#general

Juicy student discount

Do they not give school emails for middle/primary school anymore?

I remember we got like a simple gmail one that could have worked

Not in romania they don't

Like, ever

I am just gonna get the discount using the enrollment documents

good call, last time I checked it was like 50% off for students

awesome deal

isnt it like 12 bucks a month

w/out a discount

@sand trench

nice good job ralex

shadow is on day 1365 today

woohoo

you get like peanuts for it if you arent paying the middle level one 😭

If you're in the USA applying to a community college gets you a .edu email address automatically

you run into a wall real quick after getting through the basic challenges

yeah, but in the US I remember we got one in high school too I believe

could have been a gmail though

Good night to you all...

do you guys think the internet will ever go away?

I jeed to to keep myself structured

Or im cooked

God let's hope so

My goal is to be good at 1 coading language and have the soc path done on tryhack at least

It's my dream to talk shit about Muiri with a Carrier Pigeon

This is a good dream

Wtfff!!! 🤣🤣

yes which is why shadow is working hard on conserving data with data hoarding

Bro 😭

i 2nd this. ill get my self one big tree, build house on it and newer come down

Not in our timeline

guys a guy came randomly to me saying my token r ... some random numbers (Not my tokens at all and that's not even a right format of tokens) then saying he will dox me LMFAO

From this server?

ye lol

thats so kind of him

Dm me screenshot please.

shadows token is lbargruigasipoujhg

alr bro lol

Appreciated sis.

anyways the internet going away is fine

electricity going away is not fine

Yeah have u tried doing anything w voice , its horrible

damn the roasts always hits with sis xD

Passed the Cambridge

Good job man

That's great

Next up: the PT1 in a few years

How is that a roast?

Night chat

you're a wizard now, you're progressing quickly 😮

Been a wizard for months now

And I will stay here for another one month until I finish my exams

nice, good luck 🙂

Do you guys know the feeling when the motivation is falling apart

just motivate yourself , that happens it's normal

sup chat,
anyone here has this boox e-reader ? I have a very old kindle Id like to retire

Maybe you’re hitting burnout, rest

Do somthing you like

https://tenor.com/view/glare-jess-lacroix-fbi-most-wanted-displeased-unimpressed-gif-25929326

I ve been watching anime all day so yeah check

I dont feel like i can

woah congrats

i mean he thinks it is 😭

welp gonna call it a ni ni to beep boops for sleep sloops by meep moops

I do?

How comes ?

https://tenor.com/view/hmm-suspect-gif-22611582

I need to keep going i cant let this slide i mean it actually is something i like but i want this to be my future so i just dont feel like i can rest as i think i dont even do enough yet

is it possible to be part of multiple rooms? i need to restore my streak by completing a room but the one I am in now will take too long. Can i join another one and quickly complete that or will it void my existing room ?

U can join as many rooms as u want

gangster shit. ty

Np

🤮

wait what, we cant share screenshots anymore?

Yes we can

If you push through burnout you can become physically sick. They call it burning the candle at both ends. Resting when needed makes learning easier so don’t overwhelm yourself.

Wait, why does it bring me to discord website?

WTF

Discord broke

I blame Scrubz.

Hmm yeah youre right

Thanks

theres north korean children clocking in 12 hr days, man up

True

I feel like a dial up modem today

%s/^.{0,5}//

just dont

Isn't that the regex for "catch everything with a length between 0 to 5"

You guys should prolly rotate your Steam credentials. Not confirmed yet, but why take the risk? https://www.bleepingcomputer.com/news/security/twilio-denies-breach-following-leak-of-alleged-steam-2fa-codes/

Ty for the heads up

Gave +1 Rep to @lament tendon (current: #36 - 260)

no. is regex to delete first five char in every line

Ohhh

So first five on every new line?

y

I haven't read regex in ages

I was a quarter right

%s/^.\{0,5\}// if wish

Not bad lmao

It‘s technically a full sed/vim command.

yea

Never seen %s in regex before tho

is substitude

That explains a bit

Til regex

is sed but yea

I actually should learn more about regex

Yeah

Still regex format tho lma

https://regexr.com/

Will take a look tonight

"^.*$"

Jokes on you, mine are hosted someplace else

Hello guys

I wanna fight back data brokers

But how do I do that

How do I stay anonymous

that doesn't sound very legal

Towards them what do I do so they don't get my data

https://www.kaspersky.com/resource-center/preemptive-safety/how-to-stop-data-brokers-from-selling-your-personal-information

you can try your best to avoid using your name/details when you sign up to stuff

but this is what data brokers do

Ah yhanks

Did that commonely

I feel so ridiculously weak somtimes

Curse of tech

No, he's just responding in kind.
You called him something he isn't, so he did the same to you 🤷‍♂️

I just feel it's not right to me

yep welcome to the modernised internet

Well, sign up and pay for 0day's services to delete your data off data broker sites https://pentester.com/

@hearty dove

Ummmm

I did one of the data websites before and there was hardly anything on there. It was a while ago now though, maybe I should do it again.

Hä?

You got a special agreement with Steam or sumthin‘?

Ummmmmm what?

https://tenor.com/view/cow-wig-gif-17915576443032798845

hi guys im new here i wand advice try hack me can make me good pentest

Do you not use the steam app to auth?

Of course, but it would still be silly not to rotate creds. Dunno what data was stolen, if any, but it‘s very little effort.

what are you mean

are you pentest bro ?

I do pentesting, yes.

Workout, a quick 15 mins nap (or rest the eyes in bed for 10 or 15 mins).
Stretch, play piano, code a project or at least try to.
Sometimes you need to do something different to avoid fatigue of routine.

If you have some deadline for personal reasons, I fully understand, just try to stretch, walk for a short period, and watch or listen to something you like.

can someone help me with smth?

it's about ssh and the scp command

I got a problem with it

I was looking everywhere for my cat 😓

yh its helpful

wsp?

I wanted to transfer a file on a pc using scp because I already have a ssh connection

but it say this

it's from a thm roon bdw

wats the name of the room?

ill do it later cause why not

basic pentest

I found an alternative for that

so no problem, I just wanted to know for futur troubleshooting

the wat?

wats futur?

Future

k

.

im pretty sure i did this course in the past

lemme see

5 mins tho

Try putting a colon after the ip

Like 10.10.0.186:

https://tenor.com/view/gmail-pibble-hotmail-happy-dog-puppy-gif-10031987367771077268

wsp

Hi

@vestal bone did it work?

I did another thing and got the job done

host a server on port 9000 with python3

and took the file from there

alr

Done!

Regarding the latest announcements... I have guesses

btw jabba got flarevm working

if u reading just took some extra cores for the vm so didnt crash out

wat announcement?

The one by Skidy

I am new here. “Hello World”

Goodbye World /jk

This world can be cruel, yet is filled with so much laughter…

which?

welcome and good sense of humor but if u would have removed the " ", it would have sounded better

so u want guidance on wat to do?

like a beginner guide?

Hi, just to learn a few things. Knowledge is power, but it comes with great responsibility.. I’m just here to see and learn.

The one to be announced soon

w. do u want a beginner guide?

i didnt know. wat is it about?

new thing produced by thm

it was somewhat leaked already

I’m gonna take a while guess, my answer should be yes? Like I mentioned on a new year and I’m not sure what protocol should I be? Where should be looking at or what? What’s the down on this channel?

you can head over to #start-here

and we often recommend you verify follow the docs link ill send in a second it links your thm and discord accounts

I will do that, thank you

Gave +1 Rep to @upper knoll (current: #137 - 61)

it wont let me send the link rn

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

should help

hi

Oh…

Dm me if u want a suggestion on topics u need to learn as a beginner

Hi

wassup dude

hows your guys day?

Yeah. Unless something else is being announced

¯_(ツ)_/¯

fine, wbu

is anyone here good at hacking voip phone numbers?

That sounds highly illegal

im getting harased tho by voips

Call your local authorities

like someone is like actually making fake numbers and perma texting me

what can they do

They can see who is harassing you

Numbers don't just appear out of thin air 😄

sounds oddly specific

😭

basically a random person has been trying to get me and my gf to breaks up

I've got this thanks 😄

Gave +1 Rep to @zinc pine (current: #2879 - 1)

making fake numbers

but cant anyone make a voip?

what should i say to police

if i call

Jabba u started my balatro addiction , though I can’t beat the first deck

Tell them what is happening

jabba can u call me on disc

Someone is harassing you, creating multiple phone numbers

They'll advise you further

ok im in a different area now

but my gf still there

Unfortunately it's 2am and I have a dissertation to submit so I can't call sorry

'which locals do i call

ok

Sorry not sorry 😄

Happy to give you some tips if you want help

Depends on your country, best to Google non-emergency number for your country.
If you have reason to think you or your girlfriend's life is in danger, call the emergency number

no they jus have been harrasing for months

nothing threating

but thye have alot of information on us

it is very scary

I understand how that can be scary, I'd advise you both to submit a report

will it go on my record tho

Make sure to keep message receipts, numbers, dates (when it started is important)

what if i deleted some

It will likely be recorded, yes? Unless you committed a crime, you have nothing to worry about

what if i dont have the earlier evidence

'will that be an issue

I wouldn't be able to say

@mossy river have u completed the red deck challenge?

or any deck 100%

I've completed every deck up to blue stake except for the checkered deck which is up to gold stake and the first and last deck which are both on purple stake

geesh

My stats

my biggest recommendation is to focus on unlocking all the jokers first, it makes life a whole lot easier

?

So you’ve done 1 of these right

Yes

I've completed the first one

Oh ok thought u had 4/5 n needed blue deck

I don’t see wins

press on your profile in the lower left

lol how do you get a W?!

By beating ante 8's boss blind

jabba i got flarevm working

it took nearly 2 hours to finish downloading

also ive seen a lot of that game ik ben plays it as well

He does yes

Once you start you can't stop

i feel like it would drive me mad lol

ADHD go brrrrrrr

It has recently started to irritate me but moreso because it's getting difficult

I've got a lecture I need to teach in an hour

And I'm so disorganised rn

whatcha teaching

Secure Programming

i wish u good luck

Tyty

Gonna have a hall full of about 100 students

R u a teacher?

Co lecturing every Wednesday

How old r the kids?

Between 18 to 45

Wat ages?

Hmm so no one is a teenager sadly😔

Nope

Not this time 😂

The teens u teach, r they good at the stuff?

Last week I was co lecturing an introductory course for a high school exertion

Wrong word

Exercion? Idfk

Stupid english word

@mossy river what’s a seeded run? Like a continue ?

Hmm. Ngl but nowadays, computer science classes in high schools r basically useless in my opinion. They teach next to nth in cyber security which is truly heartbreaking in my opinion

Seed determines the set of jokers, tarots, etc. you'll potentially get

Iirc

Not potentially

I left English so idk

But yes

I mean still potentially cause it's all still chance

Runs are built on seeds, seeds dictate what will be in that run

But the seed determines chance ratios no?

Nope

Like Minecraft seeds?

Oh so it's static?

Yes

Double yes

Damn

Cool

Didn't know that

You can find balatro YouTubers often doing seeded runs because someone will find a cool seed

i.e. early perkeo

Oh

I personally hate seeded runs

Sounds boring

I remember one of the main reasons I got into hackin was because of Minecraft

-1 seed is the best (should tell it to use random if I remember how they do seeding)

My first week playing the game I got a random seed that gave me all legendary jokers

Damnnnn

That's luck lol

Does -1 seed exists? I’m not sure cause it’s been ages since I learned about them

I did well, but I could have done so much better, I accidentally threw the run

-1 when calculating seeds tells the generator to be random

Same with 0

Can u alter seeds?

Not without mods

Oh

Seeds are mathematical afaik

Oh

Balatro is 90% math 10% more math

90% math, 9% more math, 1% knowing basic poker rules

Yh

You don't really need to know poker

I'd say 0.1% knowing basic poker rules 🤣

Ngl I’m thinkin to do seed hunting in Minecraft but with automation

But knowing what the different types of hands are helps a lot

I just click all the cards until I see big numbers /s

Highs, flush, and straights are what I'd typically go for

Still I feel like u need to know someway of poker

Anyways I’ll go do some more easy rooms

Start with flushes, deck fix based on whatever jokers I get in the first few antes

Yeah I start with highs or straights

@knotty valve I have completed 18 rn. I’ll get to 50 real soon so watch out😁

Then alter based on that

Bye u both

high flushes in the first ante can almost always guarantee you get maximum money from hands

Tomorrow I'll probably jump another two levels

So yeah 😂

Don't try and compete with me cause I don't do it competitively

I just have moments of smashing out 100+ questions and topping a league on the odd occasion

Astro cards help shit tons in my experience

Make straights and highs go brrrr

alr

Until you don't pay attention to bind and get screwed over cause you built your deck wrong

😄

i did 105 questions in like 2 hrs

I never pay attention to the boss blind, 1% of the time I win 100% of the time

maybe 3

Not hard on easy rooms

true

ill first get the hacker rank

then ill do more harder rooms

Ranks don't really matter that much imho

If you do the HTTP smuggling room

Do be weary that Burp occasionally shits the bed and doesn't trigger the smuggle all the time

You may need to tinker with the headers a bit

It's not an issue on the room, it's just burp being burp

thnx for advice

Np

I remember bashing my head on the keyboard for part of it cause kettling kinda makes it hard to see what's going on when something doesn't react properly

dang

btw

But the inspect module in burp should help

So yeah

i dont have the paid version, so i wont get alot of rooms right?

Half the reason I don't use burp when doing web testing 😅

Yeah you're limited to the free rooms

But there's plenty of those regardless

You can indirectly do most of the jr. pen test path for free

i dont like burp too much ngl

Burp is great for learning how MiTM and Smuggling works

oh

But I personally don't use it professionally

yh but organizin stuff in burp and all, i dont rlly like that

I have my own toolsets I've built over the years for my specific workflows

Can't wait for fight night now 👀

Sold 50 tickets already 😂

Lmao

Putting in that work

how many years?

gl

4 years

It's various network forensics tools, some baseline web testing

Automation of IDS, setting up my own IPS, memory-resident detection through image mapping of malware and memory, etc.

how old r u if i can ask

icic

21

I've got a few more years of cyber at most before moving into tattoo artistry

ha old

God damn now I feel old

u started at like 17 hmm. not too late

Younger :)

No such thing as too late (unless your dead)

oh...

I've been professionally working in cyber for 4 years

how old r u sir if i can ask

Well, cyber and networking

Almost 27

I've done some stupid illegal side of things since 14

So yeah

Ha

Old

Says you 😂

I hope not I’m starting at 33 😳

along with this hackin mind, my mind is business minded too. so in the investing side, we say that its always good to start investin early until its too late. so the "too late" thing is there for me

i have a young heart

I can't say the same here

nice. did u start with bounties or smth?

Smoking + heart attack didn't help

Professionally? Yeah

Kinda

u aint too old. idk why i thought u were like 40 smth after u said "damn i feel old"

I've been told I'm too old to start professional fighting but ya know, I'm gonna prove em wrong

I was a communications engineer when I started in cyber

But I did bug bounties about the same time

understandable. ik many kids who did the same

So give or take whichever

anyone familiar with finding out who is texting from a voip

u r kinda late but if u work hard, u can get good within 2 years. maybe less

Not legally

If they don't have a caller ID then you'd need to submit a report to authorities if it's harassment

what if they r harrasing/threatning me

ok

Report it to law enforcement

Case closed

Yep

They'll take care of it from there

That’s the plan actually. Cause I know for sure I’m not gonna look at table games the rest of my life

u just should ask the legal authorities

ik people in nsa, cia and fbi

I'm sorry it had to end this way

but idk if i wanna involve them rn

haha

i feel like law is gonna do jack shit

idk

cuz they not life threatining

u want a beginner guide?

:hammer: uavvv#0 has been banned.

They'll still look into it regardless

Oof

I was gonna suggest they change their number but head severed

So how often were they asking this to warrant for a ban lmao

lemme dm that guy

They asked an hour ago, I gave them all the advice they needed

im gonna tell him to ask the legal authorities

I’ll never say no to a new source of info. I’ve basically been working, being a husband, and learning cyber security for the past 3 months and have no plans on stopping

dw

I already have.

bet dm me

We all have now lmao

Please avoid interacting with rule breakers as per the community rules

they dont seem to understand. guess i nedd to make them understand

And @last harbor what's with offering a beginner guide to everyone? 😄

Lmfao

💀

I mean

It helps getting started at least

i didnt even read the rules

Common sense is 90% of the rules

You agreed to them though

basically tellin the beggniers wat stuff they should learn as a starter. like networkin, kali linux and some more stuff

Hm okay, just making sure

Tbf I didn't read them till last week but it's all common sense stuff anyway

If you have a guide you'd like to post, you're welcome to put it in #resources

agreed on wat? srry i have memory loss

(jk about the memory loss but pls remind me)

You guys read them? I skimmed through it.

anyone know any good java courses that are free

Read them, don't read them, just means nobody can complain if they're caught up as everyone has agreed to them

Ew java

Yea

alr ill send rn

ik but id like to learn it

Sololearn, I definitely recommend it.

same man same

Checked FreeCodeCamp?

i do

dm

💀

Yea i dont like it tho

Professional gate keeper

A lot of the rules I find are pretty universal to a lot of tech servers

Mans gotta DM everyone resources

Can't let anyone have em

I thought I can’t post stuff here💀

i sent u a dm

Checkin one min

You can't send self promo is the only thing iirc

let's just hope the resources aren't resource.pdf.exe

It's because we all copy from each other

I mean it's all common sense, don't promote, abide by ethics, be respectful etc.

Oh….

Depends™️

They r texts and one image dw

True

I just don't self promo cause I don't need to, only time i mention my works directly is if it's related to the topic

Speaking of promotions, I def recommend checking out TryHackMe, it's a super beginner Cybersecurity training platform available to all who are interested.

So would me raising money for charity being self promo if I was to post the fundraising link

It's for charity

Lmao

Which ironically is the exception to the advertising rules

Real

Nope but generally I prefer to approve fundraising and petition links here

I figured so cause i didn't get bonked for taking about my projects yesterday

Just the same with forms, surveys and free money posted in #general chat (I steal the money for myself)

Nice

It's completely legitimate and I have no invested interest in the charity other than it's a cause I support

It's not the charity of wide

It's the charity of ash fr

It all goes to me /j

Well it's actually Tommy's charity but it's a baby loss charity

is the free version of solo learn good

Yes, you don't need to pay for the premium stuff

I finally finished bonelab for the second time🤑🤑

Nice

Alright im gathering my summer learning resources together

My winter learning consists solely of art

I love how this has started tho

Throwing this out there, they also have a mobile app as well.

The shapes are so perfect

alr my diss work is done for today, gn THM 👋

Cya Jabba

Good night bot that's named Jabba.

gn also uh

am i allowed to be like "if u want a beggnier guide, dm me"?

gotta love cathartic VR murder

thats awesome. such a great hobby

honestly really is until you look back on your old work

hi

Wsp man

mornin yall

I should be working but

imagine leaking your name

Imagine thinking I care

nun

Imagine thinking it's not already public

About to work on man page

and do some ctf's

which ones

fair fair lol

CVE's

Well I'm going to complete the hold thing

Is someone help me out with something?

on its last legs.

with what ?

Ahh ... I want to be a Cyber security manager 😶 ... But I am total beginner and and just know the basics of linux , networking and Cyber security and a little bit cloud too of aws

I know this is a total bull shit but still ... Wanna be one ... And I know it's very lengthy process and time and efforts taking too but even though I wanna do it .. can u help me out

Usually, those who study network security will learn basic computer networking and then go higher, learn programming and other things

Ya i also leaned the basic programming of c and python

On I am trying to go with bash language

Wsp?

I can help

But I still don't have any mentor or anyone to ask queries and there lot of question related to job career money in my mind which are bloating me .... And the fact is I don't have money .... That's why I can even take the paid labs of htb or thm and also for the cerfs

Sure dude plzz

Hmm

DMs

Quick question

Tellin people to dm me because I’m guidin them on DMs, is it against the rules?

Good morning uni again 👍

Gm man and u changed ur pfp

It is against the rules to send DMs without users approval , otherwise it is ok

You can follow this pathway
https://tryhackme.com/hacktivities

I mean I ask the people first “do u want a beginner guide?”. Is that okay?

Yes sirrr it looks good like this right

It looks nice

Ayyy

I have nuclear chemistry test tmmrw and I haven’t even started studying till now

Wat a life

Savage love

Good song

I got some marketing and communication modules idk why but I will work my ass off this weekend to be free so I can study cyber

can anyone do or share my survey for a stats project please?

I’d like to do.

Ty

Gave +1 Rep to @jade oar (current: #855 - 6)

Oooh nice

From the end of next week, I’ll literally grind hackin for like 3-4 months

Wat surgery?

*survery

typoing survey to surgery is funny

Ikr

Typing typoing is funny too lol

I will graduate late because I decided to take time for cyber before my WBL so finna lock in

Ooh

Let me show you my roadmap I will dm it

If you don’t mind

Ofc u can dm me anytime

Ayt bet i appreciate that

I send it

If I already know about computer networking, programming and the basics of cybersecurity, what should I learn next?

Wat languages yk?

while speaking of promgramming does anyone here know rockstar?

Just wondering.

I already know Python, C#, Js, next to this I will learn asm

what is this?

Its a coding language

It was in a picoctf channel just wondering if anyone actually knows it

this is my first time i hear it

Malbolge, Cow, Brainfuck, INTERCAL, Befunge, Whitespace, LOLCODE, Piet, Chef, Shakespeare 🗿

Ik rockstars

The singers

Try learnin rust ngl

Maybe make ur own projects

Oh

Should I learn more programming like golang?

U wanna do network security so Go is good to have

Go = Go in the bin

=))))

what is this?

go to become a hacker

hash, endode, encryption???

it's look like encryption

how do i identify this?

how is this being ran in a batch file?

It's encoded

It's a BAT2EXE code

okay thanks

makes since now

Chinese I think

U working at 4 am?

how do you get any run

seen John Hammond use it and i want it

Business user

its not public?

Only open to businesses including the free plan

you gotta prove license or can i make an accoint

found the website

Researchers can fill a form to access via their discord but you'll need to prove to them your a legitimate researcher

oh okay

Where did you get that file from?

my friend sent it to me and asked me to check it

Hmmmm

I'd be cautious

i opended it on restrict mode on vs

and virustotal flagged alot

No need for it to be encoded and it was asking for a username and password.

Plus the GitHub is like 5 years old

yeah outdated

The fact it is encoded makes me think there's definitely some malicious code

Is your friend a professor layton or something?

🙂

I
Opened the file on my phone💀

I’m cooked right?

No

It's windows

Alr

My Brian is cooked rn so idk wat im saying

*brain

Or thinking

Also if I remember correctly, the person sent a ss instead of a file

Idk why I said I’m cooked

Wsp

I wonder what is the nametag? Beside the name is? Is that something like premium thing?

That CYBR and weed thing

https://tenor.com/view/pibble-gif-13410971448429384431

Its a guild tag

Oh. Thanks for the information

It’s a guild tag

could someone help me #site-support #room-help

Try base65536

What oath is it talkin

Gemini gives problem like its fine but not as fine as gpt haha

hello.

Hallo.

I'd say "wie geht's?" but it's an english only server 😅

Hehe

Niet

Be safe

Mods always be lurking in the shaDows

So..I made some...nutritious agar for some bacteria and mold. I am working on a coding project, nothing too big, just y'know, revolutionizing bioengineering via making a C-like language to compile into DNA which can be implemented into plasmids. Just a tuesday...

Any success yet?

yea, got some bacteria to sense for ampicillin.

Basically if ampicillin is detected, the GFP gene from jellyfish will be expressed.

Thus the E. coli will glow.

..in the presence of ampicillin.

Hmmm how does the compiler work btw? Does it reference a known database of DNA or smth?

No, it has to use actual nuclear physics to trace for each and every single residue.

..and look through all possible codons per block.

Oooh kay

So if you pick am enrollment. Are you still able to learn everything else the site has to offer?

Hmm

If you are talking about learning paths, then maybe yes. I am enrolled in jr penetration tester and still listening red teaming

@arctic bison Okay thanks. I just taken the quiz. And just still curious about it all. Would getting the premium be a good thing to get?

Gave +1 Rep to @arctic bison (current: #2879 - 1)

I used free and changed to premium. Premium has more rooms. I personally prefer premium. But if you are starting now, listening to basic free rooms and changing to premium would bee good too.

@arctic bison Cool thanks for the info.

ooo how do you get the role with the colors. does is correcspond with you level on the site?

yeah..

also your role in the server (e.g., green for mod, orange for senior mod, etc)

does mod have to assign?

I think so but don't take my word for it..

zamn they are all asleep probs

i wonder about that role too. They are FANCY.

wait one of the mods is online

lol

I think modding is a bit like...babysitting at a daycare, haha.

it is a bit of chore ya

did some one ask you your level @steady pewter when you got your role

?

No, I just wait..what DID I DO?!

hang on..

sorry, trying to find something...

ugh..nope..forgot..

You should find it in #start-here you generally need to link your TryHackMe account with your discord account.

should of guessed lol

Thanks for the good info, sir.

color reveal

nice

i feel like there is an offensive cert coming from the announcement

i am still weighing whether i want to try to get SAL1 another cert is to much to think about

Looking at the colors, and uhh uhm, previous hints it may or may not be an offensive cert.

Morning

night.

Afternoon.

https://tenor.com/view/so-good-wink-smile-oh-yeah-its-true-gif-24163876

Evening

hello everyone

Hi there.

https://tenor.com/view/hello-there-gif-5677380953331354485

Nighty night

https://tenor.com/view/pibble-mulch-gmail-sleep-frenchie-gif-14761084216183221075

Talked with one of the teachers, found out my project doesn't work and I have to add more

So getting 2 new servers to my setup

It's already been leaked. It's a Pentesting cert

spoilers

I wonder anyone interested in pwnable? I’d like to know if there is good pwnable room at thm.

Trypwnmeone was good, but trypwnmetwo was too difficult for me…..

I have a Doom: The Dark Ages skin code. Anyone interested, reply to this message!

Means there's room for improvement!

If the room gives you any hints try rooms that are of that topic, or try to enumerate what there is in the room and deep dive yourself into those topics to find a way to use anything that may potentially be misconfigured

Thanks for the advice! I should try trypwnmetwo again.

@crystal moss @chilly veldt finished today's lecturing

Nice? nice. How dit i go?

stress

Ok

But overall, think it went pretty well

Managed to get through most of what we were supposed to

Which was:
Code signing, static code analysis, and basic buffer protections

People didn't throw rotten tomatoes at you at least..it's nice that it's over, but like I said, the more you do it the more comfortable you become..

Yea

How long was it, 60min?

We were meant to also go through some more advanced stuff like XSS and RCE

But didn't get time to

2hrs

so.... did any of them fall for it?

Yes

A spectacular 70%

Cause I didn't account for Linux or Mac

bloody amazing

Ikr

Okay. Two hours is a good job, it's not easy to talk for that long and keep it interesting.

I had demonstrations planned ahead of time

So I could keep it engaging enough

Like the getting most of them all to run unsigned code that played bad apple

Did they know it did that? Well, not until afterwards

honestly for windows you should target edge since it is in every single bloody windows device

Chrome is installed on basically every students device as well

Cause it's their go to

aw no furryfox?

I believe only for the 5% of students using Linux

and the rest is macintosh

?

I knew which students would get errors and who'd have chrome installed purely off what OS they said they used

Yep

love stuff like that. hbähar already told me about my little campaign where I wrote a tool that said it could hack fb and instagram, over 10k downloads and runs in just 4 days.. and when it was done with "hacking" you were get some text about how stupid it is to tryst unknown code

Yeah I remember talking about that 😂

🙂

Still very funny

It's scary how naive people are, even those who claim to be interested in security

Yep

If I can I vett everything I use

And if it's a laptop or desktop, I follow my old work's hardening documentation

Which I'm yet to actually automate

Today you can hardly even trust trusted sources, supply chain attacks etc.

Cause it takes ages to go through it all

That's what I love about memory resident malware

I lovei sandboxing and disposable VMs

They abuse that trust factor in software to get into the memory

Hijack trusted threads, and work from their memory segment, and then the AV is blind to everything you do

It is a sneky method but dam effective

Hard to pull off

Yes

But if you can do it, you basically own their system

Also god forbid you get infected with a modular malware

Thats why i run onknown code or files in Qubes in a dsspoeble

Cause those are hell to detect and stop

But a memory-resident modular malware?

Pray that whoever your CIRT is can recover the damage done

hmmmm i might be able to make a multi-platform version since i just started learning javascript

Oh I could do it easily

It's as simple as checking the environment for the os type

yeah i thought so too

This is from a website:

What is memory-resident modular malware? It is malicious code that: Runs only in RAM (to avoid detection). Is modular in structure (fetching parts as needed). Often uses advanced techniques to avoid detection and maintain persistence through other components in the system. --- Qubes OS protects you by: 1. Isolation via domains (qubes) – each qube is its own virtual machine. 2. Minimal "dom0" – where the user does not run apps, which reduces the attack surface. 3. Disposable qubes – disposable environments that disappear after use. 4. Strict control over USB, network and files – you can, for example, isolate USB devices to a separate qube.

Darwin = Mac
POSIX/Linux/etc. = Linux
Win/NT/etc. = Windows

Yeah Qube and similar OS is basically your best chance at containing them, same with stuff like VMware, but even those have escapes

Sure, nothing is 100% secure

Yeppers

But with qubes and zero trust you are relatively sefe

Yea

I use physical MFA as well

Yes me 2, iv been using Yobikeys for years

I like the factor that you can physically destroy something and it'll never be usable and essentially makes something inaccessible without a zero day

Key cards, biometrics, yubikey, USB PAM, etc.

Those are my usual setups, and require two physical auths on top of a passphrase

that was quick

2hr ish lecture

(it was a joke on timezones, cause I just started school cause it's 8 am)

Ohhhh

Lmao

yeahhh lmao

British?

Hey, I am trying to subscribe to yearly premium and I am getting error 500

I have to go now, I'm going to meet a candidate we might take on as an intern who might then get a job, I'm going to supervise her 🙂

#1333993673381253162

Nice