#general

oh me too :)

And I'm hanging over to network pentesting

But I try to pick as much up as possible

i wanna endup as a red team operator

Not only limited to offensive / network pentesting

Nice nice

long way to go ;)

Always have a goal... Right?

You mean WSL?

i using wsl2

I'd recommend VM's over WSL, but that's me

https://cdn.discordapp.com/attachments/1271278319534608398/1271596074666295306/image0.gif

WSL is basicly a Linux terminal in your Windows terminal

And a VM is just Linux

not big difference

big enough in networking setup

I'm using VMware too

Yeah WSL can be messed up regarding networking

So I'd always prefer a VM over WSL

In every case

And if you don't have enough resources, maybe WSL will be an option

use wsl in win11 is easy

When something is easy, doesn't say its better 😉

Especially Python is a good foundation

no,no,wsl is better and easy

it's just my feel

mmm?

I used it five years

Hacking and pentesting is quite different to programming

as a developer

Python,Java,php

Yeah but for Cyber, you'd not want to pentest on your daily (personal) use OS

but docker is most better

wsl2

Already have a LOOOOOONG time ago lol

https://learn.microsoft.com/en-us/windows/wsl/compare-versions

wonderful

I need go out,bye everyone

YAAAAAAAAAAAAAAWN

byee

i like using WSL for the native linux GUI app support

its pretty seamless

Lololol

and why do you like VM's?

i like if it i want the full desktop env and VM experience

Snapshots, good networking experience

yeah basicly that

I full screen Kali for this if I'm working on a long time

but honestly, having native apps in-built is huge for me, especially because I go between VM and host often...if its just for one task it saves all the effort

I only have wsl on my half blown up laptop lol

and being able to test linux-only apps on windows is also cool....like this terminal

Alsoz jay? yeszz can you help me with that?

Oh thats pretty chill

Do you pay for that?

aye

Or the free plan?

Which terminal is that? 👀

Warp.

Not at all, I don't need any of the paid AI stuff

I don't even use the free AI stuff, I just like the other features

Aye sir, I'll get home tonight, I'll ping you

Has anyone heard of InTimeTec?

install the distro with wsl commands

or hit the install button from the microsoft/windows store

after enabling wsl 2 that is

Installing from the microsoft store may indeed be the easiest way

https://www.microsoft.com/store/productId/9PKR34TNCV07?ocid=pdpshare

Good song btw

https://open.spotify.com/track/2oYheX6lx92jmxzainoy6l?si=43699785b6554b22

the thing is my practical doesnt have any issues, its perfectly well. done myself alone

and im wasting my time running behind them asking them to tell me if this is okay for them

Teacher should not mark your work based on your friendship level.

They should be unbiased.

That's why generally it's marked then it's sent off to a second marker who teaches somewhere else.

In my Uni, our work is sent off to a proffesor in England, once it's been "interim" marked.

sadly thats how it works here

every system is horrible

the board exams are generally marked on how good your handwriting is

which are conducted across the country and checked by teachers of some other state or city

hi scrubz

Hi mav.

here here now

GM

noo i forgot to make up a new nickname

Oh damn, unlucky.

Nmav

it stands for, New Mav

Good idea, the old one is very needy.

when we getting
new new new new new new new new new new new new new new new mav???

shortened to new new mav

waits for anyone to get the reference

Sorry I didn't xd

We can't help with that

It would be considered cheating

does anyone here use google cloud for whatever reason?

Is Anyone online?

Nope

I'm offline

;0

What would be a good way to make 250$ by the end of the year?

nah shadow went off the line recently..... it was scary to be that high up in the air

What?wdym?

slack line walking

A good way... There are some things where you can help older people with their computers

IIRC there is an app for that

What would older people be doing on IRC chats?

Bro I am interested in studying malware forensics. What else should I learn besides reverse engineering?

IIRC means: if I remember correctly

how buffer overflows work

Ooh I though it was typo lmao

Forget what I was going to ask.... something probably about filament to use

fair... i was sleeping at that time

looks into sd cards for their dragonbox pyra

man these get expensive when you get close to half of max capacity

max capacity of standard sized sd cards being 2TB

Ticket comes through
My monitor won't turn on, replace it
Go to the office

Hits the power button on the monitor and it comes up

https://tenor.com/view/woohoo-celebrate-gif-3719791047300891146

https://tenor.com/view/magic-gif-26166638

????!

new pfp do ya rock with it

scrubber

Are there any cyber security books you can recommend?

There is a channel for this, #bookclub

Sorry my bad

No worries

But you'll find some there :)

not cyber security related but how to write good guides by example related: to fell a tree

if dogs chase u and dont wag their tail but still dont hit u are they violent or not

That's an interesting question

because this stupid dog runs behind me and might bite me any time

say

bad doggy bad

sit doggy

the next thing i know is im going to file an attempt to murder on this dog

bad doggy

too far

but the peta or the animal stuff will say dogs are innocent

dont hurt the puppy

u monster

its not puppy

Elena Gilbert

it has given me a chase 2 times

pat it

reward it

its a kind of incline road i cant pickup speed

firstly no
secondly im on cycle not a food machine

if i feed it the other dogs will chsae me

even if you complain the management wont do anything

Take another path?

thats the only path

like there are 3 roads but all of them meet the main road before encountering that dog

Some dogs like to chase bikes

Get a water pistol

And shoot

lmao

cant carry that on a cycle :(

You can get a small one?

Would be kinda funny

what am i doing flowering a dog?

IT support is painful,
“X doesnt work”
“How doesnt it work?”
“I dont know”
“ok but whats wrong with it”
“it just isnt working”
“is there like a message or an error?”
“yeah its <error code>”
.* bang head on table *

Don't expect too much from end users ;)

Yes but still, 7 messages to get the error it was throwing is a little much

A handful of them give everything in the first message which is great

Once had a end user who reported they had a broken keyboard, but sent the ticket to the SOC to fix it. Help Desk not very helpful.

CrowdStrike is on an upward trend of recovery, which is pretty quick since the stock market has been a bit volatile towards tech.

One aspect of IT support is helping end users help you

You can set up general meetings on how they can better submit IT support requests, maybe teach them basic troubleshooting methods, etc.

They came from 350, right?

A gif of who?

might grab some stock now

They were close to $400 before the incident.

dogs chase you because you run from them...man up and stand your ground bro...observe how cats do it

I got it when it was 204. Wish I bought more, but I moved some of my money to CDs or t-bonds.

What’s that

using ms compsci diploma as begging sign

yeah, got $50 laying in a stocks account which I just pushed towards it now

used to trade currency ratings

May fortune favor the brave

So gambling.

Capitalism gambling

it's $50 from previous stocks winnings

options

inverse walstreetbets

basically no-mans money 😄

thats where money is at

Nice $50 you have there

Would be a shame if I
You know

Bought 50$ worth of day old Jimmy John’s bread

I would probably use that $50 and get all you can eat sushi. 😛

it's a $5 withdrawing fee

10 percent or a flat $5 withdrawal fee?

flat 5

That's not so bad, do you get taxed on what you withdraw?

yeah, wins vs loss

if I put in 200$ in stocks, but take out 50$ in stocks, means I lost 150, so next year 150$ is tax free

that something like that here, but there's a limit, which I can't remember.

no limit here iirc

but currently have 100 in tax free iirc

That should not be the case, but unfortunately it is, and there's absolutely nothing we can do about it

I had a sociology professor who was like that, I was on her good side cuz I played poker with her at a local bar once.

😄

ello frost

o/

\o

Was at defcon and blackhat last week

was fun

fair amount ppl from here was on def con also

Going to compete in the CTFs next year

I skipped out this year

even #1268576599431975034 was set

I saw that 😄

I might even compete in the cold calls next year

The vishing contest

my dear friend is social behavior psychologist. so i explain social engineering to her. she nail that thing

I haven't done social engineering since I was a kid

Yes i plan on doing this soon so its easier for everyone

We'll start doing it soon for work tho

once she paint my nails, and she "assured" me that it was my idea... it was not lol

Gods electric car charging is a charlie-foxtrot

I'm up to 5 different applications....

But but but the planet.

put it in microwave for fast charge 🙂

@loud marlin you from croatia?

Yeah but it'll better once they all decide to unify the payment structures

native yes

Doesn't fit :p

tar it

susjed😄

just keep it eng here. kinda rule. but yea we are. u from cro or ?

Doesn't seem to be compressible

from slo

English only please.

oh. i have few ppl from slo that work with me

i know...i hope 1 word would not put me in trouble...ot means neighbour

welll... then, suffer more 🙂

It could be one word, it could be ten.

cyber sec? or smth else

sry @sick lance the susjed mean neighbor

chemical industry

oh right...you were talking about it yesterday

and here is one company from slo called Calcit. you might know it from slo

i heard about it but im not sure what they do

from town Kamnik

they make color for paper. the white color that paper is covered

Guys

do you like those machines that are puzzles and you have to keep looking for clues?

all machines are like that... well most of it 🙂

makes sense since calcit is white stone

yea. calcium carbonite thing

well... for sure i can tell you they need workers 🙂 hehe

oidk how old you are and so on

just saying

30

I prefer the machines where we look for vulnerabilities in the application

fair

im thinking of moving tf outta here...its just the couple of real good friends i have is keeping me here

there is literally 0 good job opportunities since i dont live close to lj

well... if NL sounds interesting. the Calcit, as i last know, looking for ppl. might just be like cleaning worker or so. or if you know mechanics or electric might be also. idk what you do for work and so

like 5-6 ppl from slo and 5-6 ppl from cro are there

at las i know that amount

i have many skills im just not confident enough😅 and i learn fast on the job

i may talk to them. they might need some operator that monitor and run via SCADA. it's small company so is not extra hard. i can ask and if wish can give them CV or smth

tbh i have never heard about SCADA

do you mind if i dm you?

scada is system to monitor and run things. wuite big thing in generals

sure

my gf

delicious

https://tenor.com/view/doubt-press-x-la-noire-meme-x-button-gif-19259237

anyone here tried termshark???

asking more about how it compares to full blown wireshark

and how easy it is to use

and if it respects terminal themes

emm

anyone heard of InTimeTec?

What happened to Chatgpt?

WHy is so much Blue Team stuff paid, when so much Red Team stuff is free?

I blame red teamers

Hacker can get lucky, blue team need to stay in the game and be consistent

@sand trench I see it more of a tcpdump replacement. I usually use it on headless machines and output to a file and then read the pcap file on my machine with gui wireshark

hope you are not confusing it with tshark

sorry was lol

haha fair

knowing the difference here is kinda specific

I haven't tried termshark yet

it is a full blown tui application

just looking at it now, that looks kewl. Might have to give it a try

shadow actually loves a lot of tui apps

they have so much nice use case

in your terminal with lots of power

save me messing about with transferring files

any good vpn recommendations ?

Mullvad, Proton, IVPN

Take your pick, that's all we reccomend

I personally use Proton, @sand trench likes IVPN, and many others like Mullvad

I use airvpn, really good service and community

I like Proton

Most of us like privacy, and Proton and Mullvad are basically the industry standard on Privacy friendly VPN's, I can't speak on IVPN as I've never read into it

They are privacy friendly enough, if you are not a terr0rist😂😅

well time to state this once again

NO COMPANY WILL GO TO JAIL FOR THEIR CUSTOMERS/YOU

Duh?

yeah should be obvious

but if you are getting labeled a terrorist by a government and they get the legal documents to request your data you will not be able to hide behind a company

True

closest you can get is probably what lavabit did

makes we laugh when ppl think there VPN/mail provider will ride or die for them for $4/mth

i.e close down the entire business and disapear in a single day when the feds came knocking

open source hardware and software all the way

make you own the thingy

I believe that's a good thing btw

FOSS FTW!

generally it is a good thing... until your own government becomes evil but at that point you have more problems

Mullvad only vpn I trust

for a second I thought the owners name was skibidy

mullvad and ivpn are the only 2 vpns shadow 100% trust

government agencies can become to request happy, over reach is a real problem

proton shadow trusts up to 95%

need to get my server home somehow

https://tenor.com/view/quagsire-blink-blinking-gif-25635243

https://tenor.com/view/wynaut-pokemon-cute-gif-5097226

the why not pokemon

There will be consequences.

https://tenor.com/view/pokemon-squirtle-gif-21446102

SQUIRTLE SQUAD

"let's see how my stock is doing"
-$3

Then they can't oblige a Swiss company

well yeah getting swiss government to sign a warrant for you to go after companies in their jurisdiction is rare

but not impossible

Yepp, it happened once, right?

Not to go after the company

But to let proton give info

About some terrorist

the problem is how little said person actually looked like a terrorist if you look into it

but yeah swiss government signed the warrant so no choice

there was plans for your ISP to keep records of every customer here in the UK, and the list of agencies that could access the data was crazy. They're also trying to remove communication apps with encryption

ah yes the classic battle to ban encryption

we are back in the 90s

That's indeed crazy

like that will ever solve problems and not create new ones

if you live in the eu keep fighting against chat control

YEEEE

Privacy can be dangerous

true

so can security technically

Yeah but to weaken encryption for some people who are sending illegal 18+ content? I don't think that's the right choice

if you weaken or ban encryption the only people who will have good encryption is the criminals

the last government here bought in an act called "the online safety bill", used the old scare tactics of this all about child abuse online, but again it allows them to access user data from social media companies, and the new government is looking to extend it's remit

it won't really change much more then that you can charge people for encrypting their things

For real. They'll just make their own shit

Shit as encrypted chat app

making it so children can't use encrypted communication will actually make child abuse worse as then there are no safe channels for kids to get help

Encryption can be as simple as making up your own alphabet

just use pgp/gpg with your email

well would do that more if shadow actually sent emails

Isnt that called encoding

for now shadows email is basically just a place for services to send emails to with no replies

I mean if I actually was in need of encryption and there wasn't an alternative, it's really that simple

hey

Hii

hey @jagged otter

blue team is easier to monetize RE: MSP

progress, progress...

where gpu mode in btop ralex???

one sec

hmm... how to add/show it 🙂

https://github.com/aristocratos/btop?tab=readme-ov-file#gpu-compatibility @loud marlin

that link should go to the relevant read me section

after you hit esc to go into options

there

nice you figured it out

you can now monitor your gpu neatly in btop for ever and ever

yea... kinda get used to env variables and so due to fair amount of readme that i read

I am fucking STARVING

I need foooooood

go get noods

I has no noods

oof

I need to buy noods

That's a shame. Always have a stash of noods, never know when you may need em.

That's a good idea. I should buy some noods and store said noods on my shelves

packet mac n cheese is my go to

ello mac

Good afternoon

good afternoons brobot

How are you shadow

slightly tired and probably consumed to much sour stuff recently

as got slight heartburn

or soar throat

or whatever it is called

Sour stuff just turn my skin inside out lol can’t handle it

hope you feel better soon

My wisdom tooth is coming through 😪😪

eh shadow will easily live through this

hopefully you don't have to get it removed

Unfortunately I do, it’s an impacted wisdom tooth

I'm going to start banging my head against the wall soon for not being able to find the flag

hope you got a good dental plan/insurance then

I do not haha, going to cost me around £180

Not too bad

I’m willing to give that money up if the pain goes along with it haha

oof that is spensive

we are meant to have dental care covered by our NHS, but most ppl have to go private. It's so expensive

I get a plan from work, but it doesn't cover all the costs

good news

shadows microphone works

bad news

shadow dunno what to play in multiplayer with friends

CS2 has been playing up for me since the latest updates, I'll have to look into it over the weekend

not sure how cs2 runs on linux

it's native, but does feel like the unliked step son

All I play is Valo rn

this is a mess

whats status on macos silicon chipset?

I didn't know CS was still a thing

¯_(ツ)_/¯

f it way 😄

@autumn solar went from CSGO to CS2, was a nice update, but I've had a lot of problems with it

mac is not meant for gaming sadly

albion is available 😄 and no lose performance

DOTA is my go to after CS2. I love playing eu4, but it becomes too much of a timesink for me

guess you could play oolite.space or veloren on mac no major problems though

^ assuming you know how to compile stuffs

so if you're gamer dont prefer macos

yeah if you a very hardcore competitive gamer for now stick with windows

steam seems to have fair amount of mac games, but the rule of thumb is PC for gaming

also not available valorant etc.

if you like playing lots of indie games and singleplayer experiences linux is good enough

like stardew valley

proton usually gives linux access to most games, usually anti-cheat that causes the problems

i go out have a good time

cyea @agile lichen

Does anyone have experience with Windows X Lite, I'm thinking of spinning it up in a VM

I just folded under that weight 😂

Yeah, it's all due to the anti-cheats used by the 3rd party organizers

yeah

Base CS works on Linux, competitive 3rd party is a mixed bag

anti cheat keeps being the major flaw in getting games to work on linux

specifically the ones people don't wanna live without

League of legends broke on linux due to their update

roblox is soonish gonna be broke on linux

^ which limits a lot of new nice computer users from running linux

if I can still do my roblox forensics I will be happy

Linux gaming has come leaps and bounds over the last 5yrs, steam have been a great driving force for it

yeah valve and steam has driven linux gaming super far

the steam deck certainly helped huge amounts too

I remember having to dual boot for gaming, but I just run linux now

yeah shadow switched full time to linux in 2017 and never looked back

Don't forget Id Software

@sand trench no noods, just thighs. Spicy thighs 🔥

Maaaattttt!!! Afternoon

Noo

Shh

Tired

ye, work day

who dis

Space cat

Anyone else have trouble focusing on HTB’s content due to the color scheme?

https://tenor.com/view/meowdy-howdy-cat-howdy-cat-in-a-hat-cat-in-the-ten-gallon-hat-gif-27347110

Sir, this is Wendy's
McDonald's is just around the corner

imagine if you played with tamper monkey you could fix that

tampermonkey for css???

would have thought there would be a theme, I'm not a web person

What’s that

extension for js manipulation

Should probably ask their server.

No bad stuff about HTB in here. 😄

THM and HTB are both awesome

Oh yeah @sick lance I found a way to cut down my semester, from 12 weeks to possibly 3-4 weeks

wait why would you want to cut down your vacation to 3-4 weeks???

Cause I would still have to be stuck in school premises

why would you be stuck in school during vacation???

Cause I would still have to "attend class"

It’s a cool website just asking if there’s a way to tweak the interface. I couldn’t join the discord for some reason

???????

Would that work for CSS?

for css it is generally dark reader or stylus

Oh I see

Thx

I'm not a web person, but notice that themes I use with tamper monkey change colour settings

I see

I also think there is colour changer extension

yeah that would probably be stylus then flim

it lets you load site specific css to theme websites

@boreal scarab you have protonvpn ?

Yeppers

Has anyone done code.org does anyone recommend

you have gui app on arch or? @boreal scarab

good afternoon

❯ paru -Ss proton-vpn
aur/proton-vpn-gtk-app 4.4.3-1 [+59 ~11.96]
ProtonVPN GTK app, Maintained by Community

I do not, but I can try after my cappuccino

heh. whats paru? 🙂

Look @umbral bay , cappuccino!

arch user repository helper

similar to yay

though it forces you to read the packagebuild files which is a nice security feature assuming you read stuff like that

since the paru is no go for me... do i miss something due to fresh use/install ?

oh nah you just have to install it using the github instructions and tada you can now use it for all aur packages

including itself

will do

now add a cat to this and we get catppuccin which is the amazing colorscheme

https://tenor.com/view/treyreloaded-monkey-gif-10446196888113399806

monke

Has anyone tried the ubuntu overlay exploit on 22.04.XX

I have the weirdest issue.. Post exploitation, the ID and other commands report user id 0. but the effective permissions in the mount overlay are like nobody (not root)

No elevated permissions to the fs, no ability to run superuser cmds, or the like.

hi

hi

hi

hi

hi

🤌

@sand trench got it to work. thanks

Gave +1 Rep to @sand trench (current: #3 - 1865)

no problem

enjoy your new powers of having access to huge amounts of extra packages

yea... arch is weird =/

well the aur serves similar purpose to ppa:s for ubuntu

but they are easier to vet on aur

Shadow, wanna help AIO figure out a daily driver distro

sure

what are you looking for in the distro???

daily driver, stable, easy

and can install things without breaking things

pop os and/or linux mint for super stable but not bleeding edge updates... both are debian/ubuntu based and use apt

endeavour os if you can stand slighlty more complex install commands but want bleeding edge updates

updates such as what exactly

well debian based distros hold packages to be upgraded unless it is security updates

so you have to wait a lot for new features

while bleeding edge you get the update as soon as it gets released by the program creator

oh k

any issues with wine on endevour os?

nope not as far as shadow has seen

works well using wine cli or using lutris and using proton on steam

not tried bottles yet but heard that is super easy to use and not seen any problems reported about it either

bottles?

wine wrapping application to make wine instances easier to handle and use

mostly installed through flatpak

oh k

but has none flatpak packages too but those are not recommended by the bottles creator

will let you use vortex mod manager on linux no problem

after some intense googling I think I understand

anyways bleeding edge is more similar to how the user installed stuff works for windows

while lts is more similar to how the windows updates work

lts standing for long term support

linux mint and popos have quicker updating lts builds then ubuntu but still slower then endeavour os

fedora is somewhere in the middle of arch based and debian based in package updates

I'd say debian sid is also up there as an option for bleeding edge

sure if you wanna run that

technically arch is called rolling release but also calling it bleeding edge works

I've stop distro hoping and have settled on fedora

shadow stopped distro hopping after installing endeavour os

endeavour is nice

and before that shadow only jumped from standard ubuntu to ubuntu mate edition

did the cycle of starting on ubuntu, debian, arch, mandriava, did a stint on gentoo, 6 months on freebsd, then fedora, over to popos and back to fedora. Other distros in there at times lol

I did a year on slack

Thought you were talking about MHA

@fervent meteor wsl isn't bad actually

I'll pass on that

eh it has a lot of problems

react os is the closest to open source windows we get

yes there is plenty of ways to lock out apps from being installed or used

most go under things like parental locks

others go under focus stuff for android and apple

i.e android launchers that force you to only be able to use certain apps at certain times

sadly don't recall what it is named

yeah then that launcher would be the best thingy but shadow don't recall what it is called

https://play.google.com/store/apps/details?id=me.aswinmohan.nophone

this might work

which will limit you to about 4 or so apps

always thought ubuntu touch failing was a shame

is there a general cyber security question channel?

#infosec-general

yeah but the pinephone kinda succeeded in its place

pine has been fantastic at bringing quality products at an affordable level

yeah sadly not easily usable for shadow

shadow needs the swedish bankid app and swish

both of which are android or iphone only apps

same with my barclays app

???

eh

not sure if i agree on that point

if you read the package builds you will now for the most part what happens produ

which paru forces you to

you could do the same thing with a ppa

including when there is package build changes/updates

most ppa:s are binary packages and not compile from source like the aur

idk what ppas you're using but most are built like proper debs with the source and a /debian/ dir with build info

similar to the copr on fedora where you can simply read the specfile

.debs are usually to obscure for people to read its contents

that being said, the aur does have the nice advantage of not needing to find individual coprs or ppas, since it's communal

yuups that is another benefit

also the website page for the aur makes easy links to the upstream source

i mean, not really? it's not AS easy as a pkgbuild or a .spec, but it's still almost as easy

not as easy to make but easy to read and parse

eeeh

extracting a deb package to read its contents and stuff has been a pain point for shadow since they quited using ubuntu

..who said extract?

just visit the ppa

but we can disagree on which is better without to much problems

agh, they changed launchpad

@sand trench it seems they've changed the web ui to not have it as readily available 😕

oh f that is bad

copr build info is still easily checked tho so i'm happy with that

like this is the specfile for rustscan that someone built for the copr https://download.copr.fedorainfracloud.org/results/atim/rustscan/fedora-rawhide-x86_64/07396627-rustscan/rustscan.spec just took 15 seconds to pull it up, and that's all there is to audit

and 30% of that file is a changelog lol

a quarter of it is just a human-friendly pkg description

@sand trench you using fastfetch by any chance ?

I'm looking at upgrading, I've still got a 3900x, looking at a 9950x. umming and arring

might wait a few months

yuups

running the default fastfetch config though so not super good at configuring it

i got custom theme and is autorun fastfetch on tilix, but is config is not loaded. i say no colors. only if i run by hand

hi

i got this issue
autostart no colors by hand yes =/

huh that is weird

maybe because it was not run interactively

hmm

nah... problem for another day... going sleep

Q: Fastfetch runs in white and black on shell startup. Why?

This issue usually happens when using fastfetch with p10k. There are known incompatibility between fastfetch and p10k instant prompt. The p10k doc clearly states that you should NOT print anything to stdout after p10k-instant-prompt is initialized. You should either put fastfetch before initialization of p10k-instant-prompt (recommended)

You can always use fastfetch --pipe false to force fastfetch running in colorful mode.

found the solutution

Farben

Hey guys, new to the group. Look forward to interacting with the community

again with the hyprland

think ralex is in honk mi mi mi land

@loud marlin still trying to get Proton on arch?

https://www.youtube.com/shorts/lbG044WgZSc

we really need to figure out that liquid nitrogen cooled computers

whoah, wild.

I'm happy with noctua, water is frighting enough, never mind liquid nitrogen lol

500W, that's crazy

yeah, my breakers are tripping just thinking about that.

same.... running air cooling here as shadow is affraid of water cooling leaks

I have the NH-D15, expensive but I think it's saved the lifespan of my processor, plus it's so quiet

yeah you can get nasties growing in the liquid making it get cloggers

That's why you add a biocide to the loop.

I'd flush it if it's not an AIO and see what comes out. It's more than likely fixable

hey youn your his

yuups

kinda a noob trab to miss that

hate RMA, but if you get a brand new one it can't be bad

anyone here ever congifure tor to burp suite?

Probably

what is your end goal?

good day good day

made it further then all previous tries

do you play a lot of indie games @sand trench ?

yeah.... majority of shadows steam library is indie games

used to enjoy factorio, not sure if you can call that indie now. Dwarf fortress used to be fun

wait what makes dwarf fortress not fun??

I don't have the time to play it anymore

ah

love that DF got support on steam

well something is making it lose positive reviews by quite a few precent recently

why is that?

¯_(ツ)_/¯

ppl are never happy lol

Hey guys. In engagements (or hard boxes) do u ever have to spend time with the web application after gaining access to the host? Like a white box portion of a black box pentest? Or is the web app rendered irrelevant once you have access to the host?

I have some experience with easy boxes where I looked through the web app's internals in order to get creds for the SQL database and perhaps some SSH creds from reusing user creds which were found. But does it go any further than that?

depends on who made it and if you are going after documenting all findings or not

for pentesting or red team engagements often times you are meant to list all the vulns you find and therefor stopping testing something if you get rce could leave the client more vulnerable

unless you can make it very clear in the report

Hi everyone how are you. You have seen the Windows CVE classified as "critical"

saw the talk and explaintion of it from the primagen on stream

The IPV6 one? Or did I miss something today?

yeah the ipv6 one

I may be confusing two different items here, Black hills info sec were discussing that one a few weeks back in one of their talks, at the time they were saying Microsoft basically didn't care about it... Guess that changed. After looking into it, I was indeed confusing two different issues, I apologize

9.8 is bad

Yeah

then again it was not that long ago we had log4shell with a 10 out of 10

Wasn't this exploit just released two days ago?

I've no idea, I may be confusing two different things.

Currently watching a video on it, I think I confused two seperate exploits.

Microsoft's CVE entry is from two days ago it looks like. With responsible reporting, it was likely reported to MS earlier and they worked to fix it.

Oh, you changed your message that I was responding to

Sorry, wasn't intended to mislead.

Just to update to say im looking at it now 🙂

mmmmmm 0%

The IPV6 thing I was discussing had to do with active directory, so it' s certainly different to this. I was confused.

tldr, I would avoid making such broad/inflammatory statements without evidence while admitting you hadn't looked at it. Not saying you did it intentionally, it's just how misinformation spreads.

Understood, certainly not my intention. I will be more careful with statements like that moving forward.

Edited orignal response for clarity, thank you for the advice.

Gave +1 Rep to @clear jackal (current: #17 - 446)

Is this the one you're talking about IPv6 RCE with a CVE of 9.8? https://www.bleepingcomputer.com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/

and it is 02:00 so time for shadow whadow to head to beds with the beep boops for the meep moops

Night Shadow.

Beep Boop Shadow Goodnight Moon

BOOOOOOOOP 😇

HI IM LOGAN 🤞

AOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOPOOOOOOOOOOOOOOOOOOOOOOOOOO LOGANNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN

AOOOOOOOO MY ASS IS AT 3AM

@jagged otter What's with the spam?

Fuck all of you

gftbgckb

hiii

:mute: tokerj0k3r#0 has been muted.

lol wtf

What to do when you cant sleeps

you should just go to bed and try again tomorrow then

Try warm milk

I've never tried warm milk before, I will try some

Can't say I was ever a fan of warm milk, melatonin gummies when used sparingly work well for me.

Yeah not sure about this warm milk aha

I've never tried gummies before though

It can be in many forms, gummys are just what I have on hand.

I'm like the kinda person thats really weird about putting things I dont know into my body. I don't drink, smoke or anything and I didn't take paracetamol for years

That's absolutely understandable 🙂

I do like chewy things though so might try the gummies

I really like mochi and Tteok-bokki

🚨SSN exposed 🚨

Dark reader works great. Tysm

@urban ravine @pearl raven skip to 19 minutes https://youtu.be/nm1TxQj9IsQ?si=mfb7Z3m3Q-iH11In

Please don’t self promote here

I am not promoting. This is Ryan LinkedIn account

I’ve watched most of Huberman’s videos but my sleep is still shit

You also have to follow what he says 😆

lol

Watching now.

I'm in no danger of not hitting puberty though 😛

Would concern me if it follows up with testosterone reduction.

I tried

he said no melotonin

Im old though so im ok

I kept on abusing melatonin after hearing that

Soo i just complited a certificate but it has my account name on it which ofcource isn't my real name... how can I change it ?? any help please ?? The cert costed me a lot soo.. 🥲

Ngl for what it's saying in the video... It seems pretty bad tbh

I already wake up like 5 times a night

SOrry henry no idea

Anyone ??

if you're talking about the certificate of completion of a path in THM, the certificate is generated automatically with the completion of the path showing your username on THM and there is no way to redo it with a different name

That was rather interesting, I'm still watching it but I'm past the melatonin part.

does this actually work

You seem to be a smart person but usually these loads of bullcrap like this floating around

You could contact support

@loud marlin This fucker was causing me not to be able to extract my filament

reall

Mornin

Planned but not notified power outage for 6 hours on a Friday is very cool btw

That's all

👀

pointless, I asked once and what they answer is what I answered 🙂

no real channel for it bc it's not really a certification, just a certicate of completion

bit of of a novelty

indeed

the format of the password? of the encrypted data?

huh. what comes out should go back in. where'd you pull it from before trying to decrypt?

well, can't say i expected that reply

@molten sky how are you this fine evening?

Sup Zumi

man i'm tired as shit and it's only 10

10 pm or am?

How is it, been meaning to start it as my background tv series

Hi.

pm

How's you doing?

huh. first things first, does the gpg key load correctly? are all the subkeys present, including one with an encryption flag?

👋 the am or pm was for productivity 🙂 GOT nice show but decreased the quality season by season, also worst ending ever 😂

it's not that bad, being tired at 10 pm is understandable if you had a hard day

"no alcohol tonight" that's not a sentance you'll hear it from me 😂 😛

shit
you just reminded me

thx

Holy based.

I didn't get hooked with house of dragons, I watch the first 3 episodes and nothing

You're gonna crush it, I believe in you.

Gave +1 Rep to @solar echo (current: #252 - 22)

Speaking of LLMs, I just found out that... Japan is quite AI-racist.

Uh. that's a new term

I'm trying to make a pfp for a "friend" of mine and he asked it to be exactly like mine... turns out that out of 60 images generated, none of them were of a black-brown man, which is... his skin tone.

maybe I'll give it a shot if survive a few seasons. I watched one or two episodes of season 2 and it didn't move me to go back to season one and pick up the story

That's because it doesn't have enough frames of references used for training of black anime characters.

By the way, Luffy from One Piece is Brazilian but at the same time is 100% Japanese instead.

Bing is a JOKE.

I could try Midjourney but I am too lazy to check if I still have any credits on it if you know what I mean.

midjourney's paid now entirely

Same with claude, only 5 messages now per day

even if it's a one piece, brazilian is need it 😂 😛

uh aye @blazing granite do you take notes?

#room-help

Not really, iirc their issue is not related to rooms.

oh k

oh it's another one of those

nah

Random moment: remember when Travi$ Scott made songs that sounded so dark that he put them off streaming?

I do, I take physical notes, pen and paper and then when I have time I digitalize those for safe keeping

I use obsidian for the digital part

Obisdian is so GOATED, right, Rex?

yall mind iff i post a html post request in here to get yalls thoughts?

indeed

His older stuff was insane, but then he went commercial for obvious reasons.

Before I was only taking notes about studies now It seems I have to take notes of everything

even my thoughts

to remember them

I never take notes nor memorize things.

I just revisit them in a spiritual realm I access frequently whenever I need to reach them.

oh, didn't that get shut down

Context:

It's still working for me, have you updated it?

Yeah I'm on the latest version, perhaps you're running a outdated version

context and small caps 🙂

Backtrack it, haha, get it?

Yeah but I heard there was a vuln with a CVS of 10/10 in ver 8.2

Think it's a brain RCE

what linux has to do with password?

I love Fedora, but the people on their discord kind of suck

post it here so everybody can see it. More eyes means more chances of help

Ask ChatGPT to minimize your text without losing substance.

I am an expert and I do understand it however I am not going to help for reasons unknown.

Typa shi I be on recently.

Hmm melted a thin cable with a glue gun

my point is that OP didn't mention any OS, very few details and you straight sent it to Fedora, without any context, you may send it to talk to your aunt and probably will get similar results 😂

Sometimes you just gotta say sumn.

I love writing like this it makes me laugh like an idiot.

You went Joker mode and you're not even Brazilian (yet).

brazilian can make you cry too, depends on a few things mainly length 😂

Anything brazilian is painful enough to make anyone cry.

I ain't readin' allat.

this isn't a Linux discord, you'll be better asking in a Linux specific discord

your point?

RTJ symbol emojis.

are meant to be funny

I do, I solve other problems for a living and I get paid for it. I'm here to relax not to work for free 😂

I'd get reading tbh

However, I don't get paid for anything and AM here to work for free.

I think hibrother should listen to Drakeo the Ruler's "Betchua Freestyle" so they can clear their mind and focus on fixing that gpg issue.

I would probably start with a query like "gpg not recognized fedora" utilizing your favorite search engine.

So, Bing?

Not your bro

go and ask in a linux related discord was my help, that's the far as I go 😂

And in your position I would still request at least 3 dollars for that advice.

Also rubs you the wrong way when the answer is but you work in IT, so even if I knew the answer I wouldn't tell him.

Be honest do I really have to know all the network fundamentals for in the future

@loud marlin

Knowing the fundamentals of networking is important

asking cuz everything its too much and I have to look in my notes almost everytime

You aren't going to learn it all at once

yeah ur right

to be honest, knowing network will really help you in cybersec, internet is a huge network 🙂

Or in a short period of time

LMAO absoluuuuuuuuuuuuutely.

too much

Yuh

My sibling in the divine's tree of life; just learn the OSI model and research the terminology used in it.

Oh, they deleted their message

I was going to say you've kind of burned the bridge in regards to help. Scrolling up, I don't think I saw any actual researched question(s) but I did see a lot of caps. Which doesn't necessarily help

what are those roles 0x2, 0x4

0x3

TryHackMe level in hexadecimal

alr

Worthiness leveling.

Man_face

To get actual help, it's better to come in having done some reading, ask pointed questions, and providing screenshots where possible.

Listening to Kodak Black's "No Flocking Freestyle" right now, much to think about... pondering about life...

Almost midnight around here so I'm going to catch some 💤 see you and have a good one 🙂

The person was most likely new to Discord and too young to even understand how to ask proper questions.

Good nite, Rex.

I've been researching for hours and I just wanted to come and discuss my situation to see if someone could give me an idea. Yes, I'll ask somewhere else.

They said they were on an alt I believe

I'm always so sussy of people who have Discord alts.

How can I login to another user if it keeps saying security file log is full

I think I cleared the logs correctly

Scrolling back I didn't actually see a question, at least an obvious one (wall of texts are hard on mobile), which is what I am getting at. You came in, all caps, asked for help with "simple gpg problem," and then harassed users who didn't really want to help/said they should know because they work in IT

Like I said above, coming in with pointed questions and screenshots is a much better way to receive assistance

Zumiii!!! Hai :D

Didn't have to ride through a flood today , just got home haha

Operating system? Where's this from? What's it for?

harassing users who didn't want to help me? I just told him jokingly that he worked in IT, but of course what is said in a joke in the eyes of the uninitiated is an insult, not to mention that I was not referring to the help itself for my problem The specific question (regarding gpg where I even put what format it was and what the problem was) I had asked before which I did not even explain there because I was giving a general context, it was because of his response that this was not a Linux server due to a problem with gpg

Yes, harassing users is bad.

So I made a server with ad dc and group policies but bc I kept intentionally trying to use wrong passwords I can’t access them anymore bc security log on the client this system is full

nope, jazz said soon

jazz?\

So you cleared the Event Viewer/Security log file?

Yes

Yeah, very popular music genre.

I have them cleared and saved as files @clear jackal

@gray sonnet I don't know you but if you're going through an interview process I wish the best of luck to you.

Yeah, likerofjazz

Thank you so much

Gave +1 Rep to @solar echo (current: #244 - 23)

got that but I mean she got you an interview?

yup

sweeeeet

Finally done it! Top 1%! Wasn't expecting that today at all!

How did you clear them? Through the recommendations provided on Microsoft's forum? Have you altered the settings of Event Viewer to overwrite old logs?

aye, it's for a SOC job, so doing a lot of blue team learning haha

In the actual server it’s connected to, I cleared the logs and the setting is to overwrite them. The password also has limits set for them but I don’t think it has to do with the logs

bro

the weather is getting funky

Right, anywho, I'm going to get off, get some rest, have a good one ya'll