#general

💰

Yeah although the only "new" feature is the way the members are displayed (as in, you can achieve everything else with a well configured bot)

Actually thinking about it, you can also display the members very similar with a bot to

But nice to have it native I guess

With roles, yes, but you won't be able to party up with them.
And you can't create shared activities with a bot

Applications can be achieved with a bot but it will be incredibly janky. Mostly the fact that the system for reviewing and accepting will have to be stored somewhere and won't be as clean as just opening a section and reading through it.

Furthermore, it requires users to click a button to trigger the modal, and finally it requires competence to write a Discord bot and a server to run it

We used to do this ages ago with GMOD servers; spin up a simple website using a forum template tool and you would create a threat to write an application. They probably still use it now, it's better than doing it in Discord

Mist forums iirc

Forgot about the shared activities part, that's probably what I'm most looking forward to actually

Time to figure out how to port the AttackBox to a Discord shared activity

🔥

Yeah, it's certainly a lot more nicer to have the features built into discord but definitely nothing completely innovating

this is cool af, i feel like this would be great for writing too. brainstorming ideas and all that

expensive :(

do you find it worth it? @shut hawk

Yep and allows you to insert your own media, highlights, flashcards, tasks, kaban board etc

Yes, that seems really nice

Lots of language learning potential

I'd say so considering how much I use it, it's around £6 a month

Also didn't realize how useful it is to have a mobile app

And the development on it is quite active, get updates weekly

Very nice

I'm happy with my current setup for notes, but the features here might be really nice for specific usecases

Hello kindly tell me password for ssh into a machine tryhackme is showing incorrect

which room

Snort

#room-help

Obviously the downside to it is that it's not just a simple .md plain text

yeah for sure

i love the idea of fancy note apps but i tend to find them super overwhelming

i use a good ole composition notebook

I much prefer writing by hand but I can't write for extended periods of time

yeah it did take some time getting used to it

and even now I'm still learning about all the things you can do

I need paper to practive math and language

Something about doing it on paper helps so much

yes

Especially Hindi script or Japanese Hirigana/Katakana/Kanji

AI generated aa picture

Both the pics in my profile are AI generated atm

Dall E

there sick ngl

AI is too fun

They're

😡

It's cool but AI imagery is getting easier to spot

got the keyboard wrong

the G got wiped away

If G is on the bottom row of your keyboard, you're keyboarding wrong

or its a new way to keyboard

it is fun especially the wacky pictures you can make

when I used to be able to write handwritten notes it was really nice for comprehension, but a hassle for referencing

I like my CTRL+G (search), CTRL+C CTRL+V for quick command references

Writing them down and converting them to digital notes is a really good way to convert them to long term memory

yes

Writing is the young man's game 🥱

I remember my handwriting days 🧓 i was but a grasshopper

Cool

Anyone here analyze of wifi hacking?

My handwriting used to be so illegible that I would get in trouble at school, only if they knew

More specific?

Yeah look for deauth packets and new clients that shouldn't be there

is it any better now, or have you just gotten better at reading it?

It has gotten better.
In order to improve my writing, I have to increase my strength, which was quite difficult when I was younger.

I write in capitals when filling out forms for improved legibility, but it can be very tiresome and time consuming writing in capitals all the time.

I don't have to write in exams but I usually choose to because written exams really suck when you're trying to do it on a computer. Furthermore, Math exams are impossible to do on computers

Hmm yeah, no cursive? cursive tends to eliminate a lot of writing fatigue, and it's fairly legible if you're careful about being neat

Wasn't taught cursive

Ohh look into it! It may save you some hurt

It's not hard to learn, just takes a bit of time

I stopped researching and practicing writing after Secondary School because I wasn't required to given that I moved to an IT course

imo worth it if you want to avoid wrist issues down the line

Unfortunately, my joins over extend so the pain is completely inavoidable

oh yeah i hear you

writing be like that

Guys

what is your favorite tool to analyze WAV files?

Audacity maybe?

i'm fairly new to this so dummy proof tools are prefered 🙂

I need some help I have a problem in a question

to find hidden info as well?

cant answer it while I know the answer is Local cache

Depends where you are looking for it. sometimes stuff is hidden in waveforms and stuff. If it's in the actual sounds, Thats different. If it's inside the file itself, then a hex editor or something

so let's suppose it's hidden in waveform

@royal hawk #room-help if it is a tryhackme room

Then Audacity

Hihi

Does anyone have any info on how meterpreters process migration works? I understand its used for persistence but more-so trying to think on a code level. Is it some sort of new shell through process injection?

I remember the days when THM VC was populated

Yea thise were the days

Communities like this are community driven. You want the VC poulated? then populate the VC

You want people to join? Give them a reason to.

Yes, it finds a process and spawns a thread from that process

Sick thank you for that :) Wonder if there's any docs on its implementation. Curious to see the payload. Wonder if it's .dll or a direct process to process hook injection

Gave +1 Rep to @mossy river (current: #6 - 1183)

dll or memory injection

https://jlajara.gitlab.io/process-migration this looks good

The dll would still do memory injection too tho wouldn't it?

yes

god i love the msdn for letting this be so easily possible

That’s rough 😂

That sounds like a crime ✨

100% DDoS secured

Technically that is a DoS attack 😁

DDoS if multiple people were involved

I dunno .its kinda distributed across a number of ports

even matt can't brake it =/

Who said DDoS is port exclusive?

there are rest of cables

Good morning peeps, i am now 22

🙂

woohoo 🙂

Cake dayyyy

😂

Happy birthday, horrible OPSEC. 🥳 🎉

👴

Eh i trust most peeps here enough lol

Hbd :)

Wholesome.

I don't.

Dw ill keep this information safe in my document of growing private record for you. Just incase you ever forget

Random question @gritty zephyr what is your mother's maiden name? /s (for legal reasons, this is a joke)

Has there ever been funny little numbers on the back of your credit card? make sure to send me those!

356

Oh sure its updog

What's updog?

https://tenor.com/view/hysterical-laughter-laughing-gif-25735842

https://tenor.com/view/hug-gif-27703442

i still remember my first teacher name... was helena... what's your first teacher name

Nothing much, thanks for asking 🙃

Of troy????

of what ?

troy. they're asking if the teacher was a trojan

Helena of troy

ah that lol

Hahaha

Do you remember the town you grew up in? lets reminisce, starting with the name of it

Whoville

Tomato town

hello

in kali linux

in tryhackme vnc where is the reverse shell ?

ha?

i am connected in vnc kali linux cannot find reverse shell

.php file

where ?

#room-help

If you are using the web kali machine, it will be in the default kali directory

ok where ?

in share i dont find it

Jabba, please call me dumb

What's me dumb's phone number?

It's "mykneeeshurting"

pretty sure that isn't a number

Well stega not

The attack box is not Kali

guys, i have some wav files to investigate for hidden data, how to deal with that? no experience whatsover so any help is welcome

Look up steganography.

i did some binwalk on the file and it displays 'certificate in DER format ...' but i can't extract it

i figured that

That sounds familiar...

@willow garnet if this is for an active CTF, please stop asking here

euhhmm not it's not

Somthing is tickling my brain about this - binwalk and DER format...

What's it for?

a challenge i'm trying to complete elsewhere, but nothing like live CTF

Link?

James, although our hobbies are awesome and glamourous... Literally spent the last hour carving out a template with a craft knif, in order to use it to make another template to actually make something. We never share the tedious parts usually 😄

I'm almost over the word count and I'm two sections out of 5 in

I seem to spend time doing metalwork

You do like to drone on, Jabba 😄

I'm terrible at metalwork

Welding seems cool

Can't believe you are out-manly-ing me, James 😄

I am including unnecessary information but I hate assignments where you don't have to explain what you are using.
My lecturer said only justify but it feels weird that I am justifying given the parameters of the assignment

Hi ppls

Haha, justification = 'Because it was in the Assignment brief'

look we got toaster here

It's just drilling holes in end panels

What metal you using? Alum?

Uhhhh

Apparently

Heavy metal.

At least thats fairly soft.

Also yes

Lost so many drill bits to Stainless until I caved and bought Cobalt bits

try get tungsten drills

I need some very thin sheet steel but that seems difficult

maded from tungsten ofc

B&Q? or is that not thin enough?

how thin ?

Usually for work we just go to a fabrication place. They cut it all in seconds

Like a half a millimeter

Ah. ok, Maybe not then.

that like 1 step up from foil 😄

0.8 seems about as thin as you can easily get

do it need be from stain steel or ?

But I also don't want to spend lots of money

It absolutely cannot be stainless

tryna think of something you could salvage

hmm... what is thicknes of steel that is on microwave housing

i think is for sure less than 1mm

Maybe a hard-drive enclosure, or a mount for internal computer things

@cloud summit That looks like a spam video so I'm going to remove that

Or casing for a cheap chinese PSU?

Ugh it's not spam

and what dimesion need to be? @naive violet

In fact anything from Ali Express with a metal casing

It's like a metal veneer

it this fit ?

Tiny, I need to make a 20mm x 20mm x like 10mm box out of it

0.80mm is thick

1/32" = 0.79...

need a link to it?

Ooh yeah Shim plates. Maybe a lockpicking place?

Or a coke can?

Can't solder to alu easily

Their whole channel looks like a content farm tbf

Hence spam

What are some resources you guys used to study for the a+ any suggestions?

Fore real james, What about a beverage can, or similar?

I'm sure Jabba has a few laying around 😄

I have 5 sprite cans and two monster cans

That would make James preject look ghetto (and awesome) AF

Alu

@naive violet does that pic fit you. since 1/32" is 0.8mm thicknes. jsut is 12"x12"

Ahh.. ok.

Too thick

ok. might find thinner

https://www.ebay.co.uk/itm/174301829016

It's available from china etc with a wait

Again, can't solder to alu

Needs to be non-stainless steel or copper

I got mixed up with the conversation 😄

Playing top golf and somehow a feasant has got onto the course

You can duck tape to almost anything though. just make metal duct tape!

Anyone?

Copper sheet actually seems reasonable if I get a tiny bit

@naive violet

https://www.ebay.co.uk/itm/403640390616 - Too thin?

https://www.ebay.co.uk/itm/224934677496

There we go.

Ah excellent

and it's UK based

Might be worth a call, The might cut it to the size you want

Damn caps lock

my cards for engraving are 0.5. you can get alu or stain steel

I've gone for 0.3mm

I want to be able to bend it to right angles with no hassle

oh that might be bit tricky

I have tools

also you can heat it to make more smoother benk with out be sradced to brake it

0.3 should be fine

wobble wobble wobble back to neovim configuration nightmare fuel shadow goes

Is there any way to bypass network access controls?

Thats a loaded question

Broadband smart hub ban thing

Yeah

Go talk to your parents

That won't work

It's like a 6th sense at this point, James 😄

They pay the bill @peak nova

Ok?

So it's their decision to cut you off

Ok

And you just have to live with that

But I'm asking how to bypass

That's unethical

I haven't had WiFi for 3 weeks

You're talking to us now

Yeah on a hotspot

Sounds like you're fine then

Nope im not home

No WiFi when I get home

It's unethical to bypass that block. You understand that right?

No

How is it

No harm to anybody

You don't own it

Because it's your parents decision to cut you off.

You don't have consent of the owner

K

I'll ask somewhere else

If you are blocked on it, you clearly do not have authorization to access it. Accessing that wifi without permission is very likely to be a violation of local laws regarding computer and network misuse

plus, if your parents find out, you could be without wifi for longer.

:hammer: sugg3st10n0124#0 has been banned.

Seeya.

whacka whacka whacka

https://tenor.com/view/boing-gif-6037249

I got a question for anyone who can help, what can u do with a ip address

oh boy

Look at it. Admire the history and technology behind it.

If you were to (ethically and with consent) try to hack them

then you know what to do 😛

Well, I'd first make sure I had full written permission from them

For most people? Nothing at all

well if ip is 192.168.0.1 then most like nothing

I just got an ip of a virtual machine i created, so if i did wanna get into it what would i need, (it doesn’t need to be with an ip)

Go to the console and enter the username and password

well... i might be close with guessing the ip lol

127.0.0.1? I've seen some really suspicious activity coming from that IP

linpeas.sh

where i will find this

in kali linux

google

no no

in tryhackme machine

It might not already be on there

The tryhackme attackbox is NOT kali.

lots of stuffs happening in here today

Ooooh new UI

Could say the same about you, Jayyy 😄

@chilly veldt check #873642346762350592

only seems to be certain rooms though

Woah new UI is HOT

Yeah i just went from linux priv esc room to a different one and only then did it change

is capstone red team good additonal practice for OSEP?

how from a Public ip adress , get inside a ,, network 🥺

Depends very heavily on the involved services, operating systems, users, protocols, security measures and the versions of each of those.

Plus some more stuff that I forgot to type out.

For what purpose?

checking network security (ethically)

Could you give some more context?

What network is it?

i'm still confusing , abt many things (in networking) , my question is just to make things clear for me : lets suppose i scan a public ip and i found some vulnerable service runing on some open port , by exploiting this service can you see whats behind this network ; and see other hosts ?

nice

hey guys

i got stuck in a question

this is the question,Using NVD, how many CVEs were published in July 2021?

and the room is vulnerability 101

Google

?

Depends if that host is connected to other hosts, and if you are able to exploit it to be able to pivot to said hosts

i did that , i didnt get the answer

Here's a great site for learning

#room-help is the best channel to ask this in

my level now is x8 , and still confusing

anyways thank you

:))

Level doesn't really correlate to your skill level

Yes , i know

this is true. I am level 8 (9 on the site), have only done the foundation paths + jr. pentester.

ive found a shortcut to root in a box and now ive missed a question from the room

FAK

@shut hawk

Tiny!

Ayy finally got to OMNI. Good weeks worth of content

Congratz

https://tenor.com/view/boing-gif-6037249

you ok?

Look at the bright, side, at least they are getting away from the fire.

and he is going to land on his feet at last

hi guys, im having trouble trying to connect into the tryhackme vpn, getting the same error everytime. Can someone help me please? 🙂 (Sorry for bad English, im from Brazil.)

#site-support

You guys think the dell percision 7530 will be good enough for labs on the go

thnks

That's a heavy laptop for being on the go

We run 7550s at my current job, I believe 7730s at my former, and they're 6lbs minimum

Done!

NOOO

They're very big

Fuck

Something like a Dell Latitude will probably work better for being more mobile

Done!

Hmm that’s true I didn’t really think about that when looking a laptop. I was just looking at specs. I will see if I can find one near me hopefully

The 7000 series also gets extremely hot, you literally can't use it in your lap

Just pressed "don't setup passkey" on Amazon and it set up a passkey ffs

Noice

I've had gift cards from December I forgot to redeem, which means all the money I just spent on Amazon was a waste 🤣

Have the expired?

No

Just redeemed them

But I ordered some stuff on Amazon this morning and I could have used the gift cards instead

This is fairly cool
https://www.youtube.com/watch?v=9pEqyr_uT-k

https://tenor.com/view/drone-smiley-gif-10494026

gg if it's against UK

what will win? hyper drone faster than f1 car, or DEATH BEAM

Final template cut. Damn, that was tedious

Next stage: Glue these to hardboard, and cut the actual templates.

Can you pop the attack box out in a completely seperate window or is it always going to be split view

But it's gone 9:30pm and I don't wanna annoy the naighbours

Yes, press the full screen button

What you crafting, esqy?

Forgive me, where abouts is it?

]

Esqy that's very good to your neighbors

Making some foldable wood chairs, to sell at a festival event thing. So all this work now will hopfully save a ton of time later

nvm

Eh.. I try to stop using powertools around 8pm

Literally me up till 4am screaming at a video game

My neighbours love my guitar at ungodly hours!

Thank you lol. For some reason my brain was only remembering the "ready in x seconds" portion of that

Gave +1 Rep to @mossy river (current: #6 - 1184)

C'mon Cipher - Get in the mindset! Click stuff and see what happens!

What scary is they had to use a special filter to see if

deleted account, help D:

woah :O i never knew that

How do I update my 0x level

on Discord

I normally do that lol.

do /verify

verify again or wait 24 hours

k ty

They put a filter on the camera, or a filter on the laser?

Filter on the camera

jesus

where does one acquire said filter

If you're verified when you level up in the site it will reflect also here, AFAIK

Takes 24 hours assuming the bot isn't being rate limited

Bots a little slow

Slow in it’s programmed mind

It's as fast as Discord allows it unfortunately. I would like to replace this with webhooks in the future

YAY quick nvim setups

Ugh, I need to cycle but I'm stuck on the couch

what cycle are you cycling to make the next thingy happen in the cycle???

or did shadow got that wrong???

Mine has been outdated for a day or two

But I'm in no rush to update

I'm just here to jam to music and d oTHM and practice Python/SQL and reward myself with a Helldiver match or two every few modules

My mountain bike attached to a trainer

I doubt that, It has been days since I leveled up and I was still 0x3. But its fixed now by manually verifying again. Thanks tho!

Gave +1 Rep to @blazing granite (current: #147 - 45)

ah so not something like the water to cloud life cycle

but biking

i really need to treat ctf's as something i can earn in the future from instead of now chasing cents playing stupid web3 games for mere cents

anyhow, how are you guys

Listening to classical music, what about you?

stressing about all things that need to get done that i paralyze myself and so not being able to get them done

nice

You can try listening to classical music too

yeah its peak life enjoyment

not exactly into it, but music might help ya

Sure. Just a reminder, you got this.

thank you 🙂

Is it possible to download vm that I uploaded on thm?

I don't have vm on my pc anymore and vm on thm is my only backup

I don't think so.

I like playing ctfs in the sense of solving a puzzle. Only huge organised teams usually win, so it's hard when you're trying to compete as one person

It's just a gamefied way to learn something new

I’d try to do all the tasks that are downloadable

Then do it when the writeups come out

hello i am new, i just finished the "introduction to cyber secuirty"

any tips which one to do next? and in general about the platform?

thanks

just a straight forward question, can i get a job in IT without being good at mathematics?

Tbh unless your creating software idk how big math is really in the industry. Prolly just your basic math. I could be wrong tho if anyone would elaborate

@cosmic pendant back in NYC

Beep Beep!

Toaster what is your thoughts

anygot a job in IT company and can share his journey?

lets say i learned all 14 paths in the home page, could i get a job with that?

It’s more about the real world experience

Umm. the best people know and use math

Everyone that doesn't use math, pretty much have to listen to the people that due

"Data Science"

All bleeping math

soooooooooooooooo

Too many beep beeps

@hot cairn personal chauffer here

NY driving is so fun

16 minutes for 0.7mi

https://tenor.com/view/taxi-elf-gif-4714302

I’m short, depends on what you do

In

wth, i downloaded aircrack-ng for windows, and windows defender classifies it as a threat

not sure if that's supposed to happen

the download is the zip from their website

God I love NYC

Never heard of that vpn

Ah hides your ip address from mass surveillance

Mullvad, Proton and IVPN are the reccomded VPN's here

Probably happens due to the signatures applied, I think you can just put it in a directory and mark said directory as “safe”

What about nord. Is Nord not good

Or Norton what ever it’s called

https://tenor.com/view/bender-futurama-laugh-sarcastic-fun-gif-12163274

Hm

I’m guessing that’s a no

No VPN will be 100%, but I suggest getting a good VPS and running your own OpenVPN through it if you’re just looking for extra security

can you explain?

Mullvad looks to be if you’re attempting to do something sketchy @crude stump

I was thinking the same lol

I mean they can all be abused by bad people so I don’t think it really matters

why is nordvpn considered bad? asking for a friend 😛

Depends on where the company is located. Some nations have laws to give a law enforcement agency access to specific data

Something like Mullvad may not be in a western nation and can be “more secure” because it falls outside those rules, even if they’re using the same encryption

That sounds like a hint if I ever heard one 😂

It’s all just research brother man 🤷‍♂️

I just still hold a grudge against using Nord for their 2019 data breach 😂

No VPN is good or bad, just a tool to use. Depending on your intent with said VPN, there’s better and worse options.

Found it quite comical that they were dumping a hell of a lot into ads at that time, you’d see an ad claiming ultimate privacy and protection and they’d still be recovering from a data breach lol

meh, trust no one - sell everything. live a Fargo life, in a remote shack

All a VPN does is just shift the point of trust

Fuck Nord cause. . NORD and apart of 14 eyes.

14 Eyes? 🤣

There's nothing that keeps you 100% anonymous, all a vpn does is stores your current IP in it a "box" while replacing it with a "disconfigured clone". When you stop vpn, the clone vanishes and your real IP is released from the box During this time, your clone IP can be traced by to a provider like Nord, then they can see which IP was assigned to that specific clone ip

Yah, 14 eyes. Look it up.

Im aware of what it is, just not sure how NORD plays in

it also classifies it as a "Tool:AndroidOS/Multiverze" threat

idk really weird

That was the point I was making above in terms of Nord

Yea a quick google search implies nord is outside 14 eyes

yeah nordvpn promotions on youtube are everywhere

even on random small youtubers

currently reading through the mullvad page 😄 never heard of it before.

Hey everyone! 😄

dont think they pay well either, probably those ppl/small youtubers have no other company willing to be sponsored by them

But it’s their big break, they got noticed by a company 🤣

but yeah i guess it's a strategy that works

There’s always Raid shadow legends amiright

cause i'm sure NordVPN ain't losing money

Matt, are you sure it's apart of 14 eyes?

*Sorry, my mistake for my terrible comprehension

big difference between apart and 'a part'

He was giving a point of why not to use it, I think in that context it’s been taken he meant ‘a part’

I'm confused, wouldn't be that a for argument to use it?

https://tenor.com/view/max-verstappen-spade-epic-star-platinum-gif-11475980664847684296

'a part' means 'a component of'. 'apart' means 'separate from'

du dududu

Yeupp, I'm aware now

it's one of the fun grammatical corners of english

don't make the same mistake in a pentest report

i love it also when vpn ads are like "your connection isn't private!!! You're currently connection from [insert city here]" and it's not even the city you reside in roflmao

but besides the databreach from 2019 i can't find anything concerning regarding nordvpn.

nord gets breached about once a year

arguably, your data is more at risk using nord than by trusting your ISP

im quite glad I made the mistake here and not somewhere more important tbh thanks lmao

Gave +1 Rep to @whole yew (current: #10 - 735)

thought it was based on some sketchy country but it's based in Sweden lol

english isn't quite like some other languages, where you can skip spaces and have the same meaning - you have to think in terms not only of contextual use, but where the root of the word comes from - greek, latin or german. If you combine a greek root with a latin prefix or suffix, you may not be saying what you think you are.

For added protection you could also implement proxychains using termunal before setting up a vpn connection

english is a funny language, like when you add "in" to a word:
in - competend -> oposite
in - valuable -> more valuable
in - flameable -> means the same.
just random.

I guess Sweden is where piratebay was created...

Yeah, and I should really know that having grown up in the country for 17 years

"in" is a prefix from both greek AND latin - it's meaning is dependent on the origin of the root you attach it to

blame the medieval scholars that came up with this bullshit, honestly

vpn talk again???

nordvpn failed to secure their servers so some hackers had potential to mess with their servers and do bad things is nubmer one problem with them
problem number 2 is they are focusing more on marketing instead of actually providing a good product that works

mullvad is generally trustworthy and setup in such a way to minimise the data they have on you.... same with ivpn but ivpn takes it a few steps further in shadows eyes

protonvpn is decent and can be bought in a bundle with protonmail and protondrive( or whatever it is called )

I've often used Windscribe for the minor stuff I need it for

windscribe is also trustworthy if shadow recalls correctly

Neutrality can have benefits 🤷‍♂️

How about Private Internet Access vpn?

Does the average internet user need a VPN?

What about Norton vpn

wellllll

I'm in classes for my AAS in Cybersecurity, and we haven't really touched on VPN's yet

similar problem to nordvpn in focusing on marketing instead of good product.... not to mention they also require a lot of info from you to get an account

Was that to me?

depends on policies around trusting isps or not

Think they classify it as "Ultimate"

well norton antivirus and products are a mixed bag of stuffs

I don't do much besides game and surf the web. School too, obviously

Only time I ever heard a recommendation for a VPN was when I torrented movies and what not years and years ago lol

assuming you use gog or steam for games you are probably fine with windows defender and skipping a vpn then

No

Yeah just Steam mainly

Most people who do use VPNs also use them poorly, so the security 'benefits' of the VPN are not actually in use

Origin here and there. Epic too for some of the free games they give away

i get the point that nordvpn invests a lot in marketing, but so far i was not able to find any info about it doesn't what it is promising, besides the breach in 2019.
you have any source i am missing?

Wait so then why would somones need a vpn.

there is also a problem with antivirus programs merging and becoming one singular massive company nowadays

Depends really. On average no, but it can be useful for if you like shows from other nations. I'm a Tokusatsu fan for example, and enjoy some Japanese games.

But most people don't, it's nice to have a basic one just in case you need it.

Also it's fun to switch counties, go to google, then search news

Paranoia, legitimate security activities, region locked stream content that doesn't have a TOS clause saying your traffic has to originate from your location, etc

Yeah I've heard that too, to get around region locks it can be useful

What's a nice basic one then?

In case I decide to go that route

Proton is reasonable, and makes payment easy.

Multiple reasons, I suggest looking into site to site VPNs if you wanna wrap your head around it as a tool. In most people’s cases though, they want an encrypted tunnel to access the internet through

yeah good way to escape your regional info bubble...

well could start of listing all the people that try to get around content region restriction and how that is breaking tos and that nordvpn markets towards that..... though don't have a lot of info as shadow don't trust nordvpn due to the ammount of data they collect on you to give you their service on top of said problem with focusing on marketing....

a good product should not need to market it self as heavily as nordvpn

The thing about using a VPN, is that if you don't understand OPSEC and how to manage your traffic, you're going to leak data. I have heard of people using a VPN (poorly) and getting busted by Netflix and the like for TOS breech

Really is honestly. You can see what is the trending thoughts of an area. I trust news at face value about as much as I trust a dog with shaving cream on it's mouth.

shadow has mostly used corporate and school vpns

i.e for connecting their local home device to a remote network to access machines on said networks

another example with that would be to point straight at the tryhackme vpn

Using a VPN for company business is very different use case than for personal

yuups

Typically the corpo vpn is to provide access to network-secured devices and assets that should not or cannot be made public

but it is one of the main uses for vpns and their intended purposes in most instances... though now people are using vpns to get around stuff or group their ip with other users using the same outgoing vpn server

What's up people...

Making oxtail today

and Chili Verde

People are people

sounds interesting

shadow just finished avatar the last airbender

movie?

can now return the blu rays to friened

OG Cartoon?

hahahhahahahaaaa nope... the original cartoon

ah, i see

The only Avatar there is

No there’s a movie avatar

Everything else is blasphemy

incorrect... there is also legend of korra

Heresy

Nooo

That counts too. I was just taking shots at the live actions

i'm listening to classical piano and was going through some old photos. some things are better left in the past, ha. happy to be alone, in my room, with good online people....

it was good and really enjoyable

Uncle Iroh is the man I hope to be as I age.

Minus the tragedy

also for the people still here questioning if they need a vpn... here you go: https://www.ivpn.net/blog/why-you-dont-need-a-vpn/

so the best tea shop owner in the country???

need a VPN for what? (i'm probably unearthing a dead horse right now, haha)

Luckily I'm not people. I'm a people substitute

Wise and caring in advising the youth.

But yeah, I'd love to rock a tea shop

yeah, i would assume. it sounds like i entered the chat just after they had a conversation about it

Man Python is really telling me I need to learn math again...

Algebra I haven't touched in 20 years is saying hello

i used to run VPNs, but then realized i didn't need to based on my use cases. in any case, i think they're just another tool with pros and cons

hahahahhaaaa privacy is a good luck if you rely soly on a vpn

privacy needs a lot more steps and thoughts to work out and not just a vpn

and for some threat models a vpn just makes the problem stagnate or sometimes even worse

with all that VPN talk i need to look up some things this week. Thanks @sand trench

Gave +1 Rep to @sand trench (current: #4 - 1652)

And then you get into tor networks

yeah, exactly. like if you just want to hide your traffic from your ISP, etc.

yep, exactly

i watched a defcon talk the other day exactly about that topic 😄 using a VPN alone gets you on a list, because you could hide something.

it gets you on a list? in what country?

shadow is already on at least 3 lists for 3 letter orgs

one for downloading tails

another for downloading tor

and a third for downloading i2p

man, then i guess i'm on the lists too.... LOL. I downloaded and ran Qubes for 8 months, so yeah... (i can feel juun coming in to scold me for mentioning that i ran qubes, btw)

probably any gov agency which can get their hands on this kind of information.
beeing on a list is not a bad thing. the bad thing is if the list is short 😛

yeah me too

okay, so the talk didn't have any hard evidence, it's just a a guess?

let me just double check that before answering that 🙂

just curious. because as soon as the government starts making lists, i get freaked out. but i suppose i already know they've made numerous lists in the past, but this is treading on politics, so i'm gonna back out now, LOL (switching topics, hahaha)

no worries man, don't worry about it. it's not a huge deal

not sure if they have a way to get you added to a list if you download or use qubes

but tor and tails have ties to NSA so they have setup lists for it

though keeping the game of throwing more and more and more stuff on a list to know interesting peoples is kinda funny

it is like looking for a needly in a hay stack and throwing more hay on the stack

yeah tor is better for anonymity and by extension privacy then a comerical vpn... though at that point you will find a lot of interesting issues

so you telling shadow it was a bad idea to search for second hand old chemists books???

now know how to make explosives at home but obviously never tried

slides about leaked documents from different agencies are in the slides so i think that is proof enough 🙂 if you are interessted the talk was called "Zoz dont fuck it up"

thanks man. you didn't have to do that, but i appreciate it

Gave +1 Rep to @nova pollen (current: #258 - 19)

i might check out the talk later

i'm kinda' tired, gonna step away

just realized it is getting late here, i should catch my remaining 4 hours sleep before work starts 😄

#911757840887197756

also exists

had to do that to unarchive it

The aoc channels were pretty active in December

It'd be slick as hell, if THM did layouts of practice sessions that could transition levels. Like, if we did the red teaming exercise room, if after completing it, maybe it'll ransition into a blue team type challenge. Where you started off as attacker but had to adapt quickly adapt to defend your own system.

sounds like king of the hill to shadow

also known as koth

where you compete againt other people on here to hack into a server and defend it

Can someone help me with my lab, please?

For what?

School?

For school, I needed to do a lab on tryhackme, but I am stuck on how to start.

Kinda yeah, but except where you try your best to remain undetected as a solo hacker, and the moment your detected you'd have triggered a "self defense script" that would analyze your behavior and attack you as well. Sounds like KOH, i know. I can't find words to describe it exactly

we are not allowed to help with school work as it could be considered cheating... ask your fellow student or your teachers if you need guidance

if it's for school, you should ask the instructor

many of the rooms for school customers are custom, and are different enough that the public room doesn't really match up

Thank you

I guess I would kinda want it set up like you were an aspiring hacker who got contacted to complete a legit and legal penetration test. Unknowingly, you were caught in a phishing attempt by an "unknown group" like "crabkank" (crabanak) and were paid in Bitcoin to complete tasks, but they turn against you and forge forensics against you. So now, you switch to defense mode and have to try to prove your innocence

that sounds more like you wanna have a game instead of normal hacking stuffs but fair enoughs

Honestly kinda the point right? To target younger audiences, offer more of a "quest like" gaming experience to train those starting out? Instead of increasing machine time, have an unlimited instance. In where your starting point is based on your experience.

hope you do realise what a huge project creating that would be

Do you realize what a huge project tryhackme was? And how many people at the time also thought it to be a waste of time?

search for a rockyou.txt

what is the command

Isn’t that what THM is?

i wanna search it in my linux i am using attackbox

yeah not saying it is impossible.... just that you will have to break it down a lot and chip at it for a long time to get it where you want it... tryhackme did not spring up over night so to say

Tockyou.txt is a list of passwords that tools like johnebthe ripper use

i wanna use rockyou

to find the file on your computer??? find / -iname "*rockyou.txt*" 2>/dev/null

ty

alternativly locate rockyou.txt

Installing Ubuntu on my fiancees old school laptop

though that could fail if the database of files is not updated recently

Wish me luck

It’s a good teaching platform but definitely different than the wild and closer to a game

oh.... wanna have an explaination of the find command???

yoa to define the directory of rockyou.txt. if it isn't installed in your system or saved as a .txt you will need to fix that

redirect standard error

so it sends all the errors to the void

meaning if you are not root your list of files do not get spammed by errors

you have to define, sorry using my phone an I'm a bit tipsy. Stupid small screen and double letters

if it is not installed you probably know where rockyou.txt is after downloading it

ah tipsy would explain why you are planning out such a huge undertaking in chat here

Honest opinoon, would that be, in your opinion, a feat to pursue?

@cosmic pendant I do NOT miss NYC

Fucking idiots

lol

I know lol, revealing a million dollar idea I'm gonna have to sue someone over later 😂

@hot cairn is my witness, idiotic driver's, person trying to get into my car. And the pedestrians....

they are "drunk"

Crossing when not supposed to, I laid on my horn while going through an intersection because people are idiots

They are both, I'll shut up now

come to swe swo instead

Swe swo?

¯_(ツ)_/¯

Ah gotcha, swe swo

swe == shorthand for sweden

dunno what swo was meant to mean

it just sounded funny to say

Ee er

Swe swo

Sorry, guys. Just trying to have fun and be creative.

me tired

400 KM travel today

no problem... you are not hurting anyone

except maybe your own dream when you wake up later but lets not focus on that

Lol, not even god created everything in one single day, it took him 3 days, so based on that, maybe I can have my project up and going in a month or two 😂😂 Jk by the way

Been learning python for a couple weeks for my college courses and man

Man is it a headache to remember

Personally recommend python, it's a pretty common language

note taking note taking note taking

Bad at note taking but I have a cheat cheat saved on my phone for coding

Don’t get me wrong it’s cool, but man, I suck at it lol. The math is what gets me

what is the differecne between 7 day streak freeze and 30 day streak freeze?

They're the same

Once is received at a 7 day streak and the other at a 30 day streak

i got 7 day streak badge... if i reach 10 day streak and don't open thm for 3 months.. will my streak remain same?

No it only freezes for 1 day

if i miss one day, will it reset to 0 or 7?

Whatever value your streak is at the time

@fresh ivy

i already read this.. still it is not clear there.

How do you guys order your notes?

whatever value means.

0

no, that's only if you don't have a streak freeze.

Right but he said go away for 3 months

@fresh ivy https://www.youtube.com/watch?v=3RxMJc0anIM same concept

Responding to earlier messages only makes it more confusingf

wait there is streak freezes on duolingo and tryhackme???

I was replying to his latest... but I'll just leave it be

on completing 7 days streak, they rewarded badge, streak freeze and access to network... what does it mean by "access to network"??

Yes. It's saved my but on duolingo a few times.

access to the free network rooms as a none subscriber

Are you fr?

thanks

Gave +1 Rep to @sand trench (current: #4 - 1653)

anyways before shadow headdesks on this desk they are gonna go meep moop sleep sloop to the beep boops..... also +rep @mossy river

Gave +1 Rep to @mossy river (current: #6 - 1185)

thanks

sorry you can only give a single rep point every 5 mins

😄

Well uh

I just dual-booted my laptop for school lol

Installed Ubuntu alongside Windows

ew, windows

yea ew windows (i have w11 dual booted)

it won't be long til you're fully indoctrinated and toss windows out for good

my guy

at least use 10

came preinstalled bro dont blame me

we're holding out still, lol

hoping 12 is released before 10 EOL

I can see why people prefer Linux

But I personally don't have issues with Windows lol

I really only game and do school on it, but now I have this to do school on

Which is better anyway, cause I'm in a Linux class lol

yeah whatever works --- i'm just always gonna shit on microsoft when i get the chance, lol

I don't blame you lmfao

not even too fond of ubuntu, myself

What flavor is your go to?

somewhat anti-consumer, but nowhere near the same degree as microsoft

i bounce around but lately Fedora KDE for the desktop and Alma for servers

(both RHEL family)

My teacher uses Fedora, yeah.

I'm just learning the basics of Linux, so I opted for Ubuntu since lots of people say it's very user friendly

honestly haven't used it (fedora) in years and just tested it on a whim, and it happened to be the best out of the box experience i've had in years so i kept it

you can get the same "feel" with other distos, as long as they use gnome/unity/whatever, but so much of the documentation online covers ubuntu cause that's what people default to 🤷‍♂️

more documentation is always good

I will have to play around with other distros

mint is also fairly common on the beginner side, and has the added benefit of less Canonical-crap and Snaps and such

not my style but very common

+1 for Linux Mint, it works well for the average user who doesn't want to mess with the terminal so much

what about kubuntu

with a windows like feel

kde yes ubuntu same negative feelings

also oddly enough i've always had weird issues with kubuntu when using dedicated graphics

to be a cybersecurity analyst do you need to be a good programmer?

nop

you should be competent with technology in general though

but yeah programming isn't a major requirement for an analyst normally

Im majoring in CS with a concentration in cybersecurity and data assurance. I feel this is more IT than CS fr

CS is often lower level, but some unis are weird with it

(lower level = higher complexity/more detailed)

FR I am competent in python but I want to use linux and powershell more because that would probably benefit me a lot in this industry.

i mean, there's nothing really stopping you

i didn't learn a damn thing from uni

gotta learn to learn [on your own] at some point

thats what all my peers told me too

our degree just teaches us theory

not as much practical stuff which sucks

Uni can be good for making connections and improving your networking skills, other than the free benefits you could claim as a student (Github Student Dev Pack)

absolutely. there are benefits. i just didn't learn anything from those classes, lol

networking is a big one, as long as you talk to people

i dont go to college, but im work at isp company, very grateful

The website was updated a few minutes ago 😮

wdym

Well, it was updated but looks like it either reverted or I just got onto another host and don't see the new layout anymore 😮

all the answer buttons were different... and there was a new view from the top of the rooms where you could reset progress.... 😮

wonder what they're cookin up

it looked quite good.... But had a bug that it opened the split screen view all the time when starting and stopping machines... Which was quite annoying... So I gave the feedback and maybe that caused the rollback? 😄

hmm... Or maybe it was just the room https://tryhackme.com/r/room/activerecon ?

Morning

m

It's only some rooms that has been hit with the new UI due to a rolling update

I really hope the split screen bug gets fixed though....

It will!
Thanks for reporting

so tired i forgot what dns stood for for a second there

Someone know that and can give insight ? https://flipperzero.one

I have two sitting on my desk... 🐬 🙊

Give what insight

Is it worth 165$ ? Does it works ? Idk ..

Depends on what you want to do I guess

It works perfectly as a mouse jiggler 🙂

But $165 for a mouse jiggler might be a bit overpriced 😄

Probably doesn't work for putting a nail in a wall

As it's just plastic

thm: subscribe and your machines will deploy quicker!

*still makes you wait the entire minute*

.... That's how long a VM boots up and starts the connection setup, tell that to AWS

i get why ofc, just never realized the site claimed that til now 😶

it does? 😮

been subscribed 90% of the time until now so never got the msg

Hmm i see !

So yeah, what do you want to do, since you're looking into getting it

We can't give insights if we don't know what you want to use it for

That’s ok don’t worry , by insight I meant interesting personnal experience that can give me reason to try it as a curious geek guy. But yeah don’t worry , maybe I was not clear enough and it’s not a big deal at the end. Thanks by the way

Gave +1 Rep to @chilly veldt (current: #8 - 816)

I tried to clone my garage door key, which didn't work....

I tried to clone the key for my apartment building door, which worked.... Always good to have a backup 😄

oh hey

i've got the new view up

big improvement

Ah ah that’s interesting 😉 I’d love to have a backup of everything 😉

Boots quicker

Also apparently it was some major aws bug

but you have to wait a minute regardless 😶

didn't realize there was a bug tho. just used to them being slow sometimes

Yep and they usually take about that long to boot

Or longer

would be interesting to see the backend.

Just hit the button when you start reading it will be done before you 😄

what if you can't read

asking for a friend

Use a screen reader

ask chat-gpt to read it for you

I enjoyed testing the new UI layout.

Hi everyone.

Helloooooo

but I'm too lazy to read the ChatGPT output!

Saw some rooms with it, looks like it's in canary mode for now

Yeah. There is a small list just now, I've only seen one or two.

Oh right that reminds me I need to update a couple things on my room