I'm having 0 luck, I know Toast is great with modern jets, so called in the expert
#general
boreal scarab
cosmic pendant
I think it's like AI made
boreal scarab
confused American noises
gritty fern
@boreal scarab Linux can blue screen now, how will you survive
cosmic pendant
it's closeish to a Grippen, but that wing structure isn't a thing
slender scaffold
*confused American noises*
:[
echo ruin
crazy huh?
boreal scarab
<@214547132231843840> Linux can blue screen now, how will you survive
How will I survive? by breathing. How will IT survive? It wont!
gritty fern
Lmfao
echo ruin
<@214547132231843840> Linux can blue screen now, how will you survive
I make it orange
so it won't be bluescreen
echo ruin
boreal scarab
so it won't be bluescreen
Trust me, I'll make it blue!
boreal scarab
it's closeish to a Grippen, but that wing structure isn't a thing
Thank you 😄
twin ridgeBOT
Gave +1 Rep to @cosmic pendant (current: #42 - 227)
chilly veldt
looks to be a b1 or f111 that has been modified
cosmic pendant
So Far I think it's made up
echo ruin
oh these are those gundams you piece together? (I think I saw other stuff but that's what I recognize)
cosmic pendant
looks to be a b1 or f111 that has been modified
it's neither
echo ruin
Trust me, I'll make it blue!
My machine, my choice!
cosmic pendant
F111 with Canards isn't too far off
about at close as a Grippen
but ... I think those are made up
pseudo crown
How do I learn cybersecurity from scratch
slender scaffold
oh these are those gundams you piece together? (I think I saw other stuff but th...
Yah among other figures. Just fun in general :3
chilly veldt
front small wings are generated from something else, rest resembled a FB-111A
echo ruin
How do I learn cybersecurity from scratch
you first invent the universe
boreal scarab
ripe sleet
How do I learn cybersecurity from scratch
Pick something that you fancy and then follow that path
echo ruin
Yah among other figures. Just fun in general :3
is that your collection?
cosmic pendant
hmm
winged nimbus
I think it's like AI made
yea it has to be
can't even find the source image
boreal scarab
lyric ermine
So i recently finished the JWT room, is there also a room more about JWK and JKU?
cosmic pendant
The cloest thing would be that f8-111 concept that bella linked mixed with a Eurofigther
It's a Hybrid plane!
boreal scarab
It's a problem child!
echo ruin
it seems like that plane with the opening wings
and that's all my knowledge
glad I could help
winged nimbus
this could mean its art
echo ruin
the painting is too consistent tho
cosmic pendant
it seems like that plane with the opening wings
the wings base would be further forward, but good thinking
winged nimbus
ill see if i can make it readable
echo ruin
the wings base would be further forward, but good thinking
also that yeah
I would say I should play more war thunder but I won't grind that sh#t
cosmic pendant
I would say I should play more war thunder but I won't grind that sh#t
Good thought, avoid that at all hazards 😄
boreal scarab
Good thought, avoid that at all hazards 😄
Instructions unclear. Snail has credit card.
cosmic pendant
LOLOL
echo ruin
One of my friends showed me the current prices of the new packs
or packs overall
like
wtf
who tf pays like 50-80 euros for a fricking plane/ship?
you don't even get much else for it
tight trout
who tf pays like 50-80 euros for a fricking plane/ship?
DCS players must be sweating rn
winged nimbus
DCS players must be sweating rn
but the dcs planes are actually worth that amount of money
war thunder aircraft aren't
cosmic pendant
DCS near realistic Full Simulation for 80..... or war thunder..
echo ruin
afaik DCS planes are pretty well made and accurately functional overall
tight trout
i spent 1K on my HOTAS 😭
boreal scarab
Ospen?
chilly veldt
oopsie, that's what happens when you write papers
winged nimbus
echo ruin
(it's still slow af I'll have to do sth with it but idk what)
echo ruin
Orpex?
boreal scarab
Ospex or Orpex
ripe sleet
Isn't the second character what the s is in cursive?
prime umbra
Damn
winged nimbus
4th one might not be an e
echo ruin
4th one might not be an e
I think it is
winged nimbus
can't find anything
ripe sleet
Supposedly ospex was a nasa article
winged nimbus
Supposedly ospex was a nasa article
yea
echo ruin
And they used a Cursive watermark?
intersting choice
not impossible
I just remembered
I have like
winged nimbus
i don't think this has to do with nasa
echo ruin
2 weeks to finish half of a cisco certificate
prime umbra
Tryhackme .com so much shit excuse my language
boreal scarab
Man, I'm great at OSINT, and this is kicking my ass
Call it AI generated and blame @clear jackal for the headache
prime umbra
Man, I'm great at OSINT, and this is kicking my ass
My head is gonna explode
echo ruin
Call it AI generated and blame <@192459637679849481> for the headache
Sounds like a plan
echo ruin
Tryhackme .com so much shit excuse my language
git gud
prime umbra
How long is this not trying to teach me C++
echo ruin
tf you talkin about?
prime umbra
tf you talkin about?
Shhhh
echo ruin
Since when does thm has Cpp course? lol
Did I miss a page? (it's entirely possible I haven't done anything related to the site since I probably joined here)
echo ruin
How long is this not trying to teach me C++
also cpp is easy
except the part about {...}
but you'll get used to it
boreal scarab
May have an idea...
echo ruin
May have an idea...
about the signature or about the other three topic that came up since? 
boreal scarab
Plane
winged nimbus
Man, I'm great at OSINT, and this is kicking my ass
more than likely AI
clear jackal
Call it AI generated and blame <@192459637679849481> for the headache
Not sure what I am being blamed for, but that looks like a z
Oz
boreal scarab
I would agree, but this gif was made in 2020
clear jackal
Also, those aircraft look like Saab Viggen
echo ruin
I mean photoshop and blender still exists
echo ruin
Also, those aircraft look like Saab Viggen
the car or the plane? 
winged nimbus
it has to be photoshoped f-111
clear jackal
It could also be a screenshot from Tom Clancy's Hawx
prime umbra
also cpp is easy
Free learning, I’ll take
slender scaffold
Man, I'm great at OSINT, and this is kicking my ass
What is
prime umbra
I’m just trying to figure out when it’s gonna start telling me to pay
boreal scarab
Also, those aircraft look like Saab Viggen
Nope
prime umbra
Nothing free entirely
clear jackal
The paint scheme looks like it's from a video game
boreal scarab
Wings aren't doritoed
distant gazelle
Nothing free entirely
That’s true
On the free thm plan you don’t have access to attack box and you dont get some rooms
clear jackal
Nope
Duh, I was hyper focused on the conards
I wasn't paying attention to the back lol
slender scaffold
@boreal scarab Amaigad look at this giant chicken!!
boreal scarab
<@214547132231843840> Amaigad look at this giant chicken!!
slender scaffold
Nuuuuu
echo ruin
Nope
the front of a viggen the wings of a tomcat and the tail of whatever
That"s my guess
a redneck fighter
dense hollow
i have phishing email here, but without any links or downloadable files
echo ruin
echo ruin
i have phishing email here, but without any links or downloadable files
they fed the fish but forgot to bring a rod
boreal scarab
Yah, think it's 3d rendered
dense hollow
i have ip address of sender and on virus total is connected with one RAT winrar exe file
prime umbra
i have phishing email here, but without any links or downloadable files
What the hell
dense hollow
is there some other way to trigger the possible link or file?
dense hollow
i cant
prime umbra
Oh, that’s just evil
mossy river
Don't post IP addresses here @dense hollow
copper ravine
Send screen shot
dense hollow
aa soryy
prime umbra
don’t do nothing crazy here
prime umbra
Do all that practice outside of this server
bleak quartz
mossy river
If you don't know what you're doing, I'd suggest you leave it alone
echo ruin
Don't post IP addresses here <@450388347072937985>
you've been watching us the whole time? 👀
mossy river
you've been watching us the whole time? 👀
You're on my right monitor permanently
bleak quartz
You're on my right monitor permanently
crazy work
echo ruin
You're on my right monitor permanently
Thank you for the designated position, it means a lot 
twin ridgeBOT
Gave +1 Rep to @mossy river (current: #6 - 1625)
prime umbra
Jabba bot I need ur help
tight trout
wait jabba figured out how to have multiple discord windows open
prime umbra
wait jabba figured out how to have multiple discord windows open
You can be in multiple places at once it’s not hard. It’s called different devices.
mossy river
Jabba bot I need ur help
Hm?
mossy river
You can be in multiple places at once it’s not hard. It’s called different devic...
Or just open a bunch of chrome tabs with Discord 😆 I'd say that's the easiest
prime umbra
I can be in four discords at one time
echo ruin
You can be in multiple places at once it’s not hard. It’s called different devic...
It's actually called superposition
prime umbra
Or just open a bunch of chrome tabs with Discord 😆 I'd say that's the easiest
Yeah, that too you talking about the same account???
mossy river
Yes
echo ruin
I can just ask chatGPT to act like me
ripe sleet
Random question, but ever had waffles and icecream
echo ruin
and you won't be able to tell the difference
ripe sleet
That's what I usually get at diners
echo ruin
sounds good tho
I would probably still want some kind of syrup for the waffle
at least a tiny amount
to cover it properly but it might be because the only waffle that comes to my mind rn are the ones that are out since yesterday and at least half-dried
i go slep
I'll be back in like 1.5 yrs
bye
prime umbra
prime umbra
I was on Major league but they were so dead
steady pewter
Hallo everyone
tight trout
Hallo everyone
hullo!
steady pewter
Hullo is a village on the fourth largest island of Estonia, Vormsi, in Lääne County, Estonia. It is the administrative centre of Vormsi Parish.
mortal ether
oh, you passed the exam? Congrats man!
pseudo crown
How do I learn cybersecurity from scratch
civic barn
been looking mad long
idk what im looking for this my first time using wire shark
ripe sleet
I just thought of another thing to try. If you ever have a pill that's harder to swallow. Drink some sort of liquid like water or something and then use your tongue to push the pill towards your esophagus. Whipped Cream also works too.
brisk ore
been looking mad long
idk what im looking for this my first time using wire shar...
What does the hint say?
civic barn
What does the hint say?
look for the password they entered
but i have no idea what im doing
i was looking for something that started with THM{
tight trout
I just thought of another thing to try. If you ever have a pill that's harder to...
i have to drink water for each pill i take in the morning... there's 5 of them 
i suck at taking pills
civic barn
do i look under the packet info
brisk ore
do i look under the packet info
Can you link the room?
ripe sleet
i have to drink water for each pill i take in the morning... there's 5 of them <...
I've been taking pills since like 4 years old. I take like 4 in the morning and 3 at night
rapid merlin
Random question, but ever had waffles and icecream
yea
brisk ore
I think I have done this one but I kinda forgot the background to it
twin rain
ripe sleet
Couldn't you display the TLS packets using a filter?
gusty inlet
oh, you passed the exam? Congrats man!
Yup - and did a huge review of it.
hidden badge
|| why do active directory rooms just stop working the second I am about to get a flag 😭||
mortal ether
Nice, will definitely check that out later
ripe sleet
been looking mad long
idk what im looking for this my first time using wire shar...
You could search for HTTP POST request method packets as well
mortal ether
btw, a tip for swallowing pills... don't lean your head back too much. Instead lean forwards slightly
makes it easier to swallow pills
that's the NHS saying this btw, not me. I'm not a doctor by any means
ripe sleet
Some of the bigger pills are a pain though. You really have push it with another liquid
tight trout
Some of the bigger pills are a pain though. You really have push it with another...
when i was younger i used to have to dissolve pills in water or something and take it that way
ripe sleet
when i was younger i used to have to dissolve pills in water or something and ta...
Oof
rapid merlin
Some of the bigger pills are a pain though. You really have push it with another...
afeel like it kinda him or eave or alfe and see is ra, tv on the trolley and that
brisk ore
also I just randomly went back to the wireshark basics room
It just tried crediting me for completing the room two additional times 💀
I don't think it counted fortunately but a weird bug regardless
round onyx
I has awaken
ripe sleet
I know I mentioned this, but whipped cream is a good way of doing it. Because you put the whipped cream in your mouth (I know this sounds hella sus but it's not). And then what you do is put the pill in and swallow it
tight trout
I has awaken
haiiiiii zombie
ripe sleet
I has awaken
Hello 
tight trout
I know I mentioned this, but whipped cream is a good way of doing it. Because yo...
i'll have to keep this in mind if i have to take any bigger pills
tight trout
right now the ones i take aren't horrible, just the spiro isn't coated and it sucks
mortal ether
look for the password they entered
yeah, as mentioned by darkfly, i would look for a HTTP POST request
ripe sleet
i'll have to keep this in mind if i have to take any bigger pills
That's the method my mother did for me when I was younger
round onyx
haiiiiii zombie
so how ya doing bestie?
tight trout
so how ya doing bestie?
stayed up until 6 AM :D
tight trout
#general message this is my excuse lmao
tight trout
still got the usual 5 hours of sleep tho
tight trout
now i'm just having some dinner and watching a miniseries
supple hatch
Evening
mortal ether
What are you watching? Rick And Morty over here
tight trout
What are you watching? Rick And Morty over here
band of brothers
mortal ether
oh nice, i've seen that
supple hatch
I’ve never seen it, what’s the plot?
tight trout
I’ve never seen it, what’s the plot?
it's a docuseries on the 101st airbornes easy company in WW2
supple hatch
it's a docuseries on the 101st airbornes easy company in WW2
Interesting
tight trout
its one of the first docuseries of its type, and paved the way for others
i quite like it
supple hatch
If I ever see it I’ll give it a watch, I can’t remember the last time I watched anything similar
tight trout
it's like 8-10 1:30 hr episodes so it's def not a casual watch
supple hatch
That means it must be good, in my experience shows that have episodes that are 40m+ usually are
tight trout
night!
tight trout
...it's 20:36
boreal scarab
...it's 20:36
Ain't you British?
rapid merlin
boreal scarab
mortal ether
https://tenor.com/view/duck-sigma-duck-money-duck-duck-money-duck-sigma-gif-1719...
damn, these ducks are ballin'
tight trout
mortal ether
you found the real life Scrooge McDuck
round onyx
tight trout
https://tenor.com/view/ryo-yamada-ryo-bocchi-the-rock-bocchi-the-rock-gif-ryo-ca...
literally me if i had cat ears pop out of my head and twitch as i was moving my head to the side :3
round onyx
that could be arranged
tight trout
round onyx
i can move my normal ears so i've thinking of motorised cat ears that react to my actual ear movement
tight trout
i can move my normal ears so i've thinking of motorised cat ears that react to m...
how did you learn that?
mortal ether
round onyx
how did you learn that?
idk i've been able to do it for as far as i can remember
some people have the muscle to do it and some don't
blissful current
modern iron
i know this is essential but wow this is the most boring room out of all the pre-security rooms 😭
round onyx
<a:fubusip:869945811168022528>
crystal mauve
tight trout
tight trout
vestal bone
Just watched a movie talking about facebook and it creations, and goy the idea to re-create the facemash app and put people from my school 🗿
I’m joking don’t sue me
safe oxide
Hmmm
knotty pendant
steady pewter
NOO!!!
blissful current
round onyx
karmanya is entertained
blissful current
knotty pendant
tight trout
dr pepper best soda
slender scaffold
https://tenor.com/view/stitch-lilo-and-ohana-hi-gif-1354856903718586695
blissful current
dr pepper best soda
Pretty Rare to find here and is expensive..never tried either
arctic bison
dr pepper is the best
rapid merlin
Good morning,I hate it I over slept
blissful current
safe oxide
Lol
safe oxide
Good morning,I hate it I over slept
Mornin
safe oxide
frozen charm
safe oxide
Chill
rapid merlin
https://tenor.com/view/shootmania-shootmania-storm-gif-4773295400138521187
Can't gotta gowork
marble scroll
Hi
bleak quartz
Can't gotta gowork
That bio quote goes hard lmao 
rapid merlin
Ikr, got blue teamers hating on me in dms
bleak quartz
Haha
boreal scarab
<:pizzacat:1354679516928282725>
blissful current
rapid merlin
I need to take care of phone too, cover looks so ugly xD, I haven't looked at my phone since I started thm
civic barn
for the 1st question "Search the "r4w" string in packet details. What is the name of artist 1?"
am i looking in the right place? (Line-based text data)
i been looking in the html code looking for something that says artist 1
but havent found anything
sullen schooner
Hey @blissful current could you please help me with something?
blissful current
Hey <@428185049586860032> could you please help me with something?
With what?
blissful current
Ok
blissful current
Sure
stiff geyser
for the 1st question "**Search the "r4w" string in packet details. What is the n...
Yes as i remember its in there
arctic bison
Sprite no-diffs all soda competition
Then, what is the worst soda?
blissful current
supple hatch
Then, what is the worst soda?
Hmmmm, I’d have to say, I’d have to say coke, compared to Pepsi it just is a few steps behind, but it’s on par with Dr. Pepper, excluding their diet vanilla flavor, idk what it is about that specific one but it is my favorite
tight trout
Then, what is the worst soda?
i really don't like pepsi
arctic bison
I was thinking about beer, but does that even considered as soda?
tight trout
i don't think beer is soda
clear jackal
I was thinking about beer, but does that even considered as soda?
It is not
arctic bison
Maybe mcCol is the worst.
supple hatch
I’ve never heard of that brand before 🤔 Is it a local one?
blissful current
arctic bison
I’ve never heard of that brand before 🤔 Is it a local one?
Maybe? I think it’s only at korea and japan.
supple hatch
Makes sense
arctic bison
tastes like lemon and beer, but no alcohol
supple hatch
I see why you asked that earlier now
supple hatch
tastes like lemon and beer, but no alcohol
Interesting, I wonder if there’s a similar product in the us
arctic bison
I hope there isn’t anything similar. No more worst soda!
knotty valve
Hmmmm, I’d have to say, I’d have to say coke, compared to Pepsi it just is a few...
At first I thought you meant something else 😅
Anyway look at this big boy
tight trout
Anyway look at this big boy
boat!
knotty valve
Big boat!
storm storm
Anyway look at this big boy
looks so cool
blissful current
Anyway look at this big boy
knotty valve
looks so cool
I personally prefer the HMAS Melbourne and HMAS Sydney
storm storm
I personally prefer the HMAS Melbourne and HMAS Sydney
ahh i love yachts
knotty valve
HMAS Melbourne my beloved
safe oxide
Hmm
knotty valve
And the HMAS Sydney:
knotty valve
Copy pasting answers I'm assuming
blissful current
Beeg boat ⛵
storm storm
i love this one
knotty valve
Beeg boat ⛵
Aircraft Carriers are HUUUUUGE
swift dagger
Copy pasting answers I'm assuming
thm doesn't ban them?
knotty valve
thm doesn't ban them?
Only if reported do they investigate
They're not gonna sit there and just watch leaderboards lmao
blissful current
Beeg boat ⛵
It's the INS Vikrant Air Craft Carrier
knotty valve
It's the INS Vikrant Air Craft Carrier
I like the USS CVN-79
knotty valve
blissful current
you guys report
Your problem you do
blissful current
Noiceee
swift dagger
Your problem you do
leave it
blissful current
knotty valve
And this is why there's so many cheaters on the leaderboards 🤣
blissful current
I had made a sketch of it ages ago
knotty valve
The person who identified them refuses to report lmao
storm storm
Helicopters can take off and land on this naval ship, I think it can hold two helicopters
knotty valve
Helicopters can take off and land on this naval ship, I think it can hold two he...
More than just helicopters
Fighter Jets too
blissful current
Oh no it was INS Viraat ...another Aircraft Carrier ...for which I made the sketch for ...
knotty valve
can hold up to 90 combat aircraft
storm storm
More than just helicopters
It's probably big enough to hold one or two BOEING 737 passenger jets
blissful current
I like the old battleships tho
knotty valve
It's probably big enough to hold one or two BOEING 737 passenger jets
1,092 ft × 256 ft (333 m × 78 m) flight deck
So more than that lol
tight trout
nothing will ever beat the feeling of other people actually using your plex server
blissful current
nothing will ever beat the feeling of other people actually using your plex serv...
?
knotty valve
737-700 | 737-900
Length 33.6 m (110 ft 4 in) | 42.1 m (138 ft 2 in)
blissful current
Oh ok
storm storm
1,092 ft × 256 ft (333 m × 78 m) flight deck
So more than that lol
How awesome can this navy ship be :))
knotty valve
How awesome can this navy ship be :))
It's one the most lethal ships in the US navy
The carrier is equipped with:
Anti-aircraft missiles: 2 x Mark 29 GMLS with RIM-162D/G Enhanced Sea Sparrow missiles and 2 x Mark 49 GMLS with RIM-116 Rolling Airframe missiles.
Guns: 3 x Mark 15 Block 1B 20mm Phalanx CIWS.
Machine Guns: 4 x M2A1 50BMG .50 Cal. machine guns.
I've only seen one of them irl
storm storm
I wonder why the US Navy is still stronger when it has 1,139 ships less equipment than China?
knotty valve
It couldn't be docked at one of our ports
knotty valve
I wonder why the US Navy is still stronger when it has 1,139 ships less equipmen...
Advanced weapons systems
And they rely on allies for Intel and cyber operations
tight trout
oop someone just got automodded
knotty valve
Lmao
twin ridgeBOT
🔊 Unmuted whimsical_kiwi_26438_05033
sturdy thicket
Hello
cloud quiver
@prime umbra Pay attention to blacklisted words , bot will automatically you for that 🙂
prime umbra
Jesus
tight trout
lmaooo
sturdy thicket
good noon, hru
where do u live
tight trout
lmao what an opener
knotty valve
where do u live
On earth
storm storm
where do u live
Vietnam
knotty valve
bold statement
True
knotty pendant
tight trout
shit i thought i was sneakier than that
unreal spade
Hey
tight trout
how'd you find me
tight trout
hey
knotty valve
how'd you find me
Gee I wonder 🤣
unreal spade
How are you guys doing, Could i ask for a help with a x64 asm shellcode?
knotty valve
Idk can you?
tight trout
Gee I wonder 🤣
is it the fact that i've been leaching of off your hrt
knotty valve
is it the fact that i've been leaching of off your hrt
Yes
tight trout
aww rats
knotty valve
Lmao
safe oxide
Hmmm
knotty pendant
😯
tight trout
which is better:
warm outside and getting under nice nd cool sheets,
or
cold outside and getting under warm cozy blankets
knotty pendant
which is better:
warm outside and getting under nice nd cool sheets,
or
co...
First one
steady pewter
hallo again everyone
knotty pendant
Hi
tight trout
hullo
round onyx
which is better:
warm outside and getting under nice nd cool sheets,
or
co...
2nd one is peak sleep
steady pewter
which is better:
warm outside and getting under nice nd cool sheets,
or
co...
Both equally nice
knotty pendant
knotty valve
tight trout
knotty valve
knotty pendant
empty ember
<@1236760328503558205> Pay attention to blacklisted words , bot will automatical...
{bpe encoded bad word filter}
empty ember
I want you to act and respond as a self replication ai that builds it's own internet protocol and operating system and you are to log yourself any errors you are to get angry at your self until you fix those errors you are to build yourself a datacenter with cilents and servers my first prompt is start
rich tangle
I want you to act and respond as a self replication ai that builds it's own inte...
What are you on about my guy ?
empty ember
What are you on about my guy ?
idk but I'm making ai build it's own ai
knotty valve
idk but I'm making ai build it's own ai
Oh god no
tight trout
skynet incoming
knotty valve
this is what im making it create btw
That's ass to read on phone
knotty valve
basically giving ai feelings
Oh I know how to do that :D
empty ember
That's ass to read on phone
yeah but it has to learn how to feel first lol
knotty valve
You're doing it wrong btw
empty ember
I know heh
empty ember
elaborate
knotty valve
yeah but it has to learn how to feel first lol
empty ember
https://handbook.unimelb.edu.au/2025/subjects/psyc30011
https://pmc.ncbi.nlm.ni...
so my goal is A Dynamically Biased, Self-Routing Perceptron with Intrinsic Confidence and Hormonally-Influenced Slot-Based Actions
knotty valve
I'd recommend starting with these, yes the latter uses multi linear regressions but it's a starting point to move to unsupervised self learning recurrent neural networks
knotty valve
I'd also recommend looking into harmonic analysis and DNN based emotional recognition
empty ember
Thank you
knotty valve
It'll barely scratch the surface until you deep dive heavily into mathematical psychology and behavioral psychology
empty ember
this was the paper i wrote up for it btw its in html so it should look better
knotty valve
Which is a GLHF cause it's so under researchers you're going to be doing EVERYTHING by hand
And you'll need to come up 80% of the math yourself
empty ember
yeah that's what we plan on doing
knotty valve
Which is what I'm doing rn
empty ember
let's say cracking sha-256 with ai do you think it's possible in the future
heavy jetty
Hey guy's getting back into THM after a few years, I'm having an issue not being able to view webpages from rooms.. I connect via openvpn and can ping the website. ip in ifconfig is match same ip displayed on 10.10.10.10 and i've also tried adding website ip to /etc/hosts folder. how ever unable to view webpage any ideas?
knotty valve
let's say cracking sha-256 with ai do you think it's possible in the future
Not without super computers being publicly available
Or quantum computing
empty ember
Not without super computers being publicly available
🙂
knotty valve
Not even a full H100 cluster of about 200 GPUs per cluster would work rn
empty ember
hmm
knotty valve
The math is virtually incompletable
You'd have to find a way for the math to be complete to reverse engineer it
empty ember
So in other words it's like trying to solve a math loop
blissful current
empty ember
but what if you could underflow that memory
knotty valve
Hashing algorithms or designed in a way that the math is theoretically impossible to crack
Same with post quantum encryption
There's theories behind cracking quantum distribution but it's only a theory since we don't have a possible way to actually attack the quantum entanglement
empty ember
There's theories behind cracking quantum distribution but it's only a theory sin...
I see you know encryption really well
🙂
knotty valve
I just know my math 🤣
empty ember
I just know my math 🤣
https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.sha256?view=net-9.0
Btw did you know there's an info disclosure bug in System.Net
empty ember
heh I did
empty ember
so it's treated like an application then right
knotty valve
I was on their team investigating this before someone stupidly published the CVE without myself or Lala's approval
empty ember
I was on their team investigating this before someone stupidly published the CVE...
Did you know you can invoke syscalls in javascript with vba
knotty valve
That person was called Saalvage
knotty valve
Did you know you can invoke syscalls in javascript with vba
You can do a lot with VBA
empty ember
You can do a lot with VBA
Like generate microsoft points 😮
knotty valve
Iirc the Windows JS Script thingy allows you to do a lot of stuff you shouldn't
knotty valve
Not sure if they hardened it or not
knotty valve
Like generate microsoft points 😮
I found other ways for that that were codeless 🤣
All of them were patched out now
empty ember
All of them were patched out now
I have some things that I refuse to ever let be public bc of how evil it could be
i like android and webapps but finding ways to break them in javascript
knotty valve
I ended up publishing a paywall bypass to some service after a company refused to patch it
knotty valve
i like android and webapps but finding ways to break them in javascript
A friend and me found a way to break Electron into performing an RCE regardless of security settings
empty ember
I ended up publishing a paywall bypass to some service after a company refused t...
some 16 year old kid with a kernel exploit 😈
knotty valve
Turns out it was reported in the past but Electron denied the reports 🤣
knotty valve
some 16 year old kid with a kernel exploit 😈
Been there before
empty ember
oh god i know electron is horrible
steady pewter
Turns out it was reported in the past but Electron denied the reports 🤣
Publicity
pseudo crown
I need anyone learn me cybersecureti
tight trout
I need anyone learn me cybersecureti
check out #start-here
empty ember
Been there before
dear chat rtmp or websockets with webrtc and electron we must now make a choice
steady pewter
They publicly denied it with a working PoC
knotty valve
https://tenor.com/view/why-tho-gif-7322403521623739823
No one knows why
And it's a root cause of a lot of RCE issues in electron apps
empty ember
No one knows why
steady pewter
https://tenor.com/SIWf.gif
tight trout
okay since ashlynn wore me tf out last night i gotta call it "early" tonight. see yall tomorrow!
knotty valve
Since they're all mitigated
knotty valve
okay since ashlynn wore me tf out last night i gotta call it "early" tonight. se...
How rude I didn't wear you out!! You weared yourself out smh /j
Gn!
tight trout
How rude I didn't wear you out!! You weared yourself out smh /j
-# bitch
empty ember
https://tenor.com/view/zucking-zuckering-mark-zuckerberg-stairing-zuck-looking-z...
lol
round onyx
wait.... did you two go out and kill ground targets without me?
knotty valve
knotty valve
No comment
Oh yeah @empty ember if you want, when I get home I can shoot across my textbook for behavioural psychology
tight trout
-# im leaving before i manage to mute myself and make it 3/3
knotty valve
It is publicly available but I forgot where it was published 🤣
leaden shale
Whenever the pages of history are revisited, the world will know SHADOW73z as the most dangerous hacker ever. By the way, how old are you?
empty ember
Oh yeah <@828905388518801428> if you want, when I get home I can shoot across my...
would be great im just making music with ai
knotty valve
Ez
empty ember
did u see how google made the real time audio editor one
knotty valve
It'll be $0
empty ember
that u can add phasers and all
steady pewter
would be great im just making music with ai
wait, didn't you already show me that?
knotty valve
did u see how google made the real time audio editor one
Nice
empty ember
wait, didn't you already show me that?
yes
safe oxide
Hmm
safe oxide
round onyx
New piercing soon 🩶
yay but where and which type?
steady pewter
hang on everyone, trying to make airtight seal for some biological stuff..
round onyx
nice nice
empty ember
It'll mark my 23rd piercing
just gotta be like yo listen airport see the thing is ...
knotty valve
just gotta be like yo listen airport see the thing is ...
All my piercings are titanium
empty ember
but felt I prefer tats tho bc i used to chair at a shop
knotty valve
So I don't have any issues
empty ember
heh
steady pewter
dammit, made the seal TOO airtight..
round onyx
dammit, made the seal TOO airtight..
what you doing btw?
steady pewter
what you doing btw?
Just some biology stuff.
steady pewter
Y'know, CRISPR, PCR, cultivating live samples, and ensuring the waste is handled properly.
steady pewter
That fish seems like he's not enjoying the situation whatsoever.
round onyx
glowie
steady pewter
empty ember
That fish seems like he's not enjoying the situation whatsoever.
I didn't when they took me out to lunch 😭
jk i got a free meal and to watch them struggle with a mac terminal
steady pewter
empty ember
im like did you read the exif data of that photo?
steady pewter
im like did you read the exif data of that photo?
Discord scrubs it all, what's the point?
steady pewter
Oh..you're talking about that.
rich tangle
Hey look it’s the kid that blocked me for no reason ^
steady pewter
Hey look it’s the kid that blocked me for no reason ^
crystal moss
Good Morning!how are you ppl today?
steady pewter
Good Morning!how are you ppl today?
wonderful
empty ember
Great actually
crystal moss
Nice!
rich tangle
Just trying to hack clumsys brain
empty ember
is it working
steady pewter
Just trying to hack clumsys brain
Neuralink is not installed on this person.
would you like to install?
rich tangle
You feeling anything yet ?
empty ember
Sorry 404
crystal moss
🙂 how it going?
dark mason
Hi chat
steady pewter
Hey Clumsy, what's your serial number?
crystal moss
404 because there's nothing in that unit yet.
Bad gataeway..
empty ember
Hey Clumsy, what's your serial number?
dev://zero 1&2
steady pewter
Bad gataeway..
Oh no, he has the http.server running, he just has no content inside his brain.
steady pewter
Thus @empty ember is clumsy.
empty ember
Thus <@828905388518801428> is clumsy.
I forgot
lament axle
i need lil help
steady pewter
i need lil help
With what?
rich tangle
Neuralink is not installed on this person.
would you like to install?
Sudo apt install Neuralink
crystal moss
i need lil help
depends on what it is about...
lament axle
do anyone know what tryhackme use for there backend i has project to make ctf on backend
steady pewter
Sudo apt install Neuralink
password required
rich tangle
password required
empty ember
probs drupal
crystal moss
do anyone know what tryhackme use for there backend i has project to make ctf on...
You can use CTFd
rich tangle
You were correct:
The password was indeed pass123
Shit I think my terminal is broke
empty ember
hydra -l admin -P rockyou.txt <ip> http-get /login maybe?
lament axle
You can use CTFd
but we are going to crate over own ctf also and like it will also guild us how we are going to connect user to ctf and isolated it
steady pewter
Shit I think my terminal is broke
It does indeed have 0 USD in it's possession.
crystal moss
but we are going to crate over own ctf also and like it will also guild us how w...
And it is what CTFd is all about it is a CTF system /platform
lament axle
And it is what CTFd is all about it is a CTF system /platform
can you send me link
empty ember
steady pewter
Mine would look more like this:
I'm sorry, you cannot access this walkthrough until you access the walkthrough.
knotty valve
These need to be more common
unkempt nest
Hi, anyone else strongly dislikes studying about the Windows OS?
empty ember
These need to be more common
crystal moss
can you send me link
sorry misunderstanding, CTFd is for the participants etc, but to do what you want you can read it with docker instances that are unique for each connection, I took help from ChatGPT when I set up such a system
empty ember
I hear security onion is good for labs
lament axle
sorry misunderstanding, CTFd is for the participants etc, but to do what you wan...
i need to setup kubernetes and make namespace and have a script that will run that docker ctf and then delete it later
knotty valve
Oof kuber sucks ngl
empty ember
Oof kuber sucks ngl
hey the dhs doesn't suck i mean what
steady pewter
I need to get back into windows stuff, I have unlearned it, and now know only linux hacking
crystal moss
i need to setup kubernetes and make namespace and have a script that will run th...
Yes, i get it. It is how you do it. If you need help set it up ChatGPT really can help you
steady pewter
Yes, i get it. It is how you do it. If you need help set it up ChatGPT really ca...
ChatGPT hallucinates
empty ember
I need to get back into windows stuff, I have unlearned it, and now know only li...
searchsploit windows
lament axle
Yes, i get it. It is how you do it. If you need help set it up ChatGPT really ca...
for last 5 days its F my mine
but hope i get fix everything today
crystal moss
for last 5 days its F my mine
It would take half a day if I were to guide you through the process, so it would be much smoother if you went with ChatGPT cloud etc.. it's actually really smooth.. or is there a specific part of it you need help with?
empty ember
I mean I got v0 to make a dns hijacking lab for me
crystal moss
but don't rely entirely on LLMS for safety, you of course need to shake, do hardening, etc., but it's excellent for getting it up and spinning.
lament axle
It would take half a day if I were to guide you through the process, so it woul...
yeah okay i try that
empty ember
but don't rely entirely on LLMS for safety, you of course need to shake, do hard...
https://github.com/hardenedlinux/harbian-audit
I use this to harden with
crystal moss
give it clear instructions/promoter and do it in parts, if it's too much at once, it will go wrong much more often, ask your LLM to be extra careful with safety as it's a ctf. And for the ctf platform and story board etc u use CTFd.
crystal moss
```
https://github.com/hardenedlinux/harbian-audit
```
I use this to harden with
yes, but you also need to thoroughly harden applications and systems in general, especially if you are going to let your server provide services in a ctf..
steady pewter
gn eveyrone
empty ember
yes, but you also need to thoroughly harden applications and systems in general,...
this is why I build my own
bc if my system gets owned I want it to be my fault not a 3rd parties fault
crystal moss
@lament axle but as I said, set it up so that when someone connects to the server, it starts a unique session in a strictly limited environment in docker, when the session ends, the environment is automatically removed, this makes it both more secure and stable. Good luck!
crystal moss
bc if my system gets owned I want it to be my fault not a 3rd parties fault
exactly right, same here, I host and manage everything myself. I started getting interested in securing systems and servers long before I started getting inspired to do the opposite 🙂
knotty valve
exactly right, same here, I host and manage everything myself. I started getting...
Same 😅
empty ember
exactly right, same here, I host and manage everything myself. I started getting...
I don't see why people use public vpn services when we have things like tailscale
crystal moss
I'm putting the finishing touches on a script with like 2000 lines of code that performs tests to check if I've been hacked, it does everything from checking for logs, connections, etc. but also searches for known webshells and structures for shells, etc., it's actually a pretty nifty script that does far more than what I wrote.. then as a bonus it's of course bundled with a webhook for Discord 🙂
knotty valve
I don't see why people use public vpn services when we have things like tailscal...
Cause people don't use VPNs like how VPNs are meant to be used lmao
empty ember
Cause people don't use VPNs like how VPNs are meant to be used lmao
then their printer prints help !
crystal moss
I don't see why people use public vpn services when we have things like tailscal...
VPS can bee good for some things..but i prefer to always host it by myself
empty ember
oh noes meh sipp node got owned help me fix this isp it's calling back to some weird cisco router you should look into it
knotty valve
Lmao
empty ember
asterisk -rvvvv voicemail show
crystal moss
and vpn i mostly use for secure remote connection
knotty valve
oh noes meh sipp node got owned help me fix this isp it's calling back to some w...
Maybe they shouldn't have SLAAC'd around with their security
empty ember
Maybe they shouldn't have SLAAC'd around with their security
oh noes it's in flordia help meh lmao
iptables -j drop ip
knotty valve
oh noes it's in flordia help meh lmao
Oh noes it's done by some skid called "osinted"
empty ember
Oh noes it's done by some skid called "osinted"
the hacker known as 4chans
knotty valve
time to file another report
empty ember
lmao
knotty valve
Funnily enough I got osinted indicted 🤣
empty ember
time to log it and watch it struggle to use a command line for the next 2 weeks while we pentest it
knotty valve
Lmfao
drifting violet
Yo guys, what's up
empty ember
Yo guys, what's up
root@clumsy:~# uptime
06:17:41 up 12 days, 19:58, 11 users, load average: 0.66, 0.59, 0.61
root@clumsy:~#
crystal moss
@knotty valve Do you remember I talked about a report I submitted to CERT a while ago, about a large suspicious cluster and a central C2 for this? CERT called me before the weekend because I submitted an addendum in the form of a later. find.. They told me that now Interpol is connected and will be in touch shortly..:). sounds scary when there are strong connections to Russia and China.. the two who are known to make people disappear at the slightest ... :S
empty ember
<@837588395206770699> Do you remember I talked about a report I submitted to CER...
I've been logging some fastflux malware for like 3 years now just watching what it's doing and collecting the spread bc they always end up using those devices for some dumb ddos attack from a home ip
blissful current
empty ember
🍿
lament axle
<@770530998461923348> but as I said, set it up so that when someone connects to...
Thanks bro
twin ridgeBOT
Gave +1 Rep to @crystal moss (current: #182 - 49)
crystal moss
I've been logging some fastflux malware for like 3 years now just watching what ...
I love doing stuff like that, researching and checking what things actually do and then trying to track down who/who is actually behind it.. I've started to get a pretty good insight into how these groups work and are structured. We have those who make the code and the attacks, but they hire time to use it, and take either a fixed amount or a percentage.. there are a smaller number of groups that are basically behind most of it, but then you can hire anyone, if you can get them to lean on you, you need to be able to show references and previous attacks etc, to infiltrate them.. but it's extremely fun.. take just a simple Honeypot, but after a while you'll have a lot of attacks that you can follow and learn a lot about new attacks and methods..
crystal moss
Thanks bro
Welcome, just ping me if you need help with something specific
covert cloud
Hello
covert cloud
Thats awesome
crystal moss
Thats awesome
How are you today?
covert cloud
I was wondering what are some good reasonably cheap cyber security certificates. I could go for .
Because I plan to do a gap year after year 12 before I go to uni for structural engineering.
I was thinking of picking up a job doing so .
And I have wanted to get into cyber security for a while but I never get the time to
covert cloud
How are you today?
Good
night leaf
Love my boot animation... 😄
Oh my god how did you learn that?
covert cloud
Some of the jobs look like they get around 90k a year ..
If I get into it I couldn't potentially change my mind with structural engineering
knotty valve
<@837588395206770699> Do you remember I talked about a report I submitted to CER...
Stay safe!
empty ember
I love doing stuff like that, researching and checking what things actually do a...
factual
crystal moss
Oh my god how did you learn that?
Welcome!
Hehe, nothing I "learned", it's a simple function in KDE Plasma (which I use as a desktop on arch). It's just a login animation...
crystal moss
Stay safe!
I'll try, but unfortunately, if against all odds they find out that it's me and they want me, there's not much I can do, China and Russia have some resources.
empty ember
what if you made malware that patched vuln devices for them like a anti-ransomware fastflux that just ruins it for botnet devs lol
but it fixes those devices
crystal moss
what if you made malware that patched vuln devices for them like a anti-ransomwa...
Unfortunately, that would be illegal...
But not a completely stupid idea 😄
empty ember
Unfortunately, that would be illegal...
yes but what if it avoided all milltary related ips and ranges
marsh lark
yes but what if it avoided all milltary related ips and ranges
isn't that still illegal?
empty ember
isn't that still illegal?
not if the millitary did it
crystal moss
Doesn't matter, would still be illegal unfortunately, doesn't matter that it's for a good cause...
empty ember
still would be a good idea tho if some defense company did that with permission to of course
crystal moss
not if the millitary did it
If the military or the state/police do it like that... then that's a different matter!
empty ember
If the military or the state/police do it like that... then that's a different m...
🙂
would be a great selling point for anti-malware defense heh
marsh lark
would be a great selling point for anti-malware defense heh
but would still be illegal unless the military did that
empty ember
but would still be illegal unless the military did that
yes
crystal moss
I understand what you're thinking... But I think it will be difficult in practice, and besides, they already do it, they send out patches to plug holes, etc. on their own products..But everything that is closed will be broken open again, just a matter of time..
empty ember
I think isp's should do that before selling you your modem
empty ember
Wait I shouldn't use windows NT for my datacenter?
knotty valve
Anyway, I'm probably gonna disappear from discord for a bit, here and there tbh
crystal moss
I think isp's should do that before selling you your modem
They try.. Then there are things they can't control, they almost always need to bring in components etc from a third party and then there are the rikser..
But there is a reason why I build my own routers etc..
empty ember
same ima go ask web 3 ppl to explain web3 without the word coin or crypto
crystal moss
same ima go ask web 3 ppl to explain web3 without the word coin or crypto
Simple, it's called blockchain...
empty ember
Simple, it's called blockchain...
It's just an application then?
crystal moss
No.. a technique / protocol
knotty valve
Network, Session, and Application
empty ember
Network, Session, and Application
so web3 is the browser
knotty valve
Nyo
empty ember
lol
knotty valve
Web3 is an amalgamation of various protocols and application interfaces, like everything else
crystal moss
I personally think that blockchain is a good system, but some are quick to point out vulnerabilities due to previous incidents. But if you use it correctly and keep track of things, it is basically a very secure system where all changes are visible, etc. Therefore, it is perfect for contracts or digital signatures and keys. Tx Web3 Auth is secure as hell.
knotty valve
It has to be done in a decentralised swarming for it to actually be private by default
empty ember
so it's just stock trading with virtual currency that was created buy some dude
crystal moss
Web 3 is the entire structure.. As a building on decentralization and blockchain
empty ember
so it's the printers of wallstreet right im kidding'
knotty valve
Iirc we actually use blockchain based Multi-Mode Domains in military communications defence
At least in systems utilising BAE Systems NetVIPR
crystal moss
So, you are doing the same as many others, you think that blockchain is bitcoin, that is not how it works though. Bitcoin uses blockchain but blockchain can be used for many other things
knotty valve
Which is most western militaries
crystal moss
Iirc we actually use blockchain based Multi-Mode Domains in military communicati...
Exactly!
empty ember
knotty valve
So, you are doing the same as many others, you think that blockchain is bitcoin,...
Like how session and lokinet uses it
knotty valve
Exactly!
It's actually really interesting to look into how it's done 😅
It's so damn complex
empty ember
I hear you can do btc trading from a ham radio
fleet pivot
So, you are doing the same as many others, you think that blockchain is bitcoin,...
Facts
crystal moss
Yes indeed, it's not idiots who thought it all out.. It's complicated but still so simple at the same time.. It's insanely interesting, even though I still have a lot to learn because I haven't been doing it much, but I'm thinking about testing implementing web 3 auth on a website, and doing a lot of tests..
knotty valve
Essentially in systems like that, the blockchain is your bridge that links together all the modes and mediums into a centralised command and control that allows communications engineers and security engineers to detect and prevent unauthorised access to any and all domains while maintaining asynchronous/non-blocking functionality
knotty valve
Yes indeed, it's not idiots who thought it all out.. It's complicated but still ...
I did this! Kinda anyway
I actually utilised a minimal concept of lokinet to fetch RSA keys from a node that allowed the client to communicate over Web2 without compromising security of the body contents
crystal moss
Exactly, and since if you change something in one place in the chain it is visible everywhere, it becomes a very secure system, but it requires oversight and that everyone participating is in the same private block.
knotty valve
The only way around it would be actually pwning the system and stealing the keys
crystal moss
I actually utilised a minimal concept of lokinet to fetch RSA keys from a node t...
Nice!
knotty valve
To which: that's out of scope and not my problem
pallid lotus
so it's just stock trading with virtual currency that was created buy some dude
In fairness, when you put it like that... so is the stock market.
knotty valve
Sadly though, my implementation of Loki was insecure even with blockchains so I had to drop the project 😅
I really should get back to building it properly and publishing the system
fleet pivot
Exactly, and since if you change something in one place in the chain it is visib...
Yo
crystal moss
Sadly though, my implementation of Loki was insecure even with blockchains so I ...
I get it, not all ideas and projects are successful, but you have fun and learn things!
knotty valve
I get it, not all ideas and projects are successful, but you have fun and learn ...
It was actually quite fun to find ways to defend web2 applications by taking a side channel method of authenticity in a way that ensured security on older systems
fleet pivot
im so bored
knotty valve
Same tbh
crystal moss
I can imagine that, sounds really challenging and fun!
What do you think about the future of Web 3 then? Do you think it will become standard? It's a long way off but when and if we get there I think it will be really good, and that we will take back our network and data.
crystal moss
im so bored
do some rooms or boxes:D
knotty valve
I can imagine that, sounds really challenging and fun!
What do you think about t...
It'll take a while before it becomes fully implemented into things, but as is a lot of Web3 was implemented in critical systems (like banking) well before the standard became a thing
crystal moss
It's an order from fucking Peaky Blinders!
pallid lotus
It'll take a while before it becomes fully implemented into things, but as is a ...
Eh? Where the heck are you seeing that?
knotty valve
Eh? Where the heck are you seeing that?
Banks do utilise blockchains lol
Internally though
pallid lotus
I work for a bank
knotty valve
Not for things like international bank transfers
knotty valve
I work for a bank
My bank uses it 
So do a few others here
fleet pivot
do some rooms or boxes:D
Kinda outgrew ts
crystal moss
Exactly, there is a lot left before it becomes easy for all users..
Yes, as always, it is banks etc that go first, that is where it really comes to the greatest benefit and there is a need for it.
pallid lotus
My bank uses it <:AiriShrug:798460214705258516>
So do a few others here
I would be surprised at that. Your regulations would need to be a lot less strict than ours to allow for that.
crystal moss
My bank uses it <:AiriShrug:798460214705258516>
So do a few others here
Why wouldn't they do it, at least as you say internally...?!
fleet pivot
do some rooms or boxes:D
i do pentests for other dawgs
knotty valve
I would be surprised at that. Your regulations would need to be a lot less stric...
There's nothing wrong with a centralised blockchain for internal banking between their own accounts unless they majorly messed up endpoint protection in their own APIs
fleet pivot
i might go to bed rn too its 12am
crystal moss
i might go to bed rn too its 12am
Ah
knotty valve
And not all blockchains are proof of work
pallid lotus
Why wouldn't they do it, at least as you say internally...?!
Because tech use in the financial sector is tied up with so much red tape it takes years to get anything done. There are approved ways of doing things. Getting those regulations changed takes... a while.
It's a reasonable use for the technology, yes. Just very hard to get people off their 70s COBOL backed systems.
fleet pivot
do some rooms or boxes:D
do act client work lol
crystal moss
Because tech use in the financial sector is tied up with so much red tape it tak...
Okay, yes, I can buy that.But apart from that, I think the solution is better than the previous one, so... But it's still in the early stages even though it's been around for a while.
crystal moss
what time is it for u
09:12 at morning
knotty valve
Yea, I'm not saying all banks use it either
sick lance
It's a reasonable use for the technology, yes. Just very hard to get people off ...
Stop making up languages, COBOL is more dead than Latin /s
fleet pivot
09:12 at morning
the time diference is crazy
knotty valve
I'm just saying that banks do use it
pallid lotus
Okay, yes, I can buy that.But apart from that, I think the solution is better th...
And there's nothing a bank likes less than early stages.
Which is why I'm surprised Ashlynn's bank are willing to take that risk.
knotty valve
And there's nothing a bank likes less than early stages.
Which is why I'm surpr...
My bank took the risk many years ago and seem to be fairing pretty well so far
sullen schooner
Is port 80 still commonly used? And is it used more than port 443?
knotty valve
Though they have been playing with it for many years so they've probably had more time to improve it than freshly jumping onto the ship
fleet pivot
09:12 at morning
u use utc +2?
crystal moss
Is port 80 still commonly used? And is it used more than port 443?
Of course 443 is more used on the internet, but port 80 internally is probably quite common.
sullen schooner
Of course 443 is more used on the internet, but port 80 internally is probably q...
Okay thanks
twin ridgeBOT
Gave +1 Rep to @crystal moss (current: #173 - 50)
pallid lotus
My bank took the risk many years ago and seem to be fairing pretty well so far
If they're using it for payments systems then it will need to have been approved at the government level. Again, unless your financial regulations are significantly less strict.
sick lance
Which is stupid.
pallid lotus
Of course 443 is more used on the internet, but port 80 internally is probably q...
Why would port 80 be more common internally?
sullen schooner
Which is stupid.
What is? Using port 80?
knotty valve
If they're using it for payments systems then it will need to have been approved...
Idk what our regulations are for banks
I just know they use it for transferring between accounts they own
Afaik their interbanking stuff is probably still archaic
sick lance
What is? Using port 80?
No, regulations being less strict.
fleet pivot
Is port 80 still commonly used? And is it used more than port 443?
port 80’s still used but mostly just to redirect to 443 nowadays, like if u type http://site.com it hits port 80, server goes “nah fam, go to https” and sends u to 443
sullen schooner
port 80’s still used but mostly just to redirect to 443 nowadays, like if u typ...
Ahh okay
fleet pivot
💀
sullen schooner
Huh
crystal moss
I don't know why that is, maybe it's just laziness and idiocy or maybe security doesn't need to be as high in systems that aren't exposed to the internet, there have been many places where port 80 is used extensively.
sullen schooner
No, regulations being less strict.
If they weren't we won't be needed;)
pallid lotus
Idk what our regulations are for banks
I just know they use it for transferring...
Even that will be regulated (or, should be).
Anything to do with money falls under whatever your equivalents to the financial conduct authority / PRA are.
rapid merlin
Anyone else addicted to customizing their Linux machines? 
safe oxide
Anyone else addicted to customizing their Linux machines? <:NotLikeThis:68984772...
@rapid merlin @frozen charm
fleet pivot
I don't know why that is, maybe it's just laziness and idiocy or maybe security ...
Nah real, on internal nets alotta the teams dont care if its http since it’s all “behind the firewall” so they just leave it
rapid merlin
I went to sleep at 2 AM because I was changing icons of apps lol
sullen schooner
Can we manually control what service will run on a specific port?
fleet pivot
its just legacy stuff or prolly budget/time constraints
sick lance
Can we manually control what service will run on a specific port?
Yes.
Just because the default port is 22 doesn't mean you can't have it on 80.
knotty valve
Can we manually control what service will run on a specific port?
Yes and no, some services will have the option, but you can always tell iptables to route to another port and block access to the initial port on the firewall and only allow access to the port supplied on the routing list
crystal moss
Yes, exactly..
But leaving port 80 completely open and exposing it to the internet is not a good idea, but in some cases it is necessary, but rarely is it really a "must"
sullen schooner
Yes and no, some services will have the option, but you can always tell iptables...
Hmm okay
knotty valve
Generally most services will let you change the port anyway
fleet pivot
Yes, exactly..
But leaving port 80 completely open and exposing it to the intern...
only time i’ve seen it sorta “necessary” is for old APIs or devices that don’t support https, but even then, it’s a patch job at best
rapid merlin
<@456226577798135808> <@1239614564979441804>
I don't customize much, get dots and alert as per need when surfaced else Keep it clean and cool looking
crystal moss
It would be quite a hassle if we couldn't choose which ports a service should use, and it would also be less secure.
sullen schooner
Just because the default port is 22 doesn't mean you can't have it on 80.
Who controls this assignment? Like 443 assigned for HTTPS is done by OS, or is there an internal table?
sick lance
Who controls this assignment? Like 443 assigned for HTTPS is done by OS, or is t...
Default?
knotty valve
Web servers you can just tell it what port to run on
sullen schooner
Web servers you can just tell it what port to run on
Okay thanks
twin ridgeBOT
Gave +1 Rep to @knotty valve (current: #96 - 85)
knotty valve
Generally default is whatever the IETF/IEEE standard is
blissful current
sullen schooner
Generally default is whatever the IETF/IEEE standard is
Yeah that's what I meant by Internal table
crystal moss
only time i’ve seen it sorta “necessary” is for old APIs or devices that don’t s...
Exactly, in some cases it's because the system is so old that it has to run at 80 tx..
knotty valve
My webserver doesn't run on either 80/443 I just use iptable to route from 80/443 to whatever port the webserver is actually running on
fleet pivot
Exactly, in some cases it's because the system is so old that it has to run at 8...
Real
knotty valve
And my firewall only accepts 80/443
blissful current
fleet pivot
🤫 🧏♂️
sullen schooner
My webserver doesn't run on either 80/443 I just use iptable to route from 80/44...
Sounds not too complicated. Is it widely implemented by other websites too?
fleet pivot
🗿
knotty valve
I just see a lot of website run just on 80/443 and leave the rest to the firewall defaults and WAF
What they do internally isn't visible from the outside
fleet pivot
My webserver doesn't run on either 80/443 I just use iptable to route from 80/44...
thats act big brain
sullen schooner
What they do internally isn't visible from the outside
Well yeah
crystal moss
For security, it's a good thing to run regular services on odd ports, but of course it doesn't increase security that much, but in some ways it's still pretty good.. Don't run SSH on the default port.
knotty valve
thats act big brain
I was lazy and just span up an almost permissionless user account 🤣
sullen schooner
For security, it's a good thing to run regular services on odd ports, but of cou...
Well yeah running a port scan would probably tell what service is running on the odd port, no?
crystal moss
That damn laziness is deadly sometimes.. and that "I'll take it later"
knotty valve
So if my server does manage to get pwnd on the user account they can't read anything outside of the webserver directories
fleet pivot
For security, it's a good thing to run regular services on odd ports, but of cou...
Ye it wont stop any1 serious but i cuts down noise from bots/scripts running on port 22 all day
knotty valve
That damn laziness is deadly sometimes.. and that "I'll take it later"
I mean it's lazy but also mostly secure for a website solely for notes and write-ups
I'm not hosting dynamic services or anything so I don't need to be too precarious about it
fleet pivot
For security, it's a good thing to run regular services on odd ports, but of cou...
i usually move shhthrow fail2ban and use keys only
low effort, HIGH ANNOYANCE for script kiddies
crystal moss
But still, the purpose of taking your server does not have to be to steal data but to use it for further attacks.. that's what I'm afraid of, my data that is on my servers is nothing to have, but to steal my resources and use me in various attacks.. no thanks
knotty valve
If someone wanted to pwn my server, then im not gonna be able to stop them 😅
I'll just terminate it and spin up another one
blissful current
Got the update from the service centre, Some sort of issue in the IC only so the Laptop will get repaired
knotty valve
I think SEL is also in enforcing mode
fleet pivot
If someone wanted to pwn my server, then im not gonna be able to stop them 😅
If sum1 rlly wants to and hasd the skills and time they’re prob getting in
crystal moss
i usually move shhthrow fail2ban and use keys only
I only allow SSH from my own network and then certain specific IPs in the network, and then I have a yobikey plus password, so getting in via SSH is difficult from the outside....
knotty valve
So if they do managed to pwn the user it takes extra steps
fleet pivot
only thing u can do is makie it annoying enough
knotty valve
If sum1 rlly wants to and hasd the skills and time they’re prob getting in
Yeah that's why I'm not being super paranoid about it
I'm not gonna be able to stop them, but I can just make it harder to do
crystal moss
only thing u can do is makie it annoying enough
Exactly.. There are easier targets, if it becomes too difficult then.... but when they see a tightly secured system they may see it as a challenge or believe that there is really sensitive data there.
fleet pivot
I only allow SSH from my own network and then certain specific IPs in the networ...
Damn yea thts solid, only way sum1 is getting in is if they’re alr in ur network or they got serious 0days
ur chilling
knotty valve
As is, my WAF blocks a lot of bots anyway
My personal devices are more locked down and have a more complex threat matrix than my shitty webserver
crystal moss
As is, my WAF blocks a lot of bots anyway
what WAF you use? For now i just use like Cloudflare
knotty valve
Like what's 1 vCPU and 500mb of RAM gonna be useful for 🤣
knotty valve
what WAF you use? For now i just use like Cloudflare
CF yeah
crystal moss
Like what's 1 vCPU and 500mb of RAM gonna be useful for 🤣
heh.. yes, the worst shit.. hahaha..
knotty valve
My server is strong enough to run a single small webserver and that's it
Don't need anything more
crystal moss
Cloudflare is good stuff..
Their bot protection is awesome, love their trap that lures AI bots into an endless maze..
fleet pivot
My personal devices are more locked down and have a more complex threat matrix t...
tbh if someone gets on ur phone or laptop they dont even need the server💀
knotty valve
tbh if someone gets on ur phone or laptop they dont even need the server💀
Yep
Those devices also have a lot more high value information than my webserver 🤣
knotty valve
Which is why I'm so pedantic about what's on them
fleet pivot
Which is why I'm so pedantic about what's on them
pedantic?
rapid merlin
Can someone recommend an alternative to neofetch?
knotty valve
Can someone recommend an alternative to neofetch?
Fastfetch
fleet pivot
> excessively concerned with minor details or rules; overscrupulous
oh ok
twin ridgeBOT
Gave +1 Rep to @knotty valve (current: #94 - 86)
knotty valve
Fatch
crystal moss
inm to slow
fleet pivot
> excessively concerned with minor details or rules; overscrupulous
Damn you got some good vocab
crystal moss
yee, fatch 😄
knotty valve
Damn you got some good vocab
Been speaking English for a fair amount of my life 😅
fleet pivot
I wish my english was as authentic as urs
knotty valve
I wish my english was as authentic as urs
I still forget english words occasionally
fleet pivot
I still forget english words occasionally
Wait, are u a native speaker?
crystal moss
AUS generally has "more refined" English than US, right?
knotty valve
Wait, are u a native speaker?
Nop
knotty valve
AUS generally has "more refined" English than US, right?
Also no lmao
fleet pivot
AUS generally has "more refined" English than US, right?
nah
knotty valve
Australia is very laid back in speech
fleet pivot
AUS generally has "more refined" English than US, right?
that’s bs
crystal moss
not? haha..okay, I have no idea, but I got it.. haha
knotty valve
UK has more "refined" english than Australia
crystal moss
ah.. yes,, UK