#general

Tryhackme seems to not have anything about ElGamal

Define cryptography attacks?

Attacks where some parameter gets leaked

But many others like side-channel attacks

re-use of modulo

basically weak crypto

What's ElGamal

I can't seem to find any specifically relating to ElGamal

It's a digital signature scheme, public-key cryptography

I did read few papers about similar things, they are quite difficult papers to read so yeah, I thought maybe there might be a platform that actaully specializes on them in CTF style

sounds like it requires advanced maths and programming'

Cryptohack has somewhat similar things, but yeah, looking into alternatives

Yeah cryptography algorithms ig

are paths created by tryhackme only or by people also?

i mean people who dont work for tryhackme, like rooms?

I think People can only make challenge rooms, no?

By external people to

https://tryhackme.com/develop-rooms
this would seem to indicate you can make challenge or teaching rooms

Walkthrough rooms as well, but currently they aren't accepting any submissions for them

they aren't accepting submissions for walkthroughs at this time

paths are probably just thm staff though

Hi. I have a project that requires large-scale data storage similar to Zoom. Is there anyone who knows the minimum cost for this project? Please exclude my software engineer friends from consideration, as we won't be paying them partner salaries.

Your better off contacting a data storage company and asking them directly

Hopefully they would respond, wouldn't it be nice? :))

Why not just calculate it?

Would give you a rough idea

Gotta give them a minute

I'm sorry, I don't know much about servers

.

If you would like to help me on this topic, please do not hesitate to write to me, friends.

thank you

What is this for exactly?

I have an online education platform project, so I asked this.

I hope I'm following the rules when asking questions, no mistakes, right?

Online education platform project as in?

https://calculator.aws/#/

I can't provide further explanation about the online classroom education system, sorry 😦 In short, we're planning to transfer the classroom experience, including everything, into an online environment.

Like google classroom?

Do you mean the project is an online education platform or that you were given it by an online education platform?
And you not wanting to give further information makes me think if you should be asking here at all.

sounds like it

idk what online education platform requires you to buy large scale data storage. but idk why he cant tell us a little more detail

latest AV/edr bypass techniques ?

someone give us titles to researxh on

Could you provide some more context?

We don't discuss this outside of #advanced-general which you do not have access to

i am asking, i am digging deeper into AV/edr bypass, whats the latest methods out there to look dor

Hm, how do i get access

Reach level 0xD on the site, or get OSCP/eCPPT

Hm

i am just asking a general question

And I am informing you that we don't discuss this outside of the advanced channels.
Please respect that rule.

its because what your talking about is getting into the deeper stuff so they want you do be a 0xD. its more of you spent alot of your time doing tryhackme so your semi trusted then the average joe

Ok

I am massively over the word count for my assignment 🙏

happy st patricks day!

I hate having to cut back words more than adding them in.

I always feel like the material I cut back is important to the assignment.

I am currently going over all of my references, which is the absolute worst

Just find the word count limit, delete back a few characters, add an ellipsis and... send!

600 words over, and still not done

There's usually about a 10% grace period

Our assignments state whether there is a +10% on the word count (we can be under for as many words as we wish, granted that quality isn't lost)

wait you can be under the word count and still not get points taken off?

Correct.

Yeah I know how it can be. is there something that can be trimmed/rephrased/referenced/referred to in a different way?

2400 + 240 = 2640
3035-2640 = 395

There is quite a lot that could be reduced, but I am rewording a few of the paragraphs as their point were lost in me trying to fit a reference in.
Once I have done that, I will reduce the words, and then write the conclusion... LOL

Haha, always pressure to get things to fit in properly but you'll get it no bother

There is a lot of time pressure because I am travelling tomorrow and Tuesday so I have to submit it tonight (deadline is Wednesday)

Hope I don't lose the quality because I would ideally like to publish this

good luck

Well make the most of today and do it well! best of luck with it

R ur classes online ?

writing 🤢

No

Ohh alright

We have finished for Easter but we still have assignments

Ohh i see

SMTP room was so much fun!!

hydra is so cool

can anyone help me to solve MR.ROBOT machine ?\

lemme first do jee then ill go out

at this point inorganic makes more sense than organic

try #room-help

can you tell me what path i have to follow for bug bounty

would would want to look at the web paths

In the last 48 hours, I have been working for 24+ hours

Miss how do you work that much? I mean would u mind giving some tips to stay focused for long time without getting tired/bored?

Idk, I just like what I do, that's how I stay focused

That's crazy.

Do you use any kinda meds like ritalin or smth? (Nvm me asking just curious)

Nope, just pure ADHD and Autism that's not treated

I don't do any drugs or meds other than vitamin D supplements, other vitamins and apple vinegar tablets

that sounds very unhealthy, make sure to get breaks

I am, I was just overbooked for shifts this weekend

im welcoming myself back on tryhackme

for the thousandth time, but hey, restarting is better than quitting

Only quitters quit.

blue name?

trail mod? thats awesome man, congrats

Trial mod 😄

hello can someone help me im new to kali and i had it on my VM for a while and i can't upgrade it because it says udev isn't installed... i tried installing udev but another error comes up

Thank you!

Gave +1 Rep to @gritty zephyr (current: #150 - 43)

How long is a while, they just released a new release, maybe worthwhile just downloadintg that

how do i do that

since when did they renew the access files?

what? you always could

if something acting wonky or you change regions

no but my old one didnt work all of a sudden lol

redownloaded and now im alright again

Go to the kali and download a fresh install.

ok sir thank you

Gave +1 Rep to @sick lance (current: #2 - 2064)

gonna finally build myself a note dictionary, and do it right

ok im having a quick question, ive started including the ctf ip in /etc/hosts to make them easier accesible and for subdomains. But now my gobuster doesnt connect to the host now

Do you just add the IP, or do you call it something else?

i also called it boxname.thm

with boxname being the ctf name.

a normal browser request does connect, gobuster doesnt

Gobuster command IP or url name?

gobuster dir -u http://dreaming.thm/ -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -x txt,js,html,php

this is what im running

now i could just run it on the normal ip but id rather know why this doesnt connect haha

but even connecting to the port 80 through the webbrowser takes a damn long while

Well gobusters timeout is 10 seconds, so maybe if its not connecting, try increase it?

now it almost instantly loads, im confused lol

its been on for half an hour so it should just be the same

eh ill take it

i restarted it and now its just as slow lmao

Hello

damn i need hints in every other easy ctf

just keep at it, because honestly me to, youll get the flow eventually

most often I struggle with privilege escalation

then do alot of that till you can do it sleeping 🙂

https://tenor.com/view/im-melting-wicked-witch-wizard-of-oz-of-the-west-water-gif-17977767

Raining?

I'm melting

Stay in a freezer

I accidentally moved my /bin/bash somewhere and deleted

it

how can I fix my machine

I still didn't reboot it

https://serverfault.com/questions/451528/how-to-recover-from-a-deleted-bin-bash

my friend was going through their old screenshots and found this (2 days after fortnite was released). crazy how much its changed

can't install it also

Wow

Fortnite history

Then there's not much you can do tbf

it works W

thanks

Does Location to the file or Location of the file sound better? 🤔

Depends on the context

For a python function that downloads the file,

def download():
  Returns:
  str: Location of/to

of

Can anyone help me to setup kali vm on my device

nahhh

It’s pretty simple. What virtual machine are you using

I was saying about thm vm openvpn

It failed

@light halo Please keep it all in English here

kk

Can you show the error

Oh wait

Hey im not allowed to send pic i noticed just now

This should help you

I have read that

It says connection timed out

Do u have TeamViewer?

No

That’s how you verify

What does?

Connecting thm threough openvpn

Ok, that doesn't prevent you from verifying with the bot

A question, how can I respond when it tells me response format:******.?

#room-help Please 🙂

..

you probably don't need to SSH in to that machine, or VPN issue.

#site-support 🙂

This room requires ssh

Then please shift the channel to site support where I can help you.

Where does it say that? Please answer in #site-support

linux or windows

Yo any mods present here?

Some guy on insta who i don't know tried selling me tryhackme subs. It felt fishy to me

Will be sharing his account and the convo here

You can DM me. 🙂

@fiery hill u r Indian right ?

Not in public

And that's a staff thing, I'll ping @mossy river

Okay

Ye

Let's not throw accusations like that out in chat please.

Ye thats kinda racist

Not racist ! Facts

@rapid merlin Please don't continue this conversation...

Okay bro

Even I don't like to continue! But u know the truth

Bruh

lmao

Where are u from sigma

Bharat

...

0xSigma is crazy 💀

bro's a skibidy brainrot warrior

Lmao

Guys,

Last time I'm going to ask to change the topic of conversation.

Look Insert again starting it !

Bruh what

it's your name

lmao

I'm finishing it.

Im outta here. I've got work tomorrow

Yeah same fuck that

cant say a damn word in this chat without getting banned anyways

Nobody is being banned.

Calm down bro

Ok im calm now, thanks for your intervention

We're here to learn not fight

What work scamming right ?

BROOOO

thats crazy

@sick lance u seeing this

@fiery hill you're gonna let that slide?

@naive violet

My brother got scammed by an Indian few days ago

:hammer: 0xsigma22#0 has been banned.

:mute: injectdavrius#0 has been muted.

Why are people like this

Please don’t involve yourself 🙂

@sand trench that looks rather like a password so I deleted it

I am so close to finishing this assignment

yeah sorry and thanks james

pasted in wrong windows apparently

time to go change it

It’s like the closer I get to finishing, the more it drains the life out of me

You got this Jabba!

I managed to get rid of a ton of words

Turns out there were a bunch of paragraphs that just didn’t make sense

Sleep deprived written?

I think the point was lost by me changing the surrounding paragraphs too much

and password updated

anyone knows why even when i switch vpn servers the vpn gives me an error and disconnects

it worked before

linux

It's going good, what about yourself?

lazy sunday with ctfs

Has anybody here tried out claude opus

is that the paid or free model

I've used the free one, I'd say it's better than gpt-3.5

And the image support is suuper nice

Downsides: you don't get many prompts a day, and it's quite restrictive in what it answers

paid one

Tried it out for a few days

its better than gpt 4.0

I get about 80 on the highest model per 6 hours

its got a great context window and hasn't halucinated a lot yet

I think I broke Co-pilot, it won't even let me ask a question, seemingly used up my quota for the day.

anyone knows why even when i switch vpn servers the vpn gives me an error and disconnects
it worked before

#site-support please 🙂

currently working on Chill Hack

Co-pilot has a quota?

Nice, how did you get to try it out? Did you pay for the sub?

1. what content are you talking about?
2. how woud Google take it down, event if they wanted to?

That's not phishing.

there have been websites exposing private cameras for a long time as far as i know

My advice? Don't get involved. Report the website and move on

Welcome to the real world, again.

Systems generally are poor

For your average person, there's little motivation to have good cyber security beyond online accounts that might have financial consequences

i don't know the details but sounds like just a listing of cameras that are accessible through the internet without any authentication, I don't know if it "qualifies" for a takedown

Smarthome stuff, IoT, cameras etc, are often garbage for security. Some are alright.

How?

All that's happened is some laws banning default creds etc, which I don't think have worked

it's quite simple really. 1. check if you can run anything as sudo. 2. check for SUID/G binaries 3. cron jobs 4. if its a web, check database in var/www 5. Check if there is any .sh script that you can run/edit

in theory i know all the basic possible vectors, in practice I'm always missing something lol

Hardly.

Oh, its fine haha I had a hard time at first, but now its the easiest part ;P

gotta grind then

Dont be scared to check walkthroughs

I used to solve all the box with them

im starting to when I'm really stuck

Like whem I was stuck

yeahh

right, just checking the next step to push me forward

you do windows exploit a bit?

How are we done for? You made the claim

It's been like this for a long long time. Most individual people are not interesting enough for anyone to attack them.

Im doing AD right now and damn im having quite a hard time with large networks ;((

Whenm you actually realise how few of them are exposed to the internet directly...

You seem to keep learning these small things about the cyber field and having a panic about why no one has stopped these EVIL HACKERS!
Slow down and think about the motivations from all sides, the manufacturers, the consumers, legislators, ethical hackers. You'll understand that yes, if you do something stupid then it might go wrong but there's no Watchdogs style hacking out there...

nope, I havent touched windows exploitation so far

I mean most IoT stuff is pretty bad, especially in industrial settings

Exploding manhole covers

Imagine that

Imagine if that was actually possible

Too many people come into this field with hollywood expectations

Sadly the Holy Wood has gone back to whence is came

dont you crush my dreams, i want to be a hacker in a hoodie!

You can wear a hoodie if you want

Noone is stopping you

i do have a hoodie, now i just have to learn to hack

Glhf

ty

Tbh the only thing really unrealistic about watch dogs is the exploding manhole covers

Nah it's all unrealistic

https://youtube.com/shorts/DH9GnVM4wII?si=1JJk9xY4A9wSCf1C

There's no magic hack this button

In all fairness, the button is running exploit code, you see it more interactively in WD2 with the on screen terminal hacks

But it’s possible. Obviously it’s not gonna be that fast

Haven't played wd2

You can't just react to all discoveries with "Why haven't they done something about it yet!!!!!!" though.

Like the traffic light hack.

Got bored after a bit in wd1

Problem with ubi I guess

I played it all the way through.

Although hated the camera settings and mouse sensitivity

I enjoyed it

Ended up as fetch quests and generic open world bs

I mean would you want to play in a small town

Fair enough, I quite liked the openworld bs :P

I think the open world aspect fits

Mechanics were alright I guess, if not forgettable

Sort of like gta

Not a fan of GTA either

Prefer a tighter story that's well executed

I think you just have a hatred for modern games Hydra

I can’t wait until gta 6

Probably, they're all the same outside indies these days

At least the "AAA" garbage is

There are quite a few padding missions in open world games nowadays.

Like "fetch this" or "protect this person". Don't really add to the story

Might get the new horizon once it goes on sale though

It's not their job to police information

Google are not cybercrime enforcers

Shooting Dinobots with a bow is fun

Google are an advertising company that happen to run a search engine

Love to advertise

Probably why they have a habit of killing off all their services

There especially good at annoying there users

With ADS

grrr

But tbh I get it

They need money too

I still don't trust that GCP won't suddenly shut down next week

I just noticed a ball reduces my stress

Hm

Wdym

And it's fun to throw and catch it

anyone know the rdc that's being used in the windows fundamentals modules? It doesn't look like MS's RDC tool

Remote desktop? Yeah

IDK I'm used to the MS RDC that's on Windows machines.. But it looks completely different than what's in the module. So figured i'd see if anyone knew what Remote Desktop software was being used...

Yeah all normal RDP, but the browser access is a little different

You have to have windows pro for that too don't you?

Pro or server etc

Yea, Paid for it

its pretty good

Is pro worth the investment on a personal machine you think?

May have to try and sell it to my wife lol

Not in the slightest

Pro, as in claude AI?

nah, Windows 11 Pro

i'm just going to try and find a free RDP tool

Speaking of, I have windows 11 pro but I haven't found a usecase for it

46 words away from the word count

jabbababa

Jazzzathonnn

how ya doin

woo! getting there.

I have pro, it came with the machine though. kek

Then I have to transfer it all to a word document. Sort out the formatting, insert my references (pray for me), insert my appendix and submit it

But, am hungry so it’s dinner break

Do you need to export it to a PDF?

Or is word doc optional?

I write it on Notion so I can access it on any of my computers. Needs to be exported as a PDF file, but Word provides a built-in citation tool that I use to make sure my citations are correct

i didnt know they had built in citation

Yes, it supports Harvard, APA, MLA and a few others

cool

All my assignments have used Harvard.

Insert yo ur left lung

pretty sure they only start services to farm data so know what to monetize

https://killedbygoogle.com/

helldivers 2 is fun

I wouldn't say all modern AAA games are bad

Like its 60 40

worth to get HD2 then?

it's cross-platform right?

yea it is if you like mindless shooting

its fun mindless shooting at bugs

its a "buggy" game with ilteral bugs

how frustrating is the friendly fire? I can get pretty competitive in shooters.

@brisk raptor please don't link forms like that for surveys. As a general rule, we don't help with coursework and that largely extends to surveys and any kind of crowdsourced data.

ah apologies, i wasn't aware

No worries

its pretty funny

its still fun

even random's quickly respawn you

question which game should I play right now

maybe I'll pick it up after beating FF7 Rebirth

still have a few more hours till the end.

how's that going for you

I'm a big final fantasy fan so it's nostalgic while being fresh and new.

hmm

downloading kali linux isnt gonna kill me right 💀

probably not

It can take a long minute to download kali

is it safw to use kali ?

as a normal human

with no

experience

its safe, yes, but why do you want to use it

i want to learn

ethical haking

hackiung

hiackign

hacking

That's what THM is for. To teach you the tools in kali.

@wild roseany recommendation

Can't decide

anyone has issues with ctf machines freezing? once every hour or so my machine just hangs and I have to restart it

okay!

so

does the downlolad show up for kali

or is it jsut doing it

in the background

💀

well do you feel like a multiplayer or DMC5?

Don't know atm

too hard to decide

I would hop on HD2 if I wasn't hanging out with my younger nephew.

how young?

We need people to fight for democracy

7y/o

ain't that the truth...

Start the onboarding process

https://tenor.com/view/helldivers-2-freedom-democracy-liberation-fight-for-freedom-gif-11791033364361111188

for him it's roblox

I have never understood children's obsession with roblox

tried it out a couple dozen times

its just non-sensical

no idea either. I bought them a ps5 and they still play roblox on it.

how long does it take for kali to install 💀

depends on your system and internet connection, but it can take awhile just to download it.

..., PS5's power being used for only roblox hurts me deeply

lol me too. me too.

get them spider-man or r&c rift apart

and it doesnt show the install right?

like there is no popup showing its installing?

I would use it as a VM and wouldn't install it on a system

can you help me with the installation 😭

should i do install as vm

or create

cm

vm

What hypervisor are you using to run the VM?

I tried to get them to play both games they couldn't get into it.

bro a literally decided to do this 30 minutes ago

pleasse explain in ehnglish 😭

i think

itss

amd64

yeah it says amd64

Here's a YT video on how to set it up. https://www.youtube.com/watch?v=FqRpzgWzAjg

You're on Windows right?

yes

thank you

you can still learn without installing kali and use THM's Attackbox.

but it's a little faster to use your own VM.

okay

can someone help me?

Speak your mind

if you need help with a room please use the #room-help

ok, sorry

Oh nvm

Yeah do that

If you need help with OpenVPN please use the #site-support

You can still help them 🙂

uh so

does the name matter

guys, this method of privesc just blew my mind, I kinda know how it works, but I dont know why it works

basically being able to run docker means you can read files with root privileges? wtf

sad

omg why is chatgpt sooo bad sometimes? for my university study i gave in some questions and got wrong answers only . poor guys that try to use it on exam...

both great games

Because your relying on it for answers

That’s why it’s bad it’s like “please don’t cheat off of me human”

if i would rely on it, i wouldnt notice its all wrong

guess that's it

That’s actually a smart comeback

hey guys

i have probelm with openvpn

i connect to the seerver i mean to the vpn but can't connect the link after launching the machine in the room

any help ?

you might find your answer here at #site-support

It can take a few minutes for machines to start up.

i know

i have used it before

but this time didn't work for me

it stucks here

What room is this?

i have changed the server too but it's the same

wazuh

room

@vast vapor #site-support I'll help you there

good old rss

as reliable as ever and works great to consolidate info

rss ?

rss

Updates info like notifications

Websites

Notification

rss

rss

Hi

ho

you should listen to girl in red bro

goated music

It’s drill vibe rn

wanna listen to some french drill music

he did a feat with central cee

What, french the kid?

lmao

freeze corleone

but Menace santana is the best

ziak is good also

you have the three best right here

Drill?

You listen to New York drill

Kay flock

Drill is a genre of music

D thang

Yes

ah, I was responding to your "drill?" message

I used ? In the wrong context

Sorry lol

Should of just said drill!

anyone did pentest+?

compTIA

If you have a question, just ask

how easy was the test

Easy is going to be dependent on the person taking the exam

CompTIA lists who their exams are meant for on their site, you can also do the #pentest-plus-path on TryHackMe to prepare.

i was doing the path and stopped at phishing, I already read two exam book guides

im less technical skilled so this test is perfect for me when it comes to tools its just parameter since I use cheatsheets

Well you can't use cheat sheets on the exam, and if the material you are using is braindumps, those are prohibited by the CompTIA Code of Conduct

i have net+ and sec+ already I used totaltester for practice exam

@mossy river bro trust me listen to
Menace Santana - Guapman
You’re gonna love it

i also have a bachelors in Cyber and Net

might go for masters to see better clarity of what im missing in skills

community college made me do alot of labs

Again, it's going to fall on you to determine where you are knowledge wise. Take practive exams and see where you stack up. I would probably take the test only after I was getting 90% on the practice.

Lol if you think you are ready then go for it.

I would not get a masters for that reason

helps out in job resume and plus im on unemployment

If you have no experience, it doesn't

From what I've seen, you really shouldn't be getting a masters without any experience

It hinders your job prospects

Also depends on what path you want in cyber sec

really simple syndication
is what some people claim it stands for...
it is actually not clearly definded what the abrivation stands for
it is basically that orange with wifi symbol button on most news sites is for
it lets you get the news article in a neat nice free format in your own reader wherever

im leaning more on blue team

masters + join SoC analyst level 1

It prices you out of a lot of entry level roles and companies aren't really going to want to hire you due to them feeling like you're probably going to leave once you get that experience.

no, they already do that anyways

If you already have a degree, just apply to roles

you mean job hoppers

no

PlayStation came out with PlayStation wireless earbuds lol

thats what people who gain exp do, they job hop

2 years are 1.5 years they look for another role

cheaper than studios

Are you guys familiar with MITRE ATT&CK?
If so, why should I use it as a cybersec professional?

I'm confused of what's used for

threat model

It's very very helpful

you're adding in a different factor. What I am talking about is specifically around the masters. If you're applying to entry level roles, with a masters, companies are going to be hesitant/not willing to hire due to you likely getting better job prospects once they spend a bunch of money to train you.

see how an adversy attacks

Enlighten me please

Are you a professional?

I'm a sysadmin

This is outside of general "job hopping"

Alright, so let's play a game. First thing. What does MITRE ATTACK show?

https://tenor.com/view/im-here-jigsaw-saw7-saw3d-coming-gif-21902171

embed fail 😅

Have to verify

you need to verify

Thanks!

I am too slow on desktop keyboard

I have it saved in my phones keyboard so I just have to tap once lol

Nice!

lmk if you're done looking at it

So if I understand, it's a framework that shows you how attackers think and implement hacking techniques in a specific order and why

I want to switch to Loonix

Lemme know if I'm wrong

but idk if i can break away from Windows

That's true. What else does it show?

Links to different steps in a classic pentesting cycle

Btw, question, Im working basically as a SOC analyst rn. I have Net+ and Sec+. I get free education with my job and wanted to get a masters, since it is free. There isn't really a cyber masters. What would be best. Im between a masters in Compsci or an MBA with a focus in information systems. My undergrad in in IT with a focus in sysadmin.

Like step 1 reconnaissance, step 2 initial access, etc.

Comp Sci

That's the kill chain

The kill chain thanks

Let's approach it like this. How is it organized?

Thanks! I was leaning comp sci too

Gave +1 Rep to @cosmic pendant (current: #37 - 194)

In steps

What are they called? What are the categories/groups called?

Categories

nope, they have a specific name in this context

that depends on job interview

tactics and techniques?

Yes, correct.

Tactics hold techniques

Good

Pull up any technique, what does that look like?

Oh yeah that makes sense

I chose reconnaissance and it shows techniques

Like Ip scanning, etc.

I am confused. Why are you moving the goal posts around? I clarified what I was giving the advice for.

yeah, click on one of those

What else do you see? Any other categories?

IDs?

How are they categoriezed

i cant land a job interview for remote jobs such as SoC, and im on unemployment. Masters is for upskill.

How can I explain it...

its very competitive

You have a techniques with its own sub-techniques

yep, click on one, dig down into a tech or a sub tech

What else do you see then when you drill all the way down

unemployment basically pays for my masters if im qualified for skill up

and I am giving you advice as to why a masters for "upskilling" is not a solid choice. You can take the advice or not, but others in here would agree that getting a masters in this case is not recommended. I have listed the reasons above.

You have a degree and certs, you can apply to roles

I'm a huge fan of masters, and especially Comp Sci. Which will be harder with out the CS undergrad

if you aren't getting hits, it's likely your resume

anyone can get a masters in anything, thats why you go back to the basics if u want that and self study

doubts shadow sharing their opml rss feed file here would be a good idea

Oh wow! It shows how to mitigate it and how it works

What's that about?

That's why it's useful. Groups, Detections, Mitigations

MITRE Attack is a super power, I use it every day, all day.

That makes sense

Almost everyone here, probably should be in same way 🙂

it is a huge list of rss feeds shadow collected and find useful

Is it used by red teamers?

Could Shadow send to me?

but it also tells you a bit about shadow due to how they sort things

Everyone

sure

It's also harder to get a mid/senior role with a M.Sc without experience, for security specific roles - overall the MS is a HUGE boost if one is already working or has a career that has enabled the move to security from other slots. We (my team) has had to pass on several candidates with M.Sc in Info/Cybersec because they lacked basic foundational IT practices

it's used by everyone

guess in dm then???

Is it specific to Windows only? Or the main idea is based on how attacks and mitigations work in general?

such as networking, navigation of troubleshooting?

Sure! Thank you

Gave +1 Rep to @sand trench (current: #4 - 1676)

nope

Red teamers use it when there testing different simulated attacks etc. blue teamers use it to research and mitigate potential attacks etc.

How do computer programs work?

"Navigation of troubleshooting".... ? This sounds like you pulled something off chatGPT without understanding what you were actually trying to find

and sent toast

instructions to the cpu and components that fetch it.

are you talking about literally basics of how a computer runs?

How do you make a program?

binary

low level program

higher level programming

WHat's the process?

its basic history

WHy does it matter?

process is a service and programs use these services to communicate making a whole OS

https://tech.slashdot.org/story/24/03/17/2150221/mozilla-ends-its-privacy-friendly-gps-style-location-service

NOOOOO

shadow used mls a lot

Who's this shadow?

such as networks card hardware using drivers and the programs to utilize it, is network service aka DNS

ello ello shadow is shadow... a person that refers to themselves in third person

Yeah,... not really. Compilation, loaders, assemblers

Why does that matter

matters for cybersecurity causae of flaws

They call me me bombastic

Mr Bombastic

if they can read assembly and source codes they can static analysis

That's reverse engineering

Mr fantastic

Damn right son

its still static analysis

It reminds me of forensics

they didnt run the programs

and if they can't assembly they use strings to find sort of like significations

https://www.redhat.com/en/blog/security-flaws-caused-compiler-optimizations

reminds me of RockStar if you download their GTA5 its a pirated version in Steam

bro you have a Ph.D, I wouldnt think about compiler problems

Source, please.

it was on twitter, someone ran assembly to find a crack-coders signature

Source: "trust me bro!"

try googling it

Yeah, I'm gonna need something more than that. Otherwise you're spreading nonsense.

I did google it, no results in the first 3 pages for what you're talking about.

https://nee.lv/2021/02/28/How-I-cut-GTA-Online-loading-times-by-70/ is this what you mean?

must been a hoax then

https://in.ign.com/midnight-club-ii/193566/news/rockstar-games-is-apparently-selling-cracked-versions-of-its-own-games-on-steam

thats definitely them

But not gta lol

ah more proof that piracy is less of a problem then people think

I found the image, but I won't link it

but it is a hexeditor showing the exe with a pirate code in it

lol

there is always going to be piracy in the digital realm, and there is always going to be people they buy games just for the sake of convience such as online save state

so, while not exactly right, pretty close

and libraries

think shadow has heard similar stuff happen with nintendo games on 3ds virtual console

thats what I mean, I dont rememeber the entire detail

Not terribly surprised, to be honest. Rockstar has always had a 'ship and forget it' mentality. They probably fired all the devs who worked on thoee games and had no one who knew the source code well enough to even find the DRM checks.

piracy is still highly illegal basically everywhere so do not do it

LOl 100%

yeah that sounds fully plausible

How are you doing Mr. @whole yew ?

Good. Just waiting on the instant pot to finish it's cycle, then heading out for a family st paddy's day dinner

they can't eat without me, i have thecorned beef and soda bread

????

well that is a weird 403 error

OH yes, very good indeed

get a 403 error when trying to add a source to the rss reader but the link works in firefox and works on android feeder

what is in your instant potion???

Electric pressure cooker https://instantpot.com/

you cooking an electric pressure cooker to eat???

high pressure situation

From start up to done, about an hour instead of what would take 4-7 hours in a crockpot or slow cooker

oh that 403 error shadow keeps getting is apparently a bug with their desktop rss feed reader

welp time to wait for fix

there is an open pull request

high steaks

lolololol,. yes

what do you have your Ph.D in

in nick

critical infra.

When I type arp -a, I see the same MAC address twice, but I did not do this. Could it be that it looks like this because I have kali-linux and metasploit turned on?

or because the wifi adapter is plugged in

how long did it take you?

about 2.5 years.

which is really really fast.

alittle more

is it possible to get honorar degree in this field if you contributed something such as critical infrastructures

wow yeah, that is pretty fast

doesnt wifi adapter have separate MAC address?

i got super lucky in like 10 different ways 😉

including having my masters and counting some of that work for credits, then presentations that counted toward my credit, but presented by my chair 😄

it's very very very abnormal

has a mac address

says it takes 2 to 3 years to complete

your were right on target

unless your university was completely differenet back then

https://superuser.com/questions/660911/the-same-mac-address-twice-on-network

Wifi has differnet mac addresses compared to what frequency is sends out

check out your MAC address on the bottom of your router

unless your being stalked and in a MiTM

sounds like an amazing story to tell though!

you to can get a degree that is important for the goverment

yes maybe

thanks

hey im new here what is ethical hacking?

I have a few opportunities that I'm deciding between

unless you created something that is critical infrastrucure, im pretty sure universities will give you an honorary degree

literally google it bro

Hacking but legally

like kanye west makes art and universities wanted to give him degrees

cause their associated with art

i just saw the definition how do i really get strated?

started*

Penetration testing

beginner courses on tryhackme

basically auditing

.com?

.com

I would read a book if your not technically skilled with the course. Starting with A+ compTIA

even if its beginners, a good book in what a computer is always recommended

check out some beginner courses to see how much you don't know and what topics are difficult for you, then research further and read books

if you have no idea how networks work, get a book on networks etc

THere are lots of good books to start

But, between THM, and Youtube, books depending how you learn 😄

and once you get yourself familiar with basics, take courses for beginners on hacking specifically, like on tryhackme, and then try some easy ctfs

People can ask questions

I mean, it's a question about a definition, like joining a discord about it, without knowing about the basic definition, it's fair to ask in my opinion 🙂

But we gave good answers too though

still feels strange how few people get the term ethical hacking or legal hacking

so many random people shadow has talked with just calling any hacker bad people that should be locked up

Lawyers are hackers

Hacking definitely gets a bad rep

the more i know about hacking the more i view it as a way o thinking rather than a skillset for breaking into servers

like half of defcon talks have nothing to do with computers

yeah

A hacker embodies a boundless passion and insatiable thirst for understanding the complexities of a system, computers and networks in particular. They revel in the pursuit of knowledge and mastery, constantly seeking new solutions and opportunities for growth. Their drive and innovative spirit inspire and are inspired by the hacker community, where ideas and knowledge are freely shared and valued regardless of their origin.

-- Silk

hello guys

so i have a little issue that requires help. i am working oin the zeek room and the attack machine is so slow to a point i cant complete any task

it's just "what can I do with it" attitude towards everything in life

i have tried to scp the task file via ssh so i can use my local machine. but it denies. is there an alternative way. anyone with any suggestion?

not really they just try to bend scenerios within their boundaries to enable their client out of problems or recieve benefit from quarrels

very time consuming work

hackers dont bend scenerios they just break programs

like the guy that died who made scarface had no kids, people start getting lawyers to claim their his kids or the women he sleeps with have his kids

they just bending scenerios and ultimately failed , ethical or non ethical

ps the government won since there is no will

all these people have to battle the govertment at the end of the day

oh wow shadow lost track of time..... anyways time for meep mooop sleep sloop to the beepity boopity beeps boops

rss

I have a raspberry pi4 and I don't know what to do with it if someone has a suggestion I'm all open

it's like an adblock

👋

@sick lance trial no more? nice

still got the role tho so you're still the better role color

tryhackme has a trial?

Trial Mod role, i mean

i apologize for stepping in the middle of your conversation. I was just curious as i was checking for that before i bought my premium so figured id ask 👍🏻

dw about it -- this is a public channel anyone can do whatever

ik there's a referral program where you can get a few bucks off or something

not sure if that applies if you have an account already or not

i just created my account probably 30 minutes ago. Decided to buy premium as its only $14. Nothing major. I will checkout the referral program 😀

what currency?
I remember it used to be like 8 USD, then it went up to 10 or something, wonder if it went up again

it was 14 USD monthly or 10.50 USD Per month on an annual subscription

huh. still nb tho for what you get

guys does anyone else have trouble with the ctf flag answer being wrong even though you directly copy pasted the answer?

it random works sometimes and i have no idea why

there are no spelling errors

i'm doing the walk a program one in pen testing task 6

i directly copied THM{HEADER_FLAG}

and still it's wrong

i guess i'm in the wrong chat mb

Check if there was any space after or before the flag, that you copied by mistake

hullo

Hello fellow Homo sapien

Still a trial. 🙂

Hey any macOS user here?

yeah

If you are free, can you give me some time?
I have made a bash tool and i wanna test it on mac so if you're interested then lemme know, I'll add you in the contributer section at GitHub as a script tester😀

You don't have a macOs to test?

Nope

I have only Ubuntu

Then please don't advertise your tool in this server.

We don't want members downloading something they might not have knowledge in...

I'm not uploading anything, i have my ctf team even and server but they got no macOS so i was trynna find someone here

Its just a open source wifi brute force script btw

I never said you were uploading it, I said advertising.

cant u just virtualize the macos

No?

That's against their ToS and/or UELA

whups

Bro i don't need a macOS, i just wanted to test this single thing as i made this but the problem is that the networkmanager package that i am using only works on mac and not linux

MacOs have in their documents that you can only virtualise their os in their hardware.

Then how people got iso if its not official?

They break their ToS/UELA...

Which isn't welcome in here either.

Hmm i didn't know this before, i thought they made it public

anyone up for basic ctf

need some help

just spent about an hour debugging forti bs

just figured i'd let y'all know

it was dns

morning

Hello can anyone help me enumerate mssql

Morning

Its always dns

oh I'm fine then

without fail

wait I'll dm

I need atleast 3-4 out of 10 to win

But I not up to date in cybersec field from last 3 year forgot all my labs

When I change my host to localhost for ssrf
Shouldn't the request be going to my pc localhost?

You sound surprised.

700 points left till omni...

also it's been a month since I joined thm, and time started flying by really fast haha

bro how

no social life

https://tenor.com/view/crayator-katana-gif-19295368