[Looking for help]

4 hours ago, James Elsworth said:

Can you please share complete requirement , hope I can help you on this 🙂

I'm looking for a mentor. Somebody that can guided me

[Looking for help]

15 hours ago, digip said:

Everyone loves a mentor, but 99% of hacking, is trying something, failing, and then trying again.  Best hands-on is by doing. Watching someone do it, still requires the muscle memory, and that only comes from repeatedly doing it over and over.

Head over to Vulnhub, download a free VM and then follow the guides that come with them, even if they don't make sense at first. Once you have done a few of them, try one without using a guide and only go on your instinct and ability to recon and assess the objective.

The link above that Rkiver gave will also help get you pointed to some fundamentals more specific to a category you may have interest in, such as programming in C, other languages, or various other topics related to the field. Can't run before you walk. Having an understanding of networking alone will be a huge help, so basics like Network+, can help understand the "why" behind how something works, not just the "what did he type next when I get here?"

Thank you

[Looking for help]

1 hour ago, Rkiver said:

https://forums.hak5.org/topic/913-hacking-where-to-begin/

 

A quick search and your answers are found.

I mean this  with no malice, but  learn to use a search function, as it is really useful.

I seen it and used it in the past. I'm more of the active learner, and I like to learn by doing or watching somebody else do it. That is why I would prefer a person that can guide me. 

[Looking for help]

This might be the wrong place to ask. I'm looking for somebody in MS or online willing to assist a noob in becoming a better hacker. I would like to meet somebody that can become an guide on my development as hacker.

[Lets encrypt and apache issues]

On 8/27/2018 at 2:41 AM, aethernaut said:

Do you use Webmin? The "Aliases and Redirects" section for the port 80 virtual host may show where a redirect is still lurking...

I dont use Webmin.

[Lets encrypt and apache issues]

this is my virtual host config

VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName aftercoffeedesigns.com
        ServerAlias www.aftercoffeedesigns.com
        DocumentRoot /var/www/html
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:80>
        ServerAdmin webmaster@localhost
        ServerName beginnings.rocks
        ServerAlias www.beginnings.rocks
        DocumentRoot /var/www/html/beginnings

</VirtualHost>


# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

 

[Lets encrypt and apache issues]

47 minutes ago, aethernaut said:

try letting 80 through on your firewall just for the renewal

I have port 80 and port 443 open in the firewall. And also have .well-known in the root of my http

Im using apache and I had it redirecting all web traffic to port 443. I try to stop the redirect and renew, but it didnt work

[Lets encrypt and apache issues]

9 hours ago, Rkiver said:

What errors? If you want help you need to give more information. 

this is the error when I try to renew. I try installing it again and create a new cert, but I still getting the same error

Performing the following challenges:
http-01 challenge for aftercoffeedesigns.com
http-01 challenge for www.aftercoffeedesigns.com
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. aftercoffeedesigns.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching https://aftercoffeedesigns.com/.well-known/acme-challenge/CXyPhPWzamPS3GEv3tdYYKiSgiruAY9zLu6IPp7eeec: Error getting validation data

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: aftercoffeedesigns.com
   Type:   connection
   Detail: Fetching
   https://aftercoffeedesigns.com/.well-known/acme-challenge/CXyPhPWzamPS3GEv3tdYYKiSgiruAY9zLu6IPp7eeec:
   Error getting validation data

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

[Lets encrypt and apache issues]

Im having some errors trying to renew the ssl cert. any expert that can help me

[Kali Linux]

12 minutes ago, BlazedAce said:

How do I install or download the latest version of kali Linux? Or what is the best way?

google it

[Hack The Box]

I played with it for a while

[router haks]

Thanks guys. What I did what to setup a man in the middle attack to listen to the traffic and study it

[hackers in MS]

Guys Im trying to learn as much as I can. I would like to know if any of you are located or know people in MS willing to meet and share their knowledge and hack together  

[router haks]

I would like to know your ideas on what to do to a router to gain access and persistence on the network even when you leave the network. I was thinking in redirect the access of one site to a fake site that I control to infect every machine that connect to that network.   

[Is it possible to hack an elevator?]

there is multiples talk at defcon where they explain ways on how to do it.

this is the one I was able to find https://www.youtube.com/watch?v=oHf1vD5_b5I 

[acceesing network from outside]

Could you point me to some trusted resources where I can learn more about it?

[acceesing network from outside]

the problem that I have encounter is that when I execute an exploit with metasploit is that when i exploit the target that I know is vulnerable to my exploit and it works on my local network (my machine and target machine share ips in the network) outside the network i cant get metasploit to connect back and open a session

[acceesing network from outside]

Ok, so you are suggesting to create a virtual network outside my network? that will be easy to do. I think I was overthinking it. What I'm trying to accomplish is to learn how I can exploit a network or machine from outside the network. 

 

[acceesing network from outside]

I get that part. Let me be more clear on my setup so you can get a better idea of what I'm trying to do.

1. I have a couple virtual machines in digital ocean connected to a vpn at home with other virtual machines.

1.1 digital ocean machines are a web server and an ftp server facing the internet

1.2 machines at home are metasploitable, domain controler, and a few more vulnerable systems to practice

2. my goal is to be able to "compromise" my servers facing the internet and gain access to the VPN by lateral movement and eventually gain control of the system

3. as i learn I want to improve my security and make it more challenging every time

 

Hope is more clear now

[acceesing network from outside]

Im create this lab where one of the machines is facing the internet. My goal is to be able to exploit it from outside the network, like public internet access, and in the future do some lateral movement in the internal network of the lab. Where I can look for information on how to do that?

[Chinese ISP]

I was scanning and found a Chinise ISP with a vulnerability that will give me access to their server. Should I try to exploit it and reported, or reported without knowing if it can be exploit?    

[help/hint CTF]

Im doing this CTF and I found this file. the tip says that has been encrypted 13 times

Vm0wd2QyUXlVWGxWV0d4WFlURndVRlpzWkZOalJsWjBUVlpPV0ZKc2JETlhhMk0xVmpKS1IySkVU
bGhoTVVwVVZtcEdZV015U2tWVQpiR2hvVFZWd1ZWWnRjRWRUTWxKSVZtdGtXQXBpUm5CUFdWZDBS
bVZHV25SalJYUlVUVlUxU1ZadGRGZFZaM0JwVmxad1dWWnRNVFJqCk1EQjRXa1prWVZKR1NsVlVW
M040VGtaa2NtRkdaR2hWV0VKVVdXeGFTMVZHWkZoTlZGSlRDazFFUWpSV01qVlRZVEZLYzJOSVRs
WmkKV0doNlZHeGFZVk5IVWtsVWJXaFdWMFZLVlZkWGVHRlRNbEY0VjI1U2ExSXdXbUZEYkZwelYy
eG9XR0V4Y0hKWFZscExVakZPZEZKcwpaR2dLWVRCWk1GWkhkR0ZaVms1R1RsWmtZVkl5YUZkV01G
WkxWbFprV0dWSFJsUk5WbkJZVmpKMGExWnRSWHBWYmtKRVlYcEdlVmxyClVsTldNREZ4Vm10NFYw
MXVUak5hVm1SSFVqRldjd3BqUjJ0TFZXMDFRMkl4WkhOYVJGSlhUV3hLUjFSc1dtdFpWa2w1WVVa
T1YwMUcKV2t4V2JGcHJWMGRXU0dSSGJFNWlSWEEyVmpKMFlXRXhXblJTV0hCV1ltczFSVmxzVm5k
WFJsbDVDbVJIT1ZkTlJFWjRWbTEwTkZkRwpXbk5qUlhoV1lXdGFVRmw2UmxkamQzQlhZa2RPVEZk
WGRHOVJiVlp6VjI1U2FsSlhVbGRVVmxwelRrWlplVTVWT1ZwV2EydzFXVlZhCmExWXdNVWNLVjJ0
NFYySkdjR2hhUlZWNFZsWkdkR1JGTldoTmJtTjNWbXBLTUdJeFVYaGlSbVJWWVRKb1YxbHJWVEZT
Vm14elZteHcKVG1KR2NEQkRiVlpJVDFaa2FWWllRa3BYVmxadlpERlpkd3BOV0VaVFlrZG9hRlZz
WkZOWFJsWnhVbXM1YW1RelFtaFZiVEZQVkVaawpXR1ZHV210TmJFWTBWakowVjFVeVNraFZiRnBW
VmpOU00xcFhlRmRYUjFaSFdrWldhVkpZUW1GV2EyUXdDazVHU2tkalJGbExWRlZTCmMxSkdjRFpO
Ukd4RVdub3dPVU5uUFQwSwo=

 

[What books you recommend?]

What book you recommend? Books in security, hacking pen testing, or anything else that you recommend to increase knowledge

[What is in your bag?]

I want to know what is in your bag when you go out to do some engagement. Devices(Hardware, OS)

I'm trying to decided what kind of hardware to carry with me.  

[linux distro for pen testing]

I tried the subsystem and its annoying. Do you recommend a dedicated pc/laptop with kali install or run kali as a live distro?