Gave +1 Rep to @hollow zealot

Bet lol

@crystal marlin I now heart you 🥹

Yes I am using the attack box to send a requests to Bastionv1.5

Mh, could you send a screenshot of your attackbox terminal pls?

verified. thanks 🙂

Gave +1 Rep to @crystal marlin

Oh and beside the issue with the target tab, your request doesn't look the same as in the room image because you intercepted the request to the page itself, instead of the request when trying to login, I guess

Alright

Hello, I am having trouble connecting to THM via OpenVPN. I tried to resolve the issue by regenerating new openvpn file and switching the server and then regenerate new openvpn file and nothing seem to work.
what can i do?
thx a head 😄

what error you get

2022-07-17 13:39:35 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2022-07-17 13:39:35 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2022-07-17 13:39:35 OpenVPN 2.5.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 5 2022
2022-07-17 13:39:35 library versions: OpenSSL 3.0.3 3 May 2022, LZO 2.10
2022-07-17 13:39:35 Cipher BF-CBC not supported
2022-07-17 13:39:35 Exiting due to fatal error

i successfully connected once and since then this is the error i get

every single time

verify you account on discord and here is pinned message to fix that

!docs verify

verified myself

where can i find this pinned message?

check pinned messages

the pin in right corner

alright

is the vpn on

yes

y

that is your ip in the network

you use that IP when you set LHOST in tasks

do ip a and look at tun0

the pinned messages does not have a fix for my problem @tribal burrow

yes

read the message, you are connected

i am connected but wht is this pormblem then

i did ip a

that is so called the flag

u take that flag and submit it for the question

cant understnad aries

tun0 ip is the ip that u will be using for the try hack me room now

If you have updated your OpenVPN to 2.6 you can fix this by updating the 'cipher AES-256-CBC' line in your TryHackMe 'ovpn' file to 'data-ciphers AES-256-CBC'.

screenshot the questions

my openvpn is 2.5.7

oh we have tgo start the attack box

cant we use it vm?

u can use vm by using thm vpn

also u can use attackbox because it acts a vm machine in the browser

uh how?

can you come in vc

do openvpn room

i have openvpn

https://tryhackme.com/room/openvpn

join vc i cant explain like this

Type openvpn --version | awk '{print $2}' | head -n 1

yea then u are connected

Type openvpn --version | awk '{print $2}' | head -n 1

@somber spindle then

2.5.7

I dont understand the problem, you are connected to the network.

ya then

this task i am saying can i do it on the vm https://tryhackme.com/room/tutorial

i mean now what are u trying to do?

can you open your .ovpn file and take screenshot

but when i paste the ip in the interent it give me this promblem

THIS ONE

it's not a problem

it's a FLAG

FLAG is the answer to the question

It's not a problem.

u can submit the flag to complete the challenge

of the keys? or just the beggining?

Please, you don't need to ask help for everything on the room. Just follow the simple instructions and you'll be fine. @bleak gorge

the .ovpn file that you download from THM

read the question instruction as it clearly stated

ok

yeah i have it.. it has a lot of hashed keys in there

take picture of upper part

client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 18.202.129.195 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
data-ciphers AES-256-CBC
comp-lzo
pull
key-direction 1
verb 3
reneg-sec 0
data-ciphers AES-256-CBC

did you think to update openvpn

lmao search on youtube got it

ill do it now... but it seems like the newer versions work worse with THM

google and youtube are the first destination for your questions

for me is ok. and after regenerate .ovpn file from thm

alright brother ill try it out and let you know if it worked.. thx for helping me

Gave +1 Rep to @tribal burrow

thx a lot bro, i resolved the issue by updating the program

Gave +1 Rep to @tribal burrow

cool

enjoy it

Hello, I am on the Agent Sudo challenge
when I try to connect to the ftp service I get an error "ftp: connect: Connection timed out"

I am well connected to the vpn

can you provide full error log ?

I typed the commande "ftp <ip adresse>
and i have "ftp: connect: Connection timed out"

that's all

what roomm is that

name of room ofc

agent sudo

https://tryhackme.com/room/agentsudoctf

the first time I tried the command it worked then I was disconnected and when I tried to connect again it did not work anymore

try nmap -A $IP

Starting Nmap 7.80 ( https://nmap.org ) at 2022-07-17 13:20 CEST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.38 seconds

if you enter ip address in browser, do you get webpage ?

yup

try ftp $IP 21

connection time out

I had the same problem for the ssh (another ctf), the first time it worked and the second time not.

try restart machine

Ok i'll

it

Ok idk why

but it works

thanks @tribal burrow

Gave +1 Rep to @tribal burrow

simetime hachines goes crazy

Hi, I wanted to know in monthly leaderboard if i went from level 0x5 to 0x8 this month from july 10 till today this should give me something around 2k+ points atleast if my countries monthly leaderboard's rank 50 user has 700 points i should be in the top 50 then?

Not every room will give you points to your monthly score

!docs points

https://docs.tryhackme.com/docs/rooms/how-points-work/

thanks

Gave +1 Rep to @crystal marlin

hi, does anyone use wsl linux?

ask your question

I use kali using wsl

i typed this command to get wsl 2

but it didnt work

invalid command line option

Use #infosec-general please for technical questions not related to TryHackMe

sry

can someone point me in the right direction for fixing the VM disconnection issues?

im not even sure how id go about it, ive tried turning off my vpn but im not sure what else to try

i read something about a tryhackme OpenVPN, not sure if i need to use that

To access the THM machines? Yes.

how do i gain access to it, having trouble finding it on the website

There is a room dedicated to teaching you how to connect to the VPN from your VM

oh right, the first beginner one just threw me into a hack, ill continue

thank you

!openvpn

!docs vpn

https://tryhackme.com/room/openvpn

appreciated ❤️

the room

ZTH – Obscure Web Vulns

is not working?

I would like to work on that lab.

If it's saying, the room is private or something similar to that, then you can't work on it

so what's the paid membership for then

?

thank for replying

To access sub rooms, have the attackbox more then just 1 hour per day etc.
If a room is put on private by the owner then it is for a reason, like it has to get revised etc.

so is like under maintenance

?

Could be, or it's removed entirely, I don't know

ok

understood

it is a good lab

seeing the videos

you should be considered bring it back

Ye, that's not up to me, you might want to ask official support via support@tryhackme.com or leave a #feedback-and-ideas about it 🙂

my VM doesn't seem to have nmap installed, i tried both snap and apt commands and are both unable to connect (unreachable)

'error: unable to connect to snp store' - snap
'Cannot initiate the connection to lb.archive.ubuntu.com:80' - apt

are you connected to the internet in your vm?
ping google.com to confirm if you get a response

doesnt seem to be connected

there's some vm settings that you may need to configure, it's better to google for solutions "can't connect to internet in virtual box/vmware "

ive been using the web attackthebox, is that not advisable?

im subscribed

thats odd

its not recognising nmap as being installed

done

both commands arent working due to not being connected to the internet

oh wait hold on a second 😩

ok ive figured it out, just trying to get my bearings

thanks again

@hasty solar 😩 trust me I’ve done worse I was using my own target machine ip to get a shell 😭

Then was like wait why isn’t it showing on my attack box then I was like ooooooo 😂

I haven't used THM in a while, and just started to get back on it the past week. Downloaded a new ovpn file and set it up like normal using my Kali VM (Windows 10 host machine). Well, I can successfully connect using the open vpn file (everything shows up green and connected on the site), but can't do anything. Everything always times out. Used the thm-troubleshoot script and everything goes well until the confirming connectivity step and then it errors with telling me I need to come to the discord and ask. So, here I am. Help?

can you send a screenshot of the end of openvpn output you have? you'll have to verify your profile to send screenshots

!docs verify

I've already tried the mtu modification. Didn't do anything

Sorry, what portion are you wanting in a screenshot? The troubleshooting script or the ovpn file itself?

the output of the openvpn command, it should show the errors if any

Oh, I've just always added it to my connections. Let me try it the manual way then. Hold up.

yeh, that

using multiple vpns can be a problem with thm's openvpn

Error: failed to apply push options
failed to open tun/tap interface
SIGUSR1 failed

Also seems like it's failing to negotiate the cipher

that's a bunch of different errors, make sure you're running with sudo

there's no extra tun0,tun1 interfaces, check with ip a s

Yep, running with sudo

then comes the openvpn negotiate cipher issue, the solution for which is pinned in this channel

Okay, so that cipher issue is resolved, I'm just not really understanding why one aspect works (using openvpn through the terminal) while my normal method doesn't work anymore (adding the ovpn file into the connections settings)

It halfway works through it (shows as connected) but doesn't allow you to do anything

try running the vpn script again, or you can just curl 10.10.10.10/whoami to check if you're connected

!vpnscript

After a lot of messing around with it, I've determined I have no flipping clue why connecting via the network connections way doesn't work, but connecting via the terminal with the openvpn command does. I can run nmap on boxes and visit sites when connected with the same file from the terminal, but can't run metasploit or other tools when connected with the same file from network connections. Like with the room "blue" for eternal blue, if connecting via the terminal, I can nmap and get an open port, but even still, I can't get metasploit to actually do anything. If connecting via the network connections tab, then I get only filtered ports no matter what setting I change.

It's not a routing table issue (I verified this multiple times by recreating the exact same routing table from one to the other). It's not an MTU issue as I've modified that. It's not a cipher issue in the network connections tab (I've modified that as well). Whatever change happened, I can't figure it out right now. I'll just download the damn box and host it myself haha.

I am not sure if this is the right place to ask my question but here we go ..
Hi, I have a problem with nmap scannning in the attack box, any scan that's over a thousand ports takes so much time to finish (so much that I've never seen it finish and I've waiting for hours) and it doesn't matter what switches I'm using wether it's verbose or not.
I can't follow up with the tasks in the rooms and I don't know what to do.

how to change my public name
is it possible

can u specify what room u doing and are u connected to vpn?

public name where?

sorry i mean my profile publicname on tryhackme
in the challenges it brings up my login name but i want it to be the same as the nickname

in discord right?

on the website my profile

just open your profile -> type the name u want and click Save change

that's it

yeah but the username under it how can i change it

i don't think u can do it by yourself but u can contact support for the help

ok ill do

Hello everyone thanks for invite

hi u can verify if u already have your tryhackme created

!docs verify

Nmap is slow for me as well, a full port scan takes me 26 minutes, I'd recommend installing rustscan, it's really fast

It sadly does that in any room, and no I just use the attack box

Unfortunately for me I've literally left for more than 5 hours and it didn't finish
Thanks for the advice I'll try it next time

Gave +1 Rep to @rich vessel

https://github.com/RustScan/RustScan/releases/download/2.0.1/rustscan_2.0.1_amd64.deb

if u ever need

hey, i have sub but stilll it seems like unsubscribed.

U can contact support team

this is only tsupport channel i think or is there any other ?

if you need official support, contact them through email :)

!email

-_- i though they had also disc chanel. btw. thanks

discord is mainly for community help and such

can anyone help me out i m not getting network on the VM machine this are my settings

it is just rotating thats all

Why bridged?

it was working perfectly at that time what should I choose then

try asking youtube bro there are tons of guides there

i did but didn't get what i wanted

Use Nat.

Bridged exposes your VM to your local network.

got it thanks it works 🙂

I am assuming that's an internal NIC, it won't work with internal

Did you google that error? Should find a solution to that pretty easily

So how is your ssh command looking like after you have googled that error ?

you'll get that error a lot tho with older boxes, and it's a very simple fix, (a flag with ssh)

Gave +1 Rep to @crystal marlin

its working

If you are dedicating a resource to a VM, it needs to be exclusive to the VM. I do not recommend bridged mode unless you know a lot about networking and device passthrough.

hello I made all the machines of the pentesting tools series, but the burp suite machine does not appear as complete for me to get the badge but when I enter the box it is complete yes

It's a bug, staff know.

Well, a re-direct, bug, either/or applies.

so all machines complete but it appears as incomplete and I can't get my badge

good day...

in fase two, cust $10.00 monther?

yes

https://tryhackme.com/why-subscribe

51,50 real brazilian?

one month more to complete?

a subscripition is for monther?

thanks

my english is basic.rs

more, up

rs

i am Brazil

I'm getting this error when trying to run msfconsole. Any idea how I can fix it?

update and restart,
sudo apt-get update

Still got the same error, it says this:

Then chucks out the error

Same error

Is there a way to downgrade metasploit to a previous version? If so whats the command for that, I could try that

@gray loom ^

It says my metasploit framework version is 6.2.6-0kali1

shadow is on 6.2.8 without problems

Mine says it's as up-to-date as possible

then again shadow uses the nightly dev branch

I got that error as well

with MSFVenom

Can any mod help me with changing my Discord token please?

apt-get upgrade yes it's different than apt-get update

It worked just fine yesterday and just did apt update & upgrade today prior to running msfvenom and got the error

https://github.com/rapid7/metasploit-framework/issues/16782 Looks like others are having the same issue

Is there a way to downgrade it then, if others are having the issue to?

yeah you probably could. That's what I'm looking into rn

if you find out please let me know

i’ve seen a bug report on kali too for this

What you need? To unlink your token from that current discord account ?

Yeah, that's the one

Will let you know when it's done, since I can't do it on my own

Aight, cheers mate

Are you trying to link a new THM account to Discord account (if so, why?) or are you asking for your existing THM account to be unlinked (also why?)

the token thats linked to your current Discord account matches atm

or are you asking for your token on THM to be regenerated?

Basically, I'm trying to link a new account on tryhackme to this discord profile since I created a new one to work through things from the beginning and actually in a streamlined way with some friends and all that without doing something here and there in a cluster of a mess, also wanted it to be on a new email and thought starting fresh would just be simpler. Hence I need my old account unlinked since I don't really use THM on that account and am pretty sure that I deleted it too.

Fair enough, yeah I can see its deleted. I'll unlink that for you. TY for answering the Qs

No worries and many thanks. Have a good one

can you try re-verify with the new token now please? @paper trellis

Yup, will do

Seems to have done the trick! Thanks a lot!

Gave +1 Rep to @zealous yoke

wicked

good to hear

thanks as well @crystal marlin ❤️

Gave +1 Rep to @crystal marlin

Hey dude, it's supposed to be fixed by the last weeks 6.2.8; check this out https://github.com/rapid7/metasploit-framework/issues/16767#issuecomment-1185395510

do you know when that’ll be?

thanks for the update though!

Gave +1 Rep to @frail pike

I suppose it's already out since the guy mentioned it being done last week somewhere on the 11th. Just go grab it and test it out on your machine my guy

i’ll have a play around tomorrow

by the sound of it, it’s still broken

yeah the workaround worked out for me on my testing environment. it looks like the kali repo hasnt updated it as well https://archive-4.kali.org/kali/pool/main/m/metasploit-framework/

the latest im looking at is 6.2.6

hopefully it’ll be updated soon

anyway i’ll mess around tomorrow and try the workaround (if the kali repo hasn’t updated it still)

cheers for all your help though mate

yeah no problem dude. it's not a big deal since I never use msfconsole but msfvenom is what got me hanging as that was my go-to for shellcode generation lol. Let me know how it goes

it was bad timing for me as i just got to that point on the path i was following haha

will do!

Windows Fundamentals 1 box is broken........

I was on that box, Until it timed out and then i went to a different box.

Hi guys! Blue room seems to be broken. keep trying to exploit the server with EternalBlue exploit and it always fail. Even after multiples reboot.

Oh....... Yeah.
Fair enough...... Well i mean i guess there could be something wrong with Remmina.

Hum. the OpenVPN IP

I mean.........
Isn't this the correct command before executing;
command %h%u%t%U%p%g--option
Is something wrong with my syntax ?

All good......... Working fine now.

hello.. i am doing persistingAD and having trouble doing mimikatz. it seems like it is frozen. tried resetting twice but same issue.

!docs verify

Hello
I have subscribed to premium till 5th Aug, and I have another 1 month coupon but I can't see a place to apply it.

Is, there any way I can do this?? @sharp bison

that's a bot, and no, you can't use a voucher with an active subscription :)

Just cancel the sub, all it does is stop auto-payment, then use the voucher.

While in Burp Suite i try to solve Task 14, Practical Example. But the target is wrong. As printed "We will start by taking a look at the support form at http://MACHINE_IP/ticket/: "

and MACHINE IP is a not a real IP address 🧐

You need to start the machine.

I have start the target Machine

and attack box

When did you start it?

after i logon THM

Can you please verify and send a screenshot.

!docs verify

OK

hey can anyone help me with hacking pls dm me

That sounds sketchy, why don't you just say here.

@weary spindle my Dicord account is always verifyed with my phone number.

But you need to verify your discord account with your TryHackMe account to be able to send pictures.

You need to start the machine in Task 1.

thanks a lot

Gave +1 Rep to @weary spindle

tryhackme site from my end, is really slow. i am accessing the labs using the built in kali (browser) and its dead slow. i type in and have to wait for few seconds for the text to appear. this issue wasnt happening before.

using openvpn alwsys get my connection disconnected

i am premium user and regenerated the vpn file

i changed the servers as well

no luck

Can't speak for the browser based attacking machine, if the issue is on their side or on yours.
But for the openvpn issue you might want to verify and send a screenshot of the output when trying to connect

!docs verify

Hi guys, is the site down?

k, let me try again. i restarted ny pc. once it gets disconnected again i will share the ss.

It's working for me, what are you seeing?

I get temporary failure in name resolution when pinging

I think it's just me, sorry about that

It's always DNS 😄 might be worth checking where it resolves, and possibly changing it.

Thanks, @deep spire

Gave +1 Rep to @deep spire

my VM keeps asking where the gateway is 😄

flooding with ARP

once i restarted my pc, it seems to be stable now. No idea why though. i had restarted my pc earlier as well , but it had no effect. i restarted my pc 5 minutes ago out of frustration.

Hello, i'm new hacker and i'm facing a problem to connect to acmeit

I now that I just need to put the Machine IP into the Mozilla but everytime that i try it i get a 405 error

And can you tell me where is the IP targeted ?

I'm a real noob

I already started my attackbox

Ah that's a point that I didn't

It is starting

and I see the IP address of the machine

Thanks @gray loom

Gave +1 Rep to @gray loom

I have a live kali usb that i want to transfer to another, bigger, usb. is this just as simple as copying the files to the new usb or is there a backup script i can use for this?

Not really a question related to TryHackMe, please use #infosec-general for such 🙂

alright, sorry about that

didn't know that, I'm verified now ig

yo

can I reset a room to redo it later?

Is the XSS machine in the OWASP Top 10 not working?
When I go to the given machine link and navigate to the "Reflected XSS tab"
this is what shows up

I did not add any payload

i was loading the website for the first time

its saying i didnt finish them but i did when i enter it says 100% finished

staff are aware of the issue, and will issue a fix in due time.

hi team!
i had started to go through the rooms/windowsprivescarea -- completed task 1 through 3 last week. This week when i try to pick it back up, i'm unable to establish an internet connection on the targeted machine and when diagnosing connection problem i receive "your computer appears to be correctly configured, but the device or resource (go.microsoft.com) is not responding".
Last week, i was able to successfully access a hosted malicious file from the attack box over selected port 8081 to download my crafted reverse shell. This time around i cannot connect at all to any IP:port from the attack box -- again, i'm connected to the room, joined, attack box started, and target machine started - which i rdesktop to the target machine and log in with user:password123, and this is where i'm not longer able to communicate outbound nor ping 8.8.8.8 either -- this is halting my progress to continue on to other tasks. I've left the room completed, rejoined, and cleared progress multiple times, ultimately ending at the same error - when i try to perform ipconfig /troubleshooting commands, i eventually get the box hung and keep running into the same problem.
Anyone encounter this and have a resolution?

were you subscribed and no longer are??? because the attackbox only has access to the world wide internet for subscribers and generally you are not supposed to use it for that.... also you can send files to the target machine using wget/curl and a python web server which would open on port 8000 by default

Hey man. not sure if you already fixed up the issue we talked yesterday, but here is another one I just found and confirmed working. https://github.com/rapid7/metasploit-framework/issues/16767#issuecomment-1185395510

cheers mate, i'll try that shortly!

just gotta throw in additional 4 lines to a local file

seems nice and easy! Hopefully it'll be patched by default soon

Yeah kali team needs to push the version 6.2.8 to the rolling repo

yep, hopefully they'll do that soon!

tyvm for all your help the past few days though, i'll do the workaround fix later

No problem man. I imagine that's what the community is for

Hi there, I have an issue with the room "Lateral Movement and Pivoting" . I'm using the "Attack_Box" , I comment out and set the DC IP address in '/etc/systemd/resolved.conf' . I did the nslookup on the DC's DNS name and it resolves properly to the IP address. My problem then is that I can't reach the website 'creds' to get the creds pair. Looks like Firefox cannot resolved the DNS name. I tried to restart and regenerate the 'lateralnetwork' VPN config but same issue. What is the problem ? thank you ! I would add also that I have a proper IP address under "lateralmovement" from "ip a " 10.50.77.xx"

Try changing etc/resolv.conf to the same as the DC.

@weary spindle now it works! thanks !

I think i recall seeing a subscribe button initially before starting this room, but how do i tell if my subscribe status?

check your profile page

I am a subscriber, i'll be charged august 11th for another 90 bucks

okay then that is not the cause of the problem

also could you verify your account to be able to send screenshots???

!docs verify

alrighty i'm verified

a snip of my previous attempt when i was able to reach hosted file from attk box

versus now

how was i able to access the first screenshot then? i thought this room was setup for local connections-only anyways...

I'm having a hard time installing virtualbox

here are the steps i initially start with for this room --
start attackbox
start vulnerable machine
both obtain an IP
attack box: sudo apt install rdesktop
attack box: rdesktop x.x.x.x -g 95% for remote session to userbox
login prompt, select user, enter creds user:password321
user box: cmd prompt, powershell -ep bypass
user box: . .\PowerUp.ps1
user box: Invoke-AllChecks -- we see this has permission to escalate
attk box: set up multi handler, generate reverse_tcp shell, host generated payload over desired port (ex: python -m http.server 8081)
user box: open IE and navigate to IP of attkbox:8081
directory listing present (which was the first screenshot i shared showing program.exe); download it, and replace in the Autorun Program folder

.... all if fine and dandy and completed the task --- i had to leave for day, then when i pick it back up the IPs change of course (as expected) and i repeat these steps to connect back to userbox so i can try task4 AlwaysInstallEllevated -- i have to run through the setup again to get into the user box, etc, however, when time comes for attack box generating my msi payload and I host it (attkbox) the same way as above, this is where i encounter the connection issue on user-box - which is why i'm confused

good catch 😉 that's because these are two different screenshots from different times, which the times after successfully accessing the directory location in browser, i would have a new ip and attempt to connect.
Let me go reset the entire progress, leave room, rejoin, and start from scratch and show that i cannot access the file being hosted from attk box (like the TCM video course)

@naive dust
Pls ban 🙂

@eager fulcrum

exactly! i can't reach the ip:port i designate on the end user box in the browser-- let me reproduce what i went over with fresh screen shots

these same steps were in the video with TCM coursework, and the same steps i walkedthrough successfully the first day (last week)

i really hope this is the issue XD - of course i click back into my vm and its frozen/hung lol

i feel pretty dumb for leaving out the protocol.... my lord.... thanks for entertaining my noobness

Gave +1 Rep to @gray loom

hey man, i just had a look and i can’t find the top line (in red) to change to that in green. any idea where i can find this line?

ah okay, thanks for the confirmation

Gave +1 Rep to @gray loom

ERROR: Failed to apply push options

i'm not able to connect to the THM OpenVPN it used to work

nvm got it fixed some how

I tried this too, just ignored the line removal and it didn't work. Just adding the 4 lines at the bottom didn't change anything for me and msf is still down today

yeah I double checked. I didn't add the plus characters. I can try it again today just for certainty

oh wow, it worked, maybe I did miss something yesterday. Thanks for doubting me haha

Gave +1 Rep to @gray loom

Is there any THM documentation yet about the msfconsole bug on kali?

I'm combing through it now

I found this same patch the other day but I couldn't figure out how to patch it ...

am noob

So all of the green lines need to be added?

ok it looks like it worked

So the warnings it spits out now should just be ignored?

word up

Thanks

I've never patched a program this way. is this typical for people on github to present a patch like this?

Could anybody help me figure out some weird stuff going on with my Windows 10 host?

does it really take 5 hours to nmap scan a machine ?

i am unable to paste the screenshot

but an nmap scan is taking 5 hours to complete

@jagged galleon shouldn't take that long

i changed to -T5 and its much faster now

took about 588 seconds( 10 min) to complete

2022-07-20 01:57:12 read UDP [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)
2022-07-20 01:57:15 write UDP []: Network is unreachable (code=101)
2022-07-20 01:58:21 write UDP [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH|EHOSTUNR]: No route to host (code=113)

i keep losing the VPN connectivity

this is the message i get

internet is active and strong

Is there any way to change the kali Linux terminator shortcut? Here I want to use the tab key instead of using pg up or pg down key...

go to Preferences -> shortcuts

hello, i have an issue on the room https://tryhackme.com/room/owasptop10 [Severity 10] Insufficient Logging and Monitoring

i pressed the Download Task Files and it download a file named login-logs.txt which contain a html code , and after looking into it for ages and finally figuring out that this is not the log file ,

i got the actual file which contain the log,
how do i fix that ?

There is no preferences option in the terminator!

can u screenshot full

hi if any one can help why cannot i connect to the attack box

Why does Linpeas get so excited over pam.d stuff?

Well I know they're configuration files, I'm just struggling to find meaningful reading material on what sort of misconfigurations I am looking for

Hey, please do not post your question in multiple channels.
Also if you are looking for help, ask/explain your issue straight away

troubleshooting script issue. I went to this page and download the thm-troubleshoot, and done chmod too. However as you can see in the picture, there is a syntax error at 9? So, should I just remove it?

ah man

you downloaded the html page instead of the script

there's a raw button on github

!vpnscript

this link is what you want to wget

https://raw.githubusercontent.com/tryhackme/openvpn-troubleshooting/master/thm-troubleshoot

same page, but may you show me that button pls? I must be blind now

raw button right next to blame

or u can just drag and copy it if u want

got it, tq. next issues, how do I kill 1 of the connection? I thought I did by typing systemctl stop openvpn?
I did a ctf previously, so I guess that is still running, but the machine network status is stopped, so I thought it wasn't running anymore.

a simple sudo killall openvpn clears any openvpn connections

ah the kill cmd. 1 moment

the troubleshoot said Im in, and only 1 instance of openvpn is running. However, the machine I'm doing does not seem to working? My VPN is working for sure, even the access page "server status", and "connected" said so, but nothing.

I tested ping cmd, and got no reply.

Well ping is not a reliable way of testing, since some machines simply don't reply to ICMP pings

Do curl 10.10.10.10/whoami which should reply with your tun0/vpn IP

it did, but.......?

what does this tell us?

That your VPN connection is working fine and we can move on from there

Whats the next step?

To let me know what the curl command replied to you.

my internal Virtual IP address of course

it even got the green color circle too

btw I had tried the ctf challenge before it suddenly stop working. This cause me to check the troubleshooting method to see if it resolve, which it doesn't.

Okay, ye you never confirmed to me that you received your IP as a response, since the access page is not reliable either.
So what's the room you are doing and what's the IP of that target machine?

AllSignsPoint2Pwnage. 10.10.210.60

Ye seems the machine has some issues or simply the timer ran out already.
Could you refresh the room page with ctrl + F5 since the timer sometimes doesn't show the correct time left

Or simply restart the target machine and give it a good 5+ mins to make sure it's fully up

refresh doesnt work, so i will restart. Will reply after 5min later.

@crystal marlin And nothing change. Dang. Maybe I should try out another VPN server.

Could you let me have the target machine IP again, best as a screenshot of the "Active Machine information" box pls

Oh wait!

I got it. I just try the new machine IP on a new firefox, and it work.

Alright then

And now the old firefox work too?

Lag?

nonetheless, tq Fontaene

hi im having a problem with my profile in thm

i cant change the flag of my profile, even if i change it, remains in UK flag

#site-support message

thanks

fixed

#site-support message i still need help xD

It downloaded okay for me.

Please support me to resolve this issue in OpenVPN

sudo openvpn path/to/file.dinesh7850.ovpn

I think he is root

Most likely the issue comes from the openssl version

the #

Yeah, I hadn't zoomed in.

Most people who post that usually don't do the sudo + full path.

nah, that issue is cuz of an empty config file, had the same for me, think the're using the IN regular server

Could you show us the content of your .ovpn file ?

Sorry Bro but can you tell me the need ?

Well to check if it's empty?
Or has any empty tags

I think I should download another configuration file

Okay, well I'm wondering why you are asking for help if you think you know the solution, but ye, try that 🙂

Ya bro i think i should try it once If it will not work then you can help me out 😃

damn, the entitlement

I think that's just a little language barrier, so I don't take it as that, all good 😄

Thanks Bro for your suggestions ! The issue has been solved.

Gave +1 Rep to @crystal marlin

Would have been curious if the file was really empty, but there you go @celest wadi +rep

Gave +1 Rep to @celest wadi

Hello everybody, i have a problem with ping or ssh connection to machines. I tried it on both Linux PrivEsc rooms, and firstly they work fine, but after 10-30 second they doesn't respond to my input and even ping.

quick fire

Nope, doesn't helped at all

I'm having issue with connecting to access via openvpn

So what does your openvpn output say when they don't respond anymore?
Also, if you are using a VM, are you connected to a personal VPN on your host machine?

So what's the issue exactly?

That's really strange part because when machine doesn't respond, ovpn still shows "Initialization Sequence Completed". Connected to a personal VPN

So if you are connected to a personal VPN then that's most likely the issue

Oh, i mean i've connected to openvpn through ovpn file what THM gives

So are you using a Virtual Machine as your attacking machine ?

No, maybe I misunderstood. I first go to the command line on my OWN kali, enter sudo openvpn carnifex17.ovpn, connect to the network and hack the machines

Ye, that's all fine, my question was just if your kali is installed on your computer, or if your kali is running in a virtual machine on your computer

Ok, so it's installed on my computer

Alright then, if you run ip a s do you only see a tun0 interface or any extra like tun1, tun2 etc. ?

Yes, there are docker0, lo, tun0, tun1, tun2, wlan0

Strange...

Okay, then it seems you have multiple vpn connections, there should be only tun0 if you just connected to the THM VPN

Am i need to try reboot pc?

So run sudo killall openvpn
Then connect to the THM VPN again.
Wait a minute and run ip a s again to see if there is only tun0 now.

Now it's only tun0, so I'll go to test if the issue went away

Looks like all worked finely(Still there is some problem with wget downloading .c exploit, but at least ssh works)

Thanks a lot

If there are no freezes anymore, the wget issue is probably related to something else.
Make sure to use ctrl + c in the terminal where openvpn is running to properly disconnect.
Just closing the terminal might keep the vpn running in the background, which will then lead to multiple tun interfaces if you connect again

Thanks for explaining

Gave +1 Rep to @crystal marlin

Hi, so the question is how I can Reset my whole learning Path instead of resting rooms one by one. Thanks in advance 😊 .

No, only rooms one by one, unless you make a new account.

I mean that will work but i need to buy new sub to access pro rooms 😅 but anyways thank you bro.

Gave +1 Rep to @weary spindle

ayo all

im haveing an issue with the network DNS

im SSHd into my kali box and am running OpenVPN and have an IP via updating the tunnel but when I updated the resolve.conf and restarted systemd-resolved its still not updating DNS records and is saying the following (see attached image)

Hey I'm having issues with my openvpn. I've tried the regenerating the config file, changing servers, and the system time is fine. I don't have any vpn connections currently up.

It says /dev/net/tun is not there

Probably tun module not loaded

Check whether it is there or try to load the module

Kernel issue may be

Try this :
So create a bash script somewhere in your file system with something like this:

#!/bin/bash
mkdir -p /dev/net
mknod /dev be/net/tun c 10 200
chmod 600 /dev/net/tun
/etc/init.d/openvpn restart

Save it with 755 permissions and modify the root crontab:

crontab -e

with this content at least

@reboot /path/to/where/you/saved/the/script

how to change the country in the profile. because every time i change it and save/update after refresh it goes back to the previous one.

https://tryhackme.com/api/user/update-timezone
this should redirect to your dashboard and update your timezone

does it take too long to change? tried it and checked the profile. not updating

cleared all the cookies and then tried no luck.

make sure you don't have any other vpn running(other than openvpn)

should i connect to an openvpn and try the link you gave? or i dont need any vpn. im not running any vpn rn.

no need for openvpn, it should update after a while tho

Hii

Can someone please suggest a laptop launched in 2022 under 80k Indian rupees

ok. thank you. let's wait then

Gave +1 Rep to @celest wadi

this should be asked in general as this channel is for technical issue related to tryhackme

is tryhackme available in dark mode ? white mode sucks!!

not natively, but you can get the "dark reader" browser extension

will try

thnx worked

looks grt

Hey dude those 4 lines need to be placed between the line starting with 'Rex::Proto::Sssh::Connection...' AND 'rescue LoadError => e'. This would result in the app not crashing completely to begin with but rather throwing the warnings and continue on the operation on the version 6.2.6.

The kali team just pushed 6.2.7 onto the official rolling yesterday and it looks like its okay now as far as my testing goes. https://archive-4.kali.org/kali/pool/main/m/metasploit-framework/
Check it out and give it a go on your machine if you haven't solved the issue yet.

how can i contact support?

!email

thx

I am not sure if it's the right channel for the question, but:
I am switching to Pop Os and when I tried to boot to the Pop Os flash drive, in boot menu I there was the Flash Drive and Flash Drive, Partition 1. What could be the difference between both partitions?

Not THM related tech question should be asked in #infosec-general or #general

Gotcha. Do you want me to delete my message here?

Up to you, not that important

hello

can i get some assistance with vpn connection?

Always directly ask your question/explain your issue, if someone has an answer to it, they might reply

Downloaded vpn pack and got connected. Started the Brainstorm machine but seems like unable to get a connection. Since the machine is unable to respond with ICMP packets, nmap -Pn returns nothing too

But thm attack box works fine.

Can I have the target machine IP to try myself ?

10.10.7.173

Seems like im unable to attach screenshots in this chat

You have to verify first

!docs verify

Seems to work fine, what's the reply you get when doing curl 10.10.10.10/whoami ?

Result of FTP:

i used the EU VIP vpn pack

AUS Regular resulted the same too

Okay, but then you should be able to connect to the machine just fine, I thought your nmap didn't reply anything, the issue with the FTP is something else

my nmap didnt reply to anything too

Connect again to the FTP and the first thing you enter is passive to toggle off passive mode

Oh

Yes this works

Thank you @crystal marlin

Gave +1 Rep to @crystal marlin

Does anyone know what the buttons in the tryhackme breaching active directory room are for?

there is a start and then an extend then there is a reset

Start starts the machine if it's not running.
Extend will extend the timer.
reset will vote to reset the network, incase something isn't working, or maybe somebody has accidently (or on purpose) change something, it will go back to default state.

not a big fan of this room. Could not do nslookup on the IP address after following all the steps. Just would not resolve.

Can you cat etc/resolve.conf

And see if it matches your DC ip?

literally spent 2 hrs with another person trying to troubleshoot the issue with DNS configuration

Yeah tried that and input that IP in there

still no luck

Can you check whether it works for you?

Chances are we won't be on the same subnet.

Are you in the attackbox or a VM?

kali VM

loaded the vpn config file no problem

Did you follow the steps and change the systemd conf then restart the network manager? then changed /etc/resolv.conf ?

yes did all of that

Ok, try doing the nslookup as root

did not make a difference

Okay, what subnet are you on?

255.255.255.192

Is that what you're putting as the DC?

no

What i meant was

Can I have the third octet of 10.200.xxx.101

DC I put 10.200.55.101

Ah, I was wondering if we were on the same subnet, but we're not.

You might need to reset the network. (It's defiantly running?)

yep it can be pinged

DNS cannot be resolved though

when doing nslookup thmdc.za.tryhackme.com

How many votes to reset?

4 more votes needed

You could try leaving the room for an hour or two and see if it chucks you in to a new subnet.

ok

does your THM-IIS and THMDC have the same ip address in that room in the image?

I set the etc/resolv.conf to 10.200.xxx.101 as THMDC

And yes, they're the same.

Just double check you're using the correct VPN file.

Yep I am using the correct one otherwise it wont ping

BreachingAD

But like you said maybe its just an issue with a particular subnet

I can't complete linux fundementals because tryhackme won't let me start the machine and the attack box at the same time

if I start the machine for task 2 then try the attackbox, it says I can't have more than 3 machines open at a time

same if I open the attack box first

I've got no other tabs open and on my machine page it says the machine is idle

what should I do?

https://tryhackme.com/api/vm/running

go to that link and terminate the extra machines you have running :)

I get a json

no actual web page

and it says both machines aren't active

manually terminate the extra machines you have running

I clicked the power off button

but that hasn't fixed it

and I can't do anythign with the link you sent me

0    
roomId    "tutorial"
expires    "2022-07-21T16:26:09.584Z"
created    "2022-07-21T14:26:09.584Z"
internalIP    "10.10.7.154"
instanceId    "i-06e05ccbe2a976f03"
title    "Test Machine"
timeInSeconds    -23.067
remote    
active    false
waitTime    null
1    
roomId    "linuxfundamentalspart2"
expires    "2022-07-21T18:03:50.689Z"
created    "2022-07-21T16:03:50.689Z"
internalIP    "10.10.95.71"
instanceId    "i-0e079db706f810082"
title    "linuxfundpt2"
timeInSeconds    5838.031
remote    
active    false
waitTime    null```

that is all that's on the link

god,

https://tryhackme.com/room/linuxfundamentalspart2

https://tryhackme.com/room/tutorial

ah

I'm dumb

thanks

ctrl + c doesn't cancel commands like it usually does on linux, and ctrl + z doesn't put it into the background

anyway to cancel a command without closing the terminal in the attack box?

https://media.discordapp.net/attachments/692456966802374687/921063860318924800/clipboard.gif

the button above the one in this gif @trail ermine is the button to be able to send ctrl + key commands

ah thanks

no problem

your full gobuster command would help, but only using -u and -w should be fine

does it still give the same output if you don't specify the -o?

terminal size can sometimes mess it up, try going in one "full-screen"

Gave +1 Rep to @celest wadi

@crude barn I'm going through this exact same issue. Was there an update to the rooms and reset the completion status?

it's a bug with the site, check #site-bugs

old rooms get redirected to newer ones but the paths still use the old ones

Gotcha!

support@sharp bison ---- I'm new, where can I communicate with this?

nevermind.

hey, due to VM issues i reinstalled the VM, and i remember last time that my VPN connection had issue due to mtu , is there know issue with that ?

sudo ip link set dev tun0 mtu 1200

thanks

Why does the room that is link with the VPN to my kali linux keep getting cut off!? I did the thm-troubleshoot, but it keep getting cut off what seem to be every 10-30 min later.

A simple refresh does not work after it was cut off even once.

Trying to load openvpn with the *-breachingad.ovpn provided cert and I get quite a few errors thrown back

seems to be looping

been comparing it with my normal ovpn config and there's only one line difference but doesn't seem relevant for the cipher complaints it's having

oh wait ... might have got it .... need to replace "ciphers" in the config to "data-ciphers"

probably need THM to fix this in the auto generation script

try to regenerate .ovpn file