#general

https://tenor.com/view/rabbit-eating-gif-23238008

is there is anyway to know if there is back door on my computer or not ? i downloaded unsafe programmes and i deleted them and i did scan with my anti virus but i want to make sure there is no back doors any ideas ?

without knowing, i guess windows OS, it will be hard to spot

there is no way ?

there is. just might not be simple and easy. if you do not know what you look for its hard

and if you did use pirated software, then most like you have or had some virus or so

maybe do multiple scans. all antiviruses are different so they might not all flag the same thing

they always talk about Malwarebytes. i personally never had to use it but its worth a shot in you're case

i used Malwarebyes before it's good but i can't use it now i already have anti viruse

plus, backdoors are pretty hard to find, because whoever is the attacker made sure to obfuscate it as best as possible so it goes undetected

i think i cant use tow anti viruses at the same time right ?

you can

i dont think scan at the same time but you can use 2

I downloaded the unsafe programmes month ago and until now i didn't find anything suspicious but still i am not reassured

should i download new windows ?

if nothing suspicious has happened, i woudnt

if you wish, then windows reinstall might be best thing to do

oh ok

true, do what ever you think is best

ok

Thanks

you're welcome

no one said review logs?

logs as in ?

i mean. you dont normally think somone already knows how to do that

identify indicators that your machine is compromised through log review. logins when no one was at your machine, strange network activity such as large amounts of traffic leaving your network

but wouldnt a program be better at reviewing logs

Windows events are kind of a pain for a beginner to wade through, same with network logs

still need to finish writing my tool for that...

The best option is likely just to run something like Malwarebytes and if you still don't feel safe, reinstall

heck yah

we Love malwarebytes

It's why you keep offline backups

So its more likely that someone has regular offline backups but isn't capable of reviewing basic logs?

not your average joe of course

Okay I'm not gunna argue the point. But short of reinstalling your entire OS, just look at your logs. Get elkstack or some forwarding service with aggregation

Consider it a learning opportunity.

what if they dont know what to look at

Googl

hm

thats why you need a super hero to blast your viruses away

Malwarebytes isn't going to find anything before Windows Defender does. A successful backdoor isn't going to be caught by either.

that's actually not true 😄

I have had stuff that easily bypassed defender, but was caught by malwarebytes

Malware bytes for active scanning, Windows Defender for just base security

Not gunna doubt you there. I take issue with "reinstall your os" as the advice.

That's just bad practice.

yeah, it's often a missused advise

aye never said you should do it

I do agree on that

not really

it's the "easiest"

no guarantee malwarebytes will find everything

I blast things away if in doubt

i nuke my pc

best way

If you haven't had detected any abnormal behaviour an used defender and Malwarebytes we can say that you're relativity in the clear, but the only way to be 100% sure is to reinstall the OS

Many backdoors persist beyond the OS, so no, it isn't 100% at all.

paint PC in blue and throw it into sea

underwater pc gaming space would be sweet

cranking 90s and swimming with the fishys

ultimate water cooling

ultimate water spicing

if you format the HD and then reinstall the OS how is going to persist?

all that electricity sure do well

motherboard 😄

that's deep blue 😂

For a normie that takes risky clicks it isn't. Thats who the advice was directed to. It's super easy for someone to grasp offline backups, thumbdrives/external hdd/etc, and just reinstall their OS versus read network traffic, device logs, or setup an enterprise log aggregation/viewing solution

did you google is cooking somthing up

new it

firmware, bios, take your pick

you have to had the worst luck so the malware go to cmos 😂

Im trying to explain things from "I actually want to work in the industry one day", and why "just nuke your PC" is bad practice.

I mean you do a lot of thing on your computers like log into bank accounts...

just nuke your PC is industry practice

(well not just nuke your PC, its one of the steps)

personlly i take the smash my pc aproach

works everytime

I should sleep, it's 3:30 AM

nice black hoodie 🙂

give it to matt to do some BSOD

You can only detect what there are signatures for, I'm gonna say I'm not personally risking it. I don't think re-imaging your PC is beyond reason

if someone is interested in IT and they don't know how to re-image, then maybe they should learn

also, check web browser extensions

I'm not worried about forensically analyzing your computer personally

what does a proper security check consist of?

wait what? you think someone who can't reimage their computer is supposed to check their system to validate the security?

though i do agree with eight somewhat. yes you should analyze your pc and try to find anything and even fix it if you do, but that takes alot of skill and knowledge. idk if someone with zero experience would know to do that. What if they delete something very important

save the files that matter.... which may be the files that are infected.

nice.

👍

See what you done C901 😂

jk

I'm personally saying, I don't trust tools or even myself, someone who has done DFIR work to ensure my system is free and clear. I'm gonna reimage

there is

But how ? when i download new windows how there is can be back doors

actually.. too many
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=Notepad

what do companies do when they think a system is compromised? they reimage

Here is a great example

https://www.tomshardware.com/pc-components/motherboards/logofail-exploit-bypasses-hardware-and-software-security-measures-and-is-nearly-impossible-to-detect-or-remove

spooky thumbnail

even reimage in regular intervals... just to be sure

right? Almost as good as a shadowy hooded hacker figure

OK, so throw away your laptop/PC and buy a new one 😂

new laptops can come infected

we love wasting money woohooo

🤣

or just, I dont know... review your logs and look for indicators of compromise. and then conduct standard incident response if something doesn't look right.

I mean there is reasonable paranoia

listen. ik the solution. don't download sketchy programs

so get a tin foil hat and go to live in the middle of the forest 😂

stay in a bubble

https://tenor.com/view/thumbs-up-conspiracy-tin-foil-hat-gif-20017163

rex knows the right thing to do

2014

what if they melt it down

thats definitely never been a thing.

that's why I've never bought lenovo 😂

usually wires have like printed on letters right

on the casing

lol not because of a classified space mandate, maybe someone just didnt like you?

You wouldn't even have to do that in a scif

I remember that, the malware come from China I believed, because they have factories in China

im using a lenovo right now. am i cooked

that would definitely destroy any data in the wire

wires can hold data?

never knew

yeah man lots of 1s and 0s resident on unplugged copper.

thank you for your service

some ppl says that he find all 0 and 1 later and put them back in vire

IIRC the first magnetic storage was a steel wire storing bits and strung between bicycle wheels for read/write

thats crazy

ENIAC era although idon't remember which project

what if you demagnetize it

what happens if you demagnetize a platter drive

uh

wiped

like they say

dont put magnets near ocmputers

we putting this theory to the test. somone get me a big neodymium magnet

yes my sigmas

likely

🤣

uh

I would wager the tempest was understood pretty well even that far back, I'm pretty sure someone was messing with the private

what co pilit thinks a hacker is

there hacking with actual viruses lmao

thats the covid-24 virus

it is lol

solid pick hackerman

its you eight

its not uncommon to shred a harddrive, cutting rj45 is pretty much unheard of. thats all im saying.

anyways, more interesting topics... have yall seen CAPECs?

cool stuff in here

https://capec.mitre.org/

oh, is this me? Are these eight gloved octopodes?

yes

I am disappointed by the lack of gloves tbg

ikr

and have 5 fingers on them also

I really should sleep, this night shift stuff be messing with me sometimes

thats actually the bigger atrocity. what octopus has need of five fingered gloves? Honestly they should be boxing gloves to be accurate to my head cannon

sleep... go...

I just spent 3 hours stuck in a jr pentest room because the payload in Exploitdb is outdated and is written in Python 2 :)))))))))))) and the python 3 version wasnt in exploit db :)))))))))) i want to die

buuut I am watching a serieees

what ya watching ?

the blacklist

loool

same

season 10

blacklist is great junk food. Its a terrible show but fun to watch

yeah, I laughed at some of the code it showed

s10e08

smh, downloaded the episodes

s10e10 😄

i didnt like e09

it was meh yeah

8 was ok, 10 is nice rly

the mindhunter will prob get one more season

I hope thats not piracy

Finally got my hands on the Discworld audiobooks. All of them.

"In an astral plane that was never meant to fly...", god that man was a good writer.

blacklist was fine

that's about it tho

If you'd said anything, I'd have shot ya a DM that'd have saved you storage space.

let me rephrase that

early blacklist was fine

late blacklist not so much

It had some nice twists. I liked the early stuff with Tom Keen in Berlin (That Ambulance scene had so many issues, though. )

The series ending was... Well, the only way to end this, really, but for fucks sake it pissed me off.

idr how many seasons we watched but we didn't watch the whole thing

it got to be a lil much

don't remember the ambulance scene tho. watched it too many years ago, lol

Tom in an ambulance racing through Berlin. They got the right jackets, the right ambulance, etc, and then they go and fuck up the license plates of aaaaaallll the cars.

reminds me of how suits was actually filmed in toronto

quite noticably in some scenes imo

Question: Do the US government internal hacking/tracing tools have good UI's like the ones in movies

Though even through all it's faults in the later seasons, ya can't deny Spader played the role with style.

ENHANCE

u meant us government the place of russian state sponsored hackers ?

Let me hack into the most secure system in the world

I need 1 hour

no politics for me

just wanted to be sure

nothing abt politics

I say that every time when I read my own code

Haw, Abby... Swoon

how did i get in here

how do i hack im slow

can yall teach me pls

#start-here 🙂

learn basics

Hi dolphin! How ya doin?

🐬

Heya, not bad, hbu?

he's dead, jim

Soon @graceful thistle I'll be doxing myself to you

so I can get my Pentest+ little thingy

i know where unreal lives already

not gonna prove it tho cause that'd be doxing

you can also dm me and dox me that way ❤️

nope, that's circumvention of the rules

i'd never do such a thing

then you're lying

just gonna have to believe me 😶

i'm not gonna believe a stranger.

https://tenor.com/view/stranger-danger-gif-8354664

pretty much

Grats 😁😁🥳

That was stressful as hell.

I bet

Why do I have know US laws and regulations.

offensive security brings a shitstorm of legal issues

yeah but I'm not in that country 😛

nevermind then

so it's annoying as hell

i guess they can't really curate to every country at once

might cause compliance issues too i suppose

something but i have it now.

have they added practical components

I knew the tools, and how to use them so that's what saved me

not really, it's more 'here's simulated things, fix them'

more than what my old sec+ had, lol

I can't remember what was in sec+

in terms of my test, i remember the things from it tho

yeah i don't remember anything other than the room i was in

was several years ago though so 🤷‍♂️

whats poppin in here?

shit, i should go make some popcorn

lol

There are no URLs in that message.

.checkurls

/checkurls

oh that works now

where tf is checkurl

Well that's very depressive.

I had no idea Ollie passed.

hehe

There are no URLs in that message.

yall will never know what im doing

yeah no idea.

i wonder if it's a permissions issue

/socials .

verified no access

oh maybe

oh mb

im just doing something in yalls accounts

im trying to figur out how to ban but not u two some other kids

yall two are chill

How to ban who from what

from dis

i learned it but i need to find it

?

oh wait

are u a...

ghost?

no

thats a person who protects dis from hackers

or some wat

What

are u?

What are you saying

if not than good

oh ur using mod nvm

im srry dolphin but ima have to take that

Look I dont really understand what you're saying but it sounds kinda sketch

oml u spent money for mods 😭

If you wanna hang around here, I suggest you read the rules and what this server is about

ight mb

im in a general random chat

yo dolphin wats the rules im slow

#rules

i'm with smith on that one

the new discord layout sucks

btw im a new person in dis so yah..

and reading the rules is boring

but ight ill try

the #rules channel used to be fairly obvious, but now it's all into a weird combined server info tab thing

don't remember when that happened tho

can anyone gift me nitro

im broke

Lmk if I need to give you a timeout so you can read them without distraction

pls donate to charei need some nitro

If anyone here actually knew, they wouldn't tell you

im new =>

am i the only one without a nitro

Hi all, just want to know how you wrote the reporting like VAPT if you do it manually or with some tools? Is there any format or something like standard for the report?

Finally after 20 mins I got the combo famn

i'm of the opinion that you can automate some parts, but if you automate all like some tools claim to do then you're losing valuable info

(and those automated parts would need some curation)

no one answer tho. just about workflows.

what are you talking about? @graceful thistle

I was trying to learn some dmc combos and just couldnt get the timing right no matter what. I finally got them ✅

highlight of my day

i'm beyond confused but it sounds like you've broken past a roadblock lol

Thats right

Dolphin now I understand DMC5 combat

now time to unlock more skills

because it feels kinda bland and easy in the starting

Learn 100% of the combos

Get to DMD

Play bloody palace

yea once I unlock more moves

If the combat is bland, youre doing it wrong 😄

need more time in the game

to unlock more stuff

Yeah it will take forever

I dont wanna spoil anything

Morning everyone

yea I understand

https://tenor.com/view/rick-roll-gif-25917805

ok

BRUH

I hate u

LMAO

good morning 🙂

Good morning 🌄

Hello, can someone tell me where rockyou.txt is located on the default attackbox please ? I'm writing a quick procedure and don't have access to it right now
Thanks ! 🙂

/usr/share/wordlists/rockyou.txt

pretty sure it's somewhere in /root/Tools/wordlist or something

and not the default path that we find on Kali

i'll try to find it, I have bad internet rn cause I'm on a train but we stopped at a station

oh it's in both yeah

Thanks I'll remember that now 🙂

there's a symlink in root/Desktop/Tools to the wordlists folder

yeah it was a symlink all along
<insert Always has been meme>

@wintry sluice thank you

Gave +1 Rep to @wintry sluice (current: #507 - 8)

How do i hackwifi with out kali

You don't

lol, if you have to ask I wouldn't do so 🙂

cissp

Haha

ofc hack mine

We got a pentester

?

@graceful thistle

Pentesting - A penetration test, colloquially known as a pentest or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment.

🙂

You don't need to get rid of your fellow Windows to use Kali

Use a Virtual Machine

and then run Kali

or Usb

is this guy real Ryan Montgomery @ 0day

I run it from an external SSD

Nice bro

Yes, that's the real Ryan

Yeah

oh cool

I want to learn Cyber security

Read ! 🙂

https://tryhackme.com/hacktivities

but i have a potato laptop

😅

that's fine. THM has an in browser attackbox

A hacker hacked sony with a roku device and a keyboard

lol

THM?

If there is a will there is a way.

https://tenor.com/view/band-of-brothers-gif-27205452

TryHackMe

Being a smart alec won't get you far my friend 🙂 . I like your enthusiasm that will get you far

Having a potato laptop won't matter all that much, there are a few linux distros that breath life back into older systems.

this lesson is about Linux there are 3 of them this is part one https://tryhackme.com/room/linuxfundamentalspart1
Cyber attack = https://tryhackme.com/room/basicpentestingjt
A guy gave me this

just watched this guy on yt

his outro is a remix of him doing the spicy rm

Do you have a wifi adapter that supports monitor mode ?

wifi pineapple

Start there, and then download a tool called nmap

@broken nymph i made a rubber ducky using my USB

Start by learning how to use nmap

antenna thing/

with your own IP as the target

of course

i dont have that

cissp

Yeah your going to need that

You won't be able to use a wifi hacking tool without it.

I prefer to have at least 9 antenna things before I hack a wifi

this guy ^^

Certified Information Systems Security Professional

its the only way to reach the mainframe and extract the RAM

(I am agreeing with you)

very good.

spider

and they said you couldn't teach a bot anything

who

who indeed!

osint spider web crawler

rate limited

They were joking...

actually they may not have been; using nmap on your own network isn't bad advice

sorry i just clicked on the original post

Learning to use nmap is great and your own network is a safe environment to do so

no, spiders only have 8 antenna

Hey!!

Has anyone passed Insekube lab? I'm in desperate need of advice

Nobody answered in room help, so I reckon there aren't many people who did this room

wut if data leaks

also this

What does "data leak" mean and how would nmap cause one? Lost on this question tbh

idk i am asking if it leaks or no

my router has a ton of antenna because it supports Wifi. not scary.

wdym "leaks"

using nmap on your own network does not inherently cause data leaks of any kind.

breaches

nmap is literally a tool to map a network, thats all it does. it identifies things that are already there.

if there are issues with your network configuration, they exist regardless of anything nmap could do.

using that can i get my frnds wifi?

Sigh

what

no

no, you need to ask your friend before nmap will let you scan it

wait i am confused

I want to be charitable with this line of questioning but cmon.

This person wants to invade their buddies wifi dont they

i have 2 separate WIFI's 🫤

nmap works only on our wifi or others?

it works on all the wifi

You should only use it on a wifi network if you have permission to do so/if its yours

👍🏻

No, nmap is a network mapping software

Ohh. Is that a new room desig? I like it! 🙂

flipper zero

yh, hints now come in from the side, instead of an alert box

the flipper

your welcome

They banned the flipper zero here in Canada

I cant send images

People were doing relay attacks and stealing cars with the flipper zero so they banned it here.

gotta verify to post screenshots

in my country it is legal

classic humans

were they? or were those just alleged?

Cool lol

Again if there is a will there is a way haha

no one here is going to teach you how to use that tool.

lol

It would be irresponsible.

youtube

Then go look at youtube.

but first i need to buy it lol

off you pop.

I have a feeling that a lot of people come here with the wrong intentions

welcome to the joke

What do you mean ?

nah

Yup, that is what sells the flipper zero. World we live in lol

My college thesis was based on doing bad things, there just isn't any restraint today.

its cost a lot

159 usd

Have you guy's seen the Rabbit OS device ?

it also has a lot of completely legal potential.
a single tool that can do lots of stuff is useful to a decent pentester

i wonder how they created it

by that logic, kali should be banned too

and all the software packages on it

That is why Canada banned it (I live there) lol

(if were talking about the flipper zero)

I think it's dumb tho, and rswallen is right. Extremely useful to a pentester

it isnt anything more dangerous than a wifi pineapple or greatfet one

Yeah he's right lol..scary stuff mitm attacks

You can do it yourself with a raspberry pi or an ardunio

most people that would want to do something bad wont have the skill to utilize it effectively.

do wut

What flipper zero does

i've read some articles and they say that flipper zero can be harmful for cars and car manufacturers which are using older security versions

rlly

It's not magic...

even cards

This guy 🤣 Don't lose your desire though man we all have to learn

I respect ya trust me

Again you can do the same attacks with other hardware for less money

Huh?

A single country, no?

i have uno but idk wut to do with it lol

bro there are coming masterkeys so why they aren't banned

Pack it really nicely in bubble wrap and tin foil, and then put it in a box that you never touch again.

i did that

not even used it once

They might need some tin foil.

Good job! Mission Complete!

It's not the flipper that's the problem. It's crappy automative software

🫡

Yeah lets not give dubious individuals ammo to go look at vehicular networking.

That's such a poorly thought out argument.
That's sweeping the actual problem under the rug

Knock off hackRF one and a used laptop costs even less

flipper zero: exposes problem with software in cars
solution: ban the thing exposing the problem
result: problem still exists, can't use useful tool that exposed this problem to see if such a problem exists elsewhere

Banning it won't solve the problem

bruh why did i start

You could use the same arguments to ban pretty much the entire industry we're in

So... I would recommend not supporting that approach

CANs suck, that doesnt mean we entice poking around in them.

Yes, we do.
Because cars keep getting stolen through CAN bus injection

Defcon has a car hacking village for a reason

So your argument is... entice more people with less sophistication to... steal more cars?

That doesnt really jive with disclosure provisions for any bug bounty program I have ever been a part of.

Have you read into the attacks on central locking?
They're dirt simple, attacks that any undergrad could work out given the protocol spec.

It's all widely documented

isn't it more: entice people who don't want to steal to poke around, and then report when they find problems, meaning manufacturers fix the problems, resulting in fewer cars being stolen

There is still a pprocess.

It's also VERY easy

And it's been followed. The flipper isn't dropping 0days.

Car theifs aren't going for the sophisticated attacks anyway. They just jam central locking and wait for people to walk away.

Banning the flipper zero is performative. It does no work to fix the problem but it's big on tiktok and scares boomers so it's quick political point scoring.

Im not advocating for the banning of any tool. I am advocating for not giving information to random people on discord.

I mean, we're not?

Any website builder suggestions ?

I think we definitely have.

this one here

I don't think you understand the topic

That description makes the news

I'm not explaining how to do it

And it's a widely known attack

Ive written novel attacks on CANs, I certainly understand the topic.

This isn't the CAN bus. This is RF.

Im saying we shouldnt be discussing it here.

Is that your call?

Am I wrong?

The extent that we're discussing it is fine

@brisk briar Please don't sent unsolicited friend requests

Okay

Bruh

go get that W in fortnite buddy

damn that was dirty

you dont play games?

me?

Yeah

Sure I do

whats wrong with grabbin that dub in fortnite?

nothing

I saw he was playing fortnite

so i said go get that W

yesi'm

so

genuine comment

for sure

It’s okay man

bro are u joining

no i dont play fortnite anymore xd

yeah bruh, go play with your fellow man

new season/map sucks

oh so your better than it now

fortnite is good, but ctfs are better

dude can you hop off?

naw im just teasing do listen to me

dont*

Huh

Noob Question: I want to port forward and I have an SSH shell, I want to use Konami SSH Port forwarding technic. But when I hit [ Enter + ~c ] I got the Command Line to disable the message, Does anyone know what is wrong I am doing?

are you doing this when SSHed in?

Konami SSH port forwarding isnt a thing. Sounds cool though

~C will give you additional ssh options i guess

I'm guessing konami is an article

kali@kali, fun.

yes

https://www.sans.org/blog/using-the-ssh-konami-code-ssh-control-sequences/ ah cute

Are you sshing into a kali machine?

did the same

yeah

on no

Check your terminal settings. There may be a shortcut or something you're triggering

you are absolutely right

I love SANS articles hehe

How do you earn points in workspace?

sans courses are also good have 1 i think so it's windows forensics

workspace?

@wintry sluice

Do rooms.

PJPT > eJPT

speaking from someone who has eJPT

it's not worth it at all

I cannot say

😄

but wayyy too basic

what about PNPT and eCPPT

I would skip everything from eLearnSecurity

tbh

Don't touch CEH too

eLearnSecurity has changed how they do certifications, and a lot of their certs have tanked because of it

the quality is bad, the pay is too big

Yeah, you can make your company pay for them

Offsec is quite good

IMHO if you can afford, go for Sec+. It's not mandatory but helpful

based

And make sure you have checked certifications that local jobs require/want.

I always say based things, especially since it's true

is it worth doing sec+ if you have no other techy certifications?

It is worth it

def not

You can also ignore certs and actually do something

when you wonder if a cert is worth it, always check the job postings in your desired work location

Make projects, demonstrate your interest in cyber security

Then get an internship

You can do both

just write the name of cert on indeed and look what the jobs are and what is the amount of postings

indeed or any good job website for your country

Home lab, writing your own tools, writing blogs etc.

And social networking is an important factor to get a job

Nah, companies don't care about certs tbh

I landed my first pentest job with no certs

by doing projects?

Actually I had eJPT but it didn't play a role really

Experience > Certs

by being good at technical interviews as well as having a mature vision of the job

the job isn't hacking stuff for fun and that's it

you need to be good at soft skills above all

writing, and communicating

So true

thanks

Gave +1 Rep to @amber quarry (current: #56 - 117)

it's crucial to be good at those. doing ctfs is great but soft skills are too often overlooked

make a blog, and do some reports on the boxes you made
not a simple writeup with your nmap command and output. no one cares about that
explain the vulnerabilities, and present remediations

do 2 good blog posts rather than 10 bad ones

but some podcasts say their AI removes our CV if we don't have specific education or specific cert

Not all jobs

https://tenor.com/view/taking-notes-notes-gif-17478299096235163441

First of all, Thats not AI. It's just a filter 😄

ATS I think ?

yeah sorry, ats

eh, AI is a broad term. to some it means any script capable of replicating human behaviour. to others, it means something demonstrating human level intelligence (AGI)

big corps need to make a first filter and they do that by looking for keywords in your CV yes

since stuff like Work from home, you end up getting thousands of applications for like 2 job roles. the company NEEDS some method of filtering out people who know what they are doing and those who dont. Certs are an indication of that.

I know a little trick

the writing it in white thing is dumb

Why? 😭

because at the end someone is going to look at it and if you don't have said cert they're going to discard it

if that cert is really required

It's not the cert

Which room would you recommend to learn routing?

If they are looking for technical keywords

just put them in your resume then ? if you have that skill

Its a skill I’m not the best at and would be awesome to learn more of

and if you don't it will be spotted in the interview

Experience should demonstrate that, no?

Exactly. You can trick your way into getting in the door if you like but you'll be shot down instantly.

if you're talking about network routing there are many youtube videos about it
you can use cisco packet tracer or GNS3 as lab

The whol HR filter is simply to get rid of folk who just did a 1-click apply and can't actually do the job.

But no tryhackme room?

Mikey - the Wreath Network

Thanks

Gave +1 Rep to @glass nest (current: #18 - 402)

this is pivoting though

not routing

It covers routing

IIRC

routing to me is RIPv2, OSPF, ....

and port forwarding

eigrp

routing?

what a router does, to know where to send packets

I’ll try both, gns3 is a network emulator if I’m not wrong

If you want to train networking yep

The wreath network, is that a compromise one host, add routing rules to then compromise further hosts?

glbp!

Mikey - Thats called 'Pivoting'

did someone say networking? 👀

Too many acronyms.

two many 😛

More interest in the routing rules themselves so just wanted to clarify

But I’ll check it out, thanks guys

So that's indeed pivoting. Which is useful in pentesting
You can do pivoting by using routing techniques
But routing is a more general term used in networking. Protocols like RIPv2, ospf, eigrp are routing protocols

o7

I have done wayy too much ospf

I did networking for some time but got tired of it

🛌

I am currently studying CCNP 😄

for school

ah okay

we had to do the CCNA exam but didn't actually get the cert in the end

finished CCNA last year

it was really dumb

same here

CCNA and CCNP

but did you get the actual cert ?

nope

why they do dis

Correction - Bella is currently whinging about studying CCNP

no!

I am reading netacad while we speak

pain

Not via routing rules

I'm jus playin, Bella 😄

good luck

thank you

luckily this class is just a 50/50 one

https://tenor.com/view/no-post-on-sunday-vernon-dursley-sundays-harry-potter-gif-10875689

@glass nest

You'll get through it, James.

🙃

you have to configure your SSH server in the configuration file https://linuxize.com/post/using-the-ssh-config-file/

and activate the appropriate option

hey there, I was wondering why there are no room for learning how to use Aircrack-ng tools suite and rooms about Bluetooth hacking on THM

There's one room for wifi

But it's difficult to make it interactive without running physical hardware

No parcel deliveries on a weekend.
Which means I have to wait till tomorrow

Got bored waiting for some tools to finish so i decided to entertain myself with a falling matrix

Most of what I'm waiting for is in the UK now, so waiting for it to be delivered

Mine is currently in my local depot.

Good morning 🙂

My local DPD driver only does a half run on a Saturday and always forgets my end

I know this is going to sound generic, possibly, is there a list of beginner rooms “IN oRdEr” on thm?

@naive violet Can I dm you for my Pentest+ Role please?

Yep

Thank you. ❤️

Are you on a mission to get all the + certs?

I have the ones I want now.

A+, Net+, Sec+ and Pentest+

now I'm on a mission to write myself up a nice little documentation structure/note taking process.

Ah nice, congrats!

Congratz

@shut hawk new colour? 👀

Yeupp!!! 😄

Nice

https://tenor.com/view/cryptoflash-crypto-flash-tattoo-vintage-gif-27569875

Riding a CRJ9 today 👀

Ooo, where to?

Newark

The CRJs are very majestic

Wanted to learn them after the A320

they’re ok

The 100/200 are nothing but pain

Cause of how tiny the overhead is

ooooh yeah that must be annoying

are you quite tall too?

My bags I mean

My roller doesn’t hit overhead

They’re cramped but I can live with it

Oh rip

They are only short haul so could be worse ig

Haven't been on a long haul for agesss

Yeah fair

its only ~1h30

Ive seen them on routes up to 3-4 hours though

Ah not too bad then, is the weather looking good?

Newark airport looks huuuge

🤷 havent checked

Its not terrible

imo LHR is worse

I had some pretty bad turbulence on the way back from holidays

yeah it's a pain to get around LHR

Esp transferring

cause security takes soooo long

I hate how in EU airports you gonna go through security to transfer

I can fly anywhere in canada or the US, and only have security(or customs) at the first airport - which for me is montreal

Which is sooo nice, bc tighter connections

That must be nice

To be fair, the self-serve customs makes it go by a lot quicker

We aint got those here

And ive never used em

Really? They've been out for ages

Only airports ive been to that had them, i was still a minor travelling alone at the time

which is one of the cases you cant use them in

We're starting to roll them out in canada, but its just in Toronto AFAIK

huh that's interesting, wonder why it's taken so long

Atleast for Canada & the US now, you can make your customs declarations on your phone

and skip most of the questions

They've updated the security too at Luton and now the luggage checking is completely autonomous and everybody has to go through the full body scanner

i hate the full body scanners

They ask weird questions too

These aren't that bad, compared to the circular one

'Do you own a Flipper Zero, eh?

Fair, ive never liked them

i always end up getting searched

without fail

🤔

Do you know why?

Yes

ill dm

Pretty standard for Biosecurity.

It's like... 'You know know what, I didn't think about it while I was packing my bags, but yes - I keep some Cell Cultures on-hand just in case I need to do some science on the plane.'

They need to be declared for proper transport and handling.

Fair, but its still just weird to me

like, why would i ever cross the border with that

The stuff about farms sure

Can someone assist me with why the hell my wife's PC says its been on for 15 days.

despite it definitely being shut off.

stupid Intel machines.

Yeah, Like Labs and stuff would secure courier stuff, and that would have it's own paperwork. You wouldnt just bring it with your carry-on

User error

hey can someone help me if they're free?

I'll user error you

Sorry, I cost 1 rep point an hour.

uhm im new idk what that is 😅

Just ask your question buddy.

its smth else can i dm you? 💀

Yes but like - that feels like a situation you would bring up

not a standard question

If we can answer it, we will, if not, we'll tell you, with also why and maybe point you in a better direction.

Remember, if they've had to bring it on as a general rule, it's porbably happened before, undeclared.

Exactly. Doesnt the US one straight up ask 'Do you hate America, and are you planning to do bad stuff?'

no

Nah, just ask i nhere.

I didn't even need to click that to see it.

all the US customs questions

Ahh, I was thinking Immigration/Visa stuff

i alrdy dm'd you actually its a big thing so i wrote it in your dm please read it 😅😅

never applied

nor for an ESTA

I like how they keep switching between "Do/Am/Have"

Copy and paste.

sure

@shut hawk Who ended up winning that 1v1?

hey hello
so basically
im just a normal guy
but i want to learn ethical hacking
well i got this idea after my instagram account was hacked
since then im looking for reliable people
to teach me how to ethically hack things
and help others out
so am i in the right place at TryHackMe

?

Fwiw, on some of the immigration forms ive looked at - ive never seen it come up either

Only if you havecommited crimes in the past

Yeah, you are,

Have a look over #start-here

but that was just i-130 paperwork ive looked at

We won't however help you get your account back.

You'll need to contact IG support that.

okay thanks bro

Gave +1 Rep to @sick lance (current: #2 - 2025)

no problem

Is the vpn fucked for anyone else?

No?

It' sok for me.

interesting

It was 3-2 to Jabba ☹️

that was an intense line of questioning

Damn

oh

hi firehawk

hello

How goes it

noob.

am trying to get friend on THm but vpn is fubar

I'll never hear the end of it

🤫

You using MK or controller?

First question about the VPN - Is your friend in somewhere like Egypt or Russia - somewhere that VPNs might be banned?

Bounce to #site-support

ye tru dat

👀

firehawk, on thm, never seen that coming

just notived I'm a server missing, then I remembered I left Off Sec.

kb

@sick lance hey bro i have no clue of anything related to coding and things, the only things i have done in coding are python and qbasic codes taught in my school.. so i went to the website and its saying out things that i have no clue of, so what should i do?

Start with the introductory rooms,

uhm i dont understand actually

like

i opened something of introduction

but it said someting a Terminal

wait they still teach qbasic?

i have no clue

im indian bro ;-;

and its only for like 3 months to get a overview of coding

that's what you wrote here, mate

yea ik

like

they teach for 3months or so

just for a overview of what coding is

and some python i did

were just basic calculation codes or strings

Scrubz, I'm gonna be annoyed if that was the reason

it likely was too.

so @shell nova what should i do ;-;

If Fast Startup is just a keyword for hibernate, I'm gonna hate windows.

it genuinely is..

d4nish vil igang og ka ik finde ud af openvpn

I do the same and didn't even click.

I prefer mine to have it.

Yea, happens to me, every time turn PC back on it runs slow check and its because has like 5 days uptime

my wife's PC would just 'randomly' come out of hibernation.

practice, practice, practice

alr 😭 but i dont understand anything like i dont know anything lmao

then try to understand what you're doing. the syntax isn't too complicated

of course you're not going to, when you were first learning maths did you understand it completely? Like hydra said, practice, practice, practice!