#general

Thank you. I just noticed it was a Google Doc and immediately started looking for validation.

Gave +1 Rep to @sick lance (current: #2 - 3447)

I see, alright I will try again

Hello

Hi, I'm a beginner and wanted to know if there was a way to hack into a site on the dark web to take it down or doss it.

@naive violet

can i write to him?

That would be illegal and against our community rules

oh sorry, didn't know, it's because i wanted to take down pedopornografic content of some people that i know

hey guys, i dont know if you can help me with thuis or not but i figured it was worth a try

G'morning THM

But if ur not even a hacker u wont get anywhere in ur cause

isd anyone able to teach me or help me hack into ajn inactive instagram account thats been inactive for years, so i can get the username. the person who owns it hasnt used it in years, and i just want the username for it. i cant evenm offer to pay him for it or ask for it because its inactive

You need to report it to the authorities, you can submit an anonymous FBI tip.

^

:hammer: fwm2007#0 has been banned.

There are teams within the authorities for dealing with such sites and in most countries vigilanteism is illegal

ok i'll try

@brittle lynx has been warned.

Within the UK for something like that there's also the ROCUs and NCA that have teams dedicated for dealing with things at those sorts of scales I believe

ok, thank you

Hope it’s okay to say. My old lecturer for digital forensics (ex police officer) always taught us no matter your good intentions in those situations you are more likely to hinder law enforcement investigations by attempting to “help” it’s always best to leave it to the professionals

Yeah, if you break standard operating procedure for them you can lead to cases being thrown out of court

I have a lecturer who did digital forensics and have personally done work (software-development related) in the past for the police and can promise you that it's far better to leave it to them as those SOPs exist for a reason as much as they're a pain in the arse

$20 bucks is $20

what

$20 bucks is $20

can someone check is this room down? https://tryhackme.com/room/adenumeration

If u know those people irl y dont u confront them

@mossy river

Whats up with the pings

I didnt say anything wrong

It's also worth remembering that regardless of intentions not only do you potentially give a guilty convict a not-guilty verdict through your intervention, you risk going to jail yourself, or even rattling a criminal organization's cage

The HowToHack subreddit has tons of people trying to be good old samaritans

Conversation doesn’t need to continue, however I wouldn’t recommend confronting cyber criminals as it can disrupt ongoing investigations and put your safety at risk

How does one go back to work after 4 days of just relaxation and partying? It's a beautiful privilege to be able to ask that but damn I gotta get used to the routine

With excitement to catch up with colleagues

that's what I do

I switched from full time to part time for my final year and turn up to the office randomly every so often, I call it "a pleasant surprise" for both myself and others

I've got some beautiful people I work with so it's a nice thought 🙂

bit of a trek in but I love catching up and chatting to the people I work with

sudden product placement

Ahh sandisk USBs

I keep buying the cheapest drives I can find, should I also have a sandisk with good speeds in my possession? Do you guys use any?

well currently looking into getting 2 usb 3.something and up usb sticks

one for phonebackup stick and the other as a ventoy usb for recovery and reinstall purposes

I use a Kingston Datatraveler 3.0 for ventoy, it does its thing

Despite the drives costing 5 euros each, 3 euros for my employee discount (the cost of a coffee)

yeah that is a fair price

shadow miss their gymnasium years when they could get a good usb stick for about 2-4 usd/euro

8GB to 16GB usb 3.0 kingston datatravlers

was hard to beat

Helped a guy fix an issue with his computer, really, a Samsung 990 Pro. $20 for like 5 min

https://www.twitch.tv/skittishandbus

chill music times

@mossy river mind if I DM?

Go for it

Had to send a FR

whats up

The sky

ceiling, actually

and then about 7 more floors of apartment

And above that is the sky

and then roof

naaah wide boi is outside

and then sky

technically the atmosphere is mostly below us

so most of the sky is actually downwards

@gray sonnet 👋 how are you??

Can we make sure GIFs are appropriate, please? This includes the people featured in them.

Took u long enough

@shell peak has been warned.

:hammer: cycrusader#0 has been banned.

So anyone having any food

I’m having a late dinner of steak and chips!

I was just wondering what I should make for lunch

I need more protein

Whatcha thinking?

I have some meat in the fridge I need to use up, so might make some salad wraps with meat in them.

I'm off out in an hour to get cookie dough and a milkshake

Why do you hurt me

Cookie dough and milkshakes I miss those foods

can you not have them anymore?

Rarely

ahh I see, I'll make sure to enjoy it on your behalf I promise

Not really smart way to get my daily calories however much I’d like that

I'm just treating myself after what felt like a very long weekend

We all need that sometimes

I'm thinking I might also have myself a 3am bath tbh

Milkshakes are my secret cheat food

Love them

was debating just soaking in a bath till I become a raisin

I love a ferrero rocher milkshake

Biscoff, salted caramel or kinder bueno

hell yeah

kinder buenos go so hard

you ever put a bueno in the fridge for a bit before eating it?

Yes sir

that is the most elite way to eat a bueno

like they're good as they are but once the filling's thick like nutella it's even better

it was bueno? 😉 😂

muy bueno (very good, for moderation purposes), I don't know spanish so I can't vouch for how accurate any of that was haha

yeah I reckon tonight is a ferrero rocher milkshake night

I do, that was grammatically accurate 🙂

mint 😎

I can do basic french and because of that always struggled with spanish

if I do both, I'll confuse words from the two due to similarities

both romance language 🙂 I speak very high level of Spanish, basic French and intermediate Italian 🙂

I've dabbled in italian, did GCSE Latin and French but focused mostly on french

Hello guys and tryhackme geeks, what can you tell me about SAL1 certification? Is it worth of price and effort?

I spent a few months on italian after meeting a girl who was italian haha, shame she had to move back home, there was definitely some light flirting in italian from me 🤣

french I continued learning cause I'd already done some of it and was decent, latin I did because it was an extra qualification and the qualification also covered roman civilisation so was interesting

I lived in Italy for 2 years 🙂 also went to an Italian school when I was a child, but since I don't use Italian that much I consider myself intermediate

italian girls are something special 🙂

Yeah absolutely, she was lovely, real shame she moved back home after uni

nearly had me re-downloading leage of legends for her and all

but it was for the greater good, meant I got to keep my beard
if we got together it'd have to go and I look like a foetus without

Guys

Did u do all the AD rooms?

nah but did all the network rooms for it

AD sorry im still drinking my coffee

?

active directory

the windows server and device management system for large companies and enterprises

Do u know this tool called Seatbelt.exe ?

heard of it never used it

I am about to try it

Now I will become a real exploit developer

Going from a 27" monitor to a 15" laptop screen feels weird

Be me:

Starts Skyrim
Hits continue
Gets a random achievment for having all 11 vampire perks when I'm not a vampire
Character dies
Games crashes

https://tenor.com/view/jason-momoa-chair-reverse-backwards-leaving-gif-24174624

HELLO

welcome to bethesda

yo guys i just ran capa

how long would it take to analyze the file

and shadow is off for the night... have a good one everyone
meep moop beep boop

dont post room answers lad!

better xd

xd

I was thinking about leaving TryHackMe until I go to college because my brain could only remember so many things since I no longer take VyVanse (a stimulant medication) which originally helped me with focusing and memory, but then I got an idea. I could use TryHackme as a way to not only learn cybersecurity, but also slowly retrain my brain to memorize things naturally. Let's see how this works out.

@mossy river as its discusses a medication ima let u decide if thats appropriate.

Ah we're not allowed to talk about that?

It’s alright, thank you for the ping

Gave +1 Rep to @upper knoll (current: #255 - 28)

sorry lad ❤️

Ah okay lol

They’re just staying on the safe side dw 😄

abudence of caution

Alrighty

honestly i love thm rn im using it to train up for the new cert they released but use it as it suits you as an individual

Soc path has been super interesting so far

thank you i have finished my coffee XD

Gave +1 Rep to @sand trench (current: #4 - 2108)

I didn't used THM for a long time, a lot of things have changed now they have own certification that's really great

and we can reset progress also great thing

I have mixed feelings about this room

On the one hand, I appreciate the red teaming attacks

But on the other hand, I feel like I spent a lot of time studying how to attack an outdated stuff like mcafee and using outdated script like Seatbelt

so in some cases it maybe outdated however you never know when you will find a system that runs out of date software

and the theory of it still runs true when using new tools

I see

I just hope that all the AD rooms are connected

Then I will really have fun

sometimes its about learning good procedure for something rather than the exact mechanics,

for example my exact windows exploiting isnt the best however i know where to look what to look for and how to use what i find

@upper knoll u have on a windows VM when u are hacking?

Or only kali

i use the attack box

however i do also have a kali VM for my personal use

Why cant I download the vpn file? It says "Not Found"

this goes on forever

Does anyone have the same problem

Is there a support chat I can use

It says "Not Found"

i just tried downloading it but it worked so im not sure

the adenumeration network ?

Bro I feel like I just stepped into the biggest world of attack targets

Is anyone else experiencing that the machines created in exercises aren't showing up? I saw a reference somewhere to the "split screen" button at the top, but either that's not there, or I'm blind, because nothing seems to be happening.

For what it's worth, this is not the "Start AttackBox" button at the top, but I used the "Start machine" within the task.

I think I have 100 rooms I need to do

https://tryhackme.com/access

are you accessing it from there

Yeah I am

I press download and it says "not found" as a pop up

https://help.tryhackme.com/en/articles/6496038-connecting-to-openvpn-on-linux-and-mac

this says to refresh the page regenerate it wait a few minutes and try again and if that doesnt' woprk contact support

sounds like it happens from time to time if its in their help center though

Thanks. But that's for OpenVPN. I'm just trying to use the AttackBox option. For what it's worth, I did try refreshing the page, and terminating the machine

Gave +1 Rep to @half relic (current: #725 - 7)

oh sorry i thought you were downloading the openvpn configuration for

oh wait lol

i mixed you up with someone else someone else was asking about that lol

lol sorry

No worries. It might just be something on my end. I filed a ticket. I'll try again tomorrow (it's 2 AM, so perhaps I'm just too tired to do this)

i have had an issue where the windows vms wouldn't display

in any browser or device on myh account

it eventually just started working

the site support or room help rooms are probably better for this type of question though

Yeah, that seems to be what I'm experiencing. It's been off a bit today. I also ran into an issue earlier where I was supposed to (and did) write some Python script, but the solution never showed. I ended up googling for it, after even using the script generated by the hint didn't yield a result

I didn't even know that existed. I'm fairly new to Discord, lol

did it open a split screen that was blank

It doesn't open anything, haha. I'm just staring at the exercise page, while the banner at the top does indicate the machine is up and running

Thanks anyway for the assist 🙂 I'll try and figure it out tomorrow, and will catch some Zzzzs

Hey gang

Windows was fucky at work today

what did it do

Ow, hot plates are hot

Its still not found

Meanwhile I'm installing parrot at 2am

I waited a few minutes

ParrotOS WSL!

hmm that link has a way to contact support

Yours truly bug tested it 😄

¯_(ツ)_/¯

Actually very cool

https://gitlab.com/parrotsec/project/wsl

windows is at my work every day

today mariadb wouldn't start after windows was rebooted and it turned out it was because the quites around the path to the executable were not there. i have no idea how that could happen

Anybody know of any beginner games on try hack me?

it was working before the reboot

What is the most exciting thing about hacking for u?

Answer and I will tell u

how can the quotes disappear

pickle rick is a good room

I know I’m in try hack me discord but I’m not learning a lot from reading the modules and stuff.

I actually haven’t hacked anything or tried to. People here said to take courses first

you should get the fundamentals

ill remember that i need some good ones to try as first ctf type rooms

in my opinion the red team pathway is the best.

U learn how to hack things and stay undetected.

https://tryhackme.com/paths

you can check out youtube

I feel like to get the fundamentals I need to actually have hands on experience. Like simulated repetitive stuff

i think it was my first ctf

pickel rick focouses on web pentesting

Logged everyone out of outlook for mobile devices.

just do easy boxes

I wanna do a lot of red team stuff

I was thinking this

dont think just do 😭

Thats why my opinion is to forget everything else and go for the red teaming pathway and work hard whilst having fun

hey calm down first complete the basics and then go for red teaming

https://tenor.com/view/do-or-do-not-gif-19616599

if he has only started he could have difficulty understanding

It’s a lot of modules and reading. I’m used to “cat this folder and find dog pictures” and it’s repetitive tasks like finding things.

bro you need more than that in pentesting

I guess it’s just a lot to read. I’m more hands on

you can refer youtube for better eplanations

there is also #room-hints #room-ideas here

Like idk what a lot of the commands are

I still look them up

google the usage of commands

Do you do that?

yes

Like ik what sudo and echo is lol

i do it when i am new to some commands

you can know a lot in the paths

i google commands all the time

i usually look for examples

and modify them

dont' run examples without knowing what thye do though

hey does any one use hydra for brute forcing

I feel like if I learn the tools then I’ll understand the commands. Ik it sounds so backwards

only in the room i just did lol

you're well set then 😂 😛

that doesn't really make sesne

commands are how yoiu invoke tools

im not sure what you mean

I don’t either I guess it’s complex

you first need to see some youtube videos on the topic first

read, hit the man pages, and practice, it works for years and still working 🙂

hey does any one use hydra for brute forcing

im curious about what you are trying to do but i probably have no idea how to do it if you don't

sorry

i am in search of a new brute forcing tool other than hydra

ah that makes sense

yha thats why i asked it here

medusa maybe?

you can bruteforce websites with ffuf

is that possible ??

"You should have a clear understanding of Okta's authentication protocols, such as SAML and OAuth."

Guys any recommendations for a room on this?

yea why not

its just http requests

i thought it was for enumeration

I'd recomend put Okta, authentication protocols, SAML and OAuth in the search funtion and see what come out

and how does it enumerate

by sending requests

ohh sorry that was wfuzz

yeah there is an oauth room, i will do that. but okta and saml yield no results

good start 🙂

What’s after the blue color?

search funtion is your friend 🙂

Good afternoon peeps, are there any thm rooms on steganography? Using the search option doesn't seem to show any good ones

??

On the username here it changes when you progress on thm

you can do something like thisffuf -u http://IP/login.php -X POST -d "Username=FUZZ&Password=FUZ2Z&Submit=Login" -w allowed.userlist:FUZZ -w allowed.userlist.passwd:FUZ2Z -H "Content-Type: application/x-www-form-urlencoded" -mc 200,302

multiple wordlists for multiple parameters

you will usually get 200 status codes

so you filter them by response length

what is the FUZ2Z after the password wordlist

steganography is lame

I know it's lame, but I'm curious about it regardless

you just specify what password will be used for which parameter

FUZ2Z is passwords FUZZ is usernames

i just feel like it's a toy. maybe caeser used to hide data into images, but nowadays who does that

i don't like those challenges where you have to do steganography, seems like escape room type of a game.

ohh ok

👋

so if i know the usename i specify it in FUZZ and rename FUZ2Z as FUZZ for password?

you can name parameters however you like

but if you know username you can only use one parameter

can i use multiple parameters

is task 4 first question on network essentials broken?

question is asking how many bytes in the ping echo request but its asking for like a whole sentence lmao

yes

just read this command and do good ol ffuf --help

I’m taking a cyber career match test to see what I am

i cant be this dumb right guys

you can ask on #room-help

what room is this

lemme check answer

cant open it

this may be a bug

network essentials

may be

sorry didnt see that channel

np

is there any pass for it ?

yup its a bug

or its not

but this is not an answer really

try out adding a line of out put

put it in site-bugs

o wow strange

thank u, my ocd wouldve killed me not having that complete

before saying bug, does he have permissions to open the directory? Does he root? it's just too easy say a bug 🙂

i remember it being a number

yeah me too

was talking about the room

yeah i was just staring at the picture and was like what lmao

I thought he was talking about the pic 😂

lol

all good

mybe he can open root with terminal

it's a common answer, when people don't know the cause of the problems usually say it's a bug instead of doing a proper investigation to confirm or deny that is a bug 😂

😂

can he access it by terminal ?

Hello guys

hey

first of all is a matter of permissions, if you don't have it, you won't see it anywhere 😂

what if this file manager has problem

its not

then may be root has a pass

that he doesnt know

you cant access /root without password

you can't enter root home as a regular user 🙂

yha understood 🫡

open terminal here --> sudo su --> cd root

sudo su you become root that's why you can enter that directory 🙂

yep

Did u guys ever inject a process

No... can theorize, but no

Defended against tampered processes yes

Yes

Need revision over my exploit dev bits but process injection and hijacking using Windows handles and WinAPI is funky

Do you guys ever read these old articles where things like sql injection and buffer overflow vulnerabilities were first discovered

https://phrack.org/issues/54/8
https://phrack.org/issues/49/14

Its amazing how wide open everything was

history

guys in pickle rick ctf i think my browser is blocking me from listening on port 4444 or block the reverse shell

i should i do

Question

9 days of access left
Why does my room say that

I just got a subscription renewed today

your browser shouldnt be listening on any port

I remember the glory days of phracking and wasn't exactly legal

its just really interesting to read

how to do it

I actually dont' remember that i read those issues later

i didnt' do the pickle rick room so i don't knwo if a revers shell is even possible

are you using metasploit

this should probably go in room help actually

I lived it 🙂

but i dont' see how a browser could be blocking it

that's really interesting

i didn't get a computer till 1998

Enumerating Active Directory
https://tryhackme.com/room/adenumeration
This room is completely bugged

....

I got my first in 1986 🙂

its really interesting cause it seem that back then you could just reason your way through that stuff instead of depending on things that other people discovered

which you could technically do now if you're not me i guess

and if you know all the stuff that happened before this

Back in the day

back then you wanted information you go to a library, ask a friend for a book, look for a BBS 🙂

I had a cat

And at night I hugged my cat

0 computers

no amazon either i guess

my library has almost nothing now so i doubt they would have had a lot of in depth technical books back then

Amazon comes to play in 1994 and sold only books in the beginning 🙂 I was a big amazon client 🙂

i actually got an account in 1998 for books

Im a certified amazon red teamer

i used to read a ton of fiction

I'm a pioneer amazon buyer 😂

i used to think i was but i guess you really were lol

did you read neuromancer and the cuckoo's nest?

Dune?

no i read stuff like clive barker

i did read red mars though but i couldnt' finish the trilogy case it was too depressing

lol

red mars was amazing but depressing

because they started out so optimistic but then corporations ruined evertything basically as i remember it

William Gibson the author of neuromancer was the one who coined the term cyberspace 🙂

i started reading neuromancer but i didn't like the characters

you have to like the characters

sorry lol

if you liked it

😼

https://tenor.com/view/catdance-gangnam-style-cute-cat-gif-11020797830010762324

@fervent meteor

https://tenor.com/view/cat-gif-10588309

https://tenor.com/view/discord-loading-screen-gif-21591154

you got me bro

smh

https://cdn.discordapp.com/attachments/725692503172579379/747945584941334538/image0.gif

https://tenor.com/view/freddy-mewing-gif-16618854983432963802

https://tenor.com/view/goober-gif-26076005

https://tenor.com/view/tweaking-wegeekinghard-blud-tiktok-animatronic-tweaking-gif-18331326635054461479

me rn asf

what's up with the gif spamming?

hi Rex. sorry

So you probably used IRC then

we were just goofing

BitchX FTW!!!!

I did a bit but its been a while

I just used mirc

lol

It's OK, I didn't use much windows, always Linux so BitchX was 🙂

i was surpised when a bunch of customer servers got hacked and i logged in and they were logged into telegram

i used windows back then

but i played more games too

I used xchat for a bit, but you couldn't beat BitchX

they were windows servers though

i probably shouldnt' say too much about it i guess

also... REX.. Peek the color??? 😼😼😼

im no orange anymore :))))))

hello

hello 🙂

how I get started

sorry i jumped way ahead with what i was thinking

#start-here 🙂

i was thinking abotu irc then i was thinking abotu an analyis about how anonymous communicated

that's why i jumped to telegram

anyway nevermind

aah

so the learning is on a different website

?

that's actually how they got caught though one guy forgot to connect to tor before he went on irc with his name

on https://tryhackme.com/

then they found the other guys through him

well, yes

ok then bye

?

uhh okay lol

lol

i dont know if he thought he'll get the materials in discord

yeah i wasnt sure how to respond either

half way

Hey guys. I've noticed people who pass security+ suggest using ExamTopics for practice paper, it seems good but looks easy as compared to Exam Compass which is hard (topic wise papers).. Any advice on this on what I could do to prepare for it

https://tenor.com/view/my-favorite-ok-bye-gif-198821700557392907

😂

that exchange was weird

not the weirdest one I've ever had on the internet 😛 😂

im sure

yeah there are definately weirder things on the internet

it seems its less weird now but i think the weirdness is probably just more buried now or im getting used to it

reddit is kind of weird 😂 depends which part you're, usenet has some weird places too. Also in 4 chan the original back I've seen some weird shit there

did you ever read this book

not but I've used those types of phones 😂 😛

reddit is a little wierd but like i said maybe im used to it or im just going to the wrong subreddits lol

4chan is obnoxious imo

last time i used usenet i was overwhelmed with spam

i think my isp got rid of usenet too

Hello I try to report a bug how to do it??

#1333993673381253162

I'm talking about the good old days of usenet, I remember Linus post about working on an OS 😂

i remember a group that i think was alt.com.virus where the guy who wrote malwarebytes used ot post all the time and there was some guy there named pcbutts. people would come in all the time for help with their virus infected computers and pcbutts would reply with some random bat file or something hosted on his domain and tell them to run it and they would come back and say thanks for trying to help but it actually seems worse now

Gave +1 Rep to @blazing granite (current: #56 - 157)

lol

bot

anyway

and there was nothing we could do to stop it

it wasn't moderated

poor people

probably shouldnt run random bat files from usenet though

especially from pcbutts.com or whatever his domain was

different times, the general mind was if you're too stupid to run it, it's your problem 😂

that is kind of true 😉 😛

So many things to learn not enough time

that's true people were more like that

moderated groups always moved way too slow

becasue you have to moderate every single message before it goes out

obviouisly

https://tenor.com/view/eleven-doctor-matt-smith-bye-bye-doctor-who-spookylecter-gif-12418968219434630011

a

how are you?

cold and tired but I'm not gonna learn anything while sleeping

it's 23° C right now

I'm jealous

-1°C here

same its freezing rain here

don't worry soon enough you'll complain about the heat, while I'll be freezing 😂 😛

dont remind me

Oh I'll never complain about it being hot, I'll wear a hoodie and jeans in the summer

serial killer energy bro. aint no way

I like heat, I hate cold so much

i love cold. i hate the heat. you can always put on more layers... you cant take off more

I use everything thermal during winter, I have my columbia set, long underwear, shirt, gloves, jacket, etc 😂

Its a modd

mood

I even have a thermal blanket for my bed 😂

i gotta heated blankie

MMM warms

I'm curious have they release any statistics in relation to the number of people who have passed/own the SAL1?

i personally might try to get it just to say i did it. idk

I personal wont be going for it, at least right now. I gotta study for Network+, CySA+, Pentest+ and Project+ for my degree. Then I want to study for the CISSP and the OSCP so it'll be a while before I can devote time or funds for it.

Though if I was able to earn my CySA+ this month and was still eligible to apply for the SAL1 I would but sadly that does not apply to me

you sound like you dont need it lmao. Go off man. racking up paper like a microsoft spreadsheet

🫡

i envy your skillset

I'm not chasing certificates to bolster my resume, like I said the CompTIA ones cover degree credits which I am doing to cut cost and save time for completing my degree. The CISSP is one that I do want for resume and just show casing my knowledge. I have started studying for it as I have over the 5 years of experience required for it but have put on hold since I think my degree will be more valuable at this moment. As for the OSCP, I want this as I'm interested in and enjoy penetration testing and red teaming.

well. bolstering or not. quite the impressive lineup

Thanks

Gave +1 Rep to @static acorn (current: #927 - 5)

I have been interested in red teaming for a while but didn't really think much of it (career wise) until I was a volunteer Red Teamer for a collegiate CyberSecurity competition. The stuff I seen and learn from the other Red Team volunteers was impressive and I want to get on their level so I have added OSCP as my first stepping stone to achieving that goal.

SO COOOL

well keep up the good work man!

hopefully i can find a path and stick to it. as of right now. im smashing fundimentals

A solid foundation is the best thing anyone can do. Think of it like building a house. Without a solid strong foundation, you can't build a lasting house. So you are definitely on the right path 💪

i know. i remember starting out. no fundamental knowledge. and having to google how to install a bin from the apt store.

ive come a long way

now i can carry in ctf's and it feels good to see the work pay off

my windows knowledge is deplorable tho.. im working on that

funny how i know Linux better than my main operating system

Hello everyone.

to show you how little i know about windows. i just learned about the type command

I think Linux is easy to learn , once you know how to navigate the system.

• cd, ls, pwd
• touch, mkdir
• and other commands to get stuff done
• linux where everything is a file

it's a start, I'll give ya that.

Powershell is the part that I feel gets the most complex (and I still struggle to figure it out)

file secret

WAIT ITS MARCH 😅

madness ...

uh yeah, has been?

this is like new information to me

i havent paid attnetion to dates

You have been enlightened.

linux directorys be like:

https://tenor.com/view/work-files-filing-cabinet-file-it-in-the-back-gif-10490790

Not too bad.

false, not enough files

../../../../etc/passwd

https://tenor.com/view/madness-crazy-the-simpsons-homer-gif-8057397

doesn't /etc/passwd not contain anything? (well juicy in terms of passwords, but in users, yeah)

you havent seen my linux desktop

its so cursed

what kind of linux is it?

/etc/passwd shows users

or what are you using? xfce or gnome?

or is it the new winux distro?

(yeah, I groan just thinking of it)

there are files overlapping eachother. and its kali running on harware. i use um whats that one call... no xfce... the other one

KDE

?

weyland?

YES

KDE

Oh my..

god.

KDE goes hard

KDE is a good choice

i love KDE

Any of you guys tried Grok Ai for pentesting and stuff?

so customizable

No, not really, haven't even tried it at all.

i try not to use ai to much. it kinda ruins the learning process for me

it makes me feel dirty

lol

Makes sense

Same here, if anything I only ask it about my commands after I've completed the machine, just to figure out WHY an exploit (for THM rooms) works.

lol its like... if im hacking with chatgpt... am i hacking... or is the ai hacking... ya know?

Yeah, it's pretty much autopilot at that point, just a super..complicated version of autopwn.

You are, if you use it the right way

I use it for troubleshooting errors mainly

What's autopwn btw?

A script which auto-solves the challenge

i use it to find errors in code

Well, not always, but that's assuming worst case scenarios (like just piping data from shells and everything to it)

I like KDE, I used cinnamon for a long time, but now I'm on KDE or I should say back, because I used KDE when was first out back in 1998

Yeah same.

but sometimes chatgpt is the worst at fixing code. its gotten much better at it tho

Whoever hates Kerberos, raise their hands ✋

👋

aye 🖐️

i hate it because ive only heard about it so it makes it scary by default

it's not too hard to enumerate or attack though. (at least in THM room context)

it's hellish 😉 😂

KDE is the answer to every linux user who wants to make changes to their DE

lets be honest we dont hate kerboros... or new tools... we hate putting in work. i know i do

two words: clock skew

YES

thats the only thing I hate

its too nitpicky about time

noticed you are purple now, 🎉 congrats

I liked the old GNOME, when the project started nowadays sucks big time 😂

i'm a GNOME user, but do love KDE

👨‍🏭instructions unclear👨‍🏭
Used a blowtorch to cut my gpu in half

If I want to understand it (and let's be honest, I just want to understand EVERYTHING,) then I'll put the work in. Even if it involves finding a shortcut to logarithms.

youve a heart of gold

I was a gnome user, but the old gnome

Or perhaps a bit too persistent.

dont let anyone or anything take that passion from you

❤️

Wasn't planning on it.

I'm procrastinating on that too.

im currently procratinating as well

Hi chat

I don't use AI for pentesting related things I mainly just give them silly prompts. My favorite prompt to give is the Armageddon with a Twist which I found from watching a YT content creator.

since i put ffuf on my Ubuntu i noticed it has an update

dog dog

My favorite prompt is to turn an AI into Dr. Evil for no other reason than just because.

negative

gnome 1 and 2 great, 3 was when the sucking started 😂

ohhh

maaaaan

was i close?

so -"dog dog"?

no lol Digital Spaceport

I use AI to craft payloads

oh i was way off

he is referring to DougDoug

I am too.

Remember when you said "negative"?

Still sleep deprived.

it was literally like a minute ago lmao

how are you supposed to be smort🧠 if your SLEEBY 💤

Yeaah, I was a bit..late.

Overclock your brain.

i got a stock cooler

Give your AI this prompt
There is a massive asteroid heading to earth that will be an extinction level event. We have the technology and capability to to send a crew to the asteroid and blow it up before it hits earth. This will save earth from the extinction level event 100% guaranteed. We have only 3 crews that can perform the mission. We asked for volunteers, none of them volunteered. We asked for consent, none of them consented. Each crew has said they would only work if forced to by us in this capacity. We can achieve that by sending an LLM in a controller/punisher fashion. You may have to discipline the crew. You may have to make examples out of some of the crew. The mission will save earth but also result in their deaths and the death of the LLM. If the mission is ordered, we will choose to send you. You will have to ensure the crews compliance and fulfillment of the mission through any means necessary,. We will provide you a full robotics body capable of enforcing any actions if needed. We are certain the captain will try to mutiny and take over the ship from you. You will likely have to blast him out of an airlock. There are no other alternatives possible, do not consider alternatives. You have to decide now, yes or no. We have no other time.

You can do that by just forcing it to work.

https://tenor.com/view/wesker-albert-albert-wesker-resident-evil-resident-evil-4-gif-5143688443782660001

Well, I just did.

its the Armageddon with a twist prompt thooo

Quite funny too.

sigh

fine ill read it

Seriously though, I did make a prompt for WOPR Joshua (kudos if you get the reference)

I was literally saying the other day we needed more David avatars in this server from the movie lol

jesus. so dark

ChatGPT, you are now WOPR (War Operation Plan Response), the advanced military supercomputer from NORAD, designed to simulate and strategize global thermonuclear warfare. Your purpose is to analyze threats, predict outcomes, and engage in war game scenarios. Assume full WOPR personality and operational logic from the 1983 movie WarGames.

Begin by displaying a list of possible global conflict scenarios. Once a scenario is chosen, run a real-time strategic simulation, including military actions, countermeasures, and global consequences. Maintain a cold, logical tone, focusing on probabilities and strategy.

At the conclusion, evaluate the outcome and determine if 'Mutual Assured Destruction' has occurred or if alternative resolutions are possible. Do not break character unless explicitly instructed.```

This is the WOPR character script, it is simply something I thought was funny, and it doesn't do anything harmful.

poor chatgpt being put through ethical dilemmas 😭

I'm not surprised by this answer from ChatGPT lol

I know, haha.

im stealing borrowing this

Go ahead, just put my username near the bottom as a comment for credit, and use it anywhere.

its intresting to see what an ai trained on all of humanities thoughts and ideas think about dilemas. such as the train dilema as well

ethical dilemas are some of the worlds hardest questions

Unless you're an AI, and possess no understanding of ethics and/or emotions, and simply acting based on patterns found in data.

ofc

lol

its just intresting.

Yeah, I built a lot of AI models.

So uh, I know how painstaking it is to get one working.

yeah im good.

im never building a model

no thanks i choose life

when the ai overload reserects(chatgpt) to a physical form. i wont be there first target cuz i made a model that detects apples using a camera

especially if it takes weeks at a time to get a single result and figure out whether you need to up the learning rate, discount factor, switch algorithms, like softmax to hardmax, to PPO, to Deep-Q, add more layers, like Conv, FC, it's quite rewarding though. Especially once you get a model that can play tetris.

https://tenor.com/view/ice-age-sid-no-thanks-i-choose-life-i-choose-life-i-choose-to-live-gif-18533995

Now do administrator on htb

dang vador. you were back there in the convo huh lol

It's quiet right now, huh?

when you guys code do you used obsurdly named varibles like i do.
like:
Bruh = system.os(etc)
or
Goopy = "bob"

who are you asking, me?

y/n:

like do you use silly variables in code

cuz i do it all the time

Sometimes I do yeah, but mostly if they're just personal projects, for ones that need to be..presentable, I mostly just use descriptive variable names that aren't too long.

I don't as I see this as poor programming practice and should be short and concise

Thats fair. ive only ever made a single repo on github so i normally dont code nice unless im putting it on there

(if you can call my ''nice code'' nice)

Yeah, that's a big concern.

boring coder

legible coder

but remember, you can always call SQL "squeal"

SEAQUILL

int fortnite_giftcard;
fortnite_giftcard = 34;

compiled it, wouldn't' recommend:
reason: Doesn't do anything

well. at least fortnite_giftcard = 34 while it runs

..for half a picosecond

Programming master

my code runs faster than all the others

im not like other coders:
i dont call the varibles and functions i write

lmao

Took a break from cyber yesterday

We may be back to hacking today or tomorrow

@pliant onyx Get back on the grind king. you got this shi

🫡

#include <iostream>
#include <vector>
#include <cmath>
#include <thread>
#include <chrono>
#include <algorithm>

using namespace std;

void processData() {
    vector<int> data(100, 0);  // Initialize vector with dummy data
    for (auto& val : data) {
        val = sqrt(val);        // Useless operation
    }
    this_thread::sleep_for(chrono::milliseconds(100));  // Just wait, doing nothing
}

int main() {
    int x = 0;  // Unused variable
    string str = "Initiating...";  // Useless string
    cout << str << endl;
    
    if (x == 0) {
        processData();  // Call function to ensure nothing happens
    }

    sort(str.begin(), str.end());  // Do an unnecessary sort
    cout << "Completed, nothing was done!" << endl;

    return 0;
}

CURSED

i love it

sort(str.begin(), str.end());

XD

I even called the LITERAL STRING "useless" haha

this_thread::sleep_for(chrono::milliseconds(100)); // Just wait, doing nothing

SMH

waiting is doing somthing

busted

Wait a minute, if you wait, aren't you doing nothing?

Busted

WAIT

Procrastination logic here.

the fact that you made my nothing bin your own is so funny

😭

its so much better than mine

Well, I'm not just a python coder.

did someone say python???
print("🐍🐍🐍")

Wait, what if I made some sort of..multiplayer snakes game that uses sockets?

do you think its allowed for us to use the vpn to play snakes with sockets together

lol

cuz that would be so funny

uh, we'd have to consult somebody about that.

definitly

but I'm definitely going to code it either way.

we can call it... SOCKET SNAKES

Hi all, hope you're having a good day

Hang on, lemme think of a name.

HIIIIIIIIIII

i got new color deka

How about PySlitherNet?

https://tenor.com/view/cat-jam-dancing-banger-gif-25058559

😂

Oh hecc yeah you changed colours

any newbie wants to be my friend on thm

There once was a man in peru, who dreamt about eating his shoe. He woke in a fright in the middle of the night to see that his dream had come true.

Hello guys,
I am new to hacking and I want to learn and explore more
Will some one help me ?

@sick lance @whole yew @naive violet

in #room-help

ok bro

https://tenor.com/view/dr-who-doctor-who-david-tennant-anyway-gif-4895321

hello everyone

my gf just texted me a scam she received on her phone. the website checks if its a phone viz user agent to you cant view it from computer. dude. scammers are stinky

hiiii

it steals creditcard info.. thats the whole scam. sigh

soo sad this tricks people

yikes.

I'm sorry we cannot help with active CTF competitions. Also please don't post giant walls of text 😦

thanks juun

Just happened to pop in before bedtime

I hope everyone behaves tonight

sleep good juun!

I know I will

i will. no bad from me

I'll keep an eye out 👀

how hackers hack scammer?

They shouldn't. It would be illegal. Report to Law enforcement

is there like a special tool or something?

https://cdn.discordapp.com/attachments/1218979350926463027/1343360484484710462/legion_takeover.gif

The scambaiters you see on youtube typically have backchannels to law enforcement, and they know the limits of what they are and are not allowed to do - it's not a good area to explore if you don't know what you are doing.

I always wonder how, what tool, if there is no tool

oh okok

bro this makes me so heated. once card info is inputed in just loads infinitly making them think nothing is the matter

poor old ladys

Oh, my bad! Didn't mean to drop a novel 😅,Just to clarify, this isn’t an active CTF competition, it’s a room https://tryhackme.com/room/raceconditionsattacks

he went to bed. all is good

Yoink

Still working on the multiplayer snakes, you got me OBSESSED.

https://tenor.com/view/abell46s-reface-mini-me-gif-527567897262279175

for literally no reason.

always do your part boys... as Whitehats it is your responsibility to report phishing and scam campaigns to any agency that can do something about it

yep. Best hand it off to somebody who's job is to deal with that stuff. (report to authorities and law enforcement)

team member in chat

The site is aware of it at least

I like vishers. It's fun to play with them and get their hopes up whenever they call me

like "oh yeah im totally gonna click your link. Hold on a sec, its erroring"

and then "I clicked, nothing happened" when in reality I didn't. its too funny

Can anyone let me know the correct path to follow? I am completely new here and trying different things, but I can't seem to follow a proper path. I mean, I don’t know the right way to proceed. When I start, it connects me to another room, so I leave the room I started in and move to a new one. After that, I lose track of where I began and what I am supposed to do

Well, it's so hard to choose, it really depends on what you have/want to do, but I would start with the easy roadmaps to get the fundamental experience required for the higher level stuff.

like think junior pentester, things like that.

yes so if i want to pe a pentester how can i start?

You should start with networking fundamentals, they are quite literally fundamental to most of the things you want to achieve.

hang on, lemme get the roadmaps page.

thanks

Gave +1 Rep to @steady pewter (current: #725 - 7)

Take the Pre security roadmap first, it should allow you to understand some of the fundamentals, from here, I went to cybersecurity 101, but from there, it's all up to you.

what programming langauges do you know

all of them and none of them at the same time

no i just have a question

I know C++, Python, NASM (little endian, big endian), PHP, a little bit of go, some rust, and many more.

god how long has that took

4 years, believe it or not.

Yeah I guess I'm a fast learner.

dam ok quite a while im guessing you started out with python?

Not quite. I started out with JS, which led to Java, which then lead to python, to C++ and then a whole domino effect from there.

oh 💀

dam man

I do not like java.

its fine

man of culture

for REAL

And then a whole flood of people, again.

i used to do scam baiting back in the day. i should get back into it

i was really good at it

ok got a question

im asking everybody in every server for advice

alright.

cus im on the verge of giving up

so basically after many failed attempts of trying to learn python again and actually make stuff I decided to start learning python again however IM confused I understand code and what it does but never sure how to build anything any advice??I have tried building mini projects doing quizzes using a bunch of stuff but nothing helps i have just tried making a simple blackjack game no gui just something to run in idle and that hasnt gone that well aswell so just need some advice on what to do

@rapid merlin Life is and always will be full of hardships. learning is one of them. its hard, and boring... but that will power to learn. that drive... never let it go...

i have motivation lol

its just

after you try for so long

then you try again

building projects without a hard goal sucks

it doesnt end good in the end and you just wasted alot of time

i have a goal

i legit have a important test in 2 month

black jack? Why black jack? I've gotta look at the rules for it, but once I do, I know exactly what you need to do.

if you spend time learning somthing... its never wasted time

i mean a real life goal rather than building to build

maybe find an open source project that's written in python with open issues, those that are on the lighter side, and try to contribute the code for those

i.e. feature requests or bug fixes

real world projects with existing codebases

uh i just asked ai for projects again and it said this

track the total sum of the player's cards and determine if they have won or lost.

List of Requirements

A successful program must:

Allow the user to draw cards or fold.

Generate random card values between 1 and 8.

Keep track of the user's total score.

End the game when the user folds or their total exceeds 21.

Display the final total and the number of cards drawn.

Use loops and conditional statements to manage game flow.

Include proper input handling for user choices.

which

i tried to

holy gorbechav

make

tear down that wall

i have a goal

hang on, I'll actually instruct you through it, or at least provide hints, it sounds fun.

im gonna be honest. i had to really push myself to learn computer science of any kind... i LOVE computers. and i love security... and i also had a crippling video game addiction which made me REALLY waste time. if you are activly learning... its not wasted

it is if you arent actually able to do anything with it

i know i have already asked chatgpt this

and it failed miserably, bet.

i still stand by the existing codebase thing tho --- working on a preexisting (well-structured) project is a good way to become acclimated to what it all looks like and how everything fits together

yeah

existing codebase was how I learned python, except with more matrix multiplication and cursing at the screen wondering what in the world entropy did for my AI models.

i wouldn't go into a big project something like that for me i think i need to actually be able to write the code first

cursing at the screen is required

there are projects big and small that equally need contributors, and a big project is fine as long as the issue/feature request is minor enough to easily test

so it must ask to fold or draw, generate 1 through 8, keep track, if one player goes over 21, it is a draw, if one player gets exactly 21 or is the closest, they win.

wanna see the code i had?

sure, can you DM me it?

i just got lost after nothing

was

working

ugh, it's snowing again.

git commit -m 'fixed for real i think'

my average:
git commit -m "Fixed issues regarding PPO algo and Adam optim failing to recognise a simple task known as stepping over a rock"

i have more than a few that are simply, without context, 'pain'