I need your help fags im blacking out I managed to own a user and the entire system, but its all part of a much greater network Forget bruteforcing other ports, what would you generally look for in an owned machine, nmap excluded
Kayden Nguyen
whats the role of the machine? I'd just listen quietly and see if you can write to a local file or socket somewhere for keystrokes. see if you can find some logins to their intranet services?
Josiah Baker
No its not an active machine, I used a few exploits to get in, its got a bunch of services running, listening has no real sense I tried to get other users' credentials in case they were also the same on other machines too, but to no avail Most of them are behind a firewall so I cant really run exploits, and the one I am into now is airtight so no internet even if I have root
Hudson Wilson
protection bumb
Lincoln James
Is it a user machine? Is it a server? From what you wrote I'd say you hit a honeypot. Hope you used a VPN user!
Andrew Jones
So does anyone know of any hacker themed rpgs?
Anthony Russell
Asked this last thread, got some good input so asking again: how can a hacker make money, apart from having a literal pentesting job and looking for bounties?
Grayson Walker
Use your imagination mr fbi
If you paid any iota of attention to the last thread you would have seen a way...
Jaxon Baker
So, I finished the bandit ctf, and I want to get in further, preferable with web app pentesting. Can anyone recommend a good CTF for me? Inb4 the web application hackers handbook; I've already read it.
All good man. Some of the other ones there are like bandit on steroids; GRACKER comes to mind
Ayden Diaz
Nice, thanks mate
Parker Mitchell
Those OSCP videos better be good, I've been torrenting them all day
Cameron Roberts
You’re in for a disappointing time. They aren’t the be all and end all, but they are something.
Angel Powell
Dammit, why do we have such a big archive if its not primo stuff? Oh well, I'm at 85% downloaded, might as well finish it
Henry Hughes
alright fellers I have a question
say I can get a JSON string like this: {"status":"success","verified":false,"data":"Verification code has been successfully sent","email":"your email","count":false}
How feasible would it be for me to be able to alter the query string parameters so that the actual associated email address from the "email" field is returned?
I have access to the id values I need, I just want their associated emails.
>nessus >netsploit >snort >Ida pro So if you're broke and want legit software for ctf at school, the fuck do you use? Every ctf intro seems to recommend a couple thousand dollars in software investment.
Samuel Parker
>why do we have such a big archive if its not primo stuff? Uhhh
Because of all the other shit in the torrent..?
Did you even look at the contents before adding it?
Brayden Miller
it's not on their api path, and it's definitely not in the documentation
Jason Nelson
After 2014, they started watermarking the videos with usernames if I remember correctly. That way if vids leak, they know who to revoke certs from.
Ethan Bailey
btw do we steel have Fucko thread? Just curiosity.
Matthew Jackson
Lets talk about remaining anonymous. Tor Bridge -> Jump box How do you get the jump box? VPS paid for using tumbled bitcoin? Any VPS providers that accept something anonymous like XMR?
Andrew Campbell
I had to crash, couldn't even think Its a server, as it does serve a web page >VPN Always
Carson Brooks
Ida free is more or less just as good unless youre god Burpsuite pro is cracked
Henry Morales
Did you read my post? I was in the last thread; I'm just wondering what other people have done
Julian Sanchez
Yep, when you receive course materials they are watermarked (vids and pdf). Can only speak of oscp/osce though
Wyatt Morris
thanks
Parker Peterson
But let's say that it isn't a HP. Since you wrote that you have root on the machine check what the website serves. If it looks at least half important try to corrupt some small icon on index or something and see if it gets fixed and if yes how fast... Give it a day or two. This gives you an idea how they handle this server and how much you can do without being noticed.. Also you'll get incoming connections so be sure to listen on the important ports. That may be a way out..
Jack Myers
i've been messing with radare2 since earlier today. seems to be a pretty complete framework as far as free frameworks go. took me just an hour or so to get more or less the hang of it, i'll need at least a couple months of daily usage to get decent at it but it seems to be worth it.
just in case you give a shit, imma post the resources that I'm regularly checking when I need guidance:
i think it's obvious, but I'm gonna say just for the sake of it, my reply only offers an alternative to IDA
Michael Peterson
>I was in the last thread Then you’re a fuckwit. A money making tool was posted.
Michael Rogers
Hacker is someone who has skills to solve problems, not break security.
Josiah Johnson
your security is my problem
Jayden Ramirez
Then you're a cracker.
Connor Adams
by that logic, so are developers of remote maintenance products that tunnel their traffic through HTTP(S) if they cant get out. Or Microsoft (/Mozilla/..), using their update mechanism to ship unwanted software almost nobody would install otherwise.
Tyler Carter
>hurr durr, using developed functionality and breaking/bending security is same thing kys faggot, you'll never make it
Michael Taylor
>unironically using kys Get the fuck out of here you double nigger
Jason Campbell
>being angry because was told what to do on the internet no, really, kys brainlet
Chase Perry
also: >being honest is bad You should fuck off, cunt
Mason Ortiz
>getting mad over criticism on the internet
Benjamin Johnson
>implying I'm not always mad anger is mu fuel, cunt
Luke Butler
Ida Pro 7 was leaked, you just have to look for it on the internet. I think a lot of CTF teams pirate it, it's just that no one can admit they do that.
Jacob Brown
It was a listening thing after all It sent some encrypted shit via cron that I managed to crack and got the other userID and pass through poisoning :wq blogpost
Camden Gonzalez
is it worth learning all this just for the hackerman meme?
Camden Watson
This is perhaps the single most fucking retarded question I have ever seen, and I hang out in /sqt/
I've got a CTF challenge where you have to update the site's DB yourself to get the points.
The only obvious clue/red herring is that a specific word in the challenge text switches between various synonyms with each page request.
There is a text box to input your "answer" but none of the SQL injection stuff I've tried works
Luis Ross
Lmfao, how many people do you know that (a) conduct BTC transactions on public computers (e.g. a library), (b) are regular BTC users and yet don't care about security (removing the possibility of remote installation through a exploit over a WAN), or (c) are regular Bitcoin users but don't check and recheck the start and end of adresses when making transactions?
Aaron Rivera
bout to create a live usb for CTF practice (getting used to using a new laptop with a clean install) Already used to Ubuntu, bash, basics. Recommend sticking with Ubuntu or switching to Arch?
Dominic Butler
Correct me with an alternative if I'm wrong, but you'd need a huge as hell botnet (of bitcoin users!) in order for it to work.
Say there are 20m btc users worldwide. 65% of the world population of 7.6B is 15 or older, and only 43% of the world has a computer with internet. So the probability that any infected computer part of your botnet is a Bitcoin user is 20m/2.1242B = .0094; lets round to 1%. Now, assume 50% of Bitcoin users check the address (the proportion is likely much higher). Then the probability that your target is a Bitcoin user with bad transaction habits is .005. You would need at least 919 people in the botnet to be 99% sure that at least one Bitcoin user with bad transaction habits is within that botnet. Does this seem feasible to you? This doesn't even take into account that bitcoin users are probably less likely than non-bitcoin users to get infected in the first place. Furthermore, we don't even know that our victim is a regular user; we may only capture his $30 transaction on Purse.io, which would exceed the cost of acquiring a good botnet.
Hudson Allen
Arch is not the distro to use, unless you mean BlackArch. Consider Kali, Parrot, or BlackArch.
Ryder Hernandez
Apologies. Yeah, I did mean clean install of Arch loading BlackArch ring/kit over it.
Zachary Parker
That would work, but Kali is definitely well supported with lots of packages and distributions. There's even an anonsurf port to Kali, so you won't be missing anything.
Even OSCP's roadmap entails Kali, and you probably want to get to being a hackerman instead of spending years configuring Arch.
Christopher Baker
Not gonna lie, comp eng. major so I never planned on OSCP, CTF or any of this shit. Just wanted to learn a lot of the programming skills I was missing (RE, crypto, secure dev.) The more time I spend on this shit though, the more I wonder if I'm heading the wrong way. Thanks for the recommendation. Was avoiding Kali because of the memes, but I'll download and give it a shot.
Isaac Jackson
hey. i was starting the bandit game and got a pretty much streamlined experience until bandit6 password which is like hitting a brick wall. hard.
" The password for the next level is stored somewhere on the server and has all of the following properties:
owned by user bandit7 owned by group bandit6 33 bytes in size "
"somewhere on the server" - i went to the outmost scope and searched everywhere. user? bandit7 has a password protected file. i have no idea how to search a group.. googled it.
hopefully i'm not bothering with noob shit.
Nathaniel Edwards
>It sent some encrypted shit via cron que? why are you larping
Dylan Wood
just waw, how safe is this shit to make a gmail account with? I don't have a cellphone.
Sorry, was busy. Anyway, if you have the pw for 6 handy I can double check it but iirc you're missing some pretty basic command flags. You should be able to search using the same method you used for 5->6 with an extra flag. There is a flag you can set specifically for user, group and size.
Carson Wright
4chinz won't let me post that regularly bHMgLWxhUiAvIHxncmVwIGJhbmRpdDc=
Lucas Flores
could you please enlighten me on the alphabet-niggers glowing in the dark meme?
David Bennett
found "where it is", can't figure out the last step. /bandit5/inhere for that matter. doesn't find a 33byte file.
are you the same user? thanks but i'm still trying to figure out the solution.
Christian Bailey
Post the command you're using please? should be a single line to find the file, then cat it out. I'm the user that said they would respond to ya.
Andrew Taylor
nope, not the same. the thing I posted will get you to the solution, but not fast unless you change some things
You're using the right flags, but you didn't explicitly state where/what to search. Can't spoiler tag, but if you search from local folder you would have found it find / -size 33c -user bandit7 -group bandit6
/home i got to those search results but didn't pay attention to the 33 long file at /log/journal if that's the one.. meh. how did you get to that directory again?
Tyler Rogers
the schitzophrenic sole developer of templeOS thinks that glow in the dark CIA niggers are out to get him.
Joseph Cruz
brb kill self. i'm going to google it. sorry for being a brainlet, thanks for the help.
Liam Price
>honeypot It does sound like a honeypot. wew get fucked
Have anyone passed this challenge? 0x0539.net/stage2.txt I am having some trouble on understanding the stack overflowing
Sebastian Anderson
Hacking teenager girls Instagram account and blackmail them for the nudes they find
Kevin Gomez
>CompTIA is not beneficial to your career who the fuck said that? you?
Isaiah Martin
who is the girl in the picture tell me now please
Jose Ortiz
Please use an anime image next time
Samuel Adams
This post makes no sense.
David Martinez
Having to do a clean install of windows. Giving up video games almost entirely, school taking up too much time. This will be my home machine. Which OS would you guys recommend as the base?
Samuel Price
If it helps, there is a decent amount of software I expect would be best suited to a windows install >Inventor/maya >Visual Studio >Office >IDA
Jayden Sanders
guys, how do I hack my school? I got non admin access to cmd and powershell
Oliver Ward
What are some things a cybersecurity major would learn and how do I learn them? I need resources
Kali is only a meme when dumb people are using it.
Easton Phillips
Be less mad you spent time and money on shit certs
Jaxson Thomas
Agree
Jose Moore
This. I don't get all the hate around it.
Luis Jones
Cause people have started using it as a daily because mr robot used it, even though the irony is he wasn’t using it as his daily..
Owen Davis
This. I swear his desktop was running Mint at one point.
David Roberts
He did, where they show his Kali setup is on a bootable USB
Lucas Phillips
I'm a complete newfag and started playing that bandit stuff on the OP. After an hour I reached level 16. This is really fun honestly.
Nolan Fisher
Learning about netcat currently. Trying to figure out GET requests. I'm entering $ nc www.google.com 80 GET / HTTP/1.1
and not getting any output. I haven't found any reason this should be happening online, so I feel like I'm doing something dumb. I've tried on other computers and other sites, same result.
Kevin Nelson
HTTP requests end with an empty line ("GET / HTTP/1.0\r\n\r\n"). Also if you're using 1.1 you must supply Host: ... or you're violating protocol.
Ian Edwards
I'm on the same level. It seems like a fun way to learn bash.
