#general

just sick of it

#site-support will be the better channel.

Hello

Good afternoon.

hello jabba

Yummy

#site-support

is that beans

🤮

Who hurt you?

sorry

it is

and thank you

beans ahhhhh

that's what they want, for you to be afraid, when people are in that state don't think clearly and they're more likely to do things like wouldn't do in a normal settings like give away some info or send some money without even think about it, classic social engineering technique

Mmm beans

oh it was what they made me tho

i was in feeling to do something

@sick lance do u use a custom os ?

not the beans🥲

Windows as my host, I have various VM's

Beanz Meanz 😉

We should start adding Heinz Beans to most things

i was asking about the android

This is the start of my petition

My android is stock.

whyyyyyyyyyyyyy

for the 7th time already block the number and move the fricking on 😂

new phone ig

Because I like to have my phone as a phone.

u should try other roms too bro its fun

Awareness helps prevention ✨

they try to leverage off anything they can find. Your emotions

Nah, I have other devices for that sort of thing.

Oh cool

My mobile is my mobile, it's only used for texts and calls.

I use arrow os personally it's soo good

on what hardware?

i did it thank you for helping me out

Gave +1 Rep to @blazing granite (current: #115 - 54)

Thank you ace for your help i blocked them

any time 🙂

perfect

nah but scammers are the worst

like mosquitos

8gb ram snapdragon Qualcomm Snapdragon 860 overclocked, 128gb storage 4.5k mah battery

I'm trying to do File Upload Vulernabilities on PortSwigger's web security academy but I'm having trouble getting Exiftool to work

Ask in #room-help channel

Agreed , I really want to join this field to catch them

hell yeah

legally tho

Yeah

thats what im talkin about

Will join scambaiter 😮‍💨

freakin love that channel

especially uh whats his name

jim browning

thats it

Jim browning , John Hammond,overflow and so on@crude stump

i like your pfp btw

noticed its a ace of spades

thanks

Gave +1 Rep to @crude stump (current: #149 - 44)

gdm3 or lightgdm what u say ?

lightdm all the way

stick wtih gdm if you only use gnome

yeah gonna use gnome but is gdm heavy af ?

An IT person doing very heavy lifting at a construction site, unheard of!

hello , how do i fix this vpn problem

They had no baby redbull cans

#site-support

It’s so big

That's what she said 😂😂

You haven't experienced with one of these

wth

a top?

never seen that before

atleast in the states

these aren't actually made by redbull right? 😭

you don't have to, experience there stunts

No idea if they're actually made by them

now these were it back when I was 13

Yep, those were the best

We actually had them banned in my primary school

why?

Not really for kids

We had chocolate and crisps at our primary

yea they work on their stunts more then there drinks 😄 .

I've always wanted to go to a rebull soapbox

💀

Their drinks sell themselves tbf

Red bull sponsor Hyrox and OCR.

They hand them out for free at all the events.

ofc

And you call yourself a friend, how am I only now hearing of this?

I've mentioned this before...

I wish they work on their drinks more then stunts. 😄

Did I react the same way? 🤣

And you call yourself a friend Jabba, not even listening to what Scrubz has said

I didn't tbh

😊

I need a third monitor for Discord ughhhhhhhhhhh

does Britain have regulations on what goes inside energy drinks?

Pretty much! Haha

Yeah!

You do.

https://www.britishsoftdrinks.com/write/MediaUploads/Energy Drinks/Energy_Drinks_Code_of_Practice_August_2018.pdf

There's limits on caffeine and sugar content, but that's with everything

We have strict rules and food regulations

wow in the us the fda doesnt even regulate energy drinks so they can put what ever they want and we wont know

Exactly lol

which literally makes no sense

I've tried 'candy' from America and it tastes so bad

red 40 and all the other colors are in everything

like a literal red sauce prolly had red 40 in it

its so bad

When USA had the Wild Cherry flavoured Pepsi...

you can still buy that

Not here you can't.

its online tho

Without paying stupid price for postage

thats true

They have wild cherry pepsi at my local old sweet shop

Can get an almost 2 Out of Date can for £0.60.

out of date lmao

who wants out of date pepsi

me

i want it all

hm

well there you have it

"American" shops near me only really do the multiple flavours of Fanta.

I like water.

https://tenor.com/bE28f.gif

i never liked fanta

i never really liked soda in general

i love sweet tea tho

which prolly isnt good either but

better then chemicals am i right

I don't drink all that, if I have to drink a non-alcoholic beverage just give me water, or natural juice otherwise I'm ok with wine, whisky, cocktails, etc

Always drink a glass of water after a soft drink 😊

Why

soda is diuretic which causes dehydration

I drink around 4 litres of water a day.

my body can't process those drinks, I can drink a bottle of wine with no issue, I have one glass of those soft drinks and I have a headache bigger than if I had drunken 2 bottles of whisky 😂 my body is weird that way

Whaa

Is that normal?

For myself, yes.

imagine not being one of the the most obese countries... couldn't be us

UK Stuff tastes weird too lol

alot of it is what your used to

I have no idea what this means

Mhm, some American food tastes really good but your candy contains a lot of stuff that ours doesn't.
What I didn't include in that sentence is I've tried 'candy' we have here from America.

Yeah, alot of flavorings/chemicals banned in the EU/UK are in US stuff

The amount of corn in everything lol

I'm not really big on food tbf, I am very picky.

mood, sam e

Gut ecosystems are really interesting in that food from different countries can reek havoc on your body.
Your body just doesn't have the bacteria for it

@hot cairn

What'll really kill you - tap water from other countries*

👀

if i accidently drink EU tap water im dead

I agree, drink it from a mountain.

Mt Fiji

Evian best water

Council pop >>>>

Damn that's rough

i like how i get super stressed and then i watch tv

instead of finishing 😌

So in your opinion im dead?

how can i find the best kali linux mirror list for my country ?

Gotta get that good Flint Michigan water

(This is a joke, don't drink that water)

Why dont use http.kali.org and the other default

THEY ARE SLOW

They choose the ones that are the closest to you

The first place a computer looks to find the registered IP address of a domain is its data? What is the answer to the question? Local cache does not accept

Maybe ur searching for this? https://http.kali.org/README?mirrorstats

Is this a TryHackMe room? 🙂

got it

Read the text just above the question

i hv just 8 months remaining for my exam omg time just flew

@wild estuary Please do not post answers.

James, my teammate while playing a ctf

They already solved it

#general message

oh i see

@naive violet You always got me beat

trying to find this but i guess they closed the website any help ??

I've been here since Oct 2019 tho

https://http.kali.org/README?mirrorlist

bruh

Yup 🤣 it's good to be humbled though

i guess i will just go to sleep

@sand trench @chilly veldt https://youtube.com/shorts/eECEoheaYHU?si=N_pAv6OTqjpZR8Hs

Y'all seen this?

Matt did you see my new radio?

No I have not

Hacked to run from 70mhz to 6ghz

Plus dual tx rx

shadow wants a radio that runs in 20hz to 20khz

Why is this angled?

Oh damn

Best signal path

Ahhh

Spyverter and active loop antenna up high, then an RTLSDR if you want

shadow meant it as a joke as those are the frequencies a human ear can hear

Alternatively, airspy HF is good

There's some radio there too actually

VLF and ELF

With that setup you could probably find numbers stations 👀

I want fancy SDR equipment

When connecting to a webserver the company can identify you with a header you provide
Bug-Bounty: <username/ID>

But when you perform other scans such as auxiliary/scanner/http/website_crawler, does the company still identify you though the initial header you sent?

Or do you have to send that header in every single request?

I'm not sure if you can modify headers send by the website crawler on metasploit.

Yes you need to do this for every request

Put it through Burp with modification rules

Got it, thanks. I'll see if there's a way to modify the website crawler headers too.

Gave +1 Rep to @naive violet (current: #2 - 2117)

Just point the crawler through Burp as a proxy

Niceee SDR clannnn!!!

Some of my buttons fell off but I’ll fix that later🤣

oh, there's a new polls channel now 👀

it was a bash at the US food regulations

I couldn't tell if you were bashing the US or the UK lmfao

AYYY PORTAPACK FRIEND

no, yall are healthier by far

now the choice of food...

Beans on toast, yum 👍🏻

shoot

Questionable... have you seen Greggs?

i didn't see the body

I have not...

That looks hella cool

been looking forward to sun so I can start cooking meats outside

much easier than on my stove

damn...

It looks like a face lol

Mayhem edition H2 has some cool points for sure. It also has Pac-Man lol

I need to find somewhere for my charcoal grill

i'm trying to eat more whole fresh foods. Lower my carb count too

train my body to burn fats for energy instead of carbs

Asparagus, wrap it in parma ham, on the grate

ooo, interesting

Goddam I love asparagus

did an egg and sausage scramble this morning

italian sausage

Are yall already getting in summer mood? 🙂

as much as I can

no beans?
gotta have beans with soss and egg. its the law or something

it'll probably be 10F again next week

What am I looking at-

what?

beans

It is the first day above 20C here 🙂

for breakfast?

glorified gameboy :)

hell yea! baked beans, tomato, egg, sausage, bacon, hash browns

i just made you a english breakfast

inb4 "where is mushroom" gang

ofc. with bit of horseradish mixed too

more concerned about the lack of black pudding

https://tenor.com/view/what-ill-the-puke-sick-gif-20637274

well that is projectile vomiting

next you'll say you don't like haggis either

dunno about haggis

can't really get it here in sweden

that sucks. atleast you have surstromming.

surströmming is not a good comparison

the smell is hard to get rid of and therefor not looked good upon if you open it in a town like shadow

open it in underwater

yes know that... it does not help enough to be considered acceptable

shadow will stick with mackarel in tomato sauce or anchovies or lye fish

mackarel is tasty. also good in curry or mustard sauce

time for jalapeno cheese crisps

i'd rather mushrooms

sup

Hi everyone

someone can tell me how can i install or access the "hunter.is"

What is it

I cant find anything about it

ia website like OSINT Industries

I get domain undefined

When i visit

Hello, Do I need premium membership to complete SOC Level 1 Learning Path ?

to complete yes. can start tho

Thank you

Gave +1 Rep to @jaunty prairie (current: #2050 - 1)

https://tenor.com/bRF3p.gif

waybackmachine doesn't even have anything, but 1984 references

resolves even to 1984 references LOL

milford.shared.1984.is

@rapid merlin do u use nimscan? 👀

I use RustScan, but working on NimScan, not A Port scanner but something else.

oooh neat

i think i contributed to https://github.com/elddy/NimScan once upon a time

I just have the name.

😄

I might name it NimReport, cz it gonna take all the info for your pentest report and generate a PDF.

now this is cool!!!

i like nim as a lang

I'm learning C, and Nim.

hardcore

my plan after that is to learn Zig.

Bee are you a software engineer

Oh you are the Creator of RustScan, NICE TO MEET YOU.

Kinda??? I do cyber security / infrastructure and i make open source stuff on the side

Yes yes!! That's why I asked 😄

yea, once Blackout told me about you, didn't knew about your username. 😄

my frnd who is a Red Team, advice me to learn it. so yea.

🫡 Glad to hear that, @near hawk is super cool!!!

He is super nice person, we hang out in owlsec VCs.

what you think of my Idea, NimReport.

whats owlsec?

i think there's a lot of reporting software out there already, but that doesn't mean you can't make somethign better. And Nim is a great language, you will gain a lot of skills from it

I am not a pentester, so I actually do not know much about reports!

Just another Community on Discord. Owner is @dire nova.
with cool ppls like Blackout, 0day and many other.

Awesome, my poitn is just learning.

Just wondering because you made a lot of tools

I must have something set up wrong.
Burpsuite header setting:
Proxy Settings -> Match and Replace Rules->X-Bug-Bounty: <username>

Metasploit proxy setting:
use auxiliary/scanner/http/crawler
setg Proxies HTTP:127.0.0.1:8080

However, I do not see the requests made by metasploit appearing in HTTP History on Burpsuite.

Am I missing a setting in Metasploit where I have to tell it to use the proxies parameter?

What are you doing, exactly?

Trying to use the Metasploit website crawler, but having it run though burpsuite so all my requests contain the X-Bug-Bounty header for identification.

so funny because i know all those people v/ well and i have never heard of it

anyway i joined 😛

Nice

blweep blwoop bleep bloop meepe moppo meep moop

Sleepy sloop?

https://tenor.com/view/meep-morp-zeep-robot-captain-engage-jake-peralta-jake-peralta-gif-16242963

not yet

shadow is just bored so making random noises

Anyone here using nuclei? looking for any decent community templates

👀

Hey, newb here. Not sure if this is the correct channel, but I am just getting started from basically 0. I am looking for book recommendations on the basic coding languages to learn/skills to learn in addition to tryhackme. Would be great if someone could help me out and narrow it down, thanks in advance (:

For book recommendations #bookclub is great and because your just starting out #start-here will help you get started. Another thing is shadow made a very good path guide #general message

Thank you alot!

Gave +1 Rep to @crude stump (current: #148 - 45)

I think this is worthy of a pin 😉

anyone able to recommend some good content on graphql? did the portswigger WSA course, but feel cause I don't know graphql very well I am not getting it.

Thank you ❤️, not as cool as you tho

Gave +1 Rep to @boreal gull (current: #72 - 84)

if you just want programming books that are not directly related to hacking packtpub has a lot.... and their subscription thingy lets you read them in your browser decently easy.... not sure of the price anymore though

Thanks, just checked it out! 15.99/Month and a Free Daily E-Book

Gave +1 Rep to @sand trench (current: #4 - 1690)

True.

you both are super cool

Sheesh 16 bucks? For what

A paper copy?

Nah, it is a subscription to get access to their library for "7,000+ expert-authored eBooks and video courses on new and emerging tech" haha

Dang

Alright that’s a better deal lol

And they even got a 7 day trial, def. gonna do that

Idk if y’all ever heard of the librem 5 but it’s a pretty cool phone

Never heard of it, looks sick. Do you own one?

@tawny widget Also Udemy does a few times a year sales where you can get course for a few dollars. I don't really have any names to recommend but you can check the reviews there

No but it’s very cool

Sometimes it helps to do a video course supplement by a book

Has Linux built into it and also kill switches

Oh thats neat, thank you! Yeah I´m currently taking the CS50 on youtube, so books would be great in addition to that

Gave +1 Rep to @blazing granite (current: #111 - 56)

I have never played a KOTH before. And I am about to enter into my first one in about 2 minutes.

A bit nervous here. But excited! No freaking clue what I am doing. Just having some fun! LOL

Good luck

Thank you.

Thats the spirit. get in there, get your hands dirty and either win or loose you learn.

Learn today! LOL

So, there are many ways to hack into the server and then you might want to lock king.txt with chattr after putting your username

but some systems dont have a built in chattr, so you might need to build your own

i havnt played all week, I been going over this port swigger web sec academy. I should hop in on a few

I just played it a few times

peaked at your profile. I see it says security researcher. Hobby or career? If you don't mind my asking.

he is my buddy, he does RE stuff.

Just a Student like me.

Currently hobby, might escalate to career as well

Waiting for that.

what does that mean? is it just another word for threat hunting? or is it like sitting back and reading the NIST framework and other large documents for fun

im not bashing NIST either. I love NIST, but Im the kinda guy that waits for a video to break it all down lol

Nah lol, it's just a term used to describe a person who identifies vulnerabilities and analyses them. And sometimes it is used interchangeably with malware analyst

malware is spooky

I did the malware courses over on letsdefend.io (100% blue teaming site) it was reallly fun

By my own definiton, a person who does researches on new security incidents and analyses them

It is mostly ransomwares

Currently xz library is trend

But cool to look at and analyze

Scary stuff tho

still malware research is done at decent risk to your systems

I set up a isolated windows 10 machine and everything it’s just I’m so scared

I gave myself wanacry in a vm...just kinda out of curiosity....I would cry if that hit us in production lol

Never did anything yet

still probably mroe of a topic for the advanced channel

Wannacry is an interesting incident

Ah keep forgetting

sorry you can not interact in there as the level bug exists

¯_(ツ)_/¯

Ikr

not shadows place to yell or warn people... that is scrubz job now

What a rude name for it

I mean, we are not talking about how they work.

Just the incident

evil lies in every man
will you try and understand this

Why only men lol

blame the song lyrics of orden ogan ¯_(ツ)_/¯

2024 you gotta include the other 1000

Eh man can be both woman and men

Hu-man

Ok guys, we are the issue once again

:p

By the mentioning of Orden Ogan you instantly made the refrain from gunman play in my head

the chorus???

Or chorus, yes haha

yeah buying all of their so far released cd:s was definitely worth the investment

https://tenor.com/view/city-watch-dogs-gif-7830475

so fellas and ladies. I have a question, that I think is cool for general. Who is your mentor/role model in the cyber world? I have always loved mitnick...but, now I lean towards Gerald Auger, John Hammond and Jason Haddix. Looking for other people top add to the ol youtube subs

0day

For me its PirateSoftware/Thor, but well, I am fairly new to the game

Thanks

Gave +1 Rep to @gritty fern (current: #2050 - 1)

Thanks, Ill check it out. If they deliver content its worth it no matter how new to the game you are. we are all here to learn, right

ofc

Worm Regards

Robot

hoMEOWner

😭

never gonna unsee that

fr

I am not talking about Mr Robot, btw.

lol figured.

He's a nice hacker

Not famous but yea

@rapid merlin knows

YEs.

ofc

Cheers, another server added to the list

There are other web spider / crawler tools that allow you to set arbitrary request headers manually.

hi

sup

how can i build a malware detection using machine learning?

Can you make a machine learning algorithm?

i am new to machine learning

How new? Because malware detection is probably not something id start with

Malware analysis and detection isn't a beginner level skill to learn, I'd learn alot more first.

And malware discussions are only reserved for advance channels.

i just had a crash course to learn what machine learning is

Make something simpler first

then I took a wrong choice to work on

Maybe at this stage perhaps.

what about botnet ?

There is no reason to learn how to use a bot net without being blackhat.

@sick lance E commerce product recomendation would be much easier right?

Than learning malware analysis as a new person? Yes.

okay

@sick lance can you provide me a resource to learn like youtube, with a beginner level malware detection using machine learning?

just look up ML Malware analysis on yt

seems like something thats been done

I don't appreciate being ignored.

Sorry

I at least got 1 flag! That was a load of fun!

Always feels good lol

?

@gritty fern ...

It really does! After figuring out the ftp setup, and trying to push things to the ssh port, and FAILING HARD! LOL

I was able to finally discover a "flag.txt" file on the ftp port and then downloaded it and cated it. Turned it in and was able to obtain my first flag on KOTH

There is a reason this sort of chat is reserved for advanced channels.

1. we don't know their skills.

2. Law enforcement won't take kindly to malware being released "accidentally" because it was not sandboxed properly

Congratz

One time i saw someone get 8 flags😅

👋🏻

Nice to see you that you here too.

once you get root on a koth machine it is relatively trivial to grab all the flagas

Thank you! I knew I would not win, but it was a thrilling event I am super excited to have been apart of!

Gave +1 Rep to @devout palm (current: #27 - 287)

recursive grep goes brrr

GOOD LORD! 8!

ikr

One day, I may be able to climb to the top of those KOTH! LOL

Hopefully! Some of those guys are insane though lmao

Anyway, I actually started on THM on another account, lost that access and restarted. 😦

But hey, just more grinding & learning!

Now I take the knowledge I gained from THM, and apply it to BugCrowd and share my success on a social media site I designed & built using ruby on rails.

Fun stuff this is!

Very true!

Hi there, can we have a look at rule 4 please, and be polite of them please, whilst on this server.

sure

Re the malware chat.

If I feel like you're ignoring my advice again, you'll lose the ability to speak temporarily. 🙂

pardon me but I can't see the rules channel!

#rules

You'll need to set this server to show all channels.

Or use the channel discover.

Im so confused? How is that malware in anyway?

Right click the server and this

I was referring to the YouTube link you posted.

:mute: binaryoverload.#0 has been muted.

That's what will happen

That rules link was not on my behalf was it?

I am still new here and if I did something wrong, do please let me know!

Oh alright i did see your message anout not

I read it, but can know what I did wrong?

Should i delete it?

I just waved.

You're openly advertising another server in chat.

I was referring to earlier.

I understood, I'll take care of it. 👍🏻

Thank you.

Gave +1 Rep to @late shore (current: #700 - 5)

Np!

👋

Tim

Hi Tim how are you?

https://media.discordapp.net/attachments/680459914828972076/1131158897663692850/image.jpg?ex=661f9951&is=660d2451&hm=0a2285cec8beed6d66c3e913abf96143a109a3ec19bfa1dee1fb17b108d7ac8f&=&format=webp&width=1224&height=848

Do you remember this? Hahaha

😇

He always has the solution!

Tool installation failed.™️

I do!

Hmm, how long have you been here?

April 6th

He’s a og

Don’t play with em

lmao

https://www.youtube.com/watch?v=TqCL86j4t2I

someone messed up

😭

😭

It does get hot in Texas.™️

hot enough to vaporise wolfram

oh wait... the english people call that tungsten

Cool name on that map, Waxahachie county.

Wolfrum is technically the correct spelling i believe

Nope im stupid

Its wolfram

See if you can find the programming language county on the map. 😄

Haskell right?

so funny how english people call wolfram heavy stone in swedish

I mean its heavy

yeah it is

But yeah we like changing stuff for mo particular reason

Unlimited time?

Never seen that before

well that is new

lets wait those 40 sec and let nim check again

I can't C ™️

Hi

hey

C ++ ++ == C#

Ok but guys where did C+ go?

that is what basically c++ is

Yeah ik

c+1 == c++

Im being silly

shadow is too

Oh ok lol

C# == microsoft java

i am waiting for someone to write C>C++. I don't want to start the discussion myself

a = C(+2) == C++
b = a2 == C#

I think C++ is better personally

Ive not done as much with C tho

oh the * turned into italics

yeah you need to escape those

in my opinion c++ is a bit of a waste of time. It takes pretty long to get all these new ideas like templates and c is easy, small and gives the same amount of control

\*

for how to escape

I used java before i learned c++ so its fine to me

Hello guys , How not to be a script kiddie ?

learn coding

still there 😦

Just do it yourself, so youre not relying on other people to do stuff for you

your answer is not clear , u meant understand how tool works and code that my self ?

step 1: read up on what the tools you use actually do
step 2: don't use tools willy nilly without understanding them
step 3: do only do ethical hacking
step 4: document how you use the tools yourself in note taking apps
step 5???: write your own simple tools

what shadow just said

and learn to understand scripts and try to write your own to exploit vulns

+1

okay that is weird and whacky... care to repost it in #site-bugs ????

Gave 1 Rep to shadow_absorber (current: #4 - 1691)

done, thank you.

Gave +1 Rep to @sand trench (current: #4 - 1692)

the question marks for step 5 is because that is semi skippable depending on what you are learning to hack or testing

ofc always ethically , we are not bad guys here

i would also add ask google before you ask people stupid things

¯_(ツ)_/¯

googles search results in shadows opinion has kinda gone down the drain

u meant me?

unless you use before:2020

yeah

lol

google dorking to avoid AI spam

my dumbass saw 2020 and thought port 2020

tue but there are also not too many alternatives

why is that a stupid question while all am doing in thm room is understanding and using tool , so i felt am a script kiddie

searxng
duckduckgo
startpage
qwant
ecosia

If you understand the tools that doesnt make you a script kiddie

Understanding.
That's the difference between a hacker and a script kiddie

Hackers are usually driven by wanting to know how stuff works

script kiddies are people who have no idea what theyre doing

wasnt meant to say that. I meant before asking something easy you should try to find out yourself.

could list even more search engines but felt like that was a good list

from my experience they don't give better results then google

and duckduck go was good in privacy but nowadays idk

fair enoughs

Is there a room in thm teach something abt coding exploits for a given vuln?

https://tryhackme.com/r/room/pythonbasics
https://tryhackme.com/r/room/pythonforcybersecurity

i mean i saw python for penetration testing , all what it does is teaching how to create , some give. tools

i did

You need to work your way up in projects

dunno if there is more then those 2

i think i remember kenobi was also python based

shadow is not the programer to ask for programming anymore

Nah

*or maybe that is just imposter syndrome blended with not really writing any major programs since 2017

xD

can you give me a resources where and how do i start that knowing that i have basic understanding in algorithms and python programming language 🙂 thank you in advance

Gave +1 Rep to @naive violet (current: #2 - 2118)

Learn what vuln is
Learn how to make HTTP requests
Make HTTP requests for vuln
???
Profit

https://github.com/kurogai/100-redteam-projects

¯_(ツ)_/¯

Wdym profit

@naive violet has a solid 4 step plan lol

yeah solid

profit == stub toe on door frame

https://knowyourmeme.com/memes/profit

Oh

That kinda profit

yeah it is a internet rule at this point

@jaunty prairie This is an educational environment.

my bad

*loves that they figured out you can read files with the built in shell echo command using echo "$(</path/to/file.txt)"

no more need for cat

can 100% stop cat abuse

🤔

nice

probably rarely useful as shadow has so far not seen a linux container or distro without cat

unless someone goes willy nilly and accidentally removes their /bin dir

its not that the system is missing cat, its that a WAF or other type of filtering will block it

good point

I figured out a work-around.
Used proxychains to force it though burpsuit.

Couldn't get the default Proxies parameter to work on Metasploit.

guess shell built ins look more okayish then???

assuming you are runnning a bash shell without triggering waf

Hey guys i am new!

ello ello

if you have a full shell, then yeah likely cat will be available. I have seen it missng in rbash tho

Hi new 👋

rbash not being a full shell obviously

Muiri 👋🏻

hmmmm guess echo should always work in rbash too but can't easily test it this instance

Muiri how are you??

You... Know what rbash is, right?

well seems to work with echo in rbash

restricted bash???

welcome

Eh, so so, and you?

yeah

not used rbash a lot so don't have a lot of knowledge of how it works in details

Yes. It's pretty customisable with what you can enable and disable

so muiri to be honest shadow just partly knows what rbash is

Could get a similar effect by dumping them into a busybox shell as well

good old busybox

i.e. it should be perfectly possible to also block out echo

new at hacking, I am very confused about where to start. Somebody told me to go on Tryhackme. Can somebody reply to my message about where to start hacking? I want to join the TryHackMe world and grow a team to learn others knowledge.😁

getting my head down with CCNA

Eh I'll drop them into a fully fake shell

Good luck!

Lmao, you remember Monkshood?

You remember my honeypot?

That ridiculously CTF-y box I built but never released, successor to Willow and Cherry blossom

Yeah, that had a fake shell

Yeeeeeaaaaaaap 😆

all depends where your knowledge level is at when it comes to other things like linux, windows, networking and so on.

oh i have script kiddie knowdge lol

https://tryhackme.com/
or
#start-here

so many people being rude made fun of me, nobody teach me which path i should take

thank you

Gave +1 Rep to @sand trench (current: #4 - 1693)

no problem

I am a big fan of starting with the OWASP top 10 🙂

Hai Muir

muiri seems very busy nowadays

yet shadow barely knows what muiri does day to day

^ to continue this line think muiri might have NDA:s about this

varg told "Bot keeps killing off my code block"

😄

Alright, done reading all of that. I use the speech-text thing. Now that I understand where I am, I feel like I am in the in the right place. Let's begin my hacking path. So, I am script kiddie. I have no skills and no support. Where do I begin hacking Zero to Hero? Which path should I take on Tryhackme as a script kiddie? Any suggestions?

#pre-security-legacy-path
#974406074444685322
#junior-pentester-path

#start-here

they just came from there moose

again thank you, sorry i am yapping to much

Gave +1 Rep to @sand trench (current: #4 - 1694)

I’m gonna make my own honeypot soon

Alright, can you explain to me what those channels are for? I don't want to get into trolling about the wrong topic on those channels; there's a channel explaining what those channels are for.

Have you used tryhackme before?

At the top, there's a "channel topic"

Nope

silly me, I need get my eyes check.

on tryhackme:s learn page there is paths you can choose... these channels is to get help about said paths
and is also quicker to type out and auto complete then sending the link from the topics of each of those channels like ninja james just did

alright

i am at Intro to Defensive Security right now, this is fun

meep moops time for this shadow whadow to go for the sleepity sloopity sleep sloops to the beep boops

can burpsuite capture more than just http requests and responses?

did you just turn into sleepy sloop robot lol

As in?
It can also do websockets and there's an extension to do TCP but it doesn't work well

@hoary basin got funny joke for you, of you burp you will get the web application info

no joke

it will work just burp and you will get the web info you needed

says it in the name, so it should work right?

Tell me more 😄

Hi all

its not funny joke, nobody gets it

i am very bad at joking

is it a joke if no one gets it? 😄

but fine let me come up one

👋

fun fact, did you know kali linux "kali" was a girl name

kali legit girl name

it's for linux for girls

I mean, that's not quite right

Kali is the name of a female god

Doesn't imply a target audience

soooo tireeeed, but I need to stay awake for breakfast

the penguin real name was kali and some people thinks the penguin is a boy but it's a female

cuz penguin name is kali basically a girl name

I cracked the matrix

the penguin is tux

yeah going be for real, penguin most cute thing ever

i want a penguin

is it legal have one in USA?

No?

then explain why it have girl name

kali

there's only 1 linux penguin

The linux Penguin's name is Tux

all penguins looks the same

....

oh

so

kali was custom name for linux

(I'm old and I forgot, but I'm like 79% sure that's the case)

or display

and real penguin name is tux

i am very stupid

the penguin is the linux logo. there are thousands of distributions

ik

i don't understand why all distributions have there own name but the real name is tux, why not they all name is tux.

dont understand about linux history

#bot-commands

What kali linux program has the coolest name? I vote for John The Ripper :V

Siege is also pretty cool

kali is cool

is DFIR stands for Digital Forensics Incident Response?

did you google it?

says it on tryhackme

i want to know its right one

Guys am having an issue with the misp room, firstly i cant load the link in the room

#room-help

and when i type the answer for this question" What event ID has been assigned to the PupyRAT event?" that i found on a write up it tells me wrong answer the answer i found is 1146

i dont mind dealing with this issue later, but if someone could help me check the id for puppyRat on misp i'd be grateful

#room-help

ayo done with Intro to Defensive Security, being SOC is very cool i may have that job one days, who else is SOC?

i wish to be soc

currently working in customer service

thats cool

is soc very cool job

cuz what i learn about soc, I want to be one, i don't care about money i want take down those malwares

yeah i don't think soc is very exciting specially as lvl 1 but the higher u get and the more knowledge u earn it surely could become fun

alright

i may take a look into soc

like reporting malware is fun, i know there's more into soc but i think it's fun

i think for maleware stuff u need a very high technical background like assembly language and being able to reverse engineer the malware and also a high knowledge of vulnrable stuff that it might attack

Not necessarily

Alright, I may take a look. Behind me, there's a trash can made in China. It may have spyware inside, because we all know the Chinese government is trying to do bad things. It's very suspenseful because it has a camera on it. It says on the paper that if you hover your head, the trashcan opens for you, feel like of something spying on me and my family.

and the hardware inside of the trashcan very small and have chip inside of it

@jade sequoia is that sus or normal for a trashcan from china, i don't trust everything from chinda, my dad loves chinda items. he buys from websites.

I am now

Wait you work in a SOC?

I run one, or help run one now

I moved from Red 😄

Eyyyy, coolie

Me too!

Well I am one of the first employees in the SOC and the one helping with protocols and stuff

Biggest advice for anyone that wants to do SOC type work, is learn all the pentest and red stuff you can

Super important. who is responsible for what, SOPs.. Very good

I wanna do soc 1 to

Yeah, we have some really technical knowledged people, but they have never worked in a SOC before, I am the one with the practical training

Anyone here have a blog?

kinda

Hydra is pretty cool name imo

I have one, still wip and haven't posted yet

https://tenor.com/view/hydra-onmyoji-dragon-monster-serpent-mythical-creature-gif-17531963

What do you use to make the blog on

@brazen moat

github pages and home written html, that's why it's slow 😄

I noticed jayy created his own website

Wrong person

Oh wait is that still GitHub?

yeee, it's a github project that I added pages to

Ima have to create a GitHub account

Seems like everyone uses it

it's the best for code sharing/storage tbh

it will make you cry of joy

look it up for urself cuz the movie, topic can break discord TOS

Please make sure posts or suggestions are appropriate 🙂

This is an infosec learning community

oh ok

my bad

wait the name is appropriate

The topic

oh ok

there's off topic channel?

I thinks it’s because you said the topic would break tos

ohhh