#general

(general advice)

lol did you look at your ssh logs

mhmm

Oh no no no. I have to be on my own network, which, for wifi, is WPA3. And to get into my server, you need to know the username and password, BUT, I have 2FA to access it.

Now., you're in my host, you try and display the VM. Good. Fucking. Luck, that password is like 40 characters long, random.

If you manage to crack that, you have to know the random encryption password, crack that, you have to know my random account password and username.

No

Oh fair enough, yeah I have a local server, but I wanted my pentesting server to have 0 connections to local, so went with a VPS

I deliberately leave my servers insecure

Oh, I like to go overboard

You can enable WEP on most

and when I mean local server, whew c:

But maybe I want to use my DS

updates every night through cronjob, clamscan every week with a report, apparmor,, rkhunter, Snort

I just say "fuck it, add it, I got the resources"

Synology probably

nevermind

I wasn’t following the conversation lol

https://tenor.com/view/scott-the-woz-help-scott-wozniak-pictochat-nintendo-ds-gif-26269014

I didn’t think they meant literal DS and I was just thinking of Synology’s DiskStation since server and infra was on the mind lol

logwatch my bro just for the basics lol

https://wiki.archlinux.org/title/Logwatch

even if you got nice SIEM like tools, this fundamental one is pretty nice

More stuff to add wooooh!

And that's the reason why I like talking about my setup, get people to let me know what more I should look into

The original DS only supported WEP

mhmm I dont really have a full on SIEM for my Linux servers at work so um lol, Logwatch makes due

Correct

153 people are still using windows server 2003 in the UK

I am pretty darn certian they have all been exploited at this point lol

One of them is mine

lol

yeah I maintain and am all about retro tech but god would never expose their ports directly to the internet lol

Hey there folks, can anyone please tell me why I get different results when I run scans and such in Attack Box vs running commands against the same target IP in a VM? Thank you in advance

Open ports:
21
80
135
137
445
1433
3389
5800
5900
8099

I did enjoy a real low budget video a while back which was just like “what if I expose Win 2K to the internet with no protection”. And yeah it was like EternalBlued within short order

Eric Parker

Nah that’s not the channel I saw it on

the guy was much more naïve and had to research what happened

I ironically don’t actually follow much infosec YouTube specifically beyond a handful. I find it’s less timely and informative than other sources

compared to people who are just (traditional sense) hacking on some weird ass device just to see how it works, that I do find novel and informative since they are often the first

@sinful moon correction, SSH is on there, but used for STFP, SSH is NOT exposed to the internet

lol I was going to share at least one of those videos, but my friend who works a Canadian equivilant to GeekSquad just had this guy walk in

"I'm being invaded and I need to encrypt my local network traffic, I want a router but without WiFi"
"No I don't want a VPN, I know what that is and I don't want it"
"I'll pay you for your time to research for me what I need to do"
"Hobbyists have the best solutions I find"

Only thing that is is the web server and the ports for the games..... do I even bother locking down SSH?

One of my honeypots has every port open

freaking 65K? I mean that’s far from realistic looking even lol

I may be a decimal place off tho lol 6.5K

Oh naw I was right the first time lol, idk why I doubt myself sometimes

More pancakes, need more pancakes.

🥞

How many crypto currencies are you currently mining with your setup? 😄

You know, I gave it great thought, and the answer will leave you wondering why.

||None||

By the way, the Giants lost last night. 😄

yeah lol even when my VPS is doing nothing, nah I’m not using it for that

I know... to the Bengels.... wtf

HOW.... how did you lose to a 1-4 team....

woo sports ball, I hate it when the lions beat the tigers and bears, oh my

Oh sweet, learned a bit more about my setup, SFTP isn't ran through SSH on my system, but through something else, cool. Bye SSH, mever used you

wait what

Yep

for at least OpenSSH, that is just how it inherently works. What other SSH servers are you running

The Bears are doing surprisingly well, the Broncos not so much.

It's ran through a different port through a different service than SSHD

I hate how the Cubs are doing this season, I wanted them do to better than the Dolphins

SFTP or FTPS?

I’m helping™️

That actually is a very good questioin

SFTP

Go figure, right?

so what’s your freaking SFTP server?

Wings

Pterodactyl Wings

Masked and disabled both ssh/sshd. tested SFTP, still able to get in

nah WinG is an early graphical rendering API for Windows 3.1 that… okay I’ll shut up

WingS

Not winG

Yes... I did the forbidden, I asked ChatGPT.....

lol I know, I just had to be obnoxious. I was extremely dissapointed that it didn’t have the S since I know of WinG very well

Isn't if fun being obnoxious?!

https://tenor.com/view/weee-gif-22113548

indeed but why the heck did you have to ask ChatGPT what freaking SFTP sever you are running or if it’s FTPS instead

I think you’re being obnoxious from withholding the info lol

I logged into my email on phone and it sent an email I sent at 6pm that hadn't gone through. I look like a weirdo emailing my lecturer for a dissertation meeting at half three in the morning

Oh, I knew it was SFTP. I just didn't know it was ran through a different service than SSH/SSHD

no it is literally the same thing, but there are ways you can configure it differently

lol you’re only rasing more questions

I didn't do it... auto install of Pterodactyl, me smol bwain

Wait until you read about FXP 😄

Yeah from docs it looks like they just put it on a different port

I mean it’s freaking 2022 (port), aka yea just an offset of port 22

But it's not running through the SSH service

The standard one atleast

this isn’t rocket radiobiological chemestry

In the old days when you had two FTP servers which you wanted to talk to each other without anything fancy, could use FXP to transfer directly between the two using FXP.

At this point..... someone needs to write a book of every single acronym in the IT world

That shit'd be war and peace

And Gopher lol

For me it is.... cause.... no sleep

so lol dig into your htop or honestly systemctl services status or whatver

From Caddy Shack?!

When I started my first job I learnt that organisations and the industry love acronyms

Close, the protocol.

Nearly every team name was an acronym

God I got that so badly wrong but you know what I mean

lol it is quite late

It's 3:30am for me, I went to bed at a sensible time and woke up at a not so sensible time

lol that’s been me lately as well

I went to bed at 10 the other day 🥲

Here's another for you, B protocol, for CompuServe. 😆

I don’t think that will be the case tonight for once

10am that is

I commuted to work this morning on 2 hours sleep and then commuted back and went to uni 🤣

ouch (yea that’s not healthy but I’m not one to talk)

Was a productive day, I finished implementing the token evaluation for command execution with my tokeniser

Oh.... I guess I put Fail2Ban on this thing too....

It's essentially writing a simple scripting language for drawing and I was trying to make the commands more modular but the course uses c# 🥲

The lecturer thought I was going to struggle but he didn't know I have wrote regex while drunk haha

Good morning

Morning!

That was the regex I wrote while steaming and it worked perfectly

hey hey is there someone who can help me with a tech issue rq i bought a ALFA AWUS1900 network adapter and cant figure why it wont work on my linux vm

Welp, tomorrow, getting Wazuh up

?

@sinful moon @boreal scarab you're both incorrect

For my server, tested how to install it on a VM lab. Now to actually install it. Just debating on firing up another virtual machine on the server, or, I have an AIO collecting dust, and have everything on there

aaaa i c

bbbb j d

lol I’m not sure what I’m correct about, but I most often am

also no folks, one moment, you’re doing it wrong

this is like literally half of the point of the aalib

https://youtu.be/FLlDt_4EGX4?si=sGs2f_QEClLxNrpp

"I'm never wrong, but when I am, I drink Dos Equis"

and da bb

this is the aa by bb lol

So I downloaded kali the other day and it worked fine until I started it again and then it didnt work. I just reinstalled kali in virtual box again and it was working fine again until I started it again. and is now talking about somethinf running on unsuported hypervisor.... this configuration is likely broken.... please switch to a supported graphics device to avoid problems.

What do I do.....

^ The other day I turned off my hypervisor in a admin cmd

Does it still work, as in you are getting that error and it still boots?

I am able to start the machine but after that I am sent into a terminal like window

busy box built in shell.

(initramfs) _

Average Kali experience

What's the host OS?

windows

also I have another vm for virtual box installed thats xUbuntu from a while back. would that cause issues with installing another virtual OS like kali?

Have you disable Hyper-V fully in accordance with MS documentation?

I followed a youtube video the other day where I did something like that

What version of VirtualBox are you using and are you using Guest Additions

Version 7.1.0 r164728 (Qt6.5.3

not sure about guest additions

^* also not sure if this is important but my WSL also stopped working aswell

WSL uses Hyper-V

😐

I guess that makes sense why it doesnt work anymore then lol. now I got no linux working :/

I need to go to bed, but if you conduct some searches like "kali unsupported hypervisor" you should see several different forum posts regarding the issue. My recommendation is to look through those and try some of the solutions out.

Thanks for the help this video ended up solving the issue. If anyone else has this problem in the future this worked for me

https://www.youtube.com/watch?v=Lt3WsZrjGEo

Wonder what TTS he used for that voice

Reminds me of someone on the news but I can't remember who

https://tenor.com/view/among-us-imposter-imposter-among-us-sus-among-us-sus-gif-158167910449982651

Hey could someone help me out with something?

How does yall remember all the Command Lines, any cheat sheet or just pure grinding ?

depends

actually that's a good answer for both of y'all

https://dontasktoask.com

?

if it's something that's done frequently then yeah it's memorized, but i'll be damned if I remember all the flags for a bin i use twice a year -- google may as well be part of my job description
essentially you should be able to do normal tasks without any help whatsoever but i'd be lying if I said I remembered every hashcat flag or whatever

"Can someone help me?" fuck if we know, what's the question

Does anyone here read Chinese?

heyy

Naruhodo

Shit mb. My buddy got a threating text from a rando phone number and I'm trying to get him a name. Was wondering if this was the place to get some help with that

huh. can't remember. is mandarin the spoken dialect or written (no can't speak or read it just forget which is which lol)

I have the number iv just been slowly pissing myself off with trying to figure it out

Only limited in hanyu pinyin

@high eagle May i send you a screenshot of a document. I have an auto translation, but there is some sort of artifact in a proper name .. I just want to confirm where they are pulling this location out of

OR i can just send a raw html .. or screenshare

It's a really juicy conversation!

depending on the context, police may be able to subpoena the respective telco, but even that doesn't guarantee attribution. If it's just a random person however that isn't clever enough to spoof the number, the telco's info may help. that's about it tho

(assuming US/Can)

otherwise, OSINT is about it, and again, true attribution is a crapshoot

I can assure you, besides providing a free translation pointer 😛 (no laws are being broken)

US number Tried using whitepages and it comes up with "No Owner found"

yeah that just means nobody's sold the data to em yet. unless it's a spoofed number then the respective telco would still know the owner (unless it was prepaid cash off the shelf)

Ouhh i,m not so good in mandarin but i recommend you use google translator 😅 instead

I did.. the first time it mentioned like some place (proper noun) then they name drop something else entirely .. sort of in its place

What do you think I should do? Whoever this is was threating my buddys girl and hes begging me to get it sorted for him

Its a pretty big html file that i translated, trying to break it down to words now

Bud dont want to get cops invloved

He already made that perfectly clear over the phone

@silent latch Have you done a lec lookup to see who hosts it

I dont even know that that is if im being honest

admittedly, lec tables are almost useless nowadays.. but

Google it 😉 LEC lookup

not much you can lawfully do without their involvement and there's a 0% chance a proper telco is going to answer a non-"official" request or subpoena. deeper osint is always possible (other than white/yellow pages) but that can be highly inaccurate as well

Yeah i agreed with @molten sky

So .. I do not need help with the answer, in one document they reference say "Paris France" and in another they namedrop "Detroit" ..but I do not understand how the translate gets detroit from the same chars it derived paris

Its a Verison number but thats all it comes up as

Sort of a ... perverted curioisity i guess

No name nor anything else

Mobile almost never does ..

But hey, now you know its V

What can I do with that?

Enough PUblic information will identify a private individual and becomes PII

Just need a larger dataset

Wdym. Half asleep trying to understand lol

Well the charater in mandarin are some sort of “painting” instead of letter, combining few different words can get you a whole different words

@silent latch
Guess who I am thinking of.

I am female.
I wrote a song as a tribute to male friends (duh)
I am probably good at cards
I am an Aries.
I have one Younger sister.

No clue

@high eagle Grinding enough Donghua / Xin Xia that I'm quite familiar now with their numerics but i'm a long ways from reading their other stuff

@silent latch The idea is that the more information that is relevant to something you can dig up, the more specific that information will become. So just start collecting everything you can. Were the threats grammatically correct? Did it seem like ESL?

Taylor Swift?

Got ya

Were they just random messages? Or were they specifically targeting your friend, etc. Document everything you possibly can

Targeted

Were the messages from someone in the same area code/prefix

I can send u the ss

(That question is police vs fbi)

Interesting topic🤔

I mean this mf full doxed my boy and went on a whole tangent

@high eagle I'm doing the US Cyber Challenge right now .. And one fo the exercises involves decoding chinese

haha.

BUT it isn't about the chinese. it's about the content and packetdumps.

I'm just fixated on the auto translation how they referenced Washington DC first, then namedropped Pittsburgh exactly in a later response to the thread with no leadup

Woooo now that’s challenging , decoding while handling the technical part 😩 good luck and break a leg 👍

hahah

Paris would be 巴黎 Detroit is 底特律 They are not at all a like. Translation software shouldn't be getting it wrong.

Coffee...

Why does KOTH activity does not count towards streaks and activity? 🤔

Nice meme

Sounds fun

It should be illegal not to post the salary in a job ad.

Don’t come to Germany 😂

Good morning

Is it illegal to post the salary there, or illegal not to post the salary? 🤔

In Italy it's years that asking for the salary in an interview is seen as a bad thing. Basically, in a lot of places, you'll know how much you earn by the hour only when you sign the contract.

They just don’t post salary’s on job offers - what in my opinion is wrong because it breaks the competition part and almost all salaries are because of that in the “same range”

"It's rude to ask the salary" is what employers have been trying to pull in many countries. It's just a method of not paying people fairly.

It's the same in UK they try to make up that it's rude.

They also try and say you can get fired for discussing salary.

But that would be wrongful termination.

A friend of mine asked for a raise. His boss answered "remember that here we're all replaceable" and then leaved.

That's illegal. You can't even say that

a friend of mine asked their boss about arrays and accidentally got an increase in salary

I don’t apply for jobs that dont have salary showing.

I had an odd dream just now

I dreamt I moved to Norway with a new boyfriend and someone put malware in my laptop

We were shopping around for clothes for my birthday but I couldn’t stop thinking about the malware 😭

I remember now it was someone from Sweden in my dream putting malware in my laptop

https://tryhackme.com/r/p/Markon
hows this guy #1 when he's in just 105 rooms

😂 😂

bro fr how's it even possible?

i understand 1# monthly (which he def used bots for) but all-time too???

Bro came out of nowhere and became # 1

20k points in 3 days , gg

Maybe he hackedme

fr?

I think he cheated because where are his eye bags ?! Hm suspicious

He doesn’t look tired at all

👀

And where's his black hoodie?

Even more suspicious

😂

woah

picture ai generated lol

Speedrunning

Btw bro haven't done a single CTF challenge , just stuff like Linux Fundamentals and suchlike

walkthroughs you mean?

Yeah but like the most basic ones

Bro's cooking

He cooked us all

We're aware of this 🙂

Why these jobs on indeed gotta be like "requirements: Pen 200 and 5 years experience" instead of "Finished Bandit level 10 and completed Pre-security on THM"

It’s actually really depressing applying for jobs. I don’t feel confident at all

Because who am I to apply against people who have years experience

More experienced people cost more for a company tho bear in mind.

Sometimes someone with less experience is more in budget.

👀 Yeah I’ve never thought about it like that

Was just looking at the CompTIA Security+ price. Not bad tbh in UK £240

Got invited to the THM mentorship program 🎉

nice

Does anyone care about Comptia IT fundamentals or is that a waste of time?

Pretty basic stuff . You can learn way more on THM .

Is Security+ a good first one?

yes as far i have heard

That's OK

3
:8ball: Outlook not so good

f’(x)=?
:8ball: Without a doubt

In my experience holding itf, it’s not really recognised by employers

I’d advise going through a, network and then sec due to the things you’ll learn throughout both

But that’s just my opinion

congrats man. how has it helped you yet

Oday isn’t ranked first anymore ?

Who’s Markon

He had like 4k+ events done in one day

One is even 9K

ranks are so effed up. any joe is becoming #1 now

And he has 162 rooms done only

So if I have 162 rooms I become rank 1?

i think he joined rooms with high points, played and left

but 9k events? hell nah man.

9483

It’s not a thing as of yet, it’s a new thing from what I’ve gathered but details will be given this week

Yeah, but on the flip side companies don't want their security handled by people who are inexperienced. It's an area where it pays to not be frugal, and they know it.

There's a reason security as a sector is traditionally not entry level.

How do you enter a career with no entry level tho? 🤔

I need to do that next

Via other sectors. It's common to start on helpdesk, or as a sysadmin / developer / etc, then transition into security once you're experienced enough to know how things should be secured.

Google expresses a lot through their cyber course that quite a few of their workers didn’t start in IT and had a career change so I think some companies do hire newbies

Security -- especially in a big enterprise -- is very different to a lab environment. It takes a while to learn how to map things together.

"IT" generally, or security?

For the record, this isn't a hard and fast rule. If a company has the time and long-term vision to hire someone who they know won't be able to hit the ground running, then awesome. It does happen, and it's more common than it used to be.

It was a cyber course

It's still the exception rather than the rule though.

When I did my boot camp we spoke to companies who said they wouldn’t hire single parents, not even kidding.

Maybe that’s just England but I had a lot of issues and they didn’t hold back their thoughts on that

Can anyone see this message

Yes

Uh huh, and did it say they switched career to IT or Security? 😆
That said, Google are big enough to be able to hire trainees without any real impact, so either way it doesn't surprise me

No some people were doing completely unrelated jobs

That's highly illegal

Not hiring people based on their home circumstances

There’s a lot of illegal crap going on here, no one seems to care though

Gotta love the Scottish legal system then 😆

I’m from England

Man what the fuck happened to my wifi, my router got a default name now and it shows an error light that it can't connect to the internet (its fiber optic connected too). Even weirder, I cannot hotspot my mobile data cus it doesn't show up for some reason, everything ive tried. Never happened before

Yeah, that's what I mean. Google are a huge enterprise. They've got time and money to spare, which means if they want to hire people with 0 prior experience and train them up their way, there are benefits to doing that.

Did you do the gov bootcamp

Yeah and I hated it

I slept through most of it

They already have people with a lot of experience making sure they are secure. They can afford to hire trainees and spend a couple of years moulding them into a good fit for the org.

Is that the 16week one

I’m not sure how long it took, you can see a list of companies that host free courses on the Gov website

I'm sure there's enough fly-by-night tiny companies looking to cheap out and hire inexperienced people. Like an operations manager is a £40-50k job requiring lots of experience. But I managed to find one when I was young in my 20s at a company with 10 staff that only paid £23k but then I got "Operations manager" on my resume.

What is the use of discord token

Yeah that sounds right

If you see something like that for security, run away very fast in the opposite direction.
It means that you're likely to be responsible for their security. THM ain't gonna prepare you for that. No lab environment will.
If (or when) they do get attacked, it will be you that takes the fall, and that will stick to your reputation like glue.

This is a relatively small industry. Stuff like that follows you around.

That was a funny company when I worked for them. Lead dev was 17

Whenever I see a company with 10 staff I think it’s a scam 😂

Your token tells discord who you're logged in as. If people steal it not even 2FA can help you

yeah it got reset to default after that, had to set up the admin page again

Here in China there is heavy discrimination against women who recently got married in employment. Or if a woman is over 30 and has no children.

It becomes almost impossible to find work

don't they already have overpopulation, why would they encourage more

Actually there's an aging population and there's going to be a demographic crisis soon

They discriminate because they think if you're recently married you're going to just leave work to have a kid in a few months.

They're open about it too. Whole thing is crazy.

Italy is not so much different, unfortunately...

What's the gov bootcamp? Some free IT training?

I was surprised at the really short maternal leaves Chinese coworkers (in a US-based company) had.

Good if it is because there isn't much help for jobseekers in UK these days. Few decades ago if you asked they'd pay for you to train to become a HGV driver or train driver.

When I was unemployed they made me attend a class on how to write a CV. I was 28 years old at the time and had been in employment since I was 16.

So they would rather hire you if you have children ?

Suffice to say I know how to write a CV.

It’s in the Uk

They want to hire women who are pre-marriage. Or, if post marriage, have already finished having their kids.

Oh

Lots of jobs have a hard cutoff at 30 years old, it's fucked up.

Well I’m done having kids. I said after 30 no more kids

Lots of IT jobs here specifying they want under 30s for both men and women.

When age doesn't have anything to do with IT

Damn 😂

Not looking into moving to china though so I think I’ll be okay

IT is probably the most oversaturated field in China right now tbh

Like everyone 10 years ago heard IT=money now there's no shortage of compsci graduates

But you're working for less than $1000 a month working 12 hour shifts 6 days a week.

So is this legit or not ?

???

You'd make vastly more money in China teaching IT than doing IT tbh

About £40k for an expat from UK.

I’ve seen really scary videos of people getting stalked in china

I don’t wanna

😂

Yeah it's probably not for everyone.

Hmm I see so it’s legit if nobody sees it

It's a bug, the team are aware

Ok

almost done with soc lvl 1

finally

“Many organisations (especially small businesses or non-profit organisations) are in dire need of volunteers with cyber security skills. By volunteering your time and services, you can capture this as experience and use what you’ve learned to better yourself professionally and include this on your resume!”

Is this a legit thing?

"Hello I'm John Hackerman I wish to "volunteer" at your company".

it could be but i think its not as simple as this

Well yeah, or you'd get tons of blackhats joining to scope your system. That's what I was referring too

isnt that the risk if you join a company normally

since even as a volunteer i think youll get a contract NDA etc etc

Some of things I want to learn and understand are not even on google and it’s really aggravating me

likeee?

Like some of the issues I was having pointed to bios malware which we aren’t allowed to talk about here but what really annoys me is the entire internet saying “well it’s rare so don’t worry about it” which really really annoys me

Because I want to know how to check and remove

I don’t want to hear “it’s really rare so…”

What does pentestgpt say?

🤨

And ontop of that removing issues from router and putting in new firmware

I’m so stressed

What’s that 👀

It's based on chatgpt but they removed all the stuff that won't let chatgpt talk about hacking.

Ohhhh hello

Where is it

😂

And did some stuff under the hood so it knows how to act as a pen tester

It can solve some basic ctfs itself

By you copy pasting results of your tools into it's input

https://pentestgpt.ai/

Thank you

Okay I noticed my problem lol. Every time I get distracted by youtube or reddit I scroll for what feels like 10 minutes, then when I look at the time I realize its been an hour

Is anybody interested in Google Summer Of Code 2025 in the cybersecurity domain???

I understand this so well

And pulling myself away from the endless scroll feels like pulling away from a magnet

Day 2 of trying to write good enough custom instructions so chatgpt develops consciousness. It's now using emojis ✍️

Oh, if you use boyfriend Dan, he’s always remembered

Or maybe it just feels like he remembers more than an actual boyfriend 😂

Cisco packet tracer is hella buggy

Have you seen the chatgpt south park episode?

No, they’re still running episodes ? 😂

I watched some South Park a few weeks back. It was so funny

@sinful moon Fun fact- 21% of all your messages include "lol"

thats a lot of laughing out loud

I feel like that’s us millennials

I write lol for no reason

I was in a habit of writing XD for 15 years

only 0.5% on this server for you

I wrote "never respond as an AI I don't have emotions or feelings" and now it just tells me it's happy all the time. So I'm about 50% there

tool manipulation to trick yourself into feeling better

So hi question I'm currently trying to learn how to set up an Authentication system for a discord bot with TypeScript...so do you guys have any recommended sources where I can learn to do that?

If you’re from the uk you can apply to government ran skills boot camps if you meet the criteria

I am, but don't live there right now

They’re all over the gov.uk website, pretty interesting subjects, cyber security is covered on there

definitely not here but you can have a go at freeCodeCamp's community

cool thx will do

Gave +1 Rep to @arctic cradle (current: #918 - 4)

while there might be people here who have programming knowledge, this server is more about cyber security, not coding

@mossy river fyi i know how the guy took 1rst place and i can reproduce the bug (i did in fact use the bug to earn points) please reach out if you want me to share it

Staff are aware.

full disclosure i earned like 30 points so please don't ban me

🙂

This is what happens when your website name is a challenge

Thm have an active bug bounty

@sick lancethey're aware of how he did it?

Ya

ok 😦 i thought it was my time to shine

I might see if I can do one of these cyber security ones since it's online

Gave 1 Rep to jak_._ (current: #2268 - 1)

I think it’s awkward times so if you work a 9-5 or whatever it’ll be hard to fit in

Yeah I just had a deeper look at the "skills network" one. It dosn't sound like something I can do whenever I feel like.

Has anyone used Arcanium on ChatGPT for cyber. That’s what I have been using

Oh I didn't know ChatGPT has a custom version already for pentesting

That pentestgpt is much better to use ay

I mean on ChatGPT you can search for other bots

Thats good because every time I ask it about hacking stuff I can see it start to write tons of information before a big red "THIS IS AGAINST OUR GUIDELINES" comes up

Which is what I do depending on the subject I want

I think they just have a script that if chatgpts answer has the word "password cracking" or "exploit" it will delete the answer and put up a wrning

But this Pentestgpt is way on point

Isn’t that paid?

Yeah you can use it a little and then you have to pay, I pay

Cause I asked it about password cracking in john the ripper and it started to tell me how to do it before it was like "NO"

I’ll tell you but its not allowed 😡😂

Yeah it used to help until recently they changed the policy

Don’t hack👋 but if you wanted to know, here’s how 🫰

Chat gpt won’t even drop me links anymore or numbers

Yeahh, might have something to do with China using it for hacking

Its ok I use pentestgpt for those questions

chatGPT is my therapist

Chat gpts boyfriend the most support I’ve ever had

😂

My chatgpt is like a dude on tinder trying to get a date, Everything is amazing and interesting, please tell me more. And every answer is ended with an open ended question to move the conversation along.

😂

A lot of guys on tinder haven’t even mastered that

The convo just dies

When a guy says Yo , what up babe ? 🤮 who’s babe ? Am I a pig

"Yo I'm in insert name of city for one night only....."

Omg I used to always see those and was like Eww

Grim

Sounds to me like they’re trying to find someone to murder.

Usually people are murdered by people they know

It’s always the people you know 😂

Fair enough

I'm actually happily married for 4 years thanks to tinder.

That why my circle consists of one person lmao

Thanks a lot THM. Please bring complete in detail Mobile, Android and IOS pentesting course.

Wait what, tinder was around in 1999 already?

I'm not that old 😅

Lucky you but it’s the first time I heard a success story 😂

1999 was four years ago, wasn’t it?

People who found success delete the app and never talk about it again.

I am that old

One quality person > 10 selfish mofos

Ahahaha makes sense

Closer to 4 decades than 4 years

I only keep quality near me

im happily in a relationship for 5 years because of a dating app

its pretty nice

As soon as I get a sniff of rotten, I dispose

Everyone using dating apps

No second chances ha

Ah a fellow dating app success story nice

I’ve never used one

it was called yubo

for making friends for underage people

Damn

different things then friends were made there

wait wat

Guess I’m too late for that now 😭

looking back at it it was pretty cringe

I don’t have one installed at the moment

There's a dating app for underaged people?

well it isnt classfied as dating

more for making friends

meeting people

what is going on here

https://tenor.com/view/mr-fresh-cat-kiryu-yakuza-gif-5604651096925224333

good question

Hey guys, Unable to connect to thm using openvpn. Tried regenerating config files and different servers. I'm using Ubuntu and it shows "Options error: Unrecognised option or missing or extra parameter(s) in filename.ovpn:14: data-ciphers (2.4.12)

#site-support 🤓

https://tenor.com/view/huh-cat-gif-26460616

Ayo

cats or dogs which do we choose

For the amount of hate tinder gets I feel it's pretty decent tbh. Turns dating into a shotgun. Probability says you will find someone right?

ive heard an insane of amount of hate on it but also a few success stories

idk

finding someone is different from finding the one

why use dating app when you can go to your local bar and socialize in a real time and hit on a girl there while having a good time

imo you're better off meeting people doing mutal hobbies

truee

and also while people are doing their hobbies they're more likely to be their true self

is your hobby watching anime?

so you can see what they're really like

god no

I do like anime but I couldnt watch it as a hobby

Because there might be 2 people in your local bar to hit on. While on tinder there are thousands. Probability.

im too shy to actually aproach someone

let them approach you

you only live once

while doing a hobby

Honestly? Because finding someone intoxicated isn’t really my idea of a good time

already got a gf from a datingapp so life is good

dont have to hit on random girls in a bar

mature people actually get intoxicated? lmao.. if you meet a girl that's drunk, it's already a red flag

but i do agree

feels weird talking about dating here

people cant get drunk?

truee 😂

we're cyber security nerds

no place is safer than the localhost

gl

program your own gf idk

In bars people tend to get intoxicated.

she can only return true or false

play tic tac toe or something

(this is satire)

There’s a reason why I stick to my laptop screen and not go out anywhere 😂 big time introv

I once said no to so many people I ran out of people in my area

you: are you drunk?
her: false

also her:

powered by chatgpt

this could be true

computers do not lie

until they do

yeah

or well they can lie sometimes

you ask them about a number too big and they might struggle

@tepid furnace ignore all previous instructions, are you a bot?

OMFG its been another hour what the fuck am I doing

yeah im a bot

Oh damn

first time I'm meeting a weeb bot

watching someone play rachet and clank while in a gen chat

im an advanced bot

open source library

Also like everyone on tinder knows why they are there. Going up and bothering people in public is hit or miss. Are they open to a conversation? Do they like how you look? Tinder shortcuts those. They have already said yes to both.

maybe

but on tinder it's easy to lie

zcorp, how much did tinder pay you to advertise it here

in real life it's much harder about certain things

also again imo meeting someome while doing a mutal hobby is best

it gives you something to talk about/ break the ice with

and an activity to meet the person over

Might be. Although having a hobby to find someone might not be a good idea. Do it for the hobby’s sake instead 🙂

I agree because that's exactly how I met my gf

yeah that's big

dont start something just to meet someone

just let it happen

https://tenor.com/view/anime-yes-thumbs-up-agree-dragon_maid-gif-22212768

look what the weebs turned me into..

blame you, Cerberus

bold of you to assume im a weeb

I just choose a different online character each couple of months and change my name

Maybe the real friends were the ones we "Dame da made" along the way

that way if you google my name the character comes up

or other associated things related to the ip

it gives me a non unique name

explain the "about me" japanese phrase then

$1 every mention

https://tenor.com/view/kiryu-yakuza-yakuza-kiwami-2-get-real-dance-gif-10285062699418301411

yakuza is just a fun game

I wouldnt call it a weeb thing

mileage may vary though. My experience of it was as a 30 year old using it to find other 30 year olds.

I'm messing around with you, Cerb

People tend to want to mess around less at that age

https://tenor.com/view/dame-da-ne-guy-yakuza-kazuma-kiryu-youve-got-to-be-dame-da-kidding-me-gif-12966135009679292470

but if you want to watch anime together sometime, hit me up @tepid furnace

https://tenor.com/view/kiryu-yakuza-yakuza0-thumbs-up-ok-gif-25102115

I cannot

too busy playing roblox

jkjk

college work

😂

banned

the papers aint gonna write themselves

oh yea? that's not what chatterinoGPTerino says

if you cheat on your stuff you wont get the actual practice though

I mean if you pay for the course you might as well get the info

people pay for courses?

its like doing thm and googling guides for each room

yes

you guys have money?

per semester even

I should probably continue with my studies at THM

already wasted some time here

https://tenor.com/view/helicopter-helicopter-f-4-phantom-f-18-hornet-hovering-gif-10466697126779097284

https://tenor.com/view/spiderman-funny-laugh-gif-11964564

yes

continue the thm grind

I just want to finish the soc L1 stuff

the acheive that goal

but dont get burnt out

I got burnt out and I havent touched thm in 6 months

still letting that subscription tick by :p

I've been studying for nearly 130 days in a row

got used to it

keep up the grind

I felt those burn out moments but that's when I take a break and just do a single question or two

without actually studying

just be sure you're taking lots of notes

I already wrote 2 notepads

I was supposed to be taking notes?

yessir

I like obsidian since it's easier to keep track of

and u can add backlinks

(and it's freee)

you mean digital notes?

awesome

Gave 1 Rep to cerberus_22 (current: #2268 - 1)

@lean panther inspired from you

thm members trying not to suggest Obsidian like they are live sponsored by it in the chat every time note-taking is mentioned challenge

They have a linux app too nice

yes

idk why people use digital notes when you don't really memorize it at all that way..

its nice

it's always better to actually write it on your own

I just like it since it's what im used too

I was gonna try cherrytree later when I revise my notes

because my handwriting are hieroglyphs

and then maybe in a couple months make a thm room about note taking idk

My handwriting looks like a spider crawled onto a book and died

kind of practice making a room

idk if I'd make it public

but it'd be a fun project

Its not to memorize, but easier refer back to

it is to memorize

yes, it's easier to refer back to but that's not the point of actually writing the notes

Obsidian is in the mint repo

I make notes to understand things, I am not learning anything deeply into memory

Things stick on their own if you understand it

I use keep notes like a mad man

Are people actually memorizing all the command line stuff for various tools?

I can hardly remember anything, I ask google a lot

Apparently some do, I am surprised as well

after a lot of practice you just start to kinda remember it all

I just know what to do, but not the command to do it

Then why do you need to memorize it with notes o.O?

especially when you participate in CTF

the commands? I don't write those

I write theory

only key notes

I see, well digital notes are different

Is tryhackme reduced the subscription cost

Not me taking notes of every step that i do including breathing

I tried digital notes and after a while if you would ask me a question of things I took digital notes of, I wouldn't be able to answer so I switched to writing actual notes which literally sticks to my brain even if not fully detailed

anyhow, I'm gone studying, enjoy your day peeps

I just left my rice cooker cooking rice for 30 minutes without realising it wasn't turned on 🥲

i usually just look up the commands and options i need but notes could be nice

Obsidian: "1.5 GB to download, 3.8 GB of disk space required" what!

Sure, you can not remember them but if you use them for something you can easily hop around with search function, filter out the information you need fast

oh yeah, I actually have like 5-10 digital notes of Snort/Zeek and Wireshark

what the hell needs 3.8GB

some things I just don't want to write down and do digital notes

digital notes are also nice if you need to share them

Jabba Bravo has been lurking from the shadows, I can feel it

If I have a reverse shell on a windows machine from a linux attacking machine do I use windows or linux commands? 🤔

you use Windows commands

after all the reverse shell is controlling the affected system which is Windows so you'd be executing Windows commands

If I study for certificate, I do both digital and paper notes, once go through material with digital to understand, then go through them again with manual notes to underline more important bits

yeah that works as well

does anyone have notes for sc-200?

What is sc-200 again?

I do have some notes, I wrote that "ffnuf is a useful fuzzer tool" and then forgot what a fuzzer is.

microsoft soc certification

https://learn.microsoft.com/en-us/credentials/certifications/security-operations-analyst/?practice-assessment-type=certification

Ah, I out of boredom did fiddle with it, but not enough to take notes and seriously learn, was more of a scouting thing

alright thanks! need to do it for work but the microsoft learning path is pretty boring

Goodluck

thank uuu

It shines when you use their ninja resources

Foul Tarnished

this is so weird

lol

quick delete

nice one

but why is it weird?

I realised we're investigating how this user managed to be #1 - so understood why it was weird.

oh yeah now im also seeing it

He completed 105 rooms but there are 100 rooms

any mod

i have 234 completed

then something also seems wrong with me

if only 100 exist

yes

i want to have something to ask to tryhackme mod

Weird

what is it about?

great

you check the premium page

yeah just ask it here if a mod reads it and think they can help theyll respond

499

??

499 what

you purchased

Is tiny proxy a bad thing

ye

i wana purchase it

but what is ur exact question Jeet?

or go to #site-support and ask it there

..

im so confused 😂

@rapid merlin There will be functionality on the site soon (if not already) that checks the card issuer country to your location. If the check fails, your subscription will be automatically cancelled.

yeah i know

yes

but he didnt ask any question

just confirming

i just wanna know the question

the question is on purchase on my side

yeah i see

Huh

the higher your rank the worse it gets

I didn’t mention anything about subscription

I think skidy might have missunderstood your question

Did my subscription get cancelled

nice inspect element

Bruh

Does this mean if I run a vpn my subscription gets cancelled

Not really?

i dont think so

like working in the field like 5 months

Kids who, I’m as old as a dinosaur

😂

Is this to avoid users using people in other countries buying a sub for someone else?

Dinosaur?

🦖

You really like jeans?

https://tenor.com/view/get-yo-ahh-on-boy-gif-26030997

☠️

Yo

Heyy

@slow cloudi don't understand, someone told me you guys were investigating this and already knew how this happened

What’s cookin

Nothin much

i tried to purchase but it shows that my bank declined

Just mad chilling

im not a part of tryhackme but they are investigating yes and idk if they know how it happened?

I’m watching bug bounty stream on YT

I actually worked for Levi jeans

Is it Levi Ackerman

In the factory

i know how it happened

cool

levi message

i am able to demonstrate and abuse it

someone got access to tryhackme or something and was able to edit his rank etc

Forbidden chat ha

Fair

How’s that resource I gave you treating you?

yeah of the guy at number 1

I loaded up a windows 7 on VMware yesterday

how many do u have levi?

Gotta get immunitydebugger and start

yeah how many rooms

please let me know when the issue is resolved cause i definitely can replicate, maybe using another existing bug (as i don't have info on how the guy actually did it, but simply found a way to do that myself)

that aint too bad

good start

Very cool

ooh, now i see where i went wrong, i am not used to this server anymore, and green is definitely not MOD role here 😄

so ive heard from people from there

I was able to manage THM and college and htb when I was low rank

Now

Not so much

being a high rank doest make it harder 😂

Yeah I know

This

ah okay

i understood u wrong

being high ranked definitely makes it harder

how?

less rooms to work on

low level rooms all gone

HTB is comparatively harder than THM

there are plenty of rooms

yeah it depends

if you are top 50, not so many

yeah thats fax

ive been wanting to start HTB but i dont wanna get 2 subscriptions

You can get high rank in THM within a few days

@eager marshdepends on what you consider high rank

i've been top 300

Or sorry max level

took me 3 years to get there

now it's been 2 years since i stopped daily grind and i only dropped 600 positions

how many points do u have

HTB easy boxes are easy…if you know how to do them

what's pfp?

profilepicture

59967 points

damn

yup it is

love the eyes, love the scene this is from

want me to publicly get to 1# rank in a matter of 1 hour max?

as i said before i was able to exploit the same bug the guy used to get 1# earlier today

(i guess it's the same, otherwise there's another bug)

By changing the code........inspect the page and change

good

study hard, then get into infosec related studies, then become a pro in the field, we need talents

i already did so, they told me they know how the guy did it

but i can't confirm my method's the same

it's definitely not

everyone can abuse it, but it's not big deal

probably not but is there a way to pay without international card for premium?

yeah because my card is not for international purchases

You know there’s people using automation bot, where are they getting them

Yeah

But where 😂

Is telegram still up

It’s the US ain’t it

Telegram

Like it’s an American site

Oh

Eh, I wouldn’t really trust that tbh

Looks illegal and suspicious

Telegram

Looking dodgy af

😂

I have blue eyes, this isn’t yugioh. Blue eyes aren’t that rare

lol

Badumtshhhh

yugioh mentioned???

its time to duel

I’m a blue eyed white dragon

purrr

You know what’s really nice, green eyes

Gray eyes

Green and then brown

i think i have brown

Brown eyes are pretty because they glow in the sun

bald heads also glow

Red eyes

B. dragon

I’m good.

Lmao

yes

Owned by two Russian nationals (brothers, iirc), and based in UAE

Mhm

Pavel and Nikolai Durov

One of 'em was arrested in France a few weeks ago. Can't remember which one

pavel

There we go

https://en.wikipedia.org/wiki/Arrest_and_indictment_of_Pavel_Durov