So nice to see they've ported it over now

I'm sure you can opt out the AI feature

isn't that like 90% of the reason to use warp tho

at that point why use warp

i just run on it. looks ok. but yea. i stick with tilix/zsh

i just use the integrated terminal jesus

on kali

Tilix

Hi Shadow sorry for pinging but I need advice.

I'm following your recommended order of the pathways, but my goal is to eventually get the CompTIA Trifecta (A+, Network+, Security+)

I finished the ones in the screenshot, do you think It's now time to take a break from THM and study only stuff related to the A+ exam?

Or do you think I should spend half of my free time studying for A+, and the other half doing another pathway on THM?

What would you do?
@sand trench

well considering you have enough knowledge already for pentest+ from comptia for the most part after doing that path would bet you can cram those certs out... just focus a bit on doing research on those for a short while but try and keep your tryhackme streak going( by doing a single question a day )

https://www.livescience.com/technology/computing/worlds-1st-pc-q1-rediscovered-by-accident-in-uk-house-clearance-nearly-50-years-after-last-sighting

Thank you

Gave +1 Rep to @sand trench (current: #4 - 1640)

ooooh cool

god im trying my hardest to not hate on warp

ive deleted my message like four times now but i cant stop the urge

only one thing shadow dislikes about alacritty and that is their missing sixel support

its just that design style... every new modern app goes with exactly the same overengineered design and everything is over animated, also AI it's like a buzzword every new product needs it nowadays 😂

I agree that AI is a buzzword for sure, but it definitely can be beneficial in the right hands and when used to complement the right tool. On a broader scale, the current state of integration with AI serves as a pretty great research opportunity to get comprehension on the extensibility of something like ai - for that I am happy to see it being integrated :)

We'll see how it goes. There's lots of things coming out these days that really impress people who don't know what ML/DL actually does, and quite a bit that impresses AI researchers too. This leads to lots of funky ideas in all sorts of areas about how much cooler things are about to become

u tried it out?

saw it got realized for linux

after long time mac only

yea. looks ok with features. but nothing new

same thoughts

You're right it's a helpful tool - however as someone before said I don't need an AI, which is living off data, integrated into my terminal. It runs on other peoples servers not locally. Feeding AI into everything will just inevitably make AI more stupid because people become more and more dependent on it and "dumb down" the data set by outsourcing their thinking and asking stupid questions. This is proven with ChatGPT. AI is a good concept if used for actually useful stuff which it was/is being used for: "calculating" protein structures, deciphering ancient texts and guessing peoples cancer risk, but an AI embedded into a terminal? It takes like 2 seconds to google a question you would've probably had about a command

Lol, Warp won't on my Kali.

The irony of AI is that the media and everyone is always just talking about image generation and chat robots yet everyone ignores the actual good usecases which it's being used for in scientific research

what most people call AI is also not AI

Same. Doesn't open any window.

You have it in your taskbar though?

Yup

And a weirdly larger cursor

I ran it from the console but no useful error logs

My cursor was fine.

hey atleast its written in rust

I've used Termius AI auto-suggestions and it's saved me quite a lot of time. It's quicker than having to switch to a browser tab, form a search query and then go through the results trying to find the command that works exactly for you

That’s actually very true

I don't use it for anything complicated, but quick commands that I've forgotten the syntax to

Nice, but it does't open anything lol ¯_(ツ)_/¯

It’s so funny how somehow we always go back to talking about ai

My terminal changes when I swap, as if it thinks it's doing something.

Well it's a pretty fast growing topic

I fuzzy find my notes

it probably does take a big longer

I'd probably be more dependent on AI copilots if there were some models which could be locally hosted by my hardware

and a very polarizing one 😂

https://github.com/steven2358/awesome-generative-ai There are a fair few, I'd highly recommend this repo

https://github.com/TabbyML/tabby Here's one for example

I know that there are locally hosted ones but my hardware probably won't make it

the fans are already loud enough lol

Fair enough 😆

Same with everything... scientists building laser beams to fly to other stars; but rich pop star was out getting doughnuts without her personal trainer and her hair was messy. That's much more important

...

AI regulation discussions were probably at its peek when the taylor swift deepfakes were spread around the internet 😂

Yeah I don't think the regulations are even going to catch up with all the dodgy things AI companies are doing, and if there's ever fines, they'll be a slap on the wrist to demonstrate there's laws and a company was naughty

And now that microsoft and google joined in too... they've got enough training data

I doubt they listen to regulations and risk loosing a big market share

hmm

Although AI with music has some great usecases

Mixing and mashing up artists

Like, never has the power of the GDPR been demonstrated by fining the likes of Facebook up to 4% of their yearly income for each GDPR violation they committed. That'd teach em to at least pay attention, as opposed to just telling them the cost of doing this harmful stuff has gone up 5 bucks a head

That's called copyright infringement if you don't start paying the royalties sharpish

yea

AI companies feel they're exempt, cos they just fed the stolen data into the AI. The AI came up with the output... All on its own

Tirreeeeeed

Finished work? Nearly home?

"The bot is responsible for it's own actions! 🤓 "

That would imply the machine in sentient and deserves rights. Therefore, all computer programs are sentient and deserve rights. And therefore, cannot be sold or licenced or forced to work without pay 😛

Tell that to air canada 😂

They are going to have synthetic data and it will all be too late

Their plane management software needs a salary and a bank account, healthcare and holidays

I wonder what a software holiday would be

Yeah make up the data you want to get the results from... That'll solve the accuracy issue I guess

More like starting work

Considering the state of most airlines from what I've heard, the software is always on holiday

[Sorry, I'm OOO until the 28th. Please wait until my functionality is available once again.]

A trip to a nicer data centre for a while

Well the AI will learn right from wrong if it goes thru enough permutations but the problem is that right or wrong is not always the answer, subjectivity. Who's bias is leaning into the data set

I could use one of those too

cool

U guys see the new brain chip Elon put in someone

yea

Aw sucks, hope the night goes well. You bring tasty food stuffs?

Lovely

surprisingly there's not a lot of regulation for that

The AI doesn't learn anything

drug tests have more safety precautions than drilling a hole into someone's skull and putting a implant

Not a lot of, I can't read

Yeah without proper oversight and there's no interaction with the medical community. Totally the right way to do science

@glass nest

haha crappy design am i right....

where did you buy this from

rnd from internet

I hope thats sarcasm

Super impressive

You can get better results with a magnetic headset

Learn is the best way to describe going through one answer after the other, I guess I should say it is brute forcing the right answer

That traiin is absolutely sick, not that the others arent too ;)

i will buy it from you with cash im willing to pay you to find it

looks 3d

what's that

Yeah because drug tests go through a strict protocol. Elon's just doing his own thing, which is very dumb and dangerous but he's a trillionaire so 🤷

i dont have it. just a pic

just take the money

What could go wrong /j

All I'm anxious about is that they're using Bluetooth

Nope, the feedback from the procedure was from Elon on Twitter. No papers produced, no ethics committee, no interaction with government departments

i was using diether effect that turn colors into 256 shades of grey to make 3d look

Yea i know about that

Lol

Currently munching a protein bar, got an instant noodles in my bag and some breakfast at work

Was hoping your last statment saying thats the right way to do science was sarcasm

It was yeah

hmm interesting, manually or with a software

software. it's effect direct in burn app

It is brute forcing the next guess. It doesn't understand the language things are processed in, just fitting patterns based on patterns in the data

I think implants will get their own radio spectrum and the FCC will baby everyone no touchy touchy just like our medical equipment

Imagine people blasting Bluetooth into ur noggin and that gets translated into brain signals

Yea, ngl it sometimes it seems like Elon is working out a basement and just telling stuff on random internet chats

Mitm literally

Lovely 🙂 Hope you have enough going on to keep you entertained as well 🙂

I got a series to finish

Which one?

Gonna rickroll everyone

Ooh cool 🙂 Sounds like fun

Been watching the Netflix series warrior about chinatown in San Francisco back when the US imported Chinese people for cheap labour

@chilly veldt that OSINT pic of you from train/tunnel... got one for you if you find location let me know 🙂

Might have to check that out. There's a series coming out next week called Shogun, based on the book by James Clavell

while the toothbrush ddos was fake, a neurolink ddos wouldnt be so nice

I've been putting that book off for years

So typical netflix stuff

Heard its very good. Just so long

Oh and the qualifications for the Danish cybersecurity championship is starting here at 0000

So I am also going to qualify

Best of luck!

Turkey/

Hopefully take less than an hour but we'll see

will end up in army base again ha ?

The Serbian ones start in a few weeks, gonna be fun. You guys use HTB or your own thing?

No, that's different CTFs this is for the European cybersecurity challenge

Ooh lots of fun! New games to play 🙂

nop... bella had hard one no so long time a go. this one might be hard to find location

We have our own proper setup

Built by uni students

Hmm, any hints?

Nice nice. The HTB CTFs are hit or miss for me. They cycle through challenges so I recognise some more often than not

Called haaukins

Like date

date is no need. it was in NL for sure

So have to find a ciner shipping boat in netherlands

yes

Might be interesting

haven't done image osint in some time

and never on boats

Do you know what date it was taken?

around midnight

for sure in night shift

date

let me check

Around midnight

Duuuh

Hmm, the ships owned by ciner never went near NL

mainly US, China, Australia, Turkey

or india

i lied a bit. was taken at 19:30 cca and for date. need exactly or ?

Port of Stockton California

it's netherlands... 😂

if netherland is in california then y

Damn

I was way off lmao

Buuuut

What if California was the net her lands all along

exact

yea we track the boat by dates

ciner owns 6 boats

3. 11. 2022 19:32

dd/mm/yyy

a sane format

Idk why americans do mm/dd/yyyy

Just makes it confusing

to complicate things

Looking at the ciner website it said they invested in Stockton port

That’s how I got the guess

hmm

I went to thier ships list

then looked them up by thier number

and saw they haven't docked at nl

lemme scour for other details

You got a 4k or 8k version?

Hold on where was there number. I couldn’t see the ships number

that's only i have

third party

https://www.marinerating.com/operator-info.php?p_operator=11981&p_list_type=DRYBULK

the IMO number

yeah I couldn't be bothered to register

Oh damn

https://www.vesselfinder.com/vessels/details/9750971

eh this site got the deets without registration

That might not be the correct ship

checked by IMO numbers

Thing is they have many bulk carriers

yeah

yea

not the exact boat

was just linking you to the site

It’s hard to figure it out because of the angle it’s shot at

only other detail I could see was crane no 15

Yeah

and NL has so many ports that it would take me a few hours to go on google earth for each one of them

yep

Did you take that picture ralex,

friend of mine.

It’s cool

Got any other pictures we can osint

just that one in that time/date

we don't go on roof often to take pics heh

hmm interesting new seytonic vid

https://www.youtube.com/watch?v=Kv3bwGLvjFs

they catch them few days a go

Yeh

Apparently the leader is a cat picture

Drives a Mercedes too

Scary

Quite a lot of attacks on cyber criminal groups from the FBI as of a year ago

cute cat

Stuxnet and another botnet both taken down over the past few months, ain't it?

Where can I ask a specific question about Docker?

Cyber Warfare is modern warfare

THere are probably hacking groups being thwarted/taken down we won't even hear about

yea

that's point APT

yer a point

Not only from the FBI, it was an international operation

But yes, quite a lot

Yep, true. Multiple governments cooperating, I tend to shorthand these efforts to just FBI for simplicity's sake

Yeah alright

woohoo level 11 🥳

For instance, in my country it is team high tech crime. They are doing much operational, just not all as big as this one

@lone thistle mhmmm sentries

Helldivers really upgraded after the first one

I think it was REvil but there leader got reveled

Nvm

I think that was the student

Stuxnet

Yep

Man I am so addicted

Same

The fbi also went after black cat hard too

I'm 20 hours in and have already unlocked helldive difficulty lol

Me and 3 buddies spent all night last night delivering nice cups of LIBERTEA

Do yo uknow how long the "battle" pass thing runs for?

I hate this, I forgot to order food at work, so no breakfast for me🥲🥲

Lockbit was one of the most surprising ones though. Those guys have been around for ages now

No clue

Not only that but they were the biggest

Breakfast

You must be across ze globe

With age came the fame and glory, such is the case for most of these groups. Though they've been comfortably at the top of ransomware attacks since the beginning by the looks

Breakfast in 4 hours

Well it's 3 am in 4 hours

Ah, your across the pond

Yeeee, working nights

What's it, they're responsible for ~4 billion dollar's worth of damage I think?

Cyber Life

But I think it was inevitable that they would get shut down soon. They literally ran like a straight up business. Hiring people etc.

Play a real mans game!

Makes you wonder if they purposely put that up as a front to fail so they could fade away while others took the fall

Still a hell of a lot

i like having space on my computer

It's only 300 GB of mods.

Oh yeah, don't know if you are awake @proven quartz but I just got the email which basically is saying "please send details so we can make a contract for you"

exactly

I've no clue. I'm just spitballing numbers here, based off the fact most attacks they do cause around 70-140 million's worth

Rubberband man, he just snaps back

Very true. They said they are federal what ever that means

Makes you think of the leader was a federal agent this whole time

No matter how they run, if it exists, it'll be hacked someday. Works both ways, good guys or bad

True

Plenty of "dead' gangsters and war criminals who lived out their days rich and peacefully in like Argentina

It's all about knowing when to fold

😮 🎉 Awesome news!

That’s with everything. Once it gets to big it just collapses

That's true though. Can't hack something that is no longer active, unfortunately

Yeeeeee, now I have to take the choice of taking the job

Well you have the option now at least. It's a good opportunity. I know you'll give it proper thought

real https://www.amazon.com/Hitler-Argentina-Documented-Hitlers-Trilogy/dp/1495936066

Yeah I don't know truly about that one, but there are a ton of coincidences lol

xD

We will never know for sure

Congratz Bella

Yeah, it's an amazing opportunity and there's so much stuff that pulls into the job, vs saying no, especially since it gives competitive pay, able to work from home, the certs I need and space to grow a lot, the one that is pulling into a no is that I have only been in this position for half a year😅

Joining in with the charade. Congrats, hope the opportunity goes a long way

Having been a hiring manager before, that's no big deal as an occasional blip.

Awsome

What do I mean before, I still am lol.

Hinting somthing

No

I'm in the wrong field.

Trying to give it all up for CYberSec

Oo

Well, if a much better opportunity comes up and I was in a place for half a year, I'd still be tempted to go for it. It's a much better opportunity but maybe your current employer would try to match things a bit better

What field do you wanna go into

Security Analyst style

I've done various logistics management style positions for a decade, while being a techie. It just pays well enough it's hard to take an initial loss to grow.

I know they aren't able to match, as there aren't the money for that in the company

Well opportunities come along when they're supposed to and having a chance to grow is something you should really take up if it's a much better opportunity. As long as in the new post you do spend a bit longer. You don't want a reputation for being someone who jumps too soon, but you also don't want to pass up opportunities for better pay and conditions. It's just business

Yeah, that's what I was worried about, but I do want to stay at this new place for at least 2 years

As that's when I am done with my education, and I need to figure out full-time job

Well by the sounds of it, it'll take at least that long to get everything in proper order anyway 🙂 And they may provide more solid backing too

how far are you from work place

Yeah, and possibility to get into IR and stuff like that

:3 sentries the goat

Always good to open up potential new avenues 🙂 Loads of fun to be had on the way there too 😄

Yeeeeees, gonna be so cool

Definitely sounds like it 🙂 You'll do great there

Yuuuuuup

Depends on the job you want.

Maybe look at SOC or Cloud certs then. Pop online, and look for the job you want and see what certs they want

most big cloud services ar azure or AWS

Why won't it?

Doing the AWS CSAA can start you off on a really good salary

Theres nothing wrong with learning both though. Cloud is Cloud.

There's lots of free and paid aws training on their platform and other providers. THM has an AWS security training path as well

Certs 👀

Oh well subtlety, I've requested a one on one with my current manager

oh not a black hat japanese skid group is doing a spamfest against mastodon instances

Did you try using the VPN from within a Kali VM or similar? Go to #site-support

Well it's good to be open about it and see what they say. It will go fine though. It's standard business process

Yeah, sadly I can't do the 1-on-1 before the 5th, so I would have to make my decision beforehand

You should use the standard AttackBox in most cases. It's more up-to-date

Not surprised

Yes

Well I'm sure you'll have your choice made before too long and you'll be able to go into the meeting confident about your plans 🙂

Sounds like an obscure band name

I am too

I haven't used Mastodon yet. Never get around to it

But you've used all the other Power Ranger dinosaurs?

I was more of a Voltron kid

Esqy!

sup Jayybot

https://tenor.com/view/voltron-ready-lets-do-this-gif-19639741

How's life down at the #1 city focus currently

Did you get evacuated?

Well.. there was an unexploded WW2 bomb found in someones garden, so 3.7k people were evacuated from their homes while they transported it to the ocean for an at-sea detonation.

Other than that, all good 😄

shadow started using it because of smaller niche communities in tech and stuff that was not tied to huge corpos and problems with privacy and security

Great show

Been watching Reboot(unrelated kinda)

Nah, was too far from me

Reboot brings back memories

mighty morphing power rangers?????

You did it to talk about cheese to defcon folks 😛

Voltron, PLEASE

All they found in my estate was Wooly Mammoth, Wooly Rhino and Wolf bones

Is Voltron, before Power Rangers were a thing

Kids these days

Well... certainly interesting 😆

Have they blown it up yet?

Next you are going to tell me no one knows Astroboy anymore

well that happens mostly on discord

oooh good old astroboy

I'll have a look. People were evacuated until 5pm

one of the oldest animes

So I've heard

The anime that brought anime to the west

Robotech is what hooked me as a child

Snagging VHS tapes from the local library

It's at sea, and will be blown up in 24hrs

https://www.plymouthherald.co.uk/news/plymouth-news/plymouth-ww2-bomb-military-experts-9122128

Just tap on it with a hammer to make sure it's safe

well it's safest zone

Not sure we need a military expert to workout that blowing up a bomb in a city is bad

https://tenor.com/view/hammer-carrot-eating-conejo-bugs-bunny-gif-17908309

if it was smaller, they'd have built something around it

Makes you wonder how many out are there

shadow thinks they have seen this episode

Waiting to be discovered....

Well you need military experts to safely deal with it

you can't try disarm it. due to age things might be more sensitive to trugger it

Of course, but I think it's obvious that it shouldn't be blown up in the middle of a residential area

Well, police usually have specially trained people handling bombs as well

Yah. Luckily we are in a navy town, so all the gear for it was here already 😄

It explains in the article why that may have been the only option

reminds shadow of the IT crowd seen with the bomb defusal robot

https://tenor.com/view/deactivated-thatsright-seamine-sea-mine-gif-24653613

Again, I hope they film it.

and wish to adopt the robot

Best way to deal with an explosive is to blow it up generally

and realising they are gonna die because it runs windows vista

just contain it

and got update

I wouldnt know

what is that acid that turns into an explosive when it dries again???

It's running Windows Vista

have seen some of the swedish bomb defusal team because a bottle of that stuff

"WE'RE ALL GONNA DIE"

nitroglycerin. if we think of same idea

is that not the other way around???

oh yea heh

considering heart medication nitroglycerin pills use powder to stablise it

w8 ill look into my database and check if i have it

and tnt is made by adding things to make it not liquidy

that news page is the worst thing I've ever seen

you need adblock.

one day it was updating, and I couldnt even.

i have Picric acid

yuup that is it ralex

they had about a 500-1000 ml bottle of that had dried at a school nearby.... they defused it in the school yard by detonation

there is few more but not allowed to share =/

Back to weeping in my corner.

the importance of eumeration

ducking duck

Duck around and down out

if you know it, you know it

and if you don't you don't

swan

actually, I prefer the flamingo, thank you

Not only am I 90% sure this is fake, I’m pretty sure it’s borderline illegal

https://youtube.com/shorts/jj40UAiNcfQ?si=9E0_cQDM7uNibSog

cos, why not do that lol...

yea watched it

thought it was fake tho

Why do you need a WLAN adapter for WLan-Dos attacks? Can't you just attack without an adapter?

Sounds advanced

Someone will be along to discuss it

Lets see.... Breaking and entering, Fraud, Fraud.... more Fraud

Why on earth are you trying do do DoS attacks

Any suggestions on the best platform to share the stuff ive written & also earn overtime maybe ?

"Someone will be with you shortly"

Wdym?

I mean there's always GitHub to share programming projects

And blogs for posts

Writing articles I mean….a platform like medium maybe…..is it the best platform to share stuff ?

Depends on what you like

You can also use GitHub pages

Alright cool Ill try that…thankss!!🙌

You're welcome

meeep moop it is now shadows time to hit the hay with the beep booop for the sleep sloop

Woop woop

hit a 45 days streak

Should I buy some thm merch

@shrewd phoenix

@uneven parrot

wtf, it's legit the whole thing

Hi guys, I'm came to this server cuz I need help with something.... I'm learning .NET and how to use Azure, but I'm having some problems to do make migrations to my database, I know these topics aren't the subject of this server.... but I need help and I don't wanna lose one more day breaking my head trying to understand what's wrong....

Hey, I don't think I know much about that. Sorry.

Oh.... okay, but you know where I can find someone who can help me?

This is actually the perfect server to talk about it

Oh, it is? Guess I really don't know a whole lot about this server

I was looking for servers about technology/science, and I thought someone here could help me... it's a lil difficult for me :v

Personally I don’t know very much about azure but there’s some people in here who do know alot about it. Usually they talk in this chat so you might have to wait until they start

Oh, ok, I think time isn't a serious problem for me

so, what I have to show here? to find the problem, Can I paste here the message in the terminal when I try the migration?

Is it a error message?

yeah, basic it's telling the connection didn't work well

Mind if I ask what your trying to do with azure? Just out of curiosity

no problem! I created a program with C#, basic it's a electronic diary, where you can save information of some contacts, like their names, number, if you can talk with them, these things.

Before I was putting it in a local database cuz it was what I learned in a online .NET course... But now we are learning cloud stuff.... so I created a server and database in azure.... and I'm trying to put my program as a web app

if you want, I can give the files to understand better what I'm trying to do

Is this homework?

no, the teacher is explain the subject, and showing how to do... and I'm following his steps... but sometimes somethings doesn't work

I mean, we don't need to bring him nothing, but I'm following the steps to learn and have a project for portfolio stuff

hello guys i need help, i think ive tried everything at this point

I'm working on this room: https://tryhackme.com/room/bruteit

And I'm having trouble with john the ripper. I've used john and ssh2john before but I never received this type of error.

I'm on the part where you receive the id_rsa and try to crack the password with it. I mad sure I copied id_rsa correctly and no errors (I even downloaded the file itself onto my computer using wget, to prevent that type of error)

I've tried Google, Youtube, ChatGPT, reddit and more, but I couldn't find anything that works.

I let this run for over 30 minutes but it just failed in the end with no password or anything. I tried john hash (after I ran ssh2john id_rsa > hash, even tried hash.txt but made no difference)

I use both rockyou.txt and the default password.lst for these and none worked.

I looked up writeups for this ctf and they all use rockyou.txt to crack the hash, and no parameters around them.

Guys, I've tried basically everything, but nothing is working. I really need help.

The commands I would do is:

ssh2john id_rsa >hash

john hash -w rockyou.txt (i also tried doing hash.txt, but that didn't work either)

here is the output i get when running john:

john hash.txt --wordlist wl/rockyou.txt
Warning: only loading hashes of type "SSH", but also saw type "tripcode"
Use the "--format=tripcode" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "descrypt"
Use the "--format=descrypt" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "pix-md5"
Use the "--format=pix-md5" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "mysql"
Use the "--format=mysql" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "oracle"
Use the "--format=oracle" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "Raw-SHA1"
Use the "--format=Raw-SHA1" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "LM"
Use the "--format=LM" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "Raw-SHA1-AxCrypt"
Use the "--format=Raw-SHA1-AxCrypt" option to force loading hashes of that type instead
Warning: only loading hashes of type "SSH", but also saw type "bfegg"
Use the "--format=bfegg" option to force loading hashes of that type instead
Warning: invalid UTF-8 seen reading wl/rockyou.txt
Warning: only loading hashes of type "SSH", but also saw type "dynamic=md5($p)"
Use the "--format=dynamic=md5($p)" option to force loading hashes of that type instead
Session aborted

the server doesn't allow me to upload screenshots, i woul've if i could

anyone know how to fix this type of error with john the ripper?

thanks

wow i fixed it

lets go

Anyone need freeCPE credits? I found https://belkasoft.com/android-forensics-training 6 free credits, self-paced android security course opening feb 26th

@blazing granite u got any expertise in chocolate?

Yes, I have 🙂

Okay, was at a imported stuff store today.

What the heck's the difference between semi-sweet chocolate and milk chocolate and bitter-sweet chocolate and unsweetended chocolate and milk chocolate and dark chocolate

like why are there so many names

Venezuelan and Swiss have the best stuff

Ghirardelli

was this brands one

The higher percent of cacao it has the bitter it is, but also higher quality

What if I like sweet chocolate like milk chocolate

Actually it's a matter of taste, there are higher cacao chocolate that are really good, but also there are milk chocolate that are good, it's a matter of style

hmm any recommendations

Got a few relatives coming from Canada and America next monthish

will order a few different types

Brand, no, there are so many, I usually like dark chocolate (high percent cacao) but there are some chocolate with milk that I enjoy. There isn't a specific brand you have to taste.

im actually the worst for overcomplicating easy boxes. Spent the past 30 minutes trying to find a priv esc on a super easy box. Turns out www-data was in sudoers to run any binary. Could literally read the root flag as www-data

have done that on htb sadly

Hmm, usually I just eat diary milk

we've been conditioned to look for the obscure, not the obvious

@buoyant tree if you like milky chocolate Cadbury may not be the best in the world, but there are pretty good and consistent

@buoyant tree Also good but harder to find are Omnom, Krak- Sierra Nevada, Standout Chocolate from Haiti, Duffy's - Corazon Del Ecuador, etc

You're doing pretty well yourself man. Good Job.

hi @woeful rock can I DM you to gain some insights about eWPTx certification?

one last room before bed

eh I once spent 4 hours not trying the credential admin admin

the room had a 5 attempts limit

so i thought it was to deter away brute forcing for another solution

so i tested every endpoint for sqli, idor, rce

Gonna order the onomon, standout chocolate and krak sierra

wtf even is this

This is the kill chain process

Didn’t you read above it

No they are pictures

ew white mode

is the ctf on tryhackme or some other platform?

Other 😟

Its THM; The room attempts to map APTs to a killchain but doesn't account for the fact that threats =/= kill chain

So, its a guessing game, They failed to present an actual threat scenario where a given chain might be viable. Instead, you have to invent one and hope its right

I think that number means Heisenberg but the before string i don't know

Is it a active CTF?

Nah its just a random room I was poking around in

if possible could you send the link

Sure

https://tryhackme.com/room/redteamthreatintel

oh sorry, wasn't talking in reference to you at the moment but was talking to Danh

oh lol, no worries

Perhaps #room-help is a better place

Thanks a lot

♥️

been a wild week, especially with ConnectWise crapping the bed with CVSS 10 auth bypass. lol, anyone could exploit just visiting a URL with appended text. Which has since been been used to spread ransomware and more:

https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass

Anyone with vulnerable exposed ScreenConnect has been exploited by now. But thankfully the exploit deletes all user accounts as a virtue of this exploiting the first time SetupWizard.aspx. I only say thankfully since it’s instantly noticeable there’s an issue if you’re actively working.

If overnight though whew, whole host of scenarios: https://www.huntress.com/blog/slashandgrab-screen-connect-post-exploitation-in-the-wild-cve-2024-1709-cve-2024-1708

I don’t usually do this but thank you to @keen sable and Huntress Labs for this reporting. Invaluable work, especially handling the irresponsible disclosure of POC by a third party

Gave +1 Rep to @keen sable (current: #109 - 57)

💙 Thank you so much, I am very happy we got to get the messaging and intel out--- for all the right reasons, and not the wrong ones 🙂

Gave +1 Rep to @sinful moon (current: #38 - 187)

Agreed, major respect!

Was 95% expecting this to turn into Chocolately chat, nah just actual chocolate lol… boring c:

Ded

?

https://tenor.com/view/stuffed-food-coma-homer-simpson-the-simpsons-gif-2092954039648394821

lol as limited as it is, I’m more happy about Windows getting winget than most chocolate or Choclately I’ve had in my life, despite some initial (and understandable) drama

Heck our RMM is set to get winget support for application patching and that will be wild

Ahahaha

lol I know you’re meming but it’s a great tool indeed

Yeah I agree

only took Microsoft 30 years to offer same kind of package management as linux… or Unix compliant new line support in Notepad. or…

lol

😂😂 wonder what we’ll get in another 30 years

😂

God, I don’t even want to know with how hard Win 11 pushes all of their subscription products

Ello

I’m good with a Microsoft login of no@thankyou.com as my Microsoft login (aka none lol)

I’ll set that up when and if I feel it’s appropriate

Hey

Ahahahahahah

Wayyy too tired after night shift

Oh no you should get some sleep

Yeah they legit built that in lol. There’s other ways to bypass but this is easiest

lol

I do somewhat use my Microsoft account, but from experience, I don’t want my C:\Users\ folder to be badly formmated thanks to a Microsoft account.. and more issues lol

always best to sign in after you make your local account if you care

hello all, which software can remote linux desktop from windows

VNC would be the protocol, do some research

There’s alternatives but yeah

I might, but I also have a long day lol, first doing some cleanup, then grabbing some drinks with coworkers and previous coworkers, and then another night shift

TryHackMe Linux boxes communicate via VNC, and Windows boxes via RDP. Although more accurately, web view is SPICE (handles virtual machine remoting)

if we’re being realistic though, what more do you need than you can’t just get from ssh

Mornin'

I would say 9 times out of 10, that ssh is all you need for Linux remoting. Sure you have typical command line but you also have SFTP for file transfers, and can tunnel traffic from a remote source such as HTTP(S) or RDP… both of which are useful for THM if you have a remote attack box like me

no graphical environment there to VNC into

So for some room on THM that requires RDP, I just update the IP listed in my alias shortcut command, start a new terminal to load it, and just RDP into 127.0.0.1:13389

thank you 🔥

No problem, I probably gave you more questions than answers, but at least are all good things to search and learn about

Damn you’re going to be shattered

but ssh is 10/10 lovely software c:

Do THM RDP servers use 13389 or 3389?

This is something you’d have to configure yourself carefully, and this is only given you having a remote host which is tunneling RDP via SSH

If you give me a sec I can give you the alias I use in my .zshrc

but again my remote pentesting server is why I do this

alias linux-proxy="ssh -C -D 8089 elizabeth@[Remote Server IP]"
alias linux-rdp="ssh -L 13389:[TryHackMe IP]:3389 [Remote Server IP] 0 -l elizabeth -N"

Yeahhhhhh, and I have a birthday tomorrow, and school Monday

(it's not my birthday, going to one)

only slightly anonymized lol, and hopefully obvious after reading up on SSH tunneling. The linux-proxy needs more work done to hook up with Burp Suite

But basically you just punch that in as your proxy server and you're kinda set

Oh, creating a tunnel makes sense

Last time i did that was when i tried to pivot

Yeah it's rather neat. Even though my remote server is OpenVPNed into THM, I can use these tunnels to access these protocols locally

Just police here casually driving dodges 😂

Think next week you need to sleep the whole time 😂

I got school all next week🤣

🙈

Luckily I most likely have everything done in the first couple of days, then I can relax the rest of the time

Yeah that’s good

Have you not seen some of the fleet in England? 👀

Yeah all of the cop cars in the US have switched to them

Good decade ago at least actually, if not more

But fair our cops were driving Crown Vics up until late 90s-mid 00s

hey i got a hash $pkzip$1120a2132876ea0b70438a252eebb8f6c39b8b498e211c2e4c4c1b04f63597eaf9252b903486025c0af908e29c46d05ce820c5047b2556b74c6fd64adb6395b938c762191689150e7438d08ecf16ec74c241ffbeeae82c050bf4648edf219ae00f92813b790a10ae748267493f259da47909a20f11075669cd0a2ad66e8e1d732b08c853fb22eeb430d3e53c083a37b9966b4c7d708a0babff384f7e0b1c54a981c0a2b2e53f10d0dca9d33cca3b9d2*$/pkzip$

how to crack this ?

Where did you get it?

i unzipped the folder and used john to convert in txt

Where did you get the file?

You're giving me more questions than answers, lol

in my university ctf

Yeah we cant help then

but the ctf has been ended

but still

We can't know that, use a write up, or ask someone who done it

I wish my school would do ctf's

word

oh ok 🥲

well i am beginner and the ctf was open for everyone they just told to find the pwd of the zip file

Yeah. I’m Dubai they drive lambos 😂

Research

why my scan not working for wpscan

#room-help

well im doin it is fun though

Mhmm, I just mean potentially you may need to research to learn more

yeah

it’s always DNS

why did you guys get rid of the comments under tryhackme rooms? that was much more helpful and usually had answers if i was stuck
some of these rooms are terrible from a beginner perspective and i end up having to look up the answers and not learn anything

I have no idea what you are talking about being a TryHackMe user for three years, there’s never been comments for rooms besides links out to more resources.

Yep, there's never been comments

There were forums at one point

If you're looking up answers, you're doing it wrong.
You should be looking up the concepts and using that to learn more.

If you are doing typical THM learning paths with structured content vs choosing random challenges “aka CTFs” then you will have a better experience understanding the content and flow

i must be thinking of the forums then

Anyway #feedback-and-ideas

The Discord isn't a good way to talk to THM staff, given it's community ran

comments below rooms would be so messy btw

Forums were discontinued and replaced with the Discord server

Nice, and no complaints there c:

TryHackMe staff do read and discuss comments made in the Discord server, but that’s only if they’re around.

Best way to ensure one of them read your message is through the feedback form though

Not viable for all things, but this community became one of my mains as a result

Is wild getting to randomly chat with hashcat dev or John Hammond as a result of being here at times c:

Not sure why I’m surprised, emulator discords I ran were similar where you’d regularly interact with emu devs

Oh Elizabeth, parts for my satellite ground station should arrive today

Nice, that’s awesome! God am I all about RF anything

There’s just always something magical and mysterious about RF over the air via any means

Right?

I partially blame it on Silent Hill and and point and click adventure no one remembers, “Amber: Journey’s Beyond”.

Both use RF as a plot device, either enemies interfering with RF or straight up time travel via what frequency you’re on lol

One of my favorite actual dreams of all time was exploring a forgotten house in dense fog, where, when turning into each station, you’d see the history of the house

I've got a decent plan for satellite RX but money

whew, yeah that would not be cheap

Cheaper than you'd think

Sorry I was thinking of TX but yeah

I'm allowed satellite TX on microwave bands now, pretty cool

HAM? Nice!

I don't have the facilities yet but yaknow, still cool

lol for sure

I’d love to go crazy with RF TX, but yeah I should probably just get HAM license if I go that far. US FCC is not a regulatory body to mess around with… not like it’s easy to detect though unless I’m doing major ungood, but shh

I just go all out on SDR RX atm

was funny to find my boss is all about SDR as well, and is one of the top ingesters of FlightAware data

He’s got a PiAware setup on the top of a 7 story building on the coast with only one major obstruction lol. It reads ADS-B out to to several states

https://twitter.com/SASSnRaaS/status/1761011908377784794?t=9A1etxzFWKyxR1pu8gPOgw&s=19

These get better and better.

Guess I need to catch up with the Lockbit situation to get the meme beyond the obvious

https://www.bbc.co.uk/news/articles/cgrlljz2pv5o

Long time no see Ellie. has t'other half made it through Red Dwarf?

inb4 ScreenConnect and it’s just the lb3.exe lol

We made it half way before getting distracted lol. Now on Sopranos which I’ve only watched when it was on the air originally sporatically, and now

I was probably too young to have seen some of that at the time back in the day, but eyy lol

I'm not angry. Just disappointed.

Freaking lol

I’ll make a point to keep watching it, the SO was enjoying it plenty. We just have a lot going on in terms of “what to do right after chaotic work day”

Resurrecting vintage tech 😄

and yep sone of those days I do not want to watch a drama like Sopranos, so recently it’s been King of the Hill instead since that’s what the SO is watching lol

Ugh I think my 2002 Dell needs a re-cap. It’s not happy at all

To add to your list - (Might have already suggested it) but League of Gentlemen. UK Comedy/Horror

I need to open it up again and do a visual inspection of caps, but they’re likely to be failing

brb

lol relayed to my SO your displeasure about us moving on from Red Dwarf

we’ll get back to it eventually

And if you are a fan of that, The same guys did 'Inside no.9'. again, Comedy/horror, but more... Black Mirror-ey

Not familiar with either but I’ll add it to my radar for sure

I am huge on British humor and vibes

Yah, the humour is different - Way more dry. It's kinda cringe when they try to make UK stuff into US stuff. The office did well, but that went in another direction after season 1.

The US inbetweeners was a travesty

I keep meaning to watch this but this recommendation has probably tipped the scales

You seen the IT crowd US pilot?

I don't think I want to 😄

Eh, even the US Office was more hit or miss for me. Didn’t stick with it. Some of those modern British comedies lean a bit more on cringe humor than more traditional British humor, but I think we moved beyond this mid 2010s era as a whole

King of the hill is a very pleasant amd comfy show

For sure c:

I can't watch UK or US office at all...

I didn’t get it at all as a kid but love it as an adult (King of the Hill)

James - Inside no.9 is very hit-and-miss (Yeah, ellie, I stole your phrase) but then these type of shows always are

The satire was over my head so I just thought “this is just a bunch of rednecks” lol. But um that’s the point

I've had other friends recommend it too, and the movie

Oh, A few years ago I started going through old Twilight Zone and Outer Limits. It's mad, because there'd randomly be big name celebs in them before they made it big

Woah woah woah... 'Other Friends'?

Honestly I just keep rewatching Archer

Fave redneck comedy is Trailer Park boys 😄

Yeah Trailer Park Boys is huge great writing “smart jokes about dumb people”

whenever my neighbours are out on the street, it reminds me of Sunnyvale. It's only 2 families, but the amount of random mess they make...

opposite of uh, the Sheldon thing. “Dumb jokes about smart people”. Can’t even remember the name of that show it’s so bad

Big Bang Theory

I like Big Bang theory with it first came out, but on re-watching it, it's like.... eh.

Yeah it’s not good lol

I feel like Community explored that type of personality better with the Abed character

There’s this one video where the laugh track was edited out and it’s extremely awkward

Yeah, I saw that. that kinda did it for me

Haha yeah, kinda does reveal the structure and how hollow the jokes are indeed

Something mean get said, 7 seconds of silence. awkward as hell

Did you know they used to have devices which created those laugh tracks with chords almost musically/court stenographically-ally?

I didn't, but does not surprise me.

'Filmed before a live audience. Laugh track was added later'

This is the “Laff Box” which was a closely guarded industry secret lol

I was looking up stenography keyboard for court... They are insane. I imagine using them for hacking

You could punch in to those keys react with audience laughter in real tine

I'll learn it for use on Discord. Might one day beat James in typing speed 😄

As you can see in the back without me even reading, yea that’s a rack of tape stock in the back which makes sense

saw refrence to Meletron before this device

so many industry secrets 😄

lol indeed, I kinda hate laugh tracks with provisions given for how good the show is, but as we saw, a bad show with no laugh track is just lol

it was just the norm until the mid to late 00s so kind have to bear with it for many

My fave was the UK TV licencing. over here, you gotta pay annually to be allowed to access BBC content. They told the public that they had detector vans which could tell who was watching without a licence. Someone took them to court, and the court ordered the BBC to show the equipment. The BBC then settled out of court - the prevailing theory is that there was no 'equipment'. They just went to houses not registered, and kinda peek through the windows.

In my mind, Scubz, Arrested Development and others were probably pinoeers in that, but I’m no expert in commedy TV history

The vans existed, but where just... vans

Yeah they created a big scare without actually doing much enforcement lol

I did like Scrubs. Doctor friends of mine have said that it's the most accurate depiction of working in a hospital

Mhmm, was based on a book, and I love that show

I know of at least one friend where JD is their spirit animal lol

It's sometimes odd watching those shows and seeing certain things that they'd not get away with nowadays - especially with Misogyny and.. Whatever the opposite of that is

'misandry' apprently 😄

one sec, I got to get the kitty on the bed

It's not funny is it?

Glad I'm not the only one who can't watch it

Yeah I’m majorly indifferent to it

Scrubz - When I watched Rab C Nesbitt I needed subtitles 😄

Forget that character, but yeah we just always watch with subtitles anyways

It was a whole show about a family of... I guess the closest analogy would be trailer park people in Glasgow

It's second hand embarrassment fuel, like a lot of what Ricky Gervais does in shows

Does make me think of Boomhauer in King of the Hill though, wild seeing subtitles for his rapid fire gibberish that actually means something

Yeah I like some of what Ricky Grevais does but it’s mostly cringe humor, which either hits or (more often for me) dramatically misses

Talking of standups, I really like watching old George Carlin stuff

really pushes it on “oh someone did something that will make you cringe… and that’s the joke!”

Yeah I’m not huge at all whatsoever on standup but George Carlin is a classic and no issues with him

Even his acting role were great

The ones I remember anyway

Indeed, heck wasn’t he the “future dude” in Bill and Ted’s?

https://tenor.com/view/yes-way-yes-bill-and-ted-george-carlin-no-way-gif-16960746

haha awesome, I thought so

Also the cardinal in Dogma

And Alanis Morisette was God

Still haven’t seen that but my SO is all about Kevin Smith movies

I’ve seen some of it without audio watching my SO watching it while I’m working lolol

He’s a kind of background audio guy who always needs something playing. I’m the opposite completely where I’m all or nothing on what I’m watching/doing and hard to multi-task

It's mostly just stoner humour

mhmm

he’s got some lower brow humor than those movies for sure so, lol

Like all of Seth Rogans movies

Nah I mean more like whomever does Eurotrip and those franchie of movies

Oh, american pie-style college movies with gratuitous nudity and such

Seth Rogan’s moves are hugely hit or miss, but I’m unaware of which he actually had a creative role in

Oh, Have you seen 'The Room'? It's so bad, it's good.

Yeah, but there was some team behind these that did all those

lol and Wikipedia is no help, being more factual than cultural

What do you mean, it’s a 10/10 movie, right up there with Birdemic: Shock and Terror

Haha

The Disaster Artist based on The Room with Jamess Franco was quite a nice movie, but was right before he got some sexual harassment allegations. Haven’t kept track of that but nice movie. Just fun docu-drama for the creation of a bad film, Ed Wood style

Yeah! i feel like they even had to dial that back because the reality was even more surreal 😄

@noble crag can you interact with the community more first?

g'morning Jabz 🙂

ok

Weekend of study, or you got something more fun planned?

Busy busy weekend

Had to get up early for the gym this morning, am super tired

Good luck! Only so much I can take with my busy busy weeks

Can’t wait until I finish this year, University is getting exhausting

So far we have dinner with SO’s mom which to me means, slot out the whole weekend, that’s the major event lol

Aye. Take some time in the summer to holiday. Even just a couple of days somwhere else in UK than home or uni city.

Or Europe - Pretty cheap to get there.

My SO hasn’t gone on a vacation in 10 years, I’m going to drag him to Cedar Point (rollercoaster park) sometime this year

Going to Italy in June

Also have concert on March 14th which will be nice

ntss ntss ntss

Ellie - only a few days before you gotta bust out the green Suits 😄

lol how so? And or, that joke went over my head lol

St. Patricks day is on the 17th

Ah lol

it’s a show for the band HEALTH

(but listen to the song I linked in DMs because it’s rad c:)

Liustening now 🙂

Are they local to you?

Nope, just something I stumbled across

Video is lovely, love the small jam band kind of vibe. I’ll link here for everyone’s reference lol:

https://youtu.be/tuhe1CpHRxY

I set my DMs to have it 'request' for folk not on the FR back when I was a Mod. I'd get so many random DMs. especially when I was hosting an event.

lol I did the opposite and have my DMs completely open due to modding multiple Discord but yee makes sense and is fair

so many DMs of 'So my friends IG got hacked, can you get it back for them?'

Like.. I'm flattered that they think I could, but still 😄

I'm liking the Ghetto vibe of the videos 😄

lol, I was modding emulation discords so it was mostly emu tech support and etc

Was into Ska when I was younger, so the trumpets and brass are cool 😄

Did link you another with a video that is harder to link here lol

It's playing now 😄

Knower!

It's like... In a student house and they filmed/played wherever they could 😄

And edited the video in the mid-90s 😄

Heck yeah, idk why it took me so long but I’ve got huge into funk and jazz as I’ve gotten older, but lol that almost comes as a given

Had a huge kick of 60s-90s funk/soul/jazz/whatever stuff a while back and am totally sold

ooh, My music thread is still active 😄

This is why I like the message requests feature.

On servers I’m active in I have DMs on open but keep message requests.

Helps reduce the noise and keep track of the open DMs I need.

yeah, I can only imagine the amount of chaff you get with the THM staff role

especially back when you were doing Customer service

Yeah I’ve not actually changed that feature from default but seems to be working as you describe. No complaints

Do you keep the VIP openvpn access after you lose your subscription?

Not as much anymore now that there are multiple TryHackMe staff members in Discord, but back when there were only a few of us I had quite a lot.

You shouldn’t, no

ah, that's a shame

no worries though

it makes sense

my head hurts

@glass nest You do much with paracord?

I've dabbled

The Reggae ones were for my neice who did a show n tell after her visit to Jamacia, and she wanted gifts for her classmates. Had to make 30 of those

Hi, is it true that when there's a collision in a hub environment, all the devices connected to the hub will stop operating? (just like in 10BASE2)

Just passed my theory today 😌 gonna look at intensive driving courses now

Ayyy. good work 😄

I thought I fucked it on the hazard perception and some of the questions outright had multiple correct answers depending on missing context. That and I was on 3/4 hours of sleep so happy to have passed 😂

the hazard perception was the great equaliser for me.When I did my car theory it had only been released a couple of weeks before

I had an intense driving course. I was so stressed I wasn’t going to pass.

We did a mock exam a few days before and I got 3 serious faults

I thought you clicked when you saw a hazard, i learned later that you only click when you'd change speed or direction

You don’t want to know how many times it took me to psss. My nerves during the exam were always bad

Yeah I clicked one too many times on the perception one and got nothing so that knocked my confidence a little but I got 56 out of 75 so very happy with that

One of them I got 0

Passed first try, one minor (didn’t slow for a pedestrian crossing)

Did you pass your test time in the end or did you do more lessons before it?

I got like.. 1 point over the passing grade for Hazard perception, but 100% on the questions

Ah nvm just seen the message

I think I did the same, I recorded opening my grade but good luck getting me to find that video

I got 45/50 for the questions but some of them were a little irritating because they missed important context and you had to sort of pick the best one given the little info you had

I'll trust you on it 😄

The one built arounds nuts looks excellent!
I'm trying to work out a good way of sealing the ends. I don't have a lighter etc

My friend recently failed his driving test. Was planning to ridicule him about it but he genuinely sounded upset so I left it

I knew a lad who failed his theory 8+ times

Haha same

you got a rework station with a hot air gun? Or a stove?

And he failed he test around 10+

Could warm up a spoon on the stove

Electric stove, doesn't work good. Got hot air station at work but that's not so sustainable longer term

One time I was 200 meters from the test center. I had 2 minor faults and some idiot came out in the roundabout when he shouldn’t have and cause I didn’t hit the break I failed

It works for now, Grab a lighter next time you venture outside

A guy in my college failed his test 4 times in a row but managed to get a new test every single week.

Got in the car with him and found out why he failed

I have a response to that but it's inappropriate for this discord

Haha

Maybe I'll just get a zippo

I was debating getting a hot air station, accidentally knocked the HDMI cable when it was in my laptop and damaged the connector on it so I want to try reflowing the connector and changing it if it's fucked. It works atm but only because I'm propping the cable up in the port

I don't move the laptop enough to care too much atm.

Surface mount is hard as a warning Burr

How did he get one every week. I had to wait 3 weeks before I could book another one