#general

agree

And Skidys live Rap has been coming for about the same

They said they'd do karaoke

its the THM army

Networking is interesting to learn as long as it isn’t through Cisco’s academy thing. I had to do that for school.

At this stage, we should demand that Skidy and Ashu do 'Summer loving' from Grease.

Sounds painful tbf

yes!

https://www.youtube.com/watch?v=pksRek9MM1I this will do for now

Networking isn’t painful. Cisco is very painful though.

Manual subnetting is a pain

Yeah I'm really looking forward to it, but I don't like learning things corporate

i need to get my subnetting up to scratch

thats for another day

it's always for another day 😄

no quite literally

One day or day one

its too late

im going to bed in an hr

That’s how I had to learn to do it. Would have been fine if they taught us how to set everything inside windows before the hands on exam.

And in real life.. you just use a tool 😄

It's quite easy once you get the hang of it. It just takes a bit of practice

Yeah, but it's not practise I wanna do 😄

Binary/hex math comes with time

Is it an advantage if you're a programmer trying to dive into Ethical Hacking..? And how best can I divide my time between the two

Fair enough tbh

In real life I don’t get penalized for setting a 32 host partition for a 16 host subnet!

(In 7 days to die)

@gray sonnet : Drinks Moonshine
Also Vain: "Why am I see 2 of everything?"

It can help, joel. being able to read code is more important in learning how to code (of hacking). Although a bit of python and bash is useful

NOW I can aim properly

It's an advantage in some cases. It might be easier for you to understand how systems behave and how they work.

Am a python, Javascript and C++ programmer. I guess on the right path

Yes for sure, programming is super helpful, reading code and understanding how it processes user data for example can be really useful for testing the security, being tech savvy in any sense of the word does no harm

Definetely

That weird programming question made me think though haha

im still baffled

Like what is it asking me to do

What question?

This beautiful mess: #room-help message

Wow NaCl You really love talking about programming

I do haha

It's been a part of my life for a while now

And I study it at university

Oh for real..?

Yup, I study computer science

Figured it out?

I mean I know what it's asking but the function just is weird

Not really

Why 2 parameters

Am A high school guy. Still debating wether to study Cyber Security or Software Engineering..Can you give advice

What do you like doing?

It really depends what you wanna do with it, they're very different fields

just wait til you get a job, then you'll definitely stop talking about it 😉

Oh definetely haha

How much btc you have, and conversion rate of btc to usd

hello

oh ok

Func gives u how much u have in dollars

Ezpz

I love programming

me too

Rate i thought constant

I like everything.

It's just counting in binary, unless you remember the magic number formula.

But I like Osint, Malware and DF more.

Don't the two connect in someway

They do a bit

But programming is different to cyber security

Same here both fields are interesting and I enjoy doing them both

I will say that programming is used in cybersec though

Like how different..?

Or so I think anyway

Can be, depends what you do in cyber sec.
Certainly an understanding of programming can help you find vulns.

I get the feeling you're a Java developer

Cyber security is about exploiting flaws in systems, whereas programming is about creating the systems themsevlves

programming is making code, cybersec is breaking it

Like a builder and building inspector

I like this one better

What makes you say that 😅

breaking it for the GREATER GOOD

https://tenor.com/view/superman-man-of-steel-gif-23391677

https://tenor.com/view/hot-fuzz-greater-good-evil-funny-gif-5283257

Your profile picture 😂 It looks as complicated as the language

hot fuzz what a film

I am a simple man

I like simple things

Yes noww

where is ur pfp from im thinking maybe like gmod

nah a bit older

That ceirtainly does not look simple to me

awww😂

It’s from a game called tropico 3, and my avatar looks like he’s been hit in the face with a pan

It’s simpler once you realise that most of it is boilerplate

El presidente

i know this game was fire

i can tell

It was absolutely fire

It was peak tropico

i wanna get back into city building games man

i remember i played a game called suriving mars a while back

maybe in 2020

very fun

Ah yeah I’ve heard about it

I played a lot of tropico in 2020 tbf

Instead of doing school haha

I'm playing Krunker Strike because I'm bored.

krunker strike?

Old web game, I play it on Discord.

we out here

here i was thinking it was just counter strike while inebriated

1v1 me scrub

Same here

krunker io

What did u think of it

But I think later than that

Nah.

This is just a time waster.

I prefer MW3

what are u waiting for

wait are u mod

Wasn’t mw3 badly received?

No, I'm a Community Mentor.

community mentor nvm

Probably, I still enjoy it

King Charles has cancer?

yeh

so it seems

Crazy world

@sick lance My baby is up and running!!!

Still gotta add 128GB more ram, and change both CPU's

And more drives.....

Cannot wait for another state funeral

Yet again

You don’t know that yet

Yes, prostate cancer iirc

Not prostate

We don't know what it is, but it isn't prostate

Didnt he just have a biopsy on his prostate?

https://www.google.com/amp/s/www.bbc.co.uk/news/uk-68208157.amp

It was discovered during that op

Strange times

But cmon charles step it up, your mum lived 96 so you can too lol

And the Ceph a bunch more storage after that into it 😄

ceph?

is this a pc were talking about

128gb ram?

2 CPUs?

Yah, not the original one I bought, but yah, 128GB, 2 Xeon's E5 2620 V4

Changing those to 2680's

How did u afford that man

😂

ceph[dot]io

Learned about it around the same time I was doing stuff with min[dot]io
Decentralized storage clustering, sort of.

https://versus.com/en/intel-xeon-e5-2620-v4-vs-intel-xeon-e5-2680-v4

I got my ways 👀

Nah, it was only $400

It, uhhh

Fell off a truck

Hoping I can approved to "recycle" one of the Rome processors from work.

We scrap so much cool stuff 😦

You can get cheap servers for less than that for an R530/R730 here

We scrap laptops, nabbed some of those lol

I paid like £150 equivalent for mine

1U? 12 Drive bays? 5 or 6 SSD bays?

2u 8 LFF bays, or lots of SFF bays depending on what you get

http://www.hyperscalers.com/QuantaGrid-D51PH-1ULH-storage-server-1u-dense-ditribution-buy-Quanta-QCT-hyperscale-server

My bad boy

EOL?

🤷‍♂️

Quite nice, I still gotta thank @hot cairn for helping me. Now just gotta change out those loud fans for Noctua's

Gave +1 Rep to @hot cairn (current: #94 - 65)

How do you guys download a flag from a Windows machine? In Linux I would start a http server using python, but in windows im lost

wget in powershell usually works.

Like I told you ages ago.

Is an alias for iwr

How can you remember that 😯

Most of us here are robots.

and NaCl is...... salty about it 😎

I am a robot, wdym!

Beep boop.

https://tenor.com/view/jordi-baste-tv3-no-pot-ser-com-robot-gif-16057126

im debating moving my stuff over to ceph lol

Debating with who?

Ok real question

myself and my sanity

And which one is the Evil one?

How many people shout "I'm in" when they get the flag

Maybe not 'shout'

https://tenor.com/view/hacker-pc-meme-matrix-codes-gif-8719645850520182314

I didn't phrase this correctly

I need to transfer the flag from Windows To Kali

But windows machine doesnt have python

Just copy the flag

copy/paste?

Not flag.... but when I forget my pasword lol

forget the flag I cant figure out how to transfer a file

lol

Look up the 'What the Shell!' room 😉

"I'm not in!"

Your never alone when you have the sound of whiny server fans

I already have a shell, I guess python is needed to transfer a file from Windows to Kali

There are other ways, and that room covers a few of them 🙂

Esqy, might be a personal question but why did you leave leading the community? (Don't answer this question if you don't want to)

There were some personal things. But I'm back now 🙂

Nice

Aye, i got a really nice welcome from the old crew when I came back 🙂

Are they going to give your role back?

That is up to them.

Right

Ye

Role doesn't matter though

You're here

Yep - Just like helping people.

Same

Okay general question

How different is Windows exploitation to web exploitation?

🫡

one is on Windows, the other is on the Web.

Woah, so insightful

Lmao

I mean... youy kinda set it up 😄

I meant is it harder? How different is it?

It's different.

Harder is subjective

I like web stuff, so havn't done much Windows, so it would be more difficult for me

I don't get this

see?

One is an operating system, other one is an application

By default, obviously operating system is harder because it is bigger

It depends on the person's knowledge and skills though

Uncle Esqy.. How long have you been in the industry if I may ask?

In total? 2 years, and that was about 15 years ago 🙂

In this room I found how to transfer a file from Kali to Windows, but I can't find how to transfer a file from Windows to Kali

What would you do if you had to transfer a file from Windows To Kali in a CTF ?

Hello THM family

Copy and paste if you have a GUI in the room

woah so gree

just a rev shell

RDP and drag the file into your system

Funny

Yeah no this is no where near me

what if I dont have the credentials, do I add new admin user and allow RDP ?

What is this for?

i will finish my exams this week , any machine u think its best to practices all things just to revise things i forget lol cause my brain is deleting space for exams 😂

Any suggestions

Joel - i'm being for real. I'm a pretty open book on here 🙂

Just for me I cant figure out how to get a file from a Windows machine to a Kali if the windows machine doesnt have python

What exams?

how are you in? SSH?

SMB is good

Sure... Maybe you just research alot because you sound like a pro in here

FTP also, Windows has a client built in

Univ one its not same field i guess well i study Networks and Telecommunications , its in the field but not security

Joel - I worked in digital forensics for a couple of years, and yup I do this as a hobby. And I may sounds like a pro, but far from it. Still learning like everyone here 🙂

msfconsole

use rejetto_hfs_exec

set payload windows/shell_reverse_tcp

this is how i got in

I have my lab on GNS3 i test SSH there with multiple VMs

if you are in Metasploit/meterpreter you can use 'download'

im not unfortunately

its just a tcp rev shell

https://tenor.com/view/hearingaids-gif-10416883811819095944

But as James has said, look at FTP and SMB

Any one here tryed before install kali on raspberry pi 5?

(Anbd take notes 😉 )

yep looking it up right now

Sure what advice can you give to a beginner like me

(im using chatgpt) 😂 😂

Stay curious. Follow the learning paths, and enjoy it 🙂

Oh I see.. Good luck in your exams

Chatgpt cant help with security 😂 i used it many times says its illegal

Sure thing sir

But i did used trick question and helped like in enumération to bypass firewalls IDS

Lol it can with basic commands tho

Yeah like for linux troubleshooting yeah i use it many times

Not all times

Last time i was on was AoC and barely did it somehow still got this

Woah

Too much Windows 😄

Need to do Windows exploitation more to get it up

Lol this giy will finish the hexagonal

Good job brother

Guy*

Dammit, I don;t have access to Hall of Fame quotes!

Mine is nothing 😂

🥲

Cause im jot subscriber

Not

Im broke to subscribe 😀

Lol

But i do the free rooms they are cool

Rather then that i try on YouTube to leaen stuff

🐺

Howling 🙂

https://tenor.com/view/controlmypc-cat-screaming-discord-gif-20582295

Muiri might be a Werewolf, but we don't judge.

Wait if Im NT authority\system, i could technically download something like Python to transfer the file easily right?

Muiri is scottish, clearly a unicron

U can consider that im vampire.😂

Unicron is right 😉

Or use FTP, which is already on there.

Not very stealthy

Yes FTP would be the best choice

Werenicron

I am summoned

True, so FTP is the stealthiest option?

yo

No, you're gonna get caught doing that too

not terribly, but better than downloading python

Muiri, can you Hall of Fame this please :d #general message

HTTP is probably better

Muiri, right on time

Whats the best option?

Best is always situational

LOLbins == best bins.

😄

Hang on, did you make the upload vulnerabilities room?

GTFObins for lyfe

So what if the windows machine doesnt have python but im NT Authority\System

Muiri was caught peeking into the chat

Will have: WMI, VBscript, Powershell, SMB...
Which one is going to be caught in any given environment will vary.
There is no perfect method.

SMB is good for blending in to normal network traffic on a domain network at least

hehe I requested this

Vbscript would hopefully get caught lol

Hahahaha found tim's secret spell

Should've posted it on Christmas

Why is it that most internships want people currently studying for a degree?

And any method you use to determine what's being observed, may itself be observed.

Basically, at some point, you have to accept that you're exposing your self to risk.
FTP/HTTP can be read because they're not encrypted.
SMB to an external IP would be suspicious, and potentially blocked, but in smaller businesses with UPnP, it may be allowed through the firewall. (See Eternal Blue)

If you have time you might try to observe what normal usage looks like for the network and find a way to make your traffic look similar.

tax kickbacks

Sometimes grant programs.

I did

A very long time ago

Outbound smb is way more likely.
EternalBlue was inbound of course

That last challenge killed me haha

But it was very helpful 🙂

Yeah. I regret that one

Would you mind elaborating on this?

Hehehe

I mean, realistically you want it to be encrypted. Packaged into a C2 connection potentially. Transferred using an approved program instead ideally

DNS c2 comms ftw /s

e.g., if support use AnyDesk just sign your own loader establish a connection and use that to transfer stuff

Chat room over DNS

RDP Drive Redirection possibly too -- I haven't checked heuristics for that

Is it a good idea to do the red teaming path after I do junior penetration path

https://github.com/kognise/arpchat

Absolutely, and at the very least if you can't get out clean, you want to get out unknown.

hehe that was what I was trying to find!

🤦‍♂️

Of course it's written in rust

I mean, ideally you wanna be caught

https://tenor.com/view/american-psycho-patrick-bateman-gif-25746875

That's the whole point of a red team

But yes, indeed

~ Muiri was here

Muiri is taking a break from fighting with iDRAC

Finally got the Proxmox server online though

Is for me?

Only took a year and a half

Need to get the dog out and go shopping though. At 2230. That's gonna be fun

Depends on jurisdiction etc, but here, your employer is responsible for a portion of your tax, workers comp, canada pension plan, and employment insurance contributions.

I can't say to having specific knowledge about any given program, but programs exist to assist wages, allow corporate tax deductions for "educational" purposes, etc.

The only specific program I've ever interacted with was when I was coming out of College in 2009. Ontario government would pay something like $2/hr towards wages of current students or recent (less than 6months) graduates.

Shops here close at 2100

Yes, but you don't want to make it easy on them 😛

Just upload youareanidiot

Ez

10:30?!

Interesting, thank you!

Gave +1 Rep to @split compass (current: #54 - 121)

Well, yeah
Bring your all, but hope you still get caught

yes.. you'll be... fiiiine

It's great when you can say "I laid low for 3 days trying to see how I could get out without tripping an alarm, and you still got me."

Hm?

Why the specific time?

Life

Because it'll take until 2200 to get the dog out of her bed, then she gets a 20 minute walk at night, then 10 minute drive to shops

Ah fair enough lmao, gl

What breed?

Cocker. There'll be pictures in here somewhere

Scottish isn't a breed. Damn Jayy :p

oh, you mean the dog..

Lol

Awhhh, really cute

Do you get much snow? Dog likes it?

My dog loves snow

Hehe. We only get snow up on the moors. But it's ok, cos we bring our kayaks up and sled down the hills on it 😄

North york moors?

Dartmoor in Devon 🙂

That sounds fun

Aaah fair enough!

Sometimes we get the kayak and turn them upside down using them as a slide

Good times

anybody got a free glasswire recommendation

wanna keep looking at my traffic usage stats

What does glasswire not have?

eh limits monitoring to 24h

https://sniffnet.net/

?

yea seems good

ty

Cool thanks for sharing

Hmm, i can't view apps that are using only the ips and domains if they got it

Thanks a lot!

Gave +1 Rep to @split compass (current: #54 - 122)

https://safing.io/

doubt

Using it for analytics

privacy has not been easy for years and doubt a single product can change that

and no arch package makes it go flop for shadows usecase

@jagged moon

Why google thinking I in hong kong

Connected to a UK ip

location is off

Unless your VPN is reeeeeeeeeeeeeeeally out of date 😄

eh its updated mullvad

• looked up my IP

its in UK

confused about hong kong

never mind there are arch user repo packages

but you gotta dig for them

Hmm, not for me

Why is finding the perfect app for my usage so hard

I don't wanna do a developer move and code it myself

because you are focused on finding a free solution with no strings attached.

even if you find a paid solution they nearly always comes with strings attached

Phew

I'm done with AD Basics

A little short of your 800 word target.

Is it too much for a note?

If they're gonna be useful to you, It's the perfect amount

Well i don't know, that's where the problem occurs

no such thing as a prob... gah, I even hate typing it. They are 'Challenges'

Fine

Hurdles

Thats better, they can also be overcome 🙂

Wow, there is a bunch of content here

Time to grind

Good luck

thm > offsec

better community less bully mods and no money hungrygreed dishonest spree

also content is sweet loving to beginners that feel confused by the wild world and need someone to take them by their hand

yay did 60 questions today and my mind isn't totally fried

Deep fry it, 60 more!

deep fry the deepfrier that you are deep frying your brain in using deepfrying batter to make it even better

started it already

Should I do portswigger or keep doing THM

lvl 2 incoming i believe in u

eh not doing on this acc

🔥

Gonna reward myself tonight after doing so much studying with Alien 1979

@mossy riveru work at THM so u got any idea if THM will ever release thier own certification

tasty

"index=botsv1 sourcetype=stream:http dest_ip="192.168.250.70" http_method=POST form_data=usernamepasswd* | rex field=form_data "passwd=(?<creds>\w+)" | table src_ip creds" > "src_ip creds
23.22.63.114 pussy" this can't be real lol

what?

Went from feeling good to getting imposter syndrome

Can't get a rev shell on this daymn machine

ahahah

Ah so got a web shell now

wp

I already broke Plex

poggers

ladies and gents, how do i fix this error?

Yummy

i swore off plex ages ago

not a fan of their constant regression in the way of privacy

idk what your error is but did you try acupuncture

my bad

gimme 5 min

Yah, If this doesn't work, I'm swapping

Restarted the actual server to fix Plex misbehaving twice

how do i paste snippets?? Im a boomer

https://tenor.com/view/boomer-alert-speaker-alarm-gif-15124610

Three 'back-ticks' before and after

^

On a US Keyboard the backtick is commonly found sharing ~ one key left of 1 below escape

if you need a better landmark it's normally three keys above the V key and four to the left

Markdown tables... shudders
So much work for so little benefit most of the time xD

if you can't go to the left you can also go right until you overflow back around

what r back ticks

That's useful.

And just like that, TrueNAS is borked too

https://tenor.com/view/weee-gif-22113548

Demonstrated by Hymnosi, described where to find on keyboard below that.

the ~ squiggly line on the top left but without shift

i wanna smash my laptop I've been working on upload vuln for 3 days

yea

sends tea

who needs a nas when you can just have 13 hard drives plugged in on the floor next to your pc

or
```
three in a row on the top and bottom of a big section to make one big code block
```

My brain still thinks in 1996 IRC, when I'm on discord x'D
Pictures make a much better description.

irc > dc

i still use irc

so much less clutter

I haven't used it in a couple years, been too lazy to set my bouncer back up since I stopped maintaining my VPS.
Once I set-up my home lab, will be back on again.

I miss my 2600 peeps.

yeah it's very community specific nowadays

most places are unfortunately on discord or slack

slack communities are weird

irc[dot]2600[dot]net [#]telephreak

slack is good for work but as a community?

hey guys join my minecraft community on Microsoft Teams!

C:\Users\jeffy\Pictures\Screenshot 2024-02-05 192341.png

fuck i didnt do it right

https://tenor.com/view/image-perms-flex-gif-22350600

Well, you probably see how it works now though.
Trial and error, good teacher.

h

ik there's a couple clients that combine irc and discord but technically that violates discord ToS I believe

verify what my friend?

great thanks

Gave +1 Rep to @coarse totem (current: #146 - 45)

iptables > firewalld/nft

it's unfortunate but a wrapper is enough

Queen's Death Confirmed

I have a lot of thoughts, ChatGPT entertains them

During an encryption event of a database, is the data encrypted individually (by column & row in the case of SQL) or as a whole or is that dependent on the type of DB?

Oddly specific question 😄

Well...

If the data is encrypted individually, can there be a mechanism in place to limit the number of "write" actions without further authenticiation?

I'm not entirely sure I understand your query

whats /bin/sh: 0 cant't access tty:job control turned off? your help is appreciated

Goteeem

https://maxat-akbanov.com/how-to-stabilize-a-simple-reverse-shell-to-a-fully-interactive-terminal

thanks friend. I'll have a look

Gave +1 Rep to @mossy river (current: #6 - 1142)

100% safe

It was a DNS issue....

https://tenor.com/view/id-like-to-resign-resign-relinquish-i-wanna-quit-quit-gif-15567850

WHEEEEEEEE progress

checkliust

checklist for fairphone 5 support from calyx os android custom rom

v organized v effecient

anyways it is now the times where shadows go meep moops while they blast beep boops to sleep sloops

https://cdn.discordapp.com/attachments/685171460804837397/1204208544849731604/1707169768216.mp4?ex=65d3e59a&is=65c1709a&hm=4de1ee92ab0568c32e7fd5ca1aa83c338da1e1cd688e2ebba7f11ea81b17b43c&

me when i hear meep moops beep boops to sleep sloops

Gooood morning fellow nerds

Night @sand trench!

shadow may i dm for important secret inquiries when u'll wake up

still cant get rid of the error: /bin/sh: 0 cant access tty; job control off. any help would be appreciated

Is that a thm box? Have you upgraded your shell?

I'm using pen monkey's reverse shell

yes its a thm box

Then go to #room-help or #room-hints and say what room it is 🙂

everytime i see your pfp it looks like a salt shaker

where can i write !vpnscript to get the troubleshooting script

I don't know what percentage alcohol your salt has 😛

#community-announcements message

i like my salt 196 proof. i wanna go blind drinking it

Yeah salt helps with that

People got thoughts on Packt for their videos and books?

Packt have a lower quality standard than a lot of training/book providers. I've also seen complaints about difficulty cancelling a subscription if you have one. Depending on what you're going for, there are much better training providers

I was looking at Humblebundle and they have the Network Mastery collection, which looks to be full of video courses around certifications.

I've never heard of the provider of those courses so can't comment but I'm guessing there are excellent learning materials already out there from other providers

No problem, that says a lot. Thank you!

Yo can you guys fix the voice channel everybody is server muted ‘FOR WHAT REASON????

Amazon: "Pay us $3 more a month to get rid of ads ontop of your prime"

PiHole: "Haha, ads go BRRRRRRR"

lol I had a great idea to test automating one of the after hours server reboots for my on-call tonight. Cue 1h 20 extra minutes of waiting for Windows Update after their window began.

Typically I start checking and installing updates about an hour prior. Made the "mistake" of automating installing updates right on the top of the hour instead, then I was kinda locked in

But hey if we can tune this well enough in our new RMM, it will save a lot of time and hassle. Just very much needs eyes on to validate this stuff to begin with

you should migrate all your clients to manjaro

lol no, I'm not even a huge fan of Manjaro

same

if you're going to use Arch based distro, use one that uses the actual Arch repos and doesn't have a history of "whoops the cert on our site/repos expired, just roll back your clocks"

...multiple times lol

that's just job security for you

they also used to recommend partial upgrades with pacman which is a big nono

still working on that burn windows to the ground tool

Good luck! Yeah was a neat looking script

been trynig to figure out how to update microsoft store packages without prompting the user

holy hell it sucks

Ugh I can imagine

I think winget can do it, but typically that does need to be ran as a logged in user

that's the problem -- it's to install winget

freaking lol, ouch

I thought there was an easier way than that, but I kinda took it for granted winget was installed on my newer systems

trying to see if i can throw something together with c# but probably just gonna say screw it and move on

Yeah I don't blame you too much... but besides that indeed winget is lovely

so many ways to install it manually, but every single one that doesn't use the ms store loses automatic updates

which i'm not a fan of

Ah that makes more sense, yeah I could have sworn I'd seen other methods

added permanent removal and blacklisting of edge and onedrive tho

so we're getting somewhere

Do see a lot of orgs moving to Edge and often OneDrive as well, but I personally vibe with your choice

I noticed Edge has a new feature where it automatically steals all your tabs from Chrome on startup

yeah the edge tweak is going to remain optional and not automatic -- but onedrive is getting ripped out automatically

easy to remove tweaks tho as needed

They ask you for permission to do so on new installs at least

I don't use either but it was a funny read 😛 I'm sure they'll have some kind of anticompetitive suit against them, a few small fines

Not trying to justify Edge, I’m sure never touching it myself besides to install a better browser, but I can see why orgs are appreciating GPOs and stuff without downloading more admx for Chrome and Firefox tho

when winget can install any browser i'll use, idec about that

i just go straight to winget when i can now cause screw those 17 pages of bullshit when you launch edge for the first time

One can hope lol, this has all happened before and it will happen again cue Battlestar Galacica (2005) music

In a previous job they had an in-house tool to manage your browser choice

They're remaking BSG again too 😛

Interesting, yeah Windows N ironically does break a lot of features

Hah indeed

I think they're finally out of ideas 😛

Personally I'm curious how Babylon 5 reboot will go with J Michel Strazinski at the helm... even if it's going to be on The CW lol.

But JMS and WB just released "Babylon 5: The Road Home" animated movie which I loved tons

lol indeed, at least Babylon 5 has some reason to come back

They already remade Babylon 5. It's called Deep Space 9 😛

BSG I've got more than my fill of

Shh, also come on it was concurrent with B5

But I am all about DS9 as well c:

Yep, totally coincidental 😛 DS9 is onme of my fave series

Plus it inspired my interest in Jambalaya #873642346762350592 message

Agreed for sure, but so is B5 lol. It's fine to love both

Damn, looks great!

Yeah of course. I'll just have to try to find time to fit in rewatching all the things I like

Hah for sure, we're just on a B5 kick since the HD Blu-rays came out on Dec 5th and we're wrapping up our re-watch

Better than the ealier HBO HD release they had thankfully but yeah still difficult with how much video tape footage they had to work with

Oh excellent! I'll have to out it on the list. I'm also trying to read more books this year

But heck, at least B5 got a pretty decent 90% film/HD + 10% upscaled VFX shot/combined shot release

Still more than DS9 will ever get sadly, but TNG kinda set the bar too high

Awesome, yeah I need to get back into my reading. I'm, you guessed it, a huge fan of classic scifi in particular

What time zone is the kick your career start webinar in?

btw highly recommend "What We Left Behind" the DS9 documentary, they did HD remaster select footage for that and it looks stunning

Yeah it's good they can give some old stuff a bit of care and attention like that. TNG/DS9 were always favourites to watch growing up and I kinda compared everything to them

I am trying to read more classic sci fi but I have a few books I'm aiming to reread before the summer too

Nice, yeah grew up with them, B5, Sliders, and plenty of other 90s scifi and vibes. Good stuff

Yeah can't blame you. Personally I'm huge on Foundation series (read it in release order imho). Still haven't seen the Apple TV+ show though

But uh, that's a bit of an undertaking. Easier to start with original trilogy of books and then expand when you feel like it

I have the 15 Robot/Foundation books lined up for later in the year. The tv series is incredibly well conceived and makes for spectacular viewing

Nice, I do have a trial from my Apple TV, maybe I'll give it a spin tonight if I don't get more distracted lol

But yeah I'm huge on combined Robot/Foundation universe. Asimov is for sure one of my faves, but I can admit his writing is pretty matter of fact and dialog/idea driven. No colourful prose there lol

Haha well I won't distract you more tonight. It's just gone 3am and it's about time I went sheep counting and z hunting 😛

Hah totally fair, still 10pm here. Talk to you later!

Just wanted to introduce myself, new here but excited to join the community.

Yeah Asimov is known to be a little bit dry with his prose but he did write hundreds of science books as well 😛 I have no intention of getting through them all. Feynman is my favourite academic/author 😛

Anyway, great to see you as always, have a good night

Test

Sweeeeet. Finnaly remove my PiHole

Welcome! We're glad to have you c:

Glad to be here! Heard about this from someone in my classes, thought id give it a shot! Wanting to learn as much as I can haha

It's worth it, if you're interested in it.

Yeah great platform for this! Helped me tons when I needed to update my infosec knowledge professionally

It's helped me get into bug bounty hunting.

For sure, I'm currently in Information Security and Intel, so anything that could potentially help me grow even more is definitely something worth my time.

Awesome, yeah you can likely jump into the rooms and paths you are most interested then. Although I'd be lying if I said I didn't learn some unexected bits from simplier rooms I assumed I knew everything about

lol same, mostly OSINT stuff

yeah learned of a couple great OSINT tools I use often from THM for sure

Heck DNSdumpster.com and similar is often just a good sanity check/peek doing defense as well

That's new to me, I'll def look into it.

Yeah for sure one I got from THM. They just do DNS subdomain enumeration all the time so you can get the passive results

I'm going to assume yall are light years a head of me, but where's a good place to start?

along with other relevant DNS info like TXT records and etc

Kinda depends, sounds like you have some experience already. I came into THM with that mindset and started just doing some rooms I was interested in before jumping into the Learning Paths

I've started this path 2 years ago. I'm currently in college for a bachleors in IT & Networking w/ a cert in cybersecurity

I'd just recommend trying one of the Intermediate level Learning Paths, and drip back down to easier if you're lacking something. Typically a room will say what kind of knowledge/pre-reqs there are and link out to them

Ah nice! Yeah I'm more like self taught from the 00s lol

nothing wrong with that

For sure, it was a wild time and it sure wasn't as easy to see a pathway into infosec professionally as it is now, let alone all the learning resources we have now

If you don't mind me asking, what type of careers are you guys in, if any? Its been a journey after getting out of the Military and I'm hoping to start job hunting in the future

Anyone run PiHole here? I could've sworn there was a section you can download the config/ adlists from the PiHole... need to grab em and put em on my TrueNAS

Double checking the learning paths, some good paths are marked as "easy". I'd pick one that fits what you're looking to learn. Most are either strongly blue or red team focused, or a bit more purple for applicable to both

Currently, bug bounty hunting and looking for an IT job 😅

What's bug bounty hunting look like haha? Never really heard of it before

Found it, nvm

I sorta do it all due to small business things. I'm at a very small Managed Service Provider. So I'm one of two sysadmins, sole linux sysadmin, sole devops person, sole infosec person, sole compliance person, and more lol

Not nessessarily in any order lol

infosec is my main jam at work though

Mostly looking for cross-site scripting exploits, bad authentications, stuff like that. Mostly use Burpsuite and firefox to test with

Dang! Sounds pretty legit though

Honestly I don't have enough time in the day for all of my roles, but again... that's small business for you lol

True

When you go from Rasp Pi running PiHole to Dual Xeon's, ooooooh the speed on which it fetches the lists is amazing

Never really heard of this but doesn't seem too bad, is it enjoyable or nah

it passes the time and i like it

Hah fair, and yeah for ZYN's info there's extensive rooms on Burp Suite and OSWAP top 10 (web vulnerabilities)

That's all that matters tbh, just need to find something you enjoy doing everyday, which is what I'm trying to figure out

very true, its where i got my start. After that I noticed www.portswigger.com has a free "academy" there to better learn how to use burpsuite. So you might wanna check that out as well if you're interested.

Agreed, I've not dipped into that but heard nothing but good things. I've been meaning on giving it a try

lol if nothing else I use Burp extensively after SSH tunnel to then Proxy my traffic over to Foxy Proxy from my virtal private server. To view these THM rooms and etc locally (VPS is my attack box)

and conveniently keeps my proxied traffic as the scope already

that is very interesting. I never thought of doing that.

Yeah I do the same for THM RDP traffic (sans Burp step), just bind the ssh tunnel to like 127.0.0.1:13389 and RDP doesn't question it

huh

remote THM brought to my local machine, good stuff

yeah it's interesting but rewarding having an pentesting server that's external and has nothing to do with your network (part of why I opted for this)

I can hear myself think........ servers are so loud

lol in the server closet? Thankfully our home server is pretty darn quiet unless it's under tons of load

No, sitting right next to me

Circulating fan in our home office is louder than our server under nomal load. Heck even some Optiplexes are louder due to tiny fans lol

It's not in its perm spot yet, still troubleshooting stuff, and still needa upgrade the CPU's. So it's next to me sitting ontop of a 2003 server, which a 2006 server is sitting ontop of, and the 2016 Quanta is sitting ontop of that

3 and 6 are just collecting dust, kinda a makeshift shelf XD

Ah fair enough, I've got 2015ish era tower server so kinda built for plopping in a small business and letting it do its thing without much noise

Level 7!

Congrats!

My Quanta 2016 is very quite nice. Loud, but gets the job done. Hate that transcoding takes a little bit on these 20's

Do direct play lol

But too tired to deal with heatsinks, CPU's and thermal paste to change em.. tomorrow

Plex app on TV no like that

It depends on the TV for sure, but yeah dedicated streaming devices will do much better typically

Also ethernet connection can help if your TV has one

I can access the plex app directly via IP, and loads things up just fine, but plex app... app, on the TV says "Fuck you, have an error"

Even upped the processing power on that container, still having issues

Samsung?

1. TV is not near a jack. 2. FireTV

1. Not running insane Ethernet cable runs all along the house, exposed... suprised lol. 2. Intergrated in the TV? That's very unusual

That being said even Chromecast with Google TV should do direct play just fine (potentially given an Ethernet jack)

But I did kinda go all out with Apple TVs since I was happy with them and they knock any local media out of the park perfomance wise

Well, if I want direct to server..... lets see.
1st level, ran up to second, then ran half the house and hit the TV

https://tenor.com/view/no-let-me-think-nope-no-way-hmm-no-gif-22904160

iPhone SOC in there at all. I confirmed they sell them at a loss lol

Sounds like you don't have long enough ethernet is all... snaking up the stairs lolol

Guess I could do a browser, hit the IP direct, and that should help

I legit did that back at my mom's house lol

Since it's not going through Plex

Do I change the CPU's now?

UGH

What even are proper home cable runs, lol. We have floor rugs for that

Nah, don't have cotton swabs

Next house, that's the first thing I'm worrying about, the ethernet runs, and those better be 6A runs! I like my speeds!

lol back in the 00s I had "cable modem in the basement, but need router in my upstairs bedroom" vibes

I have a 10g nic on this server and desktop, moved a 10gb zip from desktop to server, while it was doing other things and using the disks, Would say 10 seconds to move it

Totally not me.....

lol

https://tenor.com/view/espresso-classy-pinkies-up-sips-tea-sipping-gif-7250101

Yeah I was the only one in the household who had a use for Ethernet at the time. So I need all the ports I could get... from my baller WRT54G with custom firmware lol

Goodnight sweet prince, I love you so

Linksys, I remember when we had that as our wifi name

freaking lol, thankfully I took charge of the home network at a pretty young age

even if that meant I had to call the ISP every time "no the issue is clearly on your end, I've already troubleshooted this"

Not that business ISP accounts are fun, but at least you get to skip most of the piddly troubleshooting lol

I didn't lmfao, I think, to my memory, mess with our network till my college years, could've probably done it with our past provider, but little hazy on that

Yeah kinda lucked out there, was great experience

I know for a fact, I took charge with this provider, I said fuck off to the ISP router and got my favorite company router. Asus!

Ugh, I still remember the day they wouldn't let us own our own Cable Modem anymore

I was a bit pissed lol. Held a "free" speed upgrade hostage behind "you gotta use our cable modem or else"

No it was already DOCSIS 3.0 compliant (newest then) mine was more than compliant

Oh I HATE that..... "Have you tried turning it off and on again, are there lights, pull the power"

clears throat I'm an IT technician, this is not a me problem, this is a you problem. Handle it.

But I'm sure they didn't want people doing [will not mention here] to them

But who cares, the router is where the real fun was at

running dd-wrt and OpenWRT back in the day was a huge game changer

Has AsusWRT Yup, totally

Never had an Asus router honestly ever. But fair stuck with Linksys/Cisco basically until I moved in with the SO where we have all Unifi wireless gear

Typing on an Asus laptop rn though

Same, we had the ISP router for the longest time, but then switched to my current Asus router, cause.... I felt like I had 0 control of the ISP router, didn't know what version that rouetr was running, had so little control on things

bleh

Yeah not sure how you stood for it for so long

I was not even happy about ISP cable modem, but basically no choice there these days

btw 2004 protip, no sadly despite how stackable the WRT54G and other Linksys devices of the time are, stacking Linksys cable modem under WRT54G will result in overheating lol

Me being anti-social and reading the doc for using your own that says if you have X, you need to call this person.... support role got me to not be anti social

Ended up not needing to call anyone lol, just needed a MoCa adapter and we were good

Totally fair, I just get indignant about that kinda of network "intrusion" by a third party I will say

Wanna hear a joke?

They just want as much control over your network, to enable their crappy "lets let others use your Wifi with their ISP account" stuff

Port Forwarded TV's setup by the ISP technicians.

https://tenor.com/view/throw-up-dry-heave-vomit-gross-eww-gif-23254765

what ever for lol, wild

No fucking idea

Then again back in my day we indeed just have huge cable boxes and there was no IPTV in sight

I changed the router, routed the rj45 to WAN from ONT, Coax from ONT, which had fiber going into it, to MoCa adapter, to RJ45 to LAN, and TV's were fine

No port forwarding at all needed

Lucky having any fiber at all

some day

Yah, fiber from street to ONT. Fun

Yeah especially wild

Most US rollouts are Fiber to the curb at most unless you're a business account

laughs in business account

lol them be expensive in the US, ISP and cell provider rates are stupid here

But if nothing else, laughs in dual redundant home ISPs with failover. Good vibes

reeeeeeeeee

secondary ISP is dedicated work from home connection, but we can failover to it if our primary personal connection goes down

My old job's CEO, in which, I, a level 1, handled first hand, cause his main ISP went down, and some network gear fried.... mind you, I'm not a network technician, I'm a desktop support technician. I had to change his business equipment with consumer equipment to get him back online.

This guy had 4 fucking failovers.
Main ISP, Another provider ISP, Mobile Sim, Mobile SIM. On a...... tf they call those

Like you put the SIM cards in them and they act as a failover

Yeah, we have many of our businesses setup similar

Primary, Failover/Secondary, Cellular fallback

Do love that tiering of things going wrong. Same sorta thing with our servers

Fuck, that's gonna bother me... the name of the device

Windows Server really borked? Check ESXi/vSphere. VMware ecosystem borked? (uhoh) Check Dell iDRAC lights outs management

Cradlepoint? (this may be a branded term but it's what we use)

THANK YOU!

Gave +1 Rep to @sinful moon (current: #41 - 178)

That was it!

No problem, yeah afaik very popular cell fallback routers

I can't find the model we had, but it was that

We've actually got two client locations who are solely StarLink lol

Not fun, but they're so remote that it almost never matters

We didn't..... then again, idk, we had like 7k employees

Fun setting up Internet Outage alerts for them and other weird exceptions. Typically have to poll the internal VPN connection if applicable since no external ping (and typically not static publically anyways)

heya Ellie

Heya, I'm staying up too late talking about work things, after working late on-call

thats usual for you

but the later bit is partially my fault lol, tried to use our new RMM for scheduled server maintaince and um, yeah we're still testing the policies is what I'll say

I just handled the hardware, no config on my end 😄

This plugs here, that plugs there, done.

added extra hour and 20 minutes to my expected completion

can't hurt to test things out

also watched Everything everywhere all at once, a good sci-fi comedy

lol totally fair, yeah I kinda do it all but usually higher level server/network/infosec stuff at work

I'm completely remote so I don't get to plug anything into anything sadly lol

may be part of why i'm happy having this home server which is similar to what we use at work

Very glad to hear it, yeah that was one of my recommendations and fave movies of the past couple years

Title is also my job description lol

yea, raccacoonie is a good part of the movie

although ending disapointed

I'd say you may want to re-evaluate this movie when you're a bit older

its in my plex library

Will likely hit differently, especially if commedy (it for sure is that, but...) was one of your main takeways

There is a lot going on in that movie thematically

rewatch things from time to time

too much

Yep totally fair

the picture slideshow in super fast speeds impressed me the most

and yeah I did a couple re-watches and gleened more each time

Easily my fave movie of the 2020s thus far

like to change enviorments and costumes over a hundred times for a portion that is 3 seconds of the total movie

Yep, it's an insanely well done movie, and the deserved their literal handful of Oscars and etc

also started Alien 1979

wait you didn't start with it...?

That's my fave of the entire franchise

I just started watching the franchise

this is my first movie

Oh I thought you said you'd seen more, but I may have been thinking of Terminator franchise or another

(which btw Terminator has awful HD masters, huge shame)

first few terminator were bad

then it got good

then bad

Terminator 1 is neat but more like low budget action/horror. Terminator 2 is legendary and amazing and as old as me. Never seen newer than that

But sadly first two films are slathered in digital noise reduction to the point everyone looks like they're made out of wax. Huge huge fumble, not sure how they let it happen

wait I thought you were older, 2001: A space odyssey old

Film fans want the film grain

oh god

a lil grain is good

a lot is too bad

Nope, I was born in the 90s

4k remasters out here completely destroying original quality by "denoising" and "Smoothing" and "upscaling"

kills me every time i see it

lol I guess you can't watch Texas Chainsaw Massacre given it's 16mm film

speaking off, i have to denoise 4,000 pictures tonight (4k raw)

To be fair vast majority do it right, Terminator 2 is just one of the most egregious examples of doing it wrong when everyone else kinda has the right idea

don't overdo it lol

ehhh, i'm hesistant to say the majority do it right

g'eve

i've seen a LOT of horrible bluray releases recently

it's awful

At least for classic films most do, but fair I'm going out of my way to read the blu-ray.com reviews and etc before I pick something out

right

i'm very picky on my releases because of this

they are slaughtering some films in the name of slapping 4k on a bluray disc and selling them

Agreed, very much the same. I've just mostly gotten lucky in that my fave films are often given amazing remastering treatments

there's also the issue of audio and color and recutting

But I can not disagree with that unfortunately

I'm a huge geek about video presentation and remastering efforts so I always need to know lol

a great example of this:

the matrix was an absolute tragedy

Yeah they did make it better for 4K UHD-Blu ray but there were several issues with color timing, like where do you pull from

the different releases might as well be different films

just everyone agreed the DVD and HD Blu-ray green tint was a disaster

so if nothing else, they did color time it to be more blue as intended

yeah stuff like that is really annoying

it sucks that it's so common that people don't even know too

I'm just glad the film makers are more often getting involved with these

same

Agreed :c

hopefully some of the awful remasters get a version that isnt so bad lol

i've got a handful that i'd love a better version of