#general

No it;'s not to do with cheat sheet the NIC just kills itself after an NMAP scan, google cant be accessed, cant ping anything everything is dead, unless i restart vm it's fine again

James! how're you doing?

then head over to #room-help or #site-bugs

if its site related

It won't be with those IPs

Busy busy busy

two different people asking about nmap

fair enough, same here haha

.. dawg, the whole VM is dead after a scan i cant even send an ss anywhere to even show whats gfoing on

the ip scans was another user

I found out that both other module assignments are due on the same day as my diss is

Eh either way, not a THM related problem - it's on their end

okay nws sorry for taking your time

I uh... bought another transciever though...
Radioberry

so I have 3 weeks to finish the last bit of my lit review, do my experiment, analyse the findings, write that up (~3000-4000 words), finish setting up a server environment with active directory, write up a report on it all (4000 words), analyse evidence and write a slideshow presentation detailing findings while I crack on with non-academic work 😅

It's not looking good

Very nice, you had the chance to try it?

Arrives Monday

Should make it eaaaaassy to get digimodes

ahh class, let us know how it goes 😄

I've got my aws certification so once I finish uni my next is the radio license

You can’t scan a local network from a VM unless your network adapter is set to bridged mode

You totally can

In NAT, works fine

nope

I regularly do

Its on bridged mode and i have scanned from a vm before

It just needs to be able to route to the target - that's what NAT lets it do

but scan like nmap 192.168.1.0/24 won’t work

Fully will

Regularly does

If you have the VM set up out of the box in vbox or VMware, it will just work

If you set it host-only, you start getting different behaviour

then you are in bridged mode

NIC dies after nmap scan what do i do?

Nope.

okay, nvm

hi

You can most definitely scan from a NAT, that's the premise of how most IPv4 LANs work if you access the internet haha

Yeah just needs routing, easy as

I use nat for all my vms unless vmware's nat service shits itself

I am new yall can say I know nothing I just wanna learn and can't find stuff to learn from can someone help me

not the right article 😦

If you check out the website you will find a section on different learning paths, that'll help you get started and going in the direction you want

Start from pre security at tryhackme, learn Linux and find your own way out use AI for ease

thank yall

any one guys have this problem with responder
sudo responder -I eth0 -dwv

That's just other stuff bound to those ports

Why do you think it's a problem?

NO idea I was thinking maybe its firewall

Nah it's just stuff on your box that's already using the ports assuming you're running it as root

If you don't care about http, rdp, and ldap, you can just ignore those

so the responder is working even with this error messages?

Yeah, except for those ports

yeah m just wanna use the LLMNR

so yeah,thanks mate

LLMNR is the poisoning part of it, the services then reicieve the hits for the poisoned names on their respective services

so no need than for thoes since they are not related to this

if m right

The request for an RDP session would get poisoned when resolved with llmnr, then the rdp request would point to responder not the actual destination

So it depends what traffic you're trying to get - usually SMB is fine

yeah thats the point

my diss is now at 4750 words

we are cooking

James,
Lay the quill on the table, and step away from the cauldron.

I'm actually cooking so hard it's unreal

first pancakes, now diss

the golden syrup and nutella have got to my noggin

Man, I had some great ambient audio themed after planetary orbit in a vexor, on eve online - but I was using fedora as my OS at the time, fedora crashed and wiped my usb 😦

Now I can't find it again

you should see my productivity playlist

it's anything but ambient

lmao

send

I shall purvey

https://open.spotify.com/playlist/0rFH3905rBc4tZbHT5ZNOA?si=ec4e3a536993437c

tell you what, it gets shit done honestly

I played it one morning and I ended up being a top notch adult

Woah man, starting strong with starstorm

it is a random playlist honestly

Is there a sandstorm somewhere in there too

I ended up setting up a proxmox server, completing an assignment, ringing the bank and my landlord, going into uni, doing non-academic work and all

on no-sleep as well

not yet but it's a shout

I can fix that

Yoo

how're we doing 😎

best productivity track are storm chasers in the wild

Doing not so bad, you?

pretty good, adulting currently

Damn, when did you have a kid xd

nah if I'm trying to lock in without music, air crash investigation

oh christ no, absolutely not for me 🤣

Ooo, that's a good one.

I'd be an alright dad for the kid but I don't think that's very me-core

the only babies I'm after are covered in fur and meow

Ok then alcohol?

Or work?

university work 😭

air crash investigation top tier

https://tenor.com/view/cat-cat-wearing-hat-puss-in-boots-red-hat-hat-gif-15309952569964088815

I was distraught when I paid for a year subscription to disney and they removed it after a month 👎

My career aspiration is to work from home and have many cats

you've heard of a crazy cat lady but wait till I'm crazy cat James

https://tenor.com/view/cats-feeding-gif-24196250

omg no way

maybe on discovery? who knows these days

gotta pay £200 p/m to find what you want to watch these days

yeah it's honestly my favourite docuseries of all time

I love trying to predict the reason for the crash

i used to freak myself out as a kid watching it before flying

I fell asleep on a flight to poland watching it 🤣

you will enjoy mentour pilot on youtube james

I love him 😄

🤝 great taste

no 🫶

literally woke up and air crash investigations playing on my phone, my dad told me I was crazy for that, said he'd read a fiction book about a plane crashing on a plane but watching air crash investigation was just another level

Fell asleep and woke up in krakow with an episode about a military plane that crashed haha

:hammer: vlk.milf.eater#0 has been banned.

meanwhile kid behind me was watching lego ninjago

Cool

cheers jabs

I'm a terrible person to fly with

I've been to poland twice, went with family and with school. When I went with school, I was sat next to my mate who was shit scared of flying, every slight bit of turbulence and I'd say "we're gonna die!!!"

😄 chaos

I've always wanted to go to Poland

I loved it, only bit I didn't like was driving near city centre, I wasn't driving but I was co-driving from the back-seat

My dad brought a garmin satnav with the latest maps and it tried to take us into pedestrian areas and the wrong way down one way streets

ah 😄

sounds about garmin icl

their "latest" maps are always like 5 years behind rofl

He didn't trust google maps for callouts and wouldn't use it so I ended up calling out directions using google maps like a regular map

He said "I'm gonna trust the satnav" and I said "you've done that and it's failed, my turn"

then after a while he said "where are you taking me" and I said "away from the city centre and towards the house", I'm an amazing co-driver, get me in rally racing fr

3 right, crest caution ditch left

ooof!

also had to change a tyre at the side of the road cause after it took us down a one way the wrong way, we had to reverse in the dark and clipped a curb

so while the family was in the car, me and my dad took turns getting the car jacked up and the spare on while the other guarded the back of the car so we didn't get hit

very enjoyable trip, wouldn't recommend driving, it's also 50/50 whether places are wheelchair accessible, which did matter for us at times but if it's not an issue for you then you're all good
Also found my love for carrefours there

Google just gave me an ad for Ai image search anything and the "not interested" button doesn't work lol

peak consumerism

man wait until bing tries to get you to accept or reject cookies and it just shits itself and starts glitching instead 🤣

I hate microsoft's push for bing, I wouldn't care as much if it at least worked

They got the spirit, but bad execution

I'm just not a big fan of the AI buttons they keep forcing into laptop keyboards, it totally screws with my workflow

Especially when they replace the Fn or Super keys with the AI key

I saw one laptop where they replaced the backspace key with the AI key

That sounds too stupid to be real

I was trudging around different best-buys and walmarts in the bay area looking for a laptop around 10-11 screen size to fit in my sling backpack, that's the only reason I found those

It was the weirdest experience lol

The prices were strange too, 800-2k for some of them

hi

Hello Blake o/

Given that the event is over can we discuss some of the flags

welp time to call it a night and get some well deserverd meep moops while sleep sloops to beep boops

Night

You're absolutely right, it's not a good night, it's just a night tonight because a satisfying time was missed by 1 minute

04:21:09?

I think your time is off by... everything

Well it certainly can't be 04:20:69, time doesn't quite work that way

What does the number you sent mean

It's just the funny numbers dumb kids like me laugh at lmao

I understand now. But I was referring to the time of 00:30 as I feel displeasure when I go to sleep at uneven number

ohhhhh.

Well, if you go to bed at 00:45, that's exactly 1/4 of an hour, of which the denominator is an even number. Does that help?

I always get reminded to put my phone down and go to sleep when I see shadow in chat, as it so happens we go to sleep at the same time

It doesn't, it has to be half or full

helo guys do u have any idea when the writeups will be available?

2 days

alr thx

Used to have to go to sleep in pitch black darkness and no sound. Wife changed that as she need some light and sound.. So had to get used to it

she is right tho

if you dont wanna be blind at 50

No sound and darkness is actually more healthy

That was my thought?

I personally have sound isolation and a night light because I feel uneasy in pitch dark and I fall asleep easier knowing I can recon the room in less than a second

Idk why I have this feeling, I would've preferred pitch dark

Makes sense, Although my eyes would get acclimated to the dark and would be able to see fairly quickly

Super low resolution

You know when you stare at the void and you just see static of your eyes

Yup haha, sometimes I would just lay there and stare into the darkness. Very relaxing, but I can see why some don't like it

I assumed you figured out how to link to discord as you deleted the message?

erm what the Sigma?

I did thanks for you're concern

Gave +1 Rep to @vast egret (current: #2763 - 1)

Yeah no problem. Was going to help if need be

https://tenor.com/view/gummy-beat-honda-beat-dance-honda-beat-gif-6912885448453432831

Do printers keep logs of what they have printed in themself in some way?

Im talking about a 100$ black and white brothers printer for example?

No they ususally do not. Sometime they do store a temp job history but this gets deleted after shutdown/reboot

I'm asking that because I became curious, since some time ago I saw something about police "Seizing a printer" and I was like wtf

Damn i just ate a few handfuls of pumpkin seeds a few minutes ago and it feels like flowers are growing in my stomach in the best way possible.. im torn between associating the Senzu bean from Dragon Ball Z to a pistachio or a pumpkin seed.. both are highly nutritious..

Nuts are good and nutritious indeed

I used to eat raw nuts non-stop as snack back in gymnasium/high-school

Cheap and healthy and full of proteins

Good news - Finally encrypted my USB + a hidden volume

I guess I put way too much data on it during the encryption process itself

Maybe they can get metadata from it? Not too sure on that

Yes, but what someone would be more concerned is if they can get some documents, images or maybe passwords

Since someone might use a printer to print passwords on paper instead of write them if they are long

But metadata might not be helpful in such a case?

"That's an interesting observation! While printers themselves may not retain data long-term, there are a few reasons why police might confiscate one:

1. Forensic Evidence: Some printers embed unique identifiers, like microscopic dots (known as machine identification codes), on printed documents. These can be used to trace the printer that produced a specific document.
2. Connected Devices: If the printer is part of a network or connected to a computer, it might be seized to investigate the associated devices for evidence.
3. Criminal Activity: In cases involving counterfeit documents, forged currency, or other illegal activities, printers might be confiscated as tools of the crime.
4. Stored Logs: As mentioned earlier, some high-end printers or multifunction devices may store logs of recent print jobs, which could be relevant in an investigation.

It’s fascinating how even seemingly mundane devices can play a role in investigations! Does this align with what you were thinking?"

That's what Co-Pilot told me

I guess they can trace the machines that produced the data, but not the data that was outputted of the printer itself

Otherwise there wouldn't be second-hand printer devices for sale?

Good that my curiosity has been satisfied now

yo

???

yoo

👋

it's tax season right now, and I just got notified I have to pay €3,228.7 in residual tax, watch me turn that into them giving me money

thats a lot

yup

u live in an apartment or what

how much was tax on that

there's no apartment tax

if (you live == house)

{

printf("how much was taxt on that");

}

else

{

printf("ok");

}

o ok lol

Pluh

Omg it's Steve Harvey

so to explain why it's so much, I do a lot of tax work arounds to pay less tax, and when the yearly tax statement comes around those work arounds are not added at first, so I have to go in and do my magic for the actual number

so generally my monthly tax payments are like 60% lowered, and when the statement comes around they are like "you're missing paying for 45% of your taxes"

.......

Just put in everything, now they are paying me back €68

Hello anyone available for practice dm me if you have premium so we can study and do some boxes

https://tenor.com/view/iggydr-dr-nick-nick-dr-doctor-gif-19040004

the best surgeon is here

yeah, I got a new job.

nice work

..working for myself.

the tax cuts must be wonderful

They are

Guinea_Pig_Lord has file taxes in the amount of || lots of money, so much || in the tax haven of || some tropical island || and is known to || hack computers || storing financial information in || secret file folders ||

Try to ask in #room-help 🙂

Yes.

will do Thank you

Gave +1 Rep to @cloud quiver (current: #1 - 4131)

So how is everyone this evening?

any idea all ports filtered

is it because of ufw?

what is this for, if you don't mind me asking?

forgot about carbon

SMB relay

isn't cmatrix like just something to turn your terminal into the matrix?

checking for smb signing but all filtered

yes it is, very hacker move

What's the deal with https://tryhackme.com/p/ConnorHack

over 2000 events in one day

seems fishy

it is

They probably found a bug in THM and exploited it for their own gain, or perhaps reported it and then uh..irresponsibly exploited it.

it's a bad look

they took THM to heart

apparantly

don't me!

just wondering why they still have an account/are still on the leaderboard since that most likely violates the terms of the site

someone will get to it in 5 to 10 business days

meanwhile we get to marvel at this cheater

Lemme get the popcorn.

🍿

🍿

• 🧈

it would be cool if they patched it then did a blog post about what happened and how they fixed it.

I used to note answers for each room, and come back and submit a few answers a day just to keep my streak going cause I'd miss some days due to irl stuff, so I could earn the badge.

I have since stopped submitting answers cause of other irl projects and I still have like 300 answers or so queued. I could submit all of them today and look just like our boy C-Hack

In fact, I should probably just do that, they're sorta wasting away in my notes at this point lmao

but they only have a couple rooms completed

it has to be something else

Okay ✅

oph, oh yeah lmao

duh

my bad lmao

And how long have you been on this

maybe they did some automated virtual machines

i think it says starting a virtual machine counts as an event

oh maybe

so just loading a buttload of tabs at once, start the attackbox or we

machines started, questions answered, file downloads

yup

that's insane

A long time. Let's just say, for as long as I have had a THM account, my number of room completions is atrocious lmao

Well, looks like the questions and answers have since changed. I guess I'll just review the rooms lol

does anyone use obisidian for THM notes. if you do, do you mind sharing. Im trying to get a good list of notes going, like a master list.

Okay 👌

How long have you been on this please

I just started creating it

so not much

Okay

Work with your inbox okay

On it

Thanks, when its all done. I'll share it

Gave +1 Rep to @steep kestrel (current: #1816 - 2)

I use it for HTBA, considering how much info there is in one module.

Okay

You should be able to access that from your tools 🧰

Would you be willing to share that one?

How do u make notes for thm htb rooms? Like there is lot of information or explanation given

When I come back to my laptop, sure.

Thanks mate

I'm still working on that, I try putting them in like, subfolders

Notebooks and read through anything important write down.

Gotta thank HTBA for increasing my attention span. Reading walls of texts helps me read other walls of texts (like terms of service)

Okagg

Yeah and books too been helping me a lot

I'm starting to enjoy reading quite a lot more than watching just videos.

Yeah me too

I filled up my bookshelves And my nightstand

just want to ask is the sandisk ultra flair flashdrive is good for dual boot (kali linux)

I plan on heading to BooksAmillion this upcoming Sunday to check out the type of tech books they may have. I want to make my whole room a whole library of offensive/defensive books.

Yes that be good or Barnes ANS nobles

when you invite her into your room and there's just a whole wall of hacking textbooks

Lmfao

Meh, for me there's just computers and hardware hacking experiments everywhere

Any ideas how I can become a room tester?

Okay ✅

Yes mate

"Now let's see if my Tesla K80 survives this!"

yk my room isn't really a hacking chamber like some ppl in the community

its just me and my hello kitty collection

Cute

wait, how do you become a room tester?

Is there any room to learn Cortex xdr?

currently - no

k, thanks!

I wonder how many people are still online as general went quiet again.

Still online

huh.

Hii people

So how was everyone's day?

https://tenor.com/view/hello-there-gif-5677380953331354485

You guys think its worth gettin a bachealor in cs or send it full in certificates?

🫡

Worth it If you can apply the knowledge in real-world

😮

And i meant masters*

is that you doing the back stretch?

Cus im about to finish the bachelors but ive been thinking moving to the states and get it

Or should i focus more on certificates?

Okay ✅

Not in CS or anything, but here's what I think,
I don't really think it's all about certificates or anything of the sort. I think it's all about learning and being able to apply what you've learned in the real world.

Hey gang

I understand, at the end the value is what ur actual comprenhension and skills

Mhm

I think one of my reasons for using this platform is back to when I was taking a class that was focused on CompTIA sec+, but the content felt more theoretical and less practical.

The platform or ur class?

My class heavily relied on Cengage

🚬 detective

📓 what have you learned ?

Never heard of it

its a book publication

locked in ebooks

Its something common in usa?

Is pico CTFs a good place to practice CTFs?

yes! its awesome

Pearson's publishing is dominant

yea i know pearson

didnt know

Good to know!

Yeah, my stats class is using Pearson, what I love is their use of Statcrunch (in my honest opinion)

when i did stats i just had hardcover book and paper tests

We still do paper tests, except we can use a calculator and Statcrunch for some problems.

i enjoyed stats

not sure what statcrunch is

It's used for calculating and putting numbers into charts

Rather than having to remember formulas

Yeah , definitely

i see, so you dont have to figure out the z-score ? it does it for you

Pretty much

i should make a tool named kool-aid , would be so fun sudo apt install kool-aid

Back to this, I've learned that just relying on one class or platform doesn't help. Using external resources, like YouTube videos, labs and other platforms help the learning process. Idk, that's just me🤷‍♂️

Khan Academy is still around

It's been awhile since I've used it.

would it be delicious as it sounds?

make it a backdoor

but..I don't think a door would fit in my computer's screen.

have you tried it?

sleepy time ~_~ goodnight all

Yeah, it just wouldn't fit, and my laptop was destroyed.

Actually is there a way that I can try picoctf previous challenges

Wdym

Previous year ones?

Yeah

They are all open in picogym though

George foreman died😢

ok 👍

what the heck?!

Huh

2020

why my rank is not updated here , last time it did quickly lol

verify again to update immediately

ah ok

what was the command again?

!verify

?

/verify

and your token afterwards

ah thx 🫡

noice, done

Blue looks good on you, good job!

Meanwhile I'm still [HACKER] even after 3 years, haha.

Hello

Thanks!

Gave +1 Rep to @steady pewter (current: #465 - 13)

why?

hi

Mostly because I do stuff outside of THM and don't have as much time to myself as I used to.

Oh ok

figures , Im veri unemployed unlike y'all

I came here cause I saw a video called “I took a CIA test” where he did the sakura room

..but that isn't a CIA test..

Yeah I know it was just the title

Good morning chat

good Morning

It's 12 AM here, so yeah, I guess it's..good morning.

It’s 11 pm for me

same but PM

Across the world?

probably

seems like so

We're all CIA members

Do geolocating images room and you get invited to be CIA director

Very true.

I got invited, and rejected the offer, on the run right now.

quick do a british crime movie and snap your SIM card in half! Surely that’s the only way you can be tracked

in the 00s when these movies were set

sadly I have a device which is just eSIM so I guess I just have to snap my entire phone in half which is a bit more difficult

I will admit for real, I do dislike that about eSIM greatly, they try to sell it as even easier than swapping SIMs but yeah clearly less consumer control or choice

Interesting

lol which is? eSIM is kinda BS but it’s “the way of the future” and will be pushed on more people over time

But honestly it’ll just be like old CDMA phones and etc where you have to work with the carrier anyways

Ngl I feel like esim will be a bigger vulnerability than just physical sims lol like unless I'm missing something

I wouldn’t say it’s as much a vulnerability as much as it is a liability

There’s nothing inherently different software/hardware wise other than the module is permanently embedded. So it’s just a pain to transfer

It just sucks because without any contact to your carrier you could be like “nah I’m using this phone now” and the Carrier had 0 input or interaction

for physical SIMs

I did that several times and it felt like magic. I never bought phones on contract as well (majority in the US do) so felt like using cheat codes irl lol

They ”say” it should be that easy with eSIM but we have some ways to go before that lol. And very little motivation to make it easy for consumers

lol I saw that, and yee the US phone market just sucks in particular

I deleted because it was such a low effort response and I was ashamed of my laziness lmao

nah it was more than reasonable

anyways lol I don’t have much more to say, other than double check if your new phone will have a physical SIM slot, but RIP if you want to hold on to that forever

Hey guys, I'm using foxy-proxy and burp. But the no site loads. It keeps buffering.

Is there something else I need to do that I'm not aware of?

Remember CDMA? 😁

Make sure that Burp is set up as a SOCKS proxy for Foxy Proxy to actually use

Disable Interceptor in burp

lol I literally name checked it above

also check that you downloaded the custom certificate you need to pass security checks, put it in the right place on your attack box, as well as referenced the correct location in firefox on your attack box

If you have to restart the room, or if you take too long or disconnect it can sometimes end up invalidating

Yeah KGB has a point, depend what you’re trying to do with Burp

I go hard and ssh tunnel my HTTP(S) traffic from my remote pentesting server to Burp, then tell Burp to be a SOCKS proxy, then Foxy Proxy shows me what my remote server can see, but locally lol

The way a lot of eSIM is being handled feels like Sprint Nextel era CDMA "Yes I can activate your phone to your account, can you verify which phone number you would like attached to the phone? Excellent I'm going to have to look under the battery now, I'm going to need you to read two identifiers for me, first look for one marked "ESN"'

So little planning our advancement.

Missed that. 😅

mhmm, when I first heard eSIM’s concepts, I immediately thought, ugh this is just like dealing with CDMA phones changes indeed

It has some technical advantages over GSM, but SIM won as a convenience factor.

So now we get the worst of both

Yeah I just hate that they threw that all away. I get why, both actual consumer friendly size stuff and… consumer unfriendly lock in

Yep exactly

Let us know what solution ends up being the right one, I'm curious xD

This is like basic Burp use, a setup guide on THM or elsewhere would detail what you need to do

so I’m curious what exactly is going wrong

I made the mistake of buying a vendor locked samsung instead of an unlocked pixel on my last upgrade

But lol I also can’t say I’m a Burp expert, since I just have used this setup for 97% of my time

Ah ouch yeah, but typically once you’e paid off your contract, most carriers to have an unlock provision

I really wanted to try out graphene but I need a pixel for that

Not nessessarily?

You can try to do it on samsungs but it fries the embedded security chip

Although yeah Samsung phones are a pain in the butt to actually get unlocked bootloader going

what the- lol

yeah idk lol

zumi posts that same gif a lot huh

anyways yeah Pixel, Nothing and OnePlus are usually pretty friendly to unlocking the bootloader. Motorola is too but they’ve gone down hill as a company over the years

rippp, motorola is actually one I wanted to get too

They used to be soooooo good before Lenovo bought them up

aka a Chinese megacorp

My Moto G3 I got customized like case design because they still had that back then, it was so rad

I ordered the purple back and black front, black camera cutout (no bump back then)

Yeah. I'm big dumbo, I misunderstood the lenovo hype and bought a brand new lenovo workstation laptop, paid big for it too.

Whoops

I mean their PCs aren’t awful, hopefully you got Thinkpad instead of just Lenovo, not that there’s a ton of difference there

I’m just skeptical of them after they kinda wrecked my fave Motorola

I did at least do this lol

Okie can’t complain with that then, ThinkPad is legendary and they have at least kept up that industrial design

oh no, flashbacks

Tbh, I just turned the intercept off and on.

🙂

I got one with a red led on the back of the lid, and put a linux penguin sticker with the eye over the led so that one eye glows red like a terminator

Personally for laptops I go Asus Zephryus devices, kinda a mix between gaming laptop and ugh, “ultrabook” but they’re really appealing

Asus is pretty nice. Lately I've been a big fan of HP for their return to recyclable, repairable, and easily moddable systems

Don’t worry, it’s happened to the best of us lol

Guys when are site staff gonna remove that guy ConnorHack

whew I avoid HP consumer electronics like the plague, but HPE is banger

Friends and family IT wise, HP laptops have been hell on earth

single HP laptop I got as a hand me down also had a bulging battery when I got it and was generally meh

Oh yeah... sheeeeeeesh...

That's exactly the issues we had with them. Oversized with dangerous battery and overheating issues

now HP Enterprise just kills it, but yeah I will never consciously buy an HP consumer device

haha yep, sums up a good bit of the issues I’ve seen with HP in general.

Also lol, just fans getting clogged on laptops, and whoops, gotta completely disassemble the laptop to even get to those fans

I switched to their hp streams though, upgrade the ram, replace the wifi card, wipe the HDD and write it with kubuntu. Fixes everything

some of the biggest pains in the butt I’ve ever had working on electronics

lol arent those the successors to their netbooks? Don’t get me wrong, contrary to popular opinion, I actually loved the netbook concept, but didnt’ know the HP Stream brand was still alive

Not sure, but they're super cheap, and I keep finding newer models

I am typing this all on an iPad with a physical keyboard and touchpad mouse so yeah basically just a netbook rn lol

yeah fair enough

haha

it really is basically a netbook though

a lot of companies like take their Chromecast models and just make them normal super cheap x86 laptops again

Not that they were ARM before, just that they are normal PC compat

right

I’ve got some cheap devices like that before. My newest is now my mousepad for when I play KB/M games on my bed lol

lol nice

lol it probably runs 2017 era Arch on it, it hasn’t been booted in that long

I love ipads, I haven't used one since the 2013 ipad 4 retina model.. have they improved since then?

but lol I got it for “free” with an amazon $150 gift card back then and I was like, idfk what to do with this

lets get a cheap computer

hello

Good morning to everyonee

my definition of good morning is 2AM

Well it is nearly morning there

Close enough

I didn’t get an iPad until M1 iPad Pro so I can’t comment much, but this is as Steve Jobs said back in the iPad announcement, this is kinda the ultimate netbook (also frick Steve Jobs, Woz is where its at)

Just so you know how far behind as a grandpa I am : I used to use ipads during the iOS 6 era, knew em inside out

Then iOS 7 came with its mininalistic looks and it was so fresh and beautiful back then

Heck I’m a bit of a sucker too, M4 iPad Pro is what I upgraded to since I use this daily and gotta have dat OLED lol

That’s fair FUG, I just did a decade+ of Android instead

I wish I had a nice pretty mac to play with. I haven't used macs since leopard

yeah I do enjoy my M4 Mac Mini quite a bit, but it’s just my personal side machine in work from home setup

They're beautiful machines but that doesn't take away from the fact that using androids made me better at understanding a mobile device better

Never used a mac .. I'd absolutely love to try one

Yep can’t argue with that

I just use every OS I can get my hands on honestly

What's your most noteworthy OS?

and have settled down in some fields like tablet with iOS honestly kinda being undisputed winner lol

I mean I’ve been Arch Linux main for 18 years?

If I were to have a tablet I'd wanna download lots of stuff on it so I'd probably go with something non-OS, especially since I like downloading manuals and books

I'm planning on making my PC arch, was gonna a few weeks back but life happens. How accurate is it that it just breaks randomly?

Books I have my Kobo eink ebook reader, comics and manuals I have Panels on my iPad

Sounds like you need one with a removable sd card

do you guys have a prefrence for c2?

They still come out with that?

Some do yeah, you can get microSD cards up to 1tb

It doesn’t break randomly, users break it due to user error or not keeping up with updates and the RSS feed for global news for all Arch users

my personal pentesting server is acutally arch as well, still going strong five years on, and that’s short in the timespan of my Arch installs

I'd love to be in the marker for one right after I compensate my company for their car I crashed 😂

Market**

Not particularly, I would recommend getting experience with the common ones and kind of going from there. Especially if you’re lucky enough to have an EDR to test against

I wasnt exactly asking from a learning standpoint

also who needs a big SD card when all your files are on your NAS lol

The issue with microSD cards is that like other ssd cards they can fail easily, so I try not to rely on them for main storage, just localized data access. You can use Syncthing-Fork on your android device and Syncthing on your primary storage device to sync a folder of books you're currently reading / checked out, so you dont have to carry everything with you

I just have this 512GB iPad and switch out what I need

There are other apps that can sync things for you, even e-reader apps that sync libraries, but that's a whole other conversation and rabbit hole that depends on your preferences

I don’t need my complete library of [x] media, just what I’m reading/consuming/watching at the time, if that

Heck even disk images for OSes and software for VMs or computer emulators both on iPad and full computers, I just run directly from the NAS half the time

I personally used Sliver for the entirety of Zephyr

yep Silver is quite nice, I just don’t see any issue with getting experience with many common ones while you are learning

just without further obfuscation, EDRs are going to more than pick up on them out of the box

but yeah depends on your goals

I'm gonna do RTCC with Empire and Offshore with Covenant

even without signature based stuff, EDRs are going to be like, woah this software is doing x y and z which looks shady, which it just finds via heuristics and actually embedding its self in each application to trace all API calls and more

I am aware of EDRs

Totally fair, was just saying since I administrate one and a managed SOC for it

Heck Steam games (obvs especially with anti-cheat) can easily set them off as a human determined False Positive

lol, you don’t argue when the guy who’s last name is the companies name as your client, if he can play games on his PC or not

Elizabeth I'm not some skid

No I know, and I’m sorry if I came off like I was talking down or anything

was just trying to provide some insight at managing an EDR at work

Just to throw my 2 cents in, I picked Kubuntu.

Ubuntu because I wanted to protect my attention, focus, and energy. Arch was one of my favorite picks because of the modularity, but I wanted a stable base to learn from, without my workspace becoming an attention hogging hobby.

I had switched from Gnome Desktop Environment to DWM Window Manager because I loved the freedom it gave me, but maintaining it, and the amount of work I had to do to get functionality I needed for workflow was rough. After a bit I realized I could get the core workflow functionality I wanted from KDE Plasma, without any of the work. So I just made the easy choice.

They are a fickle beast, but I much rather have it be overly cautious than miss something obvious

had it stop Trickbot and Qbot dead in its tracks and whew, was wild to see those big names

Typically stage one dropper launches and EDR is like wut, but just keeps an eye on things, but the moment stage 2 starts EDR is like NOPE

Are we able to deploy EDR on KOTH rooms?

Should we even?

no? Unless you wanna do a Wazzah install if that even counts lol

lmao

lol just most EDR products are unfortunately paid products for sure

Yeah I didn't even think of that

Yeah typically $3-4 per month per endpoint, depending on how steep a cut you get for volume of endpoints

at least as a reseller that is

sheesh, I am not made of money. lmao

yeah lol, this is stuff you use defensively at work and not for fun sadly

they make it a pain in the butt to even run stuff by these engines personally besides what they expose to VirusTotal

Would be nice to get a lab discount, or lab price, so we can play with it

Yeah they’re too worried about people reversing these to dig into breaking them and etc sadly

oh well.

mhmm, VirusTotal is usually a pretty decent determination anyways though

although lol, none of the behavior based detections from my EDR at work actually show that the same product “detected it” in VirusTotal

btw if I see WaveBrowser PUP one more time I will scream lol

holy crap that adware browser is everywhere

especially in “PDF Fixer” style applications, all PUP. Why do our users feel they need to search for an app to fix PDFs, call us or… you know like take advantage of the Adobe Acrobat Pro license you all have

it hurts my head sometimes lol

I seem to have out chatted chat, but if you all are curious, AMA working in both defensive infosec and minor offensive infosec professionally

lol what do you mean

My bad I was doing research on another workspace lol

lol that’s what it sounded like, no worries, but like if you’re here you’re already well ahead of the general pack attempting, erm, computing lol

Trust me, any user here is most often on a much higher level than our end users lol

If you can call it that, lol

You wouldn’t believe how many of our users fall for fake “Click Allow if you’re not a Robot” style scam, in browsers… allowing Notifications from malicious sites which send McAfee and Norton fake AV notifications

quote time

one user asked for a step by step guide to like clean this on her home computer today, because her husband keeps fricking up and clicking bad links… and saying Allow Notifications lol

maybe yes quote

'hot single women in your area' popups

do ppl fall for those

I already cleaned them from her home computer like ealier this week and it happened again

hmmm...wait ..that doesn't sound like a quote'

They apperently do lol

something tells me that all the hot single women in my area are purely interested in tech obsessed cybersec nerds

Yeah, they do unfortunately. Usually it's lonely people

meanwhile me : i just wanna download my movie/game, move aside 'single hot woman'

I used to work as a waiter at a restaurant. Had this old guy come in all the time and brag about the cute young thing he was seeing, show me 'pictures' of her and tell me about all the problems she's having that he's helping her solve by sending her $240/wk. People always told him she wasn't real and was scamming him, he said he didn't believe them, and I don't think he ever could let himself believe that.

I never expected to see that in person

Sigh

Why do ppl fall for that shit man

@dusk canyon Are you free now.?

Receiver: Oh yeaahh, Free cash

Alternate timeline where I joined HTB before THM and became a discord kitten for cubes

Yes bhai

Wanna come to small study room?

@pliant bronze waiting for reply

huh?

their cube system genuinely puzzles me, how do they charge for premium and their certs and still have their own ingame currency lol

huh

discord kitten hacker is crazy

🔊 Unmuted elizabethnoir

real

what the heck happened this time?

Stay safe out there bois, these things happen because of psychological vulnerability. Protect yourself, socialize regularly, and practice self love

ya even i am still confused , and i took THM's subscription instead

Puppy girl hacker polycule is a thing, so why not discord e kitten hacker? 😁

tbh i think htb modules are more high quality than thm

I tried hard to convince my boss to deploy uBlock Origin via GPO and similar but he was not having it for whatever reason

But fair Chrome kneecapped all adblockers soon after with the Manifest v3 changes

i think the same , as per what i researched

but once i get better on THM , i'll switch over there too

You can doooo thaaaaat?!?!

chrome cracking down on adblockers is literally 1984

bad word 🙂

Yeah via “Administrative Templates” you can apply third party GPOs easily

cuss words not allowed now

huh.

Guess everyone was overusing them.

I said a word that was not allowed to discribe how a home user was encountering PUP/Adware/etc

There're some words for which the bot will automatically mute you if you include them in a text or a link that you send

what words

let me test it

nice try lol

say them again

wait

ohhh

im slow

kinda like the species of cat that Enumeration got muted for because it was in a GIF's link?

anyways lol, yeah I so wish I was allowed to push adblocking out to all our users because holy crap would that save me tons of hassle

No , usually curse/swear words 🙂

My boss already uses Firefox

See if you can get them on board for running a PiHole VM at each site?

He won’t go for that and he tried prior to my hiring

Here, let me fix that for you.

Elizarizz

lol just groan at you all

At least the young and hip crowd accept you. 😁

Her new catchphrase is gonna be "I'm goNoirRizz you up"

I mean heck our new Unifi gateways also offer some form of adblocking but meh, I’m not jumping to test that though lol

Oh, you get the ones with the RGB Ethernet ports?

Nah, was just thinking of the Unifi Gateway Maxes, they just have white LEDs for the Ethernet on the back. You gotta go rackmount for the crazy RGB ones lol

Yeah they amuse me. 😅

Mhmm and I will say it can be killer at home too but sure not cheap

Wild to have mobile apps where you can actually monitor/configure basically everything

Vast majority of the time these vendor apps are crap

I missed out on an auction for Arista 7060cx-32s talk about expensive. I had two bidders against me, so stopped at $350... It went at $420, I should have stayed. 😓

And yeah, I like the home/small user first approach they took.

Results in a much better app experience but the time that start making Enterprise gear

Never even heard of that brand but yeah looks/sounds solid from a quick search

It's what I run in the HPC data center. They are about $13k each

Bit insane, but yeah probably much much higher scalability needs than our small to medium businesses

Do I need 32ports of 100Gbps at home, no... But at the price...

lolol

Yeah, I’ll be happy just getting 2.5Gbs network in order

I have these weird Wedge400 switches coming in now.

My SO finally acquiesced and let me take over the home network and whew, it was about time.

You had to ask? xD

So lol Unifi Gateway Max and self hosted server was the only thing I have done thus far

Also techie IIRC

ohhh

okay that makes a lot of sense then

Shhh, he works in IT as well, but finally admitted he doesn’t know shit about networking lol

oof lmao

I thought this was an app store for a sec

how to connect the

roles

to my progile

porfile

profile

Verify 🙂

I moved into his place orignally so I just kinda lived with it for a while

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

thm settings, copy token, discord type verify, fill in the shit

Everyone beat me to it

um why did my search go so wrong lol, I just searched verify like normal lol

aint nobody reading the bot stuff

Sassy Betta today

It should be under /docs discord now 🙂

bah humbug, but thanks for the info

that’s not going to throw anyone off

Non sequitur: I started Kung Fu this week. One of my senior students is a highschool kid with an interest in computing.
I told him to check out THM and discord.
So that might happen this weekend.

Its due to how to works.

The Student verification article was edited recently due to an event

done

The doc command isn't linked to a doc,.it just searches for the more apt one.

That makes significantly more sense, thank you

Gave +1 Rep to @sick lance (current: #2 - 3548)

Well, I've been up 2 hours past bedtime by now. Good night everybody.

Jeez, tell me something like that, and I have to just sit on my thumbs and not try to use doc command to mess with the bot!?

G’night! Was nice chatting

Ditto!

Night

Question about cert when will release??

It released

where I can found it?

In the website of tryhackme?

Go nuts.

Just use #bot-commands

Which cert?

Of ctf

interesting , Sponsored by PerplexityAI, me n my team got free enterprise pro subscription

#1347596304964124768

Oh, I was assuming the SAL1

Perplexity is good.

ILOVE TRYHACKME

my startup game studio had recently became business partner with them

verify

lol sorry but have you all seen the vibe coding “memes”, as a result of people misusing/misunderstanding devops?

heard about it but dunno what exactly is "Vibe Coding"

This is amazing:

vibe coding is basically like “eh just let AI do it” to dramatically simplify

LOL ok

Another work of art

I’ve seen people joke that this is going to lead to another 90s era of like dramatically insecure code, and yeah we’ve kinda been seeing that happen

lol good luck and g’night!

https://tenor.com/view/good-night-good-luck-dying-light-gif-12050200

have a good night

lol I’m not taking off, just wishing Enumeration such

same

When the cerft will release please

i have technical exam in 30 min (I'm cooked)

i'll start it after 2 hrs tho

No , we don't do that here 🙂

nothing similar to that?

No

well, worth a shot

Yeah youtube videos are generally awful for infosec content with a couple of exceptions. Honestly I don’t know what else to tell you other than experience and research. Report a domain to the registrar as shown in WHOIS and etc. But unfortunately there’s also not tons you can do beyond reporting something

Oh they deleted their message so that didn’t become a reply

I am not asking for reporting

I am someone who does that for a job

problem is, i want to learn how to hunt for those websites.

asking in office is bit.... lets just say difficult

Orange Cat 👒 hacker

Wsp

A lot of like professional ways to do so are paid subs, and doing so manually is a pain in the butt. Depends on how dedicated to this you are

nm

I am trying to learn manual stuff. Companies all tend to automate them but hire only if you know manual.

If you’re just looking to take down malacious websites without pay, that is unfortunately just a never ending battle

my company has automated system and I have learned many stuff from the research team. problem is, there is advanced training for hunting and i cant get in cuz my own rank and team is different. As such, i cant move forward. Asking for this through managers affects (office politics sucks) and hence asking here

Then branch out opsec wise from every lead you get from a suspect phishing email or malicious website you find, trace every extent of their infra and find other exposed resources they have and etc

You’ll start to see a couple common patterns of infra that you can learn to parse easily

interestingly, I started doing that recently and got some praises and hike but i still cant touch on how to actually find them till end.
I know URLscan.io, FOFA, Hunter, and netlas

and been doing on that for a while

although frick all the ones that put themselves behind cloudflare, not R2, I mean the Cloudflare “are you a robot” prompts

but as i go further, the more advanced scam methods are found. and guess what, that is becoming a road blocker

Gotta love defensive tech being used to defend malacious tech

mhmm

one road blocker is one I just mentioned

I can hunt hours to only to find 1 or 2 scam sites. During that time, hunting team finds like 20-50

and you kind of have to pray that their opsec failed for a moment and is leaking something from their server directly, but not common

all depends on their infra and how advanced

and as our company buys paid subscription for everyone, i am using similar stuff as them

yet I fail to get same results. heck even close results

any path or anything will help.

I mean if that is the case, I would see zero shame in asking a buddy internally, like “what’s up with x, y and z?”

I am sitting at road block right now and I want to go ahead

thats the issue. I am doing that but honestly, thats the politics i am talking about

everyone keeps their ears up

ugh gross understandable

i got a buddy in research thats why i can do this much

but nowadays it feels like people are keeping an eye on me

good or bad, i dont know

Yeah I can’t even comment on that, sounds weird, but fair not much more weird than my own hellish small business IT things. Not sure if I have a good answer beyond what I’ve already said lol

I just know I’m always ingesting RSS feeds of issues like BleepingComputers and CISA Known Vulnerability Catalogue adds. I do try to work with my co-workers when possible, but fair we also have some weirdos and politics going on. But generally beyond the THM OSINT rooms you have already done, I don’t know if there’s a ton of guidance, I just know they helped me with daily tasks/tools that were invaluable

even with our pretty great anti-phishing solution, I still use phishtool which I learned from THM nearly every day as a second opinion (also because the [view body] doesn’t work as well in our tool lol)

no worries. I will continue to search for people outside my company in same domain to learn from them. Hoping i can find someone in similar discord channel as this.

Totally fair!

However i can say this. This domain is far bigger than what i anticipated

when i first stepped in, I thought it would be very small. Since spending a good long learning sooooo many new stuff, i can say the war between us and scammers is too big to not go unnoticed

Oh heck yeah, it’s sprawling to the point that the most advanced adversaries you can never realistically pin down. Just give stats about lol… or honestly just goes for most adversaries unless they really fricked up on opsec (which lol can also be common)

https://tenor.com/view/baby-yoda-sleep-baby-yoda-tired-zzz-grogu-sleep-grogu-tired-gif-19438315

Me right now:

Good night everyone, or perhaps good morning, good noon, good afternoon, but for me it's uh..morning.

G’night Guinea!

dude time to wake up

its saturday morning

U want stats? 1m+ URL a day (most of which are new)

it does kinda suck because I love digging into what infra our adversaries are using and etc. But I can make no meaningful difference reporting on or acting on that info due to volume (which is still significantly less than yours)

honestly, i lowballed it cuz thats what i once saw on a graph somewhere on my research buddy pc

Heck I’ve seen aggressive domain squating/spear phishing campaign. I did escalate that to my boss who just asked Google DNS (at the time) pretty please delist them (with proof). Yeah that went nowhere

I can help

share me the URL in personal message if u still have it

heck, i can help anyone here who needs it

I cant assure website removal but I got like 60-70% success rate

Thanks but lol they’re not a client of ours anymore due to completely unrelated VC pump and dump tactics

well, u know whom to come to when u need that work done

oooor if u got a referral for me, I am there

lol

lol sounds good, thanks for mentioning it

also lol this is basically a mom and pop MSP so nah you don’t want to be here

just so u know, i will do that by unofficial channels. Using official channel will be seen by managers and well, u know the deal

Fantastic first IT job for me though since I got to wear “all the hats” for better and for worse

I only got blue hat

....

lol come to me if you ever need dreaded “compliance manager” hat 🙃

heh I’ve done much more than that, but that’s one of my least enviable but still useful ones

bro finally I figured out this log poisoning shit ive been stuck on😻

How do you do that?

lol I am curious as well

its pretty easy

I can do a small video call if u guys want

because registrars generally don’t care or give us the time of day

its actually knowing stuff and creating a good reputation

No video needed, just some information.

Yo Google, you all have this domain which is one letter off from our client’s business, and they’re sending spear phishing emails with real names. Please help.

Guess doesn’t help when Google was like “oh domain registrar is really hard, we give up” but lol

Just find a website, find hosting and registrar, and see who is best to report (if its just directory, hosting. if its whole domain, registrar)

u dont report it to google or cloudflare

u go where they are registered

Registrant -> Hosting -> Registrar -> TLD -> DNS

this is a standard process

How do you purpose to find hosting when Cloudflare protects the malicious site, and WHOIS is private beyond generic abuse email?

@sick lance Please contact a site staff to remove this guy https://tryhackme.com/p/ConnorHack it been a day and he isn’t removed still

You've been told before, staff are aware.

Okay

Harping on about it every day won't make them do their job any faster. 😄

unmasking

How so

u can report phishing/trademark infringement on cloudflare

they will send u a reply within 48 hours

Cloudflare won’t even return any of our emails

with actual hosting

they dont reply emails

thats the thing

they have a dedicated form

same is with most hosting/registrar

each have own methods to report

…post on a forum for Cloudflare? Somehow I doubt that will make much difference

heck we were trying to give them business but they ignored us entirely

We don't respond to E-mails, but a pubic forum, we're all over that. 😄

https://abuse.cloudflare.com/

lol

report here

report trademark infringement on this. U should get a reply from them within 4 hours

Anyways I sadly cant since all the cloudflare protected stuff I see is “small fry” phishing which I’m not supposed to spend too much time on. It’s very rare we have a very serious spear phishing threat

but thank you for the info

Gave +1 Rep to @idle beacon (current: #2764 - 1)

thats actually wrong. Nearly all major stuff is guarded behind cloudlfare

Vast majority of my digging into threat actor infa is for fun. I don’t get paid for more than 15 minutes of me handling the phishing