Doesn't work

Okat so It's side wide error from their end

Sometime, it work

Why......

Guess It's HackTheBox time then

Yes. Lol

Let's HACKTHEBOX BRO

https://tenor.com/view/mr-robot-elliot-alderson-rami-malek-gif-18226887

Fix that bug Bro

Email support

i try to connect tryhackme
kali said initalize completed
but browzer shows offline and dosnt show ip
how can i do

Can you connect to 10.10.10.10

yes

is it related to firewall thing？

sorry it said online but doesn't　show virtual ip

The access machines page is broken.

yo guys im trying to connect via openvpn
i downloaded the EU-VIP 2 files and when i try to connect i get stuck on this
any help pls

virtual machine ^

You are connected successfully

It’s supposed to hang, you need to keep that open :)

ah i see i thought it should say successfully connected or something

i connected but on the website it says not? i did refresh nothing changed

Ignore the website^
You can check whether you are connected by trying to access 10.10.10.10 in your browser

perfect

got it, thank you

Hi just to say that your soluition works properly thks for help

Hi everyone,

I can't connect to the network of my room (lateral movement and pivoting) even after trying the vpn method on my own computer or the attackbox.

The vpn works but the interface state is UNKNOWN when I type "ip a"

The command to set the dns server and domain seems to not working.

Help me please 🙏

Hi there! I'm having issues purchasing a monthly subscription (I'm not sure what channel is best to report this) - I read online people have been having issues making payments using Mastercard, and I seem to be one of those individuals. The main issues being according to my bank THM is based out of London and they won't let my card go through. I was hoping maybe there was another way to pay as I've attempted to process with PayPal/Venmo as well and get the same issue when discussing it with PayPal or Venmo. The bank for my secondary card is off as it's Saturday and won't return until Tuesday of next week but wanted to see if there were any other ways to purchase the THM Premium Subscription. I'm from the US if that helps at all

Can you share a screenshot of ip a?

It works now. I Left the room and enter again

Hello. I'm having a billing issue. I recently switched from a monthly to an annual subscription. Now my account prompts me to "Go Premium"

nslookup thmdc.za.tryhackme.com
;; communications error to 127.0.0.53#53: timed out
;; Got SERVFAIL reply from 127.0.0.53
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can't find thmdc.za.tryhackme.com: SERVFAIL

i get this

Please do not multipost: I have answered to you in #room-help

hello i can't download my VPN configuration from the website

You can try switching b/w the servers, regenerating the configuration file followed by waiting for some time (a few minutes) and then download

Yea like b0rk said
try to regenerate the config file then wait a few minutes before downloading it again!

It worked for me

need help in Boogeyman 3, i connected via vpn and waited more than 15 mn but still the page doesn't work, i can ping the ip, nmap works too but nothing loads up it just says : Kibana server is not ready yet.
Ps : i tried another ip but same prob
Edit : guess third time relaunching the machine works xD

Usually, you'll have to stop your monthly subscription first and subscribe to an annual one. Has the payment been deducted to your account?

yes it was deducted.

There’s a feature now where you cna upgrade striaght from monthly to annual

Suggest to drop an email to THM Support.

@fallen quiver

Did your bank say if it is bank policy or is the block coming from THM-side? It is not uncommon to have those procedures or controls in place for anti-money laundering and fraud prevention purposes, but they usually have procedures to override those once the purpose is confirmed.

yeah that's what I did

Thanks. Sent one off.

Gave +1 Rep to @ivory spruce (current: #11 - 672)

Take note that THM Support may not be able to reply in a day or two (@wind wedge can confirm), but be patient as sending another email will put you at the back of the queue.

thanks. I will be patient. Hopefully it won't take too long. I no longer have access to my learning plan. Doing "side quests" to keep the streak going. lol

Yes I did - verified with their after hours support but they didn’t have the authority to approve the transaction, will just have to wait until Tuesday which is no biggie - gives me a chance to practice what I’ve learned so far 🙂

I had the same issue initially. I had to call my bank to authorize the purchase. Took about 5 mins, but went through.

Yeah, support is back open on Monday

Thank you all for fixing the linux foundations 1 & and >> bugs. Feels good to be able to progress through the lesson ❤️

Hi can someone help me i am in room IAM Principals on IAM users Tab. i login to aws with cloud details data and i create aws credential profile. On gui i have this info everywher in iam "Access denied
You don't have permission to iam:ListUsers. To request access, copy the following text and send it to your AWS administrator. Learn more about troubleshooting access denied errors.
User: arn:aws:iam::711387107278:user/711387107278
Action: iam:ListUsers
On resource(s): arn:aws:iam::711387107278:user/
Context: no identity-based policy allows the action" and in aws cli "❯ aws iam list-users --profile thm

An error occurred (AccessDenied) when calling the ListUsers operation: User: arn:aws:iam::711387107278:user/711387107278 is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::711387107278:user/ because no identity-based policy allows the iam:ListUsers action". Can someone help me

Hi please help me when I try to join room nothing changed

Reset the room or log out and in again

this not work for me

[Intercom] Launcher is disabled in settings or current page does not match display conditions
in console this error appear

[Intercom] The App ID in your code snippet has not been set. Set it to your App ID found in settings to complete installation: https://app.intercom.com/a/apps/_/settings/web

hey, does breachingad work with attackbox? having issues with dns
https://tryhackme.com/r/room/breachingad

seeing tons of people ask abt it for months. yikes.

does not work

Breaching AD does work with the AtttackBox, but, because of an issue with the room, you have to download the VPN configuration for the Breaching Active Directory network to the AttackBox and run openvpn with that file to get an interface called breachad

Have you got a breachad interface up and running: without that, the DNS config will fail

yeah no i did not

i did connect to openvpn from my kali vm

was surprised it didnt work from my host windows

openvpn i mean

well at least it works now

thanks guys

I spent some time yesterday wiith @inner hearth and @keen scroll on that same problem
I suggest you go through all the messages we exchanged then, so you can see whether that fixes it for you too:
from this message:
#room-help message
till this message:
#room-help message

Can you share screenshot and explain context?

yup, thanks

My friends Learning page has a "Road Map" option, but mine doesn't?

That’s intentional

What do you mean?

Hi, i have troubles today with the attacker machines, i have to termiate it redeploy again because it not reacting to anything, closing opening clicking into terminal or webbrowser, has someone similar issues today?

It's possibly in A|B tesing right now.

I have not experienced that myself
Hence, I can only offer some suggestions:

• have you had the AttackBox running clean before? If yes, it is worth wondering if you have made any changes to your local setup (VPN, network connectivity, OS, browser, antivirus, etc.)
• the other area worth considering is to disable all extensions in your browser, or switch to another browser (without extensions) altogether

Hi Shy1, yes started clean machine, i didn't changed anything in browser, it worked with my extensions previously

Any chance to try another browser?

it seems to work now for a while, sinde two crashes, it works again propertly

thanks

Same browser?

yes

can i share a premuim account features to my tryhackme friends?

how so?

i am asking if it is possible

There are referrals, that you can use

That's not sharing the features but gives you and your friend (new to TryHackMe) joining the premium a bit of credits.

i knew about that, thx, i wish one day they make a sale on the annual package🙏

THM often has Black Friday deals on the annual package

ohhh i see

will look forward to that

Maybe on THM Twitter or by googling you will see the ones of the previous years

iirc you could not take advantage of these deals while you had a subscription already running, so you had to time the end of your current subscription in order to start a new one with the promo deal

maybe this is for another channel like #subscriber

I cannot help you with that issue, but look at this message: it may get the troubleshooting starting:
#site-support message

A generell question how long does it usally take for a response on the thm website email support ?

Usually 1-3 days depending on volume of tickets. We don’t work weekends and are UK based. Support hours are usually 9-5 but can vary sometimes

Hey guys. I'm trying to solve "Fowsniff CTF" room, but I can't ping the machine from my own kali machine!
I'm in the THM network, and even tried to start attack box and ping it's IP and I could do that. But still can't ping this specific machine, tried to restart everything but no use. Any suggestions?

Do you ping ever machine when you boot it up?

yes, to make sure I can contact with it. then start doing the tasks.
and also I tried to ping the "Fowsniff CTF" room machine from the attack box and I couldn't. is that normal? am I missing something?

Not all machines respond to pings

It can be...

Which os is the fowsniff?

this one: https://tryhackme.com/r/room/ctf
so, do you recommend any other way to know that I'm connected correctly to such machines?

Is there a reason THM is telling me the Captcha request has failed when I try to log in? I didn't even see one. I've tried using an incognito browser, changing my IP address, restarting the modem, what's going on?

I found out now the machine responds to other requests, tried nmap and worked, sorry for bothering you and thanks for ur time.

Gave +1 Rep to @weary spindle (current: #1 - 2716)

Didn't bother me

You learned something

yeah, I did!

I'm new the the site and I'm having some issues with target pages loading within the Jr Penetration Tester Path > Introduction to Web Hacking Course > Content Discovery and Authentication Bypass rooms. The Acme target site doesn't allow me to connect to it and I can't proceed with the lessons. Is there something in particular I should be doing to connect? I'm on Chrome.

just started the target for Content Discovery, and it worked for me
Are you on the AttackBox or your own local VM through the VPN?
Authentication Bypass OK too

Thank you for the quick response! I think I found my problem. I was starting the machine, but then going to the target through my own browser instead of starting the AttackBox and going through there.

Gave +1 Rep to @upbeat quarry (current: #78 - 87)

I am creating new ctf (planing yo make it hard difficultly) any tips?

If u have any guidelines that will make it easier to deploy then please inform me about them.

Hey all anyone that assist me on getting my THM 2fa reset for one reason or the other the app that I setup for THM has removed the account how can I get it reset and setup a new app, I do have the backup codes so I can still login but when I try to remove the 2 fa it ask me for the code from the app

HELLO
I CANT RESUME MY Subscription
it says that Subscription paused when i try to resume it doesnt show anything
when i click suscribe now it dosnt show me any payment option

@scenic torrent

@weary spindle

anyone?

You'll need to contact support.

should i messege the same

Yes.

Hi Team,
I am facing high ping when I am connected to thm. When I ping 8.8.8.8, its normal. But not the target machine. Kindly please advise what should I do next

Steps done

1. I have tried different VPN files from different region.
2. I have regenerated the files but issues persists
3. sudo ip link set dev tun0 mtu 1200

┌──(root㉿kali)-[/opt]
└─# sudo ip link set dev tun0 mtu 1200
                                                                    
┌──(root㉿kali)-[/opt]
└─# ping 10.10.192.234                
PING 10.10.192.234 (10.10.192.234) 56(84) bytes of data.
64 bytes from 10.10.192.234: icmp_seq=1 ttl=127 time=252 ms
64 bytes from 10.10.192.234: icmp_seq=2 ttl=127 time=281 ms
64 bytes from 10.10.192.234: icmp_seq=3 ttl=127 time=307 ms
64 bytes from 10.10.192.234: icmp_seq=4 ttl=127 time=320 ms
64 bytes from 10.10.192.234: icmp_seq=5 ttl=127 time=239 ms
64 bytes from 10.10.192.234: icmp_seq=6 ttl=127 time=263 ms
^C
--- 10.10.192.234 ping statistics ---
24 packets transmitted, 24 received, 0% packet loss, time 23047ms
rtt min/avg/max/mdev = 221.771/291.900/453.665/57.778 ms

A while ago someone else had the same. Trying from another VM worked for them.

Also make sure your adapter is on NAT, as that usally works the best

its on NAT

Is the target a Windows box by any chance?

yes attacktive directory

Usually, Windows machines don't respond to ping (by default)

This one does

xd

nmap scan was so slow, and it stopped.

That's the problem, I checked my nmap logs from earlier and it had host is up

What's this?
What are you running ping at?

target ip

Isn't it working?
The time for 8.8.8.8 is lesser because they (Google) have multiple datacenters around the world and the one you are reaching out to is most probably closer than where the THM VPN is running. That's why it's longer for the target machine. One of the main reasons here

The best you can do is use the Attackbox, it's part of the network and would be much closer giving shorter ping time and probably a faster scan too
Or select the geographically closer server from Access on THM site

Sorry, but I can't figure out your problem 😅

Still, 320ms is insane

What could be the reasons here that we can manually fix?

Probably another VM, maybe trying another target machine

But I don't have much ideas neither

Fair enough, me got no ideas either 🥲

But like you said, indeed pick the closest VPN location possible. @gaunt rivet where are you located?

Asia, Malaysia

fedora:~$ ping 10.10.192.234                      16:10:37 [6/6]
PING 10.10.192.234 (10.10.192.234) 56(84) bytes of data.   
64 bytes from 10.10.192.234: icmp_seq=1 ttl=127 time=211 ms
64 bytes from 10.10.192.234: icmp_seq=2 ttl=127 time=194 ms
64 bytes from 10.10.192.234: icmp_seq=3 ttl=127 time=197 ms
64 bytes from 10.10.192.234: icmp_seq=4 ttl=127 time=184 ms 
64 bytes from 10.10.192.234: icmp_seq=5 ttl=127 time=187 ms 
64 bytes from 10.10.192.234: icmp_seq=6 ttl=127 time=188 ms 

Host machine

Could you also screenshot a ping to 10.10.10.10?

fedora:~$ ping 10.10.10.10
PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data.
64 bytes from 10.10.10.10: icmp_seq=1 ttl=63 time=186 ms
64 bytes from 10.10.10.10: icmp_seq=2 ttl=63 time=199 ms
64 bytes from 10.10.10.10: icmp_seq=3 ttl=63 time=202 ms
64 bytes from 10.10.10.10: icmp_seq=4 ttl=63 time=203 ms

 traceroute 10.10.192.234
traceroute to 10.10.192.234 (10.10.192.234), 30 hops max, 60 byte packets
 1  10.9.0.1 (10.9.0.1)  180.146 ms  192.801 ms  192.761 ms
 2  10.10.192.234 (10.10.192.234)  193.536 ms  193.484 ms  193.081 ms

So indeed the connection to the VPN.

Are you on WiFi or on ethernet?

wifi

Mmm. Do you have the resources to try ethernet?

not atm, but working on it

Mmm okay

And which VPN server are you on, right now?

at office, they have some blocking atm. the IT team working on it. I could try once they have settled it

for ethernet connection

EU-Regular-2

Could try an Australia one?

aust one even worse xD lemme send you the ss

Oh okay xd

And are you on a work device / in your works network?

personal laptop but using work internet

dont have any restrictions on my laptop

Mmm, could be a firewall inspecting VPN traffic maybe?

Do you have cellular connection to test on?

i did also, issue persists. Lemme try on the host machien

for aust

traceroute 10.10.192.234
traceroute to 10.10.192.234 (10.10.192.234), 30 hops max, 60 byte packets
 1  10.4.0.1 (10.4.0.1)  112.644 ms  112.671 ms  112.695 ms
 2  * * *
 3  * * *
 4  10.10.192.234 (10.10.192.234)  369.264 ms  369.314 ms  368.303 ms

Are you running the VPN on your host guest and doing your tests to THM target on your VM?

Obviously

Really Shy1?

Just for test purpose

To verify the issue

🫢

No this is a ping + vpn from the host machine

Ping and vpn both on host machine

BTW, Shy1 and Deditio. How much are you getting? ATM, I cannot check

Cannot check neither

But if it was that slow for everyone, I can assure you, there would be more people here

10.10.40.201 is the Attacktive Directory box

Hi everyone

Just tried with my phone hotspot. Issue persists. Lemme try another machine

Where are you from?

Europe

Could you please try aus vpn just to see the frequency

using Australia

I tried with kali vm which is on another host machine(windows). Issue persists

Is the performance of today different from previous days? Do you have ideas/numbers of ping latency of other days?

Ive been facing this issue since yesterday

It's the same

And before yesterday? It was normal?

That's normal, as it's the other end of the world 😂

I didn't try. I just started yesterday

Ohh okay

Out of curiosity, what is the ping latency to tryhackme.com?

Just now, i tried with htb vpn. Tried with both eu and us vpn. Issue persists

Less than 20 ms😂😅

So problems on htb vpn too?

Is your openvpn up-to-date?

I think since htb vpn aso causing same issue. Can i rectify that the vpns is not the issue?

Lemme try this. My kali is fresh

You can assume that the issue is on your side, yes

Any differences? 👀

I'm reinstalling kali. Will update once done

👍

Not sure if that makes any difference as it is the same on your host...

Which network are you trying to connect from?

I don't understand your question
From my kali vm to thm vpn?

anyone?
Hey all anyone that assist me on getting my THM 2fa reset for one reason or the other the app that I setup for THM has removed the account how can I get it reset and setup a new app, I do have the backup codes so I can still login but when I try to remove the 2 fa it ask me for the code from the app

Agreed, but lemme just give it a try😅 I'll need to try again with different wifi

Yeah, but where is the network,

Home, word, education hotspot?

Work wifi
Mobile hotspot

Ok, two reason why it might not work.

Wifi-hotspot won't be strong/good enough.

Work network will probably be blocking port 1194, which the VPN uses.

If it did, there would be no connection. But there is a connection, just with high latency

Hotspot will be latency

Yep

Since there's connection but just high ping. I can confirm there's no port blocking, right?

Yeah.

Hi,

I'm facing an issue on Active Directory basics lab.

I couldn't send an image of the error message here. Where can I send it ?

The vm is showing this message: "The remote desktop server has forcibly closed the connection. If this is undesired or unexpected, please notify your system administrator, or check your system logs."

RDP is optional: the target machine will appear in your browser
If you still want to use RDP, start if from your attacking machine, not from the target machine
If you want to share screenshots, you have to verify first with the /verify Discord command

@modern musk

Task 4 for NMAP POST PORT SCANS

The answer doesnt work

and the port it asks you to scan on the VM is closed

all the answers on the internet dont work

Please do not multipost
#room-help is taking care of that

What do you mean?

I have some problem on openvpn connect, and I need some help

2024-09-02 22:43:49 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-09-02 22:43:49 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.
2024-09-02 22:43:49 OpenVPN 2.6.12 [git:makepkg/038a94bae57a446c+] x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] built on Jul 18 2024
2024-09-02 22:43:49 library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10
2024-09-02 22:43:49 DCO version: N/A
2024-09-02 22:43:49 TCP/UDP: Preserving recently used remote address: [AF_INET]..96:94
2024-09-02 22:43:49 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-09-02 22:43:49 UDPv4 link local: (not bound)
2024-09-02 22:43:49 UDPv4 link remote: [AF_INET]...96:*94
2024-09-02 22:44:49 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2024-09-02 22:44:49 TLS Error: TLS handshake failed
2024-09-02 22:44:49 SIGUSR1[soft,tls-error] received, process restarting
2024-09-02 22:44:49 Restart pause, 1 second(s)

someone can give me suggestion?

Which server are you using?

Which OS are you using?

manjaro

And which server are you using?

I tried EU-VIP-1 and US-WEST-VIP-1

Which country are you in/

I'm on VIP-1 now.

China, It's GFW worked?

when stop clash,i can't access google/discord etc

OpenVPN is blocked in China, so you can't use it.

You'll need to use the attackbox.

I got it.Thanks bro

Not sure if right channel for this, lmk and I'll repost elsewhere if appropriate.

some tricky / annoying questions about discord verification:

will my employer be able to see that I'm here? (it's their subscription)
inversely, will THM backend be able to track my discord activity and tie it to my THM ID
if yes to either of the above, is there an alternative verification method that avoids these

Just privacy concerns really

No, there is no notification to say it's verified.

Yes, thm admin and mods can see which account is linked to which token

Even if your employer was to join the server.

They won't know who is who unless you tell them.

Or do something stupid like post a screenshot with your pfp.

The bot is completely public, you can see everything for yourself^

Thank you

Just tried with home wifi

┌──(kali㉿kali)-[~/Downloads]
└─$ ping 10.10.153.160 -c 4
PING 10.10.153.160 (10.10.153.160) 56(84) bytes of data.
64 bytes from 10.10.153.160: icmp_seq=1 ttl=127 time=182 ms
64 bytes from 10.10.153.160: icmp_seq=2 ttl=127 time=183 ms
64 bytes from 10.10.153.160: icmp_seq=3 ttl=127 time=182 ms
64 bytes from 10.10.153.160: icmp_seq=4 ttl=127 time=177 ms

--- 10.10.153.160 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 177.394/180.834/182.713/2.036 ms
                                                                                                                            
┌──(kali㉿kali)-[~/Downloads]
└─$ ping 10.10.10.10 -c 4  
PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data.
64 bytes from 10.10.10.10: icmp_seq=1 ttl=63 time=180 ms
64 bytes from 10.10.10.10: icmp_seq=2 ttl=63 time=180 ms
64 bytes from 10.10.10.10: icmp_seq=3 ttl=63 time=180 ms
64 bytes from 10.10.10.10: icmp_seq=4 ttl=63 time=180 ms

--- 10.10.10.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 179.593/179.902/180.182/0.228 ms
                                                                                                                            
┌──(kali㉿kali)-[~/Downloads]
└─$ traceroute 10.10.10.10 
traceroute to 10.10.10.10 (10.10.10.10), 30 hops max, 60 byte packets
 1  10.23.0.1 (10.23.0.1)  188.643 ms  188.709 ms  188.843 ms
 2  10.10.10.10 (10.10.10.10)  188.883 ms  188.919 ms  188.950 ms
                                                                                                                            
┌──(kali㉿kali)-[~/Downloads]
└─$ traceroute 10.10.153.160
traceroute to 10.10.153.160 (10.10.153.160), 30 hops max, 60 byte packets
 1  10.23.0.1 (10.23.0.1)  180.368 ms  183.751 ms  183.861 ms
 2  * 10.10.153.160 (10.10.153.160)  183.819 ms *

also i tried nmap -p- -T5 --host-timeout 30m 10.10.73.91

Which room?

I have followed the link to get my discord token but it’s not straight forward on the website . How do I get my discord token? So I can verify as I can’t send messages

Click on your profile picture, Manage Account and scroll down

Manage account > scroll down

Got it all sorted out. Thanks for the support and tips from all. @wind wedge

Gave +1 Rep to @ivory spruce (current: #11 - 675)

Hello, does anyone know why I keep getting Upload ID is required when I'm trying to start a machine? I've tried the following:

• Re-logging
• Rejoining the room
• Clearing browser cache
  None of the above seems to help.

Please how do I solve this problem? I m stuck here

Your screen is really warped.

But you need to follow along with the static site,

• Choose an IP
• Block the IP

I do not have an answer to that question, but you could consider documenting further the issue referring to this message:
#site-support message

So, as previously said by @weary spindle , wifi is not great/good enough: we have seen this at your work place and now at your home, with the same kind of latency
You said you would try to arrange Ethernet at work: I hope that works
PS: night time for you in Malaysia!

Hello !!

I'm experiencing issues connecting to the OpenVPN service from Switzerland. Here are the details:

Environment:

• OS: Darwin 14.6.1
• Architecture: arm64
• OpenVPN Version: 2.6.12
• Kernel Version: 23.6.0
• Configuration: Tried EU-REGULAR 1-4 and EU-VIP 1-2

Steps taken:

1. Downloaded OpenVPN for ARM architecture
2. Imported configuration files
3. Attempted connection via GUI and CLI

Both method timeout. I've attached part of the logs from the CLI and GUI attempts.

Questions:

1. Could my location (Switzerland) be causing this issue?
2. I see warnings about compression, cipher and unsupported / unused options. These warnings are across all .ovpn files. Any idea why ?
3. Are there any additional troubleshooting steps I should try ?

Thank you for your help!

2024-09-02 19:11:05 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-02 19:11:05 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-09-02 19:11:05 OpenVPN 2.6.12 aarch64-apple-darwin23.4.0 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [MH/RECVDA] [AEAD]
...
2024-09-02 19:12:05 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2024-09-02 19:12:05 TLS Error: TLS handshake failed

⏎[Sep 2, 2024, 18:47:43] NOTE: This configuration contains options that were not used:
⏎[Sep 2, 2024, 18:47:43] Unsupported option (ignored)
⏎[Sep 2, 2024, 18:47:43] 0 [resolv-retry] [infinite]
⏎[Sep 2, 2024, 18:47:43] 1 [persist-key]
⏎[Sep 2, 2024, 18:47:43] 2 [persist-tun]
⏎[Sep 2, 2024, 18:47:43] 3 [data-ciphers] [AES-256-CBC]
...
⏎[Sep 2, 2024, 18:47:53] Server poll timeout, trying next remote entry...

any suggestion on fixing this error while connecting using openvpn ?
tryhackme@<ip>: Permission denied (publickey).

do i need to add my public key to the THM VM

What room is this that you trying to connect to?

https://tryhackme.com/r/room/introtooffensivesecurity

Doesn't seem like you SSH into that room at all - what are you trying to do?

I've connected with the openvpn perfectly fine
then i am trying to ssh into the Target Machine and i face this error

I understand that but you don't need to SSH into the victim machine to complete that room

it is very slow on the browser i want to test it out on the terminal

Did you follow the steps outlined in the task?

Ah well that's not how this room works - not every room allows or requires SSH access

How is that ?,
I've configured the openVPN as it is a free way to access the VMs on terminal

it does give me an IP so i can ssh into it

You could probably still do the room from your own VM - you just run the tools like gobuster and the like from your VM against the victim

Though that room does have its own wordlist it seems, so you may want to just do it via browser

what I think is that is something related to keys

debug2: pubkey_prepare: done
debug1: Offering public key: /home/mohrazzak/.ssh/id_rsa RSA SHA256:<rest of key> agent
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/mohrazzak/.ssh/id_ecdsa
debug3: no such identity: /home/mohrazzak/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/mohrazzak/.ssh/id_ecdsa_sk
debug3: no such identity: /home/mohrazzak/.ssh/id_ecdsa_sk: No such file or directory
debug1: Trying private key: /home/mohrazzak/.ssh/id_ed25519
debug3: no such identity: /home/mohrazzak/.ssh/id_ed25519: No such file or directory
debug1: Trying private key: /home/mohrazzak/.ssh/id_ed25519_sk
debug3: no such identity: /home/mohrazzak/.ssh/id_ed25519_sk: No such file or directory
debug1: Trying private key: /home/mohrazzak/.ssh/id_xmss
debug3: no such identity: /home/mohrazzak/.ssh/id_xmss: No such file or directory
debug1: Trying private key: /home/mohrazzak/.ssh/id_dsa
debug3: no such identity: /home/mohrazzak/.ssh/id_dsa: No such file or directory
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
tryhackme@<ip> Permission denied (publickey).

Yes permission is denied because you do not, nor are you supposed to, have SSH access

I will never be able to ?
or its just some type of vms on THM

Most THM rooms can be completed from your own VM, how you access the room's VM is not always through SSH though

Thanks for the reply, I'll look into it further then.

Gave +1 Rep to @upbeat quarry (current: #74 - 93)

Thanks

Gave +1 Rep to @gleaming flume (current: #45 - 171)

For some reason this only happens when I'm not in full screen when I get the Large screen recommended error. When I go to full screen, I'm suddenly able to start a machine. Can anyone tell me where I should report this?

Hey!,
As for the password on ssh into an attack box
What is it ?

There is this channel: #site-bugs , which seems appropriate, but I have never reported anything myself

Alright, I'll look into that. Thanks 👌

Gave +1 Rep to @upbeat quarry (current: #74 - 94)

1. I do not think that Switzerland is an issue for the VPN
2. I have some warnings myself , but not the Unsupported optionsYou can compare your openvpn output to mine in the attached file
3. additional ideas:

• can you use your setup with openvpn for another VPN
• can you confirm port 1194 is not blocked at your end
• can you use THM VPN with another computer/VM?
• are you on a wired connection to the internet (not wifi/cellular/satellite)

hi could I please update my discord token? :)

Same attractive directory

Yup, understood. Thanks alot!

Gave +1 Rep to @upbeat quarry (current: #73 - 96)

You'll have to wait for a mod to see your message.

guys still no solution to my suscription

ive contacted the sipport team still no response

I CANT RESUME MY Subscription
it says that Subscription paused when i try to resume it doesnt show anything
when i click suscribe now it dosnt show me any payment option

see

If you've contacted support then just wait for their response, payment issues aren't handled over discord

i did not pay anyhting yet

i want to pay

but they are not letting me pay ....lol

Hmm, email support is still probably the best place

When did you contact them? Please be patient and they will respond to you when they go through your ticket.

its been more tha a day

i didnt raise ticket

just mailed them

Yeah.. the standard response time is ~1 to 3 days and they don't work on weekends.

ticket asks me about payment date....

ohh

my streak will go then?

This will be the ticket. Maybe share a screenshot and that you wish to pay but cannot proceed.

This can be resumed by THM Support, you'll just need to drop them an email.

can you share the mail please

@eager forum

thanks

@bronze vale
Checking if THM is OK with this

Thanks for the ping :)

Gave +1 Rep to @upbeat quarry (current: #73 - 97)

Hello every one. I have a trouble to use thm openvpn for connecting to attacked machine. After success connection via openvpn to thm, I check my vpn connection by ping 10.10.10.10 but got only for 5-6 first packets, other next packets will be lost (((
I check all article about issues with vpn but could not finde answer what is going wrong
and why my vpn do not work prorerly

Just going through Active Directory Basics, and on Task 4 where you have to use the machine to log onto different users to change passwords using RDP. Its just not working? Anyone have a fix for it?

Have you started the starget machine in Task 2 by pressing the green Start Machine button?

Yes. That and the attack box. I was following the tasks as it goes changing the user permissions, and then it wants you to log onto phillip using THM\phillip with RDP but it just errors. No idea

Log out then log in with phillip, or switch user

I tried that, logging out disconnects the machine :/

Idk if im going crazy or not

I'll check.

Coolio. Thanks

GIF incoming.

As you can see from my GIF, I was able to log in to Administrator, log out, then log back in as phillip.

what is wrong with vpn?

Nothing, you could ping 10.10.10.10

You were connected and pinging.

Ahh, I assumed it wanted to use the Remote Desktop software within the adbasics. My fault. I'll get on it. Thanks!

Gave +1 Rep to @weary spindle (current: #1 - 2723)

but i could get response for first 5-6 ping request, the others ping packets will be lost

ping 10.10.10.10
PING 10.10.10.10 (10.10.10.10) 56(84) bytes of data.
64 bytes from 10.10.10.10: icmp_seq=1 ttl=63 time=65.3 ms
64 bytes from 10.10.10.10: icmp_seq=88 ttl=63 time=68.8 ms
64 bytes from 10.10.10.10: icmp_seq=89 ttl=63 time=65.8 ms
64 bytes from 10.10.10.10: icmp_seq=90 ttl=63 time=71.7 ms
64 bytes from 10.10.10.10: icmp_seq=91 ttl=63 time=66.0 ms
64 bytes from 10.10.10.10: icmp_seq=92 ttl=63 time=68.5 ms
64 bytes from 10.10.10.10: icmp_seq=120 ttl=63 time=56.7 ms
64 bytes from 10.10.10.10: icmp_seq=121 ttl=63 time=57.2 ms
64 bytes from 10.10.10.10: icmp_seq=122 ttl=63 time=57.2 ms
64 bytes from 10.10.10.10: icmp_seq=149 ttl=63 time=80.8 ms
64 bytes from 10.10.10.10: icmp_seq=150 ttl=63 time=60.9 ms
64 bytes from 10.10.10.10: icmp_seq=151 ttl=63 time=57.5 ms
64 bytes from 10.10.10.10: icmp_seq=169 ttl=63 time=65.7 ms
64 bytes from 10.10.10.10: icmp_seq=170 ttl=63 time=72.5 ms
64 bytes from 10.10.10.10: icmp_seq=242 ttl=63 time=125 ms
64 bytes from 10.10.10.10: icmp_seq=243 ttl=63 time=67.6 ms
64 bytes from 10.10.10.10: icmp_seq=244 ttl=63 time=65.1 ms
64 bytes from 10.10.10.10: icmp_seq=245 ttl=63 time=64.6 ms
64 bytes from 10.10.10.10: icmp_seq=246 ttl=63 time=226 ms
64 bytes from 10.10.10.10: icmp_seq=247 ttl=63 time=353 ms
64 bytes from 10.10.10.10: icmp_seq=248 ttl=63 time=68.1 ms
^C
--- 10.10.10.10 ping statistics ---
321 packets transmitted, 21 received, 93.4579% packet loss, time 859158ms
rtt min/avg/max/mdev = 56.663/89.688/352.816/69.050 ms

There's an issue on your network.

Check the output of your VPN and see if it's either;
a) restarting
b) Network is unreachable.

but for others hosts like google ping is well

no lost packets

only for 10.10.10.10

If it was the VPN, there would be a high increase of users reporting.

However as you're not giving the information I've requested twice, it will be almost impossible to help diagnose the issue.

sorry, what the information do you request? Could you repeat please. I spend whole day try to solve my issue with vpn (((

Hi,

I can't post a writeup from my medium blog since it's telling me "invalid url" . What's wrong ? :

It's a known issue to the staff.

Thanks for the help @weary spindle! Got it in the end.

Gave +1 Rep to @weary spindle (current: #1 - 2724)

after restarting vpn the same issue

PING 10.10.33.98 (10.10.33.98): 56 data bytes
64 bytes from 10.10.33.98: icmp_seq=0 ttl=61 time=554.874 ms
64 bytes from 10.10.33.98: icmp_seq=1 ttl=61 time=577.415 ms
64 bytes from 10.10.33.98: icmp_seq=2 ttl=61 time=598.215 ms
64 bytes from 10.10.33.98: icmp_seq=3 ttl=61 time=527.253 ms
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
Request timeout for icmp_seq 7
Request timeout for icmp_seq 8
Request timeout for icmp_seq 9
Request timeout for icmp_seq 10

only 4 ping request completed

What does the output of your VPN say?

sudo openvpn ~/Downloads/a500.ovpn
[sudo] password for kali:
2024-09-03 09:12:18 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-09-03 09:12:18 Note: cipher 'AES-256-CBC' in --data-ciphers is not supported by ovpn-dco, disabling data channel offload.
2024-09-03 09:12:18 OpenVPN 2.6.12 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2024-09-03 09:12:18 library versions: OpenSSL 3.2.2 4 Jun 2024, LZO 2.10
2024-09-03 09:12:18 DCO version: N/A
2024-09-03 09:12:18 TCP/UDP: Preserving recently used remote address: [AF_INET]54.76.30.11:1194
2024-09-03 09:12:18 Socket Buffers: R=[212992->425984] S=[212992->425984]
2024-09-03 09:12:18 UDPv4 link local: (not bound)
2024-09-03 09:12:18 UDPv4 link remote: [AF_INET]54.76.30.11:1194
2024-09-03 09:12:18 TLS: Initial packet from [AF_INET]54.76.30.11:1194, sid=0ceb6d34 0c53a0f9
2024-09-03 09:12:18 VERIFY OK: depth=1, CN=ChangeMe
2024-09-03 09:12:18 VERIFY KU OK
2024-09-03 09:12:18 Validating certificate extended key usage
2024-09-03 09:12:18 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-09-03 09:12:18 VERIFY EKU OK
2024-09-03 09:12:18 VERIFY OK: depth=0, CN=server
2024-09-03 09:12:19 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519

2024-09-03 09:12:19 [server] Peer Connection Initiated with [AF_INET]54.76.30.11:1194
2024-09-03 09:12:19 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-09-03 09:12:19 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-09-03 09:12:20 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2024-09-03 09:12:20 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,comp-lzo no,route-gateway 10.9.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.9.1.202 255.255.0.0,peer-id 135'
2024-09-03 09:12:20 OPTIONS IMPORT: --ifconfig/up options modified
2024-09-03 09:12:20 OPTIONS IMPORT: route options modified
2024-09-03 09:12:20 OPTIONS IMPORT: route-related options modified
2024-09-03 09:12:20 Using peer cipher 'AES-256-CBC'
2024-09-03 09:12:20 net_route_v4_best_gw query: dst 0.0.0.0
2024-09-03 09:12:20 net_route_v4_best_gw result: via 192.168.88.1 dev eth0
2024-09-03 09:12:20 ROUTE_GATEWAY 192.168.88.1/255.255.255.0 IFACE=eth0 HWADDR=08:00:27:21:b1:d0
2024-09-03 09:12:20 TUN/TAP device tun0 opened
2024-09-03 09:12:20 net_iface_mtu_set: mtu 1470 for tun0
2024-09-03 09:12:20 net_iface_up: set tun0 up
2024-09-03 09:12:20 net_addr_v4_add: 10.9.1.202/16 dev tun0
2024-09-03 09:12:20 net_route_v4_add: 10.10.0.0/16 via 10.9.0.1 dev [NULL] table 0 metric 1000
2024-09-03 09:12:20 Initialization Sequence Completed
2024-09-03 09:12:20 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 135, compression: 'stub'
2024-09-03 09:12:20 Timers: ping 5, ping-restart 120
2024-09-03 09:12:20 Protocol options: explicit-exit-notify 3

and does it stop there?

2024-09-03 09:14:53 [server] Inactivity timeout (--ping-restart), restarting
2024-09-03 09:14:53 SIGUSR1[soft,ping-restart] received, process restarting
2024-09-03 09:14:53 Restart pause, 1 second(s)
2024-09-03 09:14:54 TCP/UDP: Preserving recently used remote address: [AF_INET]54.76.30.11:1194
2024-09-03 09:14:54 Socket Buffers: R=[212992->425984] S=[212992->425984]
2024-09-03 09:14:54 UDPv4 link local: (not bound)
2024-09-03 09:14:54 UDPv4 link remote: [AF_INET]54.76.30.11:1194
2024-09-03 09:14:54 TLS: Initial packet from [AF_INET]54.76.30.11:1194, sid=c2ccc16f e493b8b4
2024-09-03 09:14:54 VERIFY OK: depth=1, CN=ChangeMe
2024-09-03 09:14:54 VERIFY KU OK
2024-09-03 09:14:54 Validating certificate extended key usage
2024-09-03 09:14:54 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-09-03 09:14:54 VERIFY EKU OK
2024-09-03 09:14:54 VERIFY OK: depth=0, CN=server
2024-09-03 09:14:54 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519

2024-09-03 09:14:54 [server] Peer Connection Initiated with [AF_INET]54.76.30.11:1194
2024-09-03 09:14:54 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-09-03 09:14:54 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-09-03 09:14:55 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2024-09-03 09:14:55 PUSH: Received control message: 'PUSH_REPLY,route 10.10.0.0 255.255.0.0,route-metric 1000,comp-lzo no,route-gateway 10.9.0.1,topology subnet,ping 5,ping-restart 120,ifconfig 10.9.1.202 255.255.0.0,peer-id 189'
2024-09-03 09:14:55 OPTIONS IMPORT: --ifconfig/up options modified
2024-09-03 09:14:55 OPTIONS IMPORT: route options modified
2024-09-03 09:14:55 OPTIONS IMPORT: route-related options modified
2024-09-03 09:14:55 Using peer cipher 'AES-256-CBC'
2024-09-03 09:14:55 Preserving previous TUN/TAP instance: tun0
2024-09-03 09:14:55 Initialization Sequence Completed
2024-09-03 09:14:55 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 189, compression: 'stub'
2024-09-03 09:14:55 Timers: ping 5, ping-restart 120
2024-09-03 09:14:55 Protocol options: explicit-exit-notify 3

that is the end of output for vpn

2024-09-03 09:14:53 [server] Inactivity timeout (--ping-restart), restarting

Something is happening in your network.

what it could be in my network?

Hi, I'm facing the same issue with my connection to the VPN, I tried several things :

• Getting another config file : KO
• Reboot my vm : KO
• pinging 10.10.10.10 : OK but I can't ping the target machine
• VPN messages seem ok

I have tried different wifi network and even LTE connetion via IPhone, result is the same... Only 4-5 ping packets pass via vpn

Which target machine are you pinging?

SET_v7

10.10.77.252

That means nothing to me. Kekw

Which room?

Set

Can you link the room?

yep

https://tryhackme.com/r/room/set

Oh it's Windcorps.

yes

Yeah, there is a reason you can't ping it.

the SMB connection didn't work too, let me try again

The machine is behaving as expected.

ok it works now, I maybe got a bug

..Nope.

I know for the ping, I mean for the SMB attempt, it is supposed to work 🙂

What does the "2 days of access left" mean for the room https://tryhackme.com/r/room/lateralmovementandpivoting?

You'll be removed after those days.

You're free to re-join, to put it shortly, it saves resources.

Ah that makes sense, thank you!

Gave +1 Rep to @weary spindle (current: #1 - 2726)

I completed the Jr Penetration Tester learning path and I'm wondering after how long I should receive the Certificate of Completion

Did you click the fetch certificate button?

I didn't see that

😄 That's ok.

I was only asking in case there was another reason why it wouldn't work.

ok, I had to "enroll" again in the learning path and I see the button to fetch the certificate now, thank you

Sry for disturbing but could i have some suggestion because my tryhackme is not connecting to my kali, even after getting IP from openvpn. Pls help

If you have an IP assigned, what are you having an issue with?

when i try to refresh on the site it still shows no connection

That page is broken.

Just ignore it.

but the machine is not connecting due to that

That won't be the reason.

Which machine are you connecting to?

thanks it seems its working for now....i tried for 3hrs....thanks for responding

E1 and Cloudflare are not the answers "Who is TryHackMe's HTTPS certificate issued by?" Can you please tell me what is it?

E5. This room is currently being looked into

thanks thanks but how can i find it

You won't be able to. It no longer appears

The room is under maintenace due to this one answer

hello. I can't seem to ping my running machines/ rooms since they have 10.x.x.x , meanwhile the openvpn provides me a 10.x.x.x ip. Does anyone have a solution?

Thanks

Which machines are you pinging?

Fowsniff CTF

https://tryhackme.com/r/room/ctf

ang testing also https://tryhackme.com/r/room/papercut

Fowsniff doesn't react to pings.

even scans?

meaning I cannot play the box using physical machines

but i can play it using attack box? since it is pingable using attack box

ARP takes over due to being on the same network.

for context fownsniff has 10.10.x.x ip while my machine is 10.8.x.x

That's intended, all VPN's are different.

I see, can you recommend some boxes that I can ping over the network just to test if the problem is not the openvpn connection that I have thanks.

Are you a subscriber?

yes

Linux Fundemental 2 and 3 (not one)

Linux hardening.

I will try those boxes thank you

Papercut is a Windows box btw, that's why you can't ping it without ARP.

Is there a solution that I can do to be able to access those boxes thru my physical machine

btw these boxes are pingable. Thanks a lot

Gave +1 Rep to @weary spindle (current: #1 - 2732)

Yes, this is due to being Linux.

Windows blocks ICMP pings by default, so you'll need to find other ways to enumerate and test if they're online cough nmap cough

nice nice I also did an nmap scan. I was first unsure if my setup works since I tried to use an AWS Ec2 instance as my kali to connect to the THM boxes. I though that my vpn connection is not established correctly, you telling me that the box was not pingable was a life saver. HAHAHA I had been debugging for like 4 hrs already

Btw for these question, is there a way to access them via openvpn or is it not really possible?

THM use AWS to host their stuff.

Yeah hahhaa i found out that too since when I nmap the config file, i was shocked that it redirects back to aws

If you have the VPN on, you can interact with them if their services are enable and on.

Like papercut is asking you to browser to http://:9091$Target

Even if i cant ping the paper cut machine?

Correct.

No Ping != Online

Oh yeahhhhh! I just remembered that what ping does is to send those icmp packets and received but if those packets are blocked means no ping but not necessarilly not online

"safety" feature for Windows.

Tanks

any idea why I nor my friend can't add each other to friends on thm? says "friend request already sent" but no one had received anything

Having some trouble accessing URL: https://LAB_WEB_URL.p.thmlabs.com for the "Jr Penetration Tester>Introduction to Web Hacking> Walking An Application. I keep getting routed to an error page.

Have you clicked on the green Start Machine button in the related task?

Yes, i am getting a "502 Bad Gateway" when accessing the URL.

Can you verify your account and send a screenshot of what that looks like?

@misty kelp

hello, i have to find the https cert issuer and i cannot. it is a two letter/number answer. I am having a hard time finding it

I was linking you to the message, not just the channel

E5. This room is currently being looked into

The room needs to be updated

thanks

how can i get the download file ontop the attack box?

I have to get an rsa file and put it through john the ripper

Normally task files are already on the attackbox if needed, if you can't find it there I'd just copy and paste the file contents into and id_rsa file that you can make on the attackbox

where abouts are the task files, ihave found files for some tasks but not the encryption room.

I looked for encryption crypto 101

Not sure, I think it would be with all of the rest, but perhaps they don't have the files for every room there

Hi! how mush time does it usually take to make submitted rooms public? and what if I want to edit something in the vm?

@weary spindle

There is a queue, I can't say as I'm not staff.

Hey i need help for the room TShark Challenge I: Teamwork task 2 ques 2
Whatever answer I Find and types it shows incorrect. i even tried from walkthrough

hello i recently joined thm using my friend referral link but it is showing invalid coupon so what should i do (its not been 7 days since i got it)

For issues with subscription it is probably better to email THM support
Have a look at these messages also:
#site-support message
#site-support message

@devout flare

success isn’t just about giving up, it’s about you appreciating every step you take, every hurdle you clear, every challenges you overcome and every sale you make. Be proud of each win, no matter how small, and let them remind you of just how far you've come. Keep goingyou’re on your way to something incredible. New sales made🎉🎉 . All thanks to GOD🙏🙏

Authenticate/Decrypt packet error: packet HMAC authentication failed
error pops up
while connecting to openvpn

Have you tried redownloading config file?

Yes

Regenerate the VPN config file before re-downloading
Check if it is different from the previous one by doing a md5 checksum on both

Done

I've sent a friend request on thm website, the person never received it and I can't send more since "friend request already sent". Same happened when my friend tried to add me via website.
Ok, we tried to add each other via email, same story, no friend requests were seen from both sides.

Done, meaning what?:

• now it works
• now it still does not work

now it still does not work

Which server are you trying, and which country?

IN-Regular-1

That VPN is having issues, use Eu-Reg-3

Let me try

It shows connection

Not connected

And by openvpn I have been assigned a ip address

The access machines page is broken.

Ignore that

Then how should I test it

That I am connected or not

You can either

Browse to http://10.10.10.10

in terminal curl 10.10.10.10/whoami

Curl command is showing me assigned ip

And I am able to ping the machine io

Then you're connected.

Happy hacking.

But 10.10.10.10 is not working

Web

Are you using https ?

No

Thanks for your help

Gave +1 Rep to @weary spindle (current: #1 - 2737)

Access machine page is broken.

If you run your VPN script and see Initialization sequence connected, you're good to go, as this page no effect on machines not connecting or reverse shells.

You can verify your connect with 3 ways listed in my screenshot.

1. curl 10.10.10.10/whoami

2. ip a | grep "tun" <-- This command is usefull for being able to tell if you're running more than one VPN (tun) as it will conflict.

3. Browsing to http://10.10.10.10 in your web browser.

Hey, I have recently experienced some issues while trying to connect on the THM machine;after running the ssh command I get either a message saying that the connection is refused due to port22 or I get in and then the password(which is tryhackme) doesn't authentificate

What machine from what room at you attempting to SSH into?

The machines from the "network sevices 2" but I had the issue with other rooms before

Not all machines can be ssh'd in to

I don't get it, I think that in the Linux fundamentals 2 room it's shown that you must use the ssh protocol to get into the THM rooms any other ways of doing it?

You can use the protocol to do that on some rooms, but not all of them - there are many other ways to access the machines and perform various actions outside of just SSH

You mean using other protocols like telnet

Or enumerating it and attacking it with various tools, or accessing it via a web browser if a website is part of the room, etc. It all depends on the room - that should be a walkthrough room though yeah? So read the task information and see how it wants you to interact with the machine.

Hmm I think I understand what you mean hh

Thanks a lot!

np

hello. I am in the "breaching active directory" room. I am using the attackbox and am not automatically connected to DNS.

is anybody there?

On the AttackBox, download the VPN config for that network and run it with openvpn That will give an interface called breachad
With that you can ping the DC
For the DNS follow the instructions for the AttackBox from the room material Task 1
Troubleshooting:

• make sur the network is running
• if you cannot ping the DC, consider leave/join, possibly mulitple times; allow some minutes (15?) before joining back in
• read the Pinned Messages from #breaching-ad

the network is running

@gleaming flume I tried to get into the machine of the "Vulnversity" room but I'm still getting wrong password

I don't think you SSH into that room either

Task 1 is about deploying the machine

Yep and then task 2 is about perform recon on the machine through nmap - not SSHing into it

Okay I get it thanks

Vulnversity guides you through getting access to the machine, providing you pay attention.

I'm still new to the platform that's why.. 😅

Please read the linked article for a better understanding!

I understand being new can be quite frustrating when things don't work as you expect.

Hi,

I can't connect to the THM machines using provided vpn servers.

Elaborate? Are you getting an error message from openvpn? What machine are you trying to connect to and how?

Yes, Im getting an error messages.

2024-09-05 00:32:35 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-09-05 00:32:35 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2024-09-05 00:32:35 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2024-09-05 00:32:35 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO]
2024-09-05 00:32:35 library versions: OpenSSL 3.0.14 4 Jun 2024, LZO 2.10
2024-09-05 00:32:35 DCO version: N/A
2024-09-05 00:32:35 TCP/UDP: Preserving recently used remote address: [AF_INET]3.7.33.194:1194
2024-09-05 00:32:35 Socket Buffers: R=[212992->212992] S=[212992->212992]
2024-09-05 00:32:35 UDPv4 link local: (not bound)
2024-09-05 00:32:35 UDPv4 link remote: [AF_INET]3.7.33.194:1194
2024-09-05 00:32:35 TLS: Initial packet from [AF_INET]3.7.33.194:1194, sid=1efb21a9 9f34d986
2024-09-05 00:33:35 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2024-09-05 00:33:35 TLS Error: TLS handshake failed

What VPN server is this? Did you try switching server and then regenerating and redownloading the config file?

IN-Regular-1 and I tried all of them but no use

What country are you in?

Central Asia

Some countries block openvpn or UDP traffic, that may be the issue here

ohh, yeah because my country is very close to Russia. I hope, it is not a reason.

Well I would google if that is the case for you, if that is indeed the issue then your only option would be to use the attackbox

I couldn't access the OpenVPN website too

thank you, your help is appreciated so much.

Gave +1 Rep to @gleaming flume (current: #44 - 176)

Sounds like a block then

is there any way to bypass the country block?

That'd be illegal, so no

ohh, i can't even do some tasks on the THM. It is becoming main reason for me. I'm loosing points too from some tasks

Unfortunately I can't do anything about that, just use the attackbox and complete things the best you can

is it okey to contact with the OpenVPN about connection issues?

As in reach out to openvpn about it? If your country is blocking it they are not going to be able to help

ahh 😞 okey thank you

Gave +1 Rep to @gleaming flume (current: #44 - 177)

what country is that which blocks openvpn ?

ahhh nvm its one of the -stans

Wow you found it, but it is not Kazakhstan , Pakistan or Turkmenistan but it is there .
Thanks.🙂

then its Tajikistan

hello guys, i have a problem with OpenVPN in this screenshot it shows me that im not connected to the VPN. But when i am running "sudo openvpn --config filename.ovpn" its working and i have access to the machines. Do you know what can i do?

I believe its bugged, if you can access the machines you are good to go

ye but it doesn't show me an IP, and when im using netcat i can't get a reverse shell because of that

Go into your terminal and type ip a your tun0 ip is the one you can use for rev shells and the likes

okay i'll try it thank you

Hello guys! I tried to finished host evasions in red team path, but 3 modules didnt load the room page, so i cant finish it

Cant post an screenshot here

You'll need to verify your account to do so.

@dire sequoia

Check the pinned post.

I've sent a friend request on thm website, the person never received it and I can't send more since "friend request already sent". Same happened when my friend tried to add me via website.
Ok, we tried to add each other via email, same story, no friend requests were seen from both sides.

I do not use this feature
I understand it works with email addresses: I guess these are the ones associated with the THM accounts involved here
As a way of making another attempt, which seems to be blocked at this stage, could you not modify your THM account to another email address (possibly coming back to the orginal one later) so that your friend can use that one in the fresh "friend request"?

I believe the person responsible for the website and its functionality should simply fix this bug rather than me hassling around with my emails etc

I was able to complete the rest of the questions by myself. But Task 2 question 2 from the room TShark Challenge I: Teamwork is not like that. I found the answer but it shows the format is not correct. then I referred to walkthroughs and tried to find the answer. I entered the same answer they entered from walkthroughs but it shows incorrect for me but correct for them.

Where is it ?

Mobile or desktop?

For now mobile

Click the channel, you'll see pinned posts

Yes i found it

i tried it all steps and it showed me my VPN server IP, so now it doesn't affect reverse shells?

Hi All

I have updated the support bot on the site. It includes more options

If there are any issues with the bot please let me know

It never did

If you can get an Ip, you're good to go.

Okay thanks

Gave +1 Rep to @weary spindle (current: #1 - 2739)

Hi, this IP: 10.10.171.170 is inaccessible & I need to access it for a burpsuite task

I tried subscribing to make a premium account. The money was taken from my bank account, but it didn’t upgrade me to premium and showed an error saying there wasn't enough money in the bank, even though the money was already taken from the account

can any one help me plz

@hollow cairn

I'd email support

i sended an email to them

Then wait and let them help you

What room is this?

Did you try terminating the machine and relaunching it?

Offensive Pentesting/Vulnversity

https://tryhackme.com/r/room/vulnversity

yes I've tried that

It seems to be working just fine, what are you having issues accessing specifically? The website?

it does the same on the attackbox also

& with gobuster etc

You did port scan it correct? So you know that ||The website is running on port 3333 which means you need to specify that when trying to access it 10.10.171.170:3333||

that didnt work either

I tried that before

No?

Works for me

I tried it when I was having issues with gobuster

1 sec

@gleaming flume

(im connected with openvpn btw)

do you know the avg time for the response ?

1-3 days I think

okay ty

Hmm that IP is responding to pings, but it doesn't seem to have the web port open that vulnversity should - you sure you spawned the right machine there?

Can you access http://10.10.10.10 in your web browser? Just to make sure the VPN is working

I reconnected with openvpn (it fixed the issue of me not being able to connect to 10.10.10.10)

but I'm still having this error

It needs to be http not https

thanks

Gave +1 Rep to @gleaming flume (current: #44 - 178)

I have https always enabled by default thats why

ty 🙂

No problem, happy to help

Did you get any help with this? I've been having issues connecting

https://tryhackme.com/r/room/somesint
task-3 question-2, the answer is wrong or maybe the reddit account details are wrong

how i supposed to let the THM authorities know about this, so that they can fix it ?

here in the reddit the cake date is 19-dec but the answer is 20-dec

Read the hint for Question 2. 🙂

Read the messages of #ci-cd-and-build-security , in particular this one:
#ci-cd-and-build-security message

Yoyo gang does anyone have any knowledge in john the ripper ?

cuz when i try to use john it responds with

"john name.txt
No password hashes loaded (see FAQ)"

and i've been sitting around for like 2 hours cant find solution so i'm grasping straws right now 🙂

Can i change the timezone to USA? I keep getting streak interruptions because i access the site at different hours and miss the time difference with the UK sometimes

I believe streaks should use your local timezone

Though if you used a VPN when you first signed up your timezone could be messed up

i did sign up in a different time zone in the USA. But if anything, that should give me more time because that time zone is behind. I hopped on yesterday after 9pm est and my streak reset. Just trying to figure out why 🤷‍♂️

You can visit here to reset your location/timezone https://tryhackme.com/api/user/update-timezone (It'll just send you to the dashboard but should update things) - if you still have issues after that I'd talk to support@tryhackme.com

👍

What does that name.txt containt?
You may want to learn the basics of John the Ripper in a structured way with this room:
https://tryhackme.com/r/room/johntheripper0

Sup just fixed it i just didn't have the hash format correctly formated 🙂

I've been receiving an inline certificate error for the past few weeks with the US-East-Regular-1 server. I've tried regenerating the .ovpn and reconfiguring with multiple ciphers/ fallbacks and none seem to work. Anyone else experiencing this issue or know how to resolve?

Have you tried connecting to other THM OpenVPN servers? Just give it ~2 to 3 mins after switching before generating your OpenVPN config file.

Yeah, I'm able to connect to the US-West -Regular-1 server, but I occasionally get HMAC authentication failed errors. For the most part it seems to work though.

anyone know how long the reset password emails take, been waiting about 20 minutes now.

Hi, Im trying to complete the CI/CD and Build Security room. Im using an Attack Box, but I cannot get a response from the network hosts (GitLab or Jenkins) with either host name or IP address. The network was already reset.

Even on the AttackBox you have to download the VPN config file for the network

Do I have to download VPN config files for Active Directory rooms too? I don't get the appropriate network interfaces on the Attack Box.

yes, you do

Thanks for the heads up.

Gave +1 Rep to @upbeat quarry (current: #68 - 110)

The Room description needs an update then. 😄

hey guys i 've already attached my thm account to another discord account, but i forgot my discord account. So i want to use my discord token for this account but refused. Can anyone help me with this?

You can request a Mod to help you with this

hey guys my burpsuite is not catching js even though I already removed ^js$| in proxy setting. How should I troubleshoot it

Hi, can the notification "We're making improvements to TryHackMe..." be disabled or entirely removed? I never want to be notified about this and I think most users feel the same.

hi

https://tryhackme.com/r/room/introdigitalforensics

not able to attch file to attack box from my pc

Can you check if the task files are stored in the directory in the Attackbox - /root/Rooms?

What proxy are you using - browser built in or foxyproxy?

yes I use foxyproxy and in both attack box and VM , I can't interpret js script following the guideline by removing ^js$

hello i am stuck with the question Who is TryHackMe's HTTPS certificate issued by?#

e5.

you gotta get an E5 tatto at this point xD

I should set it to a macro

@weary spindlethanks bro since week i was stuck on these question

Does somebody know it?

Im getting an error while connecting the the VPN, compaining about ciphers not being support. Ive downgraded OpenVPN and it works. Is this an issue my end or with the THM VPN?

Hi,
I don't understand why connecting via SSH doesn't work. The command tells me that the password is incorrect, but the SSH password is always 'tryhackme', right? Could you help me correct this?(I use AttackBox)

Which server are you trying?

Which machine are you trying you SSH in to?

I tested several machines and none worked, it's not linked to a particular machine

EU-VIP-1, also tried EU-Regular-1. I'm on v3.5.0 of OpenVPN Connect

Ah, you're using Windows? (I would not use my host)

You'll need to use the communities edititon.

Well yeah, not every machine can/needs to be SSH'd in to.

If you're required to SSH in you'll get;

a) The credentials.
b) You'll enumerate the machine and receive hints/credentials.

In short, Only a small % of machines actually have the password Tryhackme

Yeah. Ahh yes it works now. I swear this has changed as ive used OpenVPN Connect before with the VPN and its worked fine

Happy hacking.

hello, please anyone that me help me , by development the question : what is offensive Security, please. https://tryhackme.com/r/room/introtooffensivesecurity?path=jrpenetrationtester

Uhm.... I don't think this is the correct discord server to post this.

Can you clarify what you meant by "development the question"?

Hello? Can I know why the Subscription?Am not getting discounts as a student.there was written I need to pay 14$ for first months and in second month i need to pay 8.4$ but It still asking subscription so i stopped my subscription after 1month i subscribe thinking it will be discounted in 2nd subscription but still same why?

Did you contact support@tryhackme.com? I believe if your email is not automatically recognized and gives the discount that they have to do it manually

I haven't Contact ! yet I thought they will do it But i saw it still asking subscription for 14$ in 2nd subscription and I refer my friend and he also subscribe but didn't get credit !Why I'm kinda confused

Did you read the student discount help page?

¿What is offensive security?

help me please

say format of answer ***** *****

Hello! I wanted to see my level 5 mins ago, and in dashboard it says 0x6, but in profile and discord 0x5

A regular update runs every now and then which updates the levels. You can wait or re-verify again to update it manually

#room-help

@daring sigil access page is broken

dont worry about that

ok cool

thanks

I see I was also in the wrong channel for that.

thanks for the hint

+rep @naive dust

Gave +1 Rep to @stiff barn (current: #57 - 129)

noice

Hello,

I have an student account on tryhackme and I just learn I will use the website in my study. So I have to change my mail from my personal one to my academic one but on the website, it's lock. Someone can help me plz ?

Did you sign up with Google?

It's a gmail one. So I believe I did.

You'll need to contact support.

Ok, ty

Is this a real badge or an error? Past few days I've been getting this, lol.

Well it's not wrong.

Is there really a badge at 500?

Yeah.

sounds a bit bugged as it should point to the earlier streak badges before the 500 day one

Do you have any other streak day badges?

Do you have one that is a 365 day badge by any chance?

no only 7 and 30, don't even have 45.

that's why it seems weird and I'm mentioning it.

Yea, that's weird that shouln't happen

I have raised this.

Does someone here know the reason why reverse shell(.elf) being segmentation fault

after generating msfvenom

Could you first verify your THM account and share some screenshots of how you generated the payload and what issues you are facing?

@frail adder

ok

It might be because of the staged or stageless payloads, the way you are listening for it

Or the target architecture compatibility issue

I don't see option to share my screenshot

Also, please continue in #room-help if your issue persists

You have to verify first, see the above message from the bot

Hello ! I have a question, why does my account doesn’t show how many hours I did the last 7 days ?

Others students in my class have this on their main page

I tried to Connect on their device to see if it come from my device, but it does not show either, so I guess it’s the account ?

Thank you I rest all and tried all constructions again and it worked finally

Gave +1 Rep to @keen scroll (current: #32 - 237)

My TryHackMe Streak Was Freezed in 244 days

@deep trellis

i'm a subscriber

❓

@weary spindle

@naive dust what is the confusion?

It clearly says 245

244 at the bottom is just the chart not updating

i did not get today's streak

If you were on 244 yesterday. You have because it says 245

no man its glitch

I guess you're just not going to listen to what I'm saying

It says at the top 245. The bottom hasn't updated yet

If you were on 244 yesterday. Your streak has been granted

but today when im solving a room i did not get any streak massage.

that's why

Here the « 4 hours » I dont get that on my profile, why ?

can u send screenshot ??

I am sure the machine in this room is bugged https://tryhackme.com/r/room/virtualizationandcontainers, I can't get kubectl to show me anything. When I do systemctl status kubectl is says service not found but I can't start the service neither. Anyone had an issue like this?

But was you on 244 yesterday??

yes

thats im saying u

its the problem

Then if at the top it says 245. Then it has gone up. Regardless of you getting the message or not

Will do as soon as im on pc again

no i did not get any massage

There is nothing wrong. You have increased your streak. It quite clearly states 245 which is higher than 244

Message or not it has increased

but its 244 in questions section and friends section

I have explained this

That bit hasn't updated yet

The number at the top is your current streak

You have your streak

ok but i did not get any streak massage when im solving one question

You might have not. Or you may have not seen it.

But at the end of the day you have your streak

Happy?

1 min

finnaly

wait i will show u

Yeah, that sounds like you either didn't answer enough questions. Or it didn't register it for whatever reason.

when its 246 it means i get my todays streak