#site-support

Has that email received emails from TryHackMe before (i.e. newsletters, announcements, etc)?

just one to verify my email

Alright thanks. I'd probably just double-check your spam/junk folder (because we have the word "hack" in the name, some email providers automatically send it there)

if you don't get anything in 5 mins, try again, and if you don't get anything in another 5 mins, I'll ask one of our support team if there's any thing further you can do

thank you, I have tried several times today with nothing in my spam box or inbox

Sorry for the troubles -- i'll see if our support team has any troubleshooting tips. Otherwise, I'll point you to our support team (as shadow helpfully provided) to get your account recovered 😎

Lateral Movement and Pivoting, can't connect with openvpn after updating /etc/resolv.conf can ping thmdc can't do nslookup. Attackbox keeps dropping vpn connection, tried ssh with IP as well, still keeps dropping. Any ideas?

hey @astral reef can you show the output of your openvpn terminal please? Also, what subnet are you on for that network please?:)

(i.e. 10.x.x.x (fill in the x's)

Hi Ben, 10.50.46.39

Sorry, how can I attach screen shot of openvpn log?

Hey Malina, would you mind telling me what e-mail provider/service your email is with please (i.e. gmail = google, outlook = microsoft)

If you'd prefer to DM -- please do! We're looking into this on our side of things and knowing the email provider/service would be very helpful 🙂

You'd need to very using the link below - but something like imgur would be good in the meanwhile

!docs verify

I'll check the status of this network quickly

@astral reef I can't see any machine that has the IP address of 10.50.46.39 (not even 10.50.46.*) (is this the VPN IP for you device? could you show me the network map you see in the room please?) i.e.

Sorry machine thmdc is 10.200.48.101

Alright thanks! I can see on our end that the machines on that network are running fine. You can ping but can't nslookup right? This sounds like a DNS issue

ok, I added nameserver 10.200.48.101 to resolve.conf

nslookup thmdc.za.tryhackme.com
;; Got recursion not available from 10.200.48.101, trying next server
Server: 192.168.1.1
Address: 192.168.1.1#53

** server can't find thmdc.za.tryhackme.com: NXDOMAIN

it looks like my internet is playing up atm sorry

np

Change the server in /etc/resolv.conf

To the 10.200.48.101

this is the contents # Generated by NetworkManager
nameserver 10.200.48.101
nameserver 192.168.1.1

Can you browse the link supplied by the room?

Sometimes nslookup won't work

http://distributor.za.tryhackme.com/creds now I can, previously not...

Hey, I'm working through the Metasploit module right now, in the Metasploit Exploition - msfvenom section, when I click start machine, it automatically loads the attack box, usually I have to do that after first clicking that, and when it loads it just loads a version of Ubuntu with no desktop environment with no pre-loaded tools aswell, the User on the box is murphy, and I've figured out the root password via google, but I feel like this is a possible bug?

nevermind, scroll down more is the answer to my question :/

cool site though thanks

hey soo uhh just lost my streak 😦 got out late at work and timezone differences made it so i lost my streak tonight

anyway to get that fixed 😦

you can email support

!email

nvm still think its a bug

Mh? When you press the green "Start machine" button, it starts the target machine

Not the attackbox, so I don't see what the bug is ?

Hey thanks for responding, so yeah when I click the "Start machine" button it starts the machine aswell as opening an attack box, but the attack box has no desktop environment or tools loaded to it, it appears it's only on this instance, metasploit - explotation - msfvenom, as I went back to the path I was working on and everything loads like normal.

That's not the attackbox, it's the target machine, in this room the target machine gets loaded as in-browser machine

I seem to be getting a 404 error when attempting to download the OpenVPN file. Is anyone else experiencing this problem?

anyone know what could be causing ssh to hang indefinitely on thm machines

it basically always happens after a couple minutes (if not right away)

note im connecting through my own machine through openvpn and not through the website

things like webpages and such load totally fine so im not sure what the reason herei s

Anybody having problems with openVPN on kali Vbox?

Can someone help me out with this?

Use full screen in chrome

Please, how can my username be changed with losing my progress and as a student.. registered with student email. how can i get the subscription reduction

!docs student

Thanks... how about username change

Gave +1 Rep to @crystal marlin

Via email

!email

Do you get a Automatic response everytime you send a email to test support? ^^

I've always received one.

Because I tried to contact them But got no confirmation email 😄

I'm sure they still got your mail.

oh okay, maybe I am just impatience, sorry ^

When did you E-mail?

Sunday

no i didn't

What about if i delete my account, can i be able to re-register using the same email address ?

I guess so, but that's just a guess.
So best to ask that in your support email as well

yeah, i did
just wondering how long it gonna take for reply...

Hello, i am the only one on trouble with exploitad network. ? I wait for seconds and seconds after typing commands on thmwrk1 machine. After reset it is the same.

Same problem with rdp and ssh

I tried to complete this room this morning and i have the same problem this afternoon. I will come back this evening, i will see 🙂

Hey is there any helpline number to contact the support team

!email

There is only E-mail, see above.

Has there been a change to vpn recently? I used to be able to connect with openvpn from both wsl and "regular" windows simultaneously. Both on the same machine. This was to be able to connect with windows rdp and at the same time use wsl for reverse shells and such. It seems like this doesn't work since some time. I'm getting disconnects/reconnects, like only one connection is allowed at the same time.

Yes.

There was an E-mail & and announement.

But you shouldn't have been able to run two at the time?

About simultaneous connections? Or about regenerating config files? I have regenerated the config.

sup, not sure if this is the correct channel to ask but i cannot verify with the discord bot, could the problem be that I left the server after verifying once?

If it's a different account yes, if it's a new account it shouldn't be?

What error message do you get?

bot doesn't respond when I do !verify with token

but when I just do !verify it says i should use the token

You might need to ping a mod.

can I ping in them in this channel?

or should I just ping one

I'm pretty sure I was able to have two connections at the same time before, but not anymore. But I guess if that's not supposed to work maybe it was just some kind of misconfiguration before.

If they're online, sure.

In my experience, if you more than one open it will cause issues.

They would constantly restart.

yes, that's exaxctly what's happening

thanks! @broken bear are you available

It's a bummer though, since it made things easier by not having to use the web based attackbox interface as much

I've never experienced WSL before, but why not just use a VM?

wsl is running as a kind of vm already, that's why it needs a separate vpn connection. So running another vm wouldn't really change anything.

But if you're running Kali Linux on VB/VMware you'd just need to use that?

Or does your system not have the resources?

this is only an issue when there is a need to connect to the target with rdp and at the same time wanting to use my wsl kali instead of the attackbox. So it's just more of an inconvenience.

it was just nice to be able to use windows software and wsl/linux software at the same time on my local machine by connecting both through wsl command line openvpn and windows openvpn at the same time. But if that's not supposed to work I guess that's just the way it is.

What's going on?

discord bot isn't answering me when I supply my discord token

Did you check your DM settings?

yea, it responds when i don't put the token

i've been verified 2 years ago but i left the discord somewhen and rejoined now

did you change discord accounts?

no, i can still see old chat

I don't know what to tell you then - that's the extent of my knowledge about how the bot works. You dm the bot with !verify <token> and it links your THM profile to your discord account

hmm okay thanks for trying 😄

Problem solved, I installed freerdp in wsl and used that instead of the windows rdp client. Now I can do it all via one openvpn connection 🙂
Thanks for your answers though!

Gave +1 Rep to @weary spindle

oh boy there are tons of reasons why using wsl is a bad idea

a huge part of it having to do with networking

another huge part of it having to do with access to your host machine and problems that could cause

a normal virtualbox vm is safer and does not have said networking problems

I have yet to encounter any other issues than the fact that the network is nat'ed

but please, if there are any resources to read up on potential issues I'd be happy to know 🙂

some security issues surrounding WSL. partly why I dont use it

I personally haven't had any issues with networking through WSL, but you might wanna read up on how some of the scripts and programs you run inside it use python. specifically ctypes. a little hazy on details, but as I understand it, WSL uses ctypes to make API calls and invoke PS on the windows host. This can potentially bypass any AV installed and allow for malicious code to be ran on the Windows host directly. @naive dust

hey, I think I'm having a problem with the AttackBox for Operating System Security

sry, I'm just stupid and just figured it out. I'm a noob and didn't realize that while trying to ssh the password doesn't appear while you are typing it.

thanks anyways

Gave +1 Rep to @gray loom

Hello, I am having trouble with using machines on tryhackme. I am connected to OpenVPN and the machine in this room is working fine https://tryhackme.com/room/openvpn#. But all the other machines aren't working. I always ensure that I am connected to the VPN server, then start the machine and copy the IP address and paste it to the browser(chrome) and then it shows "Site refused to connect". How do I fix this issue?

Linux fundamentals 2

Oh, ok tysm

Interesting, will do some research of my own! Thanks!

Gave +1 Rep to @sleek jackal

It works now, thanks :)

I am unable to login to my acccount

what should I do?

Reset your password.

I tried to login to my account after a month almost and it asked for my credentials which was unusual as it I was always logged in (maybe there is a timeout period), then I go on to enter the credentials that are saved in my google account but it displays - "Incorrect email or password". Then I try entering it on my own but still it shows the same message. Then i reset my password , but still same response. Till now I have changed my password 3 times , still same response

done thrice already

My profile is visible publicaly

https://tryhackme.com/p/grizz9708

my profile link

are you using a password manager that is storing the password for you or auto-filling the field for you? Have you tried with another browser or even another computer? And yes, even if you keep the tab open and/or have the open to remember me selected, there is still a limit on how long a session can last before it times out or it expires.

never suggest doing this normally, but try using another browser (or even another computer or a mobile device) and try logging in. If it doesn't work, try setting the pw to something super generic to ensure nothing is getting mixed up and make sure caps lock it off ,etc

Tried all of it except the computer part but I also tried to login through my Android phone

same thing through your phone?

Yup

are you using a pw manager to hold the pw for you?

Yes but I also tried typing it on my own

do you have any other active sessions? like on another computer or inside a VM?

that you could use to at least make sure you can access the account and navigate?

did you change the email perhaps?

I didn't change the email and I don't have any access sessions in any vm

have you tried using your username to log in instead of the email?

and to clarify, I meant the value being input into the field. Are there any extra or hidden characters? Are you manually typing it in or are you selecting it from a drop down or auto-fill menu?

I would say try the username since it allows for either email or username along with your current password. If it doesn't work still, you can try changing the password once more, but I would suggest reaching out to support at that point since they may be able to see what is or isn't happening when you try to authenticate.

How to contact support

?

well normally through email

!email

!email

shadow lurking on me

Thanks guys

beat me to it

yup yup

no problem

try to be as clear as possible on explaining all the troubleshooting you have already tried as well as any potential variables recently which may or may not have inadvertently had an impact on you being able to log in.

For the sysinternals room, after starting the VM, and then starting the attackbox, I am getting a linux machine and not a windows machine.

if you look at the bottom on the right of the attackbox split view does it look like there are 2 tabs??? and if so can you click them to see if one is windows

Thanks for the response! I do not see any tabs unfortnately

There seems to be RDP creds provided

So that machine seems to not open in the browser

Oh got ya.

Thank you!

yeah that was the other possiblity

Hello, if I don't have a premium account on TryHackMe, could I get certificates?

Technically yes, but for some certs you have to complete a path and I assume in that path there are sub only rooms

I see thanks

Gave +1 Rep to @crystal marlin

hi noob here, I connected to openVPN on my mac, and am getting response for - "curl http://10.10.10.10/whoami" but when I run sudo openvpn myconfigfile.ovpn, I get "sudo: openvpn: command not found" error. Can anyone help?

i cant seem to open the evil shell php in owasptop10 room

it keeps giving server timed out message

i started a machine on a lesson but its not opening the machine

is openvpn in your path?

Hi, I am having issues connecting to VPN. The openvpn file hangs and when DL new config I get 404, is this a known issue or just me?

Change server, regen, change back to original server.

Great, thank you

Gave +1 Rep to @weary spindle

like magic, sorted.

if finally create a new account with the same email.. how can i reconnect it with discord

when i tried i got this response from TryHackMe Sorry, you already have a token on this account.

!tokenremove 917464985922338846

Done, no more entry with UID "917464985922338846".

Now try @upper leaf

Thanks

Gave +1 Rep to @bronze vale

i want to subscribe.. how can i get student discount .. i registered with my student email

the support ain't reply my emails

Dm me your email

Done

You’ve emailed three times withjn the last 24 hours, I’d like you to checkout how many site users we have and invite you to be patient

Alright, thanks

Gave +1 Rep to @bronze vale

But please take note that i recreated a new account today.. with my student email and a new username which i DM you... should resend an email correcting those informations ?

I can still keep my previous account and progress, if there is a possibility of changing the username

Not as separate emails, no

i want to preserve my previous and first account, so not to lose my progress but i really want to change the username

the new account was created today.. i can delete it if there is a possibility of changing my username on my previous account.. please can you confirm that to me

You already asked about that and got an answer, what other answer you expect to get by asking that again ?

You said THM as well as paypal is declining your card.
So to reach out to your bank asking about it is really the thing you should do at this point

please🙏 can i get a confirmation that my username can be changed.. then i will deleted my new account and put back my email in the previous account, i really don't want lose my progress the previous account

You are being very impatient.
If you get an answer to your question in here, that's fine, but don't push on it if you don't receive one.
Wait for support to reply to your email and go from there.
Also, I don't see why you would lose progress on your account.
A username change should also be possible, but is done via email.

Thanks you very much

Gave +1 Rep to @crystal marlin

Hello! I tried to configure OpenVPN to work with tryhackme but it seems that my internet provider has blocked it along with some other VPNs since it stops at "TLS: Initial packet from [AF_INET]...".
Is there any way to bypass that? Maybe open a connection through a different port or smth else?

To any mods out here. Tutorial "Upload Vulnerabilities" "/room/uploadvulns" Task 4, the upload site automatically redirects to youtube: Rick Astley - Never gonna give you up.

I read it, finished it, but demo.uploadvulns.thm doesn't work like the tutorial demonstrates

my bad

Hello! I want to buy premium. When I click I get redirected to chargebee. Is there a way to pay via stripe or skrill or something else?

We use ChargeBee for subscriptions.

If you want to pay via stripe, you have to purchase a voucher: https://tryhackme.com/subscriptions

The problem is that to get a student’s discount you shouldn’t pay with vouchers (email support told me). They can be bought with stripe. On the other hand the normal purchases use chargebee. That’s a pity :(

Hi, yes, I am email support

I don't understand why you can't use ChargeBee?

Due to privacy reasons 🙃

Thank you for your support!

I will probably use chargebee in this case

I found the solution. In this case I started another VPN on port 443 and then started OpenVPN with my ovpn file. Now it works!

Hi just wanted to inform you, that my OpenVPN file got broken.

Last event messages:
2022-10-26 19:07:47 UDP link local: (not bound)
2022-10-26 19:07:47 UDP link remote: [AF_INET]34.253.19.14:1194

if someone else encounters that kind of issue:
Downloading the file from the access page led me to a 404 page, and regenerating the file did the job. Maybe the OpenVPN Access file gets deleted from the VPN Server after some time passed?

How old was that vpn config?
Since there has been emails going out to regenerate and download a new one due to recent changes

If you receive a 404 when trying to download, just regenerate again, wait a couple of minutes before pressing download, then download

Hello, how do I start WIN machine in windows fundamentals 1 without Remote Desktop? I can't also use AttackBox because it's only for 1 hour a day. Is there a way to run the machine or I have to wait till tomorrow?

You can connect to the THM VPN from your own attacking machine, then you will be able to RDP into the target machine

!vpn

Actually the target machine for that room starts within the browser

So there is not even a need to rdp, unless you want to

Oh so I just search the IP address in browser?

No, you just start the target machine and it's opening in split view, same as the attackbox

Just with the difference that it's not the attackbox

Oh, okay. Tysm!

Oh, maybe i missed it 😄 I think the vpn config file is like 1 or 1,5 years old 😄

i am newish to tryhack me and im getting real frustrated with the attack box

when i launch ubuntu it keeps on failing after a few inputs and resetting

The TryHackMe remote server is not currently reachable. Please check your network and try again.

any idea what im doing wrong?

was able to resolve, by adjusting path. trying to ssh into attack machine, I have been trying with my userid and then tryhackme@ip address, neither one works. Should I be using some other user or is there some other way to SSH into attack machine

You said you're connected, and you can reach 10.10.10.10.
Why are you trying to connect again with the sudo openvpn command? You're already connected.

what is the king of the hill chat room??

#koth and #koth-voice-chat are the channels on discord for king of the hill stuff

and king of the hill is competitive hacking game where you fight for flags and root/king

Please un-link me from discord so that i can re-verify with my previous account
when i tried i got this response from TryHackMe Sorry, you already have a token on this account.

DM me

hello i have a problem with attack the box whenever i launch it i only have a kali terminal even if its a room that requires a window machine

Hi, I can't download my OpenVPN file.... I get an error 404

https://tryhackme.com/forum/thread/60a8285f4690ff004909f3cc
Same problem appears to be more people

Im getting this error when i try to connect on openVPN on my kali vm

sudo openvpn /path/to/flprosa96.ovpn
Options error: In [CMD-LINE]:1: Error opening configuration file: /path/to/flprosa96.ovpn
Use --help for more information.

the ovpn file is on my download directorie

yeah its working now

thanks lol

my bad

had to go to tryhackme.com/access

oh, help time...
I've got a different account connected to my discord than my actual THM account
Could an admin/mod help me to reset my connected account?

DM me about it

Hello, so I forgot my password but whenever i put in my email for the forgot password link i never get the email. I have tried multiple times

spamm folder ?

nah

and i know i get emails from them cuz i got the bill

Hi everyone, how i can change my country in my public profile? im not from UK :c

https://tryhackme.com/api/user/update-timezone click on this and after check. you will be redirected to dashboard

thx!

this is an iffy question, and I hope there's an answer:

Usually browsers only zoom out up to 25%, is there any way to push the limit? maybe to 10% or 5%?

What browser do you have?

https://chrome.google.com/webstore/detail/zoom-for-google-chrome/lajondecmobodlejlcjllhojikagldgd

Try this maybe?

that works perfectly!
thank you, I never thought that there would be an extension for it, always thought that the settings needed tweaking

once again, thanks for your help 🙂

Gave +1 Rep to @glad oyster

I have a problem with the ssh i don't know why i'm connected to the vpn http works but ssh give no output (room: Intermediate Nmap) can you help pls

Where does it say you should ssh into the target machine ?

Or you already at the stage where you found the creds?

I found the creds and i need to connect to ssh with the creds but when i type ssh ubuntu@ip-add i got nothing no output no place to put password nothing it's just like bugging

Is your attacking machine a VM?
And if so, do you have a personal VPN running on your host machine ?

yes i'm useing a V.M.

no idon't have any host on my machine

i'm just using openvpn on the VM

If you check ip a do you only see a tun0 interface or any extra like tun1, tun2 etc. ?

Only tun0

Sounds like MTU.

sudo ip link set dev tun0 mtu 1200

Try that in a terminal, then retry ssh.

Thanks mate it works now

Gave +1 Rep to @weary spindle

What a blatant steal of rep 😄

+rep

Gave +1 Rep to @crystal marlin

Sniiiipe 😄

Is the tryhackme website really safe for payment???

Yes.

I had bought subscription 1 week ago from other's card since I don't have card and today also someone tries to pay from the same card and also on that day there were two payments made for which I have written mail to support team but they say only one payment have been done. I have also send them the screenshot claiming to have two payments. Can someone suggest what to do now????

If support said there was only one payment then that's what's happened.

Support is the only person that can help with this matter.

And who was the one requesting for payment today on account of tryhackme ??

🤷

You really need to contact your bank

And pro tip: don’t use someone else’s card, it becomes really hard when asking for information

hey, yesterday I bought 1 month of premium but I still can't access the premium rooms, I didn't receive any confirmation email but I can see the transaction movement on my bank account. what can I do?

!email

thank you

Hey, is it possible to do task 12 in Content Discovery without attackBox? https://tryhackme.com/room/contentdiscovery I am stuck on executing those commands. It says that it can't find the common.txt file, which is the wordlist. How do I get that wordlist so I can execute it in my computer?

You got a VM?

I don't know if I have virtual machine, sorry. How to check wheter I have it?

How do you normally do THM?

Start the machine, use OpenVPN and open the IP in browser or use SSH to connect via terminal

So Kali?

Yep, I use kali

Install SecLists on your Kali then.

Oh ok

Or, you can take the wordlist off the attackbox using a python server.

I am installing seclists :) Tysm.

hello all, im having trouble connecting to the vpn

any help would be highly appreciated

It'll install it to usr/share/SecList btw, not usr/share/wordlists

Small annoying detail

I have my debit card but credit card was must for the payment. So I had to borrow it. And also this was the first time something like this has happened to me. I think the customer support on TryHackMe should improve its service. As we see it is a very good platform to learn for giving a better service will be good. And till now also I don't know how the credentials of the credit card got compermised. Very unsatisfied of the customer service. Except for that its a veryy good platform.

This discord server isn't customer service

Nor is it technically support

I'm sorry that you feel that way.

When a payment doesn't show up on our services, there's nothing we can do, whether you're happy with that or not I'm afraid.

Anyone else having issues resetting a password? It won't email me the reset password link

Kind of a vague issue since I'm sure there aren't a lot of people trying to reset their PW atm

Did you check spam folder?

I've checked everything. I know I'm using the correct password but still won't let me log in.

Are you putting in the right email?

Yup. Same one they use to send me my bill

Or receipt I should say

Are you getting any other emails to that address? From anywhere?

Could be an issue with the provider

Yup no issues with that email address from anywhere else.

Send yourself an email to test

I did from my work earlier.

Yep, you're right, I already figured it out.

That's...weird, did you get the recent VPN change email?

I did yes and my latest receipt for my monthly subscription. I emailed support but it will take 3 days. Just wanted to see if anyone else is having the issue

I'm running openvpn version 2.5.7, and still cant get connection established message

Best to show the openvpn output you get.
To share screenshots you have verify first

!docs verify

Did you already regenerate and download a new config file on the access page ?

yes

Also trying to switch vpn server ?

also yes

Was it ever connecting previously?

yes i connected to it earlier today

Since it last time connected, did you change anything?
Like having a personal VPN on your host machine, in case that's a VM.
Trying to connect from a different network etc. ?

literally nothing changed

try to regenerate new file?

my windows machine was scheduled to automatic restart and download an update... it happened while i was solving some stuff

since then it never worked...

i tried regenerating a new file, changing the server, checking my network connection

Are you using bridged or NAT in your VM settings ?

nothing worked

NAT

Might want to try changing to bridged to see if that changes anything

sure in a min

sorry to jump in late but have you also tried the fix in the pinned message ? changing the "cipher AES-256-CBC" to "data-ciphers AES-256-CBC" in the .ovpn file

yes although my version is 2.5.7

its not connecting to a network 🙂

Anyone have advice for me to get a new holo vpn config? Keeps giving 404 when I try to download. Other networks work. Tried other servers. Left the room. Signed out of THM. Cleared cache. Re joined. But no luck.

can you help?

My premium subscription is not active plus I've lost all of my gained levels

PS I'm not talking about streaks

so i got try hack me and the attack box was laggy so i got vmware and got the newest version of kali linux to do the first box where you need to hack into the bank. I got gobuster and installed seclists correctly i think but everytime i try to use it its not showing up

it says error on parsing arguments: wordlist file "common.txt" does not exist: stat common file or directory

i used gobuster dir u- https://10.10.82.226.com -w common.txt dir

Guys I just broke a 195 day streak and Im sort of freaking out, I know I didnt miss it, I schedule the same time every single day to do it. Please is there anyone who can look at it? I worked so hard on this.

I did my challenge today and it said streak 1 at the same time I always do it

try refresh page

I did, I even did extra challenges. Tried on 2 devices as well and it says the same on both. At first I thought thats what it was and even logged out and back in

The error means you have dont have common.txt in your current working directory

Im gonna be so freaking bummed if something caused it to break

you can email the supportr if you lose strike to gets restored for you

gobuster dir u- https://10.10.82.226.com/ -w /usr/share/wordlists/dirb/common.txt dir

I got it to work now thank you, but when the scan finishes it doesn't show /bank-transfer like it does through the attack box

It shows some others like /css /fonts/ images but it doesn't show /bank-transfer

Is.... bank-transfer... in the common wordlist? lol

The way that works is it takes every word in the wordlist and jams it at the end of the URL to see if it exists. So, if bank-transfer isn't in the wordlist, naturally it won't show up in the scan. I cant speak to any discrepancies between seclists and the list on your box. But that would be why it wouldn't show up. You can also always check /robots.txt files on web servers to look for possibly hidden pages.

im not too sure, so seeing as seclists as a ton of different txt files would i have to use every single one to find as much as possible?

so for now im guessing i just need to use the base one that comes with kali in order to follow the tryhackme boxes

or rooms

Dont' just use all the wordlists. They are separated by source, it does not make sense to use a wordpress enumeration file for hash cracking.

ah ok thank you!

I lost my 50 day streak because I wasn't recieving the email to reset my password as I was on mobile away from home. Email just never came. I have a streak freeze I was unable to use. Do I have any options to fix this?

That room is best suited for the "split screen" machine that comes with starting the machine in the room.

As www.fakebank.com is a real website.

I know you've used the machine ip, but the word list used for that room is also on the Desktop of the machine.

Hello all, I'm not able to download vpn config

Regenerate your openvpn config

The page itself isn't working

this often happens with me. Try open in new page and click again in button. I know this not making sense, but is the one of ways i found to ""bypass"" 404.

Can i cancel my subscription before the ending date ?

I believe it works like other subscription services in this regard, you cancel and you get the remaining time until your renewal date

@bronze vale

Is it like this for most machines?

Or rooms

Just a minority.

Awesome thanks

Hi, is anybody has a problem with THM server ? I can't connect to few machines ...

even by split screen ..

Please explain more detailed on your issue

Hi, i wanted to connect to a windows machine but since it doesn't work like on Linux where i just use ssh i don't really know which program to use for remote access to the desktop

Use Reminna.

hey fam,
if the connection to the thm network is all good, but no ping replies from a machine, network just too busy? ..have tried a couple machines, set new server, no openvpn config file

I'm in the Basic Pentesting room and trying to use enum4linux to enumerate the machine. However, it is not able to connect. Receiving an error of "Cannot connect to server. Error was NT_STATUS_NOT_FOUND"

@crystal marlin. Tried to connect 3 machines Hackerween, i'v Got ip but split doesnt work, i couldn:t download vpn pack too.

Are you connected using a vpn or the web based machine?

vpn

ok. perfect. I just had this problem myself. 🙂 Try this: https://www.reddit.com/r/Kalilinux/comments/tchtlh/ping_does_not_work_in_wsl2_kali_linux/

Oh. That's also for WSL.

Are you using WSL?

Though maybe it will still work.

unfortunately not, but good to know!

can get ping replies from google and other devices on the network, can ping the thm 10.10.10.10

Not all machines respond to ICMP Request

Just cause you aren't getting a ping back doesn't mean anything is wrong

In fact,. A lot of machines on THM are configured this way

Try an nmap scan

What you mean by split doesn't work?
What do you see in your browser then ?
So for the warzone machine for example ?

didn't think of this, thx

Gave +1 Rep to @sleek jackal

Yup yup

https://tryhackme.com/room/nmap01
is a great room to tell you how to figure out if a host is live or not

Unsolved: Can you help the THM team?
I've got a premium subscription but is not displaying active plus I've lost all of my gained levels
PS I'm not talking about streaks

Did you email support already?
If not, you will have to reach out to them via that

!email

ty, will check it out

no problem

the entire nmap module is actually very helpful to go through

thanks

Gave +1 Rep to @crystal marlin

@crystal marlin After 99% i see an error communicate and " trying to recconect".. And over again

Are you using any personal VPN on the machine your try to connect from ?

I always use vpn pack from Access - - HTB

No I'm not asking about the VPN used to connect to the THM or HTB network, I'm talking about a personal one, like Proton, Nordvpn etc ..

None

K, well try a different browser or try to open the website in your VM to see if it's working there
Other than that you might have to get to download the VPN config.
If you get a 404 there, try to regenerate and wait a couple of minutes before trying to download it

@crystal marlin 👌, thanks for advice. Adam

Gave +1 Rep to @crystal marlin

Hello. I have a problem about accessing the lab website (room: Authentication Bypass ; Task: 2). When i go to the link provided (http://10.10.162.210/customers/signup), it loads forever. I'm connected to OpenVPN (i checked via the Access page), i also have access to all other websites (like Google), its only this website i can't access. Anyone know how to solve this? I can't do the lab at all without accessing that website

yuup check the vpn troubleshoot script

as that website is accessable to shadow so somewhere in your vpn connection lies the problem

I followed every step, come up in the end with this output:

[+] Connectivity checks completed!
[+] You are connected to the TryHackMe Network
Your TryHackMe IP address is: 10.14.35.10

Still can't access to that website (http://10.10.89.165/customers/signup). It loads forever like i said before, this is weird huh

No idea if this work but try to clear chace maybe?

Alright lemme try

Nope doesn't work, i even restarted the machine but still nothing

The connection has timed out
The server at 10.10.89.165 is taking too long to respond.

only tun0

The vpn troubleshoot would have picked up multiple tun*...

I changed VPN servers from EU-VIP2 to EU-VIP1, launched the github script and got same output as above (successfully connected to thm network) so i don't think its vpn servers

did you regen the script and wait?

Just in case, this is the output of the script:

[+] Stable internet connection
[+] OpenVPN is installed
[-] tun0 interface does not exist
Would you like the script to attempt a connection automatically (Y/n)? Y
[+] Connecting....
[+] Connection Process completed successfully!
[+] tun0 IP is in the correct range
[+] Only one instance of OpenVPN is running
[+] Confirming connectivity
[+] MTU value OK
[+] Connectivity checks completed!
[+] You are connected to the TryHackMe Network
Your TryHackMe IP address is: 10.11.7.66

Happy Hacking!```

Yep, redownloaded the script, regenerate a new certificate, repeated the process

Just in case, this is my ip a s output: https://pastebin.com/ZthbScpK

You can send screenshot if you verify

!docs verify

Yup thanks, so this is the screenshot about ip a s:

can i change my thm username?

Email support. And ask politely

!email

What room are you doing?

Authentication Bypass ; Task 2

Username Enumeration

Can you go to the ip?

Then go to the required page manually?

So going on http://10.10.247.127 and adding /customers/signup manually?

No, clicking customers hyperlink etc.

No it doesn't work either

Did you try accessing that website on your side?

No, I'm not on my laptop.

I see

Someone have an idea of how to resolve this weird issue please?

Quick fix, use the attackbox

Yeah i guess, anyway thank you for your time.

So even more basic, first step would be to try and ping it

If you can ping it, then you move on to more troubleshooting. If you cant ping it you definitely have an issue at the VPN level. Also reconfirm the IP you're hitting is accurate and the machine is still spawned

However based on what you're showing, I do not think this is a VPN issue

Ping actually work

Okay so you can get to the box, your VPN is indeed working

Yup

So likely, this is an issue with the service on the machine. And Im just catching up. Did you terminate the machine and respawn it?

I did 3 times yeah

can you curl it?

I even switched VPN servers 2 times, regenerate certificates, redownloaded the GH script

curl IP/path

Yeah it works. wtf

Okay this is good

So let me ask you more about your setup

My local Burp proxy is turned off just in case:

Do you happen to have your browser pointing to burpsuite and burpsuite closed? OR

okay haha

Its definitely something with the browser. I think. How is your VPN connected, are you connected to VPN on your VM and using the browser in your VM?

Yea, i'm connected to OVPN on my VM and using Firefox on the same VM

No proxy are setup on firefox, i'm using default connection settings

We're getting closer at least:

• VPN Works
• Ping Works
• Curl Works
• Burpsuite off on foxyproxy
• No Proxy setup

Yup exactly, i'm still looking around on my firefox settings but i'm 100% its all by default because i never touched it

Is there another browser installed to test with? I dont have my parrot or kali vm's up right now so don't remember

Lemme install chrome rq

If it does work in chrome, then naturally we can at least determine theres something off with firefox

but at least you can get on your way. Also naturally since you can ping and curl it, you can still still continue working with your CLI tools in the meantime

So you should be able to get through task 2 while you figure all this out

Can someone help me out with this?

which metapackages are used on the Kali Machine?

how are you trying to access it?

Thought I'd get back to you, in case you haven't found a way to do it.

But the webpage worked for me when I tried to access it.

Ladies and gentlemen, have any of you experienced the shell duplicating your command when pressing tab to autocomplete? And how did you solve it? I am using Kali and ZSH 5.9
Here is a visual reference

Hi there, this channel is for THM related support, I see you already posted in general.

Someone will answer eventually, however Sunday is a big of a slow day.

Thanks Scrubz, I wasn't sure where to post this question, is neither general nor THM related 🫥

I was doing linux privilege escalation room and in task 11 Privilege Escalation :NFS I am getting the same error every time as 'GLIBC_2.34 ' not found. Can you tell me the error as I tried everything but the same error again and again.

Hello! I'm trying to connect to the vpn but it's not working for some reason.

Tried to use the troubleshooter but it doesnt detect that OpenVPN is installed despite it being in the system (Used it for HTB too and it worked there)
It just hangs and doesnt want to connect

Using Black Arch

Did you try to change server, press regenerate and download a new config file already?

Yep

EU, US, IN

Could you ever connect to the THM vpn previously ?

I havent done any rooms in over a year but back then yes

Is this a VM that you try to connect from ?

Yes

VirtualBox

Athena-OS Blackarch

Any personal VPN running on your host machine ?

Using NAT-Network

None

You from a country that might block openvpn ?
In particular the UDP port, or you on a wifi or a network in general that blocks that port?

I think HTB uses TCP, thus it might work there but not here

Maybe my uni is blocking it? I'll try again when im home

Uni is more than likely blocking it.

Had an issue with Fortigate blocking some stuff before

Ye, there is a good chance it's blocked since you said it's a uni network

cheers for the help

will update you in a bit

You could ask the Uni ICT to unblock port 1194.

theyre off for the day but I'll ask them tomorrow

yep it's my uni

vpn's working now

Fantastic.

They may or may not unblock 1194 for you.

If they don't, you'll still be able to use an Attackbox.

Happy Hacking!

Hello, I'm having a problem with my uploaded VM, I uploaded a Windows Server 2019, and the materials tab showed my VM is successfully converted, did attach the VM to my room. But when I pressed start machine it just did nothing, waited for like 15 minutes, refresh and still can't start my machine.

Hi guys, for the LinuxFundamentalsPart2 room, Using SSH to Login to Your Linux Machine.
I started the attackbox, entered ssh tryhackme@MACHINE_IP , but the password provided "tryhackme" does not seem to work, what am I missing here?
ssh tryhackme@10.10.87.55 in my case.

did you copy/paste password or manual entry ?

manual

Are you typing the password correctly?

Do you use a mouse?

Not sure how to answer that, I have been a programmer for the last 30 years, all I am saying is that the password provided in the documentation is not working for me. Yes, I use a mouse. And I have keyboard.

Copy the password and when you click on the terminal

Hit your mouse wheel.

Permission denied, please try again

or Ctrl+Shift+v as paste

Just to confirm, the IP is the target machine, and not the attackbox.

Well, that also does not make sense to me, the IP I try to ssh into, is the attackbox, but those are the instructions.

Did you press this button?

So that box appears?

Would my terminal be open if I didn't?

i also cant connect to that ip that you provide

No.

And Yes.,

That button starts a different machine.

I will start over now. I will terminate. And follow your guide

DONt

Stop your attackbox.

I just scanned your IP that you gave and that looks like the Attackbox.

OOPS, sorry, too late. Starting a new one.

out of scope. I also rly like crypt serries. old but good

Going forward, Screenshots will help troubleshoot your errors.

!docs verify

If you want to verify your account.

@royal mural

You need to send it here @sharp bison

Ok thank you

There we go.

Were you able to spin up a new Attackbox?

Yes, because you're a sub.

Well, I did as instructed and clicked on Start Machine, now I see my IP on top but the actual box is not yet there. I assume now I need to start the attack box?

Yes.

Attackbox is the box your attacking from.

Any rooms with a green start machine button is the "victim"

y0. anyone know a way i can keep the openvpn connection alive without having to interact with the website? if im running an extensive gobuster/ffuf scan, after a while of leaving it alone, the vpn will die out and i have to reconnect

if it dies the gobuster/ffuf doesn't scan the directories properly correct?

The VPN shouldn't die out, is your connection stable?

Are you using the latest open VPN file?

yeah

latest open vpn file. and i'm direct connect ethernet to modem

i thought its supposed die out if it goes idle to long?

No luck

@royal mural are you sure you're using correct password?

You aware you try to ssh into the attackbox?

do a right click and copy and paste it to a text file to make sure its correct output and then paste it in the terminal if it is. sometimes the copy paste doesn't work properly

tryhackme is suppose to be the password. I typed correctly as the user

case sensitive to

sorry, its all the same. I copied it, I typed it, it's just not the right password

Uhm, it seems you didn't understood my message.
You are trying to ssh into your own machine (your own attackbox) rather than to the target machine

what is the IP of the target machine please?

Let's use the IP address of the machine displayed in the card at the top of the room as the IP address and this user, to construct a command to log in to the remote machine using SSH. The command to do so is ssh and then the username of the account, @ the IP address of the machine.

Hi how can get a new external IP address for my tryhackme account?

that yellow line has to be the thm ip

switch servers @naive dust

you shouldn't need a new one tho

Doesn't for me and I'm pretty sure @weary spindle also keeps it idle a lot (?)

What's the error message when you disconnect

@glad oyster scrubz?

Maybe try run openvpn as a service

so you know how when you connect the vpn it says initialized

after a while goes buy it shows some different output

thats a disconnect ?

yeah. i use sudo openvpn

Ok, you got me

I have it working

@royal mural @crystal marlin is hte one who found it

i just highlighted it for you to make it easier

but glad its working

I am not sure I can get back out the whole I just dug, but thank you all very much. This was painful.

Yup.

Its always on.

retracing your steps is always good for learning to get back where you were

if you can't get it again then you didn't learn the concept

from time to time you will get it all. is bit complicated on start but we all get it

@weary spindle oh so even if it doens't show that initialized message, that doesn't mean it died

yeah. it will all start getting clearer and clearer for you @royal mural

don't get discouraged

anybody seen this before, im unable to run the vpn file. never had an issue before until now

When was the last time you Regened it.

regenerated VPN file?

Yes, there was an E-mail and an announcement went out to Regen the file.

Everyone had to do it as changes were made.

#announcements message

it changed shadows vpn ip....

It changed everyone's I think.

at least shadows new one is even easier to remember

I set it as the name of my VM.

shadow weird and not use vm for most tryhackme hacking

!docs verify

Tey verifying

!notify

Hi do you know how to solve the bloodhound json read issue "file created from incompatible collector"

You have to make sure bloodhound's version is compatible with collector's version

I see thank you

no welcome, look carefully when running the collector, I remember it would notify you the compatible bloodhound version

I'm running post exploitation basics room

Will it be better to downgrade the bloodhound or upgrade the sharp hound?

on your attack machine just git clone the bloodhound repo, then tranfer sharphound to the target & run it

by the way u should post in #room-help

this channel is mainly for technical problems

Ok cheers

is it possible to change the username in anyway apart from having to create new account?

Email support.

!email

Hi there, I'm trying to access the room dedicated to using & practising the find command within Linux. I'm following the link from within Task 6 in the Learn Linux Fundamentals Part 1 room. When I click through, the response I receive is "Room Is Private" and "If this is an error on our behalf. Please contact us.". I pay the monthly subscription so I think I should be able to access the room. I could be wrong, I'm super new 🙂

No, it doesn't work like that.

The room is private, possibly it's older content and now deprecated. So it will not longer be used.

Ah ok... so it's not me then! 🙂 Thank you 🙏

Gave +1 Rep to @weary spindle

Hello, I'm having a problem with my uploaded VM, I uploaded a Windows Server 2019, and the materials tab showed my VM is successfully converted, did attach the VM to my room. But when I pressed start machine it just did nothing, waited for like 15 minutes, refresh and still can't start my machine.

Hi
Please an someone tell me how I can free up my root partition on kali linux?
I allocated 42gb and it's full.

Have you tried deleting stuff you don't need? Unless I'm misinterpreting.

Here's the required information for getting VMs to work in AWS. Also, if you haven't, you may want to ask a mod for access to #creators-lounge when they are around.

https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html

Also, you need to have the vm you upload in BIOS mode and not EUFI

Hi https://tryhackme.com/room/flatline any1 able to use the box? it's been 13mn and cant ping it...

Thank you, I will check my VM again

Gave +1 Rep to @woeful hedge

Yes I have but it's all good now
Thanks

Gave +1 Rep to @woeful hedge

umm

i installed virtual box and tried booting kali linux but its aborting everytime

Question related to getting started with THM. I noticed that when looking into a subscription, payment is not in dollars. It says I am based out of the UK but that is certainly not the case.

I'd you're in UK and you load up an incognito page it will show £

It's just a visual bug.

No I need it in dollars but it is in £

Only people inside England pay pounds

They need to update their country

Hello!

In the phishing emails 4 room, Task 6, 3rd question. (https://tryhackme.com/room/phishingemails4gkxh)
It reads as follows: "One packet shows a response that an email was blocked using spamhaus.org. What were the packet number and status code? (no spaces in your answer)"

The answer to the packet number is 156, which is the Frame number (layer 2)

Should it read What were the Frame number instead? Sorry if this question is in the wrong channel

python3 46635.py -u http://10.10.7.50/simple/ --crack -w rockyou.txt
File "/home/chellou/46635.py", line 25
print "[+] Specify an url target"
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("[+] Specify an url target")?
i found it in exploitdb CVE-2019-9053

The script is in python2, rewrite in python3

Or use python2

Hello Chamsou, this line:
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("[+] Specify an url target")?
Is a common indicator that the script is written in python 2

I would guess you have python 2.7 preinstalled in your system, so just do $ python2.7 46635.py -u ....

If you have both installed, you can change your default one with:
$ update-alternatives --config python

i'll try do this

thank you very much @lilac ether @jovial mango

Gave +1 Rep to @lilac ether

🙂

In https://tryhackme.com/room/autopsy2ze0, is there supposed to be a VM that I am supposed to use with this room?

I would say so, since there are RDP creds.
No idea why there is no start button

Thanks. I thought I needed to get my eyes tested.

Gave +1 Rep to @crystal marlin

cc @tawdry orbit

Please refresh the page. Should be available now. 🙂

Mhh, seems there is still no "Start Machine" button.
I refreshed with ctrl + F5

@zealous yoke couldn't stop thinking about your termination script and how it also stopped the attackbox, so I did some changes, this script will now terminate all rooms except the attackbox so you can still have the attackbox running

TO TERMINATE ALL RUNNING MACHINES
This script will terminate all running machines except your attackbox (or normal kali machine for subscribers), so you can still use it without having to start everything up again.

fetch("/api/vm/running")
  .then((r) => r.json())
  .then((vms) =>
    vms.forEach((vm) => {
      if (vm.roomId === "kali") {
        return;
      }
      fetch("/api/vm/terminate", {
        method: "POST",
        body: JSON.stringify({ code: vm.roomId }),
        headers: {
          "csrf-token": csrfToken,
          "Content-Type": "application/json",
        },
      });
    })
  );

Still not there.

Looking into it, might take a while though so I would recommend to try another room for the time being. 🙂

022-11-01 21:51:38 ERROR: Cannot ioctl TUNSETIFF lateralmovement: Device or resource busy (errno=16)
2022-11-01 21:51:38 Exiting due to fatal error

I get this error when I use the lateralmovement vpn

anyone can help ?

No rush. I'll check tomorrow. It's nearly bed time for me.

Do you have another VPN connection open or have you checked the device it's using in the config file?

I fixed it . I just had to reboot . thx !

Gave +1 Rep to @woeful hedge

Should work now. 😎

Should be there now. 😄

Tim, the (tool) man 💪

Cool. I'll check tomorrow..... Thanks for looking into this for me. Appreciated.

Hi! I’m having problems connecting any room , I prefer to use my own machine I chose east but it didn’t work then I use west worked for a while after that when didn’t work I download the west vip and worked but just for a while . Also the attack box doesn’t shows the rooms correctly.

I’m is east zone

Hi guys, I am wondering what I am doing wrong. I have a Kali box with openVPN, and I am trying to connect to an attack box, with the IP provided on top of the room.
But I get an error : tryhackme@10.10.91.221: Permission denied (publickey).
Its no big deal as I can open the attack box in the browser, but I would prefer using mine.
I can ping the IP fine.

Kind of that happen to me

I can’t ping the ip in my machine

And the openVpN is conectes

*connected

I am able to ping it, I am not sure why I get the denied message, it was working fine a few days ago. But the included box is just fine.

I don’t know if it is the same problem , but I try three different rooms that I started before and don’t finish , but I have my notes , so I though that maybe the rooms are old or expired like the HTB do. But then I keep trying randomly to see what happens and I got one that works in attack box. But I don’t like to work in the attack box 😬

I'm not sure if you mean the room, but if you're using your own VM you don't need to use the attackbox at all.

Have you checked the openvpn room or used the openvpn script on the THM github to see if you're properly connected?

Yes, I have my own box and I am on the openVPN but I am not able to ssh into the attackbox.
Let me check that now, thank you.

#site-support message

Here's a pinned message of some troubleshooting steps

The access page reports back that I am connected fine

Can you provide a screenshot?

Of the THM page and what you're trying to enter into the terminal

I didn't mean the Ovpn page

The machine info and your terminal

Do you have a link to this room? Can't seem to find it

https://tryhackme.com/room/idor

Or is it a sub room

no

It is, you better get a sub at some point 😄

I am right now

Lol

Nah I'm just kidding 😄

Task 7 is asking to start the machine

Where does it say you should ssh into the target machine ?

Too late

It does not in this one, but should I not be able to ssh into any of the rooms boxes?

I had a previous room where I needed to execute a bunch of commands from the terminal.

Looking at the instructions, there's no mention of SSHing

ok, yes, I am aware. Not in the current room.

No, only if the room is stating that you have to ssh in and provides creds, or depending on the room it would be required or is part of a challenge.
For this task it's providing you with a webpage you simply connect to and solve the task

Ok great, good to know.
How about this one:
https://tryhackme.com/room/authenticationbypass
Task 2, how can I get this done on my box when I dont have any of those files?

You mean the SecLists?
Can be just downloaded, should be even working with sudo apt install seclists I think

Or get it from github

/usr/share/wordlists/SecLists/Usernames/Names/names.txt

Yes, that's part of the seclists package

Ah ok, I was not aware, nor did I see instructions to get that but I might have missed it. Sorry about that.
Thank you everyone for your help, I learned a lot today.

I just saw the instructions towards the end to get it from gitHub, my bad guys.

Hi Team,

In order to obtain "365 Day Streak", I insist on practicing on the website of TryHackMe every day,
Last week, I had more than 300 days of progress, but today, when I checked my progress, it became 4 days,
I don't know why. I feel very sad. Please help me

Account Username: RBPi

You sure that you keept your streak going every day?

I'm not sure, because I have answered too many questions in the past 300 days. Where can I see my activity log?

RBPi, you can email support if you lost your streak. There is not a guarantee that it will be restored, however, it's worth an ask. Please keep in mind that support is quite busy and you may not get an immediate response.

!email

Thank you very much. I have sent an email for help.

Mmmm

What’s going on?

Finally I connected to the attack box , but I prefer my kali

Hello, I have problems with VPN since yesterday. The connection resets every 2-3 Minutes and I can't connect to any machine. I already changed the VPN Server (I am on EU-Regular-1 now, was EU-Regular-3 before), but the problem persists.

Update: Problem only occurs on MacOs (12.6). OpenVPN in Linux (Kali) works.

we will need @bronze vale when he gets 5 minutes to update this (#site-support message) as it's his message to include this (#site-support message) @pastel tinsel

otherwise nice stuff(:

Sorry this isn’t a democracy

Thanks, I am also working on optimizing the leave subscriber script, though it gives me a bit of trouble right now

Gave +1 Rep to @zealous yoke

hi!

i have a question over leaderboards. how often is the global/local updated?

Hi all, whats the most efficient way to have and sync the exact same kali vm copy (newly created folders and all) on two separate computers?

Hi I am looking to change my username on the website and it isn’t letting me is there some special thing that I have to do for that?

You have to contact support and ask nicely.

!email

Don't expect an immediate response, support is busy at the moment. Lead time is typically 3 days but no guarantee

Alrighty! Is there an estimated response time?

Oh awesome!

+rep @woeful hedge

Gave +1 Rep to @woeful hedge

Do you want it synced forever or you want it only to be the same on setup?

This also isn't really a #site-support question. Come to #infosec-general

oh alright ill continue there

Hello, I'm not sure if this is the correct room to ask, but I'll try. Why is room introtopython private for me? My friend has that room available for him, but when i try i cannot access it.

probably because it got replaced with https://tryhackme.com/room/pythonbasics

so there's no way i can access it?

well if it was made private it tends to be for good reason

like it being old and there being better alternatives

that's pitty i just wanted to try the last task.. thanks

well there is ways to join private rooms but dunno if we are allowed to share that or how bad of an idea it is to share and how much breakages it can cause

You're not.

thanks scrubz

I got a friendly warning for accessing lots of private rooms.

ah shadow has only accessed a few private rooms.... one of the ones shadow access often shadow joined before it became private and also completed long before it became privatre

the find command room that is

That isn't private for me.

Because I joined before it got locked.

TO TERMINATE ALL RUNNING MACHINES
This script will terminate all running machines except your attackbox (or normal kali machine for subscribers), so you can still use it without having to start everything up again.

How to use:
Copy this script, go to your browser with tryhackme running, open developer tools (f12 or ctrl+shift+i) and paste the script, it'll do all the work

fetch("/api/vm/running")
  .then((r) => r.json())
  .then((vms) =>
    vms.forEach((vm) => {
      if (vm.roomId === "kali") {
        return;
      }
      fetch("/api/vm/terminate", {
        method: "POST",
        body: JSON.stringify({ code: vm.roomId }),
        headers: {
          "csrf-token": csrfToken,
          "Content-Type": "application/json",
        },
      });
    })
  );

V2 API

fetch("/api/v2/auth/csrf")
  .then((r) => r.json())
  .then((authData) => {
    const csrfToken = authData.data.token;
    return fetch("/api/v2/vms/running")
      .then((r) => r.json())
      .then((vms) =>
        vms.data.forEach((vm) => {
          if (vm.roomCode === "kali") {
            return;
          }
          fetch("/api/v2/vms/terminate", {
            method: "POST",
            body: JSON.stringify({ id: vm.id }),
            headers: {
              "csrf-token": csrfToken,
              "Content-Type": "application/json",
            },
          });
        })
      );
  })
  .catch((error) => console.error("Error:", error));

@bronze vale ^ ❤️

finally got it to work

Could somebody direct me in a good direction, I’m trying to start THM via an oricleVM running Kali but I can’t seem to connect to the server. Ran the oVPN through the terminal and it showed as initialization sequence completed, but still won’t connect. Thanks.

try and run this script

!vpnscript

fair point... by that logic it is not private for shadow either

@pastel tinsel Great!! I just use the script and worked ! 👍🏻🎉Thanks!!

You're welcome

Hello! I remember doing this on a tryhackme room once, but i can't find the room or remember the method i used to do it :')))

How do i upload a reverse shell but in a .gif format?

the webserver i'm testing has a filter that only allows .gif files, but i found where you can activate the shell

i just cant remember how to upload a reverse shell as a .gif format :'))))))))))

oh yeah @crystal marlin I fixed up and optimized the leaving subscriber rooms that I talked about yesterday

Have you typed out the full URL as the inductions suggests in task 2? http:// ip /

I'm on my phone so I can't test myself, but maybe refresh your browser and the box you're trying to connect to.

Hi zius, this isn't really a tech support issue. My suggestion would be to go back through and see which rooms you have completed in order to find what you're looking for.

Is that machine still up?

If they restarted the box, it should be

Ye I guess they shut it down or restarted, since that IP seems down

Let me have the IP of the current target machine pls

Can you open a "new private window" in your firefox and try again, but make sure it's a "new private window" not just a "normal tab"

It can be done via the drop down when pressing the button top right in firefox