#general

Thing is I cranked up the contrast to the max on windows as the monitors would look pretty depressed.

or more like digital vibrance is what nvidia calls it.

Has anyone received an alert on their Apple IPhone of a warning of state-sponsored Spyware?

around 94 countries did

Yeah, was just wondering.

Nope

i didnt

I didnt get that either

US?

Yes

same

is it possible to get a "subscription" to immersive labs?

Never got one

i'm sorry.. what?

We did get a huge data leak though (thanks AT&T)

I dont have money for a web server😅

Either way its mostly for me and my friends

you can have some around 5$/m with google and so

I understand that but please dont do that 💀 if anything, host it through a VM on your machine

so atleast there is a tiny bit of safety

There is nothing on the pc

Have you asked Immersive labs?

Even the username is random characters

no, i am looking for something similar to thm. seems they only offer to businesses/teams

And educational institutes, I have one.

ah well, im not in school anymore unfortunately

That may be so, but if they have control of that one, it's often easier to attack other devices in that same network aswell 😅 but alright~ Servers are quite cheap these days tho some even free if you dont mind limitations etc. if its for you and your friends you can always pool some money together

Not at schools have it.

Yeah but i have this PC and im not too concerned about security since you have to know the exact IP but ill look into it

idk if they still do, but Oracle's Cloud services are free iirc? if you stay under their bandwith limits etc. (just a pain to setup a bit 😅 )

Honestly I do not care about hard to set up in fact, I generally “like” hard things because the reward when its done is way betyer

Do check that out then; i had it for some testing stuff too

Buy more books. 😎

What are you covering this time?

Is it possible to find who someone is via their discord?

And not read them.

what you asking exactly ?

@mossy river

Ive had someone scam me and I'm trying to locate them

that sounds illegal

hey does anyone know what AC means on dread

Good luck, you aren’t getting far.

wait am i allowed to ask this

Apparently its possible

You cant, contact law enforcement if it was a large scam

It’s not.

Hacking isn’t all green terminals and “I’m in” screens like it is in the movies

Its not if people are offering to do so or trying to get you to download tools for it, thats malware

https://www.youtube.com/watch?v=18RSYZa58FE 6 hours of hollywood hacking terminal 🙂

Second hand bookstore, so whatever is interesting. Mostly pre 1950s book editions, and particular publishers like Modern Library, Library of America, or Loeb collections. Treasure hunting, essentially.

@clear forge bruh

I think everyone should at least read 10 books from this list in their life time 😂
https://sites.prh.com/modern-library-top-100?ref=PRHDCE40587313D&aid=34011&linkid=PRHDCE40587313D

Have read 14 of those over the years

What was your favorite? (tough question)

Meow meow

Meow meow meow meow meow?

I've always loved Brave New World, Slaughterhouse-Five and anything Hemingway

ooooh the preorders for the new orden ogan cd and vinyls are up

hits buy on cd

how to fascinate shadow

you know that book comes up quite a often in shadows presence

then shadow is rly fascinated by many ppl 🙂

of course

Hi guys i was recently doing a room and in middle of it the browser started to move the mouse by itself inside the vm and zoom the whole browser this never happened before is it something that i should worry i did a check of established remote connections but didnt find anything .........any idea why that happened

Huxley is pretty good, after reading BNW, try reading Point Counter Point. Slaughterhouse-5 is quite brutal. 😄

@umbral bay @gusty mortar have you read "how to read a book"? It's quite old but a really fascinating read

Mortimer as first name should give away its age. 😄

Could be just a glitch

Many things to learn from that one, not so much speed-reading but summary reading for example.

Bruh

Tim

That would be illegal and not something we do here

Check your mouses sensor

I've been a fan of Huxley a long time but haven't read PCP. My tbr has expanded into a full size library/antilibrary at this point

There could be dirt or something making it move

I have read How to Write a Thesis by Umberto Eco

hi bro yes im aware but it wasnt just like flickering it was moving and going to different tabs and thats what got me worried

Yeah, no

You scanned your computer?

yes i did

That's a good thing, the list should be endless. I am a big fan of James Joyce.

i did a tcp|IP check and also run autorun and went further with cmd processid

i didnt find anything

Just watch it

Not heard of that one

My brother did his Phd thesis on Joyce. Just pottering around here I found 3 editions of Ulysses the other day

i will monitor it but it freak me out

I feel you

I would be freaked out too

Omg are we talking about books! Let me read up

It's a great read for all kinds of academic writing. I recommended it to a friend while giving him advice/recommendations on his cybersec MSc thesis. He got a 1:1

I heard the image

Cheese.

Yes! We have broken out of #bookclub to expand across the server!

Crypto 🤮

@jagged moon

Done!

maybe someone is playing with me from having acces to the same VM machine

do you think that is possible

Goodnight peeps

I'm a big Catch 22 fan. I also love Faulkner but haven't read the one on this list

I mean there’s really no where to check if they are but I think there not

Better take a look then, thankss

Highly recommend Faulkner, "my mother is a fish" chapter is iconic

Like I said monitor it and if it happens again I think contact support? They should help you

How do networks work in TryHackMe? I.E. Red Team Capstone Challenge. I heard you get multiple days to complete them once you start them? Does the network remain "persistant" across days? I.E. if I backdoor a system with a reverse shell or a dummy login with admin access or something, go to bed, wake up tomorrow, and I can jump back into the backdoor'd system without having to do lateral movement, etc?

yes if it happens again definitly im going ro contact them

Also To The Lighthouse!!! Virginia Woolf my beloved

He now has 3 Masters degrees to his name, two of them in cybersec and cybersec for industrial networks

Typical of Joyce is there are "a few" editions of his books, because they ready like they will never be done, one of them you can even start reading anywhere, the story is a loop. 😄

Nvm As I lay dying is also on the list

Joyce is so notoriously inaccessible that I have yet to try to read one. What's a good entry into Joyce?

You can visit Dublin for the Bloom's Day festival at some point https://www.bloomsdayfestival.ie/

It's on my bucketlist. I've been to Dublin, but not at the right time.

Ulysses. Along with Infinite Jest by David Foster Wallace, Gravity's Rainbow by Thomas Pynchon and 2666 by Roberto Bolaño, cos who doesn't love a mind melt? 😛

Ah yes Infinite Jest the 5 million page murder weapon

I'll get to it eventually

I'll do ulysseys first then! Thank you 👍

You should definitely do it. It's a lot of fun even finding a spot in some of the pubs mentioned in the book

Have you read The Magic Mountain by Thomas Mann?

No, I'll have to investigate it

https://tenor.com/view/batcat-gif-23787350

@grizzled crystal you know what thumper is, from Dune?

You need to verify to show images/gifs

verify where

Read the link I posted here #general message

ty

Gave +1 Rep to @proven quartz (current: #21 - 367)

https://tenor.com/view/batcat-gif-23787350

I was going out with a Spanish woman when I read 2666. I read the English edition. She initially read the Spanish edition and then the English edition straight after

@arctic dove Can i PM?

Sure.

Hey guys

what had you been doing?

photosynthesis on my chair =/

what? why?

and even how?

in other words. doing nothing 🙂

Have not read that one yet. Would be interesting to compare the English and Spanish. Probably a few missed-in-translation moments.

i turn sunlight and things into food lol

honestly I thought you hadn't moved so much to not lose the sun light

that's what I claim from your phrase

as i say... doing nothing and watching my printers making some dumb things =/

By the way, I used to be 0xD GOD

the pointing might have changed though

well... you are not far

To be honest, I was searching for a teammate or even more

If you're interested please message me privately

nah... bussy atm with dumb things 🙂

and best is to do it you self

I meant if anyone's searching, message me

She said there were some interesting word choices. She studied languages/linguistics. After we broke up she 'borrowed' my database book from college and now works for a major ERP provider

meepity moopity timey whimey sleepy sloopy beepity boopity beep boops for shadows sleep sloops

Nite shadow!

Nighty night

Go to sleep heap

what you doing here?

Guys does tryhackme have any hard or advanced courses

ofc 👀

Which one

you have hard and insane rooms. if that helps

👍

learnning path is just path you take to learn/follow

Have a good weekend yall. 🙂

Howdy yall. Have a good weekend!

you too.

Please I am finding it difficult to solve a task, in the cyber kill chain there are 7 stages but the options i got to complete in tasks were given for only 6 stages, what do i do?

Is this a THM room?

Maybe

Why maybe? It's a yes or no question?

Yes

See, now I don't believe you

Can you link the room please

@sharp citrus

Well if it's actually a THM room, #room-help is the best place to receive assistance. I'd recommend you ask there.

What would you call a team of cyber security professionals that monitors a network and its systems for malicious events?

blue team

it says incorrect

oh... its a thm Q?

then you need read again and find correct term

im stock in there

im sure there is answer in text that you need to read

Security Operations Center (SOC)
A Security Operations Center (SOC) is a team of cyber security professionals that monitors the network and its systems to detect malicious cyber security events. Some of the main areas of interest for a SOC are:

Vulnerabilities: Whenever a system vulnerability (weakness) is discovered, it is essential to fix it by installing a proper update or patch. When a fix is not available, the necessary measures should be taken to prevent an attacker from exploiting it. Although remediating vulnerabilities is of vital interest to a SOC, it is not necessarily assigned to them.
Policy violations: We can think of a security policy as a set of rules required for the protection of the network and systems. For example, it might be a policy violation if users start uploading confidential company data to an online storage service.
Unauthorized activity: Consider the case where a user’s login name and password are stolen, and the attacker uses them to log into the network. A SOC needs to detect such an event and block it as soon as possible before further damage is done.
Network intrusions: No matter how good your security is, there is always a chance for an intrusion. An intrusion can occur when a user clicks on a malicious link or when an attacker exploits a public server. Either way, when an intrusion occurs, we must detect it as soon as possible to prevent further damage.

What does SOC mean

i tried SOC but still not correct it says

Spell it out

Holy wall of text

mother of all text 🙂

What does the first line of text say

my bad i type centre instead of center thanku

English vs English..

https://tenor.com/view/boing-gif-6037249

hullo

ello

could you build a contraption like this

to keep you awake while cycling

it keeps going back and forth as u ride

dheck is that lol

anti drowsiness device

https://youtu.be/m4cCR2InRxs?t=212

linked with timestamp

i need to check wtf is that lol

smartest thing in the world

GTFO lol... some ppl have to much of free time

eh, its thier job to invent things

why not use shocker... like electric thing lol

aye, its stupid inventions

not smart ones

using electro shocker is also stupid... like a lot

not as stupid as a boot hitting u in the face as ur cycling

not sure how stupid exactly, but aint smart lol

electro shockers I understand

i call that natural selection at best

eh this one is even more fun

you need jesus in you heart =/ hehe

or a lil bit of stupid inventions

well... there is movie called sharknado. and is tornado full of sharks lol

there are too many sharknado movies

don't ask me how I know

=/

im printing Crysknife atm 🙂

show in progress photo

Also can super sharp things be 3d printed

there is some filament that are quite strong and so. but can't make sharp as some knife. just hard and strong. depend of how you print it

hmm

need to change color up

make it a lil murky

that's just blade. handel will be darker

dont have enugh of darker filament

sad

this will be handle 3h need to print it

oo details

yea

and on 2nd printer is that thundar. thing they use to call sand worms

isn't that called a thumper?

yea

forgot the name lol

Hello all, how is everyone?

From dune?

y

beyond tired

yea

ralexander going to join the fremen

ofc i do

Didn’t you 3d print a spice harvester ralex?

his eyes will change from yellow to blue

Wtf is that? Looks like a 3D rendering of something you plan to print with a 3D printer

for 3d printer. rendered yes

This gave me a double take.

Dirty mind

What is it exactly??

A blade

Looks like a sword hilt

Well it’s the handle

Of then blade

crysknife from dune movie

not for now 🙂

Btw did you know Dune's web version got leaked before offical release

part two*

Ah, the hilt of a sword then, I presume? Too large to be a dagger

nah. i watched it in theater

is handle. the blade is in 2x parts to be proper size

I also did

Daggers are actually pretty long

IMAX

great sound

1080p best I can do

just im kinda sad for that girl he didnt mery

Technically we don’t know yet

yea

might be 3rd part

Waiting for the 3rd

Has to be

Denis did difer from the books

They can’t just cut the movie at one of the best cliffhangers

but I can't wait for the 3rd movie

she took a ride at the end

its probably going to be in like 5-6 years

Prolly

yea

Lol, well I'm no expert at weaponry, but I always imagined daggers being small. Then again, "short swords" aren't exactly short either 😂

in movie is alike special weapon or so. sword/weapon they use by default for fight

Really depends on the type of dagger

here is bit better pic of handle

Man, you'd really think that I'd have drilled it into my head to do more thorough enumeration

Keep practicing

9/10 times I get caught up on an easy CTF it's because I saw an interesting service, latched onto trying to break it, and didn't enumerate the rest of the box and missed something blatantly vulnerable

I have a question completely irrelevant to anything mentioned prior to my arrival today. I'd be grateful for any opinions. Anyone know of auto insurance that's actually affordable?? Geico, state farm, progressive....all those are pretty expensive. Know any cheaper alternatives for full coverage, liability, and comprehensive coverage??

"Why can't I seem to get this exploit working on vsftpd?"

"Why are you bothering? My brother in christ there is a web service running on port 1337"

"...oh. I should... I should go look at that..."

hi people!!! What's up?

Relax time after working on dinosaur PC's all day

16 Gig's of DDR3 Ram

1tb SSD (Couldn't find a brand)

it can be much worse 😂

eeeh

I meant the pc 😂

It may have been great at the time of release

but its crap now

That's okay man, I started off in reverse engineering with a severe case of the Dunning Krueger effect. I thought "it's an R.E challenge so the answer is absolutely found in the binary when I use radare2, I just have to switch a few different locations". Not realizing there was so much more to it than that

16 gb and 1tb not to shabby,

you're not going to do video editing with that, but I've seen much worse

DDR3

at last is not 32 bit cpu 🙂

I know it's slow but still are 16gb, there are a lot of 8gb and some even 4gb out there

since there is no use of more that 8 gb ddr

Well, if there's no opinions on my question I'll hop off here to do some research. Have fun guys, and always keep improving!

@loud marlin sup 🙂

yea... play with 3d printers...wtbu?

3d as usual 🙂 myself drinking beer 😂

fair fair 🙂

Anybody going to BSides Charm next weekend?

What's that? Never heard of it.

BSides is a series of infosec conferences, they have one coming up for the Baltimore region (Charm City, as it's called)

Hola ( Hello)

Oh, so it's sort of kinda like Def Con?

Smaller but yeah

Been pen testing a discord bot for a dev of a type of game involving bank accounts and money. All bank accounts were reset due to a previous exploit I discovered which allowed me to gain over 900 billion dollars in a short time. However, on day one of the patch being applied, two people managed to gain 1.2 billion in a very short time and then went inactive for days afterwards. Is it possible to inject code into a discord bot without the developer being aware of it?

depends on what you mean but yes

Something just isn't adding up, I reviewed their transactions with the dev, you get $1000 per message but they only sent two or three at most. But their bank transfer amount was insane, we're talking several billions, but their highest successful "bank hack" was only a hundred grand or so.

The dev asked them about it, neither ever responded, and at least one ended up leaving the server all together after being questioned

Maybe it's not the bot.

Depending on how the bot is written, and what language used to connect to the discord API, there are probably multiple vectors to attack. That said, it's likely that it's poor coding practices or a vulnerabie library being used.

I didn't read the whole context but it doesn't sound like a real life event if we're talking billions.
Maybe some sort of lateral movement either in the API, code, libs etc. pretty sure I'm parroting what juun said.

Definitely not real life lol. A game played using a discord bot.

So.. don't focus so much on how the bot works. Focus on what it interacts with. Think like a hacker damnit 😂

I have a hard time with stuff like that sometimes...

Think like a hacker damnit

https://tenor.com/view/breezy-hacker-im-in-matrix-laptop-gif-22983973

"think like a hacker damnit " is something I have to tell myself sometimes.

Gotta change my profile up to say "I like breaking stuff" lol

https://tenor.com/view/keyboard-laptop-cat-gif-26412641

Juun's hacker looks more like me actively.. 🤣

So I got to my friend's house.. He already learned how to hack the 12pk.. so now I'm at the bar hoping he doesn't show....

pregaming is for youngsters, your friend should know better

He's still in his 30s..

like i said... he should be old enough that Hangover Time is starting any day now

We're going to his sister's for breakfast at 09.. lol

It'll be fun 😁

that's a little early for brunch

belgian waffles with pellegrino and OJ sounds good though

Doesn't sound bad.....

Gonna be bacon eggs potatoes and coffee for me though. His sister is a good cook. I don't eat breakfast often but if she cooks, I will.

hash browns or breakfast potatos?

Potato mush kinda.. but it's very good last time I had.

what kind of eggs? fried? scrambled? french omelet?

potato mush? sus

cubed, spiced and pan fried with red pepper, jalepeno and diced onion is a classic

have you tried beef bacon as part of that breakfast combo?

@whole yew I swear you would love it. Scrambled eggs, potatoes, bacon, spices... Old country cooking.

Some of the country breakfast I can do without..... when my family in rural minnesota cooked breakfast, it was greasier than IHOP and VI put together

I like to dry age my beef bacon in the crisper drawer, wrapped in butcher paper for a couple weeks. Then I hydrate it by covering in water and basically steaming it in a cast iron until the water's gone

then pull the bacon out, bring the pan up to normal temp and pan fry as normal

really intensifies the beefiness

I've never had beef bacon but it sounds amazing

easy way to think of the difference between shell and terminal?

That's a very good question!!!

You interact with the shell at the terminal.

Terminal is what you type into, shell is what processes what you enter into the terminal.

Lacking more of an explanation.. but that's what I get from it anyway.

👀

Moo?

Hello 🚶

Terminal is what hosts the shell.

if you don't have a local provider for it, this is a good but expensive product https://porterroad.com/products/beef-bacon

I know butchers. I'm sure I can make it happen. 😁

Hi

Have you guys any link which is exploited by xss vulnerability?

what are you trying to do?

Wassup bro 🙂

Please don't bro me.

I will scan it on a website as the book suggested me..

which websites?

XSS scanner

Oh then what

No, what websites are you trying to get XSS on

y

yo

That's what I tryna find 😅

you know that's illegal and unethical right?

I don't know you. You are not my brother. You don't deserve the respect my brothers do. Do not call me 'bro' because you have not earned that.

Heya juun, mind if I dm you a question about a possible compromise I have

hey Zayn

👀

I will just see how this can be scanned

Yo wassup

Ok💀

you have not created thm acc yet?

Technically, checking that box that says "I have permission to scan that site" is perjury. You know you need permission from the site owner to use XSS Scanner against that site, right?

Which acc?😬

tryhackme.com

👀

Ok so first I need to ask for the permission?

Yes

Nope, should I create?

So how long have you been doing cybersecurity and IT?

if you wanna learn and play ctfs tho 👀

Juun...

I'ma Beginner

Ok boss

Ok. I'm going to cut you a bit of slack then.... what you asked us to help with is illegal in many places, and most cybersecurity professionals consider it unethical to scan things you don't have explicit permission to scan.

I strongly recommend you to visit #start-here and begin your learning journey there

Understanding the admin/business side of IT is of equal importance as understanding the technical side. If you want to have a future doing security work, you need to understand both.

@whole yew is way kinder than I am.. ida already banned them..

May be the beers talking...

There's a difference between malicious and ignorant. One can be cured by learning things

Also..please.. just a PSA. Don't 'bro' me until you know me.... I do get angry about that..

Ok I didn't knew it before ,now I'll follow it

I may need some life advice.. @whole yew can I DM you sometime? May not be tonight..

Sure. I'm not exactly a wise sage or anything

I know.. but I met you once and we had good conversation. I'm not a hacker sage either but people still look at me like I am. 🤣

I mean.. if you were in the early 90s and made a program to dial up a lot of numbers to look for what's listening.. I'd just call it a dial listener.. not trying to start a war or anything...

sounds like how wargames starts to me.....

That reminds me of a movie and a song..

please don't self promote

i didn't think you can't do it

#rules see rule#3 please

Moooorning

morn

jhey there

hey]=

Moo

Okay. I'm gonna try to explain 'moo' to everyone.. it's mostly a term of endearment.. It's almost like 'i love you' but also less and more.. It's cowsay...

mmooooo

Happy weekend

Wooo

too

yo

No,. moo

cant u just deploy your own website with its specific vulnerability for practice?

You need to own the hardware it's running on... And the network you may be messing with..

a local website would suffice no?

Locally hosted on your machine on your network.

Don't practice on what you don't own without permission.. in writing..

weird not seeing any admins online

CTFs would like to have a word with you

normally hydra keeps that section there but not anymore

Moo?

moo.

CTF competitions

Yea thats why we have ROEs

Permission*

Who needs admin 😎

@sick lance does

😁

@sick lance gimme admin

ik you don't have it yet but give

@sick lance didn't you use to have a profile pic

Nope, I've been like this for ages.

lame

I know, I can't decide.

I used to have Mara Sauv but that ruffled some feathers.

i got tired of looking at my default github ava so after idk how many years i finally changed it to some random pic i found on google

like today

Default pics are better.

Especially for desktop/laptop wallpapers.

after so many years i figured why not

i'll probably remove it in a week lol

Who dares summon me?

hydragyrum hydragyrum hydragyrum

Oh admins asleep, post memes

😉

my gif thing stopped working

probably for the best

Probably

I'm just glad I got all the content done for my slides yesterday

slides? work?

Conference

ahahhhhhh that's actually enjoyable then

well

mostly

And my lab seems to work at least (more or less, there's an issue with H2 falling from time to time, but nothing a restart doesn't fix

Risk of an in-memory db I guess

..H2?

<h2>wat dat</h2>

Not that h2

https://www.h2database.com/html/main.html

3 million users 🥳

It was 2 million not 6 months ago, no?

man thm has grown

Aye

2 million was june last year

huh. never heard of H2
never had a reason to use java in prod so i guess i just wasn't exposed to it

Ok 10 months

Oh you don't use it in prod, ever. That's a terrible idea

i didn't wanna come out and say it since it sounded like that's what you were doing 😂

but yeah

Great for integration testing

interestiguing

i should probably read up a lil bit when im coherent again

Oh I used it because I couldn't be arsed to make a docker compose file

was gonna pull an all nighter but nope not anymore

all the composes!

Sleep good

I have no moo what are happening rn...

beyond disapointed

they should've done it

Lol

i got annoyed at my new github ava and already just removed it

it lasted like 3 hours

Ha!

I have my default on my Non used github

I use the same avatar everywhere

i just dont like my default but i also don't want to pick one

look at this dumb lookin thing [redacted]

Heh

then just upload a 300x300 transparent png

that's also lame

rude

never realized ---

How can I link a wallet to a threat group?

the bug hunter role color is solid

btc wallet, stuff like that

shoot em an email and ask if it's theirs

I have no experience with blockchain intelligence

wdym?

me like color

i guess by seeing them mention it in whatever stuff is linked to them, or if you know other wallets that belong to them and seen transactions between them

I've used dorks in the wallet and their wallet transactions related, but found nothing useful

plus sites like bitcoin who's who and related

do i need to do /verify every time i wanna update my data like if i level up, or will it do it for me automatically after some time?

should be automatic

give or take a day

Update: I dit it, just a few (much) of research and google dorks

But... I did not receive any points of it, since I'm the first user in complete the room

Mooo

Oi, leave my pfp alone.

Is this tryhackme?

Absolutely

Then if you'd like help, please use #room-help 🙂

Ok, but since it started like a normal general topic, Im letting the message here

Thanksss I wrote in the #room-help channel :)!

I agree, I like the Bug hunter role colour, it really stands out.

Hey

Sure, what about it? 👀

Big worm incoming

OCR training now, Y'all behave 👀

Guys

I have a question

whats up

Good day everyone.

Hope everyone is doing well.

Nothing to see here...

Is this for real?

Bruh

Someone posted it in a group I follow. Not surprised

Ah.

Still

Gotta utilize a worker in every possible way

“The server is offline but the bathroom is occupied”

blocks toilet
overflow shorts out servers

When you forget you have to make a server room

Hmm, is there airconditioning in that bathroom then?

extractor fan perhaps

I wonder if its plugged into a shaving socket 🤔

I'm always kind of worried for sockets that are near sinks in the bathrooms

I was wondering where my server had been infected.

Why do you wonder that?

Like you feel slowness or?

Possibly a virus or someone pissed on it

is it located next to a toilet?

Yes

Datacenter Region: Bathroom

I just completed the sqli room,although the sqli was fun it was mostly used to find username and password for the most part using brute force

Which I don’t think is practical

So I was wondering what else is sqli used for

In my country you can only have an electric shaver socket. A light switch can either be a pull-cord from the ceiling or be located outside the bathroom. Showers are required to have a pull cord safety switch

lol, that's okay. In America they have light switches you can't figure out what they operate, meanwhile as you're flipping it on and off trying to figure it out, in the next room someone's pc keeps getting shut off because the light switch controls the flow of electricity to the outlet the pc is plugged into 😂 😂

Many baths don't really have sockets in the bathroom

Or are at places where they can't get wet

Btw is it easy to make our own e-mail service, just for ourselves and our friends?

From what I am reading about SMTP, we just need an SMTP server for sending mail and a POP/IMAP for receiving mail, correct?

I haven't seen a pull cord in decades

My shower switch is outside the bathroom.

I have two pull chords, one does the light, the other turns on the fan.

Yeah that was a funny one! Tragic considering the circumstances

The first one I saw was the light switch in my nan's house over 40 years ago. Most people have the switches outside on the wall

The bath into which this shower is fitted is one of those whirlpool baths with the switch outside. It never gets used

I don't have any servers in my bathroom though

Oh yeah, me either.

Maybe buy a bunch and stuck them under my hot tub though.

Ngl I thought this was some sort of Twitter bot LOL

Like a news bot

lol feels like it

Does this server mainly run the toilet -f term command. 😄

I know! Surprisingly it's a true story from 2015

Also, Happy Saturday! 🌅

Hope it's a good 'un!

Hy all

I bug with discord in firefox if i witte hello and press space bar return hellohello

Wtf

Happy Saturday to you too!

I think someone else had this recently

Happy weekend

@devout palm Mind if I DM?

Why there are so many subscription rooms?

Number of Free rooms > Subscription rooms.

Free rooms: 557 (minus 19 for AWS path) = 538
Subscription rooms: 231

Ok then im just unlucky to hit 5 of does in pre-security

A lot of the walkthrough rooms are sub while the challenge ones are mostly free

All paths contain subscription rooms.

Word has it **DesKel **is not as active on THM. If I submit a write-up for a room created by DesKel, will it be reviewed and approved by the creator or THM staff? I just submitted one for CTF Collection Vol. 2

No, it will be DesKel.

No, go ahead 🙂

Thank you.

Gave +1 Rep to @sick lance (current: #1 - 2160)

I like how THM doesn't force you to purchase a sub by having 65% of the website free.

Actually 70.685279187817259%

Did you discount the rooms you can't do due to the AWS path license requirement?

I filtered the search

Do they appear as a free category?

Yes.

Right, i didn't.

557 free rooms, minus the 19 for AWS. = 538

Which is 66% of 817.

How many rooms are there in AWS path?

Oh 19

Still, a significant amount of content is free. Thanks THM for that 🙂

Quite interesting. Just 30,039011703511053315994798439532% of the rooms are only for subscribers

Hello @silk wadi for the privacy of our members, we don't allow this sort of work without speaking to the Discord admin team.

No?

uh?

Did i make a mistake?

Heap didn't take out the AWS rooms, which are technically free, you just need an AWS licence, so it it's 65.8%

But there are 19 aws rooms right?

Yes.

so that will be 769 rooms without the aws rooms

#general message

No?

all rooms, free and sub

All rooms include the paid

how many rooms are there in total then?

oh lol

i made a mistake in counting then

Wait what for me, 66 pages of rooms, 12 rooms each

and on the last page 8 instead of 12

I counted it 788

as well

yeah same

thats strange

Private ones don't count

There is more than 817 if you include the private rooms on THM...

but why do we just see 788 rooms then

Some are locked 😉

Because they are in the admin panel -> https://admin.tryhackme.com/rooms

ur not gonna rickroll me

🙂

The question is, do they count then

Yes.

no?

who knows.

68.274% it is (Accessible free rooms)

Ok lets change it. 788 accessible rooms. 19 AWS rooms so that makes 769 rooms. I counted 231 subscriber rooms. 100 × 231 ÷ 769 = 30,039011703511053315994798439532.

What is the math behind that? Bcs i dont get that

788 All accessible rooms including paid ones and AWS
538 Free rooms AWS not included

538/788 = x/100
x ~= 68.274

ah you counted the AWS in the total

Of course, they do count

Idk, subs cant access them either. But when strictly looking at the total, agreed

But im going to continue my room 😄

Guys

Girls.

have can I get permission to use voice channel?

You need to verify your account.

thank youuu

:p

Just got resi 4 for vr and daaaaaaaamn

Nothing on RE7.

Hello

bro is it possible the room maker disabled sniffing mode in wireshark. every time i try to sniff i get denied

Couldn't run /usr/bin/dumpcap in child process: Permission denied

@mossy river Sorry uh, i forgot to enable ping while replying

I can't get resi 7 or 8 on my vr sadly

@sick lance

lol

pirates make instagram accounts and use them like other people.

This isn't what we do here...

Please have a read over the #rules again please, and decide if this is the community for you.

Please don't do this, it shows impatience, somebody will help when they get a chance.

okk

Quiet chat

Don't everyone type at once 😝

Ok 🙂

🤣

shame shame

I can't even read the messages

skill issue

you should scan every qr code you see online

agree

lemme just get a qr

it totally doesnt gimme ur money

Let's not promote bad advice in a public community space please.

hi

everyone

Hello 👋

i have a question

can you help me

take your shot @astral nova

im sure someone will have an answer

ok

i started learning a while ago about cyber security but i still don't know if i should do offensive and diffensive at the same time or choose a niche from the start

Just go with which one you like doing more? not sure i understand the question 😅 or just keep trying stuff out

depends dabble in both. see what you like

I wouldn't suggest chosing a niche from the start. As both sides are just beasts of their own, but I also feel there is a need to know both sides as well. Once you have an understanding of defensive and offensive security then its time to decide if you like red teaming or blue teaming more and branch off from there

both types kinda lead into each other so its nice to know both

some of both

not know

now i heard that it is best to choose a niche in cyber security when you start learning but when i asked another freind of mine he told me that it is better learn everything as it would help when you are compared to other candidats in job apllications

It would be impossible to learn everything. You need to have a solid foundation.

well yeah cyber security is a very broad term. What interests you thus far?

Starting with the material that is covered in Security+ is a good start

what are the qualities of each team and is one better than other

You can look up the purpose of each, but neither is better than the other. They both serve their purpose

Solid foundation, then specializing

as @clear jackal said, sec+ is a very good starting point

what is security +

A certification

how much is it

https://www.comptia.org/certifications/security

but doesnt it expire in 3 years

The baseline cybersecurity certification provided by CompTIA

my bad

wrong person

how much does it cost

depends where you are located

no problem

morroco

click on the link wiz sent

I didn't say you have to take it right now, just use material from learning material around it to build a base

it should tell you the prices

Processor Messer has free material on YouTube

You can watch Professor Messer

Processor 😆

but personlly i dont think taking a cert is necessary unless your trying to get a job

I never did the cert. I just covered the material. I am the proud owner of 2 certs, and I don't even think they mean anything lol

Yes, certifications do expire. However, information changes over time and there are multiple paths to renewing. You can retake the exam, get another certification and use those CEUs, etc

ah

i see

i am still in high school and thinking of getting as much knodlege as i can

Damn autocorrect

have you tried tryhackme gold?

i signed up yesterday

do recommend it, especially if your just starting out or even if you're experienced

good

but only the normal version not gold

i ment that as your name

#general message

Here's a recommended order of Paths by shadow 🙂 I'd suggest taking notes as well

Because you forget after a while not touching it

I have been sent a game to test by someone with a lot of mutual follow. I have trusted and opened it blind. Website looked good, the profile too.
It has launched terminal on my mac. After checking I know for sure it was a malware with a least a crypto stealer.
It asked my session password but I didn't imput. Yet I'd like to know what it did exactly. Can someone help me with that ? Virus total thrown tons of alterts:
https://www.virustotal.com/gui/file/07f74e89ea0e034f08d9a025797f78689753adb466ab088fcdfb0ae82d11e0af

This might be urgent

Commas are important lol

yes lmao

Let's eat grandma.
Let's eat, grandma.

do a malware bytes scan

Malware discussion is reserved for the advanced channel

ok tnx

do what ever scan you can get

Whoops, he got muted

As far as cleaning your computer, use Malwarebytes or reinstall your operating system

@sick lance lets not promote bad advise in a public channel 😛 LOL

?

what bad adise is there

advise

eating grandma lol

detect nothing

Malware is restricted to the advanced channels

i regened and redownloaded my .ovpn file, and sadly still not connected

I was typing then Jabba jumped in. >:-)

I think it's a miss click

hate miss clicks

You're been long enough dude, #site-support

defender and malwarebytes got nothing? change passwords to be safe in case it stole tokens not much else afaik~

Just clense the computer and leave it at that. 🙂

monitor

just monitor your computer

i wasnt even fully done with my question haha, i wanted to ask if using mv and moving the new one into the old file should work?

I could maybe relaunch and monitor network ?

how can I do that on mac ?

We are not helping analyse this, please stop asking and ignoring.

mv command will replace the file if it already exists afaik

what ??

Please consult a specialist, potentially at a local tech store @glossy glade

Trusting strangers on discord is really silly

can't we discuss and find help here ?

No, that is not the purpose of this discord server

And you shouldn’t trust strangers on discord at all

if you knew what you're doing with malware there is an advanced channel for it but you dont so just get rid of it, scan and change passwords

i love wireshark

I have thousands of password.

zeek was the only network analyis that i kinda struggled in

i got it down tho

They usually only target certain stuff, discord/social media like ig,facebook,...

well

gmails

they target what ever they can get there hands on

i mean yea, but like.. why would they care about a login on some random website vs the login to their discord account or so 👀

well a random website still has info on it

I cannot find a mute for the user 7a.u.r.u.m9#0

cause people reuse passwords

Accessing passwords in keychain on mac require password. But if there is a keylogger installed they will quickly get it

they dont steal passwords, if its similar to the other ones i've seen, just tokens so they dont have actual passwords

so they just focus on grabbing tokens for things they can use; eg. discord token to steal discord account and spread it further

Can you please stop, you've been asked to stop, if you continue to ignore you'll lose the ability to speak temporarily.

true but that wouldnt stop someone from also getting there password if they could

wtf ??? we are just talking

thanks @sick lance

Gave +1 Rep to @sick lance (current: #1 - 2161)

why are you targetting me. Isn't this a discussion discord on infosec

You're not being targeted, you've been asked to drop the subject on the malware.

We have advanced channels for this sort of topic.

what's the point of generl channel then

https://tenor.com/view/rage-shark-game-gif-5262477

Chat

general means everything

wireshark

general chat

and we are chatting right now

@crude stump