#site-support

Gave +1 Rep to @weary spindle (current: #1 - 2502)

lateral movement network works now

judging from your profile picture, if your that number 1 dude in the koth rankings, it's probably because you're winning too much. you've gotta give the other players some room to breathe

Check your THM profile if you have it as a beginner or intermediate. Only intermediate and up are able to play KoTH.

every how much time does the tryhackme bot update roles?

You can initiate an update it by verifying your account (again).

thank you!

Gave +1 Rep to @ivory spruce (current: #11 - 609)

The answer is daily, if it's not rate limited.

Hello, I have a question regarding premium membership, let's say I have a personal account with premium membership (purchased annually), and then my employer purchases a business account and adds my personal account to their license, what happens to my existing premium membership?

Hello, maybe you know if i can change my name from a certificate? i already change from account manage but the certificate still appears with my old name, thank u 🙂

You can't, unless you use photoshop.

You'll still be premium regardless,

any reason why some public rooms have been made private?

an example being subl3ster room

Old rooms being replaced, updated or removed

So will it use the remainder of the premium membership I paid for and then apply theirs or will it "pause" mine. Like let's say I have 3 months left when they add me to their license what happens to that 3 months

it will probably end it, but you might need to get support for a more accurate answer.

Support email is here

I would also, this is more life advice, keep work and personal accounts separated

@crude kindle

Hello

You can post screenshots by verifying with the link above your message.

Hello, for some reason when I used nmap localhost on the Kali Machine I could see the vnc port open but when I used nmap 10.10.XXX.XXX(Kali Machine IP) I could only see the ssh and http port open. (I am trying to access my kali machine with a vnc app)

Same as the user above, verify your account so you can post screenshots of your terminal. Easier to receive assistance that way.

Okay

I verified acc

What now?

@weary spindle Look

What machine is 10.10.138.194 ?

The Kali Machine

Wait lemme post a SS

I don't think you can vnc in to that machine, I told you thus earlier

I could with attackbox tho

Is it really not possible with this one?

Is there like some sort of firewall or setting activated that blocks outside connection or something?

No.

@zealous yoke correct me if I'm wrong, but you can't VNC in to thr Kali web box, only the Attackbox?

Unable to negotiate with 10.10.178.123 port 2222: no matching host key type found. Their offer: ssh-rsa

what am I doing wrong ??

I am guessing its some kind of key exchange cipher that my ssh client doesnt support

how do I use it ??

🥺 🥺 🥺 🥺

Do you have the id-rsa?

I have a password

Tryhackme Snort Challenge - The Basics
Task 2 What is the destination address of packet 63?

help

Sometimes you need the idrsa.

What room are you doing?

OverPass2

@weary spindle Guess what I just did

BOOM!

At Long Last

Install Kali Linux 🤔 ?

hi new can some1 help me setup the openvpn connection ? for some reason it doesnt work for me

Did you download the .ovpn file ?

i did

and download openvpn?

yes

it doesnt connect

And use it only inside the virtualbox

Only inside a virtual machine??

yes like you should download openvpn inside the kali/ubuntu vritual machine that you're using for hacking ... and use it from there

Oh i just did it on my main windows machine

doesn't work.. at least not reliably ... do it in the virtual machine

Thank you sir

You're welcome

Also I kinda forgot that I came here asking for help myself

i really wanna learn some hacking stuff, i have good background in IT and Networking

go on, you're on the right way

Il start with the free stuff then il consider purchasing a subscription

I am learning it as well, even tho I have no background in IT or networking... so you probably have a bit of edge there

thats okay

Vmware pro station 17 is free nowdays

il use that 🙂

Cool... I've always been a VirtualBox guy

Vbox is also great

I like it

Does VMware have some advantage in something ?

For Personal home labs i dont think so

ok

As long everything works you are good to go

i had issues in vbox trying to copy stuff from host to guest

i enabled the related settings but still had issues thats why i moved.. but im sure it was solvable somehow

hello everyone, two questions:

https://tryhackme.com/r/room/exploitingad

1. in the exploiting AD room, how long will it take for the servers to reset?

hello there . im facing a problem with connecting openvpn with the THM servers

What issue are you having?

Has the required number of votes been met?

could anything help me with metasploti on mac

everytime i do smth like run or exploit

it fails

and says exploit completed but no session created

Have you ever run any tunnel-proxy software on your mac? It might affect the access to OpenVPN

nope

no vpn

i turned off the firewall too

@fossil current I don't know too much about mac, so sorry couldn't help

nah its alr

Are you doing tryhackme?

yeah

You said there is no vpn, are you connected to the THM one?

wait nah nvm thought you meant doing the course

i mean in general

i dont use vpn

when i use my laptop terminal

Which room are you doing?

😭 🙏 huh

wait wym

Which Tryhackme room are you doing?

not doing tryhackme

doing it on my laptop

Oh, can you please use #general and explain more on what you're doing please.

Nah, it's not me haha, he ( @naive dust ) "stole" my pfp, I use it with other friends in combination

hello,
I'm getting exasperated trying to understand why i can't connect with OpenVPN on windows.
This is the log:

Sat Jul 13 17:07:37 2024 OpenVPN 2.6.11 [git:v2.6.11/ddf6bf6d2a135835] Windows [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jun 26 2024
Sat Jul 13 17:07:37 2024 Windows version 10.0 (Windows 10 or greater), amd64 executable
Sat Jul 13 17:07:37 2024 library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
Sat Jul 13 17:07:37 2024 DCO version: 1.2.1
Sat Jul 13 17:07:37 2024 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341
Sat Jul 13 17:07:37 2024 Need hold release from management interface, waiting...
Sat Jul 13 17:07:38 2024 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:55976
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'state on'
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'log on all'
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'echo on all'
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'bytecount 5'
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'state'
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'hold off'
Sat Jul 13 17:07:38 2024 MANAGEMENT: CMD 'hold release'
Sat Jul 13 17:07:38 2024 TCP/UDP: Preserving recently used remote address: [AF_INET]18.202.168.160:1194
Sat Jul 13 17:07:38 2024 ovpn-dco device [OpenVPN Data Channel Offload] opened
Sat Jul 13 17:07:38 2024 UDP link local: (not bound)
Sat Jul 13 17:07:38 2024 UDP link remote: [AF_INET]18.202.168.160:1194
Sat Jul 13 17:07:38 2024 MANAGEMENT: >STATE:1720883258,WAIT,,,,,,
Sat Jul 13 17:08:38 2024 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sat Jul 13 17:08:38 2024 TLS Error: TLS handshake failed

Any help?

Its wraps broski

Tls handshake is an error in your side.

where should i look?

Which server.did you use?

tried europe 1,2,3,4, same issue on all

Where do you live?

italy

Ah, you're windows.

Are you using OpenVpn connect or communities?

yes

i mean community

Communities should work, however, I would not put your host on the vpn, I'd suggest you use a VM.

yeah, i'm planning to install a VM, i was just trying to connect on windows considering i've just started to use tryhackme

Did you use administrator to open openvpn @faint moat

I'd set up the vm sooner, rather than later IMO.

nope, but i tried now with no difference

Enable OpenVPN on your firewall app settings

@faint moat

If you need to edit your firewall rules, is it worth it? 🤔

nothing changed

just wanted to understand what is causing the issue, just to know.

however i was already using openvpn, and it is giving issues only connecting to this server. everything works fine with others, like my university one

yeah, it's not that it's not resetting, it's that it's resetting. since yesterday already

unanle to connect to thm network but able to ping other sites using my vm

any idea what is wrong/

?

oh i see hahaha, so it's basically your cyber gang sign 😄

Which server are you using and location?

this is how it looks like. it can't start

@cold fog 28/5 votes

Can you manually reset this one?

I sadly can't, but have reported it to the team who can!

I got the same thing yesterday, just restarted my computer and it worked again

@rich crystal @weary spindle i've installed kali on a VM.
i still can't connect

2024-07-13 13:03:40 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations. 
2024-07-13 13:03:40 Note: Kernel support for ovpn-dco missing, disabling data channel offload.
2024-07-13 13:03:40 OpenVPN 2.6.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2024-07-13 13:03:40 library versions: OpenSSL 3.2.2 4 Jun 2024, LZO 2.10
2024-07-13 13:03:40 DCO version: N/A
2024-07-13 13:03:40 TCP/UDP: Preserving recently used remote address: [AF_INET]18.202.168.160:1194
2024-07-13 13:03:40 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-07-13 13:03:40 UDPv4 link local: (not bound)
2024-07-13 13:03:40 UDPv4 link remote: [AF_INET]18.202.168.160:1194
2024-07-13 13:04:40 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2024-07-13 13:04:40 TLS Error: TLS handshake failed

thank you!

Gave +1 Rep to @cold fog (current: #29 - 282)

Man, been trying for a week to finish the Exploiting Active Directory room. Anybody else keep having to start all over every hour or so? Was about to execute the command on task 7 to authenticate to THMDC when my rdp sesh just closes and the network shuts down. Is there something that can be done to improve these networks? Really frustrating.

Which THM OpenVPN server are you connecting to? Which internet connection are you using?

#room-bugs please 🙂

Will be done !!

hello i cant seem to connect to the secure shell through the terminal, this is what it does:

ssh -i id_rsa cappucino@10.10.194.97 -v
OpenSSH_9.7p1 Debian-5, OpenSSL 3.2.2 4 Jun 2024
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Reading configuration data /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to 10.10.194.97 [10.10.194.97] port 22.
debug1: Connection established.
debug1: identity file id_rsa type -1
debug1: identity file id_rsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.7p1 Debian-5
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: compat_banner: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
debug1: Authenticating to 10.10.194.97:22 as 'cappucino'
debug1: load_hostkeys: fopen /home/kali/.ssh/known_hosts: No such file or directory
debug1: load_hostkeys: fopen /home/kali/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY

hi everyone

i've started the exploit ad room server again, however the domain controller is down

should i wait 2-3 more minutes in case it didn't boot up yet or is it broken?

or turned off

🤣 just 4fun

Do a Google search on the last line and you should be able to get the solution that you need.

i see thank you! i should have searched before asking here lmfao

Gave +1 Rep to @ivory spruce (current: #11 - 610)

It has been asked a couple of times, but I'm just a bit lazy to do a search today.

😅

6 gb of RAM and 4 cores? I suppose kali can work fine even at 2 cores.

Yeah... But that what I did since it was becoming un responsive

Actually not my machine doesn't become unresponsive

Only terminal become unresponsive

Did you convert linpeas into an executable after copying linpeas into your target?

Yeah using chmod +x linpeas.sh

I did

Or have you tried the other linpeas file types if .sh doesn't work?

Yeah neither working

Its not just about linpeas I always get issue

When using ssh with my vm

Is the linpeas version you are using the most recent release?

Is your ISP speed fine?

yeah..

Getting above 100mbs

Yeah... I just cloned it from github

@ivory spruce you still there?

Yeah, apologies. Still catching up on household stuff.

Can you try running this on your attack machine while you are connected to THM OpenVPN - #room-help message?

I did... On attack box it works file

fine*

What do you mean you already did? Also, the Attackbox is logically in the THM network already.

Yes

I performed wget... It doesn't seem to work either

Did you run the command?

which command?

I have python server running on the target machine

@fast veldt the command described in the linked message?

I don't see any command

Can you please highlight it for me?

Okay okay got it

Getting blank

Are you connected to THM openvpn when you ran it?

yes

I checked it on private window to make sure am not getting any cached data

And its showing its connected

Did you try running the command again? I meant running linpeas on the target?

Blank

Blank

Try running the linpeas on the target again.

You can also try piping the results on linpeas to a file and sending the results to your attack VM via nc or curl

Welll, Its working now... Was that command from earlier fixed the issue? Do it need to keep it handy?

I don't really know how to do this... Would have to do some research. Thank you so much

Gave +1 Rep to @ivory spruce (current: #11 - 611)

Or you can simply do a discord search using mtu and it is sure the pop up

There is an explanation from Scrubz for it, but don't have time to go looking for it at the moment.

Once you do, keep it in your notes as it will be handy.

Yeah, I will for sure

EU-VIP-1

i did that but nothing changed

Still having issues? That's the server I've been using and haven't had issues thus far.

Thanks so much for this. Could not work out how to make it work myself.

Gave +1 Rep to @rare hound (current: #2131 - 1)

i was able to get it working, only europe-2 server works.

any room I solve, its ip address goes down for some minutes and then goes up. Is it with everyone ?

👀

it got solved, i guess because i am using mobile hotspot

please confirm

That could be it.

okayy

@weary spindle thanks for confirming

Gave +1 Rep to @weary spindle (current: #1 - 2509)

hey im having trouble connecting the tryhackme vpn on windows

Having issues with Snort Challenge - The Basics and I have reset the room 4 times and even check google for some walkthroughs and my answers come the same each time even following the walkthrough videos, some reason they keep showing incorrect each time you hit submit. Not sure if the room is buggy but the rest of the questions take the answers I provided and said they are correct.
by following this video and reading walkthroughs the answers should be correct.
https://www.youtube.com/watch?v=UPpJUTf7wEY

who can u contact about restoring my streak?

@obtuse terrace

can anyone help me in buying the premium subscription

my credit card is not working

ill pay u immediiately

Have you tried calling your bank? Might be tricky to ask someone to pay something on your behalf without actually knowing you.

nvm i bought voucher and used it

it would have been better if i payed using credit card i would have got 5$ discount

This isn't the sort of thing we help with in this server...

ok my bad

Hey ? if we buy Annual Premium Can We Cancel it ?Later also like after 1/2 months?

how to change the country?

no idea bruh

im new

You pay annual up front.

https://tryhackme.com/api/user/update-timezone

Click this link without a vpn active.

I keep getting this error

Have you refered to the page?

hello!, when using the attackbox, are there any keys that you could use to paste the previous command in the terminal again?

Getting issue connecting to vpn

That looks like it's your own Internet connection.

Yes... Trying to figure out why am unable to use internet

Its happening in vm only...

I tried restoring snapshots but doesn't work

Please use #general for this.

use up arrow key it will get the previously command u executed

thank you so much! it worked

Gave +1 Rep to @frosty island (current: #2132 - 1)

it really speeds up the process sometimes

Doing https://tryhackme.com/r/room/containerhardening, the machine in split-screen mode won't load for me

Hey guys, How do I reset my progress? I want to start over.

Its in the options of any room

Hi

Is it normal that the VPN doesn't come with a certificate? It comes with private key, ca cert, tls key, but cert part is empty

nvm created a ticket

Rooms will have a reset progress button like this:

i started a machine on the web but nothing show up i connected to openVPN

it happened for like 2 days now

room zero logon >>> The questions do not appear and only the video appears

Can I unlink my previous Discord on THM to link this account ?

What happened to your old account?

Lost my 2FA when my phone went in the sea 😂

Have since recovered it but just stuck with this one.

Is it possible or is it going to be a rite PITA ?

hey

little prob

i am on a kali vm

and i try to connect to openvpn

it does connect but only through the terminal

and it hijackes one of my terminals, never ending the command prompt, as if it loaded forever

It's possible.

Dm me your token, old account and THM profile.

FR sent

hi @weary spindle unfortunately the exploitAD network is still not functioning. could you please tell someone to check what is wrong with the main domain controller for that room?

Anyone know why my attackbox is so laggy

used to not be like this but now it takes 5 seconds for a button press to register

Maybe it's been up for too long?

I just restarted it

Hello

Please anyone can help me

With error on openvpm

@small spoke

nevermind. i'm an idiot. sorry for reporting this 3 times

My vpn is not having stable connection. Like it disconnects for 3 to 4 mins then automatically gets connected

out of curiousity is there a way to swap which side the attackbox / vm loads on?

can anyone explain how does leaderboards work

You can load it in a separate window if that works better for you. You'll need to expand it to do so.

that might be the way to go, thanks for the suggestion

Gave +1 Rep to @ivory spruce (current: #11 - 616)

attack box died on me, giving me this error, I now cant start it, getting the same error 😦

(never mind I figured out where my error was. Apologies for any notifications)

exploit AD room there is no flag on the desktop of the administrator user from tier 2 admin

tested with other users in the tier admins 2 group in case someone before me has deleted the flag but none of the accounts have the flag on the desktop

Hello,
I get a connection error in open vpn as in the screenshot, can you help?

Can you help me?

Try this link

Hi, what is the command you are using? And indeed, see the link W I D E sent

this is how it is

Have you tried the link above?

Is your openvpn up-to-date?

And first, do the steps noted in this link

https://help.tryhackme.com/en/articles/6496058-troubleshooting-openvpn-on-linux-and-mac

yes I tried

Are you looking at the connection thing in thm.

I am trying to connect to the vpn from the configuration file I downloaded

Redownload your file on another server

Yeah, if you leave this running and open an new terminal, can you do curl 10.10.10.10/whoami?

@steep drift :)

I am doing

Couldn't connect to server

curl: (7) Failed to connect to 10.10.10.10 port 80 after 21034 ms: Couldn't connect to server

I have something to do. If I can come back in a couple of days, can we take another look?

need to get out thank you for your support, see you again

What will be your role as a Junior Security Analyst? please someone should help me answer this question is from TryHackMe

https://tryhackme.com/r/room/windowsprivesc20 TASK6 machine will not connect
Here is my command

└─$ xfreerdp /dynamic-resolution +clipboard /cert:ignore /v:10.10.26.17 /u:THMBackup /p:'CopyMaster555'
[08:20:34:819] [2199937:2199938] [ERROR][com.freerdp.core] - freerdp_tcp_connect:freerdp_set_last_error_ex ERRCONNECT_CONNECT_FAILED [0x00020006]
[08:20:34:819] [2199937:2199938] [ERROR][com.freerdp.core] - failed to connect to 10.10.26.17

The machine has been online for 5+ minutes already. If when the machine ever comes up and I try to use it/click anywhere etc., this happens immediately:

┌──(stoned㉿kali)-[~]
└─$ xfreerdp /dynamic-resolution +clipboard /cert:ignore /v:10.10.26.17 /u:THMBackup /p:'CopyMaster555'
[08:22:17:954] [2200881:2200882] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[08:22:17:954] [2200881:2200882] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_BGRA32
[08:22:18:998] [2200881:2200882] [INFO][com.freerdp.channels.rdpsnd.client] - [static] Loaded fake backend for rdpsnd
[08:22:18:998] [2200881:2200882] [INFO][com.freerdp.channels.drdynvc.client] - Loading Dynamic Virtual Channel rdpgfx
[08:22:18:998] [2200881:2200882] [INFO][com.freerdp.channels.drdynvc.client] - Loading Dynamic Virtual Channel disp
[08:22:20:787] [2200881:2200882] [INFO][com.freerdp.client.x11] - Logon Error Info LOGON_FAILED_OTHER [LOGON_MSG_SESSION_CONTINUE]
[08:22:59:571] [2200881:2200882] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 110: Connection timed out
[08:22:59:571] [2200881:2200882] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[08:22:59:571] [2200881:2200882] [INFO][com.freerdp.client.common] - Network disconnect!

I am not able to do this task

Machine comes up, I try to open cmd.exe, it crashes. If I try to click somewhere or type something, this happens.

Since yesterday I have been having problems with the website, it does not let me press the links or sometimes it does not even let me scroll, it freezes many times and even restarting does not solve the problem

It also says this is in Kali linux, but I am not able to find this smb server script in Kali linux

I found them I guess in a diff place. So that problem solved. But the first instability problem with task 6 machine remains

└─$ locate smbserver.py
/usr/lib/python3/dist-packages/impacket/smbserver.py
/usr/lib/python3/dist-packages/scapy/layers/smbserver.py
/usr/share/doc/python3-impacket/examples/smbserver.py

Now it won't connect at all.

@west chasm Is there someone that can help me with an issue with a room? I have asked in other places but no one responded.
I am in the Threat Intelligence Tools room on Task 5 and the IP address I have is correct but it is not being accepted as the answer. I have checked every where and my answer is right. I have also tried other things and nothing is working. can someone please help me?!

@west chasm @sharp bison you guys need to look at ssh connection systems, they are not stable at all, they behave stuck every time i try to connect i see something new, few are the screen shots attached.

All the screenshots have delay of system restart between them, still it;s been an issue, i have restarted machine since couple of times... do something , this is not only today's problem, i face it everyday, but today i am tired of all these things.

Many other users might be also facing it, please look into it, it's very troublesome to operate with these unstable systems.

i wrote the above whole issue and still it's stuck, A LIVE EXAMPLE.

I am tired, I am not able to finish my room.

Hey, have you tried the OpenVPN MTU fix? This looks like more of an issue on your side.

run this command in a new terminal, while your VPN is running sudo ip link set dev tun0 mtu 1200 and attempt the SSH connectionagain.

This command basically changes the amount of data you send and recieve over the VPN at a time, some network connections can be a bit ... fussy

Does anyone happen to know of a way to contact THM support? I am in the AWS EC2 Attack and defense room and am experiencing problems with my AWS environment. I've reset the environment several times, and no change with the issues I'm seeing. Thanks.

Hello 👋 sorry for the troubles. You can submit a ticket via the chat bubble on the site, or email support@tryhackme.com (it ends up in the same place) and we'll make up for it and get your environment fixed 🙂

Thanks Ben!

Gave +1 Rep to @zealous yoke (current: #8 - 852)

Have you defanged the senders IP address?

AH! I got it! I was confused apologies! thank you!!!

Gave +1 Rep to @zealous yoke (current: #8 - 853)

No problem:)

Okayy I will do that….but do I need to run that command every time I start the system?? @zealous yoke

@zealous yoke thanks for showing a way out 🙂

Gave +1 Rep to @zealous yoke (current: #8 - 854)

You can add a line in the openvpn config so that OpenVPN will apply it every time you start the connection (i.e. sudo openvpn username.ovpn), but first, lets see if that command fixes, and then if so, I'll tell you how you can make it permanent in your openvpn file

Ohh okayy I will try it in few minutes and inform you the situation 🙂

hi im new in this, im in the learning path ofJunior Security Analyst Intro and i answer the questions (i think correct) and no matter what i put in the answer it always marks it as incorrect lol Maybe im wrong but is a really really basic question

Sure np. Let me know how it goes

Yeah sure

What task and question are you working on?

Task 1 A career as a Junior (Associate) Security Analyst

Okay cool. What do you think the answer is?

Monitor network traffic logs and events, work on tickets, close alerts, and perform basic investigations and mitigations.

Okay, so that's not exactly wrong - that would be part of the responsibilities and tasks that you would have

However the room is looking for a specific answer. If you look at the question, there are asterisks (*) indicating the length of the answer

The question is looking for a specific answer. Hint it's been provided in that task :). It's asking about the role, not responsibilities

LOL

Now i start to understand the format

Thank you very much

NP(: the answer format can be quite helpful sometimes

hello @zealous yoke i started ssh and then did exit and started again it worked fine, i guess the problem has been solved, can you guide me to put that command permanently?

and i have question can i increase mtu 1200 to 1400 or more?

Great to hear 🙂 you can increase it, but I would say just trial and error (i.e. trying different values and seeing if it works). If 1200 works then I would stick with that personally

If you open your openvpn file in a text editor, and add tun-mtu 1200 like below, this should force openvpn to use 1200 every time. Of course, if you regenerate or have to download your openvpn file again, then you'll need to add this entry again

ohh okayyy, thanks for your help and can i increase mtu to more?

Gave +1 Rep to @zealous yoke (current: #8 - 855)

you're welcome:) and you can but there'll be a certain amount as to where you'll have the same problem that you did. IMHO I'd just stick to 1200. If it works it works, and it doesn't make that much off a difference other than one value will work another will not

ohh okayyy

thanks again for sorting this out

You're welcome!

where to verify in order to send screenshots?

type /verify

@hot jasper

thnx bro i did it love y 🙂

you're welcome man

try making a new firefox profile or clear out cache and cookies and history

does Firefox only freeze when using THM or other websites too? Run it from the terminal and when it freezes see if there are any warnings or errors that might be related

Not sure if it was answered, but this is the wrong answer.

That's why it's saying it is wrong. Not a bug.

https://tryhackme.com/r/room/windowsprivesc20 TASK6 machine will not connect
Here is my command

└─$ xfreerdp /dynamic-resolution +clipboard /cert:ignore /v:10.10.26.17 /u:THMBackup /p:'CopyMaster555'
[08:20:34:819] [2199937:2199938] [ERROR][com.freerdp.core] - freerdp_tcp_connect:freerdp_set_last_error_ex ERRCONNECT_CONNECT_FAILED [0x00020006]
[08:20:34:819] [2199937:2199938] [ERROR][com.freerdp.core] - failed to connect to 10.10.26.17

The machine has been online for 5+ minutes already. If when the machine ever comes up and I try to use it/click anywhere etc., this happens immediately:

┌──(stoned㉿kali)-[~]
└─$ xfreerdp /dynamic-resolution +clipboard /cert:ignore /v:10.10.26.17 /u:THMBackup /p:'CopyMaster555'
[08:22:17:954] [2200881:2200882] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[08:22:17:954] [2200881:2200882] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_BGRA32
[08:22:18:998] [2200881:2200882] [INFO][com.freerdp.channels.rdpsnd.client] - [static] Loaded fake backend for rdpsnd
[08:22:18:998] [2200881:2200882] [INFO][com.freerdp.channels.drdynvc.client] - Loading Dynamic Virtual Channel rdpgfx
[08:22:18:998] [2200881:2200882] [INFO][com.freerdp.channels.drdynvc.client] - Loading Dynamic Virtual Channel disp
[08:22:20:787] [2200881:2200882] [INFO][com.freerdp.client.x11] - Logon Error Info LOGON_FAILED_OTHER [LOGON_MSG_SESSION_CONTINUE]
[08:22:59:571] [2200881:2200882] [ERROR][com.freerdp.core.transport] - BIO_read returned a system error 110: Connection timed out
[08:22:59:571] [2200881:2200882] [ERROR][com.freerdp.core] - transport_read_layer:freerdp_set_last_error_ex ERRCONNECT_CONNECT_TRANSPORT_FAILED [0x0002000D]
[08:22:59:571] [2200881:2200882] [INFO][com.freerdp.client.common] - Network disconnect!

I am not able to do this task

I can't connect, even though the machine is up. It connected once, then disconnected when I tried to use it.

im using a web browser called web and it works

@untold harness remove some of the options. I connected just now with no such issues. However earlier, I did have an issue because I was using a few different options.

im sure is a bug

hey guys, non of the websites that are the in the jr pentester rooms are working, i've tried multiple times during different times

Are you connected via vpn or the attack box?

what issue you have?

Attackbox or OpenVPN for beginners?

attackbox

I can't connect via openvpn, why is that? Due to proxy settings etc. ?

I look connected on OpenVpn

I can't also access anything on Attackbox's firefox

Probably due to sth about proxy settings but I don't know, I couldn't solve

I have firefox and burp community connected each other on my main windows host

I closed them both but didn't work

idk, it's just weird

I can't access any fucking thm machine rn

hello, this happened 3 times in a row, any tips to fix this? thank you

Nope, never seen it. What does "this page" say?

that it sometimes happen as a result of making their VMs faster or something like that and that i should contact them via email but i figured i may get faster reply here

but it works now

Fair

I am curious, is it possible to reset the account progress? I want to start over and I just bought Premium again, because it was some time ago

not sure about the whole profile progress but you can reset the progress in each room

Ahh tysm. thats what I was looking for

nw, this is how it's done

hello guys,

start machine and split screen wont come out? How to fix?

hey, there is one missing answer box on the "Cyber Kill Chain" Task 9 site. I am only shown 6 answer boxes, however there is 7 questions that needs to be answered. As a result, i keep getting denied from completing :<

can't seem to provide an image though.

Non-subscribed user can only deploy the free AttackBox for 1 hour a day. However, please specify if you're using the website on PC or on a mobile phone, so mods can provide you a solution.

im a premium user using brave browser

i also tried opening it on MS Edge, same result. When I click Start Machine it wont show me the split screen

at that point it sounds like the browser is not the issue but something else is

Meterpreter started opening dozens of sessions by itself. I only ran the eternalblue exploit on window ms17-010

Can you show the options that you configured?

payload => windows/x64/shell/reverse_tcp

Reconfigure target from Automatic to something more specific

And then try running the exploit

Not following

'target'?

Change this to something more specific.

Oh

I am not seeing that in there

type set target then use tab autocomplete to list available options

Oh I think we're in the wrong channel for room support.

ok

That's not working. I don't get anything autocompleted

Ok let's switch to #subs-room-help

Folks, can someone help me, by any chance?

Try the link above

okay

None of them worked.

Btw, I am connected via openvpn but cannot reach machines.

When the vpn connection is off, it says that "ERR_NETWORK_CHANGED" and "you are disconnected", as expected:

But when I am connected via vpn, I have this error:

"ERR_ADDRESS_UNREACHABLE"

And, when I wait a little bit, it says "ERR_CONNECTION_TIMED_OUT", again as expected:

I think the problem is in here.

Because I am in the thm's private network, I am connected but somehow I cannot reach the machine.

@marsh magnet

so this made me think that this is because something about proxy settings, but I shutted them off, all of them(chrome, firefox, burp), again nothing changed

idk, I go crazy

Yeah, if you leave this running and open an new terminal, can you do curl 10.10.10.10/whoami?

Wait are you on windows?

yes

windows

well guess you are using the windows openvpn client then

yes, gui

which could be the cause of the problem as that would limit your access to only the tryhackme network and no other stuffs

btw I also downloaded wsl-ubuntu my windows, wanted to say just in case

idk if that's the issue

I didn't understand your point. "...limit your access to only the tryhackme network and no other stuffs" in that case, I would still be able to reach the thm machine right?

but I can't

if said machines have port 80 open

also could because you turned on foxyproxy and never turned it off

as then you are using a connection to a proxy that no longer exists which would also cause no websites to work

I don't have and never had foxyproxy. The only proxy was burp, but I connected burp to firefox

I actually don't like windows as a host so I can't help you I'm afraid.

how did you connect firefox to burp???

set that to no proxy

did it, not worked

welp meep it no idea what is going wrong

but there is a reason people don't use windows to hack

and use kali linux vm:s instead

:)yeah, time to switch linux I guess

I have vm downloaded, I will install linux on it, but won't be a problem again?

Because it uses the same network with host machine

nope the vm is segmenting it out to its own network

and if you use the command line linux openvpn client it should not cause any issues either

for example, I couldn't reach also firefox and thm machine inside attackbox

okay, I will try vm

yeah something is obviously wonky but no idea what

Okay guys I will try vm as a last hope:) thank you for your time @marsh magnet @plush bay

Gave +1 Rep to @marsh magnet (current: #45 - 166)

+rep @plush bay

Gave +1 Rep to @plush bay (current: #3 - 1832)

Hey so I found a something that needs small fixing in this
Room:
https://tryhackme.com/r/room/splunkdatamanipulation

Task6:
Restart Splunk
Save the file and restart Splunk using the command~~ /opt/bin/splunk~~ restart. Open the Splunk instance at 10.10.55.95:8000 and navigate to the search head.

it should be /opt/splunk/bin/splunk restart

https://tryhackme.com/r/room/opencti

so on task 4 the start machine is not working but its working on other rooms/tasks

The machine can take up to 10 minutes to be ready, and the attackbox in full screen is suggested in the notes. I assume you've been waiting a while?

Machine appears to be functional on my end via attackbox. Logged into the OpenCTI Dashboard. Also working via VPN.

okay ill try waiting

ive waited for 20misns now

Are you using the attackbox or vpn?

the attackbox button on the top of the page works but the dedicated attack box on the tasks arent opening.

i mean some arent

ive been jumping from rooms to rooms so I can keep my streak 😭

i just changed to chrome and still same issue

I am trying to connect to a room and have the VPN correctly set up, but for some reason I can't access the machine (and don't get a response from 10.10.10.10). Does anyone have an idea about what could be wrong?

Nevermind, it worked!

Hello, I’m trying to download my vpn access file but keep on getting error 500

When I click on regenerate I get same error too. Please I need help to solve this

is it intentional/normal that a whole bunch of previously-free rooms suddenly became premium? these aren't new rooms; some have been out for years

eg, mrphisher, several print nightmare rooms, templates, posheclipse, a dozen others

This is intentional 🙂

👍

these seem like fairly low quality rooms so far, which seems odd to turn into premium, but as long as people are aware

Can someone manually apply student discount on my account, I'm replying to the problem which I had with my college email. Blackout had told me in dms that it would be applied manually after I switch to my regular email and subscribe (which I did now after a month) but he isn't responding to my dms about it

I believe you have to email support for that.

I'm not 100% certain what the email is though.

Hi, i'm new to THM and i have little to no knowledge about how OpenVPN works. When trying to connect using the given configuration file here is what i am prompted with :

2024-07-18 04:17:10 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

2024-07-18 04:17:10 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.

2024-07-18 04:17:10 Note: '--allow-compression' is not set to 'no', disabling data channel offload.

2024-07-18 04:17:10 OpenVPN 2.6.9 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]

2024-07-18 04:17:10 library versions: OpenSSL 3.2.2-dev , LZO 2.10

2024-07-18 04:17:10 DCO version: N/A

2024-07-18 04:17:10 OpenSSL: error:0480006C:PEM routines::no start line:Expecting: CERTIFICATE

2024-07-18 04:17:10 OpenSSL: error:0A080009:SSL routines::PEM lib:

2024-07-18 04:17:10 Cannot load inline certificate file

2024-07-18 04:17:10 Exiting due to fatal error

I'm about to head to bed, but are you using the attack box or the VPN on your own VM?

To continue my limited brain function, if you are using the VPN on your own VM, are you using sudo?

yes i just used the us-west 1 server and it worked

awesome, apologies but i'm heading to bed.

no worries, good night

If you need anything else, I'll message you back tomorrow. Good luck!

the attack box

Hello support. My issue is with Wazuh 30062023. I cannot access the server. I have waited, tried different browsers and checked firewall settings. I am using Chrome on a Mac. The server is accessible thru the attack machine, but the password does not work.

solved..nevermind

Exploiting AD issues. I exited the ssh session as I waited for the permission changes I made to propagate through the domain. Now, no matter what I do, I can't reconnect via ssh. I keep getting an issue that says -
"ssh: connect to host thmwrk1.za.tryhackme.loc port 22: no route to host"
Nslookup dns request resolved to the proper IP.
The subnet is 10.200.77.0/24

I can ping all the other machines in the domain, but not thmwrk1!!!!!!

I get the same "no route to host" message via AttackBox and my own machine

@foggy rover Hey there is a typo in the 'Active Directory Basic' room. Task 7 -> second question (... request further tickets known as TGS?) Where TGS is refering to Ticket Granting Ticket (TGT).

Working now. Weird

You'll need to email support.

#room-bugs

Please don't ping staff with typo things, staff regularly check that channel

sorry

It's ok

i had lost my 72 days streak is there a way to get it back

hi, so i wanna unlink my previous account and link this account to my tryhackme

my openvpn is not working it keeps saying exeting due to fatal error and cannot load inline certificate files is there any fix?

this account's the old one

use sudo

that'll work

i did use sudo

oh, then it had to work. ya got any screenshots?

not letting me send it for some reason

Need to verify your account to send screens.

Done!

Hey i dont now if there is any machine based search possible ,

I want to search for rooms that have windows based machines

Is it possible to add : windows/linux category on search filter as well

And if someone could explain me why I got 2 lines instead of one (that's fhe result i usually get)

Where did your friend get it?

You can type in "Windows".

^

I dunno he just sent me the file and told me "let's see if you got some skills"

I saw that with a gtx 1060 you could get pretty good results with hashcat but my gpu isn't that good so I couldn't try those kind of approaches

Since we can't verify where they got the file from, I'd appreciate if you don't send it in here, and stop asking for help.

I didn't send the file

I sent the hash I got from the rar2john tool

I'm sorry if it seemed like it was some scam or virus but it's not

It's a .txt file

Im doing Enumerating Active Directory (https://tryhackme.com/r/room/adenumeration) room using AttackBox however "enumad" interface required to connect to the dns, seems to cease to exist
only interfaces that exist are
lo
ens5
breachad
lateralmovement
docker0
veth91492349@k1d
vethhhb9123sfd141234

You'll need to drop an email to THM Support for it.

@versed jasper

@ivory spruce thank you

Gave +1 Rep to @ivory spruce (current: #11 - 618)

@west chasm I got a message from an account hijacker and DDOSer that is in this server. He is a known malicious actor on Xbox and has stolen dozens of accounts and knocks people offline anytime he wants. I have screenshots of him bragging to me but I cannot upload an image in this channel

Vote to ban from this Server

why you saying "vote to ban from this server"

Vote to ban the dude who just spammed me with messages about how he stole 4 accounts today

but he is in this channel?

He’s in this server

Just sent you screenshots

skinertin

He’s a known malicious actor

In the screenshots I sent you he says ‘this is skinny btw’ and once I read that I knew it was skinnyrat

just dont send me any screenshot, delete that

Done

They are strong accusations, and the truth is I don't know if they can do anything here, in any case if it is real and you can defend it, report the user, and email support commenting on the situation.

try another vpn-server
EU-regular-3 gave me a 500 aswell, but on EU-regular-2 the download worked for me 🙂

Thanks

Gave +1 Rep to @signal lotus (current: #2141 - 1)

Hello

is there anyone i need a help

trying to connct to openvpn showing this

redownload

Mmm yeah try re-generate one

try many times

try a different server

Which server are you trying to connect to?

wow what an amazing servers !! tried 5 diff servers

@crisp osprey do you still have problems?

Done!

Hello. It is impossible to download VPN configurations

Wdym impossible?

Config files download are never starting

never mind, it is ok now. But that wasn't during a while before

BTW there is some issue with the connection

I had the same issue.

It's a backwards compatibility issue - basically your openvpn version is out of date.

Easy fix is just to edit the ovpn file and at the very top you will see a line that says 'data-ciphers AES-256-CBC'

Above it, add a line that says 'cipher AES-256-CBC' Then it should work.

Screenshot shows example highlighted

Or just download the most up-to-date version of openvpn and that should sort it too

How do you explain that we cannot upload screenshot in a support channel

Quite easily.

We ask users to verify their THM account with our Discord bot as a way to stop new members joining and spamming gifs and images.

So unverified users don't get embed permission

Thanks a lot. I was trying to find informations about that on the discord.

Gave +1 Rep to @weary spindle (current: #1 - 2513)

You're still on cooldown

So, looks like there was some issues with the site and available files

That message just says the file you are trying to download already exists on your computer and is asking if you wanna replace it

so go to your downloads folder and see if it is there maybe?

was talking about the size

config file with a size of ~3.7Kio = openvpn just doesn't try anything
config file with a size of ~8.1Kio = openvpn connection never end

i can connect to the VPN of HackTheBox, so i think there is no issue from my side

When trying to download eu-regular-3 file

same happens when I try it, probably a bug.

Looks like the THM team have works to do

Try EU-Reg-2 or EU-Reg-4

tried many times before

or you wanna mean i need to retry now because someone patched it?

Wait for 2 to 3 mins after changing the server before downloading the OpenVPN config.

i am waiting since 1h

Have you tried to generate your OpenVPN config file again?

So if you try to download EU 1, 2 or 4 it says Access denied?

EU 3 download is broken for everyone it seems

No, but error 500 on EU 3. Access Denied don't show up again

but nothing working btw

So what happens now when you click to download on EU 4

or 1 or 2

i can download, but VPN is not working

Okay so show the error message for the vpn

I am sorry i have to lunch. My goal wasn't to work on a server side VPN issue today

Not sure why you are so fixated on EU-Reg-3 though..

When you get back, try this solution.

Open the configuration file and add this following line above the 'data-ciphers' line:

I tried reinstalling openvpn and redownloading the configuration files and they also did not work. But fixed when I tried this.

For some reason, the openvpn client isn't recognising the data-ciphers argument but only recognises the 'cipher' argument. This was with a fresh download from the openvpn website today.

So, tryhackme servers are fine there is just a weird compatibility thing with the client and the config files - at least for me anyway.

But if it is the same for you, that is an easy fix.

why is this happening?

and yes, the network is already started

Did you join the exploit ad VPN?

It's a separate network, different vpn file.

when you hit "ip a" do you see the adapter called exploitad?

Nice try. But that's doing nothing. There is an issue with NetworkManager and the cipher methode

the only way to make that working is starting the VPN without NetworkManager

So are you connected now?

What is the delay to get the student discount approved usually?

about a week maximum

but it can change widely dependin on how many support tickets there are

I need to create a ticket for it ?

depends... if your email adress you signed up with is not extremely easy to figure out it is a student email yes

@scarlet steppe

if you wanna send a ticket for it

yes i can, but not with NetworkManager. Juste i have to start the vpn in cmd

anyone know why ?

Which THM OpenVPN server are you using?

Im using Kali and I am able to navigate to the TryHackMe access page and it says I’m connected and provides the ip. But the access machine button in the upper right corner is still red and says disconnected. Has this happened to anyone else

That part is currently broken. So long as you can connect to 10.10.10.10 and it displays your IP, you're good to go.

Ok thank you so much!

Gave +1 Rep to @ivory spruce (current: #11 - 620)

Problem converting VM. Check prerequisites.```

Ubuntu 20.04

Anyone can help?

Is this related to a THM room?

Yes

Which file format is it.

?*

Ova

hello,trying new things

In the past there was a post on the help center to explain the rules for write-ups (solutions). E.g. delay after a room released to be allowed to publish a WU, what the WU must not contain, etc.
I don't find anything anymore either on the blog or on https://help.tryhackme.com/en/
Does someone can point me to the rules if they have the link?

https://tryhackme.com/r/room/dombasedattacks

This command is incorrect

You can't sudo echo something with >>. It won't work. Syntax is wrong. You will get permission issues on /etc/hosts

sudo -s
echo 10.10.6.20 lists.tryhackme.loc >> /etc/hosts

would work.

I’m having trouble seeing when I connected the OpenVPN configuration/connection on the access site. I tried using different servers, regenerating the configuration and installing the config. I tried via OpenVPN GUI on macOS, no luck; OpenVPN command (sudo openvpn /user/Downloads/file.ovpn ) via terminal, no luck; same command and process of new server, config, etc, on Kali Linux but no luck. When I connect to the VPN using the commands, the website doesn’t identify it but when I open a new tab and type “curl 10.10.10.10/whoami”, I get the VPN IP, as expected.

Check your interfaces with ip a
You may have connected to the VPN more than once, if so you will need to delete the additional interfaces

That’s a new VM that I just set up but it still gave me problems. Regardless, I’ll try that later (since I’m about to ko)

https://cdn.discordapp.com/attachments/1165363315103498270/1264473728834736301/image.png?ex=669e006d&is=669caeed&hm=fde01d6533d3576784fb0e49df3d6f8e9787073279a3f70161c8e8d921c8e784& 🤔 im having issues submitting the correct answer even though i get the correct command on powershell . is the query wrong? im doing Windows Event Logs SOC level 1 Get-WinEvent -LogName Security -FilterXPath "[EventData/Data[@Name='TargetUserName']='Sam'] and[System/EventID=4720]"

@karmic oak 1 answer: Get-WinEvent -LogName Application -FilterXPath '*/System/Provider[@Name="WLMS"] and /System/TimeCreated[@SystemTime="2020-12-15T01:09:08.940277500Z"]'
2 answer: Get-WinEvent -LogName Security -FilterXPath '/EventData/Data[@Name="TargetUserName"]="Sam" and */System/EventID=4720'

not able to submit the answer

i am 0x4 but i have 0x1 rank

pls help

pls

It's incorrect.
If you want to specify special characters, what symbol do you use?

Do you have a separate THM account (from the one you are using)? If so, you may have to wait and politely ask a mod to unassociate that THM account to your discord ID.

Ty

Gave +1 Rep to @wanton sandal (current: #2142 - 1)

I only have 3 interfaces: lo eth0 and tun0

oh, I just noticed the pinned messages
update: andddddddd, still apparently "disconnected"

hello! I'm having issues accessing Target machines using OpenVPN.
I connect to the vpn as instructed, and i see the " Initialization Sequence Completed".
curl 10.10.10.10/whoami
returns the right ipaddress.
but when I go to the site, there is the red "access machine" button.
I ran the troubleshooting script and it shows nothing is wrong.
but when i enter the target ip in my browser, the site refuses to connect.

That page is broken, just ignore it 🙂

Which room are you doing?

Network Services

You don't need to connect with the ip in the browser.

Each task has its own thing. First machine is smb.

so i just need the target ip to be active but not access it?

Does somebody can helps me ?

Some targets have different ways to access.

That's your own connection

okay, thanks!

Gave +1 Rep to @weary spindle (current: #1 - 2522)

What means? My network has some wrong?

Is there any way to download this file to my local system?

FYI.. I developed that room, and that's my file 🙃

A slightly more complicated way is to open MSF on your Kali and generate an MSF shell. Then, open the HTTP service on Kali to download the shell file from the target machine and run it. You can then download any file from the target machine on Kali

Yes

Hey guys, a ran into a problem, the excersise lab doesn't work in Windows Forensics 1 and Investigating Windows. The machine is opening in split view, i'm recieving an IP, but i dont actually see the machine, just a black screen. Could anyone help me pls?:)

Reach out support.

help me

Describe your issue. We can't read your mind.

hello please i have so trouble when i want to access to some machine ip nmap and ping it work but in firefox it's not work

i use script troubleshooting thm

i don't know what's the problem

it just search for ip but bo results of error or any proxy problem just loading without output

Are you using a VM?

my local machine

ping and nmap work correctly ffuf work correctly

but the Firefox no

Is there a webserver on port 80?

yes

Are you using Linux?

yes

sudo ip link set dev tun0 mtu 1200

it stay like this hour and hour without output

i try it

Leave your VPN running.

i use thm troubleshooting

script

and tell me about mtu

w and i conf it

ffuf it work corrctly

every room that i open Firefox have the same problem and i try to restart the machine on TryHackMe with a new ip but the same

Hi I'm in room: [TryHackMe]
Splunk: Data Manipulation

Task 6: The url to regex101.com goes to a room that doesn't exist called reg101.com, if someone types that into their browser it brings them to a domain registration site.

Thought that might want to be fixed at some point to avoid confusion.

Also further down in that tasks it refers to the wrong command to start splunk

/opt/bin/splunk restart

When it should be

/opt/splunk/bin/splunk restart

Hello Pals, Can anyone help me out on how to blast bulk email at once.

hi i am in network services and have been stuck for a bit trying to get enum4linux to work . i have a no reply from target ip in the nbtstat and a global workgroup concatenation error. can any one help?

Hello, I tried to log in to VPN in both the company environment and at home, but it didn't work and the prompt was' check your network connectivity '
Have all IP addresses in China been blocked?

This problem has been bothering me for a long time. I have tried many methods, even reinstalling the system, resetting the router, changing the VPN file, and trying to log in in in different network environments, but the error messages are the same

If you are connecting from China, chances are, you might not be able to connect via VPN as the government is cracking down on VPNs as they don't want folks bypassing their great firewall.

Where are you running enum4linux from - Attackbox or your VM? If the latter, are you connected to THM OpenVPN?

https://tryhackme.com/r/login/sso

@wind wedge is this for who has Bussiness THM acc? ^^^

Not getting audio form my attack box

Hello

Im getting this error when Im logging into the Active Directory DC using xfreerdp

https://tryhackme.com/r/room/winadbasics

I have tried the following command

When connecting through rdp, I am unable to login to the machine using the given password

But I am able to access the machine using Split-Screen-View without the hassle of inputing the logging the credentials. It all okay for me. Just wanted to know why is this happening?

Vm box firefox browser not working even though I checked the internet connection, and cleared cache. Please help!

Try this command.

Sub in your machines IP obviously.

Ok thanks

Gave +1 Rep to @turbid gorge (current: #161 - 43)

it worked

Just saw that I was connecting to the wrong domain

Noob Mistake 😅

hi i was using the attack box through browsers. i tried some work arounds but i think it is a bug within the samba and i havent been able to figure it out yet. here is the message--- Use of uninitialized value $global_workgroup in concatenation (.) or string at /root/Desktop/Tools/Miscellaneous/enum4linux.pl line 437.
[E] Server doesn't allow session using username '', password ''. Aborting remainder of tests.

Hello i submited this ticket last week and has been over 5 days and have not recived any response and not been able to do any of the courses 😦

Ticket ID 30628

I am getting an error opening configuration file: .ovpn

I have tried all the steps in the recommendation and also have reinstalled the OS and done different servers and regenerated the file still a problem

Any help would be appricated as i have not been able to do Try Hack me for 5 days now 😦

i have the solution for you @heady root

Whats the solution mate would be most grateful 🙂

you need to regenerate and download another region config pack

you can try us one

Change your

server until it finally works

i had the same problem

Ok let me try

did itt work?

Just trying all the servers

No luck at the moment 😦

sometimes europe servers are not working

No luck

all?

Yeap i have tried every server

BUT WHAT IS THE PROBLEM

So annoying as i am paying for this

YOU ARE PREMUIM RIGHT

Yes let me get you the error message

CAN YOU GIVE ME SCREENSHOT

OF

PROBLEM

bit of a silly question guys but when im in web developer tools

im trying to change some code from id=50 to id=1

and its not letting me edit anything

VM box? You referring to your VM and not Attackbox?

If you are a subscriber, you may try connecting to one of the VIP servers. Also, from which location are you connecting from?

After switching your server, wait for about ~2 to 3 minutes before generating your ovpn config file.

What is the exact command you are running?

found a problem in the Threat Intelligence Tools on task 7 "From Talos Intelligence, the attached file can also be identified by the Detection Alias that starts with an H...". after giving the sha256 hash of the Email2.eml to Talos it finds it, but the answer is nowhere to be seen. only got it from looking into medium.com to confirm i didn't do anything wrong .

can't post screenshots but the hash is "97028b1b198af6da1043b78e40e1efe519fe3def754cd9d1f29380ca11e5c361" and the answer is "HIDDENEXT/Worm.Gen" coming from the detection alias in talos

enum4linux -a and ip of the machine

I am trying to sign up to website but everytime it shows Captcha has failed. pls help !

If you pause subscription do you still have to pay?

@rare ore any idea?

like @steep pelican said, might need to post the last 5-6 lines , does it say ?

i have peer-id: 29 and no compression after that

ill send more tho 1 sec

looks good to me, whats not working for you?

the command line supposed to be blank?

can i just do new tab

it means its running, you can open a new tab

Yes, seems you are connected. There will nothing more happen.

yeah

ok thanks

also do you have nod on twitter?

thats a sweet alias

Now you can test to connect to 10.10.10.10

yea it works thanks boys

Hi everyone 👋, I'm looking for help setting a streak goal. Specifically, I want to set a goal and have the website remind me so I don't forget.

Hi guys any idea on this error ? I tried multiple things but I can't access to the vpn

The website sometimes sends you daily emails.

But i think it's hit or miss with some mailboxes.

i mail to tryhackme for reset progress not delete account and they deleted my account lmao

Which country are you in?

Which server are you using?

Yeah, that's reseting your account.

They can't reset it without deleting

now i lost my username

and cant take it back because system saying its already use

You might need to email support for help with that.

What is your username?

caesar00

You may need to switch to an upper-case c, or mail support.

In my opinion is some kind of issue with Kerberos in room (CVE-2022-26923): https://tryhackme.com/r/room/cve202226923

while testing a ticket I got error:

**certipy auth -pfx thm.pfx
Certipy v3.0.0 - by Oliver Lyak (ly4k)

[] Using principal: thm@lunar.eruca.com
[] Trying to get TGT...
[-] Got error while trying to request TGT: Kerberos SessionError: KDC_ERR_PADATA_TYPE_NOSUPP(KDC has no support for padata type)
**

Both attachebox and openvpn have the same symptom. Restarting the machine does not help.

Hi. I'm having problems on starting the Network on room - Breaching AD
When I click "Start" this is the error message: "Uh-No! Failed to start the network"
I tried the other AD rooms and always the same error message

France, i'm using eu 1

quick question. Can I keep attack box running through multiple curses or do i need to terminate it everytime

You can leave it running 🙂

thanks

Hello everyone, I have a small question about the THM subscription. Since it's my first time, I forgot to unsubscribe to cancel the auto-renewal in order to take a break to properly assimilate what I have learned. So, if I click on pause for a month, my subscription will be valid again between August 23 - September 23? If I don't cancel the auto-renewal around September 22, it will resume, is that correct if I understood correctly?

From my understanding, yes.

However I may reach out to staff for some clarification so I can best help members.

@wind wedge are you free for a bit of advice?

Okay thanks for your opinion, i ll ask the support directly on the website then

I mean, I just pinged them, but sure. 🙂

When you pause a subscription i’m pretty sure you pay then after a month it resumes.

That’s correct, if you pause today it will resume on the 23rd August. You will have to cancel the subscription if you don’t want it to auto renew

Thanks for the clarifications 👍

Gave +1 Rep to @wind wedge (current: #52 - 143)

Thanks👍

guys why i cant see this room
i have the link

It's an older room that has been made private.

is this really what im paying for?...

You'll need to contact support regarding this.

So how to open it ?

the support bot on thier website?