#thm-community-media

^

What could a reason be for a greyhat?

Boredom

Nah, I'm pretty greyhat most of the time

Keep it on the legal enough side tho

Because I think I'll fall into that category as well once I've finally got my bearings

Say there's a flaw in apache. You've tested this on your own systems, which is whitehat, and submitted it to be fixed. But the apache team doesn't do anything about it. You expect that blackhats would've already found this same exploit, so in bold move to get apache to actually fix it, you tell the public about the exploit. This is gray territory because you really shouldn't do public disclosure until after the patch.

Or you hack into webservers and patch the vulnerability yourself

Would grey also try to fix the exploit if the admins don't do it?

Wouldn't *

Probably, but that's also very illegal

which is why it's grayhat. Not legal, but not morally wrong

grayhatting is a fine line that's absolutely easy to take too far

^^

I know several compnies with deployments in the wild that use vulnerabilities intentionally on their systems for access and communication

"Patching" them would piss them off alot

And a "good deed" becomes a legal case

even if it'd be for their own good.

also, gotta love relying on broken features

Yep, these aren't small companies either

"change" and "big company" might as well be antonyms

Hahaha

heyhey I'm new to THM, looking forward to joining an awesome community 😄

heyooo

Hiya!

🍰

@forest rivet gr8 now I want cake xDD

welcome to my life

It's completely logical to like cake

trutru

but life has no purpose anyway

bruh

The cake is a lie

plz dont say that

@forest rivet You wanna play KoTH?

old meme zone above this line

xDDD

Nah, @tame ledge, I need more knowledge to be effective in KotH

Just run:- rm -rf /* when you get root 😏

Don't need the *, but yes

You do need a --no-preserve-root tho

Wasn't that against the rules, same for rootkits?

Yep

What does that do?

rm removes, -f forceignores errors, -r is recursive, meaning everything beneath

I meant the no preserve root

probably doesn't preserves root

It does not preserve root

I already broke my system once with the rm after a friend "helped" me

That's a nice friend

doesn't sound like a friend

I like this is going, already stuff that I dont understand xDD

You can't run rm -rf / without passing a --no-preserve-root flag these days

English is not my native tongue, so I might misunderstand a few things here and there

why does that flag even exist?

no worries, Odes

To stop people from being trolled into running rm -rf / I'm assuming

https://superuser.com/questions/742334/is-there-a-scenario-where-rm-rf-no-preserve-root-is-needed

Yeah, that's what happened to me hahaha

right, but I mean why not just disallow it

I needed to remove a folder with contents

don't need no preserve root for that

It's probarbly needed for LFS systems or something, some low level magic we'll never use

Maybe for formatting the disk if you install the os?

the link says that firmware is mounted on modern systems, so you'd be clearing that out too

Who else is a gamer?
And from that list, who uses Linux for gaming?

Nope, don't often play games, got a PS4 but that's mainly for movies and music

Linux has games?? :p

sudo apt install pacman

I'm a gamer, I suppose

Steam, lutris

Afaik

there are work arounds were you can play steam games on linux something has to do with WINE and stuff

there are youtube videos about that stuff xD

I never seem to get a stable install if I want to do gaming

definitely, but steam is also trying to encourage more devs to target linux distros

trutru.. I wish for that day man

aye

Same

Speaking of windows vs Linux, does anyone know voicemeeter?

yes. you.

Haha

😆

Hi this is the passive police, I hear you've been being agressive.

No cake now @forest rivet

no, you!

🍰

Yes cake now @forest rivet

sudo apt remove --purge cake

D:

Evil

sudo apt remove --purge SuitGuy

🙉

:3

sudo apt remove --purge *

I don't purge after I eat.

Anyway, I use it to equalize my audio and give more bass, is there something like that on Linux?

bruh

proper hardware, perhaps

Reading package lists... Done
Building dependency tree       
Reading state information... Done
E: Unable to locate package SuitGuy

sudo deluser FreezeLuiz_

deluser-ing noises

Adorable.

Okay can someone test something for me

Just tried to hit an nc port with a GET HTTP/1.1 and didn't realize it had exited

And ran GET HTTP/1.1 in my terminal, which returned lots of HTML

<!DOCTYPE html><html data-adblockkey="MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_K5SpWqkZzyH0qq1ksBjrmoYQSTrjyRtC5AenV/yu4WHr+w1nm+QhR7tk+zTswqHAZGm1xo7QOQBRlRvDqLa7Rg=="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title></title><meta name="viewport" content="width=device-width, initial-scale=1"><meta name="description" content="See related links to what you are looking for."/></head><!--[if IE 6 ]><body class="ie6"><![endif]--><!--[if IE 7 ]><body class="ie7"><![endif]--><!--[if IE 8 ]><body class="ie8"><![endif]--><!--[if IE 9 ]><body class="ie9"><![endif]--><!--[if (gt IE 9)|!(IE)]> --><body><!--<![endif]--><script type="text/javascript">g_pb=(function(){var

...

Like what

Someone run a GET HTTP/1.1 in their terminal and see if they get the same

I'm not running any webservers or anything either, am I missing something here?

When HTML looks like BrainFuck

My default you in parrot/kali you have apache2

Likely just hitting that on local

I checked, there's no apache service running

Is anyone able to replicate this on parrot?

I don't really understand what you did. What does it mean to run GET HTTP/1.1 in your terminal?

So I just got an email regarding un-lockdown procedures next week. Here's one of the rules. Can you tell that my boss codes? :p
"All employees must stay 2 meters from each other at all times - except when there's a wall between you."

I think that depends on how you do it

send a websitelink to them in an email or on discord etc?

right

no, that's fine. But it borders on illegal presuming malicious intent

^^

What are you intending to do with the IP afterwards?

then, no, it's fine. But if you start scanning that ip or similar, then it becomes illegal

Most websites log your IP. Just part of being on the internet

yeah, once in a while legal stuff is simple. This is one of those rare cases

If you're deliberately trying to get it to commit further offences then it's a crime

If it's just a by-product of browsing the web, then it's fine

something off-topic that I wanted to share, I only woke up to an email and a notification from google saying someone in bengladish was trying to get my email password, they gave me his public IP 😄

I didn't scan it or send him any payloads cuz I ain't scum

keeps happening to my old steam account

bruuuh xD

I take it that it's illegal to scan their ip XD

yeah, that's one of the cases where the ip is actually useful

correct, @distant herald

Oh wow, it's hitting discord

what is?

I instantly changed my passwords and went back to sleep x

xD

Good

hope you didn't change it to Hunter2

or ThisPasswordIsEasy

pfft nooo... changes my passwords again

"ThisPasswordIsEasy" is an ok password, i think

just don't use it now cause we've discussed it

don't forget to add ! at the end to make it super strong XD

ThisPasswordIsEasy!1"2

I follow the secure passwords rule of not less than 8 figures with lower and upper and numbers and specials

SuperSecretPasswordThatYouCanNotGuessNoob!!1337

that's a great password, mal

except for the symols

legit

I may or may not be using that format myself

The GET HTTP/1.1 within my terminal hits the discord application

just rot 47 your regular password lol

P@ssw0rd!

ThePreviousPasswordWasThePreviousPasswordWasPassword!

add another when you have to change password

IAmJamesBond000000000000000007777777777^7777777777777777777

honestly, not the worst password

gl remembering it though xD

password manager to the rescue 🧁

offline* password manager to the rescue 🍰

ILikeCake1337h0x0r!

I only use online password managers, like excel

legit would use that @tame ledge

Google spreadsheets

I may have worked for a company that did that

bruh moment intensifies

Thank you for telling what password manager you use, a 0day exploit will be forwarded to you in a short moment.

Please stand by.

forwarded as in deployed

is it that easy tho? xD

@forest rivet Forwarded as in email

no, but is it possible? Yes

oh.

harrr

tbh I look at ppl that figure out complex 0days as 1337hax0rz

Just don't tell them that, @buoyant token :p That's usually only used sarcastically

I want to be a 1337haxxx0000r xDDD

cringe above this line

nothing like a recycled joke :p

only cuz it was good

I need to stop playing KoTH and go do some rooms, why did they had to make it so addictive!

to suck you in

is KotH a free feature, by the way?

No

It's for subscribers only

Right. Probably should stay that way -- or perhaps only let free users try it at a very narrow time frame

because it really is a killer feature

what is KoTH tho

what is KoTH tho
@buoyant token https://tryhackme.com/games/koth

I'm starting to wonder if you're actually a bot, Skidy :p

It looks interesting tbh ❤️

Why not allow free users to create a private room for KOTH?

or being able to join a private room made by someone who is subscribed?

@distant herald i'll go on a limb here and say...ehm Resources!

maybe idk

me is nub

Plus a business case. There's already many reasons to sign up, and frankly, I think it's already too cheap for what you get. Giving KotH away for free would be pretty wild

@forest rivet bruh tbh once I get the chance I will be a subscriber!!

same KOTH seems like so much fun!

Exactly. From a business perspective, there's hardly much reason to trial any more material. The major bottleneck is that much of the target demographic can't afford the subscription, regardless if they think that the value proposition is fair.

Or at least that's my conjecture

For me that's the case, even though it's only €10, it's still double my phone bill

same my dude

I bet that new iphone could be replaced with a couple years subscription, though

cries in huawei

My phone costed me 150 XD

@forest rivet also, if there's more koth boxes coming then it starts getting more expensive

Does anyone know what/where i can get as tools to use on mac osx?

i imagine it could quickly get very expensive, yes

@graceful coral I think if you googled "how to install insert tool name here on mac osx" you will get some decent results

does vmware run on mac, @graceful coral ? :p

@forest rivet he is already on a unix based system my dude :p it would be alot cooler if he used his mac terminal

there are a lot of things that could be cool but won't work.. :)

le sad noises

there goes my dream of getting an apple laptop

@forest rivet fusion

@buoyant token i am looking everywhere and search for the right answers, as @forest rivet said, some just don’t work as they would on Linux

VMware Fusion runs, I think vbox runs

Think of the months of THM subscription you could get instead, @buoyant token :p

Haahaha xD yea you're right, I could leave my account in my will after I die xD

exactly ;)

apple laptops aren't worth it

Used ThinkPads are cheap and more powerful often

Like. Really cheap

thinkpads are the old nokia phones of laptops, except many of them actually perform really well

Meanwhile, 🍰

Hello!

coughs in MSI

@olive sundial Couldn't hear you over your hinge breaking

apple laptops aren't worth it
@tropic lava 😅👀

apple laptops aren't worth it
It’s ok to have a wrong opinion

The only reason I agree with @tropic lava is due to the price:power ratio, other than that, MBP FTW

my £70 thinkpad is faster than a £1500 macbook

we talking about the same hinge?

Lots of models, need to narrow it down lel

@olive sundial It's a part of something

Foldy bit

I'm quite happy with 6C at 4.4GHz + the SSD

right right

foldy bit

it's called a joke or selective hearing

Quite a common problem with MSI and Razer laptops

it's something brits do

MSI is real bad for it

Snapping the screens too etc

nvm i don't know what's my laptop

Hey is the upload vm thing gonna be paid anytime soon?

Like restricting the ability to upload VMs to only subs or something like that?

what would woody do?
jump off a moving truck

No like you pay every time you upload a vm

I meant if we’re gonna have to pay for this soon

Oh good catch, do we want to update the writing here? @restive tartan @crude agate

VMs will be charged at £69,420 per gigabyte

Nice.

Errrmm, I dont know what I would update it with

Because, one day, I might decide to charge for it, hosting VM's and their storage can get expensive.

VMs will be charged at £69,420 per gigabyte
@tropic lava guess it's time I start using vbox for those smaller ovas

hmmm

it's okay for now, though 🙂

we'll change (and obviously notify everyone) if we decide otherwise 🙂

<3

@tropic lava Last night i was trying to test xfce, but couldnt load it, I kept loading to gnome..

Ok?

I mean IDK what to do there

You can choose from LightDM normally

even when loging in, i would choose XFCE and even then i would load to gnome 🙂 maybe tomorrow i give it another try

I mean you broke your install pretty hard the other day

Wouldn't be suprised if that was why

But XFCE runs nicely ina VM

I mean you broke your install pretty hard the other day
@tropic lava you might be right.. I might do a new install on the weekend.

https://youtu.be/IgXj6dJAzt0

🧁

Since Dan is too stubborn to make a gofundme for taking OSCP, here it is kiddos.
https://www.gofundme.com/f/dan039s-oscp-fund
All proceeds are going to Dan.

lmao

brb donating 69 cents

KEKW

hey guys I had a question I just finished my last Java class ever and from now on I can code in anything that I want

should I get into python or C#? (I am an Electrical engineering student)

I am also not very good at coding so I don't know which is best to learn all the data structures and algorithms and OOP

@oblique flume what language are you gonna use more in your line of work

tbh I can do around the same with both but Java will not be for me

If it's python, learn python, if it's C# learn C#

Java and C# are practically the same

🤔 I see do you recommend it to learn algorithms and OOP or python would be easier to grasp those concepts?

I prefer python

It has Objects aswell

soooooooo it would be easier for me to learn python to REALLY learn how to code first

and then move on others?

Yeah

Python is incredibly simple to learn relative to everything else

because I don't know if you remember I told you we had like 2 years of Java in a semester so I was confused

🤔 I see well thanks for the advice

Every language has its own uses

yeah but my problem is more on how to solve problems

like let's say I have to do X thing, I just get stuck

I can write it down as a math level on a paper but to code is another story

Has anyone used leetcode before to practice programming. Or is there a better tool to message your progress when it comes to programming skills

There's a saying, "One leetcode a day, keeps unemployment away" @outer vale

@quaint elm you are the first person I have ever heard that from

@outer vale Well, considering the difficulty and the quite handful challenges, leetcode is definitely worth the time. I meant that saying as a slight edge, you know. Like, once you start doing 1 challenge a day, it'll be 7 challenges a week, 30 challenges a month and 365 challenges a year. You'll know the difference.

🍰

The world is healing lads

Did you know that there never was a toilet paper crisis anywhere this year?

Stores were sold out temporarily because people were hording

well, i actually needed it like 3 weeks ago so my dad decided to buy from Costco

a stack of 50

@forest rivet so you're telling me that an entire country running out of toilet roll isn't a crisis

correct, because the premise you presented is false

the country wasn't running out of toilet paper. It was just being horded

So a shortage of supply is != running out

Not completely void of

not if it's actually there, just horded

As a correlation of supply restrictions from the primary manufacturer China and India as a result of a pandemic crossed with an increased purchasing primarily from government and first responders directly from manufacturers

Bruh you out here acting like I ain't researched

either that, or you presume I think that

A shortage, in economic terms, is a condition where the quantity demanded is greater than the quantity supplied at the market price.

Right, but were we talking about economics, or the ability to wipe your butt?

In the current conversation both topics are intertwined

lol

Newbie question on behalf of Linux

How do I change what comes after username@thisThing in terminal?

@thisThing is your hostname

@distant herald

ah okay, thank you!
Time to fire up a search engine

Yeah you can deep dive into so many ways of customizing that stuff

Time to change into my swimming gear, lol

@distant herald Modify your /etc/hostname file

or run "hostname newHostname" according to a site I'm on

You can do that as well

wow its the file I thought it was

?

I wasnt sure if it was /etc/hostname

then you said it was ;p

Remember that changing your internal hostname doesn't actually alter any paths to contact that machine in DNS

are there negatives to changing your hostname?

you might make it more confusing if you change it to something funny

the hostname is sorta a reminder on the commandline of where you're currently located

@forest rivet I image your's is Breadth@cake 😄

nice ping lmao

😆

c;

Take that @forest rivet

how do the roles work?

Not trying to rub anyone the wrong way, but personal finance is one of my passions. If anyone has ever been interested in Dave Ramsey but never actually done anything he’s giving away a ton of stuff for free or penny’s on the dollar

https://www.daveramsey.com/store/hope

There's a section in the docs @tropic dust

ah it was malware that pinged me lol

😄

Yeah, sorry about that

@graceful coral Has Dave put you on rice and beans yet?

@graceful coral fortunately I’ve been following him since I was a kid so I havnt had to drop down to that just yet 😅

🍰

people can be really creative these days

Soju is good

Dangerous but good

i got a few bottles at home i got the grapefruit and grapes soju

i don't find it that strong lol

I’d that tg hack?

yes

@lethal egret when's our next one? (other than Trace Labs on Sat)

this one is still open for signups

lmao, @olive sundial. Flexing when I did all the work :p

@olive sundial it's ≈20%, so you can drink it too easily

then again, maybe I shouldn't flatter myself when only one category has opened

agreed lol

@tropic lava it's very soft, i drink whisky on the rocks ❤️

nothing beats that

"on the rocks" used to confuse me so much

"you.. what now?"

either that, or you can actually have rocks inside to cool it

I'll put rocks inside you.

i might have a few

I really hope they aren't in your kidney.

There's also steel cubes with water in, if you don't want to dilute the whisk(e)y

never heard of steel cubes for this, but it makes sense

Gonna be smashing it out

@latent stirrup What's that for?

100% noob @latent stirrup

@pseudo escarp tghack CTF

https://tghack.no/

is that from CTF time

Yep

starts in 20 minutes but the noob series has been open for 2 months.

There's a couple between now and next week so grabbed the Uni team together

Hmm tempted to join

Smashed the Noob questions out today and seams pretty laxed

Who's in the uni team?

Me, @magic root, @strange night and @north cradle

Ayy nice

@latent stirrup you posted the team token btw

What token?

the token that lets people join your team

Not looking good bois

what the heck

nani you should be in there

🔞

That's the issue

DMU and Ports left

And my school is actively stunting Ports

They not responding?

Yep

Gonna have to use backup contacts

that's BS

@cobalt thicket, soz to hear that bud

@cobalt thicket You applied somewhere else?

I applied to 5

2 denied instantly

And now that's 3

2 left

:c

that's such bs considering the potential I've seen from you here alone.

There's hope

Agreed

The remaining ones are good? @cobalt thicket

solution give them a link to tryhackme

I'm in contact with the last 2 at least

xD

Ngl I did that with Portsmouth

Portsmouth is well connected with THM

There's hope

I think ports will work from what I've heard, I just need this letter of extenuating circumstances

You can get it, Dan.

But am getting ghosted

By Nick?

Or your school?

School

I'm surprised with how patient nick is being

Nick is great

Right

Emailed my backup

Backup?

Ports need a letter of extenuating circumstances as to why I'm applying a year early having dropped out of school

The school don't seem to want to give that to me, so I'm having to get someone else to do it instead

Oh, I really hope it works out.

I dropped out but did an access course thing before starting a degree the next year
because I'm a dumbass and didn't have any grades

@cobalt thicket I hope you will achieve your goal.. wish you nothing but the best man.

Is it scary for koth?

PoloMints = Polo ?

@last marlin yee

🍰

🍰
@forest rivet 😋

;)

https://blog.google/products/stadia/try-stadia-free-today

wtf spooky

👓

I'm shocked

Confused

Is that you pars?

I'm a cactus bb @uncut saffron

U know that

lmao I do

I've just tried out google stadia

I can comfortably say cloud gaming is the future

okay zoomer

is it actually good tho for real? What's the catalogue like?

The catalog is growing but its decent

Not even close to everyone else

But it's a new service so I can cut them some slack on that

But more so what I meant

yeah fo' sure

Was I played a rythem game

No input delay

Everything responded perfectly

😮 nice!

I have decent internet, but it's not like 1gbps

I highly recommend you try it out @formal iron

Just clicking on a button in your browser, and playing a game in full screen just feels amazing

It's free so you have nothing to lose

oh gnarly!

Considering I am stuck on a laptop w/ 4GB of RAM for the next two weeks at least - defo my dude

Just download some more RAM?

What are your opinions about linux phones?

even though android can potentially run linux too using termux, Andronix and VNC Viewer?

Android is linux

It's a full linux kernel

but in a weird way imo

You can access the underlying kernel with ADB

Or termux gives you an easier way but is a lil different

Are you thinking like, pinephones etc?

Could also be because I'm used to debian commands atm

pinephone and librem

pinephone is about $150 atm

Termux uses apt as the package manager

Which is nice

I'm thinking of using the phone as a rpi with screen haha

There's also nethunter from Offensive Security

ooh, I wasn't aware of that. Looks cool

I think it only supports limited devices

But people have got it working on others

"can I charge my phone using a usb port on your pc?" takes over system "Thank you!"

https://shop.hak5.org/products/o-mg-cable

Expensive, as it's hak5

damn

rubber ducky seems nice too

but also on the pricy side if you ask me

@distant herald, you can make a rubby ducky for £5

Can confirm

Or less

Aliexpress is awesome

No way?!

ebay an arduino mini (I think)

pi nano is the same thing, no?

Ideally you want an ATmega 32u4 or something

Pi are different to arduino based things

My Arduino from Aliexpress is working perfectly fine

Pi tends to be full computers, arduino are mircrocontrollers

@pseudo escarp Micro is the chipset that's ideal, but aliexpress 32u4 beetle

pi zero*

Pi zero is a full ARM computer

DIY rubbery ducky

Ah yeah, @tropic lava, Micro pro

What are you mainly using it for?

Pro micro is what you often use for custom mechanical keyboards so makes sense

You can also get a typeC one if you want it to be cool

Yeah

I need to get back into hardware stuff

@distant herald, used to troll friends, nothing serious, each DIP switch wgets a script and can do fun things

0001 is of course rick roll

hahaha

button to do a while true because you don't want to inject while you plug to edit

I'd use a toggle for that really

didn't have any at the time, had 100's of buttons haha

But yeah, good call

Switches are expensive tho

I still need to wire up my Big Red Button

That DIP switch was something like £2.60

Maplin?

That's a lie, it was £2.60 for 6 of them from ebay

That's more like it

Oh the good ol' days of Maplin

Good shop to browse and get an idea but never buy lel

After 30mins of googling and foruming I really am lost

I wanted to try PopOS
but when booting from usb it prompts two erros msgs
error: /casper_pop-os_19.10_amd64_nvidia_debug_38/vmlinuz.efi something something signature
error: you need to load the kernel 1st

hello everyone! Im here with my 4 yr, teaching him about computers. Can everyone say hi to Cooper! Please and Thank you

https://hackers.attacked.me/WviXz5LwkpLN.png

Hell yeah

and I'm fucking proud

oof'da

poki simp

ayayay

simp

https://clips.twitch.tv/ColdbloodedArborealSandstormKappaClaus

Dan follows her

Basically a poor mans sub

https://hackers.attacked.me/vNy04kWgYjGI.png

https://clips.twitch.tv/GenerousVibrantDinosaurEleGiggle

Hey it wasn't me this time

The amount of users with 666 in their name is incredible. Not just on THM, just in general. I find it super odd.

Goodnight — final thoughts 😂

I have messed with forces I do not fully understand

hallo all y'all

Hello!

Who wants to make a THM theme for VSCode?

🍰

How can I access the database of a website if I am having the mysql db_username and password?

it depends mostly if the sql server is accessible remotely

if not you have to be on the box locally to access

there's no one answer to that, no

So I can't make any use of username and password?

it depends if you can get inside

maybe it's left widely exposed to the whole world, maybe you need to perform some exploit to get access -- assuming that it's a hackbox. Don't do that on IRL stuff without written permission

where's @meager compass

haven't seen him in a while

same ^

hope he's alright

yup :( also DesKel disappeared

RIP CtfCollections

deskel is working on something, he said that he's going to be off for a while

it's been like a month now

or even more

about 2 months roughly I think

He'll be back eventually

🍰

🍰

Hello guyz

Can FATRAT be used for iphone?

What exactly are you trying to do?

I am learning to hack and trying to know how fat rat works.I have iphone and I want to know if I can test it on my phone

And you've tried googling the question, yes? -- it sounds rather googlable :p

I didn't found.May be I don't know how to search or no answer related to my question exist.

the lack of proper results for "fatrat" and "iphone" is an indication that the two don't really go together

What do u think about that?Have u experienced using FATRAT?

no, but I google stuff professionally :p

Cool

That is -- i'm a coder ;)

In either case, it sounds like you need another tool for iphone. Not surprising with how locked down they are

Okey,by the way thanks for ur help:)

No problem mate. Stay out of trouble~

Good to see a lady hacker:)

@forest rivet The only thing a coder needs is Stack Overflow and 🍰

No comment :p

Also, yes

@tame ledge thanksfor fact.

😮

Em, a Lady hacker? You are aware that BreadTh is male, yeah? 😆

It's a common mistake ;)

Azure Intune is not playing nice for me today
and shhh, a very pretty lady hacker

Oh,sorry for the mistake.Maybe someone had mixed sanitizer in my drink,I am seeing things wrong today:)

no worries. I didn't say anything for a reason :p

@forest rivet You even fooled Google 🍰

ahahaha

I'm just that pretty

But why are u keeping picture of girl in ur profile being male

😋

If you're not a pretty lady why is your name pink in Discord? And don't make up something stupid like "it's for a rank system for a learn hacking site"

But why are u keeping picture of girl in ur profile being male
@unkempt estuary who does?

yeah, what a silly excuse right

@pale cove I am asking BreadTh

Bread does not have a girl on the pfp

@unkempt estuary BreadTh's eating cake don't bother him

Is she he? in profile?

yes..

lmao

that's really obvious

🍰

i have same long hair btw, @forest rivet

It's only obvious if you're used to lookin at (North) European guys and gals, Swa

prolly

I once went on a date with a girl from the Philipines who had a hard time believing that I didn't wear lipstick cause red-ish lips.

lol

Imagine going on dates

I meant a 2D girl whose country field was set to the Philippines

I find it easier if you wear the girls self esteem down over a period of 4 years till it's low enough to date you. That's how I did it anyway...

ah, good ol' blue pill. Never gets old -- or morally sound

wait, or was it red? I don't remember. Just that they're a bunch of scum

Nope, this one is lost on me

Imagine going on dates
@pale cove you mean KOTH lobbies aren't??

hmm

Yes, it's red. And it's a collection of neggers / conartists -- and no, that's not a typo.

khm

@formal iron wait, so asking to 1v1 KOTH is the same as asking on a date?

if you want it to be 😉

be sure to have an even number in KotH games

well.. unless you're.. ok with uneven.

Date idea 1: Romantic KOTH game

If there isn't a date themed KotH box next time, I'm going to be very, very disappointed.

ask Bread out

what if we met in #koth-1 hahah jk...unless?

I'm not ready for my first successful KotH yet

Urgh. I want cake

I'm too bad at reading to not have cake

GIMME

guess not 😄

nuess got

@last marlin PascalCaseNameBestName

I think im gonna take a break and try to install xfce

@last marlin PascalCaseNameBestName
@forest rivet lol, gimme that cake

I thought you were gonna take a break

break from THM

been doing rooms for the last 4 h

installing xfce doesn't sound like a break :p

😄

its kinda chill pill

i3 or KDE are far batter than xfce

I wanna sleep

oh god, not this argument :p

😄

dunno KDE seems window-ish..

to me at least

i prefer gnome over KDE

KDE is highly configurable

I just want a terminal

but wanna try new thing, never used xfce before, so im interested

I swear, if i could do everything from a terminal and a multiplexer like tmux, I'd be in heaven

I swear, if i could do everything from a terminal and a multiplexer like tmux, I'd be in heaven
@forest rivet why cant u just use min of GUI, and still be in heaven ? 😄

GUI sucks 😄

I'm minimizing my gui usage

GUI is da Cake

but some things just aren't feasible

I've known people to work exclusively within emacs for hours or days at a time

I either use vim or sublime

VS is too great a tool for C# coding

Discord doesn't have a term app

Sublime and vim on my kali, Visual studio and atom on windows machine

sublime with vim binding, or separate apps?

No vim bindings

😢

I need to add those

What if i wanna watch a movie ? of listen to a youtube lecture about linux/OSCP prep.... seems like a mission impossible

there's a plugin for that

I'm gonna go install that

Sounds like a job for a tablet, Rash

I dont mind using GUI, even tho from the time i have joined THM i used more terminal than GUI..

What's the plugin name?

I don't really mind guis either. My problem is that most don't have full keyboard binding. Using the mouse distracts me

I don't know. I heard about it like 5 years ago x)

I don't really mind guis either. My problem is that most don't have full keyboard binding. Using the mouse distracts me
@forest rivet Yea i share the feeling, sometimes its bothering me as wel

You need to aim and stuff with the mouse. Keypresses are automatic

hlo guys ...can u pls help me out of a problem

Sounds like #site-support or #room-help, @charred knoll :)

https://www.youtube.com/watch?v=suTYbf-FtXg

nice

That chillstep mix is pretty good, one of my go tos

agree, helps by studdy.

🍰

have you guys tried deepin-terminal ?

been using it lately, liking it

Deepin used to include spyware in their distro til they got some backlash from the community. Some people haven't forgiven them 😛 but I've heard good things on usability

terminal is very fine, dunno about the distro

I might spin it up some time. It's easy to get comfortable with what you know

did a bit of walking in the fxce... hmm doesnt feel at home as it does in gnome, i'll stick to the gnome i think, especialy with my machine i dont need lightweights

https://www.androidauthority.com/oneplus-crackables-game-1103656/

i3 or KDE are far batter than xfce
@tame ledge I'll admit when im wrong.. I must say its been a long time I have last used KDE, but now that i have installed it, it looks nice.

😏

I was doing a fresh install, so i thought lets try it.. not regreting that.

🍰

🍌🍰

@graceful coral

I think your doggo has done a malfunction

me threee

Depending on how you look at it, we're all a little malfunctional, Banaynay

@urban crescent ("a"/5)+"a" run that in a JS console

har har

god i love the ||wat presentation||. I watch it every so often just for that bit

Radiohead gig I went to in Ireland 20 years ago, about to stream on youtube for giggles

https://www.youtube.com/watch?v=gaJKOUQS1T4https://www.youtube.com/watch?v=gaJKOUQS1T4

Just realised TryHackMe is quite active on LinkedIn, have followed

oh, i never thought about that

Me neither till 5 minutes ago

Followed

I killed my LinkedIn some time ago... Guess I'm gonna have to go looking for one of those job things everyone keeps talking about sooner or later

why'd you do that?

It’s good for job listings sometimes. It is basically just Facebook for people with jobs though

Needed a break from it and recruiters to focus on other things

@graceful coral yeah but you really have to be more careful about what you post 😛

Recruiters are the worst lmao, necessary evil I guess though? I’ve had a few positive recruiter experiences but 90% have been garbage

some things are worth shoveling through the poopy for.

Like actually having a job

I’d shovel through the poopy for that

Having a job? Pfft

Overrated

James' job is lecturing people on discord

I’ve not even said any bad words though 😦

@forest rivet Unpaid sadly

Well a lot of them come looking to pull you into jobs you really don't want to do. I had one recruiter chasing me for a whole year to do one particular Identity and Access Management role in one company that was the most boring part of my role in another that I left

Demand a raise.

I'm experienced and skilled enough now to be able to take my pick in the areas I want to work

why didn't you just block them?

I had one a few months ago trying to frame a 1st line support job as a security job
Yeah installing antivirus occasionally doesn’t make it not a desktop support job

Makes it a security job for sure

Maintaining and ensuring the integrity and availability of company resources with software deployments and patching

I mean, on paper, yes, but is that the practice? I'm going to guess that no

Making sure that devices are replaced securely when somebody drops it in their mug of coffee

Making sure users don't feel insecure. Even HR is a security job.

Gotta make sure those screws are tightened securely

Ensuring your own job security, done

Everything is a security job

I always fasten my seat belt so I can get to work securely

job security is a security job, yes.

job security as a coder is just obfuscating everything so no one can read it

Well no matter what role you go into there's going to be things that are kind of repetitive and dull but I was literally the only person in the city available and experienced in this one, quite well paying role... I don't want to name the producer of this particular tool but it's essential in most big businesses today

ah, good old variable fruit salad, pars

we have a new version of that today.

this is valid Swift code

@proper iris I agree there’s always going to be repetitive stuff I don’t like. But when I tell a recruiter that I’m not interested in another desktop support job because as far as desktop support goes my current gig is as good as it’s going to get. I’m going to be annoyed when he tried to pressure me into a 1st-2nd line support job

I remember one recruiter looking to hire a Linux admin and called me for a phone interview. There was a picture of me with Linus Torvalds on my profile and the recruiter asked me which person was me. When I identified myself she says "I was hoping you'd be the other one"...

Yes, Linus needs a linkedin job recruiter

Also ima just automate all the repetitive stuff

I mean yeah @proper iris

Imagine having Linux as your linux admin

@graceful coral Yeah it's really important when you feel you've gotten all the experience you can get from an entry level position to turn those down right away unless you're really struggling to get a job

I hear he's quite.. opinionated, James. Skilled af, sure, but perhaps shouldn't be the first person people try to go to

He's very opinionated

Imagine having Linux as your linux admin
@tropic lava I had a heated argument with him at LinuxCon once and he subtly made a point of refuting it during the closing one-to-one on stage by mimicking my hand gesture and repeating what I'd said in a mocking tone. classic Linus

Nice.

pffh.

Well he's more approachable than Stallman. After a short conference in Belfast back in 2006 he spent a good 10 mins talking with a bunch of us and then sat in the corner with his laptop ignoring us and picking his nose

You've been around, huh? :p

I got lucky

An old college lecturer (who'd been my programming and Linux lecturer in college) got in touch so we gathered a small bunch of Linux officianados and caught the bus up to Belfast for the day. Small enough crowd, He wrote an article about it for Linux Journal

https://www.linuxjournal.com/article/8941

Oh god, BSD

Sounds pretty cool either way c:

It was a fun day out 🙂 But even after the Saint Ignucius speech, I never delved into Emacs in a big way

VI VI VI is the number of the beast @:P

haha, that war has nearly died out these days hasn't it?

Well I think most newcomers who go down any kind of certification route will be exposed to nano, vi/vim and gedit or some alternative but there's so many other cool ways to manage Linux these days ... A lot less micromanagement

true enough. Writing speed has never been less important, I suppose

Once you get kinda good you end up with Ansible/Chef/Puppet/Kubernetes etc for hundreds or thousands of VMs and containers.You still have to manage things exceptionally well but you make a single golden image for your deployment and your automation tools check to make sure everyrhiung is cool and if it's not it just kills and replaces. It's actually pretty cool if it's done right.

I have a friend who's into Kubernetes. It seems pretty wild. I understand the concept, but in practice, I think I'd be a terrible person to manage it :p

Well like anything it takes practice 😛 I'm by no means an expert in it but you can use it to streamline a great deal if containers are your thing

Luckily my projects are too small (but important!!11) to require that sort of scaling :)

It's still fun to learn 🙂 I try to know a bit of everything even while I'm focused on something else just to see what it's about

yeah, I try to do the same mostly. That's why I'm here :p But getting up to speed on the red team side of cyber security, especially things that aren't directly coding related, has my plate filled for quite a bit for now.

@urban crescent reeeeeeeee

reeeeeeeeeeeeeeeeeeee

🍰

Yeah I know what you mean, it's fairly time-consuming but it's a lot of fun 🙂 I split my time between security and sys admin stuff mostly

I try to do a similar split with security and coding. But I sorta hit a wall in that I'm having trouble improving the coding without knowing what "the bad guys" do and use. Any time you code something in a webserver, you're opening yourself up to some sort of attack if you aren't careful. I was already aware of the classics like sql injection, user enumeration, and some more creative things like timing attacks, but at some point you just gotta have to see the other side with your own eyes to really understand what's going on.

Of course but you also have to get your projects working. If you get your features built you can fix them afterwards but of course you have to try to keep your standards high and minimise the number of bugs that creep into your application. It helps to know how those kinda things are attacked and to actually try to break in and see what's vulnerable. Years ago I had a friend who would casually break into company websites to fix the bugs he found... Anything from buffer overflows to browser incompatibilities

If you get your features built you can fix them afterwards
I'd rather not learn about a security vulnerability by an outsider exploiting it :D

Remember, that is often illegal

Deffos illegal, grayhat or not

I wonder if any countries have a "with malicious intent" clause

probably

It was very highly illegal what he was doing but this was at a time when there wasn't as much of a focus on security.

And yeah I'm sure it wouldn't have been looked on favourably if he was fixing with malicious intent 😛

Not the fixing with malicious intent

The breaking in, without malicious intent

Fixing with malicious intent is when I do code review for a novice at work :p

Yeah we definitely didn't approve of his behaviour and he was definitely to the darker side of grey hat with some of what he was doing. He did go on to bug bounties, pen testing, and being a very highly skilled security engineer for some prominent companies. Not bad for a guy who never went to college and fell in love with Linux while working in a call centre

Is it just me or do pentesting folk tend to have a much higher than usual rate of selftaughts than other areas of IT? This coming from a selftaught coder :p

I mean hacking isn't encouraged most of the time

Being self-taught definitely gets more prominence but a lot of us started out just being left alone with a computer at some point and developing an interest.

Teaching it is risky, people might use it for illegal

that's true. You don't wanna be the school which taught that top hacker to do bad thing x

Hacking in the malicious sense definitely not but things like CoderDojo and even Hacker Highschool and similar are becoming more prevalent. There's even a kids' section at Def Con these days

I think slowly it's rising as a uni course as people realise that it's important

Then we just need to wait 10 years (or more) for politicians to allow it

Yeah both the colleges I've been to are now teaching cybersec along with lots of others. Once big business sees something as essential it becomes necessary college work but academics have been at this stuff a long time too. Anyone see Cliff Stoll's Ted Talk or read his book about the Russian hacker back in the 80s?

https://www.ted.com/talks/clifford_stoll_the_call_to_learn

https://www.amazon.com/Cuckoos-Egg-Stoll-Cliff-Paperback/dp/B008AU5232/ref=sr_1_3?crid=14N6OEPT7KXEW&dchild=1&keywords=cliff+stoll&qid=1586474041&sprefix=cliff+st%2Caps%2C409&sr=8-3

ooh, I remember that talk very, very vaguely

I found it very entertaining 😛 He discovered a hacker, reported him to the FBI and set up honeypots, did digital forensics, tracked him back to Russia and invented a firewall for his university network

hahah, nice!

This was back in the 80s around the time I was discovering the joys of waiting for Commodore 64 games to load

Luckily I didn't have to wait for that :p

We had a tape deck you plugged into the C64 using normal blank cassettes you'd get music albums on. My friend up the road got some games on a cartridge that would load almost instantaneously. Joke's on him, I learned to code a little bit and he went working for the government

Yeah, I have no doubt that tinkering with a C64 was the way to learn coding early then :) What I meant is that I wasn't born to have to wait for it :p

Some were born lucky 😛 As a kid I spent a lot of time waiting around for things to happen... Life was slow for everyone til the 90s

But then things picked up speed cause I was born ;)

Haha yeah people had to work much faster and harder when you came along 😛

That's the price of progress!

Ah but progress in which direction?

A very, very silly direction!

In that case I'll need to consult my associates in the ministry for silly walks... they'll know the best way to get moving on it...

https://www.youtube.com/watch?v=BoIdEjdZIls

Joke's on them. I have tractor wheels for legs

gotta love Monty Python, though

Poor john got fed up doing silly walks for the live shows

Yeah they're absolutely hilarious.

It was a pity, getting older just had the usual negative effect on his flexibility

It's almost as if the walks were designed to be impractical, huh? :p

Some might go as far as to say

Silly

Well that was the whole point wasn't it?

I swear I can hear john cleese saying that in my mind's ear

Yeah I tried to imagine a John Cleese interview where he's dialoguing with the interviewer, making a statement, being quizzed while he looks down and rocks forward a little, scratching his arm or something...

ooh, ooh

the one with argument

https://www.youtube.com/watch?v=xpAvcGcEc0k

damn, i really thought he said something along the lines with "Well that's the bloody point, isn't it?!" or something in that clip

Also, I'm getting terribly tired. I should probably do that sleep thing

Yeah I should do some of that at some point too but not for another while 😛

@dark rune spanish?

what's everyone listening to?

whats the best way to study for Security+ Cert?

Should I buy their training directly for $500 - individual license, or are there other options that are preferred ?

hmm today I will cable manage my pc

it begins

removing unnecessary front panel cables

Epic exterior out take fans

Storage drive sandwich!!

Molex train go chuggah chuggah chuggah

remind me to never

ever

let you touch my computer/electronics

With most pc cases you dont need a hot glue gun to install fans,,, well,,, the Antec Lanboy isnt most cases 😎 😎

if @cobalt thicket sees this he's going to have an aneurysm

you should see the nest

nest of rats?

this is the nest

"server" chassis houses a router, spare copy paper, mouse, keyboard, aux speaker

and some other stuff

my internet cabinet is worse. I pretty sure its a fire hazard

oo do show

@graceful coral this fire hazard

its really something else in there

A jungle one might say

All done

yay

that case is so jank

you see, by blowing cool air directly onto the cpu and gpu

I get the best temps

yes this case is beautifully atrocious

lies

liquid nitrogen gets the best temps

change my mind

*best temps on air

Front panel fans use like... plastic tonga to secure? And everything else was supposed to use antecs propiertary epic fan for the case, but uhh they dont make or sell it so epic hot glue instead

I both love and hate it

It can accomodate 22 fans

Nice spaghetti you got there

Imagine not using glaciers from the Antarctic to cool your PC

Gamers are causing global warming! How could we have been so blind!

Well, glad you haven't seen extinction rebellion yet

haven't seen more of dik-diks like those

in the winter i just need to start my PC to heat up my room. Lol

for the record this is a dik-dik:

https://tenor.com/view/clown-tears-cryingclown-gif-10658362

i don't with Greta trying to sell lies, not being political about it

just human.

🍰

i need help with a task

a room?

which should i ask in

task challange in learning linux

if you embarked on a mighty quest this is the place to ask. if not #room-help or #room-hints is the place to go

#room-help

aight thanks yall

no worries

🍰

🍰

That's me furloughed for 3 weeks

Hi

How are you?

I need help

☹

@foggy temple What do you need help with?

Everything☹

If you can be more specific we might be able to help?

Generally help requests are mentioned here #room-help ^

One day im gonna live underbridge

    at readStream (/root/tryhackme.com/node_modules/raw-body/index.js:155:17)
    at getRawBody (/root/tryhackme.com/node_modules/raw-body/index.js:108:12)
    at read (/root/tryhackme.com/node_modules/body-parser/lib/read.js:77:3)
    at urlencodedParser (/root/tryhackme.com/node_modules/body-parser/lib/types/urlencoded.js:116:5)
    at Layer.handle [as handle_request] (/root/tryhackme.com/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/root/tryhackme.com/node_modules/express/lib/router/index.js:317:13)
    at /root/tryhackme.com/node_modules/express/lib/router/index.js:284:7
    at Function.process_params (/root/tryhackme.com/node_modules/express/lib/router/index.js:335:12)
    at next (/root/tryhackme.com/node_modules/express/lib/router/index.js:275:10)
    at jsonParser (/root/tryhackme.com/node_modules/body-parser/lib/types/json.js:119:7)
    at Layer.handle [as handle_request] (/root/tryhackme.com/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/root/tryhackme.com/node_modules/express/lib/router/index.js:317:13)
    at /root/tryhackme.com/node_modules/express/lib/router/index.js:284:7
    at Function.process_params (/root/tryhackme.com/node_modules/express/lib/router/index.js:335:12)
    at next (/root/tryhackme.com/node_modules/express/lib/router/index.js:275:10)
    at cookieParser (/root/tryhackme.com/node_modules/cookie-parser/index.js:70:5)```
i just wanted to have a REALLY strong password :(

Im confused

How is that off topic

off topic is technically a catch all for anything that doesn't fit anywhere else

@crude agate is that you the one of as the speaker for sarcon?

hey hey 🙂

it's actually going to be @strange axle - pending his confirmation ofc 🙂

yeee

I just have to find a good picture of myself haha

Haha are they just shuffling through our pictures on the website?

@strange axle is a sexy man.

dabs

Aight optional is going live so I'mma pass for a bit

Is it time?

❗ 🍰 ⏲️

!!!

it be time

Sweet

gets popcorn

Muriburi, tell me about the creation of profiles for volatility.

volatility brings me flashbacks

i dont like it

What would you use instead, Dandan?

A .45 to the skull

har har

so you just don't (wanna) analyze dumps?

all that pinging get irritating to me ...😦

Do you mean announcements?

ahhh yeah

@strange axle ^ How about an opt in (or out) for announcements? Like a role. I've seen it on other discords.

thanks would be awesome

does anyone know if theres a disc similar to this one for leetcode/hackerrank etc...

🍰

🍰

I just have to find a good picture of myself haha
@strange axle can't wait to have that one in grayscale haha

Yeah the picture I took was definitely something