#site-support

it's already the second time in a month.. maybe to make it work i just need to close the subscription and move to HackTheBox...😝

I just generated a new euro-vip1 conf file

and change cipher to data-ciphers

it works well

so something is wrong with the conf file of Wreath network

can someone help me?

you can't change servers for Wreath.

Wreath has it's own seperate VPN pack.

yeah i think they're using the wrong config

i just tested a new wreath config and its working fine for me

i had a lot of issues with wreath last year but it was mostly fixed by rejoining the room

I change the servers because I want to see if it's the conf file or my openvpn has issues

let me generate anew config file

for Wreath

have you tried leaving the room and rejoining?

been do that all night

let me try too

Good Morning, I am at level 5 and cant tell where I was l last, nor where to go now. The only thing that shows up is the Offensive Security

just now genereated a new conf file

left the room

joined Wreath again

started vpn again

Same result

what should I do now?

Show me a screenshot of your wreath script.

ok

Here you are

brand new file

have not changed anything

Change cipher to data-ciphers

ok

Done

Started vpn again

the error is different

Are you in your home network?

yes

have you already tried restarting the actual vpn service itself?

i remember constantly having to rerun sudo systemctl restart openvpn

ok let me try that

Not for wreath?

iirc thats what i was having to do

been a few months now

For the other networks, sure.

restarted the service a few times

still same issue 😦

could i get a hand here? or am i just in limbo with the email team now?

E-mail once more please, there was a bug with the ticket system last week.

alright

Any idea about my issue Scrubz?

seems I can't continue with Wreath tonight

Will come back tomorrow night - hope someone can help

'cause I can only study in the evening

Sorry, I'm currently in the process of rebooting my pc

np Scrubz 🙂

I will come back tomorrow night - gotta hit the sack now - 10:00PM already 🙂

yea same i had some chipher issue

also it seems like i have to disconnect and then reconnect vpn to be able to access machines

like im able to access the machine for 2 min, then i will be unable to do so, if i restart vpn then everything is ok..this loops after n minutes

Can you send a screenshot of your VPN log please.

is it normal for thm vms to be really slow and have 100% cpu usage?

and taking forever to ssh to

Non subs have slower machines than subs.

Depends on what you are doing on it

im not doing anything

just logged in and checked the cpu

seems to be at 100% in htop

Screenshot?

don't have one rn

it was on a couple machines

from the linprivesc

most of them were at 100%

But how are you seeing the usage?

do htop in the ssh shell and it says 100% cpu

Mhm, it probably spikes up when you run the command, but they aren't always given a lot of CPU power

I believe it's one core

its possible that's the case too

hii guys, I'm currently trying to get a revshell on a THM machine with wsl (kali-linux) but even with the VPN ON I cannot get the revshell but where is weird is that I can ping the attacked machine. What am I missing?

Which machine are you doing?

Maybe there is an extension filter 😉

one question about the KoTH, if i create my own script by myself to see every surface which may be vulnerable and then root the machine automatically from that script, is it considered cheating ?

vulnerability capstone, but I guess I get why it's happening. I'm suspecting a NAT between wsl and my PC and I don't know why but there is no translation for the netcat

would anyone be able to help me unlink my discord token from the last account I had, so I can use it with this account? I deleted my last account a while back to free myself from social media for a bit, but didn't think about the discord token that was linked to it

I've been told that an admin has to do it, but was also told not to message an admin about it and not given any idea of which room I should post this in, so I'm trying this one haha

If anyone could help, thank you

might @crystal marlin help you

I forgot, no spanish. Thank you

just wait a for answer... mods might be busy o smth

WSL is not good.

Networking isn't great.

I'm guessing yes

I know haha

hi is it normal that the vpn start to pause and then it resume it self just after, only when the traffic is high (for example when i use dirbuster)

Does it restart when you run dir?

yeah like 1 minutes after i start dirbuster

You can DM me about it

Looks like you have multiple tun

thank you

Gave +1 Rep to @crystal marlin

Which could be the real reason for the restarts.

Can you do ip a s ?

and count the tun* ?

yep

there are 2 tun

isnt normal right ?

ps aux | grep openvpn?

No

sudo killall -9 openvpn

I see. I always kill one by one. Didn't know killall exist

done

now i restart openvpn ?

Yeah, and -9 is the SIGKILL signal, so it will cancel without anything stopping it

Yes.

restarted. let you know if it stopped again

I am super new... so hopefully this is a simple problem for someone to solve. when I OpenVPN in I get a connection, but when I "ip addr" I show no connection to the network? I also can't ping machines when they're running.

!vpnscript

might help you

Does the connection tell you it's initialized?

everything is green on THM side

What about the output of your VPN cpnnection?

last output 2023-04-20 13:47:57 Restart pause, 300 second(s)

!vpnscript

Run that script please.

Thanks.

it ask for the config path. is that the absolute path to an .ovpn file?

Yes.

Or you can put the two scripts in the same directory.

if it is in the same dir what should I do?

are they just now?

it says it can't find it and exits

Can you take screenshots and upload them by verifying?

!docs verify

Thank you.

I was about to fix the issue.

guys is it normal that the req is starting to get lower ???

same issue with ffuf and dirbuster

what room ?

mr robot ctf

try set -t to some number

This may be a commonly asked question, but I'm having trouble with the free tier attackbox. It doesn't allow internet connection, and so any room that requires connecting to a website doesn't work correctly. It loads the page, but cannot access js files from elsewhere on the internet, which breaks the page and makes the challenge not work correctly. Any advice?

I also have a paid subscription, which works fine, but I'm trying it out on a free account as well, and it's not working

the AttackBox just doesn't have internet on free accounts

Is there a reason for this? It breaks some of the challenges. Specifically, I'm looking at KotH, machine H1:easy.

I guess it's one of the incentives for a subscription if people want to stick to using the AttackBox, but I'd recommend having your own VM regardless of whether you're subscribed or not

Encourage people to use their own resources.
Ensure people who have Internet access have a certain level of identity, authentication, and agreement to abide by platform policies.

I could anonymize myself, create a free account, and use THM resources to attack the web.
Paid accounts have a higher level of identity verification at least.

got it. ok thank you

what do you mean ???

there is way to set number of amount request

ohh okok ill try this and i let you know

Hi I need help with my VPN for access the BreachingAD.
My Openvpn version is 2.6.1
I use the thm troubleshooting script to fix it but didn't work.
There is my log :

2023-04-20 18:25:50 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-04-20 18:25:50 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.
2023-04-20 18:25:51 Error: problem with tun vs. tap setting
2023-04-20 18:25:51 Exiting due to fatal error

huh

well that is a new one

Hello, I need help with Breaching Active Directory

oh sure what do you need help with in relation to said room???

*/network

I am using AttackBox, and when I get to task 4 I stop the service slapd and try the nc -lvp 389 but I cannot see traffic going through

it just stays at listening on port 389

well did you double check that the ip is right???

yes, I made sure that the server is pointed to my attackbox IP address

I also added a -s to specify the listening IP address and port but that didn't work either

I am pretty sure I am doing something wrong so I apologize for my n00bness :/

well dunno

hitting the save or test buttons also help

Yeah, thanks, tried that

Hi all, I'm on my Kali VM and connected to the VPN and can ping internal Virtual IP.
But I can't seem to ping or use nmap on the Active Machine that was created for the room. What is the possible problem here?

can you traceroute?

are you pinging the fqdn or the ip?

ping and nmap on the private IP of the machine that was created for the room

But no response

what happens when you traceroute, where does it stop?

First hop is
10.0.2.2 (10.0.2.2) 0.883 ms 0.301 ms 0.299 ms

Then just timeouts after

is that the VPN interface?

if its not then its a routing issue

Assigned VPN IP is: 10.4.23.155

So it's not routing to the assigned VPN?

you have a pc or mac?

PC

└─$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.0.2.2 0.0.0.0 UG 100 0 0 eth0

So how do you change this then?

On windows it would be something like "route add destination_network MASK subnet_mask gateway_ip metric_cost"

Can I change this in Kali or does it need to be on the host PC?

I'm sorry I just realized you were on kali, I'm limited there, I'm sorry

Ah ok, good start to troubleshooting this issue though

VIP/regular VPN refusing to connect.

• Regenerated file several times.
• Cipers amended to data-ciphers AES-256-CBC
• Tried the script but received an error message:
  [-] MTU value failed at 1000, aborting MTU check
  [-] Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum
• Adjusted MTU value - no effect.
• If I run sudo openvpn [file.ovpn] I get:
  2023-04-21 02:55:06 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 11
  2023-04-21 02:55:06 Timers: ping 5, ping-restart 120
  2023-04-21 02:55:06 Protocol options: explicit-exit-notify 3
  However, pinging the machine isn't possible.

Nice thanks. just need to add ip route entry.

Gave +1 Rep to @grand perch

It should auto-add the routes for you, but only if you run as root 😉

I start my VPN by running essentially "sudo ls; sudo nohup openvpn $file &; disown"

'cuz I'm fancy.

Oh, OpenVPN will do that for you?

For startup in Kali, I made a systemd service to boot OpenVPN to TryHackMe.ovpn config.
This doesn't seem to auto add to routing table, what's the recommended method for boot up running OpenVPN config?

            Description=OpenVPN service
            After=network.target
            
            [Service]
            Type=simple
            ExecStart=/usr/sbin/openvpn --config /home/kali/vpn/TryHackMe.ovpn
            
            [Install]
WantedBy=multi-user.target```

Often I find if you can't connect even after regenerating the VPN file, and verifying you don't have a conflicting VPN already running (check your "ip -c a" output for a tun0 adapter)

Is that you're up against a firewall that blocks OpenVPN.
But we can try to get more details

To your openvpn launch command add these flags "--verb 3 --log THM-VPN.log"

I just have a shell script I run that toggles my VPN on/off

openvpn --data-ciphers AES-256-CBC --verb 3 --log THM-VPN.log --config $file
(Exmaple)

It's been so long, hard to believe I used to be on of the top 3 contributors to the openvpn support mailing list ^_^;

Yeah, it just randomly threw me a different error this time so I'm rather confused what's happened. Either way - the command's hanging there in the air without any output.

CTRL-C to cancel a running command.
I don't remember if enabling the --log flag redirect all to log, or tees it to a log.

If you se a second console to check you might find the output is all going into THM-VPN.log

tail -f THM-VPN.log to follow it

I ran the script again - it's complaining about MTU value.
The command you suggested - am I looking for anything specific?

2023-04-21 03:18:08 Initialization Sequence Completed
2023-04-21 03:18:08 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 4
2023-04-21 03:18:08 Timers: ping 5, ping-restart 120
2023-04-21 03:18:08 Protocol options: explicit-exit-notify 3

Ping doesn't work.

Wait

Why does nmap work but ping doesn't?

nmap 10.10.167.107
Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-21 03:19 CEST
Nmap scan report for 10.10.167.107
Host is up (0.054s latency).
Not shown: 997 filtered tcp ports (no-response)
PORT STATE SERVICE
80/tcp open http
3389/tcp open ms-wbt-server
8080/tcp open http-proxy

Nmap done: 1 IP address (1 host up) scanned in 17.13 seconds

ping 10.10.167.107 -c 10
PING 10.10.167.107 (10.10.167.107) 56(84) bytes of data.

--- 10.10.167.107 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 9919ms

This is beyond bizarre.

Not bizarre at all 🙂

There are three main protocols you interact with on the IP stack.

TCP, UDP, and ICMP.

And firewall rules and network filters will allow different protocols and ports through.

The server you're testing has 3389 running ms-wbt-server, so it's a fair sign that it is a Windows server.
Which block Ping (ICMP Echo) by default.

(See current conversation in general chat for more detail 🙂 )

I'm actually surprised it scanned without the -Pn flag.

Going ack to ip -c a -> the IP shown is the one assigned by my host, THM.com still believes I'm connected though.

So it's bizarre.

There's just lo, eth0 & tun0 running.

That should be correct for a system running openvpn

tun0 = tunnel adapter

lo = loopback adapter

Surely, Kali should display the openvpn IP somewhere?

Either way, I'm not sure if there was anything to fix now, or if there was, what exactly fixed it.

Thanks, I'm going to leave this conundrum for tomorrow morning at work.

https://tryhackme.com/room/alfred

The machine for reference.

ip -br -c a
should show you your IP
And it should show up in the GUI at the top right.

god

dammit

i'm a donkey, a 360 moonwalk away one

"Please note that this machine does not respond to ping (ICMP) and may take a few minutes to boot up."

"does not respond to ping (ICMP)"

"not"

Yeah, I don't think there ever was anything to fix and it's the machine's windows firewall just blocking the pings.

This just goes to confirm my thesis. The more I learn about penetration testing, the less I know. I'll be off. A walk of shame. Thanks a lot and apologies for wasting your time. 😦

No worries, we're all here to learn.

there is no error :(
the vpn still works and is connected (initialisation seq complete)

but the network doesnt seem to be working
as in i cant ping the machine after 2 3 min..but restarting the vpn it works..it doesnt block ping afaik
or the same goes with accessing the web page of the machine

looking for updated resources for learning pc tech 🙂

hi i've a question
I want to connect to the vpn of thm in Linux but doesnt work correctly but when I try it on my windows computer all works correctly
In fact i only can access to the ip of the room and nothing else

Well if you can connect to the IP of the room then your connected to the VPN network

yes but it doesnt work correctly

because the connection is extreamly slow and i can not acces another website

when i want to go on youtube (its an exemple) i can't

but on windows all works correctly

The vpn doesn't route your traffic.

Are you using the vpn manager or the CLI?

Hello Scrubz, I'm back with the VPN issue to Wreath network

this is a new config file - the only change is "cipher" to "data-ciphers"

try and update openssl

Do you have any idea why it does not work?

ok let me try

I run apt update && apt upgrade

nothing is installed

This is openssl version on my Kali box:

Is there anything else I should do?

Nano it and change it back to cipher

ok

I run it again

This is the original error

Anyone can help?

I want to finish Wreath this weekend

Gotta be afk for a while as having a call now. Will be back later.

First line of the error.
Try running it again but after the config file include the flag --data-ciphers AES-256-CBC

ok if I change cipher to data-ciphers

let me do that

I change cipher to data-ciphers

this is my config file

I run it again

and face this error

has been like this since last night

but it's only Wreath network

If I use euro-vip1 VPN for example

I only need to change cipher to data-ciphers and it works

Wreath network config file still does not work 😦

Does anyone face the same issue? Any idea?

Been trying to get this work so I can finish Wreath

doing preparation for my PNPT exam

Bye guys, I'll be back tomorrow. Gotta get some sleep now 😴

yep

I face it also

cc @weary spindle @plush bay @pastel tinsel

All VPN servers have been updated (including the networks), so this should resolve the cipher issues with OpenVPN.

After 24 hours, if users are experiencing the problem, please ask them to deselect and reselect the OpenVPN server they are using, then regenerate their configuration:)

(Only pinging you three as AFAIK you were active with helping users fix their issue, and I really appreciate all the work you have put in!)

sounds perfect, do we have any success rate on this? or are we guessing that it'll work 100% of the time

Well, the reason for the problem was the VPN servers weren’t inserting the right cipher, so as long as there’s no issues with cache it should be a 100% certain fix

good good

so, what could i do to connect? just use new .ovpn file?

After 24 hours, if users are experiencing the problem, please ask them to deselect and reselect the OpenVPN server they are using, then regenerate their configuration:)

ok

so yeah, basically, switch vpn server, regen and see if that helps

what should I do if I'm trying to connect to a network (Throwback) but the VPN file just is:

{"success":false}

I can't really change region/server as it's a network?

(I've regenerated multiple times)

My issue doesn't look like the ones above, as it only contains the {"success":false} - nothing else in the file at all

DM me your Throwback VPN file, please

Sure!

Hello, the BOSS of the SOC room has the following recommendation "It is highly recommended that you complete the Splunk 101, the BOTSv1, and the BOTSv2 Splunk rooms before attempting this room. " However the " BOTSv1" room appears as private. This is the first time I have seen a private room as a paid subscriber. Is this by design or some type of error? Thanks.

It's not an error, the error is private, due to it being old/broken/worked on.

Not all rooms will be available to you, even if you're a sub.

Good to know. thank you

thanks that will be nice

Gave +1 Rep to @bronze vale

I got a annual subscription while subscribing it said i will 2 free months but i haven't got it

it means you pay for 10 months but your subscription lasts for a year... not technically getting the months for free

Ohh damnn it should be more clearly stated i guess i created a ticket nd now feel that was a dumb thing

eh jabba will probably understand and either reply with the same answer or just ignore it... probably the former

Ohhh hopefully they ignore

Thank you Jason - I just tried this morning - the issue is still there. I'll try again in the evenning :).

Gave +1 Rep to @bronze vale

I've noticed a lot more privated rooms lately. Hope this means good things for the site. Similarly seen a ton of new room announcements. So ❤️ to everyone involved.

the same to you

Is there a way to get nmap scanning to work for larger port scans? If I run basic scan it takes a couple of minutes but when I do full scans I get rate limited so every few % completed the time left doubles to hours

Basic scan runs under a minute

Full scan if it takes an hour is fine but not days

Ended up using masscan if that helps anyone with --rate 1000

Ran a whole 2 min

same problem

any other way to buy subscription

i can pay in upi

When you do your nmap scans, what flags or arguments do you have? I learned in the PEH course by TCM that you can initially do a scan with only the -p- flag just to determine what ports are open and then do another scan with -A and listing only those open ports.

My first scan never contains -p-.

Oh... mind sharing how do you do your scans? I've tried masscan as well, but only the basic one without flags or arguments.

Pls when you find a solution, do keep me Informed.

My first scan is just nmap -sV -sV $targetIP

I emailed the support and they said the error is from my bank and there was nothing they could do.

same problem

Thinking to try the payday virtual credit card

I'll try this approach as well. Thanks.

Gave +1 Rep to @weary spindle

Did you try your bank?

Nope

That's an avenue I'd ask too.

My bank don’t issue credit cards. So it was a debit card I used. THM only accepts credit card

The reason I didn’t contact my bank

I use debit?

Yes I used debit

Then ask your bank.

Worst case scenario they say it's not them.

Ok

i think there is a chance that some debit card work for buying

i will use visa card this time lets see if it will work or not

i am having problem in openvpn since yesterday

Use the troubleshooting repository

From thm GitHub

https://github.com/tryhackme/openvpn-troubleshooting

the MTU value is failed in the troubleshooting

I cant open my remote ubuntu machine in tryhackme. " Connection Error , The requested connection does not exist. Please check the connection name and try again." its saying that and I cant open my ubuntu. how can I solve that

@bronze vale has pinged you in general.

Ah crap, sorry for the ping

Hi guys,

my VPN config file for Wreath network still does not work

I've just generated a new one

still facing the same issue - been like this for 2 days

Does anyone have any idea how to fix this?

have you tried making a new vm?

That’s a new issue, what is your network IP address @remote stratus

it's the same error they have gotten the last 2 days I can see 😄

And by new, I mean different

ok hold on

Look at the error, it’s an inline certificate error, the server has probably crashed

you ask for my Kali box home network IP address?

No your network

10.50.x

Or whatever wreath is

with the error

I cannot get an IP address from the 10.50.x network

Go to Wreath, at the top, network diagram screenshot it

ok hold on

10.200.81.x

The same Kali box can connect to other THM VPN servers OK

fair, then it's what Jabba said most likely

I’ve let the staff know, they’ll fix it, it is the weekend though so it might not be sorted until Monday

ok thanks Jabba - guess I'll need to work on other rooms until then

can you use a VNC client to connect to an rdp service, or are they two separate programs/protocols?

installing remina now, seems that covers all remote desktop stuff

Hello, I am trying to do the Windows Fundamentals 3 room. There is an associated machine accessed with Guacamole that one can start in split view, however when the machine is done starting (per the UI that just always waits precisely 2min) the UI reports a failure to connect with Guacamole, because the target doesn't exist.

This is on Firefox. After 2 attempts I then attempted on Chrome where it works fine. Is that a known problem?
I haven't tried to see if the machine launched by Firefox was accessible with Remote Desktop.

Hello, I have the problem, that I start a machine, where there is a webservice running on 80. I am connected sucessfully to the VPN but I can acess the site on firefox by giving it the IP. http://xxx.xxx.xxx.xxx:80 it starts showing the title like rick is sup4r cool but cant load the page

Can somebody help me

Maybe that is what's on the webpage?

No I did the room before, firefox simply doesnt load the page

There is constantly the message waiting for xxx.xxx.xxx.xxx

Some Hacktivities are listed as Free but requiring a User Streak of N for Free users.
If a Free user reaches that streak, joins the room, then later loses their streak, can they still carry on and complete the already-joined room without a streak? Or do they have to maintain that streak throughout the room?

can you explain a bit detailed ?

Is that addressed to me? If so I'm unsure what details to add.

yes

Yes, if you lose the streak, you still have access to the network

thanks for the answer

Hello, I'm trying task 18 (day13) on advent of cyber 2021
But when I deploy the machine I got this :
(Connection error. the requested connection does not exist. please check the name and try again.)

Hello, I'm trying task 6 in the Malware Introductory room on Tryhackme but when I deploy the machine, it states that there is a Connection error. The requested connection does not exist. Please check the connection name and try again. Can anyone help me figure this out?

Having trouble right now with openvpn file, ping me for logs

!vpnscript

and extra info

try that

Lmao it worked, I was trying to manually edit the config file with no idea what I was doing aside from changing the cipher as it told me to

Was probably doing something stupid, tysm

Had no idea that existed

np glad to help

hello I am having an error when trying to connect to the wreath network using openvpn

I have downloaded and use the troubleshooting script but the error persists.

Hello guys I have a problem with my certificate can please any admin or moderator contact me?

Why do you need a mod or admin for this?

It's not a discord issue.

And I suspect your cert has a spelling error, or your username inserted.

This cannot be changed by staff, once it's been generated, that's it.

There is no way to fix it?

Photoshop can fix it.

And if someone want to verify it or put it on linkedin as link it will show

Anw thank you will see what to do

Hello, Where can I send my student ID for discount? my uni email is not supported

!email

Send it to here. 🙂

Thank you 😉

hey, I am trying to access the "Lateral Movement and Pivoting" room in the "offensive pentesting" learning path. I am turning on the attackbox but i dont get the "lateralmovement" IP address like I should in order to connect to the domain. can someone please help me.

Did you open the attackbox in the room?

I am at the room page and clicking on the attackbox at the top right corner.

its been like this for a few days, i dont know what to do anymore

yes

yo i have found two solution

Thank goodness

Gave +1 Rep to @eternal forum

1st is we can register in paypal by debit card if we download the app in phone

in my case it did not work

2nd is we can buy the vouchers , we can buy it by debit card also

and redeem that vouchers for premium

How do you do that?

i haven't done yet

i just saw that ans in forum of thm

i will do it tomorrow

u can try both of them

Sent you a dm

@glad oyster for the IN-Server, the problem still exists

I tried downloaded the vpn config file for the EU server and it's working perfectly fine with that, however I re selected the IN Server, downloaded the vpn file and ran it with openvpn, and the same error comes again

client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote IP PORT
resolv-retry infinite
nobind
explicit-exit-notify 3
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
comp-lzo
key-direction 1
verb 3
reneg-sec 0

cipher AES-256-CBC
this flag here is causing the issue

yes, it should be data-cipher

however, this issue should have been fixed

for the EU server, it's fixed ig, but still IN server vpn config file, it's the same

And if you de and reselect the IN server, it still doesn't fix the config file? Hmmm

cc @bronze vale

Nope, did the same thing you told for 2-3 times

  File: name.ovpn
  Size: 8359            Blocks: 24         IO Block: 4096   regular file

Access: 2023-04-24 02:04:51.885366661 +0530
Modify: 2023-04-24 02:04:51.885366661 +0530
Change: 2023-04-24 02:05:04.431981340 +0530
 Birth: 2023-04-24 02:04:51.885366661 +0530

isn't it data-ciphers AES-256-CBC ?

yes the s at the end is important

yes but the point im getting at is that it should be fixed

yeah according to jabba new generations of the vpn config should fix this

I'm having trouble using SSH to connect my Kali VM to the Nmap room (Connection Timed Out), I've connected OpenVPN successfully and the task 1 machine is running. I cant think of anything. help.

i'm typing this in terminal ssh tryhackme@"machineIPAdress"

Which NMAP room?
The ones I recently did were all intended to be scanned from your kali system using nmap.

@chilly pike I have the same problem .... Updated : Now is worked for me !!

I got it working

Hello, can I "unverify" my discord ID/remove token? I joined originally with a different email that I no longer have so I joined with a new account, subscribed aswell ^^

You'll need to ping a mod and ask politely.

Just anyone from the mod list on the right?

Not Jabba.

yeah it says do not ping please i saw that ^^

hmmm ah i see one

@chilly pike Hello could you please look at my question above? Ty

Gave +1 Rep to @chilly pike

After 10 minutes sysmon room from Split View doesn’t work how can fix ?

I have connections error

?

I'm getting a connection issue with the Attack box

The requested connection does not exist. Please check the connection name and try again.

Same

I'm in the killchain module and the conclusion activity doesn't allow me to label the "recon" icon. this is the second time I've experienced this kind of thing on these types of exercises. I can't get the flag. I have a screenshot to send if I can. I didn't find a way to send the attachment. Do they not want me to do this room? if that's the case, why don't they just remove those modules?

Hello, i can not access the url http://distributor.za.tryhackme.com/creds to retrieve my credentials in room Lateral Movement and Pivoting

Could you please send me credentials or provide me another link?

I got it, you can skip my question

Hello Everyone!
I have question about tryhackme's vpn.
If I connect vpn from windows machine can i take access tryhackme's web sites from virtual kali linux?
I mean I can not connect linux I found a way to connect tryhackme's vpn but with windows. If I connect vpn through windows can I also use it kali linux which is installed in virtualbox???

No, you need to be connected to the VPN inside the VM.

This can be done using the CLI.

!vpn

Is a room you can do which shows you how to go about it.

I can not. I am able to connect vpn by hotspotshield vpn in windows because it is free for windows not linux. I don't know why but i can connect tryhackme vpn by hotspotshield

That's why I asked it

Are you in a country that's banned OpenVPN?

No, I contacted my government and ISP they said they are not blocking openvpn

yoooooooooooooooooooooooooo

i finally got the premiym

https://tenor.com/view/dace-gif-25608746

somebody know, why my vpn does this error ?

aaah yeah no idea on that one

LOL

it keeps restarting infinite

have you tried regenerating the vpn config file today???

Where is the #room-help

doubt that would help a lot but could be there

hmmm

I already uninstalled and installed the vpn and it still won't work

wanted to change the username

already send the mail to support how long does the process take

1-3 days usually

ok

No one has gotten back to me yet how can I contact support?

hi
i solved devie room today and it was released in this month,shouldn't i get 90 pt to my monthly ranking?

i got 24, which is i should get if i didnt solve it in the same month right?

had a similar issue yesterday, ran this vpn script and it fixed it for me

!vpnscript

Facing Issues with Holo VPN

I can't download the vpn file for Holo Network. Trying to download it goes to the 404 error page (Lost in matrix). Tried regenerating the file, restarting my computer, changing browser to access Tryhackme. But nothing worked. The other networks work.

Having troubles SSH(ing) to the resource. When i SSH it comes up with the warning that the key is not known by any other names and to select yes/no/fingerprint. i type and enter yes then i get a "Permission Denied (publickey)" and can do nothing about it?

so on certificate

whichname will come

fullname or username

i was worried that it will show username

certificate?

like this

i dont have a cert. cant even get into the resource/learning module

it will show your fullname

https://tenor.com/view/dog-movie-max-sigh-gif-22583851

https://tenor.com/view/jeff-channing-tatum-22jump-street-disguise-gif-8025876

this was my usernaem

imagine getting certificate with "mynameisjeff

yeah.. i have a new account bcs it didnt change the full name on the certificate for me so i get you ^^

hello I am new to the try hack me platform I am getting the following when trying to access the lab machine for the linux fundamentals -1 class I get a connection error, the requested connection does not exist

can anyone please suggest how can i access the lab

Are you connected to the vpn ? Also when does the error occur ? while trying to Start Machine ?

@dull cedar i am not accessing the box via openvpn rather, i click on the StartMachine and the box setup happens for 90 seconds and fails to connect

is it recommended to access it via the OpenVPN

No it's not exactly that. I understand what you are trying to do. Pressing start machine starts up the Attack Machine/ Linux box you will execute the commands on. So yeah you are alright, no need for openvpn here.

I just turned on the Start Machine and it worked for me. Maybe try again ? Or try to click the view full screen button at bottom left of the Attack Machine and it will open the machine in another tab. Sometimes it also solves the connectivity problem for me.

@dull cedar i just checked i am able to access the box, thanks for the help on this

Gave +1 Rep to @dull cedar

Anytime ! Good luck with your journey

👍

Anyone able to help with my SSH problem? Not given an oppotunity to input password to connect to lab and just old Permission Denied (public key)

*told'

hi. I have do the lab Linux Forensics, but i don't access on Ubuntu server. plz help me fix error.

ubuntu@10.10.28.86: Permission denied (publickey).

Use the split screen machine.

└─# ssh ubuntu@10.10.176.34
The authenticity of host '10.10.176.34 (10.10.176.34)' can't be established.
ED25519 key fingerprint is SHA256:a/jYepu7/lU5mXImbK6/voDRsIbdj6SDl2PIyJMJEFg.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.10.176.34' (ED25519) to the list of known hosts.
ubuntu@10.10.176.34: Permission denied (publickey).

hi

Trying to connect to "breachingad" network and getting "Error: problem with tun vs. tap setting" anyone knows a solution?

Edit your script.

Where it says

Dev breached

Change it to

Dev tun

Worked, thanks!

Gave +1 Rep to @weary spindle

Should I add this as a test for vpnscript?

I think so.

Yeah, it has been popping up lately, so i was debating adding the check instead of the data-ciphers check

Hi, want to link my tryhackme account to a new discord account, mij old i don't have access anymore. What are the right steps to follow?

ask a mod in chat if they can help you with de-linking your old discord account and then you'll be able to verify again

Hello Support Team

I've just downloaded a new conf file for Wreath network

run openvpn and still face this error message:

Does anyone have any idea?

My Kali Linux is working fine with conf files of other servers (euro-vip1/2)

This is the conf file content:

Troubleshoot screenshot

Hope someone can help fix this issue as I need to finish Wreath to prepare for my PNPT exam - Thank you.

@zealous yoke there's a vpn server that's down I think

Thanks Kyooty - any idea when this can be resolved?

hi
i have problem with TryHackMe Bot when authenticating my discord token
where should i open ticket ?

Send a screenshot of the network diagram on the start of the room please

We don't do tickets in the Discord as it is run by volunteers; post the issue here and someone will help you:)

few month ago
i registered my discord account with an old THM Account in this server ( this account i'm using now )
i deleted that THM Account and Created a new one
i want to register this new account on this discord account i'm using
but THM Bot Sending Error : Sorry, you already have a token on this account.

Can Anybody Help me ?

Hi there, I am trying to open a port in Kali Linux, and dont know what im doing wrong. Nothing seems to work

I tried opening with IPtables, firewalld, UFW

what on earth am I doing wrong?!?!?!

literally trying for hours

could you give some of the commands your running

how are you accessing the connection? how are you opening it? is it on a VM? cloud based machine?

apologies, its a VM with a bridged adapter

first I tried using GUFW

which is UI based

one sec im loading up kali again

well if its bridged, its replicating a device on your hosts network - now how are you trying to access the connection?

sudo iptables -A INPUT -p tcp --dport 4444 -j ACCEPT

im trying to make a backdoor APK (demo for a school project)

@broken bear

Im trying to open TCP port 4444 so I can make the handshake

Ping a mod and ask politely to have your token unlinked from your old account

we don't help with schoolwork

only related to TryHackMe then? this is more of a general kali linux help question regardless

its an independent study so it is not an assignment, I am doing my own work

It's something you are going to turn in, it's for a school project. And, a backdoor APK would be malware. There are channels that we allow that discussion, that is not here.

This channel is specifically for tech support for THM, RE: VPN connection troubleshooting.

Ok, I will ask in those. This is a question regardless for any other port as well because every port is currently closed

besides 80

@broken bear
hi
plz unlink my old account's THM Token on this account
i want to register new THM Account

Please DM me from the old discord account.

no, see
i want to register in server with NEW THM Account
but i Can't
beacuse i registered with an deleted THM account
i want to register an New THM Account on this discord account

ok ?

can i send you a screenshot in DM ?

i sended you a screenshot
check it

There is no THM account linked to this discord.

I might be able to unlink, if you can DM me your THM token so we can see which account that token is linked to

so there is a problem with your bot
i linked an old account
i deleted that old THM account
then i leave from server
& rejoin today

should i send U my present token ?
or old token ?

Old token.

check DM

i sended You

can you fix the problem ?

Waiting on a response. Have to check the token first.

it's ok

i sended you new screenshot
please check

Thank U ❤️

Gave +1 Rep to @broken bear

Persistence room - reverse shell with meterpreter seems blocked & unstabile. Used similar port as in room example. Problem with both own Kali machine and attackbox. Best result is with metasploit/venom to generate poweshell .bat where I see first stage sent but the meterpreter session error.

Connection problems with split-screen view should be resolved now 🙂

thanks

Gave +1 Rep to @faint sequoia

Hey what happen to "my-machine" page. Its lots in matrix

U remove this page??

The page was removed, yes

So how i ssh to machine without password

If the task not provide ofc

When you start the AttackBox, the i button in the lower left corner will have all the info you need

Just a question, how long does the support team respond after you send them an email?

1-3 days usually

Thanks

Well done thank so much

Gave +1 Rep to @dense bramble

Hey guys, the 404 error while downloading VPN config file for Holo Network is still there. can anyone please help ?

how do I use my discord token to connect my account?

Dm your token to @sharp bison

!docs verify

Anybody successfully install gobuster on Ubuntu?

Saying I need a wordlist or some shit just to check version

.

Cause I emailed them 4 days ago and I haven't got any responses yet?

@dense bramble

Support will get to you, please be patient.

The wait time is usually three days, however this could all depend on the number of E-mails they need to go through.

Hi can one of the mods delink my old discord account so that i can link my tryhackme account to my new discord account

I can give them my old discord account so it can be un-linked

i couldn't verify my discord token, do we have a temporary issue?

I have question about subscribers only room!
Can I enter subscribers room if I cancel my subscription which i finished before?
I have a lot of homeworks and examines end of this year from my university I can't find much time for tryhackme I am going to cancel my subscription for 1-2 month during that time I want to repeat my finished room

After cancelling subscription can I have access all my finished rooms?

I ran into problem connecting to Wreath network since last week.

Last night I sent an email to support@tryhackme.com - but have not received any response yet. Does anyone have any idea how to fix this issue?

No, once your subscription expires, you will no longer have access to subscribers only rooms even if you have completed them.

is the site having issues right now or just on my end

We're aware of the site issues, we're working to fix it

thanks, wasnt sure if it was just me or not

@foggy rover can you un-link my old discord account from my tryhackme account or does one of the discord mods need to do that. Als sorry for pinging directly

FYI staff != moderators; moderators manage the community, staff manage the website.
Exceptions to this rule are me, CMNatic, tim & Fontaene as we are both

alright

Hello Support Team ,I ran openvpn and also run the thm-troubleshoot,i also regenerate the files many times,but still face the error message:

Does anyone have any idea?Hope someone can help fix this issue.Appreciate for that.

i've uploaded the screenshots

in kali linux what should i do if the scroll bar is blocked by application icons?

Hi, can any of the mods help me unlink my old discord account from my tryhackme account. I want to link it to my new discord account

shoot me a DM and I'll get it sorted 😎

can you share a screenshot of the output of when try and run the VPN file with openvpn please?

screenshot of the output

looks promising. Can you run this in another terminal while the openvpn is running? sudo ip link set dev tun0 mtu 1200 and then curl http://10.10.10.10/whoami you should have your VPN IP returned

thanks.yes my VPN IP returned and what should i do to deal with it

nice! Nothing. That means it's working as intended 🙂

So im connected to thm's network?😆

Yup!

I am having some trouble connecting to tryhackme with openvpn. This the output when I run openvpn. It goes on forever until I stop it

I have searched online and found this: https://tryhackme.com/forum/thread/62bb0daf19e588005b7b1739
I have done the solution that seemed to work, but I still cannot connect

try and run this script

!vpnscript

this is the output

add the config to the same folder as the script

ok

also it does not look like you changed the correct config

which one do I change? I copied /usr/share/openvpn/examples/server.conf and edited that one

you have to change the one that you downloaded from tryhackme, not the server config

ooooh ok

Thank you! That worked!

Gave +1 Rep to @pastel tinsel

It is bugged... And i cant take my certification for the complete beginner path . What can i do? (alredy reset the progress but same issue)

put it down in #room-bugs and some staff members will look at it 😄

Has THM fixed the openvpn configuration file?

Finally, the script works. I haven't tried in a few months. Thank you THM!

I can not download VPN configuration file for lateral movement and pivot

can someone help me?

What do you mean?

Your OVPN config file is just to make connections to the room, maybe I am not understanding what you are asking?

when i click download i receive an error message. Other VPN files works, except this one

So the download fails, there is no file for you atm?

exactly

regenerate button does not help

Log out and back in? That or wait for THM Staff to see this or email the support line.

thanks for help

I will wait

It happened to me once. I changed the region of the server and downloaded the new vpn file again. It works fine for me

You can not change region of the server when you are connecting to network VPN server

Sorry, I didn't see the screenshot earlier. I thought you had problems in connecting to the machines

Yeah thats what i started with too. Then he shared and I was like "ope" thats not what i thought it was

hi, Vulnversity, is showing incomplete with everything answered. is this the proper room to discuss this issue? I've tried redoing the room it still says incomplete.

Not to be rude but are you sure you arent missing something? I have glossed over a "click to complete" answer plenty of times before

no worries, its easy to miss things from time to time. but heres the SS

nvm i cant attach screeshots

You need to verify first

!docs verify

thank you

Gave +1 Rep to @dense bramble

@lethal estuary

there is nothing left to complete unless i really missed something. I even reset the room >_<

Interesting

update, the vpn does not work even on the attackbox

is there any THM staff availible?

You wouldnt use the Attackbox if youre on VPN

VPN is to use your own machine/VM

The Attackbox you just target the machine IP provided

@umbral apex

man

you will not solve it

I would consider you checking out https://tryhackme.com/room/hello

Hi there, what issue are you having?

.

Can you try regenerate and then download it?

Also, if your using the attackbox you wont need to connect to the VPN

In his last screenshot it appears his vpn is connected.

https://tenor.com/view/facepalm-really-stressed-mad-angry-gif-16109475

Hes now trying to connect to his vpn conection with the attack box, instead of using the rooms machine ip

no i am not

wtf

10.10.127.168 is your connection

Are you using your own VM or attack box?

Getting frustrated isn't going to help anyone

We're just trying to understand what exactly the issue is

I tried both. I am trying to connect to lateral movement room, but it is not possible threw VM (because i get 404 when i try to download VPN configuration). When i try to use the THM attack box, it is not also possible, because the route to the lateral movement room is not availible on the THM attack box.

In the attackbox you have a breachad interface.

threw VM (because i get 404 when i try to download VPN configuration
Have you try clicked the "Regenerate" button?

Your showing connected via the VPN, (The green IP address in the upper corner). Did you generate a machine IP for the room?

It's a network.

There should be some instructions like this on how to connect in the room

The interface will be wrong.

is someone of you abble to download this configuration without getting an 404 error?

When i click download i get this

Again, have you tried regenerating it and then downloading?

You need to leave the room for 5-15 mins

Then re-join and re download.

Are you using the attackbox right now?

yes does not help. I already mentioned it

You did not mention that

i did

are you abble to download that configuration file?

Yes, instructions like that - I dont have access to that specific network because im not a subscriber so im using another network room as an example

Yes.

Yes, but for some reason the lateral room is giving him the breachad interface.

Yes, have you tried what Scrubz told you?

exactly

Hmm 🤷‍♂️

But you'd just swap out the interface name in the command.

i tried to leave and then rejoin, but i did not wait for 5-15 minutes. I will try that now

That should also give you a new subnet.

I do not understand what you mean. I need lateralmovement interface in order to complete the room

Change lateral to breachad

Your using the breachead interface, hence why it cant find the laterlmovement device

Is connecting to the breached interface solution in this case, if I need to work on lateral movement room? I solved breached 2 days ago

Yesterday the lateral movement VPN / attack box interface worked perfectly. I do not understand what happened now

What do the instructions say on the lateral movement room?

to use exactly this command which does not work

could you take a screenshot of the task instructions?

Im not a subscriber so I dont have access

Right, could you terminate your attack box - wait 5 minutes and then redeploy it from the room page?

sure

does not work

i will wait for support

The download or the attackbox?

both

Are you still on attackbox?

yes

What interface do you have?

If you started it from the room page you should have the lateralmovement interface....

lateral movement is not there. I tried to leave all rooms i was joined before, then join only to lateral movement room, but did not help aswell

So what interface is there?

thank you for help, but i think the problem is not on my side 😂

I mean, I wouldn't be surprised if the email support sends you here.

cc @zealous yoke possible attack box issue?

But if you still want help, what interface do you have?

I don't thanks

i will wait

Can you DM me the IP address of your attackbox please

Can I DM you too about some tech issue too @zealous yoke ?

Hello, I cant connect on rooms with openvpn on windows, someone can help me ?

Im connected on the VPN according to OpenVPN UI

My ip is 10.9.72.xx, so Im on the tryhackme network

But when I ping my room it time out

is the room a windows target machine??? because if yes they generally do not respond to pings

I already did a ipconfig / renew

It is the openvpn room

Cant access to the http neither

are you running multiple vpns???

I used to but I disabled the second one

Im have clean my host file

okay try restarting the openvpn connection now without starting your other vpn

mmh, same issue

verystrange

Ok, I dowloaded another version of OpenVpn

And now it works

Thanks @plush bay

Gave +1 Rep to @plush bay

no problem

You know how to change his username pls

your username on thm?

yess

you have to message support with your old username and the username you want

!email

my old is : mourina94 the new is : Tahar

It's good ?

sure, just write to the above email 🙂

my old is : mourina94 the new is : Tahar !email mourina946@gmail.com

AND can i change it when i want

and Thank You So Much

And I've last question :Imagine if I did all the levels that allowed me to complete the last module "Pentest Offensive" if we compare all the training time it would be how many years of hacker studies

you need to send an email to support@tryhackme.com, typing it here doesn't do anything

Ohhhh okay thanks

And you've answer for that question or no ?

How Can i make a ticket

This happened to me couple mins ago

i think it's very weird

i looked up the ip and it was listed bad

think it might be a botnet IP going around scanning different IP's and trying to bruteforce/exploit

cannot connect to VPN after kali update

Most of the time, those are just paid ads. If the scan came back null, it's scammers fishing for suckers. Kind of off topic for this channel, #infosec-general would be better if you have questions about why that is.

can you post a screenshot of the error?

Thanks, sorry

Hi all, is there someone who can tell me how to change my payment details? (Card expiration due in a few days)
I got an email with an url from THM but that URL has already expired so that's of no good.
I hope some one can help, and please let it not be cancel the account and create a new one, because I found that one already via the THM-bot.

Chargebee?

https://tryhackme.chargebeeportal.com/portal/v2/

Is here any support staff availible?

The lateral movement and pivoting room still does not work

Are you still getting the breachad interface inside the room?

no

Mr CMNatic recreated my lateralmovement interface, but he informed me that the lateralmovement network has been deletetd

Ok, then until Ben or somebody else comes back and says it's fixed, there is nothing we can do.

Hey, I bought a subscription two days ago but whenever I'm doing tasks in a room, I can't see any images
Is there a fix

Which room?

Steel mountain

But the issue was still there when I tried doing owasp juice shop

Hello would it be possible to change my name on a certificate already generated?

It isn't. No

Which images?

The images are on img, is it possible you're in a country that blocks them?

Pretty much every image in a task
I'm unable to share screenshots in this chat for some reason

Unlikely, I've been using tryhackme since last year and this is the third time I'm getting a sub, I've never had this issue before

you'll need to verify

!docs verify

Thanks, that was what I'm looking for. 👍

Gave +1 Rep to @weary spindle

Done
This is how my tasks are looking

What about Juice shop?

This is how it looks

Is imgur blocked in your country

I don't think so
Is there a way to confirm this...

Are you using a VPN?

Or a custom DNS

Which country are you in?

I've had issues with pihole / adguard for Imgur links hence the question

hello anyone has a solution to this problem

net.portswigger.devtools.client.hw: Refusing to start browser as your current configuration does not support running without sandbox

Google that error, it will tell you the fix.

No I'm not

In Kenya

Thank you.*

Gave +1 Rep to @weary spindle

@weary spindle are there other people facing the same issue

I don't think so.

..

Which room is this?

https://tryhackme.com/room/ide

it's just a scanner, if you're a subscriber you have access to the internet and therefore when you have a netcat listener, you're also listening to the outside, so you can get connections from outside IP's like that one, it's a scanner/scraber that scans all IPs and ports daily

who owns it tho

the outside, juun also told you it's not tech support

nvm, that was for some person who deleted their message, my bad

ok sorry

but you can't really report it, it happens to everyone and there's no way to stop it

Hey @pastel tinsel sorry to ping you but I saw you are one of the room testers. So I wanted to ask if there's any definite way to reach the support team except email as it's really slow communication.

I am facing a problem with Holo VPN for days now and tried to reach out in Discord, Forum. Got an email back 2 days later and replied to that but there's no email back yet.

email is the way, they are slow because they get so many emails, but if you verify your profile we can help you out

!docs verify

Thanks doing that rn !

Gave +1 Rep to @pastel tinsel