job market blows right now

I've done CTF's for 8-9th graders

and we have a lot of 15 year olds at my CTF team

hey scrubz you are not in trial anymore

congratsman

you have been super helpful

What an*

You're welcome

This is the approach to take?

I started watching mr.robot at the same time I started learning cybersecurity. Didn't even know it was about the same topic

Thank you!

I just seen this.

Gave +1 Rep to @hazy flume (current: #2040 - 1)

Hey guys!! someone has a list of some nice rooms to pratice,I think I got too much teory now and sometimes I get stuck in easy rooms and It's usually for some silly things that I already knew but I didn't really have a chance to use it yet, so I want to focus on the pratice now more than never.

room search allows you to filter based on difficulty and/or room type (ctf or walkthrough)

https://tryhackme.com/r/hacktivities/search

This is usually how I find the rooms, I was thinking about like a top 10 rooms idk

But thanks

?

not just on thm but ok thakyouu

Only other thing I know is hack the box

https://www.vulnhub.com/ perhaps?

For sure that's a great resource, my point was to get kind of some personal favorite rooms that you guys know.

I think I expressed myself bad before, i kind of know how to lookup rooms

That's a bit of an annoying question 😅 the rooms some people like might be focused on certain specifics they're very interested in or so like.. there's a big range on vulnerable boxes and what type of vulnerabilities etc.

also skill level that probably wouldn't match

Yea that too

lol how is this a medium https://tryhackme.com/r/room/classicpasswd

I think most people only tend to do challenge rooms once.

hey! spoilers!

oops

wasnt thinking of that

You cant even spoil anything to me cus I have no idea what those terms are

but honestly what else would you do

What topics are you interested in?

You have a point, but I will see these rooms and depending on the topic I can research about the topic as usual

Brainpan is a good room and vulnhub machine.

old.. but good.

Do u have lifetime access to the humble bundle after the donation?

Exploiting web, linux or even windows is kind of fun, but I tried to not limit myself, aways fun to learn something, but usually focus o web or network

I enjoyed Eavesdropper a lot

afaik, pretty much as long as the site stays up

theres good challenge rooms in the offensive pentesting pathway

the beforementioned brainpan is in there too

i liked it alot too

The overpass series is also good

I will look into it

The boogeyman series for some Blueteaming

Too many good rooms to name. lol

Yess that ones I'm saving to when i go trough this path, I'm almost there

the recent "summit" room was fun

I thought tha was only one room

there's 3

1 easy, 1 medium, 1 hard

That's cool I'm gonna look up for sure

if you really want a web challenge

https://tryhackme.com/r/room/shaker

Saved

I was about to start with overpass, now that I know is 3 will be more fun as well

Thanks for the help, I have a lot to work with now s2

shaker is a hard challenge but oh so fun

blame hydragyrum for all your problems with it

I have a new phone.. I don't think I'm gonna install Facebook on it. 🤣

Finished the Advanced Static Analysis room. Now I need a lunch break.

Ew, facebook

Yeah.. that's why. lol

Looks like this will be the next rooms I do, as I keep going to do them and never do

Maybe the boogeyman keeps scaring me off

https://tenor.com/view/hello-dog-herro-hello-cute-dog-puppy-gif-10613522374700493247

watching stupid Rust videos on YT makes me want to play Rust...

spending time remove/deleting accounts using gdpr rules
well this is more annoying then shadow thought

I will try, we can't avoid the hard ones forever(we can but shouldn't)

'-' percent looks like it's never starting

I wasn't aware that discord now turns - into a bullet point

• test
• test 2

ello

world

hello

If everybody talks in markdown I'll declare spam 😄

https://tenor.com/view/spam-spam-intensifies-yum-gif-13948300

😄

Sorry Scrubz. I had to

😣

Now I'm gonna get the /b for spam. 🤣

tryhackme.com

Grrrr

Ah ha discord saves me

real

xcq, I no click on u.

YouTube link

I gotcha fam

Sounds like someone clicked

I had to but discord got my back

Never new discord did this

Tho

huh

That’s clever youtu.be

i wanna see whats on it icl

surely fun videos right

eh you should visit this site tho

https://admin.tryhackme.com

Oo

LMAO

Discord brought the video up lmao

imagine u clicked on a rick roll link and gets ads

Interesting how this works

Embed fail.

epic

Wait a minute

Is it working by creating a custom link and inside that link, it redirects you somewheres else?

yeah?

Ignore me just typing what I’m thinking

its just a redirection nothing complicated i guess

Might not be complicated but it’s still fascinating

loll

Worst rickroll attempt ever

if you put links in < > symbols it doesnt embed

also, got a bit more of a "theoretical" question ehm.. not exactly room related cause i already got the correct one but it did get me wondering
If a Firewall is hardware, doesnt that mean it also kinda works on Layer 1 OSI ? or am i misunderstanding that?

Nah, It's still layer 3 and 4.

Not the greatest of gifs/pics to post either.

Funny pic I remembered, although yeah might not be the place to share it

Newer firewalls can operate at layer 7 also.

Ah, guess i kinda misunderstood OSI then

back to CCNA

What exactly is Layer 1 then? outside of the actual cables

Still have to work on my OPNSense FW

what u can touch

Hubs and repeaters, also.

Just found this site that is littered with spear fishing ads anyone know how to report it

phishtank.org

Thanks

ohhh i think it just clicked
so firewall despite it being separate hardware at times - only works on things in layers 3 & 4 ; and the other layers are not directly managed by the firewall? (and then layer 7 for those fancy new ones )

I was probably just thinking to literal 😅

WAF

Movie or TV Show or Gaming

what should I do right now

Smell flowers

roll a dice

touch grass

dice have 2 sides

i dont like this new interface

I like that idea

spent 2 hours in a park babysitting nephews

6?

oh yea*

was thinking about a coin

Birds are drones

They were taught in the introduction to Networking on Tryhackme

dice is the plural, so I am confused 😕

1+3= game
2+5=movie
4+6=Tv show.

roll a die

ah, now i understand

weird word

taught in the school and 1 year at uni too

3,6

Dice is both singular and plural.

Wouldn’t it be called a die then

Di die however it’s spelled

congratulate me- my thm street creds finaly came in handy

Congratulations!

yup

Yeah

But die doesn’t sound right

DI?

IDK

Exactly, the Tryhackme course is just so coordinated

die is right

We're discssing between devops and sec about container security

I'm like "I wrote rooms about this"

Ight

we love it

Flip a die

flip a 3 headed coin

Roll a die

roll a coin

How would that work

if it lands on the edge

Wouldn’t it be like a pyramid

2 heads on one side, one on the other

eh imma play a game

pyramids are 4 sides

Oml

5

die a coin

I’m dumb

Lmao

Wat?

Yes your right

5 sides

tertrahedron has 4

Tarter sauce

You can get square(5) and pentagonal pyramids(6) also.

D3 die

What the heck

Where’s the other numbers?

1 and 3

looks like a next generation mouse

on the sides near the bottom

Bro got the arrows out lmao

another D3 die, but more funky

That looks cool

But what’s the point

roll a 3

rpgs

Why would you only want 1:3

that one looks less likely to land on the end

because

Hm

Uh huh

Very good

Yesss

d 2 also exists

a coin is technically d2

d 1

Damn those coins fancy

wait you can just have a D3 die by having 2 of the same number on 2 faces of the standard d6 die

no wait that is a fancy d4

have they made any for charlie yet?

ignore me

i think so

a marble is a d1

Help-me

better not post unknown links

Anyone here play DCS?

humans like to click those

I do, a10c2

@sick lance

read the text that comes with the task. they tell you a way to alter the url so that it takes you to a preview

Do you use TrackIR?

And nice

Yes, there are cheaper options I've heard but its kiinda required, just huge QoL thing

guys, you can relax it takes you to tryhackme.com

tis part of one of the rooms

Rswallen to the rescue

I just wanted to check before pulling the trigger is it worth it but that answers my question ty

Gave +1 Rep to @scenic bobcat (current: #698 - 5)

I thought so but eh just pinged scrubs anyways

I need to get my gpu, gladiator nxt evo, a throttle and trackIR so I can start playing

Just Incase Yk

Ofc, good luck and hope you have lots of flying fun

That's the plan ^_^

dont open my profile

Ohh i got the gladiator and omni throttle one cause i also play space games

They're great

you can check yourself. just ||put a + at the end of the url|| (atleast for tinyurl links)

Oo it got deleted

Oh nice, how long have you had the gladiator? I wanted to get a cheaper throttle to start off with like a thrustmaster

Wasn’t that part of pre security

it shouldve embed tryhackme

not if you surround a link with < >, or if the site doesn't have an embed available (?)

Only few weeks now but They're quite nice, customizable too

yh. I think they were just asking about the task in one of those rooms

Hope that find there answer somehow

yes

estou com dificuldade na sala

English only please.

gostaria de ajuda, pois mesmo obtendo o + não estou conseguindo

What's your favourite module?

#room-help

no, but I play MFS2020

https://www.logitechg.com/en-gb/products/space/extreme-3d-pro-joystick.html would recommend

the price is actually not that bad

Thank you however, I am avoiding buying a stick that doesn't have a spring gimbal for longevitiy purposes. That seems like you get a lot of bang for your buck though.

Gave +1 Rep to @shut hawk (current: #13 - 495)

A-10c ii
I havent really learned any others- dont forget you can trial them on the website if you use that and not steam

Boss

And yeah I was going to use the website as I heard they have better deals on there compared to steam

steam takes a cut

It was more so about the deals that dcs does on their website, they usually have an offer going on for aircraft or packs

Yea also big sales every few months like 50% off etc

Last one was 2 weeks back, when i picked up the a10

HMMM

https://tenor.com/view/so-bored-boring-cat-gif-25683602

I'm explaining container security to our infosec team. I feel this so hard

Hi Mouse. 🙂

AAAAND two gdpr delete all the info you have on shadow requests sent

nice

could have been 3 but shadow decided to keep their osu! account

hardly remembered shadow had one

Does Shadow always refer to Shadow in the third person?

yep

I forgot to do gdpr on some accounts I already "deleted".

assuming they still have your email on file they should still be able to comply to data deletion requests

even if they did I also yeeted my google account so it wouldn't really work.

AH yeah that would throw wrenchs into that part

yuup yuups

Don't you mean: Shadow says yuup yuups? lol

when no pronouns are needed shadow has a tendency to skip them

Yeah, I was about to say that you use them instead of "I"

the most weird to other people here is when shadow uses the group pronoun we

Yeah, I use "we" sometimes too, kinda messes with people

Yea. It was always fun when someone asks me and I reply as a group to them.

Zombie wonders in which context Shadow would require the word " We ' when refering to ones self in a conversation

habit I guess.

the royal we?

hi, can some one explain what this is? im in the room RedTeam Threat Intell. Are these ways techniques used? https://mitre-attack.github.io/attack-navigator//#layerURL=https%3A%2F%2Fattack.mitre.org%2Fgroups%2FG0008%2FG0008-enterprise-layer.json

kinda yes... but also the we as in a group of swedish people or as a group of people on here

FML..... Any VLAN edit I do on my Mikrotik knocks my entire TrueNAS server offline, even though it has 2 connections from the router

fruity magic lassos

1......... Fucking Satan
2.

https://tenor.com/view/community-ken-jeong-ben-chang-cant-see-small-gif-5154350

what du heck Jayy?? poor intermawebs connection?

Remind me that I can't have another creme egg today.. lol

you are allowed another creme egg today

Do any of you have a summary of CCNP?

yeah the pain :(

kinda funny that seq 1 returned before seq 0

Looks very painful. 😦

It's a mid-level networking certification tier with multiple exams in order to pass. Previously, the appropriate CCNA, the associate tier was a requirement to pursue it but no longer, though you should thoroughly understand how to perform all the techniques in the relevant CCNA tier.

Pretty solid summary lol

Riddle me why this isn't working......

IP is 192.168.54.2/28 on my TrueNAS eno2, VM is using eno2 as the NIC.
Router has a Guest VLAN 192.168.54.1/28 (13 clients), and 2.5g Port is in Access mode using the Guest VLAN Config

Why did they drop the req for CCNA to get CCNP??

cause the things you'll learn in CCNP doesn't relate to what you learn in CCNA, there's a lot of different ways of setting things up in CCNP that will actually fail your CCNA exam if you do them

https://tenor.com/view/lfg-kama-chameleons-lets-fucking-gif-25117697

My VM is finally on a VLAN again with no intranet access. I'm happy

VLAN 99? 😄

That sounds like

A Synthwave/Retrowave group

VLAN 99

Which I am totally cool with

How do the daily streak freezes work?

Do you only get the one or do they stack up

they stack but i think you only get 2

nvm you get 4 but thats after a certain number of days

it's not stackable

wait then if i hit 2 streak freeze milestones what happened to the other one

the old one will be overwritten

oh this whole time i thought they stacked💀

Does the certificates of completion from the learning paths give continue education credits?

have a read at the article, it picks up some of the typical questions in the bottom

no, sadly not, from my knowledge

oh yeah. they dont acumulate

wonderful

Dang, are they still worth taking it, for example the red teaming path is it worth taking that path? how good is it the module to attack active directory?

i think all the paths are worth taking

they each provide knowledge you might come across in the future

okay, I see different answers, some say that the paths have been accepted, some not, you can always try around, I find all the paths worth it cause the rooms are really good quality

Nice thank you both of you I will start taking the paths right away

sounds amazing

whats the easiest way to transfer a file from my pc to vmware

well, kali

Copy paste

install vmtools and drag and drop

the network room doesn't tell you why you would want to ping a network. if you getting the performanc, in what way would that help you knowing the ping.

knowing your connected?

actully i think im just blind. it does tell you why

dont bother gonzo

sorry

Ping is used to test if a host is reachable

Ah, no worries, there are a few good definitions online

so troubleshooting

that makes sense

GONZO

why you awake at this time?

Why not ?

understandable

I should be going soon, though. What are you up to?

just watching youtube tbh

I should be working on my room

you making a room?

why are you?

been for the last year

how close are you to finishing

I worked out and have too much energy now, plus suhoor is in under 2 hours, so it's too late to sleep before having to wake up

ah yeah

need bug fixing

ah

nasty bugs

yeah, especially since it's such a big bug that it doesn't make my room insane anymore

yk what would be a cool room idea. A room where the whole objective is to troubleshoot bugs

eh but at the same time i dont know anyone who enjoys fixing bugs

could be fun to work on, I have a few hours, imma go fix this

need to locate all my files though

try to drag then, once I dragged a folder to my vm and it just worked(kalli as well) using vmware

worked thanks

have fun with that

I also have to remember how it all works

man, my PC thinks something is running on port 80..

but as far as I can tell, there isn't..

it also can't obtain ownership information of the process that is keeping port 80 in a listening state.

are you doing a netstat -ano as admin?

netstat -a -b -x -p tcp.

windows host.

but yes

as admin?

it is coming from the System process.. I think there may be a rootkit.

Hacker! Virus! Malware! Ransomware! Spyware! Trojan! Worm! Keylogger! Backdoor! Cryptominer! Rootkit! Scareware! Botnet! Adware! Two Hackers!

hmmm. Why would a rootkit bother registering the port listening haha

oh yeah, fair.

😂

I need a detection system that would start a loud alarm and turn on the hazard lights in my irl room if it found anything suspicious

All that other stuff is the hard part lol

we have that at work

@cosmic pendant It starts with my PC of course. 🙂

I wonder if i broke something without realising.

do you have process hacker (you should)

yes.

then run that as admin and take look there

I'm literally sitting in the network tab rn

Btw after wasting alot of time on testing softwares, now i found the real issue.
I checked another VGA cable and it worked fine, the whole problem was with the VGA cable lol the one i bought yesterday didn't support hd graphics, will return that today to the shop

What browser are yall using

Firefox forever

right clicking doesn't show anything? . are you using vms/portfwarding/container stuff?

mix between firefox and chrome

nothing, I think it may be IIS running somehow.

There should be no question about that eh

i just looked at the threads of the process.

i think I know what it is now..

https://tenor.com/view/tell-me-more-michael-scott-the-office-steve-carell-gif-5407074

Think it's FOCA. 🙂

what's foca?

and why would it listen?

foca t of here

I just get pictures of seals when I search it

Fingerprinting orgs with collected archives.

shouldn't it have showed upa bit easier?

probablyyy.

i dunno why it was being a pita.

idk ports, why is that not in 443

cause it's running http and not https

443 is only for https?

it's the port assigned to the protocol yes

interesting

technically you can put anything on basically any of the 65 535 ports

yeah

but it is discouraged

it's just what's "assigned"

can anyone help me with Docker ?
i have one query

It's better to just ask the question first

but also take their name literally as well

i created a dockerfile and i have to run selenium webdriver
all python script is working properly but send_keys(Keys.ENTER) this is not working

i google it also but not found any solution

https://stackoverflow.com/questions/53824415/selenium-send-keyskeys-enter-not-working-but-but-showing-error

Maybe that will help?

Thanks but i already checked it my python script is running when i run outside i mean not in docker but when i run this script using docker not able to run it

Gave +1 Rep to @karmic furnace (current: #172 - 36)

and when i remove this code then i'm able to run my docker also

Has confetti been removed when completing rooms?

I just finished a room and didn't get any confetti. Losing confetti would be a major downgrade

https://tenor.com/view/confetti-style-gif-19616552

Every time you complete a room, you have to jump onto Discord, and post this GIF in chat, so we can celebrate.

there you go

discord effects

this setup is soooo tedious

anyways time for shadow to go slepe slopo to the beepity boopity beep boop while meep moop for sleep sloop

finally got it to work

I just wish the confetti didn't make it impossible to click anything until it finishes

I dont get this, shouldn't important be not readable to the tryhackme user

seems like all groups can read(r)

if you look at the 3rd set of rwx, you can see that r is there, meaning that everyone can read it

ohhh, the third means all

the sets are
Owner rw (read,write)
Group r (read)
Others r (read)

meaning that owner can read and write to the file, users of the group "user2" can read the file and others not in the group or the owner can read the file

holy shit i just got my first dom based xss bug bounty! 2 sinks vulnerable on 1 page

Aw man

Nice

Good point lol

im so excited, ive put about 10 hours in on 4 or 5 different sites today just trying to get one

and i scored a 2 in one :D

aces how do u do

Very good

Wby vip

getting so close to finish my room already

gotta love late night sessions

are you free tomorrow?

it's holidays

but no

yeah

oh

I got work at 16:30

gl

ah okay, not too bad

16:30 till 2300

nm

Would anyone that's dealt with bug bounty writeups mind reading over my report? (target information is redacted)

I’m available rn

But you could probably post it here too if its redacted

or under #bug-bounty

Was just about to paste it in, I’ll take it there if you wouldn’t mind following :D

Sure

oh yes i just hacked my home wifi

can somebody help me

with what

lemme dm it to u cuz i dont have image perms

please don't

to late

I am sooo freaking dumb

I just deleted all the files I needed for my room

am I just remembering wrong, or did people used to host CTFs that would give out exam vouchers and stuff for like comptia and offsec? because I ltierally CANNOT find anything like that anymore

oh well, room is done, might not need the files, but we'll see

and this peeps is why you don't do stuff when you haven't slept in forever

..

When approaching CTF's are you guys exploiting documented vulnerabilities or are you finding undocumented vulnerabilities?

documented vulns

doubt you would make a CTF on tryhackme with a 0day

so what stops a site from patching 100% of known vulns

then all of you are out of jobs

how would they find said vulns

😛

and CTFs is not real life

just hire someone to patch them all

fire him

easy

what if you don't know where to look even though they are still documented

and who should document them?

just because you have a vulnerable software installed doesn't mean you're at risk too

exploiting known vulns sounds like a real script kiddie thing tbf

real hackers to me is discovering vulns

Get the CCNA first before going for the CCNP

real hackers still use known vulns to exploit systems, that's seen in multiple places

ok but that only gets you so far

yeah, but if it still gives you domain admin, then what's wrong with that?

what if ur pen testing a secure site that knows their shit, has every known vuln patched, there is no point hiring a script kiddie cyber security professional that is just gonna try run loads of old vulns against ur site

@chilly veldt are you studying for the CCNP?

Oh god he's back and saying the same things

is there a link to script kiddies and anime

why is everyone here have anime pfps

Dunno, not a script kiddie tho

"Sir, we just got hacked by someone with a anime pfp"

a pentester would check which versions of the software that the company is running and would test known vulns for that version even while looking deeper into the systems to see misconfigurations

yup

ok and why can't you just automate that and then no need for cyber security people

Wow that's awesome. Congratulations in advance if you are taking the exam in future🙂

cause said automation is the thing that creates the misconfigurations and vulnerabilities 😛

no I mean automate finding misconfigurations and vulns

I will not be, but my school is what is teaching it

not hard to write a script that checks versions

and who would teach said automation to do that?

yourself

google

Wow your school is awesome teaching you that

and then what if you/the script is wrong

then ur an idiot

more like a human

automation is more reliable in that sense

nope

if humans make mistakes

yes

automation makes greater mistakes

Pretty sure he's just trolling tho

wtf is a she/them pronoun

okay, now I will draw the line @sick lance

He started this yesterday too

draw the line because I asked what a she/them pronoun is

grow a pair

maybe research 😄

sorry, i try and keep my brain clean of brain rot fantasy

maybe that's why you're ignorant to actual opinions and facts

Just block him Bella, its a troll

im ignorant to idiocy

just keeping it real

Yeah

No.

Yeah indeed

speak ur mind

XD

If you're not going to be civil and polite to other people's pronouns you can leave.

So what is the thought process whereby you decide to choose "she/they pronouns"

No, I'm trying to understand

"Hi, why is your pronouns she/them"

"Wtf is a she/them pronoun"

Which one sounds better?

bottom one is a more realistic reaction

top one is a more politically correct reaction

sorry just trying to be authentic and diverse

can you explain tho cuz im genuinely curious

Oh I believe you're being authentic, but for the wrong reasons.

This server is a professional environment, we don't take too kindly to trolls etc.

Would you have phrased that question in that way to an employee?

if an employee used she/they pronouns i'd fire them for poor work performance

guy has time to fantasise about pronouns but no time to fantasise about work

disgusting behaviour

Bella isn't a guy though.

im talking in general

So you'd discriminate against she/them?

they are discriminating against themselves

self-sabotage

cause I at times express and feel myself more outside of the gender roles and traditions put upon humans for neither feminine or male perspective and therefore does not conform with the standards and feel myself unable to call myself with the she/her pronouns at times but feel rather more comfortable with the they/them pronouns of a singular gender neutral 3rd person pronoun, but for other times feel comfortable in the gender traditions put upon the feminine gender and therefore also go by she/her pronouns

good luck with that lawsuit

it's like becoming a pedophile, they do it because of their fantasise but they know if they get caught it will ruin their life but they do it anyways

... that's nothing alike

okay well

i will stop discussing now

i dont want to hurt someones feelings over pronouns

:hammer: yorkshireunit#0 has been banned.

No time for that.

also I have outperformed multiple straight white males in all the job opportunities I have had in all the fields I have worked in, and has ranked number 1 in terms of all genders for my country in forensics

sorry scrubz, kinda hit a nerve there 😄

imma go to sleep when my room has uploaded to thm

🫂

I just hit block when i get the feeling they're leaning towards being a troll.. usually turns out correct 😅

I choose to educate, usually works, sometimes it doesn't

Not at all, I knew they hit a nerve, they showed their true colours with the "fire for poor work performance" and declared "self-sabatoge"

Ah, haven't had much luck with that online 😕

In this day and age I refuse to believe nobody knows what pronouns are in the professional environment, especially cyber.

I still like the way I professionally told them about my pronouns, felt really nice

Fr tho, literally any tech discord I'm in has it, especially the rust discord

rust is also a big exception

😛

Anyway finally got through all the fundamentals today
So now I'll actually be able to go through more interesting stuffs~ although a lot is also stuff I've already seen

Holidays - another great day to study the whole day

why is this so slow at uploadiiiiing

how do i start from absolute basics?

learn computer networking

if it makes u feel better, buddy hoped onto another server I am in and tried to play victim LOL

Dunno, btw anyone use VMs on Windows11 here? Wondering if there's any that dont feel so... slugish?

Learn what is a computer

lul

#878393611929129000 see pinned

Should be a good start?

thanks

Gave +1 Rep to @scenic bobcat (current: #614 - 6)

Good afternoon legends

I do and they are quite alright for me

Trick is to give them all your resources 🥲

Which player do you use?

VMware

okay, this is taking too long, goodnight

Ah, same idk why my Kali feels slow on it tho

Good night

it's 7 am and I am finally going to bed 🥱

Like 4 processors, 8gb ram, is that not enough? Lol

I never tried kali on it, though if you don't really care about GUI, you could try WSL

Might perform better, thats what I often do

I like gui tho

Windows is greedy with its processors, I have noticed it does not want to use it properly at all

Did some benchmarking, linux did it immediately, windows took its sweet time

Mhm i mean my cpu is decently beefy . Guess I'll try giving more tomorrow

Was also thinking of testing it on that Hyper-V thing windows gives

Anyway i should get some zzz's good night 😴

anyone done the new box request smuggling websocket?

What do you need these VMs for?

WARNING: Failed to daemonise. This is quite common and not fatal. Connection refused (111)\

anybody help ?

#room-help please.

VMs add a layer of virtualization, which adds a layer of sucurity. Not only that, but for those who haven't bought a subscrition to THM, VMs allow unlimited access to any free rooms vs only being able to the attackbox once a day for only one hour a day.

That "hyper-v thing" stands for HyperVisor. All VMs are hypervisors.

All VMs are hypervisors. - A hypervisor is the software that allows you to run VMs. A VM is a Virtual Machine, the machine that is running.

I broke it down in laments terms, I wasn't going to describe the entire thing from the ground up. I did it in a way she understood

You have to be really careful when you do that

Because it can lead to inaccuracies like you made

Important ones that can leave people with an incorrect understanding

Is there anyway to regenerate the certification since I want to put it on linkedin and I just change the username to my real name

If anyone is interested, there is a ctf getting ready to start. It doesn't say what first place is, but second place gets 1 bitcoin: https://ctf.cursedc.tf/

That'd be insane if it was one full bitcoin, that's a $68,000 prize at minimum.

Oh no

Not cursedctf

That's not a good CTF to recommend to people ngl

First I heard of it, what's wrong with it?

It's a CTF designed to be as cursed as possible, implementing as many memes around organizing a CTF as they can

Better off waiting a week for midnight sun qualifiers, that is a proper good ctf

Or better, two weeks for plaid

So, it's designed to be overly complicated or something?

Overly complicated, sometimes even intentionally broken

On last year's teaser the sanity check was a giant "password game" that included making your password be valid shell code in multiple architectures and there was nothing behind the sanity check afterward

Wait no that was for registering

Sanity check included playing a game of mindustry

so this sanity check so far has been:
mindustry factory challenge -> idk -> rce in webserver with python that calls js on a risc-v vm -> building a kernel module that does a hypercall -> hypercall triggers a python repl somehow?

Found it

oh it's szy, hi

Hello

No, you can't change between names if you're generating the same cert.

Interesting...

Someone got their account hacked

Hi guys.

little do they know that top 11% is meaningless 😉

1 illegal purchase please!

you do realize that scrubz is 1) a mod, and 2) selling accounts is against the ToS and will get you banned

✋🤚 fr fr (I'm bout to become rich quick)

@wooden totem please don't feed the trolls

It's funny

yeah but nah

It makes it harder to moderate at times.

It's funny being on THIS side of that...

are you absolutely sure that you wish to go through with this?

:hammer: partakshgupta_91150#0 has been banned.

if a hacker level account with top 11% could get you any money, how much could i get for bug hunter top 1%

eh, fine, was hoping they'd confirm a few things first

At least tree fidy

aight

I don’t know what’s worse, someone selling a top 11% account or someone buying one

both

lol, didn't seem like himself though. There was a phishing link floating around other servers today about a $50 gift cardfor steam or something like that

Happens more than you think

People can be stupid when it comes to free stuff.

Free money! 💸 Sign me up

I like checking those links to see how deep they go

Still waiting for a high quality scam, they are never well put together

there are high quality scams, it's called lotteries

and casinos

its called taxes

We have different definitions of high quality

well, they can suck life savings out of people so

i guess they work

taxes too

limited time

40d.

What is it

Valorant shop items for Discord

does anyone know of any binary exploitation and rev engineering courses?

Open Security Training

and pwn.college

ill check them out, thanks!

https://0xinfection.github.io/reversing/pages/part-1-goals.html
https://pwn.college/
https://guyinatuxedo.github.io/

first one looks really good

also isnt pwn.college just challenges?

Ew

https://tryhackme.com/module/malware-analysis

They have slides and videos too

looks good

ah

alr thanks drgonz!!

IKR!

Expensive little area of pixels.

😬

16£ for that?

Yeah! Wonder who pays it.

Not seen any in here.

people with more money than sense

I feel the same way about Nitro ^^

I got Nitro when I streamed to my class and for bigger upload sizes.

Yeah I did it for the bigger upload sizes when I was uploading files

I got it free

for 1 month

Overprice $15 is so@much

https://crackmes.one

This challenges btw

3k

i still have it for bigger upload sizes and stream quality

Wait you are top

still have the old pl regional pricing for half off basically

Player

?

I mean in ranking

For hack the box

i was yeah

Damn nice 👍 I wan be like you

good luck

Thanks 🙏

Gave +1 Rep to @umbral kiln (current: #47 - 154)

shit i still have rep here

lool

It all stays, lol.

Robocop never forgets 😉

everything stays except the gang

Frrr

gang changes and moves on, some come back

the gang is still there

just not here

Gang grew up

p much

Bring them back!

That's effort though

#room-help please.

Maybe if you saty, they'll return.

Doubt it though.

Doubt

You changed name

Hi buy hunter

Finally

I finally fixed that stupid bug in my room

When is it being released?

just published my blog

gitbook ez pz

Mind if I read it

Hello

Thank you

Gave +1 Rep to @uneven mulch (current: #2040 - 1)

Oop

when the rest of the issues also are fixed

https://mknukn.gitbook.io/infosec-blog/

not much inside it rn

I like it

I prefer tunnels to proxies

boooooooooooooooooooooooooooooooooooooooo

how did you got that role?

By finding bugs in thm ages ago

you THM profile also has the Bug Hunter Role?

Yes

what about the Red_Teamer Role?

That was part of an event

Where when you complete rooms you would get stickers

wsp

You were pretty much guaranteed the red teamer role but now it's not available

It does not signify you're a red teamer though

oh Hi Blackout it's me simon, how you doing today

well I wanted to have that role. what about CyberSec Warrior

Really good!! Was wonderin about the OSCP exam & how it’s conducted & stuff…the review gave me great insights…thanks for sharing!

You change your name too much

Can barely keep up

That was one of the older ticket evetns iirc

hey man im top 1% in thm that makes me a real hacker

Sec Engineer path event

You crush my dreams.

how to get green card

Eh?

understood

green card

i need green card

only way i can play thm

Nah, only for this server I'm Jason Todd

give me green card so i can play thm

🤣

A... subscription?

no a green card

Is that a question or an order?

(but that would be appriciated)

a question

Why do you need a green card?

then no 🙂

uhh its a question

now help

plz

that would give the role or not?

so i can be a true eagle

rahhh

what the shit is a kilometer

this is bad, why is my stuff not working

Now you're trolling.

I'm not from west

🦅 🦅

works on my Machine tho

Nope, it's only available during the event, if you collect 3 tickets and redeem them. There might be other events in the future 🙂

yeah, but in all seriousness how to get green card

Probably apply.

That doesn't need to obtained to learn on THM though.

We don't give in to demands either, so please be respectable of staff.

well I got only 1 ticket or all but never claimed them

TryHackMe isn't even an american company