#site-support

Where else would you add it?

ohhh

nah i was j making sure lol

thank you I got it!

The reason you can access different sites depending on the name you use is something called VHOSTs

Look into it

So adding a wildcard like *.thm.com would allow me to not need to do it for every subdomain?

uh maybe

IDK

ight thank u

hello, I think I have an issue with the VPN connection

I get every 3mn : Sat May 9 20:21:26 2020 [server] Inactivity timeout (--ping-restart), restarting

and I lost ssh connection on the room VM

!multivpn

bot ded

send help

https://discordapp.com/channels/521382216299839518/521771811768107008/708406862860779561

@split kettle

ok thanks @eager fulcrum 😄

shit, There were 2 openvpn up ^^

(after killed the official one)

issue disappeared. I will know for the next time, is it a Ctrl-C that can let this zombie process ?

Backgrounding is what normally causes you to run 2

Control C is fine

I remember double Ctrl-C avoiding the process to finishing properly

What?

hum sorry bad EN

Control C sends a SIGTERM signal

The process exits properly

yes, but if you ctrl-c again duringg this process, is exit properly too ?

It sends sigterm again

Nothing happens

hum, Sat May 9 21:18:25 2020 SIGINT[hard,] received, process exiting

Yeah

That's fine

I just tried, double Ctrl-C and it's a instantly exit

Simple Ctrl-C => SIGTERM[soft,exit-with-notification] received, process exiting
Double Ctrl -C => SIGINT[hard,] received, process exiting

find /* | grep x 2>> /dev/null doesn't take out restricted file logs

You're piping the errors for grep

Not for find

And find /* is bad

And should not be done

The correct way is find /

Because find /* is globbed

Thank you

I want a service on CentOS server to be the mediator server between a game windows server and a player, so that the player deals with the mediator server and is not directly with the game’s server For example, Cloudflare service but not http i want for windows application

This is for help with tryhackme @dreamy ginkgo

@eager fulcrum any channel ?

Probably a different server is best

@eager fulcrum can i do this on centos ?

like this

Can you look up a couple messages to what I just said?

@dreamy ginkgo I'm also going to direct you to rule 13. Do your own research.

Like seriously.

I found like 5 different solutions within a few minutes

@eager fulcrum I searched for it
Why do I ask here?

What?

ok help me !

This is for technical support with tryhackme.

oh allah , ok thank you

This is the third time I've said it.

You should say "Welcome" now

Hello guys,
I'm Ali from Egypt. I'm having an issue connecting to TryHackMe VPN due to blocking VPN UDP connection here in Egypt. I'm just wondering if there is any possibility to connect using TCP instead. There is a similar configuration on HackTheBox and it works here.
Thanks all!

root@kali:~# nmap --script vuln 10.10.94.216
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-10 05:12 UTC
Segmentation fault

why its slow when i connect to vpn ?

my ping time with machine is about 100ms but nmap , gobsuter ,... run slowly ?

nmap always freezes at 98.52% in the Kali box

im running on my ubuntu

but its really slow

it eventually fixed itself, took about 4 minutes of waiting

can i change TCP / UDP on ovpn ?

just switch the server

weird , i try download file on THM Kali with ovpn , My Download speed is 100Kb/s . but when i try download it with Public ip my Download speed speed is 2Mb/s

let me switch the server

yes thats what i just stated

can anyone help me with installing arch on virtualbox?
This is the error I'm getting
https://cdn.discordapp.com/attachments/399812928854949890/708905557628682296/unknown.png

can i switch tcp/udp on my OpenVPN ?

and yes I've ben using google to try to find answers and none so far that have actually made a difference

@hallow hare This is not a question related to TryHackMe, read the channel description.

define related, because the whole reason I'm trying to do anything with vm's is to do tryhackme boxes and possibly other ones too.... which makes it related, but its find I'll seek help other places

can someone test speed while connect to ovpn wget 10.10.104.163/kali-linux-2020.1b-installer-amd64.iso

@hallow hare

I can hardly see the img, does it say darkstar?

the issue is it's super small. even opening it in the browser only half shows up

ah weirdly enough I can copy half the image then the other half 😂 I've never seen that before

ah your trying to tell me to Try Harder? there isn't anything else I can do, I've installed the iso multipe times even from different sources to try that factor. the issue is that it doesn't work!

@hallow hare Just follow the Arch Wiki installation guide.

...

...

@feral dock can test it while connect to ovpn wget 10.10.104.163/kali-linux-2020.1b-installer-amd64.iso

seriously? I've already done that...

i've read that guide, I've read 20 others

i want see speed test with ovpn and without

@hallow hare Alright let's move this to #general

kk

canceled and resub worked!

Nice

Hey guys and girls, having a bit of a tech issue with VMware Workstation - I've gone to boot up my Kali session and have been greeted with this?

It then just hangs. Anyone else experienced it?

Reinstall

Corrupted root partition

Sorry

Really, no other fix?

I don't think so, you'd need fdsk but that's only in root

It's strange as the last thing I did with it was ran an update/upgrade command and now I can't boot.

Really hoping I don't have to reinstall, had some useful stuff on there that I would have preferred to have kept.

so uh im again having some issues with thm

i mean openvpn

that thing

yeet it out the window

idk why is this happening

Try switching over servers, that usually fixes everything

i just did

im gonna try again ig

Actually the koth box was refusing to appear as a host that's up and a reset fixed it up

hmm

gonna try that

nah its still refusing

gonna do -Pn scan

What room is this for @naive dust? If it's a Windows box you'll need to do -Pn indeed

^^

https://tryhackme.com/room/introtox8664

aaa ubuntu

you need to ssh

yeah iik

i tried that 2

slavko@slavko-pc:~/Documents/goblaster$ ssh tryhackme@10.10.195.61
ssh: connect to host 10.10.195.61 port 22: Connection timed out

re-deploy and wait

did that 2...

this will be third time doing it

just tried other room

i can't go to any room....

aaa i will need to restart my pc lmfaoo

!multivpn

xDDDDDDDDDDDDDDDD

brb i go restart pc

lol

thx for showing your tun0

showing what ?

nothing :)

ok so i was just playing koth and my electricity went off and came back and now i am facing this issue:

nvrmnd restarting the pc fixed it ^^^^

good!

get your ass back in battle soldier

still have speed issue with ovpn

get a better wifi

any1 having issues with machines today? mine are getting frozen right after password input

give this a whirl @cursive palm

Try switching VPN servers on https://tryhackme.com/access @cursive palm

If you're still having issues and haven't re-deployed the box already - do that.

if I cat or nano the machine freezes

cant even terminate the command

ill try a different room

i need some help on goldeneye machine. so i'm trying to get a reverse shell from ||moodle ||page, i'm sure that i'm doing everything right with ||spellchecker ||but shell is not spawning. can anybody help me?

hellooo? tech-support??

@simple wagon You're asking for help with a room. #room-help

james i really think its something related with a technical issue

because i'm doing exact samething as guided in the room, but let me ask on there either.

@simple wagon https://www.embeddedhacker.com/2019/09/hacking-walkthrough-thm-goldeneye/

i also checked this before writing here

i guess its something related with this but there is no option on the page related with this

This isn't a techsupport

This is #room-help

ok james. thanks.

i got it, thanks again.

Not really a big issue, nmap -A -p- always fails to show only ports on first run, but on second or third it shows the open ports

Happened on a few KotH boxes and Ignite

@trim rapids Takes time to boot

Would it not just report the host as down like it usually does in that case?

The services can't load until the OS is loaded

It'll start replying to ICMP first

Ah I see, thanks

I thought it was just an issue with nmap

It could be

But also boot times

For me the http server idles out at connecting to <ip> when the VPN is running, common issue?

Ah nvm it finally finished

Just slow internet, runs fine on the Kali Machine

Got the verification email, but it says my account could not be verified

@deep trellis

On my amazingly named account

SadKrisTheSequel

I got ninjajc01test as my alt for testing rooms at non sub levels

nice

Ninja, could you throw yourself into my private KotH until we get this resolved? If that's ok with you

@trim rapids You don't have to verify to play koth

Yeah you do?

You have to set your experience level

I did on signup

Anyways I resent it again and it worked

I think your best bet is to regen config looking at that @soft silo

is your host/vm timezone set as it should be?

you need to verify yourself to play KoTH :))

Did you try send the verification email again @trim rapids

Anyways I resent it again and it worked
@trim rapids

has anyone seen an error like this

You should have burp suite already installed with Kali?

no

doesnt come with it

I'd look into finding out how to install it rather then launching a .jar file for it especially as it seems to be causing issues for you

well i tried to install it with the .sh but i get this

Also that error re. your JRE version is a pretty good hint

a member said its using a diff version of java or something

but didnt understand it

Do you have 32bit ?

uname -m

yes

IIRC burp suite is 64bit only

so i cant use it

Is anybody else having a really bad speed on Hydra? It was at 4000 yesterday and now it's 200

On the Kali Machines

exactly i have speed issue over vpn

?

I'm connected to the premium Kali Machine, not using VPN

can you download this file over vpn and tell me your speed

wget 10.10.210.60/kali-linux-2020.1b-installer-amd64.iso

my Download speed over ovpn : 111KB/s

wget 3.249.136.48/kali-linux-2020.1b-installer-amd64.iso

My download Speed without ovpn : 3.5Mb/s

i hope someone explain me

this is THM Kali machine i can access over ovpn and internet but speed not same

I’d expect traffic is throttled on the THM kali box + openvpn overheard for reasons just like that @prisma nest

They aren’t really designed for the stuff you’re trying to do. How come you’re downloading an installer iso from the kali box rather then just directly from kali Linux site?

@zealous yoke it just for speed test

exactly i have a really low speed in nmap and dirbuster on my machine when using ovpn ,

Turned webgoat

Machine on

Getting pibg i ips..but

But accessing woth ip:8000/webgoat unablet o get the web page.

Give it another 5mins.

When i do nmap getting ....only 22 open

@eager fulcrum is it common to get that tupe of problems

The virtual machines take time to boot.

They are like physical computers

The services have to start after the OS loads.

But nap also showing only 22 open

?

Services take different times to start.

Have some patience, then come back to it in 5mins

If im a vip user then it will be tooo fast right

It will be faster. But it still takes time.

Htb ...is ....faster ....but there is ...lot of stuff in THM

No, HTB isn't faster

You share VMs with other people in HTB

So there's no boot process.

@eager fulcrum Can you check that speed test ?

@prisma nest Stop asking please

why ?

Especially tagging me

Because I can't? Because I'm busy with otber stuff?

Many reasons

they you should silent this room for yourself cause here is tech-support

@prisma nest You tagged me.

exactly i have a really low speed in nmap and dirbuster on my machine when using ovpn ,
@prisma nest When you say "my machine" do you mean the THM kali vm or a VM that you're running yourself?

If it's the latter it sounds like a localised issue (your connection speed)

@zealous yoke i just did simple test , i Lunch THM Kali , and put a large file for download on it , now on my ubuntu machine ovpn to THM and start download it

my download speed is about 120Kb/s

but when i download that file from THM Kali over internet Internet my download speed is 3Mb/s

that why my nmap and gobuster and ... is run slowly from my own machine

So that'll be a factor of both openvpn overhead and your geographic distance from the vpn servers

I don't imagine it'd make too much of a difference but try switching servers

yes i want make it sure , but nobody want test it 🙂

There's nothing really we can test - you've done more then we can

i want sure its my ISP issue or something else

i know some isps Throttle Speed after connect ovpn

Very possibly

I might be having the same problem. although ti seems too slow for even that.
webpages hosted by the servers won't load. I have experienced this with the burp suite intro where only the login form loaded and I have the same problem in the OWASP Juice Shop

Is burp intercepting?

no. right now I am testing without burp.

I also seem to be getting a lot of disconnect from the Kali machine today.

I also still have those ssh problems when connecting from my own machine.

Hey noob here, I'm on the RP: metasploit room doing task 5 challenge 1, i keep trying to run the command provided but it keeps saying that the database is not connected? i tried to search around here but couldn't find anything. Any help shall be appreciated.

msfdb init or msfdb start

i started it using msfconsole and then used the command it tells me to use : db_nmap -sV BOX-IP

even just typing db_nmap by itself it sasy that the database is not connected

i just re-read your response and tried using msf init and start. it says the database is already started and when i run the command it says it's disconnected

tbf you can skip db_nmap if everything else works, just run nmap

that worked, thanks!

@earnest void you can start Metasploit with the database running with “msfdb run” or “service postgresql start” then start Metasploit.

There’s a few ways to do it, as James showed above.

I'll have to try that thanks

that worked, thank you

Is there a way to see all of my unused vouchers all at once?

If not, this would be a really, really nice feature. Especially for those of us who try to give them away. 🙂

Hey, is there a way to change openvpn to tcp connection, like in HTB? I am behind a proxy and that's my only option.

I mean, does THM support tcp?

@random anvil Not yet.

Thanks @eager fulcrum . Can I expect some date? I have aroud 30 peers who will start using THM when this will be possible 🙂

I don't have a date for you

Could always tunnel your traffic using something like Chisel

Tor -> Vpn is also possible

but slow

got it. Never heard of chisel, will look that up now.

Hi, I joined using my personal email, went to subscribe and saw the student discount. I changed my email to the school one (.edu), verified, but I don't see the student discount. When I go to subscribe it says it will be $10/mo not 8. Is there something else I need to do?

(sorry if I am asking in the wrong place)

@nimble trail https://docs.tryhackme.com/docs/sales-billing/sales-billing-student

Awesome, thank you!

Guys i really wish i can connect direct from my Vm Kali machine (openvpn is blocked here in my country) so if u guys can allows openvpn TCP connectivity will be great form your end thanks

not yet implemented

Could always tunnel your traffic using something like Chisel
but you can try this

any specific period from implementation process ?

for*

no idea

alright bro ty

but it is highly requested

so maybe soon

i hope so,so i can renew my sub 🙂

I've been waiting for nearly 5 minutes now

Anyone still having some trouble trying to get the site to load stuff?

yes

^

nothing except dashboard is loading

@hoary heath have you tried something like ctrl+f5 or maybe an incog browser.. just to see if it's not some rogue cookie/session?

I have the same issue.

I also have troubles since 1 hour or so, cant load rooms, or access a webserver

This is what I get when I try going to Learning Paths:

That's happen when i tried dowload the configuration file using EU-VIP

Yeah it looks like the site's being a bit iffy atm

It's a code push / update so bare with ^^

tbf.. I had (same) problems.. moved to incog browser and I'm fine

@zealous yoke Ok, thanks for the info 🙂

Getting 504 timeouts and 500 Internal Server Error when I just tried to login

Same

Are there any problems with the site? I wonder if the problem is with my browser or maybe with the site?

seems like backend problem

Read prev comment, it's an update guys

Ok

New announcement, please wait 10 minutes #announcements

ok I see, 500 so definetely my browser is OK 🙂

#announcements 🙂

Hi so I tried to join RP:Metasploit just now and it seems (maybe because of the issues just now) it got bugged...
Looks like this now
Tried on Firefox on Win10 and Kali Live

The site as a whole is still being worked on from the maintenance period (#announcements) @raw shuttle

if you were to visit the room again when it's over it should sort itself out 🙂

Ah okay, I just saw someone saying something about it being live again...
Thanks, I'll ask again if it keeps not working 🙂

It's live but being a bit iffy 🙂 Sounds good!

Yea I noticed 😄

hehe yeah good point! 😂

Aight so the problem is still there... I can deploy and the "Join room" button isn't there, but I don't see any questions

Also, the room isn't listen in "My Rooms"

@raw shuttle control f5

Doesn't fix it :/

@raw shuttle Then wait like a minute and do it again

Aight
Just as additional info, the questions show up in a JSON response to GET https://tryhackme.com/api/tasks/rpmetasploit

That's happen when i tried dowload the configuration file using EU-VIP
@keen sparrow Regenerate your config file

Then wait a few seconds, and click then re-download

The problem is still there btw @eager fulcrum

@raw shuttle Leave and rejoin the room

Thanks, that fixed it
Didn't know I could leave rooms 😄

Hello, how do i get the student discount?

https://docs.tryhackme.com/docs/sales-billing/sales-billing-student

@serene fjord ^

thx

can i change the password of my machine

When you say "machine" - what do you mean exactly?

THM Kali VM or...?

kali machine. i leaked the password ip and name of the vm

ah

it isnt smart to do it onstream haha

Yes you can change it to whatever you like

where can i do that., need to be fast 😅

very easy to google

passwd although

thx bro

Sorry to ask again but next to the normal root access the rdp password can be changed also right?

the RDP password of a user is linked to the user's system password

so if you change a users system pass, their RDP will change too in this case

Perfect. so i hope i can use the machine onstream without leaking any other information which are important. sorry i am a beginner in this scene.

Yeah with no problems 🙂

Well you'll give out the IP address...

isn't exactly sensitive though

yea but that isnt the problem i think. without the login credentials.

is there an option to turn off the machine?

Pretty much - especially as you'll only have it for an hour. You can enumerate for kali boxes anyway aha

yes but no. You technically can but you shouldn't as you wouldn't be able to bring the box back up. It's one way street

yea true. so after stream i cant reset the machine

It's ephemeral just like any other instance you deploy 🙂

Once it expires it's as if it never existed.

You deploy again, you'll get a different IP and the vm will be brand new

(including the default passwords etc...)

thx.

Essentially don't store any files on there because if you were to come back the next day they're gone!

ok. so after the stream i terminate the machine and everything fine

if by "fine" you mean that whatever you had done on it doesn't exist after you terminate it - yes 🙂

yes that is perfect. everthing i leaked doesnt exists anymore

I mean, the IP address might end up assigned to another Kali VM eventually but

yeah all is good 🙂

thats not my problem anymore then haha

it's safe to hedge a bet

CTF100 Stage 3 Machine is not working

Terminate. Redeploy.

Did twice,still not working

And Regenerated VPN also and again same issue

Yeah

I have same problem with stage 3 vm

Hello??

It's worked for others

But there's nothing I can do

Is TryhackMe free?

I'm new

Please help me!

TMH Kali machine not initial

Is TryhackMe free?
@fluid quarry yes some rooms are

Thx

I have a problem creating a virtual machine

@tardy barn ??

Do tell

I cant create VM

Another day of problems ?

I can't run tumux room

@shy bough what do you mean?

tmux room machine is not for connecting, it’s just for scanning

yes i know but ...

and all the time since morning

right now I cant even log out

clear your browser cache

and try again

also using incognito mode can help

@tardy barn how so?
Gonna have to be slightly more specific I'm afraid 🙂

RIght now I Have to wait

for 3 min

🙂

but maybe You have a right, I will try run this page on another browser

ok, great it works 🙂

how exactly does this streak work? about 14 hours ago i solved my last task and the streak was at 1. now i log in and the streak is at 0. why is that? did a whole day pass in these 14 hours?

the last task probably counts as on previous day, if you solve a task now it should be 1/2

its 1 now after i solved a task

at what time is the server reset?

days are counted according to BTC from what I saw on the clientside scripts

whats btc?

Probably meant BST?

Or UTC

yeah bst, my bad

but timezones shouldnt matter here, dont they? if you solve a task and your streak is 1 then its not possible for the streak to be 0 just 14 hours later. because even if the reset was minutes after i solved the task, the next day still isnt over.

or am i missing something?

as i understand the streak, it resets to 0 if you have a full day without solving a task. so in the best case (if you solve the last task just before the day is over) it takes a bit more than 24 hours for the streak to reset to 0.

From the FAQs: "If the time between your last answered question and the current time is more than 24h, your streak is reset."

so, my last task is definitely not more than 24 hours ago

From the FAQs: "If the time between your last answered question and the current time is more than 24h, your streak is reset."
@shell lagoon Whats your THM username?

prrovoss

yes, but when i logged in half an hour ago it was 0

and 14 hours ago it was 1

Ahh actually

That works it out using server time

I think I know what the issue is

Please use your profile to check your streaks for now (https://tryhackme.com/p/prrovoss)

ok

Right, that bug has been fixed.

Thanks szy & James too

yo

my nmap freezes

and won't scan today

Why's that

What VPN server are you on?

Eu vip

But it-s okay now

Anyone using 2020.1b Kali and having network issues - IE that he doesn't seem to notice the connection from VMware?

Think it's a bug.

Did you use the OVA?

Don't use the OVA

I use the ISO form direct from the website, I don't like the VMware or Virtualbox created machines.

what's your adapter type set as?

Good question actually.

NAT

Although I've tried switching it but that doesn't seem to work either.

nat or bridged should be fine

Hi all!

I'm having some problems with the VPN access

TLS Error: Unroutable control packet received from [AF_INET]18.202.129.195:1194 (si=3 op=P_CONTROL_V1)

I turned off and turned on again many times, but the mistake continuous

some help?

Have you tried re-downloading a new ovpn file from the access page on THM?

No. I'm trying use the same file

I'll try this

I would also make sure that your date and time on your machine are up-to-date so if you can synchronise I'd do that too.

Any luck?

ok

I'll try the connection now

Has it worked?

I think so

Glad to hear it.

Thanks so much!

No problem.

Has it worked?
@naive dust I'm sorry, but it doesn't working

41 packets transmitted, 0 received, 100% packet loss, time 40948ms

The connection is unstable

And I'm losing my session

Do you think I need to change the server?

Is it intentional that the "https://tryhackme.com/room/metasploit" room be locked? It's on the web fundamentals path and I wanted to 100% it

@deep trellis I swear you said you'd replace this on the path?

I rebooted the machine and it looks like fine now

I am trying to get linux kali on my windows pc using virtualbox. This always happens.

An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Select and install software.

I am using the default options for this step. I have tried known solutions online.
does any1 know how to fix this?

Can i connect using TCP instead of UDP ?

@frank hawk I think we've answered this for you before, not yet.

not really

alright

@primal finch Thanks!

Looks good

I who give thanks

@brisk steeple message here

ok

I keep getting a segmentation fault whenever I run -script vuln with nmap

it is not connecting to the webserver

Ok, can you try switching the server?

it is not connecting to 10.10.7.11

Ok, can you try switching the server?

how @trim rapids

i am new

Go to the same page you downloaded the config from and use the server dropdown

what do i switch it to

@trim rapids

the alternative server for your contry

i am in the us

so do i switch to us west regular

Try a regenerated config first

i clicked regenirate

what next

Download it

so i redownload

yeah

ok i re downloaded

And now try it again

With the new file

ok

What changes do I need to make to the kali machine to be able to use hashcat?

Because of the OpenCL issue

Best bet is using john

That's the easy way

doing CC: Pentesting

@eager fulcrum

i m unable to do it with the new file

Please don't just tag me with no content

Type the message first

ok

Yeah and I mean he just posted, he's not going to have already left

@trim rapids Yeah you can crack those hashes in John instead

ok

Hashcat inside VMs isn't great

It's better when it has access to a GPU

I run it on Windows so I get nice perf

Unfortunate, hashcat is better for quick cracking since it's better optimized and you don't need to create a new file

huh?

Hashcat isn't better optimised if you can't get it to run

i tried with the new one

fair

still no luck

Hashcat is normally faster because it can use GPUs out of the box

John can be compiled to get OpenCL support but by default it's CPU

Tue May 12 16:24:42 2020 Initialization Sequence Completed

Post full output

sorry did not mean to put a file

That's connected

it is??

Discord does that for long messages

It is.

i will try to redeploy my machine

thanks for the help

To be fair that's the first thing you should've tried

And also checking if you can connect

And checking the port is open

And checking a lot of other things

have you tried using the webserver normally?

trying to enter 10.10.7.11

on my web browser

it says problem loading page

What room?

https://tryhackme.com/room/thecodcaper

thecodcaper

Did you deploy the VM?

Is the VM actually up?

It doesn't seem to be up

It might have expired.

how do i know

...

i am running this on kali

Did you do the beginner material?

where is it

Like the stuff you're forced to do before you access the site?

@vapid dawn You need to lock everyone into it. It doesn't work.

i beleive

i am not sure

This part of the page.

yes

If you don't have it, what on earth are you trying to connect to?

i deployed the machine

Ok

What does cross site request forgery attempt mean

@hollow basin Google CSRF

It's basically telling you something bad happened but the site stopped it

@brisk steeple well, it's not up

Damn I got hackef

@hollow basin No

this is what my page says

@brisk steeple Try using the correct IP address.

oh

no

Will help you a lot.

i am so dumb

Are you sure cod caper is the best choice right now?

i do not know

i do not have a subscription so i just want to try it out

https://tryhackme.com/room/completebeginner do this room.

ok

There's a lot of content that you can access without a subscription

So what can I do, ninja? I'm getting this on logging into tryhackme

@hollow basin Every time?

after i do that room i might start thinking about doing codcaper

Yes

@brisk steeple No, there's probably quite a few rooms you should do first

ok

cod caper expects you to be able to use linux very well

what rooms exactly

I would suggest just following the path

Paths are sub only

But do zthlinux

Then the RP and BP rooms

those are all free right

I just tryna log in not hack the website

@brisk steeple Yes.

okay

will check those out

do i do all the RP and BP rooms

so like the nmap and metasploit

I didn't specify a subset

ok

@hollow basin uhhh try incognito/private?

i will check out all of them

thanks for the hepl

I recommend using the search to find easy, free, walkthrough rooms

bye

Same thing on private

I'll just go to shodan and play around

Then

@hollow basin Clear cookies for thm and try again I guess

Same thing rip am sorry

You've hit a bug then

@deep trellis pls fix

Shodan time uwu

@eager fulcrum fix what sorry?

@deep trellis @hollow basin is getting CSRF attempt no matter what

Oh, weird.

@hollow basin have you tried using another browser?

It could be a plugin you're using?

And it's enabled in incognito mode too

Use an entirely different browser?

Is it possible to have ssl on the vpn connection?

udp causes an issue for me when transferring files between boxes, i.e. downloading linpeas.sh on victim box from my attacker box

@glossy cairn Huh?

it is already encrypted

Nope. I got in tho, same browser idk what changed

@eager fulcrum Hmm ok

sorry meant TCP

instead of UDP

🤦‍♂️

TCP VPN is coming soon

But I 100% doubt that that is your issue

Hmm ok

I had the same issue on HTB

where changing to TCP

in the vpn conf

resolved it

when im trying to download linpeas via wget or curl from victim machine, the transfer gets stuck at round 17%

and the transfer speed is really slow

Change VPN server

Bit confused with SQLMAP

nvm

I realised I hated SQLmap @trim rapids

Completely through me off when doing CC Pentesting.

SQLMap hates me

I don't hate it

SQLmap hates us all.

I figured out what I was doing wrong

I kept reading the content of a column as another column on accident

IP Address on Kali isn't showing anymore

Looks like it terminated

I'll terminate it and redeploy again

Decided to work now

hey, theres a problem on the "Ignite" room, at the last part when you get a reverse shell, the reverse shell won't take backspaces and interpretes them as "^?" and when i /bin/sh all characters are doubled, even those pasted,( s = ss, etc...), but it works out normal if i reverse shell from that reverse shell, so its just weird and wanted to point it out

That sounds like an issue with your shell

Rather than the room

i had restarted the room twice

Which supports my theory

ok

IP Address on Kali isn't showing anymore
@trim rapids I fixed this problem locally, the update will be pushed later this week

For now please terminate and then re-deploy.

Yeah it fixed after my 2nd redeployment

Are password lists (for uses in hydra/john etc) included on kali, or is there a good alternative source to find them?

/usr/share/wordlists on Kali 🙂

yep yep

remember to run gunzip on rockyou

sweet, appreciated guys!

Is there a VIP US East server?

@hidden plume Not at the moment

@hidden plume Not at the moment
@eager fulcrum Would be a cool feature! 😛 No problem tho, thanks for the reply!

@hidden plume It's been suggested so it's likely coming once there's enough demand for it

For now, the US server is likely to be faster than the VIP server

Are there VIP servers in general?

Can I

Can I use it?

VIP VPN servers yeah

Nice.

The VMs are still deployed on AWS, but you get more resources

Ew Amazon

It's like google, but they give you stuff in return for your money

Hey is something wrong with the env? I can’t ping any of the servers and I have the active VPN connection open.

And my target machines have been deployed for 17 minutes

@fickle pendant Sounds like your VPN isn't actually working

!vpn

!multibpn

!multivpn

hey

i can't connect to vpn

cuz the port is blocked in my country

help pls

..

@pearl barn There's nothing you can do at the moment other than tunnel your traffic elsewhere first or wait for TCP VPN to be enabled.

It's coming soon.

If you're a subscriber, you can use the TryHackMe kali box without the VPN to interact with the VMs you deploy.

okay

how much time i need to wait? like 1 month or what?

I don't know.

James, is it alright if I send him my Kali Machine for now?

I don't know

You'd be accepting responsibility for potentially illegal actions that they might take with it

Alright works for me

But yeah I don't know the policy

You're a moderator

There's a lot of users in Egypt that can't access THM

I moderate the discord

It's literally your job to know the policy

Not the site

ok

I have power here, over rooms I created and over rooms that are currently in review. That's all. I'd drop an email or tag Skidy to check.

There's a lot of users in Egypt that can't access THM
@eager fulcrum how did u know i'm from egypt?

Because there's about two countries that block openvpn

Egypt and China

oh

999 IQ

lol

If you're in China and on discord, you probably had a way around the great firewall already

i'm in egypt

Yeah, I guessed

Rest assured, we know quite a few people from Egypt want to access THM

And the admins would like to sort it, so that you're not blocked by your government.

alright bro

I've asked Ashu for a timeline so if you ask me tomorrow I might be able to give you some more info @pearl barn

(Ashu is one of the admins)

alright cool

i just need any another port

Just saw the message but I have removed the vpn file, changed servers and downloaded it again.
I shutdown any duplicate vpn tunnels along with removing processes that are of openvpn. I even shutdown my VM completely and still no luck

like 443 TCP

@pearl barn It's DPI IIRC so it needs to be TCP.

I have tcpdump running and I’m making pings echo to my target

But no response

@fickle pendant Imma be real with you. It's 5:27am

I'm about to head out for the night

Okay lol

If you ask again in like, 6-10 hours more mods and mentors will be around

You're in the dead spot where the brits aren't awake and the Americans are going to sleep

That's where you're wrong-

@trim rapids Ok just because I'm 8 hours out of phase with the sun

Nah you're fine, I'm just nocturnal

can i only join/access one room at a time if i am not a subscriber?

if you are new, you are required to complete beginner's room

after that you'll be able to join as many as you wish

yup i am new to tryhackme. On the dashboard i have 5/6 in the 'Getting Started' path but i can join Linux Challanges as im redirected to the subscribe page.

i am also running in the room rpmetasploit and theimpossiblechallange so i dont know if its blocking it

then you should be able to join as much rooms as you like

@safe nimbus Some rooms are free rooms, however others are subscriber only so unless you subscribe you will not be able to access them.

Once you've subscribed which I naturally recommend you can join as many rooms as you like as you will have full access to the website.

how do i know if a room is free or not without joining? i am however planning to subscribe

If you click into the room that you are wanting to access - where you see the tasks section come up it will mention there in brackets whether it's a subscription only room or a free room.

yes i noticed that on the other room i can access but i cant access 'Linux Challanges' because i am getting redirected to the subscription page.

Because it's subscription only, meaning you would need to subscribe to access it.

ok i see

hey im working on the learn linux section and im trying to ssh in the machine(linux terminal not using the window method). I typed the password letter for letter according to the directions and it keeps giving me permission denied. I even pasted the password, any else I should try?

copy-paste the password

I did

are you connected to VPN?

yes

!multivpn

maybe try this ^

access page states is all green and in my terminal i have the Initialization Sequence Completed

ok ill check it out thanks

could it be bc i have hack the box as well?

but i did name the files differently

Shouldn't make a difference (to my understanding) as long as you are connected to one at a time - you are using the correct OVPN file aren't you? 🙂

yes i just check the access page

and I have both green check marks

Which task and question number?

Just loading it up on my machine.

i got it i just reinstalled the certification and it seemed to work

wired

Hmm

but thanks for the help!

Glad it's worked anyway.. 🙂

👍

i can't connect to this machine i have tried every nmap command even -Pn but nothing

even i am connected to ovpn

Hi, you're not connected properly

yes i am

You see the error in your openVPN window saying file exists?

i used the openvpn and seen the access

page

it says connected

Don't trust the access page

You're connected multiple times, so things break

then what to do

!multivpn

ok]

Add sudo in front of the killall step

thanks let me chack this

thanks it worked

thanks a lot

Can we connect to the vpn on 2 machines at the same time ?

Nope @bold torrent it will cause each one to flick between being connected and not connected constantly

In turn making them both unusable 🙂

That's what i've juste experienced ^^

So maybe there is an other solution, in this time i'm not at home and don't have my VM, i wanted to use my macbook to browse boxes and ssh my VPS to use kali but of course this means i need 2 vpn connections at the same time, any ideas ?

Why would you need two VPN connections?

one for the mac os to browse boxes, and one for my vps ?

nvm, i just have to use thm's kali ^^'

You can VPN to your VPS using your own setup and then VPN from VPS to Kali

Wouldn't expect great performance in the slightest but...it's an option

You can use THM's Kali and run the VPN on your mac

ezpz

Yup, i'm gonna use THM's kali, better option, thanks !

@bold torrent I heartily recommend SSH although the in browser remote access is a lot better now

As of like, 20mins ago

ahaha, perfect timing ! 😁

I'll get a try on remote access, juste to see, but i prefer ssh anyway

So guys, can we use tcp on port 443 instead of udp for thr vpn or still under development? :D

It's still under development I'm afraid @restive anchor

Over a month ETA

Ill hang in there, then 😄

The other options are:
Tunnel your traffic elsewhere first
Hack from a VPS or something using the VPN
Use the THM subscriber kali, it's faster now

I'm unable to access the nmap website to install- anyone else have this issue?

@charred plinth Normally means your ISP is blocking it

Parental filters

Change your DNS servers, will get around most of them

ah okay

Thank you!

Hey, when I try to open a website of a machine the images don't load and I get these errormessages from the vpn. Any idea?

Regenerate config

Fixed the errors, but images still don't load

See why not.

Inspect element, trace it

Can't really tell what could cause this, but even when I try to wget a image it just gets stuck at 55%

@trim rapids Can you not?

!multivpn Check that @fading sun

Sorry

@trim rapids That command is useless without --no-preserve-root, also the asterisk is useless in this case.
-r is the one that enables recursive mode

are you critiquing my joke

Yes

cool, i respect critics

Still not working

I am not even getting a respone anymore. @eager fulcrum

same with curl

You're a subscriber, just use the Kali box

@fading sun Did the VM expire?

Nope, it's still up

You're a subscriber, just use the Kali box
That's my last fallback, since my VM is way more responsive than the web box

@fading sun The web box got faster earlier today

Still, i'd prefer my own box

It looks like VPn issues

Swap servers

You're a sub, you can use the VIP server

I am using the vip server. I am having this issue now for quite some time

Then switch to a different server

Still the same problem, with not getting a repsone

@deep trellis Can you help investigate? Nothing more I can do here

Still the same problem, with not getting a repsone
@fading sun So after a set amount of time, no matter which VPN server you've switched to, machines don't become accessable?

it does, but my vm doesn't get a response from the server when requesting images

Oh right, so no images on the JuiceShop VM show?

it's on all boxes. I just can't get any images.

That is a problem I don't think I've ever heard.

Are you using a Kali VM?

yeah. Already tried vmware and virtualbox.
Also I disabled the AV of my host machine

I don't think its anything to do with your config file.

I think its something to do with your host machine.

any idea what could cause this

None at all.

Sorry I know that isn't much help

Send over your config file (private DM#), and I can see if it is a weird bug with us.

sent you a friend request. It's just weird since I don't have any problems with other VPNs

I also tried the vpn on my host machine, and it didn't work there aswell

installed metasploit and I'm getting constant windows security notifications- assuming this is normal?

@charred plinth Don't hack from windows

Every payload that metasploit has is likely to get picked up by Windows defender

that'd explain it

Make a Kali virtual machine

@eager fulcrum Is Mac OS suitable?

Aside from personal opinions

Windows and MacOS can be used

But kali has all the tools easily available

Kali/parrot

Hm ok, thank you.

heya, does anyone here have a clean .bashrc file for kali.1b ? I have accidentally overwritten mine to oblivion

@signal rune /etc/skel probably?

Hi - No doubt asked before but I can't seem to ssh to server. In the Linux room at the moment. Completed all my into tests and ssh'd to the 2020 buit with no issues but when I try to do it in the room after the system has booted up, it won't accept the root and Tryh4ckm3 password. My openvpn is confirmed as up. Any help or ideas is appreciated.

@ornate linden Those credentials aren't valid on other rooms

They are only valid for the kali room

Keep reading in the Learn Linux room. Maybe go back to the start too @ornate linden

@eager fulcrum Thank you. I went straight to the Linux SSH piece uot expecting the Windows Putty piece to actaully have the username and password. My bad! Thanks for the pointers.

root@kali:~# nmap -script vuln -p 1-8080 10.10.98.163
Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-13 20:37 UTC
Segmentation fault

@eager fulcrum oh cool, thx!

@eager fulcrum I finally fixed it. The MTU was missconfigured in the config.
I'd recommend that you add that to the troubleshooting/FAQ section on the access page
https://www.sonassi.com/help/troubleshooting/setting-correct-mtu-for-openvpn

@deep trellis @vapid dawn This could be the cause of a lot of the weirdness on the VPN recently

this also sped up the vpn big time

ah thanks for sending this through - will take a look at it :))

 PS >  . .\PowerUp.ps1
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:146 char:19
 ERROR: +               Sign up
ERROR: +                   ~
ERROR: The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an ampersand in double
ERROR: quotation marks ("&") to pass it as part of a string.
ERROR:
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:173 char:190
ERROR: + ... ures">Features <span class="Bump-link-symbol float-right text-normal text-gray-l ...
ERROR: +                    ~
ERROR: The '<' operator is reserved for future use.
ERROR:
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:173 char:261
ERROR: + ... xt-gray-light">&rarr;</span></a>
ERROR: +                    ~
ERROR: The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an ampersand in double
ERROR: quotation marks ("&") to pass it as part of a string.
ERROR:
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:186 char:255
ERROR: + ... stomer stories <span class="Bump-link-symbol float-right text-normal text-gray-l ...
ERROR: +                    ~
ERROR: The '<' operator is reserved for future use.
ERROR:
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:186 char:326
ERROR: + ... xt-gray-light">&rarr;</span></a></li>
ERROR: +                    ~
ERROR: The ampersand (&) character is not allowed. The & operator is reserved for future use; wrap an ampersand in double
ERROR: quotation marks ("&") to pass it as part of a string.
ERROR:
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:187 char:231
ERROR: + ... rity">Security <span class="Bump-link-symbol float-right text-normal text-gray-l ...
ERROR: +                    ~
ERROR: The '<' operator is reserved for future use.
ERROR:
ERROR: At C:\Users\bill\Desktop\PowerUp.ps1:187 char:302
ERROR: + ... xt-gray-light">&rarr;</span></a></li>

In Steel Mountain

@trim rapids Looks like you downloaded the html not the actual contents of PowerUp.ps1

ope

i just copied the link that was on the room and wget'd it

I can see the HTML from the file....

Download the file properly

yes to be fair im blind

yes to be fair im blind
@trim rapids Can't help you there, might I suggest visiting a ophthalmologist? 😛

You're fun.

facing issue with the subscription..

Hello guys, I have a issue after installing anaconda, I have install the spyder package, run it and made a script the script just have the function and some while loops, then the pc freeze up, I try to reboot and when I try to login into the user I got a full black screen like if the pc were off, but is on, I hear the fan, I proceed to reboot again and try to login as root and I can see the desktop, but in the other user I cant, I try to search on google but I cant find an answer

root@kali:~# cherrytree Journal.ctz
/usr/lib/python2.7/dist-packages/gtk-2.0/gtk/__init__.py:57: GtkWarning: could not open display
  warnings.warn(str(e), _gtk.Warning)
/usr/share/cherrytree/modules/core.py:66: Warning: invalid (NULL) pointer instance
  self.window = gtk.Window()
/usr/share/cherrytree/modules/core.py:66: Warning: g_signal_connect_data: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed
  self.window = gtk.Window()
/usr/share/cherrytree/modules/clipboard.py:93: GtkWarning: IA__gtk_clipboard_get_for_display: assertion 'display != NULL' failed
  self.clipboard = gtk.clipboard_get()
missing /root/.config/cherrytree/config.cfg
/usr/share/cherrytree/modules/core.py:111: Warning: invalid (NULL) pointer instance
  vbox_main.pack_start(self.ui.get_widget("/MenuBar"), False, False)
/usr/share/cherrytree/modules/core.py:111: Warning: g_signal_connect_data: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed
  vbox_main.pack_start(self.ui.get_widget("/MenuBar"), False, False)

There's a lot more

@tepid urchin #room-help

Anyone can help me with the Kali machine room? I cannot login, keeps saying bad credentials.

@clear swan Do you have a Remote TryHackMe login dialog?

Yes

What credetials should i use there?

Terminate and redeploy

You're not meant to see that screen, it's a bug

I've done that a couple of times now, should i keep doing it untill i skip that part? Cause i've used the machine before.

@deep trellis remote tryhackme bug again

I summoned Skidy for you

Should be able to sort it pretty quick

Skidy has been summoned ;)

Thanks man

all I can suggest now is termiante, wait and re-deploy.

My push will fix a lot of these issues

But the THM codebase push isn't happening until tonight/tomorrow afternoon

Read only fridays are a myth when you work 24/7

@deep trellis Also, please keep us updated on what's coming and what's been added with the push!

All good, i ll use my own Kali machine, just that i thought im dumb enough not to use the credentials right. Anyway, thanks for answer

Changelog is valuable

yes please

@deep trellis Also, please keep us updated on what's coming and what's been added with the push!
Yeah I need to add more to it. I've updated it a bit, but need to add all other things I've done

Need to make a habit of updating it more

I feel like we only visibly see a tiny proportion of the work you do so it'll be real nice to see it in the spotlight

like the small (but imporant) QoL's sorta thing yknow

Btw, the bug seems to happen only on the 2018 version of kali. 2020 works fine.

And after i started the 2020 version, then swapped to 2018 its working. Maybe coincidence tho.

Yeah I need to add more to it. I've updated it a bit, but need to add all other things I've done
yeah, from now I'll try to keep it as updated as much as possible:)

What virtual machine software do you guys recommend?

I have virtualbox installed atm but if there’s a better one I’ll use that

There's not better free stuff

@charred plinth I'd recommend VMware Workstation 15 Player. But in the end, it comes down to preference.

Hi All!
For the sqli room (https://tryhackme.com/room/sqli) should there be only one question at first then we unlock more of them?
I'm only seeing question #1 after the deploy button.

@gaunt heart No, this is not a challenge. It's a lab.

It's for you to mess about and practice

Ah ok, got it. Will do

Thanks!

Oh ok

Well free points for me

@trim rapids ??

Hey, 30 free points isn't that bad

@trim rapids ???

????

Questions that don't require an answer give no points

Rooms that are classes as a walkthrough give 8pts per question

What? How did people have 30 points on the scoreboard?

because it didn't used to be like that

oh ok that makes sense

Hi guys, I've been solving tasks from rooms since couple of days but today my streak meter went down to 0 and back to 1 when I solved challenge. I guess there is something wrong with it or I understand it incorrectly.

That's my activity from the profile.

@deep trellis plz, streaks are buggy as hell

How are events measured?

I have 146 in one day

@trim rapids

wh

146 in one day? jesus

146 in one day? jesus
huh