#voice-chat

no?

you should leave port 9999 alone

Can't

Not allowed to attack 9999

oh

okay

dont knw what im doin lol

is brute forcing allowed. i doubt it'd work

or completely wont work

so is it port 3000

I patched access to root so good luck.

I see what you did there 😂😂😂

Ppp

Yeah

@plucky vault No.

You want to know how I patched some things @ripe rover?

Yes sir

What method were you trying?

@full sapphire hey we have @plucky vault being very toxic in vc :)

Muted.

Ahmed

oh you're in vc cmn

@plucky vault i spawned a reverse shell using nodejs but i don't know much about patching side

I killed node and started blocking incoming connections besides SSH, and then I prevented access to root.

Ooh, Elf is streaming 🙂

After writing to the king file and doing "chattr +i king.txt"

Annnnnd removing access : )

lol

why are u playing dude

we are no match for you XD

It's fun : )

i'll pratice hard af from right now

Haha, well pick up some books then, complete some beginner boxes.

im gonna beat ya next time @plucky vault

Can you tell more about blocking the incoming connections thing?

I have just banned Ahmed-al-Hammad @tame ether. Thanks for letting us know

Haha, well pick up some books then, complete some beginner boxes.
@plucky vault i've already done it

will do more

@ripe rover iptables

e.e

Ah shit ,obviously i still have a lot to learn . Thanks for sharing the info tho ^^

No problem.

after the challenge is finished will ya tell me how did u do it @plucky vault

?

There's a lot to learn, and the whole point is for you to understand it, not just get the answers.

True

I exploited a vulnerability in curl to get on faster, and then changed passwords and dropped a backdoor shell

okay

Up for another game ? xD

what topics do you suggest to learn before i become eligible for koth?

Sure @ripe rover

"Elf McSkidy hacked the FBI?! No way. He's a fokin knob"

@plucky vault Do all the basic rooms, things that teach the beginners level of things, like the RP series.

ok

@plucky vault apt install bless

Can we keep the voice to being helpful and constructive please. We're all here to learn

Keep it civil guys

Oh my god

What is going on here

@real orbit what's Bless?

hex editor

Adding to list of things I never knew about but need

What would you use a hex editor for anywho?

yes

ghex is nice too

If you have GDB

Editing binary files EG headers

And like radare2

GDB is a debugger

Ahhhhh

Radare is RE software

Not sure where it would come in handy but I'll look into it

Binary != executable in this case

Image files in CTFs with bad headers, changing bytes, it comes up

I'm sure it does

I just don't know what any of that means

Or the implications of being able to change them

I'm working so can't join the party. What room is he doing

cherryblossom

@real orbit what is bless thing

it's a hex editor

thank you

Radare is RE software
@forest python that also has a debugger

A hex editor is separate, that's the point I'm making

https://darkstar.attacked.me/urATC2ccSYpJ.png

damn, i never saw this many people in vc at one time

Seems like Elf McSkidy is doint something nice 😮

coming in hot

nice hair you got there

show your feet @midnight fern

Fun fact, people in voice chat are weird. Justsayin ;P

Even funnier fact, people generally are weird

Wish I could stay

I just like hearing Dark talk

I feel I gain brain cells when he talks about pentesting

And methods

Smart kid lol

@marble cape how did you get to where you are but you're so young?

wait till' you see one of his famous infosec twitch streams :)

oi

Are you just one of those genius kids that started playing with computers when they were 2?

Like you hear on Darknet Diaries

I've been playing with and building computers for years

"Joe was just a normal kid. He made his own computer when he was 5"

Infosec has only been a recent thing though, like three years tops

midlife crisis

But I assume you live and breathe it to know as much as you do

Just read a lot, albeit it doesn't come off super well on stream because I'm not one to enjoy being up on stage when I'm the main focus

He's too young to have a midlife crisis

What do you read

@plucky vault - not ~

I'm going to start posting what I read on my website

Just articles from Google searches on topics you're interested in?

I'll post the two books I read last week here in a moment

Cuz my life goal is to get where you are lol

In a position like that

Hell, I'd even love to do physical pentests

That would be awesome

I also say yes to a lot of things that I may not 100% understand from the get go and I'll learn either before or as I do them

what is your website?

Throwing yourself in the deep end is fun as long as you're prepared to try and swim

https://www.darkstar7471.com

I'm working on the blog part now, I just mostly have all of my VMs and resources up there

Along with links to talks I've given

@forest python ooo 😂

reeee

@marble cape I do that too. It's a good attitude to have

https://www.amazon.com/gp/product/B083XVG633/ref=ppx_yo_dt_b_asin_title_o02_s00?ie=UTF8&psc=1

https://www.amazon.com/gp/product/1591841666/ref=ppx_yo_dt_b_asin_title_o03_s00?ie=UTF8&psc=1

@lyric horizon ^Those two books

Added to Wishlist

Thanks man

And let me bookmark the site

Looks good. Built it yourself?

Yeah, it's simpler than it looks though lol

There's a github repo for it that you can see the entire thing in

Oh nice. So in addition to red teaming, you know how to make a good looking, custom website lol

What languages did you use or frameworks

Standard web with bootstrap haha

Excellent

Yeah I guess you wouldn't need any server side

@marble cape what do you think of the book "Black hat python"? I starting reading this week

Haven't read that one yet but I've heard good things

Same

Python is mostly practiced based so tbh, as long as you're doing the exercises you should be set

Friend from work started it and said it taught a lot of cool things

Yeah that too

It's one of the no starch press books right? yes it is, checked that

i think yes

Usually their books are free no?

Nah, they just do a lot with Humble Bundle

Ah gatcha

This is one that's coming out soon that I'm really excited for: https://nostarch.com/GhidraBook

Would concepts here apply to other RE software?

Or is it just teaching Ghidrs

Ah looks to be most only Ghidra

oooo Ghidra

Where's a Cutter book :(

https://cutter.re/docs/

there

Lolol

which room is this

Cherryblossom

hey look my profile 🙂 👍

literally vc

the cat is watching

👀

he has blessed us

:c

i'll give a can of coke to everyone in vc
DISCLAIMER: I won't actually give any coke cans

@plucky vault https://github.com/saleemrashid/sudo-cve-2019-18634

ty

I dockerised it too

with Muirl for the box

wait no wrong box mb

where do you come from where do you go

where do you come from scp file

@plucky vault scp sourcefile destinationfile

scp exploit DESTINATION

YES

Elf may appear to be silly, but he's got the whole of this discord teaching him. That's some next level straegy

o.o

Back to terminal

NOW

Very successfully, it appears...

Making leaps and bounds Muirl

It slightly reminds me of "twitch plays"

twitchdoeshacking

You lot are not gonna like the next two...

No one is noticing my nice message?...

I didn't even bother with my notes -- I just hacked it myself while he was figuring out SCP...

https://darkstar.will-never-love.me/pMnlr2hxl8PD.png

why

WHY

my head still hurts

Wait

Wait wait way

He shredded his own

AGAIN?!?!

why did he shred again...?

Can't even blame Pars this time...

Did he mean to do it to the box?...

no idea

don't think anyone told him to

Nah

No one told him to this time...

Every new room requires a new distro

Well, naturally

This time we're doing Parrot

that was fun 👏 👏

Ey, let's be civil here. Be nice

Elf has the thickest skin here, he doesn't stop, legend

• I'm pretty sure he was on an advert for "CompareTheMarket"

@livid crag if this is illegal, I would suggest not doing it...
Either way, please don't stream it if it ain't THM

Oh, on which note, if someone pastes a room IP in a chat, please don't mess with it

It's not illegal, he had permission.

yeah it was a bug bounty

If

If it's not illegal than carry on 🤷‍♂️
Either way, please keep it THM related here though

This is THM we stream THM stuff not random Bug Bounties. You could lie about having permission.

imo

☕

Noted.

We need to get Elf to try out Temple OS in a VM

We don't do that thing around here @sacred relic

Rule 9.

ok

guys what is 0x1 or 0x8

is that rank or something like that

?

Yes

It correlates to your TryHackMe level

Oh you are live, lemme just turn on my pc

gotta call - muted

https://tryhackme.com/room/linuxprivesc

it thought me alot

brb i have to switch to phone

@plucky vault mind passing me the koth invite?

https://tryhackme.com/games/koth/join/d7ee7ce0fa30224fc562bfea

@tame ether Did you kill sshd or iptables me?

nope

Huh

Well, gg.

only stopped the backdoors

Nice patching.

what was that program?

Why?

yCfAx

only one with the connection to another IP

so that was you

Yeah haha

and I can't find it D:

Haha well good luck 😄 you're smart

I can't even ssh haha

😎

Do you mind telling me how you patched it :p

aside from stopping the shells i removed sudo perms and moved ssh

I saw that lmao

I saw the removal of sudo, at least

saw?

Logs

ah

It logged every file change, at least

e.e

That program is interesting, is it still on the box?

@marble cape Can you fix jurrasic park in https://tryhackme.com/room/hackback2019 : )

It's not, no.

I'm still improving on it.

if you want the flag DM me the one you got and i can pass to you the working one

Alright

Clicking "Join Random Room" for 10 minutes straight is fun :p

automate it

Wish I had nitro for an emoji right now, but no e.e

:(

@marble cape I can agree to that. Nights in the NOC and weekends in the SOC, and being in the CSIRT is very fast, but it's fun.

(lagged sorry)

all good and yeah absolutely

@marble cape Good night, tell Kris I say bye, szymex gg, and off to the NOC I go : )

peace man ❤️

gn :)

byee

https://tryhackme.com/room/rpnmap

please god help

https://www.offensive-security.com/kali-linux-vm-vmware-virtualbox-image-download/

https://drive.google.com/drive/folders/1pIh9t_e6CyjaaZgtA_K1okZkcHhrXncX

https://phoenixnap.com/kb/how-to-install-a-gui-on-ubuntu

https://www.virtualbox.org/

?

Can you share the twitch link?

Oh my twitch link?

yes

https://twitch.tv/darkstar7471

dark's infosec streams in a nutshell
https://cdn.discordapp.com/attachments/698393227283398722/716788092744499291/epib.png

Tablet Parts

$35 Raspberry Pi https://www.canakit.com/raspberry-pi-4-2gb.html?cid=usd&src=raspberrypi

$19.99 Power Bank https://smile.amazon.com/Miady-10000mAh-Portable-Charger-Charging/dp/B07XFBN7HX/ref=sr_1_1?dchild=1&keywords=2-Pack+Miady+10000mAh+Dual+USB+Portable+Charger%2C+Fast+Charging+Power+Bank+with+USB+C+Input%2C+Backup+Charger+for+iPhone+X%2C+Galaxy+S9%2C+Pixel+3+and+etc&qid=1591177656&sr=8-1

$7.29 Micro HDMI to HDMI Cable https://smile.amazon.com/Seadream-1Foot-Degree-Angle-Connector/dp/B07DR2ZGLV/ref=sr_1_13?dchild=1&keywords=micro%2BHDMI%2Bmale%2Bto%2BHDMI%2Bmale&qid=1591196406&s=electronics&sr=1-13&th=1

$40.99 7in. Touch Display https://smile.amazon.com/Guhui-Capacitive-Display-800x480-Raspberry/dp/B07N1P5YWR/ref=sr_1_9?dchild=1&keywords=7inch+touch+display&qid=1591178930&sr=8-9

$22.99 120gb SSD https://smile.amazon.com/PNY-CS900-120GB-Internal-Solid/dp/B0722XPTL6/ref=psdc_1292116011_t1_B07JJ37ZBZ

$15.99 Case w/ cooler https://smile.amazon.com/Miuzei-Raspberry-Aluminum-Included-35×35mm/dp/B07VVZ8T2S/ref=sr_1_9?dchild=1&keywords=Raspberry+pi+4+cooler&qid=1591178368&s=electronics&sr=1-9

= $142.25 + $9.95 (Tax)
(Total) $152.20

Implementation of the USB 2.0 controller not found!
Because the USB 2.0 controller state is part of the saved VM state, the VM cannot be started. To fix this problem, either install the 'Oracle VM VirtualBox Extension Pack' or disable USB 2.0 support in the VM settings.
Note! This error could also mean that an incompatible version of the 'Oracle VM VirtualBox Extension Pack' is installed (VERR_NOT_FOUND).

https://download.virtualbox.org/virtualbox/6.1.8/Oracle_VM_VirtualBox_Extension_Pack-6.1.8.vbox-extpack

Not in a hypervisor partition (HVP=0) (VERR_NEM_NOT_AVAILABLE).
AMD-V is disabled in the BIOS (or by the host OS) (VERR_SVM_DISABLED).

https://tryhackme.com/room/rpmetasploit#

@fierce laurel

oh

ok one sec

task 5?

and the payload is correct?

no need to ping mods

@tawdry tangle are you sure of the payload

yea yea it's correct

umm

try changing the port to 135

Rport

type check

remove the j

like

-j

are you sure the host is still up?

idk I've done this a looong time

I don't think it'll respond to ICMP

you should try the tmux tutorial

oh ok

yea 8000

wait

I think your LHOST is the target

nmap -sV -p- -T 5 -Pn IP

and RHOST is you

wait

run

ifconfig tun0

ifconfig tun0

@tawdry tangle try running ifconfig tun0

waaait

are you connected?

openvpn?

F

just do

yea it is installed

sudo openvpn <file.ovpn>

yea I was confused

lol

are you good with reverse engineering?

:(

I've been stuck on this since yesterday

I couldn't even find any writeups

https://tryhackme.com/room/introtox8664 @weary grove

it's supposed to be a walkthrough, but it's been mentally abusing me

I'm stuck at the last crackme

Connection to 10.10.31.99 closed.

F

you don't have to do that

just terminate the machine and relaunch it

yea I was about to say that

rename it

or do it like this \(\)

@tawdry tangle just terminate the machine and start it again

you won't lose any progress

oh wait

\just change the LHOST

no

LHOST]

not RHOST

sometimes tun0 doesn't work, so make sure you put the actual IP

@tawdry tangle your IP

LHOST

make sure you put the actual IP

he put ton0

not tun0

@weary grove

I can't talk just tell him

he put ton0 and not tun0

nano /etc/network/interfaces

service network restart

ip link remove wlan0

missclick lol

Hello there.

asdf jkl;

?

There is a good video from luke about cat | grep :D
https://youtu.be/82NBMvx6vFY

@plucky vault

kali on WSL. Not working for me at the moment.

Soo yeah.

You need wsl2

So windows 10 v 2004

Yeah, it is WSL2.

It's just that I can't deploy the VPN at the same time.

For some reason....

Anyway, I'

Anyway, I'm downloading kali linux 2020 iso now.

I'll install it directly on my hardware just like before.\

🙂

< file < anotherfile Could someone link me to what that is??
Less writing :D

@livid crag cleanup.sh ?

u can use pspy to see what is being runing

thats my namee

@livid crag try to find lfi

which box is this

what ?

@livid crag im gonna go to store

gonna be back in like

20 minutes

can you wait for me ?

ok brb 20 min

my mike isnt on

damnit mike

I cant hear you @plucky vault

Let me see if I can troubleshooti.

ok

How do you want to do the private call?

Google?

Still?

Ah ok

hmmmm.

yeah.

Is there any sound at all?

Yeah, it is.

I thought I solved it for a second.

Oh no, I didn't do that website you sent.

I tested it with Discord.

The joys of lnux

linux

Yeah.

Yeah.

Just overnight.

Do you mean the sound settings?

Does he mean?

input device microphone - blue snowball.

Um, wdym?

ah one moment.

like this ^

Oh ok.

just woke up.

Ah I can't do that.

Default and Snowball.

oh wait

i got it

see you have push to talk on

but no key set for push to talk

Try changing that to Voice Activity or set a key in No Key Bind Set

did someone said gave up video games?

Hmmmmmmmmmmmmmmmmmmmmmmmmmmmmm..........

ehm ehm

whats the other game except grey hack ?

Can you spell it in here?

i didnt get it 😦

nite team 4

thanks

no problem

which box in koth?

Stream it @livid crag

i dont think james will mind

wait, why he will mind for streaming a game?

Yeah, I'm still working on it.

What version of Linux do you have?

It seems to be working on yours.

You should really make a rule for that

20.04

Y'don't think it's common sense?...

Kinda falls under Rule 14

umm i thought streaming some games wasnt against the rules

Yeahh, it above.

It's still on voice activity.

lsusb

Bus 004 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 003 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 004: ID 1532:005c Razer USA, Ltd Razer DeathAdder Elite
Bus 001 Device 003: ID 1532:0209 Razer USA, Ltd BlackWidow Tournament Edition Chroma
Bus 001 Device 005: ID 0d8c:0005 C-Media Electronics, Inc. Blue Snowball
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

arecord -l

oddrabbit@Wild-Dog-Pro:~/.config/pulse$ arecord -l 5
**** List of CAPTURE Hardware Devices ****
card 0: PCH [HDA Intel PCH], device 0: ALC1220 Analog [ALC1220 Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 0: PCH [HDA Intel PCH], device 2: ALC1220 Alt Analog [ALC1220 Alt Analog]
Subdevices: 1/1
Subdevice #0: subdevice #0
card 1: Snowball [Blue Snowball], device 0: USB Audio [USB Audio]
Subdevices: 0/1
Subdevice #0: subdevice #0

                     |  _____________ ____      ____ __________________     |
                     | /____    ____//   /\    /   //                  \    |
                     | \___/   /\___/   /_/___/   //    ___    ___     /\   |
                     |    /   / /  /   ______/   //    /\_/   /\_/    / /   |
                     |   /   / /  /   /\____/   //    / //   / //    / /    |
                     |  /___/ /  /___/ /   /___//____/ //___/ //____/ /     |
                     |  \___\/   \___\/    \___\\____\/ \___\/ \____\/      |
                                           "Try Harder"```

System76. 🙂

Add me @livid crag ?

no

I've accepted the friend reqeust.

Where to now?

he is about to add you

OK, awesome. Thanks.

I finally did the mr robot machine

Hi D4SuCE.

I don't have a microphone.

What's that

?

Do you want to do a KOTH?

Tablet Parts

$35 Raspberry Pi https://www.canakit.com/raspberry-pi-4-2gb.html?cid=usd&src=raspberrypi

$19.99 Power Bank https://smile.amazon.com/Miady-10000mAh-Portable-Charger-Charging/dp/B07XFBN7HX/ref=sr_1_1?dchild=1&keywords=2-Pack+Miady+10000mAh+Dual+USB+Portable+Charger%2C+Fast+Charging+Power+Bank+with+USB+C+Input%2C+Backup+Charger+for+iPhone+X%2C+Galaxy+S9%2C+Pixel+3+and+etc&qid=1591177656&sr=8-1

$7.29 Micro HDMI to HDMI Cable https://smile.amazon.com/Seadream-1Foot-Degree-Angle-Connector/dp/B07DR2ZGLV/ref=sr_1_13?dchild=1&keywords=micro%2BHDMI%2Bmale%2Bto%2BHDMI%2Bmale&qid=1591196406&s=electronics&sr=1-13&th=1

$40.99 7in. Touch Display https://smile.amazon.com/Guhui-Capacitive-Display-800x480-Raspberry/dp/B07N1P5YWR/ref=sr_1_9?dchild=1&keywords=7inch+touch+display&qid=1591178930&sr=8-9

$22.99 120gb SSD https://smile.amazon.com/PNY-CS900-120GB-Internal-Solid/dp/B0722XPTL6/ref=psdc_1292116011_t1_B07JJ37ZBZ

$15.99 Case w/ cooler https://smile.amazon.com/Miuzei-Raspberry-Aluminum-Included-35×35mm/dp/B07VVZ8T2S/ref=sr_1_9?dchild=1&keywords=Raspberry+pi+4+cooler&qid=1591178368&s=electronics&sr=1-9

= $142.25 + $9.95 (Tax)
(Total) $152.20
@tawdry tangle
But can it run Crysis?

8gb model or none.

8gb model or none.
@waxen cave Theres an 8gb model? Aww everywhere is out off stock 😦

Did you check adafruit?

I'm not made of money

Its already almost $200

nmap -T4 -A -p- -PN

@rough flax Whatcha streaming?

https://blog.tryhackme.com/going-from-zero-to-hero/

so i guess im streaming wonderland now .

Have you asked James about that @plucky vault?

It's a new box

i think he said i can?

gonna ask hem again tho

wait you modified the dirs 2 ?

oiooo

i got something

kekw

😭

@plucky vault what are you trying to do

trying to upload file to my pc

use scp

^^

*trying to copy a file off the box

netcat file transfer?

Which you can do with a single HTTP server with python and a single WGET

I've given him a dozen options

scp is easier tho

scp is the easiest as it doesn't require setting up any servers or listeners

^^

@plucky vault Don't install php

0 reason to install php

okay

why are you installing an ssh server

because you need it for scp

iirc

you don't

o really?

you need a ssh client

No

He needs to recieve the file

server

He doesn't have a password for the user on the box

Elf, other way round

Serve the file from the box

ssh key

WGET it from your PC

no

password

yes thats what im doing

oh no

He doesn't have the password

im not doing that

You're trying to send the file

from box do scp to pc

You want to serve the file

no?

He can't

Because he needs an SSH server

@plucky vault You know HTTP

It's HTTP

on box you need ssh client

And on his machine he needs something to receive the SCP connection

So an ssh server

or that

there

That's all it took, elf

why not just add the ssh pubkey to the box and use scp from his pc

yes i get it now

its done

@forest python 2 very simple commands

😂

simple

but look how long it took you 😟

ikr hahahaha

now im going to be doing something i have no idea what im doing pls help me

lol

what do you need to do

avoid segmentation fault

XD

ok

so uh

im stuck

@plucky vault Chuck a decompiler at it

its made in c

hang on

Something like Ghidra has a decompiler. Or cutter which is a nice gui for r2

https://github.com/radareorg/r2ghidra-dec

Or that one, which cutter uses

Turns assembly into C

ooo

im gonna check that out rn

You can do it straight from r2 if you know what you're looking for

Elf it had installation instructions

@plucky vault Don't clone it

You don't need to

Under the Install in the readme

No elf

It tells you exactly what to do

You don't want to build programs

Elf

In your terminal

its not working

It tells you what to do to fix it

It is

You made a franken debian

And I warned you

xD

This is why I warned you

Yes you can

but i can't install gobuster if i don't have it

You need to take like, a minute to understand how go programs work

Or download the binaries and add it to path

or twinkle with sources 😂

When someone emphatically tells you something is a bad idea, and gives you reliable sources to back up why something is a bad idea, you probably shouldn't do it

yeah thats a good point

Something that isn't useful

You can RE the program using incredibly simple techniques

And that gives you enough to exploit it

am i going the right way?

You're not going any way

am i going the right way now?

I thought you said you weren't going to ask for help

okay okay

no help

this is 2 much stress for me

https://tenor.com/view/umm-confused-wtf-blinking-okay-gif-7513882

@plucky vault grab the appimage for cutter and use that

@plucky vault Radare 2 releases on github

Cutter

Releases.

omg what is this

You know where releases are

It's a gui for radare2

Scroll up

It's the same place as regular github releases

@plucky vault No, that's the repo files

Top bar

releases

Yes there

yes i found it 😂

You'll need to chmod it

ooo its an app image

like runelite

i know how to run those

@plucky vault Elf

I said you need to chmod it

Set it to dark

midnight

you need to enable the decompiler

how do i do that

Windows > Decompiler

Click on main

That's basically exactly the source code

You should know the library calls

and this is even more confusing

You have the source code of the program

Find the vuln

It's in main

Elf, you said you know C. You should know puts, system and getchar as library functions

i know

i liturally sent you the file of what i learned

i didn't learn puts or any libary

i think?

If you don't know the very basics of stdio, you don't know c

google the functions

ok

ok

so i read it

it's basically print

puts is print

Yes

getchar is scanf basicly

no

it gets a single character

wdym no its looking for user input right?

YES

So

sry for caps

lol

it prints segmentation fault

You can see that

You can see exactly what the code is doing now

😟

@tame ether You rooted it yet?

ye

i was blind

saved the steps, might make a writeup later and publish it in few days

you fell for it

yes i don't understand now

so what ever i input

yes

its prints seg fault

Yes

it's not erroring

It's just printing it

thats evil

wait what am i looking for then

I mean the exploit is really easy

look closer at the generated code

If you've actually done boxes on THM and learned

You should only care about main here

its a buffer overflow?

Elf

It prints Segmentation Fault

read the code

😟

There are no buffers

It gets a single character

yes

okay just gonna bruteforceit

You can't BoF with no variables and a single character that is never stored

Elf

You can see the code

yes

You know it's not checking the input

It's discarding it

elf, not every function there is a print/getchar

The input doesn't matter at all

You said no help

now i want to get back on the box and check that tryhackme user out, forgot to do it before

@tame ether I can tell you if you want. There's nothing there

:C

It's just the user I use to create the challenges

Bash history wiped

Runs the webserver

noticed that, it's the first non-root, non-system user

It has all all sudo

But you don't have a password

so i was correct

it involves time ?

i mean date

Not really

Only trivially

well technically it does

kekw

i give up on this one 😭

No

james help mee !! 😦

Go do some THM walkthroughs

Learn2hack

no i want to complete this one so hard lol

Part of learning is knowing when to give up

And come back later

^

but :

this room is so nice

and i wasted 5 hours on it btw

You need to learn how to exploit things

You should have been keeping notes so you can come back to it

and i wasted many more hours on other rooms. it's part of the process elf

It's a challenge room

Don't be surprised when it challenges you

the point is there is no room for giving up and leaving the room rn

kekw

No

You need to learn what how to do things

There's a reason walkthrough rooms exist

@plucky vault do you take notes on rooms at all?

you set super weird permissions

permissions are normally 3 digits

james i broke something

Yes elf

Don't blindly chmod stuff

nwm i fixed it

@plucky vault do you take notes on rooms at all?

no

kekw

😟

i put stuff only in my head

hang on i need a cigarete lol

well, good luck when you forget something

im back

i don't do forget 🙂

I mean

I doubt that, if you've completed more than 10 rooms on thm

Go do some walkthroughs

Learn more techniques

Understand them

or

and take notes

You need to understand in order to apply things to other rooms

learn them by streaming for 5 hours

Bashing your head against the wall isn't a healthy learning strategy

i do that some times when i get really mad

or really bored

xD

https://get-darkstar.away-from.me/18HZX8vxuNWl.png

Go learn some stuff

this is for a reason

Stop using the headbash method

Learn what you're doing, and it goes much smoother

it really helps to revisit stuff, you don't waste time

i mean sure

but this way is good 2

It's not

you know learn the hard way

For everyone else involved

tru tru

Why learn the hard way when you can learn the easy way?

cuz the easy way is bully 😂

bully?

I don't think you know what that means

tbh this way is "bully" as you say it

it was a joke 😦

It doesn't make any sense

@forest python google how to troll pls

Elf

You used a word that doesn't make any sense in the context

That's not a troll

yes

That's just using the wrong word

gif incomming

https://tenor.com/view/lietuviskoskaledos-kaledos-kalėdos-biteskaledos-bitesgifai-gif-13063358

Kale is a vegetable

he is a youtuber

this is some stuff i will never understand lol

https://tenor.com/view/putinoutsmartedher-gif-6197925

https://tenor.com/view/facedesk-gif-5907213

@plucky vault not cool

i don't know what to do

Elf

I've said it before

And I'll say it again

no i mean with this

Walkthroughs are to teach you

Go do walkthroughs

which one

A bunch of them

Maybe start with some easy linux ones

but i alredy know how to do linux stuff

here

No

you know how to use a terminal

There's a lot more to hacking linux than that

yes

Do some linux based walkthrough rooms

You're never done learning

okay but first i finish this thing

Elf

You won't be able to

You need to learn skills

leave wonderland alone elf

Come back to it

i don't want to

its part of me

You prefer to beg me for help than actually put the work in yourself?

both

😟

I'm being serious here

Go do some walkthroughs

how are you 0xD with this mindset :(

close the stream
and start watching this playlist
https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN

I mean it's not binexp

No point misleading him

it's something 100x easier

It fakes being binexp just to mess with you

Because it's a CTF

@plucky vault I said linux walkthrough rooms

Not malware analysis

okay

Do rooms like kenobi

.

i don't want to use metasploit

Walked through challenges

Elf

Stop assuming it has metasploit

Have you looked?

yes

i think

It doesn't use metasploit

@plucky vault youtube.com/watch?v=dQw4w9WgXcQ

I know that URL

shhh

You can wrap URLs in angle brackets to keep them clickable but not embed

<https://www.google.com>

woah cool

https://www.youtube.com/watch?v=dQw4w9WgXcQ

XD

Now go start kenobi from the beginning

@plucky vault me is not that dumb

you tried to copy it haha

DOn't skip over questions because you answered them

That's not what starting from the beginning means

im not skiping them im gonna do that again just gonna wait a few moments

I'm leaving

why 😦

don't leave me james!! 😦

It's 4:44am?

its almost 6 am here hahaha

don't leave me james!! 😦
@plucky vault that sounds like its straight from a romantic movie

lol

The story of an elf who keeps stalking a man

thats me

pubg is free to play rn

@plucky vault

wait idk can i run it

yah i can't

im gonna go get washed and go in the bed watch tv and play liveoverflow

brb in like 2-3 hours @tame ether

play liveoverflow

Kekw

kekw

Please try to keep the streaming to THM-related content only @gaunt thunder (:

sry @quiet needle

All good - thanks!

yup

and im back to doing it

...

and im quite liturally stuck

Have you ran linpeas ?

I mean you skipped over half the doc

xD

The doc will tell you exactly what you need

But you've missed something in your current folder

Log in as the current user

Because your gid is wrong

Elf, you're running a random program

A random program isn't going to help you

wait what program

the ask password

oh

i forgot its not sudo ask password

but now i just realised

im making no sense

wow

did you see that james ?

i learned something from you

I was tabbed out

those tabs 😩

😦

did you check out the thing i told u elf?

the capabilities thing?

You're not meant to be helping him

im still confused

this is not wokring

:/

It does work

this linpeas

But you're skipping stuff

And focussing on the wrong stuff

its cuz i don't know what im looking for

The CVE needs ptrace enabled

So you can skip that

Because it won't be

okay

but im hatter

and now i need to do

this last privesc

Yes

So read the output and look for stuff that's actually going to help

brb gonna go make cigarete while this is doing its thing

https://www.darkstar7471.com/resources.html

https://docs.tryhackme.com/docs/room-creation/room-creation-getting-started/

DARKCHAMP DARK MODE

pls no ban @forest python

dark mode soon™

Wait, Is elf still not root

nope

im still hatter

https://www.youtube.com/watch?v=NJ_cHxLzPWQ

B)

fail

on purpose

https://tenor.com/view/kekw-seizure-shaking-lol-laugh-gif-16598372

xD

@forest python its done

Woooo elf rooted

ez

ez
@plucky vault

LoL eZ

that took you only few days

I hope you learned something

grats Elf!

Otherwise you failed

3 days to be specific @tame ether

yes i learned alot

2 more ways for suid

and 1 perl cep

did you take notes elf?

no

kekw

now im gonna do the python one

good luck elf, I'm doing it now

reee 😄

good luck 😂

My box has like 4 upvotes already and it hasn't even been released???

lol

omg i forgot to upvote the room

idk what i have to do

xD

did you finish kenobi?

uh

no 😂