#site-support

there has been a spinning green icon in the upper right for about a mminute...

have you ever downloaded that certificate before?

ive never downloaded any certs that i remember

Alright then, as SpeedyGX just confirmed above that old (already) generated certs are good to be download but certs that need to be generated are bugged, so that's probably why your certs are not being able to generate as that generate process is bugged

ok

Okay, thank you for information 🙂

Gave +1 Rep to @exotic dove

Hopefully very soon they will be able to fix it

You're welcome :)

ok thanks again

You're welcome :)

Im trying to do the tutorial but it says i have to subscribe to use the attackbox for more than an hour, i am 100% certain though, that i have not used it for an hour yet. I have started it 2 times to try and do a room but i had no clue how to connect, (going on firefox to that ip did nothing) and after that it said i couldnt start the box

So I'm working through the 'auth bypass' section and suddenly all the URLs for the Acme IT Support Website were updated to show: http://MACHINE_IP/customers/signup as opposed to actually having the target IP in the URL. I searched around to see what I should swap that out with, but I've had no luck. Any thoughts?

It isn't clear whether your first hour is the only full hour you get or not. Generally though, it is a paid service. I found the $90 to be well worth it.

huh

Best to spin up your own virtual machine and connect with OpenVPN, no time limits there

oh

ye i have a VM but idk how the openvpn thing works but ill look into it

!vpn

This room should help

Uh... idk if anyone wants to help but I am having some issues with my watch dogs: legion game

It randomly turns off and lags a lot

This channel is for technical issues with TryHackMe...

Oh okay

Its not generally a paid service:)

Hi guys, can some1 help me with VPN connection? i try all the writeups and i cant connect any EU server, i have openvpn 2.6.1 i change cipher to data-ciphers but it reurns[ If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.]

!vpnscript

Try this script it resolves your issue

I have it already it return[+] Stable internet connection
[+] OpenVPN is installed
[-] tun0 interface does not exist
Would you like the script to attempt a connection automatically (Y/n)? Y
[+] Connecting....
[Warning!] Connection process is taking longer than expected to complete
[-] Failed to connect
Failure to connect to the VPN can usually be solved by one of the following options:
-Regenerating your OpenVPN config on the TryHackMe access page (https://tryhackme.com/access)
-Switching servers, then regenerating your OpenVPN config
-Checking your system time. If your system time is incorrect then this can cause issues with the authentication process
If none of these methods work, please ask for further assistance in the TryHackMe Discord server, subreddit or forums.
[-] Exiting

The response change in each VPN server, for example this is from EU-VIP1 but in EU-Regular1 response to run sudo openvpn file.ovpn

Hmm. Did you tried switching servers?

Yes, i try all servers on EU

may I ask where you're from mdkp?

Regulars(1,2,3) and VIPs (1,2)

Spain

some countries are blocking openvpn

okay, then that's not the problem

Som1 know were i can ask for get my mony back?

!email

Ty mate

Did you try running the config whilst trying to connect to the VPN?

Hi, I'm trying to download a certificate for one of the learning paths I completed. It is just spinning with "fetching certificate" when I try and download. It's been about an hour and i refreshed the page a couple times. Does it take a bit of time?

No, it's usually instant, do you have an ad blocker?

Yeah, just disabled it to try again, same issue. I did put in my real name to generate it when it originally popped up.

You can't generate a new certificate, if that's what your trying to do.

nah not new, when i clicked on it after finishing, it asked if i wanted to use my real name or profile id.. so i put my real name and filled out the box. then clicked generate.

Which path?

Comptia pentest+

That path has vulnersity in it, which is causing a bug at the moment.

Even though you have finished the room it's still coming incomplete on the path.

even though path progress says 100%? ok

yeah probablyt

Open Application-based vulnerabilities

you should see vulnersity like this

Green Checkmarks on all of them listed.

can't paste here but there's a checkmark

It won't always show the checkmark, but if you can't download the certificate then it's the same bug:)

ok is there a fix or workaround I can do or just wait for your end

no rush btw.

was just curious

probably the wait until fix is the only option currently

ok well thank you for the information. I'll check back every now and again to see if it's fixed.

You need to verify your account to paste images

!docs verify

I cant access the acme it webpage, im on authentication bypass and i get this everytime i try to enter the website on the machine

''hmm we are having trouble finding that website''

I cant even run the fuff command cause the website isn't available

Did you create a host file entry?

If you're trying to reach it by name instead of IP that will be a requirement, I don't recall if this is one of the rooms where it outlines that you must use hosts file.

A host file entry? Not sure, i just started the VM on tryhackme, then tried to enter that website through their VM

Can you link me to the room, I'll have a look if this is one that recommends that. I know I did Acme IT recently, but I don't recall the specifics.

here it is, https://tryhackme.com/room/authenticationbypass

Attackbox or vm?

I used their attackbox

Ah no, Acme is one that uses IP in the notes.

How do i fix it? Im still a bit a bit lost at the moment

do i need to ssh?

!docs verify

If you want to show us a screenshot of what's happening you have to do the above.

That would help us to understand why you're getting a 404.
Make sure you're searching http:// instead of https:// etc.

Sometimes its just needing a second set of eyes.

Will do it

Hello, I had a question about annual plans. If you subscribe with an annual plan now does the price increase effect the length of the plan anyway or are you only effected by price increase after year lapses.

Oh just realized we're in techsupport lol @subtle wadi we should probably move over to room-help 😉

my bad haha, will move over there

Evening

I have this weird issue where the room Vulnversity won't be 100% complete, even when all tasked are completed and answered.

Anyone had similar issues?

#1092490706385383524

Awesome, thanks!

You're welcome :)

@crystal marlin can sort you put buddy.

Out*

Not at all, I've pinged them, they'll be along, sooner or later.

You can DM me

No, that's most likely your DMs are off 😄

I'm kind of surprised none of the DM security messages in this chat have been pinned yet from people looking to verify.

I'm having a weird networking/routing problem with openvpn that I haven't had before. My vps is connected to THM with openvpn but I can't reach the box

My ip in the vpn is like 10.13.x.x. ping -I tun0 10.13.0.1 works but ping -I tun0 10.10.x.x (box ip) doesn't work

what room are you doing?

I'm trying the one called Fowsniff CTF. But yesterday I had a similar problem and was able to resolve it (I was doing Attacktive Directory). What happened then was evil-winrm couldn't reach the box because it wasn't using the tun0 interface created by openvpn, but sudo ip route add <box ip> via <my vpn ip> dev tun0 fixed it

And ping -I tun0 <box ip> did work, but today it doesn't which is confusing. I've also rebooted since

I'm just asking because if it's a Windows box, which it seems to be, it doesn't respond to ping by default

Oh shit

lol

It must have been luck that the Attacktive Directory box did respond to pings

strange that it did honestly, but as long as it works, you should be able to scan the box just fine with the -Pn option

alright I'm able to reach it now. Not responding to pings was throwing me off but I also had to use ip route add again. I was trying ip route add 10.10.0.0/16 ... dev tun0 instead of just the box ip figuring it should work the same but apparently not

did. resolved. thanks !

Gave +1 Rep to @winter solstice

So you're aware, there are a TON of network appliances that also ignore ICMP Echo (ping) by default. Lots of opportunity to have it either dropped/blocked/filtered.

Ping, from a networking perspective, is a terrible way to know if something is connected or not 🙂

Does the price increase deprecate the value of an annual subscription bought before price increase. Are we buying time like 12 months access with an annual subscription or did we just buy a prepaid gift card and after October more fee will be deducted from your account. What is the change that takes affect in October?

Existing subscribers

To thank you for your loyalty as a TryHackMe subscriber, your subscription price will remain the same until the 1st of October, 2023 after which your subscription price will increase to £12 / $14 per month). For annual users, this will increase from £72 / $96 to £108 / $126 (£6 / $8 to £9 / $10.50 per month), and this change will not affect you until October.

Hi people. The room https://tryhackme.com/room/vulnversity be present a problem for me.
Same the end this room, stay with status not completed.
There is any possibility of the room to be with bug?

It is a #1092490706385383524 and this is already being looked into by THM Staff.

What do you mean deprecate? The price increase is supposed to take effect this May 7th, but if you have an existing annual subscription that will expire beyond the said date, they will let you keep the subscription at the rate before the price increase takes effect until October 1st.

I think the question should be coming from those that have an annual subscription that will expire beyond October 1st (e.g., those thay took the AOC promo last December, etc.), how will they be charged? Will it be a separate billing?

As far as I've understood from the chatter here, If it expires beyond October 1st, it will renew at the new price, if it expires before that, it will renew at the old price.

plus there won't be any extra charges if you have an active annual subscription when October comes

Does this mean there will be additional charges for the months of October and November? How will that be reflected?

not if you have an active annual subscription

If you have a monthly subscription, you would simply be charged at the new price whenever it renews in October. If you have an annual subscription and it renews in let's say November, it just renews at the new price, that's all.

Got it. Thanks!

Hi, any idea when the Disable 2FA bug will be fixed, I didn’t complete set up on my app so dont have the account link, but my THM account says that 2FA is enabled. I want to disable and re-enable again to have the account added to my auth app.

Hey! I have completed my Vulnversity room and the whole path of CompTia Pentest+ and still I am seeing that Vulnversity is incompleted. I have tried to reset my progress twice to complete the room but still it's showing the same thing. I can't download my certificate due to that. Can anyone please help me?

I am having this issues as well.

So it's a general bug i guess

Hi there 👋 yup we're aware of this bug and are working on a fix #1092490706385383524 message

@wise wave @half coral ^^

Okay! No worries! Will wait for that 😁

hi

i have this issue when i try to subscribe monthly premium, Note that the card is effective and works in other sites:
Your card issuer bank has declined this payment.Please contact your bank for support.

I mean, that's pretty specific...

Contact you banks please. 🙂

hi, can someone help me with creating workspaces in tryhackme?? ty

What do you need help with?

I don't permission to report bug

Only mod/staff can write in that channel, they're letting you know it's already there.

👋

I'm a student who is keen on enrolling in the Attacking and Defending AWS course. However, it appears that this path is currently only available to businesses. Are there any plans to make it accessible to the general public?

Let me know if this isn't the right channel.

Thanks.

https://resources.tryhackme.com/attacking-and-defending-aws

Yeah, I was redirected to that page too. I guess for individuals like myself, all we need is to submit our information.

Look at the very bottom

Can I access this an as individual?

👍

I'd imagine if they do release it to the general public, it would be like Throwback, and would require a separate subscription/payment to enter the path.

Yeah 😦

oh well...thanks man!

Hello, I have this problem with the Vulnversity room, where it says I have it 95% complete, but when I open it, it says it is 100% complete. I know I can just reset the progress and do it again, but I'd like to first try a less drastic measure.

This is a known issue, #1092490706385383524

Thank you!

Gave +1 Rep to @zealous yoke

I accidently pressed generate with real name on certificate is there a way to change it to my username?

beside photoshop lmao

no, once a certificate is generated, that's it, photoshop would really be your only option

okay cool

yeah there is gimp..... or ink scape if you change it to a svg

uh.. is the Vulnversity room bugged? I just finished it while doing the CompTIA Pentest+ learning path but it's not marking it as completed; I tried resetting the room already

Hi All, is anyone else getting a payment issue when adding a subscription? I'm getting a message to contact my bank/CC but when I do they mention that there is no charge there for them to approve/let through? (Trying to make sure that I'm subscribed before the pricing update--and excited to unlock all the paid rooms! 🙂 )

Which country are you in?

USA

Yes, this is a #1092490706385383524 to the team, and they're working on it.

Thank youuu~

Gave +1 Rep to @weary spindle

im struggling with the last q on the flag.txt

does anyone know where to go for this?

Also getting the exact same message 😅

Which room?

how to disconnect from tryhackme openvpn

on linux either hit ctrl + C in the terminal window where openvpn is running
or sudo killall openvpn

thanks

no problem

man just as with the 5/4 problem i am currently doing work its before 7pm my time and the work I am doing is not tracking on my activity window dont get why this keeps happening .. very strange

and while doing the work right now i get an email to return and not lose my streak.. i dont get whats going on

Me too. Drives me nuts.... hours of wasted time.

#site-support 2FA is not disabled... How can I disabled this feature ..... When I click on the disabled but it's not responding.

It's a bug unfortunately, but staff is aware and working on it #1092490706385383524

@dense bramble please do something asap ...

I'm not staff, they're working on it

my old account that was connected to this discord is no longer the one I utilize on THM. I even went as far as deleting it, but I cannot link my new account to my discord with the verify bot. Any chance someone can clear my token from my old account so i can verify the new?

Hi its there any other there getting 404 on "https://tryhackme.com/my-machine"
?

Hello please I need a little help I just started my cyber security journey and I'm having a challenge with offensive security
What do you need to access a web application?

Hi, if I want to stop subscription for the next month do I 'cancel subscription' this month or the next?
I mean, if I cancel it rn, would it immediately stop the subscription and refund or will it change from next month?

Yup, this doesn't exist any more

Think about what software your using to access tryhackme

its there a new link ?

If you cancel it right now you will continue to be subscribed unt the end of the month

Not sure

https://tryhackme.com/room/kali
this room using the link 🙂

Yeah not sure why it hasn't been updated yet, I reported it weeks ago

okay 🙂 we will see then 🙂

Hi, I'm not able to get onto a linux machine. It just loads forever...

In Vulniversity, I am missing 5%, but I have completed the room. Every answer is correct. Because of this, my pentest+ learning path is 99%complete, when I have completed it

#1092490706385383524

hi

Hello :) how can we help you?

I have problems with the machines. They load but do not get over 83%

what machine is specific? what browser are you using?

I tried different machines, all of them do not load. I use firefox

Are you referring to the Attackbox?

idk what i did but it works now

Is there anyone who has had issues with macOS OpenVPN Client? It says I am connected, even THM recognizes me as connected, however, I still can not reach any machines.
Even ping times out.
Using OpenVPN Connect | Version 3.4.2 (4547)

Server: EU Regular 2 (same thing is happening with 1)
Logs are empty in the OpenVPN Connect Client

Does anyone have problems with not getting reverse shells with openvpn? I get them in attackbox, and can ping and connect to the target, but for all machines lately I am not able to get reverse shells in my own virtual machines. Just tried like 4-5 rooms where it is just uploading a reverse shell to the server or just eternalblue, but it wont' get me a shell

Use the terminal, not the GUI

Guessing the client from homebrew? Since the OpenVPN Connect application doesn't come with a CLI tool to connect like the usual openvpn linux application.

Yes

dang, it works, thanks!

Gave +1 Rep to @bronze vale

hello I have an issue with the path " comptia pentest+"

it says that it is not finished but it is

It's a bug, they're working on it #1092490706385383524

thank you 🙂

You're welcome 🙂

Bit old news, but streaks seem to be based on UTC, not local TZ (from peeking at the JS that drives the streak-counter in the header).
I've seen a situation where the counter on /dashboard (based on local TZ) reports a day with 0 answers (and >1 the following day), without losing my streak (pre-freeze-feature, of course).

Oh yes, I have discovered something related but from visuals not code
see my message here #site-bugs message
It's annoying tbh

I can't download my vpn file

It redirects do https://tryhackme.com/404

what server location are you using?

I'm downloading from the access machines button

europe 2

did you try any other server?

ok just switching and putting it back worked

sorry

You're welcome :)

hello i have a problem

what is it ?

hello, I've been working on CompTIA PenTest+ together for a long time and I finally finished it, but when we want to get the certificate it gets stuck at 99%. And when making the vulnerability module, the ip address of the machine was not directed to the site, so it remained only in that part, so the answers in the tutorial were uploaded.

that is, it shows the comptia certificate /99, when I look at the unfinished module, it shows 100/100.

what can we do about it

it's a bug that thm is on fixing it

does everyone have this problem

will it be fixed soon

some ppl do yes. idk when will be fixed. prob asap

thanks bro

check the #1092490706385383524 might be there

Just wondering how I can get my certificate for completing the offensive Pentesting learning path. Because I got 100% on it and it gives me the celebration when I click it but it says I don’t qualify or something when I try download it. Plz help

It must be due to the issue in the Vulnversity room. This has been submitted in #1092490706385383524 and THM Staff is looking into it.

I am new to this resource, I have a problem with payment. I have two working cards - Turkish and American, both do not work, maybe someone has a solution?

Did you contact you bank? maybe they have a reason for that. You can also try PayPal if that works for you

@naive dust

strange that the payment does not work on this resource, maybe if the payment solution in another way?

yes

did your bank tell you that the problem from the recipient?

He said that they have no problems, and my card was not detected restrictions. they said to contact the support site where I try to buy

I can pay on other services and make transfers, but for some reason I can't pay on this service

Alright, sounds like more of a technical issue, you probably need to contact THM using their support email support@tryhackme.com

ok thx

You're welcome :)

They'll just be sent to their bank.

It's a bank issue.

Hello folks

Good afternoon.

This channel is more for THM related support.

Please use #cyber-and-careers

Or #general

My bad I sent them here, didn't know where else to go

good to know about this

Hi. What should I do to be able to attach an image to a post?

Verify

!dovs verify

!docs verify

Use the above link. 🙂

Thanks.

http://10.10.90.230/playground.php?file=http://10.10.170.135:8000/cmd.txt does anyone know why im getting a syntax error from this?

send screenshot maybe

what's the payload?

also #room-help

oh aorry ill go there

sorry*

!email

I need help getting access to a business account that was recently purchased and setup. I have tried the chat box and email, no responses.

When did you E-mail?

Earlier this morning.

We can log in, just still prompting to "purchase for business"

Please wait 3 days from Support to reply back, unless they're busy.

Somebody will E-mail you back.

That is the only advice I can give, unless support see this, and choose to answer.

Haven’t you been signed a customer success manager?

If you didn’t use self server, please contact the person you were in contact with when you made the purchase

We have not, and we did use the self server.

Hey, what is the default amount of ram that a tryhackme server gets? a vm

Virtual machine?

Yes. 🙂

512mb for non subs.

1Gb for subs.

Amazing 🙂 Thanks

Hi

Hello.

I can't remove my 2FA to renew it

I accidentally formatted my phone and lost all my data, including 2FA codes on google auth

This is a known issue to the team.

There is no fix right now.

Okay. Thanks. Can you let me know when fix is out?

You can track known bugs and their fixes here.

#1092490706385383524

Alright. Thanks

Does anyknow why I get this error when connecting to the task6 day1 in advent of cyber 2019:

I think that task is broken, you'll need to skip it.

Cool

Do the others work?

Yes.

I moved on to the next task; I am getting a timed out error

best thing you could do.

Sorry for the confusion but I moved on to the next task and am now getting a timed out errorr

I am trying to connect with OpenVPN (using Windows) to an attached VM. The access page shows that I'm connected, and I can ping it, but I can't open it in my browser. Is this possible to accomplish on Windows?

Is Windows your host?

Yes.

I would suggest against that.

Why?

Your exposing your host machine to the THM network.

It's a security threat.

So then even if I use a VM, do I have to disable the shared clipboard and stuff like that?

No.

Hey guys and girls!
Anyone got this error message in OVPN
I'm trying to add the "BreachingAD" VPN and fails with below error.
I have no issue connecting with the regular VPN connection
please reply or ping as I might not be on this screen

Try editing the file and changing dev breachad to dev tun

Its fixed Thxx

Thx @dense bramble

Gave +1 Rep to @dense bramble

You're welcome 🙂

Is there anyone I can speak with, regarding some vouchers?

Have you tried http instead of https? I completed this a week or so ago and was able to make it work.

Is there a way to get the .pcap files from the vm on wireshark: traffic analysis room (without spending 3 hours doctoring something)

the vm does not have web access in certain cases, and I want to get the pcap locally

Hello

I Have No Complete Beginner Room

Help Me

I'm not staff, but I may be able to answer

You can use wget (setup a python webserver in the target and wget from local), nc or ssh (if you have ssh credentials)

no module installed

for python 3 httpwebserver

ssh pubkey denied

this is actually super annoying, why don't they just allow u to download the .pcap from the task

ill try nc

sry that python module is present, i made a typo

trying it

Have you checked SimpleHTTPServer in python 2?

yeah it's working, i made a typo, thanks!

Gave +1 Rep to @ivory spruce

hey all, I am struggling to install netcat on my LINUX VM i keep getting "E: package "netcat" has no installation candidate" Ive been smacking my head on google and all i can find is for UBUNTU or they want me to edit my sources list which i did and i still get the error. Weirdly though on my root it is there, will i can type nc -lvpn (port) it doesnt do anything and is in limbo

any help to get it to work for the Relevant room?

What is your exact command when installing netcat? Also, when you setup a listener, the port number should come right after the p flag.. like nc -lvnp (port)..

so i have my root user and then my name when i do my name it is sudo apt install netcat

wjen i am in root its is just apt install netcat

Have you tried nc?

sudo apt install nc

yeah i still get "E: package "netcat" has no installation candidate

but i can use NC commands they jsut dont do anything

im trying to listen on port 1234 for my reverse shell

Though nc usually comes pre-installed in most distros

so i type nc -lvnp 1234 and it jsut goes to a command line with nothing i have to ctrl c out of it

Have you tried sudo apt update?

yeah i have buit it doesnt fix the error

Have you checked that your reverse shell is working fine?

i wish i could show a photo of what i am encountering

it seems written up properly

You could, but you need to verify first

how can i test if i cant actually listen tot eh port thn

!docs verify

After verifying your account, you would be able to post a screenshot here

that is all i get

it shoudl say listening or something like that

ive been strugglign witht his room and literally following someone word for word till i got into this netcat issue

Have you tried adding the -v flag?

It seems that nc is installed on your machine, otherwise, you will be prompted or asked if you want to have it installed.

i deleted the VM and gonna create a new one and try the room again and see what happens

So...I might've corrupted my Kali VM 😅

Earlier today, to start with the Odin Project, I setup a normal Ubuntu VM for using with that and it worked fine.

Just now, I started up the save state of my Kali VM to continue with TryHackMe, but it completely froze as I tried to install Google Chrome from the command line. Sending the shutdown signal wasn't working, so I pressed the option to completely power it off.

Now it's only booting to this screen.

Looks like something corrupted the boot loader. Please use #infosec-general for convenience, as this channel is more for VPN related problems.

do THM openvpn certificates from /access page expire if I download a new one or do old ones work after downloading new one?

since it seems like in the access page I'm connected but when I start the machine from https://tryhackme.com/room/openvpn I can't access the page

Haven't tried to access from an old one.

I usually delete then regen

I tried with a new one as well, same problem occurred

Which error do you get?

just this

Are you sure there is a webserver at the ip?

What about the vpn configuration output?

I'm pretty sure, (I had once completed the room alrd but trying to see if I have all working, hence I'm doing it again)

config output?

When you connected to the vpn on the CLI.

What should I be looking for in there?

Hmmm, something like this? ```
2023-05-09 03:30:42 OPTIONS ERROR: failed to negotiate cipher with server. Add the server's cipher ('AES-256-CBC') to --data-ciphers (currently 'AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305') if you want to connect to this server.
2023-05-09 03:30:42 ERROR: Failed to apply push options

yep... that had something to do with it and is now fixed! Thank you 😄

Is there any way to contact THM regarding my streak rather than the Reset Streak option in the website?

My initial request got answered late so I’m now 10 days behind on my streak, which doesn’t seem to be getting sorted as it’s a continuous knock on effect of my requests regarding the same issue putting my streak further behind what it should be.

Hello together,

Cannot connect to the VPN servers using OpenVPN. I've tried every solution that I found starting from the script in GitHub (thm-troubleshooting) to changing cipher AES-256-CBC line in your .ovpn config with data-ciphers AES-256-CBC and etc.

!vpnscript

IIRC, support no longer add on the streak you obtain whilst you're waiting for the streak to be reset, I could be wrong, but I'm sure I seen that said.

I've tried already this script, but without success

Have you tried to regen it again?

Yep. Tried to regen and different servers as well

What is the error you are having?

You might need to do the change manually.

nano filename.ovpn

Then change cipher to data-ciphers

I guess the same as most of us. The "cipher" error

It is already correct in the config file

It is data-ciphers

Ah really? I won’t bother trying to maintain a streak anymore then, as I seemed to have missed a day by doing some at 0600 then another the next day at 0900 so it reset my streak, due to the 24hr being based around when you last did it (I think that’s how it works).

Can you verify and take a screenshot please.

!docs verify

someone is having some problem connecting in openvpn?

I have openvpn version 2.6.1

There isn’t an error

is only warnings right? but i can't connect either

It can’t connect to the server, that’s a different issue

try and regen your vpn file, it says your "certificate are not yet valid"

ohh i see

!openvpn

hold on

the script won't help

oh

Does this occur often?

I already do that

it have occured after the updates of the servers

Weird

change to a different server and try again

same ahah

but i'll try again

I've got the same issue

Speaking to the devs

Can someone dm me their OpenVPN file please

what vpn server are you trying to connect to?

EU-VIP-2

I will send you

i tried eu-regular-1 eu-vip-1 and eu-vip-2

sent

I've tried most of the servers. Always the same error

yep

at first i update openvpn and yet nothing, then the file and changing servers don't change nothing to me

cc @weak flower @crisp orbit @exotic dove
Have messaged the devs, I've tried your configs and they do work on my end, but I'm still going to enquire.

Make sure your system time is correctly set too (including daylight savings if that is an option).

Oh I messaged you my vpn for testing, it's working for me already :D

@rotund sluice The new room link is not working #retired-rooms message

Lemme take a look

Fixed, we changed the link to a prettier one 🙂

Thanks for reporting!

Glad to help :)

Is there a disconnect timeout for the machine connections, I would think there would be! But the timeout is very quick. By the time am back from reading the stuff its already out.

which machines? AttackBox you mean?

or like SSH service on room machines

The attackbox

I don't think they have a connection timeout

they stay for like 1 hour

then you can extend or terminate

see https://help.tryhackme.com/en/articles/6721845-the-attackbox-explained for more info if you like

It previously used to be in minutes or so, now its down to seconds

Will look at this, thnx

They might be laggy if that's what you mean, but I don't recall they have a connection timeout but they have an expiration time (~2h)

You're welcome :)

I am also having issues connecting to VPN. Both US east and VIP West. Refreshed my files and everything.

!vpnscript

try this script

My Nessus login won't open when I go to https://localhost:8834/#/scans/folders/my-scans . It keeps saying unable to connect not matter what I try. What am I doing wrong?

did you start the nessus service first?

Okay, Im going to show I'm a newb. How do you do that?

no worries, we've all been newbs - you can start it with this command sudo /bin/systemctl start nessusd.service

So you have to start the service in a terminal before you try to navigate to the url. Correct?

yes, you can stop it after by just changing start to stop in the command

I new it would be something easy but I just didn't know what. Thank you for your help!!

you're welcome 🙂

+rep @dense bramble you deserve it :)

Gave +1 Rep to @dense bramble

aww, that's nice 😊

Even though I have completed the vulnersity section, it shows as incomplete for you too?

It's a known bug, they're working on it #1092490706385383524

!vpnscript

200 EPRT command successful. Consider using EPSV.
550 Failed to open file.

any help?

More information required?

FTP?

I’m having issues with my connecting, can’t connect any box via ssh, or transfer file by any means. I have tried diff file transfers approach but none work. I have also changed diff vpn zones still same issues. Please I need help

I moved to the AD Wreath network, still having same issues can’t transfer tool to the victim’s machine please help

Card declined or unable to make payments?
Please email support@tryhackme.com and provide the last4 digits on your card, date that you tried to make a payment (DD/MM/YYYY) and full name that is on the card:)

hi i'm having trouble to keep reaching the target machine or enumerating anything on it because it is super slow, wether i am on my kali with openVPN or on the attackbox. How can i fix it (if the issue is coming from me)?

Hello, I am curently stuck on [attachment]. Reset Upload seems to be doing nothing. Any suggestions?

Can you try using a different VPN server?

ctrl + f5

it's a refresh bug

:/ Doesn't work. Even when creating private window and logging in there the issue still persists.

hmmmmmm

What are you uploading?

A VM.

How big?

4 gb

But I canceled it like 1 hour ago.

cc @zealous yoke

Aha wiping all tryhackme data and then clicking the button did the job.

Hello guys

can someone help me ?

https://tryhackme.com/forum/thread/6457e4c6922351024e6444d0

!vpnscript

@tropic gale ⬆️ start by running that script to check for common problems

already did

sounds like it could be the MTU messing it up

(and added it to PATH 😂 )

whut is dis ?

max transfer unit

mmm

how to change it ?

see this message in this channel: #site-support message

Still not working :[

welp then the issue is somewhere else

do you have multiple vpns running????

nope

if you run ip address show there is only 1 tun device right???

yea

well blame your internet connection or isp maybe

oki :\

wait what's the prob

Are u Using ur TryHackMe IP or Public IP?

think you have to run the script in the same directory where you vpn file is

yes true

did it bro

Thm IP

so what is the error when u do wget ?

I need help with billing. I purchased a year subscription in November but it is set to renew this month? That doesn't seem correct to me.

You would have to email support for that

!email

@zinc wharf

!docs verify

just "Not found"

i fixed that with the port number

switched from 7777 to 80 and it worked perfectly 👌

firewall ?

bruh

It depends on what ur trying to do

dl pretty big exploit

if hosting a Web Server on Http port and service is expecting to connect to the default 80 for http then that's why

but if I do 00.000.00.0:port it shoud dono problem nah ?

OMG bro

What ?

OMG what ?

😂

I can't get more than 5

guess what country i live in

bro

fr ?

DOWNLOAD Mbps
3.69
Ping 92 ms

No turkey 😅

bruuuhh

fr = for real ?

but oklm

Don t understand

We are racing with mbps Zimbabwe bro

no problem

what is this ?

Our internet speed is at the same speed as African countries.

..

I’m having issues transferring file to my target machine. I can ping and get rev shell on the target but can’t ssh or transfer file to it. Please help

Screenshots:

https://ibb.co/yfvG46X

I attached screenshot of the THM-troubleshooting

I have completed the Vulnversity room but it still shows as incomplete, it also means I can't claim my certificate.

its a known bug, THM is aware

#1092490706385383524 message

Trying to work through Protocols & Servers 2 and it seems like whenever I try and SSH anything I just start getting 2023-05-10 03:05:29 read UDPv4 [ENETUNREACH]: Network is unreachable (fd=3,code=101) in my Open VPN terminal

Just lines and lines of that

Vm?

Yeah, just a kali in Oracle virtualbox

Does it have an Internet connection?

Could connect to youtube in my VM

Access says I'm connected

Can connect to Bastion through another room

Seems like my VM just doesn't like SSH

ip a s

How many tun* do you have?

Please I need help !

İ have that same problem

try this command sudo ip link set dev tun0 mtu 1200 then try ssh again

They're working on it :) #1092490706385383524

you can also verify to send screenshots directly

!docs verify

Hello @exotic dove thanks for the reply, ssh is not the only problem I’m facing. The troubleshooting script indicates that I have a connection problem. Please look at pic link I posted as I can’t share image here (don’t know why the add button is inactive).

Gave +1 Rep to @exotic dove

[-] MTU value failed at 1000, aborting MTU check
[-] Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum

I get this from the troubleshooting script

The script might have failed due to MTU check, try to run the script after setting the MTU manually above, see if that fixes the issue

also see #site-support message for image attachment

I did ran it again after setting what you asked me to do

okay, does it fix the ssh though? regardless of the script error

another solution would be to try this command sudo ip link set dev tun0 mtu 1200 and see if the vpn works

the script sometimes fails regarding to this, you'll have to manually set the mtu to something around 1200 and it'll usually fix the problem, use the command as Ayham just sent, while your VPN is running

if this doesn't work, then please provide a screenshot of running the vpn normally without the troubleshooting script so we can see what errors the script might give you

I’m on it I will keep you guys updated. Thanks

@pastel tinsel @exotic dove the transfers are going now. Thanks guys

Gave +1 Rep to @pastel tinsel

+rep @exotic dove

Gave +1 Rep to @exotic dove

Glad to help :)

oh thank you

Gave +1 Rep to @pastel tinsel

that's rep spam haha

Aye I completed the Web Fundamentals path about a week ago. I have the cert to prove it. However it looks like the OWASP Top 10 room got completely replaced and now my Web Fundamentals path is shown as incomplete. Is there any permanent achievement for Web Fundamentals that remains online?

I did but it seems to work better the first minutes then about 20min later it is the same I can't reach the target IP (can't even ping it).
I run the troubleshootting script everything is ok on this side

It was replaced with newer content.

Hello, I am having a hard time getting any real response to my refund tickets. I purchased a month of VIP on the 1st, thinking that it would give me access to the AWS content, only to find out that the VIP tier alone does not get me access. I'm fine with that, but I don't think it's a stretch to ask for a refund, especially since I haven't used the subscription for anything else since I bought it.

I opened a ticket back on the 1st, but it was closed on the 3rd with a response stating what I already know. I've got another one open, but after it said they should get back to me in an hour, now it says they won't be back until tomorrow. I would appreciate any help I can get.

Hi, idk if its a good channel but please dont ban me XD
So i want to install a crack software but i dont want to harm my pc so i want to install it on a virtualbox windows 10. Is it possible that viruses will infect my main OS? I would like to add that I want to use internet on my virtual machine.

@broken bear

Support will get in contact when they do, its usually 3 days.

That would work, if they wait sufficiently for me to respond and not just close it out with an "answer". I will wait again, 10 bucks anyway not really a big deal, just the principle of it.

If anyone who manages the web UI sees this, I would recommend making it VERY clear that the AWS rooms require a business subscription. The info is there but it's not in any way obvious until you try to click into one of the rooms

I strongly recommend you don't pirate software, as cracked software often contains hidden malicious files

and it's theft

oh so i will try to find something similar but legal

Buying the software usually works well.

Anyone know default password of Attackbox ?

Yes i know but i think that 299$ for topaz video enhancer is a little bit too much

well, if you don't pay for it, it's theft. There is no "similar to cracked software but legal"

Seems pretty clear to me

Like I said, it's there but it's one of the last sentences in the text. That needs to be stated up front or highlighted, bold or something.

Why? Its in the prerequisites which you should read anyway

#feedback-and-ideas you can ask here though, direct feedback

I'm sorry, I don't always read every line of everything, my own shortcoming I guess. I should at least be able to get a refund for a mistake, if not no big deal.

Sure, you should be able to get a refund

Tbf.

It's in the prerequisites section

Trying to access https://LAB_WEB_URL.p.thmlabs.com in THM vm but keep getting 504 Gateway Timeout

Any ideas?

You haven’t pressed “start machine”

I have. Still doesn't work. Was at my uni library and it was working perfectly yesterday. Try today at home and it's not working.

LAB_WEB_URL will be replaced with the IP address of the machine when it’s started

Seen a post saying to replace LAB_WEB_URL with machine ip. Tried this, and still get 504 Gateway Time-out.

Send the IP address?

I ended up just using my local vm instead

Thanks

I'm confused

Task machines are for completing tasks to get the answers:) How are you going to complete the room?

Going to use openvpn on my kali vm

Ngl this question bugs me. RPC is the authentication model, the protocol its actually using to communicate is TCP or UDP, or am I mistaken in the terminology?

Remote Procedure Calls is used to communicate.

IIRC because the client and server could be two completely different systems, and they could represent data in different ways

There are many different networking protocols, RPC is one of them

Bingo, I misread the documentation, my bad lmao

It runs on top of TCP

TCP/UDP is only used for the inital connection

https://www.ibm.com/docs/en/aix/7.1?topic=concepts-remote-procedure-call

RPC presumes the existence of a low-level transport protocol, such as Transmission Control Protocol/Internet Protocol (TCP/IP) or User Datagram Protocol (UDP), for carrying the message data between communicating programs.

Encapsulation

It's finally clicking in my brain but if you don't mind me asking for clarification, when referring to sever-client models we are automatically assuming its in the session layer, right

What was the command that showed in which formats the payload can be output

Hi Team,

I'm having issues fetching my certificates. Can anyone help me?

Does this certificate include Vulnersity in it?

Hi, I wanted to add a friend but it says friends list is in maximum. will this be updated soon or I need to remove?

Hello, https://tryhackme.com/room/opencti when starting the webserver machine the port 8080 is not open.

have a question. when using the VR machines they are very slow and delayed. is there something simple im missing to fix this? thank you very much

the virtual machines are slower on some specific things but shouldn’t be extremely slow, it’s is causing a big trouble on the site then I’d suggest using your own virtual machine, if you’re saying you already have your own virtual machine then perhaps try the one on the site for tryhackme related tasks Incase your computer simply cannot handle running a VM

I’d personally suggest just getting an old laptop and installing kali or parrot on it

Ok. It's super slow. Like click or press a key then it reacts after 3-4 seconds. I can try to set up a vm on my pc. Just wish I knew why the vm on the site was so painfully slow. Thanks!

anyone to help with this issue in the support team ?

connection related most likely, I haven’t had buttons be slow but all nmap scans are extremely long on the sites VM as to compared to my VM

hi

Hello, are you using VPN or attackbox?

vpn

can you verify your profile and send a screenshot of when you connect to the VPN

!docs verify

here it is @pastel tinsel

What about your VPN?

I am also connected to vpn

??

can you show that?

Hi there 👋
I have a little problem on my dashboard.
The vulnversity room appear as not finished but she’s completed.
Is there anything to do?
Thanks 🙏

#1092490706385383524

hi everyone! I am new here and I need help with OpenVpn, it does not work. I tried a lot of things and spent tons of time. Please help ❤️

I think that's general, because I've got the same problem and other people report that too

@trim stream @weak flower Have you tried the vpn troubleshooting script?

!vpnscript

yes and still nothing

even in windows does the same

does it not give you an IP on THM or does the vpn give an error in terminal?

Also can you try another VPN server
try to reconnect to your router and run the vpn again
does the vpn troubleshoot script give any error?

already did with vip and normal servers

in windows does the same like @trim stream show later and never can connect

but yesterday they said my configuration file worked in their machine

try this command openvpn --mktun --dev tun0

the script says tun0 doesn't exist which might be openvpn service not working properly

try with sudo

oh i forgot that haha

It happens ;) let's hope it works tho

now tun0 exists but failed in mtu

alright try sudo ip link set dev tun0 mtu 1500

then rerun script
if doesn't work try sudo ip link set dev tun0 mtu 1200

i've tried but nothing still

try to run the vpn server, nvm about the script

see if the vpn works

okok

the same problem with cipher

does it not connect to THM tho? does it say connected?
https://tryhackme.com/access

no unfortunately

can you update openvpn to 2.6.2? maybe that helps

it says that i'm in the latest version (2.6.1-1), how can I force the update?

btw, did you run the vpnscript with ovpn file in the same directoy?

yes

might need to sudo apt update

how can I resolve this?

the cipher is not a problem, it's just a warning pop up, due to openVPN changing their setup from cipher to data-ciphers

yea I am testing on my end I got the same warning and the vpn works

might be worth leaving it for a minute or so @weak flower

let it run the vpn

VPN configuration file is not downloading for windows , it is showing “error uh-oh , this page has been lost in matrix “ . Can anyone tell solution ?

it's supposed to change to cipher?

please change vpn server and regenerate the config

no, it's just how openvpn works that has changed and therefore giving the warning

Same error

ohh okok

how long have you waited after regenerated the config?

can you send a screenshot of when running the vpn normally and then waiting a bit?

It worked , thanks !

Gave +1 Rep to @pastel tinsel

you're welcome

when did you generate this script?

the config file was yesterday, i've been trying all day long haha

https://openvpn.net/faq/tls-error-tls-key-negotiation-failed-to-occur-within-60-seconds-check-your-network-connectivity/

I think you can identify if it's a router issue by connecting to your mobile hotspot and run the vpn, that should theoretically work, if it does then it's from your touter otherwise it's from your machine

I'm gonna need to try later, I'm workin in a soc so probably the firewall have some rules blocking ovpn

that's most likely the reason :)

hope so hehe

thanks for all the help, later I say if i could use the vpn

You're welcome :)

That is the reason, company setups tend to block VPNs

yep, i'm gonna need to talk to make an exception hahaha

Yeah, talk to your supervisor

the strange part is one of my colleagues can connect to the vpn in the soc so I don't know if it is just the network

It's better to talk to your colleagues about it than us 😅

yeah it's better hahah

Currently having an issue with netcat working when doing the pickle rick CTF, watching the john hammond wakthrough i've done his exact syntax apart from using his ip for the reverse shell in which i used my tun0. The command works for him and im doing it in the exact same way

my ufw firewall is entirely disabled and I've reinstalled netcat and to my surprise nothing has worked.

I have made a netcat listener prior to executing the command but the issue is that I do not get listening 0.0.0.0 etc it simply just says

└─$ nc -lvnp 4444
listening on [any] 4444 ...

then does absolutely nothing. Any help would be appreciated.

Any also means 0.0.0.0 the reason why it says 0.0.0.0 is because it's searching for all ips there is

Ah well I try to run the reverse shell and I never get any response , I had same issue with upload vulns module

Are you connected to the VPN or using the attackbox?

I'm connected via openvpn

Have you changed the reverse shell to your ip

Yes I've copied what john hammond did in his walkthrough and changed the ip of his reverse shell to be my tun0 ip

Hmmm, can you verify your profile and send a screenshot of your setup?

!docs verify

I cant on this discord atm as I have an account verified

this is just logged in on my other discord

let me login to my other account if you need or i can dm you the screenshots

Please keep it in here cause i ain't online the next hour or so

Sure let me login hold on

Alright let me grab it for you

webpage doesnt endlessly load like how it should, just instantly goes back to a blank command console

nothing in netcat, stays the exact same

Are you using WSL?

nope

installed the OS onto an old laptop

Are you connected to the VPN service?

Yep.

Send a screenshot of the output, please

I can access the site + ping it for a connectin an a reply

Output of the openvpn?

yes

You're accessing the website through the public domain, not the private one

You shouldn't really be using .p.thmlabs unless told to, some challenges don't work that way

gotcha

Have you tried a different reverse shell?

I havent but I had a similar issue when attempting to do a different one on the upload vulnerabilities module

I'd try it myself and it wouldn't work so I figured i'd watch a video as I must be doing something wrong an I do as they show and they get a netcat response although I dont

Theres another way of doing the CTF without rev shell which I'll probably do but I am very confused on why it doesn't work haha

Can anyone tell me why VPN(adenumeratinon.ovpn) is not connected?

Attempting to establish TCP connection with [AF_INET]3.248.169.226:1194 [nonblock]

Not without more details, verify and send screenshots of your vpn output

Always stuck here

!docs verify

screenshots is here

I using the regenerated configuration file

and the port is open

I think I know the reason. the tcp port is not working

you have not connected yet

update your openvpn

I'll need to check, but it's “cyber introduction “ and “pre-security”

My openvpn is the latest version.

For some reason it runs 2.5.7, shows in your first screenshot

I just checked and its not included in both. I remember seeing some folks not being able to generate their certificates as well.

Yes, so I upgraded the latest version of openvpn, but the same problem still exists. Sorry, I didn't make myself clear just now.

At the top of your .ovpn file try change the "cipher" line to: data-ciphers AES-256-CBC

it's a long shot, but what does this running this script say?

!vpnscript

anybody know why a learning path shows incomplete even though I have completed all the rooms in the learning path?

There a bug having an effect on not counting properly.

#1092490706385383524

it's a #1092490706385383524

Vulnersity is a common one for everybody.

yelp thats the one that is showing complete

Team will issue a fix soon, it's happened before.

That issue was resolved^
Their VPN config is still connecting.

@bold flicker Does the issue still exist?

Solved now, this is the right way @bronze vale

That shouldn't work

Your OpenVPN file is telling you that the data-ciphers has already been set

I modified this.

Hey I can't seem to upgrade to a premium subscription for some reason—every time I click the link it crashes the popup. Have tried on desktop on three different browsers (Edge/Firefox/Opera) with everything allowed/enabled; tried on my iPhone through Safari—exact same weird glitch failure and ergo still unable to subscribe/upgrade. Any ideas?

Hey the VPN page isnt working or something

It redirects me to a 404