what number
#general
halcyon gale
there never was a nuber unless you use a wayback machine and use discord and go back 1 week ago
mossy river
Already wrote down the number and filed a report π
grim sparrowBOT
:hammer: adebelle#0 has been banned.
wooden totem
I always miss these by few seconds/minutes
sand trench
only phone numbers shadow guess are acceptable is emergency numbers and mental health hotlines
but doubt those would need posting often
crude stump
https://tenor.com/view/cat-cat-face-giga-chad-chad-gif-940721850618971211
π
bro i love the snort live attacks
feels like ima actually investigating and blocking hackers
buoyant tree
there never was a nuber unless you use a wayback machine and use discord and go ...
wayback machine doesn't have discord
or atleast chats
since it does things while not being authenticated
scenic bobcat
they're already gone 
but yeaa
rapid merlin
Good morning 
crude stump
Good morning <:pikapika:689626579365920779>
heyo
rapid merlin
Must I go to work today 
clever shard
@sick lance congrats on becoming a mod ! π
sand trench
wait you people have stable jobs and not health problems placing you at permanent sick leave??
rapid merlin
I am just tired of being school teacher
icy cedar
I am just tired of being school teacher
cause of your students or the job itself?
icy cedar
well, I work with SOC at night... graveyard shift, so we're kind on the same boat
rapid merlin
English
rapid merlin
No no I live in Taiwan
sand trench
hey americanish is not english
icy cedar
hey americanish is not english
great point, I live in south america and USA basically became "americans" to me since they talk like they own everything
rapid merlin
Americanish π
blazing granite
great point, I live in south america and USA basically became "americans" to me ...
What people from South America don't understand is that American is the demonym in English for people from USA, if you translate that to Spanish is the demonym for the people of the whole continent. It doesn't mean that people of USA are or think that the other people don't belong in the continent, it's just a linguistic issue
icy cedar
What people from South America don't understand is that American is the demonym ...
got it
crude stump
I am just tired of being school teacher
Maybe itβs your calling to do something else
blazing granite
people love to argue and even more on things they don't know anything or very little about it π
rapid merlin
Maybe itβs your calling to do something else
Yes exactly
crude stump
Yes exactly
Howβs things at Taiwan anyways
crude stump
Thatβs good
rapid merlin
I think I prefer to live here right now then back in USA.
But maybe here is not the long term strategy
buoyant tree
great point, I live in south america and USA basically became "americans" to me ...
isn't it called "'Muricans"
icy cedar
isn't it called "'Muricans"
idk sounds like a spanish word
lavish shell
I found a really weird site. It's for practicing/learning bug bounty. But they don't want you using tools that cause a lot of traffic, enumeration bruteforce, or other such tools. It gives a link you click, and provides a source code for you to look at, but then it wants you to "Steal" the information it provided. Does this sound normal to anyone?
buoyant tree
rapid merlin
Team America 
wooden totem
I found a really weird site. It's for practicing/learning bug bounty. But they d...
wdym by steal
lavish shell
wdym by steal
One challenge, it showed admin username, passwaord, and phone number. You're supposed to "steal it when a victim views the site" but YOU are both the attacker and the victim.
rapid merlin
Steal yourself
sand trench
should probably stop stealing door frames as they keep making shadows toes hurt
sand trench
meep moop it is now shadows time to go the sleep sloops to the ultimate beepity boops boopity beeps while amazing meepo moope
buoyant tree
question, can modifying alias be a way of priv escalation
if replacing with a super used cmd
simple valve
question, can modifying alias be a way of priv escalation
Aliases are dependent on the userβs .(shell)rc file
buoyant tree
Aliases are dependent on the userβs .(shell)rc file
let's say I managed to hijack a process which was running under the user or had permissions to modify the users home directory's .bashrc
simple valve
Itβs plausible if you have edit privileges over their .bashrc file and they login and use the command.
modest elk
So I'm a beingner so when I started doing ctf (easy level) if i get struck i was using write-up for solving questions but now it became a habit. instead of solving CTF on my own I use write up .... Can someone please suggest how to remove this habit
simple valve
But having edit privileges over another userβs file would require bad config or having root
simple valve
So I'm a beingner so when I started doing ctf (easy level) if i get struck i wa...
Yeah thatβs okay
Right now you have little methodology when it comes to CTFs
So just read writeups if youβre stuck
modest elk
???
simple valve
Iβm saying its not wrong to read writeups
If you really want to not read writeups, set a timer for yourself. If you canβt finish the machine in 2 or 3 hours, you read the writeup.
modest elk
How reading write up will help???
lavish shell
If you're stuck, write-ups are pretty useful. You may think you're using the right tool, and not getting anywhere such as using directory bruteforcing. But when you look at the write-up you may see that the correct way is actually to obtain a reverse shell.
modest elk
How to approach write up ?? Which will help in learning
lavish shell
Just scrolling through a write-up without actually reading, just looking for the flags....that isn't helpful. But, if you actually look at the tools they use, then grab the tools for your own system and learn how to use them, that's when a write-up is very useful
simple valve
How reading write up will help???
Bc you donβt know everything
simple valve
How to approach write up ?? Which will help in learning
Think of it as a nudge, read where youβre stuck on then stop reading afterwards
lavish shell
How to approach write up ?? Which will help in learning
Well, first you have to pick a starting point. What is you want to do? Priveledge escalation? Web penetration? Do you wanna learn about ssh? Or telnet?
What I do when I get stuck is I DO look at the write-up, some do provide answers but I look at the method and tools used. Then I research those tools to see how they're used
scenic bobcat
How to approach write up ?? Which will help in learning
Reading Writeups will help a lot with general knowledge but try to properly read and understand why they'd be doing something a certain way or so, ask questions to yourself bout stuff in the writeup etc. and if you dont know why/how research it eg "Why is it using nmap with these parameters?" or so
also, maybe try easier machines that you feel more comfortable doing yourself and try to make your own writeup on it researching the details around it too~ also a good way to learn as well as reference for later if you get something similar.
rose dust
Is anyone have experience Attacking rasps (runtime application self-protection)?
lavish shell
Anyone heard about Discord bot that had it's source code poisoned? I wonder which bot it was...
soft turtle
Hey guys I am prepping for Active Directory to clear OSCP any suggestions in THM learning modules that can help ?
grizzled wing
i just got told by surfshark that GitHub has had a data leak, 265k records
"The Github.com website experienced a data breach. Over 265 thousand email addresses were exposed, together with credential, personal, location and employment data. Leaked records include username, name, location, company name, Parent email address and bio. The validity of the data exposed couldnβt be verified. Yet weβre still informing you about a potential data breach β but keep in mind thereβs a chance of it being a false positive."
when i signed into github
wooden totem
I think its called have i been pwned website where you can check if email was part of any data leak
I remember I used it once and found out my old email was compromised a while ago
lavish shell
I think its called have i been pwned website where you can check if email was pa...
yeah it is. There's also a tool for it you can run in terminal
wooden totem
Interesting
lavish shell
There's also a list, if you know where to look, from that site that has 100,000 passwords you can look through to see exactly which potential password of yours was exposed if you don't remember the password that may have been leaked.
grizzled wing
Bitwarden has builtin password checks for data breaches
wooden totem
I'm ashamed to admit but I use 1 password for all my accounts
grizzled wing
at least you use something
lavish shell
When he says 1 password he literally means 1PassWord lol
wooden totem
Its a long complicated password and i dont have it autosaved anywhere. But if its somehow revealed on one place, I go down on all accounts
grizzled wing
hopefully you change your password methods soon
wooden totem
Its actually pretty funny, i created the complicated password as a message directed at the person that would potentially crack it
grizzled wing
cracking passwords is such a fun thing to do
lavish shell
Its actually pretty funny, i created the complicated password as a message direc...
Sounds like the guy who changed his wifi name to "Hack_if_you_can" and two days later someone changed it "Challenge_Accepted"
wooden totem
Its actually pretty funny, i created the complicated password as a message direc...
Disclaimer, I'm not giving that out as a challenge, don't try lol
Rule 1 of cyberspace; don't make yourself a target
normal fable
Write it down real fast veggies. π
lavish shell
rm -rf rules.txt
scenic bobcat
`echo -n "Rule 1 in cyberspace, dont make yourself a target" >> rules.txt`
echo "no rules" > rules.txt
learned that is a thing few days ago, only ever knew about >>
wooden totem
`echo "no rules" > rules.txt`
Aka black hat forums
grizzled wing
yea, > vs >> one overwrites
scenic bobcat
yea, > vs >> one overwrites
Yeaa, i kinda learned linux while running it so when i was going over the fundamentals few days ago most of it was like stuff i knew but this was 1 of those thingy things i had never thought of
wooden totem
I start learning linux tomorrow, never touched it before
grizzled wing
Yeaa, i kinda learned linux while running it so when i was going over the fundam...
i like using tl;dr terminal man page
grizzled wing
I start learning linux tomorrow, never touched it before
Linux is fun, everything in Linux is a file or a folder holding files.
cat pwd ls grep are most common commands
wooden totem
Cat meow
buoyant tree
Linux is fun, everything in Linux is a file or a folder holding files.
`cat` `p...
even pwd
wooden totem
The biggest problem i think will be remembering commands
grizzled wing
pwd
dire crane
I start learning linux tomorrow, never touched it before
Linux is awesome just donΒ΄t start with arch
lavish shell
Some of them can get pretty long. Such as: find ./ -type f | sort | grep rules.txt
buoyant tree
eh heads and tails also
grizzled wing
find command will often need 2>/dev/null
dire crane
Yes, but in the end it's like a language if you know how they are structured, the commands are no longer a problem
scenic bobcat
find command will often need 2>/dev/null
Oh yeaa, i still dont fully understand that one tho 
like i've seen what it does just dunno why
grizzled wing
Oh yeaa, i still dont fully understand that one tho <:think:900410080346923089> ...
it tells the computer to put the garbage non relevant results in the null folder so you get just relevant search
scenic bobcat
i used it for enumerating files for like SUID escalation, and just didnt figure out why 2>/dev/nul hides all the "error" lines π
lavish shell
Nul = nullify
scenic bobcat
i know what the /dev/null part is just the 2> was confusing to me
grizzled wing
that part i dont know, i just use it
scenic bobcat
that part i dont know, i just use it
Well, know we both do
File descriptor 2 represents standard error. (other special file descriptors include 0 for standard input and 1 for standard output).
2> /dev/null means to redirect standard error to /dev/null. /dev/null is a special device that discards everything that is written to it.
Putting all together, this line of code stores the standard output of command ls $directory_/fallback_* 2> /dev/null into the variable scriptlist, and the standard error is discarded.
nice work π
lavish shell
I bet some of these sites offering to train and provide certifications for completion are scams. I seen one that was wanting over $8,000
grizzled wing
for what?
dire crane
I bet some of these sites offering to train and provide certifications for compl...
like 90% of the net
but with certificates it's easy to check
lavish shell
for what?
I forget exactly what, but it offered training and a cert with a 1 time try and a 1 time retake if you failed. Something for penetration.
grizzled wing
OffSec is like that
lavish shell
but with certificates it's easy to check
and how is that?
clear jackal
I bet some of these sites offering to train and provide certifications for compl...
GIAC?
They are legit if it was them
dire crane
and how is that?
Depends... When it comes to professional or technical certifications, like Cisco's CCNA, CCNP, or others, verifying their authenticity directly through the issuing organization is the best approach.
clear jackal
Yeah, that's SANS/GIAC
They are one of the best globally
You aren't meant to pay for it, your company is
alpine nebula
guys
i remember awhile ago i used this thing
trying to remember what it was
where i can make the LHOST link to it
so if i have successful break it will give me root
but it wasnt with my own ip it was something else
past sparrow
No, it was SEC560 Enterprise
That's legit
alpine nebula
Is this for a THM room?
yea
keep trying to run ms17 exploit on metasploit
and receiving exploit completed but no session was created
im thinking its because of my LHOST or port
clear jackal
For help with THM content, #room-help is the best place to receive assistance
alpine nebula
so im trying to remember this receiver thing i used
i dont want specific help with the room
just want to remember this tool
clear jackal
Right, if you ask in there it won't get lost here.
past sparrow
so im trying to remember this receiver thing i used
Meterpreter?
alpine nebula
ok
clear jackal
The chat typically moves fast
lavish shell
Interesting fact: If you're over the age of 26, congratulations you're older than Google lol
past sparrow
Feels nice to be older than something that likely knows everything about me
lavish shell
Just a tip for anyone who may be like me and who sometimes uses an android for CTFs: If you installed sshDroid for any reason, uninstall it afterwards. Don't want to leave your phone having the capability to ssh'D into
rapid merlin
Hackers/Cyber Security professionals that merely use software tools are pretty much script kiddis right? To be a "ethical hacker/hacker" you need to know programming, reverse engineering?
lavish shell
Hackers/Cyber Security professionals that merely use software tools are pretty m...
even reverse engineering require tools. Personally, I find the term "script kiddie" offensive lol. But, a "script kiddie" are the ones who never make their own material, go to sites and use other tools or source codes without knowing how they operate. Knowing about a language does help a lot, but I believe if you know the tools you're using, the techniques required, and how to perform them to achieve your goal then you're at least a step above a script kiddie.
rapid merlin
even reverse engineering require tools. Personally, I find the term "script kidd...
But finding vulnerabilities generally requires you to reverse engineer and having a in depth knowledge of windows internals or other operating system internals
right?
using tools only takes u so far
like how u gonna find a RCE exploit without reverse engineering
lavish shell
But finding vulnerabilities generally requires you to reverse engineer and havin...
No really, a script kiddie can find an exploit and take advantage of it using a prebuilt script without knowing the first thing about any of it
rapid merlin
No really, a script kiddie can find an exploit and take advantage of it using a ...
ok but to be original and find zero days, you need to be an expert in reversing
correct?
lavish shell
Reverse engineering is just breaking the program down to a Low Language Level to see how it operates to determine if there is a weakness
scenic bobcat
Hackers/Cyber Security professionals that merely use software tools are pretty m...
I mean.. it really depends cause like in my eyes a script kiddie is someone who uses tools and copy-pastes code and commands and has no clue what they're doing 
If you understand what the tools are, how they work, why they work, etc. i dont think that's really a script kiddie anymore its more of a convenience thing at that point; like i can write code and make a port scanner for example, and have a decent understanding of how they work.. but why should i try when there's programs out there that are waaay more advanced and build by people way smarter than me over years of time π
so am i a script kiddie for using them?
lavish shell
Saying you NEED reverse engineering to find an exploit is kind of like saying you need to know how to read in order to be able to talk. It may help at times, but it's not like it's the first thing I run to on a challenge.
small glade
@rapid merlin Not at all. But you definitely have to automate some stuff, so basics in coding is a must.
rapid merlin
so ur can telling me you can find a RCE exploit with the "basics of coding"?
scenic bobcat
you dont need to be a coding god to find vulnerabilities you just gotta be good at finding ways to break the code; they're pretty different skillsets i feel like
rapid merlin
so expert in reverse engineering?
lavish shell
so expert in reverse engineering?
Let's say you build a site from ground up. BUT you added some stuff as reminders for yourself in the source code such as " UserCred info stored at user HAM" I would view that in your source code, then perform ssh enumeration on your site, find Ham, then do a brute force password attack the privilege escalation so now I have root. Since you JUST MADE the site, any exploit I find is a ZeroDay for you because it means it's an attack vector that has been tooken advantage of and you have Zero Days to fix it. This isn't some cunning novel attack method, it's just new to you, so for you and your site, this vulnerability IS a Zero Day
rapid merlin
brute force password attack isn't very sophisticated
what if they using a good password
lavish shell
Doesn't matter, if I dig around and perform directory brute force enumeration, and end up finding all the hashes for your passwords because you had a hidden directory I found, you password could be a salted sha1 and I could still crack it within a few minuets
rapid merlin
what about if a gaming company had you try pentest their game servers, do you have the technical expertise to find a rce?
or is that out of scope
lavish shell
They will tell you what is out of scope, not me lol.
scenic bobcat
mhm.. yea also this gets quite difficult cause thats, what i assume, just a black box π
it would take a lot more skills and knowledge than just "reverse engineering"
rapid merlin
it would take a lot more skills and knowledge than just "reverse engineering"
like what
lavish shell
Lol, like skills and knowledge. And in that case I doubt RE will bevery helpful
scenic bobcat
networking for starers, eh.. idk if you can even exploit it like that am only a noob here too but that sounds very unlikely to exploit the game server
rapid merlin
what about the hacker that injected cheats on loads of streamers machines during a tournmanet via rce?
π
scenic bobcat
you'd be better off hunting for vulnerabiliy's in the OS's other services or so
lavish shell
what about the hacker that injected cheats on loads of streamers machines during...
I can remotely inject code into a website, that dosen't mean I had to reverse engineer my browser in order to do it lol
rapid merlin
I can remotely inject code into a website, that dosen't mean I had to reverse en...
so how u gonna find it without doing the good ol script kiddie and copy and pasting a script
scenic bobcat
by understanding how networks, the web, browsers etc. work?
rapid merlin
by understanding how networks, the web, browsers etc. work?
via reverse engineering
scenic bobcat
No, through studying the protocols and basics 
rapid merlin
i dont think ur gonna find a rce by studying the basics
lavish shell
Do you know what reverse engineering is?
scenic bobcat
yeaa
i think you're misunderstanding RE
Reverse engineering is disassembling software or malware, understanding how it works without having direct access to the source code and either using that to find an exploit and writing one based on anything you find that way, or simply editing/"patching" it to do what you want it to do
It's also eeeeeextreeemlyy slow
cause assembly is a pain to work with
lavish shell
Reverse engineering is simply looking at a source code. But instead of C, C++, C#, ect, it's in Assembly which is a Low Level Language. It is Low level because it communicates directly to the CPU.
rapid merlin
ok, but thats how the people script kiddies copy scripts from find them
scenic bobcat
again, i think you're misunderstanding some terms here
rapid merlin
i dont think a RCE is gaining unauthorised access then executing commands
lavish shell
Let me show you something
rapid merlin
its exploiting a vulnerability
vulnerabilities are found via looking at how the process works
which I don't really see any other way than picking it apart line by line
(assuming you are not using some free script kiddie tool)
scenic bobcat
Vulnerabilities are found even without having to disassembly an entire program π
rapid merlin
Vulnerabilities are found even without having to disassembly an entire program οΏ½...
by copying known vulnerabilitites?
scenic bobcat
by copying known vulnerabilitites?
No, lets take a simple example; SQL Injections
normal fable
You don't have to RE something to find a vuln..
rapid merlin
no im talking about finding RCE's
lavish shell
This is reverse engineering
scenic bobcat
i dont need to disassembly and study an entire DB server, if i learn how to use SQL you're bound to find ways you can easily break it
normal fable
Yeah. I think you need to study what a RCE is exactly.
scenic bobcat
XSS, same thing if you understand browsers and the web
rapid merlin
i dont need to disassembly and study an entire DB server, if i learn how to use ...
ok but windows programs are far more complex
prodding won't yield the same results
is anyone an expert on this that can clarify
scenic bobcat
ok but windows programs are far more complex
You just kept saying RCE and reverse engineering
i have done basic RE stuff
rapid merlin
in windows
normal fable
RE is a way to find vulnerabilities that can lead to RCE.. But not the only way
lavish shell
So you're saying Internet Explorer on Windows is "far more complex" than Internet Explorer on Linux?
thorny walrus
yes
scenic bobcat
So you're saying Internet Explorer on Windows is "far more complex" than Interne...
obviously is edge ftw
thorny walrus
Lol, you hush, you're an orange color. You know better lol
but :(
normal fable
moo btw. π
lavish shell
When do colors get updated?
scenic bobcat
in windows
anyway bottom line; RE is hardly the only way to find RCE's and if you ever wanna find 0-days you gotta learn a lot more than just that, along with that you'd probably have to be quite talented and lucky at finding vulnerable code especially these days π
normal fable
I tried to re-verify but it doesn't change for me. 
lavish shell
They update them periodically, I just don't know when
boreal terrace
some one know this not ?
scenic bobcat
btw anyone know~ i've been taking notes from the THM classes and used the example pics they show in them aswell. but was planning on putting those on my Git to share with a few friends. would they mind? or would i need to get rid of the pics?
lavish shell
btw anyone know~ i've been taking notes from the THM classes and used the exampl...
I'd give credit where credit is due and just leave a link to this site so they can enjoy it too
Rather than "This is from a site I was on" say "This is from TryHackMe, link is below"
scenic bobcat
some one know this not ?
why the random friend req?
scenic bobcat
Rather than "This is from a site I was on" say "This is from TryHackMe, link is...
Ah yeaa, ofc. but they're also on here just wanna be sure its okay π
clear jackal
what about the hacker that injected cheats on loads of streamers machines during...
These claims are still not proven. Please do not spread misinformation. RCE hasn't been confirmed yet.
lavish shell
Ah yeaa, ofc. but they're also on here <:hehe:709451781448663081> just wanna be...
I don't know, some sites like to get legal about things when you take stuff off their site and post it all over. I'd check with someone who actually knows rather than listening to me on that subject
boreal terrace
no one have this notes ?
normal fable
Windows PrivEsc note?? I mean.. I have mine I'm sure.. somewhere..
scenic bobcat
I don't know, some sites like to get legal about things when you take stuff off ...
Yeaa, just dunno if theres someone i can ask active rn π
steel mountain
Hi guys im struggling to crack a password using johntheripper
I have copied the hash in the text file and using rockyou.txt
but its not giving me an answer
scenic bobcat
eh as in its slow or just no results from it? π
normal fable
Post in #room-help for help with a THM room. π
normal fable
What's this for?
scenic bobcat
its not a thm room
Ah π
steel mountain
its hackthebox tier 1 (i know I should be asking in htb server) but the problem im facing is with johntheripper so I thought I could ask here π
htb tier 1 starting point
normal fable
HTB has a discord. π
steel mountain
also no ones responding in htb i think theyre sleeping rn lool
idk what a rainbow table is properly and dk how to use it π
im following this
lavish shell
Helpful tip: There's more than one way to crack a hash
scenic bobcat
idk what a rainbow table is properly and dk how to use it π
Well it's a good thing to research then π
steel mountain
steel mountain
Helpful tip: There's more than one way to crack a hash
ahh
rapid merlin
These claims are still not proven. Please do not spread misinformation. RCE hasn...
It's the assumed narritive, so I'm sticking with it until proven otherwise
scenic bobcat
cause it miight save you a lot of time bruteforcing - rainbow table first, then hashcracker or whatever you like
steel mountain
but the few articles ive looked at are using rockyou.txt
lavish shell
Have you even tried using hash identifiers?
scenic bobcat
but the few articles ive looked at are using rockyou.txt
hmm.. either your wordlist has a few bad characters in it - i had that in one of mine, or you're using john wrong? idk
steel mountain
Have you even tried using hash identifiers?
idk those π
steel mountain
hmm.. either your wordlist has a few bad characters in it - i had that in one of...
nah im using john correctly and also my johntheripper looks weird ash
scenic bobcat
ah π ehh.. maybe study up on hash cracking and whatnot first then cause like hashidentifier and rainbow tables are quite important basic concepts already
lavish shell
How do you expect to crack a hash when you can't identify what it is? Lol, get off here, go on google and type in hash identifiers
steel mountain
ah π ehh.. maybe study up on hash cracking and whatnot first then cause like h...
ok
thanks
steel mountain
How do you expect to crack a hash when you can't identify what it is? Lol, get o...
i think i know the hash
lavish shell
There's also hash crackers there that crack it instantly vs waiting 30-40 minuets on a bruteforce
scenic bobcat
it just suuucks if you do it on a tiny wordlist or so lol
lavish shell
Of course it isn't identified. You have " Administrator:: RESPONDER: " in with the hash you want to crack
steel mountain
ahhh π wth that was how the ppl in the guide were doing it π
thanks for pointing that out...im assuming the hash starts from 50...?
lavish shell
Yes lol
lavish shell
That's also why JTR wasn't finding anything lol
scenic bobcat
I'm sorry but if this is all still new to you maybe HTB is a bit early? or atleast properly research the things you're doing now with that walkthrough you're trying to use π
steel mountain
I'm sorry but if this is all still new to you maybe HTB is a bit early? or atlea...
yeah ill try doing that too, thank u
twin ridgeBOT
Gave +1 Rep to @scenic bobcat (current: #821 - 4)
scenic bobcat
ofc, good luck tho 
how is there still more on networking
my notes is already 15 pages when i put it as a pdf 
(i mean.. including images but yea)
rapid merlin
What is the scope of hacking with tools, I would assume most "pen-testers, cyber security" people in this discord primarely use their knowledge of tools to hack
but I assume that only gets you so far
scenic bobcat
i thought we went over this lol
lavish shell
What do you mean "scope"?
rapid merlin
my interest lies within windows internals, finding vulns, what would be my approach to learning this? malware analysis?
rapid merlin
What do you mean "scope"?
limitations
scenic bobcat
Okay so, you wanna learn how to exploit Windows and find 0-days for it?
rapid merlin
Okay so, you wanna learn how to exploit Windows and find 0-days for it?
i want advise from an expert in this field
buoyant tree
normal fable
My advice would be to learn a lot. π
lavish shell
Sounds sketchy to me. Asking all these questions but not doing any rooms on the subject??
scenic bobcat
I think you might be misunderstanding stuff still but basically; if you wanna find vulns in windows you learn.. like everything about it lol
How it works, high and low level, the Windows API is a great start probably to get some more understanding
rapid merlin
not very helpful
i already used windows api a bit
and some reversing malware
can someone hack my website
scenic bobcat
I mean idk what to tell you lol its not exactly something just anyone can do finding vulns in a big OS like that is something people with tons of knowledge and focus on certain areas do
people spend months or years researching this stuff
lavish shell
It's beginning to sound like a kid who just wants a quick and easy way to prank his friends. So, I'm out of this conversation
scenic bobcat
can someone hack my website
rapid merlin
It's beginning to sound like a kid who just wants a quick and easy way to prank ...
how so
normal fable
people spend months or years researching this stuff <:MochaShrug:102432569010080...
decades... literally decades..
rapid merlin
I'm literally asking how to approach learning reverse engineering that is a significant undertaking
not asking where to find some hackforums script kiddie undercover fed project
scenic bobcat
again you're confusing reverse engineering i believe
rapid merlin
no
steel mountain
hashes.com?
thank u I found out its a ntlmhash
twin ridgeBOT
Gave +1 Rep to @buoyant tree (current: #152 - 42)
rapid merlin
I know what reverse engineering is and the purpose of it
lavish shell
I'm literally asking how to approach learning reverse engineering that is a sign...
You're in the wrong place for RE. I suggest you look up MicroCorruptions fir Reverse Engineering. That's how I learned it
rapid merlin
You're in the wrong place for RE. I suggest you look up MicroCorruptions fir Rev...
ok ill take a look
scenic bobcat
i kind of doubt that seeing what context you keep using it in but yea thats a good start also
steel mountain
i think theres something wrong with my john
rapid merlin
i kind of doubt that seeing what context you keep using it in but yea thats a go...
How so? Reverse engineering is taking a binary apart to understand how it works
rapid merlin
If that understanding is wrong, explain instead of saying I'm wrong every 3 seconds
steel mountain
this is how mines looking π
too many warnings idk wht im doing wrong
Warning: invalid UTF-8 seen reading /home/aceon/Downloads/rockyou.txt
saw this msg
lavish shell
too many warnings idk wht im doing wrong
You have "wordlist= /home" instead, remove the space and do "wordlist=/home"
scenic bobcat
How so? Reverse engineering is taking a binary apart to understand how it works
Yes but you seem to keep linking it as the only way to find vulnerabilties anyway nvm~ am a noob best i did was simple crackmes on RE and 2 simple Binary PWNs π
steel mountain
You have "wordlist= /home" instead, remove the space and do "wordlist=/home"
THANK YOU!!
π
rapid merlin
Yes but you seem to keep linking it as the only way to find vulnerabilties <:Moc...
in windows, sure
lavish shell
IT WORKED
Of course, sometimes it's the small things. And this is where debugging comes into play lol
steel mountain
thank u, guess i just needed a fresh pair of eyes π
timid prism
@plucky folio which test next?
steel mountain
im off to pray
rapid merlin
Hey there,
I accidentally deleted an important file on my Windows system that was nestled within multiple directories. The catch? I need it back with its original filename intact. While I know how to recover deleted files, most tools only restore them with random names and keep the original extension.
I know paid solutions can do this, but I'm hoping for a free alternative. Please share any tips, tools, or personal experiences you can share to help me out would be amazing.
simple valve
Hey there,
I accidentally deleted an important file on my Windows system that wa...
That sounds oddly specific
naive violet
Hey there,
I accidentally deleted an important file on my Windows system that wa...
Is it in the recycle bin?
chilly veldt
I was going to say, just rename it after restoring it
naive violet
Recycle bin stores the names etc too, I wonder if that software is only looking at one of the two records. One stores data, one is metadata
sick lance
This...
This is when people learn the importance of backing files up.
worn thorn
save it at least twice if it's really important I learned that the hard way.
sick lance
save it at least twice if it's really important <:blobfingerguns:658062473617866...
3-2-1
worn thorn
I only do 3-2. I don't trust the cloud enough.
sick lance
The 1 doesn't have to be cloud based.
It can be a physical media storage device in a different location.
naive violet
Twitter
shut hawk
Not in scope?
jaunty prairie
has to be not in scope....or I suck
naive violet
Not in scope?
Not in scope, time limited test, non exhaustive
simple valve
Thatβs always in the document you pass to the client before starting the pentest
brisk tree
chilly veldt
https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud_provider_is_now/
lmao
uncut cove
https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud...
who would've thought 
sick lance
"We own it"
"We sell to AI for learning"
mossy river
Honk mimimi
wintry sluice
honk shoooo
sly wagon
morning
rapid merlin
https://old.reddit.com/r/selfhosted/comments/1bouuv7/warning_vultr_a_major_cloud...
I loveeeee cloud companies
I loveeee cloudflare
sly wagon
do you guys think finding vulnerabilities is harder and harder nowadays, when basically everyone use cloud services?
mossy river
βBasically everyoneβ doesnβt sound statistically accurate
A lot more people use cloud services, yes, but there are still a ton of machines out there
worn thorn
vulnerabilities are a constant. They might never not exist.
rapid merlin
do you guys think finding vulnerabilities is harder and harder nowadays, when ba...
There is always new things being developed, more new things than ever before
I'd argue your scope is larger if you went bug hunting
sly wagon
i guess there is more in general, but less low hanging fruits
rapid merlin
i guess there is more in general, but less low hanging fruits
Totally not true
shut hawk
do you guys think finding vulnerabilities is harder and harder nowadays, when ba...
There are vulns in cloud services too
worn thorn
With the existance of LLMs and less knowledged people to use said LLMs in Prod there will be more
rapid merlin
Maybe if you're looking at places with more money behind them yes there is less chance they have low hanging fruit but
wintry sluice
there will always be vulns because humans make mistakes
rapid merlin
There are lots of places with outdated software etc still
sly wagon
There are lots of places with outdated software etc still
true
fluid ember
Please guys I have a question. My brother wants to go into cybersecurity and he starting with the Tryhackme to get into cybersecurity. Is it a good starting point?
sly wagon
yes
wintry sluice
plus there is an inherent tradeoff between the 3 prongs of the CIA triad.
rapid merlin
plus there is an inherent tradeoff between the 3 prongs of the CIA triad.
Let me see if i remember this
twin ridgeBOT
Gave +1 Rep to @sly wagon (current: #1016 - 3)
rapid merlin
Confidentiality, integrity, accessibility
sly wagon
correct
rapid merlin
thank you mr jackman at school
sick lance
If you're talking about cloud, DAD probably plays a big factor too.
sly wagon
Thank you. So he can start from there. It's a nice idea?
sure, he can just go through beginner rooms and see if it's interesting for him
sly wagon
If you're talking about cloud, DAD probably plays a big factor too.
isnt that just opposite of CIA?
fluid ember
sure, he can just go through beginner rooms and see if it's interesting for him
Thank you I appreciate for the quick response π
sick lance
isnt that just opposite of CIA?
But in terms of Cloud is would be important,
Data
Applications
Devices
sly wagon
tryhackme alone probably won't give him all he needs to start career in cybersecurity, but is a good starting point for sure
fluid ember
tryhackme alone probably won't give him all he needs to start career in cybersec...
So which one will he add as he is going for the Tryhackme?
CompTIA sec+?
rapid merlin
CompTIA sec+?
Certs are good
sick lance
Certs don't assure you of getting a job though.
fluid ember
Certs don't assure you of getting a job though.
Yeah exactly π―
rapid merlin
Of course, they just help
outer rivet
sick lance
but certs won't hurt
That depends.
outer rivet
https://tenor.com/view/cat-cat-meme-funnt-cat-black-cat-sleepy-cat-gif-164096148...
This is me right now
rapid merlin
If you have no experience, then I think certs are good to have
I think once you have experience they matter less
sick lance
If you have a high number of certs in a short time = red flag.
outer rivet
If you have no experience, then I think certs are good to have
Is really depend what type of certain you have tho
rapid merlin
If you have a high number of certs in a short time = red flag.
How so?
outer rivet
If you have a high number of certs in a short time = red flag.
This make sense
That mean you lying or cheating
π
sick lance
How so?
Because it shows to me you might have alot of certs, but it doesn't show me how well you've retained the training for the cert.
rapid merlin
That mean you lying or cheating
Not neccessarily...
rapid merlin
Because it shows to me you might have alot of certs, but it doesn't show me how ...
What does show that?
fluid ember
So which one will he add as he is going for the Tryhackme?
Can he go for sec+ or CCNA?
sick lance
What does show that?
Depends on the user and CV.
I'm not saying the person doesn't have a high retention rate, I'm just saying it's a red flag.
"Having a lot of certs or having "higher" certs without experience is a red flag because there may be fundamantal misunderstandings of how enterprise IT operates or ought to operate and those knowledge gaps automatically disqualify candidates. There is also a perception of "cert chasing" which can indicate a candidate isn't interested in doing actual work."
juun.
fluid ember
Can he go for sec+ or CCNA?
?
mossy river
I have sprained my ankle so bad π
sick lance
Gym?
rapid merlin
I think juuns point is flawed because what would be the point in only chasing certs (which if not already employed in industry, cost a lot of money)? You are just spending money and time getting certified, but then not wanting employment? It makes no sense. Someome who is getting certified clearly wants employment in my eyes.
mossy river
Gym?
I slipped over in the rain last night
Canβt put any pressure without a lot of pain
rapid merlin
Canβt put any pressure without a lot of pain
Get well soon
mossy river
Itβs leg day, I need a super fast recovery π
sick lance
I think juuns point is flawed because what would be the point in only chasing ce...
You could also be getting a whole list of certs that aren't relative to the job you're applying/wanting.
sick lance
I slipped over in the rain last night
Eep!
fluid ember
So which one will he add as he is going for the Tryhackme?
Can he go for the CompTIA sec+ or the CCNA @sly wagon
rapid merlin
You could also be getting a whole list of certs that aren't relative to the job ...
Of course, I guess that's just user error though, wasting time on getting a non-relevant cert
rapid merlin
Itβs leg day, I need a super fast recovery π
The bench is calling
sick lance
Can he go for the CompTIA sec+ or the CCNA <@352560204082053123>
Be patient, stop spamming the same message every now and then.
fluid ember
Be patient, stop spamming the same message every now and then.
So sorry
chilly veldt
I would recommend just learning, getting a job and then the certs
craggy wadi
I think juuns point is flawed because what would be the point in only chasing ce...
Perhaps but I think what he means is that cert chasers may appear to want to gain a higher level position as their first job rather than learning, getting a cert or two then starting entry level.
sly wagon
Can he go for the CompTIA sec+ or the CCNA <@352560204082053123>
I'm definitely not an authority on certs, I'm not sure which ones are worth
sick lance
Uni first, then job, then certs
craggy wadi
uni if youre still young imo
chilly veldt
if you're already in uni, if you're past all education then job > cert
sick lance
uni if youre still young imo
Uni is for any age.
craggy wadi
having an education is never bad of course. just not worth it for some if you already have a degree in something else and school is pricy.
also hard to commit to school if youre working alot
sick lance
also hard to commit to school if youre working alot
No, you just need to find a suitable work-life-education balance.
craggy wadi
agree to disagree i guess. uni is not always the best option to learn imo. time + financial committment
pallid lotus
I think juuns point is flawed because what would be the point in only chasing ce...
That's not a counter to Juun's point.
They can acknowledge that you want employment whilst still being concerned that you've picked up a lot of technical skills without being familiar with the enterprise environments in which you'd be expected to use them.
Wanting employment != Suitability for employment
mossy river
My friends work back to back shifts on weekends because they get minimum government finance and itβs not enough to pay for the house contract, let alone food. I wouldnβt say they have the luxury of a uni work life balance
rapid merlin
That's not a counter to Juun's point.
They can acknowledge that you want employ...
How are you supposed to get familiar with an enterprise environment without being employed!
pallid lotus
You're not.
Again, that's not the point.
The point is that going into an interview with a representative of said environment, with no real world experience but a bunch of advanced level training, can indicate that you're missing big gaps in how to use that training.
i.e. you may be dangerous due to having the skill to do damage but not the knowledge of how to avoid it (and possibly not the attitude to learn).
If you want to avoid that, the solution is to
A) not go nuts with the certs. Yes, they're good to have, but there are optics to consider
B) make that a focal point in the interview -- "yes, I have technical skills but I'm well aware of what I'm still missing, am eager to learn, and don't expect the certs to stand in for experience in terms of responsibility or compensation"
C) possibly most importantly, remember that offensive security tends to not be an entry level position and don't fixate on jumping rings on the ladder.
rapid merlin
If you want to avoid that, the solution is to
A) not go nuts with the certs. Ye...
Yes I agree with this
Depends what your "lots of certs" is
I'd say a healthy 2 or 3 and some IT experience somewhere is a nice start no?
If someone had 10+ I would be questioning for sure
pallid lotus
Well that and the level of the certs + the content they cover.
2-3 entry level are a good bet I would say. Rounded out with some IT experience, even better.
lone thistle
yeah was awesome!
he's a great host. Also nice to actually talk to him properly outside of DMs rofl
sick lance
yeah was awesome!
Is this the first of many? π
pallid lotus
2-3 entry level are a good bet I would say. Rounded out with some IT experience,...
And bear in mind that's coming from someone who had β
of OSCEΒ³ before graduating uni.
I'm speaking from experience when I say that the technical knowledge is incredibly useful, but you are not prepared for an enterprise environment.
lone thistle
we'll see π€« I did say i'd be up for a part 2. We covered like only half the questions we had planned π
sick lance
I was speaking more about different speakers, but part 2 works also π
lone thistle
a glitch in the matrix
sick lance
And bear in mind that's coming from someone who had β
of OSCEΒ³ before graduating...
Difference though, you've got so much to back up everything.
Muiri, what did I tell you about that PFP π
lone thistle
I was speaking more about different speakers, but part 2 works also π
ohhh i see. yeah I mean i'm open to it if anyone invites me LOL
sick lance
Get Muiri on!
rapid merlin
2-3 entry level are a good bet I would say. Rounded out with some IT experience,...
Yeah that sounds about right, that is what I'm currently in persuit of.
sick lance
a glitch in the matrix
I hate the mobile app, it's the butterfly on my mobile, his usual pfp on the workstation.
rapid merlin
And bear in mind that's coming from someone who had β
of OSCEΒ³ before graduating...
You say you're not prepared so, how did you feel when you got your first job?
solemn radish
Odd question - If you're not in the top 50 of your country - How do you actually see your points?
sick lance
I don't think you can.
solemn radish
Hmmm - Thanks
sick lance
Probably a way via api, but documentation isn't given out.
pallid lotus
You say you're not prepared so, how did you feel when you got your first job?
First time I went into enterprise was an internship with my current employer. The difference between what worked in an enterprise environment and what I'd learnt from OSCP / OSEP / CRTO was quite... Jarring. The basic technical skills were the same, but factor in the technical controls of a hardened environment and more importantly the metric tonne of bureaucracy and it all becomes quite different.
That was an internship -- I had a good introduction to things and a lot of opportunity to discuss stuff. If I had walked in as a junior and tried things I'd learnt in labs without being in that "questions encouraged" environment, or if I had been of the opinion that I didn't need to ask questions, I would have ended up in trouble very quickly lmao
rapid merlin
First time I went into enterprise was an internship with my current employer. Th...
Did you enjoy the fact that the environment was hardened and therefore made your job harder?
I'm guessing the politics of it all was quite restricting and you probably didn't enjoy that part but like you said, taught you things about the enterprise environment.
pallid lotus
Oh God yeah. Once you've written malware that works in a bank, everything else just gets kinda boring π
rapid merlin
Oh God yeah. Once you've written malware that works in a bank, everything else j...
Very cool, thanks for answering my questions
twin ridgeBOT
Gave +1 Rep to @pallid lotus (current: #9 - 743)
pallid lotus
Np π
sick lance
I just realised I'm off Uni until next Thursday.
Winning.
sick lance
can u all help me with essay
No, we don't help with school work, sorry.
sharp citrusBOT
TryHackMe Rules
wanton schooner
oh ok
srry
its not school work btw its for program , they will select on the basis of our views on this
but anyway
thanks for answering
proper tinsel
Uni first, then job, then certs
Ideally, agree⦠tho I went job/experience, uni, certs, more experience, more certs⦠you kindof have to gauge where youre at and build from there
spice adder
Just seen CVE 2024-1086. Wonder if this will have any implications on the paths for existing CTFβs
Quite an unstable PoC released for it, it froze 3 hosts in my lab no more than 5 minutes after obtaining root
sick lance
I've been working on somethin related to that, however it's for Uni.
spice adder
I've been working on somethin related to that, however it's for Uni.
Final year project?
sick lance
Final year project?
Yeah. π
spice adder
Nice man! Plenty of content in that. Whatβs your research title?
Iβm working on mine atm :)
sick lance
Oh, it's going to be a TryHackMe room.
spice adder
Product is finished, just writing to do uhh
spice adder
Oh, it's going to be a TryHackMe room.
Noice noice
Intended to use existing PoC from notselwyn?
sick lance
Nah.
spice adder
Good π
sick lance
Don't like their PoC?
spice adder
It works, but as mentioned - freezes :/
if ur quick enough you could obtain root flag, but freezes do occur
sick lance
The author is in this server
sick lance
I'd need to try their PoC and see if it freezes for me, but nah, I won't be using it.
spice adder
Iβd be interested to hear if it does freeze for u :)
I seen selwyn mention that it can be unstable on hosts with high network traffic. Disabled networking to see if that would amend the freezes, but no :/
spice adder
It's breaking bad themed <:KEKWLUL:633145490774687744>
Computer science, bitch!
spice adder
Iβm working on a doom themed ctf atm hehe
devout palm
It goes like:
Stego -> Forensics -> OSINT -> WEB -> Algo
spice adder
Nice! I hope to see more dead social media accounts for CTFβs that I can follow π
devout palm
Hahahha
If it wasn't turkish, i would publish
And also it includes my server's IP
I don't want it to get BBosed
spice adder
Host it on a rasp pi you planted in Starbucks on free Wi-Fi, no bbossing on u hehe
devout palm
That's illegal, isn't it?
spice adder
sly wagon
Host it on a rasp pi you planted in Starbucks on free Wi-Fi, no bbossing on u he...
doubt that a public starbucks router forwards port 80/443 outside 
spice adder
doubt that a public starbucks router forwards port 80/443 outside <:KEKW:8360194...
Back to the drawing board 
spice adder
I wonder if the router is susceptible to the good old βpss pssβ head pat technique
sick lance
Host it on a rasp pi you planted in Starbucks on free Wi-Fi, no bbossing on u he...
I can think of a few reasons this wouldn't be a good idea.
sly wagon
i mean robots.txt is specifically for the outside world to see, so
sick lance
What's this report for?
sour jackal
and maybe don't let robots.txt be accessed without a referer header <:thinkw:737...
or maybe do not let bot like user-agent is access it 
sly wagon
if there is something sensitive in robots.txt, then it's not the case of hiding the file itself, rather hiding the sensitive content from the outside world
i guess
sour jackal
or maybe do not let bot like user-agent is access it <:thinkw:737668809170747442...
or maybe just use wildcard within robots.txt
sick lance
Work?
sour jackal
just redact it on your pentest report then π
crude stump
Oh my whoβs name is that
sly wagon
robots.txt isnt a security measure as far as I know
sick lance
Not a good idea to our source your work in here?
spice adder
I can think of a few reasons this wouldn't be a good idea.
And even more supporting it as a great idea!
sour jackal
spice adder
(i do not condone unethical practices)
sick lance
It's really not, please stop.
Isn't this supposed to be confidential?
rapid merlin
Hello! I have a question. I want to organize a CTF competition within a passionated student community with poor financially condition, using the services of the TRYHACKME platform. They do not have premium accounts on tryhack me, but i would like to be able to share them links with CTFs, from low to high difficulty, like a competition. In the first place, I want to organize this event only once, to see the feedback from the community then, eventually, organize such events in the future. So, I want to know, if i can pay this service separately, to Tryhackme, only for this event, without having a business account. Thank you in advance for your answer! π
sick lance
Hello! I have a question. I want to organize a CTF competition within a passiona...
Please don't spam your message accross different channels.
hearty gull
i saw an cdn2.example.net is there anyway to exploit a subdomain that belongs to cloudflare or is it super hard?
just wondering
sick lance
Hello! I have a question. I want to organize a CTF competition within a passiona...
Support would be your best bet to answer, none of the staff are around at the moment, but then they just may direct you to support also.
Or not, Jabba to the rescue.
rapid merlin
Thank you very much, and sorry for the spam. I didn t know if i posted in the right place. π
mossy river
Hello! I have a question. I want to organize a CTF competition within a passiona...
cc @hollow pivot I donβt think the CTF builder is a standalone purchase?
sick lance
Thank you very much, and sorry for the spam. I didn t know if i posted in the ri...
It's ok.
I can understand the confusion, but thanks for being understanding.
twin ridgeBOT
Gave +1 Rep to @indigo dragon (current: #2037 - 1)
hollow pivot
Hello! I have a question. I want to organize a CTF competition within a passiona...
Hi there,
The CTF builder is only included with Business and Education Licenses. There are no options to purchase it separately.
mossy river
Ty Gonzo
rapid merlin
this is what i m thinking about, maybe i can make a donation equivalent to 1-2 -3 months of business, idk :-? if the feedback of the community would be good, i will definitely buy a subscription for more time
hollow pivot
this is what i m thinking about, maybe i can make a donation equivalent to 1-2 -...
Can you DM me with all the details please?
umbral bay
https://tenor.com/view/tiktok-dog-awkward-dog-confused-awkward-confused-dog-gif-...
This is the look of my dog when they realize no treats today. π
chilly veldt
that moment when you accidentally overbook yourself with work
rapid merlin
Thank you for the suggestion, but i would like to use the existent ctfs from THM, as I m not that advanced to design the challenges in that way
twin ridgeBOT
Gave +1 Rep to @noble nacelle (current: #1016 - 3)
shell nova
Or set up a ctfd instance
Can still use it to val...ah I see
Unless op does all the challs first to get the flags
I think that's what they were planning
Well minus the hosting
subtle drift
brute-forcing with Burp using the best1050.txt, glanced at the progress, ||cock|| and ||cumming, cumshot|| and ||dick|| are all included in the list, i nearly spat coffee at my laptop
shell nova
brute-forcing with Burp using the best1050.txt, glanced at the progress, ||cock...
People are weird
shell nova
brute-forcing with Burp using the best1050.txt, glanced at the progress, ||cock...
I suggest you spoiler those though
Danke
subtle drift
i use curses in some passwords, but using mixed letters, numbers and symbols in phrase chains, much like when i smash my toe on a table leg and a profuse stream of profanity rattles out
and bitte π
wintry sluice
i use curses in some passwords, but using mixed letters, numbers and symbols in ...
adds password generator to osint profile
sly wagon
adds smashing your toe as a social engineering tactic
subtle drift
_adds smashing your toe as a social engineering tactic_
pretty good tactic if you ask me
this list is wild though, only at 472/1049 and it's consistently entertaining
sly wagon
you're using burp community?
subtle drift
you're using burp community?
i am, it's taking forever haha
sly wagon
yeah, that's why I wrote myself a little script to bruteforce HTTP
subtle drift
yeah, that's why I wrote myself a little script to bruteforce HTTP
that sounds interesting! i don't have the knowledge to do that just yet
warped willow
Where to start learning bug bounty guych π
sick lance
Where to start learning bug bounty guych π
Have a look in #bug-bounty.
Or websites like Hackerone
bugcrowd etc
shut hawk
Have a look in <#743858961593139361>.
Or websites like Hackerone
Specifically look at the pins @warped willow
shell nova
i am, it's taking forever haha
Community version intentionally nerfs the speed
rapid merlin
Community version intentionally nerfs the speed
Really? LOL
subtle drift
i did get the warning, didn't realise it throttled it so hard. but i didn't need to run it as long as i did... that's what i get for doing housework in-between tasks 
rapid merlin
I understand locking features but cmon, throttling speed? :c
chilly veldt
@sick lance you've seen the new feature in IOS 18 for iPhones?
whole yew
Community version intentionally nerfs the speed
can confirm, the community version has more limits on concurrent requests and timing
chilly veldt
You're now able to put app icons wherever you want on the screen
wintry sluice
<@958383130102870026> you've seen the new feature in IOS 18 for iPhones?
software level waterproofing?
shut hawk
You're now able to put app icons wherever you want on the screen
LMFAO
shut hawk
Catch up, Apple
wintry sluice
You're now able to put app icons wherever you want on the screen
perhaps this means they no longer need to be aligned to a grid?
sick lance
You're now able to put app icons wherever you want on the screen
Customisation? π
chilly veldt
perhaps this means they no longer need to be aligned to a grid?
Still grid based
crude stump
https://tenor.com/view/giga-gigacat-cat-mewing-mogging-gif-12429734670640119345
π€«π§
wintry sluice
mossy river
Heβs looksmaxing
mossy river
Absolutely hate these videos
mossy river
Theyβre unnecessarily toxic and the βSamsungβ ones claim features that existed way before Samsung showcased them, but they clown on iPhone for βstealingβ the feature
Itβs the same as Xbox vs PlayStation, who cares
shut hawk
I mean, being able to place your icons anywhere in the home has been a feature for ages though - I'm surprised apple's only just done it now
wintry sluice
I don't see it as toxic. I just find it funny.
agree wrt consoles. PCMR
naive violet
I mean, being able to place your icons anywhere in the home has been a feature f...
Few years back now iirc
Also Jayy, passed CSTL practical today
simple valve
congrats Jayy!
shut hawk
lmao π€£
naive violet
There's a comma
simple valve
OH
shut hawk
Hahahaha
naive violet
But congrats Jayy anyway
simple valve
Congrats James!!
wild rose
Nice going
naive violet
Just waiting on the results for scoping and washup
I got 100% on those sections last time
shell nova
I understand locking features but cmon, throttling speed? :c
Gotta sell that pro version π
naive violet
How was the exam like? lot harder than TM?
CSTM is very straightforward.
CSTL is not difficult exploits, but finding IPs/networks etc makes it hard
scenic bobcat
I got 100% on those sections last time
Oh, James i wanted to ask something; I've been taking notes on THM classes i wanted to share on my Git with friends- can i keep the images in them or would that cause issues? π
subtle drift
welldone!
naive violet
Oh, James i wanted to ask something; I've been taking notes on THM classes i wan...
I'm not THM staff so I don't think I can answer that sadly
Perhaps @mossy river ?
scenic bobcat
Ahh, oki
rapid merlin
Gotta sell that pro version π
I guess :c, usually you only get that with companies though right? Idk anyone who pays out their own pocket
shut hawk
CSTM is very straightforward.
CSTL is not difficult exploits, but finding IPs/ne...
Were you allowed to take your own hardware into the exam?
naive violet
Yes
shell nova
I guess :c, usually you only get that with companies though right? Idk anyone wh...
Generally recommended
naive violet
But no internet for tooling
naive violet
Internet for google at a supervised workstation
rapid merlin
naive violet
Were you allowed to take your own hardware into the exam?
CSTM is your own VM etc now too
rapid merlin
Internet for google at a supervised workstation
Is it available to take online?
naive violet
Nope.
sick lance
Oh, James i wanted to ask something; I've been taking notes on THM classes i wan...
I'm not staff either, but if it's sub content it might be copyrighted.
naive violet
In person in one inconvenient location only
rapid merlin
Damnnn, proper locked down
shut hawk
Ah, was that all the travelling the other day?
naive violet
Yep thankfully
shut hawk
CSTM is your own VM etc now too
Woah nice that's really useful
naive violet
Although return today
rapid merlin
7 hours on train for an examπ
shut hawk
Had to stay overnight?
scenic bobcat
I'm not staff either, but if it's sub content it might be copyrighted.
Yeaa, kinda why i wanted to ask first cause it does have some π
rapid merlin
What yall use for making resume
shut hawk
What yall use for making resume
I used AwesomeCV LaTeX template
rapid merlin
Free ?
Yeah
For one CV though, so you can only keep one at a time instead of keeping lots of seperate CV's on there
But you can edit and change the template of the 1 CV anytime you like
outer rivet
Haha nice
clear jackal
Overleaf is the LaTeX editor I use
shut hawk
ditto
mossy river
Oh, James i wanted to ask something; I've been taking notes on THM classes i wan...
Please do not use TryHackMe graphics witout explicit permission from TryHackMe support π
scenic bobcat
Oki, thats why i was asking 
crude stump
Are you OK AceS?
Heck yeah
hazy flume
did anyone buy the burp suite professional? and can share an example for an automated vulnerability scan
shut hawk
Used it for work
hazy flume
how is it?
it says the brute force isnt rate limited there. so im wondering limited what?
icy gulch
Can anyone help for cissp preparation 2024
sick lance
They don't slow you down.
wintry sluice
the rate at which it sends packets to the target, presumably
hazy flume
the rate at which it sends packets to the target, presumably
so the results i get are still based on my pc performance? or their pc performance? or network
their server*
wild rose
When you're giving a presentation for work and your power goes out, but you're still talking like nothing happened until you get a phone call from your boss minutes later... π₯² Dying on the inside
shut hawk
how is it?
Really good, saved a lot of time
hazy flume
ok thanks ill try it
shut hawk
Obviously would probably not recommend paying for it out of your own pockets
shell nova
so the results i get are still based on my pc performance? or their pc performan...
Yes.
shut hawk
Due to how pricey it is
sick lance
7 day trial.
hazy flume
Due to how pricey it is
it says 449$.
is that yearly or one time payment
wintry sluice
probably subscription
hazy flume
ah yes its 1 year i missed it
simple valve
did anyone buy the burp suite professional? and can share an example for an auto...
depends on what you use
they have their own web app scanner, they also have the option to use bcheck scripts, plugins, etc.
hazy flume
honestly just used the community burp and its very usefull so i want the profesional but they realized its price
naive violet
did anyone buy the burp suite professional? and can share an example for an auto...
It's nice as a supplement to manual testing.
The automated findings are pretty junky on modern webapps, but the other pro creatures are lovely
hazy flume
but then*
hazy flume
It's nice as a *supplement* to manual testing.
The automated findings are pretty...
the automated scans are scripted or responding to the scans meanwhile scanning?
simple valve
the Collaborator feature is a game changer for OOB testing
other than that, you can make do with burp plugins
simple valve
the automated scans are scripted or responding to the scans meanwhile scanning?
you can set it either way i think. you can run audits on URLs you visit, etc. or you can run a whole scan on the web app
hazy flume
cool thanks
naive violet
the automated scans are scripted or responding to the scans meanwhile scanning?
Reads responses etc and flags vulns, but there's more to it
hazy flume
Reads responses etc and flags vulns, but there's more to it
amazing. thanks
twin ridgeBOT
Gave +1 Rep to @naive violet (current: #1 - 2108)
blazing granite
@naive violet I've just read about your exam, congrats!!! π₯³
errant umbra
Eh, if you need it you can Google it... Like, it's important but if you're using it all the time just have a print out or something until you know what's what
π
boreal scarab
Eh, if you need it you can Google it... Like, it's important but if you're using...
@polar wraith
errant umbra
No π
boreal scarab
@naive violet
grim sparrowBOT
:hammer: _murpheus#0 has been banned.
errant umbra
Celebrating
What ya celebrating?
boreal scarab
<@214547132231843840> smh I'm at the pub
I sorry, I didn't know lol. Saw you were the most recent mod online chatting
naive violet
@errant umbra @boreal scarab Cert practical passed
polar wraith
Eh, if you need it you can Google it... Like, it's important but if you're using...
alr thanks a lot!!!!!
twin ridgeBOT
Gave +1 Rep to @errant umbra (current: #19 - 403)
boreal scarab
errant umbra
<@177529177707118592> <@214547132231843840> Cert practical passed
Aaaay, congrats
I'm just taking a break from redecorating π
naive violet
I'm just taking a break from redecorating π
Got DIY this weekend, shelves and such to put up
rapid merlin
Guys, How can I use exploit from exploitsdb, For example, I want to try this (vuln on a huawei router), How it does go?
rapid merlin
In spoons now
With the brickies
naive violet
Guys, How can I use exploit from exploitsdb, For example, I want to try this (vu...
Is a python file
rapid merlin
I copy the file into metasploit "exploits" folder, but the framework dosent read it, it seems that he read and run only the ruby files
naive violet
Who's router is it?
rapid merlin
Is a python file
yeah, i know, but what this mean, I have to run it normally!
blazing granite
the millon dollar question π
rapid merlin
Who's router is it?
My router of course
naive violet
Have a read of the file
Look to see if it's Python 2 or 3
Then run it
May need to edit IPs etc
rapid merlin
yeah, i read the file https://www.exploit-db.com/exploits/45991
naive violet
Python 2 btw
rapid merlin
Then run it
error
naive violet
Google the error.
Also explicitly write "python2" not "python"
"python" could be either.
rapid merlin
Ah, okay
rigid depot
or which python
rapid merlin
sick lance
Can normally tell by some syntax
naive violet
It's expecting an argument
You haven't given one
Read the code, read the usage, understand it
rigid depot
you're right, my bad
rapid merlin
It's expecting an argument
Oh, right π€¦ββοΈ
blazing granite
It's expecting an argument
like my ex π
naive violet
Smh
cosmic pendant
searchsploit -m, very under rated
rapid merlin
-m, --mirror [EDB-ID] Mirror (aka copies) an exploit to the current working directory
Did you read the documentation for that script you're trying to run @rapid merlin
rapid merlin
Did you read the documentation for that script you're trying to run <@4562265777...
I dont found documentation on exploitdb, I found a github page talk about this vuln, https://github.com/wilfred-wulbou/HG532d-RCE-Exploit
rapid merlin
I dont found documentation on exploitdb, I found a github page talk about this v...
If you don't have any of these software versions, it won't work anyway
And Exploit-DB does have some information on it
That's how I got that there^
rapid merlin
If you don't have any of these software versions, it won't work anyway
yeah, I have hg532e, but i dont know which version of the firmware, anyway i just try
rapid merlin
That's how I got that there^
Oh, i didnt see it
rapid merlin
yeah, I have hg532e, but i dont know which version of the firmware, anyway i jus...
That exploit you linked says it works on the hg532d
naive violet
And e
naive violet
First on that CPE list
rapid merlin
First on that CPE list
Yeah the repo was just specifically for the d routers
rapid merlin
Does it work? <@456226577798135808>
I 'am not good on python
sick lance
Would it not be a good idea to make sur eyour firmware is effective before trying?
What happens if you don't have the correct firmware?
you're just wasting time.
fluid ember
Please guys how true is this? Just want to know
rapid merlin
What happens if you don't have the correct firmware?
you're just wasting time.
Then I know that my firmware is not the mentioned firmware
odd crow
i am new to cybersecurity should i start with Digital Forensics?
is it recommended or sum?
fluid ember
i am new to cybersecurity should i start with Digital Forensics?
You need to start with the fundamentals first
odd crow
linux or windows?
wooden totem
I would say exploring all basics then deciding what to stick with
fluid ember
The Tryhackme has a beginner path which you have start with
fluid ember
yea i did it
Are you done with the beginner path?
fluid ember
Forensic is defensive right. I think you should start with defensive. Am not sure though because am still a learner. Am still in the pre security path
odd crow
is there a link to the beginner path with all things i need to start with
sick lance
Then I know that my firmware is not the mentioned firmware
Then your firmware might not be vulnerable to that.
Where do you want a job, effectively?
odd crow
thx
fluid ember
You are welcome
pallid lotus
Please guys how true is this? Just want to know
Very much so
simple valve
Please guys how true is this? Just want to know
very true
security is an addition to the existing IT, not something new entirely
if you have kubernetes, then you will have kubernetes security
if you have docker, you will have docker security
pallid lotus
There are plenty of courses / resources / etc which can teach you about vulnerabilities and techniques. I think the post exaggerates a little in how rare jobs off the back of those are -- they definitely exist -- although the post is right in saying true entry level jobs are rarer
rapid merlin
Then your firmware might not be vulnerable to that.
Then I change the firmware
But in any case, I do not have an option in the router settings that would allow me to change it
pallid lotus
BUT, learning about vulnerabilities and techniques is hollow if you don't understand what's actually happening. Running through a checklist isn't hacking.
simple valve
at that point you'll just sound like some preacher no one wants to listen to
fluid ember
There are plenty of courses / resources / etc which can teach you about vulnerab...
My brother is starting a career in cybersecurity and he is starting with the CCNA, I told him why not start with the Tryhackme. He insisted of starting with the CCNA. So I don't know if he is in the right path?
pallid lotus
at that point you'll just sound like some preacher no one wants to listen to
You know dev teams who want to listen to the cyber folks?
sick lance
Then I change the firmware
But in any case, I do not have an option in the route...
Start researching then π
pallid lotus
My brother is starting a career in cybersecurity and he is starting with the CCN...
Why choose between them?
If it were a choice between the two then I would honestly suggest CCNA for going into infrastructure testing because it gives you much stronger foundations upon which you can add security knowledge
wooden totem
My brother is starting a career in cybersecurity and he is starting with the CCN...
dont those cost a lot
pallid lotus
That said, there's zero reason not to do both of them in tandem π€·ββοΈ
Throw in some other learning resources (e.g., HTB, PortSwigger, blog posts & papers, etc) whilst you're at it
full swallow
Hey Muirland! I've read a bunch of your stuff and your walkthroughs have helped me out with a bunch of rooms, so I wanted to just stop by and say thank you!
fluid ember
dont those cost a lot
The CCNA?
pallid lotus
Hey Muirland! I've read a bunch of your stuff and your walkthroughs have helped ...
My pleasure! Glad they were of use π
simple valve
You know dev teams who want to listen to the cyber folks? <:kekw:658061932577816...
haha i dont have that much but i recently got a colleague of mine to add into their unit tests some of our common things to look out for (improper error handling, common injection type attacks, etc.) before they pass it for VAPT
fluid ember
Why choose between them?
If it were a choice between the two then I would honest...
So the CCNA will be better for him?
simple valve
i mean it should be like that but our security process & automation is still not good enough to handle that tyype of workload
pallid lotus
So the CCNA will be better for him?
The CCNA will give him a strong foundation in (traditional) networking principles.
That foundation will make him a much better infrastructure hacker than if he just dived straight into infrastructure security without doing the foundational stuff.
As I said, no reason at all not to do both π€·ββοΈ
fluid ember
Thank you
full swallow
Going off the current chat topic, what is a good pathway for certifications? I have completed quite a few learning paths on TryHackMe, and I am about 50% of the way through red teaming at the moment (with all of the basics and Jr Penetration Tester completed). I know of CompTIA with certifications like Sec+ and I have heard about some Cisco stuff, but what are the most important foundational ones I should get no matter what?
simple valve
Going off the current chat topic, what is a good pathway for certifications? I h...
Sec+ seems to be really popular for entry level security roles
better to check your local job market
get a feel for the stuff they look for
unless its CEH
pallid lotus
Np π
Important take aways are:
- The better you understand something, the better placed you are to attack it. Construction and deconstruction are two sides of the same coin. If you know how it fits together then you can take it apart.
- Don't put all your eggs in one basket training wise. No one teaches everything.
pallid lotus
get a feel for the stuff they look for
+1 to this. Much more important to get something that works for the jobs you're applying for than the general pathways
full swallow
get a feel for the stuff they look for
Gotcha. I really enjoy learning about this stuff, and I would like to be as well rounded as possible, but I don't know if shelling out thousands of dollars for every certification is the way to go...
pallid lotus
Unless it's CEH. Then move.
full swallow
+1 to this. Much more important to get something that works for the jobs you're ...
Awesome, thank you!
twin ridgeBOT
Gave +1 Rep to @pallid lotus (current: #9 - 744)
pallid lotus
Ideally you want companies to pay for expensive certs
The CompTIA ones are good because they're respected, give you a good baseline knowledge, and are cheap. Most other things above and beyond those are better to let an org pay for
... Says the guy who paid for most of his own
simple valve
you paid for your OffSec certs? 
full swallow
Good to know! As a baseline, I was thinking of taking Sec+ PenTest+ and Network+, should I add any others to this?
outer rivet
I am going to do network and security +
full swallow
CompTIA academic you get 37% off
Had a friend who told me about this, was fantastic!
outer rivet
pallid lotus
you paid for your OffSec certs? <:NotLikeThis:689847725969244171>
In all fairness, I paid for them before I got my first full time job in industry
But, uh, yes.
outer rivet
Anyone here did network + ?
rapid merlin
@sick lance @ember zenith @rapid merlin I try this code https://github.com/wilfred-wulbou/HG532d-RCE-Exploit/blob/master/hg532d_exploit.py
simple valve
In all fairness, I paid for them before I got my first full time job in industry
so i would guess, 2020-2021?
outer rivet
<@958383130102870026> <@831549546697195550> <@456226577798135808> I try this cod...
Python 3 ?
sick lance
<@958383130102870026> <@831549546697195550> <@456226577798135808> I try this cod...
I have no idea what the expected output is. Β―_(γ)_/Β―
shut hawk
I wonder what discord means by "organically"
(they're rolling out new ToS, Privacy policys etc for the 15th april)
outer rivet
Expected output is hello world
whole yew
I wonder what discord means by "organically"
Key statement in that bullet point is the second half, not the first.
sick lance
I wonder what discord means by "organically"
Don't use ai/spam bots.
pallid lotus
so i would guess, 2020-2021?
OSCP: 2020
CRTO: 2021
OSEP: 2021->2022
OSWE: 2022
OSWP: 2023
rapid merlin
Python 3 ?
I havepython 3, I think the code python 2 https://github.com/wilfred-wulbou/HG532d-RCE-Exploit/blob/master/hg532d_exploit.py
pallid lotus
Oh, speaking of which, @whole yew, meme though it may be, remind me, is there an OSWP role?
pallid lotus
Don't ask me then
Your pfp makes you hard to see smh
whole yew
Oh, speaking of which, <@447041536807403545>, meme though it may be, remind me, ...
i have no idea, i haven't checked in so long. did you get it?
pallid lotus
I've only been here for thr last 30 mins
Also, congrats on mod!
simple valve
OSCP: 2020
CRTO: 2021
OSEP: 2021->2022
OSWE: 2022
OSWP: 2023
good path , you think CRTO helped with OSEP ?
sick lance
Also, congrats on mod!
Thank you!
twin ridgeBOT
Gave +1 Rep to @pallid lotus (current: #9 - 745)
pallid lotus
i have no idea, i haven't checked in so long. did you get it?
Yeah, few months ago
pallid lotus
good path , you think CRTO helped with OSEP ?
I would say so, yes
shut hawk
Yeah, few months ago
congratz
whole yew
Yeah, few months ago
the addrole stuff has changed, i'll dig through the new docs to see if there's a new command for it
sick lance
OSWP is there
shut hawk
do you have to use a command or can you manually add it?
crude stump
pallid lotus
Forgot about that policy lmao
whole yew
the addrole stuff has changed, i'll dig through the new docs to see if there's a...
to clarify, i will do this when i can take a longer break from work. writing an assessment report, and i can take a couple minutes here and there, but really, trying to head-down get this deliverable done to handover friday
sick lance
to clarify, i will do this when i can take a longer break from work. writing an ...
I can do it in 5.
If that helps
whole yew
feel free
pallid lotus
Aw, I love the enthusiasm of a new mod. It's adorable 
π
whole yew
kek
crude stump
I wouldnβt take that scrubz
worn thorn
my company tries to force me into using microsoft authenticator... Jokes on them it's time to finally get a yubikey.
sick lance
Aw, I love the enthusiasm of a new mod. It's adorable <:blobheart:68962657947903...
Dm me proof π
pallid lotus
Dm me proof π
No. Check my profile in Offsec server
sick lance
No. Check my profile in Offsec server <:kekw:658061932577816606>
I'm not there π
pallid lotus
Oh god damnit now you're making me do stuff?
crude stump
Love the enthusiasm muiri
naive violet
Added @pallid lotus @sick lance
sick lance
Oh god damnit now you're making me do stuff?
Nah. I was serving dinner, I was just waiting until I had finished to add it.
shut hawk
missed your opportunity scrubz 
sick lance
missed your opportunity scrubz <:kekw:976547698293501952>
I know his first name, just need his surname
blazing granite
@sick lance not trial anymore congrats π₯³ π
sick lance
<@958383130102870026> not trial anymore congrats π₯³ π
Thank you.
twin ridgeBOT
Gave +1 Rep to @blazing granite (current: #120 - 52)
whole yew
sick lance
Added <@650476435269484549> <@958383130102870026>
Get back to celebrating! π
naive violet
I know his first name, just need his surname <:kekw:658061932577816606>
Smh I have both
naive violet
Get back to celebrating! π
I'm journeying
sick lance
No. Check my profile in Offsec server <:kekw:658061932577816606>
I was only in the offsec to talk to spooky, but he doesn't want to talk to me. π¦
sick lance
Smh I have both
You two are friends though π
pallid lotus
In fairness, he found it himself
naive violet
You're both Scottish! Common ground!
sick lance
I know what you both look like, Muiri first name.
My Osint needs work.
naive violet
In fairness, he found it himself
You patched that vuln though
shut hawk
I know what you both look like, Muiri first name.
My Osint needs work.
taken out of context this doesn't sound great lmao
sick lance
taken out of context this doesn't sound great lmao
I know, suspense, eh? π
sick lance
In fairness, he found it himself
Amazon ruin it for you? π
whole yew
my guess would be an un-redacted namecheap domain
molten sky
β€οΈβπ©Ή
sick lance
my guess would be an un-redacted namecheap domain
Another valid point.
naive violet
my guess would be an un-redacted namecheap domain
@pallid lotus has responsible disclosure passed?
polar wraith
"The S in IoT stands for security" whys this considered true even tho most iot devices tday are pretty secure
naive violet
"Most iot devices are pretty secure" why's that considered true?
sick lance
And where are the facts?
molten sky
"The S in IoT stands for security" whys this considered true even tho most iot d...
lmao
no
they aren't
polar wraith
i mean why not most of them (as ive seen) are built with security in mind
umbral bay
And where are the facts?
In the Facts folder that is encrypted with the Opinion key.
sick lance
In the Facts folder that is encrypted with the Opinion key.
That doesn't help π¦