#modules

You'll find a niche you like and dig into it

you literally said 'i'm a kid' earlier

Yeah but it wasn't suppose to be a problem

it's not a problem

You can likely encourage your parents to help you by helping them

you need consent from your parents though

Because I'm a teen

Still a kid

Hmmm

Yeah I know

If person.age < 18:
Response = "ok kid"
print(Response)

OK call me whatever you want

Mmmm

I don't care

you could say ur 21 and you'd still be a kid to some of us old folks

True

If person.age < self.age
response = "kid"

print("Hello marcielee!")

Anyway

We're veering off topic, you'll need an account on app.hackthebox.com in order to chat in #general

Instructions are in #welcome how to link the account

Look whose complaining😂

Just keeping the chat on topic of academy modules

It's not complaining, it's literally steering the conversation back on topic

Since you can't/don't want to do academy, this conversation is just further going off topic

Are you blaming me

No

I'm taken aback

I'm not caring

Lol

Mmmm

OK you continue with your topic then I'll not distract you

Or text

Hey you there

So guess im leaving the server good bye

Ok, not an airport

Bye

I'm not wanted here

No one said you're not wanted here

I was literally guiding you to a more appropriate place for off-topic conversations

Its not your fault

You're a good persons

🙄

Mm

Just kidding

I need to get back to modules at some point

Yeah

are you working towards a cert?

But this server is for tertiary level I will join it again when I'm in university

So see you in a few years

Bye👋

👍

There are other kids in the server like @worldly dirge

Yeah I noticed

But he is older than me

Don't need to be in uni to learn hacking, you do need to be able to think though

Ok and? Plenty of the old heads in the server started learning at an earlier age

Well I gotta go to sleep so good night

Hey did someone solve this on the module "Introduction to Bash Scripting - Conditional Execution" ? I tried different ways and also got results but apparently wrong lol. feel free to dm if u can help me 🤯

have you checked if you're off by one char? that was my mistake on it

Ye lol

Thank you

Do you know why its +1?

It's counting new-line char

lol sorry, didn't mean to thumbs down that

maybe stupid question but \n would be new line right wouldnt make that +2 ? or are there also other new line elements with only one char im not yet aware of

the \ is an escape so it isn't going to count as another char. together, \n is the byte 0a iirc

ah okay thank you good to know. if id put \n as a string it would be counted as 2 right

you copuld do \\n to escape the 2nd slash so that it doesnt escape on the n. that would be 2 chars

I am doing the web requests / http headers module and it is not taking my flag is there some formatting quirk I am missing? I read the explaination and it looks like it gave the exact same process and answer I had found but the response is getting rejected by the form ||http://94.237.54.42:43169/flag_327a6c4304ad5938eaf0efb6cc3e53dc.txt||

if it is asking for the flag then it might want the contents of that file, not the path to it. idr the question off the top of my head.

Oh thats a good idea thank you I have had many that are quirky about which input they take and I got a little sidetracked

In the Footprinting section of the Penetration tester path, I don't understand something. In some modules, why does a Vhost have to be added to your hosts file in order to be seen? If it exists on an IP, why can't it be discovered by scanning through something like gobuster? And then after adding it to the hosts file, it still can't be discovered by gobuster.

Because

1. .htb isn't a public tld
2. gobuster enumeration uses dns by default in order to try and discover subdomains

Also you wouldn't add the port to the hosts file

You make the request in gobuster with the port as http://domain:port/

If you start from the beginner modules will you eventually learn how to play the hacking games without any issues?

They are pretty solid so far I am a few weeks in and it’s helpful.

OS fundamentals and info sec fundamentals we’re good

Those were good

Or is it better to learn from specific books and such ? I want to be able to get through the hacking games with ease

Wdym "the hacking games"

Is that like a competition or something?

If it's a ctf competition learning broad web techniques and such will be valuable

As a fair bit of ctfs have web or web adjacent challenges

Hey guys I just finished the crackmapexec module skill assignment. Everything good with it but I just want to ask a question regarding the mssql_priv module.

Why does it show both users ||Juliette and Atul|| as sysadmins when none of these users have this privilege?

||MSSQL_PRIV 172.16.15.15 1433 SQL01 [+] INLANEFREIGHT\Juliette is sysadmin||

They can likely impersonate sysadm

I'm assuming you're using cme and not nxc?

Nxc is a better version of cme

Yeah it is nxe

And no they can't impersonate

¯_(ツ)_/¯

Also the pages of a module are called "sections"

At least for this assignment, the user that can impersonate was different

Yes. I meant CTF. If I go through the modules, will I eventually get to the level of going through the CTF, Pro Labs, etc

Eventually, the modules aren't necessarily meant to teach you for ctfs rather they're meant to teach you the techniques themselves and how to identify and execute

You don't need to do the modules to take part in ctfs

Thank you. I just meant as someone who does not know how to go through CTFS. So if I took part of them now. I would be lost on how to proceed

Ctfs are standalone challenges

You can do one challenge in a category without it having any impact on you doing another challenge

If you want a taste of it there's challenges on app.hackthebox.com

Ok. Let me ask you this… the level of hacking I would like to learn is to be able to go through the CTFS and pro labs, etc type of knowledge. I’m not looking for a job in cybersecurity or anything. I just want to learn how to utilize Linux and go through CTFS and such

You can also research old ctfs and writeups and learn from them

Prolabs are networked machines

I just didn’t know how to proceed with doing a standalone CTFS challenge

Research

Google the shit out of everything you find

Oh yeah? Should I go that route?

That's just one method

Or should I just go through the modules? I’m just trying to find a clear path to learn

The tier0-2 modules scratch the surface of what you'd find in ctfs

And lots of challenges have a gimmick or trick associated with them that often makes them a bit easier

Modules are good if you want a broad understanding

I would rather go through the modules I will need to be able to go through the CTFS challenges and not learn all about cybersecurity for a job

Again the knowledge isn't centered around being "for a job"

Me too, see the thing is with labs you don’t need to pay

It never was

No, unless your out of printer ink lol

This is the most important advise lol, don’t get it filled and admit it? One day you wake up banned

If you're doing a penetration test and have not been given a user account within the network, how would someone go about active directory user enumeration? Kerbrute and CrackMapExec?

Kerbrute and / or netexec (forked maintainer version of CME) correct

Awesome! Thanks for confirming, just wanted to make sure my understanding was correct

Linux Fundamentals.

Does anyone know the exact command for this problem!

You should be able to ssh if you're using the vpn

Or on pwnbox

I don't have any questions but i do just want to say that the attacking thick client applications module is hot garbage and needs to be rewritten for clarity

Section* not module

But otherwise, heavily agree

It just doesn't belong. And even faced heavy criticism when it was released

The .jar bits were taken from the retired machine, fatty

And believe it or not, it used to be worse

Just feels completely out of place and following the section 1:1 doesn't actually help you. I ended up having to read the fatty walkthrough by 0xdf to get anywhere.

The biggest hint/suggestion people gave was to use a walkthrough of fatty

That's how hot garbage it is

Breh

I had the creds yesturday dint work with xfreerdp today I tried it worked

Mood

💀

[It was resetting the vm that did the trick]

Classic turn it off and turn it back on

Kill me pls bro yesterday and today morning I was doing other enumeration resulted nothing

anyone stuck at Nmap module? question is to find system name without giving us ip address??. help

Is it asking for system name or OS, also read the question specifically. I believe it refers to the last example where there's a ping being returned with TTL

Hi other than the module Introduction to networking is there any other more advanced module about networking please ?

i still cant find it

It requires some research. What section?

Currently no advanced networking modules, as you don't need to subnet at all to hack

section? host discovery ?

so you think that module is enough for ctfs ? I am trying to prepare for a ctf competition, would you suggest me modules that would give me strong skills please

based on the last result

It's directly referring to the SENT and RCVD lines

Ctfs often don't have anything to do with networking

Cbbh job role path is decent, the buffer overflow modules

Thank you

Ctfs have a wide scope of challenges

are there modules I should not do in that path in order to not waste time?

Cbbh is all about web stuff and is well worth doing regardless

It's not a waste of time to learn things

There's no paths that are specific to getting better at ctfs

What a relief finally finished AD enumeration module

type shi

Fr fr

Someone please gudide me on : nibbles privalage Escalation

The module is a guide

One big thing is full filepath

excuse me, can someone help me?

i mean i have solved the question but i want to understand something i tried to google, and i will keep doing so but i want to ask it here as well so

when i am connecting to ftp, when i am listing using ls

i am getting:

29 Entering Extended Passive Mode (|||51387|)
150 Opening ASCII mode data connection for file list
226 Transfer complete

and no listing is happening, although i can wget the whole thing

why? what is happening? how can i wget it it but not list?

try asking on chatgpt, explain ur problem and ask for possible reasons

maybe that's a configuration to block listing but allows downloading?

i did,

but i don't have a confirmation to anything said

Hello! I have problem with the VPN (from my Machine - not Pwnbox). I tried everything on https://help.hackthebox.com/en/articles/9297532-connecting-to-academy-vpn I also saw the #faq message. My problem persists. Can someone help me or tell where to ask help with the problem?

what is it?

What exactly is not working? Are you getting an error message? Have you tried downloading a new VPN file with a different endpoint?

Hi

Hi, I'm currently doing the skill assesment of the Shells & Payloads module.

Am I supposed to figure out the IP address of blog.inlanefreight.local by myself or is it given somewhere that I missed?

Edit: Nvm, figured it out.

send the screenshot of how you are trying to connect with ftp.

when i try to use the free rdp comand and have entered everything correctly i keep getting the error messages :[05:30:58:839] [14277:14277] [ERROR][com.freerdp.client.x11] - failed to open display: [05:30:58:840] [14277:14277] [ERROR][com.freerdp.client.x11] - Please check that the $DISPLAY environment variable is properly set.

Can someone help me with this

FML

Is there anyone who has completed AEN who I may ask a question in DM?

hi, correct me if i am wrong but there seems to be some discrepancy regarding PMKID topic in Attacking WPA/WPA2 Wi-Fi Networks module. first statement state PMKID allows you to skip full EAP handshake, second statement state PMKID allows you to skip EAPOL 4 way handshake. third picture show EAPOl 4 way handshake still occuring even after PMKID is sent. any help to clarify my doubts?

copy paste it into chatgpt and ask

But what will be the command for this problem.

I did it awhile back and I've been going through it again for funsies little by little as I have time. You can DM, but did the walk through not help with whatever question you have?

Did you manage to solve it?

Anyone I can chat about WEP Attacks - Korek Chop Chop attack ?

Yes DM me

I moved on from that one and still didnt come back to it, i'm on the Attacking Common Applications one now.

You were almost there.. just try to read the upload.php using XXE with the SVG payload but with a little change in the content header (so that it accepts SVG files and XML content) and no need to add any MIMEs

After that you should be able to understand the rest.

Another issue I faced when trying to solve this was that my burp wasn't working properly and I got timeout errors but managed to solve it using the pwn box. So you might want to try using the pwn box if you haven't done it already.

Hello, what's written in the module is correct. The second screenshot you've shown is for WPA Personal (PSK) while the first and third screenshots are for WPA Enterprise (MGT).

Authentication processes for both WPA Personal and Enterprise are different since in WPA Enterprise, each user is authenticated with their own unique username and password which are verified by the RADIUS server.

When it comes to WPA Enterprise networks, we are more interested in the actual EAP handshake which happens between the Supplicant (Client), Authenticator (AP) and Authentication server (RADIUS), since each user has their own unique credentials configured.

While the EAPOL-Key handshake happens between the supplicant (Client) and authenticator (AP) but only after the EAP-Success (RADIUS accepts the auth).

The following blog post should help you to understand the EAP-PEAP auth process for WPA Enterprise in detail.

https://mrncciew.com/2014/08/25/cwsp-eap-peap/

CME module, Pass Spray section, question Is there any other local MSSQL account created with the same username and password as the corresponding Active Directory account? Keep getting these errors The login is from an untrusted domain and cannot be used with Integrated authentication.

Altough i guess, i shouldnt?

thx, DM sent 🙂

That is the right command:

nxc mssql IP -u users.txt -p passwords.txt -d . --continue-on-success | grep +

you are right but why does it work with nxc and not crackmapexec? Didnt even now its existence before you mention it

sorrry I'm not sure. I always type nxc instead of cme as I got used to nxc. Nxc is basically CME but "updatable", TLDR the devs are now "abandonded" CME project and focused on NXC, you can read about it at the start of the module. also, use this https://www.netexec.wiki as you go through the module itself 🙂

thanks for the help mate ❤️

203

hi im getting this error in wireshark while doing TLS decrypting for RDP

network traffic anaylsys module

thats not the protocol they used

oooo i figured it all out

thanks mate

Hello guys i was trying to solve meow level 0 when i check from youtube or offical writeup, when they nmap they find port 23 is open so it is about telnet but when i do nmap i got port 22 is open so it is ssh i need help

#starting-point , read and follow #welcome to access

In cme, mssql there is a -x option to execute commands on the system using the xp_cmdshell function. Does this automatically apply the reconfigurations needed for xp_cmdshell to work, or does that fall on us to do?

I believe it requires it to be configured, could be wrong though

thank you ❤️

can someone help me with hydra i try to attack rdp: but i got this error:

I think i used nxc instead for rdp

yo guys from the network analysis module

last module rdp decrypting

wheres the resources for the question ?

i rdp to the machine and its empty

also captured some traffic on the ens224 but no rdp traffic

Did you check -> resources or next to the question?

there is

for the module itself not the question

yes it worked with nxc do you know why it didnt work with hydra

Hydra is silly sometimes

ive searched everywhere

no resources linked to the question

its the last question in the whole module

Hello im in the Web proxy module in basic tool set and i have using burp before a little but now when oi was installing it and running it i cant intercept and proxy the traffic . I have installed the cerificate in Firefox and did set up the proxy in Foxyproxy but this is all i get when trying to proxy tarfic from any site...

nvm it turned out the question is in the module resources itself

--> forward

did do the same, nothing more hepnens even with -> forward

Continue clicking it

Hi

not helping.. before when i used burp, before i was reinstalling my OS (arch) it did work, did not need to klick forward, but now...

¯_(ツ)_/¯

it is not proxy the trafic at all, just from firefox... some one know wwhar problem can be?

Well... yeah it will only proxy traffic via firefox

Well well well

yee. im not stupid, you do not get me. It only proxy the trafic from the http://detect.portal.firefox.com

i suggest looking up on stack overflow or reddit ¯_(ツ)_/¯

why.. Im in ha chanel for htb users... If there is some place to ask is insde this chanel or like.. haha

But this issue isn't necessarily an htb issue, it's a burp issue

I get yor point, but wy ask at redit wen i have alot contacts in discord..

Because maybe we don't know how to resolve your issue on the discord lol

Also Google searching may be useful to find articles/posts that report similar issues

google... hm.. more likly chat gpt can help ;D i know some one in discord can help me out:D

i think it can be a Arch problem, Burp told me at first start it is not tested at Arch.. But it did work before new install..

#1024429874246590575 so it doesn't get buried

Windows Attack and defence
PKI-ESC1
I am able to do all the steps till converting it into PFX format.
After that when I go to WS001 to authenticate the certificate it says
“failed to find certificate for cert.pfx”

Can someone please reply if there is another step in between or how to fix this failed to find certificate thing.

Thanks In advance

Could you tell me what you mean by dot

this character --> .

Yes I know but…but

Sigh

Ok I will

Burp Comparer can help

Oh I see now

Well fuck

That’s wild

Blind the only difference is a wiff of a fart

Got it

Sadistic

Look forward to the exam 🤣

Ugh don’t remind me

I haven't tried it yet and don't know what's coming, but if it's already coming in the modules, the exam will be even harder.

Is veil the same as using msfvenom with encoded payload ?

Now I see this .

Damn username be trippinnnnn

I smell it

How many passd CWEE ?

i think the only way to tell is to recieve the badge and see how many others have it

I am working actually on Windows Privilege Escalation and doing Pillaging part. When i am pasting hash into answer it says its wrong. I have obtained Administrator hash, and i dont know what i am doing wrong

I’m sure staff has it

i've seen a couple more lately, my guess is it's around 40 people who have it now give or take some.

i could also be totally off

Are you just trying the NT?

Thank you!

what u mean with NT?

I am not Staff

41

Ahh

aad<LM Portion>4ee:31d6<NT Portion>89c0 hopefully that makes sense.

But only Academy, no EP users

You can always DM the hash and I will let you know if it is correct or not.

i dumpted hash from SAM and SYSTEM

okay i will

EP users?

Enterprise

These users do not get badges. Therefore these numbers are unknown

how do you know all that, is this info accessible to all users?

Ahhhh

You can get such information by talking to other users.

and how do other users know the exact number of 41 ? hahah

You need the URL of a badge.

Login

I know the dot is dotting but having trouble getting decent things to happen

okok didnt know that

https://tenor.com/view/now-you-know-the-more-you-know-no-kidding-no-shit-obviously-gif-1342210079425559607

Goooo toooo sleeeeep

Winky wink

😝

Put me to sleep jk

Whoops sorry

Don't be weird

I am doing the sqlmap introduction and this code doesnt seem to be working with the current module. Any Hints

sqlmap -u 'http://94.237.54.231:54163/case3.php' --cookie='Cookie:id=1' --batch --dump

I have no friends all I have are these modules

My skin singes when I go outside

real

Dear Dalian, I would like to ask a question. What are the injection methods for game cheats and how can I check for traces

You must sing well keep it up

🥹

Who the fuck is Dalian

How do cubes work? I am on the CPTS path and on footprinting module and SMB section. I am answering questions that show a cube beside it but all show +0 cubes. Why am I not earning cubes anymore?

HTB money

It's just some questions do and some questions don't

Do better modules for money

Not all questions grant cubes. You can see in the module overview how many cubes you earn for completion, by the time you answer the last question they'll add up to that amount.

By the end of the module you'll have earned back %20 of the module cost

Yea but some questions don't list cubes beside them at all and I get that. But these questions are showing 0 cubes which I hadn't seen before

Oh maybe that is the answer ok, thank you

It just depends on the type of question, it's more to do with backend coding. I.e. interactive questions on higher tier modules would award the cubes

I think they do that because people are all over the place internationally and it’s a way to figure out the payment of things in the easier way

Do you know

It depends on the game, if you're looking how to hack gta or some shit, not the server for that

If you're working on a module, it helps to provide a module name and section name

If you're just repeating the question from a module, I suggest reading the section again

Got it

With your help and a prayer to Saint chat of gpt I got it

why can't i send images to this forum?

Read and follow #welcome

already

but still can't send pictures

hey Guys, can someone help ?
I need help in one of the ⁠modules and according to the answers the Event 7 is not showing up in Sysmon.

Because your account isn't linked

Only verified users can post pictures

oke wait

DCSync module:
Cant complete the exercise for "What is this user's cleartext password? " as the reversible-encryption passwords are grabbed by secretsdump.py toward the end of the dump and the connection keeps getting reset / error thrown after about 10 seconds of hash dumping

mimikatz also throws an error when trying to elevate perms when using runas.exe so i cant use lsadump::dcsync

I pretty much setup a pivot whenever a Parrot box was provided, so I could use my own tools. I didn't have any issues. I even have this in my notes setup a pivot as the internal tools I tried to use were not working.

Network Enumeration with Nmap
Firewall and IDS/IPS Evasion - Medium Lab

In this medium lab I tried to enter the command "nmap -T4 -A -v 10.129.67.225 -D RND:5 --stats-every=5s" after I waited for the command nmap on ip 10.129.115.20 instead an error occurred
Initiating OS detection (try #1) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #2) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #3) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #4) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #5) against 10.129.115.20 (10.129.115.20)
Initiating Traceroute at 22:55
Unknown address family 0 in build_packet.
QUITTING!

Please help me

the ssh is unbelievably slow to type on... pivot was my first thought but at this point its going to take longer than the lab just to set everything up

help me guys

The more you do it the faster you get at it.

true.. will do

Network Enumeration with Nmap
Firewall and IDS/IPS Evasion - Medium Lab

In this medium lab I tried to enter the command "nmap -T4 -A -v 10.129.67.225 -D RND:5 --stats-every=5s" after I waited for the command nmap on ip 10.129.115.20 instead an error occurred
Initiating OS detection (try #1) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #2) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #3) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #4) against 10.129.115.20 (10.129.115.20)
Retrying OS detection (try #5) against 10.129.115.20 (10.129.115.20)
Initiating Traceroute at 22:55
Unknown address family 0 in build_packet.
QUITTING!

Please help me

guys

That's a lot of noise you're generating

Also assuming you are connected to the vpn

If there is an ids/ips running you'd be tripping it

There's no need for RND

what do you mean? I still don't really understand

what is the solution I should do?

I mean, if you're using your own vm that you're connected to the vpn

does that mean I have to use the vm that is on the THB web module?

No

There's a vpn connection pack that you can download to attack targets from your own machine

If you're using the pwnbox it's not a problem

If I try to use pwn, will the same error occur as before?

¯_(ツ)_/¯

You'll have to make sure the vpn isn't running on your machine first

after that

iam beginner,sory

please give me some guidance, experts

@fathom pendant

Describe your issue clearly, check connectivity to the lab (e.g. ping your target or VPN gateway), see if you get a response.

https://help.hackthebox.com/en/articles/9297532-connecting-to-academy-vpn

https://tenor.com/view/hide-dissapear-vanished-gif-13003152

I have successfully connected to the target VPN and can ping the target IP, but why does the problem above still occur?

please help me

😫

😿

What version of nmap are you running?

Stop spamming

Why are u running decoy

What do you think we're trying to do?

mmm

I'm not spamming, I'm just trying to explain my problem earlier

You keep posting the same block of text, that's spamming. We're trying to help, you don't need to keep posting it

Try udp scan see what happens

wait

I think ur trying evasion but y u running T5

That RND option is not mentioned in that module anywhere, does it work without it? Good spot Phil.

Which module is he doing

Network Enumeration with Nmap
Firewall and IDS/IPS Evasion

Tier 1, so please keep specifics to DMs, not here

Oh hmm

Is this in cpts path

yes

Hmm did u try other types of scans

Agressive scan is not really good if ur tryna evade

Just stick to what the modules / sections are guiding you

That option involves spoofing traffic etc, which is certainly not required

^

okay, so what should I do? to solve the problem like that?

.

Go through the section again, look at how they guide you to use the tool

No idea where you got that RND option from

I got the RND from my browsing on the internet and got an answer like that

Most likely he asked gpt to create the command for evasion.

I do that too sometimes

no

Oh

Well you are taught everything you need to pass the module / section within the content provided in the module / section @hasty rock

I'd again say go and re-read over the content 🙂

okay, I will try to see the module again. thank you for your sharing that helped me

okee thankyou @ocean night @unique ether

Ok buddy keep it up

It is mentioned in the evasion text but I found it's unnecessary

Imo the biggest section that requires evasion is the hard lab

Really? Couldn't see it, must've been looking at the wrong section.. but yeah, can see it in the cheatsheet

The other evasion bits are more useful against live targets and/or using a vps

There's only like one or two sections that's useful for stuff like academy

At least within that specific reading portion

The medium lab doesn't require too much evasion and thought

Does that specific decoy require it to be run as sudo I wonder

raw sockets etc

Probably

hello

i'm having trouble with using xfreerdp to connect to a box

anyone free to help?

What's the error you get?

at first it said the certificate mismatched

so i added /cert:ignore

That's a non-issue

then i get [03:40:37:988] [84661:84663] [WARN][com.freerdp.core.nla] - SPNEGO received NTSTATUS: STATUS_LOGON_FAILURE [0xC000006D] from server
[03:40:37:988] [84661:84663] [ERROR][com.freerdp.core] - nla_recv_pdu:freerdp_set_last_error_ex ERRCONNECT_LOGON_FAILURE [0x00020014]
[03:40:37:988] [84661:84663] [ERROR][com.freerdp.core.rdp] - rdp_recv_callback: CONNECTION_STATE_NLA - nla_recv_pdu() fail
[03:40:37:988] [84661:84663] [ERROR][com.freerdp.core.transport] - transport_check_fds: transport->ReceiveCallback() - -1***

Is the password correct?

yeah

status_logon_failure

i copied and paste it

Wrap the password in single quotes

tried it

same result

Are you sure the username is correct then?

yeah

htb-student

What module and section?

Sometimes the username is htb-studentadm

Or something silly

windows fundamentals

the first module

it was specified so idk what's wrong

What's the section name?

introduction to windows

Try resetting your vm and trying again

i'm doing it of the main host

guess i'll reboot

main host
You mean the in-browser vm?

nope

Ah

You mean your host system

yeah

Pentesting on your host system isn't generally wise as you're opening and closing ports

If only instructions existed somewhere people may be #welcome

i have a parrot os vbox set so i'll use that the next time

thx for your time

idk what your setup is looking like to try and rdp ¯_(ツ)_/¯

it's probably going to turn out to be some stupid thing like typing htp instead of htb

or something

now it tells me :
BIO_should_retry returned a system error 32: Broken pipe

instead of logon failure

Sounds like connection issue

Use the tcp vpn instead of usp

Udp*

used both unfortunely

Well make sure to only be running one

why would i run them both at the same time

Well sometimes processes get stuck when quitting

didn't think of that actually

i'll just try later in the day hopefully the connection gets better

dehşet purno

Redact the hashes

The hash in the screenshot was in the module content

Read the channel description

?

no

No begging, i suggest you read #rules

🥺

How about you not

yes

We don't cater to leeches

If you want a c2 just build your own or use something like mythic or sliver

already exists

🤣

Ok and?

This conversation isn't related to htb academy or modules

I don't give a shit

With this treasure I summon <@&861185840277487616>

Keep the chat on topic

<@&861185840277487616>

ggs

i fr thought u were a bot 😭

the bio convinced me

Ok I’m suffering on nosql injection 2. I am very close but I’m still off can anyone help me sorry

I’ll dm

Fuck off

They just posted a link to a scam support discord lol

Ummm

What

They weren't legit looking to help you in the module

Bro scamming

It's one of the scam bots that look for the term "help" and "support" and replies to the message using discord's built in bullshit

lol

Anyone ?

I just finished the Hard Assessment for CPTS - Attacking Common Services. And I love it!

Very cool twist at the end, lol ...

easy felt the hardest

Yeah, the hard was the easiest for me

But I've also used nxc a lot

https://tenor.com/view/keep-smiling-always-smile-laugh-joker-gif-gif-18917392

Bye guys. Netflix time...

https://tenor.com/view/cat-leaving-leave-oops-bye-gif-17519616

ITS MY FIRST time lesrning or want to lear cybersecuirty, im Aldo learning to code HTML JS AND CSS, should i start with HTB as a begginer?

<@&861185840277487616>

?

Every time I come back to this chat, I always miss the serious rule break 😦

I always miss out what they said

Shucks

it was just a bot trying to get people to join their scam discord server

@rustic sage ? For lesrning as a begginer you think is good?

@rustic sage thought?

Do you have anfthing on nosql injection 2v

Dont laugh hahah just asking i need motivation

hmmm

Skills injection 2

no sorry haven't done that module

Anyone pleaseee😭

I’m hopelessly lost

Dm?

Active Directory Trust Attacks - GoldenGMSA Attack

Can I please get help regarding why I am getting this error, cheers

are the creds correct?

I believe so

You never sleep ahaha 🤣☺️

thats all i got tbh, havent done that module

nope

How do you assign the role cpts?

Can I get some help on the linux module

For some reason I can't type in Htb-student's password.

use /verifycertification and get the id from the top right of ur cert

for ssh?

Yes.

thats a security feature

best to just copy and paste it

Ok.

thx

@safe star For some reason I can't paste it in.

you wont be able to see it for security reasons

i said copy so your less likely to mess up

It worked.

Thank you!

/home/htb-ac-1327532
Is this a home directory path?

yes, the module covers that

okay

Alrighty thanks ❤️

Spammer

Man you work fast

Spammer

Mods don’t sleep

Dang 😭

I feel for that ggs. Lemme go through the rules again if what I've said is aight

preauth failed almost always means your creds are wrong

could u dm me ur full command, including the hash ill take a look at my notes

This bot lasting pretty long😭

what no?

https://app.hackthebox.com/challenges/Interstellar

Help

#challenges

If anyone is familiar with binary exploitation, regarding the phrase "If we see that the program crashed because our input overwrote the EIP register, we likely have a stack-based buffer overflow vulnerability" they are referring to the position on the stack which is popped back into the eip / rip when the function call ends on a return, right

The patch provided in the Patching - Validation Logic Disparity section of Parameter Logic bugs just check if date is not set which is already checked by updateReq.
We can book any valid date still like next year same date.
Could someone explain what does it fix actually?
https://academy.hackthebox.com/module/239/section/2594

Edit:
Got it, this avoid two users scheduling the exam on same date.
Thanks

when we extract keytab file we get ntlm hash and aes256 and aes128 hased by cracking we get the password but it does not mean that the ad password and local account password will be same as shown in the section pass the ticket from linux

any body know this ......

I am new

not everything you see in examples will be what you get; often the example shows one account while the actual practice uses a different account, or has you look for information that was omitted from the examples

i dont get it

not everything you see will be the same as the screenshots or output from the examples in the reading

HTB either has you go after a different account, or intentionally omits (leaves out) information from output that you'll discover

Can anyone give me a hint for the fourth question on Sliver's skill assessment?

?

What's the module?

Intro to c2 operations with sliver

I have not access to it personnally but if you have no answer from anyone else try to see on the forum.

Can anyone help me, I'm stuck!? I'm booting a machine but it's stuck on "joining instance" and I've also turned off the vpn but it's still there

Is hackthebox start point great field to start

Yes, and also have a look at the academy

there's great tier 0 modules to get started

can someone help me with linkvortex? I feel so dumb

@meager bluff #boxes - read and follow instructions in the last post of #welcome to gain access

my bad

?

So about that linkvortex anyone could help a brother out

@meager bluff - as I said - post in #boxes please

@storm elk are you doing pen testing too and how do maintain consistency and discipline to hack the box Academy and labs

I don't do pentesting as my job is just web development

Sounds good I’m actually passionate about web development too and web design and also Testing

I’m about to start with hack the box pro labs is it worth it spending more money on time on it if you have a experience before

Why can I ask a question in general I don’t have write permission what is wrong?

read and follow #welcome

OK, thank you

Where do we get help for technical issues with target systems not spawning in modules?

https://help.hackthebox.com/en/articles/5987511-contacting-academy-support

does it keep spinning?

no, it tries and gives up

goes back to 'Click to spawn the target system'

I have refreshed the page etc..

have not logged out/cleared cache yet though

Maybe try that first 🙂 or switching regions sometimes helps

if not - I suggest to contact support

cheers

all good

awesome @polar latch - glad it worked

Im about to start my HTB journey - absolutely loved doing the starting point machines, shall i get vip+ ?

Why cant we extend the machine again it again?

Especially pwnbox

It's a basic golden ticket

it depends,

if you wan to do the retired boxes, then yes.

if active boxes, then they are free.

Module: Detecting Windows Attacks with Splunk

Detecting Pass-the-Hash

Submitting the answer as ||DC01.corp.local|| which will be shown as incorrect... What is the question about? I am submitting the ComputerName... but it won't solve...

Have you been able to make contact with an official regarding your query
@tepid horizon

no

@ocean crescent you sure you're not a bot?

It would be good knowing which section is this for

Hi,
Can someone help me with the module: Wired Equivalent Privacy (WEP) Attacks?
I'm in the section "Finding the Initialization Vector with Wireshark" and am trying to solve the task, but the issue is that the file needed ( /opt/IV-Wireshark.pcap) doesn't exist on the virtual machine. I've looked through the directory and tried the Find command in linux searching for pcap files, but none matched the one in the task.
Anyone know what the issue could be?

Look if there's another users creds..you can ssh to

For people who spent more and 1 hour to get through module 177 exercise 1763: Oracle Design of the Time-based SQLI, it is not specified in the question section where the target is: do not use port 80, use port 8080 like it is in the example. Port 80 is for the previous section, the donut shop. It would be great if there was some vhost or just a reminder to use port 8080.

Solved. Thanks

Windows Attack and defence
PKI-ESC1
I am able to do all the steps till converting it into PFX format.
After that when I go to WS001 to authenticate the certificate it says
“failed to find certificate for cert.pfx”

Can someone please reply if there is another step in between or how to fix this failed to find certificate thing.

Thanks In advance
Any one please help me with this

Guys can anyone give me hints on backfire season machine on rooting

read #welcome to verify yourself then ask in the appropriate channel

3 days on fatty module and few more i think 🥲 the goal of this module is only java ?

gah, I just finished that section last night. My advice would be to just follow the instructions exactly as shown and it works... it's just that any goof (and it's easy to goof something small) will throw the whole thing off.

The goal is a little bit of understanding java applications, but more so the notion that these applications interact with underlying data through another server and how manipulating the client can give us room to subvert the server.

I've seen a lot of complaints about that section of that module specifically. I thought it was good but they very much could have designed a simpler scenario to get the point across IMO. There really wasn't enough explanation on Java to understand the whole process and I understand that module wasn't the place for it, but it made that section rather frustrating.

yes i am trying again and again, i will get it !

you got it. it took me 2 or 3 days and probably 5 or 8 do-overs but it works.

still good to know i think 🤔

wow i will train my patience ahah

hi

some one help me about it session setup failed: NT_STATUS_LOGON_FAILURE ı get this error smbclient -U bob \\10.129.12.197\users
Password for [WORKGROUP\bob]:
session setup failed: NT_STATUS_LOGON_FAILURE

the big thing is it's just out of place

logon failure means that either the username or password is incorrect

I dont have any pass ı try to ls command

wıth help command

https://academy.hackthebox.com/module/77/section/726 this module

you can't interact with the smb server without actually connecting to SMB

ı do every thing step by step

also you do have bob's password

check the reading carefully

you're given user:password

ok ı wıll ı check one more tıme

ıf ı dont fınd probably ı eat my Pc

the example doesn't show the password because when you're asked to provide a password for most secure applications it doesn't show in terminal as you type, this is intended

ık

ıt dıdnt show

"let us try again using credentials for the user (bob:...)" [i didn't put the password in here, but that's where it is in the reading, just above where it shows in the example connecting to bob]

oh ty, do you recommend using your own kali boot or using the pwnbox?

this isn't the proper channel to discuss this, read and follow #welcome to access more channels

in the shells and payloads modules final assessment, I'm trying to get a webshell on the apache tomcat webpage. I know Apache uses java so I've tried uploading the jsp warfile from https://github.com/jbarcia/Web-Shells/tree/master/laudanum/jsp and the Java reverse shells from PayloadsAllTheThings. When I go to the file though I just get this page

any hints on this?

just use the msfvenom jsp revshell

there's a command in the cheatsheet

oh

I guess I should start saving those cheatsheets huh

Hi, a question related to oscp, i noticed some of the machines in tj null that are AD requires attack related to ADCS, which wasn’t explained in the course , does this mean they are out of scope ?

the cheatsheets contain commands that were showcased within the module as well

no idea about OSCP this is HTB not offsec

read and follow #welcome and ask in #careers-and-certs

Hi

I want hack Instagram

that's illegal dumbass #rules

Ohh sorry

Then what do in here server

Knitting

if only there was a channel that explained what the server was about

cooking

that'd be crazy if a server had a #welcome channel wouldn't it

idk maybe

Ohh

Yhen what

Here stupid question

fuckin go read #welcome

christ

that'll explain what this server is about

if you don't wanna know what this server is about, you can just leave

maybe too hard for him...

I will destroy this fucking server

no one is keeping you here; but if you want to interact with this server in a meaningful way

#welcome explains a lot

Revshells is a decent site for grabbing msfvenom one-liners and other shell related things.

ok skid

Myra

Has anyone done Footprinting Medium Lab?

no one in the history of ever has done that lab

https://dontasktoask.com

I'm so closeeee, I just cant run mySQL as admin because the password isn't working :(((

it wouldn't be mysql it'd be mssql

dumb rule i was being polite instead of just outright asking the question in the middle of a conversation, this isn't Teams and we aren't at work 🙂

but consider this; what if the password you discovered is reused

yes that

how am I supposed to know this

imo it's a silly question to ask if someone has done a module that's part of a job role path that ~700 people have the cert for

This is so dumb

trying everything

one of the basic things to check for is password reuse

its not actually, because the people in this conversation, might have not, you never know

but you're asking in a channel where a lot of people likely have

All I asked was has anyone done it, like in this moment

¯_(ツ)_/¯

no need to ask if anyone has done it

I will, sorry, that's how my parents raised me

just asking your question is gonna be more effective

i would recommend use your own machine.

as pwnbox can be slow sometimes. and with your own machine, you save your work and have better control of environment.

because waiting for someone to respond to "has anyone done this section" could have also been time waiting for someone to actually answer your underlying question

It's manners

I rather be polite, than "efficient"

different etiquette for cybersec forums

there's a reason https://dontasktoask.com exists, and explains why

alongside https://nohello.net

ok???? cybersec doesnt have a framework for manners, and that's a random website

¯_(ツ)_/¯

some people are just rude to be rude tbh, anywho thank you for the unnecessary conflict, I'll just find the answer myself. Toodalooz ❤️

for most people it's more annoying to go through the back and forth of hi/hello, have you done x?/sure what's up?

i did answer, password reuse of the important text file you should have discovered

Current stuck on Password Attacks Lab - Hard and I'm trying to move a file using the command: "move Backup.vhd //10.10.15.128/CompData" to a hosted share on my pwnbox .This is what I learned in the previous module questions but it doesnt seem to work due to an authorization error. Are there any other ways to move files without causing an unathorized error?

I dont think its annoying, its polite, I've never been enraged at a preliminary question

i'm not mad lol

and you can do things however you want, i'm just stating it's faster/typically better to just ask your question, especially in a channel dedicated to helping people with modules

this channel is specifically for ask/answer; no need for preliminary questions -- you can include the module and section name in your question

and you'll get an answer

windows doesn't like moving things over smb to shares that don't have authentication

xfreerdp has the /drive: option

which allows you to mount a share

you didn't need to be snarky about it though, like its so unnecessary imo, you could've been like yeah I have, what do you want to ask about it. And we would've been dandy, instead you decided to "school" some random person you havent met for no reason about cyber ettiquette, which doesn't exist, its just wholly your opinion

Linux Fundamentals Networking Services has me installing nfs-kernel-server but I keep coming up with an error. This is on a Virtural Box VM with Parrot OS installed. Is this an issue with my machine or the nfs-kernel? I tried looking up the issue online but did not come across any solutions. I tried Sudo apt update, sudo apt insall -f and with the --fix-missing as well.

Not seeing a way to upload a screenshot.

i don't recall needing to install that

your account needs to be linked to be able to upload screenshots

@fathom pendant If I specify on the pwnbox that it requires authentication and I use "net use \10.129.124.124\CompData /user:david gRzX7YbeTcDG7" something like that on my windows machine does that fix the issue? Also, I used this method in to get one of the module flags which is weird but maybe it was because I was admin. Also I tried rdp'ing to david's account and the only way I could access his directory was through the cmd.exe using runas command.

But I would have mounted my pwnbox drive using rdp if I could

/drive:name,/path/to/directory/ with xfreerdp command

Yes I did that

should show up under ts-client

and you can move things to 'name'

iirc it's just the //name/ or //ts-client/name it's been a minute

I used this command with the first user I found creds with "johanna"" and it worked fine

maybe its because zfreedrdp can't run two at a time and I already have a connection established with johanna's machine?

nvm that doesn't work either

Is this by default

What does password reuse mean, what else do I use??? There's nothing else to enumerate

the host you are attacking has this specific folder mapped to that share, you are just mounting the share to one of your folders

hey guys how u doin hope all fine... I have a problem with the data file extraction he alsways shoe me this error can somebody help please... \Users\htb-student> move C:\Users\htb-student\AppData\Local\Temp\lsass.DMP \10.10.15.123\share
move : The file exists.
At line:1 char:1

• move C:\Users\htb-student\AppData\Local\Temp\lsass.DMP
  \10.10.15.123 ...

    + CategoryInfo          : WriteError: (C:\Users\htb-st...\Temp\l
   sass.DMP:FileInfo) [Move-Item], IOException
    + FullyQualifiedErrorId : MoveFileInfoItemIOError,Microsoft.Powe
   rShell.Commands.MoveItemCommand-----------------------------------------------------
 sudo smbserver.py share . -smb2support
Impacket v0.13.0.dev0+20240916.171021.65b774d - Copyright Fortra, LLC and its affiliated companies 

[*] Config file parsed
[*] Callback added for UUID 4B324FC8-1670-01D3-1278-5A47BF6EE188 V:3.0
[*] Callback added for UUID 6BFFD098-A112-3610-9833-46C3F87E345A V:1.0
[*] Config file parsed
[*] Config file parsed
[*] Incoming connection (10.129.202.149,49678)
[*] AUTHENTICATE_MESSAGE (FS01\htb-student,FS01)
[*] User FS01\htb-student authenticated successfully
[*] htb-student::FS01:aaaaaaaaaaaaaaaa:f581668fd9302eefbd0a6c49f476f194:0101000000000000002156065d6bdb017337bc5b8f6c886f00000000010010006a006f0043004f004100550053004700030010006a006f0043004f0041005500530047000200100048004b00500075004500710044007a000400100048004b00500075004500710044007a0007000800002156065d6bdb0106000400020000000800300030000000000000000100000000200000dc08c34ef1da0f3b1c25e860312d1b26ffec971f7b35cd4ce89152122352b1840a001000000000000000000000000000000000000900220063006900660073002f00310030002e00310030002e00310035002e003100320033000000000000000000
[*] Connecting Share(1:IPC$)
[*] Connecting Share(2:share)
[*] Disconnecting Share(1:IPC$)
[*] Disconnecting Share(2:share)
[*] Closing down connection (10.129.202.149,49678)
[*] Remaining connections []

In module ; Web Request(CRUD) , a Exercise is given in which i have to add a new city through the browser devtools. but i am unable to do it and been struck for like 30 min now. Anyone Know any way pls share

How do I look using the cmd.exe to figure out which specific folder is mapped to that share in the future?

in windows you can type "net share" and it should show you the available shares and what folder they are mapped to

reading the VLAN section in networking fundamentals like I know what the actual heck

VXLAN, 16 million segments.. fr fr, yup 24 bits can give 16 million unique numbers

Here is the error I am seeing along with the NFS section from Linux Fundamentals modual 18.

how do I get a file from exploit-db into metasploit

this is rough 🤦‍♂️

Im doing the 'RDP and SOCKS Tunneling with SocksOverRDP' but when i try to load the .dll with 'regsvr32.exe SocksOverRDP-Plugin.dll' like in the example, i get that error.

Failed Virus detected

@bright shore please don't reveal passwords

real-time protection is a bitch

k

just turned it off and still the same error

did you reupload the .dll

Yes

added exclusions, etc

No need to add exclusions

Just disable real-time protection (which is different from defender)

@fathom pendant What did you mean by password resuse

I know what it means, but what else can I try

Did you try logging in to a powerful Windows account with the discovered password

Unless I'm misremembering this one.

I tried remmina with sa as the username and whatever that password is, did not work

That's not a native windows user

Think of default user accounts on windows install

I tried right clicking run as admin for mssql, and using that password which everyone else on the internet did, did not work

It's why i suggest logging in, since the UAC doesn't allow copy/paste

logging in through parrot?

I tried that too, got an error saying can't connect to host

anyone know why I'd be getting this error? on the exploit for host 2 for the shells & payloads final assessment

I just downloaded it from exploit-db and entered in the options and ran it

xfreerdp /v:ip /u:<username /p:'<discovered password>'

Is there a mentor option with HTB?

No

Thank you

I need help

I'll try this

Restart msfvenom

msfvenom or msfconsole?

Have a look at CyberHelmets if you want to learn in group

I got the same error when restarting msfconsole. Are my settings correct?

Msfconsole

nope haha did not work, unless my username is not sa

Set the rhost to ip, vhost to blog.inlanefreight.local

As i said, SA isn't a windows username

so then what else would it be

administrator doesnt work either

nor admin

It should

Are you sure you copied the pw correctly? Respawn target and double check

actually there is no IP for the 2nd host 🤔

This will be in the hosts file of the foothold

You can easily get it from there if you really want but t

i'm just using the 87... part

Don't share password

okie

Ffs i don't have it on me to verify

But respawn target, regrab the important.txt. but that looks right

man that took me so long lol

ty

I never wanna get hints but I think it'll just make things easier in the long run if I just ask for help sooner

instead of trying random things aimlessly

Yeah 🙂 no worries

has anyone solved the questions in the smtp Module of the academy?

"Enumerate the SMTP service even further and find the username that exists on the system. Submit it as the answer."

I used the command sudo nmap <ip> --script smtp-enum-users. With this I get a proper list of usernames. But it seems that none of the usernames is working as a solution. Does anyone know why?

Oh my god i want to bash my head against the wall, I've been using 11 instead of double L's

because they look so similar

I'm not certain why it doesn't work in your case, but use all the other tools to explore the SMTP service. I suspect HTB uses some hacks of their own to encourage you to use as many of the tools discussed as possible.

Aha, could be. So in that case the nmap script would be one approach. Since you mentioned that I have to use probably another tool I checked the kali linux tool site. Since there are only 2 tools (ismtp and smtp-user-enum) it will be for sure one of those.
Thx mate

I assume you're referring to the Footprinting module / SMTP section? If so you're on the right track if my memory serves correctly. In this case, more than something sneaky HTB does to force a path, it's likely nmap is working off a list of usernames that doesn't contain the answer.

Yes exactly! And I finally got it. First proper hint would have been to check the ressources -> Provided already a list to enumerate from. Then I had to play around with the configs of smtp-user-enum. 🎆

This is why copy/paste is king

smtp-user-enum script >>> nmap --script smtp-user-enum

nmap script stuff is just tedious

No actually it was not an nmap thing here :P. When using nmap there is the smtp-enum-users script you can use.... buut there exists an cli too called smtp-user-enum you can use. I solved it with this -> Link to the kali site here: https://www.kali.org/tools/smtp-user-enum/

I know, I'm stating that there is an nse script of the same name

I believe it's the same script, just ported to nmap

Ah gotcha! But if this was ported to nmap... would you know how to actually execute this nmap script with a list to enumerate over? Never did a NSE with arguments before 🌚

Nevermind -> ChatGPT for the win: nmap -p 25 --script smtp-enum-users --script-args smtp-enum-users.userdb=userlist.txt <target>

¯_(ツ)_/¯

hmmmm... tried to do it with the nmap scan, but I am not able to get the same result as with the script.
The command I glued together would be nmap -p 25 --script smtp-enum-users --script-args userdb=/home/htb-ac-326403/Documents/footprinting-wordlist.txt,smtp.timeout=30,smtp-enum-users.methods={VRFY} <ip> -v

Based on the nmap documentation: https://nmap.org/nsedoc/scripts/smtp-enum-users.html

i genuinely wouldn't bother ¯_(ツ)_/¯

Least confusing nmap script command 😭

Going wild with the command to get no result . Hell yeah

wrap the args with []

This is not an issue. The command works fine. If I use for example RCPT as method, I get some results. Its just that it is not able to do it properly with the VRFY command.
Nevermind, I guess I stay with the cli tool

Yo

I wanna learn how to hack

I need to learn quickly bc I need to get some revenge rq

I'm on laptop

That’s not what this server is for

Yh I'm jk

Suuuure

But like how do i learn it it is so cool man

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

Thanks

You helped and the moderator didn't what a shame

accessing devices you don't own without permission is illegal, and can land you in some serious trouble

probably because you said this dumb shit

Right, ik I'm not stupid

sure Jan

either way there's no crash course zero to hero 24 hour learn hacking cheat code

lots of time, effort, and spelling mistakes along the way

It takes time, is that what you tryina say here

Oh alr yhyh

yes

Rome wasn’t built in a day. There’s great content on academy site

it was built in at least 2 days

Yes

https://tenor.com/view/snow-fall-franklin-brick-by-gif-24960882

I am getting this error when running subbrute.py : permute_filter = re.compile("^[a-zA-Z0-9]{" + str(self.permute_len) + "}\.")

Even though it worked, gave me what I need. The error is kind of annoying. Any ideas of what can be or how to resolve?

Thanks i advance.

Same 🙏

Get Started with the HTB Beginners Bible: https://www.hackthebox.com/blog/learn-to-hack-beginners-bible

you can read the article above to get started

@unique ether start here bro

💀

Can anyone give a hint on the last question in Kerberos SA?

Can some one help me with
Secure Coding 101: Javascript skills assessment?, Question 2: "Access '/Static/static.js', and try to statically calculate the flag returned by the 'sendFlag' function".

I got it after realizing that the array was sized at 60 and not 59. Be sure to understand the Encrypted Array section and the functions in your static analysis

why is it that nobody really helps here really for what is this module then. I see here always only one person and 1000 question

i need to say that htb need to improve when is about discord and community

because help is voluntary and not mandatory. nobody is here 24/7 to answer everyone's questions and issues

Whoever needs help with hacking DM me!

i know i didnt expect 24/7 but at least answer one of my questions... i feel really not nice when i am stucked and asked some times and never get a reply

thanks for the offer

fr fr
that's cuz you're advanced homie
you know too much already