#general

thats a great question tbh

If you're not purposefully going to do it, you won't. the GUI has gotten good enough to not really need to for standard stuff

many time wordpress had issue with cms not loading in admin area. not sure what isse is on you side. just im not shocked that is not loaded

but like if i see a tar atm i get panic "whats this again and how does it work" and if i use linux and stuff more i guess ill be more at easy

I've been at it for days now, but I'm really pushing to finish setting up the room. Just need to wrap it up so I can get that certificate and finally wrap up the course!

i also want to install my own toolkit so i could just do thm on my host machine

it sounds like you haven't started the attached vm on the page

okay, so i have 2 accounts i wanna hack since there my own accounts 😭 and like i wanted it back

so i was wondering if anyone knows how to hack stuff like that with out knowing the password

hmm... try #room-help or #room-bugs post more info there

@sick lance

also one of them as hacked by a random person

tnx

i wanted my account back ☠️ so yeah

scrubz or @mossy river can help

and be patient. might need some with more info to respond

scrubz is our elite hacker, also @shell nova

oo tyy

Hello hello!

This is illegal, you know this. Right?

i didn't know

it was my own accounts

one of them got hacked

That's not very 1337 of you

and even if i used my email or phone number to verify it, i still didn't got it back and the hacker changed the email in that account just everything

But it's true

Which platform?

contact support

Ah yes "This is defintely my own account even though it has no connection to me, the hax0r changed it"

i tried, dosen't work

Then we can't do anything for you.

Any attacks would be illegal.

oh okay, thanks for the tip

I hate reading legaleaze

Also, the accounts aren't yours, you just have permission to use them.

it was

o pls tell me more... aside that i love to read books and so. i hate language how legal things and so are written 😦

☠️

Which platform then?

it was from a game

anyways it's i will get help somewhere els

😅

Probably not

I have to read laws to figure out what I have to make to comply with the law

What did I miss today

Please have a read of the #rules if you're going to stay in the server. 🙂

eh dw about it, i 'll get it back somehow

Any important updates.? Regrading to cyber

thanks but im not doing anythign towards you guys

Gave +1 Rep to @sick lance (current: #1 - 2188)

There's more to the rules than that.

that was all why i joined here to get help nothing less nothing more

thanks anyways, bye bye

indeed... same thing... when we have customer from other country i need read law's of that country to make sure that what we do is in comply with them, + in comply in laws with my country/work to be sure that we have GO with work

Flowmon, cisco, google meet

Oh let me do some recon , thx for updates

yeahhhh, this is a new law that just got implemented like this/last month iirc and it starts in effect in June

so we have to comply with it before June

Bleeping computer, hacknews, hackread and darkreading are good new sources

I see

heeh... yea... ik the struggle 🙂

Also cybersecuritynews.com

Did they remove the ability to add a gif on your profile pic?

which means I have to make an app before June

🙃

or "remake" after june ehhe

Like 2 years ago?

Maybe longer

no, as in, there's nothing now and I have to make something from scratch

Wow that sucks

Oh wow was actually back at the end of 2020

Any reasons why they decided to remove it? Just curious

this is what the law is, oh July not June, I keep changing it up
https://www.grantthornton.dk/en/insights/articles/news-2024/new-requirements-for-registration-of-working-hours-adopted-by-the-danish-parliament/

I think it caused stuff to be slow but i might be wrong?

Yeah, it slowed pages down.

figured out my issue. Had to add this to wp-config: define(‘CONCATENATE_SCRIPTS’, false);

yea... thoes things can take time to addopt and is pain in ass

Won't most large corps have that already anyway to log OT?

yuuup, it's now adopted and we need to comply by July 1st

it's not just OT, it's all hours you work

Hmm, okay. It’s odd how the people who have gifs pics are still present, despite it causing a slowdown to the server

people found a way around 😛

they hacked the site

"Employees are only obliged to register deviations from the agreed and/or scheduled working hours"

They option to add them was removed, people who still had them got to keep them, and there is a way to add it.

Says in the article

OT isn't just "scheduled" hours.

OT is "unscheduled" hours, or after which your contract states.

yeah, which means if you're timebased there's not a scheduled working hours

Right, that makes sense.

and many people are hourly rated/time based

I guess lots of tradesfolks will have to adapt to this

we are the first country? iirc to implement this, but it's actually an EU legislation that goes out to all member countries

The Danish lead the way... it'll be 3 decades before the NL will do anything since we're stuck at the moment politically

Anyway, back to Malware 💀

Well, I wish I discovered thm before they removed the ability to add gif ahaa

for sure read and comply in start is quite crap to go trough... later you kinda know what to do in case or two. also from my experience i just read new or changed rules to go with it

It was also removed due to accessibility as some users had like proper flashing gifs that could hurt users with epilepsy

yeah, luckily all I have to make is an app that tracks hours in total, not allowed to track when they started or ended, but just a total of hours worked that day

fair yea

though it has to be GDPR compliant as well 🙃
and ISO27001 compliant

Ahh interesting, thanks for the info

Gave +1 Rep to @near hawk (current: #64 - 107)

GDPR wouldn't be too hard since it's fair use

I recommend this to pin

And you wouldn't be collecting new data (I hope lol, I really hope an org has employee details somewhere)

yeah, but then how long should we be storing said info and what info are we allowed to store, what data can people request to have deleted, etc.

ISO also can take hard to comply and so. from my side. newer liked it... but then is not up to me heh 🙂

it needs to go through that too

Can't this fall under the umbrella of salary payouts and financial administration? A company should have a privacy statement for that, add in the app, do not use additional data other than what the company already has, then declare fair use? I am no expert on GDPR, but the app itself doesn't gather data so it should be simpler, right?

lots of things to have written down on paper

it's not related to payouts though

it's for general worker safety

Nice. They have indeed found ways to make shit complicated

Then again, I work for the government, I should know

Thm literally teach you 😉

indeed... but it is nice thing to go through... can learn fair of usefull things

That’s awesome, looking forward to it!

Lucky

I tried to get in but couldn't. They just rejected me without a reason why

😭

Not sure what the reason was

Though

What did you apply for?

Spent 3 hours on 1 issue which seems about to go up to 5

Luckily my last day today

why read manual when you can spend 5hrs on try and error 🙂

It’s to do with high disk usage with multiple applications going high to very high back down to low and repeating

Tried upgrading it but didn’t seem to do nothing so now time for an sfc scan and DISM check

Which the sfc has been running for 30 mins

i have no idea what you just say but if you solve it... then nice work 🙂

Ahh windows and in the task manager the disk usage is at 100% with multiple applications switching places

https://tenor.com/view/fuck-microsoft-fuck-microsoft-space-force-meme-gif-25356722

that make more senses

Its a mac that is using parrallels

Yurr

And google!!

Volkswagen was hacked

das auto

19000 documents stolen

customer data or company internall stuff ?

Seems to be development of petrol engines, transmission and dual-clutch transmissions

that is not sounds good to get hands on =/

Attributed to China

Which is, honestly, not a suprise at all

China gonna make vw clones now?

and i can't "hack" my 3d printer to get perfect flat hot-bed 😦

dumb fuck printer

Awkwardly waiting for a gym induction at a new gym. Waiting outside… pressed the bell twice…

Nobody has come down yet 🫣

Time to open up the calculator

Exactly

Just stand there and look tough. It may be a test. 🤣

How many times do I ring the bell, I don’t even know if it works lol

I might just call and be like.. hi I’m outside

That sounds like an idea..

Maybe they're running late? Don't expect people to show early?

The number they provided is unabailable

Jabba went to a scam gym.

Am I on a prank show or smth

I feel like a clown

call them and say there is fire on gym 🙂 and check how fast they come

call them

something tells me that won't work

I have yet to encounter a gym where you have to ring to enter

some private places but rare

how do i set up gobuster on windows?

normally a key or scanned id at that point but on the first day can't really do that

Someone's garage aye

No bother, brought me crowbar

do you have go

no

can u send link for download>

?

Use WSL, much easier

ok

also pretty sure it's just included with kali, if you already have a kali vm

ill get wsl

otherwise wsl

ok ty

i used dirbuster on windows... it's not awesome. Very much not

Wsl is pants for thm though

Netowkring is poor

i agree, windows networking is poor

WSL2 Is a lot better, but THM doesn't recommend it

Like I wouldn't put gold on a turd, I won't use Linux over windows 😉

Oouuu

Bruh Linux is so much easier to use I feel like

i read it that way at first as well but pretty sure he meant he wouldn't run it on top of windows, he'd run it native

Everybody is entitle to their opinion, but please no bruh

nevermind

Okay may I ask why no bruh

Ahh yeah that what I figured to but running windows native could work but I have no clue though how that works

I don't know you and I haven't chat with you I feel we didn't reach that level yet.

i meant running linux native rather than as a vm, lol
but it sounds like he's a windows guy for some unkown reason

Ohh gotcha make sense. I mean I just said that cause I say that a lot to people but If it made you uncomfortable I can stop

Indeed, I thought it was understood, by the analogy 🙂

man even i'm questioning wtf is being said now

am confused

Lol I know what you meant though:
Windows is windows. Apparently I know people who used windows 98 still teaching IT classes

Prude Linux user since 1993 🙂

okay good i don't have to disown

if I have to run kali and I'm using windows, I'd spin a vm I wouldn't use wsl

why ??

Also I've tried Unix

cause even with a bit of gold leaf it's still a turd

WSL = Windows Subsystem for Linux is a feature of Microsoft Windows that allows developers to run a Linux environment without the need for a separate virtual machine or dual booting. It means that windows is "in charge" of the whole process. Would you trust your Ferrari to a almost blind guy? 😉

*an almost

and yes shadow would trust their car to a blind person

Said no person who had to fix impacket once

as any sane blind person will not try and drive a car

why

eh impacket is not to hard to fix and make work

some times you have to risk

What about to a 8 year old?

python virtual environments work great

sparing that you got docker containers

How to download my cirtificate?

hmmm that is a bit more debatable

Huh?

Trying to get clipboard sharing working in KVM is kind of a pain this time. I don't remember it being so painful..

idk anymore

https://tryhackme.com/paths then scroll down a bit and look on the right side for the box that says certificate... it has a download button that works if you have 100% completion on the path

that’s up to every person. I wouldn’t 😂

Usually straightforward. If spice

Check if guest tools missing

spice installed.. maybe it's virtmanager that's messing things up for me..

Or not starting. Kde and gnome regularly have issues with autostart of vdagent/spiceagent

Manually installed guest tools..

It's all funky this go-around.. 🤷

Happens! Snapshot it!

I'm a xfce fanboy..

that is not from xkcd

old school 🙂

oh wait

XD

I entered the room I am currently learning and the progress is 1%. Then what about the room I have already completed? It shows like the above But didn't find the download button anywhere

yeah xfce is great

Nice one, shadow

lightweight and simple/sexy.. I love xfce.

ah-ooh, cannot upload pics. It shows completed paths on the left and "Next Steps" on the right

@void flame

if you wanna post images

don't forget that current bug with xfce that prevents spice-agent from working at all

Muahahhahaha

kindly received and i gonna do it

That would do it

what's the problem? not working at all or inconsistent?

hey there fluffy

I've been searching the internet for two days and I haven't seen anything about that.. wth?

is it possible to buy vouchers for the AWS module rather than directly buying it for an account?

Hey honey!

copy/paste guest<->host

shadow ignores the host to guest copy paste problem by running nearly everything on their host instead

Just can't get clipboard shared. 🤷

yes this is generally a bad idea

Hello guys , can i use the attackbox in thm to scan my network 😂

Nope

Okay !!

dumb question, but you're not mixing up the spice guest tools and the vdagent right
and the spice agent is actually running

https://forum.xfce.org/viewtopic.php?id=12661

sometimes it's the dumb shit so figured i'd hit ya with that

that's not the exact thing, but it describes the behavior pretty well

I've got guest tools installed and spice-vdagent is/should be running.

there's a bug in xfce i remember seeing on the xfce repo and forums that vdagent and spice are not a priority to fix

something something "red hat stopped supporting spice why should we"

unless i'm thinking of something else, that's moreso along the lines of autoresize not working because they use to incompatible systems -- no effect on clipboard w that bug

easy patch with a udev rule and a script

PITA having to do it at all tho

Spice must flow

it was related but separate - there was a change to xfce that basically made the spice agent look at the wrong places for clipboard as well

F

why does xfce have to be special

I'm about to wipe everything and just reinstall qemu/kvm and all deps.

@normal fable Spin up other DE there really fast. See if it's xfce related or os in general

I used to like KDE.. but I haven't used it in years..

I am kde main

gnome3 is good enough for me

fluff -- do you remember what you wanted fixed with windex

also, kde >

i use xfce kali tho ofc

kde kali feels wrong

kde has always been super unstable for me

No time!

I am biting the bullet and trying wayland kde

oh no i mean i don't remember what you asked about lol

https://www.reddit.com/r/discordapp/comments/16ufwxm/what_is_this_handoff_thing/ this just happened with me does anyone know if its normal or someone got into my account?

Av disable

like there isnt much about it

ahhhhhhhhhhhhh

that's right

i'ma take note

the escalation thing to be able to do that fully

lol i got gnome on everything cz it was just way better for me + stable

i try to remember these things and then immediately forget if i don't track it

wayland is good as long as you don't need nvidia drivers

It's actually not bad with nvidia now too

At least on plasma

yeah? last year it was hot garbage on fedora

Nvidia finally got around to push some patches

In nonfree drivers

i probably won't trust it to be stable for another year

Is not. But is usable

2-3 years till default everywhere me thinks. Best case scenario

More like 5-10

sounds about right

i think the only things that have been problematic for me ever since switching have been discord (crashes once/day avg) and hexchat (which is now dead anyways)

wayland is solid now

Plasma 6 ships with wayland session as default now

(not nvidia ofc)

So stable enough for that

(x still selectable on dm and bundled by default, of course)

Don't believe x is packaged with kde6 on fedora 40, you'd have to install that specifically now

unless they changed it

I got used to gnome on fedora

ew

Eh?

Distros maynoverride any of it, ye. Can ship with x only too

It's been a stable enough distro for me

fedora is awesome

i just have a distaste for gnome, lol

Fedora is bae

gnome 3 at least

Minor bug with my screen though

I think I"m on F39 now. I usually don't do the upgrade until the previous release is almost EOL

Eh that's fine

Tbf they keep the kernel up to date

i've had problems with other package stability

I'll give KDE a test drive..

Yeah hashicorp packages aren't up to date yet

i don't mind upgrading normally but ima give this one a couple weeks just because of how big this one rev is

wanna make sure kde6 doesn't have breaking issues

Hear good things about plasma 6 though

I had bunch of stuff to fix in 6

Mainly in looks department

did you install manually or packaged with distro?

Is fair

Endeavor. Autorolled

also, problems or preference?

Problems as in my obscure color theme is deprecated because 5 and doesn't work on 6

How is that one btw?

So i had to Breeze until patched etc

Nothing serious

Like it

Why do I always forget to find subdomains

Arch based though, no?

With arch repos too, aye

Basically only difference is installer and a bunch of utilities

Otherwise arch

And yay is there right away

Yeah I'm still too dumb for arch

Fedora good choice then

Yeah, solid for dev tools too

honestly, fedora is the most pleasant OOTB experience i've had in years

everything just worked

Yup

And fairly bleeding edge

Unstable there too if ya need it

Might have to try KDE again

not insane enough to run rawhide as a daily

i don't even change much with kde anymore

just a few minor tweaks that i can easily port to new versions

Same

i.e. search box changes, single click select double open, etc

Ok discord, y u so weird

I even keep the terminal

And install yakuake on top

also i remove the annoying taskbar from konsole and clean it up

Double click is now default in 6!!!

took em long enough

Ikr

Warp is pretty nice tbh

I mean sometimes needed in VM and stuff!

If ya wanna pull the backdoored xz XD

KDE had issues with screen scaling iirc

Ha

Mostly solved

Or at least display scaling

At non integer levels?

kde fractional scaling is solid now

Works with my multiple scruffy wrong DPI monitors at least

That was mostly the only thing that was annoying me

only issue i've noticed is on some builds fractional scaling makes virtviewer autoscaling have weird black bars

There are issues on wayland, but on X is fine

that's the only odd issue tho, and that's not something i see on all machines

Wayland is nicer though

Noticably smoother

AMD drivers on my end

So no nVidia bs at least

Bunch of software issues still. Like screen capture software.

Will have to see what I'll shove on my eventual wintendo replacement

Justbuse spectacle for now

I have fedora on a VM later I'll update to 40 to see the changes

Screensharing is ass backwards too

That's mostly because they can't deal with wayland

Works via fake video camera being created that is a screen

Etc

But usable now

idk obs works fine for me on wayland

i use it for video calling or recording PoCs and such

Sounds like a sufficiently hacky workaround yeah

Most of software has at least an alternative now

https://arewewaylandyet.com/

Kde x portal thing works nice tho. In terms of global hotkeys for X apps

Helo

Can have them

Previously had to focus a window to send a hotkey. A setting with security warning now

when windows wayland

Never

when nvidia deciding to not be bad on linux and help build up wayland support????

It works!

obligatory https://youtu.be/OF_5EKNX0Eg

Yeah, about that...

Who da guy in the vid

I have seen him somewhere

it works on shadows brothers gtx 1060... just not very well

linux sebastion

https://en.wikipedia.org/wiki/Linus_Torvalds
glorious creator of linux and git

And a bona fide git

Ah thought I saw him somewhere

y'all ever look at the first commit messages for git proper

Probably entertaining

they certainly can be

lemme grab

pretty sure i saw something recently that said git was able to start tracking git on like the second day of development

which is very git

git using git for making git which is used for git but is then made for git

https://quintero.io/oss/git-yolo/ best git plugin after git blame-someone-else

here's part of the readme for the very first commit of git with git

"goddamn idiotic truckload of shit" takes the cake for what git means

Ah wait I was thinking of this plugin https://github.com/atongen/yolo

Whatever both are good

@shell nova my ee companion

Wanna see some tech Gore?

Oh dear

That looks very similar to a person I know...

Hit me

Trace went bye bye

https://tenor.com/view/slap-gif-25249881

k

Looks like someone needs to resolder something

Epoxy...

Torque from the SMA went snap and lifted the track too

Oops

Is that the ground trace

Signal

The gnd is either side

Oof

Through the cap as a signal trace

Low pass iirc

Epoxy, toothpick and pray..

RF so impedance sensitive-ish too

Yup

That'll screw up the filter a bit

It's an amp

My boss has a plan with some semi rigid coax to get it reasonably sorted

Ah yeah ok

It was cheap from AliExpress

I mean c19 looks like a filter cap

DC block

Yeah

Need to get back into circuit design, all that software has rotted my brain 😉

I want to learn some proper RF design

The maths are annoying and hard

And I want to uh... Adjust the circuit a bit.
It has a nasty switch-mode PSU

And involves calculus

Anyone installed Bwapp on TrueNAS Scale before?

Induces nasty harmonics?

I'm getting my head around impedance and reactance

You can hear it being bad, the current draw spikes every half second

And reactive power?

Not a clue

Current focus is tuned circuits

I want to be able to do matching though

RLC?

LC usually

good afternoon all is there any active coupons for THM anyone is aware of?

Always some R

That doesn't change your phase though

I'm still getting a handle on phase and why I should care, slowly getting bits

That's where the reactive power comes in

And power factors

Only recently figured out crystal sets and why you tune the tuned circuit for high impedence where you want to RX

And why the electric company bills kVA and not kW

Getting my head around fets and bjts too

Generally the voltage they operate at

Well ok one is driven by voltage and the other by current

Equations are mostly the same

is tryhackme down ? When i try to access the site i just get a blank page

no

Yep, current vs voltage has big impedance implications I think?

that's strange I'm on no issues

Okay. I'm on KDE now. It looks pretty nice. Just need to customize some stuff...

A FET will technically let no current pass

Gets really weird in amp mode

Between the... Gate? And the load?
I don't remember which is GDS

Hello guys, I hope you are doing just great. i am working on a project that i got this error:

A potentially dangerous Request.Path value was detected from the client (:).
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: A potentially dangerous Request.Path value was detected from the client (:).

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:


[HttpException (0x80004005): A potentially dangerous Request.Path value was detected from the client (:).]
   System.Web.HttpRequest.ValidateInputIfRequiredByConfig() +9941568
   System.Web.PipelineStepManager.ValidateHelper(HttpContext context) +53

Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.4076.0

my question is can i report this? or witch attack scenarios can i perform?

wall of text

Watcha attacking?

Gods I don't remember anymore but yeah I think it's gate to sink

Also asp request validation reeee

@loud marlin Found a Ender 3 for 800$

Should I get it

man idk if that's twice what it should be or half -- i'm so disconnected from 3DP rn

even more than twice

But since a FET works using quantum black magic...

that was my gut feeling

i thought E3s were like 300 nowadays

thought that maybe a new version came out with that price

Work for me

Feels expensive anyway

Idk what is happening... everytime i try to access something page is just blank

Any proxies configured?

Or VPN?

Is it your network or a work/school/etc one?

yup, mad cuz I wanted a 3d printer and it was infront of me but I don't wanna pay 800$ for a 300$ thing

dm me link if you have or so

Nope

My network

Hmm so not likely to be filtering

@buoyant tree this is ender serries price
https://store.creality.com/eu/collections/ender-series-3d-printer

yeah I know was joking about buying it

Physical store

I've just logged in etc fresh and it seems to work
I'd ask in #site-support

Okay. Thx for your help 🙂

Gave +1 Rep to @naive violet (current: #2 - 2128)

i love u tryhackme support

That’s a long streak

what de heck steam 😔

Hello

hello

anyone know anything about kona WAF

Kona SiteDefender (Akamai) WAF

oh my.. Offsec jacked up the price for lab access again..

nothing like watching a good storm

If you have a question, it's better to just ask instead of asking a question to ask a question. People may not know the answer, but they may be able to put you on the right track.

Oof

lol yes google is barren atm of kona news

Yet another reason I need clipboard share host<->guest.. I kinda want to do the lab thing and OSCP material again..

tried KDE, still not a fan

¯_(ツ)_/¯

Mate I think

It depends on the edition you got I guess.

3 flavors. Cinnamon, MATE or Xfce.

got used to gnome I guess

https://youtu.be/pJrIvACD4Zg?si=gsXfGoy0S3rQ3X-b

Hey uhm this isn't what this looks like

not robocop

https://tenor.com/view/cartoon-gif-20960129

I mean robo cop isn’t even ai. Dudes a human

*was

Well he’s still human tho. Just with robotic parts

Cyborg

Why there's not profile link option for thm in hackerone

who knows if that isn't what they did

chucked a human brain in there and called it a day

Cyborg

Very true

Talking about robots

Yall seen the robot dog with a flamethrower that’s for sale

With a flamethrower?

Yes

woah

$9,420 for a flamethrower robot

Why was the flamethrower banned?
Despite some assertions, flamethrowers are not generally banned. However the United Nations Protocol on Incendiary Weapons forbids the use of incendiary weapons (including flamethrowers) against civilians. It also forbids their use against forests unless they are used to conceal combatants or other military objectives.

guys when I do an ifconfig im not seeing my tun0 ip address. Upload Vulnerabilities task 5 says I need to replace an ipaddress in a file with my tun0 ip address. How do I find that?

ifconfig...

if tun0 is not showing up, you're probably not connected to the THM vpn

I'm not intentionally connected to the THM VPN but I thought that the attackbox automatically connects?

Use the 10.10.x.x IP for the attackbox

I know how to find my attackbox IP. what im now trying to do is figure out why I can't get a tun0 to showup when i ifconfig, Theres something i dont understand about this... how do I connect to the THM VPN? im gonna read that dcument u sent me real quick

There is not a tun0

There does not need to be a tun0

Use the attackbox 10.10.x.x IP for your reverse shells

okay so then why did it say specifically to replace with tun0 ip, it really bothers me that i dont get this

It’s banned in war

is it just saying that assuming im connecting using openvpn?

It’s not for civilians

Yes

yes

And I want to buy it

its a cute dog

its also got wifi and bluetooth and a hour of battery life

Only an hour??

Bring that pup to me.. I'll load it up with more batteries. lol

It’s really is lol

Can I get the puppy version?

Yeah for 5 grand 😂

I wonder if my friend's dog would wield a flamethrower... maybe if I gave her cookies. lol

does anybody have a good resource for drilling reverse shells? I feel like I can follow along with instructions but would never be able to do a reverse shell by myself...

or is that normal to not be able to do it yourself

There are too many. Use a cheat sheet.

ok

thx

ai will never ever replace human brain

https://www.revshells.com/ It depends on the environment you need it for

well ,for now

I was just about to post that. 🤣

i think it will never

Too fast for you

Usually. lol

I should go grab dinner

Currently going down a rabbithole which I really don't understand, Offsec owns https://www.exploit-db.com right?
Or atleast has some major part in it, no?

grep dinner

grep not found

yes

humans can't even recreate a fly, claiming to be able to create a system that simulates the human brain is beyond madness imo

ugh

yes

touch dinner

Hmmm

permission denied

cat dinner

touch mom

dinner not found

import mom

mom not found

upload mom.exe

Then, got any idea what this is https://www.exploit-db.com/ezines/ ?

Doesn't seem like something Offsec would put there, and it's seemingly from the old IRC times, and I have no clue what this is, thought asking here could help

file mom.exe too big

ls -la

mom too far away

import cooking

module not found

import JustEat

no module named "JustEat" did you mean Eat?

N

System is compromised , need a reinstall

$ whoami
whoami : command not found

pip install Deliveroo

yeah that could be an interesting rabbit hole

money not found

please only use pip in python virtual envs

why the actual fuck can't i paste links or anything here anymore

dinner is made

discord is so broken

no more clipboard

glorp 👽

check g0tmk1k/exploitdb-papers out

Tuna pasta salad

❯ python -m pip install wfuzz
error: externally-managed-environment

× This environment is externally managed
╰─> To install Python packages system-wide, try 'pacman -S
    python-xyz', where xyz is the package you are trying to
    install.

    If you wish to install a non-Arch-packaged Python package,
    create a virtual environment using 'python -m venv path/to/venv'.
    Then use path/to/venv/bin/python and path/to/venv/bin/pip.

    If you wish to install a non-Arch packaged Python application,
    it may be easiest to use 'pipx install xyz', which will manage a
    virtual environment for you. Make sure you have python-pipx
    installed via pacman.

Check your settings to see if you have the feature turned off. Think it's in Accessibility

you're kidding me right

that's a feature to disable

no idea why it would be, unless they fucked w it in an update either

sounds just like a skill issue

i hate it here

aw

İ need help for upload vm thm

oh no.. my volume controls don't work in KDE.. 😦

@shell nova maybe add scan9 to creators-lounge

Okay

Where it?

hidden and only moderators and above can add you to it... hence the ping to hydra as they were in here just a few mins ago

did you update something recently? I use KDE and I have never had an issue with the volume control

I have been using the controls on my Corsair keyboard. They work in Xfce.. maybe I need to update or something.

can't paste cause fuck discord ig but also check out offensive-security/exploitdb-papers commit 952db7f

Now just write here

When I upload Ubuntu server with 5.14.0 kernel version, I get a concerted error

But I can upload it with kernel 5.4.0

I've never used corsair keyboard so I'm afraid I'm not help in that matter

I can google. 😉

Hi im having problems with my linux live machine whenever I try and useful wifi attacks, it goes up to 10% and powers off.the processes go up.might anyone know how I can fix that.

İts good go to google careers and apply jobs😂

of course, but if I had a similar issue I might able to give you some pointers, but it's 0 on this case 😂

https://en.wikipedia.org/wiki/SpiNNaker

Look how cool that is!

This is on my meal plan for tonight, twins

I like tuna and pasta salad. Never had them together. Sounds good though.

its on my meal plan for the next couple of days 😛

made a 6 portion meal prep and it's day 3

Today and tomorrow, the it's jacket POTATO and then Steakkkk

niiiice

jacket POTATO??

mine is with corn, peppers and carrots, and then tuna and pasta, then I have an olive oil/lemon/garlic sauce, and feta on the side

They use it to play solitaire, right? 😂

https://tenor.com/view/potato-i'm-a-potato-colander-ross-geller-ross-gif-1543807049054651694

I ❤️ potato

i am potato

i love you too

😙

I changed my thm account, do i have to change my token with the bot

First off, I just finished the Red Team stage
Unfortunately, the name was put in a way that I did not want, so I changed the name from the user settings and then went to issue a certificate again in the hope that the name had been changed, but to no avail. Is there anyone who knows how I can contact them so they can change this?!

Need some help from a python wizard if we have any here? xd

Yep - would you like me to remove your current account link so that you can add a new one?

yes please

Should have unlinked that now

okay I think I got it fixed

I lost myself, but fixed my billing issue

Unfortunately, once the certificate has been generated it cannot be changed

really not necessary

https://tenor.com/view/hungry-dancing-dance-food-eating-gif-16324802

trying to avoid the jr. dev 15/50 here, living on caffeine, no sleep, and trying to avoid the junk food

Last day of work finished

I am in the final week before a big launch, so going hard

@hollow pivot

Hi folks, Unfortunately, I'm targetted from a hacker.(I'm sure the hacker is from same company with me.It is very long story).My personal computer has malware. I can´t get rid of it. I tried everything which comes to my mind or finding on my research. I formatted my computer many times. Even my computer mainboard was changed Also I uses VPN however I couldn't protect my computer from virus. My computer has Ubuntu 22.04.4. I'm using Snort and Wireshark to understand what virus doing in my computer.

Those are my findings

• Virus infected Brave,Firefox and Thunderbird. If I install Chrome, It will inject itself into Chrome
• Virus creating enormous TCP connections using port 443. Sometimes Snort gives this kind of alerts
  WEB-MISC PCT Client_Hello overflow attempt [**] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 10.12.12.4:53508 -> 172.217.13.195:443

I would be appreciated If you help me about virus. The hacker and virus beyond my level 😦

Try downloading malwarebytes and use it to scan your PC

but change the name of the file when you download and install it, because good viruses are taught to look for installs and stop or infect them

I use rkhunter, lynis. They can´t detect the virus

lynis does not detect viruses

maybe it's bacterial 😂

How long ago was it you updated your ubuntu?

it is uptodate

before i was turn on live patches

Ayyyy, cool stuff

I can try it too. Thanks for suggestion

Gave +1 Rep to @near hawk (current: #64 - 108)

😂

https://community.sophos.com/utm-firewall/f/network-protection-firewall-nat-qos-ips/38950/web-misc-pct-client_hello
This is often a false positive

What else makes you think there's malware?

yes?

Could I share screenshot in here ?

The "exploit" detected is also from 2004, and affects Windows
https://www.giac.org/paper/gcih/611/analyzing-ssl-pct-vulnerability-ms04-011/106440

this is why you run lynis before a problem, it will tell you your weak points so you can harden your security

My computer has 740 tcp connections now

drop some nice in chat boys

https://tenor.com/view/thumbs-up-double-thumbs-up-like-agreed-yup-gif-16109683157885754862

what about the girls.....lol

I mean its a professional environment but

*educational

Not evidence of malware really, especially if you have programs open

I have that many tabs open...lol

Let me send you ss

Emotional support tabs?

mutli-tasking

Also "I formatted my computer many times. Even my computer mainboard was changed" what kind of malware can persist on that

NSA had some juicy bits that writes itself to your HDD firmware

unless he is backing up and when he restores, he brings it back

No doubt, but get all that trouble for somebody's computer. If he were a head of state, or something like that yes

you have to play the odds here 🙂

Yeah exactly

Eh, having a 4 year old USB which contains the malware and not considering it as a source could also be, just a idea

Of course probably we don't have the whole picture here, we have what people told us, that from my time in customer service/tech support it's with luck 1% of the real story 😂

totally

I'm going off what they've sent me in DMs - I'm 99.99% certain there's no malware anyway

anything that people don't understand is incidentally a virus or malware

and sometimes things people 100% trust turn out to be malware

I am going off the sentance structure, 99.9% user error

Please also bear in mind that unsolicited direct messages (sending DMs to people without getting permission first) is against the rules here

I probably have emergency kittens somewhere open

clearly, there are no girls on the internets. (That was a joke)

I have really emergency kittens, no need for the tab. This is Sunny, and Delilah, both good for emergency prozac snuggles

my cat usually spends her time outside, coming inside only for food and occasional snuggles

I'm thinking this possibility the hacker writes script. It attack my computer when i connected internet. The hacker also know my public ip

who is the "hacker"

@blazing granite Hey, please can we try to keep it safe for work?

I quit the using USB on my computer

ok, fair

Thanks I didn´t know it

Gave +1 Rep to @naive violet (current: #2 - 2129)

I didn't say anything NSFW, even I didn't use the full name, it was a hint, but OK

a hacker can't do much with just your public IP

The hacker is my colleague technically

yeah but it was a bit limit

took me a while to figure it out >.<

I think the new number is tech has 27% women, and growing

Please bear in mind this is a place of education, there are children here

I never got it..lol

that's getting better

don't worry about it

27% is still too little, and how much of that percentage is in core tech?

rather than auxiliary positions like say tech writer

would be interesting to see the percentages in CS/EE classes

25.1% of the current employed software engineers are women....except, they are only making .93 per every dollar earned by male coworkers

it was < 5% when I was in Uni

that's...better than I expected. Still bad, but not as bad as others

Hydra this isn’t men’t to sound rude but how different was technology when you were first learning cyber

Ik how bad that sounds but I’m generally curious

💀

I'm not hydra but the bosses at my company were there in the early days of hacking

Apparently it was way easier to pop stuff, but very specialist

Interesting

aye. Less stuff to pop, for one thing

I find it cool how technology advances each year

I missed out on phone phreaking

And communicating through BBS's

In the 90s it was insanely fast

I have a high end PC from early 1994 and a cheaper one from late 1994 would absolutely blow it out the water

Crazy

And how would they both compare to a Raspberry pi?

...poorly

Pi zero?

Same CPU as a pi

Even WITH a turbo button?

😄

The more tech advances the more security threats will face

Eh we're learning a lot

the more my eng sentence is long the more mistakes

I missed out on LulzSec

So James, you missed out on phone phreaking, but are making up for it by satellite phreaking? sounds like a logical step 😄

One of my favourite things is that the turbo switch was used to slow down the CPU

Currently on Shortwave

Just be careful not to whistle down the line... According to Mitnicks judge

You can seeeeeee the morse code

James, can you explain what i'm looking at?

Yo that’s cool looking

Alien signals maybe

Red is signal, blue is no signal, gradient is strength

Vertical axis is time

So you can see the dots and dashes of morse code in the right "ham band" section

Atleast more employment

Cool.

Just found a radio pirate speaking Spanish but it's not clear enough to understand

What would be sending morse code?

Doesn't help that my spanish is poor

What’s a radio pirate

In this case, in the ham bands, hams. Radio amatuers