#general

total ammoun of data was over 800 GB

just stop doing anything that could overwrite where existing data used to be

I don't do anythign rn I just extracted logs I could find

and wrote security report

tomorrow going to police

gosh

keep stuff untouched

maybe the forensic dudes can recover stuff like ellie said

it's okay, we're not trying to be harsh. But yes if all that was deleted was the filesystem links to where the data existed "aka how most deletes happen" then data may still be there, just left in a "this is okay to overwrite" state

forensic dudes?

maybe

gosh

digital forensics

Possible not the data itself is deleted but just system links

They would have had to 0 out or overwrite everything to completely delete it

maybe

issue is I tried using zfs to restore it

zfs told me that it got overwritten

and only few bytes is there

I also stopped some sshx session

as soon as noticed

maybe this is why this bit of data isnt purged yet

Yeah not great, but indeed there's only so much we can help, and questionable liability of us doing so

fair

You may try to boot with recovery systems that digs in the memory and get the data , just try to not add anything new , it will overwrite the existing data

Just seems like odd tactics, as if they really wanted to use this for much gain, they wouldn't have been so destructive

But potentially their attempts failed so they just said f-it

Either way, sorry to hear about that and good luck. Will be a good lesson for sure, no ideal that anyone could get a foothoold in the first place

stay secure with windows 7

hush now lol

🍀

Issue is this seems to be more like Layer 8 issue

than any other issue

my administrator got compromised

also I'm still unsure if he really got compromised or he just shared account password or he himself did that

as logs point to his account but also to lxc 115

lxc 115 had bruteforce tool and sshx session

lxc 115 could be accessed only from lxc 101

which was from my friend/costumer

Yeah unfortunate to say the least

issue is

I cant find any attemps to login

login was perfect - without a single failed attempt

which makes me wonder if he really got compromised

he also gave theory of VPN packet spoofing

which seems fair as person who used it with him was my "enemy"

😭 gosh I want to die now even harder my 3 years of work got down

Then yeah I won't even speculate because yeah sounds like there's a whole story here and more

Just it's alright, things will get better, just take it one step at a time

I've head to deal with security incidents before and yes they can leave you feeling awful, but important to learn from. Can't change what happened, only improve on what went wrong.

the thing is

the project I was making there

was the only thing keeping me alive

like seriously

the community, the motivation

and now its all gone

Indeed, which is why your backups need to be fully segmented and ideally 1-2-3 style

I'm just not sure what else to say, but there is a way past this

I'm sorry to hear that

Can potentially work with said community if they have any of this data to recover. Not sure what kind of project this was but yeah having online version control probably would have been beneficial as well.

Can at least plan for "projectname-ng" or whatever as well

Hello Elizabeth!

Some hlep me

Can we talk in dm

Is it illegal?

Nhaa

Aye, send it

Hi NEW HERE, Im Mario

HII MARIO KART

YOU GOT PIZZA?

No just the mushrooms, no need to be like that

I am heading to bed have good night girls

I want pineapple on my pizza

Girls?

hush child

🥲

Hey everyone, I've been having this problem for a year.
I live in Ukraine. Because there was shelling and the power outage, I didn't have time to complete my daily task. My streak, which was 330+ days, disappeared. I clicked "Restore Streak," but it started counting down from day 1. Everything is gone.
Can you tell me where to write or contact me?

I believe you can contact support@tryhackme.com to resolve this, last I remember most staff on Discord don't have the latitude to do so

Good luck to you and stay safe!

Are you sure this is the correct email?
support@tryhackme.com

I've contacted them before and that is their primary support inbox. It's even listed on their billing info.

The company I work for does the same thing, support@companyname.tld is pretty common.

Checking my email history shows I was connected with a well known THM staff member after emailing that address

Yeah support helped me with something similar

They might not have replied over the past two days given it's the weekend

Mhmm, they normally work on workdays UTC/GMT hours

Hey guys,
are we allowed to use the VM on the website to carry out attacks to our own devices ?

That's an odd question. One, the VMs don't have internet access so you can't do external testing at all. Two, even via the VPN, you'd have to pivot from the device you're already using to connect out to your own network. So not only is it impractical, but just also ill-advised and silly.

Just spin up your own VM quick to do so, it's not hard

And sorry I was thinking of using the openvpn which you're not, so no you won't be able to what so ever lol

Just lol use your own approved infra to attack your own approved infa really.

VMware Workstation Pro is now free even if you have to jump through account hoops, VirtualBox exists even if that means dealing with Oracle, and etc. You have options.

Thank you very much. I really hope you help me. And that my streak will be restored (because if not, that's the end of it).

Gave +1 Rep to @sinful moon (current: #35 - 318)

Yeah they're usually very understanding of these things, no worries!

I’ve been so locked in today I’ve done a bunch of labs

i just finshed a full room and omg that was hell but it was fun

Also to be clear since your language was unclear, this was an example. support@tryhackme.com is their address

Yep, just gotta wait for normal business hours before they're likely to even see it (UTC/GMT time, no plus or minus)

They'll be able to see in your account when the streak broke, so which day shouldn't matter that much

Oh, I hope they help me. Because it's just a tragedy.

i been doing like 5 min pen rooms and look up was so different because i had to put all my tools into place and use them

so a challenge room or something? That is something to understand is that while a lot of THM is focused on guided walkthroughs, that's far from the only type of content there is

hi, anyone else having issues with session management in the Enumeration module?

Sheeesh I’m now Az900 certified

Congrats!

Thank you thank you

look up is the red team room easy

Given that I booked it yesterday and started studying within the last week or two I’d say I’m pretty chuffed rn

Totally understandable. Does sounds like something I wouldn't mind going for

Is it perpetual?

I don’t think the cert expires

Awesome, although maybe it should with how often MS renames and re-arranges things, but I don't want to give them any ideas lol

why are expiration dates on certificates a thing

money

Exam does change but I don’t think it affects the cert - unless they just outright replace it

$$$, with slight justfication on continual education

there's barely any reason why A+ and many other CompTIA ones needed to go that way lol

Funnily enough in studying I found multiple deprecated options and resources mentioned how Microsoft renamed their whole authentication service

must be why the median pay in this field is so high

That sounds about right lol

regularly administratining Azure at work, I gotta play, where does this thing live this week at times

although yep for all of Entra ID you can still see the URLs say AzureAD

Az104 should be your goal then

Sounds reasonable

Congratulations Jabba! 🥳 🥳 🥳

I've just had to self train my own AD/GPO to Azure/Entra ID/Intune/whatever learning and it's been interesting

I have to say I think Microsoft Azure is well thought out - I have a lot of respect for it due to it’s intuitivity

I started when Azure AD was still called that, and still somewhat salty but I don't even try to use the old name anymore lol

How does Azure compare to that of AWS?

Really, I'd say the opposite especially when compared to how intutive on prem was but fair enough

I’d say Azure is more business and AWS is more consumer

that's fair

Interesting, different experiences I guess

https://tenor.com/view/preparing-for-bf6-gif-3227508119610502244

I did two AWS academy courses which were interesting

I can say Microsoft 365 admin portal and Exchange Online and tasks are easy as all heck though

system administration, any great resources?

So they did to that right. But I often just have to dig to find the Entra ID stuff I'm looking for for the umpteenth time

sick game, loved the open beta on 50 fps

I anticipate that my opinion on Azure will change if I have to manage it

Wonder if there's a secret.....

Or silly stuff like SharePoint admin, do you want an end user to have a "shortcut" or "sync"... turns out Sync is usually the right way to do it despite the unusual naming

I keep repeating myself in multiple discord, campaign was ALRIGHT. Second to last mission was pretty good. But the story felt soulless, all over the place. The first mission was very good in opening on what is to come. But after that, we're jumping between so many different places with no reason why

Sync gives them a fancy "org name" thing in Explorer instead of "shortcut" that yeah just adds a shortcut in their OneDrive

Just "Remember X Y Z" Goes into battle

i havent played nor seen the campaign

cant comment

Let’s go Jabba

Is it worth doing cloud ?

Yes

Idk if I’ll like it lol

It is the future etc tho ik 😭

vast majority of small to medium orgs are on M365 or less fleshed out Google Workplace

your smart fridge is going to be cloud connected in 2030

And have ads on it

Want the ads removed? Gotta pay a subscription for that

haha that was big in the news last week

with the Samsung fridges

and now Amazon Show displays this week... but that is a bit more "what did you expect"

but really yeah a bit of "what did you expect" with any "smart" appliance either

Can’t catch me with a fridge connected to WiFi

Yeah absolutely never

do you know how to hack an nltm hash?

Not something you hack

i know you’d love a smart toilet

Now that I can get behind

how do you mean that?

someone should invent a smart phone

we also do have rooms on that, look into rooms for hashcat and john the ripper

thank you! i look for that ❤️

Gave +1 Rep to @sinful moon (current: #35 - 319)

but lol if it's a really weak NTLM hash, that's often been solved in rainbow tables but getting ahead of myself

It’s just a string of data, you can’t hack it. If you’re looking to find the original data that’s called cracking ;)

this is correct ^

ik this but my english is bad and i was scared to say smt bad

All good

back in my day we had l0pthcrack and we were happy lol

although yes john existed then too heh

but yes hashcat is wonderful, love that the creator drops in from time to time

is there other cons like defcon

yes Black Hat and many others

https://tenor.com/view/grumpy-dana-carvey-back-in-my-day-angry-gif-16063472

wait hashcat creator comes in here

meep moops it is the time for sleep sloops to the beep boops

G'night shadow!

and yes Pv2, them and some other infosec devs and creators

I like to think it's because this is a pretty welcoming community that spans the entire range of infosec knowledge from beginner to experienced

lol I've just seen some that, lets just say, aren't that

thats cool

mhmm

Damn that was one hell of an adventure

What's that?

@sinful moon i just realized, that the most rooms are sub-only, and you need a pc, my pc is on repairing-station (idk how to say it correct) andd i need to use my ipad, do you have some recommondations for me?

you can say "it's in the shop" (implying for repairs). But you can use the inbrowser VM on an iPad

Front of house is flooded as fuck, and me and my parents just trudged through that shit like we were indiana jones in the fucking swamp

That sucks :ccc

Shit was cool as fuck

uh if you say so lol

but in the room it had no vm? or has it one in every room?

be glad you're not in your parent's position then

I have waterproof boots for this purpose

That reminds me, I need waders now

It depends on the room, but I believe you can call up the VM for most if not all. I'm usually doing the exact opposite

Like a full on wetsuit too

Yeah that's no good :c

thank you for your kind support xD

Gave +1 Rep to @sinful moon (current: #35 - 320)

Sounds like at least 10s of thousands of dollars of damage

I have this grundens bag that can theoretically fit like two dead bodies of little people or one adult sized person maybe

It's massive

lol that's one way to couch the theoretical capacity

It looks like a body bag

It's waterproof too

Either way just be glad you're not the one directly dealing with the damange I guess, sounds like you didn't have anything down there otherwise that would have been a world of hurt for you too

The city did this million dollar project right that thus far has done jack shit for us

They fucked it up the first time which was 2 years ago

So they dug our street up again this year, and it has done nothing thus far

@mossy river is cloud fun to learn ?

So either the project manager is incompetent or the whoever is authorizing this is like that

"fun" maybe not, necessary, yes

Anything can be fun if you are crazy enough

Not wrong, I just find it much less interesting when it's all "just someone else's server" but fair

Whoops Exchange Online is now... "Offline" for an entire client, what do. idk just wait for Microsoft to fix it

Although in that specific example, hosting your own Exchange server is a hell I wouldn't wish on anyone so fair enough

So this is gonna sound random, but in japan they have these women's shoes where you can collapse the heel and turn it into a flat

mhmm I've seen those, it's neat

lol relevant to me at least

Hi guys I would appreciate some advice regarding cyber security

well gotta be more specific than that

Getting started with infosec, or are you interested in a specific domain, or?

Let's gooo

Heels rock right up until they don't and you're getting sick of it lol

lol even if it means I have to be short again

Hmm Ill start doing all free rooms I suppose

Done!

Beat me to it

Thank you

@mossy river you scared me

Nawh

Boo

It's regarding Reddit they somehow know create an account my main account got banned I had that for years I made another one like a week latter that was Shadow banned then I appealed that account for it not to be Shadow banned then I got banned then about a week or 2 later I made another one and it got banned next day I used a VPN and a different browser I used brave and iron fox on android

Do yall know when next sales appear?

Ugh that's not something we can help with

Ban evasion is not ethical use of this knowledge

Hmm

I understand but I was banned because I won a debate

They reported me

"won a debate" appeal to the relevant moderators

@mossy river for curiosity why are mods ranked higher than THM staff

No Reddit banned me

Arents mods like volunteers?

My main account

Dont ban evade I suppose, make an appeal, using VPNs just reinforces the case

Appeal to Reddit its self, we can not help you with this, we have no power over Reddit administration

This is not what this community is for

Also if you want to see reddit posts you can see them if Im not wrong

I must rephrase how do I block fingerprint and IP track/monitoring

What do you mean?

We will not help you because this is just ban evasion. Appeal to Reddit

You wear them for 8 hours lol

Hmm I have a better question with a negative response 😎

I did

I've heard that they hurt after a while

They do

And how can some random discord dudes help u on reddit

Is it cause the foot is elevated?

Cyber security knowledge

Then ask cybersecurity stuff dont ask how to evade a ban

Can also be the shape of the sole and more. But yes it can get tiring since you have to walk and hold yourself in a certain way for an extended period

I'm asking how they do it

Don't you have to take baby steps in a way

@mossy river if you are still there, do you know a github repo or a playlist with all fundamentals relared to cybersecurity

Like small steps instead of big steps

Im more interested in Blue Teaming

A short person can help with that

Not baby steps, but you do have to learn how to walk in them lol. I bet most guys would fall over lol

:(

I stumble on daily basis

Curious

get up and walk again

Im trying

I mean we have that info on TryHackMe, but like here's a vast cheatsheet and info once you're somewhat experienced: https://book.hacktricks.wiki/en/index.html

@rapid merlin ehy do people want PT1 over SAL1 cert?

blue team is not that easy but you can see some learning on thm

depend on the job

Damn ,but u say it’s worth it ,cloud doesn’t have entry roles tho does it

pentest pt1 CBBH CPTS OSCP

TryHackMe asks 17 euro monthly or 100 euro annually

and defense SAL1 and other things

I've found it to be worth it, and use what I've learned professionally on the daily

I like to be in blue teaming more

so sal1

Really

Depends on eachs budget Im trying to get hired into help desk but all jobs ask me know german

And I dont know german

but you will need to see some lil thing more

Germany does have a lot of petty darn vulnerable on-prem stuff lol

Well Germany is a market leader in EU

I think they're second to the US in on prem exchange 🤦‍♀️

Pretty much

Ill have to learn german but I dont know a good roadmap

Duolingo aint it

Just like with TryHackMe, you gotta learn for multiple sources. There's no single way to this knowedlge

and to be frank, learning a language and sticking with it is harder than learning infosec, learning guitar, or learning just about anything else I've done

Not saying that infosec isn't lifelong learning because it is, but learning a foreign language is even more so, you can't drop it

My plan was getting cloud certs

Like try to get microsoft fundamentals certs with 50% discount

AZ-900 SC-900 and Microsoft 365: Fundamentals

Due to being affordable I suppose

you can for sys admin operation and after that add the siem build and soc you will be kinda good

Arent those associate?

yeah but building maintaining and operating is completly different

Hmm so your idea?

better be a lonely guy learning sys admin dev hacking and defense than just learning how to defend

I kinda dont like being lonely its pretty depressing

i know buddy x)

thanks to my girl helping me mentally everyday but im kinda struggling also

no pain

no gain

Atm I dunno if I should learn AWS or Azure

Or start with Azure and learn AWS along the way

Anyway Microsoft fundamental certs are like 25$ with the discount in Romania

whatever you want for real

both are different

I heard Azure is more beginner friendly

AWS is a bit confusing I participated to an AWS Gameday event

you'll see s3 bucket etc etc on one end and on the other you'll see a different type of things

AWS is a bit borring but usefull

azure is more friendly because microsoft

meanwhile I started with help desk, basically with no interview, mentioned to the boss, btw I know VMware and Linux. Become sysadmin, then have to remediate major vulnerability, prove my infosec skills, and keep advancing lol.

But this is a very weird circumstance and yeah I'd like to get certs as proof beyond this job experience

go with basics on pentesting for real

like a lifetime of self taught before that

eJPT is really easy like sleeping easy

Im currently networking with people and volunteer at tech events, tried volunteering somewhere else but aint it

24hours exam but 2 hours to complete it if you did basic THM machine on msf and network

Honestly as much as I'd enjoy offensive, I think defensive would position me better in the market

even if yeah eventually OSCP would be a lifetime goal of mine

you can do both after all it will secure a lot

OSCP i think (for my part) lost it's core value

I know I already do both but still

Defensive places you better because there is a broader range of jobs

true

That is another reason I like Blue Team more also

Mhmm, effectively at work I am Windows Sysadmin, Linux Sysadmin, Lead Infosec everything, SOC Manager, compliance manager, devops everything, more roles I can't remember, and still help desk :p

what i do is purple team and in my place i can work in both so yeah x)

Gotta love small business 🙃

im an it consultant i do offensive test but some client can ask for blue teaming and i work in both

Technically I am as well

that's really cool

Well you can discuss with the business owner to write a recommendation paper once you leave and add in your CV the tasks you did

Hello guys. Has anyone been having problems with the mouse pointer disappearing after upgrading kali?

reboot

can happen

indeed, but yeah would be nice to have some certs to back things up

Just hard between work and... unwinding from work, and then life on top of all

but we'll see

Did it already

kali on vm ?

Ask your boss if he can pay for your certification

yep

And argue that it helps you be a better worker

what's your Desktop environment ?

He won't lol, plus the one time the in office people got state funding for certs they all didn't follow through lolol

They tried and didn't stick with it

Cant you report him for that?

No I'm out of state contractor

XFCE

so xorg

gsettings set org.gnome.settings-daemon.plugins.cursor active false

I heard there are companies that instead of paying for certs, they offer low quality training instead

nah this was a state sanctioned thing to get the official training from CompTIA lol. Doesn't mater anyways since out of scope for me as an contractor

I live 800 miles away heh

No need to find loopholes and etc, I'll get it eventually

Trying that, but I'm getting:

No such schema “org.gnome.settings-daemon.plugins.cursor”

he will post fake crypto scam again be ready xD

But yeah it's getting time for me to move on

hmm strange

because yes they're not using GNOME

oh im stupid

XFCE4 has it's own config system

x)

and that's probably not the issue

yeah i am kinda tired sorry xD

No worries

go to settings if you manage than pointer try to switch your pointer for another

If this is a VM then it could be a number of very silly little things

I noticed low severity bugs dont offer rewards

But also if this is Kali and you don't have a ton locally saved after this update... you could just easily reinstall

Tryhackme could have offered a sub or something like that for these

that is kinda the point of Kali

Kali is interesting

Not supposed to be long term, just pop it up and you're ready

Yeah, I'm considering doing that. I'll only lose some files and tools that I've been collecting through my CTFs' journey

just back them up via SFTP or whatever first

if you have ssh access, then you inherently have SFTP

I tried to update VMware as well, but for some reason it's not doing automatic checks anymore

that's a different can of worms but honestly way less of a big deal

Yeah, you're right, it's probably the best solution to reinstall it

Gonna do it, thank you guys 🙂

yeah best to use it as something you can't rely on long term, keeps you from miusing what Kali is supposed to be anyways

no problem!

just yeah backup those files and you're set!

back in the day in general Linux discords we'd feild support requests for "how 2 install Steam in Kali".... just no lol

lol

Hahahha

yeah that's too much

Yeah just thought they'd use the leetHax0r Linux with 0 understanding of its use case lol

i got sent back to broze form dimond

That wasn't even the worst I'd ever seen

"my friend installed the kali tools in arch but things are broke, what do".... friend literally installed apt in Arch and ran a script that just installed a bunch from Kali repos and wondered why everything was effed

that was like... wow

misconceptions on so many levels

because heh Arch has all those tools, imaigne that!

i use athena os

it has arch

loool

but they ended up with a franken Arch/Debian hybrid that broke

lmao yeah that's why we have a pack on the blackarch website called strap.sh that add all the mirror of blackarch

people using strap for debian cross usage on arch are some kind of stupid people xD

even then, my pentesting server is pure Arch, and yep works more than fine

black arch is that dead now ???

I think it is

they keep updating but people are more on endeavour or another distro

@gusty inlet I checked your website and my jaw dropped

sad that hyperland doesn’t work in vmware and vbox

It's all kinda pointless. Just use Kali. If you want a custom Arch based infosec enviroment just set it up yourself

so because of things like athena that use a bit of there own and bit of black arch its slowly going down

Bro you have over 300 certifications and a lot of them are over 500$ 💀💀💀

thats a roadmap LOL

I helped in research

Oh then mbad

Again just use the industry standard, Kali. I am all about Arch but you need to be able to use a standard enviroment you're given

it has a lot of the certs available

I believed it was his roadmap

nah

well

technically he created it (with the help of others)

Ill just get Microsoft certs, are most beginner friendly

I use custom Arch setups but that's because I want to know every little detail of setting up and maintaining the software I need for infosec. But I am more than happy with Kali

Part of that is I want to know why i need it instead of "oh its' already there, and I just didn't know"

ok

kali is nice, just set a golden image and you’re ready to go

what do you think about kali nethunter then

it's interesting can't say I've tried it

I potentially could, not sure if it supports the old Android phone I have, but limited use case for me IRL

is that like kali on a phone?

correct

yes

ah ok

and no NetHunter Lite is not the same kinda thing

i used a bit of here and there but alot of just seems program on pc and then use the phone as a usb

but yeah I'm 800 miles away from work so little use case for handheld pentesting device like that... I say with my flipper lol

that's more a idk I just think they're neat

like if i could see someone show me how you could use it 100% then yes i willing to learn and see the full use but till then a laptop is alot easier

Realistically not a ton of use case to nethunter other than "it's neat"

flipper zero at least has some immediate use for access control

yea i have seen alot on the flipper but never used one

are the leauges broke

Hello Donut!

Unless you’re doing a lot of physical access control stuff, it’s not terribly useful

why am i in bronze bro💔

is there a bug with the leagues? i was in ruby and was going to be promoted to diamond, checked like 5 mins ago was in diamond, checked again after doing a room and now it says im in bronze and i still have last weeks points

fr

lol

like bruh

me2

rip

laughs in not caring about the leagues

i kinda do kinda dont

kinda thig

But yeah sounds like some actual issue with the infra

me too

think its something to do with the new ruby rank?

how do i access echo for help

i was diamond now i am brozen

click on it i think

my goodness, the broadcom website for vmware is way more confusing than it was before

i cant find echo anywhere on thm

am i just blind

Do you have it disabled currently?

i'm not sure how do i check

When you click your pfp there should be a button to enable it

oh wait nope

its on

still can't find echo though

refresh your page or relogin

if one of the questions has a hint button it opens the echo menu

yep just tried echo is still not appearing

ah maybe that is why

lol I for one will not use the AI gaslighting

the questions i have does not have the hint button

Hmm dont use LLMs

I was #1 place in Silver League and I got demoted to Bronze

i will be on bronze soon

good job

I got invited here, tho I have no knowledge about hacking

I'm just an experienced user. Changed about 20 pcs so far, started with C64

I mostly try to make stripped down windowses, for gamers

https://tenor.com/view/me-atrapaste-es-cine-its-cinema-cinema-esto-es-cine-gif-17729711691959966457

Are you interested ?

to learn cyber sec?

well, I would like to protect people that use my windowses, so they can game in peace, but I'm not interested in hacking anyone

You must be interested in blueteam

blue team = defense?

yah

then yes

https://tenor.com/view/meme-funny-funny-meme-meme-memes-funny-gif-10549585444767159988

You are internet cafe owner?

i see

No, can't have a bussiness with custom windowses

My work is mostly hobby, everything for free

Removing cpu cycles, so gamers can have more framerate

However, I can't have them butt naked on the web, as baddies exist

what

wat?

Very confusing, so you're selling Windows PC, hopefully fully licenced, you strip them down software wise for performance, and that's it? What even is the question, and why is this a free endeavor. There's just very many questions about what your goal is and what you're even doing

I'm not selling anything for one. As I said, my work is free. I just remove cpu cycles from offline windows image

If you're worried about security then what leg do you even have to stand on, you have no other infra outer than the computer you sold them, no AV or network equipment

Then I'm still confused

Have you heard about Tiny11?

What is your goal?

Yes I am more than aware of it

Well, Tiny11 is 2.4GB in size or more. Mine is around 1GB

That's even more concerning. Does Windows Firewall still work?

yes

idk what you're worried about, yes you probably stripped out a ton of nice security functions besides that what is the goal here

Well, I've been at it for past 7-8y or so, and I've reached a point I can't think of what to add or remove

We're sure not going to tell you how to strip it back more here, and probably can't condone providing modified Microsoft builds in the first place. Probably looking in the wrong spot. Any abbriation from a baseline Microsoft official build would be considered insecure, null and void to most of the business industry we work with

you may want communities that are more into modifying windows or focused on gaming

We do have knowledge in these areas but this server is about security above all else

not to discourage you, I get what you're doing, just not our thing

Is it possible to make a user experience physical pain, through his pc, or phone, somehow digitally?

lol what

It's what I need defense from

Not exactly sure why do you wanna know that

Whose making you feel pain from a phone?

That reminds me of the time I was chatting on IRC about 30 years ago and I wanted this guy to leave the channel I was in but he was being annoying and wouldn't.

So I used an program to freeze his windows 95 and he timed out, but then he rejoined.

I then proceeded to tell him that if he didn't leave I would set his modem on fire. He then left.

lol

but of course we would do no such things these days

But yeah 9x era was wild

Yeah not too many laws surrounding that type of stuff back then

mhmm I just try to be careful about my past here lol, impressionable youth, but things have dramatically changed

I'm old enough that no one gives a crap

Hah that's fair, I've just been reprimanded for being too specific about my olden days

I can see that

guys i ordered chinese food but why did they give me two pencils

I will say I am glad I did not know how AD worked and that my high school ran on Win Server 2003 R2 at that time, I just did other things lol. Mind you kiddos, don't do those other things

CRACKROCK.IRC v3.0.1 for BitchX 72+ by novalogic

lol

good old days when IRC clients were named insane things like that

what is this eggdrop1_3_18.tar

i've forgotten

lol I'm sure far outdated

/sbin/ipfwadm -O -a accept -V 192.168.0.1 -S 0.0.0.0/0 -D 192.168.0.0/24

lol

meanwhile we've sorta done away with /sbin as a concept in some distros

kinda lost all meaning

True, most everything is bin now

Nice writeup for Fedora: https://utcc.utoronto.ca/~cks/space/blog/unix/UsrSbinFailedInPractice

Anything look fun ? lol

lol nice

also freaking onedrive, for shame

how the mighty have fallen

is hilarious that defender doesn't give a crap about those, but holy heck if you have Markdown notes with reverse shells OMGF, let alone demoscene demos

But I am suprised you're not on Linux

bro what

Moment is over, move on lol

I couldn't haha

@sinful moon hey!! 👋

Heya Rex good to see you

I say I was stuck on Windows longer than normal on my main lol. It's just nice to be back

😎.......

it is, after all this time Linux is home to me 🙂

Yeah for sure. Been Linux main since 2007 but typically use all three major OSes on the daily at work lol. Just nice to have that on my main lappy again

Anyone know David bombal

I know

Youtube content creator

Yhh

but i'm fan of john hammond

Hey guys, I recently encountered a technical problem. I need to manage a cloud virtual host, but it does not support SSH. What can FTP do?

Not personally, but yes I've seen his videos

soz about that...didn't expect guests so left messy room

Most services have built in web terminals to the cloud host

Okay thanks, I will try to look for it.

Gave +1 Rep to @sinful moon (current: #35 - 321)

ok

I know it has a file manager, but I haven't found a place to execute commands yet.

An apple tech support rep asked me if I had Finder on windows

https://tenor.com/view/pat-garrys-mod-garrys-mod-physics-fast-intense-gif-26322619

??? 😭

Dudeeee

right?

😭😭✌️

#techtok

vibes

Hi!! How are you? That's why I don't speak with "tech support" nowadays they don't know shit, just follow a script. When I really have to talk with them I always say the same before I called I already check everything in my device the issue is on your side so please transfer me with somebody that really knows their shit 🤣

So, some scammer just contacted me on discord asking about if I bought a Counter Strike knife from them on Steam

And my actual Steam account was shown as being the buyer (probably just good photoshop on their part, my Steam account is literally linked on discord and uses a publicly available pfp)

But like, what the hell is the end goal with this? Like how is a scam like this even supposed to work?

Cool cringe-post. Thanks for that.

Gave +1 Rep to @kind thunder (current: #2112 - 2)

My pains subsided somehow

I'd still like to know how that actually works, so I can maybe kill one or more dependencies, to protect my users

I'm on my own windowses now

its a great post thanks

Gave +1 Rep to @kind thunder (current: #1585 - 3)

How does one go from diamond league to bronze with out being in the drop out zone?

good question, how do i get promoted to diamond from diamond every week?

I dunno but it's a bit of a kick in the guts when you have been relentlessly pushing yourself

Made this far on my own guess I'll just fafo

there isn't a way

What do you mean, I just checked my email says I'm still diamond, log on and it's put me at the bottom of bronze?

then it is a bug

It may be like boxing belt or I dunno

Question, if I uploaded a ps1 file to chatgpt, and it said 99% of functions are missing, then I opened file for editing, copied and pasted code to chatgpt to get a completly different analysis result, what does it mean?

Also, when pointing Grok or chatgpt to github repos to get data from, they say repos are empty, tho I see data?

Anyone here do bug bounty and made money from it? if so do you mind telling me a bit about it. I am interested in it and want to know its potential

Makes sense, had a rough week tech wise and that was just the cherry on top

Think of it as lotto winnings, it's not a career

But you might get lucky at one point and get one

join nahamsec server you will get so many bug bounty guys

Yooo

oh so its not worth looking into?

what is that?

If you enjoy doing it for fun but don't expect to get paid then sure look into it

that is a bug bounty server of a youtuber called nahamsec join that

can i send you an invite

i think i joined it

yes you joined it

well im still trying to get into bug bounty

i am a complete noob learning the basics right now lol

like im doing a basic intro to cyber course on cisco network academy

i also learned a bit of networking which i would like to improve my knowledge on that as well

in terms of how to actually acomplish bug hunting i have zero clue

Same thing happened to me.

Do port swigger labs

Those r fun

Well after

why do you want to do bug bounty? I'm just curious

moneyyy

😛

if so, then not a good idea lol

joking

Are you though? It's just not sustainable to come about it that way

well he was asking the other guy

😭

Just nice side hobby. Fair but yes applies to anyone

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PersistentRoutes]
"65.9.0.0,255.255.0.0,0.0.0.0,1"=""
"52.109.0.0,255.255.0.0,0.0.0.0,1"=""
"2.16.0.0,255.255.0.0,0.0.0.0,1"=""

Running this reg tweak seems to have solved numerous issues for me

basically. it blocked outbound connections to amazon aws, akamai and microsoft

im interested in ethical hacking and pentetesting. I previously wanted to code buta fter some time i realized it isnt my thing. So i started looking into cyubersecurity type of stuff instead, learning about networking and i found it cool. Ethical hacking i guess is just the next step for me and i think bug bounty would both be very cool and related

i heard people make money from it but which i need lol but yes im not trying to rely on doing this for money

afterall i am just a beginner

ah got it

cuz I would avoid bug bounties if u want to make money

ye i see

anyone got good resources you guys used to learn about this type of stuff

becuase right now i am learning the fundamentals but don't know where to go after that

more specifically i am takinga cisco "junior cybersecurity analyst" path to learn which im not sure is the right thing to learn

That's what I told him

You probably want 10+ years in advanced cyber and reverse engineering to have a chance

that is brutal haha

hello everybody im compleately new here im 20 years old im a cybersecurity student im also good in programing langauges. i know good in python c c++ js etc. im also a mern developer. also a flask developer. now i prepare for ceh

dude how do you have the funds for ceh 💔

no thats why i learned mern stack developement to find first an entry level job

i think you also have the same problem

oh lol

indeed

If I understand things correctly, Microsoft wants to kill me

So we both have a lack of opportunity, right? Haha.

Tho they only reached a phase where they can hurt me physically

we need to make opportunity for our self first

I have 8 eur on my account

Correct

are you are bigginer in cybersecurity by the way i study cybersecurity from atleast 3 year i did ccna and and i know programing can write script to automate the exploitation i also know papulat tools like burpsuid, nmap, wireshark, metalploit, some wifi hacking tool and some android hacking tool etc

Rather annoying to say the least, maybe that's just the gamer coming out in me like bs man I was on top must definitely be lag and every other gamer excuse ever haha

wehre did you learn all of this??

and you studied for 3 years??

Same Happened with me, i just checked and saw i am on Bronze and yeseterday i was on Top 3 in Gold.

Definitely Heresy

bro i learned all these from leaked courses youtube a lot of articles and books

oh dang alr

ye im also tryna learn rn but am a noob

yeah i started when im 17 year old

how much time you spend a day on that??

like that must be some sort of decent grind

good luck bor

Someone get on the vox, we need a chaplain and a tech priest

I've been into computers since I was in 4th grade, that was 40y ago

About 2 years yeah I still feel beginner honestly 😂😂 same age as you, and I am getting ready to take the ccna this December. How was it?

Tho I only knew how to turn on pc and play video games

i spend all day haha.. i forgot my university bs degree for this and i learn hacking and coding all day i dont play any game dont have friends etc just alone boy but i have my some my bestfriends like my pc laptop chatgpt vs code and kali linux etc haha.. im so happy with this

With time, especially last 7-8y I've been delving into offline iso manipulation and cybersec

DAMM thats commitement...

My brotha just another me

so you got a job and everything?

Tho only blue team side, I never actually hacked anyone

so you could if you wanted to?

I mean, I know the theory, just never tried it

@lime topaz you have your ccna ?

i studied ccna played with actual server switches and routers but i didnt gived the exam bacuse its expensive

https://cdn.discordapp.com/attachments/1395597749369700414/1415385061435506780/dehya_and_the_crew_grooving.gif

haha...

Ah I see

so what college would you have went to?

I know how would shooting people go, or stealing cars, but never tried that either

i study onlion

wdym?

studies online

https://cdn.discordapp.com/attachments/1390101972820037772/1418690966520463442/091603.gif

Language barrier

haha

idk if that answers my question...???

now i wana find remote job in developement to earn some money and go for advance cources

i love this teacher he is a great guy

Try oscp

but like where WOULD you have gone

CCNA is basic

https://tenor.com/view/me-atrapaste-es-cine-its-cinema-cinema-esto-es-cine-gif-17729711691959966457

is ccna worth it

Like actually

what exactly is ccna?

💔

is that just networking or smth?

Yeah

ive heard about it but never really got there

Very

yeah i m thinking about this.. but first i wana do ceh

I believe it is a networking cert

But not enuf for a cybersec job

Ceh is very expensive bro😭

oh lord

how much is it?

Lol ceh is in the course in doing right now

Almost a thousand

Oscp is 6000 dollars lmao

I think

Bro.

I’m cooked

2000, no?

is ccna hard??

Hi

Possibly
But if you got networking down packed it shouldn’t

Idk exactly

But it's expensive asf

lol

thats true

I recomend htb certificate instead of that

tell me smth advanced abt netwroking i wanna see if i know

what do you mean haha..

cpts?

https://tenor.com/view/chill-guy-my-new-character-gif-2777893510283028272

Solution: Get an employer to pay for it

you do it from ec console???

?

ccna mean cisco certified network associate

There are many

I believe they are learning from the CEH courses

I know

just like

is that the one u were referring to

If a router unfortunately goes down and need a backup just in case what do you implement 🤔🤔🤔 I feel like this is basic though I’m learning with you

Still studying

Web exploitation expert or smtng

There are others for less than 500 dollars

ag

offically ec console offer this cert

like 499

Junior pentest etc etc

Uh just add another router? isnt that why you got Qos

portswigger is best for web exploitation

changed message, typed cert instead of course lol

for certs lol

is this right chat

oops fault tolerance

what do you mean ??

i get it mixed up lol

490

we were talking about HTB certs

whats the right answer!!!

i genuinley got no idea...

ooo yeah

Yrah

99 dollars for the practitioner certif

was mothers secret difficult for yall the first time around or am i just stupid ash

Hsrp or vrrp

But it's hard

it was

wth is that

never heard of that

U tell me bro

thank you this maekes me feel better, no matter what api i hit it just says wrong route

Gave +1 Rep to @marsh lark (current: #28 - 385)

o

"
HSRP and VRRP are networking protocols known as First Hop Redundancy Protocols (FHRPs). They are essential for providing default gateway redundancy on a local area network (LAN), ensuring network hosts can continue to communicate outside their subnet even if their primary router fails." -GEmini

If the ccna hits me with subnetting type questions I might be done for

So rusty

I couldnt do it the first time

so

what the heck is a vmac 💀

Yeaaaa

I'm schizo, and live off of disability money and family pension I inherited when my mom died

interesting

Virtual MAC address

Amazing.

ye i know very basic lol

not that stuff

ily donut do you know that

even though i learned like ip packets and the different fields i still dont remember heheh

i aint tryan memorize but rather learn

?

is ccna like a online course you gotta pay for or smth?

my bad

Yeah, iso on my ventoy usb was screwed up

maybe i can start learning this early becuase i am hoping to do this at some point too

It’s an exam

it is a cert

its networking certificate

i did a practical for ccna creds thru my school

that cisco is giving you

yes but like the information to take the test is it course based or how do you guys learn it?

we had to built a small network and bring up all the switches and routers dhcp, spanning, trunking, port security

I tried something new with ntlite, and it somehow didn't apply, but still ended up with not installing windows

you can find it on professor messer channel;

I used GNS3, packer tracer and netacad + geeks for geeks and github notes

or you can get the network + which is basically equivalent;

packet tracer is nice af

if you know the networking on ccna based then you can give the exam

and physical routers and switches my school offered

packet tracer has information on it??

its crazy that network + is the equivalent bc ccna goes so much deeper in my opinion😭

You can make your own networks and stuff

hi @rapid merlin did ur buddy resolve that program issue?

no its an application for testing networking you can my labs ther so that you understand that whats going on and what is happening

ye ik

i use it

yes he resolved thanks to you

Gave +1 Rep to @rapid gust (current: #1095 - 5)

for my networkign basic course i was doing

the one in my bio should work, tho since ntlite removes services that are checked during install, install halts for about 5mins but completes

🥲

u like it?

its interesting altough at first i was very lost

like wth are these different layers im staring out 💀

or the incoming bounds or outcoming bounds of the packets

Haha

i mean thats still just scratching the surface

you will know if you see someone CCNA based course @limber knoll i suggest the networkchuck ccna course

but like i want to learn more

More about what

Networking ?

isnt that incomplete?

i was looking at it before

maybe but i learnt so much from him the switches routers and also subnetting that is great

subnetting was fun af when i learned it

i wrote a program to automate it

yes its so much fun

i alr know subnetting switches routers stuff

i took 2 courses on cisco netacad

same with all the cisco configs talo i wrote a program that automated all of the switch and routing configurations

yeah in start we dont know why we do it haha..