#general

https://www.analogue.co/

Damn. £65-£75 refurbed. Probably more than I bought it for

you know this just encourages hoarding..

this is also cool but even more expensive sadly

It's all the people in their mid-late 20s getting decent jobs and wanting their childhood back

So for me, that would be.. NES, SNES and gameboy. Maybe I should build a thing that plays all those games 😄

Good Night

true. way to much that i would pay for it

and ralex would pay for anything

https://tenor.com/view/meatloaf-i-wont-do-that-no-gif-14831823

not this much for this thing...

woah!

You can get Mini snes, Nes and Megadrive/Genesis for like £80 and they are legit aswell

My brother got me a SNES one for xmas a few years back

I swear the mini C64 is as much as just getting a c64

For real though, NES games are hard to play - Can't imagine what C64 would be like

Some games on SNES hold up though, liike super Mario World

Have you done any modding?

To computers, Cars, games...?

i tried it, but don't have the patience for it

Snes mini is only good for the unreleased Star Fox 2 game.

Much respect for people who still add content to years old games like Fallout

Hacking is using a thing for a purpose that it was not originally intended for

For good or for bad

Zactly. I've never got on with the nsfw skins and stuff - Never see the point

Thats commnonly called 'Remapping'

Which usually voids the warranty, and makes the car perform in a way that it wasn't designed for

so yeah, In a way, it's Car Hacking

starfox/starwing/Lylat wars was a cracking game

https://youtu.be/-b3t37SIyBs?si=MY_cBSZffN6yguv4

jfc

Hey, What's the best customisation i could have for learning pentesting? Starting from the Kernel, OS, Tiling Window manager, Pentesting Tools and security based system..

the first three aren't as important as you think.

The pentesting tools will only be as good as your own knowledge and how you use them

Just use Kali

It's widely available, used by a bunch of people, and has the support structure someone starting out needs

I'm thinking of Arch OS with i3wm, tools from Blackarch repository, linux-hardened kernel or xanmod kernel since it's really good in performance and ram efficiency..

Well, Arch is it's own beast. You may find that you spend more time fixing errors and getting things to work on an OS level than actually learning pentesting

dear god lol

Going to assume you're going to ignore us, but you've got the cart before the horse at this point.

Have used before but not getting used to xfce or kde..

bet the 3mm3 will be shocked 🙂

I was just looking out for suggestions

Oh Moose, Never change 😄

I am me

why ? it's not that difficult

i think it's quite easy to use

Dude has a datacenter in his house

Also, is this in the positive or the negative lol. I can't tell

plasma - If you are learning something new, it's probably worth using the 'easy mode' platform, so that the tools will just work so you don't spend time doing unrelated stuff. Then have arch on another drive/VM to play with that seperately

Yes.

😄

Having to use mouse a lot💀 I prefer Window managers.. although it's a bit hard to configure from scratch.. I can git clone someone's dots if i don't want to go through all that process

So negative, got it lol

I am blunt, yes.

Anybody got suggestions for working with insanely big databases

Nahhh. You're Moose. one of the OG folk that helped inspire me to return

In what context?

Plasma - The idea would be to seperate the OS development stuff with the pentesting stuff, then combine them later when you understand both

did you use gnome then ? you can give it a try

Well, another reason is that I can use terminal file managers..

Trying to somewhat recreate a local version of goodreads

and yes, it needs time to get used to with something

found a few book datasets

Now mysql is dying

after I loaded them in

been stuck like this for an hour

guys

i am confused a bit

no need to make stuff harder than it already is, Plasma. Personally, I don't like Arch (Sorry Emma)

what is the difference between e and p in terms of capabilities

why would i give e instead of p or the opposite

they feel the same

E and P? Eggs and Peas?

What's e and p?

hahahaha effective and permitted options

.

Elephants and platypi

capabilities

If you're just looking for something to categorize your PDF/MOBI/ePub files, there are a bunch of projects on Awesome-Selfhosted

I appreciate it man.. better not spend time configuring stuff than just start breaking the wall into the actual work..

And tbh, I'm not sure what the output you're showing is trying to say

You have no errors

If you really want to do it, you can set up a VM and play with it as much as you want. And you would learn new things as well without breaking your system.

You use debian probably? What is it that you don't like about Arch?

The community isn't always as friendly to people just starting out and they have a very specific way of doing things, to put it nicely.

Just kali, but back in the day, I cut my teeth on Solaris Sun, Red hat and Fedora. As for Arch - No need, as I don't really want to learn about the machinations of an OS

I still have a copy of Backtrack3 somewhere 😄

You ancient

Hahaha

yeah I know about that

but just trying to make somethin like goodreads for a coding project

Yeah Thinking of running malwares and stuff for fun, It doesn't affect my main system right? RIGHT?💀😂

Some can.

Be careful with malwares.

What if it shuts off your CPU fan?

Unless you know what you are doing, don't mess with malwares.

Can someone explain sandboxing?

Malware discussion is for the advanced channels

And if you DO know what your doing, I'm sure the advanced channels would be better 😄

If you know what you are doing, you do it without needing to ask in discord

Granted

Explains why I'm online so much

Naa

We just chit chat here

I seen some Instagram posts about tryhackme doing something fishy while the morale of it is to teach ETHICAL hacking..

What is it about?

What?

If it was on the internet it MUST be true.

Right? It's not people

Nowadays actually it's not people

takes notes Not people

We have full of text generated by AI

kek

I want to see real person's thoughts and writing style instead of emotionless crap phrases

Haha. so My work laptop had a windows update, and installed this 'MS Copilot' AI thing. Which I suspect is just a rebranded Cortana. First thing I asked 'How to I uninstall copilot'. Was actually helpful, told me which registry entries to delete

Lmao

Like using Edge to install Chrome

edge is too slow

The thing is - I never properly used debian systems when I was 16 just installing Kali and doing some OSINT, learning Networking but as I turned 18, I got into Arch and it has been my default so far that i don't know how any other thing works and now, I'm 19.. thinking of switching to Gentoo, just to see what's different..

uses so much resources

Brave is better.. by far the best or you can check out Thorium Browser..

Funniest thing i saw today kek

chrome has been using a lot as well lately

i use chrome

but yeah

Delete that thing fr, if you need some privacy....

last thing i care about is privacy

:P

If your priority is speed and performance.. I would delete it too lol.. there's not much differences you'd see with brave or Thorium if you want to use Google Search Engine

i have so many add ons

that is specific to chrome

:P

what do you mean ?

"small home lab"

Lies~

I'm talking about blogs, news, simply texts that are on the internet

oh, i get it now

it's a harsh truth

https://www.youtube.com/watch?v=oSVPkuplVRY

This looks fun lol

when people don't find what to do

shadow should play more dragonfable but they are tired from farming

not dat good for cooling tho

ltt did tea for some brit

Established network connection with pid -1, any direction on how to find actual pid or process. Have got a mem dump

I use kali with i3 and honestly it is better than Xfce or kde.
Using mouse to such can kill productivity

Someprocess are unlinked and not avialable in pstree , found them in malfind.
My guess is they are making connection

meep moops shadow is feeling bored so time for sleep sloops to the beep boops

Embrace tiled wm superiority

Mouse, bah, who needs that...

Night shadow, sleep well.

Think I'm gonna hit the hay too.

https://tenor.com/view/happy-early-birthday-now-gimmee-gif-15731324811646516558

Oh damn I want that now

Also please tell me the staircase behind her is a greenscreen? If not, I'm going to explode from envy.

I have just reached my 7 day streak. What does it mean by Access to networks?

Just ordered the cpu and gpu for my PC build

Means you can now access not only single-machine THM Rooms, but also Multi-Machine networks that THM provides. Those are usually a bit more costly to run for THM, thus the streak requirement.

Ah okay, Thanks!

I am just waiting for the 5xxx gpu to release so I can buy a pc that has it lol

5090 TI SUPER

Ahaha, not looking forward for its price though

2700$ is my bet

although one that's not good for anybody's wallet

Back then when 1070 was first released, I spent 1k on it, now it costs 400 to buy it, crazy how much it went down

But look at how much power the 4090 has now compared

Hey Toaster

Ive got that .net malware

Thanks

Right, and 5 years later the new gpu will obliterate whatever the 5th series was ahah

How did ya do it?

Moores law?

Malfind, vads, volshell.

malfind is a cheatcode in life

😂

100%

👋 Good evening 👋

On the bright side, the 5th series should be cheaper than before, but me personally I gotta get one as soon as it's released since my current pc is on life support rn, lol.

Hello

Would they consider me as a better applicant for an IT position if I am forklift certified?

waves

ah fuck, it doesn't make the entire thing italic

bring back irc

I tried to make AI help me debug

instead its telling me I am using a library and functions that I am not

say this three times quickly - humuhumunukunukuapua'a

nah i can't

AHHHHHHHHHHHHH

guys

i wasted 2 hours of my life trying to do something

on TryHackMe

in another word reverse shell for privelage escalation and guess what?

any certification helps in IT

it was because the backup.sh didn't have excutable permession...

i didn't know that and the file itself didn't have it

and the website didn't show it

too annoyed ahhhhhhhh

that is unfortunate to find out.

that's most problems in tech

missed semicolon

spaces instead of a tab

wronng perms

sometimes it happens with simple webshells. always forget how to php right.

it's normally dumb shit like that

come on semicolon missing is easy to spot out, but when you can't know why the cron isn't running

i am very new

like semicolon is something but when your cron isn't working and no error message

hell

hahahaha

semicolon missing is easy to spot out
mhmmmmm

you'd think so

ctrl + f

add semicolon

find the line without it :D

not all lines require one tho

sure

spotting single character errors is pretty hard.

but that's very few

so that will leave you in a sea of nonsense

i would say more hell would be

eh spent 4 hours debugging a issue

and +

and found out it was capitalization

errors

just today

i was working on a bug yesterday and it turns out it was just because a very specific website doesn't work without www for some reason when it does in the browser due to a redirect

spent idk how many hours

ahhhh

these errors

too annoying

especially when you are aiming to grind

learning

and you get stuck by

unspoken

error

like

the website i mean tryhackme doesn't mention anything about that

is writing longer sentences hard?

y

es

n

:

D

a

h

wasting hours of your time due to a rogue non-printing char or other dumb shit is a rite of passage

hahahaha

come on, it killed me

knowing that i just need permessions

ahhh

Whatever

If you need assistance with a THM room, #room-help is the best place to receive assistance.

Somebody suggest me a delimiter that isn't used commonly in anything at all

interobang

unit sep

asterism?

i did ask or express my annoyance

thank u tho!

@buoyant tree saw something a lil while ago that commented you should use a comma in all your passwords so that when they inevitably get leaked and somebody shares them as a csv, which is obviously comma-delimited, it will break their parser

How to make money

me poor

my pc dies if i open two chrome tabs together

Thats a problem lol

dont use chrome then tho

lemme guess

also uses windows

probably

did you download drivers?

unless they use :

or just SQL

so add :'",

90% of the dumps i pull are csv lol

not as frequently raw sql

linux is my main os , just 4 gb ram and intel celeron processor

ahhaha

a gameboy would probably run better

AHAHAHHAHA YEAH MAN

im struggling

switch to curl

read the html

browser's are for noobs

AHHAAHHAAHHAHAHA

Its all fun and games until you find one of those MB sized pages

wait

waiting

#general message

fucker crashed my burp instance

Jesus lol

is not about drivers , is about my ram and my processor

😜

Dang

Friend hit me in our Mincraft server so I waited for him to disconnect, marked his spawn and dug a 3x3 pit to bedrock

But i got the CPU $100 cheaper than market sooo

Real

I just bought that CPU for ~250 GBP

deserved

I filled it with water at the bottom so he won't die.
It's more of a "I can take you out so don't mess with me in future" 🤣

I read that as GigaBytes/Pixel for some reason

yo

guys question

why people here are having 0x prefix

roles and stuff

what is that in terms of cybersecurity

@simple kernel

i mean i have seen alot starts with 0x in cyber

The 0x and the the number or letter is the representation of the rank in hexadecimal.

yes

i am aware

but

0x is hexadecimal

what is that related to

Oop

cyber

What do you mean?

like

Memory addresses use hexadecimal

sure, but i mean

not only you

i have seen a youtuber

called

Speaking of levels, I just realized I leveled up, but it is not updated here, how do I update it?

0x something

and a lot

Will update after a while

i was intrigued

Took like a week for me

Oh, okay thanks!

Gave +1 Rep to @gritty fern (current: #625 - 6)

yeye

Yeah its just something that a handful of tech related concepts use and it looks cool to me

i mean hahaha

i had an account in the past called

programX

on android

X is cool

Still not sure what you're trying to get at.

nothing nothing, i thought that maybe in cybersecurity

there are levels

that starts with 0x

not just the hex and memory addresses

like

real life rank

you know

Is it that hard to make that one message

I don't, but I can tell you real life isn't a video game and people aren't ranked that way.

sure, but one person's level is different than other you know

just like in police you know

Also, the small single word per line messages are quite annoying.

annoying for the reader who isn't seeing it right now, but who read fast, i don't think it's that annoying, and yeah, that probably won't change, because it's already a pilot mode :D

wut

I had a stroke reading that

The military ranking structure is really only specific to those types of organizations.

You sometimes have a military-esque ranking structure in public service jobs, but private orgs will typically follow your standard corporate ladder

you know, cybersecurity, while it's not directly related to military, but it's very much like it

cyber is police for digital world

Again, not really? It's going to depend on the organization you're working for.

but i got you i got you

i was just telling you my thought process and my thought regarding 0x

The police are the police for the digital world

well

Police/LEO orgs have fairly specific powers that are granted to them through government.

right

Orgs outside of that structure don't get those powers.

i didn't claim that depth hahahaha

but i got you i got you

Thank you tho!

your pfp

reminds me of duo

when i don't look at it

even tho it's not an owl

I activated my two-factor authentication through authenticator and after that, I factory reset my phone sold it, and bought a new one now I am unable to log in to my ID please help me

We cannot help with that

Contact the support of the service you're trying to access.

he is probably talking about iphone

no thm

ohhhh

You can send an email to support at the following address: support@tryhackme.com

I thought if i have my authenticator id and pw i can get my authentication code but i think i was wrong

If they can't help you, the account is likely unrecoverable

they asked me for discoed token

its been like 2 months now

Support, for the site, asked you for your discord token? For an issue with the site?

cc @mossy river

I know you aren't support anymore, I don't think, but idk what to do about this

When was the last time you emailed

Can you check your inbox for any emails containing a list of recovery codes?

last email was 15th march

Can you send a follow up email, it will reopen your ticket

https://tenor.com/KpgD.gif

Why no gif

idk try harder

What the hell

try harder again

No theres two now

maybe you need three

But they work so idk

third time's the charm right

Be me:

Printer is printing massive print
Printer is right next to me
Goes on phone to check status of the build from the camera I setup
Regret my life choices.

Just applied to three scholarships

Not much out there for juniors compared to seniors

Sometimes i think im too stressed out over this

what did you do...

Be lazy

the life of a anon

-_-

Has anyone managed to create the HTTP/2 Request Smuggling room using OWASP ZAP? If so, can anyone tell me how they enabled HTTP2 support on ZAP? Thank you very much.

#room-help :p

It, ZAP, should already support HTTP2

It looks like they redid their networking in 2022 and added support for HTTP2 and HTTP3

morning

I love you man

Wow. very scary 😨 .

Good Morning ^^

wdym not tb?

Why does Google and YouTube have different things on what modems and routers do? Like the difference between them.

What do you mean? YouTube/Google/Alphabet don't control the definitions, they just present the content.

while using burpsuite

what's alt for foxyproxy on chrome

Alt as in alternative?

The websites have different things on what they do

not 100% sure if this is what you mean, but a modem is strictly for classic internet connections where you were using a phone line

POTS lines rather than digital, as well

literally just modulating sound (hence, modem)

You're going to need to give an example

router is routing packets and such within your network

One website says modem does this and another says it does something else

Again, YouTube and Google are just content aggregators

As far as I get it modem gives the direct connection and router directs it to the device. And data over the network goes from router to modem to Internet to modem to router on other side

direct connection IF you are using a phone line

and POTS lines don't even exist in some places anymore

You don't necessarily need a modem

Well yeah

but yeah, router to modem [over phone line to] modem to router

The router does all main stuff

I thought the modem gave the household the Internet connection from the isp too

If you're getting your internet through cable, sure

if they are using some form of analog internet

i.e. dial up

yeah

Oh so modems are practically useless these days?

With fibre n stuff

Have you conducted a query utilizing your favorite search engine? First bunch of results seems to give you options.

that would use an ONT

https://en.wikipedia.org/wiki/ONT for fiber connections

No, because not everyone has FTTH

^

Oh true

cable for example is still analogue, in which case, they very well may use a modem

the main point is analogue vs digital

Yeah now I get it

So the fibre connections has made it more digital unlike with if we say dialup

It's been digital for a while in some cases even before fiber -- but yes, fiber is digital

on/off

Obviously wire still there but the router does most of the networking stuff if not all

rather than my noise is this loud and this frequency

Yeah between dialup and fibre, I forgot what it was

Fiber is a weird case, it can technically be both iirc

But today it's digital

technically, but i can't imagine that being reliable

(like you say, today)

would be interesting to see analogue fiber lol

So modems are completely dependent on the type of Internet connection to if it gets used or not

yeah it has to be something analog

Actually now that you've explained it, I get that YouTube video a lot better

the name is literally just because it modulates/demodulates the signal, not something that happens with digital (which is just fast on/off)

Digital is 1's and 0's, Analog is waves

tbc, sometimes you have combo modem/router units. those suck but they exist, even though a modem and a router do different things by themselves

Si

whenever someone mentions square wave it reminds me of crappy UPSs

Translates the digital stuff to analog for it to "understand"

Or vice versa obviously depending what way it's going

pretty much

At the eli5 level, that works

So routers connect to isp via a "server"? For lack of a better word. Without the modem. I got fiber cable but our modem still in use by the looks.

if you have fiber than you more than likely have an ONT rather than a modem

your router connects to your modem or ONT and your modem or ONT communicates with whatever tf your ISP has on the other end, which is honestly probably a random server tbh

but there's nothing special about it being a "server" -- all a "server" is is someone's computer whose main job is to serve you data or do a specific job (server is a very vague term)

weird gif but aight

Yeah I couldn't think of another word so I just used that one lol

Lots of routers

Oh yeah I think we do. I'm gonna look at YouTube for it

technically still a router tbh, yea

although those routers are probably significantly more powerful than my desktop

Wonder if there's a big course or playlist for it in there.

Nah it's asics that make the difference

man i always forget about asics

those fancy lil things

type faster other james!

Today's gonna be a shit day lads 🫡🫡

why

Went to bed late and then woke up to fire alarm false alarm

On an hour's sleep at most and omw to work

At least you're employed aha

^ what he said

rip my contract

heh

Well till September and then I'm either going part time or am finding another part time job 😂

Dislike current job?

Nah I'm on placement year so next year I'm off back to uni to do my dis

Ohh, like an intern sort of thing?

Exactly, they usually keep people on part time so I'm hopeful

Interesting, that's cool

What are you studying?

Cyber security and digital forensics 🙂

Ngl the past three years have flown

That's awesome, I suppose you're on your last year to graduate

Yessir, looking forward to my dis, got a few ideas but still thinking about what I'll do

Good luck!

Thanks mate 😄

You haven't started?

Good morning, Snake

Dattebayo

Morning..dude

Done Google Dorking THM room. 🙂 It's awesome to gain this knowledge. ^^
https://tryhackme.com/r/room/googledorking

Oh, dorking just means using the search engine directives?

I somehow never knew it was called that

lol same

yeah.. uncle esqy and many more told that learn it.. it's a good way to do passive recon. 😅

finally learned it.. watched the google dorking cheatsheet also... searched few things also.. 😅

Nothing illegal.. 😛

It's very useful for everyday stuff!

^^ I will remember this..

Any more advice you want to give me? ^^

hmmm. Always put stuff back in the same spot. That way you'll know where it is

no

put stuff in different spots

why????

exercise your memory and don't be a dumb

sheesh.

what stuff? 😅

My memory is only good for a particular kind of stuff

also this

I finally did Google Dorking, that day you told that to do passive recon I need to learn some Google Dorking..

Thank you @molten sky

Gave +1 Rep to @molten sky (current: #71 - 87)

I don't remember that conversation (ironic, having just said work your memory and don't be a dumb) but that's awesome

osint is huge

you can dig up a lot without ever raising any alarm bells (or touching at all)

don't worry! that second part never has to go away!

What to learn next ?

nah it's "i just spent 7 hours trying to diagnose a bug because there was a rouge Space at the end of line 327" happening way too frequently

That's what I thought he meant too

also the more you learn about it the more you realize how little you actually know

time to hack nasa

eventually you get comfortable with not knowing things

google is 90% of my job

Good idea, maybe then I will found out where my actual planet is.. 😅

slightly exagerated obv, but the job is more about how well you navigate and process information rather than being an encyclopedia of random bullshit

Gave +1 Rep to @molten sky (current: #69 - 88)

( to an extent, some things you actually have to know and will learn )

I just overslept so much😅

get back to bed @chilly veldt

Woke up now where I had to be at the office, and I usually wake up 2 hours before that

Is it good idea to learn XXE at this point? Or should I wait and complete something else before learning XXE?

TIL XXE is a thing that exists

looks like it's literally just xss via xml?

https://tryhackme.com/r/room/xxe

I have not yet started XSS

idk if that's actually all it is but my god can we stop with the buzzwords for like 30 minutes

xss with xml is a known thing but i've never heard it called xxe

lol

OK

I will skip this room for now. will do xss first then come back here later 😅

nah no need to skip

probably a good room

i'm also assuming things

normal js type xss is still pretty different

i'm also tired and have been drinking, as a disclaimer

i mean

ya know what, first, are you talking mostly front end design or actual dev (including back end)

Then I will not skip this room... I will just do it and later I will try to relate this room when I will start XSS

front end design or actual dev?

lmao.

😜

front end 'design' is UX

look

words are hard

no you look

front end devs =/= design

https://tenor.com/view/weird-creeping-looking-window-quagmire-gif-17384876

looking now

Me when I do full stack and have to design as well

both suck tho

( not the people, i mean doing it )

you're so close to being muted for 30 years

<3

https://tenor.com/view/k17-tws-jedii-yoda-gif-14707391

i take it 🐬 is a FE person

thats right

and I love my job

js bae ❤️

my professional FE experience is limited but the job ruined it for me

wasn't wanting to even do dev lol i kinda got thrown in when i should've been doing automation

JED2?

https://tenor.com/view/senses-obi-wan-star-wars-gif-24039952

What is the meaning of this line?
The data stored and transported using XML can be changed at any point in time without affecting the data presentation.

can you translate that to english pls

rule 7

If the data is changed, it won't change how its presented.

Really easily a question for Google.

Thank you.

Gave +1 Rep to @sick lance (current: #1 - 2194)

Hey guys

nmap syn scans are faster than the normal connect scan right?

yeah, i think so

Mhm, since they don't need to wait for the ack packet to come back

okok thanks was just making sure

Would it be weird to make a cron job file to have discord automatically update? Each time I open my VM and use discord it needs an update; it's very annoying having to update it manually each time.

why not just use the browser version

Because it's horrible.

I'm solving csr encryption problems and also tried to enable SSL/TLS connection on my local enviroment. I managed to do it but I've been struggling with a lot of troubles. I didn't know root certificates made by CA which is not public organization are not trusted by default

What are you doing? 🙂

I tried to access to a web server on my local enviroment with https
To do it I needed a root certificate trusted by CA on my local enviroment

Is this homework etc?

It is my assignmet
I had to make an article about it after actually doing it

Then we can't help you, this would be cheating.

no problem it has been already done
I'm now able to access to web browser through https

Is there a coupon code for the subscription?

Just the students discount right now.

Ok, ty.

Is anyone also experiencing a problem accessing splunk in the Splunk: Data Manipulation? I have the message Error code: 405, Message: Method Not Allowed.

#room-help please.

Hey there, I would like reporting a bug on a room, how it's works ?

#room-bugs

every room optimize your own brain

Check out Daniel Huberman’s podcast

https://www.youtube.com/watch?v=qW4rqneYc1E

@near hawk new colour 👀

I relate

Indeed 😄

🎉 congrats

Thank You

Congratz Blackout

Next year 😄

Congrats!!!

Depends how much you learn and how lucky you can get

👀

Thought about you couple of days ago

Saw my first mosquito this year

"oh, mosquitoes are back"

"oh, mosquitoes from discord would probably say they never left, too"

Depends what you knew prior and how persistent you are with targets.

It’s easy to look for low hanging fruit and automate everything. But everyone does that. Finding good bugs don’t come easy on popular platforms, persistence and planning your attack will always win

A valuable skill is giving yourself a goal. ATO? Or more simple standalone bugs like injections (XSS, Iframe, etc). Set yourself a time limit and make a plan on the target.

What data is stored on the target? what is sensitive to them? How do they manage this information? Any areas that interacts with other users, directly or indirectly.

Map your target, know your enemy.

You’ll likely have more success on VDP’s. My first triaged report was on one, the bugs found were much lower hanging than what you’d usually expect to find on BBP’s. It’s a good confidence boost to take you into BBP’s

Would there be any reason why sudp apt update/upgrade is timing out?

Bad mirror?

Whatever this means

I have internet connection

Can you ping to google.com?

You have a typo in your command it should be upgrade not ugrade

Oops but it gets stuck on the update one anyway, doesn't have a chance to do update

upgrade**

Because it's not allowing me to update first

yeah i can ping google

did you use sudo command?

yep

sudo apt update && sudo apt upgrade

connection timed out on both commands

paste all errors to chatGPT

waddap hackersss

so uh i just want to ask why starlabs and tuxedo laptops are so expensive is it because the firmware ??

We don't suggest ChatGPT as a solution here 😄

running to chatgpt is not a good first stop

jabba beat me to it

xd

Are there major causes which make impossible sudo apt update and upgrade?

some vendors charge a premium for their products without any good reason.

damn i thought something interesting because those laptops are made for linux they said

I'm going to guess the servers are down

Because there's nothing else on there that should be preventing it

I think it's one of those days

tuxedo uses their own distro on it. So that factors into the cost.

First, my car battery decides to die. It's a new one; I literally bought it on Thursday I think it was. Now my Kali machine won't let me update and upgrade so I can install something I need for THM

wdym by distro ?? should i better google it ??

damn tuff day

It's like a flavor of linux but specifically crafted to work best for their hardware.

use something virtual machine

OHHH damnnnn thats why its expensive damn damn damn big damn

I'm hoping auto electricians aren't too expensive around here, I'm not allowed to do anything to my car really since it's still on finance

I'm on a VM right now

damn i might get ban

i guess to create a new virtual machine is the easiest

mechanics do be expensive

This is my new one lol, my old one died on me. I'm not going through that again.

damn os inside os xd

There's for sure a fix

my host is windows 10

😔

congrats BlackOut ❤️

always take snapshots of your vm. It will save you time.

there should be no problem normally...

To me it looks like apt get has already been updated since it says 50 packages can be upgraded... I would just try sudo apt upgrade and check if that works

upgrade did the exact same tihng

thing

Is something conflicting between host OS and virtual machines?

Seems like Kali is down

guys is http.kali.org down for you?

i am trying to connect and download some packages

Aha, I'm not the only one

no response

timed out

Yeah must be down, I'm getting the same

its been like that for around 45 mintues

the website tho says

it's up

Am i allowed to say, wouldn't it be ironic if it was a DDoS?

Yeah it's not, I've just tried connecting to website and it's down

yeah me as well

if so we can do nothing

that's why i came to confirm

the whole kali linux brain

dies when the website dies

status.kali.org btw

switch to a different distro and download the tools you need until Kali is up against

right

which distro is proper?

How long would it take to get back up and running?

i just have a problem tho

we are not sure

GNU+Linux Debian

I need to stop being lazy and move all my stuff to Ubuntu

anyone knows why i can't connect to any rdp machine? sorry i know this should be in help room but

no one is answerin

ahh

i mean windows machines

using rdp

Kali is down lol, won't let u use much i'm guessing

As a network

i don't think that should be related

is it?

Guess it depends

u trying to use xfreerdp or a similar program?

yeah'

I mean you can use any distro you like, could be Ubuntu or Debian based. I use pop os for a daily driver and also have Kali

Try use the AttackBox with

THM

yes

yes

that's what i was going to do

but

still

is the reason

#room-help please 🙂

because of the website down?

Can you not wall message

I asked :( no one answered

hahahaha

PAtience dude

Then please be patient, everyone is voluntary.

i am grinding :D

If you like the syntax highlighting that Kali has then just install zsh and add the syntax highlighting package

i know i know

i mean asking for help tho isn't a disaster here, no?

i think no

Use the proper room

This is general chat, not room help.

TBH i completely forgot about tech-support channel

Wait is it still there?

Site support now.

#site-support

🙂

Members used it for general queries, and not TryHackMe support.

Site supportis just THM thoright?

how about general help with stuff

ACME IT Support lol

the problem is depending on OS, tryhackme support cannot be helpful i guess

That is strictly a THM room thing right? lol

Kinda!

or is it a real thing hahaha

I've always just assumed it was a form of meme

@rapid merlin ask Engineer

Oh very real, there's an engineer.

Seems I misunderstood the problem

Engineers confirm the existence of the subject matter

🫡

I think the questions about Kali and os in general is ok to post since it is a general question... But help with RDP would go to room help

I do manage the Acme website😂 /j

Acme is to do with THM only tho right?

The Acme it support thing yes

I think that's a specific room

It's just a site/server as a hosting thing for port 80 eooms

rooms

A website used in some rooms

Ahhh

mainly only port 80 rooms im guessing

Sir your website has been hacked by Pakistani Hackers, you should install AnyDesk on your Docker Container so we can Free your PC from Malware.

I did one of the CTFs and it was there

it's also in walkthroughs.

Your Host PC from malware 😛 via the docker container

True

Hopefully Kali is running tmrw lol

I really should use Ubuntu n have Kali as a backup instead of vice versa

I'm on vacation so the next few days I have to use the attackbox

I got an ubuntu vm waiting

https://tenor.com/view/why-lord-why-curtis-payne-house-of-payne-good-will-nothing-s9e6-gif-25470443

AttackBox ain't bad lol

ubuntu is supporting tools kali is supporting?

Just remember to get the notes and whatever else from it

True

But I love my vm

Yeah I get that lol

Theyre both debian based

Yes, that was a good thing.

debian based tured into debiased and debianed

debiased lmao

Great typing of course

Which specific tool from Kali do u need? All of em?? You should be able to get any tool that Kali has installed on Ubuntu,, maybe not from apt but google will help..

now no problem i just wanted to know

Can definitely get most apt packges on ubuntu too, kali is just more convenient having them preinstalled

well all not most

I see

that is why everyone uses kali

Trap, would it be stupid for me to make a cron job to update discord on a schedule instead of having to do it manually lol

guys is anyone here available to help me

I think I've only had to install a few wordlists and a couple tools for kali

Depends😛

it is worth doing it?

#room-help 😄

It sounds stupid but it's annoying

I just use the browser version 🤣

Fair enough lol

Desktop versiona updates every day i swear

Just good having discord on the main dash for programs lol

if they send it to you, and doesn't cost you anything you save yourself the trouble

what I hate about discord (linux) is that they don't have a repo, you're force to go to their website to download the f.. deb, install it by hand it's a pain 😂

Eyyy

Arch got you covered

Is packaged

Seems odd

ubuntu doesn't have a repo for discord and discord doesn't have one I can add, I think there is a snap version, but I'd rather avoid snap if I can

That's true for a whole lotta software on ubuntu though

Just write a smol shell script to fetch latest discord deb and dpkg it. Due to frequency of updates and how often discord demands you on latest, it will pay off quick

I like ubuntu, but I'm not a fan of snap, I guess I'll be in ubuntu as long as they don't push the snap too bad, the moment they do that I'm out

Try flatpacks. I like those

Every time i see something being available on snap only in ubuntu, i go flatpack it

But i am rarely in ubuntu these days

I tried those but the soft I used in snap it's the original from the company, the flatpacks are shitty versions of the original

Bet it's in AUR XD

In nmap scanning, (right now I am doing nmap room on THM)
It says about SYN Scan (-sS) that it have a con which states that: They require sudo permissions[1] in order to work correctly in Linux. This is because SYN scans require the ability to create raw packets (as opposed to the full TCP handshake), which is a privilege only the root user has by default.

So how exactly is it con? Scanning port as a root user is bad practice? I don't understand it fully. Can anyone help me?

You don't always have root privilege

That's why con

Scanning ports as root user with sudo isn't bad practice, it's recommended as nmap cannot perform certain actions without it

SOCK_RAW https://en.wikipedia.org/wiki/UNIX_Network_Programming

also the book in Wayne's World 2 😄

the flatpack version is missing some features, but if in the future ubuntu push the snap too much I'll go back to Fedora probably

I love fedora very much

oh I see, I was thinking it as I am performing from my laptop so I have root access. Ahh I see, I have to think as a company employee also. 😅
Thank you Man. 🫂

Gave +1 Rep to @jagged moon (current: #12 - 561)

OK Boss. ^^ I now understand it fully.. Thank you 😄

quite often ping is setuid root for the SOCK_RAW

Yup. Can be testing environment where you are not sudo and have no sock raw. You may have gained a foothold as user level and scanning internal network with static nmap from compromised target and have no sock raw. Etc

I used it for a bit at very beginning of the project, and then around 30 I think, I installed the 40 in a VM to see the progress, it looks good

^^ thanks for the book name..

I will look into it once my room is completed.

I think almost in every major distro it has sock raw caps

Or suid bit

I will note it down in my notes... 😅 xD

It's quite nice these days, ye

So - Am I connected or disconnected?

Kinda have opposite feelings towards ubuntu. Every time i work with it i like it less as years pass

besides Slackaware, I've been a Debian boy 😂 I moved to ubuntu around 3 or 4 years ago when I bought a Dell G3 some hard didn't agree with Debian even with the non-free activated the performance wasn't good so I tried mint and it took ages to boot I mean 3 minutes easy, so I move to ubuntu and no issues so far.

Mint replaced ubuntu for me as a "quick distro that just works and i can let my siblings manage" thing

But for my own daily driving i moved from deb to arch based stuff

From just this screenshot, I would say you are disconnected

I wasn't sold on mint, I choose cinnamon version because I used that wm in Debian, but I go error every time kind of annoying 😂

Might be laptop specific issue as those things and laptops usually go

Mint has no ARM versions

did someone say Arch Linux

Shoosh

indeed, that why all the humping 😂 I'm OK in ubuntu hardware/performance wise, but I'm keeping an eye on the propagation of the distro and the future of snap just in case

https://tenor.com/view/arch-linux-arch-linux-gif-25380879

Whatever happens to ubuntu, debian world is vast and not going anywhere

So it's gonna be fine

regen'd on EU-Regular-1 - Time to do some googling :p

Debian just lost it with the 3 versions behind thing 😂 I jumped that ship for that too. Of course it's going to be fine, the important thing about Linux it that you have options, just need time to find the one that fits you 🙂

Is there specific need for a Linux distro as your daily driver or you just more comfy with it @jagged moon ?

I mean i have win and mac laptops at work

It's more fun!

And linux at home

I have the opposite, windows and Linux for work and windows at home

No need-need for it but i am comfy with it as a home OS, and i am exposed to all major eco systems that way daily

Do you also run VMs on top of those?

Yup, but mostly for hecking and dev

Definitely, wish I can pivot to that type of setup but rn its not in my horizon I guess

even on Linux I run VMs with other distros

ls

lol.. wrong window. 🤣

it happens even in the best families 😉😂

Morning. Still working on my first cup of joe.. ☕

Wow - The generated VPN config file on EU-Regular-1 and EU-Regular-2 are completely different o_O Not just different private keys - But completely different configs

That would make the OpenSSL: error:0480006C:PEM routines::no start line:Expecting: CERTIFICATE error make more sense

ls: cannot open directory '.': Permission denied

@glass nest it's coming to life! Just bought the fabric for the jacket!

hi

i am new

0 hack skills

Hi new. I'm EZ. 🙂

hi ez i am shisui uchiha

Welcome.

how can i learn hacking

#start-here

#start-here <-- give this a read. Goode info there.

beat you 😂

I ordered the Asus TUF A16... Looked like a good deal.

I'm typing with one and a half hands. 😛 🤣

I want to get a framework laptop

Good day guys everyone ok

I like the concept.. but I didn't want to wait that long...