I actually submitted that talk as a joke
#general
shell nova
glass nest
and my hollow skull makes my voice sound deeper
devout palm
Whenever i sing on my own, it feels great at first but then i ruin a note and feel embarrassed
sick lance
and my hollow skull makes my voice sound deeper
Aye OK Barry.
shell nova
My recorded voice is deeper than what I hear
glass nest
i'd prefer Morgan, but Barry is cool ๐
sick lance
Morgan White doesn't have the same ring to it.
shell nova
Barry Freeman?
glass nest
'Andy Dufresne'
sick lance
White, Barry White.
shell nova
I know, I was taking the joke too far, again
devout palm
Coffee coffee coffee
shell nova
Tea?
devout palm
That'd work too
glass nest
Hot Bovril?
devout palm
beef tea?
glass nest
Pretty much ๐
devout palm
Sure
chilly veldt
On my way to work nr2
fiery quest
where would i go to learn about yersinia network protocols
pallid epoch
Anyone here have their own CVE registered
near hawk
Pretty sure quite a few people here do
chilly veldt
Yeah, Ryan does I think
shut hawk
Many do
pallid epoch
How much time does it take for a confirmed bug to be registered as the CVE? (If the company itself is in CNA)?
Average
near hawk
I believe muiri has one as well not sure
chilly veldt
How much time does it take for a confirmed bug to be registered as the CVE? (If ...
Depends I guess
pallid epoch
Depends I guess
Does it take more than 1 month?
chilly veldt
Could easily yes
Have friends who have waited 3 months on theirs before they got it
near hawk
Yea depens on severity and patching i guess
lament tendon
Just installed QubesOS.
Itโs completely broken.
I hate it here.
rapid merlin
ngl these active directory stuff got me on ropes
the entire thing is just intertwined
ionic bloom
Its open flr everyone btw
shell nova
How much time does it take for a confirmed bug to be registered as the CVE? (If ...
probably depends on when the fix is released
bold latch
Just installed QubesOS.
Itโs completely broken.
I hate it here.
It's strange and rickety the first time you install it compared to your average OS, yeah. Its built with the infrastructure you'll use the VMs more than the host OS
proven quartz
pallid epoch
probably depends on when the fix is released
I mean, if they applied for a CVE (after fix) how much time will it take approx? Does it depend on the CNA
shell nova
who cuts vertically?
boreal scarab
@sinful moon wanna feel old? https://youtube.com/shorts/2vU-ozLcbYs?si=aTPmXVk0sfjUsiM6
proven quartz
who cuts vertically?
clearly people who can't handle more sandwich
boreal scarab
Psychopaths
The blockbuster one ๐
I remember going to those and renting PS2 games ๐
devout palm
lfie bug?
chrome marsh
Hi everyone, I was just curious do we have roles we can assign ourselves if your going/becoming a red teamer or Blue teamer..etc
devout palm
IIRC Red teamer role was for an event and it got deleted
There are no specific roles for that
chrome marsh
Ah I see thank you!
smoky isle
<@203704996976525323> wanna feel old? https://youtube.com/shorts/2vU-ozLcbYs?si=...
That's funny, I am the costume lol -- Party like it's '99 fo' eva
lament tendon
It's strange and rickety the first time you install it compared to your average ...
Doesn't really help that my installation seems to be busted. Got no templates, no network, only Dom0 runs and no of the buttons in the qube manager do anything.
dnf is not present either.
grim sparrowBOT
Your avatar is: https://cdn.discordapp.com/avatars/302122762858921984/cd1cbc2180098704465ce41c3a810afb.webp
mossy river
L Bozo
mossy river
Going over old clips with my friends is so funny
shut hawk
Managed to do a 720 today skiing! (definitely didn't fall over at the end)
shut hawk
check dms
bold latch
Doesn't really help that my installation seems to be busted. Got no templates, n...
Happened to me last time I tried installing Qubes as well. Thought it was the fact I didn't allocate enough space for the machine types
whole yew
Just installed QubesOS.
Itโs completely broken.
I hate it here.
Honestly that's kind of the use case of Qubes. If you don't have a really good understanding of linux, networking, VMs, and containers, you are going to struggle a LOT
bold latch
You ever think about how intensive Qubes probably is on disks? It has to commit a read of a few GBs worth of template data each time a new machine is started to copy to mem
chrome marsh
Got it from this site: https://www.flaticon.com/
You can pick and choose what icon you want and download it.
bold latch
Honestly that's kind of the use case of Qubes. If you don't have a really good u...
Yep, as I'd said while ago, takes a steep learning curve
drifting maple
If i have to make a ret2libc atack how do i leak the libc base address on the remote system? I can do a intf vulnerabilty btw, and also i have PIE enbled on the binarry
scarlet mantle
the entire thing is just intertwined
SAMEE
simple valve
If i have to make a ret2libc atack how do i leak the libc base address on the re...
is this for a THM room
drifting maple
yes
lament tendon
Honestly that's kind of the use case of Qubes. If you don't have a really good u...
I am down for that. And struggeling.
Lmao.
Currently preparing a new installation media, maybe that will work.
lament tendon
Happened to me last time I tried installing Qubes as well. Thought it was the fa...
Hmm, I gave the entire thing 1.4 TB or storage.
For the VMs it showed a little over 1.2 TB being available.
So that should be ok, I suppose.
Wonder whether it has something to do with the fact that I have two separate SSDs, maybe I should install it on only one disk or something.
boreal scarab
To 3d print an m.2 screw hmmmmm
glass nest
thats a challenge
boreal scarab
Yah, so tiny
Even with 0.4 or 0.6mm nozzle at 0.1/0.2 layer height it's still going to be a PITA
glass nest
Yeah. filament is 1.75.
Just the width of that.
might be easirt to make a 2mm 'pin' then tap it
boreal scarab
It's so tiny. I can't find someone on Thingiverse who has posted it 
glass nest
I don't think it'd be possible..
just based on the filament/nozzle with.
It'd have to be smaller/equal to the threads
boreal scarab
To spend pennies at a hardware store for one, or hope that the 3d printed 2mm pin doesn't break in my server... HMMMMM
glass nest
Print it. Don't risk leaving the house. Bears live in the outside.
boreal scarab
Like it's already got a standoff in it, so can't put my own standoff
Because this thing is a PITA to get out
boreal scarab
Print it. Don't risk leaving the house. Bears live in the outside.
So do hooman
Got the standoff out, thanks IFixIt. Never have used the top row. Legit only use the J1 bit, cause that's the standard size for everything electronic apparently lol
glass nest
So you were just whinging for no real reason?
devout palm
hihi
glass nest
Sorry, that was a cough - Might have looked like laughter
glass nest
Nah, it's boring.
glass nest
Dunno, i'm just being argumentitive for no reason
And I've not printed anything in days ๐
devout palm
Phone case, phone holder, roof
boreal scarab
Welp, hardware store I go, because this standoff from my dad's new rig is not the right height, and the screw is too short to screw into this server standoff
glass nest
good luck. I hope the bears don't get you
boreal scarab
At this point, I hope they do
clear jackal
@stoic surge please do not send me unsolicited DMs
stoic surge
It would be helpful if someone could answer my queries . I did not get any response previously .
@clear jackal
glass nest
cmon man. We are all just people here, volounteering our own time.
stoic surge
I would refrain from doing so , it's just that I needed some guidance as a beginner on how to approach certain things . Hope all's cool
clear jackal
It would be helpful if someone could answer my queries . I did not get any respo...
I am not at your beck and call. If you have career questions, #cyber-and-careers is the appropriate place to ask.
glass nest
Can you be at my beck an call? In case I have a moose-based emergency?
They are rare, but they happen
stoic surge
I am not at your beck and call. If you have career questions, <#7079927256469995...
Sure . You could have put it in a better way tho
Sorry for disturbing
mossy river
@stoic surge Have you read the server rules?
clear jackal
Can you be at my beck an call? In case I have a moose-based emergency?
Yes, I will swim at 30mph across the ocean
glass nest
them spindly legs have a lot of power, it seems
blazing granite
Can you be at my beck an call? In case I have a moose-based emergency?
Do you need some moose for your hair? ๐
hollow pivot
Sure . You could have put it in a better way tho
Just saw your post in #cyber-and-careers , your question might need to be a bit more specific than "How should I go about things"
Here are some roadmaps that could help https://www.sans.org/cyber-security-skills-roadmap/ and https://pauljerimy.com/security-certification-roadmap/
As for TryHackMe, you can start with the fundamentals (Complete beginner or/and Pre Security paths) then go onto JR pentester and Red teaming paths
stoic surge
@mossy river I happened to make a mistake and I do apologise. It's a rookie error .
mossy river
<@270975958511517697> I happened to make a mistake and I do apologise. It's a ro...
Just asking if you have read the rules as you did press the โI agreeโ button when you joined the server ๐
If you havenโt, I would recommend reading them :)
stoic surge
I posted my queries but somehow they didn't get through for a couple of days . In the heat of the moment , I went ahead for personal feedback .
stoic surge
Just asking if you have read the rules as you did press the โI agreeโ button whe...
I have but I might have overlooked some details . Will make sure to do so
rapid merlin
hello ๐
stoic surge
Do , I go ahead and post my queries on the #cyber-and-careers ?
glass nest
Gonzo has given you some solid advice above
stoic surge
Just saw your post in <#707992725646999553> , your question might need to be a b...
Thanks a lot . I appreciate your response ๐ .
twin ridgeBOT
Gave +1 Rep to @hollow pivot (current: #51 - 129)
hollow pivot
Thanks a lot . I appreciate your response ๐ .
No problemo, feel free to DM if you have questions, I am not a pentester or anything close, but I can try help ๐
sand trench
Waits for new tryhackme room exitedly
rapid merlin
Guys, It is possible To do Evil Twin Attack with ESP32? Or it is possible with ESP8266 only?
lament tendon
I have an ISP32 with a 2.4GHz wifi chip, I'd suppose that could work.
Never tried it tho.
rapid merlin
Just saw your post in <#707992725646999553> , your question might need to be a b...
Thabks for this
mossy river
Guys, It is possible To do Evil Twin Attack with ESP32? Or it is possible with E...
Keep this to the advanced channels please
finite basalt
I have an ISP32 with a 2.4GHz wifi chip, I'd suppose that could work.
Ever played with an NRF52840? they're neat, they can do bluetooth and wifi 2.4ghz
I've got one programmed for BLE sniffing, it's quite cool, works with wireshark as an external capture interface using a python script
rapid merlin
Keep this to the advanced channels please
Okay
devout palm
What's up James
naive violet
I've got one programmed for BLE sniffing, it's quite cool, works with wireshark ...
Big fan, and they're cheap
@lament tendon @finite basalt You seen the esp32 based satellite ground station project?
Receive data from spaaaaaaaaaaace
lament tendon
Ever played with an NRF52840? they're neat, they can do bluetooth and wifi 2.4gh...
Nope, only the flipper and itโs dev board. ๐
lament tendon
<@503684092194455552> <@436928124521938954> You seen the esp32 based satellite g...
Damn, thatโs actually insane.
crude stump
Hello
Bots a opp
Before I got rudly muted by the bot. I was going to send the offical discord for NZXT. They have there own discord if you want to ask them technical questions
boreal scarab
https://tenor.com/view/space-what-gif-23991655
lament tendon
Bots a opp
Is the bot really an object oriented program?
shell nova
yay comments!
crude stump
Not cool comments
lament tendon
Is this a room youโre making?
crude stump
yay comments!
What ya making
devout palm
yay comments!
Unless there's a reflected XSS
shell nova
shouldn't be
lament tendon
making an easy CTF
I see.
devout palm
Just noticed you've tried it
lament tendon
Iโm doing this HTB room right now, and it literally crashes itself after a while for reasons I understand but donโt want to type out on mobile.
shell nova
that would have been stored
lament tendon
Doubtful this is intended, it is really annoying.
Donโt make something like this.
mossy river
Before I got rudly muted by the bot. I was going to send the offical discord for...
Please make sure to ask before sending discord links to external servers ๐
devout palm
that would have been stored
Oh yea
crude stump
Please make sure to ask before sending discord links to external servers ๐
Will do
shell nova
even then, automod doesn't like it
boreal scarab
Go to the hardware store to pick up an m2 5mm screw for my m.2.
Go there guy was like "m2 is 2mm, not 5mm." Thank you, I know. 5mm is the damn length
quasi plaza
hey guys
shut hawk
watt the
quasi plaza
are you paying for the subscriptions or using own Virtual Machines?
shut hawk
I've always used my own VM
A lot more flexibility
glass nest
did you just.. reply to yourself?
quasi plaza
did you paid for tryhackme? Iยดm just starting and want to make sure
glass nest
the subcription opens up a bunch more rooms aswell
shut hawk
A lot more flexibility
Agreed
glass nest
Rooms are what we call each of the challenges and tutorials on the site. about 80% of them are free, so you don't NEED a subscription, but it does add more than a faster attackbox ๐
sick lance
Always a good feeling when you're the first person to drop something in VirusTotal.
rancid lava
hello, i want to start openvpn with wsl ubuntu but the vpn dont want to work...
sick lance
hello, i want to start openvpn with wsl ubuntu but the vpn dont want to work...
Wsl is pants for networking.
You might run in to issues with that constantly.
rancid lava
okayy thanks and what is the solutions ?
sick lance
Personally, I'd just suggest using a VM.
boreal scarab
@hot cairn this server is LOUD AS FUCK
So loud I can't hear myself think nor hear my other server
devout palm
<@484040243818004491> this server is LOUD AS FUCK
Because you're shouting
boreal scarab
Finnaly. Fucker slowed down in RPM. I can hear myself
Fml... that 32GB of ram I put in, yah no good
Back down to 16
sick lance
Finnaly. Fucker slowed down in RPM. I can hear myself
Let me Ferox it.
rancid lava
Personally, I'd just suggest using a VM.
yesss but in the long term the vm become slow
sick lance
yesss but in the long term the vm become slow
you must be doing something wrong then.
sick lance
New room, 25 min(s)
shut hawk
Wsl is pants for networking.
Eh WSL2 is fine
boreal scarab
Yeh! Not the one in turb features on or off, but the one from the store
sick lance
Eh WSL2 is fine
So you say.
But every other day I see people having issues with it ๐คท
shut hawk
Yeah, link to the messages lol
sick lance
Stop being lazy.
You search ๐ค
boreal scarab
Quick question.
Got a ThinkServer RS160, just has 1 256GB M.2 gen 3X4.
This server is just going to be a firewall. Which is better, UFS or ZFS?
shut hawk
You're the one making the claim lol
mossy river
How about you both provide proof
One for and one against, weโre all intellectuals we can have a spirited debate
boreal scarab
One for and one against, weโre all intellectuals we can have a spirited debate
We are?
sick lance
boreal scarab
I hate you all
shut hawk
There's one.
Is Ben reliable enough for you?
That's not "every other day", also if you look at the full context Ben said "may be weird", that doesn't mean it's "pants for networking"
mossy river
WSL 2 was notorious for networking problems when it was first released.
As for now, I donโt know, but we generally do not recommend it for TryHackMe.
crude stump
<@484040243818004491> this server is LOUD AS FUCK
AHHHHHHH
boreal scarab
AHHHHHHH
Booting up. It sounded like my Dell PowerEdge 2950. Then slowed down to actually desktop air-cooled quiet noise. Quite lower than my Quanta 1U server.
It legit sounded like an airport
sick lance
That's not "every other day", also if you look at the full context Ben said "*ma...
I mean, I get it works for you ok.
I wouldn't suggest it to anyone.
shut hawk
It's pants for netowrking for tunnels on tryhackme.
Fixed it for you ๐ค
Well that's better, I can agree with that
boreal scarab
But here's the question. Was that WSL through Windows Feautures, or Microsoft Store?
shut hawk
Well that's better, I can agree with that
But giving it a blanket statement of "pants for networking" is doing it injustice imo
hot cairn
It legit sounded like an airport
Thatโs a server for ya
boreal scarab
Thatโs a server for ya
Server go BRRRRRRRRRR.
I could hear it throughout my house F
buoyant tree
hullo
wind lake
hiiii
my server is still in hibernation
im moving soon to a 1 bedroom im curious if ill have space anywhere to set it up
sick lance
im moving soon to a 1 bedroom im curious if ill have space anywhere to set it up
Hang it from the ceiling.
boreal scarab
What server?
buoyant tree
im moving soon to a 1 bedroom im curious if ill have space anywhere to set it up
So the bed's for the server?
wind lake
What server?
honestly i cant remember
i havent used it since i moved in april last year
boreal scarab
honestly i cant remember
It's been in hibernation for that long? Dang
buoyant tree
yeah ill sleep in the bathtub
keep server in the bathtub instead, water cooling
wind lake
say how much do you think i could sell a 48 port 2960 with PoE?
split compass
im moving soon to a 1 bedroom im curious if ill have space anywhere to set it up
How loud is your server?
wind lake
How loud is your server?
not terrible tbh
boreal scarab
My Quanta I don't know the model, their naming is very weird, but this ThinkSever RS160 is quite nice
split compass
If you don't mind being in the same room, see if you can get a half-height rack to store it in, or make an ikea rack.
wind lake
i have a coffee table from ikea that fits it perfectly
boreal scarab
@hot cairn I did a big whoopsy. I installed PFSense rather than OPNSense
wind lake
might be a centre piece in the living room
hot cairn
<@484040243818004491> I did a big whoopsy. I installed PFSense rather than OPNSe...
Itโll work lol
split compass
<@484040243818004491> I did a big whoopsy. I installed PFSense rather than OPNSe...
Did it have up-to-date enough drivers for your NICs?
hot cairn
im moving soon to a 1 bedroom im curious if ill have space anywhere to set it up
I got a 42u rack in my 1bdr
Itโs fun
boreal scarab
Well, if I don't like PFSense, I'll just burn it to the ground and install OPNSense
split compass
Well, if I don't like PFSense, I'll just burn it to the ground and install OPNSe...
I would be amazed if you can't find an export/import utility for rules between the two.
wind lake
I got a 42u rack in my 1bdr
ya it might be a bedroom special
split compass
Which software?
wind lake
in unrelated news, thank god for wget
lets go wget
you get it wget
so far the only way ive been able to get anything downloaded of this 26gb file
split compass
so far the only way ive been able to get anything downloaded of this 26gb file
curl requires extra flags to make it resumable.
wind lake
yeah i tried witth curl with those flags and it still broke
buoyant tree
Wget is simple
shut hawk
Bee, try aria2
shut hawk
Might be useful here
wind lake
Bee, try aria2
wus that
split compass
https://gitlab.com/invuls/pentest-projects/pcf
Thanks, I'll have a look ๐
twin ridgeBOT
Gave +1 Rep to @sonic dust (current: #1999 - 1)
sonic dust
Thanks, I'll have a look ๐
pretty nifty
wind lake
if this breaks, ill give it a try
buoyant tree
https://gitlab.com/invuls/pentest-projects/pcf
good thing its open src
buoyant tree
hmm its got burp support
sonic dust
yes it does
sonic dust
whats really nice is the nmap upload. everything you scan is auto uploaded via xml
services hostnames ports etc
buoyant tree
nice
sick lance
I have a pentest report to write soon ๐
sonic dust
lol you are welcome @sick lance
sick lance
lol you are welcome <@958383130102870026>
I already had this. lol
sick lance
well screw you for not sharing
I got it from an old mod.
mellow pumice
0-0
real void
I am an intern. I need help with this.
I have a csv file with 4000 ip addr and need to do whois enum and add the info in other column respectively. How can I do that?
sonic dust
jfc 4k?
sick lance
I am an intern. I need help with this.
I have a csv file with 4000 ip addr and ...
Is this for your work/school?
real void
Is this for your work/school?
Company I am intern
buoyant tree
I have a pentest report to write soon ๐
don't you study digital forensics?
sick lance
Company I am intern
We don't help with that sort of stuff. ๐
sick lance
don't you study digital forensics?
I do both.
shut hawk
I'd advise talking to your senior @real void
mellow pumice
ohhh
shut hawk
Better than asking a random discord server full of strangers
mellow pumice
spittin fax
split compass
tried sysreptor PT, pwndocs etc
Yeah, I always see a commercial solution recommended, but haven't looked for any community solutions.
sick lance
Red team room this week.
buoyant tree
I do both.
Hmm, although a question I forgot to ask but I heard about.
Are forensics reports required to be super simple but still include all the complex stuff. (Exact example I was given, Somebodys grandmother should be able to understand it)
lament tendon
I am an intern. I need help with this.
I have a csv file with 4000 ip addr and ...
Ask your supervisor, that will probably be the easiest solution. ^_^
real void
I'd advise talking to your senior <@856957226555670529>
Ok
sick lance
Hmm, although a question I forgot to ask but I heard about.
Are forensics report...
Whoever is reading the report, should be able to repeat the process so they can get the same result and conclusion.
As it the resuts need to be identical, it has to be factually correct so it won't get dismissed as evidence in court.
boreal scarab
I would be amazed if you can't find an export/import utility for rules between t...
Dunno, I probably need to create rules. Gotta read up on OPNSense
sonic dust
i wish they would bring back the AD network:'(
blazing stone
test
real void
Ask your supervisor, that will probably be the easiest solution. ^_^
I just wanted to know if there is some website or method to do this quick. So I wouldn't look stupid to ask my supervisor.
buoyant tree
As it the resuts need to be identical, it has to be factually correct so it won'...
but what about the simplicity element?
boreal scarab
Did it have up-to-date enough drivers for your NICs?
Dunno, 2017 server, so probably
blazing stone
the test tested
sick lance
but what about the simplicity element?
Depends on the writer and template.
I've seen that were simple, I've seen some that was like alphabet soup
split compass
Dunno, 2017 server, so probably
I just know that was an issue that LTT ran into when they moved buildings with one of their 25Gbps NICs, they had to dop PFSense and switch to OPNSense because PFSense prioritizes stability to a detrimental level.
heady nova
ello
buoyant tree
Depends on the writer and template.
I've seen that were simple, I've seen some ...
hmm.
split compass
I am an intern. I need help with this.
I have a csv file with 4000 ip addr and ...
Tons of ways to accomplish this.
Not really a hacker topic specifically, more of a data analyst topic.
But you could use a combination of simple tools like awk and sed.
You could use Python with the csv library imported
You could use PowerShell with the "Import-Csv" cmdlet.
The beauty of computers is there's never one way, and rarely one "right" way to skin a frame buffer.
wind lake
I am an intern. I need help with this.
I have a csv file with 4000 ip addr and ...
python
real void
Tons of ways to accomplish this.
Not *really* a hacker topic specifically, more ...
But whois required connecting to server won't it reject request of that huge amount so I have to take that into account as well?
wind lake
you can set python to only do a whois every couple seconds or somethin
split compass
But whois required connecting to server won't it reject request of that huge amo...
That will depend on the whois solution you use, if you want to use a public one like domaintools I believe you can purchase api access to allow for large number of searches.
real void
That will depend on the whois solution you use, if you want to use a public one ...
Yeah I understand, there are few website I know thanks I'll talk with something in my hand now.
twin ridgeBOT
Gave +1 Rep to @split compass (current: #54 - 123)
buoyant tree
weve reached %1 downloaded lets goooooo
what u downloading tho
split compass
Yeah I understand, there are few website I know thanks I'll talk with something ...
No worries.
Take a small subset of your data, maybe 10 lines, to make a sample set
w/ linux head -10 file.csv > sample_set.csv
Play around with your idea of how you want to make your requests, as Jayy said, invite your seniors to see and direct what you're working on.
Once you have your sample set working, if you're relying on something with a commercial API, advise your manager that you need them to purchase you API access.
Best of luck.
wind lake
btw bee u got any recommendations for instrumental jazz
john coltrane, kind of blue by miles davis, tigran hamasyan
chilly veldt
Ahhhhh
buoyant tree
john coltrane, kind of blue by miles davis, tigran hamasyan
will give it a listen in 1.5 hours
shell nova
Never had issues with WSL rev shells, just things mucking with iptables
buoyant tree
also question why would someone want to view hex in Burp SUite
wind lake
will give it a listen in 1.5 hours
have fun
wind lake
also question why would someone want to view hex in Burp SUite
there are valid reasons, i just cant articulate them right now..
boreal scarab
I just know that was an issue that LTT ran into when they moved buildings with o...
Yah, I run 1g, not 25 lol
loud marlin
also question why would someone want to view hex in Burp SUite
hex can show some detailed things or so
buoyant tree
there are valid reasons, i just cant articulate them right now..
...
buoyant tree
hex can show some detailed things or so
such as
boreal scarab
My 10g ports on my Quanta is connected straight to the machines
buoyant tree
oh k, but how might that be useful? any examples
loud marlin
well any char have his own hex value
so if you do not know how to get something in clear text or so you can check hex value and get to be more clear
wind lake
well any char have his own hex value
its own hex value :)
loud marlin
*its* own hex value :)
language barried... mea culpa ๐
wind lake
i know, thats why i corrected! no harm
chilly veldt
My brain not braining
loud marlin
i know, thats why i corrected! no harm
yea ik... but thanks ๐
twin ridgeBOT
Gave +1 Rep to @wind lake (current: #58 - 115)
wind lake
My brain not braining
brain harder or osmething
loud marlin
My brain not braining
did you try turn it off and on
split compass
echo -e \033[95m some characters are just weird and do nothing. \033[0m
Some characters are invisible, but will change whether an value/field matches the expected input format.
if select UserName0x01 from user_table == UserName0x01.value
Not to mention any kind of simple control characters that might be used.
mossy river
Trying to take a picture at the gym after doing a heavy workout ๐ญ theyโre all blurry
chilly veldt
brain harder or osmething
My brain be thinking about this one thing
wind lake
Trying to take a picture at the gym after doing a heavy workout ๐ญ theyโre all b...
shaky jabba
strong jabba
split compass
Trying to take a picture at the gym after doing a heavy workout ๐ญ theyโre all b...
What camera?
wind lake
My brain be thinking about this one thing
brains do that sometimes
chilly veldt
Trying to take a picture at the gym after doing a heavy workout ๐ญ theyโre all b...
That's cause your muscles tired after workout
mossy river
chilly veldt
brains do that sometimes
Yeeeeeee, it's cool thoughts though
mossy river
What camera?
iPhone 14 Pro Max
split compass
iPhone 14 Pro Max
Yeah, hard to find much better digital stabilization.
Try just propping it up somewhere and shouting "Hey Siri take a photo"
loud marlin
@buoyant tree
might help
split compass
<@1167506060307865610>
might help
Cyber chef is great. ๐
loud marlin
id does his job greatly
split compass
I should try running one on local hardware and see if it is more performant than the GCHQ shared instance.
wind lake
I should try running one on local hardware and see if it is more performant than...
it very well might be
wind lake
why the festival tickets gotta be so expensive...
molten sky
https://tenor.com/view/slap-gif-25249881
you've sent this to me a lot lately
loud marlin
you've sent this to me a lot lately
i save it for very special occasions ๐
graceful thistle
Anxiety inducing
night prairie
Does anyone know if there's any issues with doing LSB image steganography on formats besides PNGs? I can't find anything online that says so, but in class we were told only to work with PNGs for some reason
edit: nvm there's a research paper on it by bharat sinha
night prairie
Oo, what are you using ur pi for?
i still have mine just sitting in a drawer somewhere, it's a model 1 tho so not very powerful xd
or 1b, i dont remember
devout palm
Oo, what are you using ur pi for?
I'm planning to code a network management tool
Just playing around right now
night prairie
Ah I see, that sounds fun, good luck!
devout palm
Thanks
night prairie
also question why would someone want to view hex in Burp SUite
besides the non-readable characters, imo there might also be some cases where there's a proprietary communication protocol where you might have to manually interpret the bytes
things like when they have the first 2 bytes represent an ID, the next few bytes represent something else, etc.
though I've only seen it in games and through socket communication (to lower latency, idk if ppl do it with http requests too but i'd assume there's things like c2s which do smth similar but for obfuscation, though I may be wrong)
boreal scarab
When all you have is 6 inch ethernet cables to configure your FW on your laptop with
shell nova
When all you have is 6 inch ethernet cables to configure your FW on your laptop ...
Splice them all together
Data rate will plummet but who cares?
boreal scarab
Not me! As long as I can get to the WebUI, I don't care if the cable is even 5 mbps
Doesnt help that I'm getting old, bending down to configure this with no seat
I really do hate myself
split compass
though I've only seen it in games and through socket communication (to lower lat...
If not existing C2s, then certainly the one you write? ^_~
night prairie
๐
actually wanted to make a really basic one for fun last year but didn't end up doing it
wanted to try a new language when working on it tho, was thinking of going with rust
would be a nice github project
buoyant tree
<@1167506060307865610>
might help
hmm
buoyant tree
besides the non-readable characters, imo there might also be some cases where th...
might be a advanced implementation
dense cedar
Islam be upon you, my brothers
I have an important question, what do you mean by port?
Is the port the protocol or the computer port??
tired peak
Is the port the protocol or the computer port??
so not a brother but it may help for you to google. Port and protocol are not the same. The port is a number. The protocol is how you communicate on a port
like protocol http often runs on port 80
it it could run on any other port, sometimes you see it on port 8080, 8081 but if a port is available, it can be used
dense cedar
Do they have a device?
tired peak
what do you mean?
shell nova
Not...exactly
A port is more of an identifier used by a service so it can tell what network comms are aimed at it
dense cedar
The port has special devices
shell nova
There may have once been a hardware analogue, long ago
tired peak
ahh no, like hydra said, its part of a client/server architecture
so a server will allocate a port for a service, then a client connects to that part but its not a special device
shell nova
The port has special devices
You can also use port to describe a device interface, for example serial port, or usb port
But that's a hardware concept
tired peak
oh true
shell nova
Which is why the question is incomplete
crude stump
Wait do Yk how in movies they always show the hackers pcs terminal as green? How do they do that
tired peak
Wait do Yk how in movies they always show the hackers pcs terminal as green? How...
green font?
shell nova
Wait do Yk how in movies they always show the hackers pcs terminal as green? How...
Legacy monitors used green phosphors
It stuck
dense cedar
You can also use port to describe a device interface, for example serial port, o...
I know the computer ports, such as RJ45
tired peak
I know the computer ports, such as RJ45
yeah you are talking physical ports then'
crude stump
Legacy monitors used green phosphors
Ooh
tired peak
Ooh
https://hackertyper.net/ you too can be a hacker
loud marlin
hmm
not sure if is correct representation. but hex is alike hash. if i explain it good
shell nova
https://hackertyper.net/ you too can be a hacker
Cute
crude stump
https://hackertyper.net/ you too can be a hacker
buoyant tree
not sure if is correct representation. but hex is alike hash. if i explain it go...
yea understood it a lil
night prairie
Wait do Yk how in movies they always show the hackers pcs terminal as green? How...
type color 0a if ur on windows
loud marlin
yea understood it a lil
and if char is unreadable like on first pic. you can find his hash value on table
buoyant tree
ye
buoyant tree
isn't that tree
night prairie
rapid merlin
Hello guys quick silly question, i haven't done any thm in a long time but for RCE with a file upload bypass, i need to bypass the filter then navigate to where my code was uploaded to get it to execute on the server right?
loud marlin
ye
https://www.commfront.com/pages/ascii-chart for example
rapid merlin
I was being a silly man and just thought uploading the file would get it to execute >_<
buoyant tree
https://www.commfront.com/pages/ascii-chart for example
time to learn another language, Hex
lean furnace
hi do i need to create a new account with my student email to get the student discount? it doesnt let me change my email...
loud marlin
time to learn another language, Hex
is not quite language... is just table representation or so
night prairie
hi do i need to create a new account with my student email to get the student di...
Simply setting my student email without verifying gave me the discount last time iirc - though, I'm not sure if you can reach this step with whatever issue you're facing - also don't know if they made it so you have to verify it now or not
shell nova
Hello guys quick silly question, i haven't done any thm in a long time but for R...
Sounds about right
night prairie
time to learn another language, Hex
hex is a just a different numbering system, shouldn't take long to pick it up
https://learn.sparkfun.com/tutorials/hexadecimal/all
chilly veldt
We do love base 16
shell nova
It's a representation of numbers that happens to match binary with less space
loud marlin
and hex help into uderstand how cpu understand/translate. if i explain it ok
cos is 2 char
shell nova
There is base32, usually used for OTP keys these days
But 2 hex digits represents one byte
loud marlin
@buoyant tree so when you find weird chat is like this
shell nova
And that's handy
molten sky
i find base 1 to be the easiest to remember
shell nova
i find base 1 to be the easiest to remember
Base 2 is better
lean furnace
Simply setting my student email without verifying gave me the discount last time...
i just created another account with my student email and it worked thanks mate
twin ridgeBOT
Gave +1 Rep to @night prairie (current: #99 - 63)
loud marlin
so when you wish to program something that have that kind of weird char you can use from hex to ascii or smth like that if you cant tipe that kind of ascii on keyboard
glass nest
And useing the alt-codes ๐
loud marlin
And useing the alt-codes ๐
and that shit also hehe ๐
shell nova
so when you wish to program something that have that kind of weird char you can ...
Yeah but use utf-8 instead
night prairie
And useing the alt-codes ๐
i had a few useful ones i'd use but can't remember them anymore :c
shell nova
On mobile, no alt
loud marlin
Yeah but use utf-8 instead
yea... but what if you need input some Asina chars or something that looks alike the buttons on calculator that you never use ๐
crude stump
Trash
shell nova
It's not AI imo
crude stump
Number 1 ai hater here yโall
shell nova
LLMs sure
glass nest
Its the current 'Big thing' so worth learning some security aspect of it
molten sky
It's not AI imo
say orange
night prairie
OpenAI's Sora looks insane, I'd like to get into AI at some point, seems like AI's going to be used in every sector in the near future imo
shell nova
say orange
Pineapple
crude stump
Apple
night prairie
Pen
glass nest
Mango
shell nova
The fruit is a lie
crude stump
https://tenor.com/view/ppap-dance-pikotaro-fad-smile-gif-6099018
Wonder what happened to bro
glass nest
Just got back from dinner with an old Uni friend. Not see her in ages, and it was lovely. Went to 'blues bar and Grill'
buoyant tree
<@1167506060307865610> so when you find weird chat is like this
yea trying to **kinda **remember that
loud marlin
rapid merlin
Sounds about right
Nice i try later
molten sky
Wonder what happened to bro
according to the interwebs, apparently he's still around, but i've never actually seen him again
crude stump
Just got back from dinner with an old Uni friend. Not see her in ages, and it wa...
Sure sheโs a friend ๐
glass nest
Haha we did have a thing after Uni, but she lives too far away for anything to happen.
crude stump
I see
buoyant tree
AI is smart
night prairie
according to the interwebs, apparently he's still around, but i've never actuall...
Seems he's mainly a TV entertainer and comedian in Japan, would explain why we don't see him in the west
night prairie
"make me an AI model that codes whatever I promt it in C"
well.. technically already a thing, needs improvement though
glass nest
When I first met her during Uni, I went to hers so we would walk to the Union bar together (As we lived near each other then). When I got there she was playing FFVIII fight a tricky enemy, and had a page of notes - what movees she used, and what the enemy did. It was sooo geeky! We were best mates after that ๐
molten sky
she's a fed
open anvil
path recommended after finishing complete beginner?
fast wave
hi i probably do have kind of stupid question but when using pentest tools like gobuster or nmap or some of these bruteforce/scanning tools do they like use your IP to check? so for example say if you used gobuster on google and it scanned 9k hidden pages google would see that your ip is the one sending the requests?
crude stump
she's a fed
๐
buoyant tree
eh AI atm is insanely expensive
molten sky
path recommended after finishing complete beginner?
if you ask me, try the Jr Pen Tester path or whatever it's called
crude stump
D1 hater
open anvil
if you ask me, try the Jr Pen Tester path or whatever it's called
nice ty
twin ridgeBOT
Gave +1 Rep to @molten sky (current: #93 - 67)
buoyant tree
eh AI atm is insanely expensive
Like SUPER EXPENSIVE
shell nova
They won't be, don't worry
molten sky
hi i probably do have kind of stupid question but when using pentest tools like ...
yes
buoyant tree
heck Sam Altman asked 7 trillion dollars from the world for GPU's
night prairie
hi i probably do have kind of stupid question but when using pentest tools like ...
@shell nova
shell nova
At least AI won't replace humans in any creative fields
fast wave
i see
shell nova
hi i probably do have kind of stupid question but when using pentest tools like ...
Yes, and don't scan machines you do not have permission to scan
fast wave
Yes, and don't scan machines you do not have permission to scan
im aware now
shell nova
Yeah but they can't create. Not truly
crude stump
Of course but what is that really gonna take over. Definitely the graphics industry
Tho itโs not perfect
shell nova
You hear about game studios wanting to use AI art. That's because they're cheap greedy bastards, but AI art is wildly inconsistant
crude stump
Those ai image creations have a hard time creating hands for some reason
fast wave
Yes, and don't scan machines you do not have permission to scan
so when using scanners like that its basically like im ddosing cause im sending too many requests or ddos is way more potent?
crude stump
Ai wonโt take over the cyber industry anytime soon. If thatโs whatโs your worried about
shell nova
so when using scanners like that its basically like im ddosing cause im sending ...
More like a DOS
But yeah, you can unintentionally break things
crude stump
Too many errors ai makes
loud marlin
i think you can't ddos/dos with simple scanning. scan might be detected but not as ddos/dos...
shell nova
Might make compilers better though
night prairie
More like a DOS
I recall reading somewhere that things like nmap scans would sometimes end up taking industrial systems offline lmao
fast wave
More like a DOS
i see well i did dumb thing and i scanned website with 2K requests before i stopped it (it was supposed to check for 10k so thankfully not) do you think like the server providers are gonna notice?
loud marlin
I recall reading somewhere that things like nmap scans would sometimes end up ta...
i did happened
shell nova
I recall reading somewhere that things like nmap scans would sometimes end up ta...
Some industrial systems are running off an old pentium that somehow runs windows XP under a machine
shell nova
i see well i did dumb thing and i scanned website with 2K requests before i stop...
Probably, but that stuff happens all the time on the net
night prairie
i cant remember the name for industrial hardware, the one i had in mind at least
fast wave
Probably, but that stuff happens all the time on the net
its not neccessarily illegal no
shell nova
i cant remember the name for industrial hardware, the one i had in mind at least
Ugh, whatever scraps they can spare at the time
shell nova
its not neccessarily illegal no
It technically is
fast wave
smh
shell nova
I mean I'm testing copilot, it's...alright, but definitely need to reread what it spits out
loud marlin
its not neccessarily illegal no
using nmap might not be illegal, but might not be ok to do so. and it can get you in trouble for sure
mossy river
Why wouldn't it be illegal?
fast wave
using nmap might not be illegal, but might not be ok to do so. and it can get yo...
yeah i used gobuster
fast wave
Your ISP can also have a problem with it
i see
night prairie
wish i used copilot more in beta
shell nova
In short, don't do that again
fast wave
In short, don't do that again
im aware now
i did it on my school website
that was hella dumb
mossy river
loud marlin
yeah i used gobuster
oh... not sure where exactlyu to put that in scale of not legal/illegal but it can be problem if some big industry caught it
crude stump
State website ๐
shell nova
i did it on my school website
Yup
fast wave
smh i thought like scraping around isnt illegal
shell nova
oh... not sure where exactlyu to put that in scale of not legal/illegal but it c...
Big industry will definitely catch it. Might deem it mostly harmless though
fast wave
like its publicly available information
tired peak
you would be surprised some of the hardware and software that very important systems run
crude stump
Technically itโs not if you have to use software to find it
boreal scarab
I really do hate firewall rules.. I'm able to ping from my laptop which is after my firewall, to my internals. but I can't ping from my internals to my laptop
loud marlin
smh i thought like scraping around isnt illegal
it is. not smart to do
shell nova
you would be surprised some of the hardware and software that very important sys...
No I wouldn't ๐
tired peak
No I wouldn't ๐
well not you...
fast wave
Technically itโs not if you have to use software to find it
i mean it doesnt change anything
i could still do that manually
mossy river
smh i thought like scraping around isnt illegal
That's not scraping, that's a brute force attack
tired peak
like it'll something like "our billion dollar program relies on this PC from 1980s..." and you are like "What?"
fast wave
That's not scraping, that's a brute force attack
damn
shell nova
well not you...
I still have to deal with obsoleting windows XP vms
loud marlin
@fast wave as i say:not sure how stupid that is, but aint smart
tired peak
I still have to deal with obsoleting windows XP vms
I've dealt with older than XP and yeah we have XP too
shell nova
And there's that mainframe somewhere
boreal scarab
Reminds me of the time we went on site and they had a win 95 running a label maker or something.... obv not connected to the network
tired peak
I had a program buying scrap parts from ebay because they didn't want to update the software and all current hardware isn't compatible...
so they basically have someone who has alerts for ebay set up
ruby pier
Every Cyber Security course should have a section that gives you insight on how to collaborate with administration/c-levels because my lord.
crude stump
Itโs the infinity certs
shell nova
Every Cyber Security course should have a section that gives you insight on how ...
Yup
If we could use AI to predict the stock market, it would already have been done
night prairie
Would an LLM alone be able to do smth like this or would you need to specifically train a model on trying to guess the market?
shell nova
Would an LLM alone be able to do smth like this or would you need to specificall...
Probably both, but the market as a whole is more or less unpredictable
tired peak
Udacity has a course on AI and financial analysis... its been out there for almost 10 years
shell nova
Stock market is more an indication of human behaviour rather than any logical or rational behaviour
loud marlin
there is good reason why SCADA system is used to control systems. if AI can predict things will be used as in stock market. on my work, our SCADA cost small 1mil (and more) euro to control things. and it's doing great job
tired peak
what you'd really need to predict is how companies are fairing vs the stock market itself
buoyant tree
I really do hate firewall rules.. I'm able to ping from my laptop which is after...
do something dumb like turning the firewall off
or whitelist what u wanna do
loud marlin
and tbh, SCADA saved us on few occasion from complete environmental catastrophe...
might nob be legal... humans can't do that speed
boreal scarab
do something dumb like turning the firewall off
Well FW isn't even fully configured yet. I'm able to ping from my laptop (behind the firewall) to my internal network. So laptop is on 1.0 network, internals, for this example, are on 2.0 network.
But my 2.0 network can't ping to the 1.0 network
I am not a network person, so learning this as I go
tired peak
there are some companies that are using AI trading today
loud marlin
i work in chemical industry. things we develop can be done only if gov allow us. and some things in clear form are scary dangerous if goes out. imagine 99% ammonia got out. around 2000 liters leak will be catastrophe
tired peak
but basically they are using best practices vs trying to catch the dips/rises
shell nova
HFT is already dodgy
tired peak
WealthFront, Schwab, Vanguard, etc all have AI advisors who will auto invest money for you
loud marlin
it will be illegal or so even for one moment. i think.
again... not sure how stupid that is, but aint smart
same reason why game cheating is illegal and can be punished
tired peak
AI trading isn't illegal
loud marlin
AI trading isn't illegal
fully develop AI that can predict stock market ?
tired peak
fully develop AI that can predict stock market ?
its doing the best it can, most stock platforms out there have AI trading already
tired peak
I'm not talking about crypto
loud marlin
I'm not talking about crypto
same... i didn't think in of crypto
chilly veldt
Stocks
tired peak
I'm talking about stocks
chilly veldt
I was close to working for a trading company๐
Building their infrastructure
Eh, not exactly what I wanted to do
If I look at it now
night prairie
there is good reason why SCADA system is used to control systems. if AI can pred...
ahhhh this is the word i was looking for earilier, scada
chilly veldt
Even though it's green stock, it's a no thanks for me
chilly veldt
Nice
tired peak
not all my money mind you but some
chilly veldt
Yeah, of course, I have done some trading myself
shell nova
Not much
loud marlin
they can't learn from them self. they have knowledge of what ppl provide them
proven quartz
They cause each other major problems and usually just end up riffing garbage at each other
shell nova
Garbage in, garbage out
night prairie
and have been for about 5 years
Would you recommend others try it too?
loud marlin
when AI reach point of creating better wersion of him self... we are sfucked
tired peak
this is my robo (aka AI) advisor. I no longer contribute money to the account but it does pretty good
shell nova
when AI reach point of creating better wersion of him self... we are sfucked
Good thing we aren't there
loud marlin
yea
rapid merlin
Evening ๐
tired peak
I too can shitpost poorly
loud marlin
All they can do now is shitpost
yea... and they sux on it hehe
shell nova
I too can shitpost poorly
Aye, and I can too, so we're safe
Nah, cause at the end of the day, you still have people
loud marlin
if AI use our shitposting as learning data... we are safe for long ๐
proven quartz
when AI reach point of creating better wersion of him self... we are sfucked
There are other major issues with how our current AIs are producing various results and outcomes
shell nova
Aside from the plagiarism?
night prairie
All they can do now is shitpost
Wasn't there some Twitter AI account that went unhinged, because well, it was learning from Twitter
think it was made by microsoft
shell nova
Wasn't there some Twitter AI account that went unhinged, because well, it was le...
Tay
night prairie
Ah that's the one
shut hawk
on the topic of shit-posting and stocks:
https://youtu.be/USKD3vPD6ZA?si=O45LT2IKGcD0tP7g
night prairie
this is my robo (aka AI) advisor. I no longer contribute money to the account b...
Is it commercial software or your own?
proven quartz
Aside from the plagiarism?
Well that's a major issue that needs to be tackled with the companies appropriating everyone's creative outputs but there are problems with models and their behaviour, reliability, trustworthiness; we don't know what they're doing and they do very strange and unexpected things sometimes
shell nova
on the topic of shit-posting and stocks:
https://youtu.be/USKD3vPD6ZA?si=O45LT2I...
Probably turned out better than half of other traders
chilly veldt
Probably turned out better than half of other traders
It did
Actually
I saw the video when he released it
shell nova
Well that's a major issue that needs to be tackled with the companies appropriat...
Saw an entertaining story this morning about someone winning a lawsuit against Air Canada because their chatbot hallucinated a procedure
boreal scarab
I'm going insane with OPNSense 
chilly veldt
I'm going insane with OPNSense <:paradox:668893136789045268>
That makes no sense
split compass
Probably turned out better than half of other traders
Need only look at the Warren Buffet vs. Day Trader story to know how that turns out and why,
night prairie
Saw an entertaining story this morning about someone winning a lawsuit against A...
"In an argument that appeared to flabbergast a small claims adjudicator in British Columbia, the airline attempted to distance itself from its own chatbot's bad advice by claiming the online tool was "a separate legal entity that is responsible for its own actions."
๐คจ
shell nova
Need only look at the Warren Buffet vs. Day Trader story to know how that turns ...
Stock markets are mostly random
shell nova
> "In an argument that appeared to flabbergast a small claims adjudicator in Bri...
That's a really fun defence
proven quartz
Saw an entertaining story this morning about someone winning a lawsuit against A...
Yep that's the tip of the iceberg. They have no concept of reality or verification for their outputs so there's nothing in them that makes sense. They're just really bad at giving accurate or precise info
split compass
Stock markets are mostly random
Yep, and any knowledge of variables that can be used to improve outcomes cannot legally be used.
shell nova
Yep that's the tip of the iceberg. They have no concept of reality or verificati...
They're really just trying to predict the next word that makes sense in english
shell nova
Yep, and any knowledge of variables that can be used to improve outcomes cannot ...
Unless it's already public data
alpine kraken
Is the file inclusion room hard or am I just a noob?
split compass
Unless it's already public data
At which point everyone has acted on it, and no edge was given.
shell nova
Is the file inclusion room hard or am I just a noob?
Probably just a noob
alpine kraken
Probably just a noob
Knew it
shell nova
At which point everyone has acted on it, and no edge was given.
Or the info is non obvious
tepid prairie
Hello guys who did the new challenge Broken RSA
buoyant tree
Anybody used burp's sequencer in a real life application here?
tepid prairie
Breaking RSA
chilly veldt
Can't wait till Tuesday ngl
shell nova
Anybody used burp's sequencer in a real life application here?
Not the free version
proven quartz
They're really just trying to predict the next word that makes sense in english
Yeah pretty much, or at least we think that's what we programmed them to do. People are going to keep being fooled by these things until they're regulated properly
chilly veldt
Hello guys who did the new challenge Broken RSA
People in #1208126025612009492 might have, but no hints for now
buoyant tree
Not the free version
Hmm, a question like sequencer needs to make a lotta requests so do they like whitelist your IP or you have to make ways to bypass the rate limits
split compass
Or the info is non obvious
Fair, like the story from that social media movie; trading oil futures based on weather patterning.
shell nova
You'll need to Math your way in that one
shell nova
Hmm, a question like sequencer needs to make a lotta requests so do they like wh...
The paid version has no limits
But it's really just a fancy version of hydra
glass nest
I thought you were the fancy version of Hydra?
alpine kraken
don't worry... we are all noobs most of time ๐
Idk honestly. I spent 2 hours in that room and didn't finish the last challenge...
tired peak
Is it commercial software or your own?
It's an investment company's offering
shell nova
Idk honestly. I spent 2 hours in that room and didn't finish the last challenge....
It's a tricky one
loud marlin
Idk honestly. I spent 2 hours in that room and didn't finish the last challenge....
check writeups... is not against the rules
chilly veldt
Esqy can I DM you about something cool happening on Tuesday?
split compass
Are you referring to this? https://medium.com/@cereantuandrei/views-of-warren-bu...
Not going to read right now, but if the TLDR is he and a day trader bet the S&P500's rate of growth vs. the Day Trader's ability to manufacture growth, and the S&P500 won, then yes.
alpine kraken
check writeups... is not against the rules
I wanna do it on my own tho. That way I feel like I'm learning something
glass nest
Of Course, Bella - you don't need to ask ๐
shell nova
Idk honestly. I spent 2 hours in that room and didn't finish the last challenge....
Figure out what server is running, then adapt your payload
buoyant tree
But it's really just a fancy version of hydra
I don't believe that hydra does analysis on token strenght
loud marlin
I wanna do it on my own tho. That way I feel like I'm learning something
fair...
chilly veldt
Don't want to break rules ๐
alpine kraken
Figure out what server is running, then adapt your payload
Thank you
twin ridgeBOT
Gave +1 Rep to @shell nova (current: #12 - 545)
buoyant tree
Although I think Burp Suite has the sequencer in the free version
shell nova
Although I think Burp Suite has the sequencer in the free version
It's heavy limited
glass nest
Thats cool, Bella, My DMs are open you and the other regulars anytime ๐
dense cedar
I have a question
buoyant tree
It's heavy limited
yea its slow but eh its good enough for learning
loud marlin
I have a question
share it with group...
shell nova
Or am I confusing with Intruder
buoyant tree
Or am I confusing with Intruder
that might be the issue here
shell nova
I have a question
Ask away
night prairie
Not going to read right now, but if the TLDR is he and a day trader bet the S&P5...
wait no wtf
dense cedar
share it with group...
what is router
night prairie
actually yes
shell nova
Broken access control
loud marlin
what is router
the box that gives you internet
tired peak
what is router
Did you try googling?
buoyant tree
IDOR's for me usually
shell nova
IDOR's for me usually
Falls under broken access control
dense cedar
I know what I mean, so what is its purpose in the network?
buoyant tree
Falls under broken access control
yea, although idk why but IDOR's are fun fo rme
shell nova
It's not number 1 on the OWASP top 10 for nothing
loud marlin
I know what I mean, so what is its purpose in the network?
to route trafic... kinda
tired peak
I know what I mean, so what is its purpose in the network?
Did you try googling?
loud marlin
Did you try googling?
also this
buoyant tree
Haven't seen a SQLi on a BB or VDP yet
dense cedar
to route trafic... kinda
To bring the network together??
dense cedar
Did you try googling?
I tried, but I couldn't
shell nova
Haven't seen a SQLi on a BB or VDP yet
SQLi should be getting rarer as frameworks are getting better at handling it
buoyant tree
SQLi should be getting rarer as frameworks are getting better at handling it
yea
but now I see more reports of RCE's than SQLi's in the wild
shell nova
but now I see more reports of RCE's than SQLi's in the wild
rce is usually chained with something else, usually an injection
Not necessarily SQL, command injection is still poorly handled
night prairie
I tried, but I couldn't
shell nova
RCE is the holy grail for a hacker though
night prairie
shell nova
An RCE will be almost guaranteed critical
rapid merlin
Good evening hackers
buoyant tree
An RCE will be almost guaranteed critical
yea
dense cedar
Thank you very much, I will search
twin ridgeBOT
Gave +1 Rep to @night prairie (current: #99 - 64)
buoyant tree
unless they were smart and made a service account for it with limited privileges
shell nova
unless they were smart and made a service account for it with limited privileges
Still can be used as a jump server
buoyant tree
yea but would limit exposure
night prairie
if it's a web server, then the IP would probably be whitelisted on their database server so you could poke around there too ig
shell nova
Or internal networks, possibly bypass a firewall
night prairie
i rememebr few years ago, i was using my friends database server for one of my projects, we had no IP whitelist and at some point he was testing smth and disabled authentication too
few days later i see my shit aint working, i started investigating and check the database only to find a single record with a ransom note ๐
shell nova
Oops
night prairie
in my defence i was like 14-15 and knew nothing about security
shell nova
Eh, at that age I didn't know what a database was so...
glass nest
All your database were belong to someone else?
shell nova
Then again the internet was just beginning, JavaScript wasn't really a thing either
loud marlin
at that age i didn't know how fly don't fall from sealing =/
night prairie
I got into programming early, probably when i was like 8, but stopped programming like 2 years ago (besides a few small things, or uni stuff)
shell nova
at that age i didn't know how fly don't fall from sealing =/
Magic
loud marlin
some wizard shit
shell nova
Yup
loud marlin
weird indeed
night prairie
Then again the internet was just beginning, JavaScript wasn't really a thing eit...
Ah
loud marlin
https://tenor.com/view/suctioncupman-gif-21721758
cartoon teach me that gravity don't work until you look down... then you start falling down ๐
buoyant tree
at that age i didn't know how fly don't fall from sealing =/
now am curious
glass nest
Of course. And if you program in python, you just need to import antigravity. Solves that challenge
buoyant tree
time to google
loud marlin
buoyant tree
time to google
oh its a glue
loud marlin
Of course. And if you program in python, you just need to import antigravity. So...
tru tru
night prairie
All your database were belong to someone else?
Was being hosted by my friend yes, was some small hobby project
couldnt afford a server ๐
glass nest
It was an aged internet reference ๐
night prairie
or rather, i wasnt old enough for a bank account so couldnt pay for it
buoyant tree
eh remember time when I made a minecraft server
and made it have TERRIBLE SECURITY
for complete convivence
night prairie
It was an aged internet reference ๐
Oh ๐
buoyant tree
for complete convivence
All of the warning's I got, ok, ok.
night prairie
and made it have TERRIBLE SECURITY
this sounds funny, i'd like to hear more
chilly veldt
Depends on your region, position and experience
buoyant tree
this sounds funny, i'd like to hear more
Password was 123
proven quartz
A decent wage is one where you can afford a nice house in a nice neighbourhood, have a wonderful spouse, enjoyable pastimes and holidays, send your kids to college and treat yourself regularly, without the worry of debt or medical issues cramping your lifestyle
buoyant tree
and enabled a few other settings that I don't remember
past sparrow
Password was 123
It's my usual lobby password in games, so far no one has accidently joined it
chilly veldt
A decent wage is one where you can afford a nice house in a nice neighbourhood, ...
looks at my pay and the 57 hours a week I work just to survive living by myself
proven quartz
Whatever your boss is on
buoyant tree
depend's on your country
proven quartz
*looks at my pay and the 57 hours a week I work just to survive living by myself...
I know, it sucks
past sparrow
If you take your current salary and subtract financial obligations, are you in plus/minus/zero?
shell nova
Yeah that was about 40 years ago
chilly veldt
I know, it sucks
Yup, student pay is not fun
glass nest
Mmm pizza rolls
proven quartz
Yup, student pay is not fun
Things'll get better
stray escarp
hello, i'm new and i want to make basic ctf with my friend, the problem is that idk how to invite him in my room
shell nova
Use the jr link
chilly veldt
Things'll get better
Yeah, just need to land this thing I talked about and then December 2025 I graduate
past sparrow
Then depending on degree of financial obligations, you might be earning a decent wage or not so decent
proven quartz
Yeah, just need to land this thing I talked about and then December 2025 I gradu...
That's gonna be one hell of a celebration ๐
buoyant tree
Why don't yall like pizza rolls, just looked them up they look delicious
chilly veldt
That's gonna be one hell of a celebration ๐
Yuuuup, gonna be sooo cool, can't wait till the meeting on Tuesday
stray escarp
can someone help me pls
glass nest
Hydra just did..
chilly veldt
Speaking of pizza rolls makes me hungry and I don't have any more calories left 
proven quartz
Yuuuup, gonna be sooo cool, can't wait till the meeting on Tuesday
๐ You'll have to let me know how it goes
chilly veldt
๐ You'll have to let me know how it goes
Will do!
past sparrow
Since people are getting their certificates on my profile, how should I approach to get mine as well ๐ค
shell nova
can someone help me pls
In the room link, replace room with jr
night prairie
Password was 123
๐ญ
stray escarp
oh ok i will try thx
glass nest
So December = Land thing, Graduate, Xmas and AoC. Damn bella!
night prairie
No one would guess the password for my Kali laptop
past sparrow
No one would guess the password for my Kali laptop
Oh? What is it?
night prairie
kalikali
glass nest
hunter2
night prairie
Default passwords are bad so I changed it
loud marlin
toor
buoyant tree
No one would guess the password for my Kali laptop
In my VM's I just keep it default
stray escarp
In the room link, replace room with jr
i did it but it's doesn't work
night prairie
Yeah I got it default on my VM too, but I take that laptop into uni so I changed it just incase, but don't care enough to put a proper password
buoyant tree
In my VM's I just keep it default
Easier to not get logged out of VM's when I keep breaking them
chilly veldt
So December = Land thing, Graduate, Xmas and AoC. Damn bella!
Well land thing = probably this or next month
buoyant tree
Yeah I got it default on my VM too, but I take that laptop into uni so I changed...
Change it to this
NeverGonnaGiveYouUp
molten sky
Yeah I got it default on my VM too, but I take that laptop into uni so I changed...
honestly probably 5 other people on the entire campus even know what the default is, so i wouldn't even care
night prairie
NeverGonnaGiveYouUp
Well, I doubt anyone would guess it
molten sky
(in this case)
night prairie
honestly probably 5 other people on the entire campus even know what the default...
I'm doing a hacking course ๐ญ
molten sky
I'm doing a hacking course ๐ญ
okay that's fair
past sparrow
If there is nothing of value there, why not ๐คทโโ๏ธ
glass nest
'If ever you think something is obfusacted enough, some finnish kid in his bedroom will find it' - Thats an internation rule of computers
native shell
hi good night guys
stray escarp
does someone know how can i do basic pentesting with a friends ๐ญ
night prairie
Minecraft? ๐
night prairie
For my macos VM, I set the password to whatever the title of the VMware window was, idk why
Was annoying to enter every time lmao
buoyant tree
kekw
proven quartz
does someone know how can i do basic pentesting with a friends ๐ญ
You can join THM. There's plenty of rooms to try. #start-here
stray escarp
You can join THM. There's plenty of rooms to try. <#806554132117979143>
we wanted to do rootme, in easy mod but we don't know how to join us
night prairie
Trying to see how many ways I can get it to BSOD
Any success so far?
buoyant tree
Any success so far?
more than enough
at my 4th windows VM to break
others couldn't recover
now I know what not do change or delete
or just edit
loud marlin
@glass nest here is one more to make you fix you laser
https://www.youtube.com/watch?v=-FnCWjKV8ps
night prairie
we wanted to do rootme, in easy mod but we don't know how to join us
Oh you want to do it together?
Uhh not sure if you can connect to the same target machine - not easily at least
proven quartz
we wanted to do rootme, in easy mod but we don't know how to join us
You will each get your own copy of the machine to attack
buoyant tree
and stay on a call
glass nest
Dann you, Ralex
stray escarp
You will each get your own copy of the machine to attack
but can we do it in the same room
loud marlin
Dann you, Ralex
more soon ๐
shell nova
Oh you want to do it together?
Uhh not sure if you can connect to the same targ...
You should be able to share the ip
stray escarp
we wanted to connect two VM on the same room. Is that possible?
night prairie
You should be able to share the ip
Can you connect to the same VPN profile concurrently?
shell nova
Can you connect to the same VPN profile concurrently?
Don't need to
night prairie
Oh
loud marlin
just target same ip
glass nest
If you had the mindset of a hacker, you wouldn't be asking.. you'd just be trying it ๐
shell nova
If you start a machine and I know the IP I can connect to it
night prairie
I thought the machines were tied to your account's VPN profile
Now I know to censor the IP in screenshots ๐
shell nova
I thought the machines were tied to your account's VPN profile
Now I know to cen...
Hehe
night prairie
If you had the mindset of a hacker, you wouldn't be asking.. you'd just be tryin...
Too lazy :x
shell nova
If you had the mindset of a hacker, you wouldn't be asking.. you'd just be tryin...
I had already done it to help someone troubleshoot
glass nest
Aye, I've done it a few times... that comment was towards the person who was asking ๐
loud marlin
esqy... last one for today...
https://www.youtube.com/watch?v=FDVmWtpZUnE
shell nova
Is that a cat with a bat?
loud marlin
yep
loud marlin
ask
loud marlin
in cyber area or ?
shell nova
We can't really help with homework, unfortunately
shell nova
Depending on some profs, it may be considered cheating
We don't want to take the risk
shell nova
No worries, go see your prof if you have issues
glass nest
nothing stopping you from emailing your tutor if you need clarity
tranquil rapids
i dont have a tutor and my engineering classes take a considerable amount of time and and run over his very limited office hours
shell nova
What are these green things you speak of?
glass nest
Hydra, I think its the food that your food eats
shell nova
Best not eat them then
glass nest
A Dragon Fruit does look kinda alien
shell nova
Yeah that one was 7 iirc
iron salmon
nice weekend
blazing granite
I liked Thundercats ๐
boreal scarab
I hate myself for getting into the world of Firewall Rules and OPNSense. Yaaaaay going insane time 
loud marlin
and save button is important
sand trench
t minus 2 days
iron salmon
oh god oh god what is going to happen? can i sleep till 1200 on monday?
sand trench
pay day for shadow and shadow finally being able to finalize their dragonbox pyra order
sand trench
oh god oh god what is going to happen? can i sleep till 1200 on monday?
so unlees you shadow you should be able to sleep comfy
unless you also want a dragonbox pyra but the preorder queue is long to say the least
iron salmon
oh pay day nice but i guess i have to get up early again sighs
i am getting used to feel stupid had to google that XD
sand trench
anyways back to watching avatar the last airbender shadow goes
molten sky
can i ask someone a quick question
hardy copper
Hey, new here. Was wondering if TryHackMe offers regional prices ๐ค
pine stratus
can i ask someone a quick question
1
hardy copper
pine stratus
:ke
twin ridgeBOT
Gave +1 Rep to @pine stratus (current: #1999 - 1)
pine stratus
iron salmon
the tryhackme suby is not expensive
hardy copper
the tryhackme suby is not expensive
idk where u live, here 10 dollars is a good amount of money ๐คทโโ๏ธ
iron salmon
idk where u live, here 10 dollars is a good amount of money ๐คทโโ๏ธ
hm might be right there...
pine stratus
idk where u live, here 10 dollars is a good amount of money ๐คทโโ๏ธ
buy year sub
iron salmon
no no its true there are places where 10 is a lot sadly
hardy copper
I'm doing the pre security course
iron salmon
yes try it a bit first
pine stratus
I'm a begginer though, should I wait before I buy a sub?
from 0 to hero , perseverance is the key
crude stump
I'm doing the pre security course
Do that
Do some free stuff and see how you like it