Coffee sounds good rn
#general
slow cloud
shy forge
its good some flag need extra caffeine
slow cloud
Doing some THM?
zenith mesa
Hey Boys
slow cloud
wassup
shy forge
Doing some THM?
right
slow cloud
Managing mehn
nice nice
knotty valve
Also fedora but nicer
frozen charm
lovely
zenith mesa
Hey anyone can share premium login for THM? I just want to experience some labs
knotty valve
there's plenty of free rooms
zenith mesa
Also fedora but nicer
Wooow interesting
zenith mesa
there's plenty of free rooms
Done with those bro
mossy river
Hey anyone can share premium login for THM? I just want to experience some labs
This is against our Terms of Service
chilly veldt
I mean, if you join the giveaway in #community-announcements you can possibly win premium
zenith mesa
This is against our Terms of Service
Sorry didn't know
knotty valve
I mean, if you join the giveaway in <#773968374870966292> you can possibly win p...
does that stack on current subs?
knotty valve
that's something I should be asking jabba ngl
chilly veldt
it kinda does, not sure if they have changed it, but you'll have to stop the renewal and then apply the voucher
knotty valve
ah
torpid stag
I really hope I get a shot. Tried paying for i t multiple ways but man. Stripe hates me
Even the support couldn't do it
bleak quartz
I really hope I get a shot. Tried paying for i t multiple ways but man. Stripe h...
can you normally purchase stuff?
torpid stag
Yeah, I used cards which I normally use
woeful cedar
I am tired
bleak quartz
I am tired
Caffeine.
bleak quartz
How
woeful cedar
What how?
bleak quartz
Are you a student?
woeful cedar
What? 😭
slow cloud
i didnt drink coffee until like a year ago
when i started working, but i only drink it at work
bleak quartz
What? 😭
I drink it to stay awake to finish assignments, commissions etc.
Without it I would be so cooked
bleak quartz
lucky
woeful cedar
I drink it to stay awake to finish assignments, commissions etc.
Just sleep
bleak quartz
coffee tastes good tho
torpid stag
I drink it rarely, like once or twice in a month
Same here
bleak quartz
"sleep" you say
dark mason
Uploaded my website to the server
I hate how the ftp is ran as root
woeful cedar
And can stay awake
knotty valve
I hate how the ftp is ran as root
sftp and I'm logged in as root cause I haven't setup the user yet
chilly veldt
Is it one of those virtual cards?
or get revolut
revolut works
they also have one time use cards
slow cloud
revolut is very nice
zinc wolf
hii
chilly veldt
I hate that the cleaners turned off my vpn 😦
that means I have to go to school tomorrow
boreal scarab
that means I have to go to school tomorrow
Bella has to touch grass? Oh no.
rapid merlin
Bellas has school? Bella told me they were 21 and at work
chilly veldt
more like I have to drive the motorcycle in rain
chilly veldt
Bellas has school? Bella told me they were 21 and at work
I do both work and study 😄
rapid merlin
round onyx
more like I have to drive the motorcycle in rain
honestly yeah in the rain is just icky
topaz falcon
Erm akshhally it's to ride ☝️🤓
blissful current
topaz falcon
Be safe in the rain though
blissful current
torpid stag
or get revolut
I'm unsure if they're available in my country though
slow cloud
gonna buy 15 euro earbuds, how bad can they be
torpid stag
both revolut and paysafe
sick lance
Can't be worse than none.
slow cloud
truee
rapid merlin
I like the rain
topaz falcon
gonna buy 15 euro earbuds, how bad can they be
Moondrop chu are really good for their price. Around $15-$18
slow cloud
these are Fresh ’n Rebel
torpid stag
here you go <@876693950256283671> you can check
As I thought. Neither works here
slow cloud
alot of people from my class had the skullcandies with the crazy bass
i like my sony xm3
i will never buy anything other then sony, even tho the xm5 and 6 are ugly
rapid merlin
I remember I used to only buy Skullcandy.
scene kid
chilly veldt
Erm akshhally it's to ride ☝️🤓
Saying we “drive” a motorcycle will be understood and isn’t grammatically incorrect, despite being the less common term to use compared to “ride”.
especially when talking about the conditions and talking about taking a motorcycle as a different option than a car.
my sentence indicates that I wouldn't be driving a car but instead taking my motorcycle, plus referring to the conditions of the weather making the roads I will be driving on a non optimal condition.
therefore it is acceptable and often the choice to use the word drive instead of riding a motorcycle
bleak quartz
bleak quartz
Saying we “drive” a motorcycle will be understood and isn’t grammatically incorr...
true tho
blissful current
I was the only goth in the group to never own skull candy 😦
i keep getting their discount coupons a lot lol
blissful current
https://tenor.com/view/kitty-cat-hello-chat-gif-26128152
blissful current
rapid merlin
i keep getting their discount coupons a lot lol
Theyre still running?
I didn't know they still made them
sick lance
These days I only buy headphones is when I need a new pair for my PS.
chilly veldt
sony just dropped their new xm6
blissful current
Theyre still running?
ya ...with some heavy discounts ...which do feel like its original price should have been
i use JBL
slow cloud
sony just dropped their new xm6
i dont like their style tho, the small thingy on the xm3 and 4 and it looked better
blissful current
I took off my headset to see what I bought and I still dont know
rapid merlin
<:wojakpoint:1363868361431191864>
Logitech
chilly veldt
i dont like their style tho, the small thingy on the xm3 and 4 and it looked bet...
what small thingy?
rapid merlin
I had to check amazon
chilly veldt
the top bar?
slow cloud
blissful current
thats epic
slow cloud
idk how to explain it
bleak quartz
i dont like their style tho, the small thingy on the xm3 and 4 and it looked bet...
Try EPOS
slow cloud
this is the xm3 and 4
chilly veldt
the headband
bleak quartz
Hella underrated
slow cloud
i dont like their style tho, the small thingy on the xm3 and 4 and it looked bet...
this 5 adn 6
rapid merlin
<:AMwhat:349902447365586950>
They had good reviews but the sound is trash.
bleak quartz
blissful current
They had good reviews but the sound is trash.
oh ..damn
slow cloud
the headband
Yess thank you
twin ridgeBOT
Gave +1 Rep to @chilly veldt (current: #8 - 984)
chilly veldt
yeah, I mean you don't feel the difference, I got the xm5's and they are lovely
bleak quartz
https://www.eposaudio.com/en/us/gaming/products/h3pro-hybrid-green-bluetooth-low...
doesnt embed idk why
This is hella underrated
chilly veldt
only reason I would get xm6 is because they are now foldable and have better ANC
bleak quartz
and cheap
rapid merlin
oh ..damn
Give it a year I'm sure to break them and I'll have to replace them anyways.
bleak quartz
or at least in comparison
dark mason
Guys, I captured the flag
slow cloud
https://www.eposaudio.com/en/us/gaming/products/h3pro-hybrid-green-bluetooth-low...
this one send me to demant
bleak quartz
Guys, I captured the flag
Reference?!
slow cloud
https://www.eposaudio.com/en/us/gaming/products/h3pro-hybrid-green-bluetooth-low...
login.microsoft online
blissful current
Give it a year I'm sure to break them and I'll have to replace them anyways.
i use JBL Tune 770 NC
solid Base and sound and Adaptive Noise Cancellation is Mid compared to flagship NC Headphones (Like Bose) but still does good enough job
plus has both BT and Wired 3.5mm option
battery Upto 70hrs without NC , with NC enabled around 44hrs
bleak quartz
yeah ofc it does
rapid merlin
i use JBL Tune 770 NC
solid Base and sound and Adaptive Noise Cancellation is M...
I don't know what half of that is you just said but okay 😆
bleak quartz
Oh they changed their links thats why ye
blissful current
I don't know what half of that is you just said but okay 😆
bleak quartz
just not that link or something i gues
https://www.eposaudio.com/en/us/gaming/products/
Redirects just to gaming
Here you can see em
nvm that goes to demant too
tf is going on
bleak quartz
Oo
bleak quartz
Anyways that headset has been the highest quality that I've used so far out of all headsets
dunno what kind of downfall they going through rn but the headsets are nice lol
bleak quartz
demant is the parent company of epos
Oh
It's now fully owned by Demant
that's why
bleak quartz
People actually believe in that?
People believe in anything
sullen schooner
People believe in anything
I guess
slow cloud
Uh guys, do you know about prompt theory?
sullen schooner
this? https://www.prompttheory.com/
No i think it says that we are nothing but prompts from an AI bot
With a user controlling our destiny or sm5
slow cloud
oh yeah i see
sullen schooner
Like a roleplay charbot
slow cloud
i shouldve looked further in the google serach
sullen schooner
i think its the same argument as we live in a simulation
Ya the matrix one
clever locust
hi folks
slow cloud
hi
sullen schooner
https://www.reddit.com/r/ChatGPT/comments/1kswt10/prompt_theory_made_with_veo_3/
I saw this exact vid on insta
That's why I looked up the prompt theory lol
slow cloud
im fine what about u
knotty valve
I was half expecting a "can you hack my instagram pls"
slow cloud
I was half expecting a "can you hack my instagram pls"
same
knotty valve
I wonder how many staff work at THM
slow cloud
the blue ranked staff?
knotty valve
In general
crystal moss
I just started watching the documentary "cyber bunker" about the server bunker in Germany for darkweb... interesting story
gusty inlet
I just started watching the documentary "cyber bunker" about the server bunker i...
Which platform is it on?
slow cloud
netflix i think
yep
amazing site
you can see where you can stream a certain show
gusty inlet
This one?
slow cloud
its been on my list for a while
crystal moss
It is a Republic tahay say , with a structure like a state.. 🙂
mental stratus
I'm sorry to ask, i'm looking for any good room about "parameter tampering", any suggestion?
shy forge
Hi guyz any quick tip for anything which you find basic but quit interesting?
rapid merlin
There’s so many bugs in this room.
slow cloud
which one
rapid merlin
I’m done
I’m going out lmao
I was clearly never meant for the red road
I’m in walking an application.
First the red box just didn’t show up and now I can’t enter the next flag which I can clearly see
Am I being dumb?
gusty inlet
Am I being dumb?
You can't copy/paste flags containing _.
rapid merlin
You can't copy/paste flags containing `_`.
I also tried to type it
I mean I tried to type it first and then I tried a copy paste
gusty inlet
The answer box on THM already has _ preset to autofill it. For example just fill it with 'a's and you'll see _ being autofilled in some places.
rapid merlin
Yes so I tried to put in just the letters
knotty valve
You can't copy/paste flags containing `_`.
You can occasionally
rapid merlin
It’s like entering the _ in the incorrect place
knotty valve
You also can't paste in anything if the cursor isn't at the start as well
rapid merlin
I don’t know why
gusty inlet
Or maybe it's not that flag.
rapid merlin
Or maybe it's not that flag.
Alright let me check
shy forge
which room is it i guess i done it yesterday
rapid merlin
Okay well I’m wrong lmao
blissful current
ello
knotty valve
Hello fellow human beings
rapid merlin
It turns out I was the bug
knotty valve
Mood
rapid merlin
blissful current
rapid merlin
Okay I need to eat before I do any more rooms
boreal scarab
Doing a badge CTF from DEF CON 31....
safe oxide
Doing a badge CTF from DEF CON 31....
Blood is fuel
knotty valve
Doing a badge CTF from DEF CON 31....
Love these little joys in defcon
blissful current
boreal scarab
It's this badge
blissful current
safe oxide
<:what_the:1308491561662808074>
Alien theme this year
blissful current
for what?
boreal scarab
Looking at the readme......
ROBOTS TRANSCLUSIVE XENOMORPHIC TRANSCRIPTOR - HUMAN INTERATION CONTROL SCENE (R.TXT-HICS) ERROR CODES:
- Watch more YouTube
- Ask ChatGPT
- REDACTED (For the current broadcasted REDACTED, see the REDACTED)
K thanks readme....
brisk bison
Hey 👋
Quick question (might sound silly, but bear with me):
If I forgot to cancel the auto-renewal for a monthly subscription and the payment failed due to insufficient funds, does that mean I still owe anything?
boreal scarab
Hey 👋
Quick question (might sound silly, but bear with me):
If I forgot to canc...
No, your sub just ends
brisk bison
ok, glad to hear that
knotty valve
Nyo but I do believe the service is suspended until paid or it reaches the end of the grace and it just drops you back to free
By service I just mean access to paid
brisk bison
yeah i got that
boreal scarab
Think we're up to 33 anyway
31 was 23, 32 was 24, 33 is 25
knotty valve
31 was 23, 32 was 24, 33 is 25
Yea, oki
I forgot how many there's been so far lol
boreal scarab
Hrm, got a submit and a login page. I swear, this is turning into web pen and I hate web pen
lament tendon
Make up your mind, dang.
knotty valve
Looks fine lol
knotty valve
F neovim
frozen charm
:' )
lament tendon
F neovim? Neovim is goated.
frozen charm
btw m not able to set fancurves
frozen charm
F neovim? Neovim is goated.
any way to set legion fancurves on arch?
frozen charm
fan speeds
knotty valve
I mihgt know if you explain to me what you mean by fancurve.
Fan control
frozen charm
like legion vantage
lament tendon
fan speeds
Oh, right.
frozen charm
:' )
lament tendon
like legion vantage
There's a package called fancontrol, maybe that'll work for you?
knotty valve
lament tendon
My fan speed worked out of the box on base Arch, I did not install anything special for it.
It just goes up when how and down when not.
knotty valve
My fan speed worked out of the box on base Arch, I did not install anything spec...
They all do cause it's hard coded to the bios and that's normally typical effective speeds
frozen charm
didnt work
know wot gpt suggested?
allocate 30gb to windows and switch to windows and set the fancurves and return to arch for ur work
dual boot basically
knotty valve
Lmfao
frozen charm
lament tendon
Wat
frozen charm
:' )
slow cloud
Why not start with Ubuntu or mint then
sullen schooner
Why not start with Ubuntu or mint then
Cuz kali is just better
lament tendon
i really want to use linux as my daily driver
Are your fans not working at all?
frozen charm
Cuz kali is just better
mine is arch
sullen schooner
frozen charm
Are your fans not working at all?
they are
slow cloud
Cuz kali is just better
True but its not the best for daily driving imo
blissful current
Cuz kali is just better
frozen charm
Are your fans not working at all?
i just want to clean the sokaed heat
lament tendon
Danm, just let other people use what they want, why does it always have to be an argument?
frozen charm
True but its not the best for daily driving imo
:' ) my friend completed his osep on arch with exegol
yesterday he submitted the report
slow cloud
Danm, just let other people use what they want, why does it always have to be an...
Just asking questions bud
whole gazelle
Make up your mind, dang.
LMAOO 
frozen charm
didnt work
slow cloud
what exactly didnt work
slow cloud
didnt work
that gives a bit more info then this
lament tendon
didnt work
You first need to make a config file.
Read the wiki page.
It also has alternatives.
Like nbfc.
slow cloud
Read the wiki page.
The arch wiki is goated
frozen charm
lament tendon
Just check the wiki link, there's one section for most types of laptop, with different tolls you can try.
frozen charm
Like `nbfc`.
i tried nbfc at the first
frozen charm
Just check the wiki link, there's one section for most types of laptop, with dif...
yep
heady summit
i'm not even sorry but i can't help myself.. maybe if companies would give a shit about their product, then it might not be so ridiculously easy for me to crack them..
blissful current
sullen schooner
<:nopz:1248220838923079740>
Banned
sullen schooner
<a:banned1:751363034731249684><a:banned2:751363075621519410><a:banned3:751363102...
Asimovvv!
blissful current
heh?
mossy river
i'm not even sorry but i can't help myself.. maybe if companies would give a shi...
Please don’t discuss piracy here
gusty inlet
Please don’t discuss piracy here
frank hawk
Hello
May i ask if there is such thing as Free PT01 ?
like when you finished the Junior Penetration Testing Path
?
sick lance
There is no current free foucher for PT1.
alpine fossil
Y'all am I gonna get hacked when joining this server?
sick lance
No.
rapid merlin
Hi all,
Just getting started in the pentesting world, and I'm keen to get some hands-on experience through CTFs. My manager recommended them, so I went to join one yesterday, but it turned out I needed a team – which I don't have yet as a newbie!
Anyone got room for an eager learner on their team, or perhaps want to team up with another beginner? Let me know!
oak salmon
I know nothing about pentesting can I join?
crystal mauve
Hi all,
Just getting started in the pentesting world, and I'm keen to get some h...
Hi stuart, you don’t really need a team. There are plenty of walkthroughs on YouTube and #room-help is a great place to get help if you’ve gotten stuck. Joining Voice chat is also a good place to find team mates
safe oxide
Hi all,
Just getting started in the pentesting world, and I'm keen to get some h...
Hallo mate
sick lance
I don't think they meant on THM.
crystal mauve
Rly
sick lance
There is only one room on THM that required a "team" and that's closed.
rapid merlin
Yeah it wasn't for thm, the one I wanted to do was the nahamsec ctf this weekend
crystal mauve
Oh ic
Prob should go to nahamsecs discord, not sure if that material is pay walled
gusty inlet
I just started watching the documentary "cyber bunker" about the server bunker i...
Documentary's awesome.
crystal moss
Documentary's awesome.
yes it was really interesting...
dark grove
hi all correct me if I am the for openvpn ssh tryhackme@ ipaddress provided and the password to enter is tryhackme right ?
sick lance
hi all correct me if I am the for openvpn ssh tryhackme@ ipaddress provided and ...
Not always.
dark grove
Not always.
opps but i remember correctly back then so long i use openvpn the default password is always tryhackme did they changed it ?
sick lance
opps but i remember correctly back then so long i use openvpn the default passwo...
The default password of Tryhackme is only on a handful of machines.
Otherwise the CTF's would be easier if all the passwords were tryhackme.
dark grove
ok I am doing an easy challenge known as network services but when i ssh it prompted me for the password the problem is I dont know the password 😦
sick lance
Maybe you don't need to SSH?
Or maybe there is another form of authorisation required, such as a key.
boreal scarab
"The 5 Talking A.S.S. H.O.L.E. mouth indicators say horrible things via light. See the appendix for the color code to swear word translation."
dark grove
Or maybe there is another form of authorisation required, such as a key.
a key ?
dark grove
Possibly.
nope dont have I am stucked with this lab if I cant ssh as the lab mentioned to use openvpn 😦
sullen schooner
Y'all am I gonna get hacked when joining this server?
Scrubz has everyone's control. Probably has 3 backdoors in ur device too
queen flare
alpine fossil
Scrubz has everyone's control. Probably has 3 backdoors in ur device too
I'm not even kidding I tought I was gonna get hacked when I joined this
safe oxide
Hallo new
sullen schooner
I'm not even kidding I tought I was gonna get hacked when I joined this
Well this website is actually a dare. See the name "TryHackMe"
alpine fossil
Anyhow I REALLY want to learn whatever hacking stuff or computer things you learn here
sullen schooner
Don't join unless you want others to hack you
sullen schooner
Anyhow I REALLY want to learn whatever hacking stuff or computer things you lear...
Wait. You didn't come via website?
alpine fossil
I love to program with all my heart and made a gambling game at school 🤑
alpine fossil
So I joined like a thousand servers
alpine fossil
And click the website
My brother has tried it and it seemed fun
So I felt why not learning it
alpine fossil
I love to program with all my heart and made a gambling game at school 🤑
Sadly I didn't earn anything from people gambling on it 😔
blissful current
rapid merlin
Scrubz has everyone's control. Probably has 3 backdoors in ur device too
Really?
safe oxide
Hehee
hearty otter
if i have 2 arms, how many arms exist in the world
spice olive
if i have 2 arms, how many arms exist in the world
if i have one tounge, how many tounge exist in the world
hearty otter
if i have one tounge, how many tounge exist in the world
depends on situation
sullen schooner
: )
spice olive
depends on situation
hearty otter
why mad
hearty otter
absolute cinema
sullen schooner
hearty otter
bro saved the situation
tardy finch
i know there is first blood. is there such a thing as second blood or top ten blood?
rapid merlin
You can make your own game, and have such features
ocean sparrow
what is a good cybersec project idea that I can build on my own, I need my resume to standout with all the competition in this field 😭
rapid merlin
what is a good cybersec project idea that I can build on my own, I need my resum...
Device encryption
ocean sparrow
Device encryption
can u pls elaborate a lil sir
grim sparrowBOT
Done!
rapid merlin
can u pls elaborate a lil sir
What
rapid merlin
Do we have a room in how web crawlers are created
spice olive
Guys, I'm new to hacking. Should I start with Kali Linux?
rapid merlin
i meant on the device encryption idea, what will it do actually
You encrypt a hard drive of a device
blissful current
Any Linux Platform ...your choice
spice olive
Any Linux Platform ...your choice
people say kali linux is hard for new users
blissful current
Pretty much Same as any other Linux
spice olive
Pretty much Same as any other Linux
alright
blissful current
The ethical hacking tools might be the "tough" thing u mentioned for some
rapid merlin
i meant on the device encryption idea, what will it do actually
If somebody steals your device and your hard drive is encrypted, the data in the hard drive is encrypted and can't be read .
bleak quartz
people say kali linux is hard for new users
it's from the more friendlier side compared to others imo
blissful current
<:NotLikeThis:689847725969244171>
Can go for kali since it provides all the tools inbuilt ..if u don't want any sort of hassle afterwards of manual installations
spice olive
Can go for kali since it provides all the tools inbuilt ..if u don't want any so...
alright
blissful current
Not all but most ...usually used tools
flint badge
Hey, is anyone familiar with the task 2 on Snort "TryHackMe" ? I need some help to complete the question.
oblique loom
My current course is making me take the comptia A+ x.x
bleak quartz
Hey, is anyone familiar with the task 2 on Snort "TryHackMe" ? I need some help ...
I can
lets move to that tho
flint badge
bleak quartz
so scbruz police don't get angry
bronze eagle
When can we have server tag? So we are cool too
sick lance
so scbruz police don't get angry
Oh no, how dare I ask a member to move their conversation to a more apt channel.
oblique loom
Speaking of labs I haven't done one since Feb and I feel so rusty
rapid merlin
Oh no, how dare I ask a member to move their conversation to a more apt channel.
People get so annoyed at you for modding when you're a mod XD
its ironic aint it
bronze eagle
Speaking of labs I haven't done one since Feb and I feel so rusty
Hihihi thats okay :3 Resting is fuuuuuun
bleak quartz
Oh no, how dare I ask a member to move their conversation to a more apt channel.
Haha
bleak quartz
People get so annoyed at you for modding when you're a mod XD
I didn't mean it seriously
😭
oblique loom
Hihihi thats okay :3 Resting is fuuuuuun
Im not resting, just been too preoccupied with college and work x.x
rapid merlin
I didn't mean it seriously
It's everyday for him though, everyone does it to scrubz
bronze eagle
Im not resting, just been too preoccupied with college and work x.x
ahhhh slaving is sadge 😦
oblique loom
Current course is so boring it's grueling
It's like basic IT stuff kinda
A+ stuff
Only good news is if I get my A+ it also renews my security +
sick lance
So far, this DEFCON Badge CTF has: Web pen, cryptography, stegonography
Can it open wigle.net?
boreal scarab
Can it open wigle.net?
Yes, yes it can.
I was prob temp blocked from their site for trying to login too many times with failures lol
boreal scarab
That would be an account lockout, not IP.
You'd think so , but nope, on VPN i was able to sign into my account, so not an account lockout, they IP locked me out
boreal scarab
Cryptography done, flag acquired. new path opened up
unique phoenix
Is there any plans in the future on adding a button/option to disable the AI thingy?
split plover
Is there any plans in the future on adding a button/option to disable the AI thi...
What ai thingy bro?
unique phoenix
Echo, the things that "helps" you.
spice olive
Does somone know hackin
what is hackin
brittle siren
what is hackin
Hacking
blissful current
never heard of it
split plover
<:NotLikeThis:689847725969244171>
Hahah 🤣
brittle siren
blissful current
split plover
@brittle siren what is it buddy? You wanna learn hacking?
brittle siren
<@804389150362828882> what is it buddy? You wanna learn hacking?
Yes
split plover
Hmm... Interesting
split plover
I wanna hack hack this guy who stole my account and scammed me
🙂
blissful current
I wanna hack hack this guy who stole my account and scammed me
brittle siren
55$ account 
blissful current
contact police/Authorities/Cyber Crime Branches for it then
split plover
contact police/Authorities/Cyber Crime Branches for it then
Fr lol
brittle siren
contact police/Authorities/Cyber Crime Branches for it then
Tell me process idk how to
blissful current
Tell me process idk how to
search on google ...as per your country's laws and regulations and complaint filings
brittle siren
search on google ...as per your country's laws and regulations and complaint fil...
Tht guy isn't from country
spice olive
brittle siren
spice olive
Tht guy isn't from country
so he is from the ocean
blissful current
i mean u file complaint in ur own country first right?
then they'll handle the rest
brittle siren
so he is from the ocean
Idk he from china most porlly
mossy river
I wanna hack hack this guy who stole my account and scammed me
That would be illegal and against the community rules
wheat hare
Damn, I just missed seeing my rank at 6900 😅
mossy river
contact police/Authorities/Cyber Crime Branches for it then
Use the report commands to report rule breakers please
brittle siren
That would be illegal and against the community rules
spice olive
blissful current
Use the report commands to report rule breakers please
ah well, i keep forgetting that exists
next time will do
brittle siren
Use the report commands to report rule breakers please
U mean me
I don't know I broke the rule
rapid merlin
Damn, I *just* missed seeing my rank at 6900 😅
cool yet scary name
brittle siren
mossy river
Rule breakers is a collection
blissful current
Damn, I *just* missed seeing my rank at 6900 😅
u mean 6969*
wheat hare
u mean 6969*
That would've been even more epic! ( I mean "NICE" 😆 )
spice olive
🤖
blissful current
boreal scarab
FLAGS CAPTURED: 1/19
OH FUCK MY LIFE!
rapid merlin
FLAGS CAPTURED: 1/19
OH FUCK MY LIFE!
What are you up to ?
blissful current
What are you up to ?
DEFCON
boreal scarab
What are you up to ?
Doing, or attempting to do a CTF from DEFCON 31
blissful current
old one he's doing i think
idk , all the good stuff takes place in y'all countries
wheat hare
Sounds more exciting than "upgrading" Windows 10 to 11 tho
rapid merlin
2023 defcon
A part of me wants to try 😂
boreal scarab
I can also change the color of the lights, has to mean something....
rapid merlin
I can also change the color of the lights, has to mean something....
We had a question in tryhackme in a room about changing the colour of lights
It was a room that spoke about attacks towards physical end points
sand trench
Guys I started studying again! Yayy
congratz... remember to take notes and teach your rubber ducky
half badge
Got any good room recs abt cryptography? (Free cause this time period no money :3) Or challenge rooms?
half badge
congratz... remember to take notes and teach your rubber ducky
Tysm shadow is so kind always
last harbor
Got any good room recs abt cryptography? (Free cause this time period no money :...
I think I do
half badge
I think I do
Feel free to send!
blissful current
hmm...,Not bad PPLX
now i dont think i'll ever even get confused or forget the 7 layers of OSI in sequence lol
last harbor
Feel free to send!
U can do “cryptography basics”
half badge
U can do “cryptography basics”
Well yeah. Got any challenge rooms you'd recommend for cryptography?
blissful current
Well yeah. Got any challenge rooms you'd recommend for cryptography?
search on the site in challenge section , you'll get some
rapid merlin
I think after this red team room I'll do a blue
Mix it up a bit
Can we something similar on other browsers? "User-Agent Switcher and Manager"
blissful snow
purple
rapid merlin
The one that " gives you the ability to pretend to be accessing the webpage from a different operating system"
rapid merlin
maybe by making a Custom script? or perhaps an extension?
That is an extension but it’s for Firefox
I’m tired now
blissful current
That is an extension but it’s for Firefox
Custom scripts probably then
half badge
Guys for those of you who use obsidian is it reliable? Like if I lose a device all data lost?
Any cloud or option to transfer to usb?
blissful current
i think u can make backups and save the file in ur USB
half badge
Ty
slow cloud
blissful current
<:tipsfedora:662730883513450504>
kindred yew
Hello chat, long time no see.
blissful current
I have probably missed so many wallpapers
1
sand trench
Wallpaper of the day:
blissful current
or maybe 2-3
kindred yew
slow cloud
https://tenor.com/view/%D0%B9%D0%BE%D0%BA%D0%B5%D0%BB%D0%B5%D0%BC%D0%B5%D0%BD%D0...
Now look in the camera
blissful current
slow cloud
Nah i dont work for a government or any thing like it
bleak quartz
bleak quartz
😂
slow cloud
Guys for those of you who use obsidian is it reliable? Like if I lose a device a...
I use one drive to back them up but pretty much any storage solution will work since obsidian notes are pretty much just markdown files
half badge
Is it paid?
blissful current
Is it paid?
open source , free
twin ridgeBOT
Gave +1 Rep to @slow cloud (current: #99 - 80)
half badge
open source , free
Ahh okay
slow cloud
Maaaaybe
bleak quartz
Guys for those of you who use obsidian is it reliable? Like if I lose a device a...
Yes
slow cloud
Gave +1 Rep to **<@277357978493911050>** (current: `#99` - `80`)
Top 100
blissful current
Arch
slow cloud
5806 Archieroy
blissful current
windowns
slow cloud
We'll how will u guys know who's team you are on? We just scream we use arch
half badge
An obsidian vault on a github repo could perhaps work too? Maybe
slow cloud
We use arch as a battle cry goes kinda hard 
slow cloud
An obsidian vault on a github repo could perhaps work too? Maybe
As long as you can get the files on your own machine
blissful current
half badge
As long as you can get the files on your own machine
Yeah
slow cloud
I don't know if obsidian can fetch files from a repo. Probably not natively
We have pewdiepie
sand trench
I don't know if obsidian can fetch files from a repo. Probably not natively
one of the most common obsidian plugins integrates git
blissful current
slow cloud
one of the most common obsidian plugins integrates git
Oh damn, cool
Moving to git then
blissful current
slow cloud
Us archians have suffered enough through the install we can take on everything
ocean sparrow
If somebody steals your device and your hard drive is encrypted, the data in the...
thanks man
twin ridgeBOT
Gave +1 Rep to @rare galleon (current: #1898 - 2)
slow cloud
blissful current
slow cloud
i'll probably be getting cooked in the interview tomorrow
You'll be fineee, what are you interviewing for
Avarage member of your silly army ^
blissful current
You'll be fineee, what are you interviewing for
Apprenticeship as probably Analyst or Dev or something
in ANZ
slow cloud
Falls to their knees, barely able to speak, voice trembling:
"You… you’re stronger than I thought… But listen… that thing… it can’t be defeated… not by force… not by anyone…"
How can one defeat itself
slow cloud
the weirdest thing i have seen today
Its my dual boot
swift quail
nooooo!
shy vortex
Wassup everyone !
swift quail
IM BLIND
slow cloud
Wassup everyone !
Wasssaaaaa
swift quail
Wassup everyone !
warrap runescape 3
swift quail
I memorized where the keys were two seconds before you nuked my eyes from hannah montannah
blissful current
gonna be my First F2F Interview tho
nervous af already
crystal mauve
Wanna practice ?
blissful current
blissful current
Wanna practice ?
am off to sleep after reading thru Kubernetes and Qliksense's Docs
will see Tomorrow's shit Tomorrow
crystal mauve
How much soda did you drink
crystal mauve
am off to sleep after reading thru Kubernetes and Qliksense's Docs
will see To...
Good luck
boreal scarab
Wait, I refresh the page and the flag amount changes..... my head hurts
blissful current
Kome D. Luffy
swift quail
I think you can do both and win life altogether, I think it would be good mix.
Stand up comedy at night
blue teamin in the morning
last harbor
Wats happening here
blissful current
aight am off to sleep ...read enough ...will see in morning before the interview probably
Good night
slow cloud
Goodnight Goodluck tomorrow
boreal scarab
AHHHHHHHHH
@polar spoke I'm going insane, hashcat is not playing nice with me, can I DM you?
polar spoke
sup
boreal scarab
Have a hash, that I believe to be MD5, but no matter -m 0 -m 1000, still says there's no hashes
trim portal
Hello, may I ask if there is website you can recommend for almost like AI-tools to ask about excel formulae please?
I am sorry if my question is not topic related.
slow cloud
I think any of the ai tools can create excel formulas
Have not done it myself that much so cant vouch for any
trim portal
I found a small issue with a table with values coming from another sheet in the excel, and it keeps showing there are missing values despite I already input everything.
I asked but it couldn't answer..🥹
polar spoke
Have a hash, that I believe to be MD5, but no matter -m 0 -m 1000, still says th...
you cant get it to load the hash?
trim portal
And because I am not the owner of the files, I am clueless of what went wrong (yet I am expected to fix them since missing values can affect the graph)
But thank you for answering! 🥹
twin ridgeBOT
Gave +1 Rep to @arctic gyro (current: #1898 - 2)
slow cloud
The excel world championships are crazy
trim portal
The excel world championships are crazy
OMG, that exist?!
tight trout
mornin yall
trim portal
What does that mean if you don't mind me asking?
slow cloud
trim portal
Oh no no, I don't see Pookie as a flirting word.
sand trench
beautiful website: https://lrclib.net/
trim portal
Ok, I just checked. The formulae that seemed to be making the table on second sheet is not an official excel formula But I don't know how to carry on and search from there 😭
Interesting...
Thank you!! I will check them out now!!!
twin ridgeBOT
Gave +1 Rep to @umbral geyser (current: #1898 - 2)
sand trench
yeah they post open jobs on a few places when there are any
safe heart
has anyone here read Real-World Bug Hunting?
hearty otter
has anyone here read Real-World Bug Hunting?
no tell me about it
safe heart
no tell me about it
idk i might buy it lmfao
sudden pollen
Can someone tell me the best place to learn cyber security without going to school
safe heart
sad
safe heart
Can someone tell me the best place to learn cyber security without going to scho...
hack twitter
hearty otter
Can someone tell me the best place to learn cyber security without going to scho...
you should learn fundamentals first before crybersecurity
mit has public courses
sudden pollen
hack twitter
Is hack twitter a website ? Or
after learning fundamentals where should I go to learn cybersecurity
safe heart
you should learn fundamentals first before crybersecurity
my networking skills need to be improved 
sick lance
how was the application process until you landed to the job
It was good.
sand trench
Can someone tell me the best place to learn cyber security without going to scho...
https://tryhackme.com/
youtubers
cve proof of concept writeups
tons of hacker specific news sources
crystal mauve
you should learn fundamentals first before crybersecurity
U don’t have to, fundamentals can b boring
hearty otter
It was good.
damn, bro is talking like a politician 😭
hearty otter
my networking skills need to be improved <:animewave:661976096853590026>
improve it 🫢
hearty otter
U don’t have to, fundamentals can b boring
you can't skip things just cuz it's boring tho
i hate reading boring emails too but still do
safe heart
improve it 🫢
how
crystal mauve
you can't skip things just cuz it's boring tho <:kekw:658061932577816606>
Yeah you can
hearty otter
Yeah you can
if you have enough skills at it then yeah 😄
or money to pay people for doing it
safe heart
idk bro i am freshman 😢
i am junior
crystal mauve
You don’t have to know a single port and what it is to run an nmap scan
hearty otter
i am junior
sheesh how is it going
safe heart
sheesh how is it going
sophomore year is horrible goodluck
sudden pollen
hack twitter
What did you mean hack twitter
safe heart
What did you mean hack twitter
hack twitter
crystal mauve
Can someone tell me the best place to learn cyber security without going to scho...
Tryhackme teaches fundamentals, you’re at the right place
sudden pollen
does it teach like cybersecurity i don’t really care abt fundamentals
crystal mauve
does it teach like cybersecurity i don’t really care abt fundamentals
Yah basically skips the boring stuff after presecurity 101
safe heart
fundamentals is essential imo
crystal mauve
U don’t even need any extra tags for most ctfs
pallid lotus
U don’t have to, fundamentals can b boring
Yeah, this is really dumb advice.
naive violet
Fundamentals are fundamental, hence the name. They're a foundation to build on.
crystal mauve
U don’t need to memorize ports n networking cables to do ctfs
naive violet
They might not be interesting, but they're critical
crystal mauve
If he wants to jump in let him
sick lance
damn, bro is talking like a politician 😭
Are you thinking of applying?
stark sequoia
if you dont learn the fundamentals you will forever be a script kiddie
sick lance
It was good to meet the team.
pallid lotus
Hacking is about leveraging knowledge to make things do stuff they're not supposed to do.
It's a mastery of other forms of computer science.
If you don't understand those other forms, how tf do you expect to do anything?
naive violet
U don’t need to memorize ports n networking cables to do ctfs
Until you need to work out what to plug
Or what systems are out of scope
Or why you can't hit a target
stark sequoia
U don’t need to memorize ports n networking cables to do ctfs
sure but you need to know what they are to look them up if needed
pallid lotus
Learning also != Memorising
crystal mauve
Until you need to work out what to plug
Or what systems are out of scope
Or why ...
He’s gonna be using a walkthrough likely , no noob is gonna correctly enumerate and find an exploit on their own
pallid lotus
He’s gonna be using a walkthrough likely , no noob is gonna correctly enumerate ...
Yeah, and you'll stay a noob if you don't understand what you're looking at lmfao
crystal mauve
No it’s called practice - u learn while working and learning
naive violet
He’s gonna be using a walkthrough likely , no noob is gonna correctly enumerate ...
Well, why not? Because they keep skipping the fundamentals!
HTB's style of easy where it's find software, find version, find exploit, pop is the baseline that you should have before jumping in
crystal mauve
He’s not applying for a job lol
naive violet
does it teach like cybersecurity i don’t really care abt fundamentals
You need to care about the fundamentals.
Pleasr take this advice from people in the Industry and involved in hiring processes etc
crystal mauve
He’s trying that have fun
pallid lotus
No it’s called practice - u learn while working and learning
Learning to break stuff without understanding how it works is like building a castle on sand.
It won't go well.
You need to understand the fundamentals before you can be remotely good at your job.
If you can't build it, you shouldn't be hacking it.
naive violet
He’s trying that have fun
It's more fun when you know how stuff works...
Whole hacker mentality is knowing how stuff works
sudden pollen
You need to care about the fundamentals.
Pleasr take this advice from people in ...
I said I don’t really care cause I’ve already leaned fundamentals
crystal mauve
Stop trying to push people to learn A+ material when they just wanna run a friggin scan
naive violet
You're the one that said A+
stark sequoia
is this ragebait?
crystal mauve
It’s silly , they will get to learning the fundamentals if they find a passion for it
sand trench
A hacker embodies a boundless passion and insatiable thirst for understanding the complexities of a system, computers and networks in particular. They revel in the pursuit of knowledge and mastery, constantly seeking new solutions and opportunities for growth. Their drive and innovative spirit inspire and are inspired by the hacker community, where ideas and knowledge are freely shared and valued regardless of their origin.
--Silk
naive violet
I said I don’t really care cause I’ve already leaned fundamentals
Don't skip them. It'll be quick if you already know them.
Foundations and fundamentals vary between fields
pallid lotus
It’s silly , they will get to learning the fundamentals if they find a passion f...
Again. Castle on sand. No point in skipping ahead.
If you don't know what you're looking at then you're not really hacking. You're just running tools, or following someone else's path.
sand trench
shadow is feeling stupid as they can't figure out how to set a specific browser as default on arch linux
stark sequoia
It’s silly , they will get to learning the fundamentals if they find a passion f...
think about it. If youre just using the tools then.... what are you learning? Theres literally 0 thinking involved and just running a bunch of commands you had laid out to you. That aint fun
hearty otter
Are you thinking of applying?
Yeah why not
pallid lotus
That's very different from how it feels when you actually know what you're doing.
crystal mauve
think about it. If youre just using the tools then.... what are you learning? T...
Using the tools u can learn to understand them ? lol
naive violet
shadow is feeling stupid as they can't figure out how to set a specific browser ...
Not xdg?
patent falcon
anyone knows a good alternative for the vuln machine of the book hacking the art of exploitation?
stark sequoia
Using the tools u can learn to understand them ? lol
no you wont, you never will becaues they abstract the concepts from you
then you wont be able to understand why something went wrong.
crystal mauve
Do you guys sit and real every manual before playing a video game or do u actually play it n get good ?
sand trench
Not xdg?
well yeah but apparently shadows xdg entry is blocked as they set the $BROWSER variable but the variable does not work currently... gonna try commenting it out and then reloading window manager after the stream shadow is watching is over
stark sequoia
Do you guys sit and real every manual before playing a video game or do u actual...
can you make video games by just playing games?
or do you understand how game engines work?
rapid merlin
Unless you just copy a walkthrough
Hey scrubz I'm learning traceroute. It says "traceroute command traces the route taken by the packets from your system to another host" Could it be traced back if the packet is caught. Can I find someone from the packets sent in
crystal mauve
He’s not trying to learn to be a programmer he wants to hack a box
sand trench
Hey scrubz I'm learning traceroute. It says "traceroute command traces the route...
don't see why not as your ip will be the orginating ip for the traceroute package
crystal mauve
or do you understand how game engines work?
No lol
rapid merlin
I went to lay down and my kid saw it as a challenge to wrestle.
pallid lotus
Using the tools u can learn to understand them ? lol
If I tell you to run an nmap scan on port 2893, can you tell me what actually happens when you do it? Can you tell me how that service works, how it's deployed? Can you take me through the network flow, and ascertain how that infrastructure works?
Without that, you're a script kiddie. Nothing more.
Also, cyber security isn't a game smh
last pewter
Hey scrubz I'm learning traceroute. It says "traceroute command traces the route...
Yes and yes
sand trench
thanks for confirming shadow is a script kiddie muiri
rapid merlin
don't see why not as your ip will be the orginating ip for the traceroute packag...
Thanks
twin ridgeBOT
Gave +1 Rep to @sand trench (current: #4 - 2150)
pallid lotus
thanks for confirming shadow is a script kiddie muiri
Yw. Go learn networking lmao
crystal mauve
If I tell you to run an nmap scan on port 2893, can you tell me what actually ha...
U think he or anyone needs to know all that to get their feet wet using basic tools ? No he’s starting off he’s not trying to apply for a pen tester position
pallid lotus
U think he or anyone needs to know all that to get their feet wet using basic to...
Yes. I absolutely do.
Because that's the foundation of hacking. Not the tools. Not the CTFs. That.
sand trench
Yw. Go learn networking lmao
well will go back to uni after shadow has gone through enough treatment to not feel like a depressed potato with the anxiety of a bun bun
rapid merlin
Idk, i kinda see it from both perspectives, basics and fundamentals are definitely needed, but if you don't start with some of the fun stuff and get some context of why it matters and build some interest, stuff can maybe get a bit boring and you can hit a wall just studying theory
stark sequoia
glossy mural
Ro Bot Rock
pallid lotus
I remember adding this lmao
last pewter
Learning the theory before using tools is always good though. Sure you can do both at the same time; i like splitting my sessions into 3 parts. Theory for an hour, beef up my computers defenses 30mins, do fun stuff and apply what i learned for an hour.
rapid merlin
well will go back to uni after shadow has gone through enough treatment to not f...
Completely relatable to be honest. Treatment doesn't work on me, sadge.
Uni also expensive
sick lance
Hey scrubz I'm learning traceroute. It says "traceroute command traces the route...
Somebody could find you, but unless you have higher access,.you won't find anything concrete
sand trench
eeeeh the most expensive part of uni here is the books we have to get to read and study
crystal mauve
I did walkthroughs n basic ctfs for months then realized I need to learn the fundamentals. But starting off just diving in and using tools got me to the point in taking web security , networking , etc much more seriously. But if it wasn’t for aimless nmap scans I would not have become motivated to get there
sand trench
as shadow has stable housing and decent bit of dinner food options
rapid merlin
Somebody could find you, but unless you have higher access,.you won't find anyth...
I mean can I reverse them finding me with the tracerroute.
pliant cairn
just a quick question - is there an SSTI room/CTF on THM? i know there are but searching gave me unrelated.
rapid merlin
I dont know if Im even making sense. I've only powered up a brain cell. The rest of me is in another universe.
narrow bone
Yes. I absolutely do.
Because that's the foundation of hacking. Not the tools....
Jep i feel that 100%
I am preparing for the Network+ for some weeks now and my view has totaly changed. Things get way easier once i started to truly understand everything around and with networks
stark sequoia
i feel like when it comes to CTFs you either know what you are doing or copy commands then completely forget about the solution. Theres not much learning going on unless you do both the theory and a practical example. Thats how it should be done for beginners
sick lance
I mean can I reverse them finding me with the tracerroute.
They would be like a MiTM, so probably not
rapid merlin
I did walkthroughs n basic ctfs for months then realized I need to learn the fun...
I did fundamentals first before anything else I think.
sand trench
shadow built birdhouses first
rapid merlin
They would be like a MiTM, so probably not
Okay, I see.
crystal mauve
Idk, i kinda see it from both perspectives, basics and fundamentals are definite...
Yep
pallid lotus
They would be like a MiTM, so probably not
Eh?
pliant cairn
i see some chatter on traceroute. So, just to add. Its over the protocol called ICMP. mainly just to discover network hops and nothing other than that. well there are similat tools like tcpping and other protocols that do the similar thing but more or less, if you made a request you are supposed to receive a response so, the packets have to know where to reach to. So, yeah someone can trace back to you 🙂 @rapid merlin
pallid lotus
End of the day, as far as your router is concerned, it's just been pinged.
sick lance
Wrong direct.reply.
crystal mauve
If I tell you to run an nmap scan on port 2893, can you tell me what actually ha...
And yeah that would be what someone could answer if they had in depth knowledge , but if you’re NEW to cyber security you will be running BASIC scans on EASY machines , where stuff is EASY to find
pallid lotus
So, yes, the originating IP will be in your firewall logs, assuming the firewall records that stuff.
inland moon
Can i u guys something
pallid lotus
But you're not going to see all the way back.
sick lance
So, yes, the originating IP will be in your firewall logs, assuming the firewall...
Bold to assume. 😄
pallid lotus
Just the source address. Not the route it took to get to you.
pallid lotus
Bold to assume. 😄
I run OPNsense. It's beautiful
pliant cairn
people might have missed my question - any rooms/ctf on THM for SSTI?
searching didnt help
inland moon
Can i u guys something
Is it possible to hack using mobile phone?
sand trench
shadows ip is 127.0.0.1 most of the time
sick lance
I run OPNsense. It's beautiful
The average user doesn't.
pliant cairn
shadows ip is 127.0.0.1 most of the time
damn same. can 2 people have same IP addresses. 🤓
sand trench
damn same. can 2 people have same IP addresses. 🤓
yes if they are on NAT:d networks
sick lance
damn same. can 2 people have same IP addresses. 🤓
Can they? Yes.
Should they? No.
pliant cairn
I run OPNsense. It's beautiful
superior than Palo alto. #hottake
sand trench
2 different nat:d networks thatn is
rapid merlin
i see some chatter on traceroute. So, just to add. Its over the protocol called ...
So it does leave some sort of pathway back to them? So TECHNICALLY speaking. Could I find my way back to the attacker through that or would I utilise another method to reverse it.
pliant cairn
2 different nat:d networks thatn is
ofcourse im just kidding
sand trench
well you can have fun denial of service if you accidentally set the ip:s to the same number on two computers inside one network
been there done that
pallid lotus
And yeah that would be what someone could answer if they had in depth knowledge ...
If you're new to cyber security then you should already have a good knowledge of computer science -- which all that stuff comes under.
Cyber security is the expert application of other forms of computer science. In itself it is not -- and should not -- be entry level.
For the record, you're not being shot down for no reason. Teaching people tools without understanding is dangerous. Chances are they're gonna hit something they shouldn't hit, which won't end well for anyone.
pliant cairn
So it does leave some sort of pathway back to them? So *TECHNICALLY* speaking. C...
route? no. destination. yes. if there were artifacts left by an attacker. like logs. then we can see the destination the data exfiltrated or just connection made to the machine you are testing on.
pallid lotus
So it does leave some sort of pathway back to them? So *TECHNICALLY* speaking. C...
You wouldn't "reverse" anything. All you would see is an ICMP / UDP packet from the original IP.
Which may or may not belong to the attacker.
crystal mauve
If you're new to cyber security then you should already have a good knowledge of...
Where do u draw the line tho, oh don’t use a rustscan unless you understand how rust works!?
stark sequoia
shadows ip is 127.0.0.1 most of the time
mine is localhost 😎
sand trench
during gymnasium years as a project shadow had to setup a server and some clients and accidentally duplicated a static ip... took about 45 mins of troubleshooting to figure out that was the cause
rapid merlin
If you're new to cyber security then you should already have a good knowledge of...
"Not extry level" Yep. I started in cyber and that's why it was so painful 😂
pliant cairn
Which may or may not belong to the attacker.
most of the time not attacker's XDXD
rapid merlin
You wouldn't "reverse" anything. All you would see is an ICMP / UDP packet from ...
Okay Thank you
twin ridgeBOT
Gave +1 Rep to @pallid lotus (current: #10 - 882)
sick lance
Which may or may not belong to the attacker.
So why did you say "eh" to me.
rapid merlin
route? no. destination. yes. if there were artifacts left by an attacker. like l...
Thanks
pliant cairn
"Not extry level" Yep. I started in cyber and that's why it was so painful 😂
it will be very fun. cyber is what we all enjoy here
pallid lotus
Where do u draw the line tho, oh don’t use a rustscan unless you understand how ...
Function rather than implementation. Don't use rustscan unless you understand:
- Fundamentally what a port scanner does
- How rustscan functions
- The legalities behind scanning stuff on the internet.
Rustscan actually being a very good example there because it's designed to be fast at the expense of safety.
i.e. it's a bad choice irl
sand trench
shadow has some understanding of networks and networking but there is huge gaps in their knowledge
some of which is unknown unknowns
some of which are known unknowns and so on
crystal mauve
If you're new to cyber security then you should already have a good knowledge of...
Also platforms like thm bridge that gap allowing new users to be introduced to those tools in a safe environment? It’s the entire point of them , there’s a friggin module called PRESECURITY
stark sequoia
its okay as long as you know what you dont know so you can look it up when needed
steady pewter
Hallo everyone.
sick lance
Eh, I just stick with nmap.
pallid lotus
Also platforms like thm bridge that gap allowing new users to be introduced to t...
Yes, and that isn't necessarily a good idea.
When THM started it catered primarily to cyber security / comp sci students. These days it's marketed at people with no technical knowledge at all.
The fact it exists doesn't inherently mean that's sensible.
sick lance
I'm not impatient enough 😄
crystal mauve
i.e. it's a bad choice irl
It works great for beginner ctfs tho
pallid lotus
It works great for beginner ctfs tho
And that is exactly my point. It's great for CTFs, but if you don't understand the nuances of what it's doing, you're going to end up damaging something when you start working IRL.
Which is why it's so important to not skip over that stuff when you're learning it in the first place.
rapid merlin
definitely agree with those points
pallid lotus
Just generally speaking there are times when a portscan is not a good idea, period. If you can't recognise those and just blindly scan everything then, again, you're going to cause problems.
steady pewter
yeah..rustscan is good for speed and CTFs, but..it tends to be..overly agressive at times.
sand trench
still prefer nmap due to how many options it gives you for optimising for stealth vs speed and harmful vs safe scans
sand trench
check the nmap unsafe scripts
pallid lotus
So, yeah, if you're treating CTFs like a game, and have zero intention of ever going into industry or otherwise applying what you've learned in the real world, sure, dive straight in. No problem with that.
sand trench
there you go
crystal mauve
I think u have a tough time separating IRL reckless practices with what’s actually being done via thm
rapid merlin
I just feel like if you take a complete rookie and force them to go really in-depth in networks or something like that for a long time, without any prior context, quite a bit of people will be thrown off the bus
pallid lotus
What's an example of a scan being harmful?
Certain networking appliances, some lights out software, and a lot of old OT stuff really doesn't like being scanned.
i.e., it falls over.
crystal mauve
So, yeah, if you're treating CTFs like a game, and have zero intention of ever g...
Thank you
twin ridgeBOT
Gave +1 Rep to @pallid lotus (current: #10 - 883)
pallid lotus
I know a guy who took out an oil rig mainframe that way.
sand trench
welp that is a big problem
warm grotto
Certain networking appliances, some lights out software, and a lot of old OT stu...
Ah, so just a simple nmap scan in some cases can end up causing a Denial of Service?
pallid lotus
welp that is a big problem
Yep. Thing ran for 30 years straight with no problems until rookie threw nmap at it
pallid lotus
Ah, so just a simple nmap scan in some cases can end up causing a Denial of Serv...
Yeah
sand trench
yuups
crystal mauve
What's an example of a scan being harmful?
I’ve heard if u run a scan on an fbi website it’s an auto felony , this true @pallid lotus ?
sick lance
Ah, so just a simple nmap scan in some cases can end up causing a Denial of Serv...
Yeah.
pallid lotus
Thank you
Point being: if you're telling people to do that, make that abundantly clear.
crystal mauve
Point being: if you're telling people to do that, make that abundantly clear.
Okay agreed
wheat hare
Nice. 2 hrs later my "upgrade" from Windows 10 to 11 is complete...
pallid lotus
I’ve heard if u run a scan on an fbi website it’s an auto felony , this true <@6...
Check local laws. That'll be an American thing if so.
Different countries have different opinions on that.
sick lance
Nice. 2 hrs later my "upgrade" from Windows 10 to 11 is complete...
Wow
That was ages.
pallid lotus
Rule of thumb is that it's much safer to just not touch anything you've not been given express permission to touch.
sick lance
I can't remember how long mine took, but it wasn't 2 hours.
sand trench
rule of thumb send anonymous tips to the CIA if you live in the usa
warm grotto
Interesting. Good to know. I guess that makes sense thinking back to Highschool. We had thin client linux boxes for login and sometimes when we'd be in the computer lab, I found out when you nmap'd one of the logged in clients' IPs, a black bar with white text would pop up at the bottom saying random crap sometimes. Found it funny at the time because one of the things said was "HELP", but now that you mention it, that does make sense. Things can respond in ways not especially understood.
rapid merlin
Man you guys kinda making me a little bit nervous haha
I did a short internship a while ago as a kinda cyber analyst/it-support in a small/medium company and did a port scan
wheat hare
Wow
That was ages.
lol yeah, A couple years ago when I did it, it didn't take too long at all. But I didn't like 11 at all so I switched back to 10. I think there have just been a bunch more patches to the OS since then that made it take so long.
woeful rock
pallid lotus
Man you guys kinda making me a little bit nervous haha
You should be. Again, this isn't a game. A cavalier attitude to security will -- sooner or later -- bite you in the arse
safe heart
I had asked for permission though
no
pallid lotus
I hope nothing went out of service 😂
You'd know if it had
I wouldn't worry about that specifically 😂
rapid merlin
You'd know if it had
Yeah i figure aswell 😄
pallid lotus
Even if you didn't catch the error, you'd have an angry sysadmin yelling at you very quickly.
pallid lotus
i inject fsociety.bat on my pc and it got ratted
That sounds like a FAFO situation
Play stupid games, win stupid prizes 🤷♂️
safe heart
That sounds like a FAFO situation
i watned to be like mr.robot
yeah how do i download opsec
wheat hare
lol yeah, A couple years ago when I did it, it didn't take too long at all. But...
Also, I'm not sure how realistic of a possibility that the hardware of my aging computer contributed to the time it took to switch the OS, but I can't help thinking it did.
sand trench
have a good din din muiri
safe heart
On that note, I'm going for dinner.
yum
crystal mauve
On that note, I'm going for dinner.
Provecho
pallid lotus
have a good din din muiri
Please never say that again
sand trench
aaaand fixed the setting browser problem
that was a lot easier then shadow expected it to be
gusty inlet
I just came back from scrolling and reading an hour of chat to see Manner's and Muiri's conversation.
crystal mauve
lol
what do u think dkob? fooolish to start running scans before knowing the background and its noise?
gusty inlet
what do u think dkob? fooolish to start running scans before knowing the backgro...
I stayed awake until 4Am yesterday just to know EXACTLY how AS-REP works. I already knew but I wanted to deep dive in it. Like very deeply. And after looking at exactly what's inside the rep blob and as well as the enc_part, I totally and definitely understand Muiri's point. It's just another level when you actually understand what's happening. Not only does this help you break things, but also find mistakes. I found a mistake in the AD section of THM when it comes to AS-REP.
But yeah if someone just wanna be here for the fun of it, sure get directly into CTF but maybe make sure that that's what they're here for. Most people want to become good I'd like to assume so better tell them not to skip.
@pallid lotus Generally speaking do you think going this deep will help my journey into red teaming?
pallid lotus
<@650476435269484549> Generally speaking do you think going this deep will help ...
Depends what you're doing. For most red team roles, yes, 100%
crystal mauve
I stayed awake until 4Am yesterday just to know EXACTLY how AS-REP works. I alre...
true they did ask about cybersecurity, not ctfs
gusty inlet
Gotcha thanks helps a lot! - @pallid lotus
For context I saw that the course on THM mentioned that the AS-REP had the TGT and gave back as well the session key... But I thought there must be something more. Turns out it doesn't give the "session key" but actually the enc-part which holds it.
steady pewter
Is this like..ooh, I see..kerberos.
gusty inlet
Yeah but it is super generalised. To be fair it was an introductory course but it's still inaccurate information.
I was looking at AS-REP Roasting deep dive using Black Hat USA 2014 PPT material and I thought that there must be more... and indeed there was.
steady pewter
yeah, Roasting is a bit tricky...
gusty inlet
IMO the easiest AD Account attack.
steady pewter
What can I say? I'm not very fluent in AD.
gusty inlet
Oh gotcha no worries.
jovial mountain
Good evening to all
steady pewter
Good evening to all
Good Afternoon.