#general

most definitely not

shadow will only tell you about the public hacking discords they are on

hey congrats on being a wizard

I was working on setting up my setup at home, but then I remembered that I have a technician coming in and working on an outlet on Monday😅

Mechanical keyboards have a huge following.

got a Docker query, i should use Docker inside my VM for max security or is it okay on host machine?

depends on what docker container and how it is configured

ah ok

if missconfigured it could give root on the host machine

that's what i fear

Thanks! I think I'm... 2k XP away from 0xB? I think

Gave +1 Rep to @grizzled wing (current: #71 - 83)

Depends what your model of security is and what you're running in docker really

model of security is that i want to reduce risks so i guess running Docker in a VM makes sense

the Docker image in mind is unknown, a basic Ubuntu one

Reduce what risks?

That right monitor.......

Don't run untrusted docker containers, IMO

risk of attacks. but of course don't run/install untrusted Docker containers

hey

It's the stand that has problems, if I put it on the left side it is straight with the middle monitor

hey vip3r

@shut hawk SO you've been exploring TrueNAS apps for awhile now, any you REALLY recconmend?

What about putting a book under the right?

Get truecharts working

Hmmmm

Done

The trilium one is nice

Got that too 😄

Can I DM Matt?

I do really love that, just go to the IP and port, and got all my notes there

Always open for ya 😄

Deploy yourself a wireguard

File browser is very nice

Not a bad idea, I was thinking bout adding it for one app

Kavita

I have a Firefox VNC w/ KASM too

Ntfy for notifications

Cowyo for quick note sharing

File shelter for ez file sharing as well

So, lemme get this traight, you want me to add a docker container..... that's a browser, so I would have to go through a browser, to get to a browser...?

straight*

lemme set it up again

File browser is for file management

https://github.com/filebrowser/filebrowser

But the Firefox VNC is so helpful

When I'm in college or remote

firefox vnc?

Instead of having to setup bookmarks, themes, extensions, booklets, logins etc

No, traight.

I can just connect directly to a already setup Firefox instance

Which also allows me to access my home network from it

I read browser thinking the firefox app lol

should I run filebrowser with docker or linux

Butchering the English language as usual. 🙂

creative name

Docker imo

I'm sorry British, did you say, you needed a bottle of water?

https://tenor.com/view/bottle-of-water-saull-gif-26356875

You do realise it's the English that pronounce it like that?

Not the full of GB.

🤦‍♂️

Americans

So Firefox added remote access similar to chrome remote desktop? Interesting.

https://tenor.com/view/america-hurricane-happy4th-of-july-america-flag-independence-day-gif-21259025

IM ENGLISH NOT BRITISH!!!

🤡

https://tenor.com/view/spongebob-squarepants-spongebob-nick-nickelodeon-patrick-gif-17195320

I’m Texan not American!

Texas is the most American you're gonna get

No, that's like calling someone from Florida a Texan

English people are from England, Scots from Scotland, Welsh from Wales

Lmaooooo

Texasish

England, Britain, UK... Y'all confusing Americans over here

Wait til they hear about Wales

Do they live in the sea?!?!?!

United Kingdom.. United States.. hmm

Some of them, others are farmers I'm told

And all of them together are…

Nah it's not a Firefox specific thing, just a VNC session with Firefox running

Like the sea people in Dave the Diver?!

We all speak english, please don't fight

Ah, thought you were saying firefox was enabling the access 😄

That said, I do enjoy Guacamole.

idk what that is tbh

The only valid Brits are Old Trafford Manchester peeps

English*

What about the Scots

Is that reeeeally English

We speak English too?

Could've fooled me

(jk I love Scottish accents)

Agreed, guacamole is super nice

Trousers

Not the food of course

(long live Limmy)

food?

We don't have chips

Scots 🤝 Appalachians
|
Not speaking English

https://tenor.com/view/lil-baby-me-no-hablo-english-dont-speak-english-lil-baby-english-paparazzi-gif-24898898

Skills section in a personal website is useless, right?

Condiment, if you prefer?
But Guacamole the server is key here.

Depends on what purpose you want the website to serve

To put in my resume, to share blogs; To publish my knowledge, experiences, and progress in the realm of technology

I mean, seems reasonable to have a skills section, or at least a section describing your technical focuses

Gotta keep it somewhere, may as well keep it on your site.
Then you can dump it into your git repo for easy backup.

I mean, i have a database server

I don't have any blogs yet ahha

A full copy of skills from the resume might be overly redundant, but I can see there being value in having a stripped-down version on the site for people visiting it from places other than your resume

I'll share my blogs on linkedin

probably

I enabled my account back

docker run
-v /:/srv
-v /home/user/filebrowser/filebrowser.db:/database/filebrowser.db
-v /home/user/filebrowser/settings.json:/config/settings.json
-e PUID=$(id -u)
-e PGID=$(id -g)
-p 8080:80
filebrowser/filebrowser:s6

(ofc I replaced user with my usr)
@shut hawk I think I broke filebrowser when installing

file /database/filebrowser.db

I've seen strange mounts before.

Jeez you don't have the docker mount syntax quite right

wdym

It's expecting a dir

You're passing a file

oooooooooooooooh k

yup didn't fix by removing file name

heck offical docs say to pass a file also

docker run \
    -v /path/to/root:/srv \
    -v /path/to/filebrowser.db:/database/filebrowser.db \
    -v /path/to/settings.json:/config/settings.json \
    -e PUID=$(id -u) \
    -e PGID=$(id -g) \
    -p 8080:80 \
    filebrowser/filebrowser:s6

Hmm

Maybe it's that the source is a directory

oh read the entire docs

some extra instructions

It says it right there

"Make sure to create an empty file otherwise docker will create an empty folder and error"

yea

just read that

Nah, it needs a file

docker run -d --restart always
-v /:/srv
-v /home/user/filebrowser/database/filebrowser.db:/database/filebrowser.db
-v /home/user/filebrowser/config/settings.json:/config/settings.json
-e PUID=$(id -u)
-e PGID=$(id -g)
-p 8080:80
filebrowser/filebrowser:s6

ah k this worked

@shut hawk

lol

Expose that container to the internet

"Ooooh an open port"
Rick Roll starts playing
"FUCK"

this is wild

me doing that atm

I just opened it, seeing what it's about. Still loading

i got a like 4 cm usb drive and im trying to get kali live there and when i tok it on etcher i saw this why does that little thing where it says 32gb have actually more than my pc

Unless that's the whole rickroll..... just loading

how much did u get it for

Oh damn, I forgot to include a rickroll in the room I submitted a while back

idk got it from my dad

video.mp4
I get a 502... but this is just beautiful

It's just a rickroll vid... amazing

You know what that means, right?

Rick Roll every single possible way in the next room

but when i tried with my other usb where i got kali live when i boot it i goes into GNU GRUB version2.06+kali1

and i cant get out to normal installation to kali linux

like this but none of the tutorials work

Reflash your usb

whats that:)

"format"

huh

Make it again

Nothing but 502 on this rickroll container. I sadge

the kali wlinsuxx >.<

Should I play a game or watch a cartoon

Time to make my own one

THM

eh not atm

gotta relax my brain

not try hack me like me but website

@plush needle did u accidently send a pic in #announcements

and i mean don try hack the website i mean rooms

They got Splunk👀

lmao

Checking it out, no use case here, but neat

I haven't really found an extra app that's useful for me, couple that look cool, but gotta read how to install em properly, they gotta complicate stuff lol

@boreal scarabtry this cmd

ls -lol

it works

im going alpha mode soon

ls -lo does the same thing

Same output, the hell is -lol?

Just double L's that you're taking

laugh out loud

Im going alpha mode

Cool

Did you know nmap has --allports as a command

i saw on tiktok its good to put salt water in hair so i took a bag of salt in some water and now my head hurts my hair is dry like sand

isn't that just -p- but written out?

Nope

nmap -p-

nmap

don't take advice from tiktok out of all places

Allports scans some ports that doesn't support a protocol, where -p- skips it iirc

thats what i do

its very good just find right videos (i ended up in the hospital once bc i trusted tiktok)

my hair tastes very salt

.....

.................

Holy moly.

General is on one.

https://cdn.discordapp.com/emojis/874480044771274762.webp?size=48&name=hushmode&quality=lossless

My brain hurts because of it

why

Who thinks i can quit school and work with cybersecurity now😎 i can do mnmap and gobuster (bc i do every day on THM i love challenges there😎😎😎😎😎😎) and i can throw my pc when i cant get access to a exploit after i have came so far

Stay in school kid.

actually im 30

On one?

then you might be to long in school

You mean many

Anywho... still have no idea, for me, a use case for Splunk Enterprise.

ima try restart now and see if the kali works if its going again top GNO GRUB so im stuck there im gonna cry and ask for help

in 2min

that means thm time😎

Youre 30 and still in school?

no

i was joking im not 30 im 4

Morning all

Morning

its 9:59 PM for me tho

Regardless of what you think of the subject matter. ||https://www.irishtimes.com/ireland/education/2022/11/04/trinitys-oldest-ever-phd-graduate-84-tackles-harry-potters-popularity-with-adults/||
Never stop stop learning. 84 year old PHD grad.

8am, here

Wow

Thaht right. Its never to late. I agree with thaht sir

People change careers so they go to college to get a degree in thus career

Ive started learning CyberSec this year and im 26. The whole time i thought i was to old to make a carrer in CyberSec.

Never too old

@sand trench

Hm

Personally I hate soup

Here's the recipe

Ah thanks

Force myself to make it

Not sure if I can add more recipes to this container, or if it's a set list of recipes, but so far, I am really liking this app

If you follow infosec twittersphere you'll see a bunch of people who changed later in their career from all kinds of places.
One of them I met a few years back on Facebook, they landed their first SOC gig at 'round 2020 I guess?
Now they run a CTF team and discord channel.
They're in my age range, (Early/Elder Millennial)

For anyone curious, app is called Chowdown in TrueNAS Scale TrueCharts

Interesting

Never heard of it

What’s trueNAS scale true charts

Now I want an ML/MV application that will take 6 seconds of person waving their camera around the front of their fridge, process it to determine what items are available, and spit out recipes.

Or a fridge that does that for you

TrueNAS Scale is an OS, TrueCharts is a charts catalog for TrueNAS Scale

Ooh

Thought there was an app for that, no?

Have y’all seen the warehouse robot that straight up killed itself while it was doing its first test run in front of people

Getting my Amazon Kindle tomorrow. Anyone knows some good books to learn hacking/pentesting. I have a developer background, so not a complete beginner here.

https://nostarch.com/search/Cybersecurity

This has very good books

Atleast what others told me

Do you prefer books for learning or other sources?

I don’t mind books tbh. It’s all a preference but if you have a kindle I would go books

Test

I got a one day internship tomorrow

🤔

I think there's one where you manually input a list of things.
I just want the "AI" version of the same thing 😉

It's a "this is how we do things" day, cause I am good friends with the CISO and wanted to have a look cause I was interested in seeing it, and he's interested in hiring me

Fell with my laptop and now my laptop wont close all the way..... fuck

Good evening lads, just out of curiosity. Anyone grinded the OSI Dungeon? Anyone got a highscore?

Screen got bent.... damn it. Still works, just annoying

It got rekt

Yah, $2k laptop got rekt by a small trip

I should go to sleep

Nice

Hydra do you know are they gonna post the live stream on YouTube when it’s done?

3d print a new screen enclosure and swap x'D

Prob not a bad idea lmao

Thing is bent on the right side, nice little dent, now I got weight on it, see if it'll help a little bit

Is the link in the event still not working for people?

Or is this a hacking test

Blank screen?

Ya

Hey guys! The screen is showing fine for me. Is anyone else having issues? https://app.livestorm.co/tryhackme/kickstart-your-career/live?s=3d9be65b-cfad-4f8d-a863-26c6a99197cd

That link seems to have worked, thank you

Pheeewww!!!

Forgot to register

L for me

Full for me too

Looks like they forgot part of the link in the event

This is why i asked about link being broken other day. Figured youd have to register

😦

Will it be recorded?

Can someone pls help in #exploiting-ad ? I'm lost

This

did anybody see the bitlocker attack

No

It will be recorded, yes! 😄

YES

thanks I was so bummed I thought I completely missed out on it

Pico raspberry pi used to decrypt?

@molten sky how simple is hugo for u?

thinking about using it

Use ghost for blogs imo

need for a portfolio page

simple af static

I don't need code

Gotta add like contact, info, pictures

family friend's food site

GitHub pages

Yeah, I am going to use this opportunity as a project I have in mind

isn't it just hosting?

Yes but its effectiveness is limited to highly specific scenarios and relies on physical access, which can be readily countered.

ye

oh k

Eh, bitlocker has so many attacks tbh

don't wanna code it

WordPress

Like in reality, the vulnerability lies in the key exchange process which also extends to other transparently encrypted systems utilizing a dedicated TPM chip for encryption and LUKS2 for example.

can't do php

Concept has been around for like decades.

Attacking bitlocker is though an advanced topic ino

Imo*

Yes but it's relative if you know what you are doing.

Yeah, but I was more talking about using #advanced-general to talk about said topics

It's not that advanced to be honest.

But sure why not.

Event is full

😦

my comment was about hugo was meant as a joke --- but i actually have used it once or twice in the past and it was quite simple

there are a couple other static site generators out there that might be worth comparing to though, like jekyll, ghost, eleventy, astro, etc

they each have pros and cons

Hi guys, i was wondering is there any way i can change my ip address to a certain location?

This is why it's not loading?

Ghost isn't static)

thought ghost was. well the others should be

For example if i am using a vpn change my city to Amsterdam, can i choose where exactly in amesterdam

Depends on where the server is located 🤷‍♂️

This link is working fine

But the event is full

So changing locations isn't available

Idk

Depends on your VPN providor

All vpns choose a country

Never the city

not the case

many are city based

Which vpns?

most tbh

nord, pia, mullvad, proton, etc etc etc

the question is, why?

And is there any of them that can choose a specific location

why?

i agree, whym

First i am trying to teach my parents about fake links they are sending to me daily

And they don't believe me about people can hack them

2nd i need to login into Netflix from a specific location

My parents house ip

So i don't pay for a new user

lol yeah not happening here

a commercial vpn often doesn't address that anyways so yeah

even if we could we can't

It's just green for me

So only cities allowed

But not specific place in the city

You don't understand how VPNs work

We aren't going to help you bypass Netflix's regulations, but I'd suggest instead looking up how a VPN actually works

SOUUUUP

Disney has invested 1.5 billion in Fortnite.

Souuuup tomorrow!

If Fortnite couldn't get any worse

american billions or the older but better that is no longer used british billions?????

Elsa with guns.

Lightning McQueen in Rocket League.

https://tenor.com/view/uhh-wait-oh-walk-out-gif-15030069

Cmon Steam. Whay does it have to be like this between us?

18?! 👀

I know. I'm slumming it.

Don't forget the .1

Wifi 6 speed from phone

Get 900 down, 900 up hard wire

hello

I'm new to all this

Just started dabbling in hacks and all, wanted to ask if someone could give me an overview of the site

Or a guide to follow to begin

Finding it a bit difficult navigating through this all as a beginner

have you tried doing 100g fibre via your phone

I have a decent foundation at programming, but 0 cybersec experience

Uuuh, no, have you?

Any tips/guidelines?

no

i just use wifi 5

Yeah, but theres no .1 Beerise. Thats where the real power is.

Using slow wifi limits my toothbrushes ability to DDoS

https://www.malwarebytes.com/blog/awareness/2024/02/how-to-tell-if-your-toothbrush-is-being-used-in-a-ddos-attack

@polar spoke 😂

oh god

i'll just link the damn malwarebytes article

yeah that happened

You can always #start-here

uhh chick3man, that's the same article here

that is the malwarebytes article

i noticed lol

It's beautiful!

Oh well, shits late and I got the internship tomorrow, should probably sleep, goodnight

Bruh 💀

Thought it was real

Real article

https://images.0xem.ma/u/JYrahF.png

best comment

Lol

"It's not" love it. Straight to the point.

What if it vibrates and accidentally ddos

wut

They'll hack your toothbrush and play music

https://tenor.com/view/tooth-tunes-vine-toothbrush-music-gif-24879078

Mind control music

Scary stuff fr

Anyone else weirded out anytime those people in commercials smile?

Or just me?

I see it

It’s that forced smile

It's so weird!

it is like that hide the pain smile

It’s the music from the toothbrush

Has to be

Imagine how many takes

lmao

that malwarebytes blog had no content

The forced smile in medicine commercials....

And can possibly lead to death
The actors:

Read a little down

Teeth brushed with infected smart toothbrush

Does that mean my teeth are little bots, and the toothbrush is the net?!

yea, the simple "its not" = no content

Supposed to be a joke

https://tenor.com/view/bruh-gif-24935909

My teeth are so bright that they can down a website

Flash bang

https://tenor.com/view/reaction-my-eyes-cant-unsee-burn-gif-7225082

often people use white/ light themes and i have no idea why

They like to stare at the sun

haha

24/7 daylight for them

They think it's more professional i suppose

Now that is DUMB

since when did having eye burning colors = business/ professional?

dark blue works

Since people

I don't know...

More like psychological affection

since Windows is light theme by default i guess is root of it

higher contrats and easier for read for tons of people with any sort of vissual impairnments

Chatgpt

Did you all join the Discord Event today? 🥳

high contrast in dark mode exists

so please make sure that light themes keep existing for people to keep accessability up

Couldn't due to room being full

@umbral bay no

sadly no as not on a platform shadow wants to sign up for

otherwise would have loved to hop on and see

Hey Tim, why was it hosted on an external platform instead of a stage discord?

Just curious

Was a great event, great speakers. 🥳

same question here jayy

Sounded really good!

External on Livestorm.

also the tryhackme twitch went unused yet again

🎵 Kick Start Your {career}

forgot to register

Next time i guess 🤷‍♂️

i assumed it was same info other places say, network, ask to follow someone, find a mentor, etc

ima watch the recording of it

crap I forgot that thing was today, I meant to join it. I thought I set a notification but I guess not...

You can watch the video recording. 😄

Funny thing is I said I wouldn't be awake to see it, but here I am and even missed it, lol

Quite more insightful from people who work in the industry. 😎

ahh okay

Oh well, good news, I am getting my network up and working on Monday, so I can finally finish my project I have in mind

do you know what platform it will be on

Hopefully YouTube link will be forthcoming soon.™️

thanks tim

think the answer is yes but might be hard to search for

Still a few phones with 3.5mm jacks.
I wonder how those low-mid phones with 3.5mm jacks compare to mp3 players these days.
I can't imagine there's much difference in audio circuitry and isolation.

size of storage space is a problem though

old ipods are still out there being used

Grab a Pinephone?

the pinephones currently do not work very well for smartphone stuffs

Definitely a dying market.
If I check BestBuy (.ca) and filter by In Stock, and Sold by Best Buy Only, they have 6 offerings supposedly, and I only see 3 of them XD
They're all Sony, and they're priced like it's 1999's price for storage, but also beaten with the inflation stick.

Hmm, nope the company that makes my Bluetooth DAC is very expensive in that market too. (FiiO)

Ik eBay isn’t really a trusted market to by electronics off but did you check there stuff?

Can't say I know that company, but that is far more reasonable than Sony or FiiO are offering.

Alright starting commute home.

git add.
git comment -m "${comment}"
git push

out.

Dose anyone know free safe vpn ?

when things are free is because you're the product, they have your info, habit, etc in exchange, so the answer is no. If you want to use a vpn thinking it as an investment and pay for one.

Damn. that was intense

Mullvad is good VPN service, not free though

The best (that is public) but it's not smooth sailing.

It's blacklisted nearly everywhere.

The simple fact that it's free is problematic.

At the expense of IP quality.

It's fast but it's borderline usable.

there is a saying "There is no such thing as a free dinner" either way you end up paying for it, in this world nobody does anything out of the goodness of their heart, that the hard truth

Yes which is fine and how you want it to be otherwise it's unsustainable.

It's a service at the end of the day.

that's why I don't use free stuff for things that matters

If you know where to look there are much better alternatives but not everyone is into OPSEC anyway.

100%

5 euros a month, drink a few less coffees and you're on 😂

I get it. Even though it's anonymous, the quality of IP addresses has significantly declined in recent years or months. As more people join, there's also more trash/garbage traffic.

It's very affordable which is good and not good.

But for casual browsing it's fine up to a certain level.

Ok

Also depends what you want to do with it.

All i want is when i open links not safe they don't know my real ip

In that case, any reasonably decent VPN should suffice.

what about not open unsafe links 😂

That's the right thing

Everything is unsafe nowadays.

But i am big ass i love opening not safe links

I always want to know what's there

Then you probably need more than just a vpn though.

Read more about OPSEC.

And my anti virus always stop me but i feel like if i have vpn with my anti virus that will be good

You don't want to mess with that, if you don't know what you are doing.

VMware too ?

Like 5% of the time.

What do you mean ?

and you think that opening unsafe links with a free vpn it's good 😂 how are you sure that your ip it won't leak, it's free after all so you can't complain, probably as unsafe as without vpn, just because you're connected it gives you some comfort, but no really assurance

uhh

If someone remotely knowledgeable can bypass both, it's quite straightforward. That's why it's advisable to separate your personal machine, containing sensitive information, from another machine with no data. Even in the rare event of a sophisticated malware escape (unlikely, especially with proprietary enterprise software, where issues are quickly identified), this segregation ensures added security.

Then you also have VPN bypass and malware hopping around your network.

Oh

i will learn so much from the people in this server

let's use Qubes 🙂

Ideally, if it aligns with your threat model, there's a significant learning curve to consider (you wouldn't want to make mistakes). However, Qubes is a solid option.

But that's not easy i have antivirus

What antivirus for example?

Well about that everyone know it say it's not safe but i am sure it's safe

Kaspersky?

hey what did i miss

Definitely but a bit extreme.

No

I have Qubes install in on laptop I use it when I'm really paranoid about something 😂

I have Mcafee Endpoint Security

I hear that Kaspersky is good but i didn't use it

Qubes is effective for 99% of cases, and even in those scenarios, it may be considered overkill, which ultimately it's good.

You should never rely on antiviruses alone though.

That's right

why am i better at breaking things than building them

Because each possesses entirely distinct mindsets.

😂

Way easier.

When securing and constructing, your focus is on devising 1000 methods to safeguard yourself and mitigate risks from potential attackers. An attacker only requires one opportunity to breach your defenses.

There exists an entire art dedicated to constructing secure infrastructure.

Which is why you should always focus on building both skillsets.

Good antivirus in its beginnings actually one of the first ones, but decline with the time IMHO. I've heard good thinks about Kaspersky, but personally I don't use antivirus, because I use Linux

Oh ok @blazing granite @rapid merlin Thanks for helping me by giving me more information about how i be safe

Gave +1 Rep to @blazing granite (current: #155 - 39)

But is Linux can not be hacked ?

Consider looking into OPSEC (Operational Security) and related topics. You might also find it helpful to explore operating system hardening and overall infrastructure security practices. These areas can contribute significantly to safeguarding your systems and data.

However, keep in mind that unless you are specifically targeted, it's important not to go overboard with security measures, as it may compromise convenience. Balance is key when implementing security practices to ensure they are effective without causing unnecessary inconvenience.

I think that what i needed to hear

Everything can be hack if you put your mind to it, and work your a** off 🙂 but there are different levels of security. I use Linux because I don't want to tide down to paying for software, and the quality of the stuff it's really good, the security it's a plus. I've been using Linux for years

If you find yourself being targeted with malware that can escape enterprise-level grade virtual machines (VMs). Then you have a much bigger problem.
Generally, vpn + vm (full isolation) and good browsing (not being an idiot) will be way more than enough.

I have to make things look "good"

which is not my specialty

One more thing a skilled malware developer wouldn't waste their malware by deploying it indiscriminately like that.

hate frontend

The more adept you become at hacking (in its truest form), the more you'll understand how to defend yourself effectively. However, it demands sharp lateral thinking and creativity to stay ahead of the game.

Same, I hate web app pentesting for example.

doesn't everybody? 😂

X509 i will remember that name it's nice to meet you bro

I have to go now

If we can talk again later that will be good thing

I really dislike learning it because it feels shallow and uninteresting.

Sure thing

less often that win blue death screen that's for sure 😂

In some software engineering programs, the main focus is often on frontend development. While it's important, I don't think it represents the full scope of coding.

i like web app

not those UI/UX designers in thier turtlenecks

I find it boring personally.

It's way too high level.

eh I been meaning to get into low level

but never had the energy

Do we already have a room for shim?

i think so

Exactly, a true hacker typically works at a lower level, dealing closely with machine code, Assembly, C, C++ and so on. Then you have low-level exploit development (dealing with ASLR, DEP, CFI, NX and so forth).

those, I don't care how things works, just make it nice 😂

If you're serious about cybersecurity, you need to dive into it deeply.

yea

Black hat hacking.

https://tenor.com/view/sunday-yes-look-back-dance-gif-12692748

yea know a lil binary exploitation

a lil

Hacking is more than that.

https://tenor.com/view/tomatothink-gif-23324294

If you're interested, take the time to learn more about it. I notice a lot of pentesters, but not many actually delve into the deeper technical aspects. They still refer to themselves as hackers though which is hilarious.

It's actually bad.

eh I can do linux, web atm

Hacker is not a derogatory term for hackers

Many have distorted the original definition, particularly the one from MIT.

For real, 100%.

A hacker embodies a boundless passion and insatiable thirst for understanding the complexities of a system, computers and networks in particular. They revel in the pursuit of knowledge and mastery, constantly seeking new solutions and opportunities for growth. Their drive and innovative spirit inspire and are inspired by the hacker community, where ideas and knowledge are freely shared and valued regardless of their origin.
-- Silk

??

you sure that is not the cracker definition

I've been learning it for about 10 years, but I'm still far from mastering it. Not even close, not by a long shot.

Yes but also most importantly to demonstrate cleverness and ingenuity in your approach.

So have the media. A hacker finds clever ways to do things using things not necessarily made to do those things. The outcomes are for society and the courts to decide I guess but the definitions of everything are kinda loose in a lot of cases and definitely not in others. Some things often mean both what you think they are, and the exact opposite of what you think they are

who's Silk

isn't that a Phreaker

alex chaveriat
a famous defcon goer and part of defcon darknet
nowadays also a defcon goon that helps out with creating videos about the defcon videos

hmmm k

In my perspective, merely running a few scripts and taking a superficial look at a system doesn't constitute hacking. True hacking, at a professional level, involves deep understanding and comprehensive exploration of a system. It's about knowing precisely what's happening and delving into the details, even resorting to thorough research if necessary.

phreakers

The way the media talks about hacking and how people downplay (huge trivialization) cybersecurity has really messed things up haha.

The original term in that context had nothing to do with breaking the law or breaking into phone systems. That some people did unethical and illegal things is another point but it's not the original definition. To hack is to use one thing to break another thing but to be a hacker doesn't necessarily mean to destroy, it can easily mean to create or to just do something clever and new

It's an uphill battle but the hill has a low gradient and the battle is against people behind you, also trying to get up the hill but deciding it's easier to let you do the work and drag them up it

I understand the true definition, even though I wasn't born in that generation. Just look at all the original hackers - their knowledge is off the charts. Maybe I am just a perfectionist.

I guess so.

shadow only knows that they know near to nothing

People who know a lot about hacking would agree with me too.

The more I learn, the more I realize how little I actually know. That's the essence of mastering it which is pure.

It's a sisyphean task, I decided to let them talk, I don't have the strength or the time to correct all those people 😂

How old are you

Exactly, because they don't realize that hacking and cybersecurity aren't for everyone. I'm not gatekeeping; I'm just acknowledging that it's not a field suited to everyone.

Between 16 and 22

Hmm I'm 14

prolly 19

between 18 and 100 😂

I started when I was around 10 years old. If you keep learning seriously, you'll be miles ahead of everyone else.

we all know ur older

does not tend to talk about all the tech they broke as a kid

older than 100 no 😂 😛

Of course, I'm a perfectionist, so for me, "enough" is never really enough.

striving for perfection only gets you so far

I understand. It's a constant battle with oneself.

it can be a limiter on your performance as you try to get to an unreachable goal

I'm still studying (college), but I spend about 12 hours a day on average learning all of this (and still it's not enough).

shadow used to be a perfectionist for a very long time until it dawned on them how it hindered them learning a more spread of things instead of focusing on a single thingy all the time

jack of all trades, master of none, but oftentimes better then master of one

Since high school ended, I've been studying from home, only going to college for exams, so about 12 hours a day from there. Back in high school and even earlier, once I finished school, I'd get on the computer and learn until 2-3 am. Sometimes I'd keep learning till morning and sleep during the day at school.

that is the full quote last shadow heard

the third part is important

I just do THM daily and thats it

shooting for perfection it's great, keeps your bar high but sometimes you need to know that perfection can get away of doing your job and can bring you frustration. Shooting for perfection it's great, but most of the time you won't get there you just need to go as far as you can go

Still I can do better.

well another probability is x509 hits a burnout and then gets very depressed that they can't keep learning at the same rate

happens to all of us

i enjoy that time by watching a movie

I live for that. I don't need video games or anything else for entertainment. This is entertainment for me.

burnout can also make you hate doing what you once loved to do.... happened very well for shadow with programming

Sure thing of course, I like thinking about one day reaching that level (in theory).

I've been doing this since I was around 10, and it genuinely makes me happy.

It will pay off though.

yeah.... shadow is just trying to tell you what to look out for and what problems you might run into

it can keep working

but that is not a 100% certain

Always aim for perfection, but don't get discourage, and frustrated if you don't get it (and probably won't get it 99% of the time)

Hey all, should I be doing write-ups for rooms I am completing? I'm just wondering if it could help me internalise my thought process? Or is it more of a waste of time?

What they're saying might be true for most people, but for me, this is what I like and strive for. Knowing that what I'm doing right now will pay off, and that all of this is both entertaining and productive, is a very rewarding feeling.

Yes 100%, do it.

I'm very new though, I'm still struggling on a lot of different tasks

Keep at it and document everything.

Sure thing. That's why I'm always chasing it. I know what I'm chasing is borderline impossible, but knowing I'm giving my best at all times feels good.

Yes, I appreciate it.

that or just do what is normal for you in the note taking department

also known as
note taking note taking note taking note taking note taking note taking

It'll not only help you remember but also develop your writing skills.

That's true

I see a lot of people use medium

Any places you guys would recommend?

It can also serve as a motivator when you see that you've accomplished a lot by writing consistently.

You don't even have to post it online, just use obsidian.

medium should not be recommended as they have banned hacking writeups in the past and probably will keep doing that

someone know how to open brainstorm executable in immunity debugger ? i am just getting errors

anything that supports markdown.....

or note taking apps like trilium notes

you don't even need to publish your notes or writeups

Not endorsing but obsidian is another

they can be for only personal use and be fine

Obsidian is good and quick, very intuitive.

the rush I got when I solve something is one of the thing that keep me going 🙂

obsidians md files can make windows defender unhappy

100%

if you store payloads and scripts and tricks in it on windows

Alright, I'll give obsidian a look

I spent around 15 hours straight on Hack The Box after I first created my account. They make it very addicting. Just knowing that you are close to full root.

Thanks @rapid merlin @sand trench

Gave +1 Rep to @signal nimbus (current: #1990 - 1)

::)

Of course

I was thinking about using everything on Kali

no problem

I have my own VM that I have setup

this reminds shadow that they probably migrate a lot of txt file notes into trilium again

Then you are good to go.

I actually write note on paper, then transfer to obsidian to digital safe keeping

yeah that can work but keeping your notes on kali which can be unstable and need reinstalls can be a pain..... but there are ways to backup notes online or to your host so yeah

I was thinking about creating a VM shared folder, that way I can save to both my virtural machine and my host

Not sure how kali would like that

Same here, I have the writing of a 5 year old

Same I write too quickly.

Actually there are studies that shows that writing on paper create new neuropaths that help you remember better.

I've heard that too

My mate always brags about how he remembers his lecture notes better since he writes them insteads of type them like me

How are you finding it?

I'm off work because I'm sick, but I still wanna work..

such a dilemma.

yeah that can work but be careful with the files on your host and don't run random executables that are stored in the notes folder then

Must be nice for taking notes 🙂 I was thinking about getting one for my lectures

Absolutely, but I think that if I only limit it to my writeups it should be okay

getting an eink notebook works too

That's a decent recommendation

It's something I'm going to look into more

yeah just did not wanna specify just the remarkable but basically anything in similar vains

Yeah

I'd like something around A4 size but I don't mind

did that

Anything portable rather then my massive macbook

defender didn't go haywire tho for me

I can't decide between a 28 inch and a 32 inch monitor, help

measure your desk space

and distance from screen/monitor

there's enough room and i can adjust the distance 😂 both are 4K

Maybe bigger = better?

how many Hertz isit

144 but I wont be gaming much

Even without gaming I find that a 144 Hz monitor is far more satisfying imo

Everything is smooth

Truuue

alr thanks

Gave +1 Rep to @keen depot (current: #208 - 25)

👍

There are no URLs in that message.

Better go guys, tis late, but thanks for the recommendations on the write ups!

👋

new error for the day

I don't have space on my taskbar for it

and yes every app is utterly important

https://tenor.com/view/movies-willywonka-charlieandthechocolatefactory-classicmovies-moviegif-gif-3483573

anyone here a wizard when it comes to powershell and wants to try their hand at fixing a mystery bug

PowerShell syntax is beyond trash.

yes, yes it is

It's genuine radioactive garbage.

Did you try with chatgpt?

i hate that i'm doing this tbh

and yea

truly is a mystery bug rn

Yes, indeed. It can be suitable for less desirable tasks (in other words trash things). Let chatgpt deal with it.

What is the bug?

example:

<< Write-Host "$path"
>> "C:\Users\Test\Desktop"
<< Import-StartLayout -LayoutPath "$path" -MountPoint "$env:SystemDrive"
>> Error something something path "C:\randomunrelatedpathUsers\Test\Desktop"

var mystery change

And in what context are you trying to run that?

(randomrelatedpath tends to be where you currently are with no sign of how it's getting there)

just as an admin on a fresh sytem

I have to manually try it on a system.

it's like they know this project is to completely rip apart windows and theyre tryna stop it

Interesting, I need to actually do it manually.

Do you have the exact error code?

Very ancient art.

I don't even know where to begin with powershell.

What’s the difference between try hack me

And hack the box

Academy or labs?

Do u do both simultaneously

Yes.

Which would you start with

I’m a complete noob

What's your skill level?

No clue what those mean

Then tryhackme.

I’m a computer engineering student

But 0 experience with cyber sec

You could even start with hackthebox academy if you learn quickly.

But in the end do both.

I see

So hack the box academy is before hack the box labs

What’s the end goal of these

Yes preferably.

This is a completely naive question but I mean

Do u actually become a “hacker” towards the end

Or is it more so geared towards pen testing

Depends on how you define a hacker.

You could but it's very ctf based (HackTheBox labs).

A person who is able to exploit defects in real life software

What he chooses to do with those defects

Like report

In theory.

Is what makes him white or black hat hacker

I see

Learn from both platforms.

Much of cybersecurity is googling and learning new things.

I gotchu, so I’ll start with THM and hack the box academy and move upwards from there

How much time

Would you dedicate

Good

Before you can move on to HTB labs

For easy machines, you can easily get there in 1-2 weeks.

What’s an easy machine

💀😭

Sorry brother just getting started

You have easy machines, medium, hard and insane on hackthebox labs.

Is it like

Leetcode?

Sort of.

I started directly on hackthebox labs.

While I had some indirect background knowledge, it's important to remember that this is about CTF and puzzle-solving.

Sometimes it won't make sense.

You have to be very creative.

meep moop it is finally time for shadows sleep sloops to the beep boops again

me too see you

@ionic mist Start with the hardest.

Gawdamn

it's 4am here time to go 😂

Haha quite late (or early depending on your perspective).

If you start with the hardest and build a good methodology, it will pay off in the long run.

that's life bye

Hmmm I see

Why do people do this

Haha, it really depends on one's personality. That's what makes it so fascinating.

Like

Don't go too easy but don't go too difficult either, just always make sure you can challenge yourself

Are majority of you guys in the field

Working cyber security

For fun?

Like what’s the underlying motivation

I mean there's no one simple answer, it depends on who you are

For me it's more of a passion, I love computers and stuff

Nothing better to start with something new and challenging which can lead to rapid learning and growth. It's a great way to expand your skills and knowledge.

I started cybsecurity when I was about 10 years old. Even though I'm still a student (in college) and not currently employed in this field, my main motivation is my passion and enjoyment for it.

100%

before I go, that would work for some people, but IMHO it's the worst advice ever 😂 there is nothing to prove. Also there are levels for a reason, you have to build the knowledge, step by step. Get the foundations down, you can't expect to build something stable if the foundations are shaky

That's how I got started. Even though I could barely read and write, I was hanging out in forums with hardware engineers, trying to understand how console hacking works. I would Google every single term they mentioned and learn from there.

It really depends on how quickly you learn and your motivation.

But why

It’s difficult in that it doesn’t translate that much to real life

Unless u join the military or smthn

Passion and puzzle solving (when I was much younger).

Literally, every company needs security

Anything running on a computer

100%, if you know how to google and gather information. You will get there easily.

The rest is just a matter of time.

That's the beauty of the internet.

True but this isn’t security more so than attacking no?

Unless I’m mistaken my knowledge on this is very limited

if you start at the top, it's not really learning, it's just throwing shuts in the dark and see if something stick. Like anything in life your start from the beginning, how fast you advance it's a completely different matter, but you never start at the top.

But I’d assume that learning how to demolish a building is not the same as learning how to build one

Attacking is a very very little part of security

I was gona say it's like military or police officers learning how to use weapons

and you're wrong

It is the same mostly

to demolish a building you need to know where the weakest points are, you doing that buy learning how to build one so you can see the process and detect the weak spots 🙂

Really!? That’s acc super interesting

I mean. think about it

Ohhhh I acc never thought about it that way

There are no jobs where you just blow up buildings