#general

how do I fix it then

Fix what?

It's 95% idle, that ain't a problem

.

oh aight

thanks

I just wanna make sure im reading it right

idle state is what is ok. there is no fix for it. if fix is it to put it on load state then that is fix... i guess

"cpu
95"
what does the 95 stand for, 95%? or like 95% overtime?

like is it in that instant

or just an average

I just wanna make sure im reading it correctly as 95% of his cpu is just chilling

it means it is doing nothing in 95% of time... kinda

well "nothing"

but

works for it

I just wanted to make sure I was reading it right lol

Yes

yur

thanks

Gave +1 Rep to @naive violet (current: #2 - 2199)

now you get the rep :)

one question then

why does it tell me it uses so much in processes then

windows lies

aight

thanks

so im chilling?

most likely

do you notice performance decreases?

I can give you an example of windows lying too

windows says im using 17%cpu for something

if app or so is running smth then will be show of how much of resources it use in single unit of time. when app is done will be iddle

like I have a pretty good GPU and i put my settings on cod at lowest and I cant get higher than 100 fps

it also says im using 10% at the same time essentially

(Rtx 3060)

it could be vram

but that's a gpu thing

which nvidia has criminally kept vram from people

no reason to sell a card with 8gb of vram in 2024

at lasat nvidia works on windows...

true

but nvida is kinda stupid sometimes

8gb of vram leaves no headroom

I get it's so that people will buy the gpu next year

but it's so scummy when you already pay 600-700 for the card

could buy a year for thm and htb instead of buying a new gpu

if you play games you go for that kind of gpu usage. you buy what you need gpu is not just main for gaming

yeah

but still

3d rendering etc

there is gpu named nVidia Tesla, and have different usage

Edge is actually so buggy holy shit

I got 0 problems in the years of having firefox but with Edge I'm having at least 1 problem daily

Depends what resolution you're playing at too, and what GPU

And which cod

MW3 seems to have super bad optimization

other ones should have higher fps

Waiting on my artist to take a break so we can look at my design

I haven't played CoD in so long.

Too busy with Diablo IV.

And now my project will take up time

What’s your project

Your icon in pfp is off center

Its buggin me

It’s really hard to make it centered

Not gonna lie

https://youtube.com/shorts/dBk_BfXtoE4?si=m2HHArvMiiE99yqo

GM everyone

6:am here

Drinking much I have

Cheers

Not slept a wink

Sucks being a programmer

My suggestion is to make try and make it transparent then stick it on a new white image.

Yup , makes sense for a 3060

Defanging malware I find myself

Infact, scratch that

That's what she said.
I know

It looks so much cooler transparent.

Ooo

Your right

idk how stupid it is to play with grub, but aint smart =/

Still slightly off centre.

But that can be fixed

How’s this look

Yoo that looks sick

Looks slightly better.

how are yall unable to center it

I didn't openly try, I just made it transparent.

Simple paint fix though.

now it wont fit to discord

😭

It does when you save it

All pics looks better transparent.

If they're logo or something.

not mine

Especially yours.

looks bland, it needs that roundness around it to make it eye pleasing

in Dashboard it shows me as top 5% but in profile view it shows top 6%.
which one am I lol?
I see the one on the dashboard all the time so I know it's updating but it seems the one in profile is not

just felt like I should report that.

Staff are aware.

Noob linux question but after I've built the a binary of john from the github how do I actually use it?

typing "john" in the terminal says it's not installed

sudo apt install john

Did you add it to your path?

I don't know what that is

./john --test works and launches the benchmark

This is the first time I've compiled binary cause I wanted jumbo john

Not the one in the package installer

./john works as intended, however if you wish to use john anywhere, you'll need to add it to the path, I'm not sure if you use zshrc or bashrc so you'll need to look up what you use and the command.

bashrc on linux mint

I like it, it’s pretty

Google or ChatPT will assist you

Yeah, you’d have to update your PATH under bashrc. I usually do export PATH=$PATH:{/path/where/john/is}

I like this

just a path to the whole run directory or am I going to have to specify files?

Pixelated art has a strong hold on me

Path to the directory

alri cool

@sick lance hoooyyy Mr Scrubz remember me

Yes.

I did all that, confirmed the directory was added echo $PATH but now it says Error: Cannot find John home. Invoke the program via full or relative pathname. For example, /full/path/john or path/john, or set and use a shell alias. when trying to type just "john" into terminal

@sick lance How are u hope u are doing great

How is the learning going?

@sick lance Its going great but I'm feeling bored la from doing too much...

Can you verify and show a screenshot of the file edit?

I can't post screenshots

Yeah. that can happen, just slow down, take breaks and do something else.

@neon merlin

@sick lance Mr do u know hacking

I added exactly this to bashrc export PATH="$PATH:/home/sam/Pentest/john

this is a direct copy paste

https://tenor.com/view/yes-yup-yarp-oh-yeah-gif-14341658

@sick lance I want a mentor

And u are a good guy

echo $SHELL

You have a full server of people who can point in the correct direction of materials.

@sick lance Man I learn everything deeply to not be a script kiddie but that makes me too bored to even carry on

Oh, after you made the edit, did you restart terminal?

I ran source ~/.bashrc instead

I started networking and made a good grasp on OSI and tcp/ip

I'll try just restarting

Btw Mr @sick lance How much time did it take u to be good at hacking...

After restarting it's back to ```Command 'john' not found, but can be installed with:
sudo apt install john

confirmed the stuff is still added to path

echo $PATH

are the thm tickets back?

where you could win a laptop and things like that

that was old thing

Next prize event might be AoC2024.

It's not confirmed

I got it working with this guide that doesn't just end with a bunch of random files in a folder https://moezzhioua.com/blog/install-john-the-ripper-jumbo-on-ubuntu/

They use echo 'alias john="~/src/john/run/john"' >> ~/.bashrc

soon™️

yeah i know but when you look at your profile it says "Complete rooms from the Security Engineering path to earn tickets. Collect 3 of the same ticket to win a prize. For more information on the ticket promotion, click here" but a few days ago it sayed something like "This event ended Complete rooms from the Security Engineering path to earn tickets. Collect 3 of the same ticket to win a prize. For more information on the ticket promotion, click here" or something like that

Hopefully

and when i click on the link it just says This room is private

Only users with the room link can access this room

Yeah, you won't have access now.

i hope they are coming back

Or just echo 'export PATH=$PATH:~/src/john/run' >> ~/.bashrc

Not sure why they are using an alias instead

Probably will be when a new path is released

hopefully

Session completed. 

Is !!1GOOD..*7¡VA the password?

For what?

Thats what john spat out after it cracked a hash

Which part of that line is the password?

Run john show

Or it might be john --show

neither apparently

Run this with the filename at the end that you passed into john

stat: hash1.txt: No such file or directory

Why is it not default behaviour to show the result after it's done

Like isn't that what the user wants?

Because sometimes you crack a few million hashes

And then showning all in output would be bad

How about a nice easy text file then?

Can you send your full John command

There should be a .pot file in the directory where you ran the John command from

john hash1.txt --show

john --show hash1.txt

And the original John command you ran as well?

That one doesn't work either

john --wordlist=/home/sam/Pentest/Wordlists/SecLists-master/Passwords/Leaked-Databases/rockyou.txt /home/sam/Downloads/first_task_hashes/hash1.txt

This means it exhausted the wordlist without finding the password

mfw DONE and GOOD apparently means it failed

Done as in exhausted the wordlist

"good" is part of one of the passwords it tried

Done, it was done. There's no more work for it to do. Done.

They don't make this very user friendly do they

And the tryhackme room talks about non of this

The tryhackme room, assuming this is crack the hash or something, expects you to already know

It's not unreasonable to have prerequisites

It's the room where it teaches you how to use john the ripper

Please use #room-help for help with tryhackme rooms

By not teaching you apparently

A laaaaaarge chunk of learning hacking is learning to troubleshoot and read documentation

how mice... arch is not suport ntfs by default... spent 1h try to find out what is wrong with my partition =/

For some reason when I typed --format=raw-MD5 into the original command it worked

It has to know what type of hash to crack

For some hash types, like sha512crypt and yescrypt which are used frequently on linux, the hash has a prefix ($6$ and $y$ respectively) to tell it what hash format it is

For MD5, MD4, NTLM (windows), LM (Old windows) they're all the same length and all typically hex

So it can't know which one it is

nice

https://hashcat.net/wiki/doku.php?id=example_hashes can shine some light in what type is

Best way to identify the hash type is to use context

Got it from a windows box? Probably NTLM

@boreal scarab ... https://www.printables.com/model/717887-bat-cat-batman-cat-mask

Can anyone recommend resources for learning Python scripting for security purposes

Once you've learned the basics, I'd suggest the latest edition of blackhat python

Thanks, THM does not seem to have many rooms for learning Python basics

Gave +1 Rep to @naive violet (current: #2 - 2200)

THM isn't a programming platform ¯_(ツ)_/¯

You shouldn't be limiting yourself to just THM, there's a lot of ways to learn

Udemy has one

Understand that, I want learning material focused on security as that will help keep me motivated with learning

Sadly you need to learn the non security related stuff first

Hi guys, have any of you heard of Kreativstorm?
I was trying to apply for their cybersecurity position, they didn't choose me and then I received an email about their cybersecurity hands-on training program which is 149 EUR and thought it would be a great way to start my journey with at least something real-world and practical, plus, in European company. To get into it, there are 2 major steps, one is just CV and 2 questions on their website and then an interview which I had yesterday, that's why I thought it probably is not scam, as why would you do an interview when you can just charge this 149 EUR and that's it but now I did a research and found some info which doesn't seem great, there are some reviews saying that it's scam and there are some great ones but it may be their bots. At this point I'm really not sure what to do, so has any of you heard of their training programs?

If the basics are focused on security related projects, it will keep my attention better. I tried learning programming before but I think I wasn't successful as the projects were not very interesting to me

There's fundamentals you need to get down before you can hit security content

Without understanding how roles and permissions, you'll never understand how to audit a user

When I hear about hacking tools being bought on the dark web but I get mine free on GitHub

aha

https://www.pythondiscord.com/resources/?topics=general
@inner pine Some resources for learning python in general

How much pineapple is one person allowed to intake

hey evening

Sounds like a question for AI!

pineapple containt certein enzime that melts flesh in general. and im sure there is no dangerous amount to consume pineapple at all

Oh well… all that’s left is the top

RIP

top ?

The green leaf

😂

oh lol

It’s getting real cold

The pineapple or the weather?

The pineapple is gone, I demolished it

Great work, I am craving pineapple now

There was a point where I was eating pineapple four times a week

I wish I had a study partner 😩

Studying is so boring alone

Hold on

Why’s it bending like that

😂

Song was just getting good at end

The beat just dropped and then it finished

What is everyone studying today?

hi

sup H

a few hundred years

Bot lover

https://media.discordapp.net/stickers/1266623412357562390.png?size=160&name=dying

What the 😭

https://tenor.com/view/cat-meme-cat-cats-batman-bruce-wayne-gif-17330080989025218452

https://tenor.com/view/batman-gif-4439279616571508647

Hey, anyone knows why i'm not able to join BreachingAD room.

hello im currently persuing cybersecurity with cyber corps and i was wondering if there are any scholarships

i can apply for to get free rooms on tryhackme

Are you a sub or have a streak of > 7?

60% of the website is free

It is specified that streak required is 0 but still i'll try that

Are you a subscriber?

nope

Then you need to have a streak of 7 or more, like I just said.

oh okay lmao sorry me and my friends were confused on how it worked

does athena os still connect?

👍

Thanks

If you'll search just active directory then it is mentioned streak required 0

whats the difference between tryhackme and hackthebox?

which will look better on my scholarship resume for college

Neither, as they're not really professionally recognised like certs from OSCP are.

They're more just a hobby.

one is tryhackme and the other is hackthebox 😂

im starting off as a undergraduate so i will be taught the basics, etc

am i expected to have my cert before or after i graduate?

Can someone help me with the newest #1294359222233862276 room? I gained initial access by exploiting Aria2 and im stuck on privesc by ansible-playbook. Please ❤️

so roadmap would be tryhackme/hackthebox > cert > apply for scholarship > graduate > internship > work a job?

or would it be tryhackme/hackthebox > apply for scholarship > graduate > cert + internship > work a job

No, it's too early for hints.

certs expire, need to renew, etc. If you’re focused on college and not applying to jobs leave the certs after you graduate or a bit before

Not all.

got it

so basically focus on tryhackme and develop the hobby + basic skills, get a scholarship(s), graduate from college, get certs + internship for experience

then aim for a job

pretty easy road map

hui

is it hard

be honest

@fervent meteor help bro

i'm not a big math person but i've done things like sentry mba and openbullet when i was younger

so i have a basic understanding

bro how you stduy

is it hard

Teach me your how you been focusing because I am done bro

is it question or statment ?

i heard 50% of cybersecurity is knowing which tools/programs to use and the other 50% is knowing what to look for

is that right

cybersec in general

learning difficulty i should say

note taking note taking note taking
set dedicated study times
use pomodoro timer
don't be affraid to take break days

Nah it's a huge chunk of reading documentation

yea i heard

I think I have to work on my note-taking habits I don't know why I can't take notes

some guy named intelbroker i met from ironic discord told me that

bros like big in the community or sum

intelbroker lol sound funny

shadows notes are very unstructured

What is shadow notes ?

is blue team easier then red team

and which pays more

up to you I like new try hack me suggestion page try that out

signing up in a hour

excited asf to try it out

https://tenor.com/view/meme-gif-26039804

markdown files of things from presentations in uni and stuff like that

Woow

what are these numbers and terms bro

do i have to learn these terms

College work and side study

that time

T OSWA prep im guessing is certification test preperation?

ik cves are vulnerabilities but wtf is a S CVE "S CVE Research"

Hunting for vulns, or reading current/new CVEs?

ahh

https://tenor.com/view/nerd-at-computer-gif-26710836

not sure if ninja james would appricate shadow posting an example markdown files of shadows notes

@fervent meteor be like

is this you @fervent meteor

so do companies ever patch CVEs

or are some just unpatchable

and you get to abuse them forever

if you ask microsoft == YES

That's rare, and usually you can work around them

wtff

so you could work for a company and spend ur first year making godly CVEs

If there's an unpatchable vuln, you make it unexploitable or replace the thing, depending on the severity

meltdown and spectre for cpus is basically unpatchable but there are workarounds

wat

then just continuously expand on them as work

like for red teaming

@fervent meteor no off day

?

nvm

do red teamers get jobs or do they work entrepenurially or sum

CVEs are public.

oh

No movie day

?

W

what about go out with friends

is a bachelors degree enough to get a 6 figure job

none public exploits tend to be 0days........

I do 2

I'm hunting for vulns and CVE's 😎

thats cool bro

https://tenor.com/view/oppenheimer-gif-8204160254287798713

if you ever move to a third world country you can just crash out

On Fortinet devices mostly.

think the amount of hackers in shadows uni course is high

and sell databases for money

being a hacker is so cool man

so much freedom

Illegal topics is not promoted in this server

This is illegal.

Oh sorry

I didnt mean like fr

jokingly

you do boxes or na

Eh, don't joke about illegal activities here either

well shadows course is marked as having a decent bit of cybersecurity in it so of course there will be hackers

• And no crackers

yeah delete discord you will gain 1 or 2 hour everyday for real

Hoiw is your course, and what's it like being back in an educational system?

Okay sorry

I would never do crime

I'm a law abiding citizen

🇺🇸 🦅

nice but gotta redo a basic scientific report writing assignment
and it is hard but shadow likes this subject so it is keeping shadow actually doing something

i.e it is not easy to go from basically doing nothing every day to a 9-17 study/work day

Is it focused on a topic, or is it more broad?

Are you doing anything related to cyber?

networktechnician with cybersecurity focus
for now it is very broad
but will be more focused later

we just started the python programming section

setting up cisco routers and switches with "sane" defaults for security

^ we will get more in depth on this soonish

That sounds good, is it a 2 or 4 year course?

BsC type?

2 year with 1-2 added years if you want

You got any malware classes? 👀

not sure... not looked to deeply into what is comming up

hows this possible

Answer 68 questions

Then answer one more

wow

streak of 1 day even after being consistent

Then stop.

hello i bought a virtual server yesterday ,when i checked for login failed attempts i found like so manyyyyy , is that normal ?

Welcome to scrapers.

can u elaborate ;( ?

man can u tell

Yea.

Yes.

u guys are so funny jonkler 2 failed

There are a lot of bots that will just try to log into and exploit anything publicly available.

Normal stuff.

Commonly blackhats have scrapers and bots that hit random IP's for anonymous logins, typical filenames to download

thank you :)

Gave +1 Rep to @sick lance (current: #1 - 2863)

I don't know what's funny?

Yeah it's just botnets

Leave a python server on the attackbox long enough and something will eventually hit it.

assuming you are a subscriber and therefor the attackbox has an internet connection

If you would like help, you gotta tell us specifically what with
Being rude to people who want to help you won't get you far in life at all.

@naive violet i asked right here

That's totally normal! I once had a server running Security Onion, and I could even see the login attempts and the credentials being used.

admin:admin
root:root
admin:guest
root:toor

nah things the credentials used are more advanced

sshd[258299]: Failed password for invalid user hadoop from 187.210.77.100 port 45060 ssh2

im hadoop now

Yup, it's something along those line, nothing too special, but it's always interesting to analyze

The ones used against my servers weren't too advanced..

script kiddies

77

Still botnet wordlists

You should be using SSH key auth anyway, especially internet facing

I had some friends with servers up as well, and we could see the IP addresses of the attackers. One of them was even hosting a file server 💀

It's important to say now that scanning or attacking them back would still be illegal.

https://tenor.com/view/sloth-walking-slow-slow-mo-asi-cuando-gif-17324253057311450918

ofc , but why would somone attack back a botnet

isnt botnet just compromised systems ?

I can't really explain it without breaking the rules here

Yes, we were using SSH keys for authentication, but since some of us were having connection issues, we ended up setting the interface to 0.0.0.0, allowing all incoming connections. We were just beginners learning CCNA and experimenting with AWS

okay

SSH keys don't relate to the network interface.
Denying any password based logins will, unsurprisingly, cut down on password attacks

I totally agree, we were just curious about who was attacking

I wasn't associating the network interface with the SSH keys. We configured the interface to listen on 0.0.0.0/0 because we encountered issues connecting using our specific public IPs. This adjustment was made solely for testing purposes to ensure we could still access the server!

Hey guys any ideas for 3d printing ? Hacking related stuff maybe ?

i prointed this https://www.printables.com/model/774403-flipping-flipper-zero-case

O how did you host a server

Doesn’t it have to be connected to the cloud

I’m guessing a cloud hosting service provider or somthing?

No?

Oh

This sense it could be actually.

Since it's virtual.

Physical servers aren't like your cloud based server.

How does scrapers find it then.

You connect to the server with it's IP.

Oh

anything else ? I dont have flipper

That makes sense

TSA keys

A flipper.

rasp 5 case

Hello I am a student of btech cs
Any one can help me to provide roadmap of cyber security and provide tools details whose are really needed

Plz help me

Can you elaborate more?

Wait but scrubz im not really understanding how a scraper just randomly finds a server. Like what would be considered a server.

The host machine is irrelevant.

how much did you drop for the 3d printer

i have 2x. each was around 500e

damn

damn

They write a script which will just go IP's in sequence.

you have ok ones around 200-300 ones

Ah so it basically just tries to connect to anything it can find

Yes.

Do you know what an auto-dialler is?

Don’t scammers use those

Like a robo call

Precisely.

It's essentially the same setup and plan.

bruteforcing luck

Wow interesting

are all paths in thm paid?

The paths contain subscription content.

is there any student yearly discount?

Do anybody else have problem with downloading the Network-VPN-Server "wreath"? Im keep getting error 500

#site-support

Yeah

@soft bramble

Ngl. I want to set up a virtual server and add firewalls and stuff to see the amount of stuff it blocks. Idk how I would go about that so imma have to do more research.

thank you

Gave +1 Rep to @sharp citrus (current: #94 - 76)

Hey @sick lance Do you have burp pro?

Lolno.

People with Burp Pro have it just to flex.

Like buying a license to Winrar!

At this point I think we all owe at least one payment to winrar tbh.

shadow used to have a winrar license

I don't use it.

Is it safe to run a vulnerable web app on a virtual server that I don’t care about? Can hackers access my personal computer throught hat and is it safe for me to practice penetration testing this way?

https://tenor.com/view/why-just-why-but-why-monkey-gif-18202838286539704455

How secure are your other devices on the network?

company policy

They never heard of PeaZip, or 7Zip?

the only thing i know they are not exposed to the internet :D

Speaking of secure devices.... I gotta go from WPA2/WPA3 to WPA3

You're not there now?

Tut tut,

My father's old phone couldn't handle WPA3, so had to be on WPA2/WPA3, now that he has a new phone, to WPA3 I go!

I'd have cut him from the network.

Kthxbai.

• im disabling root login via ssh

my router admin info is admin;password

WPA3 has landed!

the default password for shadows router is EntTmGb7

^ which is not used because duh

Still love that my router has the option to turn on Telnet...

Telnet is still used.

.....WHY?

I know for old systems they still use Telnet, but beyond that... why

speed and low overhead

And lack of security...

yuups

If I ever hear a tech today say, for a new system, "Lets use Telnet over SSH" My god, I'm kicking their ass out

Lets use Telnet over SSH

https://tenor.com/view/dummy-corner-judge-gavel-gif-15893581744758165231

Now to update my router...... 10 seconds later

I bricked my router

I do miss the days when dd-wrt, OpenWRT and Tomato were popular custom firmware choices

Looks like I'm back online

Got enterprise grade networking options on my WRT54G back in the 00s lol

Unfortunately the FCC kind of killed it, they weren't happy that custom firmware would unlock 2.4Ghz channels 13 and 14 in the US, and router manufactures dramatically locked down their devices for custom firmware as to not be liable

Ayyyyy lets go, didn't brick!

just about the only decision a more liberal FCC has made that I was not happy with

nice nice

I thought you could still put custom firmware on your router? I believe my router takes Merlin

You can but it's signifantly more of a pain than it used to be

I didn’t know you could put custom firmware onto a router

Can you do that with the mainstream companies too ?

RIGHT TO REPAIR! And break everything else in its path~

and for sure depends on the make and model. I know for a while Linksys sold some at a premium that were fully opened up to custom firmware lol

If you use an ISP router, no.

I got Asus, so yes

but yeah the good old days were when these were trivial to do with

That would breach either your contract and/or warranty.

Yeah to be very clear, I mean your self owned routers

But if you're talking ISP, as Scrubz said, nope

heck used to be I had self owned cable modem as well

but they finally pressured us to rent that instead, held a "free" speed upgrade back behind using a company provided cable modem

I haven’t set up my internet here yet, any you recommend ?

Ideally I'd check what can give you the best speed for value.

My ISP's router fucking SUCKED... I couldn't do much on it, and every single place I went in the router "This is advanced, and only for technicians"

*The place I was going to:*Make a device Static...

ISP a offered me 945 mbps for £60

ISP b offered me 1024 mbps for £27 as part of a deal.

I did not take ISP a.

Yeah if possible just get an ISP device that you can disable the router and wifi functionality on and just use it purely as a cable modem or whatever

Bro what is on my bathroom tiles, theres like a dark circle on one of the tiles but every time I try to show anyone it's invisible, no trace of it. I'm the only one that notices it, been noticing for years actually

Just give me internet, not your crappy ISP router.

I have the EERO from Amazon, they're quite nice

I want the best security

I have the Asus RT-AX86U Pro, love it

My internet used to be good, I got 8ms on valorant

If you take the steps needed on your host system, then security won't be an as much of a potential issue.

I mean you're the one who is providing the security practically

Malware-Bytes, HP Wolf and Windows Defender is what I use.

if you wish to have router that can do shit. Flint 2 just there shit load to do on it. just need to cehck can be used on your isp provider

Malware-Bytes for the VPN also.

But even just a consumer grade firewall at the router level is going to be quite helpful

you are not gonna like this answer but it is a supernatural/paranatural/paranormal/scp kinda thingy

WPA3, VLAN, VPN Profiles, Wifi 6. mmmmm, only thing I wish it had was Wifi 6e, But I still love it

Although, I recently just got a Fortinet firwall, so that will be fun.

Good luck, they have had plenty of issues but fair, also partially because they're a big target. Not sure I'd call that consumer grade however

I still gotta mess with my OpnSense server, get that up and learning it

Yeah OPNSense is lovely

This one certainly isn't, it only cost 15k

lol ouch

Can't remember the specs, but got a server, think it has 32 GB DDR4 in it.

Use that as my firewall!

Oh, I didn't pay for it.

yeah we just adopted some enterprise grade firewalls into our home network, but fair we work at home

for 15k he need to make me coffee every mornning

(Server was free)

yeah same kinda deal lol

lol actually need to make some changes to it on Monday

looks at Firewalla

Also please make sur you're only using public key encryption for ssh

It sounds spooky but there must be something simple I'm missing. I tried cleaning it or inspecting it closer but nothing. Normal tiles until that happens, its not like a shadow or anything, literally a different color of the tile but circle not full tile

you can also limit to just your home IP or use a VPN

ufw, fail2ban, clamav, apparmor, usually my go to when I build a new server

I have a FortuAnalyzer too.

i did that already

tried it

And you're still getting invalid login requests? Because between these two/three concerns, you should be covered

but yes without any you will see them constantly

Oh, and can't forget the best part about building a new server....

Cronjob to update, upgrade, and auto-remove every single night, without any of my input

also to be clear I mean a VPN tunnel rather than a VPN Internet anomizere service lol

https://tenor.com/view/playing-with-fire-with-fire-doing-something-dangerous-taking-a-risk-dangerous-gif-14788505

I use a vpn and that

Yeah that's cursed lol

Does it make it better if I tell you I have that setup on my PiHole and ADS-B? And my router only goes through my PiHole DNS 😄

All I can say is my VPS is still going strong, and between all these protections we have mentioned, I don't get any invalid ssh login attempts

even if it was nearly impossible anyways due to public key

You can just straight up disable password login after that

Yeah that was part of it, although I have been too lazy to get a proper VPN tunnel going. Was thinking Wireguard but lol, this works well enough for now

lol I have to set up enough VPN tunnels at work... hah yep exactrly

good luck!

The best is when you have a public server, which is a virtual machine, and that virtual machine is VLANed off from your entire network with no Intranet access, randomly generated passwords, fail2ban, clamscan, ufw, apparmor, the works. Can't SSH into it, only way you can access it is through the host.

most likely however it's a VPS rather than a local VM that's actually exposed and has converns for VLANing

Yah...... a VPS......

Yup, totally not local... nope

yeah that just strikes down VLANs and no internet access unless you have significant infra on the same account

I can give the server 64 GB.... hell, I could give it 128 GB for all I care,

No extra cost

well don't sound to spooky to shadow.... just it is not normal nature stuff due to shadow imagination

Is this a Mysql server

InTRAnet, not InTERnet

It has internet access, just no inTRAnet access

Fair enough, but yeah even then not really a concern unless you have trusted resources in the same account

even at work, I just have a vulnerability scanning server and a webserver which are completely disconnected from both each other and work datacenter entirely which is pretty lovely.

Wrong person

that is kinda the nice thing about VPS at low scale, just put your untrusted stuff over there away from anything concerning

heck that's why I got into VPSes in the first place

Oh that reminds me... I setup auto updates and upgrades on that server, clamscan every day, and gives me a report. Then auto deletes said report after 2 weeks of being in the server.
And of course, certbot

I wanted to seperate my personal pentesting machine from THM and HTB as much as possible

so yeah it's just a server at a VPS provider instead, that I ssh into and use ssh tunneling to get THM resources like RDP back to my local

Wait zumi may I dm

It's very against the THM TOS, but there are ways to pivot to other users in rare cases

Just not even a chance I was willing to take lol

plus also just good foundatinoal opsec, don't crap where you live

Cool, I could go WPA3 Enterprise 192-Bit on this router

Yeah just realized that

157 images of the same meme

yo

Hi

guys, isnt it possible to create more records in NTLM database via creating a lot of users on local machine and exporting the value. So, kinda brute forcing it?

Any soc people here ever had to stay overtime If there has been a big breach or is your day the exact same even with a breach

I don't work in SOC but I have literally came in after the end of my work day to address breaches. If it's after 6PM I get payed after hours time and a half

lol one of them I warned the individuals concerned with patching literally three times, two the day of in ever increasing concern

Dang

Aye but atleast you get payed overtime

mhmm I'm just the infosec "everything" at my comany and manage our external SOC and such

Yes, even natural disasters the company will ask you to stay over if it's necessary. I've worked 18hrs once cuz I was the only one who could make changes to the firewall at the time, since others were on vacation.

Sheesh

Yeah there's aboslutely times I"ve had to stay late without ending my shift as well, but yep despite a two hour gap, 6 PM is always after-hours so time and a half

I'm liking this router more and more

This was prior to WFH policies were put in place.

Ouch though, reading your full thing

I would literally die working 18 hours

How did you do it

Micro naps?

it's more than doable, just not desierable lol

thankfully our only all hands on deck firewall diaster was in the morning, and I saved the day with the fix since I did my homework reading tech news prior to work lol

Yeah we just got on to the contract and we were still learning that the SOC before us did not update the IPSes for over 2.5 years, so you can imaging the time it took to get those up-to-date and inline properly.

which ironically I could not help with since they were bootlooping and required on-site support, while I"m WFH

ouch yep

In our case we saw year 2022 issues cripple all of our newest firewalls at all clients everywhere lol

was "fun" 🙃

Lots of coffee until things were manageable and the initial rush died down.

We were hit with ransomware that took down manufacturing for 2 weeks cuz every machine needed to be reimaged.

damn that sucks

yeah our largest internal breach was the one I warned my boss about multiple times but we thankfully prevented any damange because I was like on top of this

I instantly logged in and told him how to remediate the tiny bit of damage done and they didn't penetrate beyond this single endpoint

I was only added to that contract later on cuz they needed engineers and not analysts as per the contract, so I had to retrain everyone to handle engineering tasks.

is there any pro ctf players here?

If I didn't jump back in or hadn't given management x3 warnings, yeah we would have been ransomwared, along with all of our clients

yikes, the stuff the keeps you up at night.

I gave them enough info to instantly know they were hacked when that system started acting weird

yeah for sure

thankfully my boss immediately shut down internet access to it and I jumped on to assist

I did a ton and learned a lot from that contract, that the company wanted to poach me from my old company, but I didn't want to move cross country to be on-site.

But made many linkedin connections that elevated me to higher career paths.

Nice nice, yeah I can imagine

https://tenor.com/view/deer-ice-gone-jumping-gif-13261777

the real scary part is that this was literally exploited by just adding some extra text onto the URL of the first time setup wizard, which bypassed auth 🙃

One of the most trivial yet critical vulns we've been impacted by

Shikonoko

legit CVSS 10

Fuuuuuuuu

Server decided to hop off the VLAN and onto my main network..... great

so much hardware that you flex, and it's crap

Listen

Is that sql injection or other?

I just updated the firmware on it and it borked the VLAN

Remember crowdstrike?

https://tenor.com/view/get-rekt-stewie-family-guy-gif-11461913

Nope, we've moved on from this solution so I don't mind sharing the full writeup about the vuln, one second

https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass

And now my server doesn't have any internet access

Where's my whiskey?

This was just absolutely catastrophic, and if we didn't catch it due to me staying on top of things, this company may not still exist lol

RCE into every single endpoint with ScreenConnect installed could have been the endgame

we just stopped them at initial access

https://tenor.com/view/it-problem-phone-call-have-you-tried-turning-it-off-and-on-again-gif-17823069

Looks like I'm going to have to. Router settings are fine. TrueNAS is seeing the VLANed network after resetting that NIC

ironically it was so much worse since it was literally any text appended to that first time setup wizard URL 🙃

Fuuuuuuuuuck

lol not sure if you're saying for me or for your home network woes, guessing the latter

Home network woes

Indeed but lol, you can still boot past that eventually. It will time out despite no limit

https://tenor.com/view/poke-im-not-poking-you-emojis-gif-14385390

And all I wanted was to go to WPA3, and update the firmware....

I swear.... I break things without even trying

skill

What router did you update?

wassup wassup

Great, and the server wont be able to go out

Asus RT-AX86U Pro

true but that's better than being stuck at boot

ah I have 0 experience with Asus routers, I am typing on one of their gaming laptops rn though and no complaints there 🙃

Anyways good luck to the network, I think it's back to Cyberpunk for me

Love my router, but the VLAN in the past, on setup, was flaky, but once it got going, never gave me any issues'

Even replacing that NIC on trueNAS level didn't like it.... hrm

btw friendly word of advice, even if you share this server or others with me, but have never talked to me before, then no I will ignore your random friend requests

yeah that happen to me earlier

at least chat at me once lol in general

happy with mine...

Oh you had ScreenConnect deployed at work?

After loging in to google with 2FA it kept loging me out after browser restart

no my personal

Yeah that's because all the user accounts were deleted due to a "fresh" admin setup

mhmm, fair enough

ScreenConnect is a bit major for personal use so that's interesting

idk if thats ScreenConnect

but yep that IOC was literally what I warned about so my co-workers instantly knew what was up

but probably

only "data loss" we suffered was trivial to get back, was only the user's database and security databse basically. Trivial after we remediated the issue offline

Needless to say, we moved on to another solution lol despite updating

ye

CVSS 10 auth bypass just by appending any text at all to a URL is completely unacceptable 🙃

for sure

it's like letting everyone in to my home

Yeah it would have been potentially company ruining for us if this went its full coruse

yeah

but they dont know where you live

I've known people to work through holidays.

Remember Log4J?

I sure do since that's literally what got me back into infosec and got me noticed for it professionally right after I was hired

I stayed on top of that stuff and dutifully updated the few concerns we had

lol log4j was my second month with this company

Ubiquity controllers were vulnerable to it, but I don't know if they actually had any externally accessible API endpoints in which to interact with log4j, but was a major concern either way. That was still early days for me anyways, I signed up for TryHackMe soon after

learned infosec on my own in the 00s, thought I could never have a career in it and gave up. Signed ontop helpdesk in 2021 an was instantly thrust into infosec and sysadmin after proving myself. Thus why I am still here, I had to play some catchup

Security research and manipulation's over-all entertaining. It's like solving a rubik's cube.

@sinful moon solved it

https://tenor.com/view/problem-solved-booger-brown-the-cowboy-way-solution-found-no-more-problems-gif-18480707

Good stuff!

Also lol your name is like unreadable against the yello reply BG

Anyways not sure why I spilled my guts about my past like that but it was both relevant to log4j and how I'm feeling in #cyber-and-careers lol

May be a rocky road ahead so we shall see

Excellent! lol

did you off/on it ?

.... shut

yes

But now one of my pi's no likey WPA3

guys do u hate me

lol no

i’m kidding idk why i felt like i wanted to copy paste that

it’s wild

Yeah let's not.

is that against the rules

Counts as spam

right

damn nice pronouns in ur profile

I'm good with either.

sounds good hole

Ola

sounds good ass

Yes

anyone familiar with the vouchers? wanting to ask my work to get me one

What do you want to know?

I believe I hve an understanding, they should just need to create an account (which is free) and then go the this page https://tryhackme.com/subscriptions and select the correct parameters and pay, but how do they assign it to me?

you get email

@knotty crown

i assumed it would be fairly simple, just they get to see the code somehow and they provide to me in some way

They get a voucher code they give to you

thank you all so much <#

❤️ I need to be confident in how it should work before i bring it up to them, and this makes me feel just that way. thank you so very much

on Discord? you'd just do

The windows computer won’t update 😩

Oh I was scrolled up

lol please provide more info. Did you check in your Windows Update history that the 2024-10 updates have been applied or not?

I've been tracking what sysadmins have been saying about these patch tuesday updates and there's not been many major issues

We've already applied it to at least 20+ servers without issues

https://cdn.7tv.app/emote/66f7d7251cf9362138a24153/4x.gif

Now I have to find a way to change my user password... cause, I don't remember wtf it was, nor the username lol

saved in browser might ?

Nope

checked my password manager, not there

welll.. you are fracked lol

Not today! I'm able to access /etc/shadow using my Arch Linux laptop

https://tenor.com/view/i-use-arch-btw-use-arch-linux-fedora-gif-23272370

It’s this computer, it’s always having issues

lol that's fair but like what does Update History say?

i use Arch on my (personal) pentesting server btw, milady

For example, you can see some (but not all) of the 2024-10 updates applied here because I haven't rebooted. This is also where they'd show you errors if they're not already front in center

lol I'm not always great at making the quotes/ideas seperate but you get the point

I have no idea, it’s had a melt down and I can’t access that rn

meep moop time for sleep sloop as shadow is bored and tired so the beep boops will be blasting

lol goodnight Shadow!

off to sleep

was a productive day fr

evening everyone

Night to everyone going to bed

nn

just wrapped up my eCPPTv2, so my head's a bit mashed

Test

It worked

😂

Everyone Europe?

Not everyone.

Why Elliot headache? I am aware of the zero days but this is like my gaming machine lol. I'm in no hurry

I promise I will not open a comprimised MSC file or whatever for mmc profiles lol

anyone been working on anything fun?

Windows updates 🥴

playing video games, I've been working on beating them. It's quite enjoyable

Unfortuantely I don't really have tons of energy for projects outside of work anymore lol

I feel you

It's not actually that tricky, you still haven't given us like a single solid lead or error code to go from. No reason why October 2024 updates won't install for you from what I've been reading

Well there's this "feature". https://www.windowslatest.com/2024/10/10/windows-11-24h2-issue-creates-undeletable-8-63-gb-windows-update-cache/

good

@sinful moon kill me... been trying to get PiAware to be able to connect to WPA3 network for about an hour now, no matter what I do, after I reboot, it reverts the changes, even if I set the wpasupplicant to key_mgmt to SAE

lolol

just please make sure your PiAware is up to date at least, I keep warning my boss has like major vulnerabilities detected

he may or may not be in the top 100 users for data entry lol

kinda helps if you put your antenna on a freaking roof of a 5+ story building on the coast lol

only real obstruction is a cellphone pole behind it

I don't have direct experience with PiAware, but I feel something in the software is overriding your settings, it does have that fancy web UI and such

but I can say holy crap do I love software defined radio and just general radio concerns

I'll say it, I think that shortwave radio is fascinating and inherently spooky, especially with its worldwide wavelengths. And is funny, radio is so much better at night with how the propagation works out, just lends to the general spookiness of radio

But fair, media like Silent Hill 2 (PS2) may have been the trigger, or the obscure point and click game Amber: Journeys Beyond (PC 1996). Both use radio in really supernatural and creepy ways

I love how the enemies who approach you in Silent Hill 2 also cause massive radio interference. That's always been a big thing for me in horror. Like if they're messing with our modern technology too, no that's even more messed up

Can see The Ring/Ringu for similar vibes

lol I had a hard time sleeping next to a CRT for a while after first seeing Ringu

I am getting error while updating my kali linux saying I should run this command sudo dpkg --configure -a.
When I ran it, it is asking restart service blah blah blah.
What should I do, coz last time when I updated my kali, I got fucked and had to install new one.

There's no reason to run that

just sudo apt upgrade then sudo apt update unless you want a new version, but no you don't need to reconfigure them all, that's going too far

Trust me.... I got a cronjob running every night to update and full-upgrade it.

I think that's a mistake but fair enough. But I'm obsessive about updating my Linux boxes lol

can't complain about Linux automatic updates too much, but I'd be more of the mind that Id like to catch issues

also how do you handle kernel updates?

But it's giving me same error everytime
Error: dpkg was interrupted, you must manually run 'sudo dpkg --configure -a' to correct the problem.

okay but how about the commands I just recommended

@sinful moon If I can't naturally get WPA3 working. What's your thoughts on this alternative:

I setup a quest network, hidden SSID, have my PiAware join that, and have it WPA2/WPA3, and have inTRAnet access, while my main network is WPA3.

Yeah I tried that

wpa-psk

Then you massively messed something up somehow and apt is not being specific enough

I don't want to see that ever again....... change key_mgmt to SAE, reboot, back to WPA-PSK

Don't tell me that, It's not been long since I fucked my last kali

But also I mean this is just a kali system right?

like just reinstall, that's the point, this is not a permanant install or a pentesting server

you can just trivially reinstall and have everything all good, nothing should be stored here locally which is critical

But I don't want to reinstall everytime I am doing some box. I might run into the same problem again

just yeah stick to the typical apt update apt upgrade flow or whatever

If you use VMware, snapshots are king

that too

Ideally though, Kali wasn't designed to go through mass amounts of updates

always nice to have rollback provisions

mhmm, it's purely a tool for infosec professionals

significantly more painful for my own choices with my pentesting server but cries in my own decisions lol

Still not actually that bad lol, I just never signed up to be a PostgreSQL DBA, thx Metasploit

I just have a golden image, I run an ansible script on first boot, and throw away when I'm done

I took snapshots. Can I just look them by running previous snaps ?

yep no complaints there, nice showing off c:

I would like to get into ansible automation more

They're like emulator save states more or less, you can effectively travel back to that point in time including filesystem changes

I've played with chef and puppet, but prefer ansible. It being agentless is a bonus, and just needing ssh

A hosting company I was at a few years back used salt, that was pretty good

Totally fair, I am somewhat familiar with all three but I do not have direct experenice, just know the most about Ansible

red hat has come really good documentation and it's all free

lol the limit of my devops was "make me a web host which can host three sites"

you bet and I just did docker compse for that, nothing crazy load balancing which needed to happen so that was all well and good

I'm networking now, but devops has even creeped into here

lol yeah I'm just at a small org so it fell on me as the Linux peep

you can run ansbile on modern cisco equipment