#general

the new profile update feels very snappy

Hey, I just got the payment back @sick lance !

: )

Should I resubscribe TryHackMe?

I have no idea if the same thing will happen or not, your choice. ¯_(ツ)_/¯

@jagged yarrow Hey, I think there might be a problem embedding the new badge frame through <iframe> it returns {"status":"error","message":"Unauthorized"}

Please post in #site-bugs and don't ping Skidy. 🙂

Alright, sorry for that

Appreciated.

lol XSS protection and etc go burrr

anyone here familiar with opencti? and can answer some questions if things are possible within opencti?

Is this for THM?

no

otherwise i wouldve gone to the help channels 😄

or do i need to go to #infosec-general ?

I've not seen you type in here as much, so I'm just making sure.

Either is fine, but just one. 🙂

noooo ive not been around in this channel alot mostly in the help channels and ofcourse only 1 channel 😂 im not gonna go around and spam it

yo whatsapp guys

sup

how to hack nasa

🤣

they just wanna hack the planet you see lol

not anymore, they've left.

lol

every new member: guys how can i hack the fbi

play with their html

NASA is actually on HackerOne with sites and more in scope for pentesting

i have skill : cd, ls, pwd, mkdir

lol niceu

Its not!

is that enough to hack nasa

Well you sure showed me.

Very nice! That is for sure highly anticipated

Looks so much cleaner than DarkReader.

I make do with a browser extension but yeah not quite the same

yep exactly

Just incase anyone asks if it's ever coming.

It got more than 1 like, so it's not coming.

Happy Xmas to you.

Big gains

if i use microsoft surface and change the os to linux, does the laptop become a linux surface

Now that is a welcomed change.

nice

That is nice but the yellow instead of lightest green is slightly cursed lol

Need help

With what, exactly?

I cant post picture to explain

new update

Is about a task

#room-help

/doc verify

Done

I verify my token

Now you can attach screenshots, pleae do so in #room-help for THM help.

Ok thanks

powershell scripting is very annoying. how does anyone remember any of the built in functions?

cheatsheet and reference pages

Good Day THM!

also iirc there’s literally Get-Help which is the equivalent to man pages

I might not have logged in to THM for a while.

Yes the syntax is kind of insane, but it’s designed to be verbose and “self documenting” to an extent

I think the date is when it was created, not when it was posted.

https://learn.microsoft.com/en-us/powershell/scripting/learn/ps101/09-functions?view=powershell-7.4#naming it's very funny to me there's a list of approved function verbs

But then, my date differs.

I think this was the first login in two years or so.

That date pretty closely matches when I created my account though

Invoke-Laugh

Is TryHackMe Okey Right Now?

I've browsed around without noticing any issues,

But I'm, Even After Couple Of Refresh!

@sick lance Here!!

Probably best in #site-support

Sure!!

Yuh

Red Team Capstone Challenge is a bit silly

How so?

I can’t seem to remember my password for the challenge portal

Lmao

You mean you didn't write it down?

Or copy/paste?

I did but when my computer went full psychopath and erased everything I lost it

So feeling a bit bad rn

Ruh Roh.

Uhh can site support help out or am I fucked

Fucked, the creator didn't impliment a recovery solution.

Wait why do I even need my THM username for?

It doesn't need to be your THM username, it can be any username.

IT just helps identify you.

Oh

Then I’m good then

Lmao

This time I’ll write it down

Got it written down

This one Youtuber I was watching just now was messing around with an windows XP machine and didn't connect to the internet as a safety concern but is there anyway people would know he's running a vulnerable machine without him visiting a dodgy website?

Anyone here experienced with assembly and malware analysis?

Malware analysis is restricted to our advanced channels out with THM content.

hello guys

do any of you know how to exploit queuejumper for rce?

im just tryna find someone in this field to get resources and get into it

btw @sick lance when the monthly hacker is awarded its been 7 days into oct

Please ask support, I'm not an employee.

Afaik, it's manually awarded

What for?

Sorry, English only.

hello hackers 👋

how is @sick lance today?

Hydra is so slow dude

im starting to wish I hadnt done that shit

mb

that was not the message that i want to text here

I am having a problem and there are sites that do not let me enter, unless I enter through tor, it is in my daily use machine not in the vm. I thought it was only with that one, but I tried to enter optifne and it gave me the same thing. I checked the windows hosts file and there is nothing. I also changed the dns to cloudflare's and nothing.

https://tryhackme-badges.s3.amazonaws.com/shadowabsorber.png

https://tryhackme-badges.s3.amazonaws.com/KyootyBella.png

microsof port 1801 messagequeueing

where is the support?

Could use some friends to do KOTH

https://tryhackme-badges.s3.amazonaws.com/0xPentester.png

neat

Thanks

but something tells shadow that the image is unescarrily blurry

https://tryhackme-badges.s3.amazonaws.com/jaxafed.png

💯

I just took a screenshot lmao

lol

https://tryhackme-badges.s3.amazonaws.com/0xVader.png

That’s not it

My username is diffrent

It’s totallinkdom

My badge for some reason says guru and another says I’m a god

the static ones need to be updated by pressing a button

That makes sense

Hi, someone know what hardware you need for a home lab ?

"need" is probably a strong word there

you can build a lab with just about anything

it depends on what you want to do in/with it

I'm just using an old tower, upgraded the ram and installed proxmox on it.

Thx, i just want to reverse malware and stuff so it's more about isolating the network etc

Here's the new one

I mean, you can just do that in a VM, provided you know what you're doing with virtual networking to isolate it. There are a million guides on YouTube.

I want to build a dedicated machine with a network monitoring siem too ^^

Heyy guys i am getting error during connecting to the ovpn file for the active directory enumeration network room .....

2024-10-07 21:28:41 Error: problem with tun vs. tap setting
2024-10-07 21:28:41 Exiting due to fatal error

#site-support

That's the kind of stuff I use my proxmox server for

hydra intensifies

would recommend against going into malware stuff without having 100% sure knowledge of how to do so without screwing over your computers or network

I do have a few setups on an unrealted note

I could share em

well vader please keep that in the advanced channels

Of course

the malware part that is

if you are talking about AD labs or server labs go for it here

Well yes, but it's more of a setup guide

wants a cisco router or switch for home labbing

eh for now the packet tracer program is good enough

or going to schools lab and sitting there for a few hours testing things

Thumbs up all

fr

had no idea that thm had a discord

@static sierra

I have some Fortinet equipment I've to attack

I switched my hons project.

oooh fortinet firewall???

yeah took a bit for shadow to realise too... but the token in the manage account page was what made shadow figure it out

Firewall, switch and router

Honestly same

I still need to get my server home from school

might just say fuck it and carry it on my motorcycle

fun wardriving setup

yeah, just a whole server on the top of my fuel tank

Quite like the idea of my end report being published.

Honestly they can be pretty cheap, especially if you settle for older kit

I went from almost top %1 to almost top 2% with the new update 💀

yeah would need a console cable and maybe something to connect some ethernet ports too

probably cheaper to just go lab in the lab room in uni

as we can book the lab pods whenever we want basically

but if we abuse the tech we can get barred from entering but yeah shadow is not gonna do that

someone from the last year student group inserted some erasers into switch ports and got barred/banned from entering the lab room for good reason

I will add, take volume into consideration. Older kit is jet engine loud. If it's next to you, maybe procure some form of noise isolation

hahaha yeah switches and routers and other 1-3u stuff can be stupid loud

noticed that easily during lab moments

You also can't go too new, because licensing becomes an issue

👀 Hi moose

Hi

I am alive. Sorry for the unannounced absence

well it is not our job to make sure you are okay or keep chatting... that is entirely up to you shadow would assume

It's been eat, sleep, work, repeat for the past couple of weeks

here it has been eat sleep study

I have ham projects approaching completion
Some satcom, some HF. Opposite ends.

Noice

neat

Same been busy with life.

would love to get into ham radio stuff but neck deep in uni stuffs

I took down my pihole and haven't had time to put up the new one

I thought it was going to be a drop in replacement, but it wasn't

yeah it can be like that

But back to Cisco equipment, not too old and not too new. Old will be loud, potentially lacking Gbit connections, and running ancient versions of Cisco IOS. Too new and the price will increase exponentially, your GUIs may be locked to extra services, and you will run into licensing issues.

yeah not gonna go out and buy one for a while

just knowing it is an option

never actually noticed how many commands these nmap got 😭

yeah there is a lot of nmap stuffs

hard to remember

and even that module does not cover everything

lol

note taking or teach your rubber ducky how to nmap scan things

bruh

well its interesting at the same time and kind of i would say not hard neither easy

but yes i am learning a lot actually

note taking note taking note taking

write down stuffs

helps you organise your thoughts and make stuff stick better

I'm inclined to agree, the stuff that I put together for my home lab in the beginning lacked a lot of features, some of the stuff I was learning in class didn't translate directly over even though I had purchased the same switches. I then realized that I had purchased a different model of the same switch.

Have you seen the size of the book?

😭 dont tell me nmap has a book now

Wdym now?

Only 434 pages...

bruh

it's a good read

Unless there is a newer version out?

yeah there is a free ebook for nmap

or you can buy it in physical format

or stick to the manual page

Nope, the book was released in 2008/09

Ah okay, that's the one I was looking at.

later i will have a look my 3rd semester maths consuming my most of time

harder than anything

shadow is doing a lot of subnetting in head right now

gotta make it stick

i bricked my kali vm trying to expand the disk size

GG

😆

well there goes all my scripts and notes

you were storing your notes on your vm??? also you don't back up your notes using git or other service to some server somewhere???

because both of those seems like bad practice to shadow

most of them on git some wip notes and scripts i keep it local

ah well less of a setback then

still can hurt

yup, a bit of annoyance but more practice for me end of the day

and i wanted to have a clean sweep which i was procrastinating. so, its a win win

beep beep VROOOOOM

You learned to write IP's?

Go you! /s

hi am stuck at a question

haha

which question???

if the prefixes were not obvious it is subnet calculations

is this trellium?

nope obsidian

swapped of trilium to have more plugins and better neovim support

is at the begining at Web Application Security

generally use obsidian mostly for note viewing and writing them in neovim

Ya, class B.

172.16.1.0/24

is the last question

172. class b yes

well the 10.1.0.0 subnetting is further down in there

172.16

we got a 172.16.1.0 /16 and got to subnet it into 4 subnets with 40 hosts each

hence we get a /26

How do you calculate it, binary?

yeah mostly binary

the /prefix is how many ones is in the network part of the subnet mask

https://subnetipv4.com/ have used this a lot to train in the past

but shadow is rusty

Hallo! How can i remove friends from my friendlist? Im trying to add a new friend but it hit me with the "Max amount", can't find the way to remove friends

There's a little x, if you hover the name.

I can't even show you.

Oh yeah i see

It overlaps with the navbar so i couldn't see it

Thanks you so much!

172.16.0.0/12 https://datatracker.ietf.org/doc/html/rfc1918

this one: What do you need to access a web application? ????

Yo guys how difficult is the WindCorp series ? I was planning of giving it a shot as there are not many hard windows machines anyway. Would what I learned with THM paths + CPTS course + some research be enough to overcome them ?

probably

you could try retro too

retro is the challenge room for a windows exploit

blaster is the walkthrough of the same box

coincidentally this was the last one I did few minutes ago 😂

haha okay then

There is two points in the Windcorps that make it harder for members to solve

For help with THM content, #room-help is the best place to receive assistance

they moved there and got their answer already but yeah agree

also is this intended or some overlooked html error ?

Probably formatting error when the room was changed

website*

YAY

netblock calculators! 🙂

well calculators wont be allowed on the finals

but yes generally shadow will use calculators for this after getting the manual stuff to stick

That first flag was tough

Red Team Capstone is no joke

Bro Whats this?

ipv4 subnetting

Did you know there is over 300 attack vectors,

https://subnetipv4.com/ here is the website for this

Whats it's use. I'm a noob

Looks like I should take a break then

nice site

You can bruteforce, phish, osint, it's great.

to segment a network into smaller networks for computer and devices to communicate without killing the media by sending to many broadcasts

Oh

It's like breaking up a network into pieces rather than having one big network

*feels like they lost most people with that sentence

This is more easy to understand

big networks have a problem of data being transfered can be slowed down by devices on the network asking how to reach each other over and over again

So like you can have one small network for HR, one small network for the IT people, and one small network for the Management people

and a super small one for the 2 routers connecting the IT and Management networks

Exactly

:hammer: haqch#0 has been banned.

Oh yeah I get it basically you're breaking it into it's own nest rather than one big complex one

yuups

See you get it!

Can I DM either of you I got some doubts regarding pentesting to clear

of course dm away!

subnetting gets even crazier when you get into variable length subnet mask/VLSM

where you split a subnet into smaller subnets to get even more networks and smaller host/computer/devices on each subnet

You're not accepting friend req

Ig my dm will reach you?

lol there’s always the joy of NAT as well if you wanna get really crazy

Why don't you ask in here, instead of DM's, you'll get some answers from people who're actual pentesters too possibly.

Indeed, just stating your question clearly would be a good start c:

Yeah I second this

we not gotten into how NAT works fully yet

lol probably for the best

NAT is kinda cursed

It really is

well yeah but it definitely saved a lot of time to swap towards ipv6

It's a good hack for a big problem

But it's definitely a hack

lol indeed

the art of the bodge???

But yeah, practically, you will see it most for VM networks as one of the options

NAT is usually the default

I think it’s VirtualBoxes default option as well

mhmm I just meant all VM software

AHHHHHHHHHHHHHHHHHHHH NETWORKING!

https://tenor.com/view/cat-hide-sofa-gif-5892045

Looks like we scared someone

Come on man, networking ain’t scary

sipcalc is amazing

but gotta stay away from using it for now

If you were in my networking night class at college.... you wouldn't be saying that.

I was great with Cisco Packet Tracer... but Hex to decimal to subnet... or however the fuck it went, I hated it

lol I just always look up “CIDR caluclator” and just go from there or tables in results

https://tenor.com/view/windows00-windows2000-simpler-times-screensaver-pipes-gif-14530365

I’ve legit done that kind of thing before

The internet, circa 1995.

Yes that is the screensaver I use on every Win 9x machine

Packet Tracer ain’t bad once you figure out it’s little tricks

lol

decimal to binary
binary to decimal

assuming you did not subnet ipv6 which if yes it is not that bad

It’s also running way too fast, that’s in a VM

Totally didn't cheat on my final with my partner next to me, while I did the cisco packet tracer, he did the subnet crap

"Team Work"

Trust me part of my old job at my comunity college was setting up Cisco routers and devices

https://tenor.com/view/national-dog-day-team-teamwork-team-work-high-five-gif-6039642593588168059

@seadris

Bruh gone

So I might have a bit of a bias

He's in Info Sec Prep!

Wrong server pallie you want HTB

He's gone in there too

His my server

His mod

first time seeing pallie in the wild

hexadecimal to binary to IPv4

https://tenor.com/view/kill-neil-patrick-harris-barney-kill-yourself-finger-gun-gif-16929199

https://tenor.com/view/liar-anakin-gif-21992662

b-b-b-but hexadecimal has near 0 use for ipv4

YOURE WITH HIM

there’s no reason why you can’t do straight hex to decimal notation

Anyone else wanna suffer through red team capstone challenge with me?

can't

already finished it

Damn

Tell my old professor that

Rip to me I guess

tried hard to finish it with the help from tons of people when it released and was planned to get shoved in a hiden box forever

That's why I hate networking...... I can get networks wire up just fine, get that whole layout... VPN's, VLAN's... crap like that. But tell me to subnet mask, and your ass is getting 255.255.255.0

lol

Fuck you, you're stuck with 192.168.0.1

nah you only get 255.255.255.248 from shadow

https://tenor.com/view/that-one-gif-ultra-instinct-gif-9474784792190223574

haha class C for lyf lol

Amen!

lol

If it works, it works!

indeed

haha

I wish they had THM when I was a kid

dude, right?

me too

Get out of here with your 192.168.1.x, I’m about that 10.10.10.x life

LOL 10.X life is legit!

Kinda wasted my whole teenage years on linuxzoo

class A lol

guess beerrise can't use tryhackme as they use a 10.0.0.0/8

what's linuxzoo?

I wonder if it’s still around

Platform that would teach you like Kali Linux and other shit

oh, nice

Naaaaaaah, I'm bout that 192.168.50.0 life

Can’t say I’ve heard of it either, ah

yeah I got started with infosec in the 00s before Kali existed I’m pretty sure

BRUH ITS STILL ARROUND

i learned my stuff back in the day before there were even online platforms... just nerds that would meet up in person and talk about computers lol

I think it was Backtrack then or whatever

https://cmdchallenge.com/ have fun

I haven't leveled up in ages..... so yah, no THM, bad THM, no 10 network

i remember backtrack @sinful moon ! ha

Oh I’ve done that before I’m pretty sure

haha shadow remembers backtrack

I just found out 0xD is the highest you can go

and Ophcrack and such, yes those were the days lol

back when cracking wpa2 keys was easy

I also remember backtrack

Good times

just WPA, right? not 2?

Gen Alpha: yOu WeRe HaCkInG bEfOrE i WaS bOrN!

lmfao

they’re probably thinking just WEP

get off my lawn! lol

I was 12 when I started

yes but we called it making a bird house

WPA was never much fun to crack

yeah, you're right

Still is

I was......... How old am I now?

It was weird starting out at a young age right?

@sinful moon i remember something about de-auth and IV's, but that's about it. haha

yeah lol

haha

BIRDIES!

Because while people were out playing football I was in my room learning about this new thing called “Ubuntu”

computer gaming into modding into minecraft modding is shadows journey into deep computer world start

laughs in pwnagotchi

you gotta spoof the MAC of the router and send enough deauth to capture the handshakes, you need a sizable network to make it not take forever

shadow started using linux first in 2013

about 2007 for me using it full time, but I tried it ealier

That’s a few years before I started lmao

You fully don't have to deauth, it's nifty

mhmm

just enough for the handshake

and now here is shadow with an tiling window manager on an arch based linux distro

mine started with port forwarding so that me and my friends could play minecraft. back in 2014 i guess

^ had that part too

Not even that.
On a busy network, there's enough clients going in and out of range that you'll get some anyway

but started with modding before the port forwarding

lol I used to go all out with just bare WMs but no I’m back to full DEs

java was not super easy for a kid to learn

haha, nice. i always forget what a tiling windows manager is. I know what a window manager is. I personally use XFCE in my lab VM on Debian, but KDE Plasma on Debian for my host OS 🙂

Deauth = DoS, best avoided

So my dad is part of the old gen of people who used Linux

And he insists upon not using desktop Linux

yeah tried some... i remember barely

windows uses a floating window manager that lets you place things on top of each other

I legit had to tell him to stop

coding in java not knowing anything about it

ah, gotcha. i'll have to do more research when i get a chance 🙂

yeah fr i feel like most of us started in a very similar way

hey guys/gals. i recently created my own attack box. i'm pretty stoked about it! it's Debian in a VM and has all the tools I need. No bloat whatsoever 🙂

dwm is about the only tiling WM I really took to, but yeah i3 is what the kids use these days

Nice, yeah I have the same with a VPS host that I run Arch on

have fun!

congratz... you have now learned tons about setting up tools and fun stuff with linux

thanks. don't worry, fun has already been had! haha

Gave +1 Rep to @pliant cairn (current: #572 - 8)

yep! haha

Do learn ssh tunneling so you can funnel web or RDP traffic through your pentesting server

i3wm for x11
hyprland or sway for wayland

that trick is always lovely

You tried Ligolo-NG for that btw?

Way nicer than proxychains etc if you need a better tunnel

Nope, just plain old ssh commands for the tunneling tbh

I have terminal aliases for them lol

That is the third time I've seen that mentioned in as many days.

It's neat

btw, i learned some new tools last night 🙂 i'm booting up my lab VM to get my notes. can share the tools... just want to verify the names 🙂

I just say hostname-web for Burp powered web proxing with ssh, and hostname-rdp for… well you get the point

I just realized that Hammond is on here for some reason

yeah we have a decent bit of infosec youtubers and streamers on here

so, ldapnomnom was one of the tools for ldap enum... pretty cool stuff

john joins in in conversations now and again

then... let's see here. let me find the other tool....

so is 0day/ryan which made pentester.com and revshells.com

it does still always feel a bit magic though when my server is connected to THM via OpenVPN, I’m connected via SSH, but SSH is tunneling the RDP all the way back to THM

that's super cool!

much respect!

Yeah nice stuff for a pentesting server, I’d for sure recommend you giving it a try with yours

babysteps to babby’s first C2 server

yeah, def

@eager marsh how far you in the Capstone challenge?

ha

lol indeed, that’s what I’d describe mine as

Wait, Hi Noir.

Heya!

haven't seen yea in a while.

Probably because I’m usually working… like I am now lol

you writing one?

"Some reason" lol

haha

nah, I just meant infrastructure wise

Oh yeah, last time saw you in htb.

John has worked on some THM content, streams AoC annually.

I got permiter breach

Yeah I’ve chatted with John Hammond here actually, was neat

cool

Neat

Jesus that was way harder than I bargained for

I think my friend has interacted with him in a professional capacity while they were working with Huntress actually

John seems like a great dude

friend is DFIR manager for a major financial institution

really friendly

yeah for sure, he’s chill and down to earth

yep

always smiling and lighthearted... super nice guy

(in his videos is all i see, but he seems genuine)

So it seems

lol

Vader, Capstone is a fully Red Team challenge. 😄

John is the most chill dude.

https://cdn.discordapp.com/attachments/773132561693409290/1291497079213916180/image.png?ex=6704ed22&is=67039ba2&hm=1f6a4035452c3d03389d4ef8f7fb04d3ed41a025e3cc3de052112a310af29757&

Bro is so chill

I know what I’m getting into

Mark my words the empire will take this machine

lol I still remember when I thought I encountered an account impersonating a retro gaming YouTuber, in the process I was like “You should have impersonated a better YouTuber tho”…

And it ended up literally being that YouTuber

was ouch lol

oof, that sucks! lol

well, you had good intentions

that's all that matters in a trivial case like that

lol mostly, I don’t much like that channel but sorry for the offhand remark my dude

Yeah Empire C2.

Unironically

I think I’ll end up using that

oh, weird.... why would you try to help a channel you don't like?

https://giphy.com/gifs/skid-car-tDcQBtUX78JWoas9oM

https://cdn.discordapp.com/attachments/1207563336091439145/1238981375491706880/ApplicationFrameHost_BAsLDLxk10.gif

are we hating on 0day now? is that the latest trend?... lol damn

Wreath is such a good network.

?

and approved by ryan. 😂

the gifs seem to mock him, that's the only reason i made the joke

gotcha

I saved em

Bro, both gifs are on his fav gifs. 😂

that's cool man

Always look at both sides.

@hasty sand Keeps finding ways into my two FAR DIFFERENT youtube accounts.... fucker keeps showing up in my Shorts feed

• / -

lol because I was a mod of that Discord and was talking to an account that I thought was sus

👀

No matter what... his channel, his many interviews

Doesn't matter, he hacked his way into my feeds lol

He da Goat.

gotcha.....

shut up skid give me your feed

yall ever just watch 'chills' videos before sleeping? i just watch them cause of his voice

https://tenor.com/view/zero-day-gif-21206422

lol

bitch please, get on my level, I have the n-1 day exploits

lol reading this as “myself” is funny.

🤣

Number 15

Thanks for the idea.

Gave +1 Rep to @hushed knoll (current: #1497 - 2)

Hi Ryan. 👋🏻

Thank you @winged summit for sticking up for me (although the haters that made the GIFs just made me laugh)

Gave +1 Rep to @winged summit (current: #110 - 66)

Everyone here is great 🙏❤️🚀

yeah man, anytime

Drama-llama in another place? 👀

Guys, where can I practice for eJPT (apart from INE labs)

Yep, “com kids”. The most annoying kind.

The worst.

yeah man, THM is awesome. good community overall

iircc, the 1st gif was made by them. (com kids)

2nd was made by kiyomi. 😄

when we were on VC in HackNexus

Oh yeah, I like Kiyomi — they are nice and I met him at defcon 🙏

Can someone put me through😓🤦

lol what do you mean by that, also welcome!

Awesome, he is great. So yeah we love you more then com kids hate you. Me and kiyo made the 2nd gif you in Tesla. 🤣

Think about it. You're now forever engraved into a GIF!

https://tenor.com/view/winner-hereyougo-going-back-gif-12530432

Can I message you?

LOL

Thanks btw

Gave +1 Rep to @sinful moon (current: #38 - 225)

It would be best if we just kept this here lol

You haven’t even said what the issue is

I'm still a learner

My Compuper isn't working

W

Matt, can you BSOD my PC?

Is ti windows?

That’s fine, but what is your issue lol, you still haven’t said

Windows 10 specifically? lol

Active Linux

go to linux.com

that what it says

Lemme go through my resume....

Want to learn how to hack..

If you ask your questions here, the responses can benefit the community

Windows 10: 70+
Windows 11: 3
Windows 7: 3
CentOS: 2
Kali: 3
Arch: 3
Mint: 2
Jabba's Spotify: 1

Yup, looks like I broke a couple of linux's in my time

see #start-here to get started

TryHackMe (the website) is all about teaching you this info

What’s that last one

Okay thanks

Jabba's Spotify

The one I have sir is from MS.

I sent him a link to a song and it crashed his Spotify

You made that one up

https://tenor.com/view/happy-catto-cats-gif-2693509101423175460

I did not!

Coincidence

#general message

Still counting it!

Is 0day too busy to reply in dms now?

https://cdn.discordapp.com/attachments/1175382046688952426/1292914259000426597/image.png?ex=670577bc&is=6704263c&hm=83fd1f0b23856cadec1067941f41c5b7e86761e37487b46d360335d73a922899&

Dude this is So COOL

Did you send them a DM without asking?

He busy with work. 😄 might reply if you ask them for it.

THM reaching out to me via email. 👐

Ya

Ohh

is this premium ?

Getting a new role? 👀 ||Staff Ig?||

It's new UI. 😄

Probably missed it then in their other folder

for breaking a rule

Not at all.

Oh

oh cool

Yea

some coool updates

We used to talk 2 yrs ago

UI is CLEEEEEEAN

😃

Pretty sure you have to actually work for thm to get the staff role

Yup

I was gonna make a joke about wizards

I mean, the stuff I do for THM, and how much I know and can't disclose, at this point I may aswell be staff

https://tenor.com/view/youre-a-wizard-hagrid-afirmation-magic-magical-gif-16533730

It’s because they said staff role

a wub wizard

https://www.youtube.com/watch?v=R_NtokmVAgw

I’m a what

what's y'all's favorite threat modeling framework

Kill chain by Lockheed Martin,

Or PASTA (Process for Attack Simulation and Threat Analysis) if I'm hungry.

i think i'm an owasp 10 andy

wait we are supposed to have favourites???

STRIDE makes me think

Owasp top ten? That's not threat modelling?

I may use Stride for my project.

Very likely 😅

i think in a loose sense owasp can be a threat modeling technology while not necessarily be a methodology

OWASP is an organisation

Hmm

They have actual threat modelling stuff

if shadows dm:s are to busy to respond to most shadow bets 0days is worse

i mean top ten

when i said owasp 10 i meant top ten

That's not really a threat model though.

It's just a list of commonly found vulns in web apps.

And nowhere near exhaustive

it's not a methodology like PASTA but it's still a threat modeling technology

Anyone know when Proton usually does their sales?

cough @ruby sand cough

THM is using IA generated images for their content (question) ? Their interfaces and stuff are even more clean each days

Awww fuck... that means I have to fix some back end crap....

AHHHHHH

Black Friday soon, no?

November 29th... I could wait for that

Planning to get the unlimited plan rather than just the VPN plan

I'm waiting for proton sales too xD

Got the funds.... but hey, if I can save money, I'm all for it

I get 50% off.

50% off the USD $191 for 2 years?

Student discount, innit.

Awwwwwww

Wish I still had an active .edu account

oh

that was unexpected

@strong gull please engage with the community before self promotion

well sure, wasnt intending to promote but oke

$95.88 for 2 years sounds sooooo damn nice

what happens when your proton sub expires? do you lose your extra addresses?

If you don't renew, yeah

I can speak for the VPN.... they try and charge you again, and if it doesn't go through, they give you 7 days free, then end it

Found that out when I booted up my laptop and it said the subscription ran out lol

idk if this is opsec compromising but how many addresses do y'all use with proton? i use 4 and i kind of think of them as kernel rings

hmm would it be cheaper to set up your own VPN?

I use Malware-Bytes.

£25 for a year.

"Get 40% off* when you buy a 24-month subscription during our Black Friday sale. This deal is billed at $172.56 upfront for 24 months"

This was from 2022

Making sure you were still here

@inland obsidian it you're advertising a job, can you please still reach out to admin team

It was for content creation and digital marketing

Don't think, and don't quote me, the admin team would approve that for THM

Abertay students look like they have some cool projects @pallid lotus 👀

I used malwarebytes for a very long time

used ?

When I had a computer

I broke it apart due to the madness inside me

Which ones?

Tonight I found a super cute shop

I bought a new writing book

Should I use it for cyber notes maybe

I seen one where they pitched a top 10 owasp learning tool for NatWest.

If you like the old school method, and the tactile response from pen/pencil on paper, go for it!

The Madness Strut.

Where the heck is that getting leaked

But yeah, we provided a few projects this year

🤐

I know people. 😄

https://tenor.com/view/question-mark-cat-confused-gif-16041903182640445268

I am all about physical books (i have an MFA in Book Arts and have worked in multiple libraries restoring old books), but i find there's really something to be said for having easily searchable and linkable notes.... I use obsidian for my journal and all of my notes, and can't say enough good things about it. (i know i'll get hate because it's not open source, but shrug)

No hate here, I also use Obsidian.

MS PAINT!

THIS IS THE WAY

https://tenor.com/view/book-of-boba-fett-the-mandalorian-this-is-the-way-the-book-of-boba-fett-mandalorian-gif-24825263

I do love physical books, I’ll have a look into obsidian ☺️thank you

I'm still blown away by the fact you can use paint like an Etch A Sketch...

obsidian is great if you put the time in to build it to your use case... happy to chat about my daily, weekly, monthly, quarterly notes, people notes, book notes, and cert study notes... i have a pretty extensive system that works really well for me. My masters thesis was about physical journaling and keeping a journal, so i've taken a lot of that and adopted it to my digital needs.

You can send screen shots if you want

What happened to profile Update??

Beautiful

Perfection

Wdym?

Mb I replied to you without replying to you

it has been changed again, it used to be better I thought

It looks better now.

It’s same 😭😭

You looking on mobile or something?

Nothing has changed for me. On mobile too

Keep refreshing the result is same

hmmmm would think this is not an A/B test but oh well

Might need to be non mobile

Or it's been changed back?

Im on PC ))::

Yea, it's been changed back for time being

Oh, okaay

After a long hiatus I’m gonna come back to THM king of the hill

More like King of the rootkits, amirite.

Heh worked for me in mobile

Shame they've reverted it

Hey u guys planning on bringing the videos as a replacement for theory stuff or what?

Yeah, new design looks better

I'm more happy that created rooms finally worked

Oh yeah, all your rooms will be properly credited to the authors

https://www.youtube.com/watch?v=gzLPa6NbcrE

very very very informative video

with tips on things we can do to make it less problematic

refresh...

and with that this shadow whadows goes for meepity moopity beep boops to sleep sloops too

Quite a few mental and physical health problems can cause feeling tired all the time. Didnt watch the video but im assuming its not about that

it is about how our brain has not evolved much past the cave man state and how all the decissions we make in daily life drains our energy
and some tips and tricks to help you be less tired

like taking a siesta

or coffee naps

or planning out what to wear each day and what to eat each day in advance on a set day in the week

hmm interesting, I noticed productivity and tiredness are also heavily related to emotions too

https://www.who.int/news/item/28-05-2019-burn-out-an-occupational-phenomenon-international-classification-of-diseases

The new version will be back soon.™️

hey, i have a suite of "LS0tLi0t" words arranged by groups of 4 letters

the only words that i see repeated are

LS0t

Li0t

LS0K

LS0g

does that remember anyone any sort of code?

best not to spam chat

sorry didnt mean to

Yep, but is this from a CTF? Tryhackme or elsewhere?

yeah this is from a ctf

i peeked at the correction

Please don't ask for help with active CTFs here

oh ok sorry

what are CTFs ?

capture the flag

Oh boy do I have a story for you

lmao this starts well

we can play that in tryhackme ? 🙂

Yup

They grow up so fast

the story of a guy who purchased nitro

I didn’t

Someone got it for me

Also there’s no need to be hostile, we’re all friends here

how do you play CTFs guys ? 🤔

It's always hard to see them get their first flag on their own...
but we have to let them go dont we?

Yes we do

You can always look on ctftime to find stuff on

you go into room search, you can sort it by either ctf or walkthrough

or other websites

guys i think i did something bad... I found some easy rooms

Yuh huh?

so long story short, i am arriving in top 1% in something like 15 mins

Congratulations

it's not fairly earned, i was at 16k6 points 3 hours ago

i am now at 18k

👍

Well damn now I gotta catch up

lmao

you must be so fart away

I’m sitting at arround 20k

nice

how long have you been here?

Uhh I just joined this server

But I’ve been doing THM for a while now

yeah yeah i meant thm

how long? more like 1 year or 1 month?

Like a year or so

ok that's nice

u doing more ctfs?

I hope so

it's quite cool i think

plus you come to a point where u already did most of the lessons at one point

I got super tired of THM boxes

And I wanted something new

But this red team capstone challenge reignited my fire

Is this a place to ask if anyone knows good places that sell Warzone esp?

what challenge?

i kind of understand

but i think if you stay focused u just dont see the time pass

No, it's not.

during summer i was tired of it too but i got back to it and i got nice again

You banned em didn’t you🤣