#general

hi

My dog

No way💀

is that a dog

Yes

that isnt a dog

is it

okay

It is

I thought it was a rabbit

as long as it's not United.

but then i saw the tail

lol

looooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooool

tbh

I just think it would be the most Spurs thing ever to win a trophy after this long and still fire the manager at the end of the seaons haha

may the best team win

It is man united, but the finals

I mean the most spurs thing is to not win a trophy for well over a decade and sack a manager that hs a 100% trophy rate at clubs hes been with a few days before the final................

Nah United are garbage

^ this is also true 😄

the spurs comment, not united

I know I was talking about the finals, it’s the finals who are difficult for athletic bilbao if it pass

I have a very questionable wishlist

hi

how I can disconnect my token from my discord acc?

You can't predict a final tbh man its whoever turns up on the day

https://tenor.com/view/doggy-dog-dog-jump-rocket-dog-dog-meme-funny-dog-meme-gif-26773021

whichevr teams end up in final

Including gloves, lockpicks, a mask, raspberry PIs and a wifi pineapple

its anyones trophy

I know how to lockpick

• 1

I am getting accessories

Like the comb picking toolkit

If I wasn't spurs fan, I would totes be rooting for Bodo/Glimt

I have a tutorial that my friend made on discord, it is very easy to understand if you ever want it

how long does it take to learn lock picking? to be able to pick lock within reasonable time

I can tell you some kit to start with

Yh i think everyone is

That are cheap

Different locks have different time

1 week for low level stuff like doors

anyways forget football, back to studying!

I bought from Amazon the visible lock and those picks

Still depends on the lock

I one time lockpicked a car (it was my mom one)

but couldnt do it

But usually they aren't hard

It took me an hour for the first time

I was putting to little tension

Then too much

Had to find the right balance, then it took me about 2 minutes

was watching lockpicking master on youtube

he recommended buying tons of small locker locks to practice

but then I failed at learning to pick the transparent learner lock 😦

maybe I try again tonight

Let me find for a github tutorial my friend made

for physical pentest?

"athena" room was fucking diabolical

was fun 2 hours tho

No lockpicking but lock-picking is very useful in physical pentest

Here it is and mb it is not github it’s a google doc

https://docs.google.com/document/d/1bHlBkW4c-stfhs-kY48Kl3JxTalIZVkZ_vlP3NjgrIY/mobilebasic

massive thanks

Loving the John the Ripper room so far, its pretty cool program

It’s still in progress tough

yeah everyone would fall for that

But it is near completed

Ahh free 50$ damn

Don't click on that link.

Done!

LMAO ofc

wow it is super detailed

is your friend a lock smith?

Thanks Jabba.

batman

He is in this server @real temple

So maybe you can ask him, he’s a good guy he can help you

help me on what. not sure if he wants to speak to a noob

Nah you’re fine

How?

nah that's odd

how, what ?

I will read his notes and watch some youtube

Put that picture there

thats from fastfetch app

Neofetch?

Oh ok

and iirc it can only run in zsh and kitty terminal

Is that arch?

y

Nice

it's like a daily ritual huh? I see it one everyday with a new background 😄

looks good

smth like that heh

Hi

Hello.

Are you the one that's wanting to learn lockpicking @gusty inlet

No... who's asking to learn that?

@dense minnow

And I think @dark mason

Oh hi, yes I am the one

I alr know how

Hell yea

how come you all know how to lock pick

God damn what a long day, finally couch mode

Useful hobby, especially if you do physical test security

Man it took me 3-4 hrs to finish Windows Powershell room in cybersec 101, and linux i just flew by in 30 min that too coz idk what happened once I had to reboot attack machine, coz terminal wasn't in readable format anymore when I used ||cat /var/log/authentication.log||

https://www.msn.com/en-us/money/news/world-s-first-10g-broadband-network-launched-in-china-how-fast-is-10g/ar-AA1Djvq9

Uurm what the heck

10G

Is this real?

yes

https://tenor.com/view/xi-wazzup-beijng-china-xi-jinping-gif-14279522050910085087

glass fiber is quite cool when it comes to speed

yeah it does not heat up like copper wire

for a start yea

no heated cable == cool

I hate KOTH cheaters sm

like yeah bro…root in 2 minutes yikes

are they using write ups?

lol imagine running greenbone against a box

You do know the machines don't change?

You can literally set up autopwn scripts.

Which is a skill of its own and only shows mastery of the vulnerability. Using other peoples scripts are one thing but writting them takes skill and they deserve to beat there best time

https://tenor.com/view/namaste-sensei-solana-pandaste-love-meta-gif-5206417815052725877

https://tenor.com/view/tyrannosaurus-jump-jump-rope-gif-5762605

@loud marlin soon 🙂 Thursday

does anyone know if for king of the hill there is like a trick sheet for king.txt?

hehe. now you wuill have plastic garbage room

How i can rank in top and i want to join team

Hello Mr. Toast.

.

Look around, there is some kicking about GitHub

DO you recycle or try to recycle?

can't. do not have any way to bring it back in spool 🙂

bat i separate plastic in special bag. since we can do that as recycle

Glass fiber?

Yo, new python room

Just when I was in the mood for Python

Thank you THM for keeping me fed

(And the team that put this one together)

I sadly stopped cybercecurity for now cause I have an important finals at the end of next month, I have to catch up on many things

Good luck then

yes. fiber optic

You mean wires made out of glass or what

in some sense yes. there is no cooper wires. glass "pipe" that is used insted cooper

glass can transfer way more data in sigle wire

I never knew these existed

Glass transferring data is crazy for me

where you from. fiber is not new thing on the marker

Yes I know

I taught wires were only made from cooper and things like that

But glass?

Anyone here

well... is wire made of glass

By studying and doing CTFs/Challenges

?

?

guys I need your tips, I'm too lazy to read books related with CyberSecurity, how do I start reading if I had never done it before?

welll... youtube i thing

Let’s end this here, cause I don’t know anything about fiber optic, the only thing I know is that it is underwater and it is very fast lol

Underwater?

I suppose yeah, some of them

These lamps are fibreoptic

there's a lot of cool vids related with cybersec on yt but I want to read!!! Youtube isn't enough.

damnnn

It's not all data

yes. that thngs

Any ctf ?

I don’t even know what fiber optic mean?

What’s optic lol

cos it use light to send data

not electricity in way as cooper wires does

On TryHackMe, yeah, there's plenty

Oooh

So that’s why you were talking about glass

I taught it was glass transmitting electricity

yes. they are made from glass as main build medium

Copper wires send bursts of electricity for data, fiberoptic is light iirc

Got it

Can you come private please

and fiber can transfer more data in one wire... not sure what amount, but waaaay more then cooper

Got it

This a room ?

We are aware of the Alert pop-up and are investigating.

Please do not worry, we know what the issue is 🙂

Edit: Issue is resolved! @mossy river explain to me please

Just a bug on the website - that announcement was purely to let the people speaking in chat know

I'm going to remove it to avoid causing any further confusion one moment

Oh so website nofications from discord right

Yes

Oh how this happening

Big ups Jabba

Thank you havva

Jabba

We're all typing like crazy tonight

Evening chat

I got my red

evening

NIiiiice

How’s everyone doing this evening?

Congratz

Ay nice

fine fine , wby?

Not too bad just chilling a little before I hop back on the grind

cool

#rules

?

I'm new I'm checking rules

I'm just trying to get my hacked roblox account back😭

No one here will help you with that

Contact Roblox support, that's all you can do.

This is illegal, and agasint our community rules

contact support

Your only option is to contact support.

All they tell me to do is create a new account😭

well... that's fair

so you come to tryhackme's discord?

Ig

I'd recommend investing in some preventative measures; 2FA, Don't click on links, Don't download exploits and have a secure password

Since your alr here forget roblox and create a tryhackme account

best gaming you can invest in

lol hes gone

Just remember @grizzled veldt if a stranger on the internet did this, there's no guarantee another stranger on the internet won't do the same.

Nope

Where

My new rank refreshed!

Congrats! 🎉

Rank up 🥳

I don't think there are any more colors for me 😦

I will get that legend rank

Yall so sweet

U already r a ledge

Nawww

Fitting emoji

I think green is the cap

I yearn for the green

🫡

i love you guys!

did they get rid of the 5% discount

"as a child, i yearned for the mines"

also these are not using lasers that can ruin your eyes

which is good or it would have made so many kids and adults blind

I guess, or it's less obvious

show off lol

Just trying to show the pop up 😦

I have a streak of 0 😄

its pretty impressive tho

LuL

it is not matching up

Lmao nicely done Shadow

The brand new Red person has a pretty impressive streak too

Me?

Yah

🔥🔥🔥🔥🔥🔥🔥🔥 GREAAT!!!!

174 now is it?

It’s like 1/10th of shadow

Yes its 174

Still better than me lol

still quite the achievement to get over 100 days

Idk I’m never happy

Yah

shadow is just so ritualised repeated action

lol thats W

I gotta go poop poop before I sleep sloop in my meep moots

I smell inspect element 😶‍🌫️

Ya we can’t all b like shadow

Eventually

It's the goal

I learn script pentesters in cybersecurity 101

Does anyone know if you get anything if you rank #1 in your country during the month?

Like python

Or is it just bragging rights (if you notice it)

ralex streak is honest

only 156 days left then shadow gets max streak badge

if tryhackme wanna screw with shadows max streak badge quest now is their chance

i.e by adding even longer streak badges

🔨

would not be oposed to it happening but think the 1500 day cut off point is good

Does the flame turn blue at 1500

don't think so unless you mean the badge color

Celcius or farenheit?

Im off of work Im going the fuck home

holy shiz mannerstyle and shadow are literal bosses

is there anybody who can help me with an issue I'm facing with my laptop's keyboard

heck even ralexander

HOW TF DOES SOMEONE GET OVER A THOUSAND DAYS

😦

We're getting there don't worry

yeah i just gott go for um

940 days

no problemooo

Mine isn’t real sir

ah thought u guys managed to break a bone or two 😂

dont worry itll be our secret

They r legit tho

fookin insane holy moly

like goddamn 1000 days

i wonder what someone learns in 1000 days

I assume they did it by doing a question/room every day for 1000 days

whatever they did im sure it has a lot of weight in the grand scheme

What issue?

small wins compound big time

im almost curious to ask what they learned during this time compared to say a 100 day streak

too bad i get perma ignored, but still

i can wonder 😂

Speaking as someone with nearly 200 days started with basics and learning paths, I’ve swapped into things I find fun sometimes but went through a mixture of red and blue paths to develop the knowledge that supports both

I am doing more malware analysis for the moment cause it’s fun

damn that gotta be a solid base - do you feel you got a somewhat good idea of the way things work wiht 200 days?

I have the overwhelming feeling I know nothing

So probably

so firstly I'll explain the situation, then the issue.
I've been playing some high end games on my Asus TUF A15 but it ran smooth no issues as it's got 16GB DDR5, RTX 3050 4GB but recently I noticed the keyboard sometimes respond after a few seconds and sometimes overdoes the tap. so I think there's something wrong with the keys or maybe idk what's the issue. they just do not function properly

ill have to recheck in 300 days huh 😂 nah im sure youll understand with exposure. everything connects after all

Hello, Do anyone knows about CyberWarfare Labs (CWL) certifications?

Yer I’m a big believer of the more you learn the more you realise you don’t know. I just so happen to see that super clearly

My advice trouble shoot it, try another keyboard try it while typing outside of gaming for example

With the info you have rn the answer of what could be wrong is far to wide my advice do more testing to find out what’s truly going on

doubt is not the end but beginning of wisdom, or something like that. But uh do things make more sense even when things make no sense? like do you feel you can do something with the skills you learned

?

Oh 100% I know what I need to do i see the things I should do just don’t always know the exact mechanisms if that makes sense?

surely, thanks

hello everyone, sorry the interrupt the convo. quick question for anyone who would know. I am looking to find how I can earn the wireshark/packet analysis badge

ooo so its just a matter of details huh, thats pretty sweet ngl

Normally gives you a breakdown of what is required for the badges

i think you understand the connection with all topics its just a matter of reinfocring hte small leaves, if THAT makes sense 😂

Yer I’m lucky beyond logical brain and good methodology

just says:
Wireshark

Competent with Wireshark & Packet Analysis

One sec let me look

well man, in that case i cant wait for my 200 day streak 😂 thanks dude

Gave +1 Rep to @upper knoll (current: #175 - 49)

Take good notes you’ll get there it’s about doing it for fun at end of the day

thank you !

Gave +1 Rep to @upper knoll (current: #166 - 50)

dude im going in here hoping one day ill be able to save the world 😂 but ngl it gets really fun with the walkthroughs

enough that without note taking or rubber ducky teaching you forget a lot

Do anyone knows about CyberWarfare Labs (CWL) certifications ???

a... rubber ducky?

in lack of human to human teaching speaking out loud to teach a rubber ducky helps enough

Sure

right... but why not like a teddy bear?

i mean at least theyre cuddly and dont make soudn>:(

because hackers like duckies
but yes a teddy bear also works

Simple answer is I’m not 100% sure your right it does just say that however if I was to guess just do this wireshark module?

I was thinking of another rubber ducky lol

How are their certs ? And are they recognized in industry ?

Quack quack

but no shadow shadow - like tell me tho- how do you feel next to a computer? like do you feel you can like xray vision every litte nook and cranny (with your good friend rubber ducky ofc)

im genuinely curious on the level of expertise someone has technically after that much exposure

hmmm that could be it actually

That’s my guess

I wish you the best sorry couldn’t give better answer

meep moops time for sleep sloops to beep boops agains

riiigth guess the mystery of a thousander next to a computer will remain a mystery

gn

that was helpful. I'll take a swing at it ! thank you !

Gave +1 Rep to @upper knoll (current: #163 - 51)

Happy to help!

oh generally shadow has a very good grasp of all the stuff their computer does and runs

after all running arch linux and setting things up so it works how shadow wants includes knowing what to install and how to configure it

@upper knoll congrats on the new color!

Oh ty

fascinating fascinating, thank you for the little perspective

no problem

one of the things with music is when you listen to it as a producer, you can tell how everything is owrking together

im wondering if thats kinda the same with you

like you know how weverything is owrking otgether as it runs and then are able to manipulate it to your liking

hmmmm:

i love porter robinson 😂

BUT SHADOOWWWW im saying

like

computer wise

do you feel like you can literally do anything iwth it? like you understand the systems behind everything

Which module is python pentesters ?

well for most stuff... still have trouble writing udev rules

ill take that as a yes 😂, right imma let you sleep now
WAIT IF YOU LISTEN TO ILLENIUM
URE EPIC

Yes to illenium

Big approve

yeah got recommended a few albums by a huge music person and decided to buy the ashes album by illenium

id recommend tristam if you like more emotional sounds, but gn for now 😂

also known as their well mastered music list

and that picture actually shows 3 programs at once

it is a terminal emulator which you can't descern is ghostty without shadow telling you
it is tmux inside said terminal
and lastly it is cmus for music player

sigh leave it to shadow to somehow make even listening to music an alien console 😩

um

i use youtube music:D

haha fair

sleeep nowwww

shadow prefers drm free music formats

eh you made shadow wait until 23:30 to go sleep

not lossing much over just 15 mins less sleep

• this lets room temp drop more while it is cold outside and window is open

fair fair

i mean

if you want

you can listen to um

tristam bone dry

its kinda like illenium, but more bright and fun

used for rocket league a long time ago

or if ure going emotional

fave track is tristam vine

Yea

if someone manages to find beauty in tristam, ill love them forever, dude was what got me started with music in the first place

will look into it

DO TELL

HE IS MY GUILTY PLEASUDFRE

https://youtube.com/watch?v=bltbJ2TUQWU&si=Cz0rxNIROkDTWqYV

nice 2552 tracks in shadows music collection :D

hm you into any specific genres?

i saw a common of electronic music

clear vocals power metal seems to be shadows biggest section of genre

metal... METAL

why metal

anyways now it is time for sleep

aight gngng

tristam

remember

I do love some good metal icl

i never really understood metal, as an innocent music producer who wants to be open-minded

WHY METAL @upper knoll

I grew up listening to my chemical romance and green day with my father

From there went slowly into metal in my teen years as the music had lyrics I related to

hm if you were to give a song that you think really does metal well, which one would it be?

imma give it a listen. ill be honest, havent listened much to metal

Umm

It depends tbh

It’s such a wide genre

hmm lets put it to you then, which one did you have the best memories with:p

That one does metal justice

For memories gimme a minute to search playlists

ngl

i like it so far

honestly can imaging going to the road with this one. I love the power it brings with the soft start

Either of those two or more linked to me songs

bro making me going back to supernatural with dean winchester. I freally like i dont mind, didnt realise metal could be this expressive

Mhm

That’s why I got into it

NO WAY

supernatural fr 😂?

I know the show and did watch it but the expressiveness of the music

ahhh fair fair, thought for an instance i met a doppelganger. yeah bro ngl these days ive started realising music can be expressive in so many ways. its not limited to pianos, violins or soft electronic beats

this is beautiful, thank you for sharing and opening my mind!

Your welcome

I’ve listened to music as long as I can remember

did you start with metal or another type?

My mom was like 1980s pop

I did not like it

My dad use to listen to my chemical romance and green day in the car with me so that was my starting point

American idiot and welcome to the black parade

yeah i took a moment to listen to chemical romance - weclome to the black parade

Yall learning about me tonight

everyone has a story man and itd be the height of ignorance for me as a musician to deny another genre's beauty

so thank you bro for opening up, it made me inspired

hm maybe ill create a track based on some metal elements and share it with ya:p

Your welcome imo all music can be beautiful it’s just in the “eye” or ears of the beholder

id take it a step further and say all music IS beautiful, its just a matter of seeing it differently (kinda like what you said)

other than um 1980s pop ofc

I have always just loved music

And technology

dude has it to be made into a music producer

dude fr if you like technical shenanigans and like music, and dont mind bopping your head on the table when the mix isnt just perfect, music is epic

it always starts with the love - the music produciton journey

I'm a fan of duran duran personally

I’m too logical for creative arts icl

Particularly invisible or hungry like the wolf

It also works that invisible became such a popular song again

nah man its in humans to want to learn and create as a wise man in this server said. ive met some of the most technical people actually come up with some really good ideas.

creativity is a msucle dude, and the fact that you like music is more than enough of an indiciation you have what it takes

or at least thats what i believe after 9 years 😂

Makes sense

Tbh I love my cyber sec stuff

yeahhh im tryna develop that when im not crying about networking essentials 😂

wait dude

did you enjoy learning all the technical stuff or did you start enjoying it when you were able to apply the knowledge in like challegnes or walkthroughs

im muscling htrough all the networking shiz and writing down diligent notes, but i wont lie sometimes it does feel more discipline than fun

LAST QUEWSTION I PWOMISE

So

When I got taught networking stuff at uni

Hated it

Loved learning it this time

Prob the way they taught u sucked

before

It’s about perspective this time because of the time I had at uni and time in between I realised not knowing the essentials would only hinder me so I enjoyed it this time

But yes that’s also true

yeah im in a similar boat lol, i basically bsed uni and now only starting to realise perhaps i should have paid attention to that assembly class and im def motivated to learn all the networking shenanigans, but i cant say im daning with joy at the propsect of learning it

If you go in with that mentality you won’t

I know the lovely bean who wrote most of the networking content we went to the same uni

I have personally thanked him for making me not hate it

It’s going to be less painful than you realise and it’s so so useful

oh 100 percent bro, im locked in and i have no doubt about its usefulness

ig im just worried bc i dont feel "passionate" about networking, just pushing through, makes me scared i wont have what it takes to be competent bc of this lack of passion

at least in networking

loads of fun wiht the walkthroughs and shell

What is this for?

Just go in with an open mind I went in with a closed and hatred and came out happy and knowledgeable the content on thm for it is well done imo

And I tell anyone who asks that

I meant is it school work

its on of the things i have to do for my final exam next week

yes

Can’t help

Check the community rules

right, thank you man. ill be doing that 💯

Gave +1 Rep to @upper knoll (current: #159 - 52)

https://tenor.com/view/chat-are-we-cooked-chat-are-we-cooked-gif-3488095719416147301

oh oof my bad

Allg

U don't need to love everything bro, it's fine and normal.

me Current Setting Required Description

DBGTRACE false yes Show extra debug trace info
LEAKATTEMPTS 99 yes How many times to try to lea
k transaction
NAMEDPIPE no A named pipe that can be con
nected to (leave blank for a
uto)

how do i fix this in my kali box

metasploit

unreadable --a

what exploit is that for start

eternal blue

oh. for thm room?

yeah

intro to c2

best might to cehck writeupps

yeah im watching one n following but my kali box is brand new

so its still got some ironing out to do

you sure you use correct exploit ?

Use code blocks next time this a bit odd to read also check ur options
msfconsole && show options
U are rn missing or just not in the copy n pasye
DBGTRACE, LEAKATTEMPTS, and NAMEDPIPE

Too lazy to put 2 code blocks

ohh its fine now i just had to change the size of the font i guess

as i reat the correct one ia exploit/windows/smb/ms17_010_eternalblue not one you select

(exploit/windows/smb/ms17_010_psexec):

w8. you have issues with font size, not exploit it self ?

That's diff no?

yah, i just got on kali lol

oh boy

Btw if it’s for a room #room-help is the place to talk about this

didnt know it didnt alter it

lol

i was thinking with exploit it self

sorry by bad thanks tho @loud marlin and @bleak quartz

Gave +1 Rep to @loud marlin (current: #25 - 401)

Np

yeah ive been on the attackbox this entire time

ETERNALBLUE overwrite completed successfully (0xC000000D)! u were right that was the wrong exploit btw @loud marlin

heh.

thank you bro, that was encouraging 🙏

Gave +1 Rep to @bleak quartz (current: #756 - 7)

Ms 17 010 💔

https://tenor.com/view/hanna-ball-kitten-soft-fluffy-kitty-cat-paws-gif-2803341425267067710

Hello hope everyone is having a good week so far.

Hey everyone I’m new

hi new im bee

That’s so strange I can’t react to your message

they might have changed it since i was last aware so that unverified users cannot react?

Ohhh how can I get verified?

!verify

does that still work

!verify

#start-here

look through that idk what im doing

funny asnwer

im a funny girl

kudos

Its / verify

yeah, but i was looking for the command that gives them the doc on verifying

any nest js dev here?

not a single one

this is bad question etiquitte. dont ask to ask, just ask

this a bad response etiquitte don't respond to respond, respond if u have a good answer

this is bad counter response etiquitte, dont respond to response by responding with bad response etiquitte response, fix your question

why do you need a nest js dev? what is your question?

Im having a bug

not a thing related to cybersecurity

its literally right there https://dontasktoask.com/

this still doesnt answer anything

dear lord

Sorry I know this is a dumb question but where can I find my discord token on the tryhackme site?

should be in your profile settings or something.... been awhile

https://tryhackme.com/manage-account/account-details

beauty

Thank you

Gave +1 Rep to @wind lake (current: #70 - 126)

thank ralexander not me, they actually gave you the page lol

YESSS IM VERIFIED

congrats

welcome

bored

src/QRCode/qrcode.controller.ts:22:10 - error TS2305: Module '"./dtos/qr-code.dto"' has no exported member 'QRCodeDto'.
4.758
4.758 22 import { QRCodeDto as QrcodeDto } from "./dtos/qr-code.dto";

i m having this failed imports while everything is actually fine

well if everything was fine you wouldnt be having failed imports

okay thank you

what have you googled thus far?

bro

is it not a valid question?

if i m here listenning to u i have googled so much

how can anyone help you if they dont know what youve tried?

good luck being an obstacle rather than helping me

im asking you what youve tried so i can help you

as to not waste either of our time

firstly i checked that i have the same file name ( that im importing correctly)

i checked also if there is another mismatch

i saved my files

google didn't help me much

What is internal virtual ip address

have you made sure that QRCodeDto is defined properly in the file

yes ofc

have you restarted any services involved

dont know what kind of project it is but is it on github? have you checked github issues?

its my project

i mean like

/dtos/qr-code.dto

is all of it your own making?

yes ofc

why ?

i was wondering if it was something you were using off github thats all

Thank u

Gave +1 Rep to @wind lake (current: #70 - 127)

I will use chaglt

you can do that yourself next time!

Chatgpt

nah! probably a bad idea!

i dont know about the type of dev work that youre doing. but i am trying to make sure you are troubleshooting correctly. so unfortunately, i cant help fix your own code. but good luck

ty for trying

anytime

except 19:00-07:00 MST

chill

hey man i gotta take my time to sleep

do you have any actual cybersecurity questions? im bored

what do u do in the field LOJ?

I feel myself loser I dont know why

great cyber security question thats fantastic. so what youre feeling is actually because of DNS

I want to know what you speaking about to know everything

No Dns is easy to me I know how to work

What lastest news you talk about

im on a blueteam for a managed detection and response service. spending a lot of time with converting alerts and hunts from old proprietary stack to sentinel. some detection engineering, some use case testing

if DNS were easy to you, youd be in the field as manager of DNS /s

I will take many things in tryhackme blueteam and redeam

I have just knowledge of it

ill be honest i havent been keeping up with the news a ton lately.... but the ontario police department allegedly used israeli spyware on citizens so thats pretty messed up

Which city is that

it is a province in canada

Oh so in each web have dns manager ! 🤣

Omg who will work on this stuff

He should dont sleep

ya ya im kidding

How

To know my dns manager

its not a real thing

i was joking

I search about it its real

well i mean

SOMEONE manages DNS but

whole organizations

Got it

hooray you learned something new

uh

uh huh

I have strange and mixed feelings

me when i

Do not make fun of me, you have no idea what it's like to lose your extreme spray tan

you wot

The old Oblivion guards looked orange

Thats also my pfp

New ones look like they were microwaved for too long, but are no longer orange

Off to hell you go!

To be fair a guard once chased me into an Oblivion gate for stealing a sweetroll to give to Fimmion

If a guy is willing to chase a highly skilled assassin into literal actual Biblical Hell to get a piece of pastry back, im pretty sure hed be ok

Those guys did not mess around

Questionable background, top tier style & design

thx lol

what is this why is there titties in my 13+ christian server

my static site im making. ill delete it if yall want lmao

idc i was joking

okay lmao

Hello i need some help

i might be able to help

idk tho

what is it?

Ok so in linux fundamentals part 3" i am typing the correct flag but an error is occuring

send screenshot

i have that room done i should remember that part

Ok i send the screenshot

Could someone test prox.anyvm.tech:6090 on pc

no

Doesn't work on phone cuz yeah..

well what is it

Proxy

Web proxy

what flag is it phosphorescent

i have the room pulled up now

its part 3 right?

Yes

Task 3

are you using curly braces?

Yes i even copied and paste it but it's showing me that an error has occurred

try refreshing page?

Ok

dm me im not allowed to share flags

here

you what

?

go to #room-help

what is that and why are you putting it in chat

I literally got no pc nor anyone to help

with what

you just pasted a proxy in the chat and said help

Testing if it works

whos is it?

Mine

why would anyone test a random proxy from a random stranger

boys and gals

It's a web proxy vruh

https://prox.anyvm.tech:6090

is learning proxychains the best way to hide activity during pentesting

the best way will always be dependant on context

is anyone having problem with ngrok when using

webpentesting and network pentesting

HiddenEye

i mean situationally

ooh

that is not my area of expertice tho so i cant say much

what do u do

im not in that field

what do u do?

OH

lol sorry

managed detection and response blueteam/L3

oyy

thats cool

i was into blueteaming in the beginning

it has its moments

the love wore off

yeah

i feel u

You will never have to hide your activity in a pentest

That's... Not the point of a pentest lmao

ye in a pentest ur authorized to do what ur doing

ye olde redteam vs pentest dynamic

i always forget

I mean, proxychains does come in handy with certain red team approaches, but not usually for obfuscation.

i hate when client says "were doing a redteam exercise" and then tells us the machines and IPs

im tb redteam activity in general

You'd generally use it to run local tools through a beacon

yes that makes sense

most fun i had at work was a purple team with mandiant

watching them work cobalt strike while i hunted

Be specific then 😆
Either way, the answer is generally no. If you're trying to obfuscate your location (e.g., to emulate a threat based elsewhere), you're generally going to be better off with a VPN, or just outright hosting your egress gateway in the target region.

Why fuck around with proxies when you don't need to?

why do ya think TA's use local ISP home routers

They're useful in situations where you need to push traffic through an existing connection.
Example above: you've got an implant running already and you want to execute something like bloodhound.py. Way easier (and generally stealthier... not that large scale enumeration is ever really stealthy) to do it locally than try to run the sharphound.exe collector on the compromised endpoint.

are you saying... run it through the implant? my brain is not interpreting things rn

Yes.

yeah okaty

thats logical

i thought so

Use the implant as a proxy, and run the tool on your local machine

yeah yeah right

So the compromised host still does some weird network stuff, but there's no additional malicious process

theres an easy way to do that with sliver i cant remember the command...

yep 100%

otherwise its on disk?

I mean, preferably not lmao.
First backup plan would be trying to execute it in memory (e.g., as a BOF or via execute-assembly).

The one advantage of C# tooling.

yes of course

YEAH execute-assembly thats it

atleast to CS version, but iirc its very similar in sliver

Then hoping to hell that the monitoring solution isn't very good at scanning memory

generally it is not

weve had issues with in memory stuff quite a bit

Some are better than others. I will leave it at that

velociraptor helps, but its on a case by case, custom hunt basis

for some people who have velociraptor

I've seen some which just let you run wild once you're up and running.
... and I've seen some which are on you constantly.

i know of a number of places that do but dont use it properly

id like to know which platforms are on you constantly

Not sure I can tell you that, but I will say it's a commercial product I'm thinking of. Not anything weird or in-house.

yeah for sure

my guess is falcon but you dont need to say shit

I mean, I don't need to compromise anything if they're running falcon... Just wait for an update and flip a coin over whether every machine in the org will be bricked

LOL real

Doing my job for me there 😆

@pallid lotus do you make custom BOFs?

On occasion

interesting

yeah idk man BOFs are my greatest enemy as someone trying to do any sort of detection engineering

also impacket on a black box is stupid

specifically secretsdump

What is talking about

beacon object file

What is this I will search for it

yep search for it

Its c file but I seamess to me diffcult

not just a C file

what is it for?

Its for c2

yeah

and why would you want a BOF?

To attack the c2

nope

Will it seems diffcult to me

Well I will know letter☺️

Later**

... Wut

Quick delete

thought u were talking about a buffer overflow for a second lmfao

Because I dont have knowledge in ig

it

Its fine☺️

We will know better

It's a way to execute custom code through an existing beacon. An evasion method.

Great 🤍

Think of it as an extension of the beacon. A way to add extra functionality

Thank you🤍

Np

I will know it by the knowledge

I like cybersecurity as series

Or a game😍

Taylor series

I search about it its insane

lol

sorry im dumb

Not you. There was a deleted message in the middle lmao

IM NOT ALL HERE

oh

okay

lmao

Oh sorry for the late response , what’s your opinion on hackthebox Sherlock’s - are they similar to real world scenarios ?

https://imzodumb.github.io/blog/ blog is now live

never done em

HMMMM

Interesting..

u like ?

@shell trout no unsolicited dms please.

@rapid merlin i guess no like 😭

oh yeah i do

sorry

cool

didnt see ur messsage

people are doing xss on it already

ill have to patch that soon

You did post a homemade site on a gc full of hackers, that one's on you

im not mad about it lol

Good, cause it is kinda funny and i'd hate to laugh at someone's unhappiness

ahahahaha

How long did it take for the first attempt to happen?

60 seconds

first thing they did lmao

Nice record

Next time someone posts we'll check again

That is the record to beat

im gonna take it down later tonight and repost the update version that isnt vulnerable lol itll be late at night tho

Same here

I should really go to sleep

Anyway, bye guys

bye bye

I Updated the site it Shouldn’t have xss vulnerability anymore .

what happened to the last room in the defending azure section 1?

sentinel section 1 last room

is missing one

Should I add deleting other peoples messages to all users so that we can clear up garbage if need be

No

The trashy atmosphere is charming

can I ask yall for some help

like troubleshooting advice? because my entire terminal is highlighted and will not. get. unhighlighted

i apologize if this is the wrong place im just tweaking

Did u try to copy bash settings from the etc path

Sup chat. What's the vibes today

troubleshooting my thousand sun terminal

for anybody playing the oblivion remake:

just found an exploit for infinite lockpicking exp

On any lock with 2 or more tumblers, set one tumbler and then without moving your pick spam the set button (space for keyboard) and you'll get exp each time you press

and no, but i'm using zsh, would that make a difference

🙂

Oh idk I just reset mine w cp /etc/skel/.bashrc ~/

Sounds cool bra

dude i want to die

Maybe try

cp /etc/skel/.zshrc ~/

@twilit phoenix

U can use use chsh -s /bin/bash to revert back to bash

love u homie but that is not working

Sry, u could prob get better help during earlier peak hrs

No ur so fine

we will overcome this struggle

I’m troubleshooting this blog rn

Guys quick question. How to isolate my virtual machine from my host machine?

Vmware?

Yh I saw this but wanted to see if someone tested it and like how accurate it is

That’s what I did to mine

I’ve got 16 ram total and allocated 8 to VMware

Oh

And does it detect ur host machine?

reading an rfc be like:

Fr

Okay now it’s Mobile accessible, it wasn’t before, the page didn’t fit in the mobile format, now it does. Also I believe I patched the xss vulnerability(hopefully) All users can delete posts incase of spam and stuff like that. So yeah have fun