#site-support

Can you press the diagonal arrow on the left?

try open attack box in new tab also

yes and then i have the same black screen, but full screen

Yep, have tried that too

@bronze vale are you still interested in machines not booting up properly (attackbox this time)

Does full screen work or no?

no. Still solid black. new tab, solid black

other browser ?

IP address?

like I said edge, chrome thruuogh windows, firefox through kali

10.10.57.29

Machine seems to be booted fine

@zealous yoke AttackBox blackscreen?

Jabba, are there any THM employees who can jump into a users AttackBox instance, or is guac somehow locked to a user identity?

heres the fullscreen version, fysa

CMNatic

copy that link and send it here

Looks like it's your computer

Or network ?

Network is included in that, yes

tryed some RDP like remmina ?

Like I said I was just rununing 2 servers and then 8 VM's for OSED prep and had no issues with CPU/memory/latency/etc

You tried using a VPN?

I cant wrap my head around attackbox being more resource-hungry than offsec and sans vm's.
I havent because THM says the attackbox was the recommended way. I guess I'll have to try a VPN instead

It's not though.

VPN to access the attack box

Not the internal network

I'll try now,

Works when I choose a Canadian IP but not American. Thats super weird. Regardless, that did make it work.

Yeah I suspected it was something to do with your network

Not sure what specifically 🤷‍♂️

Im curious why choosing a Dallas or Chicago IP through the VPN wouldnt work but canada does, but Im not going to try and figure that one out .

Thanks!

What VPN provider?

It might be that the Dallas or Chicago IPs are on a block list from malicious use

It looks like the browser (or extension) is blocking something

Express

They tried on different browsers too

Works with Canada though so I’ll roll with it. Lol

VNC works okay for me, we'd need console log errors

Hello! Can someone please help me with an issue? I got 46 streak on tryhackme, but have not got anything for the 5% off swag at 45 streak

!email

You need to E-mail support and request the code.

Thank you!

Gave +1 Rep to @weary spindle

Hi, I am in the first room called Intro to Offensive Security, when I type the command: gobuster -u http://fakebank.com -w wordlist.txt dir

I get the error: File does not exist: wordlist.txt

This room worked a couple of weeks ago and I passed it. Can someone tell me what's going on please? I need help. Thanks!

try it like this gobuster dir -u

It still wants the url and wordlist

Can you please type out the exact command and I'll try that?

you have the syntax you just need to supply a wordlist

are you using your own vm or the one from the site

@sterile mist you should be able to copy the syntax from the lesson over and it will work

the http part doesn't look right, or is it?

is it supposed to be http://$IP ?

nevermind it's discord

can you join study session vc and i can walk you thought it

How do I join a study session?

do nt post that here

ok

All i see under the "study sessions" section is a session announcement

ok join a call tho dm if you are ok with that

sure

could anyone help me with the Enumerating AD Room? Im STILL having trouble connecting from my kali box

added za.tryhackme.com to /etc/hosts and i can connect to http://distributor.za.tryhackme.com/creds to get the credentials for the room but whenever I try to SSH/RDP using the credentials doesnt work and just freezes

tried resetting the enumerating AD network twice now

this entire AD room for the offensive pentesting path is a massive fucking headache connection wise

when i run nslookup za.tryhackme.com or thmdc.za.tryhackme.com it resolves to the DC IP as it should? dont get why SSH/RDP isnt working and just keeps freezing

I cant get open vpn to connect, no matter what configuration key I download, none of them seem to work, I'm using 3.0

any help would be great

try runing ps aux | grep openvpn tp search for any openvpn processes running

if there is any running run:

sudo kill -9 <PID>

im using windows

then to reconnect-
sudo openvpn --config <VPN FILE NAME> --daemon

for windows:
tasklist | findstr openvpn

taskkill /F /PID <PID>

to connect:

openvpn --config /path/to/config.ovpn

I tried tasklist and it sent me to another prompt

no output

??

tasklist is a standard windows Cmdlet

there are no tasks running apparently

there has to be lol

it isnt showing if there is

should i use powershell?

im using cmd

yea either work

still nothing

try rebooting and reconnecting to the VPN im not really sure, never tried connecting from host OS always just used a kali box

Get-Process | Where-Object {$_.Name -eq 'openvpn'}

that the powershell cmdlet to find the openvpn process/service if its running

perhaps I should try running it in virtualbox instead if it works there

I'll take some time to install it and try it on my kali purple and get back to you if it still doesnt work

yea thats what id reccomend, if no luck after that just use the Browser Parrot VM

👍

thanks again

np

I also cannot get the VPN to connect to my own machine.

"Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case"

Can't find a fix 😕 tried adding in extra to data-cipher but still fails.

When did you last regen your VPN?

And which server?

Regenerated a few minutes ago. EU servers. Tried all 3, over the past few weeks. Can't connect to any of them

!docs verify then post a screenshot of the openvpn output please

!docs verify

that looks like it is running and working as intended

can you try accessing 10.10.10.10 in your browser???

Although it seems connected, I cannot use Kali because it's stuck as the screen shot shows. I can't input anything.

I can access 10.10.10.10 yes. But cannot input anything into Kali

open another terminal

it is meant to run like that

to kill the vpn connection later hit ctrl + c in that terminal

Oh 🤦‍♂️🤦‍♂️

Thank you 😊

"2023-07-29 01:36:07 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-07-29 01:36:07 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-07-29 01:36:07 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-07-29 01:36:07 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-07-29 01:36:07 library versions: OpenSSL 3.0.9 30 May 2023, LZO 2.10
2023-07-29 01:36:07 DCO version: N/A
2023-07-29 01:36:07 TCP/UDP: Preserving recently used remote address: [AF_INET]3.7.33.194:1194
2023-07-29 01:36:07 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-07-29 01:36:07 UDPv4 link local: (not bound)
2023-07-29 01:36:07 UDPv4 link remote: [AF_INET]3.7.33.194:1194"

i am not able to use openvpn can someone help???

try regerante your config file

i did it 10 times 🙂

whats the full command output

i don't know why i am not able to paste a image here??

!docs verify

verify and that'll work

thats not the full output

🙂

@glad oyster

did you press cntrl+c?

yes u said to show u the full output

so it just hangs here?

yes

it repeat

how long have you left it?

uhhh

what country are you from

india

huh that shouldn't block it unless its something else?

@bronze vale

it was working fine yesterday i dont know what happened 🙂

it worked the vm was using my uni wifi and vpns are blocked 🙂 i did'nt noticed thanxs

What Wi-Fi connection type are you using?

it got solved but what do u mean by type of wifi connection?? it is 5ghz bandwith and its security is wpa/wpa2-enterprise.

Ah yeah that’s what I was going to ask

thanxs 🙂

👍

Is the OpenVPN EU-VIP 1 server lagging ?
It's taking ages to ping a server and I cannot replicate that "slowness" with another VPN

For like 2 minutes, I can ping the server and it responds, then I can't for another 2 mins, then it comes back

Yes I did, from what I've seen people most issues are about people not beeing able to ping at all a machine, which isn't my issue
Using the Troubleshoot tool didn't tell me anything too besides that it's supposed to work

I recently tried a Windows network room and used the VPN but considering it's two different config files I feel like it shouldn't matter, even tried to regenerate OpenVPN config just in case but nothing helped, which makes it quite hard especially when I'm trying to pop a reverse shell 😅

Edit : Fixed, somehow I had two tun interfaces, had to kill all using sudo kill -9 openvpn and relaunch it

Hello friends, how can I change my username on THM ?

email support

!email

How can I get into KOTH after I get an IP address

Good morning, as content creators, are we allowed to stream ourselves while completing a challenge on THM? I can't see any similar mentions in the rules if not for newer challenges.
Are there any limitations on what can we show?

Not sure if this is the right channel tho so feel free to move the messages where should they belong

You can stream/ record, just don’t use any of the graphics on your thumbnails.

If a challenge says don’t record/ stream it, don’t record or stream it

@bronze vale
Did you ever write the article on streaming etc?

Hello, since yesterday i have a problem with my kali linux laptop. when i booted it up, i came to the login screen as a normal and logged in, but then somehow only the browserwindows that were last opened were displayed to me and my background is the standart background of my login screen and there are no buttons or anything like that anymore, not even i can make the sound quiter or louder or see the time. i can only open the terminal with alt+ctrl+t and see from there that all files are still there and i also started discord from the terminal , wich i am writing about here. i cant explain it properly, try to send screenshots. ive tried rebooting and updating but nothing has changed. i hope someone can help me quickly.

sry i cant load a screenshot

if anyone wants the screenshot dm me pls

this channel is more aimed for TryHackMe material, please use #general

I asked in general but perhaps its more suited here

Is it possible to see on THM as part of which learning Path a certain Room has been done?

for example I did the Network Fundamentals Module as part of the Pre-security path, is there a way to see that?

ok

but i dont have a vm it is a laptop with kali os

!docs verify

where paste !verify

ok i have it here is the screenshot

can no one help me?

Hello everyone, I have a problem. I recently tried to connect with openvpn and my ovpn file (EU-VIP-2) and it connects wonderfull, but I cant manage to open a room with it? (windows/Lubuntu22, both with newest opennvpn version)

Are you connecting to the VPN on your host or in a guest VM?

host

its a dual boot laptop with openvpn installed on both os

i dont know if its related to the problem but before everything got broken i tried to use python to create a 443 webserver -> python3 -m http.server 443

that shouldn't affect the vpn

are you connected to the vpn right now?

yep

server eu-vip2

can you post the output of ip a s

i am currently on my windows machine but I can change to linux if needed

doesn't matter

i just want to see all the interfaces that have associated physical and virtual devices

on windows, the command should be ipconfig although i don't remember the flags offhand

ok, looks like you are connected

what's the output of curl http://10.10.10.10/whoami

ok, you should be able to see things on the THM network

When you started the VM for the room or task, were you given an IP address for the victim box?
It should be towards the top of the page

yep, But it loads forever, but nothing happends in the end

what room and task is this for?

Well at first it was for

https://tryhackme.com/room/theseowebappdbh

but on

https://tryhackme.com/room/fileinc

and

https://tryhackme.com/room/anthem

It also wont work anymore

I think i will try to switch the server... maybe this might work

so none of them give IP address you can access?

righto, loads forever but to website displayed

I don't understand what this means.

What's the nmap command you are running, and what's the output?

let me quickly try it and i will screenshot it

Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-30 00:19 CEST
Stats: 0:00:38 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 97.07% done; ETC: 00:20 (0:00:01 remaining)
Nmap scan report for localhost (10.10.81.3)
Host is up (0.038s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Microsoft HTTPAPI httpd 2.0 (SSDP/UPnP)
3389/tcp open ms-wbt-server Microsoft Terminal Services
| rdp-ntlm-info:
| Target_Name: WIN-LU09299160F
| NetBIOS_Domain_Name: WIN-LU09299160F
| NetBIOS_Computer_Name: WIN-LU09299160F
| DNS_Domain_Name: WIN-LU09299160F
| DNS_Computer_Name: WIN-LU09299160F
| Product_Version: 10.0.17763
|_ System_Time: 2023-07-29T22:20:13+00:00
| ssl-cert: Subject: commonName=WIN-LU09299160F
| Not valid before: 2023-07-28T22:19:15
|_Not valid after: 2024-01-27T22:19:15
|_ssl-date: 2023-07-29T22:21:23+00:00; +1s from scanner time.
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 94.89 seconds

Nmap works

ok now this room seems to work

how strange is this?

Sometimes windows boxes take 5-10 minutes to fully boot

mhm okay?

okay so

I am currently in

https://tryhackme.com/room/theseowebappdbh

The Victim IP is 10.10.225.248

I can nmap it and even get the ports, when I try to use it in firefox I wont get any connection the webserver

is it supposed to look like this? xD

so without the ip and this 😄

Looks like you are connected 🙂

And yeah, if you go to 10.10.10.10 on the THM network, that's the webpage you get served

Hellooo. I just got an email asking me to come back to premium with a ten percent discount but the discount code doesn't work and the email shows the old price.

I don't have the cash to buy the yearly plan at the moment, but I just thought I'd point out that wrong information is going out.

hey guys does anyone know why vnc was not working in [miui 14] android 13
i mean when i connect vnc server with termux after update my device vnc connect but not able to show anything
.
connection is well connected but screen is black.......
.
Can aneyone tell me how to fix it ??

Hi all.

@broken bear

Thats what I mean by "nothing happens"

other rooms wont even load ^^

Have you done an nmap scan on the room?

like you can see in the video - yes

i can scan it and ping it but firefox and opera wont load it

I had a similar problem weeks ago but someone it managed to solve "itself"

Are you using windows?

Windows isn't supported, you should try using a VM instead

I currently try to connect with the same ovpn from another machine to test if the problem is on my laptop

#site-support message

I currently use openvpn with lubuntu on cli

I didn't download/click the video.

okay ^^ I can scan the rooms, ping the rooms but when I try to access them via firefox/opera I cant seem to reach them, it only takes super long to load without anything to actually happening

eu-vip2 lubuntu openvpn cli

I had this issue weeks ago but it managed itself on that time

Can you verify your web browser isnt' pointing to https and http.

Cntrl+Shift+I

What does the console logs say

They are connecting to the webpage over http, the title changes but it's just a white screen

You really should look at the video 😆

That would involve clicking. 🙂

They could have just uploaded the video and it could have viewable on Discord

sudo ip link set dev tun0 mtu 1200

Try that. 🙂

nope, same result 🙂

I will try every single server now to see if its a problem on my side or not 🙂

Well thats kinda interesting, every room that only needs SSH/RDP seems to work, every room with built in webserver doesnt

but it doesnt seem to matter which browser i use/operating system

What does the console log say? Are you using any plugins or AV that could be blocking it?

i am using linux without firewall/av

sudo /sbin/openvpn Sn0wF0x.ovpn
2023-07-30 10:59:47 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-07-30 10:59:47 OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
2023-07-30 10:59:47 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2023-07-30 10:59:47 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-07-30 10:59:47 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-07-30 10:59:47 TCP/UDP: Preserving recently used remote address: [AF_INET]63.35.110.70:1194
2023-07-30 10:59:47 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-07-30 10:59:47 UDP link local: (not bound)
2023-07-30 10:59:47 UDP link remote: [AF_INET]63.35.110.70:1194
2023-07-30 10:59:47 TLS: Initial packet from [AF_INET]63.35.110.70:1194, sid=d2417137 d349b52c
2023-07-30 10:59:47 VERIFY OK: depth=1, CN=ChangeMe

maybe something here?

2023-07-30 10:59:47 Validating certificate extended key usage
2023-07-30 10:59:47 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-07-30 10:59:47 VERIFY EKU OK
2023-07-30 10:59:47 VERIFY OK: depth=0, CN=server
2023-07-30 10:59:47 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1585', remote='link-mtu 1601'
2023-07-30 10:59:47 WARNING: 'keysize' is used inconsistently, local='keysize 128', remote='keysize 256'
2023-07-30 10:59:47 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-07-30 10:59:47 [server] Peer Connection Initiated with [AF_INET]63.35.110.70:1194
2023-07-30 10:59:48 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2023-07-30 10:59:48 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,route-gateway 10.14.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.14.57.68 255.255.128.0,peer-id 13'
2023-07-30 10:59:48 OPTIONS IMPORT: timers and/or timeouts modified
2023-07-30 10:59:48 OPTIONS IMPORT: --ifconfig/up options modified
2023-07-30 10:59:48 OPTIONS IMPORT: route options modified
2023-07-30 10:59:48 OPTIONS IMPORT: route-related options modified
2023-07-30 10:59:48 OPTIONS IMPORT: peer-id set
2023-07-30 10:59:48 OPTIONS IMPORT: adjusting link_mtu to 1624
2023-07-30 10:59:48 Using peer cipher 'AES-256-CBC'

2023-07-30 10:59:48 Data Channel: using negotiated cipher 'AES-256-CBC'
2023-07-30 10:59:48 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2023-07-30 10:59:48 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-07-30 10:59:48 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
2023-07-30 10:59:48 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
2023-07-30 10:59:48 net_route_v4_best_gw query: dst 0.0.0.0
2023-07-30 10:59:48 net_route_v4_best_gw result: via 192.168.178.1 dev enp1s0
2023-07-30 10:59:48 ROUTE_GATEWAY 192.168.178.1/255.255.255.0 IFACE=enp1s0 HWADDR=9c:2d💿b2:08:aa
2023-07-30 10:59:48 TUN/TAP device tun0 opened
2023-07-30 10:59:48 net_iface_mtu_set: mtu 1500 for tun0
2023-07-30 10:59:48 net_iface_up: set tun0 up
2023-07-30 10:59:48 net_addr_v4_add: 10.14.57.68/17 dev tun0
2023-07-30 10:59:48 net_route_v4_add: 10.10.0.0/16 via 10.14.0.1 dev [NULL] table 0 metric 1000
2023-07-30 10:59:48 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-07-30 10:59:48 Initialization Sequence Completed
^C2023-07-30 11:10:38 event_wait : Interrupted system call (code=4)
2023-07-30 11:10:38 SIGTERM received, sending exit notification to peer
2023-07-30 11:10:41 net_route_v4_del: 10.10.0.0/16 via 10.14.0.1 dev [NULL] table 0 metric 1000
2023-07-30 11:10:41 Closing TUN/TAP interface
2023-07-30 11:10:41 net_addr_v4_del: 10.14.57.68 dev tun0
2023-07-30 11:10:41 SIGTERM[soft,exit-with-notification] received, process exiting

so the entire log

Your web browsers console log*

It now only says "timeout"

Forgot to turn off interceptor on Burp?

Burp isnt runninig 🙂

That wouldn't produce a white screen.

Which VPN file worked for you?

See if you go back on that one, try and load up the webpage to get the white screen, then check your console log.

I used EU-VIP-2 for quite a long time now 🙂 But that wont work anymore

With "White-Screen" I mean it loads and loads and loads and loads but nothing happens"

Yeah, but the console log on your browser will show you what's happening.

nothing much to see here ^^

Yes.

Because you're not trying to load up the page you can't..

the page still loads....

since like 5 minutes or so

will post results when something actually loads

10 minutes later, site is still loading

ohhhhhhhh I think I found something!

this command but with ifconfig and when you are connected to the vpn

seems to resolve the issue, i will tests this

lol i did something wrong 😄 also i think its wrong to say it here. can one of the staff contact me please ?

There seems some problems with the lateral movement network

Don't get a ping back on the macines

💀❯ traceroute 10.200.64.101
traceroute to 10.200.64.101 (10.200.64.101), 30 hops max, 60 byte packets
1 10.50.61.1 (10.50.61.1) 26.591 ms 52.119 ms 52.173 ms
2 10.50.61.1 (10.50.61.1) 3083.268 ms !H 3108.559 ms !H 3108.614 ms !H

hi, idk if this is the right channel to ask but does thm have auto-renew on (for paid members)? if so, how do i disable it

Just cancel the sub in your profile

If its a voucher, it won't auto renew.

so like do i cancel it at the end of my subscription?

like a day before or something

because it says if i do that it will end my subscription

Hey zqssup

I got this proble; zhenb trying to connect top ;y OpenVPN config .45

Nah, you can cancel it now.

Nothing will change except it won't renew.

Hello, for the Wreath lab I am unable to resolve thomaswreath.thm on the browser even though I added the entry to my /etc/hosts file.
I ran the GitHub OpenVPN troubleshooting tool and it shows everything is fine except:
-"MTU value failed at 1000, aborting MTU check"
-"Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum"
Does anyone have any ideas what I can try?

hello #site-support me having this issue when connecting openvpn to my kali linux any solution?

2023-07-30 13:34:47 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-07-30 13:34:47 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-07-30 13:34:47 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-07-30 13:34:47 library versions: OpenSSL 3.0.9 30 May 2023, LZO 2.10
2023-07-30 13:34:47 DCO version: N/A
2023-07-30 13:34:47 TCP/UDP: Preserving recently used remote address: [AF_INET]3.7.33.194:1194
2023-07-30 13:34:47 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-07-30 13:34:47 UDPv4 link local: (not bound)
2023-07-30 13:34:47 UDPv4 link remote: [AF_INET]3.7.33.194:1194
2023-07-30 13:35:47 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-07-30 13:35:47 TLS Error: TLS handshake failed
2023-07-30 13:35:47 SIGUSR1[soft,tls-error] received, process restarting
2023-07-30 13:35:47 Restart pause, 1 second(s)
2023-07-30 13:35:48 TCP/UDP: Preserving recently used remote address: [AF_INET]3.7.33.194:1194
2023-07-30 13:35:48 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-07-30 13:35:48 UDPv4 link local: (not bound)
2023-07-30 13:35:48 UDPv4 link remote: [AF_INET]3.7.33.194:1194

I read this in forum but there was no issue my
https://tryhackme.com/forum/thread/62bc5fb1fcafa700618f25f0

Can you try a different server and regen your config?

all having same problems

Are you in your home network?

can you explain me some more?

I only asked if you were in house, not Wi-Fi at your school/work.

yes in home wifi

@mystic reef have you found any solution?

Which country are you in?

Also can you cat your files and see which cipher you're using?

Bangladesh

it's okayyy
data-ciphers AES-256-CBC

What?

hadn't you openvpn problem?

can you tell me the did you found any solution?

I think i found one but i need to test it

can you share how you did?

I am having issues receiving a password reset link for my THM account. Anyone available to assist?

!email

Only support can, which has a wait of 6-8 days

copy - thanks

!docs verify

It appears that openvpn does work in virtualbox, but i was having an impossible time connecting outside of it

Now, I will be able to complete the Pentest+ path I'm currently on, Thanks to the person who told me, you know who you are if you ever see this

THM attempted to charge me twice this month, who do I reach out for inquieries about this?

!email

Hi, anyone tips how to get the files from the module to the attackbox? copy/paste url is not the best option since you need to be logged in THM to access the download.

Hi.. Anyone.. please help.. I was about to start the Wazuh room.. but there seems to be some API connection error. tried multiple times.. but can't connect to the server.. any help appreciated... thank you so much..

IIRC this room takes some times to boot up, and if it doesn't work, you'll need to terminate and try again

Which files do you need?

Hi @weary spindle ... tried multiple times.. trying from yesterday... but not working.. the same thing happening over and over again... created a ticket anyway..

https://tryhackme.com/room/johntheripper0 the zip file from task 10. Got it now but was curious how other people do this.

It'd an old room, the files used to be there, also a VM is an option

ah thanks.

Gave +1 Rep to @weary spindle

Hello, I think I am experiencing a bug... In one of the rooms I am instructed to run a command in the terminal and when I do the command runs but the output just outputs one line and overwrites itself. Also I believe part of the line is cut off as well specifically the part that I need for the flag. I did some research which suggested outputting to a file, using tee and less but these did not work

I noticed that If I make the terminal window smaller, the results do show on multiple line but it still cuts off the part where the flag would be no matter what size I make it.

Does anyone know when the leaderboards monthly scores reset from the month of July? It's past 23:59 GMT on the final day of the month and it hasn't yet.

For better help, or so People understand, you'll need to tell us the room, task and what you're doing....

hi , haveing openvpn issue - where can i get help ?

Here.

What issue are you having?

anyone know how i can change the location of my account

http://tryhackme.com/api/user/update-timezone

Click on here, it will take you to the dahsboard, turn all VPN's off.

takes me here for some reason

actually let me try diff broswer

That's your dashboard..

Check your profile now.

oh my bad dud not fully read what you said

im at my profile now

What country does it say?

oh united states

it worked

thank you

🙂 No problemo! 😄

If you cancel your Sub do you lose benefits immediatly?

Nope, you will after the expiration date.

Thanks, I'm currently in the "Authentication Bypass" room on Task 2 trying to run the ffuf command... But really it seems like I have this problem with any room that I need to run a command in the terminal. I experienced it previously in the "Subdomain Enumeration" room and I had to find a walkthrough to get the flag even though I did everything right; the terminal was just cutting off the answer.

For example, the line will look like this :: Progress: [1907/1907] :: Job [1/1] :: 284 req/sec :: Duration: [0:00:06] :: E

When it should look something like this keynote [Status: 405, Size: 472, Words: 98, Lines: 15] :: Progress: [904/1907] :: Job [1/1] :: 253 req/sec :: Duration: [0:00:04] :: Er

The one that I say it should look like, I did actually copy from running the ffuff command in the "Subdomain Enumeration" room Task 6 "Virtual Hosts" but I only get the part that would have the flag if I don't use the "-fs 487" argument on the ffuf command which is needed to get the flag. It's a weird issue. BTW the word "keynote" is where the flag would be.

Gave +1 Rep to @weary spindle

I think ffuf might have changed syntax with an update.

Try making the attackbox bigger.

I did try changing the size of the window and while that does change the behavior it doesn't help me get the flag. It seems to have two modes... If the window is small, it will print multiple partial lines. But if the window is big, it will print and overwrite one partial line.

Some research suggest that this could be due to the command using a \r instead of \n when printing a new line but I wouldn't expect this if its meant to be run in Linux, right?

Hello everyone!

Just wanted to leave this as a public comment for anyone facing issues connecting to the OpenVPN server from an Android phone using Nethunter.

Connection can be established successfully from the Kali terminal, but network reachability is not functional. Tcpdump on the tunnel interface shows no packets being sent through the tunnel.

Connection with the official OpenVPN app (OpenVPN Connect) can be established successfully, traffic IS sent out of the tunnel interface, but still no return traffic is received.

Using the semi-official "OpenVPN for Android" app by Arne Shwabe works perfectly, connection established and network reachability achieved.

Good day to all!

Hey there, I was #1 yesterday in my country on the leaderboards and now after the points have reset I'm being told you don't get a badge unless you make #1 for the country.

The website point system article states, "
Monthly:
The monthly leaderboards are calculated from the points given above. Monthly points reset to 0 on the last day of the month at 23:59 GMT.
The #1 ranking at that time will receive a badge on their THM profile and a random security gift."

The website doesn't specify whether it's worldwide or your country.

Is it for worldwide only?

Hello,
I started JR pen testing. In walking an Application part even tho I waited 2 mins after starting attackbox when I type in: https://lab_web_url.p.thmlabs.com/ it says 504 Gateway timeout. I restarted it and it still gives same error. Not sure where to ask, hopefully its the correct group.

Can someone help? Thanks

Might be worth waiting a little bit longer for the application (i'd suggest around 5 minutes) on the machine to start up. 504 gateway timeout means hasn't fully started up / available yet

hi, thanks, I waited 20 mins, no awail

Also checked on different day

same error

ah, having another read, if the room shows "https://lab_web_url.p.thmlabs.com/" even after a few minutes, then it means you haven't deployed the right machine. That URL will replace with the IP address of the machine

have you clicked the green "Start Machine" in the task that has the machine attached?

Worth also noting that the attackbox is not the machine that you start in the room via the "Start Machine" button. They're two different things 🙂

Hey idk if i put this msg in site support/room help

Because its about connection

ut to a room and im really note sure wwhere it goes

Everything shows up as im connected to the servers

EVen with this i cant manage to nslookup the target

okay thanks. So first I go start machine

Gave +1 Rep to @zealous yoke

then start attackbox? What if in terminal an ip address is shown, not user@machine?

I just saw that all of my badges are posting to LinkedIn like this...which is useless.

How do I get the posts to show that I completed a module? And how do I repost the old modules I've done?

Even the one that posted "right" doesn't actually say I completed it. It's just a contextless post for a TryHackMe Module.

I'm having trouble with a room. It sits here stuck on waiting for 10.10.255.154. Firefox has no proxy configured right now. Burpsuite isn't running. I am connected with openvpn. I can ping the same address. Why isn't FF loading this?

Which room is it? What service is running in it?

It depends. If you have a kali VM, you don't have to start your Attackbox especially for that room as you will only use the browser for it if I remember correctly.

Please check the pinned posts (one of the first few entries) in #breaching-ad

File Inclusion. I am using kali. It's a web server. It loads up right away on attackbox

Have you tried to restart your VPN?

yes, and I just switched to a VIP vpn server. FF still has "Waiting for 10.10.255.154..." down at the bottom

curl isn't returning either. I looked at it in wireshark and it's only getting back part of the response

Since you restarted your VPN and waited fot the machine to boot up (for maybe at least 5 minutes), THM Support might be your best bet.

Do I need to do anything about this openvpn message?

2023-08-01 22:24:23 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-01 22:24:23 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.

Not sure what this means, but I switched the vm to bridged network, and it's working now. NAT + openvpn must have been fouling something up

NAT + ovpn has nothing do with that error message.

That deals with ciphers, which wouldn't be affected by NAT.

Guys, I was having issues on windows. When I started to use Linux on my virtual machine and connect machines on there, this issue was resolved. Thank you to mods for not trying to help me even a bit.

I meant the NAT vm setting was interfering with the HTTP connection, not the cipher message. The website is loading now after switching to bridged

That's unrelated, given what you've posted and said. CIpher determination is completely unrelated to NAT vs bridged network modes. If you think that the NAT network mode was interfering, gather some logs and show where the error is. There is a line that starts with 'cipher' in your vpn config file; if you change that to 'data-ciphers' that warning goes away.

I'm confused. I agreed with you that openvpn ciphers is unrelated to NAT vs bridged. I'm saying that while my VM was in NAT mode, the HTTP connection wasn't completing, only part of the response was showing up in wireshark. After putting my VM in bridged, the HTTP connections are now working fine.

I have just started. In linux fundamentals I get a white page when I press the green button. Where do I look for support to troubleshoot this? I have tried different browsers, different computers. Cleared caches. Turned of ad blocking. Turned off and on vpn. Logged out of site. What else should I try?

Did you wait for 3 to 5 minutes for the machine to boot up? Upon clicking the green 'Start Machine' button, there will be a countdown before the IP address of the target appears.

Yes I've let it sit 5 min. The bar goes to 100% and the screen turns white and then nothing appears.

Can you post a screenshot?

No , sorry I can't

Perhaps it is a setting but the option is grayed out

!docs verify

To post a screenshot, you

you'll need to verify your THM account token with the bot

I am facing two issue . 1 st my country flag is wrong and second I have try every openvpn files but I am not able to connect through any one

I also raised a ticket but I don't get any response

It's been 9 days

Strange I have verified and I still am u. Able to post here.

*unable

you're not verified yet

Hello, I had originally created an account on THM but I had forgotten about it and made another one by accident. Upon realizing this, I want to delete these two accounts and make a new one but I don't see that option. Would emailing do the trick? If so, where should I send the email? Thank you!

@chilly pike brother help me to solve my issue I purchase subscription voucher but I am unable to do anything

Hi mindflare, I cant help with site issues, only discord matters. Please hang around and wait for staff to help you with that ( ps Im not a brother )

Ok but I don't get any support from staff even I submitted a ticket but can't get response

Ok, I dropped a message for staff but thats all I can do for you for now 🙏

Thank you hope they will solve my issue . Flag is not big problem but I can't access to openvpn that's the main problem

Regarding your country flag, you can use this one here: #site-support message

Regarding your openvpn issue, it would be best to verify, so you can send screenshots in here.
Once done, send a screenshot of your openvpn output when trying to connect

!docs verify

I have try this 100 times but not worth it . The page is loading and then same country flag is showing I am not using any vpn or incognito mode

Okay, if you have used the exact same link as in the post I shared (since there is also an old "update" link), then you might have to ask that getting changed via e-mail. As far as it goes for emails, make sure to only send one email, as if you send multiple, it might take you all the way down the queue if you send another email after e.g. 2 - 3 days

I can try to help you with your vpn issue meanwhile, if you send me the screenshot in here 🙂

Ok

I message you kindly check

Could you verify your THM profile and send the screenshot in here please 🙂 ?

Here is the link on how you can verify

!docs verify

Okk

@crystal marlin

Looks like you are successfully connected?

yes I am connected but when I try to ping a room of all the packets are lost

Can you show me a screenshot where you first run ip a and then curl 10.10.10.10/whoami
Both commands in the same screenshot please

Here I am connected

But

This is a room ip when I ping this no response

You ran the first command with a dash, but nvm.
What room are you doing?
Not all machines reply to pings, especially windows machines mostly don't

And when I try nmap it shows 15 min remaining like that

As far as I remember, this machine doesn't reply to pings

I suggest to just follow along with what the room ask you to do

In regards to speeding up nmap, there are certain flags you can add

For example, -T4

Okay thankyou

Can you tell me how to solve this flag problem

Not sure what you mean exactly?

Uk flag

And I am from India

#site-support message

Sorry but I don't understand what you are trying to say?

For the flag to get changed if the link is not working, you have to reach out to support@tryhackme.com but make sure to not send a 2nd or 3rd email, as this will only increase your waiting time. So send 1 email with your issue, and wait until you get a reply 🙂

It's been 6 days hope they will reply

Sometimes they are flooded with emails, but they will reply 🙂

Hi, there's a broken practice Site at https://tryhackme.com/room/nmap01 Task2

Broken how exactly? Seems to be okay on my end 🙂

Ill try deleting my cookies

How are you accessing the site and what browser? It looks like a mobile device maybe?

Safari on Mac Mini M2

Doesn't work even after deleting cookies

Ah Safari...yeah that's been known to be a little bit buggy sometimes with the static sites. What if you were to try another browser such as chrome or firefox?

just replicated it on my m2 mac. Safari the button doesn't click on chrome it does

Yep, works on Firefox on my Kali VM! Thanks

Gave +1 Rep to @zealous yoke

likely to do with what type of button/input (specifically the onclick=send() event) that is and safari can be a bit weird about it

I see, Ill just use my Kali then 🙂

no worries, another browser on your m2 will work but whatever works for you 😄

Seems to be a well documented problem with Safari ever since 2007 at least hehehe https://webdeveloper.com/community/148070-javascript-onclick-safari/

2007 lol

Hi there... I'm new around here. I'm working my way through the Pre-Security path, and can't seem to close the machines embedded in the tasks. I am using the Edge browser. If I have done several tasks with 'View Site' buttons one after another, all the sites are still open in tabs across the bottom of the right-hand pane, and there is only the '_' button to exit split view (which doesn't terminate the machines). Am I missing something obvious? TIA

good day, i can't login to my tryhackme premium account. It takes automatic payment from my credit card. I created a student account. I will be glad if you help.

@torpid vapor Is there not a "Terminate machine" button right next to "exit splitview" ?

@fleet mirage reset your password or send in a ticket would be my guess

I also don't think you should post your private e-mail on here

they are not interested. They said it would be back in 3 days. It's been 1.5 months.

I think jerome or ben would be able to assist you on that, theyre pretty nice @fleet mirage

ben goes by CMNatic, hes the guy with the ben10 profile picture

Even though I didn't know about it for 2 months, they automatically charged me. I just thought that purchasing a 1 month membership would expire for the next month.

Thanks for be interested. I have done the necessary transactions with my bank.

I'm going to tag @untold eagle here 🙂

Money was deducted from my card for 2 months without any notification. What is this thing called?

A subscription?

yes.

Yup! I've just gone through the process and there are numerous indicators / prompts that tell you that you are subscribing. I've mentioned the support team above re. the response time

Ben, did you mean to tag @glacial hound ?

ohhh

yup ahaaha @glacial hound

thanks:) my bad

Hey there,

As Ben mentioned, our premium subscriptions, like Netflix, Amazon, Spotify, etc... are recurring.
Could you please DM me your email address so I can look at our tickets and see what happened?
Our apologies for the delay.

thank you i will send it

Gave +1 Rep to @glacial hound

Thanks Gonzo

hi guys i need strong nuclei templates

hey. I'm having weird issues with 2 boxes while being on vip

network connectivity to the machine e.g vulnnet-roasted keeps getting interrupted/canceled

randomly, for a long time

attackbox works good

did anyone have similiar issue?

@short glade I have the same if not very similar issue

very unstable connection on the machine, randomly stops responding etc.

@stone panther are we talking about the same machine or different one?

different one @short glade

is your machine part of a room? @short glade

yup

No. That's why I'm confused!

Hey 👋 welcome!

The sites that you see from clicking the "View Sites" aren't machines. They're websites that are embedded into the split-view. There is no need to terminate them because they are not a running machine (such as the ones that you deploy using the "Start Machine" button).

Clicking the - button is sufficient for this 🙂

Though, just testing on edge and I can see that the tabs still remain.~~ I'll submit a bug ticket to our software team about this, but you shouldn't worry as nothing is technically running by them still being there. The tabs get removed if you were to click the - icon in browsers such as Firefox and Chrome
~~
Edit: force refreshing the page in Edge seems to close the tabs as well
Edit2: I don't think this is a bug, the tabs remain even on other browsers. This is a case where a room has two static sites. If I were to visit another room that has a static site, the tabs from the previous room don't display - so this looks intentional

OK, great. Thanks

Gave +1 Rep to @zealous yoke

the machines feel especially unresponsive today

Im in the "NetworkServices" Room

and I can not run 2 commands on the machine without it going offline for a good 2-5minutes

getting a new machine did the trick

Currently developing a private room for a CTF. Is there a way to make weighted questions? Ie vary the points per question?

It's very possible I am overlooking something

No, only TryHackMe control the points for your questions:)

Ah very unfortunate. Thank you!

Won’t accept the correct answer https://tryhackme.com/room/extendingyournetwork task 6

What answer are you trying?

THM{YOU'VE_GOT_DATA}

Try that

thanks it worked, but why wasn't it working when I entered it?

Did you copy and paste?

yeah

hi im having problems with a room and a very poor connection. Honestly I am kinda unhappy about network performance lately with some rooms I had in general. I am a premium user on the paid VPN and it's a premium room, but my RPD connection times out constantly. I have a very good uplink to provider and fully cabled. all of my pages are fine but the RDP constantly times out and I have to wait until I can finish the assignment. Ususally I try to get all files locally anyway but for the osquery room I cannot do that

I have a ping open to that machine as well and the ping also drops, and I've been having the same issue with the sysmon room

I literally cant type a word.

Which tool are you using to RDP?

remmina, but like i said, my ping also drops.

I've never had Reminna drop on me.

Are you sure it's not your side?

how would you like me to verify aside from confirming the network goes down?

im connected via VPN, so I have an IP on the tryhackme VPN subnet

the machine is started on a different range

I connect to it, and open a ping

the moment remmina stops my ping hangs, and continues to do so for multiple minutes

it's not remmina, it's the room

was kind of looking for someone from tryhackme to do something about it, although I appreciate the help

Not sure what sub to post in so~~~ eh:

hey so ive been using a windows OS then mainly using linux VMs (many dif distros nealr exclusively for a while now throught a flashed bootable drive (ubuntu for better specs vsVM().

Question is; have quite a bit of storafe taken up and i dont need a lot of these files, 99% are very extrenuis (perhaps over the top from school) so some are decent sized files.

MY question is~~~
[3:02 AM]
Id like to just fully switchto ubuntu or arch linux. Whats thebest way to transfer files from my windows computer afrer installing linux on interanly drive?

Thanks in advance for any device. I dont have enough USB keys to hold the amount of files i would like to transfer. Whats teh best way to go abt this? Only used windows for notes 4 class so not crazy importat but yea
[3:03 AM]
HMU! thanks for any advice in itself
[3:03 AM]
advance***

Hlo anyone here?

I am facing some issues, i connecte through openvpn and now I am performing nmap command it's is taking unusual time

@crystal marlin

Have I not told you about a certain flag you can add to speed up nmap ?

Naah

Last time I type the same command in same room and I get response within 2 minutes

Sure I did: #site-support message

But even with -T5 time it showing 20 minutes

You can also add --min-rate 10000 in addition to -T4

Same for others commands like gobuster

hi i think this is broken? im pretty sure ive studied for more than 8 hours this week and plus it showed "4 hours" yesterday

We are already aware of that, but thx for bringing it up 🙂

Gave +1 Rep to @pseudo zinc

ah ok

I don't understand why this problem occurring

its because youre scanning 65536 ports + youre doing a connect scan(which takes time because you try establishing a full connection) + youre scanning the ports for a service

so even adding a -T5 in there wouldnt make much of a difference

i suggest you try a null scan -sN

Okay thank you

I'm not sure this is the right place for this, but is there any way to change your username? I'd rather not start a new account from scratch if I can avoid it

i had mine changed by asking one of the mods

they'll do it for you

Site mods I'm assuming, not the discord mods?

i guess yeah, you can ask @bronze vale

!email

Okay thanks

Hi. Am I the only one who has connectivity problem to the machines? Yesterday I had the same. I'm doing VULNNET_ROASTED room and keep loosing connection to the machine. At the same time I have a connection to THM network (10.10.10.10/whoami works fine).

Resetting the machine helps, but that's not the best option to reset machine every 20-30 minutes

I'm on VIP btw

could someone pls verify?

Have you checked how many tun* you have?

Ubuntu can read NTFS partitions so if you install linux on same pc, browsing of files should just work after you mount windows partition. I have dual boot and it work for me just fine.

I also run bare bones windows (from the windows partition) via virtual box so can work on both at the same time with linux being the host. That is useful if you have win software that don't work well with wine

just one

somteims it does tha, us -T4/5 flag to increasespeed

What is the scoring in simple ctfs in Tryhackme? Even though I solve all the questions, I get an average score.

Hello support, do even read emails ? I am a student since maybe 2 or 3 month I contacted you by mail to get that discount and still didn’t get anything

On the rare case, some emails are missed,

Does the student discount not recognise your email?

Blood points on ctf rooms give more points to whoever answers first, and the point system has been revamped.

My university mail end with @ulb.be

Is that the email you've signed up to THM?

I a few moments ago I got mad and opened a ticket to get a refund

No I used another mail

Where can I see the points system?

https://help.tryhackme.com/en/articles/6563910-how-do-points-work

Thank you

Gave +1 Rep to @ivory spruce

I am currently doing the Walking An Application room, but it keeps saying the flag is wrong on the last question, even though is the correct one

Hi I am pretty new to the site and I have been trying to get the VPN connection to work for a while now

I have got the the screen were it says I can connect and gives me an IP

And it says Im connected to the VPN

But I cant seem to access the modules

I would send a screenshot but I cant seem to post pictures here

what do you mean by this? the deployed machine doesnt respond?

Are you connecting through attackbox or your own machine?

my own machine

I tried connectring

but it sadi host name unresoled or something

once I get the machine IP how am I supposed to connect to it

Depends on what room you're doing.

You could either nmap it, etc,

or ssh to it if you have the creds

ssh tryhackme@111.11.111

tried something like this

since I was trying it on one of the early linux ones

the room should tell you how to connect

Some boxes can't be ssh'd into.

Linux fundementals 1 is one of them.

What are you trying to do, what result are you hoping for and what are you getting?

also what room is this? once you !verify you can post images I believe

oh ok

!docs verify

I am trying to do the linux fundamentals room with my own Kali VM and I tried using ssh to connect to it but it didnt recognize the ip

oh

one of them that cant be ssh or can be

cant

Linux Fundemental 1 can't.

really that would be really helpful

ooooh

That opens a split screen machine.

oh

When you press the green button

A split screen button will appear up top, if the box hasn't already opened.

I can see the active machine info

on my end

but not the split screen view button

for me it says start attack box

or start kali machine

Did you press that green button?

yes

I really need to verify

so I can send screenshots

You see this machine?

terminate the machine and press it again

Don't do this.

It's not needed.

?

Verify first, then we can assist you better.

@bronze vale are you around?

I think auto mod has muted Yaoi.

lmao whys that

@naive dust Please don't repeat the same thing, the bot doesn't like it

Thanks James.

Do you guys get pinged when this sort of thing happens?

It gets logged and someone'll pick up on it after a while

Ah ok, it will save me pinging.

ok thank you for telling me

Gave +1 Rep to @eager fulcrum

hello everyone my name Benjamin but feel free to call me Dking it's good that way. can anyone pls help me get through this challenge on task 3 on defensive ?

this is going to make my day if I manage to found someone to help me

Stop posting this in every channel 🙂

You're new here, so you're forgiven. But as I said before, you have to be patient, it's not appreciated if you post the same message all over the channels

this is also not the appropriate channel for this question anyway

my apology

Is anybody else having an issue when clicking "Join Room" on Wreath where it takes you to "My Rooms" rather than joining the room?

This means that you have not met the requirements to access the network. In the case of wreath, you need to have a 7 day streak or be a subscriber which overules that

We have a bug ticket submitted already to make this clearer 🙂

That explains it. Thank you @zealous yoke !

Gave +1 Rep to @zealous yoke

Does it update automatically our role ?

Yes, about ~24 hours depending on various factors. You can force an updae by verifying again

Okk tx

Hello, I sent a mail on the 30th of last month, they haven't returned yet. I wonder why anyone has an idea about membership or is in charge?

Support wait is 5-7 days

@weary spindle I have no idea what has changed but just successfully launched Vulnersity and completed that room. Thanks for your help.

Gave +1 Rep to @weary spindle

Machines respond every 5 minutes when I try to ping them. Is there a connection problem on my end or are the TMH servers overwhelmed?

i dont get you question, what are you trying to do?

@naive dust I have similar issues sometimes, terminate and re-open a new machine

thats what I do when the machine doesnt feel like responding

Hi I can't connect to the vulnversity room

I am connected through OpenVPN

And when I try to open the ip on my Kali it said Connexion has failed

@lethal shard what do you mean "try to open the ip"?

when you ping the target machine you mean?

I managed to make it work #room-help

With the help of 2 persons

NICE!!

Hi awesome people !! could I ask for a little help ? I uploaded a VM (.ova file) to a room in THM, that has a docker-compose that get up 2 http services on port 5000 and 5001. On my virtual box, the start get up and takes the ip from dhcp and exposes correctly the service to both ports respectively .. but when I try to do the same inside the room of THM , from the "attacker machine" pointing to the IP address of the web-vuln-server it don't response .. I think that could be a networking issue (can anyone give me some hint ? I will really appreciate)

Did you give the vm the correct resources?

Hi Scrubz thanks for response, you're meaning about the system resources of my vm on virtualbox ? There is a link to some documentation about what the .ova (or virtual machine) must to complish to work when it start ? In addition to that, I created a script and a service related to that, to get up the stack of my app with docker-compose when the machine starts .. and related to Network , I have "Bridged Adapter".

Gave +1 Rep to @weary spindle

What about ram?

I think it's cool about specifications .. it has :
-> 25 Gb disk
-> 4 Gb of ram
-> 1 CPU core
and the .ova file size is 3.2 gb. Thanks for your time ! I really appreciate it !

You might need to drop the ram to 512mb,

That's what free users get when they launch machines.

Okay I will do it , I need to reupload the VM right ? In addition to that, the services can be exposed using IP or it's necesary to bind a domain name to the service? Thanks for this useful information !

You could use the ip, or set up a vhost.

Ty Scrubz, ..unfortunatelly My room needs both app running and they need more than 512 mb together.. there is a way to extend the ram to use 1 Gb ?

This is the actual state of my web-server vm:

free -h
               total        used        free      shared  buff/cache   available
Mem:           3.8Gi       713Mi       2.5Gi       1.0Mi       666Mi       2.9Gi
Swap:          2.1Gi          0B       2.1Gi

That could possibly be done at THM's discretion.

Awesome ! thank you so much Scrubz , I hope you have a good weekend buddy !

I wonder! Do we need to pay for free learning path access as well. Cause I can't continue anymore!

https://tryhackme.com/hacktivities?tab=search&page=1&free=all&order=most-popular&difficulty=all&type=all

you can filter rooms by Subscriber only, or Free only

some paths are only partially doable because some rooms are subscriber only

!vpnscript

question: I want to change my username, I don't see an option on the site so I'm assuming the only way to do it is by reaching out to the support email, but since the bot says wait time is a week-ish, I wanted to ask if anyone knows any other way

thanks in advance

Only support can change your username.

In https://tryhackme.com/room/dnsindetail, task n.4, the image that is showed has a misspelling error

"Authoratative" instead of authoRItative

many tasks have spelling errors

#room-bugs is the better channel for any bugs/potential typo's.

I'll forward this on to our gfx team 🙂 thank you

Gave +1 Rep to @toxic cedar

Will someone please help with my ping command returning "Destination Net Unreachable" Also, would this be related to why my Openvpn is disabled?

You need to be connected to openvpn to ping thm machines

or communicate with them at all I believe

At all.

Vpn creates a tunnel to the THM machines.

I run the sudo openvpn command and connect. Now, Openvpn access details on THM gives me a green check mark next to server satus and connected. However, when I run systemctl status openvpn@filename, it shows openvpn@.service; disabled; preset: disabled

Can you type ip a s and see if you have a tun0?

Yes, there is a tun0

Should I post what it says?

try pinging the machine again, if that doesnt work open a new one and see if you can ping that one @frail turtle

Okay, so I just exited out of everything and did the exact same steps and now it is pinging. So I can go through the room. Perfect. But OPENvpn still says disabled for both. Is that a problem?

I dont think so, I think that just means the VPN won't start on boot? scrubz might be able to help more with that @frail turtle

Hi everyone, I wondered if someone could help me out… I have completed multiple learning paths and wish to download my certificates. The issue is that the name on the certificate is my account username and not my real name. Is there a setting to change this without changing my username? Any help is greatly appreciated 😎

Not if you've generated them,

Hey, premium subscribers get 1GB alocated to their VMs:
https://help.tryhackme.com/en/articles/6495821-uploading-interactive-materials
cc @weary spindle

I know they get 1gb, but I don't know if they're subscribed or not

So that's why I said 512mb.

#site-support message So then why not tell them, since they were asking how to get 1GB? 😅
Support won't bump resources, but QA can for communityrooms if needed.

The message link in the last message is me telling someone support can change their username?

And I didn't say support can bump the resources, I said THM can in general.

Sorry this one #site-support message

Anyways, still think that doc and explanation can help them understand how to get 1GB.

It would, again.

My point was that they might make thr room for free users.

I'll point them to the doc next time.

No worries, just wanted to make sure they weren't under the impression that by sending us an email, we would bump the resources 🙂

Developing a private room for a CTF. While testing, it seems like resetting a user's progress doesn't restart the first blood bonus? Is there any way to completely reset a room?

Hey can someone tell me the room of thm how website work is for paid or free?

Yesterday when I visited the room how website work was free but not is comes why subscribed??

There is a couple of rooms that are released twice, one free and one subbed.

Hey Guys I am not able to use the fuff tool in my attackbox it stating the same error again and again" flag not defined"

can you share the command youre running? @obtuse maple

Machines only respond for a minute and then stop responding for 3 minutes

So annoying 😕

• my terminal freezes when im connected through SSH, i dont know why

terminate the machine and open a new one @naive dust

I have the same issue sometimes, ppl on here try to gaslight you into believing its not their machines

its defintly their machines

I tried that already, yeah it is their machines

re-opening a new machine usually works

can you ping the machine first?

maybe the scans you run are too aggresive and they bottleneck the machine for a while

i dont even know if thats a thing but maybe

thats what im trying, i get like 10 pings, and then it stops responding again

weird

which flag?

Thanks for the response but I fixed it just a little syntax error it was

Hello, I'm was doing the room LazyAdmin and I couldn´t make the reverse shell work from kali on my virtual machine (I´m using openvpn and it´s connected), I used the same command in the Kali from THM and it´s worked fine, anyone know where I need to look to investigate this issue? is there a firewall setting I need to change in the virtual machine or pc?

are you using openvpn on your host or vm

Hi folks, I feel this is the proper room for this question ->

Has anyone else had issues with the "Breaching Active Directory" room? Whenever I edit /etc/resolv.conf to add za.tryhackme.com and ** 10.200.99.101** it works for a few minutes and then the entire /etc/resolv.conf file is reset back to as it was before the THM additions. I use my own Kali and DLed a new .ovpn, tried it on /etc/hosts and it still keeps resetting /etc/resolv.conf after a few minutes (not long time at all). I can't fix it with anything I've done. Is this an issue with the room? Are there any Mods here that can wake me up to whats going on? Thank you

Hey, does anyone know why I cant start my AttackBox? I am subscribed and so far I know there is only one machine to attack running

It says I can only run 3 machines max

then your attack machine is probably running already. If you're not already in a split view, you should have a button "show split view" next to the name of the room and after you click it, in the new split view you should be able to see some tabs on the bottom and one of them should be the attack box

already checked that

doesnt look like i have one running

try a hard refresh and then try starting a new attack box

works now, thx

on my host

you need to use it on your VM

Thank you, I tried and it´s working fine

Gave +1 Rep to @glad oyster

hello, I'm trying to join the Enumerating Active Directory room but when I click join room it just takes me to My Rooms. Not sure why I can't join the room, just wondering if anyone else has had this too

seems to be happening with the Breaching Active Directory room too

I haven't had the same as you but I've been experiencing an issue with"Breaching Active Directory" room too; if you scroll up a bit you can see my question about it - it hasn't been responded to yet. I have no idea if the issues are related or not, but I hope you find a resolution to yours

If you're resolv is defaulting. Your networking is restarting.

Thank you, but I feel that there must be more going on then simply my networking restarting. I've never experienced any evidence of that happening locally. My /etc/hosts is stable. Never had a hiccup in connectivity. Nothing that would suggest it's my networking. Could it possibly be the THM room/network resetting, interferring with my VPN connection which resets the connection to THM , and that's defaulting my /etc/resolv.conf??

Gave +1 Rep to @weary spindle

If it were my network resetting - How would I test this to confirm if it is or isn't??

Your vpn would restart

hmmm, it doesn't

Hi, is anyone else having trouble maintaining connection with tryhackme machines? I am connecting my Kali Linux via Openvpn and for the past couple of days, the connection appears patchy. It shows as connected but I can ping the machine one minute but not the next. ISP connection is solid. Thanks

What you mean exactly by "not the next" ?

Like the next machine?
Or the next minute?

Sorry, I meant the next minute. It seems pretty random when I can ping and when I cant. Same happens with nmap scans. I can scan fine now and when I try to do it again in a few minutes, it will give me no results.

This does not happen with the Attackbox

Could you verify your account in order to be able to send images in here.
After that send an image where you first run ping and afterwards ip a all in the same screenshot please

!docs verify

Ok thanks, Ill send as soon as I encounter the issue again. At the moment, its pinging fine

@crystal marlin just sent it above. Hope that is fine. So first few sets of ping went fine. Then the 4th got no reply. All done within a minute

Let me try myself real quick

Could you try running sudo ip link set dev tun0 mtu 1200 then try again with ping?

Also, if your kali machine is a VM, do you have any personal VPN running on your host machine?

I will try the above command. Yes Kali is a VM. No other VPN running

@crystal marlin

Also I dont know if this is related or not but while the Linux Openvpn works, Windows does not connect for me at all

You could check the terminal where your openvpn is running to see if there are any errors that would lead to the issue

Also you could try changing VPN server

Ok thanks for the pointers. Will check keep an eye on the terminal and try various servers 👍

is my kali linux box meant to be same every time I connect to it as a subscriber? as in if I wanted to configure stuff on it, I shouldnt lose it next time I connect

👋 the machines on tryhackme are not persistent. Once they expire or get terminated, they will boot back up from their template the next time they are deployed

thank you, I thought I had read in the docs somewhere that it was. Or maybe I have misinterepeted something

Gave +1 Rep to @zealous yoke

Ty @glacial hound for the information !

Gave +1 Rep to @glacial hound

can anybody help me with this problem.. i got "ssh: connect to host 10.10.124.133 port 22: Connection timed out" when i tried to connect OpenVpn

Which room are you trying to ssh in to?

Sorry team I have one question more about upload VM's to THM. What am I supposed to choose as the NET adapter in virtualbox before exporting the virtual machine so that the services I'm exposing with gunicorn at 0.0.0.0:5000 can be accessed? Any help would be appreciated 🙏🏽

Good day THM Staff - the network in the Persisting Active Directory room seems to be down. I can not reach any of the machines from either the attack box OR local over VPN. May I please request for assistance to reset the room? When local, I can connect to the VPN without issue, adapter is added and up with an IP and can reach gateway, but none of the machines in the room are reachable (DC's etc.). Also confirmed route is added to routing table.

did you hit the start network button

@plush bay Yes after the network was shut down (not by myself). Network states its still running, refreshed multiple times, not able to click start, etc.

hmmm

Don't worry about the net adapter, it gets stripped and set to what it needs to be when the machine is uploaded to THM. Just make sure that gunicorn is accessible on 0.0.0.0:5000 🙂

Hi @zealous yoke thank you so much for answer me ! Yes , I have a deployment script as a service that ensures the service get ready when the machine is up, 😦 but I cannot access it on THM network. But I can access the service over Bridged network on my lab in VirtualBox over the port 5000, the gunicorn serves the webapp over 0.0.0.0:5000 as you said Ben. Once again thank you for your support !

Gave +1 Rep to @zealous yoke

Hey team, when i use VPN to connect with tryhackme i am unable to check web contents for any challenges.

e.g. connection times out on port 80. Tried these on 3-4 challenges. I'm still able to ping the VM, Scan it for open port but only thing that is not working is website neither via curl or via browser, here are some attached screenshots for reference. I've also tried to regenerate my VPN and currently I'm using EU regular 1.

Simply ctf room

Are you connected to the THM VPN via openvpn ?

Yes

hi, is there a shortcut to switch workspaces on an attackbox? ctrl alt arrow is switching on my linux

Hi team, since there's will be changes in prices from October the amount deducted automatically (PayPal) or we have to resubscribe to them for the changes , thanks you

Will this be ever fixed?

Hi there my account has auto renewed and I completely forgot I had one. Is there anyway I can get a refund for it?

Just tool 72 out my account 😂

Can someone look into this please!

Hey! sometimes when i try logging into the server using ssh, it doesnt let me. Hydra would work for bruteforce but ssh isnt letting me log in.. What am i doing wrong?

|| Rooms ive worked in: Bounty hunter, brooklyn 99||

What's the error you get when trying to ssh in ?

Connection refused

Can you give me the machine IP you try to ssh in, as well as any credentials I need ?

Have you waited for 3 to 5 minutes for the machine to complete the boot process? Sometimes, I try to remove the -p option (assuming SSH is running in port 22) when I try to login and it works. Or worse case is having to restart the machine and wait for another 3 to 5 minutes. Usually works after that.

Worked on these boxes a few weeks back and I didn't encounter any issues then.

Yes, whenever I try to connect to the ssh, about 10-15 minute pass

And i have tried ssh with and without the -p flag as well

Are you not able to ping the target machine sometimes? I have the same issue. It just sits there apparently doing nothing.

What do you mean?

Is it a windows room?

hello guys i want some help\

when i write this command to command prompt is showing error

gobuster -u http://fakebank.com -w wordlist.txt dir

this is for #room-help , also it would be good if you would include the error you got

hello guys i have this issues when ever i try to connect to tryhackme openvpn server

--cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-09 05:49:40 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload

my openvpn version is 2.6.3

Hey Guys is there an issue with the VPN? Cause I cant connect and the thm-troubleshoot script tells me to contact the discord or forums.

My connection is fine.

What does your output say?

It works now - thanks I restarted my machine and tried a couple times and now it seems to work. At least I can communicate with the targetvm.

Gave +1 Rep to @weary spindle

Can anyone explain what this badge means, please? I found it in some of the rooms of the AD networks but I can't understand if it's related to my account, to the rooms themselves, or something else

Related to the room. The system will un-join you from the room at that point, after which you are able to rejoin it. This is to avoid non-active accounts being allocated to a network.

Understood, thank you very much for the explanation

Gave +1 Rep to @tawdry orbit

Ran vpn troubleshoot script and it showed MTU value was not set as 1500 but instead as 1470.

Still not able to connect to any website.

Which room are you doing?

Tried this with 2-3 rooms.

all had the same response

Are you running a multi VPN?

No

Are you doing a room now?

Trying to solve some rooms since yesterday, I'm able to connect, scan ports but when i open it in the browser, it just simply doesn't loads up

at first i thought this is room specfic but happened with all the rooms i tried.

Which rooms?