#site-support

Terminate and re-deploy

tried that 3 times it disconnects me within minutes

maybe due to wifi?

Looks like the same problem I was having @deep trellis?

yeah tried terminating it a few times and im still getting the same issue

Is the password correct?

Can you RDP into it?

@naive dust Apologies for the late reply - is this still happening?

I can look into fixing this for you

yeah would be nice thanks

If it helps it would only happen to me when the box didn't get an IP

would u be able to fix the login? so i can login

Hi, do the platform have some issues, because no matter which machine I deploying I can't ping anyone

I also downloaded the VPN file again

Are you actually connected?

Yes

@naive dust
-u "http://cmess.thm"

Btw i used ffuf i think its more simple and faster

@eager fulcrum I have the message 'initalization sequence completed'

@eager fulcrum I have also a pro account

Do you get dropouts or just... Nothing?

W8 a lilbit

@patent arrow use the command ps aux | grep "openvpn" and show us the output?

Or just do sudo killall openvpn and then open a new connection.

If that fails, maybe regenerate the config file, or speak to Skidy.

Great thank, I could figure it out, couldn't ping the machines but I can access the 🤔

But thanks for your help

Some machines have ping disabled @patent arrow

But 3 machine, Hackpark, Alfred and another one this with the baseball as icon?

Not sure about Boiler CTF, but Hackpark and Alfred are both Windows boxes. If they have their default firewall turned on then you won't be able to ping them.

Try it with Cherryblossom @patent arrow (I know that one is ping-able).

Forget that -- I just pinged Boiler and it worked fine

Have you been assigned an IP on the network? If so, can you ping your own tunnel IP?

Is it normal for hashcat on the Kali VM to only get about 500 passwords into rockyou.txt before completely giving up?

Just the usual dictionary cache hit

Weird

Hits it immediately, bypassing gets me about 200-500 passwords in before it gives up

That's real funky

The THM kali 2020 machine?

Yeah

I will give it a go

Tested with hashcat which was installed, checked updates, got errors that apparently were due to a version before the current on their site(?). Grabbed it directly from hashcat's page and ran that bin which runs just fine but has the same dictionary cache hit

I'll grab a hash

https://github.com/hashcat/hashcat/issues/2154
Issue with the 2020 kali hashcat mentioned

Nope my browser access is broken too

Grabbing their beta gets me past the error but then run into that dictionary cache haha

I'd use John for zip related stuff

Was moving onto that next but figured I'd mention the issue

@barren birch okay, thank you I will try it tomorrow

ew, parrot

Eh?

Man, how the hell do you get into the .ssh directory to login as alice

I'm guessing that's for the Linux Basics room @chrome badger? If it's asking for help with a specific room, throw it over in #room-help and I'll give you a hand with it there?

Ahh thank you much!

Nope my browser access is broken too
@eager fulcrum What do you mean sorry?

What do I need to fix?

Comes up with the login

Does this keep happening?]

If you terminated and re-deploy?

Seems like its happening a lot, I need to look into why

I have this difficulties to ping machines through my Kali as well as your online Kali machine

Is there any issues with ip addressing/routing ?

Online Kali machine should have worked no matter what. The most common problem with the VPN is that you've got the file open on more than one computer at once (thus trying to assign the same IP more than once)

Do us a favour, shutdown your Kali VM, then close OpenVPN on Windows?

I have only one connecion for openvpn, but still no ping. the same issue with online kali

yes i did shutdown kali

restart openvpn but still the same thing

Online Kali is more interesting. Can you show me the output of ifconfig on the in-browser Kali?

@sudden depot Some machines don't respond to pings.

That too ^^
Which machines have you been trying?

HackPArk machine

Hackpark is Windows. I don't know if the firewall is on -- gimme a second

Someone else was doing that and couldn't get a ping

Unless James knows

So most likely it doesn't respond

Someone else was reporting that it didn't respond so I'm going to go out on a limb here and say it doesn't

You're probably right there. I'm also going to suggest that it probably takes about 5 minutes (at least) to boot up. You're a subscriber so it won't take that long, but it's likely a relatively substantial length of time

Kali ip addr command result

The machine doesn't respond to ICMP pings, so you won't get a ping

all right, got the point. thanks guys

@sudden depot That's confirmed -- it definitely doesn't respond to pings

I accidently left my own created team. Is there a way to get back in?

Empty teams don't disband?

I tries to create a new team with the same name but it says "Your team name is already take."

@novel crag PM me, I can get you back in

Hello, I deployed kali and was in already vulnerable vm room but my kali doesn't reach private ip address

This is the Subscriber online Kali @gray phoenix?

Yes, it is.

Huh, how strange. You shouldn't need the VPN to connect using the TryHackMe online Kali

Which vulnerable room is it?

Vulnversity

You don't need to be connected OpenVPN if you're using our Kali VM 🙂

@gray phoenix If you run ifconfig on the Kali machine, does it show you an IP address in the 10.*.*.* range?

Yes i know @deep trellis but when i try to reach vulnuniversity ip address i get connection error (nmap, ping etc)

Kali IP address: 10.10.x.x

Also, could you screenshot that error? 🙂

Will send PM

Should be Ok here, but fair enough

No, I will send my IP address on dm 😄

Yeah, it should be safe here, but that's Ok 😄

So yeah, it's on the network. Hmm. Just booting vulnversity to see if I'm getting any errors with it

Oh okey

@barren birch i'm reach now

As in, it's working?

idk, i didn't anything 😄

Ah, yeah, they take a wee while to boot 🙂
That might have been it

The one I threw up took a minute or so to come online

Thank you for help, arigato

No problem 😄

Hey guys, is there a way to kill all active VPN i may have open? I keep having issues with disconnecting from the box. Ill have to reconnect every 30-90 seconds. or sometimes ill lose connection in the middle of the scan and have to reconnect to the VPN 2-3 times before it works again.

But the reason im asking about killing the connections is that no matter if I disconnect all my known VPN sessions, it will still show as im connected on the website VPN status

sudo killall openvpn

-9

@viral lance also make sure that you're not connected on any other machines

Also if you're connected from another device it won't help

Damn you beat me too it

yeah tahts the thing. I've used a few different boxes and im pretty sure I've terminated the vpn sessions on all of them. But ill give it another try, thanks

thats*

If you've only been doing it on VMs, just restart 'em all. That will do it

finally found and killed the rouge vpn connection. Thanks guys

hey everybody

when i try to use nmap

all port always filtered

how can i fixed this problem?

it depends from the machine your are scanning. Can you be more specific?

i'm using kali linux

and i also open VPN via .opvn file

yes, but which machine are you scanning? which room?

ctf 100

in stage 1

all port are filtered

🤨

the command is nmap -Pn -v -T5 -p3000-3100 10.10.74.253

i've not tryed that room, so try asking in the rooms-help channel

maybe try without -T5. set it to 3

still filtered

😦

Hello everyone

I'm having trouble with the RP:Nmap room (but I think it's more a bug than my fault)

Ooh, curious

Probably better over in #site-bugs @cedar agate

Yeah, but it may be a bug not related to TryHackMe (I'm not sure, that's why I'm checking with you guys)

Ah, cool 😄
Go for it

I'm launching the final scan : nmap --script=vuln -vv <IP of the room>

Nevermind, I'm just way too impatient X)

The script seemed frozen at 98.52%
It reminded me of an old bug I had (see in #site-bugs )
But actually after 20 minutes it worked

Thanks for the help anyway

Yeah it's very slow

@deep trellis Hey they timestamp is messed up for any room i try to run. it's starting at 7am ???

doesn't matter whether or not i am connected to vpn or not

i'm in the central time zone if that matters

Yep, that's a known thing

it tries to pick it up from whatever you're accessing the page from but sometimes timezones break

k thnks as long as your aware

There was discussion of it becoming a countdown instead but I don't think that was ever implemented

a countdown would be cool

@prime spear

#general

alright

sorry

I subscribed to tryhackme, the time for the machine to expires is about 7 hours I guess

but I'm working with the machine halfway then it shutdowns itself

why ?

about 45 minutes the machine will shutdown

have to deploy it again

The machine should deploy for 1 hour at a time, with 1 hour extensions should you need them. I suspect that's a time issue, i.e. the site thinks you're in a different time zone than you are

this is before I add time

this is after

What time zone are you in?

+7 UTC

And what does your VM report (if you're using the website in a VM)

it reports nothing

it just simply turn it off

As in what time zone is your VM

and even though the vm turn off, I still have to press terminate on the website

in order to deploy it again

the time in VM is 6:35 AM now

I'm not sure on this one, I'd get @deep trellis to look when he's free

nice to hear

thanks

it's very annoying for this case

I dont know if anyone has this issue before

for the linux machine

also the same thing

just to let you know

not only the vm running on website

@turbid crystal, it has been addressed before, I think @deep trellis mentioned using a countdown instead of timezones

using the count down ?

yeah, I have a big push for THM which includes: countdown, rearrange tasks, publish time not create room time for new rooms, etc.

Can't push as of yet, as this new game mode isn't complete yet.

so.....this mode countdown hasn't completed yet right ?

Correct, @turbid crystal

@turbid crystal, it has been addressed before, I think @deep trellis mentioned using a countdown instead of timezones
this make me so confuse 😄

I hope that you can fix the issue asap

the idea for each path is nice

@turbid crystal, so instead of using timezones, your VM will terminate at 9:23:51, it will instead display your VM will terminate in 52 minutes - Example

but doing it halfway and then it shutdowns without permission is so turn me down

@turbid crystal path?

There aren't path changes suggested

I mean learning path

Is anyone getting an SSL error? None of the site images are loading for me then refused connection. Tried 3 browsers

Which page is this for Will?

Room pages - Currently on the Docker room

Getting errors from raw.ratelimited.me, I'm guessing image hosting for THM?

Other img src's are fine

Weird hm

Can you link me the room plz?

https://tryhackme.com/room/runcescape

@deep trellis It's their fault

Im trying to do the vulnversity room and the vpn keeps randomly disconnecting for some reason

will work for a few minutes then dc

then work again a few minutes later

The most common reason for that is having multiple instances open

Have you only used it in the one machine @distant carbon?

yes let me check if they are still open ....

Yep. Try ps aux | grep openvpn if it's a Linux machine

ok

yeah that was it

Perfect 😁

catches me out far more often then I'd like to admit lmao

@copper mist Oh right, I'll take a look - thanks for letting me know

No worries, hopefully they're up soon. I think those images provide context

Is it normal that these machines are slow?

@marsh hatch it depends on the machine

@deep trellis Hi can I chat you up?

Yeah sure

Unless its to-do with room help, then use the #room-help channel 🙂

I've having constant issues with connectivity to hackpark (both front end and reverse shell) and it loads very slowly. Is this a known issue or could this just be my side?

@copper mist that's sherlocks room, they use that image hosting and it broke

Yeah, it's still down which is annoying

dw

it has been down for months

🙂

Bummer

Honestly, as soon as I find the original images I can fix it, but the room is still doable without them so it's not high on my list

Pepega fix would come first

Ah okay, how much context do the images provide?

They were more of a visual aid for people that might not have used tmux before

So just showing different commands in different windows type thing

Okay, cheers 🙂

Didnt receive my badge yet

@deep trellis

You did:)

Hey! I want to set up a VirtualBox with kali, but it doesn't even detect my tl-wn722n with atheros chip in install . Can someone help ?

You should be able to use "NAT" as the network adapter on Virtualbox for Kali @daring vessel !

can I do airmon-ng with NAT enabled ?

Post-install, if you really want to "Bridge" to the adapter, you may be able to install firmware etc for the adapter

can I do airmon-ng with NAT enabled ?
@daring vessel Not with "NAT" but it'll get you through the install stage, to where you can probably find firmware for your adapter

and then change from "NAT" to "Bridged" where you should be able to use airmon 🙂

oh, I see

I can't guarantee it'll work but this might be of use?
https://www.youtube.com/watch?v=BKQXcOH9zCE&feature=youtu.be

It's Kali 2020 with tl-wn722n 🙂

ah, thanks, I'll give it a try

mine is V1

with the atheros

Atheros AR9721 chipset aye?

yup

apparently that's supported by airmon, so yeah you might just have to google around for firmware - or Kali will pull them after you've launched into desktop etc

ok, so after the install I'll unplug my ethernet cable, then switch to bridged ( with my wifi card in USB , as right now is pretty useless if it is NAT )and boot in linux right ?

eh NAT is only useless for airmon

but, it can't be detected if I use it in NAT by linux , right ?

I mean, that's what I've been told and google couldn't answer me ......

but it'll get you through post-install where installing kernel updates etc might pull the firmware or you can find a git repo (usually the case) to use to install the firmware

( detected as a model )

then after its picked up switching to bridged should be a-okay for airmon 🙂

oh ok

NAT will mimick an ethernet connection

but can linux identify what card am I using ?

in NAT

when using NAT, Virtualbox makes a virtual network card that it gives to the VM

so It'd see the virtual network card provided by Virtualbox, but the VM wont identify it as what your actual physical network card is, if that makes sense?

yeah, I understand

tl;dr use NAT to get through to install things like kernel-headers, etc and/or try to find a git repo of that specific card (although I do believe it's one of the better ones for Kali). Add your wireless adapter and use iwconfig to see if it's picked up etc

lsusb -t will let you see if it's picked up as a USB device

Openvpn .ovpn doesn't connect on mac cli, same file works when connecting with tunnelbrick... annoying

what should I go for ?

select the "Kali desktop environment" tickbox, but the rest looks okay - Perhaps checking the "Install tools by purpose" and both "Information gathering" and "Sniffing and spoofing" to ensure airmon gets installed in this context?

I haven't used the 2020 installer yet so that's a bit different 👀

I've got everything from "install tools by purpose" to the down list checked

cuz that's how I remember kali

wasn't it Gnome?

like, the old kali linux ?

Oh yeah, it normally uses Gnome as far as I can remember

well, I guess I'll try something new

booting with bridged, im so excited

Sweet! I assume you managed to get it to work? 😄

@daring vessel you have to forward the nic if you want to use aircrack

I seem to remember having to buy an external NIC with monitor mode as well, as my internal one didn't support it

That's often the easy option

You need passthrough either way

I've passed through internal usb ones and external usb ones

Not tried pcie but it's possible

Yeah. That's why I'm adding it as an additional step 😄

What can be done to fix BeEF service?

Does VPN low speed?

@gray phoenix huh?

What is the context? What VPN?

I'm getting connection error frequently. TryHackMe VPN :/

What's the error?

Don't see any error but sessions dropping generally and I can't connect again in 1,2 minutes.

Make sure you're not running any other connections to the VPN

like multiple sessions

I was in 16th session on meterpreter :D, I'm sure. I have one VPN connection

Likely to just be your system then

If you're definitely only connected with one OpenVPN instance

and no one else is having issues

@gray phoenix you're a subscriber, yeah? Have you tried using the THM Kali machine?

Yes, I'm tried but don't like cause of resetting environment (it's so normal) problems

Yeah, it's a pain in the ass, I agree. Might be worth giving it another shot if the VPN is causing issues though

Maybe my country applying service based throttling idk.

Is the website down ... can't log into THM? @vapid dawn @deep trellis ??

Website is up and running

k will try to clear cache then

Thm works fine to me

Ditto ^^

I'm in bad cache

hello everybody. i'm trying the new Learn Linux room, but i can't ssh the vm neither with putty nor with ssh from terminal.

this is the error from putty

ok, solved with ssh, but putty doesn't work

When you say solved with SSH but not PuTTY, would that mean you have your VPN connected to two different machines @crude yew?

no, the same machine

ssh didn't work cause i mispelled the username

Aha, yeah, that'd do it.
It's interesting, given that PuTTY is just an SSH connection

My bet would be something to do with the VPN, frankly

i'll try later on a Windows VM or in a full vpn mode

*sigh* @deep trellis?

Problem's back

What

Sorry mate, pinged the wrong person 😓

!boop @barren birch

Huh, no, that's a bug, not tech-support

I have a question, a group I joined on discord says the OSCP Path machines are no stable 🤔

??

Is this true and hope I won't encounter issues when I sign up

If you mean THM's OSCP Path machines, then there is one that I know of, where you can't do a question

@barren birch When does the problem occur? Are you deploy 2 of more machines that have in-browser functionality? What rooms are doing this?

I'm interested now

Yep -- it's the two machines cause. It was when I was trying to troubleshoot the SSH thing in Pars' Linux room. Threw up the Kali VM, then tried to use the new Windows Base to test it with PuTTY when it became clear that CLI SSH worked but PuTTY didn't. Windows Base threw a fit, so I terminated it, and when I switched back into Kali it was asking for authentication.
So yeah, it was two Guacamole machines -- Kali VM and Windows Base.

emotionally invested

^

Yep -- it's the two machines cause. It was when I was trying to troubleshoot the SSH thing in Pars' Linux room. Threw up the Kali VM, then tried to use the new Windows Base to test it with PuTTY when it became clear that CLI SSH worked but PuTTY didn't. Windows Base threw a fit, so I terminated it, and when I switched back into Kali it was asking for authentication.
So yeah, it was two Guacamole machines -- Kali VM and Windows Base.
@barren birch Looking into it now:)

<3 @deep trellis

@barren birch Out of interest, how quickly are you deploy both machines?

Like, the time between deploying Kali and Windows Base

My guess would would be a couple of minutes, but I can't remember exactly. I can try to replicate?

yeah its weird, I'm trying to replicate the issue but can't

Thanks:)

No one even answered me 😤

Nevermind will figure something out

Can you right click the "Access in browser" and inspect element, then see if both links are the same

Hmm. I'm struggling to replicate as well now.

Just trying that 👍

Yep, both links are identical

Yeah its weird, hm

If it happens again, can you let me know if the links change

As in, change from what they are now, or are different to each other at the time?

each other at the time

Yep, will do 👍

why my kali ip keeps changing?

isn't permanent for me?

No, it's not permanent @fleet sluice

Yeah every reset it changes

Hey @r073r#4990
Our OSCP machines are fairly stable - one or two have known issues but we're looking to get them fixed :))

In the mean time, could someone please pin an explanation for Hackpark and Alfred into #room-help?..

I'll edit a write up for those two boxes over the next 2 days

Hackpark I haven't seen that many complaints

** edit the room

Alfred's last step to get the root flag needs some investigation, I think it'd be cool to explain why you can't see the flag even though you're System

Hi, sorry if this has already been mentioned, I just subscribed to THM and deployed the web Kali machine, noticing that access via SSH and RDP are only secured via preset user/pass combo's, -

Are there any other mechanisms in place to stop anonymous users from using the same combination of credentials to remote into the machine and if not, are there any plans in the future to perhaps use something like SSH keys as an authentication mechanism instead?

(Sorry if this is the wrong channel for the question!)

Thanks,

The instance that you deploy i.e. the Kali machine - despite it being a public ip, it's assigned to you, and is non-persistent after termination @severe mason

It lasts for two hours max, and has a random public IP. Shouldn't matter hugely

so someone could log into it, they'd have to guess the IP, know the creds and well yeah :^

That is true but i'm assuming all the machine's are AWS based and therefore using ec2 IP ranges?

so it would be trivial to brute force

The Kali ones, specifically, yes

the vast-majority of the other rooms are all within the THM vpn network

No worries, CMNatic do you work with THM? sorry literally just joined the channel so don't know who's who!

@severe mason You can immediately change your password when you log in

passwd

Nope! Just somewhat an avid-user 🙂 @severe mason

Welcome although! Are you enjoying THM so far?

Ah right! Just as a suggestion for any THM contributors that might see this, I think having an SSH key option made available would be a great addition to the platform; @zealous yoke absolutely! I've been using my own cloud Kali build since I signed up earlier today and didn't even realise there was a web version until about 20 minutes ago! just thought i'd pop in to see if there were any plans to add key based authentication, but the actual labs / rooms are really interesting so far

Don't think it's really an issue tbh @severe mason -- Admins might disagree though; up to Skidy, Ashu and Dark in the end

@severe mason #544951750801752079

Thanks for looking out for it though 😁
Glad you're enjoying as well.

For all suggestions

Well worth putting it into #544951750801752079 for sure

@barren birch True, think I've just been spoiled by AWS!

😁

Glad to hear you're enjoying it, it's a great platform. And that's something I'll consider at the very least! #544951750801752079 will be the best place. But for the future should you need any help re. rooms/challenges, #room-help is great! Its a bit slow sometimes, so stating your problem rather then "is anyone around..." usually ends up being more productive for all parties 🙂

Thanks all, i'll keep it in mind if I come across anything else, didn't expect such a rapid reply from so many people haha

all the best

It's a great community -- very helpful. Anything you stick in #room-help will get you help
Well worth doing the bot verify command as well @severe mason

all of the above :^^

Get yourself a fancy role!

in vulnversity, is the website to scan then tryhack web

trying to stay in scope

You'll be scanning the machine / IP that you deploy from the room @boreal cove you'll have to connect to the THM network to access it

You can confirm your connection / download your config here: https://tryhackme.com/access

like so:

in my case, 10.10.173.116 would be my target (whilst connected to the THM network)

We're working on this in different channels, mate 😁

oh 😂

Also, someone needs to give you your Community Mentor already

!vpn

Community Mentor obtained @zealous yoke

There we go 😁

woah

I forget I can do these as a mod

We love u @zealous yoke <3

I mean I wasn't aiming for it but thanks!

Hehe, not as good as the red, but Purple suits you more than the green

What is purple but a red tint

no u

True. I want a colours overhaul anyway tbh

(note I'm not an artist and that's probably wrong but it sounded good at the moment)

my eyes agree

I've asked for it once. One of you mods stick it in the mods channel?

Complete colour overhaul?

so i have the issue to be more clear is i can connect vpn and interact with the ip via my terminal but when i try to answer questions and interact with the tryhackme webpage i have to disconnect from the vpn

Huh.. That, shouldn't be happening

You're connected via OpenVPN with a downloaded config file, yes?

Oh, I know what it could be

yes

If your network is the same subnets as the THM network

Ooh, yeah, that could do it

Can you show us the output of ifconfig @boreal cove?

Or ipconfig all if you're on windows

sure

i just rebooted my vm

Weird, that shouldn't interfere with the VPN etc

right??

if i disconnect form the vpn at the top of the os the THM Access page then says i am connected

The access page isn't very reliable

It takes a while to update

even with refreshes

@boreal cove you wouldn't happen to be using Burpsuite would you?

i am not currently

Have you recently?

ill chec my proxy

Worth checking

yup still no lov

Can you connect to any other websites?

nope

Ok, try doing sudo killall openvpn

Then try going to another website

that works

Definitely the VPN then. Huh.

Ok. Try once more, pull up a VPN connection and try it?

yeah i couldnt resolve dns with it on

let me try

Oof. Yeah, they're only supposed to be intercepting traffic that's headed to the THM network -- your normal traffic shouldn't be being redirected into the THM network at all.

no luck

Sounds like all of your traffic is getting sent into the TryHackMe network, which explains why you've not got any connection, because machines in there have no internet either.

corret

Try one more thing for me, then I'll just pass it along to the admins to do some troubleshooting at the server end

Can you regenerate the config file and try that?

Kill the VPN connection first though

so i killed von went to THM and hit the regenerate on the page

Yep, redownload the config file and connect with that?

no love

Ok. Guessing Skidy and Ashu are likely both asleep, but I'll ping 'em anyway. They should be able to get it sorted out in the morning 😄
Benefits of having access to the logs

thanks

im logging off as well

@deep trellis -- got a VPN problem here. Seems to be routing all traffic, rather than just traffic directed into the THM network. It's working for accessing deployed machines, but with the VPN active we're not able to access anything else. Any chance you could take a look at it from the server end? IP is 10.8.25.231 🙂

THNX

No Problem @boreal cove 😄
Oh, what's your username on TryHackMe by the way? That might be useful

ah that's weird

We've had that issues ages ago

and should already be fixed

Would you mind regenerating your OPENVPN config file and trying again ?

For @boreal cove, @vapid dawn. It's been regenerated once, which didn't work -- not sure if you're meaning that as a possible fix or as a "I've changed something, try again" 😄

Check your vpn logs @sharp apex

Might be the VPN is disconnecting you

it would say if it was

but it doesnt

i think its cos there are too many ppl on the server

Blue doesn't have a bug that does that, just a few others

Nah

I'll go do blue right now

cool

@boreal cove DM me later if it's still not working :))

hello guys I

I'm having problem with my room I disconnected my openvpn coz I can't connect to the room anymore and it's still saying I'm connected .

Hello, I have a problem when I try to connect to the machine of the metasploit room
I connected successfully to the OpenVpn test ip to get the flag, but this one doesn't work for me...

You have to wait around 4-5 minutes (after deploying) for machine to boot fully so you can proceed with scans and exploitations

Oh okay, I'll try it, thank you

It still says Connection refused :/

what room is that exactly?

This one:
https://tryhackme.com/room/rpmetasploit

@eager bronze
Use -Pn flag for nmap scanning to get the results correctly

ever experience on if you run some searches on the room the room suddenly going down and up later on?

Sounds like your VPN connection is iffy @rain nova

Check you don't have more than one instance active

I only play 1 room at a time. maybe later I'll try it again.

No, your VPN connection, not the room

Are you using Linux?

Uh.. I tried to access to the IP address with my webbrowser...
Thank you

Does it have a webserver @eager bronze?...

Possibly a silly question, but probably best to be sure

It shows me this

Have you scanned it first?

Not all machines will be running a webserver

If there's no webserver then you can't connect to it

There's no server

i scanned it with -Pn

I was about to say, I think that's Blue isn't it?

it's RP Metasploit

In which case, connecting with a web browser is not going to work...

scan all ports

-p-

It's using the Ice box @leaden token, yeah, no webserver

yeah

Also add -Pn -- that's a windows box, it's got a firewall @eager bronze

yes I'm using Linux @barren birch

he did, look at the screenshot

Oh, oops, sorry, didn't see that 😅

@rain nova can you use ps aux | grep openvpn in your terminal, screenshot the results, then show them here?

Just to see if you've got more than one VPN connection running

yes there is so many

Um, yeah

That's your problem

oh ok , thanks! I'll kill them once I'm done with this thing I'm doing.

sudo killall openvpn && sudo openvpn <path-to-config-file>

Obviously replacing the last bit with wherever blnk961.ovpn is

thanks!

No problem 😄

I think it's working now, thank you for your help :)

Np

Np

Hello. I am having issues connecting to a deployed machine through my browser. I have the openvpn gui connected to my account through the configuration file. But it tells me that the connection has timed out. I am a good computer person trying to learn more. Could someone help me?

What OS are you using @midnight tusk?

Windows 10

Will you be using a VM when you're working on challenges?

@midnight tusk Connection timed out where? Are you sure the machine is running a web server?

Yeah, that's the other question. Where's the error? In your web browser, or in the OpenVPN logs?

The connection tells me through the chrome page when I try and go to the IP address, it tells me the connection timed out.

I'd assume in the browser. What room are you trying to do?

Some challenges don't have webservers on them. Which room is it? ^

https://tryhackme.com/room/blue

Yeah

Blue doesn't have a webserver on it

Which makes it difficult to access in your browser 😄

How do I run it then?

lol

That's a walkthrough room -- are you following the instructions?

Given you've got an IP it should already be deployed, so that's it already running

You'll need to run a scan, then you'll be using the Metasploit framework to gain access via an exploit called EternalBlue (hence the name)

where do i find the instructions

Where do I get EternalBlue?

Yes I see that part of it. I can't connect to it.

That's why I was asking about VMs earlier. You're going to really struggle on Windows. It is possible, but you need to know lots of software to install for yourself. Are you familiar with the concept of a virtual machine?

Or are you subscribed -- one or the other

Yes. I know VM's. I am on CyberPatriot at my school and I was trying to learn more about this.

That's the first set of instructions btw

An nmap scan

i see that

Ok, I would suggest downloading the VM for Kali Linux

Gimme a second, I'll find a link

Think there are pre-made ones you can download, although I can't attest to how good they are. Most people do it from the ISO

Have you got VMWare or Virtual Box installed?

ok. I am going to try something else at the moment. Yes.

Which one?

Hyper-V?

https://www.shaileshjha.com/how-to-install-and-setup-kali-linux-in-hyper-v-in-windows-operating-system/

That looks like a decent article for setting it up in Hyper-V

Ok thanks!

Once you've done that, close the VPN connection on your Windows computer. Make sure that it's completely dead.

ok

Put the config file into the VM, then use sudo openvpn <path-to-config-file> to run it

(obviously replacing the path-to-config-file bit)

ok

Thanks!

That'll give you all the tools you need in terms of doing the rooms 😄

No problem! 😁

Is the advantage of using Kali just that it comes with most of the tools pre installed?

It's also not Windows

It's easier to get the tools for Linux

Linux is a lot more flexible than Windows @distant carbon

Yeah, I'm just asking compared to other distros

You could technically do it with any distro -- so yeah, the main advantage of Kali is that it comes with many tools preinstalled, and the repo setup automatically to install more

Kali is rolling too, debian testing would be similar

You just don't have the repos so it's more manual

There are also other pentesting distros as well, however

Blackarch, parrot

^^

Hmm ok

Blackarch is only if you have a thing for arch tho

Yeah, let's not go near Blackarch...

Been meaning to set it up just for the fun of it, but in terms of a nice easy distro to get beginners started? Maybe not 😄

Yeah and there's loads of resources on Try Hack Me to learn some Linux commands if you're not familiar (search on Hacktivities) and the official https://kali.training ☺

are the machines meant to be extremely slow? looking through joystick right now and getting very slow input/output

Joystick yes.

Other machines, no

ahh ok, why is it so slow?

There's a lore reason for joystick

ahh fair enough

See if you can figure it out, it's mentioned in there

ty for info, ill just do another box ^^ can't even run pspy on it! haha

how can i redeploy my room

Terminate, click deploy again

@plush notch please don't DM people without asking. What's the issue?

It doesn't show deploy again

Refresh the page @gilded crypt

O 😅 thanks

is nikto really a slow tools ? as I'm using it to reveal Ektron CMS version and in midway I think my session just got expired.

yes

Nikto is really slow

any recommended alternative tools to finish this task?

@rain nova That question is broken -- Nikto won't give you the answer anyway. DM me with the command you're using. If it looks like it should work, I'll give you the answer for it.

dm'd you

how can i copy text from the terminal and paste it outside for like flags? i tried ctrl+shift+c but that just does ^C and i cant right click on it. I can get it to copy inside the terminal but then when i try to paste it outside it doesn't work

ctrl + shit + c only works in terminal but in others normal ctrl + c / ctrl + v would work.

if you trying to copy from outside terminal like browser notes etc ctrl + c and ctr+ v but pasting it or copying it into terminal ctrl + shift + c for copy and ctrl + shift + v for paste.

@gilded crypt some terminals also support control insert and shift insert

Thanks

do you guys know any way downloading stuff with cmd or uploading with eternal blue exploit?

or uploading with sessions of shell

i cant get to work shell_to_meterpreter

@warped marsh You can probably get Powershell and then download from that

Invoke Web Request or something

okay

How can you copy content from a VM running in browser to copy&paste flags/hashes ?

never mind - i insta-canceled and request a refund

@latent dune Just select and it'll copy to clipboard

At least for SSH based browser VMs

Not sure about the Kali VM

@deep trellis @vapid dawn Please can you reset my progress on the Cross-site Scripting room? Started it a while back but didn't get chance to finish it, and would like to start over.

I believe since it's a THM room, you need to do this for me?

ok will do @trail widget :))

Thank you v much @vapid dawn 🙂

should be resetted @trail widget

yep, all good now. Thank you!

any admin on

Nope, Admins are away @boreal cove. Anything we can help you with?

Or is it that VPN thing?

so i have downloaded openvpn to my host and it connected, but it still will not allow through the vm

does it matter about vm being bridged or nat

Is it working now in terms of letting you connect to both the internet and THM?

And yes, Bridged doesn't go through your host

i asked about split tunnel being enabled on the admin side but got no response yet

yeah thats what i figured its on nat

Try opening the connection only inside the VM?

As in, kill it on the host and open it directly inside Guest

That might solve all the problems actually, because you can still connect to the wider world through host

thats the way i have been trying.

Personally, I'd 100% advise only connect from the VM

im updating right now.. im in parrot and just killed anonsurf.

ill see if that helps... but i still connected. hmmm just never hit the internet. Im going to wireshark and see what it looks like

Good idea

!! GOT IT !! lol

https://tenor.com/view/yes-sweet-hellyes-pumpit-gif-3532253

Yes!!

Nice one 😁

ok now for everyone to know...

Network manager > Configure VPN> select
vpn name> Settings > > IP4 Settings > Routes > Check " Use this connection only for resources on its network" > ok > Save

Ah, so it was a problem with the host configuration settings?

vm vpn

Huh. Most people would just use sudo openvpn <path-to-VPN>

But fair enough 😁

yeah i tried that to

what a pain now i can go learn something lol

thanks for the help though!!

No problem!

Ah so that's a parrot thing probably

That... could explain something

Because it's through the gui @barren birch

Go to sleep

God only knows I need to go to sleep

But not yet

Could say the same for you though 😁

Go to sleep @barren birch and @eager fulcrum

It's 8pm for.me Its gotta be like 4am for y'all

Not that bad...

Get to bed 😁

Yessir! 😄

Need to get this task done first

And your date format blinds my American eyes

But yeah, I need to sleep

Right, explain that one Pars 😁

How does it make sense to do month / day / year?

Medium, little, big?

Because it looks better

The days go alot higher than the months

But it makes no logical sense! 😆

Well

I see it like this

It's actually small to big

Because no one really cares about the year

And months are typically smaller than the date

Also

It just looks nicer 😁

To be honest, I can kinda get behind YY/MM/DD
That's one of the few things that just really confuse me in translation though

Are you saying it's purely aesthetic?..

Anyone know why the VPN keeps resetting?

More often than not it's because you've got more than one connection open at once @fossil swallow
Have you used it on more than one local machine?

I need tech support

It's something I can't figure out why my system is going crazy

What's up @drifting zinc?

Hey man

Are you up for help?

Can't promise I'll be any use, but I can try! Sure, hit me

Okay so I wiped my ssd and installed Debian based OS but when ever I try to retrieve system information it just power off

For eg 'neofetch' Os will try to retrieve system information but somehow my hardware is restricting it

No logs?

Nope it just poweroff

Lemme check system log

Hmm, there might still be system logs floating around

Yep

Honestly, if it's a blank system, just reinstalling it would seem the easy option. Obviously harder if there's stuff on it

It's same with all os except windows

Hmm. Yeah, check the logs.

Wondering what on earth is causing that

Lol see this

Weird isn't it

Different OSs obviously do things in different ways, which makes it likely to be a hardware thing, but I can't for the life of me think how that could be happening

It's probably my hardware

Have you tried using an OS that isn't on systemd?

nope

Well not on this system

Maybe give that a shot?

"Endpoint unregistered" -- I'd take a guess that the error might be something to do with not being able to find some hardware that it expects to find? As in, it's looking for hardware, but isn't able to recognise the stuff that's plugged in

wait

Hmm?

Sending a video

On Discord? You can do that?!

Can do

Lol

Oh wait, is that an image?

That is bizarre. What happens if you use uname?

No, it works. Huh. I did not know you could do that

dude uname just gives you Os info

It's not just neofetch

I am just wondering why I can't retrieve system information like graphics and other stuff

I can't even do lscpu

🤦‍♂️
Yeah, so it does...
Sorry, not thinking 😁

it's probably cuz of graphic

I am not able to load the website in kali linux

I can't do lspci

I am using firefox

Almost definitely a hardware fault then @drifting zinc. Something is causing enough of an error that the whole lot just borks. Maybe try searching up the error code from the log?

Which website @kind frigate?

@barren birch tryhackme

It is constantly loading

Is this through a VPN?

I am not able to download my config file

@barren birch nope

Ah. Hmm

Is that a VM?

And can you access any other websites?

I have dual boot kali linux in my laptop

I am able to access other websites

@kind frigate So you can't download your OpenVPN cofig?

When you click download, it just hangs?

Yess

I am not able to download

try again please

Watching our logs

And not getting any information in My Rooms

ahhhh

ok

Oh yeah, please try with a different browser

Maybe try a different browser

Our obfuscation stuff might be breaking (we'll soon remove this)

Okayy

I will use different one

Thanks

Thanks!

https://youtu.be/IVpOyKCNZYw

No kidding, I found solution

It's nvidia

Why doesn't that surprise me?..

I see every single hardware information but just not Nvidia

It's common? Lol

Can you get the Nvidia drivers installed?

Yeah, graphics drivers are a pain in the rear end when it comes to Linux

Yeah it's really weird, I never experienced something like this before

Anyway, thanks for your time man

Appreciate it

No problem 😄

I am currently doning the room hackerNote. Is it normal that I have to wait 30 seconds for the server to respond on my API calls?

I already "rebooted" the server multiple times

API calls on the machine?

@eager fulcrum Is your guy here I think

Unless its the platform

Then its me

@naive dust 30s for eaah call?

Each

@naive dust ?

If you're killing the server with a brute force attack on passwords, API requests will take forever

Otherwise, 2-3s at the most even on non subscriber boxes

I've thoroughly tested it

Sorry for the late replays. Yes 30s for each call and I haven't hit the VM (or server) with any bruteforce attacks.

That's unusual

There's only 1 API call that should take more than like 0.1s

hey what is the best md5 hash crack tool

Hashcat

If anyone tells you John, they're lying

where can i found some hint ?

Unsalted? crackstation

@prisma nest #room-help

ok thank you

@hard basalt https://crackstation.net/

@barren birch john > hashcat

Lol

where can i find a download of rockyou.txt

By default in kali, or https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

@naive dust 😡 😡

😁

Tbh, I really like hashcat, but there are definitely some things that John does better

it is saying remote: Repository not found

wget, don't git clone @hard basalt

if you're on kali (or porbably parrot) it has it though

how do you use that command

on kali linux

if you're on kali. The wordlist is in /usr/share/wordlists

you might have to unzip it

gunzip /usr/share/wordlists/rockyou.txt

there is no file i am on a pi so that is problae the problem

probably the minimal install then

yea

wget https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt

i got it thank you so much

hey any help https://tryhackme.com/room/zthlinux to find the answer to 21. Been on it for like an hour and still stuck.

@cold raft #room-help

sorry

hello guys ,im connecting with openvpn but im getting this

Sun Mar 8 19:36:47 2020 ROUTE: default_gateway=UNDEF
Sun Mar 8 19:36:47 2020 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Sun Mar 8 19:36:47 2020 Exiting due to fatal error

anyone can help me ,also im using sudo

run an ifconfig

im get my local ip

or an ip addr and please paste the output

ok

o: flags=73<UP,LOOPBACK,RUNNING> mtu 1500
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0xfe<compat,link,site,host>
loop (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

wifi0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.103 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::5d28:6c01:dbfb:76d2 prefixlen 64 scopeid 0xfd<compat,link,site,host>
ether c0:38:96:8c:d0:6d (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

link/loopback 00:00:00:00:00:00
inet 127.0.0.1/8 brd 127.255.255.255 scope global dynamic
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host dynamic
valid_lft forever preferred_lft forever
2: wifi0: <BROADCAST,MULTICAST,UP> mtu 1500 group default qlen 1
link/ieee802.11 c0:38:96:8c:d0:6d
inet 192.168.1.103/24 brd 192.168.1.255 scope global dynamic
valid_lft 74995sec preferred_lft 74995sec
inet6 fe80::5d28:6c01:dbfb:76d2/64 scope link dynamic
valid_lft forever preferred_lft forever
19: wifi1: <> mtu 1500 group default qlen 1
link/ieee802.11 c2:38:96:8c:d0:6d
inet 169.254.244.168/16 brd 169.254.255.255 scope global dynamic
valid_lft forever preferred_lft forever
inet6 fe80::68c9:9b55:17dc:f4a8/64 scope link dynamic
valid_lft forever preferred_lft forever
17: wifi2: <> mtu 1500 group default qlen 1
link/ieee802.11 c0:38:96:8c:d0:6d
inet 169.254.70.170/16 brd 169.254.255.255 scope global dynamic
valid_lft forever preferred_lft forever
inet6 fe80::493f:4116:9279:46aa/64 scope link dynamic
valid_lft forever preferred_lft forever

@deep trellis you had mentioned that there was a new OpenVPN server today, could this be part of the issue?

@night juniper Send me your config

Ill test it

what config

To see if its you or our server

OpenVPN config file:)

oh okay

wait

Have you downloded it?

@supple sonnet Thanks for @'ing me, would have over seen this:)

np

lon ofc man

wait

here u go

for reference, next time DM it to Skidy if his dms are open lol

okay

You might want to remove the download link as well

Skidy loves us all

That way no one can connect as you

ok

(Just for your own safety)

im sendind dm now

@night juniper Going to reply here

The OpenVPN config works fine on my end

No issues at all

https://unix.stackexchange.com/questions/501403/tun-module-loaded-but-openvpn-dev-net-tun-no-such-file-or-directory

I can suggest perhaps looking at that

Sorry I couldn't help much further

okay thank you

also, what OS are you running? that might help for future troubleshooting needs

a uname -a or cat /etc/lsb_release can reveal that if you don't know the specifics

im running ubuntu linux file system on windows 10 , maybe to try on oficial linux os?

Oh, WSL?

WSL won't work very well

yeah that'd be why

Try a virtual machine, or TryHackMe's Kali VM

oh okay ty all

yeah so WSL works okay for general use, but it should never be a replacement

im so n00b

https://tryhackme.com/room/kali

Hello, I have connect to OpenVpn with my config file and deployed the VM for one of the free rooms. I then opened up a second tab on my browser and put in the VM's 10.... internal IP. But it won't connect to the machine. Sorry, I am a bit new to all of this.

Hey @limpid quiver, welcome! Have you waited up towards 5 minutes for the machine / instance to fully boot up? If you are expecting a web server, instances can take a couple of minutes to fully boot up.

On the other hand, they might not be running anything that you can navigate to by simply visiting the IP address - that may be apart of the challenge. Are you able to ping it from your device?

Okay, thank you makes perfect sense!

No worries! Hopefully that'll help you out. The Windows boxes are especially bad for this. The whole process of figuring out what instance is accessible on what part is enumeration 🙂

If the room type is a walkthrough, it should tell you, but a challenge will most likely not

Connection Error, is throwing me Out of the running machine and I have to start all room over... not cool at all 😦

Over Browser

That usually happens if there's more than one THM VPN connection open simultaneously @velvet sigil. Have you checked that?

(VPN connection to tryhackme)

@toxic ivy yeah, you'll be fine leaving that image up then 😄

Having an external VPN shouldn't be messing with your connection, but it might also be worth trying without it.

sure bro..!!👍 .. will do

Can you ping your own IP? The one for TryHackMe?

yes

Ok. When did you sign up?

Was it today or early yesterday?

Actually, forget that. Just grabbed it from your screenshot 😄

Can you ping 10.9.0.1?

today i signed up

Yeah, I saw from your IP that you're on the new VPN server 🙂

Can you ping the gateway?

(10.9.0.1)

yeah

Ok, so you're definitely connected

Can you run ps aux | grep openvpn on your Kali machine?

Screenshot the output of that 😄

There's your problem

??
Did I miss something?..

@eager fulcrum didnt get you.?

@barren birch three dozen connections open

Oof

That... That would explain something...

@toxic ivy sudo killall openvpn

Then try sudo openvpn <path-to-config> once

Obviously replacing <path-to-config> with the location of the config file

even after killing all the openvpn process and regenrating new config file its still showing connected

Screenshot that?

and also this error.. ahh..!!

Um, maybe Google that one...

That's the grep process @toxic ivy -- not the actual openvpn process

When in doubt

ps aux it out?

ps -ef | grep openvpn | kill -9 $(awk '{print $2}')

Thank u guys so much.. killing all of them and restarting the vm and then regenerating the conf file solved the issue..!! 🙏

Sweet! Glad to hear it, wp @barren birch and @eager fulcrum

i am really new to this.. pls dont feel bad that i am asking too many doubts and problems

It's all good @toxic ivy

We're here to help

It’s why our community here is so great 🙂

I just need to get the hang ofsolving machines.. i am still a noob..!!😑

And we're here to help you all the way!

I am not able to connect to my deployed machine ip... but ping is working fine

Then you can connect?

@naive dust @zealous yoke @barren birch Thank u guys so much

How long has it been up for @toxic ivy?

They often take a few minutes to load

5-6min

If you can ping it

Try nmaping it

ok

You might be able to ping it, but accessing it in your web browser might not work depending upon the room! That’s the part of the challenge, where you enumerate what’s running and where using tools like nmap!

What room is it

Since openvpn seems to be working

btw guys do think i shud buy premium.. how is learning paths.. coz i just started with tryhackme today.. and so far even with some problems i am loving the way it teaches me nicely solving this..!!

Let's go to #room-help

Hi folks

What's up?

CAPS seem to be always on when using guacamole / Kali via browser

any ideas how to fix that?

That's kinda funky

Not seen that before

Yeah, it is very annoying

currently researching this https://jira.glyptodon.com/browse/GUAC-850

but still no luck

I am using Firefox 73.0.1

can confirm that @eager fulcrum

happened to me in the past

The stuck uppercase?

Funky

no

especially when some switches are case sensitive

Yeah, it's not a good thing

What browser?

Firefox

Was asking @stone roost as you already said

I think is a compatibility issue with Firefox , seems to work with chrome , but can’t “send” caps either

I gotta use up arrow, not sure if that’s default with guacamole

Both chrome and FF

I've never had it in Chrome, not tried firefox.

Weird

yeah

i think there something about alt tabbing or so

Yeah, having issues with Firefox

Posted it into bugs submissions

So.. does CAPS suppose to work normally? Or I gotta use arrow for caps ?

should work normally lol

I see , ok

try rebooting the machine

that usually fixed it for me

Let me play a bit more and I will reboot soon

Thanks