#quiet-conversation

true sry

beginner advise: If you run into some file type you don't know and it's encrypted/encoded like .asc just save yourself a lot brickwall beating and see if john the ripper has a tool for it.

and use file

I tried out mr robot ctf and like I got the first flag easy and I figured this ser the pace of the other flags but I was wrong based on my searching of already shared tips in here on this room

i am now 0x9
i am officially in the "ok" kids league

i am now 0xD

i am officially still in the "ok" kids league

niccce so I am not even born to be a kid yet

when 0xE & 0xF

What's a higher title than God?

Lead Mod

Would that have too much effect on your level on the website?

No -- Contributor does though

I am level 998 on the site

bug hunter
muiri doesn't have it i guess

Not strictly true. I prefer my contributor role

Is using autorecon tool wiser?
as in for nmap and dir fuzzing stuffs?

I too prefer your contrib role, many splendid stuff thy haf done < 3

There's not one.

.. I know, I was being sarcastic.

So was I.

Only God there is the Mother, in the eyes of a child, but that's my opinion.

And also William Makepeace Thackeray.

hi

late hi

Even later hello!

Today is a "date that will live in infamy"

80th anniversary as well

was that Pearl Harbour?

I don't remember, Americans were always a little self-centred 😛

Yeah, Pearl Harbor

no cap!

Shut up

Don't be rude.

morning all

What is the name of thm room that teaches the basics of security frameworks ?

Which one?

I wish Attack Box was unlimited until the Christmas.

It is... for subs

Lol was about to say the same

It's one of the subscriber perks 🤷‍♂️
That, more content, and faster machines.

Or less slow in case of windows vms 🙂

Depends what's running on them and what they're bumped to, tbh

Like, a lightweight Windows VM running on t2.medium is nippy af

That's obviously vastly overkill though, so we don't do that. Most Windows VMs get bumped to t2.small (2Gb RAM) and that's more than enough to make them comfortably fast

Unless you forget to turn off automatic updates...

principals of security, nice room

.

Need to work on my highschool profile essay but I'm so unmotivated aaa

Need to answer like... 4 more questions https://i.imgur.com/Gsxb6si.png

I already answered 2

fix those reds

ia m me

It seems ur a fellow dutchman😎

Yesss

updated me apt repo and half way through this happened to my terminal

anyone know why lol. im sure i can reboot and it will be fine im just curious.. Not even sure what to ask google so

gonna guess you are using zsh and your update tried sourcing your .bashrc file

try source ~/.zshrc

Because the process, you last ran, printed some special characters but didn't print the closing parts
For instance, \33[0;0m to reset color and some other stuff (see man console_codes, ESC CSI section)

You can reset your terminal

Wow, thanks @woven patrol I’ve had this issue before and I’ve never known how to fix it. :D

Gave +1 Rep to @woven patrol

Thank you @north roost

Gave +1 Rep to @north roost

And thank you

Why is TTL described in seconds instead of hops?

Perhaps you should give a bit more context on this. For example, in IPv4, it’s not seconds in practice, as every hop needs to decrement the value by at least one.

My icmp packet made the kessel run in 12 hops

NES and SNES creator Masayuki Uemura passed away

RIP

kringlecon started!

Yoyo

Does anyone know how hashing works? Or any site that can actually tell me. I want to know what’s actually going on but all of my research just says it’s “a one way cryptographic function” and nothing past that. It’s quite infuriating actually.

take a bit of data, mangle it in such a way that you
a) cannot get the data back from the hash
b) small changes in data cause big changes in the hash

basically

also that the function returns the same output for a given input (ie no randomness)

Well yeah I know but how does it do that

That’s what is happening and I want to know how

I want to understand the “mangling” that’s going on in The process

Depends on the algorithm. Here's md5 for example https://en.m.wikipedia.org/wiki/MD5

They generally play with modulo arithmetic a lot

BRUH

Hours of searching and I didn’t even think to check wiki. I actually hate myself smh. Thank you @twin ridge

Gave +1 Rep to @twin ridge

I have a question about Jobs Board and how to get something in there if anybody could give me a hand?

Feel free to DM me and I can give more info =]

Hi, reach out if you need. Assuming Muir hasn't already

James! It's been too long. Ty

Sheesh I just found my grades from year 7

fortnite addiction moment

advies negatief 😉

@timber lantern Please keep it English only. This is part of rule 8.

ok , srry

i was distracted by these grades

My exam week ended a few days ago; grades are looking good but still need to get my English grade

had to write an essay on COVID vaccinations

I had to write one about last year's economic situation lol

that was mandatory?

yep uni work

I had to do that as a practical exam for economics at the start of this year

Basically analyzing the impact of COVID on the job maket

Pretty easy ngl I was inspired 😄

I'm writing one about zoom teaching atm

Yep same Lau

It's at least cyber security related

let me geuss: conclusion is more jobs available on job market?

Yep something like that

The teacher set a 1 page limit (thankfully) https://i.imgur.com/7CLG6W4.png

I just threw random graphs in there so I looked smart™️

lol

No page limit so I wrote 4 then final conclusion otherwise it'd have quickly become a entire book

Ah kek

I once wrote a 56 page booklet on python for my CS teacher

https://i.imgur.com/stRPFmb.png

he promised me a 9.0 or higher if I submitted this as a final exam project

That's the first I've seen Covid mentioned since joining.

Pleasantly surprised it's not a much spoken about topic.

Is it just me, or it's indeed scary, when you log in into your e-banking with 2FA and a "We are sorry, the resource cannot be found" + broken CSS HTML welcomes you. Without any outage messages on the bank's site itself.

holy crap

Made that when I was 15 and the quality of the booklet itself is bad, while the explanations are pretty good

I kind of want to remaster it but I currently do not have the time 🥲

"9.0 or higher"? What kind of grade-scale is that?

Hopefully 0 to 10 on a 1 decimal place scale

Which is effectively percentage points

The question is always: where is the cut? (I.e., below what is a failing grade)

Yeah, or a 1 to 10, not sure

5.5 in the Netherlands

thx

Hi 👋🏿

Good morning 🌻

https://twitter.com/majornelson/status/1469709375153455110

I had no idea this was a thing

My switch has Xmas season

@dry torrent #bot-commands please

kk

looking at this convo made me think about my upcoming grades, btw I'm IBDP. That shit is hard

w my homie

drinkin cherry coke < 3

@half fractal first time drinkin cherry coke 🤯🥳🥳

it ain't tasty but anything to get accepted into cherry cult

hi guys, anybody here for a bit of career advice?

#cyber-and-careers

Not to brag but thm has by far the best clear and understandable form of explanation when it comes to explaining IDORS. Other resources are really good as well

100% agree

hello spanish people

habla ana

is that really used in conversation?

I think in a conversation that is more formal, I can see it (phone conversation)

Duolingo is super formal to the point where you’re alienated in a real situation

What, you don't talk about cooks preparing snakes for food?

Especially with what I’ve picked up from German, it’s not that similar to how Duolingo makes you learn it.

Which is why it’s always best to supplement Duolingo with another form of studies or research. If you can actually talk to Spanish people often it will benefit you.

Yeah, duolingo and the way they teach German in school is super formal in the US. We had a teacher from Germany my freshman year where we were learning more slang but she left. When I went to Germany, I found out the locals call it "ballroom German"

which is good or bad?

what are some walkthrough rooms about pwn tools?

https://tryhackme.com/room/introtopwntools is a good one

yea ive seen that and finished it

For formal? It makes it awkward and you as a non native speaker have a hard time conversing with a native speaker

It also immediately pegs you as an outsider, which in some cases can be bad or even outright dangerous

Does this look like a formal essay title page? https://images-ext-1.discordapp.net/external/HhYOyXgHlQLBUmonw2X5zMyWdKL9u3hkUS-wvXUqLkA/https/i.imgur.com/msPy39t.png?width=646&height=910

I didn't want to go overkill with buzzword images

especially because my entire essay is this black-white style

If you want to know how people talk naturally, it is best to watch various tv shows, "Nailed it" and "Niquelao" are great ones and get you learning kitchen related stuff, be careful of telenovelas because of overdramatization, but tv shows, movies, podcasts, books, etc will help with natural language... lots of Spanish learning was initially geared at business learners so often there is a formality in there

I'd go black text or blue with white background for a formal paper

Yeah it is, I'm using word on darkmode

Oh that's trippy

https://i.imgur.com/iXtV9Qt.png

Do you have a subtitle?

Subtitle?

Yeah so my last formal paper was a look into Data Exfiltration. So the Title was Data Exfiltration and then the subtitle was "a look into the methods and techniques used by actors to remove data from your environment"

Idk if it was exactly that but same point

It's a way to lead people into the paper and generate intrigue. Rather than a mostly white page

Ohhh like that

goodmorning

No one :

pwntools:

excited for this 🥳

Reeee lets goooooooooo

:(

Oooooo

@twin ridge rip

I know

Don’t worry, It’s still great for rabbit holes.

Hmm?

Well I think I have an idea for a challenge box but I don't know if it's viable yet

now that I think of it, it might be hard to spot if this was used for a rabbit hole.

.

@fringe ocean mind if i drop a dm?

imagine you are driving through a lonely road at midnight which is notorious for crimes. Now a women with heavy luggage waves for a lift.Will u stop ur car and offer her a lift ?
1 - I will offer lift.
0 - I will ignore her.

need it for a survey

if this is an area notorious for crimes, how do you know she doesn't have a dead body in that suitcase?

you know nothing about her but you are also not sure that what if she really need help

and real question, is why are you asking this question here and what is this survey for?

and why are you driving through an area known for criminal activity at midnight? are you on your way to a crime yourself?

here more people are active , so i can get a better response and this a survey for my study of 3 physcological phenomena - Moral licensing , Unknown trust and emotional quotient . That road comes into the route for ur home

thats why u have to drive through it

You got an ethics review for the study?

Asking people ethics questions without an ethics review is ironic

sorry i can't understand what are u saying . are u saying that i should have a ethics review for it?

Basically, yes

ok

@radiant jacinth 0

I hope you liked it! I am thinking about making a sequel sometime, maybe going into more advanced stuff like ROP, leaking stack canaries, etc. I'm almost to Christmas break from grad school, so I may be able to start cooking one up soon. Is there anything y'all would like to see in it?

I absolutely loved it!!!
I would really appreciate a sequel room that focuses even more on the python pwntools library, and another room on how to bypass the executable protections, Thank you for the awesome content.

Gave +1 Rep to @azure trench

general chat is being confusing so im coming over here

echo #general | grep "useful"

ahh okay, 0 results

you existed there

at least 1 result

so - 8

sorry i meant negative 8

ah yes - self sabotage - my favorite

Port 42069. my favorite from now on.

Lol

i prefer 1234

Hello dear

I am program developer. and how can I get job?

I have many skill and experiencs.

Write a resume/CV, find job openings, apply.

Thanks. I have already CV. how can I get job?

Gave +1 Rep to @rapid summit

I want to work for a long term with client.

Look for job openings. That's the next step. Linkedin, company websites, local forums that list employment opportunities may help with this.

Thanks. but do you know client? if you know , please introduce me.

Gave +1 Rep to @rapid summit

@radiant jacinth please do not send unsolicited DMs. Look for companies that interest you. Locally, ones that offer remote positions, ones that you might want to relocate to. You'll need to do the research yourself.

Ok. thanks.

Gave +1 Rep to @rapid summit

yaa sure. why not.

A raisin isn't a dried grape, a grape is a moist raisin

Ive just read this company's job posting, what do yall think about it

I know my username but I don't know my e-mail address so I can't reset my password, what should I do?

Did you use a burner email or something?

Create a new account and use it instead.

I myself used my mail but forgot which one

just try all, how many can it be

Worst case scenario arrEmail = @(email1,email2,email3,email4) fnTryAllResetOptions(arrEmail)... 😄

https://i.imgur.com/fjbl5N0.png
https://i.imgur.com/pmg4JEm.png

which version looks better? I tried using APA for the first version

MLA is probably one of the better looking formats but that's probably because I grew up with it

Also graphs go in its own section

I think

Ah okay

Doe maar APA, ziet er netter uit

Please keep it in English only here, this is a part of rule 8

Please dear fellow Netherlandian, If you would be so kind to use the APA format for your source disclosure in your documentation, that would indeed be preferable for mine eyeballs and the eyeballs of any reader of thine technoscrolls.

https://www.youtube.com/channel/UC6kdRM6PIsTlZhGnu0d25SQ

“Rick astley”

lol

yes

just made a masterpiece https://i.imgur.com/XCE59mY.png

I call it "pieton"

bruteforce it, kek. ( not literally )

try ever single email you have & password till you get it.

Let’s not try to suggest to brute force anything on the site.. especially as all that will happen is cloudflare will ban your IP.

I’m not talking about actually bruteforcing it
I should’ve worded that better. I’m talking about just guessing every email you got until you find the one.

There’s a word for that, what’s it called again

😄

HEY!!!! Go Me!!

Hey I have a sort of dumb question, it makes sense to ask in my head but I’m sure the answer is something obvious that I can’t think of

Why stop at AES-256 bit encryption? Why not go all the way to AES-65536 encryption or something. I’m sure the answer is simple I just can’t put a pin on it. Maybe a hint? I kind of want to figure this out myself but I’m stuck

Time

OH

Thank you so much

Gave +1 Rep to @spark sun

I’ve always found it difficult to find a site that can explain and teach bash scripting. Especially Regex examples and explanations. And today while looking up a question I found a good site that explains a good amount about bash (specifically special characters and what they all do). The site is tldp dot org if anyone wants to look. Right now I’m looking at the advanced bash scripting guide it’s a nice read (despite me not knowing any beginner level bash scripting)☠️☠️

I was curious as to why most bash scripts ami saw started with random stuff like ‘\n %s #n’ and just seemingly random stuff and I happened upon this site after about 20 minutes of looking lol. I still don’t know the answer but I will after reading for some time 🙂

Computing power mostly.
AES-512 isn't uncommon.

This. It becomes impractical and cumbersome. I don't think AES uses primes but that would be another factor for cryptosystems that do

At least if my dinosaur pea brain remembered Cryptography class correctly

my brain couldn't survive that class

wait aes-512??? shadow has never seen that be used or refered to anywhere else

It's been creeping in for a couple of years now.
I can't remember off hand, but a couple services I've interacted with have offered it as a default

still sounds weird as the standard and definition for aes only defines keys up to 256 bits

https://ieeexplore.ieee.org/document/6122835

well huh

It doesn't look like a fully adopted standard yet. Wish I remembered where I've seen it.

https://crypto.stackexchange.com/questions/20253/why-we-cant-implement-aes-512-key-size is what shadow found as the first result on the topic using duckduckgo

still it seems like a good idea to some extent to continue improving on AES.... but shadow is fearful for how we are going to handle the problem of quantum computers cracking cryptos and is unsure which are safe or not in that senario

Definitely. Quantum superiority is a believably attainable goal at this point. Which essentially means it is an inevitable reality.

And I doubt any classical algorithms will be particularly resilient. Even extraordinarily large private key spaces only offer so much resistance when enough QuBits are arranged to simultaneously test dozens of permutations of 5+ characters at a time.

Then there will be algorithms which are designed with Quantum Computation in mind, so as to make it harder for these systems as well to crack brute-force the keys

Can confirm that AES512 is FIPS compliant.

I believe that is where elliptic curve crypto research comes in presently.

It is surely just one among others 👍

what is FIPS again???

A norm from NIST...Federal Information Processing Standard (FIPS)

Isn't AES512 non-standard, as AES supports {128, 192, 256}?
I mean popular libraries do not implement/provide any methods, do they?

@mortal venture computation power mostly. If you have a raspberry pi, try to ssh-keygen a 16384 key, you can do it but it will take awhile to create. Also a user with a key that big cause the puny raspberry pi to hang while it processes that giant key

if you have powerful computers and security is more of a concern then speed...go big, if you are catering to general public, where speed might be more valuable then security (go capitalism!) then go smaller

Federal Information Processing Sys- er, Standard. Edited because I forgot and had to look it up

oh that response took a while... still thanks for stating it.... now time to look into exactly what that means

Gave +1 Rep to @spark sun

ah so they handle standards for use in computer systems that are none miliatry but still connected to the government

together with other standard creators

Yeah, got busy with work meetings. Hard to skive off for discord when meetings aren't a waste of time

true and completely fine... hope the meetings went well and are going well if you are still in some.... don't mind us while we find the info ourselves

Nah, work is done for the day. I still have reading to do but that never ends

noted noted thnx

ive just read half of Gilgamesh story summary and I am now mad that I didn't know it existed before

Can someone reaaalllyy dumb down the path environment variable? I can only find a lot of techy explanations that make little sense to me (sorry small brain 😦 )

Maybe I can understand the techy explanations if I can get a dumbed down explanation first? Idk

There's an explanation in Deja Vu that I'm very proud of

Is that a YouTuber or website or something?

Sounds like a book

https://tryhackme.com/room/dejavu

Oh…… I should have thought of that first lol. Thank you once again James 🙂

I literally skipped to task 5 and I’ve already learned like 3 things in just the first few paragraphs. I shall complete this room when I get home :). Thank you again

Gave +1 Rep to @burnt night

that strikes me as a lesson learnt on the advantages of taking your time and absorbing information, eh? 😆

It's all there for a reason -- it's foolish to skip over it :)

I think they jumped to the information that was relevant to their question - I don't think they'd started the room first.

Oh. Oops

Yeah, I misread that 😅

James is correct although your input is always appreciated Muir!! 😄

Can anyone point out how to decode this hex to text : '0bd8df'

https://gchq.github.io/CyberChef/

Your question equals a one half fraction though. The website is drag and drop

Yeah, sorry -- read that completely wrong 😄

Tried that but i think i cooked the wrong recipe and burnt it xd wdyt the right recipe would b?

‘From Hex’

What did you use? screenshot works also

Wait did you use a zero instead of the letter o lol

I used from hex the output is this:
.Øß

Is that unicode?

It was zero 🤔

Freeganism is looks good

It was a zero? Hmm. Where are you getting the hex output from?

E

Is it like missing some field?
I double checked the dropper ps1 file that i got this hex string from this string is kind of like a path component to a url e.g http://c2cdomain.com/0bd8df

Why are you trying to convert it from hex🤨

Yeah that's not going to mean anything

It's just going to make it harder for others to stumble on it, or potentially work as an ID for something.

Shouldn't I 🤔

Could be possible 🤔

It’s just a directory what are you trying to get from the name of the directory

Any suggestions on what should i do with it cuz I've run out of recipes 😂

Do Nothing

Yeah!

It's not encoded text

It’s like how YouTube puts all their videos under directories such as “akfUbU73J” it means nothing

So it's like that huh 🤔

Typically yeah

But the source said it was encoded 🤔

What source

A ps1 file i got assigned to analyze xd

What ps1 file

Gonna need some more info man :/

Is this for a box? Schoolwork?

I'll drop the ss for that file in a few mins

Nah just random malware research

I'll post in a few mins

snipped a few lines of code so av wont delete it as malware

@alpine isle Please don't post malware even if it is part of your homework.
Please don't ask for homework help. Talk to your teacher for help first.

It was just regular text now explaining the part of code i was lost in.. since i snipped all the functionalities away 😅 and this isn't hw 🤦‍♂️

Malware discussion is only allowed in #exploit-and-mal-studies
This channel is locked behind certain roles including but not limited to 0xD, OSCP, or Throwback.
Thank you

Gave +1 Rep to @alpine isle

Google is always a good help sorry :/

Hi y'all, made some banana pudding a few weeks ago. Meant to post it here in our unofficial cooking channel. I ran out of Nilla Wafers, so couldn't cover the whole top, so I tried a X to spread them evenly. It was still really tasty, it was a big hit at a potluck.

Looks delicious 😋

😋 😋

Hey need some help
I was able to login into as a certain user. while poking around i found the authorized keys of another user, now i want to escalate priveledges to that user but i dont know how to go about it

is this a room?

I hope so

#room-hints or #room-help may be more appropriate - which room is this for?

https://www.reddit.com/r/pcmasterrace/comments/rl61hp/g_o_o_d/

and it used to be meth labs, now its crypto mining

lol

I too think crypto is like meth

/s cause I don't want any bs from people

funny certificate

laugh()

laugh track

seinfeld theme

Hey I’m starting to dabble in malware analysis. Nothing too fancy just getting my feet wet. Right now I’m installing ghidra, should I learn to code first? I understand the very basic things of python and that’s about it but I can’t make any programs or anything more than a few lines of code. Looking for any tips on getting a started. Helpful pre requisites is what I’m looking for 🙂

What I’m asking is how advanced does my knowledge of what language(s) should I have to be able to take things apart

I'm not into MA but according to what I've seen it's essential to learn/have knowledge in C so you can write your own basic program and decompile it to understand how things work in Assembly first

tl;dr Learn C

Appreciate the works my guy. Will be looking into C then

Anytime, there is a Reverse Engineering server so if you need an invit you can ping me

I will take an invite 🙂

I'll send it in pm if you don't mind, not 100% sure if it's allowed through channels

It's explicitly prohibited in the rules.

😄

Man I wish I had business ideas

I'm an incredibly economic person who's interested in management and marketing but I just cannot come up with a business idea

And if I come up with a business idea the SWOT analysis is a big negative

Like AI freelancing for businesses
Strengths: I know how it works
Weaknesses: I do not know how to apply it in the real world
Opportunities: There's local businesses who may want it
Threats: there's always some online person doing it for 1$ an hour

Please be my guest 🙂

Friend request sent

accepted

Grab the e-book of "Hacking: Art of Exploitation"
Just the first 3 or 4 chapters of it should be enough to get you started.

I can recommend NoStarch's malware analysis book too

ooh noted will take a look

i will be looking at that also thanks james 🙂

And from this AoC3 challenge. REMnux looks like a good toolkit after you've done that.
The barrier to entry is a LOT lower than people think fortunately if you have any scripting background.

Is reading books the best way to get into cybersec?

I'm currently reading cyberjutsu and I like it, but I feel like it's mixing stories with important information

Which I don't like, because I want both ones seperated for efficiency sake

It's a supplement to actual work experience

hi

If you mix personal stories with technical information it makes it easier to understand and remember

Hmm I guess you got a point there

AoE is less a book you read, and more a book you do.
I suspect the malware analysis book is similar.

Hi

Bit of both for the malware analysis book.
It's a lot of useful information, with practical exercises

Have some tryhackme memes:

https://www.reddit.com/r/tryhackme/comments/rm4ye1/hacking_tryhackme_with_skills_you_learnt_from/
https://www.reddit.com/r/tryhackme/comments/rluf62/inception/

https://youtube.com/shorts/WjdZNPZ1SXo?feature=share

Is the pentest+ harder than the OSCP?

When I look at it's curriculum it has waaay more theory

https://i.imgur.com/neGaPwr.png

IMO the OSCP covers more practical things like exploits et cetera

question for M1 owners, is it practical to get one for pentesting?
I am considering buying a macbook 13 '' I7 intel cpu, should I get that or the M1 for pentesting ?

haven't taken the OSCP so not really an objective take but CompTIA tests are generally "hard" because of the sheer amount of memorization they generally require, doesn't mean you are more of a pentester than someone with OSCP but it just tests you differently

if they haven't fixed virtualization I wouldn't touch it with a ten-foot pole

depends on what you plan on doing pentesting-wise. there are arm versions for kali and parrot and the m1 is generally quite powerful (also for compiling and programming). but some areas like malware analysis or reverse engineering that largely run on intel architecture will be harder to accomplish on m1 (or not at all)

I wouldn't take an m1 if you paid me.

I would. Been fancying trying some MacOS hacking for a while now

As a daily driver? Nope

m1 or Intel?

thanks 😊

Gave +1 Rep to @strange nest

so you guys know that for example, typing “vim” in any directory will open the text editor? Is that what adding something to the path variable means? I don’t fully understand this but the more programs I research the more this comes up so I really want to understand the Whole path variable bit as much as possible

Ooohh while on the subject what do you guys think of this? Close friend said I can get any laptop for Christmas and this was my choice. I plan on wiping it with a red key and installing kali or parrot

^^^ pls ping

spend hours on THM with little completion

ye path = directories ur shell wil look in for other programs that you don't provide full path to

attacking wise: changing path var and writing malicious programs then renaming them to legit one can lead to a script executing your malicious program cause its the only one with that name in path variable.

Interesting thank you

Either 🤷‍♂️

What do you currently use?

MSI GS66 -- same as I would after getting a Mac

Literally the only reason I would want one is to practice attacking

Oh no it's vulnerable to log4j

What is? Kali?

Not the only one necessarily, just the first it finds. And not just scripts. Calls to system() etc.

comment on the topic of 13"(inch) laplops vs 16"

16" would be way too big for me. everything above 14" is just too bulky for working in transit etc. i prefer 12 - 13"

I used a 12.5" Thinkpad x230 for a while

Swapped to a 14" latitude 5400 and I'm happy

I have a 16 and thinking of getting a 13 one cause lighter

I went from 15.6" to 12.5" for a massive weight reduction, then to a 14" that weighs about the same or less

what do you think aboutbthe new mac screen ratios,(more squared)

I personally like 16:10 but I'd never buy a mac

Are the macs like 5:4 or something?

i personally prefer portability and plugging into screens wherever i can

14" model on far right
13" model on far left

oh my god the notch

Yes, gross

i felt cringe when i saw it but it actually kinda nice

i likeit now

Probably get used to it. same as with phones

u don't notice it much and if u want u can disable it cutting top bar and everything get shifted down

and i suppose it's true black, so you don't notice it much

yess

you might disagree on a lotta stuff apple does, but they do make nice screens and thats a fact

framework looks nice IMO

Apple makes good hardware, but they're way way overpriced

I thought about that before I ended up with a Zbook.

How thick is that thing? Does it feel/look hefty?

ama get 14 inch macbook pro intel í7 and pay my kidney

your kidneys are worth more than that

so i finally finished the Complete Beginner path (yay). what would you suggest doing next? i think putting all the new knowledge into practice would be best before enrolling in the next learning path. where can i do that best?

I would have a crack at cyber defense or jr pen tester (depending on if offence or defense if your focus.) Well done on fishing the beginner path!

thank you! i think i am gonna go with defense since i'm pretty interested in forensics 🙂

//n
"N' bb vb bv vb bv lll[[[[[

Hey team, I was looking for courses for CompTia certs, and I came across https://stacksocial.com/. Does anyone have any input on that site and it’s training? I don’t really have an issue with paying 600-900$ for the official courses, but this seems dirt cheap to not search about it. Thanks 😁

rip moocow, you will live on forever as energy in our bodies

okay im really sorry for this but just to be clear. If i install a program and want to be able to call said program / script without having to navigate to its directory, i simply add its full directory path to the PATH environmental variable? And its as simple as that (non pentesting scenario)

And pentesting wise, if lets say a SUID binary has root permissions, i can change its $PATH variable to lets say /bin/sh for example and gain a root shell?

That's kind of not how environment vars work

Sorry for the ping, wanted to include the past convo for context

so the environment var is scoped to a shell instance

so once i close said terminal it resets to default???

when you terminate the shell, whatever you have set for a env var goes away - such as modifying $PATH

so how do programs like VIM and subl text editor work then?

settings a standard $PATH may look something like this, from a .bashrc or .zshrc file: export PATH = /home/<user/bin;/usr/bin;/usr/sbin

modifying that var while preserving the old data: export PATH=/new/path;$PATH

by pre-pending your change, the system will look in that area before looking in all the other directories

I feel like its on the tip of my tongue but its just not clicking

im really sorry

a binary may set environment vars within the scope of its own execution as well - this is more common with desktop or GUI applications

You don't need to apologize, you don't know yet 🙂 asking questions is how you get to know

Yeah but i feel like that one guy ya know?

Any good sources where i can research this that you would happen to know off the top of your head? I tried researchon my own and its making less sense than you guys are here

The GNU docs are a good place to read up on, but it may feel like drinking from the firehose https://www.gnu.org/software/libc/manual/html_node/Environment-Variables.html

thats really how it was on my own so i came here for help 😦

This is context-specific to C, but a lot of the idea are transferable

Lets move this to #infosec-general , so you aren't slowmode limited

If anyone has any more input in the matter please ping as it will be appreciated

i believe those ; should be : or do ; work in path? im afraid to try 😛

semi-colon is the separator, IIRC. it's super easy to check in the terminal though

i just did, echo $PATH first so i have an original to go back to, but export PATH=/tmp;$PATH && echo $PATH shows /tmp only

and what would you call the process here? the command parser?

command execution?

I believe what's happening is the semicolon is treated as a pipe or whatever the proper word is, to my knowledge semicolon is the proper seperator for the path variable
Edit: only just came back to this and realised I said semicolon both times, meant to say colon is the proper separator

Definitely full colons in my path.

Semi Colons are commonly "end of line", used so you can run several command sequentially.

Yeah, I'm mistaken then. : is the correct separator, ; is the end-of-statement delimiter

Yep

nope'nt

not not !No(Yesn't)

I was looking at the top 50 peeps profiles and this guy caught my attention, I have no idea if he is trolling (to see what I mean go to his website , see his certs and resume)
https://tryhackme.com/p/AFVANMJ

main stuff that caught my eyes:
expertise in so many areas
bad english

how is this even possible in one year

how it feels to chew 5gum

casually

OS CDeezNuts

what even is OSCD

is that the new Mac one

no its a subway new menu thing

Probably he did not bother to write the exact dates. 🙂

and maybe he doesn't need English. Think about Kojima, he literally has a studio at Sony and yet he still doesn't speak English.

Doesn't really matter: even without the obviously fake certs on it, chances of it being rejected immediately by recruiters are really high.
A) it's cert stacking, plain and simple. Getting certs for the sake of having them doesn't impress anyone, and you can't absorb information that fast.
B) with the number that are there, that is 100% fake. There are 39 certs on that list, including the ones that don't exist and several certs that take at least a month to prep for. To do that you would need to sit just over three exams every month and not fail any of them -- that's about 8 days of prep time for every exam. It's simply not plausible.
If it is real then this individual would have to already be an expert in all of these areas, in which case they would also know about cert stacking, as well as how fake that list looks. It stinks of inexperience, which contradicts that.

In other words, don't worry about it. It will do them no favours, and indeed will likely give recruiters a good laugh before they toss it in the bin.

He probably thought it is Offensive Security Certified Developer lol.

Does anyone know how to set up QoS on ZTE router? I understand how QoS works and I know exactly what I want to do. I just don't get the interface of ZTE router. If anyone can help me just DM me and I will send you screenshots of the rotuer settings. Thanks in advance.

My brain can't accept there isn't a ctf in this ad
https://youtu.be/Wav_1mqY5ZU?t=20

oh god

true, another point being they listed certified for some things but for OSCP stuff they just mentioned "training" so whatever that means, bought course maybe? so it might be a little misleading

goes into diabetic coma

https://tenor.com/view/super-smash-bros-ultimate-super-smash-bros-captain-falcon-ramen-ramen-noodles-gif-17585089

why?

https://tenor.com/view/me-gaming-we-do-a-little-gaming-we-do-a-little-bit-of-gaming-gif-23897236

ama post some nice gifs so ^ gif can go away

https://tenor.com/view/cat-power-cat-cat-pillow-repost-this-post-this-cat-gif-23865940

https://tenor.com/view/uwu-owo-owow-uwuu-gif-23842323

Does an app always react the same to HTTP headers like text encoding?

Or can it be altered by a programmer or server type?

i guess it can be altered in server side logic to return different response to clients

That's usually accept and content type headers

@obtuse marsh do you know if I can implement royalties in ERC-20 tokens?

Basically if you transfer the token 5% of that transfer goes to an address is what I want

Ideally I want anNFT but with the liquidity of a token I think

Once you find the email sender's IP address, where can you retrieve more information about the IP?

It depends on your goal

@burnt night :dancedance:

bro it is try hack me question

like i know whoip website

How is this a TryHackMe question?

I completely misunderstood lol

Room URL, task name?

wait

Phishing Emails 1

Learn all the components that make up an email.

Task?

4

Ah, I found it.

I was gonna say I remember doing that task, th header one?

I would suggest that in future you format your questions because unverified users asking questions like that is super sketch

Also #room-help :p

ok

I'm not sure how one would do that given ERC20s are meant to be currency tokens and I haven't played around with the idea of royalties on chain either.

bilingual people i gots a question

when you read something in your "second" language, do you read it in that language? or do you translate it back into your native language as you're reading it?

I'm barely literate but from what I understand with learning a second language, it depends how well you know the language. When you're starting out, you often translate as you go but as you get fluent you'll be able to process the language straight up

I read it in that language but the translation into my native one is "automatic" & done in the same time, so I guess it's a mix

oooh interesting, thank you for that :D

I think in that language....sometimes I forget words in my native language, but remember in another

English is my second language, but when I'm reading or hearing it there is no translation going on in my head. But other languages that I'm not fluent yet there's more processing, when I need to think about meanings

It's even more fun when you know more than two...then it can be a real scramble sometimes with words...funny how it helps to remember things when it's somehow associated with another language

it's so interesting to me how you can just do that, hopefully i get to that stage within a few years so i can understand properly 😅

Fluency is a big thing

For example swedish for me is like so that I can understand it pretty well and even speak to a somewhat good degree, but can't really produce text for the life of me

Sounds like my Swedish, I understand it, but producing it takes some work

native swedish person here.... and even for shadow it is sometimes hard and english is easier

probably has to do with how much shadow browses the web and uses english

Sometimes things just feel easier in English than in my native (Finnish). Probably the same reasons spending so much time using English

almost asked a question in here that would stir up potential problems just now but lets avoid it for the reason of keeping this chat quiet

I do understand english in english for the most part

If there's something you want to ask relating to swedish/finnish you can always dm :)

maybe i should switch everything up to spanish to see if it helps

Yes

Well the former, when i speak or write in French or English there is no translation for me.

But I grew up with both languages simultaneously so I may be just weird

Though my French is definitely weaker than my English

Even though I technically learned French first

That's normal, I know folks brought up with three languages, and within their own community they will constantly string all three languages together to form sentences, without even realising the language switching.

That happens as well

I read it in the language I'm seeing

Thank you

Gave +1 Rep to @dusty sleet

For those that use notion, especially for writeups what are some of the features that you use for both general note-taking and writeups?

i actually went from notion to using obsidian... I loved notion for its ease of use, but my goodness obsidian is just so much better, so much cleaner, easier.. best of all its all in md format, so if you wanted you can just create a site from it too.

Until defender breaks everything when you copy a pho rev shell into your notes

any begginers hackers that are looking to team up?

anyone?

Hmm that's fair I'll definitely check out obsidian thanks for the pointer!

Gave +1 Rep to @stiff oracle

Give ur tryhackme Id i have begineer team

Me too.. I am a beginners

🙃

probably 😛

Most of your problems are already solved. I’ve only encountered AV deleting a note once. Set an exception and have never had a problem again. If you think setting an exception is bad then you can have a longer conversation with me where I rant about that. The preview and edit mode is still present but it’s really not bad ctrl + e makes it seamless there is also now rendering directly in the editor so no need really to switch back and forth. By text size I assume you mean headers? Most of those can be easily done using plugins or templates. You just need to spend the little time to get obsidian to meet your needs.

Not sure if the is a better room for this... Wondering what hypervisors folks are using. I was using ESXi on my servers and VMware workstation on my laptop but the new minipcs I was going to use have Realtek NICs and drivers aren't getting any support with a vmware fling.

virtualbox

I mainly use QEMU-KVM - on my sole windows PC, I use vbox. I'm in the processing of rebuilding my homelab hardware, considering making an attempt at OpenStack but more likely proxmox when I get around to that.

I would like to migrate away from virtualbox, but tbh, it works and I haven't spent a lot of time researching other options

I like VMware better than virtualbox

same, but virtualbox is free

vmware is as well. Workstation Player.

ya, but that one ain't as useful as virtualbox

Virtualbox for testing and devving, VMware for general use

VMware's performance is outstanding

I use both tho. Workstation Player for a kali machine I use on THM and what not, and virtualbox for labs

Try out virt-manager if your on Linux, can also convert all of your current images to qcow2 or raw images (which it uses), prefer it to VMware and Virtualbox personally.

will take a look, thx

virt-manager is just a frontend to a QEMU-KVM backend. virt-manager can also connect to a remote hypervisor host, it doesn't have to be local

ooo, nice

Sorry only saw what @spark sun said there yeah virt-manager is QEMU-KVM

Also yeah I use proxmox for everything else its wonderful 😄

Hands down the best converter for image filetypes is vbox though. VDI, VMDK can break stuff pretty horrendously, Vbox is the most reliable hypervisor tooling if you need to do a conversion locally

I don't do a lot of conversions, but I do often work with the UI on the server

I have my THM kali VM on my laptop in case i need to go travelling and when I plug my laptop into my network i can spin up my VM from the laptop on my desktop for the dual screen comfort.

hi

Vmware can export to ova well enough

Vbox doesn't play nice with HyperV despite the marketing saying it works

My biggest headaches have always been hyper-v --> anything else conversions

Not even talking conversions, just having hyperv or wsl enabled breaks vbox

oh, that's true

i have hyperv enabled so little, i didn't even think of that

Vmware works though

until vmware stops working because your enterprise pushed an update that made the current version of vmware stop working

That's a different issue

and you aren't allowed to manually update because even though you have local admin, you are not allowed to use it

yeah

Well, WSL2

that's most of my frustration with VMWare WS Pro. Broken corp management, not the tool itself

WSL1 is just broken

Why is vbox better for dev/testing? I haven't used it since BackTrack was a new thing so I haven't kept up with it as a product. Work pays for my VMWare Workstation license so I havent needed to look for free alternatives on desktop side. Just looking into baremetal server options. I get vmware vCenter for free but it lacks support for non-enterprise scenarios. I have two Intel NUCs on order but they have been backordered for 10 months now.

It might not be, I was just stating what I used, didn't say I thought it was better 😅

proxmox has been really nice as a baremetal option but really depends what you are trying to do

proxmox is a type 1 hypervisor, right?

yes

@burnt night, sorry to annoy you with this ping. Can I have ur help please ?
I would like to unlink my THM account to this Discord account for relink it by another one (@weak halo). Can I have your help, please ?
I don't know who to talk about it, or where, and I see you write on the #general. That's why I ask to you.
It's not urgent, I can wait if you are already busy !

Btw, I'm very sorry if it's not the place for asking this. True is, I don't know where to ask.
And I don't want to DM, out of fear to annoying you.

post in #site-support and don't tag James

Oh thanks ! I'm sorry again.

@brisk grove Back?

Hello, as creator Is there any possibility to get a full Chart (charts are max 10 users) ?

Ah true, you didnt say it. For some reason I read it as one being better than the other. Lack of sleep I suppose.

You should catch up on your sleep if you haven’t been

Probably a good idea. I need to pace myself on rooms. Set a goal of the 365 streak. Cant burn through all the content in a month.

I burned through a ton of content in a really short time and all it did was make me irritable, tired but more importantly start to struggle.
I was so burnt out that I couldn't focus on rooms and I was making silly mistakes, started to make it harder to progress.

I took a 3-5 month break because I couldn't get back into it and after all that time I came back into it slowly and the amount I was taking in was massive.
Sleep deprivation and overwhelming yourself with content honestly just sucks the life out of you lol

tldr
slep eat , don't overwhelm or life vaccumed

Take a look at the stats tab in the manage room page :)

Hello, what exactly was advent of cyber event? I missed the same. Will there another one anytime soon?

Advent of Cyber is an event that corresponds with Advent, the holiday. It's used as an introduction into the world of Cyber with new challenges everyday during Advent. The event is an annual event

So the next one will be during Advent next year

@true sundial AoC3 and the past ones AoC2 and AoC1 are now just normal THM rooms with a survey of 20-24 topics now. You can still do them. The part that passed was the chance to be in a prize raffle.

Is using double hashes a good way to prevent cracking?

So basically hashing a hash of a password and storing that in a db for example

Only if attackers don't know that it's happening

how can i start for ethical hacking

work through the learning paths https://tryhackme.com/hacktivities. Start with Basic, pre-security, then jr pentester. There is a lot of overlap but more practive the better

thanks

#start-here

why does sosumi macos suck so much

and how to make it usable

I didn't know that existed tbh

MacOS kinda hates being run on not mac

tru

what do you think of tthat: https://www.freethink.com/series/challengers/right-to-repair?utm_source=facebook&utm_medium=social&utm_campaign=BigThinkdotcom&fbclid=IwAR1H6XVEvTb6HtBwOBIOC_sSzy0-YHJI50B0jkNygDQt67Ba2Yuc5iL-7ug ?

I really like the concept

Main downside for me would be lack of discrete gpu

At the price-point I configured I could get a similarly spec'd RTX 3000 series laptop

$2,200 for i7 (4.8GHz, 2TB, 32GB RAM

Could get an ROG Zephyrus with a Ryzen 5900HS, 3070, 2TB, 32GB RAM, QHD display, for $2,199 on newegg right now

why is snort so difficult to install on kali i hate it here

imma try out suricata i guess...

i mean i guess no one that needs snort uses kali but still jeez man

Any tips for note keeping while studying. I keep underestimating its importance

everyone seems to be recommending notion.com or cherrytree for offline notes
just try to note down anything new you learn(doesn't have to be report ready, just a note)!

thank you, I will check it out

Gave +1 Rep to @gray jetty

Pretty sure that breaches ToS

hrm?

cc @gray jetty
Notion is gorgeous but leaves you totally reliant on the website being reachable / available.
Cherrytree is brilliant, but starts crashing big time with big notebooks. Also virtually impossible to export out of.
Joplin is meant to be pretty good. A lot of people use Obsidian, but it's less good if you do any Windows stuff because it stores in plaintext that gets yeeted by AV.
Trilium is objectively the best.

Have you started Wreath?

not yet, I have been finishing a project that I was working on before I found THM. Lost my streak a few days ago 😦

probably start on it today

I'll definitely check out Trilium. Thanks

Gave +1 Rep to @quaint basin

Well, I certainly don't have the experience you have, thanks for the info!

Gave +1 Rep to @quaint basin

the 1st few tasks are basically a walkthrough right?

Your absence has been noticeable :)

Yes. Basically, I have a silly question, I asked in #wreath-network - maybe you are gonna have the patience to answer :-/

yeah, THM kinda took over my life on december 1st lol. Since the daily challenges were done I figured I would try and finish up a few things before diving back in

about the perl command?
just scrolling through that room atm

Yes. I literally copied/pasted it from the exploit (filled out the variables for IP and port). People think it's weird trying to do it manually if you have a script that can do it for you. Hm.

lets talk about wreath in that channel

i do the same thing you do. Use an exploit to do whatever, then go back and understand the exploit and in some cases write my own simple version.

even in vm?

Anything that isn't baremetal Apple hardware, yes. It must be licensed and installed on an actual Mac to be legal.

Even Amazon have to abide by that -- their MacOS EC2 instances all run on Mac hardware.

anyone know how to run a cmd command in windows every 5 minutes? having a hard time finding the info on google :/ maybe im just bad idk

also on startup. like a crontab but on windows

Task scheduler can be used to do both of these

thank you ill look into that 🙂

Gave +1 Rep to @woven patrol

Ah THANK YOU SO MUCH AGAIN!!! although I still needed to research a lot of topics I successfully made a task to fetch a file from urlhaus api every 5 minutes and save it to a file to use as a ruleset for Suricata. I feel good about myself 🙂

Gave +1 Rep to @woven patrol

big step for me

ah i came across a small issue if anyone can help. the script works beautifully but now the cmd shell created a popup. any way around this or no? :/

PowerShell or cmd?

cmd

PowerShell you can use -windowstyle hidden to avoid displaying it. CMD I don't think has that option or an equivalent

There's probably a way to run it in a new session somewhere, or you could write a service to do it for you (or run it under a different account)

PS doesnt have output redirection, and i dont know any other way to do this command, but ill look into it thank you

It doesn't?

i dont think so

What format is your script?

curl https://urlhaus.abuse.ch/downloads/suricata-ids/ > C:\Program Files\Suricata\rules\suricata-ruleset.rules just a simple curl into a file

Oh, then that is very easy

Change that to be:

powershell.exe -nop -w hidden -c "iwr https://urlhaus.abuse.ch/downloads/suricata-ids/ -o C:\Program Files\Suricata\rules\suricata-ruleset.rules"```

That outta do it

Assuming you have PowerShell >4 or whenever they added Invoke-WebRequest -- there are other ways to do it though if not

why do i have to specify powershell.exe in powershell hmmm i have so much to learn

You're doing this in task scheduler, yes?

oh ive been getting that error does that mean i just have to upgrade, yes in task scheduler

Task Scheduler executes commands through cmd.
Hm, come to think of it, that will probably still flash up a command window, but not for long

i can do some more research, thank you for the knowledge once again Muir

Oh, apparently it's even easier than that
https://pureinfotech.com/prevent-command-window-appearing-scheduled-tasks-windows-10/

oh darn it took you 2 minutes and ive been looking for like 25 smh

Turns out there is an option to do it in Task Scheduler. Gotta love Google

If I use an IPS and IDS like snort or suricata in a vm can it still capture my host machine? I don’t see why it won’t but I just want to be sure. I want to learn how to properly implement these rulesets and using them on windows is a pain in the ass and has costed me hours and hours of troubleshooting with very little improvement

I thought I finally got somewhere with suricata but turns out it needs to be compiled in Cygwin which in and of itself has costed me the past 4 ish hours of troubleshooting

Would be easier to just install a centos vm for the sole purpose of learning to use these programs but absolutely zero traffic happens in my current vm’s besides tryhack me and such so it would be pointless if they can’t detect traffic outside of VM’s

You know what. I bet I can google this give me 2 seconds

Apparently yes but it’s very very complicated ugh

If I expose 3389 for rdp on my home router, would it be likely to get hacked if I used a strong password?

no

update everything to latest version

also u are already exposed lol

is xrdp safe since its an open source version of rdp

we wouldn't know unless there is a public cve of any of them so either is fine

thanks

ya hala

Not sure if this is allowed but I am trying to do a reverse shell with telnet on my router using routersploit.
But I am not sure how to access it using a backdoor with telnet. I tried nc -lvp 4445 but it doesn't work but I think that is for ssh. Any help?

[] Running module exploits/routers/netgear/r7000_r6400_rce...
[+] Target is probably vulnerable
[] Invoking command loop...
[*] It is blind command injection. Try to start telnet with telnet telnetd -p '4445'

[+] Welcome to cmd. Commands are sent to the target via the execute method.
[*] For further exploitation use 'show payloads' and 'set payload <payload>' commands.

I think the AoC winners list have a bug

my name isn't there 😭

Nope. That is intended.

brutal haha

effectively brutal o_O

Critical

bruh get a pentesting permission next time

I have a .snap file in my ubuntu . How can I install it?

snap install file.snap

Santa brought me no gifts this eve.
I am the grinch on the next one.
https://youtu.be/o_hjXmiJLAw

Figured out that ssh issue; was my own vpn betraying me @final gulch

hi, guys i'm a bit confused what does this command do "cut -c 4-"

i'm looking at it, the way I understand it since -c is select only these characters is only remove character "4-"?

Hm :) Look at my screenshot

okay, i got it. thank you very much!

At the output.

No problem

in man cat
-e equivalent to -vE, what does this stand for?

So go to the entries for -v and -E

What are "tickets" used for. I see there are some on my public THM profile

Nothing at the moment, there is no ticket event running

is it going to be in close future ?

No idea. I'm not site staff.

Question:

me rn

I want :

I tried this logic flow and it doesn't tunnel openvpn through the proxy at all:

why do you want to proxy VPN traffic thru Squid? Its more designed to cache web traffic

What is a more suitable proxy server then ?

I just wouldn't proxy VPN traffic in that scenario at all

You want to MITM https or what?

No I want openvpn UDP only

You want to MITM OpenVPN?

not really, what I really want is away to access an openvpn connection through a proxy
be it:
local openvpn packet -> proxy -> destination
or preferably:
local packets -> destinations
local packets that have the destination as the openvpn accessable devices -> proxy that is running openvpn -> openvpn packet to destination

Set up a segmented VLAN. Throw the VPN on a device designated as the default gateway. Assign things that use the VPN to that VLAN

I have an azure server, sorry but I understand very little of what you've said, Where should I start ?

What the real REAL problem is the following:
It was a peaceful connection in the land of ogolashia

Then out of nowhere a great evil came upon the land,and with malicious intent and merciless eyes struck the connection to the heavens with a great hammer:

And since then the people of ogolashia are denied the blessings of the heavens under the rule of the evil ISP

The real solution is to talk to your ISP.

Don't try and bypass their restrictions. We WILL NOT help you with that. They're in place for a reason.

I don't even know what you're trying to do, but this narrative makes no sense.

excuse me trying to forge literiture while going through cryptic documentation

😄

Someone blocked OpenVPN on their network and they're trying to bypass it.

to end the story:
A mysteriuos figure appears:

Fibonacci blackhat? 😄

Yeah, I hoped it wasn't, and it was just a really bad way to ask about site to site VPN.

answer in next comic 🤠

I'm just going to ask you to stop here.
It's at best unethical and and worst illegal to help you bypass the restrictions. TALK TO YOUR ISP.
If you don't stop, you will be muted.

i accept my fate plus I won't discuss your policy nor ill try to etc etc, but please do you know of any reason an isp would block udp packets but not tcp?

Talk to them...

I am trying to talk to them for 4 months now, you can even see that in official emails I sent to thm, problem w my isp is they always let you to talk to customer support only to tell you to restart the router ,no real explanation whatsoever

hence why i am asking u

Then you're not talking to the right people.

And again, no asking here.

ok.

Does RSA use a key derivation function to generate a public key based on a priv key?

I'm trying to understand a diagram in https://tryhackme.com/room/zer0logon

Session key = KDF(secret, challenges)

RSA needs a key pair, they're generated at the same time

I have a blog post on this somewhere

Go search RSA on my blog

anyone know of a good tutorial for setting up an openvpn server? I am using a dd-wrt router if that helps?

Have you tried https://youtu.be/04EmeXSZo_0 ? Iam always using that for my setup. ( It's been a while )

Again in https://tryhackme.com/room/zer0logon: why does the script have a loop with attempts?

@celest cairn Explain thyself!

Why is the attack up to chance? I thought it was all cryptographic and thus be just math and thus be not up to luck

probability still plays into it which is the element of luck

you have a 50/50 chance to win a game of heads or tails, but theoretically, you could never win

the same kind of thing happens here.

Ahh okay

I just went back and read

When an attacker sends a message only containing zeros with the IV of zero, there is a 1-in-256 chance that the Ciphertext will be Zero.

does it have to do with this?

yep

that's exactly it

that was the programming error on Microsoft's end that caused zero logon

that 1/256 chance

chance isn't the right word, I dont think

https://www.secura.com/uploads/whitepapers/Zerologon.pdf

page 4 and 5 has the specific details that I don't recall right now

Ohhh

Using AES-CFB8 with a fixed IV of 16 bytes of zeros, Tervoort discovered there is a likelihood that one of every 256 keys used will create cipher text that has a value of all zeros. This is an exceedingly small number of keys for the attacker to try to create cipher text of all zeros. It would take just a matter of 2-3 seconds, at most, for the hacker's computer to do this.

wait so it's just trying to make an int8 or whatever 00000000?

I think so

hence the 2^8

it's been so long since i've looked at the exploit lol

theoretically, I think Zero Logon is still possible, but the odds of it are just so low

oHhHh

unless they've written an exclusion for all zeros

Welp now I finally understand what IV does in AES

so that's that