#general

I prefer to be on the attacking side

Though blue team stuff is also very nice, I prefer the red side

Around 60% of the website is free.

If you are going to do any red-team stuff. You need to know blue team for any reports your going to make

howcome red team is easy compared to blue one

If you don’t know how to fix the vulnerability, it’s still fairly good but not quite what people are looking for

for an information security analyst role what should i be studying?

You got in trouble for the doxx more than anything.

But it gets a bigger issue if you keep raising it.

Learn from it and move on

Keep learning but slow pace, dont go fast like me! I fuced up

I think it will be forgiven, but keeping it in the back of our mind

Morning

Good middle of the day

How are you guys doing

Im doing quite well, I just came back from looking at some motorcycles

Im doing great, thanks

Nicee you getting one?

I hope so yeah

Im gonna try to get an archive scrambler 50cc

scrubz , you think ai will replace pentesting?

I don’t think so

I know this isn’t a question towards me, but I would like to give some input

what is your current job ?

feel free buddy , just tell why

I think that ai will make some of the parts of pentesting automated, but ai might not be able to replace us because of the fact that ai doesn’t think like a human, so any creative solutions which are completely out of the box might get overlooked by ai

you're a year 7 student?

in the UK?

I believe we will be able to use more of a human language than coding or scripting with AI but in the end final decisions need to be made by humans

Romania?

Just random ones

Earth

Nice country

was just curious, you don't need to say

I'm from Egypt guys

im cyber sec student , i learned from thm more than university

I speak pharaoh stuff

Nope many people under 18 here

I'm old soooo oldddddd

28 years old

my back hurts

Nah, we have ages from 13 to the 50s

Indeed, I can confirm of at least one person underneath the age 18

jay , what do u think abt ai replacing penetration testin jobs?

Why is it ai specific, I would just use the term automated

To replace it? won't happen. As a tool to assist you? Absolutely

There are quite the amount of automated tools already which are used daily. I think the term ai is the preferred term for the feedback he is looking for

imo too much manual work is needed for a pentest (not a vulnerability scan)

What language do they speak over there?

I mean like any other languages

Like in Belgium we speak Dutch, French and German

Nice!

by reading the code

Netcharfou bro !

Nice

I'm from France but Tunisian 😄

Ah, tu parles français?

@rapid merlin Is Cyber security very used in Vietnam ?

netcharfou broo

Oui haha

Nous sommes avec deux

😄

Avec deux? 🤔

You working there ?

Je parles un peu français car je suis Belgique

Nice!

12??

12??

Years old ?

It's why we don't talk about it then

xd

Damn

At that age they don't know about it

Cyber security

But nice that you are a dev

Since 7 years

✨ it ✨

So you started coding at 5 ?

Lucky you

Gave +1 Rep to @worldly cedar (current: #2358 - 1)

We start learning it in France when we start university at least

xd

We don’t have that type of grades over here

Like the year 7 and 8 and stuff

Basic stuff

"Don't click on links" and all ahah

We don’t even get that

C'est la base mdr

J'ai une question

Comment on peut avoir accès aux cours premiums sans payer ? 😅 mdrrr

I am doing the YARA room, it says Create in powershell a new file. Doesnt provide info how to create one, it assumed we know lol

Fuck

Ye but

We don't have the practical part

You have premium ?

Heyoo

o/

Same

Hey!!!

same haha, I'm gonna finish the free ones then I'll probably do it if I want

Its a lot of labs

Bro that suck, the most important lessons are premium..

49 pages 🤣

I really need them

These mf just put the 2 next linux fundamentals premium

hi

they need money 😭 its a free learning platform

For the most part

I think its best to study on your own

Hello!

wasup

Yea bro! They wana make the most of the important lessons premium

I don't see the point

on your own for free

At least make 1 or 2 lessons premium

But not the most important ones

But how would you do practicals

Well until now i see they are basic plus i can cheat

That's the thing about this field you can't practice it anywhere lol

what do you mean?

You're 12 years old?

I feel the ban

Hey is there any practice room about log poisoning?

🥲

where are the mods

Anyway i am going premium

waiting for black friday

I'm not too sure but I remember seeing a room about logs specifically ...sorry that doesn't help much haha

cls

Bro, this server is about learning how to hack. It's not about pornhub or any shit

I dont see a % cut

how much on black fri?

:hammer: q_chef#0 has been banned.

Loool sorry

Brother you're year 7? OK look

Omg

Why

yeah but discord isnt for under 13 right?

Huh? What rule did he break?

True

I dont see black friday prices

But he is asian

Mature enough

Ohhh I see it now

He's year 7, that is usually 12-13 so its 50/50

Their account will likely be disabled by Discord

I get it though he replied and then said so, so that's against TOS

I think it's different from where he is from

could be

When are black friday prices launching?

I'm not sure if THM does black Friday tbh

😦

I'm new to all of it - that's why

They might!

@viral sphinx this room includes it

https://tryhackme.com/module/advanced-server-side-attacks

"We will cover a range of topics, including file inclusion vulnerabilities through PHP wrappers, session files, and log poisoning"

thanks

That's okay, happy hackin

I have it

Also theres a second room machine called Dogcat where you may be able to try Apache Log poisoning
https://tryhackme.com/r/room/dogcat

There are walkthroughs online as well going through that room

Does anyone know where you can find like hacking groups?

Now I can search up what is log poisoning lol

what kind of hacking groups?

Like a couple of people who are enthousiastic to learn cybersecurity, and like go to events and stuff

I think most people here are like that to be honest, I know for certain I am

But you're looking for a smaller group?

Yes

To do events together, and learn stuff from each other

it's pretty easy technique usually occurs when LFI presents and you want to execute codes on web server log file like nginx and apache

OK I see

Local file inclusion

I'm just trying to break it down 🙂

Ahh okay

so this is a remote code execution vulnerability with logs on a web server?

oh wow this is related to XSS

I don't know any sorry :/

not small ones

The next discount will likely be AOC/Black Friday. It'll be soon

Don’t worry about it, it’s worth asking

yep when you request to an endpoint that endpoint is being logged in /log some information about request is begin stored like host header and other header values that you requested if you can try to poison your request with code execution as value of one of the request header and you will see the result with LFI

Oh that's so coooolll

that sounds interesting

the SQL injection of web logs

Terrible analogy but yk what I mean

May I ask about the headers? What headers are these?

not exactly SQLI is only works on SQL rdbms to dump all content of that database tables and etc....

no you're right I only meant it in the way that you change ur input to include commands and trick the server to perform them

In SQL it would be a database though

headers in http request I identify which resource you want from web server and other information from web server like which path you want to access or security mechanism applied like auth header to authenticate so by that header web server knows you are accessing it's resource without begin logged every time

btw if you can't answer all these questions its okay but I appreciate you explaining it 🙂

it's pretty easy if you study a lot every day

that's the plan for me 😇

headers in http request I identify which resource you want from web server - That bit isn't quite accurate

@silver sky how much %?

As much as I realistically can

That's just the first line of the request, the headers are other metadata about the request

Hiii, I'm new on cybersecurity community 😊

Hey aypex! Welcome

Thank you 🙂

that makes sense, what kind of metadata?

I wasn't explaining to experts it's basic definition I know that I am not accurate

have you started onbtry hack me? 🙂

Even if you're providing basic definitions, you should try to to provide incorrect info

Because the headers just... don't do that?

Actually I think a better comparison to log poisoning is stored xss right?

I forgot the types so just looked that up

Not really, client vs server

It's an injection attack but that's more or less as far as the similarities go

Oh right

i've gotten a 1 month voucher from thm. how long before it expires?

1 month after you activate it

i haven't claimed it. doing free rooms right now. so when does it expire?

1 month after you activate it

It doesn't expire until then

I think I misunderstood what w3rew0lf said 😅

The log stores information about the request, so you poison your request to trick the server to allow you to use the poisoned log file with LFI?

gotchu.

Oh wait that doesn't make sense

The log stores data about your request
You put a payload into that data
Then get it to include the log file with the LFI
It will see the PHP payload you put into the log, and run it

how do you put the payload into the data? Is that something you have to exploit with another tactic or is it because of poor input sanitisation?

You put the payload in some data you control about your request that will hopefully get put into the log, such as the User Agent in your request's headers.
It's not really about input sanitisation

The log file is not meant to be a PHP file and it should NOT be treated as such - hence sanitisation isn't relevant
What you're doing with the LFI is making it treat the log file as a PHP file

ohhhhhh that makes sense!

One final question I think I've almost got it

this last part, how does it work?

(Making it treat the log file as a PHP file)

That's what LFI is

The include() function in PHP will treat the file it reads as a PHP file because the whole reason include() exists is to load PHP files as libraries really

sup

How are you dude

im good wbu

Im good, just got back from motorcycle hunting

Hey, send me a dm and I'll get the old account unlinked

Ah you got it, strike that then

I fixed it

Discord mobile was being dumb

When isn’t it

Point

I know

I mean that's a fair point

I know

The one who knows🤭

henlo

https://tenor.com/view/brainrot-cringe-dont-editing-know-gif-650398401862444339

for context this is what's currently popular with the 9 year olds on tiktok

oh no

Ice Bear hates it

Why are 9 year olds on tiktok?

why do 9yo even have mobiles?

Also that

Ice Bear thinks he is talking about mental age rather then physical

More than likely 20

Someone knows when is black Friday on try to hack me?

when I was 9 the only tech I had that was personally mine was a gameboy colour

Don't think they do that

Nice

i had a c64 , yes im old lol

I had ps1

So how to adquire TryToHackMe to cheaper cost?

there is a student discount afaik

might be a thing for AoC

for annual subs

i had athlon x64

those were pretty decent tbh

1 whole core

@floral rock why the DM?

anyone know why this mysql query wont work?

SELECT 1,1 FROM main LIMIT 0,1 UNION ALL SELECT 1,1;

mornin!!

What are you doing?

sqli stuff

trying to inject after the LIMIT clause

testing on local machine before doing it

Ok, I was looking for a more specific answer, it's obviously SQL.

this

yeah where

u trynna inject sum

anyway the query i provided isnt relevant to sqli

Ice Bear has been playing all kinds of rooms but now need to focus on android exploitation any Tips or resources would be appriciated

its just a normal query

should work

idk why it isnt

This is really a topic for our advanced channels.

Ice bear want a staring point

I'm not giving a starting point, outside the advanced channels.

As it's an advanced topic.

Ice bear understands

poor ice bear

whats the difference bw ice bear and polar bear?

The name.

perhaps location?

Same animal.

wasp

indeed

woah, this guy got pfp now before gta6.

Ice bear got the help he needed

Ice Bear likes this community

Im in !! well this is more populated then i thought it was going to be 0_0

Welcome , nice to meet you 😄

well, with 235279 discord users, there is always someone awake xD

May I dm you?

Sure

playin thm or sot .. hmm ..

guess sot won lol

Thank you, it's sent.

Gave +1 Rep to @stark nest (current: #1561 - 2)

a

b

C

50% AT LEAST GUYS

need more time in the day to do thm 😦 putting a ticket in for more time 😛

Nah, 20 plenty.

20 is peasants

what the in chat

Is chat yes

wys

I would say 45% is a good middle for a year 🤓

Me Tryhackme do yes

nah 50%

20 is better than nothing. 🙂

What about 25

I want 50% memo the boss plz

Matter fact you get 10 just for begging

might as well make it 100% not free then for me

🥴

https://tenor.com/view/meonly-gif-19710542

Hi

wonder why my BT earplugs are not charged after 3h... idnt plug in in usb to charge =/

I have done that too many times v_v

@glass nest on what temp you print ABS?

-10% last offer

Oooof

yea...

hi

hi hi

Hi

nothing like spending the morning getting hashcat to work again

nvidia ?

yep

nvidia laptop

i just install openCL and worked in hashcat. on arch

no need for cuda or so

it works now just never had to set it up with the beta drivers

i set nvidia as main gpu and openCL. thanks to @polar spoke 🙂

Gave +1 Rep to @polar spoke (current: #156 - 49)

dude i had to add a custom repo for both nvidida drivers and cuda

well... go to arch then. you can just select in install proces

what system info app is that? 😮

is arch with hyprland. kitty terminal

tried arch many years ago.. was fine just i keep coming back to debian

i was on ubuntu also. tryed arch and now on it
https://discordapp.com/channels/521382216299839518/680459914828972076/1307107278260011039

Let me know if you need help

I went win10 to popos back to win10 now on cachyos

got it to work 🙂 thank you

Gave +1 Rep to @polar spoke (current: #149 - 50)

btw @polar spoke do i need to know smth or fix accord to info

the failed line

Blackarch?

arch normal

Nice

I got Kali and arch on dualboot

if you know of what you do is ok. due to kali not being so "smart" for dualboot

Which line?

Cool

I mean, it works pretty well

Haven’t had any problems so far

failed to initialize...

Which application manager do you use? (Rofi or ??)

if it work it work...

rofi yes

Nothing to worry about, it’s related to the CUDA toolkit and the runtime compiler

kali always used to break for me every once ina while.. it would just die after certain updates 😛 no more bare metal kali for me

If you’re using opencl, no worries

yea... then ok

Do you know if there is a way to put stuff in folders like in Kali?

stuff in folders ? idk what you mean

Sorted based on like post-exploitation, general use, …

oh... that... idk. i have only options like last used, or most used and so

no idea how to make folder alike launcher

Aight, thanks tho

only knowledge shadow has about the dygma:s is that they have some videos on differing topics about ergonomics in keyboards.... dunno if their keyboards are actually good or not

np. i used ml4w as start script for hyprland. might there is way to sort it... just idk of it

Yeah, it happens to me too

does anyone know python?

ml4w starter script for hyprland has a bug that makes it fail silently if you have some conflicting package installed.....

But i have timeshift automatically making a snapshot, so anytime something happens I go to the other os, install timeshift on that os and recover the Kali from there

Usually takes like 10-15 minutes for everything to be recovered

hmm... didn't have issue. since arch come as bare. ml4w just once failed on sddm install since i select it as greating selection

I do

well shadow installed it on their currently working system

and had alacritty-sixel-git installed which made it fail at the point it tried to install alacritty

what ide do you use for python

hi

due to package conflict

Vscode

but no error message and nothing after that point happened

How are ya dude

is that the best?

I also use something else, but I forgot the name

ive seen psycharm

NOOOOOOOODLES

it did for me...

I prefer vscode because of the fact that I can use it for other languages too

"best" is personal preference really

what languages can it do?

It is one of the best for general use, if you need to get access to C++ as well as python and rust etc

yea true thats why im asking around

Try out a few

All of them, it’s mostly community driven so any languages get an addon which can be installed

Personal is personal to you

oh thats cool cos in the future i wanna learn c

I think he needs inspiration

thanks a lot guys for your help

bingo

It’s no problem, don’t rush anything though

Try them out with different sizes of projects too

Get the hang of 1 language first

Sup sup

sublime text and neovim is the best for shadow

Don’t try to learn every language at the same time, it will make your life so hard

The "real" IDE features of PyCharm might be more useful for large projects than small scripts

Sup

So tired

That ain’t nice

go phish

You watched the fight?

I don't watched that

yea i was thinking since now im a beginner i will try out a popular one, and eventuall when i learn more i will test a few out since then i would have an understanding

yea makes sense, itll probs confuse me more

hi i have a problem, i am a premium user so i can use the attackbox as long as i want but i hate the attackbox, and sometimes when i join a room e.g linux fundamentals (idk which one but the one where you need to ssh into it if you have no attackbox) tryhackme "forces" me to use the attackbox when i click on start machine it starts the attackbox AND the target machine; is there any way to disable it?

Split screen mode is related to the attackbox but isn't the same thing

If it's split screen mode into a machine that isn't the Ubuntu machine loaded with hacking tools, it's not the attackbox

ahhhh ok. ill think ill try vsc and yea once i start doing more complex projects test out psycharm

thanks a lot for your help guys, i appreciate it

it just opens the attackbox for no reason on the splitscreen mode

Are you sure it's the attackbox?

Or is it split screen mode access to a different machine?

dear lord,,, today for 2nd time i do dumb thing...

wait i#m gonna send a screen recording

You'll need to verify in order to send media

@inner trench

Hi

Helloooooo

Hiii]

Hi

U like terraria?

Saw the recaps

Ah

Nice

hii

Yoooo

I have a question

Yeah, I think so

Morning everyone! Our friend, @gray sonnet , has went through a bunch of emergency medical surgeries. He's in need of funds for his college. Any amount at all that you could give, would mean the world to us!
Disclaimer: I have been granted permission to post.

Deadline for raising the funds is the end of January!!!!

https://www.gofundme.com/f/support-anirudh-dillis-education-after-medical-crisis

I'm in the top 100%

I am serious man

My brother loves

He have 1000 hours of game in one year

But can I try play that

Wait I am in the wrong channel

Me too.

my rank is 160740. Why can't I see the percentage?

You need hit a certain threshold.

what a threshold?

Pro tip of the day, if you’re in the U.S., your tryhackme boxes will run poorly on the EU servers 😂

my level is [0x8][HACKER]

My level is 0x1

But have a reason

Because my kali Linux vm stopped to work and I dont have time to fix that

@boreal scarab did you print abs so far ?

no worries, there is no level shamin here 😉

Thanls Kangafoo]

I have not

Everyone are here to learn

dumbo... lol

Bro I am trying to fix my question

my level is [0x8][HACKER]. But I can't see the world rank percentage

I am by 100000

Lol

hi

2JUYVNU3M3TYPHACRL

discount code for the sinking city

Discount code or referral code?

discount code

I just said

Can you show me where you got it from then? 🙂

GOG

why ask

also what's a referral code I forgor

Because the discount code doesn't exist on the internet from what I can see 😄

yeah

because it's GOG

Watchu mean discount code for sinking city

What Is a Referral Code? A referral code is a unique combination of letters and numbers that acts as a special ID. Companies use these referral codes to track the origin of a referral to connect the referrals to the customer who sent them in the first place.

game

Which one

One where if someone inputs the code, you get something as well as them

the sinking city

it says discount code

and ref links require to be highlighted as ref links

or codes

just says

discount code

Aight

For where is the code

GOG

Steam or what?

it's for GOG

wtf is gog

Good old games

how do y'all not know what GOG is

it's owned by cd projekt

Shady type website to get old games for cheap

it's not shady lol

it's popular

and it's really good

for a new sycber student whats the best route I should take for learning on hackme

(I don't use it) but I like it

actually nice site for some classic games

GOG Games right

Bro I’m finna be honest, it looks shady for me

i think they featured virtuaverse

You can do with the website what you want, buy games and stuff. But I ain’t gonna do that tho

Hmmm

Follow the learning path

And do the career quiz, get to know the different fields in cybersecurity

GoG?

i jsut did and now im more confused

Yeah, but I’m kinda paranoid because of some stuff that happened

That’s completely up to you

ok thank you for help

We can’t choose that for you

Have you taken the quiz?

https://www.gog.com/en/

the careersn one yes

It isn’t always right but it will give you a general direction

GoG is fine, not a great choice of games, but eh.

GOG is owned by CDPR. They sell their games without DRM. A lot of the time if you buy a game on Steam or console, they'll give you a copy on GOG too

@naive violet you need solder?

Aah, alright. Thanks for the extra info. I’ll take it into account

Gave +1 Rep to @proven quartz (current: #20 - 435)

As in, the people who make Witcher and Cyberpunk etc...

Yeah, I know

Thanks tho

I wonder if japanese or egyptian hieroglyphics are harder to learn

why do you want to learn em

just a thought

Harder to learn than?

Well hieroglyphics are going to be a big benefit if you're studying Ancient Egypt. Japanese has 3 writing forms, Hiragana, Katakana and Kanji. They also use latin script called Romaji (english characters for phonetic spelling)

can i try something onyou

I only know the basics at the moment

Got some lovely stuff from the 80s thankfully

So, I got radio shack solder, and you got solder from the 80's?

Jesus lol

Radio shack are fine

Rosin core leaded stuff is really nice to work with, but very bad for you

RIP Radio Shack

Yaaah. Every time I need to solder with it. I got a fan blowing the fumes away from me

yoo i did a workaround and vpn should be working now

but it doesnot connect to thm

i go to 10.10.10.10 it says connection succesfull and also shows my ip but doesnt open the ip of machines

how to fix that?

#site-support please

sure

I'd like to ask, is learning Ruby to learn how to create custom metasploit modules worth the time?
I'd like to hear the opinion of those who worked/are working as pentesters/red teamers.

Yep

Thank you :)

Gave +1 Rep to @hushed vector (current: #1561 - 2)

@craggy egret you can also use https://www.revshells.com/ to create different payloads

god bless 0day for that site 🙂

0day made revshells?

y

Yep

@boreal scarab i got one ❤️

how are you still comfortable with the led strip hanging from the ceiling

would be nice to have a shell feature in the discord bot

the room light is behind me and is quite bad. i add led for extra light to be on top of me

It just hanging like that would definitely annoy me every time, if it works it works ig

it is not in front of me like direct. it is glued on ceiling

hi is proton vpn (paid version) good?

yes. at last for me, im ok with it so far

Yep

is it the best?

What dat?

thinking of getting it

pantent plate. it leave marks on prints like that

Yes! There are also other vpn available in the market such nord vpn

It's totally upto you which one you like more

do you use a vpn?

I use openvpn

Anyone here using blackarch?

looks like this on first layer

hii

hi hi

Hello.

Can't believe i only just now thought to join the Discord

Yellow

Love the videos!

https://tenor.com/view/welcome-michael-scott-dunder-mifflin-the-office-welcome-aboard-gif-27005393

WAIT BACKUP

LPU Member?!

thanks! I appreciate you!

Gave +1 Rep to @hallow hazel (current: #1172 - 3)

Welcome! Think I recognise you from the HackRF community?

I just joined the advent of cyber room, and saw there was a discord, psyched to be here

yah, I do youtube videos on HackRF, Flipper Zero and other stuff I find interesting

Sasquatch gets around.

that I do

Ah awesome. AoC is a great experience

I've got a few friends who are doing rooms, so I'm excited to give it a go

I'm certainly no hacker, but I'm going to learn whatever I can

I thought I recognized the face. I remember watching https://www.youtube.com/watch?v=R09a76Zyntg

Or.... don't embed

yah! that board is a riot, for a meme board its actually really good

The board went: "What you want?"
YES

that's the spirit

Welcome (:

That's real winner's mentality bro 🙂 . Good luck on your journey 🥳

@shut hawk What's your go to brand for switches?

thank you! i appreciate you!

Gave +1 Rep to @cloud quiver (current: #24 - 370)

i have not needed to buy any networking equipment

so I couldn't recommend any

If I ask Homelab... "Just get Mikrotik, Mikrotik this, Mikrotik that"

looking for new thing to bsod

https://tenor.com/view/peter-griffin-perhaps-family-guy-thinking-gif-13587558

Desk switch is 5 ports, need to bump to atleast 8.

I rest my case

why do you not want mikrotik?

I don't need something managed, or an interface. Just basic connectivity.

Nintendo.

https://tenor.com/view/fire-fly-uh-um-well-i-dont-know-what-to-say-gif-4132049

I.... I can't argue with that

I mean, just gigabit?

Yah, all my network is good for. My 10g on my server is already direct to desktops.

Gib!

That's -1

If signed

Hey Guys

Hey , welcome 😄

So. Knackered.

Was my nieces 4th birthday, so I had to collect and set up 4 bounce-houses an have just taken them down and packed them away again.

did you jump on them ?

damn i didnt know you were actually an uncle

One needs to test ones products

fair

Yeah, got 6 niblings and a god-daughter

I'm the uncle that can fix anything (according to them)

hahaha

I mean... They're not wrong :p

i have no doubt about it

It's one of those situations though... the cost of being known as the guy who can fix anything, is that I need to be able to fix anything

Can you fix my printer?

Either way, gonna treat myself to some sushi, then unwind in the workshop.

That's why I set up my own help desk ticketing software... "Happy to help, have you submitted a support ticket?"

especially if one of your family members starts saying 'oh my blank is good with blank, they can help you out' to someone else

Jayy - probably 😄 For older printers its usually the rubber on the roller has perished

@glass nest i got some bank cards blanks... engraved it 🙂

Laser printers, usually just clean the print head

Well, The heat-head bit.

thats cool!

did you have to blank the SIM section?

yea. put a piece of tape

Ooh, thats what I was gonna ask - a buddy at work wants me to cut out a Stranger Things logo and make a light box - figured I'd use black perspex/plastic - Have you ever cut that?

think not. let me check that logo

that can be cut easy

depend of how thick material is

thats what my question was gonna be 😄

i can cut around 6mm wood in 3-4 pass. depend of power

I read somewhere that plastic needs fast speed, many passes to prevent burning

yep. same as wood for me. first pass faster to get it fast so not to burn

The air assist REALLY cuts down on the burning

Gah. how come the 'continue watching' category on Netflix is like.. the 7th down?

To make you watch new content.

New things scare and confuse me

Although, it's top for me.

Sometimes its on the top. Other times I gotta scroll

And I don't wanna watch new content if I'm already halfway through a series.

I recommend to NOT watch the Tyson fight. it was weak.

Yeah, Never been interested in that sort of stuff

Netflix will be currently filled with Xmas rom-coms.

It's the best season of the year. love me a rom-com

Ah. 2 ageing celebrities standing back to back, surrounded by green and red stuff with snow?

is there an area for kali linux related questions?

Here.

nerdy joke but oh so fun

lulz

Stealing that to mock my wife 🙂

I use Kali Linux on an M3 Mac using UTM as a VM. I just installed all the updates; I'm just unsure if I'm connected to wifi. do I need to buy a USB wifi adapter?

☠️

assuming normal vm settings for network it is passed through to your kali machine from your mac

oh ok great thanks so much

Gave +1 Rep to @sand trench (current: #3 - 1948)

The main reason you'd need a WiFi adaptor is if you're doing WiFi stuff and your built in adapter doesn't do promiscuous mode

wifi hacking stuffs is rarely needed

but true

if you wanna mess with that having a usb wifi adapter can help

ok great the youtube video I was watching to set it up said I would need one so I justw wanted to make sure

¯_(ツ)_/¯

lmfao

check the virtual machine managers network settings

ok

thanks!

no problem

and good luck and have fun

I will. is there a good resource on next steps after upgrades have been installed?

I'd just start doing ctfs, and install other stuff as you need it.

Depending on hypervisor you might need a guest addition to allow for all features, like copy/paste from VM to host

ok I'll look into CTFs

thanks for your help @ruby sand.

Gave +1 Rep to @ruby sand (current: #815 - 5)

If you're new, tryhackme complete beginner is a great intro! It'll teach you step by step. 🙂

Also the old AoC rooms

(Advent of Cyber)

Thanks

Gave +1 Rep to @sand trench (current: #3 - 1949)

yeah all of the old advent of cyber rooms are very nice as they are entirely free last shadow heard and checked

are the new ones nice

I believe we'll find out on December 1

guys do i still need to learn john the ripper?

i mean isnt it getting replaced by hashcat?

John is good when you don't have access to hashcat.

Hashcat is more robust , but I would recommend to be familiar with john also 😄

zyber - learn it all

hashcat is designed for GPu where john is CPU

what do you mean with "not having access to hashcat?"

some tools might better at certain functions, even if they do more-or-less the same thing

Hashcat won't perform as good in a Virtual Machine.

ohhhhh

yeah

GPU acceleration capabilities with jumbo version

bc john the ripper is by deufalt optimized to work on cpu right?

oh there's a section for kali on thm?

yea for sure but hashcat will be better for GPU acceleration

Check this 🙂

https://tryhackme.com/r/room/kali

i dont think so but kali isnt any different i mean just be familiar with linux and you can learn how to use the tools on thm

aye, Just that Kali is one of the more popular choices in this crazy hobby 🙂

esqy

There's a linux fundamentals section i believe... but linux is linux, with some minor differences

yeah there is

Linux foundations 2 and 3 are sub rooms.

Bo6 time.

in the beginner path there are linux and windows fundamentals

but also in the cybersecurity 101

Binging Ouzo 6?

Hello can anyone help me Enumerating S3 Buckets ? no permission to enumerate ALL buckets but has permission to enumerate buckets that u know the precise name of

use the md5 hash

Sorry can u please elaborate ?

Thank you all for your help in the weeds right now haha this helped a lot. I'm trying to get into red teaming, specializing specifically in social engineering/physical penetration testing what tools should I be looking into?

you wouldn't want to brute force anyway, Masoud. You are more classy than that 😄

maybe a salt?

idk

tho

Hi, I want to go into cyber security in the future right now I am in college so could you recommend me doing anything that would help me understand how to go into cybersecurity. Like what software I have to be good with etc.
Thanks

You can start here

https://tryhackme.com/r/path/outline/cybersecurity101

😄

you need to inject an md5 hash collision. only thenwill the bruteforce work on s3 buckets

thats why ur seeing large random strings

Aight thanks

Gave +1 Rep to @cloud quiver (current: #24 - 374)

hi today I got my alfa usb adapter

can someone help figure out it ? it doesnt work in Virtual box kali

Whay kind of device do you guys recommend for cybersecurity? Which runs all the software?

a laptop

nokia lumia

or computer. your choice

learn the basics first like linux, computers networking, how websites work yk and then dive deeper to cybersecurity but cybersecurity isnt a job its a field so experiment with red teaming or blue teaming, purple teaming etc

What kind of laptop though because some like chrombooks don't run the needed software.

What are you doing?

Thanks

For real though, U6033 - you can't really go too wrong. Linux is pretty lightweight, and you're unlikly to need a powerhouse yet

should i do soc level one or two ever

By the time you do, you'll probably know enough about computers to be able to know what you need

Genie: Yes.

Okay thank you uncle Esqy

before or after pen tester and engineer path?

Shrug. Whenever you want. Start the path, if there are concepts in it that you don't know - Jump into one of the other ones

I know it vague, but people all learn differently and there are no hard and fast rules when it comes to learning. nothing stopping you from having a crack at an insane room right now

if you dont have enough money you can get an old laptop and run a light version of linux on it but you dont need the best laptop to learn just look to have enough ram because you will need to run multiple things at the same time so around 16-32gb should be enough and look for a decent cpu and gpu should be enough for you to learn and expirement and if you want to use windows run linux on a vm because most of the tools are optimised to run better on linux or are just for linux i think

ok thank you so much

Gave +1 Rep to @glass nest (current: #18 - 446)

Aye, Zyber has it right. Especially when starting out, it's likely you'll be on a budget

Ohh okay thank you at the moment I have a samsung Chromebook and I seen that Linux is able to run on there

Gave +1 Rep to @tidal frigate (current: #2360 - 1)

you can also use a vm

no need to buy a new laptop

What's a vm if you don't mind me asking

A Virtual Machine. Its a program you can run on your computer in which you can install another operating system

way easier than dual booting 😄

its a virtual machine(virtualization) basically it takes recourses from your host machine like your laptop pc and you give some to the vm box and you can run linux, windows whatever you want

just look tutorials on youtube

you can also run linux on windows with WSL which is alot easier then dual booting aswell

Yes

I use vm

To run Ubuntu and lubuntu

Ohh okay I understand thank you very much all of u

And have multiple different operating systems to help learning, like this

I Burned out

That arch (btw) has never worked right 😄

just search on youtube youll see

LOL

should i get debian and arch aswell uncle

Alr thanks

im thinking to installl arch too

Arch is 'hard mode' when it comes to linux.

but its too complex

Ahh okay

skill issue 😛

If you've not used linux before, it might be worth installing Kali or ubuntu to get used to it

but be carefull how much you give to the guest machine

i found it quite easy to set and so. archinstall is of great help

utilitron - skill and motivation 😄

dont give too much

Alright okay

lol i'd say more motivation than skill... after all, i use arch (btw)

ralex - true, many people DO find it easier, but probably not someone who's not used linux before

taht for sure yea

arch users be like

It's an Arch user thing that I've seen across the board. as soon as someone says that it's more complex or hard in any way, it's like 'Oh it was easy for me..'

HAHAHAH

bro

lol someone mentioned yesterday that vim is the text editor version of arch and a light went on above my head

my friend downloaded it in a vm and it broke immediately

For me though, If I want to learn hacking, why make it more difficult with an OS that I really don't care to learn the ins and outs of

Hello

guys - hot find any phone number location arround the world

phone book.

totally agreed... no reason to start with anything except a kali or ubuntu or popos vm... then when you get addicted to linux you can move to to arch or whatever

no i am using some code -

let me share

No thank you 🙂

@sick lance Might like it though. He loves that sort of stuff.