could give it a few more, but haven't had the need yet
#general
naive violet
I like having the cores for vs code etc
sick lance
My Windoes vms have 12Gb eacb
cedar island
Alright cya guys later I gtg now
sick lance
Each*
uncut cove
My Windoes vms have 12Gb eacb
what do you use as a hypervisor?
naive violet
so far I keep notes outside the vm
I do that, but sometimes I need a full editor for scripts etc
vast zinc
why I am stuck at level 5
shell nova
ye
sick lance
what do you use as a hypervisor?
Vmware workstation pro
sick lance
why I am stuck at level 5
Re verify
uncut cove
Vmware workstation pro
thx need to try it. do you use flare vm by any chance??
twin ridgeBOT
Gave +1 Rep to @sick lance (current: #2 - 2031)
vast zinc
nah I kinda used to it now
sick lance
thx need to try it. do you use flare vm by any chance??
I do. π
shell nova
I do that, but sometimes I need a full editor for scripts etc
probably not a bad idea to shove a codium on it
vast zinc
sick lance
You lose out on the advanced channels
uncut cove
I do. π
oh wow can I ask you a question about the installation process?
did you have any difficulties with the ps permissions for Set-ItemProperty? Cause I have these, even after I set them according to the guide
shell nova
current linked account says 0x5
vast zinc
sick lance
oh wow can I ask you a question about the installation process?
did you have a...
No, I turned off the av and it was straight forward.
I used Terminal emulator though
Multiple accounts...
gray sonnet
current linked account says 0x5
Better discord π or? it does look like they have access to it though...
shell nova
probably
uncut cove
No, I turned off the av and it was straight forward.
I used `Terminal` emulato...
ok thanks, gonna try this one
shell nova
Better discord π or? it does look like they have access to it though...
given their roles they shouldn't
gray sonnet
yeah
wintry sluice
Multiple accounts...
gray sonnet
that's why my train of thought went straight to better discord
shell nova
oh these
you do realize that third party clients are not allowed by Discord ToS, and that it's a bannable offence here, yes?
lavish shell
https://tenor.com/view/fbi-fbiopenup-carlwhitman-gif-19586039
I hate when that happens lol
vast zinc
you do realize that third party clients are not allowed by Discord ToS, and that...
what's third party clients
gray sonnet
I hate when that happens lol
π€¨
gray sonnet
what's third party clients
a client made by not the owner of the original client
third party*
shell nova
what's third party clients
BetterDiscord, for example
vast zinc
I didn't even knew about that
gray sonnet
some owners allow third party clients like reddit...but not discord
vast zinc
oh
gray sonnet
Yeah
uncut cove
can I send a track here?
gray sonnet
what?
shell nova
eh?
vast zinc
chill guys I am trolling btw , my friend is god not me
wintry sluice
can I send a track here?
train tracks can be dangerous. please do not redirect them
shell nova
mmhmm
uncut cove
train tracks can be dangerous. please do not redirect them
oh the trolley problem
but I'm talking about music, haha
shell nova
jots things down in the mod notebook
wintry sluice
Mod OSINT. a terrifying thought
wintry sluice
advanced sorcery
shell nova
Mod OSINT. a terrifying thought
oh we have notes on everyone
vast zinc
naani
shut hawk
oh these
It's impossible to view messages in hidden channels even with a third party discord client, so because the new message icon is showing it can't be an external client
vast zinc
so all other channel are for beginners
vast zinc
It's impossible to view messages in hidden channels even with a third party disc...
but not when u get god level right?
shut hawk
when you get god level you get access to the advanced channels, yes
cedar scaffold
advanced sorcery
shell nova
It's impossible to view messages in hidden channels even with a third party disc...
a fair point
vast zinc
I think there should be more 2-3 level coz god is easy now
advance is not worthy of god
wintry sluice
takes commitment to get to god
vast zinc
takes commitment to get to god
I have seen many get god in 3-5 months
sick lance
you can't get to god in a weekend
You probably could,
vast zinc
nah I am being practical ofc not in weeks
sick lance
There is enough free rooms and rooms with extra points.
You'd probably be flagged though for auto-cheating.
vast zinc
You'd probably be flagged though for auto-cheating.
yes
shell nova
I mean if you answer dump then yeah
shut hawk
It's 20K points right?
vast zinc
There is enough free rooms and rooms with extra points.
that's why I thought it would be great idea to have each flag unique
sick lance
It's 20K points right?
Yeah
vast zinc
no copy from others
sick lance
Dynamic flags are tricky.
vast zinc
that's why I thought it would be great idea to have each flag unique
or getting changed every 1-3 months
vast zinc
Dynamic flags are tricky.
wanna know why
lavish shell
I wonder if they keep notes of our techniques and exploitations used for challenges.....
sick lance
I wonder if they keep notes of our techniques and exploitations used for challen...
THM?
shell nova
Dynamic flags are tricky.
Muiri had tried on a room once, but it required an external service
sick lance
Muiri had tried on a room once, but it required an external service
Yeah, I remember that one, needed to E-mail them.
shell nova
I wonder if they keep notes of our techniques and exploitations used for challen...
nah, but you can
shell nova
wanna know why
requires infra to know how the flags are generated, and where they belong
vast zinc
Muiri had tried on a room once, but it required an external service
respect for muiri π
wintry sluice
nah, but you can
note to self: should not use attackbox. never know who else may be watching
uncut cove
logging of a dynamic cluster is a pain in the butt, so I doubt they do it
vast zinc
logging of a dynamic cluster is a pain in the butt, so I doubt they do it
I thought they did that in redteamcapstone
shell nova
I mean they monitor usage of the attackbox
lavish shell
*note to self: should not use attackbox. never know who else may be watching*
Good note, and it has been noted π
sick lance
I thought they did that in redteamcapstone
Red Team is different, you need to place your Username and unique ID in a file.
uncut cove
I mean they monitor usage of the attackbox
but does it mean collecting, storing and analyzing all event logs?
shell nova
mostly CPU, memory and network
uncut cove
or it's more like passive (or active) detection of something that's outside the term of agreement for the AttackBox
sick lance
The file is read, and then the flag is E-mailed to you, it's not dynamic, they can just check if the account has obtained the flag was legit and not copy/pasting
shell nova
if the attackbox starts attacking outside the THM network, that probably gets flagged
and the user may get site-banned
vast zinc
shell nova
it's a Ben, hide!
lavish shell
Site banned? Not account banned? I mean, surely not just a simple IP ban?
shell nova
account banned, same thing
sick lance
none of them are mine π
lavish shell
More or less just making sure it wasn't just IP ban. That's all I'm saying on that topic
vast zinc
atttack boxx ugghh
sick lance
More or less just making sure it wasn't just IP ban. That's all I'm saying on th...
I don't think THM disclose their banning poilicy, but you look hella sus right now.
shell nova
none of them are mine π
aint mine either, but I can spin something up if you want π
uncut cove
The file is read, and then the flag is E-mailed to you, it's not dynamic, they c...
the flag static, indeed, but they create and terminate machines, and in the case when they are able to read the terminal logs of every AttackBox they created, then there must be a separate storage and a way to extract them in real time
because when a container dies, its logs normally dissappear
shell nova
it's not containers
rapid merlin
the flag static, indeed, but they create and terminate machines, and in the case...
hoi4? what a nerd
sick lance
the flag static, indeed, but they create and terminate machines, and in the case...
Whay if the user doesn't use an attackbox, but their VM?
lone thistle
hoi4 is based
shell nova
too smart for me
lavish shell
anyway see you all later
sick lance
too smart for me
Nah. must be an age thing.
gray sonnet
Hi Ben π
uncut cove
hoi4? what a nerd
wintry sluice
to much management for me
shell nova
Nah. must be an age thing.
we played Diplomacy at lunch at work a long time ago
wintry sluice
~600hrs but only 36 achievements? for shame
uncut cove
Whay if the user doesn't use an attackbox, but their VM?
Then they have to connect to a VPN
So these are VMs? But what do they run on?
shell nova
AWS I imagine
frigid stream
π¦
sick lance
Then they have to connect to a VPN
So these are VMs? But what do they run on?
AWS host the VM's.
vast zinc
we played Diplomacy at lunch at work a long time ago
40+?
shell nova
with a bunch of VPCs to manage the access
uncut cove
Oh so EC2 instances with buckets, probably... thanks
vast zinc
what you'll consider peak age
uncut cove
~600hrs but only 36 achievements? for shame
meh I used to play mp and mods
vast zinc
dyam I got the motivation to be a god level for that advance channel
uncut cove
what you'll consider peak age
iT dEpEnDs
but I think it's the time when someone's in their best capacity, which still can't be completely measured by anything
How thoroughly do you take notes of your rooms and what tools do you use?
sick lance
Depends how well I know the material.
notes, screenshots and a I use a terminal recorder.
uncut cove
notes, screenshots and a I use a terminal recorder.
you mean you dump your console commands?
sick lance
you mean you dump your console commands?
Yeah.
uncut cove
cool
what tool do you use?
shell nova
and here I am copy-pasting like an idiot
uncut cove
googling led me to https://github.com/asciinema/asciinema
sick lance
That tool.
sick lance
and here I am copy-pasting like an idiot
Asciinema can record the terminal, and allow you to copy and paste from it.
shell nova
that one had issues with wayland, no?
uncut cove
I want to create a knowledge base of my rooms in Obsidian, but it looks so scary
dim dirge
I want to create a knowledge base of my rooms in Obsidian, but it looks so scary
you should use joplin is easier
obsidian is just too much
shell nova
https://asciinema.org/a/599750
I don't like that it uploads to a third party
uncut cove
you should use joplin is easier
looks like Notion to me
I want to use Obsidian to create a node, its visualisation levels are through the roof
sick lance
I don't like that it uploads to a third party
You can save it locally.
vast zinc
it would be great to have notion and obsidian linked so that we can use both of them
without import/export
gray sonnet
Mine is just a circle
uncut cove
it would be great to have notion and obsidian linked so that we can use both of ...
ur a maniac
but I think it's possible
vast zinc
nah I am kinda used to notion butt I like obs ui
uncut cove
what do you do in notion? knowledge base?
vast zinc
what do you do in notion? knowledge base?
nani
vast zinc
what do you do in notion? knowledge base?
notes like methodoly, process , enum etc
uncut cove
I just want to understand how it is possible to get used to notion
vast zinc
and can't use both in windows host , defender detect and delete it
uncut cove
using it for 2 years now and still can't, but it's very flexible
sick lance
Notion is good, until your notes are deleted, or you turn it in to a C2
vast zinc
Notion is good, until your notes are deleted, or you turn it in to a C2
deleted how?
uncut cove
for a ticket board it has very little room for SLAs, analytics, metrics etc.
maybe they can be integrated through some third-party services, but I haven't seen any successful cases yet
glass nest
@pallid lotus --> https://www.youtube.com/watch?v=1M2UzQYwbxE&ab_channel=JohnMalecki
shut hawk
Notion is good, until your notes are deleted, or you turn it in to a C2
Wait, notion deletes your notes?
sick lance
Wait, notion deletes your notes?
They can do.
Ask Meggy.
chilly veldt
Notion is good, until your notes are deleted, or you turn it in to a C2
same with obsidian, getting your notes deleted while you're in the middle of your cert exam 
sick lance
same with obsidian, getting your notes deleted while you're in the middle of you...
Wasn't that Spooky?
chilly veldt
yup
brisk tree
same with obsidian, getting your notes deleted while you're in the middle of you...
oh thats rough
shut hawk
Muiri has that too, no?
chilly veldt
moved from obsidian to trilium
uncut cove
same with obsidian, getting your notes deleted while you're in the middle of you...
but you can host your node locally
chilly veldt
yeah... that's how it got deleted
shut hawk
It's plain md so AV can see it and wipe it
chilly veldt
spooky got their notes deleted by windows defender
wintry sluice
backup to github or similar.
problem solved
sick lance
For their OSEP exam.
chilly veldt
or... trilium which encrypts your notes
sick lance
If I fail this exam, I'm going to be so mad...]
uncut cove
yeah... that's how it got deleted
what happened?
chilly veldt
If I fail this exam, I'm going to be so mad...]
... I hate these questions π
sick lance
... I hate these questions π
They're really bad...
chilly veldt
what happened?
windows defender thought it was malware and said "YEEEEEEEEEEEEEEEET"
chilly veldt
They're really bad...
big time
vast zinc
dyam I got the motivation to be a god level for that advance channel
I asked my friend about advanced channel he said it just a normal channel like general but with god levell nothing special
losing motivation
sick lance
I thought you were already 0xD?
chilly veldt
you get access to a lot of fun talks though
uncut cove
I thought you were already 0xD?
0xG
vast zinc
I thought you were already 0xD?
oh thx
twin ridgeBOT
Gave +1 Rep to @sick lance (current: #2 - 2032)
vast zinc
you get access to a lot of fun talks though
ofc my friend is one of the first god in this site
sick lance
ofc my friend is one of the first god in this site
Bold claim.
vast zinc
Bold claim.
how many time I told you thing which turn out I don't lie
grizzled crystal
Or does he use Triluim... π€
did someone say trilium
sick lance
how many time I told you thing which turn out I don't lie
If you say so.
sick lance
did someone say trilium
Yes!
grizzled crystal
i love trillium
so so good
although i am a bit jealous of the obsidian canvas feature..
mossy river
I asked my friend about advanced channel he said it just a normal channel like g...
Itβs less restricted so you can talk about topics not allowed in here
vast zinc
I am also testing obs
grizzled crystal
slay
shell nova
If I fail this exam, I'm going to be so mad...]
ROFL
vast zinc
If I fail this exam, I'm going to be so mad...]
happened to me I was god in maths, physics but very poor in theory exams like history etc
sick lance
I could graduate with a BsC this year π¦
grizzled crystal
here's mine, all of those unconnected dots are really funny
vast zinc
here's mine, all of those unconnected dots are really funny
how unconnected
sick lance
happened to me I was god in maths, physics but very poor in theory exams like hi...
Doesn't Physics have alot of theory?
grizzled crystal
i have a lot of unconnected notes
vast zinc
Doesn't Physics have alot of theory?
but with logic
sick lance
but with logic
And history doesn't have.. Logic?
chilly veldt
history is memory
grizzled crystal
i guess physics is a bit more intuitive
uncut cove
not modern historical science though
I think we find interesting topics or lessons easier
vast zinc
what
shut hawk
And history doesn't have.. Logic?
Humans haven't made the most....logical decisions
wintry sluice
Humans haven't made the most....logical decisions <:kekw:658061932577816606>
but generally, on average, in history a cause comes before an effect
shell nova
And history doesn't have.. Logic?
History is too human for logic
vast zinc
if we could prove logic In history there would be no wars
vast zinc
history*
vast zinc
we can prove the earth is round; flat earthers still exist.
no they are just trollers
not real
wintry sluice
history*
yes and there will always be those who believe the mainstream consensus is a pack of lies
vast zinc
that's dehumanising
I know one personnaly
deep down they know they are wrong but they won't accept it
wintry sluice
no, some if not most are true believers
uncut cove
yes and there will always be those who believe the mainstream consensus is a pac...
I think it comes exactly from this. First people get dissappointed in mainstream consensus, and then they're in the pipeline towards Ancient Aliens or flat Earth
vast zinc
I told you they will never accept it to person , not even accept it themselves but they know they are wrong
mossy river
I told you they will never accept it to person , not even accept it themselves b...
There are a lot of flat Eathers who have proved itβs round and accepted it.
uncut cove
I told you they will never accept it to person , not even accept it themselves b...
these theories base themselves upon blurring the concepts of "right" or "wrong"
and for example even if someone proved to the flat-earther that the earth is round, well it may not be enough
vast zinc
There are a lot of flat Eathers who have proved itβs round and accepted it.
yeh π€£ its always funny to me when flat earther try to prove that earth Is flat but turn out its not
chilly veldt
there's actually flat earthers that used 20000 USD to prove that it's flat and found out it was round
vast zinc
there's actually flat earthers that used 20000 USD to prove that it's flat and f...
I think I have seen video about that or something
btw I am flat earther
uncut cove
I'm donut earther
chilly veldt
am I weird? I am currently eating chips with chopsticks
wintry sluice
I like the idea of the universe being a hyper-torus
uncut cove
am I weird? I am currently eating chips with chopsticks
chips as in pringles?
wintry sluice
chips as in pringles?
crisps*
chilly veldt
chips as in pringles?
yeah, food like pringles
these are with the taste of chili mayo
shell nova
am I weird? I am currently eating chips with chopsticks
yeah, but who cares? also better for not getting fingers all icky
uncut cove
eating those with chopsticks is kinda hardcore
chilly veldt
yeah, but who cares? also better for not getting fingers all icky
yeah, I am in the middle of LoL games
don't want my warwick jump to get messed up by sticky fingers
shell nova
ha
vagrant jungle
Hii
uncut cove
vagrant jungle
Anybody know about hacking and networking
mossy river
vagrant jungle
I want to learn about networking any budy help me π
cedar scaffold
Anybody know about hacking and networking
thm is a good place to learn 
vagrant jungle
Ya but how I learn fast with expert experience
mossy river
Our content was written by experts, itβs the same as having one of then with you
cedar scaffold
yeah the rooms are a mix of theory and practical
so you get experience doing the things
vagrant jungle
Hmm π€
wintry sluice
and if you don't understand something in one of the rooms, there are plenty of experts here who can help
vast zinc
Ya but how I learn fast with expert experience
spend more and more time , that's the only way to get exp
vagrant jungle
Γk I research
cedar scaffold
I feel iv learnt a lot In the short time iv been actively using THM
wintry sluice
I feel iv learnt a lot In the short time iv been actively using THM
same
vagrant jungle
Hack the box is good for beginning?
cedar scaffold
also find it enjoyable, doesn't seem like a chore, feels good when you finally get your code to run or whatever it is your aiming for
vast zinc
Hack the box is good for beginning?
it would take 2 year to be able to start there
near hawk
New wifi is insane
spice adder
I feel iv learnt a lot In the short time iv been actively using THM
Yeah for sure! THM is fantastic as a place to learn
cedar scaffold
iv not tried htb but from what I've read thm is more beginner friendly
wintry sluice
New wifi is insane
spice adder
Hack the box is good for beginning?
Much higher skill floor than THM and more expensive for their academy content in comparison to THM. Youβd be throwing yourself in the deep end with HTB, not the most advisable option :)
spice adder
iv not tried htb but from what I've read thm is more beginner friendly
THM is way more beginner friendly, HTB can leave you scratching your head for a while as a nub. Writeups and retired boxes are your friend if starting with HTB
cedar scaffold
thm pathways are also great for those who don't know where to start, get a feel for all the fundamentals then take the later paths that interest you
vast zinc
THM is way more beginner friendly, HTB can leave you scratching your head for a ...
even then u can't start
vagrant jungle
Thanks for your great opinions π
cedar scaffold
also new content seems fairly regular which is nice even if I have more than enough to be getting on with as it is π€£
spice adder
Really enjoyed the new content so far. That http desync & smuggling room was a fun one
vast zinc
56 hr no sleep
spice adder
WHAT
vast zinc
spice adder
dude
uncut cove
if 1 % on thm starts at 12000 rank does'nt it mean it has 120000 users
more like 450k
spice adder
GO SLEEP π
vast zinc
literally not braining
vast zinc
what are you running off
"what if "
vast zinc
more like 450k
but with real real user its 20k
uncut cove
but with real real user its 20k
I think more like 120k
vast zinc
I think more like 120k
ur rank must be 120k that why
uncut cove
what's yours
vast zinc
12k
uncut cove
i see
it must be still low in soc eng
spice adder
I think thereβs a lot of inactive users, itβs not necessarily hard to get to top %βs if you put the hours in and I think itβs pretty easy to stay top %βs too even if inactive
vast zinc
but even top 1% is not best enough
spice adder
Iβm at 5% after a couple weeks of hammering it out
vast zinc
I think thereβs a lot of inactive users, itβs not necessarily hard to get to top...
yes
sick lance
Top % doesn't mean anything.
vast zinc
Top % doesn't mean anything.
yeah
spice adder
People putting their THM rank in their LinkedIn says otherwise π
sick lance
If anything you can have how active you are, to the people around you.
cedar scaffold
iv only just made it into top 100k 
vast zinc
Top % doesn't mean anything.
but to beginner its their motivation
sick lance
People putting their THM rank in their LinkedIn says otherwise π
That's also why THM have around 2k employees.
vast zinc
Iβm at 5% after a couple weeks of hammering it out
real game is after top 1% trust me
chilly veldt
cedar scaffold
my motivation is knowing stuff I don't know now 
rapid bobcat
I tried to make custom theme
uncut cove
looks relaxing
rapid bobcat
and made new shortcuts to stop using mouse , finally I love not using mouse that much
hasty palm
i have a flu and i feel like ****, my only comfort is that i have windows fundamentals 2 and 3 left , then im done with 1 thing. and onto the next
uncut cove
I am also testing obs
hey man I found your article it seems
https://medium.com/geekculture/optimized-note-taking-9d663eec898c
looks very similar this pic over there. so you're not only top 1% THM, but also a content creator?
Lucas Soares, huh
rapid bobcat
I tried to make custom theme
here is the conf file If anyone want to try it https://github.com/vadaysakiv/terminator-terminal-theme
vast zinc
hey man I found your article it seems
https://medium.com/geekculture/optimized-...
noooooooooooo waaaaaaaaay
uncut cove
vast zinc
don't forget to follow me
uncut cove
not giving up that easily, are we....
vast zinc
gold
chilly veldt
i have a flu and i feel like ****, my only comfort is that i have windows fundam...
flu gang π
hasty palm
flu gang π
everyone join it, noone likes it
chilly veldt
yeahhh, it's been day 3
uncut cove
get well!
chilly veldt
feeling better
hasty palm
since its international womens day, this is for u
uncut cove
since its international womens day, this is for u
outside of former USSR it is rarely celebrated, even in Warsaw Pact
chilly veldt
day 1 was full of sleep cause I was on like 40C fever π
chilly veldt
since its international womens day, this is for u
Thz
chilly veldt
outside of former USSR it is rarely celebrated, even in Warsaw Pact
it's celebrated in Denmark, we are doing a demo today actually
hasty palm
even google is advertising it
uncut cove
that's true, but there aren't many countries with official holiday on this day
even in Eastern Europe
demonstrations are held, unlike the majority of countries that have official holidays at this date
chilly veldt
we have an official holiday here
uncut cove
that's wonderful
we have nothing like this in Poland
hasty palm
its not official, but since im sic and wont leave the house today my wife even in the morning was "Where are my flowers?" π
π
chilly veldt
we actually call it international womens fight day, as it's because of how we faught for our rights
jovial cypress
I have a question about a problem I had on a test and got it wrong, I would like to hear your opinions on this. Anyone willing to answer?
uncut cove
I have a question about a problem I had on a test and got it wrong, I would like...
ask ahead
jovial cypress
ask ahead
Which statement describes the most precise difference between a public and a private encryption key?
A. Private key is widely used in symmetric encryption, while public key is used in asymmetric encryption
B. The private key is known only to a specific user, the public key to others
Keep in mind the question mentions "most precise" and not "the simplest" difference. Which of these would more suit it? Because I know Private key encryption is also known as symmetric and vice versa with public key encryption. Though the B answer is also correct, but I find the A choice more precise.
uncut cove
Which statement describes the most precise difference between a public and a pri...
I guess the logic here would be that you can use private key in asymmetric encryption as well, and there is no clear data on how wide this is used in both methods
so I'd say it's a distractor, a very clever one
jovial cypress
Yeah, that too. I found these types of questions inaccurate because the answers can also include some nuances that also could work apart from other answers.
jovial cypress
so I'd say it's a distractor, a very clever one
But in this case which one would you have picked?
uncut cove
tbh I'd pick A and lose
jovial cypress
I answered A, but I am ready to explain that my answer is also correct in its own way.
uncut cove
hahaha, it's googling that helped me wrap me head around it
but! these questions for tests normally have to quote academic literature, and fresh one, too
jovial cypress
I think that A is more precise because it goes more in depth in the definition rather than the B answer. But thank you for your opinion either way! :)
shell nova
there's a trap, because in Symmetric encryption, the private key is known to multiple users
uncut cove
I think that A is more precise because it goes more in depth in the definition r...
no, A describes these keys in broad terms
and for B you have to know the process
shell nova
it's a wierd question and I think the examinaer was trying to be too clever
uncut cove
it is strange why this question ended up in an exam
jovial cypress
Do you think its worth to submit an appeal that A was right aswell or do I just leave it be? This point doesnt really change the mark, but I would also like to know their opinion on this one.
sick lance
Which statement describes the most precise difference between a public and a pri...
Homework?
shell nova
might be worth the appeal
jovial cypress
It wasnt really an exam, it was just a test
sick lance
You got stupid questions too then. :kekw
jovial cypress
Yeah, I figured
shell nova
saying that B is wrong because of the symmetric loophole
worn thorn
I assume you use asymmetric encryption to get the private key to then use it symmetrically?
jovial cypress
Thank you guys for the opinions, it really matters to me! :)
chilly veldt
I assume you use asymmetric encryption to get the private key to then use it sym...
uhm what
hydra, I have to write an whoami 
worn thorn
uhm what
I worded it weirdly. I meant would you first use asymmetric encryption to securely exchange private keys and afterwards switch to symmetric?
finite basalt
How far'd you end up getting? I've nearly got to second stage I think
hearty pine
anyone wanna collab on some room or just chat about? DMs welcome.
devout palm
How far'd you end up getting? I've nearly got to second stage I think
Not too far.
Is it still active?
I think i got frustrated and left doing it
gentle adder
Can anyone tell me which directory contains the source code of linux commands
Note: I am not asking for binaries xD
sick lance
My Malware-bytes expire soon π¦
Thankfully they do student discounts, so I can grab the premuim and the VPN for Β£24.99
mossy river
Year or Month?
sick lance
Year
sick lance
Works out just Β£2.08 (around) a month.
I know, I know, I missed out in the lifetime pass because my bank gave me a 5 year code.
mossy river
My bank do not have lifetime because it auto-renews every year
sick lance
I'm no longer with the bank that offered it π¦
mossy river
I don't think I'll ever switch banks tbh
sick lance
I had to, because at the time RBS were closing accounts in my area for no reason, and they wouldn't restore or disclose the reason why.
hasty palm
Introduction to Cyber Security and
Pre Security
weeeee - gogo next π this stuff is pretty interesting
sick lance
So I switched before mine could have been closed.
One of the people I spoke to who got their account closed had to wait 8 weeks for the recovery of the money in the account.
hasty palm
these 2 are done
proven quartz
Glad you've been enjoying the series, and hopefully more great things to come
bitter quiver
Introduction to Cyber Security and
Pre Security
weeeee - gogo next π this stu...
Good spots to start
hasty palm
π i agree, tryhackme site is a Treasure trove.
crude stump
Wsg people
hasty palm
im trying to learn as much i can so hopefully by the start of next jear i could change the field i work
vagrant jungle
Hii
bitter quiver
im trying to learn as much i can so hopefully by the start of next jear i could ...
Solid timeline. See if you can work in some certs along the way
vagrant jungle
I want Learn about networking guys and budy please help me
bitter quiver
Well, part of what THM does is indeed networking
vagrant jungle
Give me any source π
bitter quiver
THM/Google/YouTube
chilly veldt
vagrant jungle
Ha but I want to learn fast with expert expertise
Ya
Any budy is free I want mentor
bitter quiver
CyberSecurity, even networking, is so massive you don't really have mentors outside of paid classes/good friends/ senior associates at work
The time involved in directly teaching all of it is kinda nuts
hasty palm
Solid timeline. See if you can work in some certs along the way
im looking at some basic comptia security, maybe basicas like a+ and ccna, or cycs+, but these buggers are expencive
bitter quiver
I literally got started on YouTube vids and branched from there.
bitter quiver
im looking at some basic comptia security, maybe basicas like a+ and ccna, or cy...
Pricey, but skip A+ IMO. Net+ and Sec+ have more value and A+ means you know how to turn a PC on and off and clear a printer spool error.
CCNA and CySa+ are excellent
hasty palm
i would love to get knowledge first and let my future employer pay for these but i guess i need the investment into cert first to be able to get a job
bitter quiver
Really depends
But generally if you have no degree, being able to show projects/portfolio that represents your skill and knowledge and a few certs is key
That or knowing someone in a company already
Or working in IT getting into being a Network Admin or something then sliding into it
Lateral moves
hasty palm
iv worked on construction last 10 years and looking onto cybersecurity
xD there are no connection sadly
but using sites like meetup and constant learning updating cv (even professional help on it would be good), 1 or 2 certs and at the end of the day its a 1000 mile journey not a sprint.
uncut cove
If you want to get into security operations/engineering, then Comptia A+ and Support role is a great way to begin to work on your portfolio
hasty palm
mhmh
uncut cove
cause certs normally get you through screening, but after the screening you need to go through a panel interview, where you need to recollect practical experience
hasty palm
this is why i like tryhackme
frail sparrow
Hi!
vagrant jungle
Hii
uncut cove
this is why i like tryhackme
oh but it's not really practical experience. after you follow whatever path you choose and learn it, you need to go out in the field, and make a name
freelance, bug bounty, research, volunteering etc.
bitter quiver
this is why i like tryhackme
You started SOC1 course yet?
hasty palm
i started 3 days ago, i finished Introduction to Cyber Security and Pre Security, goin over Complete Beginner atm, next i thought soc lvl1 or cyberdefense
bitter quiver
SOC lv1 has a lot of great info in terms of understanding the mindset.
Ultimately my goal is to leave no room unturned
uncut cove
I'm rounding up web fundamentals, complete beginner finished, and going to follow-up with Defensive Security because it includes malware analysis
uncut cove
14th day here
bitter quiver
Nice! Keep driving forward
uncut cove
time started flying after I joined thm hahaha
bitter quiver
i started 3 days ago, i finished Introduction to Cyber Security and Pre Security...
Do you play with tech in general?
bitter quiver
time started flying after I joined thm hahaha
Agreed. I juggle THM/CodeAcadamy/DataCamp/DuoLingo/Mondly
So a solid ~2-3 hours a day vanishes
Now that I have room I'll probably dig out the Arduino as well
hasty palm
Do you play with tech in general?
long story, easier would be to explain in voice
mint palm
oh but it's not really practical experience. after you follow whatever path you ...
your skill and knowledge will be more important than volunteering etc during an interview
uncut cove
your skill and knowledge will be more important than volunteering etc during an ...
yes, but volunteering for the right organizations in right activities can improve the necessary practical skills
crude stump
I am human
rapid merlin
your skill and knowledge will be more important than volunteering etc during an ...
Not always
For the job itself maybe yes
bitter quiver
your skill and knowledge will be more important than volunteering etc during an ...
Without practical experiences to talk to, even being able to recite everything verbatim isn't super impressive
It's why experience trumps degrees
rapid merlin
But lots of companies do matter about other things too
uncut cove
volunteering is generally good for the CV
bitter quiver
I've been teaching people with MBAs how to do things, I have nothing.
mint palm
Even if you have a lot of certs, a degree, some experience as a volunteer, but lack basic knowledge I doubt that this person would be@hired
bitter quiver
They "know" more, but they have no understanding of applying what they know.
ANd the knowledge they tend to have is the core muscles. Extremly strong main groups of muscles, zero strength in the stabilizer muscles.
Which if youve ever done sports you know yields poor results.
bitter quiver
Even if you have a lot of certs, a degree, some experience as a volunteer, but l...
THM and a cert or two covers most basic knowledge needed
Especially for entry level or pseudo cyber security jobs
Especially if you branch out into the other sides you bump into
And if you follow Sec based youtubers
mint palm
Doing a room here and a cert does not mean too much if that person cannot describe their skills during a technical interview
bitter quiver
Doing a room here and a cert does not mean too much if that person cannot descri...
That's just word smithing
Proper wordsmithing can make a hamburger flipper sound like the most priced member of leadership
I know, I've taught former employees what to say when helping with their resumes lol\
crude stump
Homelabs are the best to test your skills
mint palm
You can have every cert in the word, but without any skill that comes with it these mean nothing
bitter quiver
Homelabs are the best to test your skills
And displays you know how to troubleshoot hardware usually.
crude stump
And displays you know how to troubleshoot hardware usually.
Yes
bitter quiver
You can have every cert in the word, but without any skill that comes with it th...
Hence...the practical experience he mentioned
Bug bounties, volunteering
The things that will give them experiences to talk about and connect to knowledge
That's the whole point I mentioned the MBA folk
Most come out with all this education
But completely incapable of executing on it
crude stump
??
crude stump
Why do people do this
bitter quiver
Spooky
crude stump
Delete there questions
bitter quiver
Glitch in the matrix man
I always set my powershell colors to black/green lol
Matrix ruined me 20 years ago
crude stump
@worn summit check out the Linux fundamentals
worn summit
nah idk how to ask my question properly lmao
crude stump
Itβs straightforward
sick lance
nah idk how to ask my question properly lmao
Just ask
worn summit
for a task in class we need to do a Tryhackmeroom, where we learn cybersecurity in linux
crude stump
Not poorly
worn summit
and i was wondering if someone knew a good room
linux fundementals isnt really cybersecurity related is it?
i already checked that room but idk if its good enough
sick lance
and i was wondering if someone knew a good room
It shows you how to use Linux.
In theory, you can do many of the THM rooms in Windows.
mint palm
Hence...the practical experience he mentioned
He mentioned βmaking a nameβ in the industry by doing that, but thereβs a ton of people that simply pretend theyβre doing stuff, but nothing comes with it
worn summit
I already know how to use linux, but it has to be about Cybersecurity related things in the tryhackmeroom
and i cant find a good one
crude stump
A ctf might be good for you
bitter quiver
He mentioned βmaking a nameβ in the industry by doing that, but thereβs a ton of...
I get that. But they are also optimistic and looking in at a new industry. They don't mean famous, they simply mean to have value.
sick lance
I already know how to use linux, but it has to be about Cybersecurity related th...
However, if this is an educational task, you should aks your teacher if they want you to use THM.
bitter quiver
I already know how to use linux, but it has to be about Cybersecurity related th...
YOur teacher from an external org is having you do a THM room, and gave no direction on a specific?
worn summit
I'll copy paste it, sec
Find a nice Linux room on tryhackme that has to do with Security (the fact that the VM is a Kali Linux is not enough, it really has to be about the security of a Linux machine or attacking a Linux machine). So you can choose whether you opt for an offensive or a defensive room.
its translated from dutch so might be a weird translation
shut hawk
Linux priv esc
bitter quiver
huh
crude stump
Many tools that you have access too use linux
worn summit
Linux priv esc
this one looks nice i guess
shut hawk
huh
As in, learning privilege escalation techniques for Linux machines
Lots of rooms on THM about it
bitter quiver
As in, learning privilege escalation techniques for Linux machines
No not that lol
I mean the teacher just handing off to THM
Feels like when a teacher partied too hard last night and just has the class repeat yesterdays lesson while they nap
sick lance
I mean the teacher just handing off to THM
They could be part of the educational plan.
bitter quiver
They could be part of the educational plan.
Didn't know THM was integrated like that
sick lance
Didn't know THM was integrated like that
THM have personal, business and educational accounts.
worn summit
for our exams there's a listof tryhackme rooms we need to " study " π
bitter quiver
for our exams there's a listof tryhackme rooms we need to " study " π
Do you get a college degree from the school?
worn summit
Yy
sick lance
Really, we shouldn't help users who are on plans that aren't personal.
bitter quiver
Fair
I didn't realize though
But I think recommending a nice room isn't helping
In a bad way
shut hawk
If you are still stuck, ask your teacher for clarification
bitter quiver
whats wrong with that <@958383130102870026>
If we help it falls under cheating
sick lance
whats wrong with that <@958383130102870026>
But if you're tasked to find a room and do it, then report...
bitter quiver
whats wrong with that <@958383130102870026>
Rule 5 - No Cheating
Cheating of any form is not allowed. This is not limited to asking for help with assessed schoolwork or exams.
If it's an actual course, ping your peers as well who are doing it.
worn summit
if u guys see this as cheating then idk
bitter quiver
See what rooms they each dipped into
bitter quiver
if u guys see this as cheating then idk
It's not really up to any of us as individuals. We have to follow rules.
I've been in enough trouble as is
crude stump
You could always use google
worn summit
I wouldnt ask it here if i didnt use google first π
crude stump
bitter quiver
There is using google, and effectively using google
worn summit
okay
mossy river
Please do not post IP addresses here
frail python
Hello can sombody maybe recommend me a room that uses linux and learns me more about security
mossy river
Rule 5 - No Cheating
Cheating of any form is not allowed. This is not limited t...
Please do not mini mod. Enforcing rules is for moderators, if there is someone breaking a rule, ping a moderator
bitter quiver
I wasn't...I was explaining why we can't help.
sick lance
Hello can sombody maybe recommend me a room that uses linux and learns me more a...
Is this for a class? π
crude stump
Is this for a class? π
Swear itβs the same dude lmao
frail python
Is this for a class? π
No just for myself i want to selfstudy to learn more about security
worn summit
thats not me
mossy river
I wasn't...I was explaining why we can't help.
Moderators need to be made aware of users breaking rules.
This is so that we can note and identify users to inform other moderators π
bitter quiver
Got it. Was just trying to be friendly
worn summit
friendly..
but okay, i'll look for a room myself. thanks anyways guys! didnt know there were strict rules like that
frail python
does sombody have any recomendations for me
faint hemlock
Hi, I see that the 'thefindcommand' room has already been removed from tryhackme and it's not possible to join it anymore. Is there perhaps an alternative to this room?
bitter quiver
does sombody have any recomendations for me
Pre-security, introduction to cyber security rooms
I mean paths
sick lance
Hi, I see that the 'thefindcommand' room has already been removed from tryhackme...
Sadly, there isn't π¦
bitter quiver
untold marsh
THM having issues right now?
rapid merlin
Not for me
untold marsh
My VPN times out every 2 minutes, and goes slower and slower up to the point where it disconnects
rapid merlin
ah im not on vpn so
untold marsh
My other tunnels work fine
untold marsh
It died again. I'll continue later, or try cycling the box
rapid merlin
oh wow
boreal scarab
coarse cosmos
Hello! I'm wondering why the Attack box is recommended over the web based Kali Linux machine? It seems like they both work okay.
lament tendon
Attack box is updated more regularly, at least to my knowledge.
Does not really matter which one you use tho.
boreal scarab
I personally reccomend using your own Kali VM
silver sky
Hello! I'm wondering why the Attack box is recommended over the web based Kali L...
The attackbox has been designed by the tryhackme team and the tools are hand selected
rapid merlin
I personally reccomend using your own Kali VM
Yeah i prefer my own machine too
silver sky
I personally reccomend using your own Kali VM
I use the attackbox at work π
Our PCs are ancient and I don't have admin powers π
proven quartz
I use the attackbox at work π
Our PCs are ancient and I don't have admin powe...
Usually a safer option, since most orgs don't want someone using a local machine full of hacking tools or using a VPN out of the network to somewhere else
sick lance
Attackbox has materils also (pcap, images etc)
silver sky
Wait what
Our office style computers are from 2005....
Our CCTV units are brand new and customised. I have admin powers on them.
sick lance
Not sufe if kali box has it
warm bear
Own machine > Attackbox
silver sky
Usually a safer option, since most orgs don't want someone using a local machine...
IT would have a fit.
rapid merlin
I use the attackbox at work π
Our PCs are ancient and I don't have admin powe...
Ohhh for doing thm
I thought for your work
xd
odd sparrow
hi
lament tendon
I use the attackbox at work π
Our PCs are ancient and I don't have admin powe...
Using you main work PC for hosting hacking tools and connecting to a network of hackers would be a horrible idea.
proven quartz
IT would have a fit.
no doubt someone would be marched to hr
silver sky
Using you main work PC for hosting hacking tools and connecting to a network of ...
It would be. Especially as my organisation had a major cyber attack in 2021
odd sparrow
how to learn pwn and re in tryhackme ?
warm bear
Hi Scrubz π π
boreal scarab
I use the attackbox at work π
Our PCs are ancient and I don't have admin powe...
If I used my own VM at my old work.... let's see how many teams will be on my ass:
Info Sec Analysts and management, Licensing, Desktop Support management.... list prob goes on
silver sky
<:kekw:658061932577816606> no doubt someone would be marched to hr
I've already been marched to HR once.
lament tendon
It would be. Especially as my organisation had a major cyber attack in 2021
I was scared you werenβt joking. π
proven quartz
I've already been marched to HR once.
Well you'd better be on your best behaviour so!
grave egret
Hey, where can I ask questions regarding ip gathering ?
silver sky
I was scared you werenβt joking. π
Unfortunately they had a cyber attack.
Not sure what, they didn't release any information!
boreal scarab
Unfortunately they had a cyber attack.
Not sure what, they didn't release any ...
Not even a damn disclosure? Jesus....
silver sky
Well you'd better be on your best behaviour so!
The complaint got thrown out.
Found out it was all lies
lament tendon
Unfortunately they had a cyber attack.
Not sure what, they didn't release any ...
Happens all the time everywhere, so welp. Your companyβs not broke and still operational.
coarse cosmos
I do have the resources to use my own hardware, but I have just been using the Web based stuff and was curious about the difference. I appreciate all of the conversation! Looks like there are some different views about it. If you are using your own hardware, it would be best to segment your network and isolate that environment correct?
proven quartz
The complaint got thrown out.
Found out it was all lies
That's good news then
lavish shell
@gentle adder If you're still floating around here, please message me at your earliest convenience in regards to the debugging.
silver sky
Not even a damn disclosure? Jesus....
Just said no sensitive information was taken.
Speculation was ransomware
boreal scarab
I remember when we (desktop support) had to isolate a laptop and.... y'all gonna hate this... info sec team called in a certified CEH to do analysis on the laptop
mossy river
Hey, where can I ask questions regarding ip gathering ?
Why
mossy river
Okay
silver sky
That's good news then
Parent complained I put their daughter at risk by not allowing them entry to the car park. (Didn't have a permit, gave them options with public car parks on our safe route where you can request a chaperone)
Not exactly putting your daughter at risk
boreal scarab
I remember when we (desktop support) had to isolate a laptop and.... y'all gonna...
Not anyone in digital forensics... nah.... CEH... in the US
proven quartz
Parent complained I put their daughter at risk by not allowing them entry to the...
Well you did all you could to facilitate then
silver sky
Well you did all you could to facilitate then
That's exactly what HR said. I followed policy
Tbf parents have been on edge this year.
Don't blame them, a student was murdered here last year
proven quartz
Tbf parents have been on edge this year.
**Don't blame them, a student was mur...
Yeah it's fair they have concerns but you can't be responsible for everything. It doesn't seem like an emergency situation or anything like that
silver sky
Yeah it's fair they have concerns but you can't be responsible for everything. I...
No we can't. The review has concluded our department went above and beyond to assist the police in scene guarding, evidence gathering etc.
Nothing we can do.
The only thing the review said was we ideally need more staff. But that won't happen
proven quartz
No we can't. The review has concluded our department went above and beyond to as...
Sounds like you did all the right things then π
silver sky
Sounds like you did all the right things then π
Yeah that's the main thing
We've learned some lessons from it for sure tho
uncut cove
can you explain to me what ACME IT SUPPORT is?
proven quartz
AS long as it improves how things are done and makes it a better environment, then it's a great outcome
uncut cove
why ACME of all names
gentle adder
hey guys what do you think what role tryhackme play in the life of a newbie of this field π
simple valve
hey guys what do you think what role tryhackme play in the life of a newbie of t...
tryhackme helps you upskill π
lots and lots of paths and new learnings
upper rain
tryhackme is for you to gain technical experience without being in a cybersecurity job role
rapid merlin
can you explain to me what ACME IT SUPPORT is?
My name?
uncut cove
not only
rapid merlin
Acme IT Support is an example website on tryhackme
uncut cove
yes, there are lots of rooms with ACME Support
rapid merlin
Yup
uncut cove
why Acme
rapid merlin
yeah idk
blazing granite
Acme IT Support is an example website on tryhackme
it's the favourite of Willy the coyote π
gentle adder
tryhackme is for you to gain technical experience without being in a cybersecuri...
is it real world experience?
rapid merlin
Nope, but sometimes, close
uncut cove
upper rain
is it real world experience?
as close as it gets really
finite basalt
Like most things, imo, thm teaches theory and practical applications but in the real world you need to figure out how it applies
heady nova
ello
mint palm
as close as it gets really
some of the rooms can represent 1:1 how you would hack into a machine in a real environment
rapid merlin
@mossy river
finite basalt
Like it gives you a damn good start if you're learning but you need to be able to continue learning and learn how to apply knowledge, also depending what you focus on impacts it.
I've focused mainly on Linux and am pretty good but pivoting and windows machines are a work in progress.
In a practical environment you may encounter Linux but there's lots of windows environments so the only limit of thm is your choice of rooms and ability to adapt and apply what you've learnt
mossy river
Whatβs this
hushed flame
its a vpn to stop ppl getting hacked
mossy river
Youβre such a liar lol
mossy river
Go on then, whatβs the VPSβ IP address?
hushed flame
wym
mossy river
Thought so.
finite basalt
Virustotal flags it as detected by 35/72 π€
And it talks to discord, never seen a VPN do that
finite basalt
Yeah I figured π
rapid merlin
Nice one from discord, they noticed me its a scammer
mossy river
I know what it is, just thought it would be interesting to talk to someone distributing it
shell nova
before you ban them, ye?
mossy river
100% guarantee itβs a 13-15 year old who joined a token scammer Discord
shell nova
tbh they probably left already
finite basalt
https://www.virustotal.com/gui/file/f863748884bdbe63185147b20fdca62458b99af81d522f210f8c2aac1071a97b/behavior if you want to see its report, is the behaviour thing new?
mossy river
@hushed flame You still here?
finite basalt
I'd never seen that built into vt before albeit a while since I used it
shut hawk
I think they got the wrong target audience
mossy river
Trying to βhackβ people in a cyber discord is hilarious.
rapid merlin
Reported him to Discord β
I am such a professional Jabba taggerπ
Didnt saw that message π¦
finite basalt
Honestly I accidentally downloaded it to my phone but I might go analyse it and see if I can find anything of interest, I've enough free time π
mossy river
Thatβs too funny
grim sparrowBOT
:hammer: dripzy4#0 has been banned.
shell nova
had some crypto libs in there it seems
mossy river
Honestly I accidentally downloaded it to my phone but I might go analyse it and ...
Find their server and report it
finite basalt
That's the intention
And if I find a webhook, I'll report it to discord in case it's on another account
mossy river
What a pleasant interaction
rapid merlin
No problem
warm bear
What a guy
spice adder
100% guarantee itβs a 13-15 year old who joined a token scammer Discord
Whilst also having all of his socials in his discord bio. Not the smartest, unfortunately
Bring back the Skype days, l33t names and bios and not to forget, dark comet rats being thrown around like itβs going out of fashion
silver sky
Bring back the Skype days, l33t names and bios and not to forget, dark comet rat...
They were the days π
I'm that old I remember AIM!
tired peak
(skype isn't even that old...)
silver sky
(skype isn't even that old...)
AIM is
warm bear
(skype isn't even that old...)
You got somwthing older?
silver sky
Oh yeah!
tired peak
well there was a time before chat programs... people had IRC and before IRC, they had usenet
tired peak
and before usenet, they probably had to call someone
silver sky
and before usenet, they probably had to call someone
Collect call
chilly veldt
Thatβs too funny
what was even more funny, is I first thought I had blocked the person
silver sky
and before usenet, they probably had to call someone
Pager
mossy river
what was even more funny, is I first thought I had blocked the person
Good, so Discord is working
tired peak
I had to look it up, they had email before usenet and then before email, you had to call (or maybe you had to use your HAM radio)
silver sky
Good, so Discord is working
Doesn't appear like that on mobile
Just shows the messages
mossy river
Doesn't appear like that on mobile
Correct
warm bear
I had to look it up, they had email before usenet and then before email, you had...
Interesting stuff
silver sky
Soon
tired peak
when I went to college, I would use "talk" on unix to talk to college friends
warm bear
College is before uni right?
silver sky
When I was at secondary school we used to use the windows shutdown with a message to communicate in class
warm bear
Oh. Mb
tired peak
nah its all good
y'all say uni, we say college (although we do have official definitions for college / university)
silver sky
Plus it was funny to us back then because the PC would shut down and they'd lose their work
Looking back at it, not funny
warm bear
Gtg watch f1 highlights. Bye for now
mossy river
Someone did that to me in secondary school and it didnβt save my homework that I got to school two hours early to do
tired peak
anyway, in college (I was 18), there was a friend who I used to use "talk" to. I think the guy had a crush on me, he was a nice guy, then he was like "have you heard of irc?", he introduced me to irc and then we kind of didn't use talk anymore and I didn't see him on irc after that. I would see him once in a while on campus but we had different classes and what not. I hope he did well
hasty palm
i keep mixing up some of the osi layers :S
silver sky
Someone did that to me in secondary school and it didnβt save my homework that I...
Awww
warm bear
anyway, in college (I was 18), there was a friend who I used to use "talk" to. ...
That's some dank stuff right there
tired peak
i keep mixing up some of the osi layers :S
Please Do Not Throw Sausage Pizza Away
tired peak
That's some dank stuff right there
nah, there are a lot of people who will come into your life and leave and its ok
mossy river
I am not people
tired peak
ok besties will come into your life and leave and its ok
mossy river
All People Seem to Need Data Processing
tired peak
All People Seem to Need Data Processing
sure brits would do it the other way
hasty palm
im using All Ppl Seem To Need Data Prossesing
mossy river
sure brits would do it the other way
Funnily enough I was taught the sausage pizza one at college
tired peak
in the US, we do from bottom upwards because the only way to go is UP
mossy river
Please Do Not Teach Stupid People Acronyms if you want to go the other way
silver sky
Jabba beat me to it
ripe sandal
Application Presentation Session transport Network data link physical
Is the only way
tired peak
I mean if just bruteforcing the knowledge works for you, go for it
mossy river
I make drill songs from the knowledge I learn
silver sky
Never Eat Shredded Wheat
silver sky
I make drill songs from the knowledge I learn
Nerddrill
ripe sandal
Brute force always
silver sky
Not always the best method
mossy river
π΅ I ainβt gonna brute force, donβt call me hydra, draw a web from my nmap, man like spider π΅
finite basalt
I have a feeling it's a py2exe bundle based on strings @chilly veldt π€£
it's certainly bundled python code of some variety
mossy river
I have a feeling it's a py2exe bundle based on strings <@272707328455999488> π€£
The .exe that user sent?
finite basalt
yep
mossy river
Yeah most token grabbers are written in python
chilly veldt
silver sky
No Access 
rapid merlin
Is there any bug bounty programme hubs (like hackerone, bug crowd) that are very unpopular since like any programme on hacker1 had been reported like 150 times.
mossy river
Is there any bug bounty programme hubs (like hackerone, bug crowd) that are very...
You need to work hard to get invited to programs with less people on them
rapid merlin
oh okay
mint palm
Is there any bug bounty programme hubs (like hackerone, bug crowd) that are very...
Synack Red Team, but itβs hard to break into without specific certs
rapid merlin
what
warm bear
I wna join just to be mentored π
unreal solar
Good evening kind sirs
Anyone has good resources/references on working with large numbers of files in python ?
Processing, Extracting text, etc ...
golden timber
ChatGPT
desert shuttle
Well well well
sand trench
where is catgpt when you need it????
unreal solar
A cat trained on object oriented programming would be better at large and complex file operations than GPT
No doubt
plush mesa
isnt python already the first misstep when you want to handle large and complex file operations
π
unreal solar
Suggestions ??
plush mesa
try nim
rapid merlin
so if i find a csrf vulnerability would this count on the bbp, one of the exlucsions mentioned: "Missing security best practices that do not directly lead to a vulnerability"
plush mesa
it has a similiar synthax to python and is way faster
about "complex file operations"... well im not sure what you're trying to do are you just trying to read/write stuff from/to a file? There's libraries for that
unreal solar
about "complex file operations"... well im not sure what you're trying to do are...
The problem isn't the language itself, but the large quantity of files i have to work with :/
The thing is i have to work with a LOT of file paths and extracted text, and i'm having some trouble creating iterators/generators to process those values.
plush mesa
The problem isn't the language itself, but the large quantity of files i have to...
What I meant is that python is a pretty slow language. If you really have to work with a lot of files and speed matters python is probably the wrong choice. If the speed of the program doesnt matter then theres nothing wrong with python.
wintry sluice
sanβ’β’β’β’β’β’β’β’β’β’β’β’β’@gmail.com
its here
plush mesa
There's predefined libraries for reading and writing to files almost any language. About creating iterators/generators not sure how i can help more as thats application specific and not quite sure to help with that without knowing more about the topic. Assuming from a bunch of files the same stuff has to be done with the file i would write a function for it and add the paths to an array (or depending on the size an own list file) through which i would iterate
worn orbit
@plush mesa bro can you help me
coarse cosmos
So when you all started out doing boxes how long do you work on a box before you get a hint from some where? Obviously the longer you struggle the more you are going to learn, but I feel like I am so close. I think I have to laterally move into another user on the box to continue. I can see a possible way to get to root, but the current user I have does not have the correct permissions to access directories and files that would be needed to do it. The user I think I need to get is the owner of them. Cron job runs every minute as root.
Driving me crazy.. lol
plush mesa
<@235057917139746827> bro can you help me
you can help yourself by deleting your message else you will get banned noone in here will help you with illegal stuff its against the rules (and my ethics π )
worn orbit
you can help yourself by deleting your message else you will get banned noone in...
Just need help
unreal solar
What I meant is that python is a pretty slow language. If you really have to wor...
what's slowing the program execution is having all those values stored in memory.
I was able to increase the speed with generators, and it's working a lot faster than you'd expect.
Now being more specific:
Say if i extracted text from 40000+ files, what would be a better way to process that text than storing it in a dictionary ?
plush mesa
@mossy river
unreal solar
There's predefined libraries for reading and writing to files almost any languag...
That's what i've done, but with huge ammounts of files the array becomes huge as well, and decreases the program execution speed
mossy river
Who can find this email?
Why
mossy river
Can you do it?
If you tell me why you need it
worn orbit
If you tell me why you need it
Someone hacked my email, I want to know this email for recovery
mossy river
Someone hacked my email, I want to know this email for recovery
Sure you do
worn orbit
Sure you do
help me
mossy river
If that was your email, you would know it
plush mesa
what's slowing the program execution is having all those values stored in memory...
I'm assuming you're only storing the data you need from the files in memory right, not the entire files (if you only need specific parts)? In that size category I would write the data to a file on disk to not blow up the memory
worn orbit
yes That's my email.
worn orbit
Thatβs illegal bud
ik
mossy river
The mods should get spray bottles
Please donβt involve yourself
rapid merlin
Just spray anyone who deviates the rules
mossy river
Makes the situation 10x harder to deal with
worn orbit
You know there are feds in this server right?
what feds
rapid merlin
Just got sprayed
worn orbit
The mods should get spray bottles
grim sparrowBOT
:hammer: ragabhai_#0 has been banned.
crude stump
Jabba what is the message you get when you get banned
unreal solar
I'm assuming you're only storing the data you need from the files in memory righ...
I thought about that yesterday, would that be a 'pythonic' way to perform that file operation?
Say i have 40000+ file paths, perhaps the program can work by storing those paths in a .txt file and then iterating trough the same, instead of holding the 40000+ strings in memory?
By the way, thanks in advance for you help...
twin ridgeBOT
Gave +1 Rep to @plush mesa (current: #473 - 9)
wintry sluice
might be worth using something like an sqlite database
naive violet
Jabba what is the message you get when you get banned
The reason and an explanation of the appeals process
plush mesa
A database might be overkill, if it's just a fixed list it would be easier pasting them all in a simple .txt like you said and then you can use the classic python with open(...) and then do readline
or read in multiple at once
plush mesa
A database might be overkill, if it's just a fixed list it would be easier pasti...
I honestly don't know if reading one line at a time or reading multiple at once and then splitting that data up would be faster
wind lake
anyone have suggestions for pentest report templates?
plush mesa
I thought about that yesterday, would that be a 'pythonic' way to perform that f...
if those files are on the same path/a few similiar paths you could also just read in all on that path/blacklist a few files on that path or something like that
I assume you already have a list of paths to read in anyways right?
rapid merlin
Should add a gif of a cat getting sprayed
rapid merlin
anyone have suggestions for pentest report templates?
You can find examples on GitHub
naive violet
anyone have suggestions for pentest report templates?
There's a repo with public reports on github, I worked from that for mine
unreal solar
I assume you already have a list of paths to read in anyways right?
I know that processing speed depends on hardware specs etc.. But by creating a generator in one of my functions, the program was able to process those huge number of files in less than 20 seconds (Tested on different hardware), when storing values in memory, the process time was huge ...
plush mesa
What do you mean by generator? But nice, good to hear
clear jackal
anyone have suggestions for pentest report templates?
Not specifically pentest, but Expert Witness reports are also a good format
unreal solar
I assume you already have a list of paths to read in anyways right?
Basically i accept user input for a path e.g --path /path/to/dir
Then the program walks that path and yields the paths. That part is OK.
After that i have to group those files by MIME types for further processing, hence the problem we're talking about.
The temporary solution i made was storing those values in a dictionary:
text: [List of txt files]
pdf: [List of Pdf files]
The problem is, the more files that directory contains, the larger the dictionary becomes, storing those objects in memory, slowing the program execution.
The previous suggention you made seems to be a workaround for this. Group the types/paths on a separate file e.g. pdf_paths.txt , and then iterating trough that with with open (...)
Btw let's go to #programming
clear jackal
There's a repo with public reports on github, I worked from that for mine
I think John Hammond also demonstrated a more automated tool that pushed stuff to private repos for you to generate a report. Was in his OSCP video iirc
mossy river
Jabba what is the message you get when you get banned
I can show you if youβd like π /s
coral citrus
Hi all, I need to intercept HTTP (over TLS) requests as mitm. My plan is to setup e.g. a raspi which acts as access point and routes traffic through the ethernet port to the internet. The victim would connect to the wifi. The idea is to use mitmproxy as software. Are there any better ideas or alternative recommendations? My knowledge might be a bit outdated
clear jackal
Hi all, I need to intercept HTTP (over TLS) requests as mitm. My plan is to setu...
What's this for? THM?
coral citrus
No, actually test/demo setup for my job
clear jackal
Ah, ask your senior then
coral citrus
thx, "did you google" would also be a good answer
boreal scarab
What should I do for lunch? @naive violet
sick lance
Food.
sick lance
I could have said a liquid lunch.
mossy river
Iβm having four double quarter pounders π
clear jackal
blazing granite
Iβm having four double quarter pounders π
wow, some time I can't finish one and the chips π
blazing granite
thx, "did you google" would also be a good answer
did you google it, is always a good answer π
coral citrus
I actually did ... seems mitmproxy on something like a raspi is still the way to go
cosmic pendant
I passed my test
clear jackal
yay
boreal scarab
I passed my test
Mfer aren't you already a professor? Taking your own tests?
cosmic pendant
Mfer aren't you already a professor? Taking your own tests?
LOLOL Nicely done Berrys π
My radio
boreal scarab
Congrats!!!!!! 
Toaster: "I scored a 100 on my test"
Us: "What test?"
Toaster: "My own test I created for my class, I passed it"
Us: 
cosmic pendant
hahah lol
wintry sluice
passed
passed. not "got a perfect score". just passed
left pebble
I thought about that yesterday, would that be a 'pythonic' way to perform that f...
you still need help? if you need help in scripting tasks i can assist you, iterate through files/lists and parse / match pattern all thus stuff.
left pebble
Ah, ask your senior then
made me laugh, thank you
shell nova
their dragonbox pyra just shipped
Your what now?
sand trench
Your what now?
mini computer that runs debian arm linux... will have fun playing open source games and maybe hacking from it
shell nova
Glhf
shell nova
mini computer that runs debian arm linux... will have fun playing open source ga...
Might be fun to throw a Kali on that, though dunno if all the tooling exists for arm
sand trench
not seen kali for arm
and then there is the problems of the custom kernel things needed for support of the weird keyboard and buttons
shell nova
There was a nethunter build but never got that working
golden timber
looks like a bulkier steam deck
sand trench
and just installing hacking tools from source or from debian repos should work
golden timber
weird question, why not just put debian on a steam deck
sand trench
looks like a bulkier steam deck
it is actually smaller
golden timber
genuinely wndering
sand trench
weird question, why not just put debian on a steam deck
because when shadow preordered the dragonbox pyra the steam deck was not even a dream yet
sand trench
preordered it in 2016-05-05
sick lance
preordered it in 2016-05-05
That's a short pre-order, grats! /s
boreal scarab
@normal fable @vocal gale ordered white castle for lunch! Woooooo!
shell nova
They seem to be in need of a web designer...
normal fable
None out here.. Except frozen..
shell nova
I got Frozen two!
mossy river
Someone remember my order number- 58, ty
wintry sluice
67, gotcha
buoyant tree
Someone remember my order number- 58, ty
-58?
mossy river
58
golden timber
22
buoyant tree
oh k, thought the indexing system was bad and u were given a - number and now you have to wait for the system to glitch out for your order
chilly veldt
reeee, I am beginning to hate eating rice and chicken 
golden timber
can i have a 3389 with that please, and a large dr pepper
wintry sluice
reeee, I am beginning to hate eating rice and chicken <:PepeHands:56801686888382...
then stop...
mossy river
reeee, I am beginning to hate eating rice and chicken <:PepeHands:56801686888382...
Switch it up, do chicken and rice
buoyant tree
reeee, I am beginning to hate eating rice and chicken <:PepeHands:56801686888382...
eh add some yogurt to the mix
sand trench
bella has had to much rice and kicken
golden timber
try harder
sand trench
well bella is trying to have low calorie counts
chilly veldt
I got 3 more meals of honey sesame chicken with rice
boreal scarab
Someone remember my order number- 58, ty
Order is 58.
mossy river
Ty
boreal scarab
No prob
golden timber
your order is Cerium
mossy river
Someone tried taking my order
golden timber
did you beat them up
chilly veldt
well bella is trying to have low calorie counts
yeee, going falaffel though
mossy river
I stood there menacingly
chilly veldt
no
golden timber
is it possible to be a good human being
chilly veldt
yes
grim sparrowBOT
:hammer: nightmare14226#0 has been banned.
buoyant tree
did you beat them up
Jabba is civilized, he would not take action directly, wait for a few years then pounce when they aren't expecting it
golden timber
i have experience with jabba
mossy river
I gave them a chance to remediate the problem, this is Β£25 worth of food
sick lance
Who takes food?
Fast food or a shopping?
golden timber
free to them