#site-support

Not at all, it will just stop the renewal

You could try contacting support@tryhackme.com

Or contacting the email that contacted you.

alright, thanks !

Gave +1 Rep to @weary spindle

Thanks!

tryhackme has been EXTREMLY slow lately... each box i try would shutdown every 2 minutes and reload for like 1 or 2 minute and does the same thing again, can't do anything.. is this a site problem or something because my wifi is quite fast

If it was a site problem I'm sure there would be more users reporting.

good point, just checking in.

but the same issue has been happening while i've been travelling, and most of the wifi's i've connected too were quite fast so i don't see what could be the issue.

My THM is saying I need to subscribe

I subscribed 2 weeks ago

Why has it ended early?

!email

You'll need to contact support via E-mail, replies are about 6-7 days currently.

Ouch okay..

(The rare case someone from THM see this and they masy ask you to DM them) [their name is blue]

@fierce atlas Did you log into the correct account?

You're still subscribed https://tryhackme.com/p/spuddyboy2000

@weary spindle https://tryhackme.com/forum/thread/63bf12bf0469be0049f235eb / https://www.reddit.com/r/tryhackme/comments/v6s5vq/attackbox_gets_disconnected_randomly/This is the exam same issue i'm having

seems like i'm not the only one but no one found any solutions

the box keeps disconnecting and reconnecting every minute, can't do anything, tried different pc, different wifi connection etc.. nothing works

Ah yes, a post from one year ago....

I mean - it seems like other users had the exact same issue and perhaps others are experiencing the same thing though

Have you attempted to speak to support?

Also the first link is only 7 months ago with people replying with the same issue 55 days ago

Just checking if it's a known issue or not, if it keeps persisting I could just move to HTB, but I like THM's boxes, i'm not sure if it's an issue with my account specifically or in THM's servers

Yes it's called bumping.

It's not likely to be the exact same issue. 9/10 it's either PICNIC or an issue with their connection.

THM doesn't have servers

oh

Should I speak to support then?

Everything is hosted on Amazon Web Services

Same with HTB

oh

then the issue shouldn't be from THM hmm

Are you running any VPN software?

Nope

only vpn i'm using is the one provided by tryhackme allowing me to connect to the attackbox

Ahhhhhhhhhhh

Are you using the attackbox as in the hosted instance on the website?

Or do you mean the vulnerable machine?

Oh sorry, i'm referring to the vulnerable machine

Right

I call it attack box 😅 just realized attackbox was the machine provided by THM to attack the vulnerable machine lol

Then the forum posts and everything else you have linked are not relevant to your issue

Are you using a VM?

Nope, kali bare metal

Are all your packages up to date?

Yes, already did that

Have you tried to run the VPN script?

Have you tried a different server location?

the vpn script?

yes

Try that

I see, i'll give it a try thanks

@marsh magnet

[!] Note that a working MTU value might change depending on your network condition
Would you like the script to set the MTU value permanently in your .ovpn file (Y/n)?
``` Yes?

generally for that??? yes

Yes

👍 thanks

if it messes up again you just rerun the script and it will change it for you again

+rep @marsh magnet

Gave +1 Rep to @marsh magnet

well, i'll try and see if it works

alright, tried the script, re-loaded my machine, exact same issue keeps happening was working fine the first minute and went ahead and started diconnecting again, so I guess the problem isn't from that vpn

hi i have a coupon code for joining with a referral link and when i want to use it it says "invalid coupon code" on the payment popup. So am i doing something wrong ?

seem to be having issues connecting suddenly when it was working fine a few mins ago

not able to connect to current machine ip or ping or anything

the site says im connected fine and ovpn seems fine on my end but the machine ip is just not working rn

no typos or anything either as it was just working beforehand

also cannot connect to the included site

this is the net sec challenge module btw

but again it was working up until around when i first posted

it was working for a minute and stopped just now

Still need help?

looks like its working at the moment, thanks for offering though. im still not sure what the issue was

anyone know how to solve an issue with openvpn?
this think is not connecting

i tried already the steps from the site but nothing

What error do you have?

there is no error. just gets stuck here

You need to verify to show screenshots

!docs verify

2023-08-12 03:33:10 net_addr_v4_add: 10.11.48.168/16 dev tun0
2023-08-12 03:33:10 net_route_v4_add: 10.10.0.0/16 via 10.11.0.1 dev [NULL] table 0 metric 1000
2023-08-12 03:33:10 Initialization Sequence Completed
2023-08-12 03:33:10 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 55, compression: 'lzo'
2023-08-12 03:33:10 Timers: ping 5, ping-restart 120
2023-08-12 03:33:10 Protocol options: explicit-exit-notify 3

Oh, that's something that will get fixed.

But you're connected.

ok

5 lines up from the bottom.

even if after a while gives me a message that is unreachable?

Hello Team, While I am starting with the Attacktive Directory room, facing some issues while installing some packages. It is showing Failed to fetch "Source" 404 not found error. Can anyone suggest the Sources that I should add to Sources.list?

The sources that I am currently using are: deb https://http.kali.org/kali kali-rolling main contrib non-free
deb https://http.kali.org/kali kali-rolling main non-free contrib
deb https://mirrors.ocf.berkeley.edu/kali/ kali-rolling main non-free contrib
deb-src https://mirrors.ocf.berkeley.edu/kali/ kali-rolling main non-free contrib
deb https://http.kali.org/kali kali-rolling main non-free contrib
deb https://http.kali.org/kali kali-rolling main non-free contrib
deb https://http.kali.org/kali kali-last-snapshot main non-free contrib
deb https://http.kali.org/kali kali-experimental main non-free contrib
deb https://repo.kali.org/kali kali-rolling main non-free contrib

deb-src https://repo.kali.org/kali kali-rolling main non-free contrib
Tried many alternatives but the issue still exists. I would really appreciate your help

What does?

hello, where can I get ticket support on discord server?

Tickets aren't dealt with on the discord server, unless support see the message and is on their computer.

If it's site related, you may need to E-mail support, and await a reply, which I think just now is 6-7 days.

!email

Okay, thank you. I will just have to wait then.

Hello! I am new to the site. I have just started going through my first room. I have hit a blocker. I have the machine i am working with open in the browser. The step tells me to now try RDP in as another user. Not sure how i do this as A) I did not RDP in from my own machine. B) When i press the Windows key, there is no option to switch user. If i click logout, it just disconnects the machine. What am i missing?

any help please

You need to email support@tryhackme.com regarding this

oh okey thanks

hey how i can share my badges from THM to other sites like linkedin ?

Go to your public profile, you can share them from there.

where i can get the certificate for every badge ?

It's just a badge

So I bought a year long premium subscription back in June, and i recently logged back in after a couple weeks of not using the service and all of my account data is completely wiped. I wrote a detailed email to support about this and got a response from Jabba saying “Unfortunately, it is not currently possible to reset your account progress.” This response ignored all of the concerns I had regarding payment. I emailed back the same day with follow up questions, and it has been two days since with no response. Considering the fact that I paid $100 to use the service I would expect a little bit more than just a generic copy paste response after going 8 days with nothing. Is there any way to restore my account data, and if not what can we do to pursue a refund? Thank you to whoever responds to this, I know it’s long.

your second email put you on the end of the ticket queue meaning it can take up to a week before you get a response since you sent that email...

I had my streak freeze used a couple weeks ago, after which i stopped receiving messages on my mail as a reminder about learning despite that i still have my streak up. Can i somehow return them? They are really useful for me

Hey, I'm doing Linux Privilege Escalation from my kali linux machine and when I connect via SSH the server response it's really really slow. Any idea?

Could you show an output of ip a on your kali machine?

Hi, in squid game room (https://tryhackme.com/room/squidgameroom), I cannot find the file of attacker 1, is the file missing ? :v

I sent a message to support@tryhackme.com approximately 10 days ago, and I have not yet received a response. Is there an estimate for when I can expect a reply?

Did you send another email within those 10 days?

I did, like 1 hour later

So since 9 days and 23 hours you haven't send a follow up email?

That's correct

Okay, ye not sure if they are super busy, did you also check your spam folder?

I did, nothing is there

cc @bronze vale

Defcon is on atm

We’re attempting to get back to your within a reasonable time frame, there’s no guarantee on what time we can get back to you at this time 🙂

Alright, thank you for answer

how do i send photo here

You need to verify

!docs verify

Follow up the above link.

oke

hi, I think my problem in #holo-network is a bug, the PC doesn't start when trying to restart it

i need help why does it gives this error ? no file directory, but I made sure to put everything in the same path

im in autentication bypass tutorial

i got seclists and i also got the name.txt

is this right place to ask for this or there is other support room

whats the task ur following?

and what command are you runnign

username enumeration with ffuf

ffuf -w /usr/share/wordlists/SecLists/Usernames/Names/names.txt -X POST -d "username=FUZZ&email=x&password=x&cpassword=x" -H "Content-Type: application/x-www-form-urlencoded" -u http://10.10.128.101/customers/signup -mr "username already exists"

i copy paste

mhh can you share a screenshot of the command youre running

from your terminal

often time its a simple typo that goes unnoticed

i think i just pasted it

as it was

im on the home directory

~

The wordlist isn't there.

I believe its /usr/share/seclists/Usernames/Names/names.txt @lunar mulch

can you run locate /Names/names.txt and see what it points to

i moved them into the wordlist and into the seclist

hm i dunno this is not very beginner friendly

could you try the same command with sudo

Im just reaching here

even with sudo "no such file or directory"

very strange

figured

https://cdn.discordapp.com/emojis/829034553498140682.webp?size=48&name=thinkpad&quality=lossless mhh

/usr/.../share

Look at the locate command.

There is ... between /usr and share

thats cuz it to long but its share

could you try ffuf -w /usr/share/seclists/Usernames/Names/names.txt @lunar mulch

you didnt remove it from there right? you just copied it over

i copy pasted command as it was

huh

could you run the locate command I posted earlier

and screenshot the results

locate /Names/names.txt

this is command

i try locate now

pwd

from the folder where you exec ls

this now tells me /seclists/seclists-master also

take that path

and replace yours

oh

do i need to be in the same directory or i can be in every directory when tiping the ffuf ?

can i stay in ~

I think /usr/... is not dependant from where you start

but Im unsure, try both

its a absolute path* it should work

missing the directory

"seclists" not "secLists"

uh

it gve same 1 error no such directory file

"SecLists-master"

just copy it from the "locate" command

ctrl+shift+C

and paste it with ctrl+shift+V

9 out of 10 times its a typo that goes unnoticed

so use copy paste whenever you can 😅

its been already some hours i copy paste this seclist my eyes not working anymore

i try again now i also need to turn on machine i think cuz it went off

this path

oh its magic

its working

NICE!!

thenks for help

you arent even a support or are you

but still helped

no im just bored

haahah

😢i was lookin in wrong directory

Hello! I am facing issues with connecting to machines after a successful openvpn connection. I am on a mac (os: sonoma/14) the open vpn client is connecting successfully, but I cannot connect to any machines. I cannot ping any pachine IPs either. I tried connecting through both US-West and US-EAST servers.

The network access page here: https://tryhackme.com/access?o=vpn is showing "Connected" status

I must be doing something wrong - but not sure what...

There is a tool to check the connection and set correct MTU.
https://help.tryhackme.com/en/articles/6496029-openvpn-general-troubleshooting

On a mac, the route command is extremely limited - i tried the following :

sudo ip link set dev tun0 mtu 1200

but macos does not have the ip command

also - the hosts are unreachable through ping - so MTU might not be the issue here

help

pls

uh it takin forever and giving error

emulator is bein dumb

so now it was workin but it took forever to do one line 9000 tries and 9000 errors

i left it going for 1 hour and a half

i not sure thats how long it should be goin

If you get all errors it's most likely not even making the requests, at least not properly

it isnt makin any progress

Is the target machine still up?

I dont think

Okay, well then it's hard to troubleshoot

oh you are a wise man, I was targeting old machine and it was terminated

it took 3 second now to do in the right ip

left pc on for 1 hour without reason

Happens 😄

Trying to add 1 hour to a machine never works for me

is there a reason why this may be? @crystal marlin

does it not let you add time if you were inactive for too long on a machine?

Your timer has to be under 1 hour of remaining time to add another hour

and you might need to refresh/reload the page after hitting the add time button for it to show in the target machine ip box

idk how the conffetti component after a room is finished is implemented but its kidna annoying how it block me from interacting with anything on the site untill the conffeti/component/div dissapears. Is it possible to just change its pointer events or position. Its just a slightly annoying user experience moment ive experienced for the past month.

hey all I have a quick question and I'm pretty sure I'm doing everything right in the module... it's in the linux part 3 section in "pre security"

"Locate the process that is running on the deployed instance (10.10.155.131). What flag is given?"

I am connected to this ip address using ssh and I've run ps aux but I cannot find this flag anywhere...

the reason I'm asking in site support is because I just want to make sure its not a site issue and that I'm definitely doing something wrong

it should be there, can you double check 😅 @full warren

its on the right side of the screen

I have been looking like a psychopath for the last 20 minutes.

lol

this might be cheating but try ps aux | grep THM

it should definetly pop up

ok let me try 🙂

I'll report back

i cant share screenshots but its not coming up

actually ps aux | grep { would make more sense, since you KNOW theres a { in the flag

it just says "THM" in red

verify your account

and share the screenshot

its !verify

oh you have to DM the bot 😅

lmaoo

this guy here @sharp bison

ahhh thank you

I'm back

VERIFIED

NICE!!

now run ps aux | grep {

and take a screenshot of the results

ok about to run that

Im assuming youre logged in via SSH IP@tryhackme

and your openVPN is running

yea connected to the one requested using ssh

youre connected through tun0 when you run ifconfig?

and you see this in the top right of your VM

it wont let me run ifconfig says I need to download net tools or whatever

are you on a kali machine?

my actual os?

I know! but are you connected to that target machine

through a Virtual Machine

yes I'm connected to that IP

through the vm

switched over to that ip, entered the "tryhackme" password. I'm definitely in

and your definetly connected to your ovpn?

Im guessing you wouldnt be able to login if you werent

but im unsure

yea I've had zero issues until now

terminate the machine and open a new one then run ps aux | grep { again

kk

just so you see I'm connecting

thats not a new machine is it?

oh whoops you said for me to terminate the whole thing... sorry. I'll reset everything

yeah its just 2 clicks

terminate -> Start machine

wait a minute and do the login again 😅

could you also run this sudo apt install net-tools

on your VM, im guessing its a kali linux machine

then you can do ifconfig, screenshot the result of that

we got it baybay

thank you

not sure what happened but terminating fixed the issue. I see it now. Thank you!

Nice!!

good luck with the rest

thanks!

Hey i'm currently getting this error

More context would be helpful

what room, what is the task?

Trying to just complete Web Application Security to fill the path

this might be more helpful

mhh 🤔 thats not a room I fiddled around with yet

I can't access it neither, although I get a different error message

what error are you getting?

Its not even a machine, its just a static page

even with http it dosent load

an Admin would know more...someone like @bronze vale maybe 👀

For now I can recommend you just look at a Walkthrough so you know whats going on @heavy galleon

like this one https://youtu.be/SQMdATykfEk?t=863

yeah its not wanting to learn anything

more just to fill that completion bar 💀

well the video will show you the answer 😅

:)

I usually just look at a writeup

Good day people, i'm having issues sshing into a room... i don't know where i'm being dumb or not... but I've tried the password "tryhackme" and it keeps on denying me access...

The VM i am trying to ssh into is "polosmb3" in the "Networking Services" room

Sorry if this has been answered before i'm just very new to all of this and am currently stuck.

Hey so, Im getting this too. For some reason it keeps giving me an error for the cert. Bad cert domain. Currently in the SSRF room and trying to view the SSRF example lab.

Did the static lab's cert expire or something?

@cosmic sleet it looks like several people are having similar problems today, please keep an eye on this channel

I dont think any staff is online right now but they will be in a few hours

okay!!
Thank You!!

no worries 🙂

oop yea this is what I was gonna ask abt more or less

it was just not responding until I connected my vpn to a london server

now it says the domain expired or something

😭

While opening "View Site" i get error, that "The domain has expired". Tryhackme.cloud

yes, please see above ^

Ty

🙏

Same issue here

Thx, forwarded it 🙂

hello - reporting same issue

realize you probably don't need a fifth report but FYI

I have the same issue.

We are aware of the issue with the static site, please bear with us while we investigate 🙂

Goodmorning,

I had an issue with by Google Authenticator app. All of a sudden my links with all my accounts are deleted and i cant get them back. Now i cant log in into my account. Can a support member help me with this? So that i can re-link my google authenticator and log back in to my account?

!email

Need to contact support via e_mail for this.0

Did that already like a week ago

but they didnt reply

there is a 6-8 day reply due to how busy they are and Def Con

Aaaah

damm

ok

Some cases, it may be slightly longer.

then i just have to wait patiently

thnx !

task five pentesting fundamentals

Static sites is a known problem atm.

ahh

bummer

Task 6 in /room/vulnerabilities101 - Can't view the site

site expired

working on it @naive dust @lunar mulch 🙂

why the website "visit site " are all broke?

Staff are aware.

Guys i managed to log in with a recovery code. Is there a way to re connect my google authenticator once im logged in?

I don't know why I have so many interfaces. (:

sudo killall openvpn -9

Probably not stopped the VPN when rebooting or shutting down

sure I'm rebooting now

I'm also having issues connecting with the VPN.

Downloaded new .OPVN file / Rebooted / and Updated to the latest version in Kali.

Screenshots?

They will help.

Yup. Just trying another reboot. One moment please 😃

check the comment by Jerome here, this helped me solve it @vague bloom

You need to close the connection before you shut down or reboot.

@stone panther Thanks I'll try them now

Gave +1 Rep to @stone panther

im getting issues with the vpn despite having data ciphers present, i even tried --data-ciphers and still to nothing, im using openvpn 2.6.3

@gusty belfry I'm using the same version. Haven't tried the steps yet, Got pulled into work. I'll try now and confirm.

okay thank you!, sorry for the hassle and just incase to make things easier this is what the openvpn file looks like, this ones a fresh download

dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 18.202.129.195 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
data-ciphers AES-256-CBC
comp-lzo
pull
key-direction 1
verb 3
reneg-sec 0
data-ciphers AES-256-CBC```

Gave +1 Rep to @vague bloom

Looks like that resolved my issue

weird

maybe its because i have data-ciphers? the S?

ill try remove it

You have a 's' in

Yeah. I actually missed that and it looks like it is working

damn lmao

[sudo] password for kali: 
Options error: Unrecognized option or missing or extra parameter(s) in N0rthWinds.ovpn:13: data-cipher (2.6.3)
Use --help for more information.```

adding the S back in fixes it

2023-08-14 09:29:38 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-08-14 09:29:38 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-14 09:29:38 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-08-14 09:29:38 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-08-14 09:29:38 library versions: OpenSSL 3.0.9 30 May 2023, LZO 2.10
2023-08-14 09:29:38 DCO version: N/A
2023-08-14 09:29:38 TCP/UDP: Preserving recently used remote address: [AF_INET]18.202.129.195:1194
2023-08-14 09:29:38 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-08-14 09:29:38 UDPv4 link local: (not bound)
2023-08-14 09:29:38 UDPv4 link remote: [AF_INET]18.202.129.195:1194
2023-08-14 09:29:38 TLS: Initial packet from [AF_INET]18.202.129.195:1194, sid=7869f573 fb01dd2a
2023-08-14 09:29:38 VERIFY OK: depth=1, CN=ChangeMe
2023-08-14 09:29:38 VERIFY KU OK
2023-08-14 09:29:38 Validating certificate extended key usage
2023-08-14 09:29:38 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-08-14 09:29:38 VERIFY EKU OK
2023-08-14 09:29:38 VERIFY OK: depth=0, CN=server
2023-08-14 09:29:38 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-08-14 09:29:38 [server] Peer Connection Initiated with [AF_INET]18.202.129.195:1194
2023-08-14 09:29:38 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2023-08-14 09:29:38 TLS: tls_multi_process: initial untrusted session promoted to trusted
2023-08-14 09:29:39 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2023-08-14 09:29:39 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,comp-lzo no,route-gateway 10.8.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.8.50.7 255.255.0.0,peer-id 8'
2023-08-14 09:29:39 OPTIONS IMPORT: --ifconfig/up options modified
2023-08-14 09:29:39 OPTIONS IMPORT: route options modified
2023-08-14 09:29:39 OPTIONS IMPORT: route-related options modified
2023-08-14 09:29:39 Using peer cipher 'AES-256-CBC'
2023-08-14 09:29:39 net_route_v4_best_gw query: dst 0.0.0.0
2023-08-14 09:29:39 net_route_v4_best_gw result: via 192.168.61.2 dev eth0
2023-08-14 09:29:39 ROUTE_GATEWAY 192.168.61.2/255.255.255.0 IFACE=eth0 HWADDR=00:0c:29:93:7d:1c
2023-08-14 09:29:39 TUN/TAP device tun0 opened
2023-08-14 09:29:39 net_iface_mtu_set: mtu 1500 for tun0
2023-08-14 09:29:39 net_iface_up: set tun0 up
2023-08-14 09:29:39 net_addr_v4_add: 10.8.50.7/16 dev tun0
2023-08-14 09:29:39 net_route_v4_add: 10.10.0.0/16 via 10.8.0.1 dev [NULL] table 0 metric 1000
2023-08-14 09:29:39 Initialization Sequence Completed
2023-08-14 09:29:39 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 8, compression: 'stub'
2023-08-14 09:29:39 Timers: ping 5, ping-restart 120

this is the entire response

sorry im spilling too much of my spaghett

https://tenor.com/view/oh-well-gif-25419730

lol makes no sense at this pont but hey, if it works....

i mean, ill try and see if it works on any random machine

hopefully it does

thanks again i have no clue its super inconsistent with me this vpn, but for now it looks like its working :))

https://tenor.com/view/thumbs-up-good-job-okay-games-meme-gif-9114801

2023-08-14 17:41:40 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-08-14 17:41:40 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-14 17:41:40 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-08-14 17:41:40 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-08-14 17:41:40 library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
2023-08-14 17:41:40 DCO version: N/A
2023-08-14 17:41:40 TCP/UDP: Preserving recently used remote address: [AF_INET]18.202.129.195:1194
2023-08-14 17:41:40 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-08-14 17:41:40 UDPv4 link local: (not bound)
2023-08-14 17:41:40 UDPv4 link remote: [AF_INET]18.202.129.195:1194
2023-08-14 17:41:40 TLS: Initial packet from [AF_INET]18.202.129.195:1194, sid=03504714 a54ec860
2023-08-14 17:42:40 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-08-14 17:42:40 TLS Error: TLS handshake failed
2023-08-14 17:42:40 SIGUSR1[soft,tls-error] received, process restarting
2023-08-14 17:42:40 Restart pause, 1 second(s)

how can i fix this problem its keeps restarting

Which country are you in?

egypt why ?

Egypt blocks UDP vpn, you'll need to use the Attackbox

but a couple days ago i was able to connect to the vpn just fine

Are you getting THM mixed up with HTB?

Because it's been like that for months, if not year(s)

nope i only tried THM never used HTB

I'm not sure why it was working for you then, when it shoudn't have.

ye its kinda weird

Still, there is nothing we can do to help, sorry.

You're only alternative is use the Attackbox.

alright thanks <3

i got the same problem with the vpn

What error are you getting?

2023-08-14 11:37:51 Initialization Sequence Completed 2023-08-14 11:37:51 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 0 2023-08-14 11:37:51 Timers: ping 5, ping-restart 120 2023-08-14 11:37:51 Connection reset, restarting [0] 2023-08-14 11:37:51 SIGUSR1[soft,connection-reset] received, process restarting 2023-08-14 11:37:51 Restart pause, 1 second(s)

ip a s

how many tun* you got?

lateralmovement: only

Ah, you're using the lateral VPN.

i also tried other vpns like : breaching and etc, but nothing is working

Are you on your home network?

yeah

why are rooms, super slow and dropping connections. I am currently working on skynet and had issues with gamezone yday

I am using vpn and taking forever to execute command, even ping is dropping packets

sudo ip link set dev tun0 mtu 1200

Try running that

tried changing transmission unit, still seeing the same issue. My connection is intermittent.. loosing packets and then working ok for some time

any other ideas???

this is sucking the joy out of these boxes

is it ok to not use vpn while attacking a machine in tryhackme room?

If you're using the attackbox, it's not needed.

If you're using a host/VM, it's needed.

what is a host vm you mean my own

like in my own pc

why its needed?

You can't talk to the THM machines if you're not on the VPN, it creates a tunnel between you and the machines.

ok

thanks

Hey guys, I am having a really weird issue on a M1 MacBook Pro using UTM Emulator with Kali. When I start the THM tunnel my internet gets really slow even on the host.

Has anyone experienced that on a similar setup?

The VPN doesn't effect your browsing speed or anything.

You say that, but it starts and stops with the tunnel connection.

There is no reason for it to.

How are you connecting?

I'm not 100% sure on this, but I've generally had pretty weird/bad performance using UTM on M1

In /room/metasploitintro, does the ms17_010_eternalblue exploit still work to hack the VM? I tried it multiple times and I believe that my settings are correct

Did you set the LHOST?

Yes, LHOST is my IP, and LPORT, any port that is not in use, right?

dont need to change it.

wait am i supposed to change the payload?

I guess it just doesnt work anymore

Works on the AttackBox! (no idea why it doesnt work on my kali)

So what do you prefer? Parallels?

OpenVPN CLI

I‘ve begun thinking about just working on MacOS directly - I just wonder how deep in a hole I am gonna get before realizing I should stick to using a Linux VM.

I personally use VMware fusion. Are you using the ARM version of Kali in UTM so that it is virtualised and not "emulated" (I.e. emulating x86/x64)?

@zealous yoke Any ideas why this works on the AttackBox, but not on my Kali?

Yup

Strange. I'm not sure why you'd be having such notable issues while the tunnel is on. If you were to run the VPN on MacOS, do you have a similar experience?

I generally don't do that but I will keep an eye on that.

Any particular reason for using vmware fusion?

how i conect to tryhackme openvpn from kali linux

If you click on the Access Machines button at the top right hand corner of the THM website (near the number of streaks and profile button), it will show you instructions how to connect to THM network via OpenVPN.

!vpn

^ there is an easy room showing you.

.

thanks

Is there a way that i can reconnect my google authenticator with my account? I use the recovery codes now.

For some reason my connection with google authenticator was removed

What about removing 2fa and set it up again?

Can remove it also using the recovery code?

Didn't think of that

it worked

thanks!

I am consistently not able to catch reverse shells with either VPN or AttackBox. Is there some general gotcha that I missed at some point? I can ping the attack box, but it will not catch any shells

"ping the attackbox"

Are you targetting the Attackbox, or the target machines (green button machine starts) ?

In this particular room "https://tryhackme.com/room/networkservices", I am executing a remote command. If I try to ping as the remote command while targetting the attack box IP, I can see the icmp traffic using tcpdump

Ah, the telnet.

That's the one

What command are you using to export the lhost?

I'm not exporting the LHOST, but just found it manually in the top right of the attack box interface

You need to do

export lhost=**tun0**

Then run TCPDUMP in that terminal

Then ping from telnet session

The pinging works fine without me exporting anyhing. I just entered the IP manually. But this issue it pretty consistent across many rooms for me

Metasploit on Attackbox is outdated and won't run without running "msfupdate"

Best to verify and show a screenshot of what you run in the telnet session

!docs verify

I tried Setting up a different VM as well, regenerated the VPN file and still i do have same issue

Please someone look into this its been a week since this issue.

NVM fixed it, i was using my phone as an access point for some time and it was blocking vpn connection.

is thet cool if i did nmap scam not on purpos with kali with out the openvpn

On a THM IP?

Is anyone from the tryhackme technical@support team available?

It'll run 🙂 just might take a minute or so to load. You can ignore the advisory

Is free users vpn servers working..

Iam not able to connect to vpn

I see, thanks 👍

Gave +1 Rep to @zealous yoke

Tried different location still issue persist

Asked friends also

Everyone getting same issue

Can you send a screenshot please

Can you send us a screenshot of the output?

!docs verify

Oh my b, didn't see you there blackout

@sharp bison

Yup, what isn't working?

Unable ping any machine

Open your terminal and type curl 10.10.10.10/whoami, what's the response?

404 page not found

??any solution

yes

i think

After running curl 10.10.10.10/whoami

I got response as 404 page not found

So wts the issue

Are you on the vpn?

Yup

Can you do ip a s

And count the tun?

4

Send a screenshot?

Oh yikes

tun0,1,2,3

!multivpn

Make sure not to background or close the OpenVPN terminal.

Ok

What should I do now

Should I kill all those ps

Yes, follow the instructions above 🙂

Ok thanks

Hi all, I am new to the site and I am attempting to go through the SOC 1 course but every answer I input tells me it is incorrect. Is there a specific format I need to use when inputting my answers? Seems like nothing is being accepted.

Yes, the * will specify how your answer should look

@zealous yoke I wish I wouldn't ping you but do you mind answering that question for me?

I'm not Ben but I use it because it's one of the few Virtualisation Programs that:

• Supports ARM
• Is fast
• Doesn't require me to take out a loan to pay for it

Im trying to do a cutesey little CTF called anthem booted up my vpn and surprisngly i cant ping or do anything nothing seems to reach it, which is strange since when i played KOTH this morning it was fine? everything shows im connected and yet i cant seem to reach it at all

Valid points, I guess I should atleast try it to compare against UTM. Parallels is a banger but yea sadly also a banger for my credit card.

Thanks!

Is anyone having trouble with the attack box being extremely laggy? Like almost not functional? The last two days it has been unusable practically. Thanks

i treid all different ways but iam not able ping the host

interface tun0

can anyone please help how to fix this issue

Which room?

its always laggy

you can use your own machine and connect to thm with openvpn for better performance

Hello, it's normal to be able to use tryhackme's chat only once, that didn't answer my question and it's impossible for me to write a new message or contact support
thank you for your comeback

Wheb did you do it?

on the website tryhackme

When*

this morning

Ah,

You might get a reply on the chat, certainly get one in the form of an E-mail, there is a 6-8 day reply time at the moment.

no you don't understand . i use the chat to try to find a answer no find it , but .. i have the message the conversation has ended and i can't put a message on it

Why did the message say?#

What*

my typing today

the last message say : Looks like you checked out an article. Did you find the answer you needed? . i can't answer or follow the conversation

There is an issue with machines in the Exploiting AD . None of them responds.

#site-support message

Gave +1 Rep to @bronze vale

I don’t, I would submit feedback though #feedback-and-ideas

Gave +1 Rep to @bronze vale

Michael Jordan also completed their SOC level 69 learning path

professional

what are the fraudster work arounds

because all I needed was ms paint

no

Yeah I used segoe ui

thanks 🤣

you don't hear a lot about thm certificates being used in job applications a whole lot so it shouldn't matter too much

some people ask but everyone just says to keep it as certifications like sec+ or degrees

certificates are cool for hanging on your wall though

hi, the overpass 2- hacked room pop a antivirus alert flag as a trojan, it's normal?

It's a false positive.

The PCAP file is fine, I'm sure @eager fulcrum included the md5sum

There's a literal reverse shell payload in it
It's part of the challenge

ok,thanks

Hello, how does this streak freeze work? I wonder because I once had 100+ days streak and I missed a day..... and back to zero 😄

the streak freezes have only been there for around 3-4 months

Ok thanks. I may have been taking a break at least 5 months because of this 100>0 event 😄

Gave +1 Rep to @plush bay

Is there support on this site? I've been trying to work on the EXploting AD lab for 2 days with no luck!!!

No machine is responding!

have you voted for resets???

yes, since this morning

hmmm

i have a general query regarding the website emails and links.

As often stated by Daniel Lowrie "don't click on links in email" i see every email i get encouraging me to click on a button link to check out a new room or whatever.

Is this practice of obscuring the long url link done out of habit/ default settings? Am i the strange one here and avoids links as suggested to stay safe?

Curious why there is a disconnect of theory vs practice. I would assume this audience of security people would not mind a long url link in their email but i am likely wrong on this.

hi i have sent an email (~5 days ago) to the support but still no answer and the coupon will expire soon so any help please ?

Can anyone please help with access into a premium "tryhackme" account or can anyone help pay for mine?🙏🙏.

likely will take a few more days for an official reply as the staff are often very busy, fyi

I am having issues with my premium account, THM has taken my monthly payment but has not given me access to premium features. This has happened a few times. I have been waiting for 9 days now for a response...

Defcon slowed down the response quite a bit due to getting flooded with emails. Just make sure you don't send a follow-up email as that will place you all the way down the queue, they will get back to you for sure.

It's dissapointing that someone have to wait so long even for a machine reset!

What you mean?

Holo network?

there is an issue with exploiting AD lab, there is no connection either using VPN or attack box. It nneds a reset and noone is responding from support.

You can reset it on your own?

it nees votes!

You can vote for a reset once per hour, it might take a bit, but you can do it on your own

i've trying it for 2 days with no luck

You can vote yourself every 30 min(s) or hourly.

I tried it too. the same message appears ...

Can you verify and share the message?

!docs verify

"you have already voted in the last hour" .... Thought over 3 hours has passed

Which subnet are you in?

10.50.95.0

They mean the network diagram, e.g. 10.200.120.x

10.200.98.0

not able to access the site

You’re not going to the web directory port

sorry? actually m just satrted out wuith thm, could you please elaborate where m wrong?

guessing the website is down

what room is that?

Hi guys, on Nmap Live Host Discovery room has a bug I suppose,TASK 4 Question 1
"Send a packet with the following:

From computer1
To computer3
Packet Type: “Ping Request”
What is the type of packet that computer1 sent before the ping?"
The Answer should be ARP Packet however it says it's wrong

any others option cam out w the same message

Im guessing what jerome meant was that the site isnt hosted on port 443

thats what the "https://" stands for, try maybe a nmap scan first?

or just typing the IP into the url could work aswell

i got it

thanks mate

I don’t learn a few weeks I learn again I found this issue I reset progress it’s still black how to fix

Seems to be Vulnversity, yes, the web service isn't running on the default port on that one.

Does a CTRL and F5 fix it?

no help please i already sent an email 6 days ago and the coupon will expire in less than 7 hours. so any help please

6-8 days is the response time right now due to how busy they with E-mails and Def Con.

so when they answer the coupon is already expired ? XD

if the coupon is valid, it is honored from what I have seen and heard here.... where did you get the coupon?

i joined with my friend's referral link and i got the code by email

Should be legit, then. Just be patient and I'm sure support will do what they can for you

okey thank you

I know that THM announced darkmode earlier this year, is it out by now?

nope but dark reader extension still works wonderfully

merci

Thanks for the feedback, just sucks not being able to do my rooms for now but I guess I have no choice but to wait it out. I have in the past just paid again for the premium and getting refunded afterwards but I am tired of doing that..

Gave +1 Rep to @crystal marlin

can i do the quests from tryhackme on my linux? is that have anyone problem ? on my vm or just the vm from website

https://tryhackme.com/room/layer2 in the room in "Man-in-the-Middle: Sniffing" the host is never up. Can see the other host in this network training to arp it none stop also.

Found someone else having this issue in the forums

you can use your computer to achieve results such as the normal attackbox would do as long as you have openVPN installed

Stupid question, but I need to ask.

Are you starting the machine linked to the task, and not the machine one task 1?

ha ha yeah but fair point checking

@pastel tinsel

2023-08-18 02:55:49 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-18 02:55:49 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.
2023-08-18 02:55:49 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-08-18 02:55:49 library versions: OpenSSL 3.0.9 30 May 2023, LZO 2.10
2023-08-18 02:55:49 DCO version: N/A
2023-08-18 02:55:49 OpenSSL: error:0480006C:PEM routines::no start line
2023-08-18 02:55:49 OpenSSL: error:0A080009:SSL routines::PEM lib
2023-08-18 02:55:49 Cannot load inline certificate file
2023-08-18 02:55:49 Exiting due to fatal error

as I mentioned before this only happens with Wreath currently I am solving Breaching AD and it's working fine. Also I've been solving Wreath for a week and it was working fine until I regenerated my VPN config

try opening the configuration file and replacing the line that says "cipher" with "data-ciphers"

there is no cipher it is already data-ciphers AES-256-CBC

When did you generate this ckngig?

Config*

Yesterday morning for some reasons I couldn't ping the network so I went and generated a new VPN config, since then I coudn't connect due to that error. I also tried to generate few more last one few minutes ago... it's still the same error

Fatal error, are you running sudo?

I am running as root no need for sudo

try sudo regardless of root permissions

Which server are you using?

not working

Which server are you using?

I'm going to leave this to Scrubz so I don't cause confusion trying to do multiple things at once

U can't select servers for networks afaik but for machines I am using regular EU 3

Oh, you're doing a network?

Wreath yeah

I just joined, downloaded and it worked, can you open the file and show the contents?

You're on your home network?

those are the headers, I am on my home network on a VM running bridged mode

also as I said before I can connect to other networks I just can't connect to Wreath

I also tried to downgrade the openvpn version doesn't seem to work either

there is a pinned Comment by Jerome in here

it should help u get the ovpn file set up properly

what openvpn version r u on?

‘openvpn —version’ is the command i think

my host is running 2.5.5 my kali vm running the latest version

Have you tried to leave wreath, then re-join?

Scrubz what version number of openssl shows when you run the wreath ovpn file?

3.0.9

let me try

huh mine is an outdated library

You know how to leave? (use the cog, not just close the page)

I just left and rejoined and downloaded a new config it is still the same error

I found something that might possibly work

yes please

nevermind I tried to implement it and it was unrecognized

I'm still searching

alr thanks for taking time anyways

okay

I fixed the wording so try this

it is just frustrating I have only one machine left to pwn on the network

edit the configuration file and add this line

tls-cipher "DEFAULT:@SECLEVEL=0"

it's a temporary workaround of openvpn errors, so if it works it isn't necissarily digging at the root of the problem

and if it doesn't work that's another story

please don't

it'll lower your security level

yes that is true

too late lol, but it is not working for what it is worth

okay then remove it

@zealous yoke looks like certificates are going bad on network 81 in wreath?

for the vpn

sorry for not being able to help

it's good troubleshooting

dw I appreciate it

I learned a bit more along the way aswell so I think it was worth my time

ben will be in chat when he has time, he got more knowledge about the vpn servers

alright thanks

can you send a picture of your network on wreath?

so we can get what IP's you have

helps ben knowing what server he has to get access to if there's something needed to be fixed on it

did ben stop the network? Or has it been in that state the whole time?

nah I didn't start it since the vpn issue started yesterday

wait could that be the problem ?

possibly

you should still be able to connect to the vpn even if the network is stopped, but give it a try

no still not working

while waiting to see if the server has issues, try these troubleshooting steps https://help.tryhackme.com/en/articles/6496058-troubleshooting-openvpn-on-linux-and-mac

mainly the first two (the second one being more specific to your problem as far as I can see)

I swear I went over every tryhackme troubleshooting tip even the ones in the forum

that's okay I'm just throwing things out there. I'm sure it will get fixed as soon as possible if it's server sided

random question, did you generate the file in windows and put it in linux or just linux?

No I was in my kali vm the whole time, and btw my host os is linux too

have you tried running it on the host os?

I know it's also bridged

yeah not working either

but not the same error iirc since my host is running 2.5.5 openvpn

it is a formatting/certificate error, so nothing of those will help sadly

okay I'll remember that

woudn't that affect every player on the network? Scrubz tried to connect few minutes ago and it worked

Maybe just the people in their subnet.

alr I see

it'll maybe just be only the .81.xxx network

is it possible to switch subnets?

Yes, leaving the room for 5-10 min(s)

if it ends up just being the .81.xxx subnet, wouldn't leaving for a period of time and joining back allow @naive dust to complete the room?

yep I just done that I'll be rejoining after 15-30 min

It might erase all the work they've done.

hmm

that might not be a viable solution if it does

considering you said you were almost done you might not want to do that

that's alright I mean what good does it do me if I can't finish the room

if you want to go ahead and try then by all means

although they might be working on it so you still have the option to wait but it's your choice

I already left the room

it's ok I was planning to redo it again anyways

the worst thing is if my work is gone and I still can't access the network lol

lol that would really be dookie

if it works then it ends up just being learning reinforcement

good luck rebel 🙏

thanks for the help u'all I appreciate it

I tried my best lol

That's strange...I've taken a note of the subnet. @naive dust did you manage to click the clog to leave the rooom and be placed on another network sucecssfully?

Alr I left the room now I rejoined and I am on a new subnet. Good thing it is working I can access the network

sudo openvpn cybertechnician.ovpn
2023-08-18 06:39:31 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2023-08-18 06:39:31 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2023-08-18 06:39:31 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2023-08-18 06:39:31 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2023-08-18 06:39:31 library versions: OpenSSL 1.1.1n 15 Mar 2022, LZO 2.10
2023-08-18 06:39:31 DCO version: N/A
2023-08-18 06:39:31 TCP/UDP: Preserving recently used remote address: [AF_INET]18.202.129.195:1194
2023-08-18 06:39:31 Socket Buffers: R=[212992->212992] S=[212992->212992]
2023-08-18 06:39:31 UDPv4 link local: (not bound)
2023-08-18 06:39:31 UDPv4 link remote: [AF_INET]18.202.129.195:1194
2023-08-18 06:39:31 read UDPv4 [ECONNREFUSED]: Connection refused (fd=3,code=111)
2023-08-18 06:39:33 read UDPv4 [ECONNREFUSED]: Connection refused (fd=3,code=111)
2023-08-18 06:39:37 read UDPv4 [ECONNREFUSED]: Connection refused (fd=3,code=111)
2023-08-18 06:39:45 read UDPv4 [ECONNREFUSED]: Connection refused (fd=3,code=111)
2023-08-18 06:40:01 read UDPv4 [ECONNREFUSED]: Connection refused (fd=3,code=111)
2023-08-18 06:40:31 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2023-08-18 06:40:31 TLS Error: TLS handshake failed

Whichc country do you live in?

Azerbaijan

it worked like a charm yesterday

now i changed connection to bridged on vm

change it back to the NAT for the time being if you need to access thm via openvpn

should it be work only with NAT ?

I mean if it worked with NAT previously then it works, it should probably work with both but I don't know what the error is I only briefly looked over it

I'd have kept it on NAT anyway.

yep

Hello everyone, I have an issue with connecting to THM network via VPN. Error : Client exception in transport_recv: crypto_alg: BF-CBC: bad cipher for data channel use . It seems like the server is suggesting BF-CBC but my machine (macos) doesn't really want to use it. Does anyone know how to force OpenVPN client to use the suggested cipher without complaining about it?

P.S. my virtual kali connects to the same profile with no issues

What OS gives you the error?

Macos (host machine)

I got charged twice for a yearly membership, I sent out an email last Saturday and I've still heard nothing back :/

can you send a screenshot of top of the config file?

6-8 day reply currently, you'll be answered soon enough, don't email again as it will push you further down.

Appreciate it

Hello everyone
The situation is the same with others.

Here is my output
Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC' to --data-ciphers.

Note:Kernel support for ovpn-dco missing, disabling data channel offload.

The output after the command
'sudo openvpn -version'

OpenVPN 2.6.3 x86_64-pc-linux-gnu

I am using Kali Linux 6.3.7-1kali1(2023-06-29)

Please, help me.
I searched Google, chatgpt and YouTube, all were useless

Where do you live?

Uzbekistan

I think Uzbekistan blocks VPN's

Uzbekistan blocks OpenVPN.

It won't work.

But I used it roughly a year ago
Ohh no

I'm not sure where you got that information from.

No, it's ok.

Google is giving mixed messages.

Ok,
Then what can I do now
Should I use another VPN and OpenVPN?
Any other suggestions, please

Btw, how did you know, I tried to find it, but I couldn't

I've tried to help someone before from your country.

I cannot tell you how to get around restrictions as that would be unethical.

My advice is to use the Attackbox.

Hi everyone, can someone help me get past the last part of the defensive security section? It is part of the Intro to cybersecurity module. I am being asked to block the malicious IP addresses, but everytime I input the addresses it keeps saying it is an invalid entry.

screenshots @vast plinth

Hello. I am unable to access any target machines. tried several rooms.

Also tried to redownload the OpenVPN configuration file and that did not help.

Everthing worked fine yesterday.

I do have a tun0 IP and it does match the IP at the top right corner of the site. But cannot ping target IPs of any room

@stone panther Figured it out. there is an issue on the THM side with the west-VIP VPN server.

I connected to west-regular vpn server and it works fine

nice!!

I stopped capturing logs after second attempt to reconnect to keep log file as small as possible

@split kraken can you look at what NoHat tried and maybe that will fix it?

nope, still doesn't work. I get the same error

what Openvpn version are you on?

3.4.3 (4617) - latest

what room are you trying to connect you

okay I think I figured it out. Under settings -> Advanced settings -> Security Level, pick "Insecure (Not Recommended)" option to allow client machine use legacy ciphers such as BF-CBC

does anybody know if this issue is resovled?. I am facing the same thing. Cannot find the files email2.txt and email3.eml both.

The machine boots up isn't the attackbox, are you onthe right machine?

that usually always works but it makes your machine vulnerable

lemme just delete that rq and paste a new one

um yes...i suppose so. there's just the one attackbox over there.

Do you press the green start machine button, or attackbox?

There's the start attackbox button over there.

On Task One there is a green Start Machine button.

You can see if you're in the right machine or not with the grey box.

it should open split screen view:

Use the terminal, please, don't use the GUI or VPN manager in MacOS

If you have both open, you can switch between each by clicking the box.

@clever chasm if it doesn't open splitscreen there should be a "show splitscreen" blue button near the top next to the attackbox button

i got it now!!
damn i am so stupid....i was clicking on the blue button above.

you're not stupid sometimes things are just hard to see when they're right in front of us

got it!!!
thank you!

Gave +1 Rep to @fair tapir

indeed!

I swear when I look at my screen it's like I'm farsighted lol

hehe....yeah it does happen sometimes.

thanks @weary spindle !!!

No worries, glad you got there. 🙂

Enjoy the room.

Which server?

Try Eu reg 1

Which country are you in?

How are you running the config?

The vpn file.

Are you doing sudo openvpn file.ovpn ?

Yeah, use sudo 🙂

Gave +1 Rep to @weary spindle

I don't think the openvpn client allows connecting to a vpn server through cli. I couldn't find anything on the Internet

It does

!vpn

#site-support message

Thanks!

I saw that other people had this problem but I am not able to solve it, can someone help me here?

it could be the subnet you're on, and a solution you could try is to leave the room and join back after 15-20 minutes so that it connects to a different network. Although, this might reset your progress in the room.

On OpenVPN client V3.4.1 (3150) (Windows) i get the following Error on Connection:
⏎[Aug 20, 2023, 07:35:12] Connected via TUN_WIN ⏎[Aug 20, 2023, 07:35:12] Per-Key Data Limit: 48000000/48000000 ⏎[Aug 20, 2023, 07:35:12] Client exception in transport_recv: crypto_alg: BF-CBC: bad cipher for data channel use ⏎[Aug 20, 2023, 07:35:12] Client terminated, restarting in 2000 ms... ⏎[Aug 20, 2023, 07:35:12] SetupClient: signaling tun destroy event

Says there bad cipher being used. Try the thm-troubleshooter script found here:

!vpnscript

Doens't work on WIndows, forgot to mention it

Ahhh you're on windows

And you are trying to download the open VPN connect to windows ?

yes

Let me guess...the toggle option just sits and loads for you correct ?

yes

That's what it was doing to me earlier

so what i did is downloaded this one instead

Download the version 2.7.1

and then it worked

was able to connect just fine after that

ok seems to connect. but i don't get access to the machine

Check if you have access here :

click on your profile icon and then click on 'Access'

yes it shows connected

then you are connected

might have to refresh

or restart machine

Also try using a different browser

Still cant ping the machine. Restarted it, restarted my pc, used firefox and chrome

even stopped firewall

don't forget to turn it back on

its back on

It's not a good idea to use your host on the vpn.

Your tun0 can be scanned.

Although THM is for teaching cyber security and ethical topics, I would operate a zero trust policy on other users who aren't staff.

ok seems to work on a kali vm

so using kali vm should be safer?

Yes, vm is much safer.

And it's better to do on Kali than Windows.

The script does not know how to solve my problem

Any suggestion for this?

can someone help with connecting to the open vpn?

it says failed to connect

If you verify you could send screenshots in here. Best to provide such a screenshot

!docs verify

@crystal marlin how do I send screenshots?

it doesn't work

As I said, you have to verify first

Check the link above

I'll let you know

@crystal marlin could you tell me where the bot is?

@sharp bison

@crystal marlin see

What OS are you on?

windows

Hard to troubleshoot from that output, if you would try to connect from some kind of linux OS, they output would be much more extensive

i have kali linux in vm

should i?

Then try to connect from there please via the command line

can you tell me the commands i need?

You can check here: https://tryhackme.com/room/openvpn

But basically just sudo openvpn your_ovpn_config

i get this --The command could not be located because '/usr/bin:/bin' is not included in the PATH environment variable.

and this --- Command 'sudo' is available in the following places

• /bin/sudo
• /usr/bin/sudo

@crystal marlin ?

Please provide screenshots so I can see what exactly you are doing and what exactly the output of that is

@crystal marlin yeah but screenshots don't work there