#general

Simple, someone gift it to you

kinda hard to get one gifted if they sold out

lol

Keychron is nice

How deep down the rabbit hole is shadow now in the world of mechanical keyboards?

very.... looking at ones using via or vial and having rp2040 controllers and having 36-42 keys

sorry, but I wanted to know how to stop auto subscription when my month ends

in the email you got when you subscribed their is a link to the subscription handling thingy

there's an inovice pdf

at the bottom of the text and not the invoice... the one that looks like this when you click it: https://tryhackme.chargebeeportal.com/

If I cancel my subscription before the billing period will Is till be able to use premium rooms?

You can cancel it from your profile.

Yes

You shouldn't be able to cancel it from there.

yes until it would have charged again where it will not renew and you lose premium room access

oh???

I don't think there's a link, nothing is there

is in the one with the invoice for shadow

but guess shadow is wrong

as jabba piped in

if i fail to hack myself does that makes me king ?

so as soon as I buy a subscription I should press cancel right away so it doesn't auto renew

if that is what you wanna do yeah sure

think you might be able to buy and use your own vouchers too if you want auto renewing being disabled at the start

nope, you know everything about yourself and you've failed to hack yourself
what does that make you from a 3rd person prespective?

cool, thank you very much

Gave +1 Rep to @sand trench (current: #3 - 1875)

big folder
  - small folder
     - smaller folders inside
  - small folder 2
    - smaller folders inside
  - and a lot more
  - output dir

Any ideas to move the smaller folders into output dir

In windows

a fucking fool 🤣

does anyone have any experience setting up a docker email server on a linux machine

make a bigger folder

ou man

hello

hi

heyo

beep boop

shleep shloop. oh wait, that's someone elses line, haha. how's it going?

ask your local llm for powershell command to do this

maybe move in CMD, or move-item in PowerShell? could write a batch or powershell script to automate?

https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/move

https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.management/move-item?view=powershell-7.4

or possibly even robocopy...

https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/robocopy

looks like robocopy has a /mov switch for that.

mweep mwoop time for sleep sloop to the beep boop for eepy eep

Night Shadow.

ah figure Imma have to script it out...

yeah, looks like it

unless it's just a small subset that you can manually issue commands for. but i doubt that's the case or you would've probably done that by now ha

AIO do you still do freelancing

no, hehe. You could try but probably tastes awful

Very cool cake nonetheless. Very unique too

yeah he always goes out of his way 🥰

https://tenor.com/view/sleepy-cat-baby-cat-coffee-cofffee-cat-sleeping-cat-gif-11793912039839338151

Eeepy

same

was awake from 2:30 till 4:30 at least uuuugh

day is ruined

I have been training hard on htb academy all summer 12hrs a day on the CPTS path and it honestly is overrated. learned way better stuff on many other platforms

i start my C++ class this semester so that will be fun

this is largely marketing nonsense. i would say that 99% of the time, when someone is talking about "blue team" or "red team" that person does not have a clear idea about what it is those categories actually do. Saying 'blue team defends' is so vague and encompasses so many different activities, it's a functionally useless descriptor.

Similiarly, "red team attacks" is also useless, as the reality is that "red teaming" is an extremely narrow, extremely niche discipline that is adjacent to pentest, monitoring, and incident response. I would not say that a red team test is a subset of pentest, because the controls and operational functionality being tested are very, very different.

I would disagree . I've bought few boxes from the path . HTB is not as guided and comfortale to go through as THM . But it has it's own pro's . They really go into detail of every topic and try to cover the underlying stuff i like that as well as the force to you read some documentation that might feel like pain in the a..s but is actually quite usefull to have a out of the box mindset . I really like there tier list 2 and 3 good stuff

what other platforms?

I like your bio

Lolz

youll love this one then https://www.youtube.com/watch?v=z0O_VYcsIk8

Yeah i love this guy

But i haven't watched this one .. so Thankyou

Morning

Morning

is not overrated

Morning

is starting with an array valid json? [ {"n": "n"},{"n2": "n2"}]

Shopify

My goodness, 12 hrs of self-learning Python yesterday

😵‍💫

did you dream about it?

Nah no dreams
All real life

It's not about time , But the amount of focus you have

Rest is important too

Ye 100%
Been taking notes and watnot

Usually i dream about being in a Red-team and messing things up for everyone : D

That sounds so fun tho

Not fun when you wakeup feeling like a fraud . Idk why i feel like that

No matter how much i learn i still feel like i should go back and learn it again : D

when you mess up in red you make blue happy 🙂

I want to like... create my own cheating program or sth, to crack games
Without using those dodgy websites that require u to complete an offer 1st

i noticed that on the thm it says you need a 7 day streak to have access to networks

is this true for subscribers as well?

For non subscribers

got you

Start with Wreath

It's awesome

wreath?

How many.... libraries r there approximately? In py

A network you can play in Tryhackme

well, tbh i am really new to cybersecurity
i am just doing the presecurity learning path lmao

i have no idea how networks are playable

So was i like 2 years ago

i thought network meant openvpn, attackbox and those things

Ahhhhh shiii
I needa start doing CTFs soon
Feeling the urge

You will get there eventually

There are Learning rooms . Like the current you are doing right now .
THen there are ctfs which are small challanges focused one on thing .
Then there are networks where you have to hack multiple machines and they become really fun

Wat language r CTF programs written in tho?
Java?
Python?

how long till i get there?

CTF's are not programms . You get a machine that is vulnerable and you have to attack it . Binary exploitation challanges written in C

Depends on how much time , focus you give

Ahhh understood
Cheers

certainly
but i meant like learning path wise

So it's ideal to learn both Python and C for cyber?

For me i had a habbit of understanding everything before moving on . Even if it's not included in the path . Example if i'm learning about wmic i will learn about wmi and other stuff . So it took me around 2 years to complete Tryhackme and Few hackthebox boxes including bunch of ctf's

But i also took few months off

so

makes sense

what programming languages should i learn alongside?

If you wanna learn the languages i would suggest you cover
Bash
Python
C
A little bit of powershell

oh well u answered ig

Start with bash . It will help you get a strong hand in linux very quickly

Then when you start learning windows stuff start powershell alongside it

and things will make alot more sense

go is good to learn as well

what is windows stuff like powershell used for in cyber?

I've heard about it but i haven't learned it or used it . SO

I've seen python and C alot

Oh this is too good
Appreciate it

Well if you are using powershell in a windows machine it would be alot comfortable to know the language

Just the things i hope someone should've told me when i started

makes sense

if you know C you will appreciate go

Don't get into rabit holes . You can never learn everything . And you don't have to learn everything

But make sure you learn consepts and mechanisms

not name of the tools and there syntax and flags

Yeah i know C . I'll try go in the future : )

what are the most important things to learn in C for cybersec?

Well you should be able to read and write code : D

what about the libraries?

Most companies run windows
If you're pentesting or defending those companies, you will need to interact with Windows

Understand which functions are bad why they are bad and what attacks they open up @queen flare

Programming is a relatively small part of cyber

True

i guess that makes sense

Ohhhh another thing
Is it worth understanding Google Cloud Project as part of the cybersecurity learning process?

i see
and what are the libraries i myself need to learn to be able to use?

GCP is the least used of the three big cloud providers

Go for Azure and/or AWS

Well that depends on what you want to do . With time you will know

A lot of the concepts translate

ah

@naive violet how do i verify my thm with discord

thanks

Happy hacking ! @queen flare @amber laurel

how does adding my socials over here help me?

will people be able to contact me through my socials?

If someone visits your profile they can visit your socials 🙂

Don't add them if you don't want to

follower count

hey, thanks a lot
do you mind if i add you as a friend?
so if i have any questions regarding cyber, i can leave you a message

Gave +1 Rep to @remote swallow (current: #601 - 7)

Sure

But make sure you google it first

ofc

Room name : Encryption - Crypto 101
Task : 08
Who is TryHackMe's HTTPS certificate issued by?
Whats the answer??

Where would you find that information, dya think?

The certificate has changed, waiting on THM correcting the answer.

Ahh ok

hope everyone is having a great day today

not me

@torpid runenew here hi

hey hey people

Guys. when I use enum4linux on a domain controller it lists me all users and groups of the domain, is this normal behaviour or can this be protected somehow

don't remeber the last time i used enum4x

Don't allow null or anonymous sessions?
Don't give attackers domain credentials?

this enum is without authentication (anonymous) i am just wondering if this can be protected or if its normal behaviour

See point 1

maybe there is some reason

You can turn it off as I said

hope it gets better

yo which kali do i download

Are you using VMware or VirtualBox as your hypervisor?

uh unsure new

I am assuming you’re running a virtual machine?

the reason ive to re download is because this wont work

and my mate said try redownloading it

Your path is in onedrive

yeah? is it meant to be smth else

Move it locally to your computer, don’t select it through one drive

i keep all my files to one drive so its easier for me to opem

open*8

oh

does anyone have any experience setting up a docker email server on a linux machine

Bro....

wdym

once i download a file, i drag it to desktop

only files/apps that im gonna use often

You need to select the file locally, not through onedrive

What?

skibidi

Skibidi

stop talking about me please

do you have a video on that as i have no clue what that means...

You're going to struggle running a VM from cloud storage.

Put the disk on your local harddrive

hey guys, i am a complete beginner in cyber security, currently a sophomore in college majoring in computer science, i explored the try hack me's free resources and they seemed really nice because they catered beginners, should i continue with the paid version, is it worth it? if not, what other free resources should i explore considering i wanna start from level O?

Is there a room having privesc or anything related to exploiting a custom FUSE filesystem?

Where the source code is available for the user to analyse

Brainstorming some creative room ideas

Involving code analysis

Ayochupkr - Coming onto the Discord built around a certain website/service and asking if its worth the subscription? Cmon. You know what the answer is gonna be 🙂

still man people gotta be biased

and prob people have used it here so they can give better advice

I'd say it's worth it. Start with monthly subscription can always cancel it if you don't find it worth it.

Granted, But I'm sure you'd be able to predict what the overriding opinion is on here.

oh

how do i do this? @pallid lotus

okay thanks

Gave +1 Rep to @floral abyss (current: #40 - 201)

also which ones do i keep and which ones do i delete

yeah lol

idk why theres 4 copies of kali linux when theres meant to be 2

Those are all different files

There's just one, others are metadata

A VM, on disk, is made up from a few different files

so i dont delete any of them

ok

uh is this where it is meant to be btw the file location

and is this how i close it everytime i exit out of kali

You, uh, don't know the difference between the disk in your computer and OneDrive?

That'll do

Eyup Muiri. got a fun bank holiday weekend planned? Wait, do you peopole have the same bank holiday as here?

Preferably tell it to shutdown rather than power off.
The option you have selected is the equivalent of pressing the physical power button on a computer.
It's not a graceful shutdown, so things are likely to go wrong sooner or later.

Heh, Scotland has different bank holidays, but we're on the English system for... Reasons

But yeah, just doing a bunch of home improvement stuff

not really

ok in desktop

Sweet, sounds productive

okay tysm

@pallid lotus help

Your computer has one or more physical storage devices inside it. Probably an nvme SSD if it's a modern machine:

yes

OneDrive is cloud storage provided by Microsoft. Your files are stored on a server in one of their datacentres somewhere on the planet

sounds sus

^

Trying to run a VM when the disk is stored in cloud storage is unlikely to work.
People have done it in some weird and wonderful ways, but it's not recommended

Waste of energy too

Help with what? That's a shutdown modal

yes but which one do i click when i want to exit kali linux

If you need to access your VM away from home, would be easier to RDP in

Be like cooking one ingredient at a time, but all the ingredients are in the fridge in the garage

so then how else do i do it

... Shutdown?

Or use aws if you want to be fancy

Aye, if your garage is in Alaska

this shutdown thing takes like 20 seconds

Stop doxxing me

ima js power off it

You would keep the files on a storage medium attached to the compute resource which uses them.

nah relax im a beginner

In this case that's your laptop/PC.

yes my pc

bro it still hasnt shutdown

I ain't helping recover anything if you corrupt stuff 🤷‍♂️

ummm

Powering off is great until one day you boot and it takes you to the bootloader

Looks about right

nah bec i listened to u and kali didnt shutdown

👀

It is shutting down though?

oh it did finally after like 3 mins

but if u power off it, then it takes 3 seconds

whereas shutdown takes 3 mins

That's a stop job you just screenshotted lmao

yall prob gonna laugh but this is the tools of a beginner

Yes, but it's much less likely to power back on again...

oh, great im glad to shut it down everytime then

dunno why kali linux has a cross on it

maybe its too much storage since its on desktop which is onedrive i think

@pallid lotus do i take out the kali linux folder out of desktop and place it somewhere else

bec i dont even need it since i click start on the orcale virutal machine to use kali

I really don't care where you put it, as long as it's stored locally lmao

Your desktop should be local, but looks like it's backing up to OneDrive

ohhh i thought local was like documents or downloads not desktop

don't use nukers

thought local was a whole another folder

why?

Jayy - i was gonna say the same thing.. those filenames look kinda sus 😄

1. you have no idea what your running and it could actually be malware
2. its unethical, against ToS and really...quite a dick move
3. it also could be illegal depending on where you are

They clearly have some learning to do ahah

1. you have no idea what your running and it could actually be malware
   ~ correct been hacked before

What does nukers do? Really curious

great, so don't use it then lol

Just a little

2. yes unless you are using it ethical ways

Learning how to replaced a hard drive thats been destroyed by malware for one :p

3. nah calm im in australia

im js tryna learn hackin...

There's an ethical way to abuse Discord ToS and attack servers..?

that isn't hacking

some? a lot 🤣

That isn't hacking lmao

We havn't used the words 'Script Kiddy' in a while..

obv i aint gonna attack servers why would i do that

Because that's what the software does according to it's GitHub readme

huh then whats it identified as

Being a twat

I mean.. what else are you going to do with a tool designed to do only that 😂

computer misuse is still illegal in Australia afaik

Hacking is about identifying and exploiting flaws in systems.
If you do it ethically then it's about helping the developers and maintainers of those systems to patch those flaws.

https://www.youtube.com/watch?v=PmtFtWVrxFE

Hacking stories are interesting

that was all through social engineering

Tools like that are just taking legitimate functionality and abusing it to be a dickhead.

Yeah, a lot of the high profile stuff is through social engineering

which tool u talkin bout specifically?

I mean, it's the most common initial access vector by a long shot

i dont wanna do any of that js wanna know the basicsa

Yeah and even they got caught

yeah true bruh

you're in luck

https://tryhackme.com

The discord nuke tool

nothing can be hidden from the us government

Humans tend to be much easier to hack than the perimeter protection systems

paid 😭

Unless it's Fortinet

i mean paying isnt a issue

In which case game on

its js i barely got time

which one

Boss

LMFAO

oh gang nuker

What did you mean which one LMAO

bruh gang nuker doesnt even work

All of them?

gang nuker paid

and i aint payin to raid servers no point not smth id find interest in doin

16 is a great age to get arrested for using scripts on Discord 😭😭

u cant get arrested for raiding servers lmao

and how do yk im 16 oh shit bio

Eh, breach of CMA

You literally can. It's just cybercrime.

imagine that though - 'Why are you in prison?' 'Well, I shut down a chat server for my rivals football team..'

So, yeah, that's a criminal offence in most jurisdictions

Anyways these look really interesting

only if i knew how to use them it would be dam good

... The start menu?

It's a logical place to start, I guess

which is the easiest one?

text editor

1 & 5 are the only words ive known...

ive heard

Jayy - except vim.

wheres that

Closely followed by the web browser

right here

oh opened

but idk how to code

oh honey.

That's okay, just type some things

Do you know what notepad is on Windows?

a txt file where u save stuff ig

what is terminal tho

i still dont knowo

like whats the purpose of terminal

Oh FML

Yeah... My thoughts exactly, Muiri

Right, go have a look at this:
https://overthewire.org/wargames/bandit/

rule #1. never click links

https://linuxjourney.com/ and this

OTW. Classic site

And come back when you've finished it 😆

why is it not embedded

you may need to go through the first couple chapters before attemping OTW

this too much reading

Rule 1 of learning hacking is learning computer literacy first, I'm afraid

Hacking is 90% reading

To much... reading?

i need serious help

If that's too much reading then you're getting nowhere as a hacker

With what?

can any one help me

It's 90% reading old docs

And 10% taking notes about them

Usually 911 or 999

bro wth this is for intermediates

idk what a port or a host is

am using kali as vm and i cant connect with openvpn

or 112

Please use #site-support

oops

@quartz niche

yessir

That's literally level 0 of the de facto Linux for beginners course

thanks

Gave +1 Rep to @naive violet (current: #2 - 2177)

wait

so the 2 links u sent

Level 0 of learning anything. about anything.

those for learning hacking i assume

so out of those 2 websites and tryhack me

As James said, you need to be technically literate before you can learn to actually use tech, and you need to be proficient with tech before you can learn to hack.

which one is the best to learn hackin from

No, they're to learn the basics of Linux

oh

Which is a prerequisite for hacking. One of many.

patience is another thing to learn

One doesn't just "Learn hacking"
Hacking is about understanding in great detail how systems work

And then abusing that

Unrelated but whats peoples opinion on overthewire?

"it's a lifestyle" 🤓

wth thats sick

It's a good intro to Linux CLI

Hiya Bella. You dried out from getting caught in that storm yet?

does it get harder?

which i dont have at all

the clothes is hanging in the smoker 😄

Hehe. Biking is awesome. Until a really rainy day 😄

Yeah, the levels get progressively harder, and there are more advanced versions than Bandit as well

Then the curse words start flowing

I drove out of the storm again, I was faster than it!

wait hold up

whats linux

i might eventually look at it.

yeahhhh, rained so much it went through 4 layers of clothes, and I had to drive with my visor open cause otherwise I couldn't see

an operating system

I feel like this is a troll at this stage

.....did you read the link I sent you?

thats page 1

i thought it was a troll immediately

https://tryhackme.com/r/room/linuxfundamentalspart1

Technically nope

Haluka - you've never had a pop at overthewire?

nah even i didnt know what is the difference between terminal, linux and kali linux at the beginning

Not even once.

You literally just installed a Linux VM

we aren't deeping that down with this guy

so libnux is a software

an app

My journey started with hackthissite.

dang. It's like... one of the original online 'labs' for hacking. Spiritually, THMs grandparent

Brb, off to find the copypasta

It's a Kernel

you mean overthewire?

um whats that

drop more bombs

I'd just like to interject for a moment. What you're refering to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

which website better

Haluka - Yeah. used to be one of the first steps for folk. HTS was aswell

Danke Jayy

2nd one looks better to me cant lie

https://tenor.com/view/black-nerd-black-nerd-gif-26919340

bruh ima go back to playin fn will learn this hacking stuff sometime later in lifef

I'd just wike to intewject fow a moment. What you'we wefewwing to as linux, is in fact, gnu/linux, ow as i've wecentwy taken to cawwing it, gnu pwus linux. linux is not an opewating system unto itsewf, but wathew anothew fwee component of a fuwwy functioning gnu system made usefuw by the gnu cowewibs, sheww utiwities and vitaw system components compwising a fuww os as defined by posix.

Why not just try one of them? Instead of asking which one is better

yall prob graduated im in still in yr 11

ive but i js want other peoples preferences yk

oh god this hurts my head

mhmmm yeaaah

People have learnt far younger than you

It's like Krypky from The big bang theory

what is year 11

15-16

What rank are you

I joined TryHackMe around your age lol

than ks now i read that msg in his voice

Hahaha

oh i joined hackkin around 13

and their main priority is become an eithical hacker or get an job in the cybersecurity industry

lockdown moment

whereas mine is to become an online entreprenuer

by nuking discord servers?

please no beauty videos entrepreneur

ha ha ha

👏

want a medal

If you are handing them out, Sure 🙂

Alright I’m getting mixed signals now hah. I thought you wanted to learn hacking?

man, this is not the right place to be in the headspace I'm in right now

yeah im dipping

some of the young folk on here are scary quick at learning hacking

https://tenor.com/view/peace-out-see-ya-later-bye-gif-12439534463822669431

in kripkys voice 🤣

So... why? What's your motivation?

yes as smth part of my side but its something that will require time and effort which im not willing to spend rn as i got exams comin up

top g

correct

ppl have time for games but not for studies

ik bec im a loser and stupid

Oi I play fortnite 😂

les play

reload duos

Exactly

Year 11 is rough, it’s good to relax when you can

who didnt 😭

what is year 11 istg

Nah reload is so bad

That's not a reason to learn hacking

It’s a secondary school year in the UK

its sweaty and og which is what id prefer

Idk the aussie equivalent

wdym

in australiia theres primary school and high school

i passed that last year, and its easy, not in uk tho

Yeah but you don’t gain anything lol, I only play builds comp

p[rimary school kindgarten-yr6

highschool yr7-yr12

next up after hs is uni then job

You are such a child

only reason i play fn is because of og

I skipped uni and went straight to job

oter than that fn gets me bored

which job u got?

what is rough according to your context?

othr than that dont play any other games

roblox

Internal IT Responsible + SOC analyst/engineer and Incident Responder

got that to make money

woah dam and didnt even go uni

I spy a bunch of others, including several you're not legally allowed to play lmfao

which country u in?

Europe

yuh

Master hacker and master gamer

what??

This is a continent Bella 😆

a game running??

u own a game

which game

pc compatitable?

or mobile only

oh bruh on roblox

When did you start playing?

still extremely good send link

like when midas arrived

the midas npcs

(just trying to test the waters)

imagine not being a gen 1 player

So you didn’t even see actual og 😭😭

You poor thing

@ivory surge

yuppp

I feel so old right now smh

diidnt have anythin bakc then

I remember when they were actually going to release a PvE mode

got a ps4 in like yr8

too late when i clicked that link

It’s cause you are xoxo

but idk why is there an code attached in the link

u in ur 20s?

I am in my early 20s, child

It’s coming soon I swear!!

Anyone played "Black Myth: Wukong"

Barely

still old 😛

At what point do we start saying mid 20s?

24-26

24-26

you dont own that lmfao neither r u a dev for that game

Oh good

Welcome to reality, where every companies desperately tries to track everything you do because data is money

and what have you accomplished?

OHYES

QUESTION POPPED

Damn young 'uns. Getting on my lawn, with their punk rock music and their pokemon nintendos

BRO IVE HEARD IT SO MANY TIME

ppl sell fkn browsing data and all that for money

Woah!

what do they get from that

woah

wtf is browsing data gonna do

@quartz niche Absolutely do not use racial slurs here

sowy

If you do it again, you will be immediately and permanently banned

yeah so

alr sorry

didnt expect that

It is in the rules which you agreed to on joining.

i did agree

but i forgot

anyways

back to the dam fkn topic

why do people buy browsing data

how does it benefit them

People don't

Companies do

Have a read about big data and trends

for what

https://tenor.com/view/homelander-the-boys-yummers-gif-730693117818784194

its js data of like u

and who cares bout u

like its ur browsing data

do they get access to the passwords and that when they steal ur browsinf data?

I really think you need to educate yourself about this

indeed

Nobody said anything about stealing browsing data
It's not at an individual scale either.
Please read about big data and trending

Knowledge is power

-Someone important probably said that

power is... really expensive right now 😦

thank you Sir Francis Bacon

Just procratinating. Kinda need to clean the house, but putting it off 😄

not like my home :p

I only clean when it's near biological hazards level dirty

Rookie snacker, professionals use the original packaging

I don't eat berries anymore, but I did yes

how do you keep it stocked without it spoiling or whatever

They store them in their belly

Pretty sure that counts as an addiction

hi

Huge

that moment when you sit down and totally forget what you were about to do

anyone have any experience with setting up a send only email using a docker email server?

https://thehackernews.com/2024/08/telegram-founder-pavel-durov-arrested.html

Womp Womp.

does anyone know of a website where i could find info on cracking apps?

Hey, software piracy is illegal and against the rules here

sup guys

ahh apologies

#room-help please

well i think is my pc

Oops, I deleted the "oh sorry" by mistake.

what if its my pc? can u guys help me?

In #room-help sure.

kk

Reminds me of Detroit become human

thanks man

oh boy

Building a new Kali vm because I can't be bothered to fix the one I have now.

what about snapshot

Snapshot won't fix it.

what happend?

The cursor sticks and moves too much.

sure its the vm?

If it only sticks and moves in the vm it’s the vm

I'm 100000000% it's the VM as it happens nowhere else.

lol

virtualbox or vmware?

it happend to me at virtualbox

VMware.

Big F :(

i solve it just with the disconnect solve of any tech things (Disconect and Reconect xD)

Make it cute

https://tenor.com/view/it-problem-phone-call-have-you-tried-turning-it-off-and-on-again-gif-17823069

lmao

Is it on my end?

cant send picture about my problem in room help

verify your user

thanks

I laugh at how they only mention bad stuff and totally miss the word " Freedom of speech"

do u guys use pwncat?

not usually

why not?

because I don't like cats 😂

kekw

i have limited use for it

but it seems intruiging

i havent used it outside of certain CTFs

limited how?

ironic that you have a cat picture

lol

for me, netcat has most of the functionalities i would need

but it does look great compared to when it was a while ago

i might try it out just to see what improved

when people talk about pentesting, is it basically just web exploitation? or is there more to it, such as network exploitation (i'm not even sure if this is a thing...)

about system in general

systems

whatever

also people

xD

the only thing i know that could be classified as network exploitation would be using aircrack-ng to "hack" wifis, or dns/arp spoofing, is network exploitation even a category

There’s a lot to it

social engineering?

yup

like binary exploit?

Network, mobile, embedded, thick client, etc.

Yes, network/infrastructure

isnt more?

well, it get all-in

Wat?

i mean, pentesting is test a system in general

dosnt matter the classified of the system

isnt it?

But it is commonly divided into disciplines

there's scope of engagement

Such as web application, infrastructure, mobile, cloud, thick client

exactly

There is alot of documentation in place btw

@distant forge No DM's without asking please.

im coming from kind of a CTF background, is the "network security" part of "jr pentester" what you mean by network/infrastructure

Hacking a box not a website

a system as a whole

I use pwncat-cs

hey uhhhh btw
i did some research on why learning AWS and Azure is far more beneficial than gcloud, and there.... yk... a lotta reasons

but is it still worth it for me to look at gcloud? i don't want to waste my time if its unnecessary

we are both, high five

You were told to leave Google cloud to last.

I'd take that advice, especially from the source.

If you're concerned about wasting time by learning something, there's honestly a problem with your mindset

alright

i have a question about certfs

also i learned some binary exploit while doing CTFs, is that gonna be useful in cybersecurity or no?

yehhh i feel like i shouldve worded that differently tbh
but all i meant to say is, is it worth looking into it

yesir

in what aspect

Yes. Later. If you like cloud stuff.

scenario

its very niche i would say

everything that you exploit in ctf could work irl

A lot of binexp is dead because of the protections

It is usefull

It's a good topic, vulnerability research is crazy stuff

doesnt feel like ur gonna find a BOF in the wild that u can do a ret2libc with

But the basics of binexp aren't hugely real-world useful on their own without picking up the advanced stuff

Low level, time consuming, fuzzing, code analysis

and then more fuzzing

lol

the fuzzing never ends

and then more fuzzing

and more and more

alr ok
thank you

could you list some of the advanced stuff that you are talking about

Gave +1 Rep to @naive violet (current: #2 - 2178)

Defeating the protections, heap exploitation

some of you guys are bug hunters?

i wanna try it

I do it now and then.

Also learning other architectures, not just x86/x64

If I'm bored enough.

not for the money?

Each of these 3 cloud providers have pros and cons of their own, I would at least try them out. Mostly depends on the need. e.g. instance types

im poor, in my country a dollar is like 60$

Nah.

Yeah just GCP is wayyyyyyyyyyyyyyyy behind on market share

Chances of getting high payouts or non dupes are low.

is anyone here not into the ethical hacking learning paths? 😭

any suggestion?

All the "big time" bug bounty hunters glorify it. Imo

What do you mean ?

ohh btw, is bug hunting highly paid? just like pentesting?

hmm alr thanks. important/useful in pentesting or no?

Gave +1 Rep to @naive violet (current: #2 - 2179)

Depends on the bug.

of course

If you are good at it

It's not a steady income.

not saying that im doing everything for $$$, but just curious

like, if youre good at it

it depends on how critical the bug is

Yeah. A colo would be nice for a project

50k usd in 5 hour

its too much

and how big the company is

You should either do it for the money or the knowledge in my opinion

You can be good at it and still not get any bugs

like defensive cybersecurity 😭

True

I like that term

consistencyc

It's a specialism
Pentesting is an incredibly wide field. You will specialise. Binexp has been killed off at the non-specialist end by meaningful and widespread protections, and moving to memory safe languages.

im doing it for both
sounds like bloody interesting stuff actually
prolly gonna look into it on THM

uh, so? Is that a yes or no 😭

understood, so... not really relevant

OFC you will find some .

Relevant. But specialist. It's all relevant.

I’ve read a thread on twitter on how triagers are burnt out from all the dupes and P4s and P5s people report on

I never liked web-exploitation . Goodluck though

But make sure you love it

alright 👌

thats bad or good?

why its kinda fun

i have no idea about bug bounty, i wanna learn

If I spend a week on a highly hardened and well built app and find nothing, I still get paid
If I find the same thing as my colleagues, I still get paid

Happens way too much from people who just use automated scanners that don't have a clue what it actually impacts

I feel like tryhackme lacks the primary defensive capabilities, like all ctfs are mainly focused on penetration not defense

oh damn

there is to many blueteam stuff in hacktivities