#general

1 messages Ā· Page 2182 of 1

west mango
#

But anyways hi everyone

half relic
#

hi

west mango
#

Hey

#

How are u chi

half relic
#

I'm good

#

didn't realize you were talking to me at first lol

#

how are you

west mango
west mango
half relic
#

good

west mango
#

I have been doing python for the last few days and kinda skipping on cybersecurity

#

Python is fun

#

10/10

half relic
#

I liked it back when it tried it. it was the first scripting language i ever used

#

i have not kept up though

west mango
half relic
#

I don't know i moved on to other things and forgot it lol

west mango
molten solar
#

@half relic (hoep that sthe right one) . I'm trying to figure out a written set of instructions by which i can say beyond reasonable doubt "This host is not tampered with", whereby i can get a figurative red light, or green light (boolean eval)

half relic
#

and now that i am used to more c like langages the syntax seems really weird

west mango
#

Im doing it rn cuz im taking a cybersecurity class THAT IS ALL PYTHON

west mango
half relic
molten solar
#

@west mango DPIC, and C put hair on yoru chest.

half relic
#

i still don't totally understand why you are looking for files that are not represented by the os though lol. sorry

molten solar
#

@half relic Detecting PUA ..

west mango
molten solar
#

@west mango Good luck šŸ™‚

west mango
half relic
#

potentially unwanted apps?

west mango
#

I got a team w me

west mango
molten solar
#

@west mango You miss 100% of the chances you dont swing at .. Its good to have multiple eyes on, even if you are not all proficient coders, differnet poeple have different trains of thoguht, you can probably produce something fun.

west mango
molten solar
#

@half relic Confirm. PUA potentially unwanted applications

west mango
#

I will do my best

#

And I should take cybersecurity more seriously too i havent been taking any notes at all and i did 50% of cybersecurity 101

half relic
#

i didnt' take notes for the first few rooms and i should have

molten solar
#

What do you use now? Obsidian? Cherrytree? notepad?

half relic
#

I'm using obsidian

#

i regularly switch computers and it syncs between them

#

i paid the yearly fee to have it sync

molten solar
#

Oh i just use the same repo everywhere .. Almost as good

west mango
half relic
#

i was going to use git or subversion

#

git is probably better but im better with subversion commands and its not like my notes would need a lot of complicated branching and stuff anyway

molten solar
#

Probably better if they dont branch šŸ˜‰

half relic
#

yeah lol

#

i know someone who used subversion to keep track of his character sheets

#

so i wouldn't be the only one using it for something weird

molten solar
#

lmao .. thats obsessive

#

I was just happy i could put them into wordstar and print em

half relic
#

I only played a few times

#

I used to play a lot of DnD based computer games though

#

i still do sometimes

molten solar
#

You know i think .. amazin prime gaming gave em all away recently.

half relic
#

which ones

molten solar
#

all the forgotten realms adventure ones, gateway to save frontier, hillsfar, pool of radiance/darkness. secret of silver blades, treasures of the savage frontiner, eye of the beholder 1/2/3 .. champions/death knights/dark queen of krynn , , deathkeep, menzoberranzan? dungeon hack, dark sun 1/2

half relic
#

i played those a little but mainly it was baldur's gate and newer for me

molten solar
#

ravenloft, 1/2 ... shadow sorcerer, dragons of flame heroes of the lance, war of hte lance,

half relic
#

I did try them though

molten solar
#

In short, all the old ones i think

half relic
#

those were a lot harder lol

#

i had to use dosbox lol

molten solar
#

Did you ever try ... dirk the daring .. what was that .. dragons lair?

half relic
#

no

molten solar
#

that game was BRUTAL on the quarters

#

meant to deprive the player of their coin as efficiently as possible.

half relic
#

the older ones were definately more challenging

molten solar
#

The biggest thing about them was .. continue simply did not exist like the modern games. no reloads, start over from the beginning of that stage for N lives, or all over again

half relic
#

interesting that you can play it for free online

molten solar
#

Its practically vaporware

half relic
#

did you ever play this nintendo game. it was almost impossible

cy1sMjI1LmpwZw.png
#

i had to draw maps

#

there were no saves

molten solar
#

I've played just about all the nes games at some poitn or another

#

That was years ago boss

timid orbit
#

I just looked back at chat, are you trying to configure IPS/EDR?

molten solar
#

@timid orbit Yeah, i'm trying to wrap my brain around how to prove something doesn't exist .. good luck right

half relic
timid orbit
half relic
#

apparently this came with a map with the solution, but i traded it for another game and all i got was the cartridge

molten solar
#

@timid orbit Bob Villa famously said best block, no be there.

timid orbit
#

Thatā€™s not generally for IPS/EDR. they follow behavioral patterns

#

^ Before someone corrects me, I know thatā€™s only like 10% true

molten solar
#

@timid orbit ITs sort of a mental excercise, theres no wrong / right answers

timid orbit
half relic
#

is there a lot of risk in connecting to a compromised system with ssh or rdp. I really hope not

tepid breach
molten solar
#

You can totally build high security boxes on a budge,t they dont require $$$$ in licensing to make them right, and solid ..
@half relic Depends, are you using said system to access your clients resources?

timid orbit
molten solar
#

@timid orbit I'm not talking about reinventing the wheel, im trying to wrap my brain aroudn how its done

timid orbit
#

Thatā€™s fair

#

Yeah itā€™s not easy

half relic
#

I mean rish of infecting your workstation

#

risk

sand trench
#

meep moops it is the time for sleep sloops to the beep boops

tepid breach
timid orbit
tepid breach
molten solar
#

@half relic Assume your jump box is compromised everything you connect to downstream is also compromised no? Your workstastion might be okay, but you have the mierda touch on everything else.

timid orbit
#

Thatā€™s not true

#

You assume but itā€™s not guaranteed

half relic
#

well i meant can the jump box or workstation you are connecting from get compromised by the comprimised system

#

if the workstation or jumpbox was comprimised that would be very bad

molten solar
#

@timid orbit if your bastion/jumpbox is tampered with, aren't you also taking a long critical look at everything that host has communicated with?

timid orbit
#

Yes, you assume they are compromised and isolate and investigate.

molten solar
#

When you said thats not true what wer eyou referring to?

timid orbit
#

Them actually be compromised

molten solar
#

No, you ASSUME they are, and vet accordingly

timid orbit
#

Yes

#

Thatā€™s what I said

molten solar
#

You ahve to assume that you have the mierda touch, that everything that box tampered with was broken.
In ref to your response when i said this:
imera Assume your jump box is compromised everything you connect to downstream is also compromised no? Your workstastion might be okay, but you have the mierda touch on everything else

timid orbit
#

But really you only need to isolate if thereā€™s an IoA or IoC. AFAIK but Iā€™m still studying that and it probably depends on the company

molten solar
#

I dunno, i worked for soc as a service type company ... we took ioc/ioa/idiot clicking the button pretty seriously

#

There were no shortag eof idiots

timid orbit
#

Yeah Iā€™ve been studying for a SOC job for a while now.

#

Thatā€™s why I did SAL1 and taking cysa soon

#

I shouldā€™ve taken it now but meh procrastination

molten solar
#

I took CYSA the last gen, it was fun .. I think its gotten more specialized since. (secX here)

#

Didyou get your voucher yet?

timid orbit
#

Yeah

half relic
#

i wonder what kind of job i can get if my position disappears. it seems my position is being outsourced almost everywhere so maybe not that maybe i could work for an msp or something

timid orbit
#

Iā€™m going to be taking CS0-003

#

I think thatā€™s the code

#

Need to do it by May

#

Thatā€™s my deadline

lean arch
#

you could go into a SOC type of roll easily

half relic
#

what makes you say that i have no experience

timid orbit
#

Not in the U.S.

lean arch
#

you don't really neeed any. You have customer service experience and good technical skill

#

you also help customers with some security related things

half relic
#

HI btw

lean arch
#

hi šŸ™‚

molten solar
#

What you can do is go to like discountvouchers or something .. cheapvouchers etc .. they have a site like that that has vouchers with SHORT Life expectancy, like 4-100 days .. The closer to expiration the cheaper it gets. I think i got my linux+ and casp+ for like ... $140 ea ?

half relic
#

i do but we don't go very deep into that

molten solar
#

$170 ? something liek that

lean arch
#

SOC is entry level

timid orbit
#

Not according to the industry

half relic
#

does your company have any open positions lol

lean arch
#

probably

#

I can check

timid orbit
#

I was just told I need 5y exp in sys admin for a cyber job lol

#

Probably true

lean arch
#

gah

molten solar
#

Ah the "You want fries with that" side of it

lean arch
#

who on earth told you that

timid orbit
#

Somebody pretty high up the chain

#

Said itā€™s because of competition not because of qualifications

lean arch
#

Wonder what cyber job they were thinking of

#

most jobs come down to luck and who you know

half relic
#

i do investigate comprimised systems as a part of my job to some extent

lean arch
#

yup

timid orbit
#

I do incident response lol

lean arch
#

so do I

half relic
#

i don't do that

lean arch
#

I have 10 years in cyber and most of my jobs came down to luck and contacts lol

half relic
#

you should verify your account so you don't look like you are gonna ask us to hack roblox lol

timid orbit
#

Iā€™m just level 1 support but Incident response and incident management is a big big part of it

lean arch
#

Do you enjoy it?

timid orbit
#

Yes

lean arch
#

good!

#

You see a lot in the trenches

#

and that's incredibly valuable

half relic
#

I actually like my job too i'm just worried about outsourcing

timid orbit
#

Yayyy

half relic
#

cause they already replaced half our staff that way

timid orbit
#

but they kept you šŸ™‚

half relic
#

im lucky

timid orbit
#

you're chosen

lean arch
#

and smart

#

and adaptable

half relic
#

i think one reason is i don't argue with them if they ask me to do something honestly

#

even if i think it's dumb

#

its not my job to decide how we do things imo

#

so its kind of stupid why they kept me

lean arch
#

It's not mine either, and I argue with management all the time

#

lol

#

they expect it from me now

timid orbit
#

no i mean that's probably the best reason why they would keep you lol

half relic
#

i hope if they do change their minds i at least get the same severence everyone else got lol

#

but anyway

#

i should try and make sure i can do something else

lean arch
#

you are... you're in thm

half relic
#

just in case

#

that seems hard to break into though

#

without knowing someone

lean arch
#

you know me, I'll tell you some tricks

half relic
#

and i have been doing pentesting stuff since it's interesting and fun, but i would probably do soc i think if it was my job

lean arch
#

I need to assign a new guy some thm rooms this weekend

#

management approved his subscription

half relic
#

that's awesome

#

im glad you are supporting people with training

lean arch
#

Oh.... speaking of which... Here is some inspiration to you all

timid orbit
lean arch
#

We hired guy that had no infosec background at all. It was because he showed interest in pretty much everything, he labbed and implemented everything, and he interviewed well

#

He is now in IR

#

we will teach him what he needs to know

half relic
#

that's something i can do

lean arch
#

He worked in general IT for a while

half relic
#

i got my current job by talking about things i did in my spare time

#

i think the degree helped get me to teh interview though

lean arch
#

not surprising

timid orbit
#

i got my current IT job because i'm a part time mechanic

lean arch
#

many paths to the same place.... many

half relic
#

how did that work

#

i am terrible with physical machines

#

i dont; have the spatial awareness or the right intuition

#

mechanical ones like cars

timid orbit
# half relic how did that work

aviation is a whole thing, and having the discipline to work on aircraft directly translates to the discipline needed to learn the job. also it's technical, but previous IT exp there doesn't actually necessarily help. because most tools we use there are proprietary

half relic
#

first time i put a book shelf together i screwed it up lol

half relic
#

I was really good at C++ in school though so there are things im good at

#

all teh programming classes in school were super easy

#

they don't get very deep into it

#

but that much was easy anyway

timid orbit
#

nice. i used my c++ hobbyist knowledge to basically skip my java class and still get an A on all the exams

#

because the concepts are roughly the same, it was just remembering some member functions here and there

half relic
#

when there were coding group projects in school i usually did the whole thing by myself and let everyone else make slides and stuff to explain it lol

timid orbit
#

nahhhh

#

you should've made them work

#

i did for all mine

half relic
#

i shouldn't ahive but once i got started it was hard to stop

#

we probably missed out on learning to work on code with other people

#

no one ever complained though

timid orbit
#

right

#

because you gave them the grade

#

honestly, the two coding projects i had, i basically led the projects without directly leading

#

because i didn't want to, but i was still telling them what to do.

#

they were mainly just doing busy work because they weren't familiar with coding

half relic
#

there were other group projects where i was reallly lucky i did other people's work cause they would show up with nothing done

#

it would have killed our grade

#

i didn't tell them i just did it and when they showed up with nothing done i pulled out my stuff and said i do have this thing i was working on

timid orbit
#

ur better than me, that's fs

half relic
#

I'm actually glad im done with school though for reasons like that

timid orbit
#

most ppl in school aren't mature

half relic
#

yeah

#

i went to a party school too

#

just cause i was already living in that town

timid orbit
#

my social anxiety never got me out during my first year, then second year i didn't live there, third and fourth year i worked too damn much so yeah

#

also covid first year was not fun

#

so i couldn't really be super immature i didn't have the chance lol

half relic
#

covid was terrible. the only good thing about it is how many places adopted work from home

lean arch
#

we lost our office

#

which was fine, no one went to it anyway

half relic
#

the students at the community college actually seemed more mature than the university i transferred to

timid orbit
lean arch
#

I could have said that better

timid orbit
#

lol

half relic
#

some of the community college students were older though and paying out of their paycheck to go there

#

most of the university students had their parents paying tuition

timid orbit
#

my parents paid tuition šŸ™‚

lean arch
#

that would be nice

half relic
#

that must be nice

#

i had to get loans

timid orbit
#

it was. i mean i got loans too and paid thousands out of my pockets too

#

but still

half relic
#

that's one reason i went to teh community college first

#

credits cost a lot less

#

and they transferred

timid orbit
#

yes

#

i came in with dual-credits from HS

#

saved me a lot of time

half relic
#

i got a cis degree at the college and a cs degree at the university though so i had to take some classes that were almost exactly the same but were the science version of the first class

#

like business math was basically precalculus but with practical examples

#

but it wouldnt' transfer in place of regular precalculus

timid orbit
#

what is cis and cs=computer science not cybersec correct?

half relic
#

but at least it was really easy the second time lol

#

computer information systems

timid orbit
#

ohhh i might be in that same boat

half relic
#

and cs is computer science

timid orbit
#

my cybersec degree was extremely close to information systems degree, and i'm trying to get into a ms cs program right now. (mentioned earlier just got rejected by a mcs program.. ouch)

#

so there's a lot of places i can't apply to that would be good schools

river ore
#

evening all

timid orbit
#

hi šŸ™‚

half relic
#

hello

river ore
#

is it ok to asking new questions in here

timid orbit
#

no

#

jk

half relic
#

which sucks when you are paying that much for them

timid orbit
#

probably. also a bunch of programs for admissions, i would have to post-bacc some CS courses to apply. hence why my options are limited lol

half relic
lean arch
#

or if you do, use the names Alice and Bob

river ore
#

i am currently in the pre req for the cybersecurity path...when is the best time to try the practice things

timid orbit
lean arch
#

yes

gusty inlet
timid orbit
#

Gn Dkob

timid orbit
river ore
#

ok lol

timid orbit
echo sentinel
river ore
#

im just now entering the linux fundementals

timid orbit
#

YESSS

#

HE TOOK MY ADVICE

echo sentinel
river ore
#

i have 2 more of that path before the windows fundamentals sec

echo sentinel
timid orbit
#

am i missing out by not taking those

#

šŸ™

river ore
#

so far i am really liking it

#

i have no exp in linux so its alot to take in lol

half relic
#

you can install wsl to practice with

timid orbit
flat heron
#

do you use your own machine or thm

half relic
#

it does seem simple cause it doesn't hide things from you

#

and its easier to see how it works

river ore
#

i use the thm machine

timid orbit
#

also windows has so many subsystems it makes my neurons wanna explode

half relic
#

yeah

#

its more complicated

timid orbit
#

and half of them are all for telemetry

half relic
#

might be overengineered

flat heron
#

but you can you thm to

half relic
#

i think the attack box is convenient and if i swich machines a lot i don't need a copy of my vm on each machine

#

i did install one on this one though

#

the vm is nice cause i don't have to keep setting the same settings every time i load burp or something

river ore
#

with the vm from htm its not kali based...well for one of my lessons it wasnt kali

dark wolf
#

wsl is crap

half relic
#

that's true

river ore
#

i dont even know what wsl is lol

half relic
#

i just thought it would be lightweight and big enough to practice with

dark wolf
#

Windows subsystem for Linux

lean arch
#

what's crappy about it?

half relic
#

i had problems with it

dark wolf
#

its runs in windows

#

lol

lean arch
#

ok

river ore
#

ohhh ok i heard the chromebook has that built in

half relic
#

on some of my one liners it would cut off the first few characters of every line of output

#

never figured out why

lean arch
#

ah

dark wolf
#

its not a full linux install, it just gives you access to linux packages and commands

#

much better to learn linux

half relic
#

i thought wsl 2 was a vm

lean arch
#

it is

river ore
#

still good to learn on?

dark wolf
#

but it's wack

half relic
#

i still had that problem on wsl 2 though

dark wolf
#

not like a traditional vm that you can configure, you cant do both virtualbox and wsl at the same time

#

so you have to pick

half relic
#

i guess it depends on if you have resources

lean arch
#

it uses hyperv

river ore
#

what paths did you guys take?

dark wolf
#

all of them

half relic
#

i just thought for a complete beginner it was fast and easy to install and doesn't take up a lot of space

#

and you can manipulate files and things in your windows install with ti

river ore
#

how long have you guys been using thm for learning

dark wolf
#

7 months

river ore
#

nice

half relic
#

i subscribed about 8 months ago and used it a lot for about a month tehn didn't use it again until recently lol

timid orbit
half relic
#

so not that long

dark wolf
#

im doing as much as i can before my sub expires

timid orbit
#

idk why i just made that and i am proud of it

river ore
#

as for me who has no major tech exp it was highly recommended

dark wolf
#

It's great for beginners

river ore
#

i think its sick void

dark wolf
#

The nmap on this room is taking FOREVER

river ore
#

i am a graphic designer by heart but i am tired of the field

dark wolf
#

there are 3k open ports

#

lol

half relic
#

i wish i was good at graphic design

river ore
#

im an old man so i been in it for a while lolol

half relic
#

one idea i had once was to build and host websites for small businesses that need a website, but then i realized im terrible at visual design and that is a huge part of it

dark wolf
#

Nice, I'm an older man

river ore
#

hey!

half relic
#

most small businesses basically need a flyer and its mostly design

timid orbit
river ore
#

i dont feel so bad now lol

dark wolf
half relic
#

I'm 44

river ore
half relic
#

so not a student

dark wolf
#

I'm 51

river ore
#

im 50 lol

dark wolf
#

hahhah i am older then barely

river ore
#

right lol

half relic
#

Its actually nice to find a discord server that isn't 99.99 percent people in thier 20's

river ore
#

facts lol

dark wolf
#

yea this one is only 99.98%

timid orbit
half relic
#

lol

timid orbit
#

altho i turn 23 next month

#

so only for now

river ore
#

hey im young at heart does that count lol

dark wolf
half relic
#

I would die

rough oriole
#

Are your guys talking about age?

river ore
dark wolf
timid orbit
river ore
#

nice!!

rough oriole
half relic
#

I have considered reselling hosting to small businesses though

#

i can do that

timid orbit
#

02 got me feeelin' some typa way lmao

half relic
#

but regular paycheks and benefits are nice

#

and sales is another thing i am not good at so

river ore
#

do you guys game at all?

hollow needle
#

hey guy i want to start a youtube channel I was able to build a live soc server with real threat hunting SEIM etc I want to teach yall how to do the same thing would any of you guys be interested in something like that?

half relic
#

sometimes but not nearly as much as before

rough oriole
river ore
timid orbit
half relic
#

I'm playing oblivion again now

rough oriole
lean arch
#

that's a great idea

river ore
#

i play arc raiders

half relic
#

I mainly play offline games

#

mostly role playing

hollow needle
#

let me get a vid out real quick and ill let yall know

half relic
#

cool

#

I don't watch a lot of videos though

#

i like reading information

dark wolf
#

what is your experience?

#

how many years of experience do you have?

lean arch
#

I like seeing what other people do

timid orbit
lean arch
#

you don't need to qualify... just do it

hollow needle
lean arch
#

it's cool and someone will learn something from it

dark wolf
timid orbit
#

fair 'nuf

dark wolf
hollow needle
#

how does one do that?

timid orbit
lean arch
#

I like being illegitimate.

timid orbit
#

i mean i'd have watched it anyway, but i'd definitely watch if i actually think i'll learn something

half relic
rough oriole
#

Hopefully this will be helpful to me as a beginner.

half relic
#

HTB won't let you talk at all in the discord server if you dont' verify

#

not that i do anyway

hollow needle
timid orbit
#

HTB discord scares me

half relic
#

nothing is wrong with it i just haven't used it uet

hollow needle
#

im called the budget hacker no content yet though

lean arch
echo sentinel
#

We're cooler kekw

timid orbit
# lean arch why?

between htb and thm, imo thm feels better as a training platform and htb feels way more elitist and like everyone there is better than me in every way

lean arch
#

ah.. egos

half relic
#

i only glanced at it

timid orbit
#

and i mean, they are... better than me in every way. so are most of yall. but yall seem more welcoming lol

upbeat jungle
#

anyone here use exegol?

half relic
#

THM is freindly

#

i googled it and i'm just finding references to star wars lol

#

ah i found the one you are talking about

lean arch
half relic
#

see that's teh other reason you should verify

timid orbit
#

nice tenor link

half relic
#

you can't post images without doing that

#

or embeds

lean arch
#

oh well... It wasn't anything productive anyway

#

just chewie

timid orbit
timid orbit
lean arch
#

thanks!

#

I'm too tired tonight to go through the verification process

#

I was looking at logs all day

half relic
#

sorry didnt' mean to pressure you

lean arch
#

you didn't

timid orbit
#

@rapid merlin why you send me a friend request?

lean arch
#

elasticsearch

half relic
#

he messaged me too

timid orbit
#

all of the above?

lean arch
#

elasticsearch logs lol. It's a SaaS app

timid orbit
#

ohh ok

#

SaaS
I hate these acronyms.

lean arch
#

customer was compromised and exfiltrated files using elasticsearch

#

lapsus exfiltrated files

#

I can't type tonight

timid orbit
#

ask them here

#

yea... ok

lean arch
#

Chimera just got banned for and she is wondering which mod she can message

timid orbit
#

oof i just "for vis" in Discord

echo sentinel
lean arch
#

thanks

echo sentinel
#

He handles appeals and stuff

#

Seems like she triggered zeppeling by using a blacklisted word

lean arch
#

yeah

timid orbit
#

that sucks šŸ™

half relic
#

oops

#

i just accidentally got banned

lean arch
#

hey you're back

timid orbit
#

welcome šŸ™‚

umbral bay
#

Not banned, timed-out.

half relic
#

i was complaining about spam

echo sentinel
umbral bay
#

We have no autoban bot-rules. Zero. šŸ˜Ž

timid orbit
#

šŸ‘€

half relic
#

yeah i figured it out obviously I won't mention what it was

#

lol

lean arch
#

sends Chimera to the corner... You're on timeout!

echo sentinel
timid orbit
#

dkob workin OT

half relic
#

i should have guessed that would happen i guess i forgot where i was

#

i'm in other servers for games that have kids too

timid orbit
#

im so curious what you said

half relic
#

it was about aol

#

no one would know what i was talking about anyway

#

lol

lean arch
#

you have mail!

half relic
#

yeah

#

the emails you would get if you went in the chat rooms

#

cause someone was dming us

umbral bay
timid orbit
#

speaking of which, i still have no idea how the report system works here

echo sentinel
timid orbit
#

i was gonna report that guy cuz he seemed sussy in case it supports a ban later

#

but idk how to

echo sentinel
timid orbit
#

i tried tho

#

i think

lean arch
#

good night

languid aurora
echo sentinel
echo sentinel
languid aurora
timid orbit
echo sentinel
naive kelp
echo sentinel
#

Alr it's 2:30 am

#

High time to go to sleep

timid orbit
#

it's 7:34 PM wym

languid aurora
twin ridgeBOT
#

Gave +1 Rep to @echo sentinel (current: #66 - 173)

echo sentinel
timid orbit
#

ik lol

#

gn

gusty inlet
echo sentinel
#

So yeah, gn or gm or good afternoon but imma head off

#

Cy'all

timid orbit
gusty inlet
#

You open your privacy settings. SureBruh

timid orbit
#

ahhh fine

#

just for you

timid orbit
gusty inlet
#

Still you.

timid orbit
#

what setting šŸ˜¶ā€šŸŒ«ļø

#

found it

gusty inlet
#

Right click on server icon -> Privacy settings

umbral bay
languid aurora
#

U guys should make a more competitive ranking system like hackthebox and get swag discounts based on the tiers. I really want thm swags but can't afford full price at our economy.

timid orbit
#

hence why i'm staying with my parents

#

despite being 40 minutes away from anything interesting

boreal scarab
#

@gusty inlet

timid orbit
boreal scarab
timid orbit
#

God bless America

boreal scarab
#

OORAH

timid orbit
ionic wolf
boreal scarab
half relic
#

I almost did too

west mango
# ionic wolf 420

Thats crazy but why are you 0x10 only i thought it wouldve been more

half relic
#

i thought maybe i could get secret clearance but then i realized i don't want it even if they would give it to me

#

I'm kind of afraid to say anything now cause i don't want to get muted lol

west mango
west mango
half relic
#

no

#

i just might forget and accidentally used a banned word or something

west mango
#

Ohhh

timid orbit
ionic wolf
west mango
half relic
#

I'm trying not to get burned out so im not paying attention to my streak

silver hornet
timid orbit
twin ridgeBOT
#

Gave +1 Rep to @boreal scarab (current: #26 - 434)

timid orbit
#

you are god ig

silver hornet
#

i'm not touchin thm for...4 monthscri

silver hornet
west mango
silver hornet
timid orbit
silver hornet
west mango
silver hornet
timid orbit
#

hey so if a room is denied/rejected does it say if it was rejected? cuz i submitted a room and it hasn't been reviewed for months. i get if there's a backlog

#

I wonā€™t be mad if it was rejected, I would just like to know if it was so I can improve it and resubmit

left crypt
dark wolf
quaint ridge
#

Hello everyone

#

I would like to become a hacker

languid aurora
languid aurora
quaint ridge
#

to future proof me when the robots take over

half relic
#

Hello

quaint ridge
#

Hello chimera

left crypt
#

Yup

quaint ridge
#

so uh....any hackers here?

left crypt
#

šŸ˜‚šŸ˜‚

timid orbit
quaint ridge
sand mason
half relic
#

Like this guy

Y0djQC5qcGc.png
languid aurora
#

We're just script kiddies

half relic
#

tht's a horrible picture of him

quaint ridge
#

i lift my nose at script kiddies

#

I want the realest

timid orbit
quaint ridge
#

and the rawest

timid orbit
#

The only thing I can hack is the website form to sign up for HTB

sand mason
quaint ridge
half relic
#

are you a hacker?

quaint ridge
half relic
#

ok

languid aurora
timid orbit
half relic
#

lol

sand mason
languid aurora
quaint ridge
languid aurora
sand mason
languid aurora
timid orbit
#

What makes one a hacker?

#

Can I be a hacker?

sand mason
west mango
timid orbit
languid aurora
timid orbit
languid aurora
timid orbit
#

That guy needs to be protected at all costs

#

He is the last remnant of a good memory

sand mason
languid aurora
#

Maybe life hacks and survival kits are the real hacks along the way.

half relic
#

life hacks like putting lemons in the dishwasher

timid orbit
languid aurora
half relic
#

to make it smell better

languid aurora
#

He is hacking his dog

quaint ridge
#

are technical hacks still viable or is social engineering the way?

sand mason
# timid orbit HUH?!?

when life gives you lemons, you put em in the dishwasher. you don't know where they've been

languid aurora
timid orbit
sand mason
languid aurora
#

I would rather get that tbh. Doesn't shit nor piss anywhere.

tepid breach
quaint ridge
timid orbit
#

Ok but fr itā€™s a really popular automation system thatā€™s used even in enterprise environments. From December to January, it had like 2 9.0+ CVEs and 2 10.0 CVEs

quaint ridge
#

O I C

sand mason
timid orbit
quaint ridge
#

I have been told, by professionals, that security controls are so tight and advanced on the blue side that technical attacks aren't really common to an established organization

#

and it made me ponder

#

is such a thing true?

timid orbit
#

Most likely yes, but APTs do exist

#

Not as much hacking in traditional sense more like infecting and creating a gap from what I understand

sand mason
timid orbit
#

MongoBleed was monstrous

quaint ridge
#

But i guess in that regard, with zero days, things haven't really changed much. Those with access to zero days would perform techincal attacks and those without would do business as usual

timid orbit
#

Which can exploit zero days

#

The rest are kiddy material and social engineering

sand mason
timid orbit
#

I was thinking of like actually technical things

sand mason
#

was a kind of joking correction lol. I'm in a brain-dead mood. too much code review tonight

timid orbit
#

What lang?

upbeat jungle
sand mason
timid orbit
#

Unless you already solve it

sand mason
# timid orbit Add me and DM Iā€™ll take a look at it

boutta go to bed soon. I'll send it over the weekend if that's cool tho. I'm gonna have to break it down into multiple files anyways, i've been one-shotting a main.cpp out of laziness and it's at like 700 lines now šŸ’€

timid orbit
quaint ridge
#

Good night dread pirate roberts

#

quite the interesting name you got there

sand mason
quaint ridge
#

its pretty difficult to read actually

#

you should change that

languid aurora
#

It looks cool, very hacker-y.

dark wolf
languid aurora
# dark wolf thats TOOOOOOOOOO fast

U should check this game out, gen.
https://store.steampowered.com/app/1502660/Untrusted/

Steam
Untrusted

Welcome to the dangerous world of Untrusted, where the stakes are high and the outcome is always uncertain: join the community of this online multiplayer (10 to 16 players) hacking/social deduction game!

As a member of the fictional NETSEC group, you'll engage in a pulse-pounding game of hacking and social deduction, using your skills and witā€¦

Price

$4.99

#

It's free right now sale

dark wolf
#

Can you play solo? I don't do multiplayer.

#

I'm married and my wife wants to talk to me all the time lol

languid aurora
#

I don't think so. It's the whole premise of the game, like mafia/werewolf game but hackers.

dark wolf
#

ahhh

quaint ridge
#

what does social deduction imply?

sand mason
languid aurora
#

Voting off people

quaint ridge
dark wolf
#

I hope I can finish all the rooms before THM goes under

languid aurora
#

šŸ©²

dark wolf
#

out of bidness

languid aurora
#

But why

quaint ridge
#

yes, why

#

?

dark wolf
#

I've been on this planet 51 years. I've seen things. I know patterns, results from business decisions. I've seen what businesses to to make money and how those decisions play out.

sand mason
dark wolf
#

I've seen what companies have to do to maintain a good bottom line and what works and doesn't

languid aurora
#

How many time left do you think thm has? Just a rough estimation guess.

quaint ridge
sand mason
#

i go nite nite. bai gaiz

languid aurora
dark wolf
quaint ridge
#

Goodnight, and farewell.

languid aurora
#

I hope they'll still float around at least a decade or so.

#

Very fun platform.

quaint ridge
dark wolf
#

unlikely

languid aurora
#

How about 5 yrs?

dark wolf
#

also look at Tyler Rambseys linked in feed

dark wolf
#

People dont' seem to stay on here long or do all the rooms. I've only been on the site 7 months and already ranked in top 1300

#

so out of 3+ million "users" or whatever ... a "user" is someone who made an account

timid orbit
#

Yeah Iā€™ve only done like 2 months of learning and Iā€™m top 2%

#

Although I really wanna complete all the roadmaps

dark wolf
#

If the site were great, it would be much harder to get there

#

but something turns people away

#

It's unfortunate, there were a lot of cool people here when I joined 7 months ago, but that echo fiasco drove a lot of them away

quaint ridge
#

So having read a bit of that. seems like people are pissed about echo and privacy changes

languid aurora
#

I mean, I created an account months back but only became active when I had premium

thorny crag
#

Hello!

half relic
#

hello

#

I hope they stay long enough for me to at least finish the path im on

dark wolf
half relic
#

if not i guess there is htb lol

#

I like having labs though

dark wolf
#

HTB is more pricey isn't it

half relic
#

a lot more

#

its like 3 times as much

#

and more for the silver or whatever to access the more advanced learning

quaint ridge
#

wait. is HTB better? because I just bought a membership with THM....

languid aurora
#

Student Plan HTB almost same price as regular THM premium

dark wolf
#

i say use THM for a year, it's got a lot of easier content

half relic
#

i think tryhackme is eaiser

#

so it might be better to start with

quaint ridge
#

well shit, i got a year subscription

half relic
#

i did too

#

i think it was worth it though

languid aurora
#

I got mine around $33+ ish

quaint ridge
#

yea fuck it, im already on this boat

languid aurora
#

From black Friday

dark wolf
half relic
#

i got mine at a discount but i paid for the whole year

dark wolf
#

This training should cost more

half relic
#

i was thinking it was kind of cheap

tame moss
half relic
#

the price

dark wolf
#

The biggest problem here is the way things are managed from the top down. Go to Glassdoor and check out thm

half relic
#

not the quality

quaint ridge
#

compared to some certifications, yeah its pretty cheap

dark wolf
#

For 6 months access to Cisco U, all labs all classes all content . it cost $6,000

half relic
#

you get labs for a whole year for the price of one certification

#

depending on which one

strong fjord
#

Tempest was a pain cri NotLikeThis

half relic
#

some are actually more though

dark wolf
#

and they have certs on here that you can take to kinda learn the process, but these are NOT proctored

strong fjord
#

Why did i even do that room

dark wolf
#

and any exam that is NOT proctored is worthless for a real job

half relic
#

i don't think i will get any of the certs

languid aurora
#

Good for self study

dark wolf
half relic
#

id pay more for the content though

quaint ridge
#

I find that organizations don't care for HTB or THM certs, but they do like to see participation

dark wolf
dark wolf
#

and I'm not even an hr recruiter or manager anyway

#

ive never hired anyone

#

i just have l337 skills

strong fjord
#

It was so bad doing it on the attackbox i should've used my vm but im too lazy

languid aurora
#

Do people make write-ups on walkthrough rooms?

strong fjord
dark wolf
#

yes

half relic
#

yeah

dark wolf
#

thank goodness

#

some of those "walkthroughs" make you guess random stuff

half relic
#

everytime i search the name of a room medium comes up first in the search results

dark wolf
#

yea medium is goat for writeups

half relic
#

i wish they wouldnt put flags in them though

dark wolf
#

but a lot of people do them on github too

languid aurora
#

What if I want to make my own writeup with hugo

river ore
#

What's up

dark wolf
quaint ridge
#

I run a small business, but I've never legitimately hired anyone either. Everyone that works/worked for us I alreeady knew somewhat.

dark wolf
quaint ridge
#

I'm not sure what the jobmarket is like, but im sure its booming

languid aurora
#

I'm not really interested in webdeving but I want to create my own simple blog write up site. So Hugo works ig.

half relic
#

i read some of them and i can't write them as well

#

i need more practice and research

dark wolf
#

I would get fired for my interview questions.

river ore
#

Lol

strong fjord
#

As long as the bad guys do good, cybersecurity should be fine

dark wolf
#

Have you ever hit anyone over the head with a frying pan?
Have you ever hit anyone over the head with a baseball bat?
Have you ever pushed anyone off a cliff and laughed?

languid aurora
timid orbit
quaint ridge
#

I wouldn't even know where to start in an interview. hopefully I never have to hire off the streets

half relic
#

they should get rid of some of the old accounts that don't do any of the rooms

languid aurora
half relic
#

im in the top 9% and havent' done much lol

dark wolf
river ore
#

Hiring off the streets isn't always bad

strong fjord
#

Thm and htb is one of the best personal gifts you can give to yourself

river ore
strong fjord
#

Either or both

languid aurora
#

I'm conflicted whether to get a raspberry PI or HTB student first. I'm still VERY NEW to cyber.

strong fjord
#

Gotta wait for the next black friday though

#

I spent less than 90 bucks for an annual subcoolguy

half relic
#

they had some discount near valentines day that i got last year

river ore
#

I wish I could have gotten the annual

languid aurora
timid orbit
half relic
#

maybe it was a promotion they sent just to me. I don't know if they do that

#

i had an account already

strong fjord
quaint ridge
river ore
strong fjord
#

security clearance šŸ¤– šŸ¤– šŸ¤–

quaint ridge
#

yup

#

folks off the street rarely have a clearance

timid orbit
#

Iā€™ve got one but it doesnā€™t help cuz Iā€™m not already in cyber and they specifically want TS/SCI

strong fjord
#

My upperclassmen always mention that

river ore
#

Im assuming that thm has a CTF team ?

dark wolf
#

Usually the only people with Security Clearance for DOD is those who were in the Air Force or Army

quaint ridge
timid orbit
#

Itā€™s a secret šŸ¤«

quaint ridge
#

lmao

timid orbit
#

Lol

strong fjord
quaint ridge
#

that's good enough

half relic
#

not the navy?

dark wolf
#

Mostly you get it from being in the military

radiant bloomBOT
#

@strong fjord Please slow down. Further spam will result in a short timeout.

dark wolf
#

yes all military, many many peope get clearnces

#

so when jobs hire civilians

timid orbit
dark wolf
#

its easier to hire someone who already has it

quaint ridge
dark wolf
#

its incredibly difficult to get a security clearnance

#

takes months

timid orbit
#

And sys admin

dark wolf
#

and they call everyone you know to interview them

#

but if you get it from being in the military, then that's not necessary

half relic
#

a lot of people where i work quit to become a sysadmin.

strong fjord
#

you know i wish one day, someone would approach me and ask. Hey you seem fit for the cia, wanna do it?

river ore
#

Anything possible

quaint ridge
#

or PM me

#

or whatever it is

dark wolf
strong fjord
half relic
#

i would be so confused if someone said that to me

strong fjord
river ore
#

šŸ˜‚

quaint ridge
#

what is a woman?

strong fjord
#

What if it's the RIPD NotLikeThis

timid orbit
quaint ridge
#

answer that questiion

#

I'll be honest with you, I don't know how

dark wolf
#

set up a table inside of walmart with a sign that says "free s.x change" and see how long it takes them to kick you out

strong fjord
dark wolf
#

lol

river ore
strong fjord
#

I read that spare change

#

But my reply still works regardless kekw kekw

#

People will tip you for that fs

#

Ayooo btw have you guys read about that cisa guy who used chatgpt

half relic
#

i saw that

river ore
#

Yea

quaint ridge
#

no

cyan crypt
#

hello i need ho can make for me a 5000 vote in a web that need different ips

half relic
#

no

quaint ridge
#

I thought CISA got gutted by this admin

languid aurora
#

Possible to add comment section on a Hugo blog page?

limpid mica
#

im 7 foot 4 , 895 pounds , and make 1.25 million a year as entry level SOC1 hire

quaint ridge
limpid mica
#

always

quaint ridge
#

we need a guy like you

#

on our offensive line lol

river ore
#

Haha

limpid mica
#

cant take the paycut sorry

quaint ridge
#

fuck

limpid mica
#

i only would join a team that was competitive

quaint ridge
#

The New York Giants are ALWAYS comeptitve

half relic
timid prism
#

Hates you

half relic
#

not that i want you to

#

that's not fair though

quaint ridge
#

oh jeez, i didn't know we were running a bible club over here

timid orbit
limpid mica
#

hes out of ink

quaint ridge
half relic
#

i don't mind it's not the topic of the server. If i wanted to talk about [thing i got muted for] there are probably a lot of places i could find

timid orbit
#

or what you were tlaking about

half relic
#

i could dm you if you are curious

#

its nothing big though

#

if you have dms on

#

i would tell you but then i would get muted again

strong fjord
#

If i was the cisa guy i would've uploaded it on deepseek kekw

molten solar
#

you referring to the chatgpt public data posting?

#

Cheapskate didn't even have a plus account

half relic
#

not to be weird, but you keep asking about it lol

#

did he ask it to summarize the documents or did they not make sense or something

molten solar
#

I jsut got dressed down for somethign in my robots.txt lmao

#

āØ```
User-agent: *
Allow: /chinchilla


Which is really a troll
boreal scarab
#

@gray sonnet PPPPPIIIIIINNNNGGGGG

timid orbit
molten solar
#

@timid orbit (it takes you to a rather entertaining video regarding the mating habits of such critters)

timid orbit
#

...

molten solar
#

oh man ... one of those ubor frameworks built on a technology that was just recently .. given a pretty brutal wakeup call

timid orbit
#

it's not the first time

molten solar
#

and it wont be the last

timid orbit
#

previously nextjs auth package was exploited

#

nope

#

nextjs is actually a really nice framework, but having the frontend and backend so tightly knit really brings up some security concerns

#

for instance, server-only npm package was specifically made to import into server files so that credentials and other important information didn't get leaked to the client side

quaint ridge
half relic
earnest glacier
#

ur local pwnagotchi just spawned!! šŸ™€

#

waves at you all

gray sonnet
#

Your pings woke me up lol

quaint ridge
timid orbit
half relic
#

sorry

#

i am curious how teh wordlist was compiled now though

#

but anyway

timid orbit
#

can you Base64 it?

half relic
#

that was a long time ago now

boreal scarab
half relic
#

i thought of that but i don't want to look like im evading teh filer or something

gray sonnet
timid orbit
half relic
#

lol

#

you are trying to get me muted for some reason

timid orbit
#

nahh i would never!

#

i'd probably be muted for inciting šŸ¤£

half relic
#

lol

molten solar
#

I can't remember how this 301 is configured now

timid orbit
molten solar
#

query: are browsers smart enough to turn a meta refresh into a 301 title ?

timid orbit
#

like HTTP 301

#

?

#

usually that's page rules (not DNS) or it's a meta tag

#

but meta is usually 302

half relic
#

which web server

#

nginx apache iis

timid orbit
half relic
#

apache then?

molten solar
#

āØ```
sporked@mw0:/tmp$ cat test
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://example.net/chinchilla/">here</a>.</p>
<hr>
<address>Apache/2.4.58 (Ubuntu) Server at example.net Port 443</address>
</body></html>



Thats what curl sees. 
āØ```
/vhosts/www/html/chinchilla$ cat index.html 
<html>
    <head>
        <title>Loading .. please wait.</title>
        <meta http-equiv="refresh" content="3; URL=https://www.youtube.com/watch?v=DnoMc1JpxkY&pp=ygURY2hpbmNoaWxsYSBtYXRpbmc%3D" />
    </head>
<body>
Please wait one moment while we send you to the current webpage.
</body>
</html>
```ā©


Thats the actual page. 

Curl exec time:   real    0m0.071s  user    0m0.049s  sys    0m0.019s

NO 301's for /chinchilla directly, but obv its set somewhere
#

Wondering if cloudflares smart enought o just send the redir

timid orbit
#

No standby

#

Meta only does 301 redirects

half relic
#

oh i thought you were editing htaccess or something

timid orbit
#

Same

molten solar
#

so did i .. but i dont see it anywhere
āØ```
/etc/apache2/./sites-available/www-le-ssl.conf:RewriteRule ^ https://example.net%{REQUEST_URI} [R=301,L,NE]
/etc/apache2/./sites-enabled/www-le-ssl.conf:RewriteRule ^ https://example.net%{REQUEST_URI} [R=301,L,NE]
/etc/apache2/./magic:0 belong 0x0e031301 application/x-hdf

#

I honestly dont remember where this 301 is being sent rom

timid orbit
#

302s should be done server side though

molten solar
#

no htaccess in trhe chinchilla subdir

timid orbit
#

htaccess is at the root you would configure it the same

molten solar
#

ahah but that sthe beauty of allow override. You could set varyign permissions on varying dirs

silver hornet
half relic
#

i think its slightly more efficient to redirect through the htaccess

languid aurora
#

@silver hornet r u utyicoc

silver hornet
#

yes

timid orbit
#

@molten solar if you're using PHP you can do this

image.png
#

I would still recommend HTACCESS tho

full venture
#

do you guys ever feel reluctance on turning on your computer and studying everything or you are kinda excited to go and learn all these things ?

half relic
#

depends on my mood

timid orbit
#

for the 4th day in a row

half relic
#

the burp rooms are not holding my interest for some reason. I might skip them and come back later

timid orbit
#

did you check out OWASP ZAP yet?

half relic
#

not yet

#

ive been lazy lol

full swan
#

where or what feed do I post help for a module?

half relic
full swan
#

great, Thanks

quaint ridge