat, I’m arguing with people that we will force update their browsers and that it will be restarted. People don’t want browser restarts, coz “muh tabs”

Why is security like kindergarten

Remote in and do it yourself

Nah, we have a solution to do it in a managed way, but they are complaining

My boss called me to check on this, coz he also never shuts down his laptop or close his apps

why am I addicted to viva la vida

a song literally older than me

you can reopen closed tabs pretty easily if browser restarts/crashes

Try to explain that to ppl who would think it’s inconvenient to shut down their laptop

just tell them to switch to linux and become power users

simple as

just remote into their laptop and restart it that way

jk jk don't

“WiseFrog wants to connect to your desktop remotely”

@summer urchin @supple plume

Funniest way to win... 10mins rapid btw...

you lost sir

timeout win isnt a win

But the pawn is checkmate potential

there's people who hold on till the end in hopes of a stalemate

and im like.. why tho

the point is to get better at chess, not to win on technicalities

It's the belief that my opponent can't prove their checkmate

just resign buddy

i resign if i blunder my queen

I do to, but with less than 10 seconds on the clock and him only being up a horse and a few pawns I take those odds

i mean sure

i've seen that when you get to a higher rating, there's more "honor"

like people resign more easily

It’s not even honor, but if youre high elo, you can assume with 99.9% confidence that your opponent isn’t dumb enough to not convert it to a victory

that too

losing any material against your opponent without a strategy is basically a death sentence

they'll start forcing trades and running towards the endgame

Ye

so just resign

Hey, at least I don't abbandon the game if I know it's lost, I actually do resign

Yeah I hate those who have so much ego that they abandon the game when they know they are losing, the game.

Nah you can still blunder some endgames up 3 pawns

yes

I think you should keep playing if you are under 2000 elo

I think you should keep playing if you are under 1500 elo

Fair enough chess.com elo inflation is crazy tho anyone noticed ?

i've never played against actual elo so i have no measure

its better than lichess tho its been a while since i was on there

I also haven’t played otb but i was like 1700 rapid and then i came back after a break and jumped to 1850 while playing worse

Feels like inflation

u sure ur playing worse

Yes

ah fuck, here we go again

weird

oof

im like 1500 rapid and it doesnt feel much different

tho i dont play as much as i used to

I’m 1200

although I am going up

max i've been like 1650 i think

Chess is fun, best way to improve is to spam puzzles and review your games

not a fan of puzzles but i do love reviews

everything is obvious in hindsight

Also if you play mainly rapid try to switch it up to blitz sometimes to get more used to having low time

i tried blitz, didnt like it, not enough time to think

you're beating the time more than the game in a way

Yah that’s true to some extent but you can play with 2 sec increment to not flag

its like what dubov said

in blitz, u can be drunk
you just need luck

lol

yeh just blunder intentionally to eat up time

opponent will do double take

i've seen games won like that

just sac the queen when your opponent has 2 secs

oh shit

no way

I just got AWS STS creds with zero auth

This my goatee and I like it

does it count as auth if you ask nicely and they give them to you

hmm

if you ask to the human, it may count as AUTH because they're thinking and validating and questioning your need, if you directly request something from the server and if they're configured to 100% return the values without any regret and thinking, it doesn't count as AUTH

https://tenor.com/view/mariolord-mariolord14-mario-lord-mario-lord-gif-12993108603153607612

bleh

https://tenor.com/o3Orr4r5Ns8.gif

https://tenor.com/bEhxL.gif

golang is great

trim the ones poking out and you'll look great

you look like the guy from the "dont talk to strangers" signs

goatee because you cant grow the sides? or by choice

Actually woke up thinking it was Friday

it's thursday

rounds up

https://tenor.com/view/catty-gif-14180475305929088632

https://klipy.com/gifs/big-shaq-mans--k01KRJZSZTJD6B437043X8GPEX8

wassup frost

wassup paint

sup sup

been working on an ssh app for my new C2 😄

Aye I need to finish up my projects

My pwntools in Rust was almost good

just needed to clean up

nice

this was like 2-3 years ago

hecjk

was fully functional

but empty on github? 😅 https://github.com/frostb1ten/pwntools-rs

because I was planning on releasing

then got busy

should be ezpz

it's all good, I also have a bunch of unfinished stuff

I really wanted to dive into windows eBPFs then got insanely demotivated because you have to convert the bpf you compiled with clang to something windows native for some reason or a dll/sys file

at that point it's just a driver not an ebpf

*paint

omg I almost forgot, there's a new the boys episode

Almost friday

is alright

1 more episode

I was looking through my Wazuh logs today

Looks like someone is trying real hard to tryhackme

seems like they know all the domains and trying basic wpscan, but I don't run wp. All my sites are static. hugo static site generator.

could be a bot

seen some bots trying to pop CVEs with busybox once 💀

Do you know if wazuh has a dark mode or not?

I can't seem to find it in settings

yeah it's in the settings

The white bright background is killing my eyes

it should be somewhere in advanced settings

https://github.com/wazuh/wazuh-dashboard/issues/70 describes it, but i can't find advanced settings

Wazuh changed settings and moved things around. There is no stack management anymore that I can see

found it

dashboard management > advanced settings

hey paint

pain

i want vip in htb for month: Order Summary Monthly VIP+ Subscription $25.00 USD Coupon Code Subtotal $25.00 USD DE VAT 19% $4.75 USD Order Total $29.75 USD. I have code for 30$ discount, so do I need to pay something or it free?

free

thanks

hmm actually, idk how coupon works, credits are auto applied, but idfk if 30$ coupon works on 29..99$ bill xD

just try it ig

Bots are trying every shit they know. Nothing new. As soon as you have a service on the internet, you get bots and scanned, even if it's linked nowhere

yup

Seems there's another one :p

how was the content?

I'm debating that as my next course

tf

just seen that

Whats that?

I’ll go to an offsec meetup, hope they’ll gib me voucher for OSAI, coz I ain’t buying that

Good luck with that

I’ll make do with an OSEP voucher too

Hot 🔥 🥵

@sturdy thistle please ping @austere sinew for her birthay at least once a day

For reference, this is a tweet from a person who released the last major Linux LPE (Fragnesia)

Going by the name? A QEMU 0day

Hello @austere sinew

DM a Mod

on it

telepathy worked

golam always on the fence

i love it

bro has a data center

all that compute just to run minecraft

oh

with shader and so

i shall try it

burpsuite browser with 30 tabs

29

@scenic maple knows

u will get her birthday correct at some point

he's a knower

and mto too

let's not get too crazy

@sturdy thistle sir

hello @austere sigil sir

Please ping tejas

@austere sigil stop pinging @sturdy thistle unless it is to ping @austere sinew

how about?

must be calculating your net worth with that big of a number

brotha
my laptop ran out of memory cuz of chrome and vscode

That’s because of light mode

use vim

@ornate ibex

you have been called upon

😭😭😭😭😭😭😭

Oh ... no ...

Don't tell me it's a VM escape?

bro gonna drop it on twitter when the market value for QEMU escape is like 100-200k

a person I know found vm escapes for both virtualbox and vmware a few months back

They dropped the last LPE on Twitter when those are like $75k :p

some people just want to see the world burn

and some people want microsoft to burn

Might be - No-one knows. All we know is that the last thing the person posted in this format was legitimate.

i just want this company to pay me, its fkin 14th may, and still no pay golam

straigh abuse

thats outrageous sir heathers

@austere sinew Yup, you asked for it

Responsible disclosure is 60 days without response, 90 days with (Assuming additional time hasn't been negotiated).

yes i'am going home, dont feel like finishing a full day of work with still no pay

Just so you know, I used to work 5 days a week 9-5 with $150/month in IT.

root your cloud provider

its not even the first time they done this, and its Eid adha lol

Did the same - Although it was 6 days a week from 8-8 - Also about $150/month though

i started with that too LMAO, TWIN

What ur contract says

it says the 1st of every month

It should say what’s the latest u get paid each month

my contract says i'll be getting paied between 1-5

but they been paying us over 14th every month now

they lied

very original

i'am considering resining

I used to earn $200-300/month from my homemade mushrooms production

Contracts are rarely strictly followed - They're just rarely violated to the point that a lawyer will be worth your time.

You always do buddy

I see

last time i did i got a raise

Golam = cat

You may want to look for a job, and resign when said job is acquired.

last time my colege sent an email complaining about the late pay, and he legit @ everyone, and got suspended later

What if I have no job and want to look for a job?

At that point there's no need to resign :p

He went out with dignity

its also im tired of explaining the difference between OSPF and static routes to this. mfkers

It seems Im not skilled enough for a job rn

he was goated, and they most person rhat understood me

going to labour court is pretty chill atleast in EU

i prefer SPF 50

Arch user here

Everyone laugh at him

Or her

If you're willing to work for $1 / hour, there's plenty of jobs :p

its not here

where is there

morroco my friend

there is obviously not here

I was hoping something in pentesting 🥺

Marcie please

hi candy

you learn while doing the actual work, you should only have the capacity for learning and doing research, which you already have

💀 how did you know

...

Hi

You seem like you're trying - You're already in the top 5% of candidates :p

it's in your username

Ohh yeah

_candy_29

I forget that

i legit learned everything while doing work

top 10 OSINT moments

Dont be a red teamer buddy

Hmmmm

jsut dive in dont overthing it

Im currently in college, no company in my country hires freshers

I'm afk

Freshers are just not considered now

💔🥀

https://tenor.com/view/open-eye-osint-gif-4671896166659346314

maybe start with helpdesk ?

don't you have trade unions in morocco

💔🥀

I wanna get CPTS

its a long story of monopoly

But Im not able to study nowadays

It's because you're doing HTB

??

maybe try changing your setup (desk, keyboard ... etc)

i've hit a wall before, and oddly enough changing my setup actually helped me lock in again lol

Im burnt out from PC usage

I want to throw my PC from the balcony

Why not work for 1$ in Pentesting?

touch grass then lol

And migrate to the mountains

Too much ricing does that to a mf

i've never riced before

Make mushrooms and sell mushrooms

the true goal of any hacker: become a farmer

Its not even about ricing
Im just tired of computers in general
I dont feel like gaming, studying or anything

I want to break my PC rn

Congrats, you reached "I want to become a (goat) farmer" stage

Like just take a hammer and smash it through

the fanciness of your terminal prompt is inversely proportional to the number of bugs you find

you know what's wild about goats? if the incline is 89 degrees, they can just walk that shit

Kind of an early maturation considering the fact that Im 19 and unemployed

So I am not really in IT because I don't want to own a farm to escape IT? 😔

Yes, that true

for example @fickle kernel can hire me and give me unpaied work to do, but he hate me

https://tenor.com/view/man-destroys-pc-harold-slikk-new-computer-haroldslikk-escortedcomputer-gif-23496313

Their hooves are pretty fucking crazy

you're just in the denial stage

Me wanting to do this rn

Yes you do??? What are you talking about

I also wanna break my phone

And take my car somewhere

Long ass drive

Well, reaching this stage at 19 is another level 💀

And just not come back for a while

smash the box

But ewww, physical labor

Eww, dirt

Ewww, literal bull shit

You're Eww'ing at what's keeping you alive

Buddy I cant hire anyone (legally)

how have you been btw

no boddy gotta know :(, i just need to get better

skill 😉

Okay you got a point but ... thats still nothing for meee

My end goal is to become a chicken farmer

My end goal is to become a mushroom farmer bc I love mushrooms

@terse dirge wants to do agriculture

Im gonna go to the gym today after a very long while

Feeling a bit tired

One day, we’re thinking of developing som security product/service with an ex-colleague, but I won’t commit with my own money to something I don’t believe in, so it’s still a bit of planning

Okay mushroom farmer sounds nice. Although I would much rather prefer something more artistic if I chose to cancel tech. Maybe something with wood? Or writing.

Wood carver?

Sounds interesting

You wanna farm wood?

why dont you offer tuturing as well ? like there's a lot we can learn from you

i would 500% pay

That’s part of what I want to do

Yeah for example

Is this like the final stage of a tech employee?
Do tech for many years and then just abandon tech forever?

Secure development type of workshops

would it be like course & exercies ?

hi everyone am burned out

Tech sucks

Hello burned out

Burns you out

Probably we’d have those, but I was thinking live tutoring too

Earns you nothing

But it's intellectually challenging

why not both, well yeah i would 100% roll in when you do

cooking a new machine and debugging is shit

Its just pattern recognition

I don't find hacking intellectually challenging

That’s what we need to plan out basically

Then you aren't doing it right

It's literally just research

Effort-wise it’s a lot of work to develop modules like that

And then memorize the solution

And then recognize the same pattern in a new problem

And then apply the solution you have

But there is also such a vast variety of things

Live training even more effort, but I’m good at live tutoring, so I’d like to do shit like that

yeah, can only imagine especially if you're targeting beginners, but i would want to learn from you low level stuff, not many sources do a good job of explaning this kind of things

we bout to get WiseFrog face reveal before gta6

The modules would be for beginners, but I’d like the live tutoring type shit to be for actual devs working at companies

Yea I was trying to find this

22 years at microslop 💔

Are you saying this isn't a picture of him???

no he kinda brad pitt himself

What do you get from goose?

What you can never get from Microsoft

mostly spit but sometimes meat

I think my linkedin wasn’t overly difficult to find based on the certs I have, I hid the profile pic first, but now it’s hibernated

ms teams, endless troubleshouting and ACL's, and sometimes your workflows work.

So good luck osinting my ass

software engineering

Wise why cant i just follow you on linkedin

Coz my profile is hibernated

Too many recruiters up your butt?

my G you basically a celebrity

Thats only 1 reason, but not the main one

Some people thirst for a job, some of them drown in it

no body want to learn you a sexy fella

But I am

What's the main reason then?

connect with me on linkedin then

frog

cmon

Is that a challenge?

Being overemployed

Ah yeah linkedin would make that obvious

bro's suffering from success

Hello

Some companies post selfies of their new employees as well. Would make it very awkward

I give you a business idea: Sell access to your account to these poor unemployed fellas here

I used to be an instructor, if you'd wanna chat about anything feel free to ping :)

Could you instruct me

instruct me as i'm 5

Instruct me like I am high

https://klipy.com/gifs/baby-boomer-back-in-my-day--k01KRK877R9BR6A062HFYW14ZB4

Technically I’m not overemployed, coz I just do freelancing while being an FTE, but no one will hire you as a freelancer for long running projects if they know you’re FTE too

Did you complete frogfetch

Nah got swept up with work stuff

its on the list tho

Still very much in POC stages

Yeah

drop the .conf colors please

But I'm no longer gonna work on this

anyone used pipelink before ?

or mushroomnetworks

There is no .conf lol everything is hardcoded in the binary source code

bro you're using kitty

talking about the color schems ?

The terminal?

Probably will do if we commit to this direction, I also did classes at one point at university, but that’s different than convincing people to pay me big bucks to keep workshops or some shit

mmmm yeah

tl;dr for live instructing, consumer tends to be a good loss lead

yeah

depending on how you wanna build a pricing model ofc

What's probe??

#pragma once
#include <expected>
#include <format>
#include <string>
#define WIN32_LEAN_AND_MEAN
#include <windows.h>
#include "registry.hpp"

namespace probes
{
  [[nodiscard]] std::expected<std::string, DWORD> get_cpu();
  [[nodiscard]] std::expected<std::string, DWORD> get_gpu();
  [[nodiscard]] std::expected<std::string, DWORD> get_hostname();
  [[nodiscard]] std::expected<std::string, DWORD> get_motherboard();
  [[nodiscard]] std::expected<std::string, DWORD> get_os();
  [[nodiscard]] std::expected<std::string, DWORD> get_username();
} // end of probes namespace.

My coding skills are ass

Oh

Wait you made a function to probe everything?

Is it that complex in windows?

Yeah because windows stores different bits of info in weird spots

Yeah

std::println finally

Yeah, that’s what we are early stages in to figure out what we want to build to support it, and the live training would most likely be a way to get people onto the learning platform, it’s very much just a wild idea at this point

such a good thing

I.e.

[[nodiscard]] std::expected<DWORD, LSTATUS> read_registry_dword(HKEY root, const char* sub_key, const char* value_name)
{
  DWORD value = 0;
  DWORD byte_count = sizeof(value);
  if (const auto status = ::RegGetValueA(
        root,
        sub_key,
        value_name,
        RRF_RT_REG_DWORD,
        nullptr,
        nullptr,
        &byte_count);
      status != ERROR_SUCCESS)
  {
    return std::unexpected{status};
  }

  if (const auto status = ::RegGetValueA(
        root,
        sub_key,
        value_name,
        RRF_RT_REG_DWORD,
        nullptr,
        &value,
        &byte_count);
      status != ERROR_SUCCESS)
  {
    return std::unexpected{status};
  }

  return value;
}

Linux I literally just opened /proc files and parsed them

Like technically on windows you can get the OS version via some undocumented bullshit like this

Like the source code for the entire binary is in one file lol

But again my coding is ass

USHORT os_version_low = *reinterpret_cast<USHORT*>(0x7ffe0000+0x26c);

but like

whilst it will technically work it's not good practice

Oh

you can also get an epoch timestamp like this (super cursed)

So you can't just get the OS version on windows by reading something simply?

U can, but what’d the fun in that

This is trash but idk it was really simple in Linux

Windows API has bunch of shit, you can use it to do things like this, and more, but EDRs and shit always hooks into WinApi functions to detect anomalies

just unhook from ntdll

If by trying to get the OS version your code doesn't alert windows defender are you even doing it right

until that gets detected

template <typename T>
T rva(void* ptr, size_t offset)
{
  return reinterpret_cast<T>(ptr + offset);
}

[[nodiscard]] size_t get_epoch() noexcept
{
  constexpr size_t UNIX_TIME_START = 0x019DB1DED53E8000;
  constexpr size_t TICKS_PER_SECOND = 10000000; // A tick is 100ns.
  volatile LARGE_INTEGER time = {0};
  time.LowPart = *rva<DWORD*>(0x7FFE0000, 0x14);
  time.HighPart = *rva<long*>(0x7FFE0000 + 0x1c);
  return (time.QuadPart - UNIX_TIME_START) / TICKS_PER_SECOND;
}

oh wait important typo

time has to be marked volatile otherwise the compiler tries to optimise the pointer math as this is technically undefined behaviour. So it'll just add all the numbers together

Have you done some Rust before?

Specifically with Windows api

https://www.legacyy.xyz/defenseevasion/windows/2022/07/04/abusing-shareduserdata-for-defense-evasion-and-exploitation.html shameless plug, but you can fetch quite a lot from shareduserdata

Tried it but got fed up of working with the wrappers

Usually I spend more time fighting the language itself rather than being productive

Yeah, I feel the same

Ummm..no , never heard

Skill issue on my part I know, I just don't have reason enough to use rust over C/++

to a point where I'd be competent at least

https://tenor.com/view/crab-rave-dancing-dancing-crab-gif-16543314

https://tenor.com/view/sepples-cpp-cplusplus-bjarne-stroustrup-gif-25570450

I've been messing with C++26's new reflection features to try and add nice compiler errors when you don't follow proper practice

#programming message

i.e. invalid constructor/destructors for virtual classes and such, rule of 0/3/5

I literally just started out c++

I like it

@undone fossil what do you think about modules?

chad lvim user with c++ 26

Oh dear god 4 pings

@supple plume @sturdy thistle @summer urchin @austere sigil

🥚 🪠

Only 4 you meant

hey no ping pls

Ok

Mick wanna csgo ?

Nah thanks

😡

hiya

what's up nerds?

what does this mean 😭

hallo donut hru

hoi danny

hey-o

gooooooood

u?

@austere sinew reeeeeezz

windows server 2025 VM is giving me hard time

Space issue

give it a bigger hard drive?

UwU

@seadris

https://tenor.com/view/press-f-mg-salute-gif-15543929

can be done and that's what I am lacking atm

How ya doin

Super gucci, good to hear you’re good

Mwuehehehehe

pretty well for a change. Feeling better than I have in weeks. Depression sucks.

Girl dog activities

Ayy, keep your chin up king 🔥

https://tenor.com/view/approve-wink-smile-idris-elba-thumbs-up-gif-7009997246830746970

ya'll I'm tired. ssl errors while trying to connect to the vpn, new kali 2026.1...
using phone as hotspot, no isp blocks or something like that, clock is set to the right time, udp/tcp/other regions, nothing worked...

Every mistake makes you go closer to doing it right, keep it up

on a scale of 1 to 10 how much would I regret getting a Mac vs windows for college cyber

will be bringing pc though

https://youtu.be/2PltmlZ4-ao?si=z4F8q6SC7oSpWzpe can u'll watch this and tell me what should I improve

Is the current response time for support chat available anywhere? I'm at over an hour now

I use a macbook as my daily driver and there are very limited things where the chip architecture makea a difference

But seriously, people use either and they just have to adapt accordingly

If I’m gonna be using it for all of college and prob couple years after college should I get m4 on eBay or m5 brand new

I have join HTB on 2018 and own OSCP cert, I'm by no means a guru but when I posted that comment believe me I tried debugging for sometime, granted I did that during work as a side action but still.
I'll just get to it next week, our work hackathon got cancelled anyway 🫠

And also 16 or 32

Does 512 work or is 1tb the minimum needed

I'm listening to 80s Hits Spotify station

M4 Pro is what I use… but m4 would be plenty depending on you budget

Also, more HD is a nice to have, especially if you’re doing any gaming on the machine and not purely work stuff

My IT knowledge is helping me DJ because most dance music is produced on a 16-bar phrase so 16, 32, 64, 128...

twinsssss

A mac is great for writing your reports, but you're better off getting a regular Intel/AMD laptop and dual-booting with Linux (or wiping your win11 partition) and using a distro like Mint or Fedora, then using Kali and other distros in VM to do interesting work

If you want to run local llm models, chip and RAM will be beneficial

still surprising when i hear people game on mac

I use LM studio and it resources GPU

All I play is that one game that’s censored by this server so

The m chips have integrated chips

idk if macs can run AAA games

https://youtu.be/2PltmlZ4-ao?si=z4F8q6SC7oSpWzpe can u'll watch this and tell me what should I improve

They can run some on Steam

https://catalog.purdue.edu/preview_program.php?catoid=18&poid=33873&hl="Cybersecurity"&returnto=search

will I be able to get away with using Mac for class and then whatever else I can’t run on my pc in dorm

performance has to be shit since they're not running natively

whats up divas

Become Hacker Rank so people can see what you're posting

remember chat

https://tenor.com/view/beyonce-queen-sassy-hair-smile-gif-16774826

nobody plays games on apple, nobody

omg slayy 💅

https://giphy.com/gifs/big-lebowski-yk8tRCZHCV0qY

sup eggzy?

Morning

I bought the Lenovo Slim 7 Copilot+ Aura Edition Intel Ultra 7 258V 32GB 1TB 14" OLED W11H off eBay but realized it’s prob better to invest a bit more

How?

https://tenor.com/view/games-on-a-mac-vldl-vldl-alan-viva-la-dirt-league-no-games-on-mac-gif-18204336

I got nothing on my plate today except a meeting with our SOC vendor. 😎

Yeah a mac should be fine for taking notes and connecting to the cloud or other network resources

aura edition 😭

I play farming sim 25 on my m4 mini… it runs fine, but it takes up between 60-80GB on my drive

how much was it?

https://tenor.com/view/screaming-bucky-barnes-thunderbolts-yelling-shouting-gif-6513122912656012400

Complete some boxes in the labs
https://help.hackthebox.com/en/articles/5185158-introduction-to-htb-labs#h_f2d78a1b61

what rank? challenger? diamond?

i only play horror games these days with all the lights off in my room

I play getting paid on my mac

Rank? I’m playing career mode

i did a machine today gng
pls congratulate me since i slayed it

good job buddy

thanks zeeshan