#site-support

then redownload it

I did it twice 🙂

@vapid dawn

What server is this on?

does Regular2 work? Then I try this one

Please try Regular1

I'M on regular1 atm

and regenerating doesn't give you a new file? That works

not as of yet

how long does the regen process take?

is that file from regular1 or regular2?

from Regular

I got a Certificate:

<ca> ... </ca>
No cert: <cert></cert>
and the key

and regenerating gave you the same file?

yup

does regenerating take time?

no it shouldn't 🙂

I waited one min

regenerated, downloaded and started and still the same error

using: OpenVPN 2.4.8

@vapid dawn any Idea? I know you are busy fixing the backend, so I won't disturb if you got other things to do

give me one sec 🙂

lemme try fix it for you

thank you very much!

for now, I'd say switch to a different server @minor hatch

Which one?

regular2

trying it!

Works! Thank you :)
Any Idea what is wrong with it?

@minor hatch if you want to switch to regular1 it should work now as well 🙂

I think the generation command was interrupted somehow

so the re-generation command couldn't find the relevant files to kill

but it's all good now 🙂

Tank you very much 🙂

this is so strange, I'm doing the advent of cyber room and I can ping the machine just fine, but when I go to go to the website on port 3000 it doesn't work

Give it a little time @pale palm

Chances are that the machine has started but the web server is taking longer

alright

cool

thanks

Some applications can be really bulky to start up 🤷‍♂️

yeah

ah working now!

thanks

😁

I’m new to cyber security

Any suggestions get start from beginning to professional

@twin pewter https://youtu.be/PvLjHODBwIg

Also the channel

The Cyber Mentor is not that good

I recommend John Hammond or Ippsec

Yeah those are really good too

I have doubt most of the customers moving to cloud, so can we implement the cyber security in cloud? Because the cloud is readily available infrastructure , what about the job opportunities

If you're willing to buy the TryHackMe Subscription (It really pays off) you can do the total beginner path and then move from there.

Ok what is the subscription cost

Usually $10 a month. If you're a student you can get it for $8 a month tho.

I have doubt most of the customers moving to cloud, so can we implement the cyber security in cloud? Because the cloud is readily available infrastructure , what about the job opportunities
the focus then shifts to cloud security engineers, there's always a demand

I have doubt most of the customers moving to cloud, so can we implement the cyber security in cloud? Because the cloud is readily available infrastructure , what about the job opportunities
@twin pewter answer please

I've been trying to use my paysafecard for something for a while now, would it be possible to somehow get VIP with that? (it's a €10 one)

Hello, can i ask how to get the student discount?
I veryfied my university email address but i don't see the price changed..
Does anyone know who should i contact for that issue?
Thank you all

@long panther It should be applied automatically, but that's only for certain domains. If you've got a student email address that isn't being recognised, send an email to support@tryhackme.com and they'll apply it manually for you 🙂

@barren birch thank you for your fast response!
I'm happy to join you all!
I wish i get some experience through tryhackme platform

Welcome aboard 😄

Thank you bud

Welcome NikGR

original name

My Name is Nikos or Nik and i am from GReece and my last name starts from GR so that's my nickname is 100% original 😄

First of all, HELLO 🙂 wanted to finish the room I started a week ago called : The Cod Caper. I have finished few tasks already when i started, wanted to refresh , and start from the beginning.. but now i cant scan the machine, did already few times terminating machine reconnecting to VPN still no luck, I cant even ping the machine.. any suggestions ?

hi there

What VPN server are you on?

VIP

Is your OpenVPN client outputting anything?

current output

Can you try stopping and restarting your OpenVPN?

Do you have an IP for the machine?

So I can test if its up

you mean ip of the deployed machine ?

or my vpn ip ?

DM me:)

@dawn hatch speak here now please

!multivpn

Follow the steps above^, you have 2 VPN connections running

im good now.

that mouse cursor in the image annoys me more than I'm willing to admit

that mouse cursor in the image annoys me more than I'm willing to admit
@latent fable Im willing to change it, just to make you a lil bit happy 😄 tell me what you wanna see ? 😄 color, size, lay it on me Cake 😄

I used want it dead, but now I only want it gone 🎵

Solarised now

I used want it dead, but now I only want it gone 🎵
@latent fable

oh, right, like that. No, I meant I didn't like that it was in the picture :p

That said, I dig Breeze Light

oke, 'll do my best to avoid that in the future.

hahaha

thanks 😄

breez light it is

goes well with dark mode too ;)

Follow the steps above^, you have 2 VPN connections running
@deep trellis I think my problem was that used to press CTRL-x, when i should be using ALT-CTRL-C, cuz i have changed CTRL-C to copy

goes well with dark mode too ;)
@latent fable BTW congratz with a new level my friend.. its like we are going hand to hand 😛

hehe, it is! Doesn't help that both our names are PascalCase :p

nono, camelCase doesn't have a leading Capital

Hey, I have a problem. If I connect to the network via openVPN, the websites of machnies won't load, however if I start the Remote Kali Machine it's fine.
Already regenerated the Certificate and changed the VPN server.

did you ensure that multiple instances of OpenVPN aren't running?

Yes. Only one

Pings are also going through

is the browser configured to go through zap or burp or something? -- and they're not running or running but intercepting and holding the message

Hey guys, i have a question,
when i complete a room, i get the option to share my completion in twitter.
Iff i skip that is there any way i can do it later?

Hi guys, I'm learning on Common Linux Privesc room. one task is about using the msfvenom but id doesnt seem to be installed or recognized on the cli. am I missing something?

@silent widget yes.

You run it from your kali

from the shell or the gui one?

@eager fulcrum

it says command not found

Msfvenom is installed on kali by default

@latent fable No proxy, nothing.

It may be the machine since another machine worked.

Any bright ideas, @eager fulcrum? I'm drawing a blank on @fading sun's case

Multivpn?

Vpn not wuite working right

It seems to be the OWASP Juice Shop room, since the introduction to Burp is working

Try it again now

Still not loading

Definitely sounds like a VPN problem

!multivpn

Already checked that. That's not the problem.

To the left is the OWASP room and on the right is the learn burp suit room.

The burp suit one loads, except of the image.
The OWASP however doesn't load at all, even though I can reach it.

@eager fulcrum It seems msfvenom is missing from the deploy version. I deployed the kali machine from the kali room and it exist

@silent widget ...

The VM on the room is not kali.

I see

is it possible to deploy both of them?

Before asking these sorts of questions. Try it.

😇

thanks it works

Does noone else have an idea?

I mean try restarting everything, but otherwise, I don't

kill all vpns that isn't the thm one

Maybe it's a problem with VMWare, gonna try virtual box

Hi guys. I'm trying to host a an Ampache server to upload my music to. Following the offivial github guide right now, but encountering a few problems.

It says:"Check that Ampache website is allowed to override Apache settings (AllowOverride All in vhost config file for instance)." where do I find the the vhost config file though?

Not really the channel mate 🙂

oh...sorry. just saw tech-support

Try #thm-community-media 🙂

thanks mate

Hey guy, I need a bit of help, so I have tried using Putty and the SSE command but no matter what I keep getting connection failed/timed out I have tired to ping the IP but I get no response I I am also connected the the VPN so i have no idea what the issue could be.

Are you connected to multiple sessions @robust tide

!multivpn

Follow that just incase

justin case

A crime fighting detective named Justin case

I'm going to CBS with this pitch

I think they've heard it about one billion times

skill not working :/

did you wait for the cooldown timer and do you have enough EP?

https://gyazo.com/0c79d56d5e891ba80089c06b750c5fc1

what do you do when you're not allowed 101

i already tried sudo

kill it by id then

forcefully

sudo kill -9 1325

just restarted my vm then re opened in but still the same issue

can it ping 8.8.8.8?

yeah

such a strange issue.

and you don't have any other vpn software installed at all?

no its a fresh kali install

in a vm?

yeah vm ware

is the host vpned to tryhackme?

yeah

alright

you gotta turn that off

you can't have more than one vpn running to thm

oh my host pc sorry no

right

does the host have any other VPN stuff?

see I've done htb before and that was fine

and no

that does sound pretty unusual

just to verify, you're trying to ssh/ping a machine that has ssh on p22 and answers to pings, right?

i was wondering if my host pc was blocking the ports but that's not the issue

and yes

and it's still running?

sorry it does not awnser to pings

right, but it has ssh?

yeah

have you tried another room?

yeah I've tried two rooms

hmm

Have you tried regenerating and redownloading the connection file?

No I'll try that now

Nope, still wont ping

i have no idea on the issue lol

I though that box didn't respond to ping

well its not responding to ping's

right, but would it if you were connected?

and still getting connection timed out

that's what a windows box would say. firewall and all that

https://gyazo.com/ba088c3622a1d1ce6bcc5afcf279f421

which room is it?

Linux Challenges

Just going through all the basic rooms first

right. Should respond on p22

should do but its not for me

@robust tide I still think something is wrong with your vpn setup...

this is 'normal' behavior when you're not connected

can we see what openvpn does?

you want the openvpn log?

https://gyazo.com/fc705c2f9a568e431631d2c151b5072a

you need to be connected to ping it

what's the [5] stopped... could that be the openvpn?

Open a new tab

Has it been sent to the background?

!multivpn

@deep trellis it looks like it was send to background.. or just ctrl z and nothing.....

I think you have multiple background VPN processed

Follow TryHacMe's message

wait, was that it?

?

I'm so dum if that was it

@latent fable this is exactly why I wanted that log 😄

the [5] stopped was just me ctrl z out

so you stopped the openvpn process

you need to leave it open.. else your vpn wont be up 🙂

i tried that also

but let me try again

show us the output of: ps aux | grep openvpn

check if any other openvpn processes are running before you try again!

also I'm still connected to the vpn on the website

https://gyazo.com/f4477e0882d8acf1401283e295c3906a

Yeah

You have multiple sessions running

That's an issue

yeah.. kill them! KILL THEM ALL

sudo killall openvpn

yeah and then re open it?

Then run your sudo openvpn command again

I'm sorry.. I get excited from killing processes 😄

yes.. and leave it open!

😛

@hushed oxide you should seek therapy 😂😂😂

<3

dude... me and all my colleagues 😦

@robust tide don't keep us hanging

vm being slow...

😢

they like to tease being slow at points like this

Try pressing the turbo button

Try pressing the turbo button
@latent fable yeah.. tried that with my gf once.. didn't help

your hand has buttons??

......maaybee.....

not bloody connecting now lol

no way 😦

wait....

maybe it would help If i was on the vip vpn....

instead of?

the regular one

cause the room I am in only have a box for vip

hmmm.. not sure if that would matter (like I genuine don't know if that would be the case)

be sure to kill the openvpn you had running before trying the new one, eh? 🙂

oh it did 😛

hey were getting somewhere now

yes?

ARE WE THERE CAPTAIN @robust tide ???

yeah its asking for a pw now but the the provided does not work

https://gyazo.com/c76fe2e5da00fc0411c2f9bc05d2b34b

what is 'it' in your context? openvpn? or the box?

oh well.. yeah

ok no this is an easy fix

its annoying cause I know how to do all these tasks but I just want to complete all the basic ones first lol

look at wht it does

it's trying to log YOUR username (josiah) into that box...

but you want to be Gary

ah

*facepalm

so it's fixed!

right?

I'm on one tonight

were in boys 👍

🥳

cheers lads I really appreciate that

No problem! next time you'll be helping me 😉

I'll try not to be this dumb in the future haha

I finished my last challenge in intro to intel x86 and got the password but it is not accepting

everyone starts somewhere ewellyn

Man, anyone else having an issuel with vulneristy room?

is there any way to run commands from a user account where it has /sbin/nologin in etc/passwd
i cant even get a php rev shell so im on a websell

@chrome badger technical issue? I solved it 2 days ago was fine

Nope sorry was just me. my apologies.

Anyone know why I keep disconnecting from the kali VM?

Having to reconnect every 5 seconds, doesn't seem to be a problem on my end.

Hi !
Im testing dwm right now, but i cant change my default terminal
In my config i wrote " exec alacritty" but its still starting another terminal...

@hidden wigeon it could just be a bad vm... try and spin one up again (and closing this one)

Please help

one more thing , in my netwrok i should use vpn to access Internet . after that i established openvpn But i can't access anyport
is it normal i can't access ports ?

Hello all again,
i subscribed yesterday and i'm trying to use the kali box.
I get's deployed normally and i can use it through browser and rdp but it's responding really slow
My internet connection is stable, i have 50mpbs speed, i tried restarting my computer and the ISP router as well, the issue remaind and it doesn't seem to be from my side.
I also tried terminating the vm and try again (the same issue remains from yesterday).

Any ideas?

Try RDP'ing into it

And set your color bit-depth to 16

I currently am

i thought about the colour but with my speed is shouldn't be a problem

i'll give it a try

Well my rdp client only has 15bit colors as the lowest option. i selected that.
colors seems to be a factor, it got quite better but still it is lagging a bit

thx for your advice

Link should still be up @slim heath 🙂

works fine ^^

@slim heath deploy

Oh

That link

any idea why my openvpn won't connect? (running on windows, access page says i'm connected but vpn says it fails. Also can't connect to the test server.

nevermind, i got openvpn to connect but still can't connect to boxes.

Question if this not allowed here please for give me it is this I have a keyboard I am using with a broken space bar there anyway to change my space bar to right alt or right shift ?

Think that should have a spoiler tag imo @dawn hatch :)

@dull hull quick google i found this - MapKayboard

Think that should have a spoiler tag imo @dawn hatch :)
@dull hull its not spoiling if its not working

i'll leave it to you to research if it's good or not. (check security too please, i didn't do this)

Is it for kali ? @soft totem

think windows but if you're on vm it might work

@soft totem Don't trust the access page firstly

@eager fulcrum was on a forum that i literally google in 3 seconds, so as i said please check 😛

Huh?

No I was talking about your issue

@dull hull maybe you can create a key combination in ur vm like ctrl right alt to act as space?

ohhh sorry xd

Yea I just wish logitech g hub would work on kali

@eager fulcrum i'll give it all a reboot shortly and mess about again. didn't know if there was something i didn't know.

!multivpn sometimes

oh windows

hmm

yeah, i broke my vm and haven't remade it yet.

Windows means multivpn doesn't apply exactly

Logs indicate anything

well since i fixed the issue i had it now connects to openvpn but no logs don't say anything.

Weird

I mean does it now work for accessing rooms too?

there’s very limited troubleshooting for OpenVPN Windows on the docs site

Open VPN great but not very friendly on windows

^

Works fine for me

I think it’s to do with the version of the TAP driver / adapter thingy mabob

like remember that what zenmap issue a lil’ while ago

But zenmap over the VPN was working for me so I think it's just a little hit or miss

Yea and it wasn’t for me or the guy - never something I really investigated more into other then it just being as you said hit or miss 😅

how do i use openjdk 8 instead of openjdk 13

@vocal wasp I had that one as well

Try using the subscriber Kali

SSH into it and it works

java must die

but i want to learn how to fix my stuff

This looks like my room

It is your room

Yeah, Ok @zealous yoke -- since you're here

How would you fix that?

that's honestly the fix, @vocal wasp. Spin up a new VM and install the right version. Java just spreads everywhere

@vocal wasp you're doing java -jar right?

ya

So you can specify the full path to a java8 binary and use that instead

either use jdk8 or recompile it seems like

It shouldn’t matter the jdk version. The materials attached I added to make sure local environments don’t conflict on a default kali

but i don't know where to get the source code to recompile ysoserial.jar

sado

I've seen others have the same issue, cmn

Yeah, it breaks if you've upgraded @zealous yoke

I tried that one @vocal wasp

Didn't end well

I advice installing the right version on a fresh vm -- or just using the thm-kali one

thought it was going to be a manually walk though of how to create it by hand

@latent fable Don't like the thm-kali one

always skip using it

then make a new vm

I tested with Kali 2020 and the THM vm

thm 2020 kali never spawned

only the 2018 one

2020 works fine

Mhm - I’m about to go on shift but that sounds like a big issue @barren birch. Quite a lot of people have completed it though

Oh yeah, it's definitely work around-able

I mean does it now work for accessing rooms too?
@eager fulcrum Nope

Stay safe!

Well, a fair few

debugging is part of the learning experience, and as much as I like to rake on Java, it's a real life issue any pentester will run into in the forseeable future

better they run into it now than later

^^

Cheers buddy @barren birch. Uhm I kinda assumed it was going okay for people since I haven’t been @‘d (that I’ve seen) but when I finish, I’ll investigate - feel free to DM if you think it’ll be easier

(Although I cant rely on being @‘d tbh)

fixed it

without THM vm

check mate guitarist

@zealous yoke you have hereby been @'ed

how so if I may ask? @vocal wasp

Just so I know if I need to take another look at it is all

installed openjdk-8-jdk and switched my default java on linux

will dm you the commands and links

if you want to change the room

Oh so you had to had openjdk 8?

didn't work on openjdk 8

i mean 13

or 10

Oh

do you want me to dm you the info or is that enough

Roger dodger - that’s odd. I’ll get to that after my shift. TY dude

No that’s all okay for me 🙂 @vocal wasp

@latent fable Also a lot of BMCs have Java clients so it's useful to learn for sysadmins

Do you know what release of Kali you’re using by any chance @vocal wasp?

O.o okay - thanks. I’ll take a look into that when I can

that should've worked out of the box

yeah :///

N0p3

thanks for detailing. I’ll investigate after I get back

finally

@zealous yoke have fun with changing that

delet flag

leaks

ty

technically easiest flag on THM anyway lol

is there a john the ripper cheatsheet for format

sick and tired of hashcat

@eager fulcrum myb but even if someone puts it in on their acc they aint gonna get anywhere if they then start going round with no connection lol

@soft totem Just the rules, no flags/answers

all good

i'm supposed to be able to connect to the box in windows via just pasting the ip in the browser url bar right?

@vocal wasp since the Jumbo release of JTR has so many additions from the community, its not super well documented

jtr?

Netmux's Hashcrack has a fair number of the formats documented

John The Ripper

oh

what is hashcrack?

hashcat?

no, hashcrack was a small field manual that Netmux put together

one sec, i can clip the page with the JTR formats at the time it was published

might be some missing or some changed since this sheet was put out, its from an older version of the manual

or just buy the book

yeah, you can buy the most recent version as well, that also works

but even then, there are still likely modes that have changed or been added since then

the better way to get the format list is to do ./john --list=formats since it should give you only the formats that will run in your version iirc

oh that would be helpful

depending on how you compiled john and what options/libs/deps you included, many formats will be different/missing

aaaahhh wish someone told me that

long time ago

for example, if you didnt compile with OpenCL support configured, dont expect them to be present lol

@small wraith

JTR has a pretty significant amount of configuration for its env to operate at full capacity

@zealous yoke other than the java not working that was a nice box

when you go to build it, you can see your env support in the output of ./configure

this summary will give you pretty much all the info you really need to know if modes/tools will be inoperable or missing

if you see a no instead of a yes on any of those, you are missing stuff

old on professor "as I try to write this all down

hold

lol

There are also internal versions of some of the modes that will be included/missing based on the instructions your processor has

but those likely wont be important enough for you to notice

what was your issue with hashcat? and what were you trying to accomplish/crack? might be a quicker way to get there, probably don't need all the john deps/libs if its just some MD5s or something simple

how do you check your config?

or does that only work with the source code version of JTR

when you pull from git, navigate into the src folder and run ./configure

oh, do you have a precompiled version?

john comes with kali

right, but its premade and not in a git dir?

cant just git pull and make clean?

the compiled one is missing some of the 2john files

would configure fix that

only for a few of them, mostly based on libpcap being present i think

if they are missing, you likely have either an outdated version of john or they were deprecated

@soft totem only if the machine is running a webserver

i know they went through and deprecated a number of the extract scripts a while back before the recent release, were redoing them/updating them

they are still present in the repo, but not in the same folder as before

and i guess that doesnt really matter if you dont have the cloned repo and just have some prebuilt version

since they will just be absent in that case

yeet what is the difference between JTR and JTR jumbo

JTR Jumbo is the maintained community version, it includes a lot of contributions and i believe is the most up to date branch at any given time

the normal JTR release doesnt include as much stuff, is on a release cycle, and is usually significantly behind the community jumbo, but is considered the stable release version

Last "core" release for JTR was Apr 2019

oh that makes more sense

Yeah, unless you have some really specific requirements for stability, the community Jumbo branch is pretty much the default

I don't actually know anyone who runs the core branch instead

granted, jumbo is based on the core tree, but there so many more changes and additions that its far more useful imo

can you link /johntheripper/run to /usr/bin/john to get the ssh2john and other stuff or will that break it

ln -s /opt/john/run/ /usr/bin/john

uhh that might be a little iffy if there are conflicting versions of some of the scripts present

oh ok

assuming you have the installed john and one you cloned

you definitely dont want to get weird and mix the two

since the scripts get updates sometimes too and different versions of the same script would produce some odd behavior probably

ah ok

Hello everyone! Does anyone here know how you would run linpeas.sh(https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/blob/master/linPEAS/linpeas.sh) locally without a simplehttpserver?

./linpeas.sh gives this:

./linpeas.sh: line 1: syntax error near unexpected token `newline'
./linpeas.sh: line 1: `<!DOCTYPE html>'```

but the script works if you use this instead, which needs an active internet connection:

curl https://raw.githubusercontent.com/carlospolop/privilege-escalation-awesome-scripts-suite/master/linPEAS/linpeas.sh | sh```

You didn't download it right

You downloaded a HTML page

if you download with wget, you need to use that raw. link

oh wait

yeah my bad haha

thank you!

hi
im having a problem when connecting to the vpn
im stuck here

and so on

i need help i want to subscribe but i tried first found that nothing works for me

Check your system time

And regenerate your config.

i tried this

not working it openvpn works on hackthebox

Those are the only fixes, try again

is there any way to make it work over tcp not udb ??

only fixes you think !!

@violet flame are you sudo'ing the openvpn command?

sure im not a noob !
i serch google but nothing

can i use the vpn server using tcp port becuse it might be blocked in my country

i mean udb port 1194 might be blocked

Sun Apr 12 20:57:54 2020 VERIFY OK: depth=1, CN=ChangeMe
Sun Apr 12 20:57:54 2020 VERIFY KU OK
Sun Apr 12 20:57:54 2020 Validating certificate extended key usage
Sun Apr 12 20:57:54 2020 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sun Apr 12 20:57:54 2020 VERIFY EKU OK
Sun Apr 12 20:57:54 2020 VERIFY OK: depth=0, CN=server
Sun Apr 12 20:58:51 2020 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Sun Apr 12 20:58:51 2020 TLS Error: TLS handshake failed
Sun Apr 12 20:58:51 2020 SIGUSR1[soft,tls-error] received, process restarting
Sun Apr 12 20:58:51 2020 Restart pause, 5 second(s)

@vapid dawn Any other fixes?

@violet flame Well, sorry.. everybody makes mistakes or forgets sometimes. It was just to check.

we don't support TCP

the restart will fix it

so you just need to keep it running

if it breaks, you can just kill it and start it again

restart and regenerate still not work after 1 hour of restarting

your timezone needs to be synced with NTP /be accurate

and you need to only have one openvpn connection running

Stile not Working Thanks i think i will cancel my account and go for Hack the box it works fine

Does anyone know why i can't access the site in this task? I did everything as stated and are connected

Anyone else?

@slim heath

which IP do you use?

than you

you need to use one displayed after hitting 'deploy' button

no worries

this platform is trash no real tech support
@violet flame can I ask you not be so rude, please?..
Tech support is community driven and no one is paid here to sit and resolve every single issue. I am sorry if you didn't get enough help but, please, understand this fact and try to be a respectful next time :)

@leaden token not sure he's gonna be back

One can only hope :p

Hello there . I have just a tiny feedback. We were doing a small koth on taylor,for some reason on dashboard we were not able to see anything about the status of the current king. There might have been just a small service bug

Submit it in #site-bugs. If you have the game number and a screenshot it would be helpful

and im hanging.. any suggestions ? did reconect few time redeployed machine more than 3 times, still when i try it again im just hanging at this stage, and cant intereact with open session

still not able to connect 😦

Hi,
I wasn't able to extend "Vulnversity" by 1hour. After refreshing the page, the "deploy" disappeared. How do I redeploy the VM?

nvm! sorted

Hey, does anyone know how I can download the community version of openVPN to my linux (arch) via the command line? I don't have a GUI available and can't find anything other than how to install the server version..

@glacial crane https://support.fastestvpn.com/tutorials/linux/arch/openvpn

Just the pacman bit I guess

@eager fulcrum Thanks. I'm unsure if this will solve my problem though... I was looking for something like $ sudo apt-get openvpn

Yeah that's a commercial VPN company

So

They're giving instructions to their clients to install a client to access their services

It is exactly what you need

Read the article @glacial crane

What's up! I am new to TryHackMe and I have just been doing the Linux Challenges but I cant figure out how to copy and paste in the remote server

its tedious having to type all the flags in lol

What's up! I am new to TryHackMe and I have just been doing the Linux Challenges but I cant figure out how to copy and paste in the remote server
ctrl+shift+v (?)

Hi Guys, would anybody know if HackPark is fully functional?
When I login into the blog platform, the platform seems "broken"... Wherever I click, I get a 404 or 403 error despite being the admin... Any insight would be appreciated 🙂

HackPark is being a bit unstable 😕

Ah so a known issue?

yup, been submitted many times

but I think it's fixed now ..?

at least the exploit part

I couldn't even exploit because the blogengine page is broken... I assume

Is that the cc pentesting topic?

I think I remember that question and had difficulty with it too.

Is that the cc pentesting topic?
@naive dust yes

Yeah that's the only one I couldn't get either, I agree it doesn't seem like there is anywhere for 'admin' to be placed.

not even for password

@dawn hatch @naive dust man smbmap

@dawn hatch @naive dust man smbmap
@feral dock I been swiming in that man since yesterday

😛

I'll give it another look I guess 🙂

Nope sorry, I gave up for the evening after racking my brains on the admin password question.

Decided to start another topic and go back to it later.

🙂

im htting the wall with that too.. reading so much man to solve that, yet no success

I'm sure you'll have tried this already but I find doing a google search for cheat sheets sometimes helps, cuts a lot of the crap out of man and gets you right where you need to be.

by man i mean that.. readin dif topics on google about such asmall thing..

Fair play

I'll finish my current topic and I'll go back to CC pentesting.

Everything was going so smooth till i met these 2 questions..

hehe

this is so not funny.. why cant i go further ?.. so many retries... so many times redeployed.. so many times googled and checked, and double checked .. yet after command shell is succesfull I'm hanging.. How can i know is it on my end or not ?

have you tried just typing id or whoami - sometimes a shell is there but it doesn't show the prompt - may not be in that example though

^

Otherwise check the payload type

how should i be connecting to the room boxes? i can connect to my own kali box just fine but not the room boxes. going via web browser doesn't work and for ssh it doesn't accept any passwords i throw at it.

it depends on the box

you can connect via ssh or browser, if it is stated in the task

ok apparently i completely missed one of the usernames needed. all good now. lol

Hi guys, I am currently doing the "The Cod Caper" room.
I can't get a php reverse shell to start on the machine. I can get it to transfer with netcat, but then i get an error on the site saying the shell could not load

error on remote machine

Try a different shell

Netcat, for example

Also, that's a #room-help question 🙂

😮 my bad, gonna change channels. Thanks!

@dawn hatch Did you work out the ipconfig question? Just I have if you need advice?

#room-help ^ is your best bet for getting help with questions.

noted, thanks.

@dawn hatch Did you work out the ipconfig question? Just I have if you need advice?
@naive dust yes man, thank you, I wanted to DM you, but then again I didnt want to break the rule..

I'm done with that room

Nice and glad to hear you sorted it 🙂

sometimes you have to take things litiraly 😄

Exactly, I nearly kicked myself when I got it.

Hello I just started the Learn Linux section and I'm getting the completed buttons twice the second set won't complete though

Yep that's a bug

@deep trellis What's the fix?

Oh ok should I ask in the bugs channel?

Hello all, I have a pb here with the connection, it was working at the beginning of the afternoon, not now

I have a connection refused when I want to connect to the room with Putty

Are you sure you're connected to the VPN

yes

Are you on windows?

yes

You can try the ssh binary

on the access webpage, it says I'm connected

I'll try

so I'm working on the metasploit room, and am running the migrate command against the windows box. It's returning an error (see screen cap). For context, it's running php/meterpreter/reverse_tcp.

googlefu has failed me

Omg it works

Is it possible you have multiple sessions running @errant badger

with powershell

thanks !

Oh yeah putty can be iffy

I assume you're doing zthlinux

so I'm working on the metasploit room, and am running the migrate command against the windows box. It's returning an error (see screen cap). For context, it's running php/meterpreter/reverse_tcp.
@naive dust eventually resolved my own problem!

i just opened my laptop, and im running parrot 4.8, and the logo to connect to wifi isnt there?

@obsidian bramble Is your blackarch a VM?

yeah

What's the host?

Windows?

mac

Ok, and where's OpenVPN running?

vm

Eh, I can't fix Arch networking

@naive dust pars, where'd you go? I swear you ran arch?

we were talking a couple days ago, same issue

I'm a debian guy, that's what I learned and what I learned how to fix

@obsidian bramble Can you ping the gateway on the VPN?

10.11.0.1

yup

Feels like you just got a firewall or something, no unsolicited inbound connections or whatever

yup im trying to see if theres anything on iptables

Unless it's UFW

i dont think blackarch comes with that installed

@eager fulcrum I run everything

I've reached distro transcendence long ago

And his issue makes no sense

Like it shouldn't happen

everything looks ok here?

OK i fixed it

What was broken?

iptables input chain was on DROP

for some very strange reason....

Failed to open a session for the virtual machine XP.

VT-x is disabled in the BIOS for all CPU modes (VERR_VMX_MSR_ALL_VMX_DISABLED).

Result Code: NS_ERROR_FAILURE (0x80004005)
Component: ConsoleWrap
Interface: IConsole {872da645-4a9b-1727-bee2-5585105b9eed}

What

@naive dust you need to enable virtualization in your bios

It quite plainly tells you that it's disabled, so enable it

Where is it?

hehe im blind found it

Browser Kali asking for login?

Hey hi , how to connect Kali machine in remmnia

i need a creds to do that

it shows the username and password for the machines.. on the page of de kali room

Hey, dirbuster keeps saying dirbuster has paused itself as 20 consecutive errors have happened

do i have to keep unpausing it myself manually?

what am i doing wrong?

@shut hill Yes you need creds, that's how it works

@bright lintel Login on browser, or via rdp etc?

Was on browser

I think it's fixed

Remote TryHackMe?

Lemme check

@dusky spire Probably not in techsupport

Sorry

Removed

Also this is instant messaging, writing a letter is a lil weird

How to enter discord token

DM it to the bot directly @vague citrus your token is found on your tryhackme profile on the website 🙂

don’t post it here

Hey, I subscribed recently, and tried both the browser and rdp (using windows rdp) yet it still is super laggy on both

hey, i have done the room named alfred like several days ago but there was a 4th task which were coming soon so i couldn't mark myself as completed the room. i checked the room right now but that 4th task is gone and i still look like didnt complete the room. can you fix it?

@rugged crater As a subscriber, are you using the VIP VPN server?

Or one of the other servers?

Maybe that's the issue, I haven't done much regarding the VPN, currently on windows and just directly used the browser to access

Is there any documentation I can follow to setup a speedier connection on windows?

Well if you're using the browser versions of the machines, the VPN shouldn't matter. Site might just be busy at different times. I think there's planned work to improve that this week

So do you think for the time being it would just be faster to use a virtual version of kali on my device with the openvpn setup?

It depends on where the trouble actually is. I personally use the VPN on a Kali VM and it works fine. I've not had any real lag issues with target machines. Have you tested your own broadband speed and ensured all is working ok there?

I have been having the same issues

@deep trellis Can you check out the server?

I had them yesterday too, but yeah I have missed flags on this nessus room. Been rescanning all day because network issues keep messing with my scan and leaves me missing information. Same with Blue yesterday, I had to keep re-exploitinng the box because I would lose connectivity with it over and over again. Has there been issues with traffic to the site lately?

!multivpn

Sounds like your issue

You are correct, I should've asked earlier, i've spent all day rescanning on nessus haha. Thanks!

ok 2 questions (pretty sure it's because I'm a pleb using kali on WSL).
I can't even ping anything on the network, but under my profile, it shows I'm connected. ifconfig shows the proper address within the VPN. I checked with the online Kali VM, and that worked, so I know it's something to do with my setup.

the way I'm testing my connection through the openvpn room.

WSL doesn't really work well

Make a kali VM

Best way

Or use the sub one

figured lol. was mainly seeing if there was a way to make it work. between the xserver and tons of PATH changes I had to make, been more of a hassle than its worth.

this may be a dumb question, but can I get openVPN for mac working?

Yes but it'll be better to use a VM

Thanks

Ill look into it now

can anyone help me under stand why im getting this error

bloodhound-python -d megacorp.local -u sandra -p "Password1234!" -gc pathfinder.megacorp.local -c all -ns 10.10.10.30
Traceback (most recent call last):
File "/usr/local/bin/bloodhound-python", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 3251, in <module>
@_call_aside
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 3235, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 3264, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 583, in _build_master
ws.require(requires)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 900, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 786, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'Jinja2>=2.10.1' distribution was not found and is required by flask

Trying to run bloodhound

Install jinja

okay

how do you even acces the deployed machine

through the IP Address, it's an http error

so i deployed the machine

and went to " http://my ip:3000"

and get nothing

you simply type your active machine ip address in the url, but you also need to be connected with OpenVPN

it should work this way, yesterday it did work

so you just copy paste the ip and it should work?

yes, as this is equivalent to a normal url like google.com

yes ik and im trying

do you get any http errors?

no i just cant find the website

i connected to the vpn, deployed the machine got the ip waited for 3-10 mins and nothing

i tryed with my ip alone and with the hole http thing

and what did you see when you tried to connect

i mean to access the website

Firefox can’t establish a connection to the server at 10.10.212.194.

The site could be temporarily unavailable or too busy. Try again in a few moments.
If you are unable to load any pages, check your computer’s network connection.
If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.

oh im dumb af

nvm i got it

my last 3 neurons finally made a connection and added :3000 at the end

I can't get Hashcat to run on Manjaro with BlackArch repos.
The error is clGetDeviceIDs(): CL_DEVICE_NOT_FOUND
I'm running a ryzen processor and the tool is working when I boot Kali, but I want a more custom experience.

Anyone here got WSL2 on windows build 2004, cause It seems like.. when on VPN for THM, I can't reach my computer from Room's VMs

(not pingable)

or.. its my configuration messing up again.. 🤔

My exploit for eternalblue completes but never gives me a shell

Okay nevermind, After 5 tries it finally did..

show options

alright ^^

metasploit is sometimes like that

Welp, welcome to hacking where everything is fiddly

hey, i have done the room named alfred like several days ago but there was a 4th task which were coming soon so i couldn't mark myself as completed the room. i checked the room right now but that 4th task is gone and i still look like didnt complete the room. can you fix it?
@simple wagon anybody?

@untold ibex CL_DEVICE_NOT_FOUND is due to missing/broken runtime or ICD loader

make sure you have the Intel OpenCL drivers installed

(yes, intel, i know its an AMD CPU but the intel runtime is far closer to being in spec than the others available and will work)

I'll give it a shot, currently running rocm for AMD

for CPU or GPU?

ROCm is actually suggested for AMD GPUs on linux

but intel's runtime is suggested for AMD CPUs

running it in VMWare so AMD CPU

oh ok, then yeah you will want intels runtime

have to suggest away from VMs in general, because of how they expose hardware devices and limitations related to it, but if the runtime is present and the icd loader isnt messed up, it should work

Suggest away from cracking in a VM

My vm's are more powerfull than my laptop that I have laying about, so my preference is running vm's on my tower

Does your tower have a GPU?

You can crack on that on the host OS

Single GPU, but yea

You can crack on that

Hashcat for windows exists

^

hmm, it'll add another step but it could work! Thank you

And yes, VMs are good for lots of things, but low level hardware access can be a problem for computing

It adds a "Copy/paste hash" step really

unless its a hypervisor or properly passing the devices through

VT-d etc?

in which case, its totally fine, only a tiny penalty in performance at most

All virtualisation software is a hypervisor btw

Type 2 i meant

like Xen/ESXi

wait is that not type 2

i get my types mixed up

type 1?

yes, Type 1

Are they an option in VMWare?

VMWare actually passes hardware decently well

i've been mostly happy with it

I have Intel VT-x/EPT and AMD-V/RVI turned on

but it can be buggy with some chipsets

like, for example, if you do lscpu on many intel chips, you'll get bad info back

intel xeon 0000 and such

But if you pass through your GPU, you don't get to use it on your host OS at that time

I'm happy with running a Ryzen 7 2700

Easiest is crack on the host TBH

How does kali do it though?

I can crack perfectly fine on that through VM

How does kali do what

o

with what device?

Hashcat

I'll boot it, sec

right, what device does hashcat see?

you can do ./hashcat -I to check

it will give you full runtime info

I'll screenshot it!

that works

This is on Kali

Manjaro is booting

can someone help me i can't connect to the room? i created a room and when i type in the ip address in my browser it say's that it doesn't exist.

did you connect to the vpn?

yes and i ran it as an administrator and the website says that the connection is okhee

... I never send the kali one..

This is manjaro

Well that doesnt look good

@rapid magnet Not all machines run a web server, you can't just open it in the browser and expect stuff to be there

What runtime is that? it doesnt seem to have any opencl device IDs at all

which means it cant see any of your hardware properly

not just hashcat can't, but the runtime itself can't

clinfo

oh jesus man

do you know of a way to fix it?

beignet?

installed

based on the error rate for a simple device query

i would not call that "runs fine"

me either

beignet isnt even a supported runtime for hashcat, so that's probably a good place to start, removing that and installing the intel runtime properly

we even had to add additional warnings for beignet recently

pacman -R beignet?

yeah, remove all opencl runtimes that are there and install the proper ones

but in my assignment description it says: "in the brower a web aplication named Wacko Pico wil be loaded. use this to answer the questions on the website"

clinfo outputs

Number of platform 0

I think I removed all opencl runtimes

ok

Intel CPUs require "OpenCL Runtime for Intel Core and Intel Xeon Processors" (16.1.1 or later)

this is the current driver base we recommend

let me see if there is a package for arch

thank you so much!

can you run

$ ls /etc/OpenCL/vendors

to check if youve cleared the ones present

I can't even autocomplete it

No such file or directory

good

https://aur.archlinux.org/packages/intel-opencl-runtime/

this is the runtime package you want

okay, building now

@rapid magnet Are you connected to the OpenVPN?

you also want the icd loader and headers

https://www.archlinux.org/packages/?name=ocl-icd

https://www.archlinux.org/packages/?name=opencl-headers

What are they for?

yes i am connected

!vpn

Check with this

They're both already installed

good

thats fine if they are there

Then you might have to find out what port the webserver is running on @rapid magnet if it's not working and the OpenVPN room works

or regerate your ovpn file

Regenerate isn't a fix for everything

@eager fulcrum yea tought of that but where should i find that port it isnt listed in that room

@rapid magnet Check your VPN is working first.

Then you can find the port

clinfo

Number of platforms 1

and a whole lot of text

good

what does ./hashcat -I say

o it is working now i had to wait a hot minute ty

@rapid magnet When you click deploy, it boots a VM just for you. Takes a while sometimes

now when I run hashcat it mentions that I have insufficient memory available to crash with rockyou

at least it "works" now

ryzen 7 with 4GB?

no clue tbh

huh?

@leaden token Ryzen 7 is a CPU

but I believe it is mentioning my VRAM?

Nope

because you're cracking on a CPU

wait

i meant like

Good

4GB with Ryzen 7 is ~not good

you now have a proper runtime

If you are out of memory, since its a VM, just give it more?

what's the error it gives

it already is munching on 8GB XD

Hmm

I need another RAM stick

that seems like plenty

Can you screenshot the error? it might be something else, most attacks only require a few hundred mb, to maybe a gb or two

hashcat will tell you how much host RAM it expects from an attack when you start it

oh

its the command

its trying the wordlist as the hash list

yeah, it's the other way around

hash and then wordlist

lol

happens to the best of us, dont worry

^^

i fat finger commands constantly, and i wrote some of the syntax i use most lol

but I still couldn't have had it running without your help, thank you 🤝

🙂

you may also find it beneficial to grab the latest hashcat and try with that

we've made some serious improvements since 5.1.0

and are nearing release for 6.0.0

I keep notes of the commands I regularly so I can copy paste

you can either build from the github or just grab from hashcat.net/beta/

to use the most recent beta build

I'll check it out

for now I'm really happy that I can start hacking again xD

This was my one block to finish The Cod Caper room

Yeah, runtime conflicts are something we've been trying to deal with for a while so this stuff doesnt happen

but so many runtimes are out of spec or missbehave that it's hard to accept them

We list the suggest runtimes as requirements for that reason, so many issues we get are because some 3rd party runtime is missbehaving and its out of our control

Even intel's runtime was broken for several versions, wouldn't compile the kernels correctly

but it's working decently well now

good to hear it's finally behaving

and I'll admit, I prefer Hashcat over John

I have to agree, being on the hashcat team 😛

Though i do still think John and other tools have their place as well

I use a whole range of tools, not just hashcat, but they each have their own specific uses

Working on material in Learn Linux I deployed the VM yesterday and want to continue working on assignments today I'm not able to access via ssh deployed vm

@flint pond You need to deploy it again

They expire after 1 hour unless you extend them

I selected in options leave room when I select join room it instantly joins but does not give option to deploy

VMs are attached to tasks, not rooms @flint pond

You don't need to leave a room either

The deploy button is in the task, where it was last time

Thank you

redeployed

Hello, someone can help me ?

@tranquil flume You need to actually state your issue.

@deep trellis what's the fix for the guac login thing?

How can I pay or a 1 month subscription with PayPal? I only see the option to pay for 3, 6 or 12 months

@naive dust You can't

How I should resolve this issue? I have try with my logs of my TryHackMe account

I want to say it's tryhackme:tryhackme

But I think you need to terminate and redeploy

I want to say it's tryhackme:tryhackme
@eager fulcrum It doesn't work

But I think you need to terminate and redeploy
@eager fulcrum I have try to undeploy/deploy, logout/log in, try on other web browser and it doesn't work

Sounds like the same problem I was having a while back. That was a Skidy fix at the back end

@deep trellis You might have to do the fix again

Skidy had to fix it for me too

Oh dear..

@barren birch How can I do this bug again to avoid to have it again

@tranquil flume whats your THM username?

@deep trellis that's Hocrin

@deep trellis that's Hocrin
@tranquil flume Terminate the machine, and redeploy now:)

@deep trellis okay ! thank's a lot !

@eager fulcrum That's a bummer. Unfortunately PayPal says the recipient does not accept my bank for some reason.

@naive dust the recurring payments can be cancelled after a month if you want to buy a single one

Uses Stripe

I'm unfamiliar with that

PayPal is the only listed option for me, I do not have a credit card

Debit card works

@naive dust

We don't have that system in our country

@deep trellis sorry again but It still doesn't work, I have try in chrome private navigation tabs

Lets take this into a private convo

@naive dust It's a standard credit/debit card

It doesn't work like that in my country. But PayPal seems to work now. For some reason it assumed I lived in the UK, after changing the country, the payment went through

It works with any bank card, but OK

Guys, I'm trying to do RP: PS Empire but after installing Empire I got a message saying missing future, so I installed that and simplejson since it needed it. Now it gives no more package errors but at this point it says that it couldn't connect to a db..

I followed the steps in the room

so

im scared af rn, but if i am to dd if=/dev/my_current_root_partition of=/dev/different_hdd_partition
Will that copy and not wipe my current? i know it creates an .img file, just worried itll bomb my whole sys

The dd command will copy the filesystem partition byte for byte. It will overwrite the content on the target location

ok so in the simplest way to ask it, its copy pasting, not cut pasting right?

im pretty sure it just copies but i gotta be 100% so i dont wipe everythin

Yeah it's a copy. You should read the man page or the wikipedia article here

https://en.wikipedia.org/wiki/Dd_(Unix)

thanks broski i shall

last thing, which wouldnt be on the man, im copying my current linux boot to a separate hdd so i can save it, would it be bootable from that second drive if i ever was to need it?

(prob would have to have a bootloader...)

If you copy the whole drive including your bootfiles? It should be bootable (theoretically)

A dd of a bootable drive should give another bootable drive, because it literally copies stuff byte by byte

well im only copying a partition, but i can copy the boot partition as well

agreed

Probably easier to just copy what you need and slot it in if and when it's necessary

Bootloaders are ten-a-penny

so on the new hdd i should create an ext4 for the root copy and then the bootloader to a boot partition but idk if i could make one custom XD

i gotta do this stuff more 😑

what u mean by ten-a-penny?

Very easy to get

oh haha i thought the opposite when i read that lol

ok

welp

just realized i totally deleted my boot drive accidentally XD

@barren birch copying wouldnt work if its gone i guess... how do u create a bootloader for an os?

one thing i know VERY minimal about

Uh, are you still booted up?

And what OS?

yeh thankfully i havent shut this down yet

its kali... as to why im switching lol

(it was amazing and treated me very well but just isnt a all around good enough option for day to day)

Theoretically just doing sudo apt install grub should fix it

WTH really?!

I say theoretically

i did it haha

ill check my disks

I also may have got the wrong command

no it went through

Ah, good

Well, if you now have a /boot directory again

you're good