#general

true

Just give them your word you will not leave the company.

That's not how it works

Then they should know people are gonna jump ship if they get better opportunities

The only way that really works is if they paid for your degree and you agree to work there for a period of time. Often 1-3 years, but I've heard of 5.

They do, which is why they are hesitant to hire overqualified people

makes sense honestly I didn’t think about that.

That’s craziness.

Here's the tricky thing. Are Masters grads overqualified for entry level cyber jobs? I'd say mostly, no

nope. if you don’t have experience better start learning at entry level

certs are good for the gears to start spinning

But if it's someone with 5-10 years of IT experience plus a masters in cyber, then yes. They don't want entry level.

I'd say yes due to salary and an undergrad usually taking the place of 3 years professional experience. Entry cyber is around 2-4 years of experience without a degree.

what even is entry cyber tho

Soc analyst ?

Great question!

it can be literally hundreds

of jobs

idk that’s one thing about it that kinda irks me, no clear lines for what you should apply for

It could be a general cyber analyst. Not SOC, but like a program analyst.

There are junior positions for all fields. You just gotta look for them.

Agree. Be flexible and say yes. The first job is the hardest to get.

hm even red team related work

never seen a jr pen tester or the likes anywhere

Red team/pentesting is a trap. It relies on the approval of others. Hard to be entry level.

why

it fun to break jails of rules

There's always outliers, but both of those require knowledge and previous professional experience to be effective. Neither are entry level to Cyber and the computer industry at large

I'm not saying it's bad work or people shouldn't do the work. I'm saying it's hard to get an "entry level" pentesting job.

Heavily depends on connections

Half of my family is in FAANG so I'm not worried about an entry level job tbh.

I'm studying for PNPT atm

Rules of engagement keep you on the right side of the law and ethics. I would recommend not breaking rules that are in place for "fun" as you can easily destroy your life.

Do I need to get a mod? Edit: there was a message in between that was deleted about evading authorities.

why would you not be worried if ur family works at faang

they gonna vouch u in or what

that almost sounds like a very broken english way of saying jailbreaking

Even misunderstandings can lead to big trouble: https://www.darkreading.com/vulnerabilities-threats/pen-testers-who-got-arrested-doing-their-jobs-tell-all

which, admittedly, is fun. and perfectly legal for devices that you 120% own and are not loaned or lease by any business or organization.

jailbreaking is kinda dead cause i believe there are only tethered jailbreaks now for ios

In the case of IOS, legal, but still against TOS

unless you for some reason have a super old ios version

I havent jailbroken my latest android, there isn't much need for it these days

oh youre talking about androids well yeah definetely more possibilities there

Recommendations matter a lot

I'm jailbreak more consoles these days. Lots of fun things happening in PS2/PS3/PS4 and even PS5 scene

He’s been speaking of unethical stuff waaaaay before this

again, phones and consoles are more often than not, things people own. im not saying jailbreak your work or school phone/laptop or PS5... 😛

"But sir, This is my work PS5"

Not a joke

its not a good look, but that's still Young Offender territory

if that's a thing in America

crimes under 18 do not go on permanent record

unless you are like a terrorist

That’s sad

Depends

with all that fire you're probably well done 😉 😂

i got busted for public intoxication when I was 18, like just turned 18. i still pass a criminal record check apparently

4 felonies might not pass i think

They can still charge you as a adult depending on the crime

Was also busted for Arson as a Y/O but we don't talk about that...

i prefer to cat more human readable things :p

thou there is a tool that can pull strings from executables

https://tenor.com/view/cat-flames-chaos-cat-flames-fire-cat-gif-24032863

sudo cat

I have my acc. I want to login but after entering ID pass it is asking for two-factor authentication code and I never did this.

what should I do

check email

😒 😒

i dont recall THM giving me 2FA before, but its probably an option

nothing is there

does THM have your phone # ?

no

yes

check your phone 😛

first i login my acc.

did you signin with google by chance ?

and there I nothing

no

I tried once but after that the same thing is happening

sounds like 2FA got switch on somehow, you'll have to contact support and will not likely be able to login

2FA is an opt in feature on THM I believe. Which means you added 2FA to your account. You're going to need to have access to whichever solution you assigned as your second factor.

I didn't get any answer from there.

There

's been times when I've upgrade/broken my phone

and most places will remove 2FA upon request

ok

try during business hours

ok

It's been 16 hours since I mailed.

If you keep mailing you get sent to the bottom of the pile

Lead time for response is more than 3 days I believe

Do you have Aegis, FreeOTP, or Google Authenticator installed on your device?

I have none of those, but I do have Authy

Those are the 2FA listed on THM.

Google Authenticator is there

Is the code you need to login there?

I am getting this show here that

Please enter your two-factor authentication code. You can find this in your authentication app!

Authentication code:

Yes, you're supposed to enter the code Google Authenticator gives you

how can I give this code .

i never set this

You must have if it's enabled

how

It's in your account security settings and you have to go through multiple steps to enable it

Did you check your Google Authenticator for the code?

for this I want to first login

And I'm not able to login

https://tenor.com/view/pewdiepie-aparacer-fantasma-phasmophobia-hola-gif-19895389

ya it's emty

This is your first ever login?

3 failed login attempts?

soc team has been alerted

kill squad dispatched

Not helpful

no

But it's been a long time.

I don't know what to tell you then. It's an opt in feature with checks and balances to make sure it's enabled properly. Your only option at this point is to wait for a response from support.

If they can't help you, you're likely going to have to make a new account.

I think so

and Thank You for helping

🙏

You're welcome

drink water and take your creatine chat

I tried my best, I appreciate your encouragement though

I've ended the exam

failed in on one AD roadblock sadly

but there's nothing I can do about it now

OSCP's rough

Aye now that you did it

Learn from your mistakes

Teach yourself how to overcome them

Is there a retry?

yep yep, I'll try my best

I've got a learn one, so I have a retake

Atleast you get a retake

You'll do better next time 😁

I hope so :)

good morning wonderful people

I am practicing on BWAPP A4 IDOR level medium but could not find any write ups or guide for it can any one help?

Hey my reverse shell stopped working, the port listening is not giving any response now? what can be the cause? solution?

From the lack of context, we have no idea.

Are you doing Tryhackme?

Your own lab, something else?

How are you doing guys. I have paused on going through the Tryhackme, the subscription is so hard for me to pay. I don't really have the money and which is sad for me that I have stopped learning. Please guys is there any alternative for me to continue learning. Thank you for the advice I will really appreciate 🙏

Bee box I am using virtual box lab

https://www.youtube.com/watch?v=ib3ZKFfRn3E for refrence this VM I am using I am trying the IDOR vulnerability at level Medium

Why form field option is disabled in burp?

Please can anyone help 🙏🥺

Yo

plenty of free rooms available, you can look into this as a start

https://github.com/winterrdog/tryhackme-free-rooms

Good morning

Okay thank you let me check it out

Gave +1 Rep to @languid axle (current: #2104 - 1)

The Linux are not free pt2 and 3 @languid axle

has anyone done business logic vulnerabilities labs on portswigger academy ??

I'm having error in last lab "Authentication Bypass via encryption Oracle"

If anyone could help me out with the response which we encode in url format and present in notification header in decrypt request

I removed 32 bits of data from the encrypted value after having whole value multiple of 16 as total was 64 bits still it does not show me correct response

@naive violet

Usual posts on LinkedIn, until I seen a post about free Cryptography resources.

Lol

💀

you can look into the walkthrough in youtube. there's not much in the pt2 / pt3 anyway, pretty basic stuff 😀

I was in a supermarket the other day, and somebody had given their credentials for their work org over the phone

They were in uniform and had their badge ID on them, so that would be an easy win for anybody.

It irritates me so much when I'm out in public, and people have their phone in loud speaker, haha! Must be an age thing,

Thank you 🙏

Gave +1 Rep to @languid axle (current: #1400 - 2)

Hii

Hello.

hi, I was wondering if simcard in general uses TCP or RTU protocol? I personally believe it uses TCP but I need to confirm it.

For mobiles?

yes

or does it wary

?

They don't use either.

hahahah interesting do you have a source?

Mobile networks use different communication systems based on what they are (GSM, 3G, 4G and now 5G)

can anyone help me out

Which can use protocols GTP and SCTP.

TCP is mainly used in Internet connections.

Data transmission uses TCP.

So the data tranferring process uses TCP in a simcard?

This statement was intended on SMS messages and phone calls, before anybody nitpicks.

For internet stuff yeah, it can also use UDP.

but not RTU

RTU is mainly used in indisctrial infrastructure.

hey has anyone here worked with crowdstrike?

or know what it actually does? it seems like it does not do EDR stuff like syscall injection?

I know some people, I can ask.

Can you give me more information, or is that it?

https://x.com/brettcallow/status/1803901848778399774?s=46&t=nUzvJ_SXQL--HIzI1u7jpw

Anyone wanna play KOTH with me..? It's gonna start in 15 minutes.

in 4G technology data is transmitted via radio signals?

Look up MIMO and OFDM

ok

https://tenor.com/view/hi-there-gif-24028235

hi potato

depressed* potato

highly*

Hows it going fellas

a bit highly depressed otherwise ok

depressed too

should I make a tshirt of this?

bragging rights

It will always be factually incorrect.

You can never have a constant streak of 392.

Also there is a few members in here who've got over 1000

disciplined

was going to let it go this week and skipped a day, forgot I had a streak freeze

over 1000, damn

why not?

https://tenor.com/view/vegeta-its-over9000-gif-14419267

W Yato W Gojo

Because you can increase it or lose it.

So it's either +1 or 0.

yeah well it was correct one day 🙂

shirt with a display build in to display your streak so you are always right

I like how you think

So that's what i was doing wrong

I wore a suit to all my interviews

smh

you dont want to take other's jobs away.

lol

streak freeze be like: lemme introduce my self

Ok, a maximum of 7 days.

That gives me a thought, can you continue streak freezes one after another?

Or does it only allow you to use one streak freeze for X streak?

You can only hold 1 at a time

rip

0🔥

@near hawk my motorcycle didn't pass inspection 🙃

Oof, what did it fail on?

I will teach you a trick

on how to make it pass

works in EU about 90% of countries

,,forget a 100 dollar bill,,

3db too loud and blinkers are too fast due to not proper relay for LEDs

I would imagine the exhaust will be the expensive bit but the realy wouldn't cost that much right?

I can just add a db killer

so approx 100 pounds in total

That's not too bad

Yeah, you could argue that you could in theory do it.

But you'd put in less effort actually continuing the stream

44C is no joke

the heat this afternoon is unbearable

Depends.

Temperature of the air? No thank you.

Temperature of the pool? Yes please.

getting the groceries is a struggle, drenched in sweat

yes, it is the air, and the glaring sun.

I love when it’s hot

Bella, do you know if the amazon motorbike boots are good or reccomend going to an actual shop?

hello

👋

I hve problem with ransomwre

Have u ever seen this extension .PARAHAT

Parazit?

parahat

Do u know the way to decrypt it back ?

you have a key?

if I have , why I ask you help.

I need solution

44 in a pool is pretty warm

I either like my pool as warm as the fire of hades, or as cold as Antartica.

hey guys i am not able to connect my vm to internet. Can somebody help ?

Which hypervisor?

virtualbox

Do you have a NIC assigned?

As in accessible from the internet going in?

yes

not perticularly

Or to have access to the internet from the VM

it was working before then it stopped

nat

nat network

You'll need to forward the ports properly then

i have windows vm also, i cannot access internet on that vm too

Oh in that direction

yeah, but I have to get it done in a week 🙃
and I might have to drossle the bike as well

Bit difficult without the key. Hope you had backups

can i dm you

where can i share screenshots

Hi, can someone please help me with roles, how can I verify myself in this server?

You need to verify your account to post screenshots

look at the link just above^

ok

Thanks

Gave +1 Rep to @sharp citrus (current: #152 - 47)

i have pinged the default gateway, but cannot ping 8.8.8.8

Are you trying to use thr THM vpn?

no

nmcli dev status

What about the connection within Virtualbox settings?

settings seem fine

What about up here?

you sure it's parahat, I can't find anything about it

Send a screenshot

Or provide us with more information about the context

I can't drop a picture here

Why is it a "NAT Network" and not just NAT?

This is my Kali's network

Nat network could be an internal natnetwork?

Usually yeah

So switching it to NAT should fix it

"NAT (Network Address Translation) is the default networking mode in virtualbox. In NAT mode, the virtual machine operates in a private network and is assigned a virtual IP address. The virtual machine communicates with the outside network through the host computer, which acts as a gateway. This mode provides a secure environment as the virtual machine is isolated from the external network.

NAT Network is similar to NAT, but it provides a shared network between virtual machines. Virtual machines connected to the same NAT Network can communicate with each other and share resources. However, they cannot communicate with the host or external networks without additional configuration."

Would make sense why they can ping 10.0 etc

(This is from Medium, not ChatGPT)

Nat is similar to Nat? Wouldn’t expect anything else

nat network is similar to NAT but with a network

but NAT network can't get out to the other network, only NAT can get to the other network

I've set up a kali VM 2 eth's with NAT network and internal LAN. and then a pfsense VM with internal LAN and bridged for outside access

kali wont work without pfsense running

I had a similar issue, not exactly the same but I couldn't ssh into tryhackme, Scrubz told me that machines sometimes require a few extra minutes to get everything to work properly

but then again, your issue could be different

WSL is pants for TryHackMe.

The networking for WSL and the VPN is troublesome.

?

its not wsl

virtualbox

Nope, I read that wrong

A real photo won a AI art contest. It got disqualified because its real

I have a interesting thought i think that learning is not hard people spend years learning just to realize they had the wrong mindset/mentality

That's quite true.

When I was 21, I had a different mindset when it came to hacking, and I wasn't mature enough for University.

im 15 and roughly been doing this shit for 2 years it took at least 2 yrs just for me to realize i had the wrong mentality

"Ohhhhh, I wasn't supposed to be having fun"

@sick lance can I dm?

Yeh

i need help with metasploit displaying a weird error, can someone help me?

#room-help

Not until you tell us the error.

well, what kind of error

Also google the error

Might not be thm.

True

its just a metasploit error

What error

msf6 > WARNING: database "msf" has a collation version mismatch
DETAIL: The database was created using collation version 2.37, but the operating system provides version 2.38.
HINT: Rebuild all objects in this database that use the default collation and run ALTER DATABASE msf REFRESH COLLATION VERSION, or build PostgreSQL with the right library version.

send a screenshot of it

@languid axle but the problem is that I won't get any certification of completion from Tryhackme

You'll need to buy a subscription for that.

i tried running postgresql and running the command that says here, but still doesnt work

Well ddg is no help. If you look up on google it brings up these Chinese websites

Okay thanks

Gave +1 Rep to @sick lance (current: #1 - 2437)

indeed

i also apt-update && upgrade

no work

refresh collation version ?

https://www.offsec.com/metasploit-unleashed/using-databases/

how

Might help

i dont understand, can you be more precise?

Run the command...

on postgre sql?

Please don't advertise your server in here 🙂

It's in the rules you accepted.

srry

Any of y’all tried the Kali app for the phone

If so how is it?

@sick lance

It's boring.

Do what the error says.

Welp

you didn't answer my question

My favorite

idk how duh, i wouldn't have asked if i knew

I installed on my Samsung Note 9.

Used a few times, chucked it in my drawer.

i am able to ping host machine from my vm

Don't be rude, especially to people who are willing to help you.

Use parrot os if your getting more serious because kali linux in my opinion is just a playground for newbs

im not rude lol

this is the "help"

What’s your definition on serious

like starting to need to use tools for real world purposes and also i think we can all agree set aside black arch is the king

hey, i am sorry i had to be afk for a while

I’m liking Kali

are you a beginner?

can you help me troubleshoot the network problem

Hello

HUmans

Beginner in the red team sense

alr

There is absolutely nothing wrong with Kali.

Factual

It has all your tools you need right there

i absolutely agree i was just sharing my opinion

And ngl it’s fun to look at

Please I know it's not right to say this Here, is there anyway they can help each other for voucher. I don't have the money to buy the subscription 😭. Am really enjoying the Tryhackme

Are you a student?

They have a student discount

How will I be a student with them?

Thank you 🙏

Gave +1 Rep to @sharp citrus (current: #148 - 48)

Tryhackme says your welcome

Elusive jabba

The problem is that I don't have student email

I only have my personal email

It says you can use student documents

Etc

Ahhh... this will be difficult. Because my school doesn't know this

There are not enlightened on this

what country do you live in

Nigeria

oh shit just migrate to us

Bruh

Im not being mean theirs just more opportunity here

It’s not that easy to “migrate” whenever you want

All because of tryhackme lmao

im saying in general

Not exactly helpful advice for the situation.

😢I will just paused the Tryhackme until I get the money for the subscription then

What stuff are you wanting to do that’s the subscription

Needs

Do you have any documents saying you're enrolled in school? The first two bullets are items that the student typically has, the third will require the schools involvement.

lots of free youtube videos and other sites to learn from

Just that I won't get Tryhackme cert, and again I love doing directly on Tryhackme

work your way up do some freelancing

What rooms are you trying to do?

There’s loads of free rooms

Around, but no more than, 70% of the content on TryHackMe is free. You'll be able to continue with THM you just won't have access to some rooms.

There’s also some very similar rooms that are on the same stuff as the paths.

Just not as informational

Again, not exactly helpful advice in this current situation. Freelance cybersecurity requires you to have prior experience in the industry, to prove trustworthiness, and industry contacts in order to obtain work.

im not going to site here and feel sorry for him ok their are plenty of free resources he can contact sale department or student department and explain the situation

Telling him to do stuff that is very advanced is not feeling sorry tho

Introduction to Linux

bruh you can take free course if you dont know linux you dont even need the payed option yet

So you are telling him he can’t learn if he doesn’t know Linux?

im saying he is trying to run before he can walk

brut force can be done better on windows

as in password cracking

ralex 👋 how are you?

tbh lot's of things can be done via windows. just linux is the place if you wish do some fine tuning

so far so good... just come from work... free weekend... you ?

In bed sick but a bit better, fever cough, running nose and the lot, for the past 3 day not fun at all

hope you feel better soon

I think that’s the reason why he wants to do linux fundamentals

me too 😂

It’s called learning

shot of some whiskey and hot tea and in bed 🙂 grandma cure

yep whisky FTW!! 😂

just no pain killer and alc...

ginger, cayenne pepper, lemon juice, and honey it's also good

amateur 🙂

been studying for 11 days in a row now (started 11 days ago), THM is just so amazing, I love it

ofc 🙂

hi, I need help with the installation and the usage of the java tool called ysoserial, the installation seems much more difficult than I imagined

you do notes all the way?

Quick question:

Is a RAT a legitimate tool to use or it's considered an illegal one?
I mean a RAT is a Remote Access Tool which allows you to remotely administer a remote system depending on your "intentions".

@limber peak
https://github.com/pwntester/ysoserial.net?tab=readme-ov-file#installation

It's awkward because you have to build/compile from source, but the step-by-step seems pretty well-written

if you are legaly allowed as pentest job yes. outside that it is illegal

if is stated in legal papers

https://tenor.com/view/well-did-you-try-google-samira-wiley-hacker-kween-nerve-have-you-google-it-gif-18236820

thanks I'll try

Gave +1 Rep to @wild bane (current: #204 - 28)

been googling a while tho

yeah, I've got 5 big pages of notes already, may not be a lot but that's because I already have some background knowledge

OSI model and Linux seem to be eating most of my notes space, lol

as far you understand it and it can help you that is ok

and whatever you learn you expand outside THM

and as i say. the more of basic knowledge the later all advanced thing will just fit in place easy. if you know background of how things work it is better

Set it to NAT, NOT NAT Network

OSI model is kinda big area and it is of great help to know it

that is something I don't do, though, how am I supposed to expand outside THM, by practice or by reading from different sources?

you have lot's of places to read more of things. google is nice. read a book

also if you can you find mind alike ppl in you town. can help if you share knowledge

after you're done with OSI model just take a look into a TCP/IP model if you're planning to go for CCNA or something like that

oh, I've got a long road until I am done with OSI model, I only read the basics of it

there's probably more to come later in the "curriculum"

damn

@arctic cradle 🙂

if you know OSI well, you won't have any issue with TCP/IP model less layers and nowadays appears often in CCNA than the OSI one

I am more into red/blue team so I'm still unsure whether I'd take upon the Cisco books

I know those books 😂

How much in just books

is just pic of how network area is big

and that is for sure not all 🙂

definitely networking is a huge area

do you know what else is huge? the carrot cake that I just made

and that's just the "basics" you can go even deeper if you hate yourself that much 😉 😂

?

Thanks i guess

this is mine books. as physical ones that i have

i thought the bot will exp++ u, cuz i respekt u, u knoww the systemm mb guys im sorry carry on

aint no way u finnish allat

Wow

in full full not so much

I liked that tootle 🐢

yessir

🙂

I love physical books, but I went digital when I stared moving countries international shipping books is crazy expensive even more when you have as many as me

I love your room set up

nice nerdy space you've got there, anon

It’s so cool looking

i just need sort it all a bit to be as i wish

my man's desk is bigger than his actual sleeping bed

unless that's the couch

nah is bed

Yes, it can be.

Cot?

Sysadmins can use them on client computers.

TeamViewer, RustDesk are both examples that can be legitimately usef

most of them are still in my moms house, hundreds and hundreds of them, my friends used to joke that I own a library 😂

Now bad ones are the Trojans of course

RAT is mostly used for people who want to do illegal/malicious stuff with an individual or a company, I would say yes, it is an illegal one, whereas RustDesk/AnyDesk/TV are programs created for that intention of remote access tool

So it’s not mostly used for people who do bad stuff

wouldn't that be some sort of a SIEM system?

I saw that @blazing granite

Those would also be called rats then

I mean, arguably AnyDesk/TV/RustDesk/etc do basically the same thing.
Same with your typical C2 implant

Really depends on the intentions of the person using them

Exactly this ^^^

Malware is just software that's designed to do something the owner of a machine is unlikely to want. It's not inherently good or bad, any more than any other software

Like they say anything can be a weapon

fro sysadmin and IT ppl to do remote work... all ok...

Mr Muiri 👋 how are you this morning (at least here) 🙂

yeah but you know what I mean, those companies made such software which although does RAT stuff, people usually use it for legitimate purposes, whereas when you read RAT in digital news, it's usually a malware

Heh, busy day at work. Almost 1700 though!
You?

that's what I meant, Muiri

Of course

I mean, that's just semantics. AnyDesk can be a RAT as well. It's just terminology

dear lord...

Tbh I always thought RAT meant remote access Trojan but I guess it’s took instead of Trojan

It can do.

I have literally used meterpreter shells to remotely administrate boxes (I own) 🤷‍♂️

busy day coughing my lungs out 😂

Universal

exactly, I always knew the T as Trojan

Depends on the context.

Yeah

Ooof 😦

I took the wrong time to get the bus....

Completely full with screaming children

Driver's test when?

Soon ™️

I've got a quick Linux question, if you're copying a file using the terminal, I assume you cannot do anything until it's done, but if you execute the command along with the & argument, it would execute the copying in the background and you would be able to use the terminal to execute other commands, is that correct?

Ew. My condolences

yep bloody weather one day cold on the hot make up your mind 😂

there is pine needle syrup. it helped me quite a LOT when my asthma was issue

Correct, aye:)

How do yall drive in London. Every video I’ve seen the streets are so tiny with cars parked on the side.

This is actual torture

My earphones are broken as well

On the middle of the road.

May I suggest getting a different bus?

No other ones that go to where I want, at this time 😞

And just pull over to let each other pass

I'm taking cough syrup every 8 hours

Seems like hell 😂

Depends where the obstruction is.

• going into town
• end of school time
• end of exams for many children

I remember one very memorable occasion when I was in secondary school. Got on a bus, full of children. Got off the bus. Walked 10 miles to the other side of town instead.

Genuinely preferable over that hell

that is one thing. not rly as i was refer to. but if you can get home made thing i write... it is great. it does taste like crap and dead skunk but it is great

LMAO very tempting...

indeed you lost me in full of children 😂

Ah we've passed the bad neighbourhood and surprise surprise guess who got of....

I don't do buses these days. Too noisy. Too many people. Too much utter crap.
Trains with quiet or first class are okay... on the rare occasions that they actually run with our piss poor rail network lmao

You could always get off at the first stop and just walk

I hate getting the bus to uni

@arctic cradle also the & is operator that you can "connect" two and more command to be executed one after one in order

It's filled with peope doing their makeup or eating their breakfast with bags on other seats.

Wait scrubz are you getting your masters?

No, BsC

Not technically true
Do you know the difference between &&, ||, and ;?

and full of people with mobiles that don't know what an effing headphone is 😂

One spoil hides text in doscord

Hi 👋

Discord*

Usually the same ones with shite taste in music too

I haven't taken the bus in over 2 years, always used the train - missed the train which resulted to this, never doing that again

Oh nice

And | for that matter

irc && is to execute 2nd command after first is done || execute 2nd command if first one is executed with no error. : is do to one by one no condition of one before
im i wrong?

& is for creating a background job

Almost. Wrong way around, but right idea.

• && is an "and" operator. If the first command succeeds, execute the second, otherwise exit
• || is an "or" operator. Execute the second command only if the first one fails, otherwise do nothing.
• ; just chains them together. Doesn't take exit codes into account at all

And | connects the stdout of one command into the stdin of the next.

ah yea...

Can also be used as a stream reference, tbf

Yea

2>&1 -- redirect everything from stream 2 (stderr) into stream 1 (stdout)

So if we do 2>2

nothing happens

right?

Theoretically, aye. Don't think I've ever tried that

I tried it

And my pc is now burning

jk It does nothing

thanks yea... 🙂

Gave +1 Rep to @pallid lotus (current: #9 - 768)

Np!

So true, if you’re going to subject me to your music, at least put on something good

hello everyone

i have some trouble with the network exploitation basics room

network services 2 is the room's name

#room-help

thx

i'd refine that a touch. && is checking the return codes of the left op and right op expressions; if both returntrue, then proceed to next clause or expression. if the left hand evaluates to false, then stop and go to next line. it's less of an 'execute command' and more of an 'evaluate an expression' thing

difference there might seem purely academic, but i wouldn't say that you're issuing a command if a clause is something like a variable check, or a regex

Yeah, that's fair 👍

Hey folks hope you are well. I'm currently trying to complete a self contained challenge box and was wondering if someone could DM me some help, i've been on it for a whole lot longer than i would like to be and i'm absolutely stumped!

I see

So a RAT gets installed in the kernel?

Or it gets executed in the user space?

Because the malicious program that attaches itself to the kernel is called a rootkit

as in sys admin remote thing, if you install as admin the admin i guess

I think RAT is user space related

Yes

but I never worked with it so I wouldn't know

No problem

to install in kernel you might need to execute it as root user. if some 0 day is not in play to install it at kernel

"RAT" is just a type of malware, how they behave depends on which you're talking about

I think rootkits get installed for persistence after a successful attack

Since they require root privileges

Where is the challenge?

Not always.

Its through CEH

Sysadmins can use Remote Access Tools co control a clients computer.

Yes

For support

they're not called "RATs" in that case

for instance

They are.

So RAT is a term for a malicious too only

If we say a RAT it's bad

🐀

They are Remote Administration Tools.. or Remote Access Tools.. same as a RAT.

T = tool for non malicious

T = trajan for malicious

I use them almost every day.

Trojan

not if is used as in sys admin

https://en.wikipedia.org/wiki/Remote_desktop_software#RAT

remote access tool

A remote access trojan (RAT, sometimes called creepware)[6] is a type of malware that controls a system through a remote network connection.

SSH is also a RAT

same as remote desktop on windows it can be "rat"

Yes, there are "remote administration tools" but that's not a RAT in the malware sense...

RSAT for example

Too many rats around the network

They might not be asking in a malware sense.

scroll up

Yes! RSAT is for AD

Yes.. it is

I use ADUC a lot. lol

malware Remote Access Trojan = bad... Remote Access Tool = ok if i used legaly for IT ppl

Remote Administration Tool or Remote Access Trojan? 👀

A🦆

The ethical nature depends on the "intention"

on a hacking themed server, if a newbie asks "what is a RAT?" they're not talking about the legitimate administration tools, guys

context... 😛

They're not a noob.

yes

They've been here for weeks.

almost 2 years actually

@sick lance what's the discord command to thumbs up the last msg

i thought it was +1

but is not

who?

Did you SSH into their minds to say so?

you have client/server

X11Forwarding is typing...

@shadow loom I feel giving both answers are appropriate. A Remote Access Trojan and Remote Administration Tool can provide access

Bro loves SSH too much

it is alike anyDesk

I'm not saying don't give both answers, I'm saying in the context of a hacking themed Discord they're not talking about ways to remote manage a server at work

Yes, they both provide a remote access to a remote system, but the end goal is not ethically the same

Gotcha, I see what you're saying

Very true, but both can be used for malicious purposes

especially not if that's the UI

Correct

Yall also made me think of C2 when talking about RATs.. and now I want to make my own C2.. 😦 Thaaanks. lol

Do it^ Write a P2P protocol and create infrastructure (in a lab environment ofc)

I'm gonna have to come up with ideas of what I want.. but I think talk about that should be left to advanced/programming.

Correct, you can also use legitimate tools for illegitimate actions.

This is what we call in cybersec "Living off the land"

They could be?

Fine, in the effort of being sweaty-like correct, I'll give you that point: you win

I was wrong

you were right

It's all about context...

It's not about right and wrong man. We're all just nerds sharing the knowledge we can

You may have held new people in that regard in HTB.

but this isn't HTB.

LoL != League of Legends

Who said anything about HTB?

That's a !true statement

I did, and I still stand by it.

CoNtExT

I used to play LoL... until it made all my friends angry.. then I quit.

Why are you bringing HTB into this?

THM doesn't get new people?

It was more aimed at your PoV of new people, and you know it. 🙂

I'd argue THM gets more new people - and new people who stick around - than HTB does

+:emoji_name:

HTB can be a bit toxic and elitist, but fact is they're both InfoSec related Discord communities and both get new people, so when somebody asks a question that has a technically correct and legitimate answer in the context of something that is not InfoSec related and has a correct answer in InfoSec context, it's a safe bet to assume that they're here for the InfoSec part

I'm not sure why that (edit: bringing up HTB*) was relevant at all though... but oh well

Not sure about that, I joined a few years ago and didn't stick around long.

I've quit as well so we got that in common 😛

It was nothing against HTB or the members, I just didn't interact with the server.

I have a very small server list and if I don't feel like I engage with the server I leave it

Me with 8 test servers

I can count the servers in 1 hand 😄

Oh. My. God.

May the lord have mercy on whomever is reading/watching it 🙏

it gets worse...
tornado full of sharks

I've started grouping my servers into a primary list, a folder for secondary servers a folder for servers I almost never visit and a folder for server I never visit

https://tenor.com/view/begone-devil-demon-exorcism-sage-gif-82525492574426382

👋

what the hell kind of a punishment is cooking socks...

I put all the servers in the same group just to be chaotic evil

REX! Hai!

how're you doing today?

I read it wrong 😂

i did 5 time =/

@mossy river Why you no anime?

I let them blackmail me

(I was tired of being associated with Anime)

kekw

coughing my lungs out but taking cough syrup so it has to get better at some point, I hope soon but my chest and back hurt from the coughing it hit me hard this time

https://tenor.com/view/bocchi-the-rock-crying-crying-girl-crying-anime-crying-anime-girl-gif-4473502144398719776

Why do you still have a Christmas hat on

Why don't you?

Not crimas

get well soon

It's always crimas

https://tenor.com/view/nuh-uh-nuh-uh-scout-tf2-gif-12750436057634665505

I rather have yule because of the eggnog and mule wine

Yes, yes it is.

God I want snow. 30c for days, with naught but a tent, on a location where you can't even move the damn thing into shade because there is none grrr

It's almost Christmas in July, Hallmark Specials coming to the Hallmark channel near you lol

smh can't believe you don't remember the classic syfy channel shark movies.... trailer park shark, mega shark vs crocosaurus, toxic shark, sharktopus, et al

Whoever chose Syfy needs to be publicly shamed

It used to be the SciFi channel when it started. I think ownership changed hands in the 2000s

Mhm

2010

That's when the name changed

That feels so long ago now 😦

It was 14 years ago

More than half our lives Muiri

I have this problem during the booting, I tried restarting lightdm service but it didn't resolve the issue, I have been facing this issue very often these days, and I don't want to reinstall the whole machine again 😩

https://i.redd.it/i3wumt9y5x7d1.jpeg

German grocery market. Today.

Have you checked your Lightdm and Xorg logs?

configuration files you mean?

oh nvm logs

I feel like Aldi, I think that's Aldi, has those year round lol

that's why snapshot exist, do you have any? 🙂

I can't foresee when it happens, but I learn my lesson from now on

if you have sshd running you can ssh the vm and check log from CLI

I can still use the ttys tho

[SOLVED]
https://forums.kali.org/showthread.php?64523-Problem-with-quot-lightdm-quot
just in case someone faces the same problem
#lightdm

great, somebody said something about logs, that's a great start

I don't use virtualbox and I haven't had any issue, bu that link looks great, good job 🙂

slightly over burned, but nice how it ended ...

looks good

me neither, I use vmware

the ending of GOT left me with a sour taste, I can't get into house of dragons I watch the first two episodes when started and nothing

hullo

I use Qemu/KVM

Qemu/KVM was giving me issues so I went back to VBox

or.. it was likely a skill issue.. lol

maybe I'm lucky I haven't had any major issues with Qemu/KVM

why don't yall use vmware

simple and works

vmware doesn't do hardware emulation very well

The only real issue I had was not being able to copy/paste from VM <> host.. that was the issue.. and I tried for weeks to fix it.

there are some things i've needed in the past where qemu was the only viable way to build something in a reasonable time- my rpi was too slow, so emulated aarch64 to natively build something

because Qemu/KVM works for me and it's faster than vmware or so it seems. I haven't done an official test.

cross-compiling that particular tool was also not viable

still having the issue, can you tell how you fixed it

hmm

I never was able to. That's why I went back to VirtualBox.

it'll be interesting to see what happens with libvirt now tha red hat has stopped support for RHEV and ovirt

I have the same issue in my virtual box too, It doesn't install the network adapter

I find Hyper-V easier to work with than VMware personally

Qemu / kvm works brilliantly out of the box in debian based distros, it has some issues on Arch and arch based distros, in my experience

spice-vdagent and qemu-guest agent weren't working? there's a known bug with xfce because the xfce devs are lazy and don't want to fix it

😦 and I use xfce.. I even tried in KDE and couldn't get it to work.

gosh, now the machine can't detect the keyboard

Proving it's a skill issue /s

if you say so 😜

I used it in Debian/Ubuntu and Fedora with no major issues I can't speak for the rest of the distros

for compatibility, gnome3 usually works best..... i've also noticed that qemu on debian doesn't quite support all the features as it does on fedora or ubuntu, oddly enough

with debian12 and gnome, the only issue i have with qemu is my guest doesn't auto-resize to window

That doesn't seem to be much of a problem.. unless you happen to have an ultra-wide monitor like I do. 🤣

https://tenor.com/view/hello-it-have-you-tried-turning-it-off-and-on-again-telephone-on-call-gif-15495555

It'd annoy me.. but just as much as the copy/paste issue..

@whole yew are you going to DC this year?

does Qemu come with a UI by default in Debian or do you just like the added complexity for your home lab? 👀

it's a possibility

what complexity? You write the xml file for config once and launch it with a script for virsh

Already got my room and pre-reg. If you do, let me know. Would love to chat over food with you again sometime.

depends on your needs of course, but works pretty good out of the box