#general

happened to me twice...first time it was under warranty, second time it wasn't, so I didn't bother getting it fixed

Awsome

my wifi card failed

wide people falling on laptops bricks them permanently.... more at 8 o clock

I fell on mine

Breh

shocking lol hehe

Slipped on a fence, landed on it in my backpack

well I don't have a laptop anymore (new one kinda blew up), so I don't have to worry about falling on mine haha

Reminder to not trust metal fences in the rain

What's the most 'applicable' certificate i can get to prove my education if i was to look for jobs in cybersec

like how best to prove experience

OSCP

OSWP

i get it and after 5ish days usbC failed. then after 3 weeks they changed mbo, then gpu, then screen 2x in row

any other laptop >>>>>>> 360 laptops

https://www.youtube.com/watch?v=j18-yfOSJ_M

then they return money... and i guess due to miss comunication they send back laptop as "failed" and i turn it on after soem days and he works

lmfao

I didn't even get my money back

thank you

Gave +1 Rep to @gray sonnet (current: #107 - 63)

taking hostages can solve problems

and these are exams you pay to take, if passing getting certification

yup

you also get training material, so you can study from there

you can pay for labs to practice before taking the exam

Would thm prepare me well enough to take these, of course i'd need to study further but as a base

it'll get your foot in the door, but you NEED to take their training for the exam

you'll get it anyway if you purchase the exam 🤷‍♂️

Why are AWS Rooms so expensive?

Ok thank you for helping me

uhhh...cause they're made for companies that want to train their employees??

looks nice

how much do you pay for gigabit ?

is your...browser translucent 👀👀👀👀👀

fiber,tv = 65e cca

kinda expensive no

in london its 43 euro

can get cheaper

hot

yes

Awesome!

Damn right.

wifi or cable ? i did on wifi

That's WiFi.

nice nice

Got like 9-13 Ms for ping.

ah i cant share mine

that is nice yea

https://tenor.com/view/come-at-me-bro-mlp-gif-11188874

hey ]

I need help with two questions. Sometimes security policies can't be followed because of business needs. What avenue does a security engineer have to fulfil business needs in these cases?

What philosophy, if followed, provides the most Return on Investment (ROI)?

where that q comes from? THM room ?

How important is upload speed for gaming?

depend on game

Not that imporant

You should be having a lower ping than anything.

However with my speed all my layers got CoD get downloaded OK while I play

What is this from? Is it THM content?

its from TryHackMe, Security Engineer Intro lession

lesson

Ah OK, for help with THM content, #room-help is the best place to receive assistance

yo

wazzup

sky

what

sky is up\

nice joke

ive used this many times

cool

how do i get verified here?

Jabba, mind if I DM?

..or any mod..

Well looky here, you came to the right place Mr

I could not find an article, please try again.

HAHAHA

dheck lol

Seems like the bot likes me more 🤷‍♂️

Don’t hate the player hate the bot

d

thank you

Gave +1 Rep to @crude stump (current: #80 - 84)

sure

Shoulder is kiiiilling me

Move my arm backwards, nothing but pain.... I hate getting old

I dunno

have you tried rotator cuff stretches

with a band

I have not. But just tried to move my arm like that again and it was fine. Heard a pop in my shoulder, like when you crakc your knuckles, after that. It's fine

What's up?

Ah Jabba got em

All good, thanks Scrubz

i'm not a physical therapist but i think you'd prevent that becoming a problem again if you strengthen your rotator cuffs and the lateral head of your shoulder

the stretches are really easy

https://www.youtube.com/watch?v=T_WCU7wjn4Y

if you don't have access to a gym you can use those big rubber bands

against a pole orsomething

I do mainly use that arm to carry heavy boxes. I won't go into detail, but that arm also has less muscle... so it could've not been stretched properly, and when I went to move it once, just, wanted to put pain

I didn't mean that kinda muscle, both arms are equal in muscle... I meant like the ACTUAL muscle

i understand, if the muscle isn't properly warmed up its alot more susceptible to tearing when it goes from carrying nothing to heavy weight. its going to feel painful or even just a bit uncomfortable then go away but if the tears aren't fully healed by the time you do it again

then your muscle will rip right off your bone

does thm have more on learning linux commands?

and you'll have a black bruise covering your entire torso for months

i believe so

Lets just say this... arm + car crash = No fun

Muscle go bye

shouldn't have crashed

life go bye sometimes too

obv

^ not at t1 lol

Wasn't my fault, bitch tboned me when I was sitting at a red light

are there any christmas CTFs or something?

im not too sure what advent of cyber is

Spleen went kaboom, rib went crack, and muscle went bye bye

idk should've expected it and moved out of the way

anyway i hope you take care of yourself i had a little scare like that a while ago and the ouchy be ouchy

either that or cyclist's fault

spleen? yikes

Yep, I'm spleenless

when was this anyways

No India trips for me... or any place with Malaria

I go there, I go take a dirt nap

i dont think i would go to places with malaria even though i have a spleen

Aaaaaaaaand changing subject cause getting dark

ohhh thank goodness there is a metasploit module

https://tenor.com/view/weee-gif-22113548

there is a module for everything

even malaria?

damn

Many years ago

defnitely try stretch something and get a little blood in your arms before lifting again

ah so you're fine now then, not recent

still alive

@royal dragon I saw you. You can't hide from us

still breathing for the most part

Hm must be a ghost

@royal dragon x2

Was just checking something..

I'm not really here

👻

maybe i need to look at the fundamentals again and see if it has more on linux commands

ive seen a few linux ones

but experience is honestly the best, for learning linux

Yah, still some residual pain but nothing like "Omg I can't do X because of x" ribs, there's one section where I refuse people to hug me, cause it's still tender/ painful

Other than that. I'm all good in da hood

hi who speaking spanish

This is a English only server. Better for moderation

thanks, yeah i know the basic stuff

Gave +1 Rep to @fleet turtle (current: #880 - 4)

wooo rep

lol

had to give ya rep! lol

lol

+rep @jagged otter

Gave +1 Rep to @jagged otter (current: #510 - 9)

thanks!

Still feels weird that @royal dragon doesn't have a HTB Ambassador rank, but Emma does 🤔

That's a fake G0blin!

Just here to hang, like other servers I've joined recently

What are they doing on this server?

man i was thinking of doing the offensive security path before jr pentester but now that i look, it seems like the offensive security path is more to reinforce learning

after 2 of the ones i went through, i went into jr pentester

Learning ethical hacking on https://TryHackMe.com

stops self from typing something similar

😅

im like a hair away from lvl 6

I can learn to make a virus here?

(I wouldn't, just trying to hang in other communities regarding infosec)

My Internet is down... 😂

i feel like i might need to subscribe before i can get to 0x4

That's for our advanced channels.

how did you make it that far without subscribing?

Tree cutters broke the line.

doing the free bits of a few paths

61% of the website is free.

advanced channels?

surprised you got that far

without paying

i couldnt finish my module so i caved

is there a way to filter modules by just, free and not free? 😅

throw money at it and the problem goes away lmao

solves all

@jagged otter

do you need to get a specific rank to reach advanced channels?

Have you tried cheering it up?

oh yeah 0xD

https://tenor.com/view/ill-be-here-all-week-thank-you-stand-up-comedian-i-got-jokes-comedy-gif-24431238

so there is even more of a wealth of content on this website, i just dont have access to it yet

I tried consoling it.. held it in my arms even.

wow, i can really learn everything there is to ethical hacking on this site

Aha.. I get it... cause console... server.....

ah wait i misinterperted

where do you check your progress till the next level

i found it once and i cant find it again

Dashboard

Still the same place.

thank you

i was looking at my profile

Wasn't my intention.. but.. works. Lol

no pun intended

what is your thm profile name

Fuck if I remember. Haven't been on in a hot minute lol

I can tell you.

Scrubz, no. I gotta change my name anyways lol

bet it starts with a D

lmao are you ashamed of it by any chance?

Where is fluff me 😭 ?

Nah, been wanting to change it for awhile

i see i see

i should've made mine turdhead

can always change it

https://tryhackme.com/p/Beerrise

Behold, my account that I have not been on in a hot minute!

beer eyes?

Beer rise

oh ok likein cheers or skol

In HTB

why

Skål!

i cant really imagine leaving THM for HTB lol, to each their own i suppose

dang scrubz

prolly reading books

Incorrect account. 😉

im so close to lvl 6 it's crazy

Usernames are case sensitive

Tim knows.

Hi tim

please take the hippie heart flower off me PLEASE

My thm name is .Scrubz

?

any1 run into this problem on mac?

the flower

by this name

looks like a heart

Only time can heal that.

they can't, it shows ur new to discord

blah

time is on my side...yes it is

any1 on mac with this problem ?checked github but not finding the answers i need

ios or android?

mi THM profile is https://admin.tryhackme.com/p/middlerider

https://tryhackme.com/p/timtaylor look at this handsome gentleman

Fixed it

we back baby

i have respect for Tim, that guy did some bad stuff and became a toolman

had to stop the process, seemed to be frozen

Has anyone had any luck writing app armor / SeLinux with llama 3 8b?

from smuggler to tv . i dunno how he did it

i dont know much about tim but he is helpful

oh im talking bout the famous guy

from the tv show

well the thing is i dont know ANY tim 😆

be it from shows or, anything like that

tim the toolman taylor

he ran drugs n guns got caught went to prison then got into movies

i don't know how he did it

but great turn around

For safety I would be doing this over a VM that supplements Pop os snvironment

I did say that that face looked familiar to me, is it really the same one?

that's the one im talking bout face

but i don't think its him

but i do respect that guy

i am way to sleepy to search for flags

i doubt it's really him

I think it's actually him

i dunno

Hellooo

i'll say this, i think most of us have a past and sometimes we just try to keep those things where they belong, in the past

Hows everyone?

tired

Ah same

Hi

Pretty sleepy right now but sleep is a real struggle

its close to 4pm i been up a long time

united states

Its 10pm here

hello

England

sadly 🥲

aha

starting my first attackbox

imma bout to attack my bed and look at my eye lids

real

see all of you later

seyu lata

https://tenor.com/view/1111-gif-27421331

Any tips on how to refresh the knowledge on the paths that I haven't looked at for al ong time

But covered a lot of material and did a lot of tasks?

I usually just restart my studies, but it's so agonizing

Hi, you can delete your account and start fresh, that is just one option

probably not very... practical

I can just reset all of my progress?

Why delete account

There is such an option

i would just re-read the material and identify what category it falls into, and reinforce it with a room that matches that category

i dont believe there is a way to reset progress without entirely deleting your account

There is

Wait

Let me re-check

Yes, I have to reset hand by hand

I cant completely do it

yikes

Yeah, that would be a potentially nice feature

To reset progress

Did you make notes

Horrible idea

Just an option, jeez

lmao

Also if you don’t want to redo a whole room you could also look at a write up.

Yeah let me just delete my whole account because I forgot one room

I gave a suggestion, not an instruction to do so

Work harder not smarter 💪

Eh I guess

You guess 😄

I guess 😞☹️😢

How do you guys handle passwords? I am lazy and have been using the same two three passwords since I was about 14 (30 now) and I know that several or all passwords are leaked but for my most important stuff I have 2-way authentication.

Do you guys use password vaults or such or how do you handle it?

You could use BitWarden or KeePassXC Password Managers

Ok, I have started using bitwarden. Just need to start using it more I guess 😄

https://haveibeenpwned.com/ considered safe to check passwords?

or just set passwords that you forget and have to reset constantly

Read about their method and it seems safe enough..

am göt

Have I Been Pwned is a legit site to check for data breaches, but the most you'll get from it is to change your password and use MFA whenever possible.

Luckily the passwords I use for secure stuff hasnt been leaked, fingers crossed...

Yeah, but gave my laptop to my father and decided to not save them

But nvm

I'll handle somehow

Rip

It's up to the companies that hold your data to cross their fingers. Anything you supply them could be potentially leaked online some day.

PM from ngrok here. Just so you know, we do autoban anyone using those tools to phish with ngrok. we also put an interstitial page in front of all free accounts to help protect users from phishing attacks.

I don't believe you're ngrok

@mossy river

I smell something phishy here /s P.S sorry for the ping

If they want to verify themself, they can drop me a DM 🙂

VainXploits 👋 how are you?

English only in this server, I've already told you tonight.

Scrubz!!! how are you?

https://tenor.com/view/peepokc-kcpeepo-kcorp-peepo-pepew-gif-24524339

Life be like

2 hours of control ultimate edition played today
what shadow learnt so far: they suck at dodging enemies attacks

https://tenor.com/view/cat-chat-cat-fall-hello-chat-cat-gif-24961178

ello ello heap

did too much THM today

anyone know why windows relies on file extensions still for figuring out the file type???

and why they hide the extension by default??

Test

0x4 congrats

Longest 🦗

I imagine it's a design choice for the average user. Yes we're in cybersec and we know that proposed file extensions aren't reliable, but we are in a minority alas

Let me just break the silence rq

i wish CTFs played out like they do in Mr. robot

well magic bytes could make it a lot more obvious what kinda file something is and it could be marked better in windows explorer

I agree

then again microsoft keeps chasing weird things

hi i have a problem and i have to help me

morning

been a while since I dopped into THM, forgot my name was that

Hi boss

ey up!

go on

☕ ?

would love a cuppa

i Keep getting disconnected but in the same time the openvpn still conacting

thanks bro

Gave +1 Rep to @fervent meteor (current: #354 - 14)

After brekkie

Gave 1 Rep to gh0st8yte (current: #2157 - 1)

nearly 10AM, it'll be brunch soon, not brekkie

You get up early mate

working

I see.

plus I get to clock off earlier if I start earlier

i cant acces vpn on windows 11 it says connection time out any idea how can i fix it?

anyone have a good room for learning/identifying hashing algos?

https://tryhackme.com/r/room/crackthehash

There a few different ones.

not quite what im looking for, unfortunately, this is something i would use to reinforce my learning once i do find what im looking for

Ah sorry, I didn't realize lemme look for another.

crypto 101 hashing
crack the hash level 2

^ and maybe Hashing - Crypto 101

i will do Hashing - Crypto 101 once i get a subscription

Fml, sorry I forgot about the subscription

lmfao

oh right....

i thought it was a free room until i clicked on it and wasnt able to view the contents

keep forgetting to check those parts

but i do want to re-learn whatever SOC 1 taught me about MD5 and SHA2

since i dont remember much about those, and i dont know any other hashing algos

oh wait

https://tryhackme.com/r/room/crackthehashlevel2

this helps a lot and is free

the cryptography module should be sufficent when i get a subscription, right?

yeah

It'll be a solid start, sure.

works for me

so i will keep that and Crack The Hash 1-2 in my back pocket

crack the hash level 2 goes into detail on how to idenitfy hashes and how to crack them and make custom wordlists

i.e it is more of a walkthrough rooms with hash cracking challenge at the end

right, ill take a look sometime, thanks

+rep @pearl raven

Gave +1 Rep to @pearl raven (current: #137 - 52)

+rep @sand trench

oh cooldown

No need to fire rep my way dude, happy to help.

anyways shadow is now gonna go for the meep moop sleep sloop to the beep boop

Night, shadow.

Nighty night

Are you able to read files on SMB? If so, how

You need to download (get) it first

Yeah, I'm in a lab atm, I used SMBclient to access a share, now a task is asking that I read a file

But I'm not too familiar

im surprise that the red team path only has intro to c2, does anyone know any paths that go more in detail about c2/persistence?

Hmmmmm

This. The lab doesn’t tell you but you have to use the less command to read files. I had the same problems stuck on the lab

hullo

Figured it out, thank you guys

Isn't it better to just convert it to text since that still ends up with some garbage

fr

hey im new to cyber sec but i was wondering if anyone would like to try working on a bug bounty together to learn of each other and earn money at the same time fair warning im new and not that great.

Good luck

I'm pretty sure bug bounties are quite advanced for someone new

How do you read a file in smbclient session directly?

You don't, you have to "get" it then open it on your local machine

Am I missing something - what do I have to do to be able to have access to the KOTH channel? Thanks!

@alpine herald

Thank you!

ty

Gave +1 Rep to @fleet turtle (current: #750 - 5)

Hmm, didn't know that. Always used get then cat

fair

oscp has a few weird rules

@stray tapir im still fairly competent i have found at least 1 already although it was just a simple idor its still something i just mean ive only recently started as of this year

@fervent meteor lit just shoot me a dm if you ever want to then

same

I'll take a look at that idea

thank you

and do you know if those ethernet to usb adapters really work?

??

level 5 tmw

🦅

They do, I used one on my home server temporarily bc I didn't have an extra nic at the time

big issue

Yeah I only just replaced it recently. USB to Ethernet is quite slow 😅

Usb Ethernet adapters are handy. I always carry one in my bag.

Fr

And a USB to USB-C adapter... Lol

from ethernet to power cable💀

Actually

Don't most laptop's have one?

I think there is something called power over lan

Only seen chromebooks without one

https://en.wikipedia.org/wiki/Power_over_Ethernet

Not anymore..

Isn't that protocol prone to interference / performance loss

Idk I'm not a poe expert

My Dell XPS only has USB-c and no adapters..

that hurts

I'm already tired of laptop's having less ports and having to use a USB hub at times

Had to buy one for work.. of course on the work Amazon account. Lol

is sad

double sad for no adapter inc

thinkpad/framework all the things

They don't pack them anymore at all.. used to.

it was a requirement before to be taken more than 3% seriously

now they can get away with screwing everyone cause nobody cares

And now... No serious..

At least. Dell...

oi @molten sky , need a few stupid yet smart ideas, currently sick and too tired to game right now and need some entertainment

My Asus came with.. all the ports. 🤣

contribute to OSS

(specifically, mine)

Asus did

is pain i mean it's fun

I was just about to write in brackets that don't recommend writing regex or working on your thingies

My Asus has a headphone jack 😎

I know you're recruiting babies straight from the hospital

i knew you would, that's why i even said it, lol

Phone or laptop

Laptop

@buoyant tree double-quarter life

I haven't seen a laptop without a headphone jack yet

don't give apple any ideas

Huh?

lol

go back to playing half life

Double quarter pounder with bacon and cheese?

Too hard, I'm tired. (102F fever)

Tylenol and rest.. high fever..

Yeah just been waiting for it to come down lol

No more all nighters for you

Gotta sleep

Keep an eye on it. 104f is ice bath time..

Slept a lot already

Or hospital..

Yeah I know, have had that experience when I was younger sadly

Me too

Tylenol is supposed to help with fever

Nothing serious, already went to doctor. Just the Flu or some common thing which only solution is to feel like crap for a few days and rest

At least that's what doctors tell me.

Ah.. been there.. not for a while but I still remember....

i need a beer or three

This is unrelated to anything.

But I recently found out that you can use udisksctl to mount storage devices without root

Pretty useful

Saves me from having to type my password in 100 times

me 3

If you mount to a directory that doesn't require root, then your mount command won't require it either

but glad you found another solution

I just got back from the theater for the new Deadpool movie since my Dad is in town, had movie theater beer for the first time. Was an odd experience

been at least 5 years since I've been to the theaters

sure didn't have beer, assigned seating and VIP seating my last time lol

Yeah movie was a decent time, not quite as good as Deadpool 1 and 2 but it had a ton more ground to cover, and as Kojima put it, it is "fifth wall breaking" lolol, in that it's refercing multiple movie studios and actors by name instead of just 4th wall breaking the MCU

Good movie

Could have sworn that was the case but fair enough

Just never been that big of an issue for me, typically just plop them in /mnt, but it's infrequent I need to manually mount

no its a fair assumtion

nice qemu based hostname btw lol

if you specify it in /etc/fstab you can let people mount drives without root

Makes sense, although yeah typicallty that's where I put stuff like temp /mnt/usb and similar requiring root anyways

I guess more properly /mnt/Windows when I have one lol

yup i run discord in a vm

no spoilers btw

that's as much as you'll get lol

thanks, been trying to avoid spoilers ever since it came out

i dont trust spyware on my host os.

Totally fair, I have a good bit of experience with qemu/kvm, and have been having fun with UTM (with JIT) on iPad as of late

I'm actually learning how to use libvirt on my server rn

using virsh and all to manage them

Proxmox or straight up?... ah okay

ik theres easier ways to do it

Yeah I used the virt-manager GUI to get my start, but frequently dipped down to raw qemu for PowerPC emulation needs and similar, only a bit of experience interacting with virtsh and libvirt raw

Proxmox is what I ran for a while before building my VMware ESXi server... just in time for them to crap the bed lol

but Proxmox is an equivlant solutino to ESXi and vSphere in terms of full on VM server

I havent touched vmware yet

maybe i should just to get some experience

Virtual PC > awful time with Virtualbox > VMware Workstation Pro > virt-manager > Proxmox > back to VMware with ESXi server was my very rough timeline from the mid 00s to now

VMware is nice but they really messed things up with the Broadcom deal, or rather Broadcom messed it all up

but hey, VMware Workstation Pro is now free for personal use 🙃

It's still good experience since plenty of orgs running ESXi servers to host their on-prem or datacenter infra still

All of our Windows server enviroments for our clients at work are just hosted by an ESXi server, a cluster of them for our largest

But Proxmox also has clustering, just not quite as widely used in business vs homelab, but that's been changing

when i first got into any virtualization software i was pretty young so whatever experience i got, i assumed everything would be like that, i had first used kali linux with virtualbox and it was very laggy, so i assumed it was a problem with kali linux, and didnt use it in any virtualization software for a while, until someone convinced me to try vmware, which was fantastic

They're both level 2 hypervisors which doesn't help, (although virtualbox can leverage kvm on Linux, but we don't speak of Oracle software in this hosehold)

I mostly got into virtualization because I wanted to do a gpu pci passthrough for windows vm gaming on linux

But yeah VMware is generally the better supported and more robust, especially in terms of running retro OSes which is a big focus for me

I never gamed thought bc it was laggy

i got into it from being young and thinking i knew everything after watching a network chuck video lmao

better to use proton and linux than a windows vm lol

You can get PCI passthrough going quite well, but yeah, you beat me to that statement

No real reason to anymore

wanna see my complete overkill home server? lol

sure bro

I got this beast, not rackmount (at least atm) because we don't really have the space lol

dang

PowerEdge T430 with both Xeons socketed

mine is just a used office computer off of ebay

what would one even use that for, i mean i want one, but i dont know what i would use it for

you can have redundant storage in case of failure

Yeah I went kinda overkill but it's a VM server and is doing frequent video encoding and ripping for our blu-ray ripping pipeline

so it does get a good bit of performance thrashing

what do you self host?

also yeah kind of a secondary large bit of storage after our NAS which is really our main media library and etc, but no issues with gigabit between them

I do jellyfin, a nginx site, libreddit, searxng, and minecraft (in the past).

ESXi/vSphere to host, Plex/Jellyfin most importantly, multiple encoding/ripping VMs, many weird VMs I have just for fun. Honestly I have a ton of plans for self hosted projects on there but I've not used it as much as I had hoped

mhmm the SO uses it to host game servers quite often as well

i mean, i have no idea what i would store on there, and i cant imagine what anyone else would

unless they host a site

I quit hosting minecraft because no one was playing + I didn't want to have a security hole sitting on my system

I do have a good bit of experience with docker, self hosting and more but I'm often too wiped out from my IT job to focus on more lol

I use a bit of docker but I perfer podman

i like their idea of rootless containers

Totally fair, I'm just more using it due to being ideal for work and etc

I use debian for my host distro

Didn't podman try and disguise it self as docker at some point

idk. I'm intrested enlighten me

Boss tells me he wants to host three websites for legacy clients who are too cheap to move to our recommended vendor

Slapped this together as one of my first real Docker projects of my own

I’d go with Trafik vs Nginix Proxy Manager these days tho after more experience however

i tried to adopt podman but i encountered so many weird things that weren't fleshed out enough yet and had to switch back

love the rootless vs rootful switch but it's got some work to do

yeah podman is weird when it comes to some containers

Yeah and there are some ways to do rootless Docker but it looks like a big pain, but for sure a concen of mine

I'm just happy our EDR at work is actually a bit over eager about container escape scenerios lol

had to exclude a good bit of known good stuff after False Positives

containterize your containers just in case someone escapes one

lolol

thats literally what im doing rn

Interesting my EDR actually has a k8s option, but as you can see above, yeah I don't need to scale lol

I hope you are joking lol

using libvirt to run a vm to host podman containers

No that's normal

Reflects actual production workloads

the above Docker Compose setup is just a Virtual Private Server setup at DigitalOcean and as far as I can tell they're using qemu/kvm

and this is just a piddly little project I made quick

I will also say k8s is super interesting but I have less than 0 use for it at work or at home without the need to scale

I've gotten some basic experience but yeah none of my containers need load balancing and etc

yeah I didn't even know the purpose of kubernetes until i asked chatgpt

this is all a hobby for me so wrapping my head around it took some time, cuz I don't have the same needs as a massive organization

Totally fair and yeah same vibes where, we do have such ourselves at work and for our largest client with load balancing VMs via vSphere but those are full on server VMs moving from one host to another as resources allow vs just microservices

one of the greatest feelings is slowly understanding terminology and tools that you previously found complex

mhmm

i can relate and not relate

when I learn new stuff it just leads to more questions

lmao

btw I will again highly recommend UTM if you have an iPad, been having great fun with this (can’t even fit all my OSes on one screen)

any good answer OR question should leave you with more questions

that is something i was told, and have grown to incorporate into my everyday life

lol at most I had 68 OSes on my most expansive VM setup

Mostly just retro computing and operating system archieology than need

bro thinks he's mutahar

Never heard of them

someordinarygamers

I got that pic somewhere

yes

many people use it for that

nope

not if you choose the right drives and partition right

lol here it is

Quite an old screenshot at this point but yeah

BRO

YOU EVEN HAVE PLAN 9 FROM BELL LABS

heck yeah c:

I'm huge on odd and interesting OSes and the history of such

you have to take many more steps to overwrite your main OS, install the .iso for the OS you want to virtualize and go from there, make sure you search a tutorial just to be safe, i havent used Vbox in a while

templeOS where?

I've tried it plenty, have you seen ShrineOS?

Adds TCP/IP stack and package management heh

plan 9 is a badass name

never before, im not big on that stuff

plan 9 is actually pretty intresting

Do you know the reference?

the most "unique" OS ive ever tried was endeavor

nope, but it sounds badass, which is enough to get me interested

It's for Ed Wood's Plan 9 from Outer Space, an infamously bad B-Movie

So instead this is Plan 9 from Bell Labs lol

i see i see

Good time if you want some so bad it's good media

https://media.discordapp.net/attachments/1152366330255790100/1158536679884324884/uncaption.gif

Mhmm, takes "everything is a file" even further than Unix does, quite neat

hi

gn

Heya and goodnight?

good time to be alive

lol indeed

Have you gotten chrome os flex in a vm?

I did it a week ago but it runs so janky

I have not and that was long been a goal of mine, prior to Google buying them up I did attempt CloudReadyOS or whatever it was called but didn't have much success

When you do it on libvirt you have to select UEFI instead of BIOS for the firmware or else it bootloops

Yep, that would be critical for ChromeOS

and the mouse is buggy af

completely different firmware that's mostly UEFI based

oh heck, have you tried NeXTSTEP and etc without proper guest mouse support?

It's a mess to an extreme degree lol, at least in VMware

I havent touched nextstep, iirc its a bsd based os?

but there's community VMware guest drivers for mouse and display and etc

im pretty sure im wrong

Yeah it's mainly BSD and obvs foundaton for OS X with that being Job's next company after Apple

Quite a bit of custom sause on top of BSD to make it all happen

I'm pretty sure I still have some old screenshots I took

Huh guess not, just Apple Rhaposdy DR2 (last x86 before PowerPC only) and Mac OS X DR3 which is emulated via PowerPC as seen here

but yeah what NeXTSTEP became, just some shots I had handy on my iPad without much digging

is there any chance you have tried qubes or tails?

Rhaposdy DR2 is very much still NeXTSTEP but just with MacOS 8 "skin"

i use tails

I'm familiar with both but had no reason to try either

i mean i would think with that much storage for virtualization and what not curiosity might be enough of a reason

tails isnt that special i dont think, but qubes looks pretty neat

ultra paranoid?

or just for fun?

no I use it when I have to do stuff

what stuff gets you to use tails

Qubes is a neat concept, but again most of my use case is already trying out odd OSes in VMs for fun, I don't need to try an OS with nested VMs and etc

Tails I don't use public workstations ever these days so I have very little need for it

Yeah I should really try out qubes, but I dont need to be using tor on a daily basis lol

yeah i mean, who does? besides like, the 0.1% of cybercriminals lmao

downloading free information 😎

Qubes is indeed more about the sandboxing with VMs, but at that point we have kinda come far with our modern Linux container formats

Yeah not the same kind of security/sandboxing but still

do you catch my drift

lol we do

does anyone know if sandboxing in anyrun is as simple as just, uploading something, i am curious and would like to know, because im too lazy to try myself

btw random Solaris screenshot of mine sicne it's still up in my search sidebar

CDE is

bro is logged in as root 😭

lol default setup

I basically just wanted to poke around with CDE, but yeah you would have created normal users after logging into this

once i get done with the jr pentester, offensive pentesting, and the red teamer paths, i really need to do some of the malware analysis modules, the room that had a couple anyrun questions was pretty neat

i cant imagine malware analysis being very fun unless it was something like a ransomware, since those are pretty crazy, but i do want to learn about it after that anyrun room, not sure if this is something for the advanced channels or not

Nah it's fine to talk about here, malware development and implimentation is more what is limited to advanced rooms. Or reversing known bad malware as well

oh i see i see

the 0x3 and 0xD colors are almost identical, im an imposter 0xD

Either way, there's no rush, tons of amazing content on THM and it's good to be well rounded

yeah they looked very similar on the OLED I'm on, I had to double check lol

ill keep that in my back pocket, ive been looking for reasons to try learning Ghidra and utilize anyrun or any other sandboxing software for that matter

Oh yeah so much great content from Startch Press, they often have Humble Bundle sales

i would like pentesting to be something im very well rounded in, and i will focus on that, but malware analysis is definitely something i will learn for fun, it looks handy and neat

Good bit of crossover there if you have any interest in game modding and reversing

big crossover area for me being huge in retro gaming

yeah malware analysis i can see being applicable in so many scenarios, it will definitely be a neat thing to have experience in

mhmm

hello

Hello and welcome 👋

OHHH i dont have the "im new here, say hi" badge anymore

thank goodness

how long do u think it will take before AI takes over cybersec

ohh thats great

not happening

i dont think any LLM will in the near future, thats for sure

cybersec requires innovation and creativity that AI doesnt have nor can it replicate

We already have to cover for "AI" features not doing our job well enough lol

oh wow

Agreed, as D466 says, we really need creativity, linking multiple discrete datasets and more which AI can't fathom atm

exactly how

the only ai that will be taking over is purely just for looks, most people use it for the bonus points that using any buzzword gets you for like a week

False Positives in EDR are a good example

i didnt know that

and i hope it never does gain the capability to fathom it, lmao

unless it gains consience, it never will

I'd rather have False Positives than undetected Positives, but plenty of my time is addressing just "AI" suspicious execution

i saw a washing machine the had "AI" all over it

yeah but they also existed in basic match statement's. Did AI somehow increase that

"generative AI" "revolutionary AI" "industry leading AI"

i have grown to loathe the word and the concept of AI

Modern EDR is significantly more capable than just matching known blacklists

Oh I understand that, Malwarebytes keeps thinking that anything I write is malware so I just turned off it's AI feature and it's been working perfectly

whats EDR?

the word AI can be stamped onto practically anything at this point

lol

Extended Detection and Response

sounds like smth u would learn in SOC

AI window blinds

our fancy word for an advanced anti-virus that works at API level and more

i believe it is

SentinelOne being yet another

AI fridge

EDR will detect if an app makes too many suspicious API calls that align with TPP evasion and etc, even if it was never detected before

AI toaster, AI coffee machine, AI doorbell, its everywhere

it makes 0 sense

hell, get me an AI doormat

also Defender has an EDR product called Microsft Defender for Endpoint

i dont quite understand why toaster companies think adding a display will change the world or make their product any more appealing, but they do

with basic Defender you're just getting a traditional AV with some extra bells and whistles but not full EDR without paying for a better license lol

Was cloudstrike's thing a EDR?

yes, it was stated above

that's part of why it had a kernel mode driver

to intercept API calls of all apps

which reminds me
Nvidia is allegedly making GPU chips out of stem cells

at the most agressive, EDR actually injects its self into most processes to see what they're up to beyond just intercepting API calls

that is the stupidest thing ive ever heard

wait until the stem cells try surviving me running crysis

lol

Yeah I have some major doubts on that claim lol

so i guess the next buzzword is gonna be something to do with AI & Biotech integrating, and i loathe that concept

the idea of any technology having living, biological, components, is terrible

i cant see any application that doesnt only work for statistics

Somewhat makes sense though, if they manage to make it more accessible and safe from contamination

the title AI itself is misleading

DNA contains a lot of data

It's okay the fintech people are only just catching onto the fact that AI is actually unprofitable lol

it is, its very vague, it can be boiled down to "hello world" really

exactly

We don't have any marketing strat for it, besides being "shiny new thing"

there's no real return on investment, even with subs

it is VERY hard to be feasible, keeping it at livable temperatures, humidity, keeping nutrition levels proper, whatnot, is all very difficult

the reality is these CEO's will do anything to try and increase profit margins

Aren't most AI companies in direct loss mainly but keep going on due to investments

and i cant see any outcome where that much work is worth anything

Yeah I know, but if they somehow make it happen, it's gonna be freaking cool

also i dont know why browsers keep adding AI, the only browser AI i like is brave's leo, it is actually helpful at times

it will become like pacific rim

Pretty much, the big players have enough padding that they expect to ride the loss... to a new profit center which will never come

cool, but not much more than that

edge's copilot is also cool

Just look at Amazon deploying their AI for free and lol it's really weird

its like buying stock when ur at a loss thinking it will go up

There was a research paper a couple months using DNA as micro storage

ye i rmbr

i cant stand edge, i hate how integrated it is into windows, after i switched from ubuntu back to windows, for simplicity's sake, i took forever to manage to get rid of edge

Want to ask some programming questions to an AI? Skip ChatGPT and etc, just ask Amazon's AI about it instead of the shopping questions they were hoping for lol

We shall have to disagree heavily

does it use gpt-4o

?

in theory it can hold lots of data yes, but its not easy to read, and microsoft's glass storage concept seems more feasible and more promising, honestly

Since when does Amazon have AI on it's shopping platform as a chatbot. Last I checked it was just to route you to the proper dept

Simplicities' sake? You chose the more obfuscated OS lol

i havent had to use it much
so im saying that based on my experience

Glass does make sense but let's talk super long term

It's live in North America at least, it's not a chatbot, it's free AI prompts

why do ppl reccomend downloading linux on an old laptop?

The amount of data that is ingested keeps increasing every year

Linux is lightweight and can basically run off a potato if you tried

because it will perform significantly better than modern Windows

You tried claude yet

I don't think so, idk. Hard to keep up with some of the silly names

well the thing is, i have a gaming PC, with NVIDIA GPUs and MSI CPU fans, with corsair front fans, the software for all that and for my motherboard were very.. hesistant, to work on ubuntu, and i still do like gaming, and i dont have any reason to use ubuntu other than my stuff on THM, so i just switched back to windows, plus at the time i was unwilling to go through the effort to get it all to work even if there was a way

but isnt it extremely ez to delete important files from the OS

I went to the movies today for the first time in 5 years and saw no less than four seperate AI tech adds for three different vendors

lmao

speaking of which i probably shouldnt have mentioned the MSI stuff given the whole firmware thing, but im not that serious abuot my opsec right now

Uh it's eaiser to fuck up Windows than Linux

oh wow

maybe don't sudo delete important files

vs Windows which just gives you a UAC prompt real quick which you're trained to click through

Well if you know what you're doing that is

linux was portrayed as some extremely difficult OS to manage for begginers

Windows usually hides the critical files in obscure directories

it depends on the distro really

lol there's a reason our Windows users at work are not admins of their machines

It's not that hard, it's just that I wouldn't recommend it for my grandma

type of linux?

i mean, you can view it as that

Yes to some extent the easy of use is tied to the choice of distro, but there's many factors going on there

Linux generally isn't one size fits all, and you just have to find the distros that are ideal for your use case

linux mint is very user friendly, same with ubuntu, and the ubuntu gnome interface is very inviting

like how kali is best suited for hackers?

I would personally recommend highly against GNOME 3 but that's just me

sure

i mean, not really

uh... that's highly funny as I'm thinking about it

But many distros can be made to do the same

kali is just a bunch of tools in a nice brand gift wrap

^

you can do the same hacking on ubuntu or mint as you can on kali, too

oh

My pentesting VPS is based on Arch just due to it also having all the same tools and my personal comfort zone with the distro

no OS is one size fits all, in most cases you have to make it fit your case

Well with a lot of pain

by installing packages and stuff?

yep

make it something you are comfortable with navigating

Kali has all the tools that “hackers” use basically

ahh

Also I know I said the Arch word, don't use it just because it's "cool" only use it if you know rolling release and etc and setting things up from scratch is your vibe

• if you have a habit of breaking your distro and need a distro for hacking in a vm only then it's perfect

so it is good for hackers
but it isnt the only linux distro with those features

even if arch gave me the same high as heroin i wouldnt get near it with a ten foot pole lmao

This too

Most users will be served by a different distro

"I use arch btw" foreshadowing

Pretty much. Only thing is you might have to download all the tools you need

yeah lmao, the stereotypes are rough