#quiet-conversation

what 🤣

Well, I mean it's a valid precaution, but on a THM room

new goal: be able to hack my subaru

Apparently it do not recognize Kali
I have to do manually but i don't want to make it wrong

That doesn't matter 😄

! no way, i just have to click on next now ? 😅

Yes , this is more for you to better organize the GUI , it doesn't affect the actual functionality , you can even enter Windows there and use it for Linux 🤣

oh ok thx 😄

Gave +1 Rep to @weary meteor (current: #2 - 2446)

how much do you recommed for the processor ?

I would recommend 4 cores , which CPU do you have ?

AMD Ryzen 7 3800XT 8-Core Processor 3.90 GHz

That's a really good CPU , go with 4 cores 😄 .

yeah i also work on 3D software so i need it for that 😄

That's a great all-around CPU, very powerful for every use case, it will handle VM like a champ 🙂

40 g for the disk size ?

i have 256 g free

Well you can go with less but if you have enough space on a partition where VM will be running definitely leave at 40-50GB for future proof 🙂 .

ok, Is this modifiable in the future?

can a cybersecurity certificate replace a bachelor's degree? If so, which ones?

I think it is 🙂

ok thx

Gave +1 Rep to @weary meteor (current: #2 - 2447)

For a career/cert advice try to ask these guys , they will give you some great advice #cyber-and-careers 😄

do i have to change something in the network section ?

Not really , looks good 🙂

i tried to start it
"avorted"

You need to enable Virtualization option in your BIOS/UEFI

so i enabled it but the "security based on virtualisation is still disabled"

Can you start the VM now ?

yes it's work 🙂 but is it a problem that the first line (in the ss) is disabled ?

Tbh I don't even know what this option is supposed to do 😄

ok 😄 thank you anyway, it's work now

Gave +1 Rep to @weary meteor (current: #2 - 2448)

Glad to hear that 😄

do you recommed to type "root" here ?

Uh , I don't really understand what this is about 🙂 ? Can you translate ?

"a user account will be created so that you can have an account other than the superuser ("root"), for the current use of the system. please indicate the name of the new user." i feel stupid to ask that, but why would i need another accoount if i have a "superuser" account 😅

That's normal user like ubuntu along root on AttackBox , choose whatever name you want or just press enter . It will default to kali if you don't specify something that you prefer more 😄

ok thank you 🙂

Gave +1 Rep to @weary meteor (current: #2 - 2450)

I guess i have to choose the first one ?

i hope will not be limited by my choice in the futur

Yeah , i would also go with first 🙂

thx !

Gave +1 Rep to @weary meteor (current: #2 - 2453)

Hello!

Hey. If you are interested in LVM for creating partitions I could help

Which room ?

no room i got it from my professor i am unable to solve it

Sorry but we can't help with non-THM CTFs 😦

We don't help with course work.

ok

Can you DM me?

okay

Sure that's faster , but it's helpful for ctfs

I did this room , it's the new one right ? I meant how to repair images , like in the challenges and ctf , png and jpg , tools and stuff

Check out this one 🙂 . It's a challenge focused on reapiring some corupt images 😄
https://tryhackme.com/r/room/madness

That looks fun, thanks

Gave +1 Rep to @weary meteor (current: #2 - 2461)

It's a bit old , not very realistic but it's based around fixing broken images 😄

I have some corrupted images from an old recovery attempt. Maybe it’ll help solve this

I can't access in some rooms in tryhackme ? (with my own vm i mean)
Task1 Javascript Essential

I don't think that ssh is available for that machine 🙂

ok thx 👌

Gave +1 Rep to @weary meteor (current: #2 - 2476)

That machine should be accessible from split-screen view 🙂

yes but i just got my own VM 😅
Can i acces the target machine from another port ?
i try to "nmap -sV ip but nothing moove from this

Some machines yes , but this one no 🙂 . You don't even have credentials provided 🙂

noted, thx

Gave +1 Rep to @weary meteor (current: #2 - 2477)

After I finish the free pathway, which CTFs do you recommend to practice?

These three 🙂
https://tryhackme.com/r/room/basicpentestingjt
https://tryhackme.com/r/room/vulnversity
https://tryhackme.com/r/room/blue

thanks mate

Gave +1 Rep to @weary meteor (current: #2 - 2478)

Hello

Hello , welcome 😄

I will do it thank you

Gave +1 Rep to @weary meteor (current: #2 - 2501)

tu n'as jamais installer kali linux ?

Hey, please keep all messages English as per our community #rules :)

alr sorry 🙂

Nope, but it's done now

alr

hello

Hello , welcome 😄

hey guys! i'm looking for people to collab with so we can work together on tryhackme

hi everyone , just finished Biohazard room it's very fascinating one ! every room DesKel made are brillint so far

Congrats , great job 🙂 🔥 🚀

We're all here to help 🙂 . If you ever need any help feel free to send a message in #room-help channel 🙂

i don't need help but I just want people to collab with or join a group

Well still we're here to collab 😄 . Feel free to reach out whenever needed 😄

Also you can add me as a friend on THM if you want 🙂

how?

Press Add friend button below Skill matrix . My THM username is KGBTHM 🙂

okay

Thanks

Gave +1 Rep to @weary meteor (current: #2 - 2543)

Request accepted 😄 . Thanks for adding me 🙂

Gave +1 Rep to @undone basin (current: #2629 - 1)

I got a challenge from one of my colleagues to decrypt a file. It's not in any common format and is probably heavily encrypted. How do I proceed?

Most probably a custom built algorithm.

We won't be assisting with this, sorry.

We don't know where the file came from, or even what you're doing is legal/ethical.

Well, it's sort of like a competition in our group. He thinks it's unbreakable or something. But that doesn't matter. Are there any rooms in THM that might help?

There is a few rooms in encryption.

May I get the names, please?

Use the search, some may suit your more than other.

Any recommendations?

From the owasp crypto cheatsheet

@wide jackal see above, also https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html for reference

Custom algos are always breakable

So it's probably based on some combination of xors

The crypto algorithm itself is always deterministic

I'll look Into it. Thanks

Gave +1 Rep to @twin ridge (current: #13 - 616)

(mostly because it needs to be bidirectional)

Grab a copy of the binary used to encrypt and reverse it,

Hay... I'm am not able to connect to internet in my attack machine on them website.
Does anyone know how to fix it ?!

Are you a subscriber ?

If not then AttackBox doesn't have Internet access 😦

Noo
Then how can I get Flag because I need access firefox for that.

Should I use external machine by using openvpn !!?

Yes I would recommend using your own machine via VPN 🙂 . You can learn more about how to connect on the link below 🙂
https://tryhackme.com/r/room/openvpn

Thanks 👍

Gave +1 Rep to @weary meteor (current: #2 - 2557)

hello

I'm here

@weary meteor what Are the benefits of using the own VM as attacker

I have an issue with am PC running Windows 10, someone changed the admin password and didn’t write it down. They left and we can’t access anything. We are logged in as a user (not admin) how can I change/find the password?

What do you mean "as attacker?" In a lab setting it protects your host system as you mess around.

Is it domain joined?

I’m not sure, how can I check?

Who's computer is this

That's something you would know if the computer was your responsibility, I would think.

I don’t mean vm or Main System I mean vm or Built in attackbox

It’s a group computer, for a college club, I’m the only one that has experience with computers in general (though very limited). I have full permission to access anything in it

So if its from the College than probably it’s managed over AD. Mby go ask the Admin of your College to help you out.

Can you ask the person what the password is if there is contact?

It’s a private club, sorta like a frat, it has a Workgroup domain

No, nobody knows it or who does

hey 👋

Because it's a sandboxed environment , if it crashes your host OS will still work normally and it protects you from malicious stuff you can catch 🙂 . Even if you so catch some they will only affect VM and not the main OS 🙂

Hi @radiant jacinth , I'm also open for collab 😄

Cool then 🙂

Feel free to send a request if you want on THM if you want 😄

OK I will send you

Thanks 🙂

Gave +1 Rep to @earnest solar (current: #1297 - 3)

you're welcome, but I don't know wich one is you, they are many accounts with kgb

KGBTHM is my nickname

Oh it's done I sent you

Thanks for the reply but I meant what are the benefits of using an vm instead of an attack box on tryhackme itself

Gave +1 Rep to @weary meteor (current: #2 - 2582)

You're still on cooldown

Well , THM's AttackBox tends to get slow during times on congestion on THM side + you can customize your machine however you want 🙂 .

I haven't received mail , what's your username so I can send you a request 😄

I think you have just to refresh the page, my name it's: GeniusOne

Yeah thought about that but wasn’t sure if there was anything else… thank you my man

Gave +1 Rep to @weary meteor (current: #2 - 2583)

Request should be received on email , I sent you a request now 😄

Anytime buddy 😄

oh yeah it's done 🙂

Thanks for accepting request 🙂

Gave +1 Rep to @earnest solar (current: #1049 - 4)

i'm trying to install burp suite,
it's the first app i install on kali, how can I know if the installation is done ?

It should be preinstalled on Kali 🙂

where ?

Type burpsuite in terminal

Click ok 🙂

ok thank you 🙂

Gave +1 Rep to @weary meteor (current: #2 - 2584)

Good morning, what is the best DNS poisoning tool in kali to learn?

My VM kali freeze after fews minutes cause of inactivity 😕

Well it can happen sometimes 😦

oh ok, thx

Gave +1 Rep to @weary meteor (current: #2 - 2588)

You can practice another os , freely and without worry about messing thing up , at any point you can change the whole system , try installing stuff , and you can clone the device so at any point you can switch to the point where everything was working

So what about your ip and Mac address? Is that visible? And is it necessary to proxy chain while using a VM?

Depends on whether its a bridged network or not, you can also use a VPN so it doesn't really matter

wdym proxy chain?

No your MAC address can only be identified on your LAN or internal network.. Simply put, the MAC address doesn't get sent out into the internet

MAC address is on a similar level (but it's a part of your NIC which is assigned by the manufacturer) as your private IP assigned to your device via a router

Your MAC address and Private IP address are used in the routing scheme of a modem

Your router will be using NAT to translate this for communication with IPv4, IPv6 uses a different protocol

Then your public IP address is the routers address, used by the ISP to allow you access to the internet

Your VPN client sits before the ISP level, which means the ISP can only see that you have connected to the VPN server but doesn't know what you're accessing

You don't need a proxy chain. Although you want to make sure you configure the VM right and ensure sandbox escape is really difficult

you're good on networking bro 😉

Ty man, its pretty interesting

Gave +1 Rep to @earnest solar (current: #904 - 5)

you're welcome, yeah it is 🙂

Can I just say ty and then +rep?

haha I don't know 😄

Thank you, that is such good advice, I really needed it

Ty

you're welcome 😉

XD

thank you too

Gave +1 Rep to @kindred turtle (current: #600 - 9)

xD

Nah of course

So what type of stuff are you interested in?

pentesting

Same here

what about youu

awesome

Yeah, man I'm interested in exploit chains ATM

I like that

No one wants to talk about it though haha

haha every one has his favorite stuffs

Yeah definitely, some things as more niche than others as well. To be honest I wouldn't know what my favourite is, probably actually just solving some really difficult problems

yeah, by the time you will find what you really need

I got interested in proxy chains a while ago

Created a customizable one, where you capture the raw packets and each proxy performs a different function or used by a controller

yeah I see

great job

It's like burp suite without the gui

Because I can't afford premium

Gotta improvise

yes I understand, by the way I have not too much time since I started my journey ^^
I'm still learning

Ohh that's all good

We all have a lot to learn honestly

My tip would be don't get caught up in the specifics unless it actually interests you

yes there is so much things to learn

OK thank you 😉

Gave +1 Rep to @kindred turtle (current: #554 - 10)

Like have you learnt the CIA triad, OSI model, The pyramid of pain, the Diamond model.
XDR, EDR, NDR.
Stateless vs stateful APIs and firewalls.

I can keep listing if you want

Those aren't specifics though

not all of them

I learnt the osi model, cia, pyramid of pain

Nice, the cyber kill chain is an important framework, MITRE ATT&CK,
You probs have already learnt a bit about the pentesting process.. which is planning, recon, exploitation, post exploitation (priv esc, persistence, anonymity), and reporting
Attack vectors and methodology for each step along the penetration testing framework

The diamond model is pretty much based on TTPs, and an attackers purpose

yes exactly 🙂

yeah you seem to be well-trained

You learnt about different protocols and the ports they run on as well?
It's good to research each protocol's structure and how it communicates with other technologies

Yeah I'm alright haha, ty tho

Gave +1 Rep to @earnest solar (current: #791 - 6)

yes that's where I'm now

It gets a bit more complex when you analyze how exactly it performs under different environments by dynamic analysis and probing

Oh yeah nice man, which protocols?

https, smtps, pop3s, LTS

Yeah, it is

Oh cool as, the secure versions are always a bit more complex to understand ngl

I haven't learnt about LTS yet

yeah, so you have to check it out

sorry I mean, TLS

Oh yeah truee

SSL/TLS is very important

sure yes, TLS is the upgraded version of SSL

Yeah you can capture that handshake and do some fun things with it

I use the cryptography library in python or pyopenssl

Or sockets

Oh, I don't know about pyopenssl

It helps you verify web certificates, pull information from them and play around with the TLS/SSL cryptography

Ah yeah I remember it thanks

vm take another ip , it's like a new computer all together , but you can use vpn , you need that in some websites like THM , and it's extra good

Hi

Hi , welcome 🙂

I'm new here and I wanna learn hacking

Glad to hear that 🙂

Any advice dude

You can start here 🙂
https://tryhackme.com/r/path/outline/presecurity

Huhu

Is it because of the vulnerable VM that the site got an F ?

What's this 🙂 ?

it's security header https://securityheaders.com/
THM has a room who speak about this website.
This is to know if your site has "the basics" in terms of security

Why would that make a difference? It's checking security headers

No, it's because THM, somewhat ironically but not particularly surprisingly, doesn't have any security headers set. At all.

Also got an x-powered-by header leaking through cloudflare which is fun.

I do find it surprising

Heh, unfortunately I'm familiar with the dev team. I do not.

and i'm not ! why doesn't that seem surprising to you?

No comment

mkay

lol really?

ah so they do

they really should get around to implementing webauthn

Hi guys, I would like you to guide me regarding the SOC Simulator please. It mentions that it lasts two hours, that is, do I have to be online for two hours solving tickets to get a rating? I've seen a lot of tickets come up, I've been there for less than two hours and all my progress has been lost 😦
Oh and one more thing, will it be free forever or just in January? 😅 👉🏻👈🏻

Try to ask in #soc-sim-help 🙂 . This channel is not so active 😄

That'll be the day

ty

Gave +1 Rep to @weary meteor (current: #2 - 2695)

Hey everyone I need help I solved some questions on the webosint room like 2 or 3 hours ago but when I re-open the room. This is saying room is locked the room owner has locked this room to access material start machine and answer questions sh***tt!!!!!

Room isn't availabe anymore 😦

@weary meteor But Why this is happend ? I solved some of it

It was locked by site staff due to a URL leading to a malicious website.

Check out #room-help 🙂

@south inlet okay got it

Hi, I just completed SOC Level 1 and want to practice more to strengthen my skills. My goal is to secure an internship or job in this field. Could you suggest some premium or free rooms for practice? Also, if there are any open opportunities for me, please let me know.

These two may be a good choice 😄
https://tryhackme.com/room/itsybitsy
https://tryhackme.com/room/investigatingwithsplunk

already completed

These two 🙂 ?
https://tryhackme.com/room/warzoneone
https://tryhackme.com/room/warzonetwo

thanks...!

Hi! Is someone that has obtained the PortSwigger Certification, Im curious about the difficulty of the exam and the necessary time to learn to can pass the cert

Hello general is geeking out,
Concerning scholarships for incoming college freshman, can I put THM as a project I have worked on in the last three years?

THM is not your project, so no. It can go under an extracurricular section if you're talking about a resume.

Sorry, oops, i dont mean a project I made, but it states it like “What extracurriculars have you done relating to your major”

I also included things like creating a personal network monitor and self teaching python.

Its a weird essay type field where I have to explain everything I have done relating to my major, I dont know why it asks that and then asks for my student resume (which Includes THM)

If it says extracurriculars, I think that's an OK add

I dont know what they expect me to do between sophomore year to now in terms of projects, i dont have access to networking equipment or a home lab 🤕

Do you have a computer?

Yes, not in sophomore year, and I didnt choose my major until summer junior year

I'm confused. I thought you said you were an incoming freshman

Yes, highschool sophomore year and junior year

Im currently a high school senior

Oh well, I think I added enough to the roster. I hit the word count limit on the essay.

College as a whole is confusing some of these prompts for scholarships are bad

“If you were an animal what would you be and why”

A fish so I could never drown

I want to become a cybersecurity analyst in the future, but I’m confused about which roadmap to follow. When I search for a cybersecurity analyst roadmap on Google, I mostly find general cybersecurity roadmaps. I don’t understand where to start. Also, are cybersecurity and cybersecurity analyst the same field, or is there a difference?

You have a roadmap on THM 🙂
https://tryhackme.com/hacktivities/

Does anybody know why every time I type 'apt install mysql-client-core-8.0' on the AttackBox it always gives errors like 'Ign:1 http://eu-west-1.ec2.archive.ubuntu.com/ubuntu focal-updates/main amd64 mysql-client-core-8.0 amd64 8.0.40-0ubuntu0.20.04.1
Err:1 http://security.ubuntu.com/ubuntu focal-updates/main amd64 mysql-client-core-8.0 amd64 8.0.40-0ubuntu0.20.04.1'?

You don't need to do that , mysql is pre-installed on AttackBox 🙂

It doen't appear on the AttackBox installed

It is

Then why does it say "Command 'mysql' not found, but can be installed with:

apt install mysql-client-core-8.0 # version 8.0.39-0ubuntu0.20.04.1, or
apt install mariadb-client-core-10.3 # version 1:10.3.39-0ubuntu0.20.04.2"?

Are you a premium user ?

No

Then your AttackBox doesn't have Internet access . That's why it can't download those dependencies

That means I can't keep going on that task unless I'm Premium?

You can use your own machine and connect via VPN to THM network

Mmmmm... I'll try that out on my Kali Linux machine and see if that could work

It should work , AB doesn't have Internet access for non-premium users so that's why it can't reach the server and download dependencies. If you don't know how to connect to THM network via VPN check the article below 🙂
https://tryhackme.com/room/openvpn

Just keeping a look

I'm stuck with the 4th step of Open VPN configuration on my Kali Linux machine. Every time I type the command 'sudo openvpn ~/Downloads/username.ovpn' (assuming that my username is 'Mruizarr' and the current directory is /home/kali), it always shows this message:

"Options error: You must define TUN/TAP device (--dev)
Use --help for more information."

Try to re-generate a file and download a new one

I did it for at least three times and I keep getting the same result all over again

Can you please verify and provide a screenshot of what's going on 🙂
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

Imma put this here,

TryHackMe has actually made me feel better in life
Before trying it out I was in Networking Lessons in my college and feeling like I could do more, unmotivated and kinda depressed.
But after doing some I got addicted to it and enjoyed learning and solving the problems giving.

Since, I have a good habit of connecting and learning everyday, replaced most of my gaming with eductional / side projects.
and got offers for interships in my local area.
Met some cool people that have a shared interest in cyber and some cool opportunities

Goated community and platform

Glad to hear that 😄 . You're doing an amazing job , keep up the good work 🙂 🚀 🔥

This is what I'm talking about. Four times in a row

Can you go to the dir where the file is and it with relative instead of absolute path.

absolute path will work.

That config looks blank.

That's the directory where the file is located

Have you tried to change the server and generate a new file ?

Delete old file beforehand

Loads of times and I keep getting the same results all over again

Looks like your file is blank , which server are you using ?

I've recently changed the server and it worked

So it is ok now 🙂 ?

Yep

Thank God , glad to hear that 🙂 . Keep up the good work .

Gave +1 Rep to @coarse violet (current: #2643 - 1)

Definitely

Now I have another issue

Considering I got the correct credentials after a long scanning proccess with Nmap, I try connecting to the MySQL Server from the target machine and I get this error

add --skip-ssl flag

The flag you mentioned earlier solved part of the problem. I'm trying with the user 'root' and an empty password. However, for some reason, it denies the access

You have to specify correct password

Not with -p

That command should work.

I decided to try with 'password' and it worked

However, please use #room-help for support on rooms.

Thanks for reminding me

Gave +1 Rep to @south inlet (current: #1 - 3334)

@radiant jacinth The time on VM should be the same as your laptop/time zone

It's done

hey @weary meteor how do we accept a request on tryhackme?

Check your email 🙂

thnk

heyyyyyyyyyyyyyyyyyyy

hi

any one know a room about curl ?

I was reading a write up and the author use curl insted of burp , then I try that and it was faster

Man pages are a good resource

They are two very different tools, just fyi

There is no room on THM dedicated solely to curl 😦

I know , but he intrespted some traffic by useing curl

okay any close ones or other resorsed about it ?

Sadly , there're no rooms at all that cover curl . There're two rooms that mention how curl can be used in some use cases for jwt and auth. bypass , but they don't actually go into details on how to use curl 😦 . However I will link them below so you can check them out if you're interested . Also I would recommend you to check curl's official documentation , it has a dedicated section on how to use tool for various protocols and use cases 🙂
https://curl.se/docs/manpage.html
https://tryhackme.com/r/room/authenticationbypass
https://tryhackme.com/r/room/jwtsecurity
https://tryhackme.com/r/room/contentdiscovery

thx alot, I'll check them out

+rep @weary meteor

Gave +1 Rep to @weary meteor (current: #2 - 2791)

😟🗞️Interesting news https://leakd.com/leaks/massive-discord-data-breach-nearly-1-million-users-exposed-in-restorecord-leak/

Misleading title, this is more common than you think, Discord wasn't breached

It's a third-party service, likely an integration or app, and the leak doesn't contain anything sensitive. Most of those IP addresses will change soon

🫡 🤝 Thank you for clarification

the irony that restorecord is advertised as "everything you need to protect and grow your Discord server" lol

Hi Team,
I have a quick question regarding Azure Task 22 - Advent of Cyber 2024.
I successfully obtained the credentials for the user wvusr-backupware@aoc2024.onmicrosoft.com, but unfortunately, when I tried to log in using "az login," it asked for MFA, but throughout the lab, we didn't set up MFA for this particular account. Kindly help me resolve this matter.

Hi, #room-help for this.

Does anybody know any free room available for Pentesting?

There're like 500+ free rooms 🙂 , which particular field are you interseted in 🙂 ?

Pentester

Yeah , but that's a huge topic . If you're interested to perform full-pentest process you may be interested in some networks like the ones below 🙂 .
https://tryhackme.com/room/wreath
https://tryhackme.com/room/breachingad
https://tryhackme.com/room/adenumeration

Hey guys. So while working on a room I stumbled upon a very specific problem which I would like to know alternatives or ideas for as a solution. So whenever you send out a POST request using Firefox which originates from a HTML form element, the body of the network packet and the Content-Type in the header is application/x-www-form-urlencoded by default. Meaning the key value pairs are percent (URL) encoded and follow the scheme: key=value&key=value so there is an ampersand between them as separation. I successfully found an SQL injection payload which worked on the login form using a fuzzer program. However, the payload only works if it is NOT percent encoded and the key value pairs are separated by an ampersand (&) in the POST body AND the HTTP header states the Content-Type as application/x-www-form-urlencoded, so the format has to be: username=PAYLOAD&password=PAYLOAD. However, in HTML there are only 3 enctypes which can be used in a form and none of them replicate this exact behavior where there is no percent encoding and data is separated by & rather than new line characters (like in text/plain). Not to mention that the Content-Type in the header won't be stated as application/x-www-form-urlencoded if I use a different enctype parameter in the form method. So any ideas on what I could do to make Firefox send out POST requests with the data formatted in a way I want it to be (no percent encoding but ampersand separation), with the Content-Type staying application/x-www-form-urlencoded in the HTTP header, so Firefox handles the response packets and displays whatever is after the login page for me to see? (instead of having the fuzzer program tell me what reply it got and not being able to interact with the website - because it's not the web browser that is interpreting the network packets)

Whicih room were you working on?

https://tryhackme.com/room/cheesectfv10

@soft pier@misty obsidian was this something you guys set up intenionally?

So in THM CTFs why they dont have tags like hack box which tell us its related to web or networking or RE etc

They used to have those but sadly that feature is removed 😦

But you can still search by keywords , recommendations are pretty good 🙂

Yeah i remember that those were realy helpfull

#feedback-and-ideas 😄

Suggest to bring it back.

Yeah it was 😦 . But keyword search still functions very well imo .

Yeah lets bring them back

I have submitted my feedback about tags on CTFs I think few more can bring them back

yeah kinda @shrewd sedge shadows way in was using sqlmap to dump the database of usernames from the login form... this then results in you being able to use a specific sql injection attack to login

That's a creative initiative as well, haven't though of it. Regardless, since you guys intended the backend to handle the packets in this way, do you have a solution for the Firefox problem by any chance, that I mentioned?

not sure if we designed it this way or it is just an artifact from how vain configured it using llm:s

but if you have the username of the user from the database you can login with it on firefox

alternatively some people have found login bypass by doing things like gobuster/ffuf

I fuzzed with the same payloads for the username and password at the same time, should I send the payloads that worked?

Also, it wouldn't matter what username I logged in with, since if I sent the correct string as the password it let me in. That's why my problem stands, firefox has no POST format that would support the way these packets allowed me access to the next page.

So I manually had to analyze the packets and then access the redirection from Firefox. If there were cookies used, I would have been in trouble achieving this.

And I can not find any information on commanding Firefox to create packets (form enctype= neither) regarding Content-Type as application/x-www-form-urlencoded in the POST header, and having the POST body use the same encoding without percent encoding on the values. This is only for convenience so I don't have to manually do packet analysis.

user' AND 1=1 -- -

the password is impossible to get unless you do heavy brute force on the hash

Yeah I haven't got any real usernames or passwords. I just used SQL payloads to 'login'.

But let me try to simplify the situation. The fuzzing programs returned SQL payloads that won't work in web browsers because how browsers create the POST packets, meaning I can not easily 'login' and see what's after the login page.

So I was wondering if anyone has a solution on telling the browser how I want my POST body to be constructed.

no idea... never touched much of the firefox dev tools for post http method

Right, you guys probably have a list of payloads that can break the php script even if the input is percent encoded. That's probably why I couldn't find an answer to this or why nobody encountered the same problem in the write-ups neither.

They did spoiler a bit

I’m probably in the wrong place so if anyone could offer me a bit of guidance in the right direction, I would greatly appreciate it. I’m seeking help with possible infidelity regarding my partner that isn’t an obvious scam. Pls go easy on me. It’s hard to live with this feeling in the pit of my stomach & im not sure how much longer I can go on not being able to make sense of the small things that I notice but cannot put together. Thank you for your time.

I think you need to consult people close to you, not in this Discord.

Hi everyone

I was wondering , do I got points in THM for making a room or a ctf ?

I don't think so 😦

@weary meteor what's your opinion on what i posted in #room-ideas 🤔

Would it be too repetitive? idk

Good suggestion 🙂

nah, but you get the eternal respect and/or ire of your peers

The new feature on answer box is awesome, don't have to count by sticking my finger on the screen any more

hello🙂

may I ask for advice on how to remove infected APK files from mobile phones? I have even performed a factory reset, yet the app keeps reappearing after I delete it.

I don't know where it came from on my phone

My phone's antivirus has alerted me that root access has been granted without my consent, which is scary.

I analyzed the apk file permissions and found the following risky permissions

[android:usesCleartextTraffic=true]
android.permission.BIND_JOB_SERVICE
[android:exported=true]
android.permission.REQUEST_INSTALL_PACKAGES
android.permission.WRITE_EXTERNAL_STORAGE

This should be slightly harder to do, unless you've manually rooted your phone.

You can't root a phone without access to the phone physically.

Which Anti-virus do you use?

It is my personal phone

That means nothing?

The most interesting thing is that the apk called Magisk but it is infected version

Have you downloaded the Magisk before?

I didn't install it before

You need access to the phone to enable the boot loader and USB debugging, both of these are not enabled by default.

If you factory reset the phone, and you download from a cloud back up, this could be installing the app.

But i disabled the internet connection before doing it

Not very well it seems.

my phone is not working good now

Which handset do you use?

https://www.bleepingcomputer.com/forums/t/805230/malicious-apk-that-keeps-coming-back-even-after-you-delete-it/

I posted about it here too

Did you answer from Bleeping Madman?

Which handset do you use?

Redmi

Have you ever used TWRP before?

No, I didn't use it

ill send my device info now

Redmi 9A
M2006C3LG

Android version 10

I'd honestly factory wipe the phone, and create a brand new account.

Don't re-log in with a Google account (if you do)

I logged out from my all accounts and disconnected from the internet before doing factory reset

but it didn't work

I think, i'll have to do this

Last year, someone targeted my phone with this kind of malicious apk and when I submitted it to virustotal, it was Ajina named malware.

How credible is medium?

Just a blog platform

I prefer github for cyber stuff over it

Yeah but are the writers any credible. They seem to be working in the field and for some things even google searches give medium as result. Depends on what you are searching for. The advice still seems legit.

Well , like on any other platform , some are some aren't 🙂

I submitted the apk to Virustotal, it has found adware from the apk and MobSF rated it medium level risk

Well, it will do as Magisk is seen as malware because it roots your phone.

I guess but if you are new to cyber it helps because it explains things more than on github where you have to already know some things

Of course , you should always choose resources that suit you the best 🙂

yeah, I think, ill buy another phone this time

Guys, I finished the pre security learning path. Next I'm starting the SOC level 1 path. Any advice on how I should approach this learning path would be great.. I'm a newbie thanks

Congrats on completing Pre-Security path , great job 🙂 🚀 🔥 . I would recommend you to go with Cyber101 path before moving to SOC1 🙂
https://tryhackme.com/path/outline/cybersecurity101

Sounds good

Yeah , Cyber101 teaches some fundamentals that're required for SOC1 🙂

For sure, I want to get this right before moving forward

😂 I love the rooms that based on series or movies , so I was thinking of making one

the eternal respect sounds good

I seem to command more fear and ire so good luck

thx

Someone was unhappy with my last room and managed to break the downvotes

what was your last room ?

Race condition with burp 😂

For legal reasons this is a joke

I maintain the measure of a room's success is the number of death threats received by the creator.

true

I got quite a few

(it's still medium in my eyes)

I consider my latest a HTB Medium standard.

We're gonna find out if I've got any better at judging these

probably get reclassified as a hard

How many did you send for Madness?

Send?

Death threats

None that I can remember?

That was an annoying box though, so it's possible lmao

@weary meteor you must have a lot of CTF's under your belt to be a mythic lol

Well i completed some but still have a lot to go 🙂

Can I add you so I can ask you questions if I have any, since you did create rooms before ?

@weary meteor Do pros follow writeups too?

Hell yeah

Not saying I’m a pro myself but I recently looked through some walkthroughs for a CTF I was doing lol

Really? I have read that it is okay to follow writeups too because "you don't know, what you don't know". But I feel bad peaking and looking at writeups lol

Nah, you shouldn’t feel bad. Its really true that if you don’t know something, you’ll just get stuck most of the time about it lol

No need to bang your head against the wall for a CTF challenge if a writeup is available (provided that you’ve at least tried and exhausted your options).

Well i ain't a pro but i was using a lot of writeups when i was on beginning of my journey , they proved to be very useful , especially if you can find a good author that suits you 🙂 . Write-up should be detailed and guided foe it to have some purpose . It should walk you through each step so you can understand what's going on and what should you do 🙂

Writeups are very useful bc if you’re really stuck you can add the info to your toolbox for future challenges ❤️

hello guys anyone have tryhackme monthly coupon code ?

Please don't ask in the server. 🙂

just curious, for hacking do you prefer 75 or 80% keyboards?

Any recommendations on a pair of blue tooth over the ear microphone boom mic headsets?

man i feel this in my bones homie. when i started into this side of things and finally found that "thing" that made it all connect and created a learnig addiction its made me an all around better human being.

Good on you, keep up the grind !

Hii Guyzz

Anyone intrested to be bussiness partner with me

same here thm are very cool

@weary meteor https://tryhackme-certificates.s3-eu-west-1.amazonaws.com/THM-6OA1SNLYQK.png Those are worth to show off to the employers?! I mean those recognized in someway?

Not really 😦 . You may add them it won't hurt anything but this isn't real certification , this is just a certificate of completion of that path .

Ofc, those not real ones im aim for just wanted to know if its worth smthing.. Thank u

Well you can't add them it probably won't hurt anything but also don't rely too much on them 🙂

Got another one lol..

https://www.youtube.com/watch?v=Ut2YF7j318I

Love this clip and this aspect of the job. Was stuck on AdvancedElkQueries, T3Q2, reread the question at least a few dozen times. Know I'm pulling more logs than it wants, can't think of what they want for the second filter.

Shut it down, take a shower, refresh the coffee, and look a the question again. Immediatly notice they want a particular server type.

Now if I can just find somebody that'll pay me to do this type of thing.

That depends on how you add them...

If anyone technical on the hiring team sees them in the "Certifications" section it's an instant red flag that you aren't familiar with the difference between a certificate of completion and a certification

V-Moda

💀 🫣 I've added my THM certificates in the "Certifications and Achievements" section and applied to Google cybersecurity internship.

I meant the cert of completions in my original quession... Still dropped em on Linkedin... Prolly wont hurt

Yeah, LinkedIn is fine, and saying on your CV that you've done them is no bad thing in lieu of experience either

I’m trying to figure out if I’m ready to apply for a job or internship. Could you please share your thoughts or any advice on how to evaluate this?

Im added u on Linkedin, i hope its fine, just try to get much smarter ppl around me instead of doomscrolling

The postings should be pretty upfront about this stuff. You're generally not expected to be responsible for anything (at least alone) as an intern either. Assuming it's offensive security you're applying for:

• I would expect an intern to have reasonable foundational knowledge across the core topics (networking, the basics of OS internals, web technologies, ideally cloud, etc), but gaps are fine. Keenness to learn is more important.
• For a junior pentester I would expect roughly OSCP level -- i.e., enough knowledge to go off and do a core job under the leadership of a senior tester.

I mean, go ahead, but I warn you: I rarely ever use it other than to accept incoming connections lmao

Thank you so much for your detailed response !🙂 I really appreciate you breaking it down for both interns and junior positions. Your advice has been really helpful. After reading your advise, I feel that I've already completed the basics you mentioned. This has given me more confidence, and I think, I'm ready to start applying for jobs.

Gave +1 Rep to @quaint basin (current: #10 - 844)

This is kinda out of topic, but is anyone familiar with discord - someone somehow fabricated this screenshot to make me look like i sent them a scam server link, istg i've'nt. they made it looks so convincing, just wondering if anyone knows how they did it

they somehow changed my original message to something completely different

Discord is rendered as HTML on the client side

no different to being able to F12 on a website and update the client/viewers copy of the text

oh right thank you. this really buzzed me off so much. full context i was modding a server and he was self advertising. i was baiting him to give a link, which he did, i was stupid and revealed too soon i was gonna mod him. he deleted his link and made that above ss

Gave +1 Rep to @serene trench (current: #9 - 912)

ive learnt to install vencord (to see deleted messages) and to be stealthier in the future

No worries:) yeah pretty annoying I can imagine. The desktop client for Discord is just electron - a desktop web browser basically. Fairly easy to doctor text/messages/etc just by changing the HTML and taking say a screenshot

but it's only on that persons view - doesn't change the actual message

does it mean - if i force them to reload and screenrecord. this wont work as he will just say i deleted the message

but thanks again for helping

Yeah, if the client's/persons view is refreshed it'll show the actual message

discord doesnt keep the full DM transcripts too, sad

Thanks for adding this 👍 🙂

Gave +1 Rep to @quaint basin (current: #10 - 845)

Advice needed!!Im into blue teaming and was wondering will a iMac work

i think its fully personal preference

hello, any one from UK?

The majority of it.

Ah that nice

happy to know that

hi

Please don't post the same message in multiple channels, the bot may mute you.

Well we're all here to help 🙂

👋
Kind of weird to ask this.. I'm very much into philosophy, but something I've never considered as a philosophical enquiry is ethical hacking, what falls into ethical and unethical? Apart from the obvious... I wanna hear people's opinions/personal philosophies more than anything

Myself coming into this area I would consider "ethical hacking" anything that might be deemed acting against the better of other people, so if it means bringing a bad actor that poses a danger to vulnerable populations or generally speaking a bad actor toward a community, to justice, that would surely be ethical, right?

On the other hand I believe simply hacking for the sake of "revenge" or "personal dislike" is simply capricious and unethical, or for the betterment of oneself. At the end of the day it should bring good and betterment to the state of something of a larger population.

Then again I haven't given it much thought

you might want to have a look at textfiles.com and phrack.org because whats considered ethical in the past and now, changed a lot in many ways. these might be good resources to document it

Revenge hacking is more illegal, as it is unethical

Basically what I meant

I appreciate this, thank you

Though it's called ethical hacking now, I believe that's actually a marketing term created by EC-Council. Really it's not a matter of ethics or morals, it's staying within the boundaries of the law.

any one finished this room :

https://tryhackme.com/room/mastermindsxlq

can I go through it with out a a background about brim ?

What exactly does this output from xsstrike mean: Payload: <HTmL%0doNPoInTeRenTeR+=+[8].find(confirm)%0dx//

Where did you get it from?

From xsstrike

What are you using xsstrike on? Is it from a THM room?

If it's THM content, #room-help is the best place to receive assistance

It is but there isn't a room on xsstrike. I mean in general what does that output from xsstrike on a vulnerable page mean

Anyone from India?

hello everyone

Ello everbody

Me

Yollloo

a secondary device so uhmm iPad or laptop 😅 as a blue teamer!!

Bello

Wassup

https://tenor.com/view/hey-apple4325-gif-17003248349272592880

hello everyone

Hello , welcome 🙂 👋

👍

on tryhackme how to avail voucher anyone

What do you mean ?

word of the day: hagiography

hagiography is biography that idealizes or idolizes a person and their life

Hello folks

hello folk!

Hello there

I was working for more than 4 hour, just came here to relax a liitle before going to bed, I seriously though you are typing anything, had to go and translate this on google !

lmao

word of the day: gallant

meaning: someone or something described as gallant is very courageous and brave. gallant is also sometimes used to mean “large and impressive” (as in “a gallant ship”), or to describe someone who has or shows politeness and respect for women.

I mean to say that there is tickets section where it shows different tickets, some of them are for availing like baseball cap from track me

That event isn't active anymore 😦

Anyone from Malaysia??

https://youtube.com/shorts/sVbo65i66bU?si=o5u1QHFUSytu1_ey

Enjoy this cat singing

what should i better do next?

Depends which careers path you want to pursue 🙂

the thing is i am building my foundations so i want it all.

then i will edit my CV accordingly after the next Milestone and try to integrate in the Hi tec industry.

KGB You are always helping Thank you so much for doing this. it's important to tell you this i dont know im not if you get this appreciation very often but you should you deserve it. be blessed!

Well path on the left is focused on blue teaming activities ( DFIR , SIEM, ... )
Path in the center is focused on red teaming activities ( web app pentesting and vulns, priv. escalation , recon,... )
Path on the right side is focused on DevOps and security of the process 🙂

KGB if i am shifting from Construction to Cyber i am feeling like everything is so in my blood so interesting and i am so eager and willing to learn yet seen something that make me feel like "ok this part is not for me", is it normal?

therefore i thought to learn everything in the paths.
i love by the way THM very much. Amazing platform always talk about with friends.
THM should advertise in TV more themselves the Platform.it amazing.

Yeah , this field is very broad , you can be perfect on all fronts 🙂

I think ill follow the middle as i am already there and Do the 2 more paths i have there. All of the best for you and everybody here and good luck studying and Never give up ❤️‍🔥 Never Ever fall to the trap of despair and your life will be good hard times are always temporary. Wish you all Happiness.

Thank you 🙂 . Good luck on your cyber security journey 🙂 🚀

Gave +1 Rep to @smoky glacier (current: #2671 - 1)

hi i cant connect to openvpn anyway dose someone have goog ideas?

Try to ask in #site-support 🙂

Hey guys, I was wondering which rooms/labs would be best for me to prepare for "IT Security and Compliance Specialist I" role this would be my first tech job and I'm extremely nervous lol I want to make sure I know everything I need to and be as best prepared as possible.

Which type of rooms are you looking for 🙂 ?

anything that would help me prepare best for the role

Maybe something like this 🙂
https://tryhackme.com/path/outline/security-engineer-training

awesome, thank you! As I said, this is my first tech job and I'm extremely nervous lol.

Gave +1 Rep to @weary meteor (current: #2 - 3175)

Good luck on landing your first tech job 🙂 🚀 🤞

thank you 🙂

Gave +1 Rep to @weary meteor (current: #2 - 3176)

If you're looking for some career/certification advice you may be interested in checking #cyber-and-careers channel 🙂

awesome, I will check that out

A friend gave me a Kobo Mini, but it's reeeeally little. So now I'm writing a pdf with all the most useful commands to have it as a companion while doing the rooms.

What do you guys think of this use?

That's really cool, I used to do my desktop background with my "list of the commands and things I always forget"

Looks great , note taking is very important imo 🙂

better to study everything back with note takeing and labs

can I turn on 2 vms in my computer and try to attack one from the other ?!

Yes, just tried it yesterday my first time!
You can set the network to host-only (vmware, must be able on VBox as well), and they will be in the same network.

Cool

You should download some stuff from vulnhub to practice

Hey, i was trying with the SMOL room today. While i enter the url to add smol site to/etc/roots it's not responding. anyone facing the same issue, or am i going wrong somewhere. pls help!

like what ?

I didn't do this room yet but if you try to add a url , it's on /etc/hosts not roots

Whatever interests you brother

I’ll grab the link real quick

https://www.vulnhub.com/

Can you provide a screenshot of hosts file 🙂 ?

Yes , you can 🙂

Ello

Hello 🙂

Hi

👋

Hello

Look up the tldr utility

I was trying the magician room , and every time I try to upload the image to the website so I can get a reverse shell it refuse to upload even so it's a png

Can you provide a screenshot of what are you doing 🙂 ?

word of the day: billet-doux

meaning: love letter. the word's plural is billets-doux.

#room-help

That's really helpful. Thanks!

Gave +1 Rep to @twin ridge (current: #13 - 622)

Happy Valentines day folks, it always crops up a little PTS for me as I remember working for Dell at a tech support call center in the early 2000's and a small repeat of the ILOVEYOU virus happened.

Don't click that link is fishing

Hey guys, is it beneficial or heck, necessary to learn Splunk to get cyber security internships or jobs ? I see it appearing on a lot of job requirements these days

It's one of the industry standard SIEM solutions , if you're aiming for a blue team pisition it's definitely a nice skill to have 🙂

Hey there, can kali be used as a primary OS or is it better to use it in a VM?

It's best to use it in a VM, it's too unstable to be used for a host OS

Thought so. Thanks.

Gave +1 Rep to @south inlet (current: #1 - 3392)

I need to rang my gig 🥺😤
Who can help me free here

What do you mean 🙂 ?

I have been battling with low impression on my gigs I need someone who can help me out in strategical way am ready to learn

How can I know the physical location of admin of a website? I find from whois and other source of their DNS and public IP, the person pays service not to disclose their real location. In this case, no-one can find where they come from?

Does anyone know please?

Why are you trying to ask this question?

Short answer: to find if I protect myself..

long answer - being scammed, and want to track bad people

Hey, is anyone here done the OSCP (PEN-200) who can answer some questions? (i hope its allowed to ask this question here.)

If you're looking for a career/certification advice , try to ask guys in #cyber-and-careers channel , this channel is not active that much 🙂

Thanks for the reply, i want to get some inforamtion about the exam (if i can rely on rockyou for password... ) im a kind of worring about the exame...

Feel free to send a message to #cyber-and-careers , they will definitely give you some great advice 🙂

No. Your best bet is the OffSec discord. If you’re currently a PEN-200 student, you should have access to the course specific channel.

ok thanks

Contact the police.

yeah

Anyone know some honeypots for personal use?

Do you guys tend to learn what you're interested in or what you view as most lucrative?

I ask because I have the CCNA and Network+, I feel like I should focus on network topics but of all the topics I've found in THM, by far the most interesting to me is malware analysis. Despite how much it intrigues me, I don't see this ever being relevant to my job (lvl 1 help desk) or in any roles I could apply to in the near future.

I've found that if you keep an open mind and continue learning about a variety of topics, you'll find parallels and connections between them that you may not have initially realized, especially if you find what you're learning about to be interesting.

For example, I'm just a software developer/engineer at work, nothing to do with security, but my interest in DFIR has actually helped me "reverse engineer" some programs and write my internal tools for data analysis and calculations at our organization.

Plus, if you broaden your knowledge base you're less at a risk of pigeonholing yourself and waking up one day realizing you're stuck in a career you're no longer interested in (I'm not saying you don't like your job or anything, it's just nice to have options just in case 🙂 )

Thanks for the encouragement. I was wanting to justify spending the time to do the entire Malware Analysis module and really taking the time to understand it all.

Gave +1 Rep to @turbid wasp (current: #1068 - 4)

Also, don't rule out the possibility of doing malware analysis as a hobby or side gig aside from your normal job. This is actually my goal right now, to get comfortable enough were I can maybe start to contribute to some open source projects, regardless of what my day job is.

Probably focusing on the wrong thing here, but do you think there's a point of having dual-boot and run a linux on hardware or just windows with VMs is enough to test everything I'll need as a beginner?

Windows with everything as VMs has been good to me so far

There is no big benefit with running Linux (afaik) as a desktop other than personal preference imo.

I also prefer Windows + VM environment 🙂

Hy, Can anyone help me with it:
Match all of the following filenames: ab0001, bb0000, abc1000, cba0110, c0000 (don't use a metacharacter)

_ _ _ _ _ { _ , _ } _ _ _ _ { _ }

Which room is that ?

regular expression

OK , do you have any idea how we can do so 🙂 ?

no, i tried it so many times but couldn't get right

Ok , what have you tried 🙂 ?

this is question 4 in task 4 of this room, we need to get regular expression that can give all names as above give in the question

Ok and what have you tried , we need to have a starting point 🙂

i tried this one: a * b * c { 0 , 1 } [ 0 1 ] { 4 }

these curly brackets can't be changed

we need to get these file names: ab0001, bb0000, abc1000, cba0110, c0000 (don't use a metacharacter)

Ok , this looks good , we only need to fix a few things . First of all , you don't need * , we can use just [abc]
Second , we know that our characters [abc] would be in the first 3 places we can specify that using {1,3}
Next we'll have either 0 or 1 [01] , repeated 4 times {4} . So in concucluion our final regex would look something like this :
[abc]{1,3}[01]{4}

[] - specify characters
{} - number of repetitions

yeah i got it, thanks a lot @weary meteor

Gave +1 Rep to @weary meteor (current: #2 - 3258)

hi everyone SNORT is firewall or IDS system ? some say that it is firewall and some say that it is IDS ?

ids/ips

thx

Does anyone got any project with raspbery pi ? I am thinking about making a project with it like IDS/VPN/FireWall that kind of things. Does it have a big impact on the job CV ?

I have had someone claim to me that you can monitor somes SMS inbox just by knowing their phone number.

Is this something commonly known?

no.

you can't intercept SMS by just knowing the phone number, in 99% of cases it requires physical access or at least requires the victim to be connected to a compromised cell tower

Thank you. I was confused for a moment since this was my assumption as well.

Gave +1 Rep to @next bronze (current: #242 - 30)

Even then, what you see from a compromise cell tower is not phone numbers but their IMSI equivalent. Only the network provider can map out these IMSI to the respective phone number.

I mean, yes that's true

hi

hello

Heya

https://tenor.com/view/hi-everybody-simpsons-wave-gif-12144219

You can verify to upload screenshots/GIFs directly . You can learn how to do so on the link below 🙂
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account