#checkmate

🥳

Please be mindful as a general guideline to not ask for/provide hints in the first 72 hours after a challenge is released. This also covers streaming. 🙏
Ignoring this rule will result in being muted until the hint embargo has been lifted.

During the 72 hours after a challenge is released, you will receive 50% more regular points per question!

Examples:

1. Scoring 80 points (30 regular points + 50 blood points): becomes 45 + 50 = 95 points
2. Scoring 30 points (30 regular points): becomes 45 points

darn shadow can't do this yet because they helped test it

At Level 3 rn. Fun Challenge so far

♟️

Oh wait am I late to the party? Since when are you a room tester?

since about when tim started the room tester thing on discord

shadow is one of very few of the first batch that are still around and test rooms on the user testing level

That was interesting, haven't done any bruteforcing in a while on THM! Level 4 was my favorite.

Very fun room and nice for learning!

Effect of ai assistance

break from AI, let's try some passwords now

hmm I probably overthink the 3rd one as I used all possible combinations that make 11letter password 😄

The first 2 were super easy. Third one not so much.

you can generate password list from the info on social profile

have u managed to get over level 3

Yes I finished it yesterday.

.

same

did anyone used hydra?

for level 3 is there any syntax no hint given in THM room like small, caps, special characters just use marco info.

Very easy and fun room!

Third one takes less than a minute - the website already hints at what tool to use.

can i get a small hint for task nr 5 ?

The room already gives you a hint on the website.

just finished also

for the level 3 , email or username for the social is marco or the nickname from the jobs , idk if i'm using the correct username

You won't get any tips or clues until after 72 hours. Keep trying. This is how you truly learn. No one will give you clues in the wild.

u can ask the AI

i had the same problem, just dont over complicate ur self

Not a fan of the last task with the company name, pretty sure something better could have been chosen imo.

Losing my mind on level 3🤯

samme

done ❤️

Really fun challenge after a long time. Finally Got my hands dirty with password brute force 🕟

Struck with Level 2

No way!

It's all in front of you. You don't need any fancy tools. Just your eyes, patience, and trial and error.

wow level 3 is messing me up

might take a bit longer 🫡

You can limit as you know how many sign password got 😄

jep.. guess what.. thats exactly what i did xD the wordlist generation might need some finetuning though since most cases wont probably happen

Also capital doesn't matter. My list was 1300 records and hit on 400

on last one, found the hints, generated list.. lets wait 😉

Last one was actually the one I've just "lets guess" and it worked xD

🥳

well on the social there are clear hints what the password has to look like

Yes that's why I didn't use any brute on last one .gj mate!

Checkmate! Mr. Bianchi. GG!

grats

how ? i can't just ask what is the username lol it say idk

you can ask if it is Marco or marco or smth else lol

I'm sorry, I do not know the answer. Is there something else you would like to ask? that's how the AI respond ahhaha

Did It , the 4 and 5 was easy af , the level 3 pain

I am struggling on level 2 🙁 I might be looking for the password in the wrong place… i tried so many lists and none of the matching passwords work 🥺 am I wrong to assume i should be doing the same for level 2 as i did on level 1? 🤔

||rockyou||

Check the rooms in tryhackme about wordlist making, password attacks, cewl, cupp tool, etc it might help

If that is the list then I have tried it but no password matches 🙁

Yeah rockyou can work, but the room is kinda guiding you more toward enumeration and gathering info from the company portal. If you look carefully at the jobs page, you’ll notice some repeated company keywords and one of them is reused as the password.

Ok, I will try that then, I am pretty new to this so I have to learn how to think about how to guess some of these things and spot the patterns. Thanks for the tip!

how to find that room

The link is the chat description

https://tryhackme.com/room/checkmate?utm_source=discord&utm_medium=social&utm_campaign=checkmate

do I use his name or nickname for the social sign in?

Agree!
Level 3 defiantly the hardest

Thats the fun part- gotta try em all - how would u hack your GF's Insta

Thanks! I'll remember that, and just keep hitting it until it shatters! Then I'll throw a party using the pieces as confetti 😆 😉.

Gave +1 Rep to @inland timber (current: #190 - 59)

The hero we all need - never deserve😂

Says the literal Grandmaster 👀😂 I’m just a professional button-clicker!

Dont let those fancy titles get in your head- it should just say time served cause that's truly what it represents

Still, it's impressive

Level 3 was hard yet impressive for me.But let me say one thing, Marco's password policy is insane!!

i'm done

oh my days bro i was stuck at L2 and i got the pass, i was just typing marco as macro

for litterally almost 2 hrs

can sombody give me a hint for level 3

🥹

u ever hear of the tool:Cupp??

nope, never

i'm gonna look into it though, thanks

is it in the attackbox ?

sorry, u have reached your hint quota for the day -please insert more coins...

that's enough thnx man 🥹

No but you can easily install it with ||sudo apt install cupp|| 🙂

Should be pre-installed on Kali though

Don't drink and hack xD?

yup i switched to kali, thanks

Gave +1 Rep to @icy ermine (current: #1 - 6197)

still can't get the correct pair of credentials though

For Task 3 ?

yeah

https://github.com/Mebus/cupp

i used that made a dictionnary for passwords

but what about username

Just a Small hint: it is very basic

😭

It's right on the page and it is only one word , that's all I can say

alright thanks i'm gonna try again

thank u

Good Luck Dude

thnx man

i know you only wanted a hint but fyi, walkthru already posted on YT;)

This guy fb is just straight forward in terms of logins:D lucky that he was first with booking that

could you send me the link

i was hoping you were gonna use your own google-fu, finding things and troubleshooting efficiently - that's the skill, that's the job

I would've tried something but It's 2 am and Im about to go to bed 🙂‍↔️

Maybey tom

good - plan - rest up, room's not going anywhere - you will thank yourself;)

Gave +1 Rep to @tall drum (current: #370 - 26)

this challenge cannot be easy 🥹

none of it is if you've never seen it before

yeah gonna try again tmr

true, alright goodnight

🚗

No, it's wordlist generator which uses user information

Hi

hello

I was going to use that but I thought you neeed python3 for it and the vm on thm is not python3

Lol i have just realised that i should be able to install python 3 on the vm 🫣

That was way easier than i thought

You mean the attack Box ?

Yes

can anyone give a hinty vinty for level 4? at this point i have assumed marco is italian and tried everything 💀

Vin diesel would approve 🙂

oml thats the best response i could get

🙂

fyi, there is a full on writeup vid - search youtube