#site-support

Hmmm - when using attackbox as VIP I have internet access, however when using OpenVPN on my VM (connected to VIP VPN Gateway) I do not have internet access on my VM.

Is this intended? I was trying to get my VM configured with all the tools that I'm using as I go through each room.

Dropping the VPN and losing some progress / having to re-establish shells seems a bit inconvenient --- unless I'm just being dumb and I should have internet access /shrug?

what would be best practice for running the .ovpn file ? Just sudo or could i create a user to run it

Someone more experienced feel free to correct me, but @calm lodge I would imagine that creating a specific user would add more attack surface whereas just using sudo is a single instance auth that you are providing and probably carries reduced risk, imo.

If you're running a recent release of Kali (and probably other Debian based versions @calm lodge, you can also add it to your Network Connection Dropdown list in the taskbar (or whatever it is called in linux) - so you just click the NIC icon and select VPNs and select which VPN you want to use.

mmm, i'm running Arch. I might try to use a Kali vm in the future

thanks for the replies

np

if you select that dropdown - all the way at the bottom there's an option to "import configuration file" --- that is the option you want. Not the openvpn option.

and then you just import your .ovpn file

Yeah i've done simillar thing before ! Thanks @bright imp

ok cool cool np!

My silly bum couldn't figure out why selecting OpenVPN option wasn't working for me x'D

well... i did eventually

Nobody can help my fix this issue ?

looks like you don't have a TUN interface...

so no VPN tunnel

so no VPN

when do you get that output?

looking at your previous posts - did you make sure you were running w/ sudo?

yes i answer

you said you're root user -- but your prompt still ends with '$'

if you prefaced the command w/ sudo, idk what the issue is

yes that's the same (it was an other pic)

what distro you running?

kali wsl2

I don't know enough about the networking options using WSL2

ok thanks

If you can't get that to work I'd suggest just using Oracle VirtualBox - it's free and works fine for me

looks like you're hunting the impossible at the moment

https://www.google.com/search?q=openvpn+on+wsl2+no+TUN+interface&oq=openvpn+on+wsl2+no+TUN+interface

yes i saw it but still hope XD Thanks a lot, i will effectivly return on vmware pro that's work fine XD

Another issue with one of the machines I've encountered is in the Network services room

when searching for the profiles share, nothing is found

also tried using a script for anonymous logins and none found

I just did that room and made it through alright - you're talking about the SMB enumeration?

yes

What happened when you did that step?

profile not found

what's the IP of the target machine? I'll see if I can hit it

Or Paste the command you used to try and access that share please - @sterile halo

Waiting for user to respond, but I just completed this room and had no issues - probably not an issue for tech-support && user is unresponsive. Recommend trying #room-hints or #room-help

reloading the room but it seems very slow

ello ello

i have a problem

i am currently doing owasp top 10

i tried to open a database file

and i keep getting this error

Unable to open database "webapp.db": file is encrypted or is not a database

im running parrot os

mate

i don't recall having that problem, strange

This channel is for VPN/Site related issues, please move to #room-help. Provide screenshots etc if u can also, to make diagnosing the problem easier.

oh ok

Hello, I have a question for task 6 under MAL: Malware Introductory. The button "Access in Browser" keeps opening a new window saying "blocked". Also, I can't connect to the deployed box using the RDP and the given IP address

Hi, who might I speak to for issues uploading a vm as material? AFAIK I've met all the pre-requisites, converted it to an .ova and it's a 64-bit 18.04 machine, ~3.5gb in size. Thanks

Fails during conversion, I might add.

Email support most likely

!email

Thanks.

is that normal?

its from cloudflare

Help my streak didn't update for today 25/01/2021 today should be my 7th day unless i have started to early.?

In the Sysinternals room are you only supposed to interact with the vm via the browser?

No creds are given for RDP

The room is designed to use the attached VM

Its not working for me, I get a white square and clicking on the Access in browser button redirtects to :

Hi I am very new to this. I am doing task to on learning linux and I cannot ssh into the room. I have followed instructions but I always get this ssh: connect to host 10.10.38.220 port 22: Connection timed out

It does not ask me for password or username

ssh username@10.10.38.220

Can I remove my token from this account?

Are you connected to the thm vpn?

Thanks. But I have done exactly that and it does not work. I have active machine in the room so I am not sure where is the problem

aah no. That is probably it. Thanks!

Disable extensions you may use

Someone help

Only mods can remove tokens

How can I contact them

@graceful garden You able to remove avio’s token?

Sure - @naive dust Why do you want the account unlinked?

I want to add the token that I have in this discord account to another discord account

Rightio

!tokenremove 656849932023627779

Done, no more entry with UID "656849932023627779".

Thanks

this error is always showing when I try to connect

You need to space the command and argument

Should be smbclient //ip/ ... rest of command

Hi. Is HackPark down?

Can't seem to access it via the openvpn.

As you don't share instances for rooms, they cannot be down as such

How are you trying to verify that it's up?

Thanks @eager fulcrum for the quick reply. I pinged it. And, it didn't reply.

It's a windows machine

Out of the box, the windows firewall blocks pings

O, okay.

You won't get replies

It's related to zoned firewalls and stuff, it's weird and kind of a pain

So, when I do a nmap recon, should I be using -Pn

?

So, is it still possible to port scan the machine? @eager fulcrum

Yes

Nmap even suggests -Pn if it doesn't respond to pings

Just make sure it's had 5ish mins to boot as Windows machines take a while

O, I see.

Thanks. 😄

Yeah, I haven't waited for those 5 mins.

Cheers!

Hey sorry was AFK - and I'm not staff lol, but wanted to make sure you saw @wind wedge's reply since you pinged me about it 😉

In that error, your shell (bash) was basically telling you:You typed something that isn't a command because you needed a space between smbclient and //<ipaddress/profiles

...that said, the error is clearly because you didn't pipe it through lolcat when you were done - like so: <command> |/usr/games/lolcat

I still cant access the in browser VM on Sysinternals room. Any advice?

Hi, how can I change my user name?

I mean, not my name, but the alias

email support@tryhackme.com

Thank you. Is that necessary? Can't I just change it myself?

what so you mean by alias?

Yeah, the username. I wanted to clarify because the real name (John smith) can be changed easily but the username (3vilTwin666Hack3r4life) don't

gotcha. yeah, your username cant be changed but if you email support they might be able to do it for you.

I understand. Thanks a lot! I made mine randomly not knowing I would really dive into their activities and community ;)

youre welcome 🙂. im glad youve stuck around!

I still have not received any support, it has been more than 3 weeks now

Please send a follow up email.

Hi, I'm having trouble connecting to the THM VPN, again. Can You help me?

Can you screenshot your VPN output please

same problem on the 2 EU servers and East US

What command are you using?

openvpn Myname.ovpn

same as usually

strange, now suddenly it started working

Do I have to wait some time to connect after changing servers /regenerating the config file?

Are you running as root?

And yes, the recommended time frame for regenerate is waiting 2 minutes.

Ok, here is my mistake (impatience)! Thx.
Now back to OWASP TOP10 🙂

Are you running as root though?

no

in Kali never!

That is your issue

You should run the OpenVPN command as root, the error is because OpenVPN does not have the permissions to open what it needs to. sudo openvpn [filename].ovpn

ok, thanks

i am trying to put the ip in the adress bar on firefox but it automatically puts as https and i cant connect to the webstie, i deactivate url autofill but still doesnt work..any fix ?

Type http://[ip]

If you specify that it needs to be http firefox usually does not update it

Also the web server might be running on a different port, if its a task check if its running on a different port or scan maybe

Hi, I am having trouble using OpenVPN to connect

the last line of output reads: "Initialization sequence completeD", but it hands and doesn't return to the command line

it hangs*

@brave coral it is not meant to return to the command line, that means it’s working fine. Do not close that terminal window, open a new one and continue with whatever you were doing

@bronze vale gotcha, thanks

Hello all, newb here, is it better to use the AttackBox or Kali Linux on THM's complete beginner pathway?

AttackBox if you're using TryHackMe's VMs, Kali if you are using your on Virtual Machine. It is preference although, try them both. One thing to note is that Kali is no longer supported by TryHackMe so it will not be updated (iirc)

Ah ok thanks mate

I've connected to the OpenVPN and have deployed the attackbox, and am told to copy the IP of the machine into the AttackBox machine's Firefox. However, when I do so, it comes up with an error page

Screenshot?

Also

If you are using the AttackBox in the browser, you do not need the VPN

The VPN is only for using your own machine, it allows you to connect to the network and exploit the machines on the network.

Ah ok thanks

You have pressed the deploy button, correct?

Yeh

And the little header has popped up with the IP Address?

Uh yeah I believe so

Because it looks like you are trying to input the AttackBox's IP into the browser

Oh I see

How do I find out what IP to input

ohhhhhhh i see...I feel like a right pillock lol

It's fine, you are learning :) A lot of people get stuck on this.

Thanks man

someone help please

There's a fix pinned

I am uploading a Windows Server 2019 machine but its showing an error converting VM check prerequisites

The .ova file is 5.43 GB

Did you check the prerequisites?

Yah Any Microsoft, Windows x64

That's not the AWS ones, but ok

What ¿?

https://docs.aws.amazon.com/vm-import/latest/userguide/vmie_prereqs.html

This list

That's teh list you need to follow

This is actually my 1st time uploading windows

Doesn't change the fact you need to follow those pre-reqs

@pure yew You've installed it on UEFI

They need to be BIOS

Oww no

My 1 month wasted

This is why we read the prerequisites

😫

I saw the tryhackme site which reads Any Windows x64

@deep trellis might be an idea to specify the BIOS requirement for Windows boxes on the uploads page?

Is there any way to convert UEFI VM to BIOS legacy boot

Or a link to the prereqs IMO

Doesn’t it specify on that requirements page to see a full list of restrictions look at the AWS docs?

It does, but apparently people can't be arsed reading them

completely remake it

Nope, unfortunately not

It does not.

Oops -- could have sworn it did. Maybe add those in as well

Also a bunch of missing spaces rip

Might be in the room creation docs that I saw it then

Yeah, it's definitely linked somewhere

Yep, I made sure it was there

Hi @bronze vale Could you please tell me to which email should I send my support request? I just want to be sure to be sending on right address so thatI can get assistance asap.

!enail

!email

Fixing now

Will add these in too

Thanks Skidy!

The link to the AWS page is the best resource for it IMO.

Also specifying that 1804 desktop doesn't work

AWS lists 1804 which leads to confusion

doesn't amazon support ubuntu 20.04 LTS these days?

ah looks like the import might not...too bad

Yep, it's frustrating

CentOS was one of the better options and we all know how that went

This is probably a ridiculous question but how do I change my country? For some reason it is set to Romania.

http://tryhackme.com/update-timezone

Blackout

Why isn’t the link secure

Err no idea

I just took it from the closest link in the search bar

http bad

the update timezone link takes me to my dashboard unfortunately

It automatically updates it

Oh gotchya thanks

Hey, have you experienced that gobuster kills a box if you use one of the larger wordlists?

hey i keep getting the message of i dont have php installed for blackeye can somone please help would mean a lot

please note: vm in "Windows Event Logs" is close to unusable. after starting it takes aroud 20min (so far) until you can use it - 100% cpu load (1vcpu,1gbmemory). Maybe any option to expand ressource for followers.

hey can anyone help me with a error in kali im getting thanks alex

This channel is for directly tryhackme related support. I'd recommend asking in #infosec-general

alternative: open the attackbox in another tab, full expand -> copy&paste possible too | my way

I don't know what's happening, but I'm doing relevant and it works for like 3 minutes before it stops working. Then I can't see the website anymore, nor seeing anything with nmap. SMB stops connecting too. Any clues ?

If i restart the machine it works again for like 3 minutes before going back to not working.

!vpnscript

Thanks!

That worked

Resolved (: zthlinux is depreciated now but not quite sure how a metasploit banner ended up there.

Also, @barren birch writeup approved (:

cc @eager fulcrum

Yay, now go back to sleep cmn!

You're a fine one to talk 😛

Hello everyone. I’m planning on getting a Raspberry Pi 4 mainly to do these challenges on Tryhackme. I’m gonna install Kali linux on it. I’m wondering if the 4gb of RAM enough for these challenges or will it be too slow. I want to be able to have a few tabs open of Firefox and then also run the programs needed for that room/challenge. If you guys think I need the 8gb let me know if not I was gonna try the 4gb one.

erm

is your main pc inadequate or something

No it’s perfectly fine. I am just tired of running kali on a VM. But If that’s easier anyways then it’s ok

Hey sorry for the delay on where this still seems to be unresolved. Only the room creator or site admins can approve writeups. You can quite imagine the amount of writups some rooms get (and the fact that some the creators are no longer active)

If you shoot me your THM Username and the rooms you submitted some into -- I'll take a look at how old & compatible (in following the guidelines) they are and go through them when (hopeful huh) I get the chance (:

imho the 4GB would be okay! You might start to struggle if you need to start RE'ing things, password cracking and the likes...but otherwise, the specs sound reasonable to me and I've heard good experiences with people using the Pi as their pentesting environment (:

Although just for future reference (so that your question doesn't get burried here and lost) this is probably better placed in somewhere such as #infosec-general (:

Ok thanks!

Ok cool. I’ll post it there next time

Appreciate it (:

Not to be that guy but y'know #site-support can get pretty hectic at the best of times so (:

Lemme know if you get the chance on how you find using the Pi although!

I'm quite keen on setting up at least something remotely infosec-related on my one so 😄

I already have the 3b+ but it’s kind of awful to use because it either has .5 or 1 gig of ram and it’s just so slow

Hey everyone, Is alacritty not a supported terminal ? I keep getting "terminal is not functional" error messages and i can't use clear or Ctrl + L

┌─[✗]─[root@alex]─[/home/alex/Desktop]
└──╼ #pip uninstall paramiko
Found existing installation: paramiko 2.7.1
Not uninstalling paramiko at /usr/lib/python3/dist-packages, outside environment /usr
Can't uninstall 'paramiko'. No files were found to uninstall.
┌─[root@alex]─[/home/alex/Desktop]
└──╼ #pip install paramiko
Requirement already satisfied: paramiko in /usr/lib/python3/dist-packages (2.7.1)

does anyone know what's wrong?

Have you tried pip3?

yes

exact same result

Hi, I have an issue with certificates. I complete beginner path and the certificate is issued to my user instead of real name or both. Anyone knows how to solve this?

Add your full name onto your profile then email support with the certificates that have the wrong names

exactly what I did. It is true that at the beginning I didn't fill that field. Thank you.

Does the attackbox hace an RDP already on it?

*Have

might have remmina on it

Hello I need help about MAC filtering

Yup! It has remmina on it -- but you can RDP into the AttackBox itself as well (:

I usually rdp directly into the target from Windows...

Hello all,
Can you please help me?
I want to share my badge Webbed

If you go to profile > public profile underneath you will see share room badges

Hey @naive dust

#general

Found it!

Thank you all 🙂

Does anyone see check box for the rooms in learning paths ?

Earlier it was there before 1 month i guess

It's intended for the moment

oh

When it get enabled

?

Not too sure but shouldn't be long

okay thanks

Hey, I am having a cipher issue while trying to connect with the openvpn?

How can I solve that issue?

Screenshot.

┌──(kali㉿kali)-[~]
└─$ sudo openvpn Downloads/0xMahdi.ovpn
2021-01-26 22:54:21 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-01-26 22:54:21 OpenVPN 2.5.0 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Oct 28 2020
2021-01-26 22:54:21 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10
2021-01-26 22:54:21 OpenSSL: error:0909006C:PEM routines:get_name:no start line
2021-01-26 22:54:21 OpenSSL: error:140AD009:SSL routines:SSL_CTX_use_certificate_file:PEM lib
2021-01-26 22:54:21 Cannot load inline certificate file
2021-01-26 22:54:21 Exiting due to fatal error

This is what it is showing!

@deep trellis I believe you said to ping you when people get this now?

The error is at the end

Try regenerating your configuration on the site and wait 60 seconds

Then download the config again.

If I choose a learning path from the thm page all the rooms I did complete are not marked ready. If I choose modules instead they are marked as ready. Is this a bug?

No. It's intended. It is because there's a code change coming and it makes it much easier for the devs.

I have tried regenerating the config file 3 times

But its not working

Ok. Then be patient. I've pinged skidy.

@eager fulcrum thanks for the feedback

@deep trellis Need your help!!

I already pinged skidy once.

That is not being patient.

Being patient is waiting.

Hi there,
Would you mind regenerating your config and trying again?

Ninja already suggested it

Ah actually you have 3 times it seems.

What VPN server is this for?

(Thanks James for the ping, will investigate once I have more info)

Unable to start up an attack box, is this a known issue?

Can you elaborate, how do you know it’s not starting?

I have a dude with one activity in tryhackme with metasploit in can say in this Channel?

Hi! a short stupid question: How can i page through metasploit/meterpreter output? no pipe to less i think 😉

replace NUMBER FROM PREVIOUS QUESTION with the number in col #

@severe roost You are meant to fill the commands, not just copy and paste.

should be 6 if i remember correct

Yes but im from Spain and o don't understand very well

What number?

I'm clicking start attackbox and nothing is happening, left it for 10 mins still nothing, tried relogging and still nothing

@severe roost it's the number in front of the needed exploid. which task ? Move that shell?

Yes

I don't say a number in #

it's a little confusing. you had to search for the exploit multi/handler. correct?

this exploit has the number 6. after that it was asked for the column name '#'

try enlarging your terminal sideways till the rows line up if possible, if not just look directly underneath the colum titled "#", which is what the question is asking you to do

but now you need to use the number from the
the question before the previous question: 6

like said. its confusing because there was no question asking you for 6

i'm in the same room at the moment and need to know to to page the meterpreter help to read all commands. can't scroll

You don't need to use multi/handler at all. @low pendant

Do not select multi handler seeing as you don't need it and you just swap back afterwards

Changing module also clears your options

@eager fulcrum correct. i thinks it's only to teach the payload option. i'm now on the machine via icestorm exploit, but cannot see the upper part oh the meterpreter help. cannot scroll up

i thinks it's only to teach the payload option. not really

Setting the payload option is meant to be done with icecast selected afterwards, it's just all a bit of a mess because metasploit keeps changing

is payload a required option for the icestorm exploit?

thought LHOST and RHOST are enough 😦

There is one set by default

Ports are preselectet

ah ok! thx! have to learn a lot more

The issue is metasploit changed that default

You used to need to use shell_to_meterpreter to get a meterpreter (that might have been blue?)

yes

changed in msf 6?

It was changed in 5

6 broke more things and did more changes

Metasploit, at least over 2019/2020 was not overly stable

yeah I think I was following a walkthrough room at some stage and it said to upgrade the shell to meterpreter but the newer version of metasploit had done it automatically, skipping one of the likely trickier steps

and it may have been icecast

it didn't upgrade it automatically

It changed the default payload from a plain shell to a meterpreter payload.

sorry, yes, correct

ok that's clear now. but how to page the help output?

do you mean like less?

yes

I think, less still works

via pipe?

i'll test myself now

tested with: help | less

as result i get the first page of help followed by the prompt

no scrolling 😦

no scrollbar in terminal and cursor keys scroll the history

actually i don't see it, how, but i can scroll in terminal

hmm. maybe because i run kali as vm on mac 😦

i'm not sure the host platform would matter but maybe o.O, you could use tmux and vim keys to scroll up or defaults too

That won't matter, as it's a VM

mac keyboard an linux vm is sometimes strange 😄

yeah I can't see a method to page the output

mac is linux kinda anyway

not sure i get it lol

to be honest, mac os is a darwin kernel, not linux, but same ancestors 😄

Thanks! Can I DM my username if thats alright?

White rules? Our High School has two separate wireless connections. One for teachers and one for students. I can access TryHackMe.Com and successfully start the Kali AttackBox. However, my students can not. When the Attackbox attempts to launch they get a "Can not connect to server". Our schools network admin says he needs the Whitelist for it. Can someone help me?

tryhackme.tech is the remote access stuff

If you get them to whitelist *.tryhackme.tech it should work?

Thank you.. I will pass that info along to them and see what happens.

Had a few issues now when trying to do VIP rooms from VPN connection --- site keeps trying to reach out to external sources and that is delaying / crashing the load of the room. Is there a route I need to put in to allow my computer external access from the VPN or could the external content from these room just be pulled please?

This is an issue on your end

This is task 20 of the OWASP Top10 room.

Ok Thank you @eager fulcrum

The THM VPN DOES NOT interfere with the loading of those resources

It's nothing to do with subscriber rooms or not

If you're using the Kali VPN manager, then stop doing that

It adds bad routes that break your internet access

Ahhh... yah that's probably it - thanks so much!!!

Yup - that fixed it - appreciated. Clearly not necessary, but any idea why the kali vpn manager adds bad routes? @eager fulcrum

Because it's broken

makes sense

I am trying to connect with tryhackme through openvpn!

Yes

In the dropdown, what VPN server do you have selected? @naive dust

I have selected the Linux OS

Ok, let me ask again more clearly

On https://tryhackme.com/access this page

What shows in this box?

Do you understand the question?

@naive dust

Yes

I was actually trying to connect through the other way

Your issue was with the VPN.

That's the issue Skidy is asking about

No.

I am using eu regular 2

But its not working

Ok, that was the answer Skidy was asking for

@deep trellis EU regular 2

The problem is fixed now

I changed the server to EU Regular 1 and its fixed

Thanks @eager fulcrum @deep trellis

im trying to SSH into the machine in activedirectorybasics room, i am putting the right domain and username@IP address that i deploy, it asks me for password, i put it in EXACT and it says im wrong, NO IM NOT im typing exactly as the room says, room is bugged

wait, did you connect to thm via openvpn.

i connected and can ping, besides if i didnt the ssh would not work and wouldnt get to the password prompt

oh

why do I always get this message when running the ms17_010 exploit

[] 10.10.82.107:445 - Sending all but last fragment of exploit packet
[] 10.10.82.107:445 - Starting non-paged pool grooming
[+] 10.10.82.107:445 - Sending SMBv2 buffers
[+] 10.10.82.107:445 - Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
[] 10.10.82.107:445 - Sending final SMBv2 buffers.
[] 10.10.82.107:445 - Sending last fragment of exploit packet!
[] 10.10.82.107:445 - Receiving response from exploit packet
[+] 10.10.82.107:445 - ETERNALBLUE overwrite completed successfully (0xC000000D)!
[] 10.10.82.107:445 - Sending egg to corrupted connection.
[*] 10.10.82.107:445 - Triggering free of corrupted buffer.
[-] 10.10.82.107:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 10.10.82.107:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 10.10.82.107:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

i have tried reinstalling metasploit

same result

idk

why it does that

good evening. has anyone seen the issue where rooms inside a learning path don't show completed like they used to? this started happening in the past couple weeks

HI I'm new here and getting this issue

in first ever machine 405 in attackbox

even in physical machine via onevpn

My sign-up page did not load the captcha, how to fix this problem?

Refresh your page, your screenshot does not show the whole page although.

Do you have any chrome extensions?

i have closed all extensions

Please advise

Use a diff browser

Try Edge or Firefox

Ur antivirus might hav messed up with some source

edge is the same with chrome

502 bad gateaway

and i used safri on iphone failed too

Probably because your options are wrong

This is on the /room/learncyberin25days task 2

use a different method

Please only provide accurate help @north shuttle

discord mod

Means you're using something like GET when it wants something like POST look up http methods

c

@pulsar zodiac @stray cove More specifically, you're using the wrong IP here

You're using the IP of the attackbox, rather than the target machine that you deployed.

this is probably also true

hard to diagnose with the lack of proper information

I've seen it before, very regularly

https://tenor.com/view/star-trek-patrick-stewart-captain-jean-luc-picard-face-palm-disappointed-gif-4780258

Yep, you used the IP from somewhere else though.

yeah that's not a valid ip address

they didn't put in x.x

no lol

im not THAT dumb

oh I hope not

They only issue is using the attackbox's IP

you'd be surprised though

when you deploy the VM you'll get a target ip

that^

I just noticed the is a loading bar where that is but its on 1%

That's not a loading bar

That's a room progress bar

oh XD

ok its on IP show timer now thanks

But I think i have to wait 33 mins now

No.

quick question, how do you git clone repos into the attackbox? I can't seem to connect to github download some of the files I need for privesc

If you're a free user, you don't have internet access

:(((

rdp connection for https://tryhackme.com/room/intro2windows just doesn't work for me, and I even tried to make a connection using attackbox

I've tried remmina, xfreerdp, rdesktop but no luck 😦

is the vpn connected?

are you connecting to the right server?

is the server deployed?

anyone know how to fix the issue with eternalblue on the blue machine?

other than resetting the machine

because i've done that about 10 times now

#room-help

yes X 3 times

Can you scan the machine with nmap?

Ya I ran the nmap scan, required ports are up

I'm even getting the certificate confirmation

Send screenshot of your remmina options

Lemme do it all from scratch, and send it

Give me 2 min

It's very odd but I just regenerated a new vpn file, and it ran.

Thanks for responding back though! @civic lodge @stray cove

that can do it, there was a recent fix

Ya i think so

they mailed us about it but I just forgot to do it

Is it normal I didn't receive feedback from support email?

If you have emailed and they have no responded within 1 week, please send a follow up email.

From other sites, I usually receive an automatic response like "Hey, got it! We'll back soon.". thank you.

This site is managed by humans

No complain. Thank you

Is it possible to use two OVPNs at once please?

You can but it’s a bad idea

hey how do i get the ceh role i have a cert

??

Ask one of the mods to add it for you

is there a possibility i "wget" the vpn file from the browser .

I seem to have lost my streak is at about 34 days. Gone, just like that!

email support@tryhackme.com and follow the template in the pins

Thanks

I pay one month VIP, I need receipt, send email hello but no response

You can see receipts going here

Thks!

Unable to connect openvpn...

That's not a correct path to your config file

my path is /Downloads/Dr.Nene.ovpn isnt it?

Not quite.

my file for openvpn is under Downloads

Yes, but / means the root of the system

Download the file under root?

try this "Downloads/Dr.Nene.ovpn"

~/Downloads/file

or /home/kali/Downloads/file

i dont have to type home for some reason and it worked for me

but i guess u can start from ~ directory if u want to be safe

It's a more complete path

Path is ∼/Downloads/Dr.Nene.ovpn isn't it?

Yep

Although that ~ is a bit weird

yes, that seems correct

Or is this? /home/kali/Downloads/

for me putting the "/" behind home mest it up

You're missing the name of the config there but it's equivalent otherwise

huh?

instead of making the path "/Downloads/user.ovpn" It said i had to do "Downloads/user.ovpn"

I tried the command but it says fatal error...

yeah, the leading / refers to the root of the filesystem

You're missing sudo

wait try this command -----> sudo openvpn Downloads/file.ovpn

I would 100% recommend the full path as that means it works from anywhere

if ur on win 10 u can use putty as an alternative, its easier cause its a gui interface

That won't work for them as they're currently in Downloads, that path would be referring to ~/Downloads/Downloads/file.ovpn

Thank you for helping, Ms /Mr Ninja and Genardkid. Solved

great!

Hey guys ! I've one question i can't reverse shell with openvpn but if i use thm desktop it works ... I tryied reverse with openvpn ip and thm machine ip, only the machine get the shell. If someone got an idea it would be lovely ❤️

i started the vm after trying ovpn of course ^^

Run the VPN only in the VM

Do not run the VPN on the host

I mean, i starded opvn like normal way, after trying several times i started the vm, it switch the thm ip and it works

but i don't understand why vm ip is fine but opvn is not

i starded opvn like normal way this provides me 0 information

You need to runt he VPN in your own VM if you're attacking from a VM

Also be aware of firewalls.

For tryhackme?

oh it might be this, i'm running on ubuntu

https://help.tryhackme.com/room-creation @royal bay

but what i mean normal way is open ovpn on my localhost, get on the machine, do things until the reverse don't work. Then turn on the vm and do things and it works
I'll look further for firewall but the vpn should'nt lock the link ... ? idk ^^

thanks anyway 😆

All automatic

im trying to SSH into the machine in activedirectorybasics room, i am putting the right domain and username@IP address that i deploy, it asks me for password, i put it in EXACT and it says im wrong, NO IM NOT im typing exactly as the room says, room is bugged

This is not the channel for reporting room bugs

its tech support channel, im having issues with inputting the password it says in the room, i think that falls into tech support... im putting password exact like it says, right user and right domain, it says its invalid

room is bugged If you think this, report it as a bug. Otherwise, you're probably getting the password wrong as it says.

in activedirectorybasics room, you need ID, password, and Domain to logon. I think you forget something with ssh arguments.

I put

ssh CONTROLLER.local\\Administrator@10.10.10.10 (IP would be what i deployed)

it then gets into the machine asking for the password, i put it in EXACTLY , like 20 or 30 times, exactly and it says invalid, and @eager fulcrum -> I'm not getting the password wrong, its not a hard one to get right, it is password123@ , i put it in slowly to be sure, around 20-30 times like i said above and it keeps saying invalid

\ is a special character

Use \\

I put double slash, like if ud log on manually to a diff domain on windows 10 pc , idk why discord only shows one but i edit it and it shows 2, either way i put 2 in the ssh command

Hey ninja sorry for asking again, i'm try to disable my ufw, purge et re install openvpn, switch vpn serveur to vip, reboot my laptop but still having the issue 😢
If you have any idea why i can't reverse shell from my localhost (i don't use any vm neither)
But it work on the thm-vm but it's less usefull

hey could someone pop in general, im having trouble installing virtualbox

Go back there and be patient please

Hey i need to get into either an email or a instagram account without a auth token

i was thinking bruteforce but im not sure how to do this could anyone help me? im not doing anything i shouldnt be with this

What?😆 @eager fulcrum i wasnt rushing anyone

if someone could help me with it that would be great

Ya yeet

This is the wrong channel to ask in

oh what, where would i ask

#general

Maybe #infosec-general

Hi, I just enrolled in the "Offensive Pentesting" path. In the list of the first rooms, I've allready taken some of them, and I'm at 12% of the path. However, the miniature progressbar for each room looks like I haven't done them. They are not a green checkbox, like they are for the same rooms out in Learn section.

Here is what I expected

Here is what it looks like in the path page

This is intended for the moment

The site will be getting a new code push i'm not sure when however

ok, thanks

another question, what is the discord token on the profilepage for?

To verify with the bot so you can get your level from the site

It gives you roles

ok, thanks

hi guys, my friends given me a pc but its got a hwid ban on alot of games, anyone know for a good hwid spoofer ??

That sounds unethical

wym ?

Google define unethical

After a total of 2 seconds of googling, it is against most game ToS

@oak shale You seem to only be here for a HWID Spoofer

I have a issue with the openvpn connection is there someone who can help?

So I am going to give you two options:
Leave the discord

OR

Sign up to the site

Screenshot please

And how do you know there is an issue?

I connected to as it says but the try hack me access page didnt update also I couldn't connect to 10.10.10.10

-01-27 18:42:45 VERIFY OK: depth=1, CN=ChangeMe
2021-01-27 18:42:45 VERIFY KU OK
2021-01-27 18:42:45 Validating certificate extended key usage
2021-01-27 18:42:45 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-01-27 18:42:45 VERIFY EKU OK
2021-01-27 18:42:45 VERIFY OK: depth=0, CN=server

2021-01-27 18:44:05 VERIFY OK: depth=1, CN=ChangeMe
2021-01-27 18:44:05 VERIFY KU OK
2021-01-27 18:44:05 Validating certificate extended key usage
2021-01-27 18:44:05 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-01-27 18:44:05 VERIFY EKU OK
2021-01-27 18:44:05 VERIFY OK: depth=0, CN=server
2021-01-27 18:45:05 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2021-01-27 18:45:05 TLS Error: TLS handshake failed
2021-01-27 18:45:05 SIGUSR1[soft,tls-error] received, process restarting
2021-01-27 18:45:05 Restart pause, 40 second(s)

You do not live in a country that blocks OpenVPN right?

no I live in canada

it restarts after 40 seconds and the first couple of lines pop up

I do not remember the troubleshooting techniques for this issue.
Until I have got the answer please try:

Regenerating your VPN file, wait 2 minutes, download,
Switching VPN servers,
Restart your computer + make sure you have a good internet connection

I am using a vbox machine

I did everything

System time first and foremost

sorry what?

Sorry I was cleaning my keyboard

You need to sync your system time

That being VM and Host

(Thanks James)

they are synced

Down to the exact second?

@bronze vale

same time zone and stuff

i need some support with try hack account. can anyone help me ?

when using the free attackbox, is there a way to transfer files from my desktop to the attackbox?

Is here option to reset progress so i can start from the start again ?

#infosec-general

This channel is for things like THM site or VPN support

Hey guys is there an issue with some of the rooms, where the deployed vms will just stop responding ever 5mins or so until you ping them back to life? im trying to do the Pickly rick room, ive deployed 3 machines thinking the each one had an issue, but they all seem to have the same problem is this a common thing? or am i doing something to cause it to fall over?

!vpnscript

so ... [-] Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum

lol

Means your VPN is broke tho

how fix?

it gets all the way to "confirming"

[+] Stable internet connection
[+] OpenVPN is installed
[+] tun0 exists
[+] tun0 IP is in the correct range
[+] Only one instance of OpenVPN is running
[+] Confirming connectivity
[-] Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum

Try a reboot

i already re downloaded the config.

tried that too

moving regions and regenerating VPN seems to have solved it for now.

Ask in #infosec-general as this channel is for tech support related to VPN or site.

Also, don't spam in multiple channels.

hey, can someone give me a hand pls? i am trying to apt update on my machine and this message is popping up "N: Skipping acquire of configured file 'main/binary-armhf/Packages' as repository 'http://packages.microsoft.com/repos/vscode stable InRelease' doesn't support architecture 'armhf'
N: Skipping acquire of configured file 'main/binary-arm64/Packages' as repository 'http://packages.microsoft.com/repos/vscode stable InRelease' doesn't support architecture 'arm64' " how do i fix this

Not a site issue ask in #infosec-general

how can I share my badge on social media like linked in,twtter etc??

i couldn't find the share option anywhere

xfs filesystem got corrupted

Any solution

i have a valid OVA file but it refuses to successfully convert? ive never had this problem before so if anyone is familiar with it, and knows a fix, help would be appreciated :) ping me if you know whats up

Go to your profile > public profile and there will be a share badges option

Is anyone experiencing login issues too rn?

it's loading and loading but doesn't do anything

yes, I was trying to deploy a machine and didn't load. I logged out and reloaded my browser and now I can´t log in

hey i also cant see the machine ip

i deployed the machine

but cant see the ip

i even restarted my pc,vpn

that's exactly what happened to me

they must have server issues

mods any idea ?

Confirming the same issue attempting to deploy a machine

atleast i can say now its not my laptop problem

ok

i can see now

can you see

Oh yep after this attempt and a page refresh, it's up!

I can´t even log in anymore

it seems to work now..

yes, I was able to log in too

Mods are discord mods not site staff. We can't fix site issues.

its fixed already

But please remember that

The mods aren't here for site stuff.

Another mod can do it, I am busy rn

@leaden token can you remove my account token please!

I'm here

Which account, this one?

yes

!tokenremove @naive dust

Done, no more entry with UID "@naive dust".

Thanks @bronze vale

Hey where can I report an issue in the website? related to ,y profile I think

If you think it is a bug, post it in #site-bugs, if it is a security issue please report it to support@tryhackme.com

Ty I did report it on #site-bugs, is that the right place for it or should I sent an email to the support ?

Looks fine to me, someone will most likely be in contact. Please attach any screenshots/ anything else to help assist the site team :)

I will try to do that ty

Hello everyone, I have just completed the "complete beginner" learning path, but I have a problem with the photos on my certificate, for some reason the photos do not seem to be loading when I download my certificate.

I will be very happy if someone helps me .
Thanks!!!

Oh no

yea 😦

download it again

I did it but it doesn't work

so what can I do to fix this problem? 😕

CC: @deep trellis

Hey there, whats your TryHackMe Username?

CryptoLMalware

Which certificate was this for?

Oh I see, the complete beginner path

yea 🙂

Please try generating it again

ok

Thanks its working

Awesome:)

Happy Hacking

Anyone here use Fortigate firewalls in their residence/place of employment/homelab

I am unable to deploy attackbox

can anyone please help

near as I can tell.. im auditing config for a firewall that's like #config-version=FGT60D-5.02-FW-build754-170421:opmode=0:vdom=0:user=admin
... and iirc this build was from 2012

#infosec-general

If it's not related to THM

its related to THM. not able to deploy attack box. I am a new subscriber

I was referring to Sporked

oh Srry

Also you're using the attackbox ip not the room's ip

oops yeas. Got It. Thanks !!

@hallow moon Hi, you around?

yea :) @eager fulcrum

Linus reached out to me and said you were having some trouble

yea haha

I've added you to the creators lounge so you can ask there

epic thanks

room xss playground - filter evasion (task 8) - payload : <img src="x." onerror=&#097lert("Hello")> makes the alert successfully but no flag is popping up.

challenge 3 , challenge 2 so far

same for challenge 4 with the following : <img src="x." onwheel=&#097lert("&#072ello")>

Good evening from the UK everyone, can someone help me with the correct terminal command for openvpn file please

openvpn [filename]

!vpn

Sudo is required

yep

if you arent root

ninja , i would appreciate some help with my task aswell

Thanks everyone 😎

i cant get 3 of the flags on my task

Messed up a couple of times the directory path but it's done. Thanks @eager fulcrum @frail moat

nice 🙂 have fun hacking!

im having trouble connecting to THM target machines. Ive been doing tryhackme rooms for 2 weeks now trouble free and just now have been running into issues. Im running openvpn on my virtual machine

Please provide more information

For some reason my streak count started back over to 1 day. Anyone else ever have that issue?

You most likely missed a day.

If you have not missed a day, please email support @tulip portal support@tryhackme.com

ok, yeah I'm positive I didn't miss a day. I'll email support. Thank you!

I found a weird command in my terminal that i never typed before

can i post on here?

Someone installed a tool called reaver

This channel is for directly THM related issues, like site and VPN support

Who do i go to ?

or ask?

#infosec-general probably /shrug

@eager fulcrum I think i might've fixed it but my issue was when I put in the ip address of the deployed target machine in my web browser on my virtual machine the connection was slow and sometimes it would time out. Ive since restarted my vm and reran my ovpn file . im doing the hackpark room

{\|/O\|/_\-/O|_|_.-34|)_|\/|3} how can i decode this?

This doesn't sound like tech support

doing the linux priv esc room and on my 3rd reset in less than 10 minutes. I'm not bashing because im really enjoying THM, but this has been happening far to often in a lot of rooms , very frustrating. (I have also posted this in room bugs)

I have an issue with a Python File. If I try to run it, it gives me an error.
ImportError: No module named requests

When I try to install requests via pip i get
Requirement already satisfied: requests in /usr/lib/python3/dist-packages (2.25.1)

Trying to reinstall it also causes trouble

Found existing installation: requests 2.25.1
Not uninstalling requests at /usr/lib/python3/dist-packages, outside environment /usr
Can't uninstall 'requests'. No files were found to uninstall.

#infosec-general

!vpnscript

Using paid kali vm in browser. using responder on network and get nothing. wireshark sees nothing on tun0 interface. If I ping a box, it sees that, but nothing otherwise.

oh, in the throwback lab

#743859653343182930 preferably

@eager fulcrum meaning i am in wrong tech support chat or probably throwback network issue?

I mean that's the support channel for throwback

You're going to be best off asking there.

thx

will try them for now. i have a feeling this is a THM issue. I can ping stuff. openvpn looks normal. but wireshark sees zero traffic on tun0 unless i ping/do something.

Alright, thx for the info

You are aware it's a totally different VPN right?

just noticed that. attempting to fix myself. 🙂

hmm. on throwback vpn. tun0 flatline in wireshark. will ask in their support chat.

what am I doing wrong

You put https

It did auto did that xD

it seem like the server is down

=((((

ok so it's not just me

dayum

Ok not funny, who hacked THM?

its gone retro

Me, I thought it was just another room...

any ETA on the fix?

about 10 minutes after they restore the backups

great

hahah thought it was just me

haha I came to check it too ...

this tech support channel is horrible support, ive asked my issue 2x so far, ppl talk about it but no one resolves my issue

Yes we are aware. Thank you for reporting.

Eta

Soon™️

I just came across this too lol Glad it wasn't on me, been having issues with my network tonight

Hello me too😆

I login just to reup my daily streak and boom site is down. I hope it got it before it went down...

Oh thank god, I clicked save on a new room and thought I broke the site

what happened???

me too

See above.

Check #announcements

Or above 😁

anyone else getting 500 errors for every page on THM?

yeah

is that server down

?

server down?

same 500 internal error ?

admin said it'll be up in few hours

Yeah, they posted that it's being looked into in #announcements

https://tenor.com/view/minions-thumbs-up-good-job-ok-good-gif-12965780

@idle gyro come DM

Time for a break

https://tenor.com/view/take-a-break-break-sleep-nap-napping-gif-12975996

Darn, I just sat down and got a flag, went to put it in and the site crashed. Hope the site is back up soon, don't want to ruin my streak here.😩

And we are back!

Streak continued - phew

https://tenor.com/view/smirk-spongebob-spongebob-squarepants-silly-smile-gif-4953511

Hey there 👋 I had the attack box open when the site went down and since I'm a free user I can't open it again. Do I just have to wait until tomorrow or is there a way to circumvent this?

if not that's ok,I'm just wondering

Wait until tomorrow; sorry about that

is debian 8 really the newest debian that can be used?

No worries, it's all good

why is there no link to the my-machine page anywhere?

It's an AWS restriction

yeah, been looking at it, does it still get security patches?

i dont think so

18.04 is an LTS release

It gets patches until at least 2023

And if the vulnerability is a big one (like the recent sudo exploit) then earlier versions may also receive patches

What cloud service rooms use?

any parrot user that can help me with the yellow tint settin in dual boot mode...idk where but it's constantly going on and off and my eyes will pop out.please help

#infosec-general this is not a site related issue.

idk where to look for...

Why is Mr.Robot CTF so damn slow?

Because it's wordpress

And wordpress is slow

I can't connect to the TryHackMe open vpn server. Even if I don't have another VPN enabled. Can anyone help me?

Can you show us what happens?

Sure, wait a second

Oh, nevermind. I got it working now.

can any admin help me? I've activated a code yesterday for 3 months and now it's gone and I can't use it again! It happened after your site was down

@warm comet Please email support support@tryhackme.com - you will most likely need to supply proof of purchase and the code you attempted to use.

I don t have proof of purchase cause my GF bought it for me

But I have the code

But I have the code

I could ask her for the proof tho

You have to supply it for support, I am just trying to make their job easier.

ty

@bronze vale How soon can I expect a response

Hmm, not sure, depends on how many emails/ who is manning the emails. I believe payment has to be forwarded up the chain so I am not sure.

The stats page of the code shows that I have activated it

but I am not premium

I would show you the page but

It also has my code

I've included it in the email tho

Mhm, that is a site issue, nothing I can do sorry.

Yeah no worries

thanks for the help

I don't know if this is the right channel but previously I believe I could see when enlisting on one of the paths which rooms I've already completed. But after I left the Offensive Pentesting path and joined the Web Fundamentals I can't see which rooms I've completed. Only the total percentage of rooms completed. Am I missing something?

You no longer get the checkmarks

It's a change that was made to make a future change easier to implement. I imagine they'll be coming back eventually but for now it's intended

Great to know, a bit tedious when I happened to have passed 50% of the rooms before starting the path, but I fully understand the dev-decision

It hasn't cleared any progress, don't worry

i have linuc on my laptop and i installed open vpn how would i open it to connect to the tryhack me

!vpn

@eager fulcrum do you mind checking you messages

so my openvpn is connected right

but my kerbrute isn't doing userenum

it takes like 5 seconds then says done and tested all the users

i even did the openvpn test room

any suggestions?

im using v1.0.3

#room-help after checking the writeups to check your method

I am not able to make payment for premium membership.

Is there any technical problem??

What payment method are you using?

Credit/debit

It's possible your bank isn't allowing your payment to go through

No it's showing wrong credit card number every time

I'll try many time but it shows the same error each time

Maybe your card is not supported.

I tried with 3 cards but each time it shows same error. It may be some bug or technical error. Please sort it out as soon as possible.

Contact your bank

It's most likely them I have bought vouchers and my payment is going through fine

Ook

It seems my bank servers are down.

@wind wedge in which mode you have done your payment??
By card or by PayPal

Card

Credit or debit

Hi. I think task 8, "Filter Evasion", in the XSS Playground room needs a fix. https://tryhackme.com/room/xss

I think either the room instructions give more directions or change the validation method.

Does anyone know how to give suggestions to THM?

Can I talk to anyone from tryhackme personally? I have some issues with my account.

Email support

!email

I already mailed to this email but didn't get any response.

Then wait

So I was just confused about this: The new room Keldagrim has this room is 113 days old. Is it calculated on the basis of when it was created ? or am I getting rooms late 😄

#announcements for the date

in Linux Fundamentals part 2 I can't ssh in

I put in shiba2@[ip address] and click open and it just opens a blank screen until it says connection timed out

I am using putty

you can ping the IP?

tried pinging via cmd and it's timing out

I'll deploy the machine real quick to see if I can ping it and ssh into it normally

brb

im going to try to terminate and relaunch the machine, maybe that'll fix it

Did you commect to the VPN? @surreal pike

@eager fulcrum no

is that my issue

There's ya problem

10.x.x.x are private IPs

Not accessible over the internet

where would I find info in the vpn

https://tryhackme.com/room/openvpn

This room will explain everything to you

thank you 🙏

Windows, Linux, whatever

Keep trying man, if you got any questions feel free to dm

https://tryhackme.com/room/networkservices

started tcpdump listener like so:
sudo tcpdump ip proto \ \icmp -i eth0 -vv

(eth0 as instructed in room bc im using the attack box)

i then went back to my telnet session and attempted to ping the vm from room using

.RUN ping <ip> -c 1

not getting any data even tho room progression shows i should

Please help ^^

would be greatly appreciated ❤️

Ask in #room-help as this channel is for queries related to site and VPN.

Connected to thm network by launching the .ovpn file in a tmux session...finally killed all the tmux sessions after the work done...but it's still showing as connected in the website by mentioning the connected IP...what would be the reason for that??

kill tun0

ip link delete tun0

Yaa ..i did it ...but my doubt is that how that .ovpn can be still running even after terminating the tmux session in which it is launched..??

same, it doesnt happen in HTB

Hi guys how can I solve this?

I’m in arch

is it python3.9?

I solved

Thx

It lies sometimes.

Hi Guys. I guess am in the right place for VPN support. I keep loosing vpn connection to my room. I have run the thm-troubleshoot script and I get the following:

[-] Script is being run as a low-privileged user
Would you like to run this script with higher privileges automatically (Y/n)? y
[sudo] password for kali:
[+] Re-running with root permissions
[+] Stable internet connection
[+] OpenVPN is installed
[+] tun0 exists
[+] tun0 IP is in the correct range
[+] Only one instance of OpenVPN is running
[+] Confirming connectivity
[-] Something went wrong -- please ask for further assistance in the TryHackMe Discord server, subreddit, or forum

Try switching server.

Let me try that. Thanks

Hi, I have a query. When i connect TryHackMe VPN to my local Virtual Kali Machine. I can ping and do all kind of scanning but when i need to get a Reverse Shell via upload or Metsploit, It doesn't work. When i use the same technique on the Browser Machine It works perfectly. Any suggestions?

Could be antivirus running on your host

Hello there i am new here ... i one tell me when i try to ping my openvpn ip its pings correctly but when i try to ping any deploy machine showing me nothing .. anyone