#general

not great

Actually you could compress the trash into a black hole at which point hawking radiation will shoot the matter back out as a single element

respect @gritty fern

we actually do have like a hot-tub sized metal pit out by the cabin that gets some roarin burns going during deer week

u too man

pallets on pallets on pallets make the garbage no more

i try not to breathe it too much tho

thanks @gritty fern

Gave +1 Rep to @gritty fern (current: #826 - 4)

Guys we should hash password hashes

Hm

They would be like 100s of times more secure right?

guys don't tell em

Tell me what

nobody tell em that some algos already do that

So do it three times

i just exploited XXE in less than a minute for a job interview box n im so happy i have 20 mins left XD

nobody tell em that some algos do it more than three times

For things like checking a password you dont need speed

FIFTEEN

20 mins ...final question JWT shit...can it be done XD

feels possible

double des does 16 by default and it's like stone age

Jesus christ is cant be beat

sha-2 apparently does either 64 or 80 rounds

i*

What about 256

sha256 set between 1000 and 1B-1

Alright im making SHA-2048 it runs it through 10 trillion times then runs it through 256 then 128 and so on until 1

you kid but that's actually effectiveish unless the algo itself is broken

all about making things slower

Ill be dead by the time it finishes prolly lmao

Joking itd probably take atleast a year though

adding different algos can add weakpoints in some ways tho

Even if i add all of them?

depends on the situation but say one algo is more prone to collisions than another

But thats the whole point of using all of them

Just makes it like 5 billion times harder to crack

man i need sleep

Sleep then

Its like 11:30 for you?

https://tenor.com/view/youre-not-my-dad-not-my-real-dad-daddy-not-my-dad-yell-gif-7517701

Go to sleep my guy

I should sleep actually

I have ACT practice testing tmrw

lol tests

I hate tests

lol x2 ACT

question

answer

my user is an actual memory adress right?

Cuz i dont fully understand memory addresses like idk if theres range limits or such

man i haven't done anything with memory since uni, outside of the odd 15 minute BOF session

Ok lol

couldn't tell ya

Well nighty night

sleep well everyone

good timing cause discord just crashed on my desktop

as usual

fuckin discord

https://tenor.com/view/goodbye-chat-gif-22150141

One last thing before sleep

(relevant cuz 0day)

God morning

Morning

https://tenor.com/view/cool-fun-white-cat-dance-cool-and-fun-times-gif-16435335956387921912

eh Nile or 0day are probably the most dangerous, even more in a combination

You know you're good when you win a CTF with only 1 point

..., the guy hacked the CTF?

No, we got so many points the CTF backend shows our points wrong

Daymn

Congrats

Thanks, it was a meme challenge that did it for us

meme challenge?

Yeah, they had a meme challenge called guessctf, aka guess the solutions, aka figure out 31 different challenges in 1 challenge, aka figure out the password to 31 zip files

beginner bug bounty hunter here, what are some places where I can find the latest news and vulnerabilities?

eid mubarek

eid mubarak!

nile do be a secret villain making food.

You have sites such as hackernews, hackread, bleeping computer for news

Exploit-db you can find CVEs with the PoC

is there a room for learning reverse engineering with ghidra or some other tools?

Search Ghidra.

I just fixed my script!

this looks easy to finish now

hey

thanks, I'll check them out

Gave +1 Rep to @near hawk (current: #67 - 97)

https://tenor.com/view/coffee-koala-coffee-time-cute-caffeine-gif-20268883

Gave 1 Rep to .scrubz. (current: #1 - 2149)

What's the best way to transfer information from short term memory to long term memory?

Notes

somebody had a problem with the pyramid of pain practical not working?

Yeah, it's broken, that's what you don't need the flag to progress.

ok thanks

Hi all. I'm trying to find info on Google Cloud security vs Azure security in terms of cloud tooling, learning material, and general attitude toward security.

Why I'm interested in this: I've noticed Microsoft catching some heat lately, and I'm weighing whether I should pursue more certifications for GCP or Azure. I'm particularly interested in specializing in a platform that is suitable for small businesses and new startups. Google seems to be very proactive and engaged with security, and I have been impressed with their learning material, so I am leaning that way.

https://tryhackme.com/r/room/advancedstaticanalysis

yeah saw that right now doing some x64dbg

hello everyone

is it just me or are there a lot more bots in the VirusTotal comments/community section than there were say 3-4 years ago

it's not really bots

it's more like automation due to detection via honeypots or something alike

wish there was a way to filter them lol

How is everyone

Ah, set up my new kali box and forgot to get the wallpaper from the attackbox.

not bad how about you

yo hi

Zzz

Hi

Are we boring you!?

Hi

i want to dm TryHackMe admins

Where can I use Discord token?

Admin required or can a mod do?

Why

How the hell does it take 2 hours for a mechanic to change 4 wheels?

@left kindle

i built a machine and i want to know how to upload a room and i want to know if they pay for room creators or not

I need to replace my 4 tyres too 😦

We do not

Okay

They don't for the latter question.

any one who have knowledge about room creation will be more than enough

Jabba just answered you, abd Hydra linked the docs 🙂

Enjoy

i wanna DM the admin to see the attack path is it good or not

Don't need an admin for that

QA will decide that when they review your room 🙂

The room will go through several rounds of internal and UAT testing

ah okay

If something's up, you'll be asked to make changes and resubmit

okay all good thanks

Gave +1 Rep to @shell nova (current: #11 - 564)

Cheers

Oh gods WSL just updated and it brutally nuked all my sessions >.<

RIP.

Yeah considering that ansible was provisioning a vm

Hooray for idempotency?

gotta love fixing an issue and then finding a whole new one

Damn ahaha

oop

That’s pretty good pay

Ot is

It

Ooo

mostly remote work...

Incase you didn't see it.

I saw

That could mean anything. Some have you meet up like 1 a month or could be once or twice a week

Wish they would specify

"How was your commute"

"It was ok, no traffic in the sky"

Ahahahahaha

Talking about flying. Dubai will soon have air taxis. So excited

Hello

Imaging flying to work in a flying taxi 🤣

you mean a plane?

No a flying car

Or a helicopter.

Im doing alright currently studying hbu

https://www.iotworldtoday.com/flying-vehicles/flying-taxi-startup-cleared-for-mass-production-pilotless-travel

Just relaxing before I get my project for my internship

...
Hello sudoeurs teams

By 2026 apparently

Dropped off at work by drone.

Ahaha would be so fun

What kind of internship

Pen testing

How is that going?

Ahahaha that's what I want to work towards 🤣

Really good. We'll be doing a live pen test on a client I think

Whats your background in pen testing? Any background knowledge?

No this is my first lot of experience in it

I just finished my group report for Pentest, we're going to over it once or twice until we hand it in.]

Aww nice. I did enjoy doing it. The dream is to tell people there security is crap 🤣

I want to get into pen testing but have almost no experience in anything tech related jobs so learning from scratch

A few companies in India are doing remote pen testing internships

@steel aspen did you get your a new kali box set up?

This is Gnome, you'll want that.

vmware vs virtualbox for windows

oh i like qa

Hyper V

ah i meant for windows iso

but ty

i'll check out hyper v

I’ve always found it the most stable imo

Vmware 1000000%

Sadly I’m not a student so I can’t do internships

are they good

courses are good their sales is horrible

ah do you think youll ever study it

oh

all my malware stuff is in vmware with windows.

Im trying to go back to school for it but for now using thm to learn

thats giid

good

Just wish I had a teacher bc online and videos get me lost if I’m not dead focus on it, like eyes wide and glued to the screen XD it also helps if I have questions in that instance

i need to take a pcap of something, what do u do to make windows shut up 💀

all my vms are also in vmware

I hated virtualbox when I worked with it and never went back

qemu or vmware

Any specific reason why you hated it?

the UI

and how messy it was in total

(mind you, this was several years ago)

I started off with virtualbox then got annoyed at, went to vmware but for some reason my CPU in my kali kept spiking and now moved to hyper-v everything smooth

Did anyone get interested in hacking bc of anime? Just curious

Maybe I don't use them enough to notice a big difference between both

yeah, this was like 4 years for me

no i did it bc i was gay

me too

ngl

Which one was it

Movies, specifically Ferris Bueller’s day off

Good movie, had to watch that like 4 times in film studies

Never seen it yet

Might watch it later tonight

i like star wars

irrelevant, but still good

Jeez this is going to cause an uproar

Hopefully not in here though

Yooo which kali linux should i download theres like 8 of them

Whatre you using it for?

VM or booting

Hackin

Umm, what are those?

Sorry I'm completely new...

Lol ok you need to watch a YT video on USB booting and virtual machines first

oh

whats the difference

And from there you can decide which kali to download

VM resets everytime and Dual Booting doesnt

Both have ups and downs

VM doesn't reset everytime?

then you have a broken vm at least

Thats not true, unless your running a live boot in VM

whats vm

virtual machine

I dont think i run live boot but maybe ig

and uh whats that

Sorry, I could be asking really dumb questions

But we all were new to this stuff once

virtual machine is like running a computer inside your computer.

No such thing

it's a "computer" that runs inside your own computer, it's virtualized to make it look like a real computer

Oh what

oh

I think that will have many cons, leme search it up rq

Not really

not that many cons

depends on your hardware.

most servers today is virtualised

I don't mind whichever one, as long as my pc is safe and I should be able to play video games on good graphics like the way I do rn 😭

Just use a VM

then you definitely want a VM.

Oh okay

Whats the othero ne

Dual booting

What's the other one? Going to research bout it.

way harder to set up

Thanks.

But i prefer it personally

data loss and glitches are the cons of dual booting

yeah ill stick to the first one, VM.

data loss?

Why cant i attach dam images

I have a dedicated laptop that runs kali, but I only pull it out when I am pen-testing wifi or using some other kind of peripheral USB device

you have to verify

with / verify no space

I've...

@vagrant sonnet

yay done

thaks!

thanks!

so your best bet IMO is to download oracle virtual box, and the Kali virtual box appliance

yep

Anytime

Okay, now which one...

oh

Yeah there should be a VM one specifically

https://www.youtube.com/watch?v=MPkni85O9JA&t=292s

thats what that guy suggests as well

^^ yes david bombal has great content

David is a great source

okay

So which one here is virtual box

i cant seem to find it

david bombal
network chuck
rona kahlil
john hammond

will all teach great stuff...many others even, but those are my personal fav

btw which one here is virtual box

None of them

Oh

So where do I download it?

ohhhh

Now which one

Oh dam your a fast guy

but didnt the other 2 ppl said "VM"

VM is an acronym for "Virtual Machine"

dam how large is this file gonna take a while....

Yeah, shouldn't we be downloadin the first one?

Don't you mean abbreviation?

It's a whole operating system, it's fairly large

Yes, thanks

Gave +1 Rep to @sick lance (current: #1 - 2150)

Ay so you guys must be some professionals of hacking

Prob mastered hacking by now

Not sure what you mean?

Because the ppl i met earlier said get Virtual Machine which was the first option in the list but we got the second one, virtual box.

Virtual Box is within the Virtual Machine category

oh alright

jack of all trades, master of none lol

oh

lol

do u guys have this error too ?

"Wed Apr 10 13:52:05 2024 VERIFY ERROR: depth=1, error=self-signed certificate in certificate chain: CN=ChangeMe, serial=425397202556807641543660048237946304772097879576
Wed Apr 10 13:52:05 2024 Sent fatal SSL alert: unknown CA
Wed Apr 10 13:52:05 2024 OpenSSL: error:0A000086:SSL routines::certificate verify failed:
Wed Apr 10 13:52:05 2024 TLS_ERROR: BIO read tls_read_plaintext error
Wed Apr 10 13:52:05 2024 TLS Error: TLS object -> incoming plaintext read error
Wed Apr 10 13:52:05 2024 TLS Error: TLS handshake failed"

Joined all these servers around 30 minutes ago, found this one the most helpful tbh.

Ay that flipper zero and usb killer gadgets are expensive

#site-support

those are just toys for fun IMO. toys to screw around with, in the bar with friends. "hey chuck, if i can change the TV channel you gotta buy me a beer"

I used to have a watch that done that.

haha yeah, I had that watch too.

https://null-byte.wonderhowto.com/how-to/hack-wi-fi-cracking-wpa2-psk-passwords-with-cowpatty-0148423/

In step 6, what is the reason of mentioned the SSID!!
In bruteforce, We only need the hash, is not it!!
Even when searching, I did not understand what the purpose was
Isn't the hash is the hash of the password? So what does the SSID have to do with the hash of the password?

Why we mentioned SSID, why we just dump the handshake file! And start the bruteforce.
Like most tutorials on Internet. this is my first time I see someone mentioned the SSID on bruteforce, So what mentioned SSID change?

Using for example airgeddon or aircrack-ng, we don't need the SSID to found the plaintext password , We just need the handshake file, isn't?

Isn't the process of the WPA bruteforce is trying to find the plaintext of the WPA hash password, by Converting a word to a hash and comparing it to the WPA hash until we find that match it, So why we need the SSID!! 🤷‍♂️

Why do you think you need the SSID?

I talk about the guy on the tutorial, the "traditional" way to do WPA bruteforce, There is no need to mentioned SSID

So what SSID mentioned change on the process!

think about it. What is a SSID? That will answer your question.

YO

It DOwnloadeED

do i click on the folder

It's like having all the keys in the world but you don't know which lock it fits.

Ay im never trusting github again i downloaded this hacking tool called builder bat and it gave me some virus thing idk what it was so deleted it

Always check the content you download beforehand

Why hypervisor are you using?

what*

what is that

i thought github is safe

I had three seperate people ask me to playtest for them and 3 out of 3 were malware.

not always.

But why can we find the password without the SSID then, for example using aircrack-ng

You need a hypervisor to run a vm

Virtualbox is good.for starters

you need to target a router first to capture the handshake

so you need to have the ssid of it.

which it happily screams if not suppressed.

when you want to program but you can't cause you have to talk to a person about what they want this to do, but the person is unavailable for a talk

pain

I have 3 different ways to solve this issue, but I need to hear what my colleague wants it to do, and that is different for each 3 solutions

so I am waiting for them to be able to have a small call so I can talk with them about the solutions and ask what their intent is with this program

oh

oh

the good old chain of command... Talking to 6 people to answer a simple question

yuuuuup

We're talking about what's next captured the handshake, We of course need to specify the AP to capture the desired handshake, But when doing Bruteforce, do we need the SSID, if yes why?

during bruteforce, no. You already have everything you need.

But In the tutorial, i see he have the handshake, and he mentioned the SSID! 🙆‍♂️

maybe they didn't mentioned it before and just slid it in 🤷‍♀️

Some tutorials aren't really that great.

cause it's a seed

read the text

Look, he select the handshake and select the wordlist and select he handshake

with context it makes more sense

We talk about null byte

also typo in the article

This is the whole of topic, what this mean!

haven't really lookes at nullbytes for a long time but they were a reason for me to start the journey.

google 😛

It's time to dust kali off and not hibernate again. Hope I still remenber how to linux ...

I say "Even when searching i did not understand what the purpose was", Why did i come here if i found the answer of my question on google! 🙂

Because you come here for alot of things when you could easily google.

Previously I was, Not Now on most case lets say

In all cases, the AP is not logically identified via the SSID, because it is possible that there are two APs with the same name

If you google something and don't understand it, that is fine, it happens to everyone. But then you need to be more specific with your question:

" I read about X in this article, and when the author talks about Y, I don't understand what he means by Z. I did some more research, and I am having trouble connecting the dots between Y and Z. My understanding is that Y and Z... Is that correct?"

I'm not really that versed in WiFi Security and how to differentiate between two devices having the same ssid.

uhm, the SSID is the network name, not the AP

SSID is the name of a wifi which stands for Service Set Identifier

guys can anybody tell me if it is necessary to add spaces to SQL injections? I see that many times I need the trailing space, therefore it is not enough to make something like

admin' or 1=1--

but I need

admin' or 1=1-- -

but I see in wordlists like wfuzz that I use with burp that there is no trailing space... is this bad?

Depends on the backend usually

You'll probably want the semicolon as well. Also the -- - formulation includes the space after the comment token

yes but when I look into SQL wordlists like here

https://github.com/xmendez/wfuzz/blob/master/wordlist/Injections/SQL.txt

there is no -- - but only --

isnt this failing a lot of cases because -- - works everytime (because the single - is commented out anyways) but the normal "--" could miss

Could be

The space is technically not necessary

Depends also on how wfuzz sends it. Could be url encoded. So you see -- but its actually sending --%20

i think the space is technically necessary because i had many cases where inject is not working because mysql really wants a space. for example
select * from users; --comment without space
select * from users; -- comment with space

the comment without space will give sql error because "--" NEED a space afterwards so the injection will also fail

Only necessary if its MySQL

Off the top of my head, I don't know other RDBMS that requires a whitespace.

so basically I dont break anything if I replace all "--" with "-- -" in the wordlists, because mysql needs it and others just ignore the additional "-"

Yeah. You can also use --+ , --%20 , -- x, etc.

-- - is also important

With trailing space, as hydra mentioned

I know of course, Maybe I will replace the Word "identified" to "specified", I am weak in English Language 🫠

Anyway, Can you help me about my question if You understand my issue

why? if I have "-- - " with trailing space the single "-" after the double "--" is a comment and ignored anyways... so whats the difference in having a comment that is ignored by the interpreter having additional space?

You thinking about it in terms of sql syntax

When how web app processes user input is no less important

It's all added to protect the trailing space, basically

I do not help with wifi bruteforcing as a principal sorry

Bet it's used in some obscure dbms too

WHere?

😄

Eid mubarak

Just by doing a Scan, and choosing the AP number

hey yall anye1 here knows any good mic for like under 50 bucks?

40$ 50?

i know theres solocast hyperx

Eid Mubarak to all
Is Eid today in all religions?

eid mubakar is for muslims bro

Ah, Fortunately, I am Muslim 😀

eid mubakar bro

that is quite obvious but how does the program achieve it. This is what I meant by my statement.

Thank you, Eid Mubarak Too

Gave +1 Rep to @delicate reef (current: #1024 - 3)

Alaynaa wa alaykum!

Oh, I understand you.
But in the problem I faced, we don't deserve to see the program from the programmer's point of view. All I want to know is why we specify the SSID.
Anyway as you said, we just need to handshake after captured it.

There are two sides of this. Knowing how a program works and just using it without thinking about what it does.

You can always check the docs of it to learn more.

Read about the PBKDF2 algorithm

To relatable 🤣

damn

Since it seems on a SSH connection it sends every letter you type even before you hit enter to execute the command, does that mean blueteam gets to see my awful typing skills? 🤣

Like, having to backspace because I typed a flag wrong, or used the wrong capitalization, etc

guys i installed linux on an external flash drive can you suggest any good course for ethical hacking because i am thinking of learning ethical hacking then go for cyber security to have a good base

free

#start-here

i m litterly 16 so please

The first S in SSH is Secure

The first F in SSH is Friends :)

Comms are encrypted

i completed the free ones but i don't have money digitally to buy the annual subdscription

There are tons of free rooms

Like 80% of the platform is free

Bro did all the free ones

And don’t forget to check out the networks

he is masterclass hacker

now

1337

i started from the introduction then midway it said this room is for premium users

https://tryhackme.com/r/resources/blog/free_path

Yes, you can skip it

here's a bunch more free rooms

Just move onto the next free room on that path

i didn't know you can skip them

Just click on the next room

true hacker mindset 😉

bypassing the system!

1337

thanks

Talked to the monkeys (my IT department) again. They still refuse to enable the use of hardware keys for the work microsoft account and force me to use the closed-source authenticator The only place where I can use the key is the windows login...

https://tenor.com/view/disappointed-disappointed-fan-seriously-what-are-you-doing-judging-you-gif-17485289

really like the consistency.

everyone thank you i got dumb for a couple minutes turns out you can thanks

lmao

It's how I feel trying to get in 🤣🤣🤣🤣

That will be me after I'm gone from my current job.

I'm nearly out of money and still can't find a job 🤣

can anybody tell me how to find out the target in responder? I am in a network and responder grabs some SMB NTLM hashes with infos like
Client: xxxxxx
[SMB] NTLM-v2-HASH: xxxxxx

but I cannot see WHICH smb server should be reached. I want to pass the hash now but need to know on which server

responder won't tell you that, it can only tell you what authenticated to you
you need to figure out a target yourself by for example spraying the credential over the machines in the network or enumerating gpo's on the domain

literally me in 6 years

Boop yer nose

Any good resources to learn about AI?

if you are brand new, then TryHackMe is the right place. It is truthfully the best learning resource I have found for beginners

Please do not recruit here

where can i post

what are wanting to learn regarding AI

If it were an official job offer for a company, #jobs-board

Otherwise, not here unfortunately 🙂

okay thanks

Gave +1 Rep to @mossy river (current: #6 - 1217)

Just general knowledge

can someone assist me on a crackme using asm?

I may get some hate for this lol, but if you are wanting structured learning, Udemy has always been a decent resource for me. Outside of like Youtube videos and Google. But I am sure someone in this discord is going to have a better answer @steel aspen

is it for a ongoing ctf?

no mate, it's a website called crackmes i picked the easiest one and just don't get it at all

I recommend doing some guided rooms to learn the basics.

^^

crackmes difficulties are wild sometimes

is this for tryhackme?

yea

mate, i watched a few videos been learning asm and i thought "surely i can do a level 1 difficult"

bro it makes no sense

thank you, i'll have a look now

Gave +1 Rep to @worn thorn (current: #142 - 48)

you're welcome.

i can send you the crackme if you want guy even put 'easiest one i could make'

kinda bugged me i can't do it

naw I'm good.

no worries mate 😄

if you don't mind me asking where are the guided rooms?

you can search by type "walkthroughs" and keyword like reverse engineering

mate this is amazing this website

would you say it's a benefit to go premium?

There are some benefits but I'd start free to get a hang of it first.

thanks i arleady found what i want

Gave +1 Rep to @carmine sedge (current: #2054 - 1)

You have 500+ free rooms to pick from so you have a lot to choose from.

I agree with Vedrfolnia, free is good to get the hang of it, but the premium is worth it in my opinion should you decide this platform is for you

bro this website is amazing

It indeed is

and the write ups are the explanation to that specific room?

Have you ever done RE or similar? there's some x86 architecture and assembly basics rooms on THM that will help tho

what is re? 😆 i'm that much of a noob mate

"Reverse Engineering"

you could say so yea.

erm, i did re to like do silly things like instead of take away health it adds health

I've done a few crackmes so i can help if you're stuck but you do need some assembly and architecture knowledge 😅

the writeup rooms are good, but luckily the community around THM is so large, you can always find very detailed writeup on medium

I have had to reference those more than I would like to admit when I get stuck lmao

may i ask, what did you do to learn it ?

everyone probably does tbf aha 😆

Yur

LiveOverflow's video on Binary Exploitation helped a lot for me, along with i already had some knowledge of C so assembly wasnt the biggest leap its just very annoying to read
outside of that its just having good tools, i like iaito for static and gdb-gef for dynamic testing

could you explain the difference between static and dynamic testing please ? i know i could look it up but i learn a bit better if someone explains

guys when I grap NTLM hash with responder and it looks like this:

user::SOMETHING:1111111111111111:22222222222222222222222222222222:<VERY LONG STRING>

what is the NTLM hash? the 32-char long 22222 or the 16-char long 1111111? When I look at tutorials it sais that when I pass hases to impacket they want hashes like
hash1:hash2
and hash1 and hash2 look like the same length. but they arent in my case. I also see something like 0000000000000000000:222222222222222222

what exactly do I pass as hash now?

Annoying doesn't even begin to describe it.. in my opinion its mind numbing and I am absolutely awful at it

also, would linux or windows be the best system to use? or does it just depend on the ctf i'm attempting to do etc

i absolutely agree with you mate

iirc the 2's.

Windows host with both a Linux and Windows VM

i want to learn like cpp but it seems like for what i want to do , i need to learn asm but after 5 minutes of looking at it, just gives me a headache

Depends, sometimes its a linux binary, other times its a windows one having VMs of both is handy

As soon as I get to reverse engineering at any ctf, I go ahead and head over to medium because I know I am gonna need it

iirc?

mate these questions make so much sense idk why i don't think of them 🤣

If I recall correctly

static is just looking at the disassembled code as is, dynamic is looking at it while the program is "running" and going through it setting breakpoints to see what everything does etc.

should you always run in a vm to ensure you don't get anything or does tryhackme make sure there's nothing malicious?

so I do not pass something like 111111:22222222222 or 00000000000000:22222222222222222 but only the 22222222222222

like impacket-smbexec --hash 2222222222222222222222

ahhhh okay, so static is like ida and dynamic is like x64dbg/32 ?

Best practice is VM either way, THM should be safe untill you get the malware stuff etc. but yea just try to keep it to VMs 😅

other way around. Dynamic is like anyrun, static is dbg @undone sorrel

ahhh i understand, thank you ❤️

and, is there a limit to how many rooms i can join?

Nope.

Oh guess i learned that wrong?

mate, this website

seems perfect

For what its worth, the people in this room are so much more knowledgeable than me, I start second guessing my own name lmao

Right now I'm currently in

Static analysis is a test of the internal structure of the application, rather than functional testing. Dynamic analysis adopts the opposite approach and is executed while a program is in operation.```

yea. Look at the definition of a ntlm hash. The 1's part is empty. I haven't seen one where it differed before.

bloody hell 🤣

ahhhh right okay

This one should be a good start:
https://tryhackme.com/r/room/x8664arch

mate, this discord is so welcoming also if i go anywhere else to explain my issues, i just get shutdown

yeah, anyrun, joesandbox are a couple of good ones for dynamic

will get reading, thank you a lot everyone

Gave +1 Rep to @scenic bobcat (current: #311 - 15)

This was one of the best Ghidra rooms, but it's private now for new members.

I'm loving the blue windows boxes we're getting these days.

And it's one from Arabel so it's going to be good.

appreciate that the sub/free release rate is balanced, (3 sub then 3 free then 3 sub etc)

somebody tell me the first movie to watch today

batman begins

matrix

I wanted to see the new Bill & Ted, but it feels like Keanu forgot how to act as his character.

always a good one.

My mother wanted to take me to see it but we never got round to doing it

That's a later movie

Today about 3-4 movies

It's EID

Defo can smell a DFIR path coming after all rooms are released

Going to watch matrixx first prolly

have fun.

Sure it will be streaming soon.

has anyone watched the new fallout show on prime video

It’s about the memory and the experience smh

You millennials and your tiktok netflix prime

Millennials

I still have my Blockbuster card.

damn millennials

jesus

Back in my days there was no such thing as secure protocol

Pre 2k be like

Ouch ): that comment made my knees hurt

Ayee new Alex Rider season out

me who has a dfir room laying in QA queue

👀

8k more users til 3 mil

Or atleast a capstone project eh @eternal roost 👀

3 mil will be this weekend

grrrr it is still there and annoying shadow

It's new for me.

Guys, I need help! I have no idea why, but my kali machine, baremetal, updated and upgraded 2 days ago, now gives me an error like this:

Reading package lists...
E: Could not get lock /var/lib/apt/lists/lock. It is held by process 4362 (apt)

What should I do?

Is it safe to just kill process 4362?

sudo kill 4362

ps aux | grep apt

Check what's running.

If they won't work, you can remove the lock manually.

sudo rm /var/lib/apt/lists/lock

I just wanted to be sure it's safe...

I don't know what's running on the process.

This is a quick example on why it's bad to run Kali baremetal, you'll be doing this, alot

Yap, now I know to not do this again...

I will try killing and see what happens

It did not work...

I will shutitdown and try reboting...

Already?

Restart it. Typically the lock will clear when the software updater completes checking for updates in the background

Reboot should work

I just shuted it down for now, that's all I can do remotly for now. Once I get home again I'll try starting and see.

Thank for the help anyway

Yes, but this is in terms of pentesting I guess?

A Null, Fin or UDP scan are stealthy enough?

No, just as loud

Modern systems have detections for them

But its all up to the SOC if its actionable or not

Yeah, but in this case I am just learning

Moreover the complete beginner path

And I am training for SOC entry position so

It shouldn't matter in this case?

Yes, if you're just doing machines in TryHackMe

I'd assume a weird scan is more interesting than a slower TCP scan

So how do you do stealthy scanning then?

irl?

Go slowly enough that they forget you 😉

Though a proper Siem would still be able to alert

definitely but with a lot of firewall logs i might check for better IoCs like ssh logins, etc.

Or be a needle in a haystack

True

There are so many scans on the internet that you'll probably get lost in the noise

You could use decoys and silent maybe

I guess physical human resource pentesting is the best option then

Least until you actually do something

Can't resist my demands, when I hold his browser history as a hostage

If you want to be stealthy you'll want to make your traffic look as normal as possible, but that's my opinion

Yeah ^

Hello, I am a beginner in cybersecurity and I am planning to subscribe to TryHackMe, but I am afraid of getting lost. Is it correct to start with the 'beginner path' first and then move on to the 'jr penetration tester,' considering that I am interested in pentesting?

Try to make it as identical as possible with regular packets

shouldn't a proxy/vpn should be enough to hide your traffic?

probably

It'll hide the origin in the immediate

depends on the network setup tbh

Well as a scrub I still don't know how to do that

Hide your traffic from what?

I just know how to use nmap for enumeration and gobuster

For now

Heh

Limit the scan to the ports you want to actually attack

i started as a wee lad who blasted nmap -A on every machine tryhackme had

yeah that my point the proxy server's ip would be disblaed in the logs

Then run a scan on labs and check Wireshark

That might give you some ideas

from the server

That's not how proxies work?

Yeah, maybe only the ports that I would want and no others

But it says 'intermediate,' is it for people who have a good foundation, or did they write that to indicate that it might be complicated?

Wireshark became fun once I did the wireshark room though

Maybe I still don't undersatnd some things, but I guess I'll get the hang of it

Good that I do OneNote

you need some foundational knowledge before jumping into those paths.

Hey, in my honest opinion. I would take a look at free ones first. To get an idea on how i should proceed

You should be fine since it guides you as long as you know plenty about computers

starting beginner is better ?

You can jump to any path that you like, however don't get shocked that you don't understand anything or forget everything within a week.

starting beginner path is ok ?

But definitely, subscription is worth it

Do the easy rooms and gradually progress

I'd do #pre-security-legacy-path -> #974406074444685322 -> #web-fundamentals-path -> #junior-pentester-path

if you wanna follow paths

well correct me if I'm wrong but proxies hide the ip origin shouldn't be enough to hide your traffic? with some severeal proxies?

#general message
Here's a recommended order of paths by shadow.

You can skip the ones that require subscription

I use 3 when trying to not get blocked

It would mask your IP, yes. But can be tracked by contacting the ISP.

Ok thanks you, but i didnt started jr penetration tester, i just started beginner path

Gave +1 Rep to @devout palm (current: #27 - 291)

guys..I hope there will be at least one person focusing on soc areas.
I have been focusing on offensive side for a few months and still I am not good in that but I want to try learn some from a defensive perspective and trying to SOC, i Found it interesting but at the same time it find it hard to learn so that it is more theory when compared to offensive(accrdng to me). so how could i get on with this guys and i really like bash scripting, i mean i just need a proper path to follow.

So there's no "hiding traffic"

But in reality, I don't know where to start. I just started the beginner path, but then I'm not sure what to do next. Do you have any paths to recommend to me to assimilate well?

The SOC paths are good

SOC is fun, unless you take care of the logs! ™️

What do you think I should start with?

that the point of proxy

#general message

hiding your traffic

Pre-Security Pathway

how in the world your isp can track it?

Ok before pre security pathway should i make beginner path ?

You -> ISP -> Proxy -> Server

You can see where it's going, you might not get to see what is sent.

Or is that VPN.

You can follow the list 🙂

Probably VPN.

Yeah

yeah I see now thanks!

Gave +1 Rep to @simple valve (current: #22 - 362)

VPN -> Encrypted packets

proxies

Proxy -> Not encrypted

Not always.

Generally speaking

proxies packets aren't encrypted right?

Depends what sort of VPN you're using.

Some of them add on https.

i have just started it, but was in a little bit of confusion there, do I need to go through all theory(obviously I am a lazy man), wish more practical lessons are there when compared to offensive. I guess I have to continue on the path.. just learning step by step.

Pretty much all Morden VPN protocols use some sort of encryption. Unless you are super old and using something like L2TP which doesn't provide encryption

@clever shard not an appropriate joke to make here

Yes, theory is good. It helps you understand why we do stuff.

@simple valve sometimes, I just need a push, thanks mate✌️

Gave +1 Rep to @simple valve (current: #22 - 363)

I mean, you can practice by

• Intercepting packets with Wireshark
• Building a home lab and setting up an EDR
• Messing with SIEMs

gotcha..!!!

It's actually fun, when you learn offensive security to defend

Defensive security to attack

Theory serves as a guide for practical application. Keep up with the study (:

There's theory in general cyber security, not only defensive side

thanks for all the say guys, got me motivated✌️ time to go, have a great one everyone, peace..

After a 27 year career in IT Operations and Cyber security I can validate this.

sorry but how is it inappropriate? it doesn't seem to go against the #rules but idk

As a defender you should know how an attacker works, and as an attacker you should know how you can be detected or investigated.

It's illegal, so it is against the rules

Do pre-security then complete beginner, even if you have experience.

how I said to stay anonymous. I didn't say to do illegal stuff and for me anonymity isn't always related to bad/harmfull actions.

but still you right

What’s up party people

Using your neighbor's wifi? Yeah that's unauthorized access. Textbook illegal.

with peremission?

how to see how many points I have earned

and their conest?

Dashboard

Nah mate. Nice try.
Don't make those sorts of jokes here.

Thank you soo much

Gave +1 Rep to @devout palm (current: #27 - 292)

my level isn't updating on my profile anyone knows why

It's a known issue. Staff is going to handle it

alr bud

👍

Thank you bro , I thought it's a issue of mine

Sox4-5 proxies are encrypted as are https proxies. Http proxies are clear text.

@clever shard check out proxychains tool

@sleek viperNo money to get proxies

broke

who need to buy it while you can get it for free

wdym free proxies?

you can find lists of free open proxies

💀 if something is free then you're the product

Smart man 😉

but you can still chain between multiple proxies

if explain your need I could provide some

They might dump your traffic though

hehehe

they keep logs and they're willing to give it to anyone with power

yeah but tor proxy solutions could solve much of that

🍿 hi

keep in mind that mini Tor exit nodes are dumping traffic

*many

Hai

wake up lil bud

there are ways to enumerate people over TOR

How's the Heap? 🙂

that's true , but you can configure with strict security

Great. What about yourself?

Just working. Stopped and looked at chat. lol

My point is nothing is foolproof. it comes down to a series of practices and just like defending security is a layered approach even when you're attacking or trying to remain private 😉

@sleek viperwake up lil bud tor isn't that secure

Breaks are nice

pretty sure I just said you could be enumerated over Tor

lol

but it gives you another layer of obfuscation

About to go out and look at the ducks in the lake. 🙂 🦆

I guess anonymity is a illusion

Actually for learning , it's not a big deal , anonymity need when you need to play the evil

What are you aiming to accomplish? You don't require paranoid anonymity unless you're a criminal.

telling people you're committing a federal crime in multiple countries and making jokes about hacking your neighbor's Wi-Fi is less secure 😉

I think that this is a fallacy that privacy should be considered evil or somehow shady

Fun fun

i would like you to tag me in the text I said anything related to that

lol

I'm not trying to accomplish anything illegal

I agree with you , anyone knows what's protocols actual structure or core of networking , all we know are what they have tought us . IETF and other organizations know actually what's going on

And yes, anonymity is an illusion depending on where your location is, how you're hiding your traffic and what country you reside in

• I'm not trying to accomplish a such thing

depending on what you do with that anonymity just remember it's going to come down to how many resources someone is willing to spend to locate you or investigate your activity

it just scratched that part of my mind could anonymity be a thing?

when giant agencies needed , anonymity is nothing

another fallacy that people who seek privacy are criminals. many times they are dissidents or they are trying to avoid the reach of over-aggressive or dangerous government entities

Tor was developed by the US Navy to protect a dissidence in many countries, freedom of speech does not exist

dissdents

Alright

I think it’s too political now

hacking is political

It's only too political when it hurts your brain

This discord server is not political 🙂 please keep it out of here

@sleek viper I dissagre with you

hacking isn't political

thinking outside the box is always political

but you're entitled to your own opinion